Diameter Network: What you need to know

Diameter network or protocol is an authentication, authorization and accounting procedure in network security that allows a computer network to determine which devices to allow onto the network. It is built on the RADIUS (Remote Access Dial In User Service) which was a protocol created and developed by the Internet Engineering Task Force  IETF to handle remote access to network resources and facilitate Internet Protocol IP mobility in a secure manner. Diameter was developed because of issues related to the security measures, dependability, adaptability and scalability of RADIUS and due to its incapability to efficaciously manage IP mobility, policy controls and remote access.

A diameter proxy is a diameter agent that routes a message to a node in the network and can change the AVP format, the message and policies applied to the message before onward transmission of data. The importance of diameter agents goes beyond data transmission into ensuring that all the sessions established in a network are congruent. This is done by maintaining the same policy and charging controls for all Internet Protocol – Connectivity Access Network IP-CAN sessions open. The network function software that undertakes this is the Policy Charging Rules and Function PCRF, which maintains consistency across multiple deployments.

The Policy Charging Rules and Function totals information transfer within the network and any operation systems supporting it in real time to enable the creation of rules that make policy decisions for nodes. This enables reliable and secure scaling of information transmission to meet needs as presently requested by the devices accessing the system. Its importance is determining which policy rules to apply in a specific network access request by a device from any node. It is integrated into the central functioning node allowing it to access all subscriber databases and related functions from a centralized location.

These design capabilities make Diameter protocol a substantial improvement over the RADIUS protocol by allowing bi-directional information transfer on a peer to peer basis, allowing for applications bearing a push and pull model. Secondly, by use of the PCRF, data encryption is enabled by determining policy application on request-by-request basis rather than a network wide application. This allows the implementation of systems that control the modification of data transmitted to ensure data integrity; these systems are termed end-to-end security. Efficiency in diameter networks is higher because the accounting methods ensure acknowledgement of request receipts and their processing output.