Microsoft PowerPoint - H2-3 임병근 최종 업.ppt

H2-3 B3G Network Based Multimedia Core Network 2004.6. 임병근 bklim@lge.com LG 전자 / 시스템연구소 1/ 49

요약 3G 시스템이후의 B3G/4G 서비스를위한기술개발과표준화작업이진행되고있는데, 차세대서비스의특징은다양한방식의광대역접속기술이하나의통합 망에연동되는쌍방향멀티미디어통신이라고볼수있다. 이들광대역멀티미디어통신서비스를제공하기위한 Core 망의 화에대한필요성을서비스관점에서살펴보고, 서비스의품질을보장하기위한개방형 네트워크에서의네트워크보안과네트워크품질보장방안에서의문제점을도출하고해결책에대해서논의하고자한다 2/ 49

1. Beyond 3G/4G Network Vision Review 2. Broadband Wireless Access 3. Broadband Interactive Communication 4. based Multimedia Core Network 5. QoS and Security issues in Core Network 3/ 49

B3G/4G vision Van diagram - 다양한 Broadband Access Technologies 에기반한무선접속기술들이개발되어초고속무선서비스를제공한다. - 유무선통합서비스네트워크 Vision for 4G Mobility Systems beyond IMT-2000 New Elements of Systems Beyond BS digital Broadcasting High Medium IMT-2000 Enhancement Enhanced IMT-2000 Mobile Access Terrestrial digital broadcasting Low Nomadic / Local area wireless access 1 10 100 Communication speed (Mbps) 4/ 49

Communication Services Demand Evolution 통신서비스요구의자연스러운진화는 - Narrow band(voice) to broadband(voice and data, multimedia) - Wired access to wireless & mobile access 로이어지고있다. Information Rate 5/ 49 2Mbps 1Mbps 144Kbps 64Kbps xdsl, Cable modem Data LAN/ WLAN Dial up data PSTN Voice Mobile Wireless Broadband Multimedia Services Broadband Multimedia Services Mobile Wireless Voice and data Fixed Fixed Wireless pedestrian Vehicular Multimedia Services Voice Services Mobility

3GPP 에서는 Release 5 에서고속데이터접속서비스를이용한 기반의 Multimedia 서비스를위한 IMS( Multimedia Subsystem) 을도입하여 B3G 광대역멀티미디어서비스의표준을잡아가고있음. 6/ 49 3GPP Network configuration Applications & Services *) Legacy signalling mobile Network Alternative Access Network SCP R-SGW *) CSCF Mh Ms Mw CAP HSS *) Mm Cx CSCF Gr Mr Mg Go Gi/Mb EIR MRF BSS/ Gf Mb MGCF T-SGW *) Gc TE MT GERANIu Gb SGSN GGSN Mn R Um Iu Gn Gi A Iu TE MT UTRAN MGW MGW R Uu Iu Nb CSCF: Call Control Function Mc Mc GGSN: Gateway GPRS Support Node Nc MSC server GMSC server T-SGW *) HSS: Home Subscriber Server MGCF: Media Gateway Control Function CAP MRF: Media Resource Function CAP D C SCP: Service Control Point Applications HSS *) R-SGW *) SGSN: Serving GPRS Support Node & Services *) Mh UTRAN: UMTS TerrestialRadio Access Network Multimedia Networks PSTN/ Legacy/External

3GPP IMS Network configuration Multimedia Networks PSTN Legacy mobile signalling Networks Mb Mb (v6) Mb MRFP IMS- MGW Mb Mb PSTN PSTN Mn Mp Mb GGSN Mj MGCF MRFC BGCF Mk BGCF Mg Mr PDF Go Mk CSCF Mi CSCF Mw P-CSCF Mw Gm Mm Cx Dx UE HSS SLF C, D, Gc, Gr IM Subsystem BGCF Breakout Gateway Function SLF- Subscription Locator Function 7/ 49

