Manage Learn to apply best practices and optimize your operations.

Make policy-based networking work for you

Make policy-based networking work for you
Dinesh Verma

This tip is excerpted from an online event held on The speaker was Dinesh Verma, manager of the Enterprise Networking Group at the IBM T.J. Watson Research Center. Mr. Verma is the author of Policy-Based Networking: Architecture and Algorithms, published by Macmillan Technical Publishing.

Q: What exactly is policy-based networking?
A: A policy is an administrator defined statement stating which traffic ought to be treated differently in the network, e.g. who gets what resources, or which traffic flows get a specific level of security. Policy based networking is the application of policies to the field of networking, e.g. support the enforcement of policies in a networking discipline like Quality of Service, or IP Security.

Q: What are the advantages of Policy-Based Networking?
A: The advantage of policy based networking is that it simplifies the administration and provisioning of many advanced network technologies. A policy based approach is applied to a specific networking technology, and it makes the deployment of that technology easier. For example, let us say that you want to roll out a security solution within your network, and have decided to build it using IP-sec technology. Normally, you would need a lot of expertise in IP-sec technology to operate and deploy a number of firewalls implementing IP-sec solution. If the firewalls are from different vendors, the task becomes more complex. Using a policy based approach, the administrator focuses on issues closer to the business needs to the network. He defines the security policies that are to be put within the network (e.g. you want to provide good security to a certain set of traffic), and lets an automated system take care of configuring the details of the technology.

Q: Which companies are dominant in this field and who do you expect to enter the field/gain market position?
A: The field is too new to say that any one company has a dominant position. There are several players in the field of various nature. There are many startups e.g. IP Highway is very active in COPS arena, Orchestream etc, the heavyweights in the area of networking and network/systems management, e.g. Cisco, HP, CA, Tivoli have their own set of activities. Microsoft, Cisco, IBM, AT&T, Lucent are active in the standards arena. And I am sure I missed up on quite a few in each of the above three categories. So, we have many players, but it is hard to say who has a dominant position now, or who will be dominant in the future. Your guess is as good as mine.

Q: Can you give us some policy examples?
A: In the field of Quality of Service, the following may reflect a set of policies: 1. Communication from CEO's office to finance department is high priority. 2. Random web-surfing by corporate users should be treated with low priority. As another example, consider the case where the policy is to encrypt (with the best possible available algorithm), the communication between CEO and CFO offices.

To learn more about Policy-Based Networking: Architecture and Algorithms, click here.

Did you like this tip? Why not let us know? Visit our tips page to rate this tip, or send an email to sound off.

This was last published in March 2001

Dig Deeper on Network automation and intent-based networking

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.