Orbyte System

Access Gateway

 

 

 

 

 

 

 


The Orbyte Access Gateway (OAG) is a line of turnkey, high performance access gateways for wireline and wireless access control with models supporting from very small hotspots (Wi-Fi cafés or SOHO environments) to access environments with thousands of users (WiMAX hotzones and DSL termination points), see below for a description of the different models. The OAG is designed to work with Orbyte Service Management System and Orbyte System Controllers, providing a complete and integrated end-to-end solution.

The main role of the OAG is to present the subscribers with an easy-to-use and secure access environment including features like:  

  • Per-session service selection allowing the subscriber to choose the most suitable service for every access session
  • Multi-language information and log in pages providing an enhanced subscriber experience
  • Support for clients with static IP-addresses through advanced address translation

The OAG functions as a client to authentication, access policy and branding content servers in the system, minimizing the need for local configuration and state. This shortens the deployment time and allows the OAG to be deployed in highly redundant scenarios with multiple authentication, access policy, and branding servers, thus eliminating single points of failure in the authentication and accounting chain. The authentication framework in the OAG supports many authentication methods; including browser based access with username and password pair, smart-client based universal access method (UAM) and 802.1x authentication with forced branding and information pages.

The packet filter framework in the OAG allows the operator to define access policies based on bandwidth and stateful packet filtering rule sets with the ability to drop/block as well as redirect packets flows based on source/destination address pairs. This fine-grained flexibility provides the operator with the tools needed for all conceivable types of differentiated services like VPN-only access for traveling corporate employees to restricted, sponsored access to corporate web sites.

The OAG is designed for operator environments and implements all commonly used open standard management interfaces. The unit is configured through a terminal-based command line interface (CLI) accessible over the network with SSH version 1 or 2 or through the console port. The CLI utilizes a hierarchical command structure and includes features like:

  • Readable syntax, hierarchical structure and a built in help system provides a short learning curve.

  • Secure, remote upgrades, using secure copy (SSH) to fetch new software packages with the ability to roll back versions

  • Remote storage of configuration (complete or in sections), easily integrated with versioning systems and central backup servers

  • The structured command hierarchy makes it easy to wrap common administration work in scripts

Monitoring of the units is done with SNMP, with support for version 3, adding carrier-grade security. Both standard and proprietary MIBs are used to monitor the unit on all functional levels, ranging from per-interface traffic statistics to the status of the policy framework.