3GPP2 Multimedia Domain Network configuration 3GPP2 도 3GPP 와의 IMS harmonization 을목표로동일한 MMD (Multimedia Domain) Core network 기반의 IMS 표준을추구하고있음. 1 Position Server 18 Network DSI Subscription Policy Profile Rules Databases EIR... 19 2 3 4 6 7 AAA 15 16/Cx 20 21 11/Sh 22 10 OSA Application Server 8 /OSA OSA Service Capability Server 11 /Sh 12 /ISC Call Control Function 23 mm 17/Mg 24 /Mr 28/Go S Application Server 12/ISC Breakout Gateway Control Function ee/mi Policy Decision Function ll/mk 17 /Mj Position Determining Entity RAN 27 Access 31 Gateway 32 /Mb Media Resource Function Controller Media Resource Function 25 /Mp 33 /Mb Media Gateway Control Function 26 /PSTN 30 /Mc Media Gateway 29 Border Router 8/ 49

3GPP IMS Network over v6 IMS 서비스는 UMTS Access network 을통한연동이아니라 v6 core Network 을통한연동을제공하여 v6 Core Network 이 IMS 기반네트웍이된다, UE UTRAN SGSN SGSN Home Legacy Domain Home Network GGSN PS Domain Backbone BG Gp Inter-PLMN Backbone Gp BG Visited Network PS Domain BackboneGGSN Gi Home Network IM Subsystem BG Inter -Network IM Backbone BG Visited Network IM Subsystem Internet UE UTRAN Visited Legacy Domain Intranets 9/ 49

3GPP2 MS 의 ALL Network 서비스연동 3GPP2 의 IMS( Multimedia Subsystem) 은 v4 또는 v6 MMD network 상에위치하여상호연동한다. MS MS PDSN TIA-EIA-41 PS Home Domain Internet TIA-EIA-41 PS Visited Domain PDSN Home RAN AGW BSC BR Multimedia Home Domain BR v4 /v6 TIA-EIA-41 CS LMSD Home Domain PSTN/ PLMN BR Multimedia BR Visited Domain v4/v6 TIA-EIA-41 CS LMSD Visited Domain AGW Visited RAN BSC core Network core Network 10 / 49

3GPP/3GPP2 ALL Network Configurations IM/MMD network 이 Broadband B3G/4G 의 Core Network 으로진화할것임, -S 기반의 IMS 서비스의 3GPP/3GPP2 호환을기반으로광대역유무선통합멀티미디어서비스의표준으로자리할것으로예상됨. Node-B BTS Carrier s Domain RAN RNC SGSN BSC PCF MGW Packet Backbone (GPRS, R-P) Legacy Service network PDSN GGSN MSC/VLR Server M/SGW MGW IM/MMD network (v6/v4) Internet (v4) PSTN/PLMN v6 Internet 11 / 49

All Broadband Converged Core Network(BcN) -All core network support voice and data services connection for every kind of access network without impact on the access network specific protocols and standard. Legacy PSTN / 디지털 Phone Access Network 2W Loop/xDSL ME/Cable/PON cdma2000 Access Network BTS (cdma2000) BSC UMTS Access Network NodeB (UTRAN) RNC SGSN MSC/VLR Server MGW PDSN MSC/VLR Server MGW GGSN MAG MAG DSLAM Soft switch VoP Premium Network Intranet (v4) Soft switch M/SGW Core Network IM subsystem network (v6) PSTN/PLMN v6 Internet Internet network (v6) Access Network All BcN Core Network 12 / 49

Grand network convergence and inter-carrier networking 다양한광대역유무선접속기술을수용하는차세대네트워크는모든네트워크기 로연결된다. -All NGN vision is grand network convergence - core network will be multi-services diffserv network -Direct broadband core interworking btwn carriers without legacy PSTN Regional Multiple Access network Regional Multiple Access network Regional Multiple Access network A Carrier s VoP/Internet/IM Core Network Regional Multiple Access network Regional Multiple Access network B Carrier s VoP/Internet/IM Core Network Regional Multiple Access network Regional Multiple Access Regional network Multiple Access network 13 / 49

