12.4 Policy-Based QoS Management

To address the QoS challenges of IP networks, policy-based bandwidth management solutions are becoming available from a growing number of vendors. These tools allow network administrators to create assured service levels and deploy security features across enterprise networks, including intranets and VPNs based on IP. With these tools, network administrators can set traffic policies designed to guarantee that both mission-critical and routine data traffic are offered to the network and routed in a timely and consistent manner. Numerous capabilities are available with these tools, including the following:

• Monitoring, categorizing, and optimizing IP, IPX, AppleTalk, and SNA traffic to support service-level guarantees based on the organization’s needs and priorities.

• Applying access-control policies for extended network and application security.

• Protecting the performance of mission-critical applications on LANs and IP networks by providing layer-independent policy configuration and enforcement at Layers 1–4.

• Controlling bandwidth by prioritizing traffic, allocating bandwidth for specific application flows, and managing dynamically requested bandwidth via protocols such as the RSVP.

• Dynamically controlling the QoS mechanisms in standards-compliant routers and automatically configuring network resources to accommodate missioncritical and time-sensitive applications. Traffic can be prioritized by user, IP address, time of day, or application.

• Driving network behavior that maps to business processes and needs, enabling managers to deploy unified policy capabilities that provide end-to-end network traffic predictability and control.

• Verifying delivered performance against application service-level agreements by tracking application flows and application response times.

• Combining firewall, VPN, and traffic management functionality on a single platform.

• Enforcing business-level policies such as QoS levels and access privileges on behalf of users, groups, and applications.

• Using automatic discovery and classification of devices to lay out a network’s topology. The data is used to construct rules that assign QoS priorities to specific applications.

• Employing TCP rate control to actively manage bandwidth and smooth out bursty IP traffic to relieve congestion on IP networks, while making performance more predictable for time-sensitive applications.

While these tools leverage the basic capabilities of the QoS standards for IP, policy-based solutions go far beyond them, allowing managers to fine-tune the network in terms of balancing costs, performance, and administrative productivity. In some cases, the products can be further enhanced with the addition of optional software packages, such as accounting, which provides policy-based tracking of bandwidth and transactions, and usage-based reporting and billing. Some software packages enforce network caching policies, and others distribute traffic according to individual server capabilities.

Some of the policy-based tools for IP are available as software solutions that are installed on existing routers located on the edges of the network, while others are implemented in hardware, requiring the purchase of dedicated devices that are also deployed at the edges of the network. Tool vendors typically specialize in IP rather than frame relay or ATM because of the growing popularity of intranets, extranets, and VPNs, which are based on the TCP/IP protocol suite. TCP/IP also lacks granular control of prioritization mechanisms that many organizations need. However, when IP is used over frame relay and ATM networks, these tools can be used to extend control of IP traffic across these networks as well.

Furthermore, IP networks support a diverse range of services, including VPNs, extranets, application hosting, and e-commerce, as well as voice and video traffic. The range of services supported by IP continues to grow. These new IP services offer companies the potential for new revenue streams and increased returns on investment from new and existing network deployments. Consequently, policy-based tools—software or hardware implementations—are more in demand for IP than for frame relay or ATM.