Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
BBSM v5.3 Technology Presentation January, 2004 Session Number Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 1 Outline • Public Access Attributes • BBSM Services • Product Overview • Microsoft Components • Authentication and Billing • Sample Architectures • Customizable Connect Screens • Supported Cisco access devices • Bandwidth Management • End user experience • Reporting and Tracking • Security, Management, and Monitoring • Performance • Deployment Tools • Summary • Available Configurations • Software Overview Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 2 Public Access Attributes Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 3 Public Access Poses Unique Network Challenges • Unknown users • No control over client devices or configuration • No IT staff available to help end users • Security • Session management Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 4 Cisco Building Broadband Service Manager (BBSM) Product Overview Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 5 Building Broadband Service Manager Cisco Building Broadband Service Manager (BBSM) addresses the needs of the public access market by managing guest Internet access with simple plug and play capabilities that require no laptop re-configuration and no IT resources to establish the connection Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 6 Authentication and Billing Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 7 BBSM Supports a Wide Range of Authentication and Billing Options Enterprise Hotspots Retail Guests Healthcare Hotels Colleges Access Codes X X X RADIUS - postpaid X X X Prepaid X X X Credit Card X X X Hotel PMS X X X X X X X • BBSM enables both free and fee-based guest access • It can be configured to support any combination of authentication methods concurrently Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 8 Authentication and Billing options •Prepaid RADIUS –Uses the session-timeout attribute 27 –Requires a backend RADIUS server and prepaid billing server/module •Cisco CAR + pre-paid billing server is the Cisco offering NOTE: See Access Codes for prepaid feature without separate RADIUS server •Postpaid –Subscription based feature set –Requires backend RADIUS server NOTE: BBSM is a RFC compliant AAA RADIUS client and will interoperate with any RFC compliant AAA RADIUS server Access Codes •Dynamic prepaid –All-in-one box prepaid solution; stores and decrements user’s time as used •Absolute Duration prepaid –Create access code for specific date and time period; once time period expires so does the access code Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 9 Authentication and Billing options (con’t) •Works with Cybersource ICS out of the box Credit Card •Credit card information is NOT stored on BBSM, but encrypted and forwarded onto the clearing house for authorization Property Management System (hotel billing) •Posts guest room charges to hotel portfolilo •Protocols supported for 1-way posting only interfaces: Bell Hobic, Xiox, Fidelio 6.x, 7.x, Express, and Opera, and H1/H2. – 2-way IP and serial interface for Fidelio NOTE: These protocols cover a majority of the PMS systems, but it is essential to ask your customer what PMS protocol/vendor they utilize. If their system uses a different protocol, the SDK can be used to create a custom interface. Mega Page •Can offer multiple options on the same connect screen NOTE: SDK can be used to create other types custom access and accounting policies (ex. other credit card clearing companies, PMS interfaces, etc) Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 10 Access Codes Can Be Easily Managed By Administrative or Security Staff •All-in-one box prepaid solution New 5.3 dynamic access code feature allows venues to offer prepaid access without the need for backend prepaid modules •Easy to use GUI interface •Extensive calendaring system •Bandwidth management offerings •Pricing options •Customizable customer classification system Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 11 Customizable Connect Screens Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 12 End User Connect Screens May be Fully Customized • Web based user authentication • Corporate/site branding • Links to other useful information • Can present different: – – Authentication option(s) Billing – Bandwidth options – Walled gardens (free zones) News 04 AUG 2003 Dah Sing uses Cisco Technology to Bring Quality Service to its Customers 04 AUG 2003 Cisco Systems Foundation Awards $1 Million in Grants to 75 Bay Area Charities User Name: Access Code: Connect 01 AUG 2003 Eastern Telecom Re-launches Eastern Gigabit Network with Cisco Systems' Metro Ethernet Gear • Includes full software developers kit Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 13 BBSM Can be Configured to Present Legal Disclaimers for Internet Access Services Custom Legal Disclaimers can be easily presented during the authentication process SCROLL TO THE BOTTOM AND CLICK ACCEPT TO CONTINUE AFTER READING LEGAL DISCLAIMER Use included SDK to insert legal disclaimer Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 