Policy-Based Management for Enterprise and Carrier IP Networking

UDC 621.395.74:681.32

Policy-based Management for Enterprise and Carrier IP Networking

VTakeo Hamada VPeter Czezowski VTakafumi Chujo (Manuscript received September 15, 2000)

Policy-Based Management (PBM) will play a key role as a management technology for end-to-end IP-nized integration of enterprise networks and telecommunication networks. In this paper, we examine PBM and its requirements for managing the new telecommunication network service environment, and propose a scalable new PBM architecture based on relevant research at Fujitsu Laboratories of America. A new development in PBM, called active policy, is illustrated. We expect that the active policy will bring new insights on the integration of PBM and intelligent agent systems, benefiting service management and customer care in the new network service environment.

1. Introduction ferent views of network design and its operation, The Internet has given rise to explosive resulting in different approaches toward network growth of communication demand. The Internet management. Predictable dominance of the In- traffic doubling period of 90 days, also known as ternet in the data traffic and network service Gilder’s law,1) is a clear indication of its huge im- spheres, however, has put the two paradigms in a pact on our society for years to come. In last 5 collision course, and it seems clear that a new years, a new generation of equipment vendors and network management paradigm must be born out carriers has emerged, responding to insatiable of this cultural collision. We at Fujitsu Laborato- bandwidth demand of the Internet users. The ries of America have been engaged in research to Internet has brought a new paradigm of commu- bring forth the vision of the new network man- nication and networked services, and it has also agement paradigm into reality. In particular, we brought a set of new IP-based technologies, new believe that Policy-Based Management (PBM) is technical standards, and new business styles. at the center of this new paradigm. Telecommunication is, in contrast to the In- ternet, a much more mature technology. Since 2. Network management for the new Graham Bell’s invention in 1876, the basic ser- network service paradigm vice paradigm of PSTN (Public Switch Telephone Encounter between the two paradigms has Network) has changed little: a network optimized been one of the driving forces behind several im- for human voice communication. Over the long portant technical developments in late 1990s; years, the telecommunication has served as one Voice over IP, and NGN (Next Generation Net- of the most important pieces of social infrastruc- work), to name a few. The same is true for network ture, responding to the high demand on its management, whose aim is to achieve high reli- reliability and universal availability. ability and accountability of network operations The two network paradigms are based on dif- and services through the use of NMS (Network

128 FUJITSU Sci. Tech. J.,36,2,pp.128-139(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

Management System). In the early stages of the Task Force) standards, along with the telecommu- Internet, there was fairly clear separation between nication management framework, notably TMN the Internet and the telecommunication, both in (Telecommunication Management Network) stan- terms of technologies and management responsi- dards from ITU-T. The challenge of the new bilities. The majority of traffic was still voice, and paradigm is to cast the two existing management the telecommunication network provided WAN in- frameworks into a new, unified framework, capa- frastructure, upon which the Internet was built ble of end-to-end management of both data and as an overlay. multimedia traffic. With the growth of the Internet, the volume of data traffic surpassed that of voice traffic, and 3. Policy-Based Management it has become common to build an all IP-based Policy-Based Management (PBM) has at- backbone network, which is overlaid directly on tracted significant attention both from the SONET or WDM (Wavelength Division Multiplex- industry and the academic research community ing). The Internet is quickly becoming an essential in recent years, as it has been recognized that PBM public network infrastructure, replacing some of can effectively provide a good means to solve the the roles of the telecommunication network. In puzzle of integrated IP/telecom management. other words, these two networking paradigms – Early works on PBM include Sloman3) and others Internet and telecommunication network – will in early 1990s. Inspired by DEN (Directory En- merge into a new telecommunication infrastructure. abled Network)4) initiative by Cisco and Microsoft, Moridera et al.2) suggests that the future tele- works on PBM followed in IETF Policy WG and communication service environment will look like DMTF, forming a strong technical trend in the IP a virtual network server, which consists of a set of networking community. Although the center of application specific servers running on IP-based PBM activities is in IP networking, PBM can be application protocols interconnected by a high- applied to wide range of control and management speed all optical network. The virtual server issues both in IP networks and telecommunica- provides access to actual servers and service/network management support (Figure 1). In this new paradigm, network/service management it- Stream media Virtual server self is a service, provided by a set of specialized E-commerce Publication servers. Though it resembles the Internet, this Application new telecommunication must provide the good server characteristics as found in today’s telecommunication network, i.e. high reliability and universal availability. Photonic core network Virtual Network management is one of the key tech- router nologies needed to fulfill the above requirements. In other words, a new paradigm for network management is also needed, in order to address the Load Edge node Protocol Gateway balancing conversion requirements arising both from the Internet side Access Access Access and the telecommunication side of the new tele- Access server communication infrastructure. In particular, the new network management paradigm will incor- porate the Internet management framework Figure 1 New network service environment. consisting of related IETF (Internet Engineering

