Performance of a multi-tiered policy-based management system

K. L.Eddie Law, Achint Saxena

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Apart from providing device management on the Internet, it is essential to offer Quality of Service (QoS) to different users with different service requirements. Policy-based management provides policy control on network devices to achieve this objective. Internet Engineering Task Force (IETF) recommended a two-tiered policy-based management (PBM) architecture. This recommended design is based on Common Open Policy Service (COPS) protocol and Lightweight Directory Access Protocol (LDAP). There are COPS policy outsourcing and provisioning models. LDAP is for storing and fetching policy rules. However, several fundamental limitations exist in the recommended design. System scalability and cross-vendor hardware compatibility are the obvious drawbacks. In this paper, we study the system performance of PBM through experiments. Consequently, improved multi-tiered policy-based management architecture is proposed, and it is known as a unified policy-based management (UPM). For this new design, there are several extensions introduced that offer system flexibility and scalability. Particularly, an intermediate entity between policy server and network routers, the Policy Enforcement Agent (PEA), is introduced. In this proposed architecture, by properly extending network protocols, by installing multi-vendor hardware modules on-the-fly, and hence by interpreting and translating request and decision messages at the agents, the architecture enables a dynamic Unified Information Model throughout the control portion of the design. The multi-tier architecture provides flexible and scalable system design, and it allows executions of policy rules with dynamic addition of new equipment during run-time. To complete the design, communication protocols between policy servers and agents are established that facilitate load sharing and balancing mechanism and improve the system scalability issue. In the following, we discuss the architectural design and its system performance.

Original languageEnglish
Title of host publicationNetwork Control and Engineering for QoS, Security and Mobility - IFIP TC6/ WG6.2 and WG6.7 Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002
PublisherSpringer New York LLC
Pages203-214
Number of pages12
ISBN (Print)9781475759488
DOIs
Publication statusPublished - 2003
Externally publishedYes
EventIFIP TC6/ WG6.2 and WG6.7 1st Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002 - Paris, France
Duration: 23 Oct 200225 Oct 2002

Publication series

NameIFIP Advances in Information and Communication Technology
Volume107
ISSN (Print)1868-4238

Conference

ConferenceIFIP TC6/ WG6.2 and WG6.7 1st Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002
Country/TerritoryFrance
CityParis
Period23/10/0225/10/02

Keywords

  • Common Open Policy Service protocol
  • Lightweight Directory Access Protocol
  • Network management
  • Unified policy-based management

Fingerprint

Dive into the research topics of 'Performance of a multi-tiered policy-based management system'. Together they form a unique fingerprint.

Cite this