1. Beyond 3G/4G Network Vision Review 2. Broadband Wireless Access 3. Broadband Interactive Communication 4. based Multimedia Core Network 5. QoS and Security issues in Core Network 14 / 49

Global Broadband Wireless Standards Low speed Voice -> medium data broadband high Speed data. Inter Technology Handoff multiple link 지원 Inter Technology Communication application level protocol, S IEEE 802.20* (proposed) IEEE 802.16* WirelessMAN IEEE 802.11* WirelessLAN WAN MAN LAN 3GPP WCDMA,3GPP2 1x,EV-Do,EV-DV, EDGE, TD-CDMA,SCDMA, ETSI HiperMAN* & HERACCESS* ETSI HiperLAN* IEEE 802.21 Handoff IEEE 802.15* Bluetooth PAN UWB ETSI HiperPAN* S/IMS Interactive Comm. 15 / 49

WiMAX Vision Portability/Mobility WiWi-Fi Business Access & Backhaul 802.16e & 802.16REVd WiWi-Fi WiWi-Fi Consumer Broadband Access WiWi-Fi Hotspot Backhaul WiWi-Fi WiWi-Fi 16 / 49 Wi-Fi

Broadband Data Access Vision TDCDMA/3GPP 17 / 49

Broadband Data Access based on SDMA Subscriber PPP BS Based Network, Based Communication Enterprise Subscriber Subscriber BS ハブ ハブ WAN PSS (Packet Service Switch) WAN Application Service Provider Internet POP GW Service Provider Synchronous PPP Encapsulation (PPPoF) (Ethemet) PC Encapsulation (PPPoF) (Ethemet) iburst L4 Data Pkts iburst L3,2,1 Protocol Stack iburst L4 Data Pkts iburst L3,2,1 GRE User terminal Base station PSS Base Unit (User) GRE (User) EMS Server UDP/L2TPxn PPP/ (User) Synchronous PPP UDP/L2TPxn PPP/ (User) ISP 18 / 49 User Terminals PSS (Packet Service Switch)

Service Cell/Core Network Configuration - WLAN 서비스 -Internet 접속, Internet 기반서비스 -WWW,e-mail,FTP, game, Vo, Messenger 서비스, 등등 Cell 특성 -Hot Spot Pico Cell, isolated Cell, Private Usage, Un-licensed - 공공장소에서의 QoS 지원불가 ( 다수가 AP 설치가능 ) - 사적영역에서의진입통제로인한공중망사업자의 Cell 구축불가 Core 망 -Intranet, Internet AP AP AP AP ASW ISP/Internet AP 19 / 49 AP

Service Cell /Core Network Configuration FWA/FBWA 서비스 -WLL, - 음성, 데이터통신서비스, PSTN 통신사업자, ISP, Private MAN Cell 특성 -Macro Cell, isolated Cell, Public/Private, -Un-licensed/licensed Band 사용, QoS 지원 Core 망 -PSTN, Intranet, Internet 교환기 Enterprise LAN 기지국 기지국 V5.2 PSTN Enterprise LAN 기지국 LAC/COT LNS ISP/Internet 20 / 49

Service Cell /Core Network Configuration Cellular/PCS/3G 서비스 - 음성, 데이터통신서비스, 멀티미디어, Cellular 통신사업자 Cell 특성 -Macro/Micro Cell, Seamless Cell(Cellular), Public -licensed Band 사용, QoS 지원 (Voice) Core 망 -Voice Core : Cellular Core, PSTN연동 -Data Core : Intranet, Internet, 3G IMS/MMD 교환기 PSTN BSC Voice 21 / 49 Packet BB GW Data ISP/Internet

