Abstract
For several years, Configuration Management has been conducted mainly through command line or SNMP. However, while computer networks started growing bigger in size and complexity, it became apparent that these approaches suffer from significant scalability and efficiency limitations. Policy-Based Networking (PBN) seems to be a promising alternative for Configuration Management, and has already received significant attention. This approach involves the processing of the network policies by special servers (PDPs) that send the appropriate configuration data to the Policy Enforcement Points (PEPs) that reside on the managed entities. COPS and its extension for policy provisioning, COPS-PR, are currently being developed by IETF to implement PBN. In COPS-PR, the PDP installs to the PEP policies that the latter should enforce. However, the types of policies that the PEP can understand are limited and hardwired to it by the manufacturer. In this paper, we propose an architecture that attempts to raise such limitations and push the decision taking from the policy servers to the managed devices.
This research work is supported by research grants from Nortel Networks and the Natural Sciences and Engineering Research Council of Canada.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Shepard, S.J.; “Policy-based networks: hype and hope”; IT Professional, Volume: 2 1, Jan.–Feb. 2000, Page(s): 12–16
Hugh Mahon; Yoram Bernet; Shai Herzog; “Requirements for a Policy Managed System”; IETF; Internet draft draft-ietf-policy-req-01.txt, October 1999
M. Sloman, “Policy Driven Management For Distributed Systems”, Plenum Press Journal of Network and Systems Management, vol 2, no. 4, Dec. 1994, pp. 333–360
A. Westerinen; J. Schnizlein; J. Strassner; Mark Scherling; Bob Quinn; Jay Perry; Shai Herzog; An-Ni Huynh; Mark Carlson; “Policy Terminology”; IETF, Internet Draft draft-ietf-policy-terminology-00.txt, July 2000
R. Yavatkar; D. Pendarakis; R. Guerin; “A Framework for Policy-based Admission Control”, IETF, RFC 2753, January 2000
D. Durham, Ed.; J. Boyle; R. Cohen; S. Herzog; R. Rajan; A. Sastry; “The COPS (Common Open Policy Service) Protocol”; IETF, RFC 2748, January 2000
Kwok Ho Chan; David Durham; Silvano Gai; Shai Herzog; Keith McCloghrie; Francis Reichmeyer; John Seligson; Andrew Smith; Raj Yavatkar; “COPS Usage for Policy Provisioning”; IETF, Internet Draft draft-ietf-rap-pr-03.txt, July 2000
M. Fine; K. McCloghrie; J. Seligson; K. Chan; S. Hahn; R. Sahita; A. Smith; Francis Reichmeyer; “Framework Policy Information Base”, IETF, Internet Draft draft-ietf-rap-frameworkpib-01.txt, July 2000
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boutaba, R., Polyrakis, A. (2001). Towards Extensible Policy Enforcement Points. In: Sloman, M., Lupu, E.C., Lobo, J. (eds) Policies for Distributed Systems and Networks. POLICY 2001. Lecture Notes in Computer Science, vol 1995. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44569-2_16
Download citation
DOI: https://doi.org/10.1007/3-540-44569-2_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41610-4
Online ISBN: 978-3-540-44569-2
eBook Packages: Springer Book Archive