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 129 T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

tion networks. requests a policy decision made by the PDP. In Figure 2 illustrates the IETF standard PBM IETF, protocols for the standard reference model architecture.5) The figure illustrates realization have been standardized: LDAP (Light-weight Di- of the standard architecture in typical IP man- rectory Access Protocol) for the communication agement environment as offered by Fujitsu between the policy-repository (LDAP server) and SystemWalker. The architecture is designed in PDP, and COPS (Common Open Policy Service) such a way that high-level management knowl- for the communication between PDP and PEP. edge is captured by policy rules, which are stored A major motivation for developing IETF stan- in a policy repository, known also as directory serv- dard PBM has been to give remedy to SNMP er. In general, the policy rules have the following (Simple Network Management Protocol)-based form. management framework, whose usage has been limited primarily to monitoring. In a historical IF policy_activation_codition THEN policy_action perspective, this is a result of rapid deployment and technical maturity of IP network, to which IP The policy activation condition describes the management technology needed time to catch up. condition when the following policy action is to be We think the following technical characteristics activated. For example, monitoring events, which of PBM are particularly noteworthy from the report network state, node state, or traffic type at standpoint of the integrated IP/telecom network ingress router, can trigger a policy action result- management. ing in provisioning of the network resources. Once Built-in network intelligence: through its these policies are defined and deployed at the information model and policy rules, PBM provides policy-server (PDP, Policy-Decision Point), they are richer context for more intelligent operation and further translated and downloaded to correspond- management for increasingly complex IP network ing network devices (PEP, Policy-Enforcement than what is available in IP networks today. In a Point) to put the policies in effect. This interac- crude sense, each policy rule can be seen as a frag- tion between PDP and PEP works in the opposite ment of a distributed intelligent information direction also. For example, a piece of policy is system, of which expert knowledge is solely fo- uploaded from PEP to PDP, so that the PEP cused on IP network operation and management. The above feature has been emphasized as one of the advantages of PBM, in particular in Management applications Policy the original DEN proposal. From our point of view management tool

(optional) of the integrated IP/telecom network manage- (LDAP) Policy server Directory Policy ment, we believe that the following three features server(RDB) repository will be important for the future development of (LDAP) Policy decision PBM. Status Dynamic point (PDP) monitoring control Integration of control and management: Access (COPS) the same information model, called PIB (Policy- control Server Policy enforcement Information Base), enables more effective Router point (PEP) Bandwidth control integration of network control and management. IETF PBM Although current PIBs available in IETF stan- Network Load reference model Client server balance (draft-ietf-policy- dards are mostly device-specific, control IP networks terminology-00)5) architecture specific models, the semantics im- plied by the PIB can be made into a set of Figure 2 Policy-based management architecture. information model for integrated control and