Service Cell /Core Network Configuration MBWA 서비스 - 상용화없음, 3G IMS Protocol 기반서비스 -FBWA 와 Cellular/PCS/3G 서비스의통합된서비스제공 Cell 특성 -Macro/Micro/Pico Cell, Seamless Cell(Cellular), Public -licensed Band 사용, QoS 지원필요 ( 음성, 화상통신 ) Core 망 - Multimedia Core Network AGW or ASW ISP/Internet 22 / 49

Broadband Wireless Access Spectrum Allocation License Exempt UHF Licensed WCS ISM UPCS ISM US MMDS Int l MMDS Low/Mid U-NII Upper U-NII & ISM 1 2 3 4 5 GHz MBWA : N-LOS 보장시 무선전화기 WLAN MBWA : 협대역 CH BW 로 Broadband High Speed Channel 확보한계, SDMA 이용한차세대기술필요 FBWA/FWA 23 / 49

1. Beyond 3G/4G Network Vision Review 2. Broadband Wireless Access 3. Broadband Interactive Communication 4. based Multimedia Core Network 5. QoS and Security issues in Core Network 24 / 49

Broadband Access Services Layer 다양한 기술의존재는필수적으로요구되고단일화는불가능함 25 / 49 Application Presentation Transport Network (radio spectrum) Radio spectrum and Air Access Technologies - 800Mhz Cellular, 1.8GHz PCS, 2GHz IMT-2000-2.3GHz Wibro, WCS(in USA) - 2.4 WIFI, bluetooth, Binary CDMA -2.5~2.7GHZ WIMAX for MMDS - 5GHz Band WIMAX, WIFI 다양한무선주파수대역에다양한접속기술이개발되고사용됨, - 국제산업표준방식, 비표준 proprietary 방식혼재 - 상위음성패킷, packet, 기타응용데이터전송과접속유지보장을위한 기술에중점, - 이기종접속기술의직접연동불가, Core 와접속하기위한접속유지기술

Broadband Access Services Network Layer 네트워크기술은다양한Solution이제시되었지만, 국제적으로상호연동상용화된기술은와 E.164(PSTN전화번호 ) 뿐임. Application Presentation 상용화된 Global Network 주소체계 -PSTN 국제전화번호체게 -Internet 주소체계 26 / 49 Transport Network (radio spectrum) 사업자또는지역별적용 -ISDN(No7 나라별변종으로통일한됨 ) -B-ISDN(ATM Signaling) - X.25 Packet Network, Frame Relay Network Broadband Access 기술과결합된 ATM 기반 B-ISDN 은 Broadband Global network 구축실패함, 기술과결합되지않은 기반 Internet 은 Broadband Global Network 구축성공하였고, packet 통신표준이됨. 지속성장할것임, Network 은모든 Access 기술의단말연동을보장함.

Broadband Application Services FTP 등을위한고속의통신외에광대역초고속응용서비스의주류는화상정보전달기반의서비스임 <Internet> < 방송 > < 차세대통신 > < 통신 > Broadband Services Application Presentation Transport Radio Broadcasting Services NGN/ BcN Based on Network Narrow Band Services PSTN Voice/Fax Communication Services Internet - xod, streaming, Video over 방송 -Broadcasting -VoD on the CATV v4 v4/v6 (radio spectrum) 통신 (Interactive Communications) - 화상통신 - 화상회의 - 화상원격진료 27 / 49

Broadband Interactive Communications Services B3G/4G 의핵심서비스기능중의하나는 QoS 품질을보장하는초고속화상통신이다. 기타초고속광대역서비스는이미방송, Internet 으로제공하며가입자의접속서비스기술에따른차이만존재함. WiFi NGN/ BcN Based on Network v4/v6 WiMAX3G/4G PAN 유선및기타 화상통신, 원격회의등쌍방향실시간초고속통신서비스를지원하는 Core Network 은, - 다양한접속기술을수용하고 - 접속기술에독립적으로 - 개별단말을연동하게하는 - Core Network 을기반으로할때에 - 지리적위치와 - 가입사업자에무관하게 통신을제공할수있는기반을확보한다. 28 / 49

