AA enables a variety of use cases important for Wireless LAN Gateway deployments in residential, public WiFi or VPN wireless LAN services. These include:
HTTP redirect for subscriber authentication with HTTP allowlist
This redirects all non-authenticated subscriber HTTP traffic to an authentication portal and blocks the rest of Internet access, but allows user access to specific allowed websites, download Apps and software needed to authenticate.
HTTP/HTTPS redirect by policy
This is URL or application blocking or usage threshold notification. Redirects some or all subscriber HTTP/HTTPS traffic to an portal landing site based on static or dynamic policy. This can be done while not interrupting selected HTTP/HTTPS based services such as streaming video.
inline HTTP browser notification
This provides messaging in the form of web banners, overlays, or http-redirection. This can always be enabled, One-time per sub at authentication (greeting message ‟Welcome to our WiFi Service”), one time per COA, or periodically.
ICAP for large scale URL filtering
An ICAP client in AA interacts with offline ICAP URL filtering services for parental control or large denylists. This reduces cost as only URLs for specific flows are sent to server, instead of full inline traffic.
analytics
This provides the operator insight into the following: Application and App-group volume usage by time of day/day of week, top subs, devices, and so on.
traffic control for fair use policy
This prevents some users of the hotspot from consuming a disproportionate amount of resources by limiting to volume of such use across all subscribers as a traffic management tool, or on a per-subscriber basis.
stateful firewall
This prevents unsolicited sessions from attacking devices.
web-service URL classification
AA communicates with a web-service which offers URL categorization and provides parental control services. For the web-service model, AA receives the category of the URL and makes local policy decisions.