Tollbooth was developed using industry standard software components to be a concise yet powerful platform on which to implement a large scale public Internet service. It is the result of years of development of other proprietary systems. Knowledge and experience from these other systems was applied to create a more “open” solution consisting of less components, using highly reliable and available software tools integrated into an easy-to-use system. Tollbooth service is based on a highly redundant, extremely scalable, very flexible model to meet not only the needs of today but also the needs of the future. The system comprises a number of modules each covering a specific service function.
The Authentication is handled using HTTPS (Secure Socket Layer) for security. When a potential user launches a web browser, they are immediately redirected by the access control unit to TollBooth which presents them with an HTTPS login page. They are verified using a username/password combination against a user database in TollBooth. Known roaming users are authenticated via the appropriate user realm authority recognized by TollBooth
- Access Control
Access Control is accomplished in combination with the access gateway at the physical venue. The TollBooth Access Control module blocks egress traffic from the user except redirects to TollBooth. Once TollBooth successfully authenticates the user, a “user ok” message is sent back to the access gateway on-premise to grant the user egress access at the venue for session duration specified in TollBooth database. Once the session duration is exceeded, TollBooth sends a “session end” message to the access gateway and the session is terminated.
- Session Accounting
Session accounting is kept via RADIUS, the industry standard for session data. This ensures that the data can be interpreted by other host systems, if necessary. Session data stored includes Session Start, Session Stop, Bytes Transferred, etc.
- Credit Card Processing
TollBooth handles paid network service via convenient credit card payment. The system has a credit card module that is integrated with a credit card processing gateway to handle online dynamic credit card authorization and payments to a linked merchant bank account. The user credit card information is encrypted for storage in the TollBooth database for record keeping purposes.
TollBooth contains a module that can identify roaming users and proxy to the known realm authority for user authentication. At a specified interval, settlement reports can be generated using all roaming session data (users roaming on other networks and vice versa) for each roaming partner WISP. Our roaming module supports prefix, realm and smart client recognition to trigger the authentication. We make a large number of roaming partnerships available which can be customized to create a specific roaming profile.
- Venue & System Monitoring
The TollBooth contains an optional module to provide monitoring of the venue devices and of TollBooth itself. Monitoring capabilities include: device ping, HTTP(S) Get, Server CPU, Memory, Disk Health, Database Query, and device SMNP traps. Optional notification is also available that can notify predefined email address or text messaging device on triggered events. In addition, ICOA can perform as the tier one monitoring and response NOC for the venue and tier I and II end-user support services.
TollBooth provides various standard reports covering session activity, including the number of users in any defined time period; daily, weekly, monthly, etc. Session data can be exported for custom report generation with standard tools such as MS-Access, Excel, Crystal Reports, etc. In addition to the standard reports our platform can accommodate virtually any customized report requirements.