130 FUJITSU Sci. Tech. J.,36, 2,(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

management of network and service management, SMI, which was originally developed for SMNP when the model is extended as it is exemplified in MIB, the information model represented by the DMTF CIM (Common Information Model). PIB can be made protocol independent, when its For example, network control addresses usage is extended. For example, IETF standard issues such as MPLS (MultiProtocol Label protocol for policy service, i.e. COPS, does not en- Switching) signaling, connection admission, and force any structural constraints on its contents, congestion control at nodes, which all involve real- allowing the PIB fragment to be carried from a time processing at network elements. Network policy server to a network device, and to be inter- management, on the other hand, addresses issues preted free of SNMP or other protocols with such as monitoring and accounting of established structural constraints. In other words, the infor- MPLS connections, whose focus has been more on mation model and policy expressions can be made maintaining functions of network resources once independent of protocols by which they are car- communication path is established by network ried. control. PBM connects these two phases of net- Figure 3 illustrates the two network man- work operation in a unique manner, in such a way agement paradigms, namely the Internet and the that policies, which are installed by network man- TMN-based telecommunication, are illustrated. agement using PDP-PEP model, dictate the The Internet is primarily date centric, and is char- behavior of network control. For example, a con- acterized by simple and easy provisioning, while gestion control policy describes how a node it offers less or no service management in handles packets when congestion occurs. In oth- comparison with telecommunication networks. er words, through policies, network management Telecommunication networks are characterized can directly or indirectly affect the way network by high reliability and clear layering in the control is done in the network. management architecture, while offering more PBM is also called PBN (Policy-Based Net- comprehensive service management scheme, working) when its network control aspects are which includes more complete coverage of FCAPS more emphasized. PBN allows the network oper- (Fault, Configuration, Accounting, Performance, ator to work on IP network operation issues at a Security) and usage-based billing. higher, service-focused level, rather than at a de- The two seemingly different approaches can vice-specific level, leaving details on the control be unified, in such a way that they are bridged parameters to the relevant policy-rules.note 1) Management function layers: the same mechanism can be utilized to provide management TMN-based function layers as they are defined in TMN (Tele- Internet communication Management Network) model. telecommunication • Simple, easy provisioning • Solid service management The TMN functional layers provide levels of ab- • Less or no service – FCAPS straction for network operation and management, management – Usage-based billing • Data centric Business • High reliability from network devices up to network services. management • Clear layering Protocol-independent information model: Service management Although PIB is not protocol independent in most Network management of its current usage and its syntax closely follows Network element management

Network elements note 1) In this paper, we use the term PBM consis- tently throughout the paper. In most cases, the two terms, PBM and PBN, can be used Figure 3 interchangeably. Internet vs.Telecom: Two NM paradigms.

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 131 T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

using PBM with a set of coherent information in this process. models for the new IP-based end-to-end network infrastructure. Figure 4 shows how this integra- 4. End-to-end IP policy management tion will be achieved. There are several sources architecture for this new network information model. From In the emerging network service paradigm, the Internet camp, IETF PIB and DMTF CIM6) end-to-end support both for network management will provide basis for the unified model. From the and service management will be very important. telecommunication camp, ITU-T TMN, TINAnote 2) The end-to-end IP management should be able to RIM (Resource Information Model),7) TMFnote 3) provide guaranteed service, QoS (Quality of Ser- CaSMIM8) shall be counted as efforts important vice), QoE (Quality of Experience) for various IP-based services, across administrative domains Shared management knowledge involved with the service provisioning. The new (SLA, PBM interoperation) management paradigm should bring about NMS HTTP LDAP smoother, more flexible, and more effective inte- XML TMN (ITU-T) PIB (IETF) gration of service offerings from players in the new CaSMIM (TMF) COPS/CORBA WBEM CIM (DMTF) RIM (TINA) network service paradigm, including network pro- COPS/CORBA SNMP/ VPN SNMP CMIP viders, service providers, ASPs (Application RMON VoIP CORBA Service Provider), and end users. Applications Network elements Our group at Fujitsu participated in a joint Measurement effort to compile the vision for the new network management paradigm. During its study period, the prospective market for management products Figure 4 PBM as information centric management. and competitor trends were studied, and compet-

PBM interoperation PBM interoperation Dynamic SLA management Dynamic SLA management Directory Service Policy Directory management server Directory CORBACOPS LDAP

LDAP LDAP Event collection Network management Policy server Event collection Policy CORBA server COPS COPS IP EMS Basic EMS

Access Edge Core Edge Access ASP

Enterprise network Carrier network ISP network

E2E management EMS: Element Management System Figure 5 End-to-end IP management architecture. note 2) TINA, Telecommunication Information Net- note 3) TeleManagement Forum. work Architecture. http://www.tmforum.org http://www.tinac.com

