CrossNodes Briefing: Policy Management - Page 2
A Push for Speed
Data transfers and network efficiency continue to grow in importance as users demand more bandwidth and fast response times. Quality of Service (QoS) helps define the importance of each type of traffic and establishes the users and applications that require the best response time. Such applications as VoIP require low latency, and network managers know that traffic has to take priority. Similarly, some critical applications cannot overcome delays, and these must have priority over such traffic as e-mail and application data.
Developing a true QoS definition is difficult. Managers must create policies that balance bandwidth usage while granting priority to specific data transmissions. The politics alone are complex. Each user believes that his or her application is high priority. In reality, some users must endure some delays to ensure that a high-priority connection gets the bandwidth it needs. Further, QoS requires refinement as organizations change and grow. This means that traffic must be monitored and analyzed to achieve optimal policies. In addition, many organizations are moving from static configurations that set access policies on each port to user-based schemes that establish policies for each user.
Remote configuration support is key. This capability allows managers and IT staff to update switches and other network devices from a central console when changes are made. However, remote configuration generally requires that all the equipment come from a single vendor.
The Call for Consistency
Workstations may be the most difficult network devices to control. Users regularly add software, fail to update virus protection programs, and ignore the latest updates to applications software. Managers end up with a disparate collection of configurations that are more difficult to maintain. In cases where the latest virus software is not running, these systems also represent a security risk.
Most companies developed workstation policies that define a minimum standard configuration. Maintaining these workstations requires time and money. Several vendors now offer centralized auditing software to ensure that workstation usage and configurations conform to the policies of the company. Some programs also allow managers to apply updates remotely, and this can save a considerable amount of time.
Finding the Right Policy Manager
Implementing a policy manager is as much a philosophical question as it is a decision based on features. Once a manager decides to adopt a rules-based network, priorities must be identified. A careful analysis of the current infrastructure should show whether security, performance, or workstations require the most work. The analysis also serves as a starting point for defining the rules. Once the focus is set, it is important for the manager to identify the devices affected by the policies.
Regardless of the area addressed by the policy manager, reporting and the user interface are important factors. Managers need to understand how well their security policies operate. Similarly, they must determine the nature of the traffic each user generates if they want to enhance the networks efficiency. Reports and audits also help ensure compliance to workstation configuration policies. Similarly, an effective user interface eases the task of changing policies and allows managers to quickly assess the health of the network. Therefore, managers should consider each policy managers reporting capability and ease of use before they select a product.
Gerald Williams serves as director of quality assurance for dolphin inc., a software development company. williams has extensive background in technology and testing, previously serving as editorial director with national software testing labs (nstl), executive editor with datapro research, and managing editor of datapro's pc communications reference service.