Broadband Interactive Communications Services - Equipments 단말기는자신의접속망의 link 기술로 Core 에접속하고, 공통의 Protocol 로타망 / 자기망의단말기와 Multimedia 을개설하여동일한 MPEG code 로화상통신을하게된다, -Core network 의요소는 Source 에대한 transcoding 이나변경등의행위가필요없고, QoS 를보장하기위한전달을보장하면된다. 화상단말기 화상단말기 MPEG Source/ Present UMTS,LAN, CDMA2000 등등유선 (Cable, Metro Ethernet) PE Controller(CSCF) PE MPEG Source/ Present A 접속망 A, A Core Network B 접속망 B B 29 / 49

1. Beyond 3G/4G Network Vision Review 2. Broadband Wireless Access 3. Broadband Interactive Communication 4. based Multimedia Core Network 5. QoS and Security issues in Core Network 30 / 49

TCP/ Internet Perfect Layered Protocol - Layer to Layer Primitive Interface, Peer to Peer layer protocol interface, Easy development and deployment Routing/Forwarding based on - lower layer independent, hop to hop 검증으로용이한증설 31 / 49 Host, DNS App Present A LAN, 무선 access, Cable, Metro Ethernet, xdsl, Dial-Up 접속망 A, A PE CR PE Core Network WAN, MAN B 접속망 B Host, DNS App Present B

Router and Ethernet Switch Router -Connectionless Packet Routing and Forwarding - Packet congestion control, packet drop, packet delay -Routing Information update by Routing Protocol Ethernet Switch -link ID (MAC ID) based packet switching -LAN 에서 MAN 으로확장 Burst packet data oriented network equipment -best effort services - QoS 보장미흡 (connectionless, Hop by Hop) -interactive steady streaming conversation 의 QoS 보장불가 전통적인 Router 와 Ethernet Switch 로구성된 Internet 을통한 toll Quality 수준의통신서비스는불가능. Multimedia core Network 의 Router 는 QoS 를지원하는기능이필요함 32 / 49

3GPP/PP2 S Based IMS - CSCF CSCF 는음성, 화상데이터의경로와는별도로단말과단말을연결하는 기반의 Call Signaling 임. 음성, 화상데이터의전송선을같이사용하는경우 In-band signaling 이라할수있음. Peer-to-Peer 로하위네트워크상태에독립적으로운용. 위치에독립적으로 Home CSCF/S server 접속가능, 접속 Gateway 와 GW 자체의 기능에다양한 IMS 서비스를위한 packet 제어기능부가로 IMS 서비스 connection control 화상단말기 MPEG Source/ Present A UMTS, CDMA2000 등등 접속망 A, Gateway A Call Controller(CSCF) Or S server Core Network PE B 접속망 B 화상단말기 MPEG Source/ Present B 33 / 49

3GPP End-to-end Quality of Service (QoS) concept and architecture CN Gateway 가 Access/ Core Network 의 QoS 를제어함, 3GPP 는 External Bearer Service 영역이전제 IMS 의 Core Network 영역이나기술표준화제외함 TE MT UTRAN/ GERAN GPRS CNIu EDGE NODE End-to-End Service CN Gateway TE TE/MT Local Bearer Service UMTS GPRS Bearer Service Service External Bearer Service Radio Access Bearer Service CN Bearer Service Radio Bearer Service Radio Service Iu Bearer Service Bearer Service Backbone Bearer Service 34 / 49

3GPP2 CSCF Call Scenario example - termination 35 / 49

S Based IMS DNS, AAA, ENUM CSCF 는 DNS, AAA, ENUM server 와연동하여단말기에대한 주소, E.164 주소과금등을수행한다, 기반의 DNS, AAA, ENUM 서버가 NGN 에서필수장비로사용된다, 화상단말기 화상단말기 MPEG Source/ Present UMTS,LAN, CDMA2000 등등 DNS, AAA, ENUM server MPEG Source/ Present PE PE A 접속망 A, A Core Network B 접속망 B B 36 / 49