14 Bandwidth Management Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 15 Bandwidth Management Suite • BBSM offers 2 types of bandwidth management Bandwidth throttling - on a per IP address basis (i.e. per user) BBSM uses a driver on its internal NIC to perform this symmetrical throttling function BBSM’s bandwidth throttling parameters can be altered in 1 Kbps increments via the ASP code in the web page sets Bandwidth Reservation (Class of Service) - based upon a group of access codes. This feature offers guaranteed bandwidth for groups of users during specific times via access code authentication, i.e. hotel meeting rooms It is intended to be used with single site L2 deployments only BBSM sends commands via telnet to an external Cisco router, which in turn provides class based queuing. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 16 End User Experience Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 17 BBSM Automates and Controls Guest Internet Connections 1. Guest starts web browser 2. BBSM redirects to custom connect screen Connect screen 3. User enters authentication information Wired or Wireless Network 4. BBSM authorizes the user, establishes connection, and accounts for usage 5. End user free to browse the Internet, E-mail, VPN, etc. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. Internet, E-mail, VPN, etc. Cisco BBSM • Access Codes • RADIUS • Prepaid • Credit Card • Hotel PMS 18 Reporting and Tracking Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 19 BBSM Provides Comprehensive Usage Reports • IP address • MAC address • Port / location • Username • Access code • Time Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 20 Centralized Content Push and Reporting • Building Broadband Service Director (BBSD) Cisco BBSM offers a feature called BBSD that enables a system administrator to push content to and aggregate usage information from multiple BBSM servers Content push allows placement of upgrades, service packs, and patches into each BBSM’s local file directory where is can be easily and securely executed by an administrator. Usage information from all connected BBSM servers can be collected into a central repository for easy analysis This data can be exported from the BBSD database via standard SQL commands BBSD is loaded on a separate, centrally located server (typically resides in a NOC), that is configured to recognize BBSMs in the field Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 21 Security, Management, and Monitoring Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 22 Security, Management, and Monitoring Improvements in 5.3 and 5.3 Hotspot Health Page a.k.a System Summary Allows administrator to see system summary to simplify management and diagnostics SNMP trap alerts Increased manageability and system fault monitoring using standard network management tools SSL admin web pages Increased remote management security Security hardening Protect BBSM from hacking or other threats. For details on this, please see white paper at http://www.cisco.com/en/US/products/sw/netmgtsw/ps533/pro d_white_papers_list.html Dual VLAN support Allows for end users and network devices to reside on separate secure VLANs Duplicate IP address support Prevents IP hijacking by challenging all duplicate IP users for credentials End user experience improved; no IP conflicts (previously the duplicate user was simply denied access) Client Deactivation (existing feature) Enables an administrator or operator to remotely deactivate one or more active sessions, either temporarily or permanently. It also allows the administrator to reactivate a permanently deactivated client. See subsequent slides for graphics and further explanation of the Health Page, SNMP alerts, Dual VLAN and Client Deactivation Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 23 Health Page a.k.a. System Summary BBSM related services that are monitored Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. Provides a comprehensive view of BBSM status and configuration Shows administrator that BBSM services are running properly Allows for ease of BBSM management and troubleshooting 24 SNMP Alerts •If Information is checked, all alerts will be sent. Check this box to generate SNMP trap alerts Enter the IP address or FQDN of the SNMP manager that BBSM should send events to. After configuring Alert parameters, click Save to archive settings Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. •If Warning is checked, only Warning and Error events will be sent. •If Error is checked, only Error events will be sent. Enter the SNMP read-write community string (password) of the SNMP Manager that BBSM should send events to. 25 SNMP Alerts (con’t) The Cisco-BBSMMIB is a branch of CISCO-SMI bbsmMI B > bbsmObject > > > bbsmTrapPrefi x > bbsmConform ance > > Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. bbsmInfoTable > eventDescription > eventSource > eventID > eventType > eventTime > bbsmEvent bbsmTraps bbsmMIBCompli ances bbsmMIBGroup 26 Dual VLAN •The dual VLAN feature allows end users to reside on a separate VLAN than the managed network devices Allows for a more