Trying to build a policy-based network can seem like trying to build the Tower of Babel because every vendor has a different way of telling their routers and switches to apply policies.
This situation is giving rise to third-party software that can apply policies to each vendor's network equipment in that equipment's native tongue. The latest entrant in this area, Ukiah Software, will unveil software this week, following on the heels of other start-ups, such as Orchestream and IPHighway.
The first iteration of Ukiah's NetRoad Active Policy System will support Cisco routers and Cabletron's SmartSwitch Router, with other network devices following later. The vendor plans to support application servers as well.
Orchestream currently supports Cisco and Xedia equipment, and plans to support several other vendors' gear early next year. IPHighway isn't vendor-specific. Its offering works with products that support the prioritization standards IP Pre-cedence and Resource Reser-vation Protocol.
Ukiah says its product differs from competitors' in that its policies can be dynamic. The software can monitor a critical application through Remote Monitoring probes, and the product can modify policies to grant an application more bandwidth if response time rises above a certain threshold.
In the second half of next year, the company will add security management, and accounting and billing. Its software will run initially on Windows NT and will ship next quarter for a base price of $25,000.
Major equipment providers - such as Cisco, Nortel/Bay and 3Com - earlier this year announced plans to develop policy-based management, but only for their own boxes. This isn't much use to users with multivendor networks.
"Everybody's concerned about the different types of traffic on their network needing to be controlled and prioritized, and policy-based networking is certainly a seemingly viable way to do it," says Mike Ackermann, network planning manager at Blue Cross/Blue Shield in Detroit. "But I'm a little concerned about it potentially being a single-vendor solution, which in my opinion would render it almost completely valueless."
Policy-based networking is a way for network managers to lay out policies at a network management station and have the policies carried out by specific controls in the network. One policy could be that voice traffic gets a certain level of quality of service (QoS), and another could be that the CEO's traffic always gets priority over that of other employees. Security and access to network resources also could be governed through such a system.
Today, such policies are enforced by firewalls or by QoS controls in routers and switches. In the future, ASICs in those devices may take on the enforcement functions (see story, page 1). Most policy-based network tools are scheduled to ship in the first half of 1999.
Unfortunately, it may be a few years before network equipment vendors extend their policy-based management wares beyond their own devices, according to Stephen Elliot, senior analyst at Cahners In-Stat Group in Newton, Mass.
While third parties press their vendor-neutral approaches, many customers may wait and see what the major players can offer, Elliot says.
Meanwhile, the Internet Engineering Task Force (IETF) is putting together a standard way of communicating policy information to network devices. Called Common Open Policy Service (COPS), the draft standard isn't expected to be completed until the middle of next year. The IETF will continue its work on the draft at this week's meeting.
While COPS will define a common language for communicating policies, it's not the be-all and end-all, says Gordon Smith, vice president of marketing at Ukiah, of Campbell, Calif. New devices will be able to speak COPS in the second half of next year, but there will still be a need to communicate policies to older equipment using other means.
Though there's a lot of hype surrounding policy-based networking, there are still some questions about where exactly it is needed. In a local network, users can buy lots of bandwidth at low prices and can overprovision their networks, according to Tom Nolle,president of CIMI Corp., a Voorhees, N.J., consulting firm.
That's the strategy Janus, a Denver-based financial services company, has adopted. Janus has determined it would be cheaper to buy extra bandwidth than to devote systems and administrators to handle policies.
The WAN edge, however, is a different story. "In places where there's limited bandwidth, you can build a case for policy-based networking," says Chuck Yoke, network architect at Janus.
Right now, the company uses some basic queuing techniques at the WAN edge to dole out access to those links.
RELATED LINKS
Glossary of Policy Terms
From 3Com.
COPS protocol draft
Proposed IETF RFC.
COPS for RSVP draft
Proposed IETF RFC.
Quality of Service over IP: References
RSVP gets a callback
IETF to recast the QoS protocol. Network World Fusion, 8/27/98.