3GPP2 S Based IMS HSS re-registration Procedures HSS 는 AAA 와 Data Base 의 Composite 구성, IMS 단말의서빙위치등록의과정을수행하여이동성을보장하고 Call Paging 에의한착신이가능 37 / 49

S Based IMS Mobility 계층적이동성지원에의한다양한서비스 Class 제공가능 - Layer Mobility : 접속망제공, Cellular Mobility by Handoff, Fast, seamless -Network Layer Mobility : Core Network, PE 제공, Mobile -Application Layer Mobility : S Registration Mobile 지원되면 Application Layer Mobility 없이도호출가능 화상단말기 MPEG Source/ Present LAN, UMTS, CDMA2000 등등 PE PE 화상단말기 MPEG Source/ Present A 접속망 A, A Core Network B 접속망 B B 38 / 49

1. Beyond 3G/4G Network Vision Review 2. Broadband Wireless Access 3. Broadband Interactive Communication 4. based Multimedia Core Network 5. QoS and Security issues in Core Network 39 / 49

QoS for Interactive communication services in the Network 기반 BcN 으로전환시 Voice Communications -Toll Quality 수준요구 -End-to-End Delay : 이동전화시스템수준익숙함 ( ~200ms) - 음질 ~ MOS 4.0 수준 -low speed streaming. 125us sampling for 64K PCM 비현실적 ( overhead). Vocoded packet 20ms framing, 8K,16K, AMR, WAMR - Cellular Access link FCH 이용가장경제적, not Vo in Access. 화상통신 ( 음성포함 ) -Access 단에서의고속 Circuit 이용 QoS 보장용이, Media Gateway 필요 -Packet Channel 이용 IMS, -End-to-End QoS 보장위한방안은? Core Network 은 Managed Network 의구축이필수적으로요구된다, 신규 router 의구축 40 / 49

QoS & Security in the Communication Services PSTN/PLMN QoS in the PSTN/PLMN for Voice Communications Perfect -connection based -resource reservation -call admission control depend on the resource availability -low end-to-end delay no latency for switching Security 통화채널의문제에국한 - 도청, 감청등 - 물리적접속시에만가능 - 원격지불가네트웍장비의 security 노출없음. -Closed Network 으로외부침입자에의한접근불가 - 장비의 Security 는안정적임 통신서비스용통신장비의안정적인운영은필수적으로요구되는국가기간서비스로서이중화등고도의안정성을요구하므로,IM Core Network 에서도이와같은수준의안정적인운영이요구됨. 41 / 49

QoS & Security in the Communication Services Internet QoS -Connectionless best effort - 부분적인사업자 partial managed Network 으로 QoS 보장가능하나, -End-to-End QoS 보장을위해서는현실적으로불가능 Security Open Network 에의한접근성으로보안성취약 - packet 도청, 감청등 - 원격지접속해킹으로연결된모드 Public host 접근가능네트웍장비의 security 취약. -Open Network 으로외부침입자에의한접근 - 장비의 Security 는공격에불안정적임 - 장비의 Security 는 QoS 에도영향을미치게됨 Public addressable address 로연동되는모든장비들은, FW,IDS 등으로도침입에대하여근본적차단은불가능,IM Core Network 에서도 Security 는치명적인요인임. 42 / 49

Security in the Broadband Communication Services - QoS Broadband Access Network 에연결된단말기는, 고성능의 PC 등으로수만은 PC 로부터대량의 traffic 을발생할수있음. -DDOS 공격으로특정 Node 와 에 traffic 이집중되면해당지역의통신서비스가두절되거나 Call 접속률, 음성품질등의 QoS 가영향을받게된다, - 즉, BcN 에서의 Node Security 는 QoS 에즉각적인영향을줄수있다. 화상단말기 / PC 화상단말기 /PC MPEG Source/ Present PE Call Controller(CSCF) Or S server PE MPEG Source/ Present 43 / 49 A 접속망 A, A Core Network B 접속망 B B

