Performance of a multi-tiered policy-based management system

K. L.Eddie Law, Achint Saxena

研究成果: Conference contribution同行評審

摘要

Apart from providing device management on the Internet, it is essential to offer Quality of Service (QoS) to different users with different service requirements. Policy-based management provides policy control on network devices to achieve this objective. Internet Engineering Task Force (IETF) recommended a two-tiered policy-based management (PBM) architecture. This recommended design is based on Common Open Policy Service (COPS) protocol and Lightweight Directory Access Protocol (LDAP). There are COPS policy outsourcing and provisioning models. LDAP is for storing and fetching policy rules. However, several fundamental limitations exist in the recommended design. System scalability and cross-vendor hardware compatibility are the obvious drawbacks. In this paper, we study the system performance of PBM through experiments. Consequently, improved multi-tiered policy-based management architecture is proposed, and it is known as a unified policy-based management (UPM). For this new design, there are several extensions introduced that offer system flexibility and scalability. Particularly, an intermediate entity between policy server and network routers, the Policy Enforcement Agent (PEA), is introduced. In this proposed architecture, by properly extending network protocols, by installing multi-vendor hardware modules on-the-fly, and hence by interpreting and translating request and decision messages at the agents, the architecture enables a dynamic Unified Information Model throughout the control portion of the design. The multi-tier architecture provides flexible and scalable system design, and it allows executions of policy rules with dynamic addition of new equipment during run-time. To complete the design, communication protocols between policy servers and agents are established that facilitate load sharing and balancing mechanism and improve the system scalability issue. In the following, we discuss the architectural design and its system performance.

原文English
主出版物標題Network Control and Engineering for QoS, Security and Mobility - IFIP TC6/ WG6.2 and WG6.7 Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002
發行者Springer New York LLC
頁面203-214
頁數12
ISBN(列印)9781475759488
DOIs
出版狀態Published - 2003
對外發佈
事件IFIP TC6/ WG6.2 and WG6.7 1st Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002 - Paris, France
持續時間: 23 10月 200225 10月 2002

出版系列

名字IFIP Advances in Information and Communication Technology
107
ISSN(列印)1868-4238

Conference

ConferenceIFIP TC6/ WG6.2 and WG6.7 1st Conference on Network Control and Engineering for QoS, Security and Mobility, Net-Con 2002
國家/地區France
城市Paris
期間23/10/0225/10/02

指紋

深入研究「Performance of a multi-tiered policy-based management system」主題。共同形成了獨特的指紋。

引用此