secure network by logically separating end user and network device traffic Enables BBSM to fit into existing networks Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 27 Client Deactivation This feature enables an administrator to disable, track, and report on malicious users Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 28 Software Overview Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 29 Software Overview Topics • BBSM Processes Overview • AtNat Driver • Client Preconnect • Client Connect • Client End Session • BBSM Services • Microsoft Components Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 30 BBSM Overview – Preconnect http request start page AtNat driver MS SNMP Manager MS DHCP Server MS RRAS redirected BBSM atdial MS Web Server (IIS) MSDE database: atdial BBSM Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 31 BBSM Overview – Connect connect AtNat driver open filter MS SNMP Manager open filter MS RRAS MS DHCP Server BBSM atdial MS Web Server (IIS) MSDE database: atdial Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. BBSM 32 BBSM Processes Overview – End Session connect monitor link status link status lost activate session monitor session MS Web Server (IIS) deactivate session Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. Atdial 33 ATNAT Driver Overview • Adaptive Network Address Translation • A Microsoft Windows NDIS Intermediate Miniport Driver • Operates between the BBSM internal NIC device driver and the Windows TCP/IP protocol stack • Relies on RRAS to block most types of packets from unauthenticated clients. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 34 ATNAT Functionality • Un-authenticated clients Redirect HTTP GET requests to preconnect.asp Send HTTP GET requests to MS ISA (port 80) to extract client IP address • Authenticated clients Redirect web proxy traffic to MS ISA Redirect all traffic to MS ISA if transparent proxy is configured Redirect SMTP traffic to configured SMTP server Throttle bandwidth, if bandwidth is configured • Spoof NetBIOS name server • Redirect DNS traffic to DNS Server on BBSM Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 35 AtNat Functionality – Static Clients • Perform Adaptive Network Address Translation (NAT) • Emulates users’ gateway • Act as an application layer gateway for FTP Diagram 1 Static IP address End user computer Presentation_ID BBSM Server ATNAT Driver (network address translation) © 2003 Cisco Systems, Inc. All rights reserved. Routable IP address External Interface 36 AtNat Functionality – Static Proxy and DNS • Performs static proxy spoofing • Performs static DNS spoofing • Performs SMTP forwarding (email) Diagram 2 Traffic to client proxy address Traffic to client DNS address BBSM Server ISA Proxy / Internet Information Service (IIS) BBSM forwards DNS traffic End user computer ATNAT Int NIC External NIC Client email traffic Traffic to all other addresses Presentation_ID Proxy web traffic © 2003 Cisco Systems, Inc. All rights reserved. Interne t BBSM forwards email traffic to relay server 37 Preconnect •Occurs prior to client receiving Start page •BBSM performs the following •DHCP lease assigned to client OR static IP address added to AtNat table •Redirect HTTP GET request to local web server •Determine port location of client •Lookup Start page for the port •Serve Start page from local web server Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 38 Connect • Occurs after client receives Start page and agrees to terms of service • BBSM performs the following: Creates RRAS filter for client IP address Sets status to active in database Redirects client to portal or home page Accounts for usage Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 39 End Session • Detect that a session is ending Prevent the user for continuing to access the internet Post the appropriate charges (if applicable) Account for usage Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 40 End Session (con’t) Network Device Client Monitoring Type Server Method of Monitoring Client Connectivity Link Status The server queries the network device's MIB to detect when the link status for the client's port becomes inactive. Forwarding table The server queries the network device's forwarding table for the absence of the client MAC address. Packet inactivity The server detects when packets are no longer being sent or received. After a configured time period of inactivity, BBSM or BBSM Hotspot disconnects the session. Pinging The server monitors client connectivity by pinging the client. This method may not always be reliable because some clientinitiated VPN sessions may not respond to a ping when the tunnel is active. As a result, BBSM may terminate the session because the server cannot detect that the session is active. When VPN support is required, we recommend that the server monitors client connectivity by detecting the MAC address or monitoring for packet inactivity. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 41 BBSM Services Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 42 BBSM Services •Atdial – session management •Msmqstart – starts MSMQ, then starts Atdial and WebPrint •PMSTestService – used by WebPMSTest •Athdmn – posts charges to the PMS •WebPrint – enabled web printing on BBSM 5.1 servers •TFTP – standard TFTP service, provided for cable modems Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 43 BBSM Services - Atdial • Initializes BBSM and MS components • Performs three major functions: Start client session Monitor session to determine when session should be terminated Terminate session • Invokes access and accounting policies as part of session management Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 44 AtDial Initialization • Open Filters – AtNat and RRAS BBSM External Interface Switches Routers Management Range Walled Gardens • Load into memory Port Information Access and Accounting Policies Bandwidth Management Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 45 AtDial Initialization (con’t) • Configure AtNat with the following: Server IP Address DNS IP Address Mail Server IP Address Clients Static IP range • Process all configured switches Set up Aging Time for each switch Requires correct write password to be configured since this is a write operation Note: If the password configured is a read password but not a write password, then the aging time setup will fail. This results in a searching loop that can take up to 5 minutes per switch. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 46 Microsoft Components Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 47 Microsoft Components • BBSM configures all of these Microsoft components • Modifying any of these components will potentially result in the failure of BBSM to operate MSDE MSMQ ISA IIS SNMP Manager RRAS DHCP DNS Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 48 Microsoft Components (con’t) • MSDE BBSM database Used to store configuration data, session state, session history and dynamic usage data • MSMQ Microsoft Message Queue Used for temporary storage of requests and responses Interprocessor communication between IIS and ATDial services Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 49 Microsoft Components (con’t) • ISA Internet Security and Acceleration Web proxy server AtNAT redirects client traffic to ISA when client configured for web proxy Configured to listen on port 80 Runs in cache mode; Firewall service is disabled in ISA • IIS Microsoft’s Web Server Used to provide end-user experience Provides FTP server for patches Configured to listen on port 9488 Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 50 Microsoft Components (con’t) • SNMP Manager Simple Network Management Protocol Network management standard used with TCP/IP BBSM uses SNMP to query network devices for initial configuration of the BBSM software and for detecting clients connected to the network devices Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 51 Microsoft Components (con’t) • RRAS Routing and Remote Access Services BBSM invokes the RRAS packet filter on the external network interface to control access to the Internet The filter drops packets from the client computer bound to the Internet until the client authenticates with BBSM Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 52 Microsoft Components (con’t) • DHCP Dynamic Host Configuration Protocol DHCP server provides DHCP-configured clients with an IP address, subnet mask, DNS server and default gateway This service is disabled in the load-balanced configuration • DNS Domain Name Service Required to run on BBSM Used when clients are configured for static DNS server address BBSM redirects traffic to this service Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 53 Sample Architectures Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 54 BBSM Can Manage a Visitor VLAN to Provide Guest Access Application Access SSID: Application Security: 802.1x VPN, LEAP, 802.1x, etc • Dedicated application(s) • IP video security • IP wireless phones • Highest security and QoS Key User Access SSID: Employee / Staff Security: LEAP/PEAP SSID: broadcast Security: open VPN, LEAP, 802.1x, etc © 2003 Cisco Systems, Inc. All rights reserved. High security Support is available / justified Subscription-type authentication IT controls clients/devices • • • • Support for any client Complete user tracking and reporting Bandwidth management No routine support required Public Access BBSM Presentation_ID • • • • 55 Cisco BBSM Fits Into the Existing Network Environment Can be deployed at Layer 2 or Layer 3 Layer 2 provides more complete plug & play (static IP) Layer 3 simplifies central deployment (no static IP support) Works with VPN and GRE tunnels along with other L3 infrastructure connections NOTE: Layer 3 still provides support for DHCP, static proxy, and static DNS end user settings Can use external DHCP server or BBSM as DHCP server Can be configured to support multiple L3 sites Each site has a separate description, network device designation, end user DHCP range, and subnet identification 2 DHCP pools to distinguish end users Use different DHCP pools to identify employee vs. guest traffic Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 56 BBSM Works With Any Network Infrastructure External Network BBSM Other