Abstract
Apart from providing device management on the Internet, it is essential to offer Quality of Service (QoS) to different users with different service requirements. Policy-based management provides policy control on network devices to achieve this objective. Internet Engineering Task Force (IETF) recommended a two-tiered policy-based management (PBM) architecture. This recommended design is based on Common Open Policy Service (COPS) protocol and Lightweight Directory Access Protocol (LDAP). There are COPS policy outsourcing and provisioning models. LDAP is for storing and fetching policy rules. However, several fundamental limitations exist in the recommended design. System scalability and cross-vendor hardware compatibility are the obvious drawbacks. In this paper, we study the system performance of PBM through experiments. Consequently, improved multi-tiered policy-based management architecture is proposed, and it is known as a unified policy-based management (UPM). For this new design, there are several extensions introduced that offer system flexibility and scalability. Particularly, an intermediate entity between policy server and network routers, the Policy Enforcement Agent (PEA), is introduced. In this proposed architecture, by properly extending network protocols, by installing multi-vendor hardware modules on-the-fly, and hence by interpreting and translating request and decision messages at the agents, the architecture enables a dynamic Unified Information Model throughout the control portion of the design. The multi-tier architecture provides flexible and scalable system design, and it allows executions of policy rules with dynamic addition of new equipment during run-time. To complete the design, communication protocols between policy servers and agents are established that facilitate load sharing and balancing mechanism and improve the system scalability issue. In the following, we discuss the architectural design and its system performance.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35620-4_43
Chapter PDF
Similar content being viewed by others
Key words
Reference
R. Yavatkar, D. Pendarakis, R. Guerin, A Framework for Policy Based Admission Control, RFC 2753, IETF, January 2000.
J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Raja, and A. Sastry, The COPS (Common Open Policy Service) Protocol, RFC 2748, IETF, January 2000.
M. Wahl, T. Howes, S. Kille, Lightweight Directory Access Protocol (v3), RFC 2251, Dec. 1997.
S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, and W. Weiss, An Architecture for Differentiated Service, RFC 2475, IETF, December 1998.
R. Braden, D. Clark, S. Shenker, Integrated Services in the Internet Architecture: an Overview, RFC 1633, IETF, June 1994.
H. Mahon, Y. Bernet, S. Herzog, and J. Schnizlein, Requirements for a Policy Management System, work in progress, November 2000.
K. Chan, D. Durham, S. Gai, S. Herzog, K. McCloghrie, F. Reichmeyer, J. Seligson, A. Smith, and R. Yavatkar, COPS Usage for Policy Provisioning, RFC 3084, IETF, March 2001.
K.L.E. Law, “XML on LDAP Network Database,” in Proc. IEEE Canadian Conf Elec. & Comp. Engineering, Halifax, Canada, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Law, K.L.E., Saxena, A. (2003). Performance of a Multi-Tiered Policy-Based Management System. In: Gaïti, D., Boukhatem, N. (eds) Network Control and Engineering for QoS, Security and Mobility. NetCon 2002. IFIP — The International Federation for Information Processing, vol 107. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35620-4_17
Download citation
DOI: https://doi.org/10.1007/978-0-387-35620-4_17
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5948-8
Online ISBN: 978-0-387-35620-4
eBook Packages: Springer Book Archive