How Crucial is Control?

Policy-based control in cyberspace

Control. It’s something humans gravitate toward in all walks of life. We want control of our finances, our kids, our relationships, our success, our futures. The list goes on.

To what extent do you want control of what you can access in cyberspace? Or, another way to look at it: To what extent do you want someone else to control what you access? And yet a third way to look at it: To what extent do you want to control what someone else accesses?

I’m sure your answers vary, but they probably all come back to you being the controller (whether it’s controlling what you access or what someone else accesses).

If you’re managing a large network or the applications that it carries, you may refer to this control as “policy.” Policy-based management has significant pent-up demand. Every time a vendor provides some sort of policy-based control, the demands extend that much further out.

What do I mean by policy-based control or management? Basically, IT can control, based on pre-established settings (or policies) what employees can access, how, and at what speeds. They can do this in a variety of ways: IT folks can prevent access to certain Web application categories (think porn or gambling sites) or specific Web applications (think YouTube or Facebook, if they don’t want employees accessing those apps for personal use and they’re not leveraging them for the business). They also can prevent access from specific locations, from specific users, or at certain times of the day.

Carriers provide class-of-service levels (typically three to five) as part of their MPLS services, and even though only 25% of companies use at least three classes of service, that group wants even more granular control. They want to set policies within each class of service, and they want to do it dynamically.

What drives this demand? A combination of factors—following company policies, reducing access to high-bandwidth Web sites to improve performance of core company applications, keeping employees focused on work, etc.

As companies extend their networks and to more and more remote sites (branch office locations grew 9.2% from 2004-2008, and although they decreased 3% in 2009, they’re poised for another growth spurt this year), centralized management—and indeed, control—becomes more crucial.

But there are some issues. Though IT staffs say they want these capabilities, there isn’t much desire to pay a premium for them. So this market has been somewhat slow to develop, and until a compelling business case emerges for companies to spend a premium for these features, it’s tough for vendors and carriers to invest R&D dollars.

Moving forward, though, we expect a slow and steady continued adoption of the policy-based tools and services available. As applications, networks, devices, corporate legal/compliance restrictions, and user demands become increasingly complex, companies will have no choice but to impose such policy-based controls. And at that point, either competitive pressures or customer willingness to pay a premium will encourage all vendors to bolster their policy-based controls.


Copyright © 2010 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022