NGN/BcN 가입자통신서비스환경 고성능 Host in the house 디지털전화기 WPAN 전화기 PC WPAN PDA 2W/PNA1.0 PNA1.0/WLAN/Ethernet/ Ethernet/ RGB or 2W/PNA1.0/ Others(IEEE1394,PLC) Others(IEEE1394,P (WLAN/WPAN) LC) Ethernet TV Home Appliance/ Security Product 휴대전화 Ethernet/WLAN/2W/ PNA1.0/IEEE1394/PLC Home Gateway xdsl/me/pon/ Cable to Carriers Network 44 / 49

Security in the Broadband Communication Services - Reliability Hacking 에의하여, Router 의 Routing Table 이변조되거나, CSCF 등의 Call Controller 의 DB 가제거변조되면은시스템의운영이중단되어통신서비스자체가중지되는경우가있을수있다, -FW 로 Hacking 에대응할수있으나근본적인접근금지의방안이필요함. - 통신서비스 Node 가외부의접근이가능하다는취약점 - On-line S/W upgrade 서비스받아도되는가? 화상단말기 / PC 45 / 49 MPEG Source/ Present A 접속망 A, PE A Call Controller(CSCF) Or S server Core Network PE B 접속망 B 화상단말기 /PC MPEG Source/ Present B

Security in the Broadband Communication Services Operational Information Hacking 에의하여, AAA, DNS, ENUM 서버등의데이터조작이발생하면, 사업자의경우 billing 과금정보, 고객 DB 등치명적인자료가파괴될수있다, Best Effort Internet 의경우와달리통신서비스에대한 QoS, Security 및 Reliability 확보를위한근본적인방안이필요하다. 화상단말기 / PC 46 / 49 MPEG Source/ Present A 접속망 A, PE A AAA,DNS,ENUM Core Network PE B 접속망 B 화상단말기 /PC MPEG Source/ Present B

Secured Managed Core Network for QoS & Security Interactive Communication 을위한 End-to-End QoS 보장과, Network Security 의보장을위한근본적인방안으로서, - Admission Control 을요구하는 traffic 을 Edge GW 에서제어 -QoS Router 로구성되는 Core Network 의 traffic 을통제 managed network 을구축한다. Access 단의 QoS 는 RSVP 로가능, Core QoS 는사업자별로보장하고, 사업자간에는 SLA 로보장하여망확장가능. Core 망의 IMS 장비의보호는 Edge GW 에서 FW/IDS 실행. 화상단말기 MPEG Source/ Present A UMTS, CDMA2000 등등 접속망 A, Edge Gateway A Secured Managed Core Network Best Effort Core Network Edge Gateway B 접속망 B 화상단말기 MPEG Source/ Present B 47 / 49

Application Level Gateway PE Router Provider Edge 의 Edge Router 는 - Access 단에서단말과 ER 의 Access link QoS 를보장하기위한 RSVP 기능을수행하고, - Core Network side 로의 QoS 관리를수행하기위한 Level 제어기능을가지며. - FW/IDS 실행하여 Core Network 의망요소에대한 Security 를보장하는기능을제공함으로써, Application Level Service 를제공하는 ALG 가되어야한다 3GPP 의 GGSN, 3GPP2 의 AGW/PDSN, NGN AG 등이 PE 가될수있음. 근본적인 Managed Network 의 Security 확보를위한방안 ( Router 업체가 Managed Network 의 Router 에원격으로접근하여 Router 의유지보수를직접실행하는것을차단 ) 은, PE 에서 NAT 를제공하여 Managed network 을사업자별로 Private Network 으로운용하는방법이있다. 48 / 49

감사합니다!! 49 / 49