issuhub.com

Side_1_360

(Dana P.) #1

10, the network manager edits policies through
a policy entry console. Those policies are then
stored in a policy repository. When requested, a
policy server (Policy Decision Point) retrieves
policies from the repository and makes policy
decisions that are communicated, e.g. applying
Common Open Policy Service (COPS), to the
relevant network points. These network points,
like routers, switches and firewalls, enforce the
policy decisions in the network. COPS is a query
and response TCP-based protocol that can be
used for exchanging information between Policy
Decision Point (PDP) and Policy Enforcement
Point (PEP).


In order to carry out efficient management of
the network resources a number of features of a
management system are asked for, adapted from
[ID_polreq]:



  • Centralised management view – implying the
    ability to carry out management activities
    remotely and that the management system is
    able to cope with all network resources in the
    network.

  • Abstracted management data – saying that
    simplified views of network resources should
    be possible, e.g. “hiding” details when they
    are not relevant.

  • Common and consistent views/interfaces

    • similar procedures and similar data views
      should be used for similar procedures. The
      number of views/interfaces needed should
      also be limited.



  • Automation of tasks – including less human
    intervention needed and that customers may
    serve themselves within the authorised set of
    activities.


A major key to meet such required features is
the way of giving data used for representing the
resources, customers, etc. Such data has also
been referred to as policy. When applying pol-
icy-based management the required features
listed above are addressed. So far, much effort
has been spent on the representation of such data
in a repository.


Having a policy repository, interfaces from the
management/operator side as well as the net-
work side have to be present. A way to trans-
form the policy into usable formats and inform
the network components also has to be imple-
mented. Then appropriate mechanisms in the
network elements to enforce the policies have
to be activated.


A QoS Policy Information Model(QPIM) is
described in [ID_qpim]. QPIM is a set of entities


and relationships (both modelled by classes) that

define managed objects and interactions between

managed objects that can be used to define,

manage and control IntServ- and DiffServ-

related mechanisms using policies. Policy

classes and relationships between them are

depicted in Figure 12.

QPIM is an information model in the sense that

it is independent of any specific implementation.

The model of policies can be seen similar to an

object oriented modelling in the sense that hier-

archies and reuse are present. Furthermore, poli-

cies can be “nested” such that a policy contains

another policy (possible decision strategies

defined are match-first and match-all).

Two hierarchies of object classes are seen:

i)structuralclasses representing policy informa-

tion and control of policies (entities in the

managed policy environment); and

ii)relationshipclasses that show how instances

of the structural classes are related to each

other. Both associations and aggregations can

be given as relationship classes. Containment

is a directional relationship – the containing

entity is known as the aggregate and the con-

tained entities are known as the components.

A QoS policy domain(see Figure 11) can be

viewed as a contiguous set of nodes that operate

under a common system of administration and

provide a common set of services. Each of the

nodes can contain policy rules and/or policy

information. Such a grouping is done to simplify

management and ensure consistencies. A QoS

policy domain can also be seen as a container

that provides scooping for a QoS policy con-

tainer, policy rules and other policy information.

A policy group class holds a property called pol-

icy roles. This represents the roles and combina-

tions of roles that are associated with a set of

policy rules. Each value represents one role

combination. After identifying the relevant set

Figure 11 Policy domain and

related terms


  • policy rule

  • policy information


rule = if <conditions> then <actions>

policy group


  • policy roles


policy domain

node
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.