|
|
|
|
Policy management could change the way you build and run your networks and applications.
Call it policy management, policy-driven networking or policy-based network management. Whichever nomenclature you choose, the concept calls for establishing and enforcing corporate order, operational integrity and financial accountability for individual, work-group and departmental network users. Essentially, policy management requires a series of automated or expert system-type rules for quality or classes of service based on corporate priorities. Instruction code may reside in or cohabitate with any combination of network management systems, service-level analysis and reporting tools, routers, switches, servers, databases, applications and storage systems. Policies have always been part of enterprise technology usage but have never been so openly articulated and automated as they are today. A typical policy-management deployment might consist of switches, routers and network access devices seeking communications traffic clearance from automated policy decision makers. The latter may be plug-in software modules for the larger hardware nodes, programs under network management platforms or separate servers. The automated policy decision makers receive traffic requests from switches and other nodes, assemble policy information from databases and directories, and then configure net devices based on the policies. One example of real-time policy management is how any sort of network-based monetary transaction - brokerage stock trade, financial transfer, consumer/business retail sale - and its related security/ credit checks might take precedence over e-mail chatter or routine batch data processing backup jobs. Other examples might be the act of giving an executive team designated privileges for network and resource access or establishing policies that provide users of network-intensive SAP R/3 applications precedence over Excel spreadsheet users. Many initial policy implementations resemble a dynamic IP version of voice telephony's moves, adds and changes. Cisco Systems says Network Registrar and Access Registrar policy software from recent acquisition American Internet Corp. in Bedford, Mass., is used by such customers as Boston College and service provider MediaOne to activate, configure and record IP addresses of students and subscribers, respectively. Likewise, 3Com customer Kurtiss Linderman, network manager at Ohio State's Fisher College of Business, says policy management is being used to handle access rights, IP address registration, traffic priorities and connection status for a population of about 2,750 faculty, staff and students. "Policy itself can be pretty nebulous," he says. "Longer term, it is strategically a good idea to look at the ultimate goal of a total policy-based network, although some policy technology is just slideware for now." Policy management's roots are largely in security technology, and security experts agree that consistent corporate policies and practices are linchpins of their field. But internetwork equipment firms, such as 3Com, Cabletron and Cisco, and enterprise management software players, such as Computer Associates and Hewlett-Packard, have been making the most policy management noise. Buttressing policy-management products from these vendors is a cavalcade of point products for security, frame relay and ATM, Internet access, virtual private networks and virtual LANs, directories and more. And an emerging breed of dedicated policy servers that will be able to communicate with various network devices via the Common Open Policy Service or Lightweight Directory Access Protocol are expected from multiple vendors by year-end. Another potential key element in quickening policy implementation is the Cisco- and Microsoft-led Directory Enabled Networks (DEN) initiative, which is focused on delivering a common data storage format for information about users, devices, systems and applications. The ability of policy servers to extrapolate DEN-compliant information is generally expected sometime in 1999. However, questions about availability have been raised in light of DEN's integration with Active Directory, the Microsoft technology resident in the company's delayed Windows NT 5.0 operating system. For enterprise technologists in networking and IT, the buzz about policy comes at a time when they are being swamped with increasing tasks - often amid personnel shortages that can be the catalyst to search for new automation tools. What much of this implies is that with many other things going on, enterprise technologists are merely on the cusp of policy management.
Buyers often are advised to take it slow but steady on policy initiatives, yet told not to ignore ripe moments to implement the appropriate technologies. Theo Forbath, senior consultant at Northeast Consulting Resources in Boston, recommends that network and IT staffs initially look for the easiest policy-management problems to solve with tools they already have available.
|
 |
Forum: Cutting through the hype
Barbetta is a freelance technology writer in Little Falls, N.J. Reach him at franbarb@ aol.com.
IETF to work on policy-based networking:
Bay to unveil policy-based networking strategy:
HP and Intel form policy management partnership:
3Com closing the gaps in product line:
3Com's policy management framework:
Network world Fusion Focus on Network/Systems Management
Cabletron
Market size:
Back in 1995, Cabletron was given "high marks for its commitment to
policy-based management" by John McConnell, president of McConnell
Consulting in Boulder, Colo. He pointed to Cabletron's SecureFast line
and various co-development deals.
| 
Copyright, 1995-2001 Network World, Inc. All rights reserved. |
By Frank Barbetta