Services Internet and VPN Internal Network 2600/PIX Catalyst 2950 Credit Card Server BBSD RADIUS Server - Video Servers - Local Content UBR7xxx CAT5 Cable LRE 1700 Catalyst 3550 PWR XL Coax Cable Catalyst 2950 LRE POTS Splitter LRE 48 PSTN Network PBX CAT5 Cable Aironet 1100, 1200 CPE LRE LRE CPE VPN Conference Room Presentation_ID Catalyst 2950 XL © 2003 Cisco Systems, Inc. All rights reserved. Room 1 Room 2 57 Sample Architecture – Single Building or Campus Guest Overlay Internet BBSM understands 802.1q VLAN tags Internet NAT/PAT DMZ 192.168.1.1 BBSM 192.168.1.2 Primary: 172.16.1.1 Secondary: 10.1.1.1 Management VLAN 55 Switch Enterprise Network 172.16.1.3 Management VLAN 55 AP 172.16.1.2 Wired Guest VLAN 10; IP from BBSM Multinet 2: 10.1.1.50 Presentation_ID Wired Employee VLAN 20 © 2003 Cisco Systems, Inc. All rights reserved. Wireless Guest VLAN 10; IP from BBSM Multinet 1: 172.16.1.50 Wireless Employee VLAN 20 58 Sample Architectures – Multiple Locations Guest Overlay Venue with Central BBSM (leased line) Venue with Local BBSM Internet T1/DSL BBSM Hotspot VPN tunnel from site router to NOC router Guest Guest DMZ BBSM Enterprise Network Network Operations Center Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 59 Supported Cisco Access Devices Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 60 Supported Cisco Access Layer Devices Ethernet Cable Wireless uBR 7200 AP 340 uBR 7100 AP 350 • 1900 • 3500 • 2900 • 3550 • 2948 • 3750 • 2950 • 4000* AP 1100 • 2940 • 4500* AP 1200 • 2970 • 6509* • 2900 LRE • 2950 LRE Note: This list is subject to change. *See notes below for functionality limitations on BBSM while working with these devices. Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 61 Performance Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 62 Performance •Cisco BBSM performance is primarily constrained by the number of concurrent users and the type of traffic/usage at any time. Representative performance levels include: 85 Mbps with 250 concurrent users based on varied frame sizes and traffic conditions. 45 Mbps with 1,000 concurrent users based on varied frame sizes and traffic conditions. •In very large network environments, BBSM may be constrained by SNMP lookups during authentication The following guidelines are based on sample customer deployments - we have not tested the performance limits In an L2 design where BBSM queries each network device with SNMP, BBSM supports approximately 40 switches or 25 APs In an L3 design where BBSM only queries the site routers, BBSM may support up to 30 sites •Larger deployments may need to be partitioned across multiple BBSMs Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 63 Deployment Tools Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 64 Deployment Tools Network Device Discovery Automatically finds existing network access devices to be used on BBSM network Asks for status detection methods such as packet inactivity, link status, aging time, and ping (if applicable) Room Mapping Utilities Allows for unique designation of guest rooms for PMS billing; reports show that port has been mapped and tested Port Test Packet test to certify that physical connection is properly functioning and tested Port Control Utility Provides administrator with policy control over each switch port, cable modem, and/or access point IP Address Change Wizard Empowers administrator to change BBSM NIC properties as well as DHCP, static, and management ranges via a GUI; no need to change settings via Windows OS interface Page Set Wizard Enables venue to quickly create simple custom BBSM welcome pages WEBpatch Enables IT staff to view, transfer, and install patches and service packs WEB PMS test utility Utility design to test connections between BBSM and property management systems Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 65 Summary Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 66 Summary • High speed Internet access is increasingly required away from traditional home and office locations • BBSM is an easy to deploy solution for managing guest access Enterprises, Hotspots, Retail Outlets, Healthcare Facilities, Hotels • BBSM can be easily customized to meet specific guest access needs • Works with any Cisco network infrastructure Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 67 Available Configurations Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 68 Available Configurations • BB-SM-SERVER5.3 High Performance 1RU pre-loaded Appliance with unlimited user license • BB-SM5.3-CDBUNDLE Installable CD bundle including Windows 2000 Server, ISA Server, and BBSM software with unlimited user license • BB-SM-HOTSPTSVR5.3 High Performance Desktop appliance with 75 concurrent user license (hotel property management system license available separately) BB-SM-HS150USRUPG Hotspot License Upgrade to 150 concurrent users BB-SM53HS-PMSOPTN Hotspot PMS License upgrade • NOTE: All versions have identical code bases, but vary upon hardware and license offerings Presentation_ID © 2003 Cisco Systems, Inc. All rights reserved. 69 Presentation_ID © © 2003, 2003 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved. 70