132 FUJITSU Sci. Tech. J.,36, 2,(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

itive analysis with current Fujitsu management end-to-end QoS guarantee or QoE guarantee in a products was performed. Figure 5 illustrates the more quantifiable manner. In contrast to what is end-to-end IP management architecture, which is available today, all the management actions will a part of the vision created by the study. The key be more tightly integrated with business work- item in the architecture is PBM. The vision en- flow, enabling end-to-end flow-through operations. tails the following three-step evolution path for The business workflow typically includes provi- the next 5 years. sioning, monitoring, and billing. In Figure 5, the three-step evolution results 1) IP-nization of telecommunication network in a PBM-based end-to-end IP management ar- The next telecommunication network infra- chitecture. The three interworking PBM domains, structure will be predominantly IP-based, and an enterprise network, a carrier network, and an IPv6 will play a primary role in the IP-nization ISP network, communicate with each other process.9) In particular, we believe that mobile IP through PBM interworking interfaces, with which and requirements of number portability will glo- dynamic SLA (Service Level Agreement) informa- bally accelerate acceptance of IPv6. The key tion is exchanged. The dynamic SLA is a flexible events will occur within 2 to 3 years. IP-based, or template for IP network management and service IP-enabled network devices will gradually replace management operations, which drives respective traditional telecommunication network elements. business processes in the domains in such a way In the process of this transition, network man- that flow-through operations throughout the three agement systems, including EMSs (Element domains become possible. The seminal paper on Management System) and NMSs (Network Man- dynamic SLA10) gives an example that an end cus- agement System) will be increasingly IP-enabled. tomer’s management policy is embedded in an SLA, so that the policy is negotiated and deployed 2) PBM deployment in telecommunication through a customer-provider negotiation process. networks In 3 to 4 years, the needs of integrated 5. Scalable PBM architecture for end-to-end IP network management will initiate enterprise/telecom integrated wide deployment of PBM-based network manage- management ment system, which will enable more sophisticated The IETF policy WG architecture provides integration of enterprise network management the starting point toward the end-to-end IP man- and WAN (Wide Area Network) management. The agement. The new service paradigm, however, IETF standard architecture will be the base of this imposes a new set of architectural requirements, development, but several technical innovations which entails the PBM to be more scalable, more such as architecture scalability and efficient con- reliable, and more flexible in terms of policy de- flict detection will be needed, in response to ployment and enforcement. These developments requirements from telecommunication network are a natural consequence of IP network expan- management. sion, from enterprise networks with a dozen of host computers and routers to end-to-end integrated 3) End-to-end integration of service man- LAN-WAN-LAN networks with hundreds, or even agement thousands of hosts and routers. In 4 to 5 years, true integration of manage- We have been engaged in research to over- ment systems will start addressing service come the architectural limits of the standard PBM, management and application program perfor- by enhancing the original PBM architecture with mance issues, making it possible to solve a few technical improvements. We observed that

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 133 T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

the standard PBM architecture has the following this scalable architecture, a single directory serv- architectural limitations on scalability, due to er in the standard PBM architecture is replaced physical architecture scalability, policy rule com- by a set of hierarchical servers, which maintains plexity, and management knowledge complexity. coherency, eliminating the single point of failure. We at Fujitsu Laboratories of America have stud- The information stored in directory servers is ied techniques to overcome these architectural distributed to a set of policy servers through mul- limitations, for the scalable PBM system for inte- ticast channels. The policy servers operate both grated management of telecom and enterprise as points of policy deployment as well as policy networks. caches between directory servers and network devices, enhancing both PBM performance and 1) Physical architecture scalability fault tolerancy. PBM is a client-server system, where clients are network devices as PEPs (Policy Enforcement 2) Policy rule complexity Point) and servers are policy servers as PDPs (Pol- Although a simple IF-THEN rule is sufficient icy Decision Point). In a generic usage example of for many situations, the complexity of policy rules the standard PBM architecture in enterprise net- can grow rapidly when the number of applications works, there is one policy server in the given and traffic types increases.11) For example, when management domain, and a few dozens of network PBM is used for per user flow provisioning, a pol- devices. The architecture does not scale well for icy rule typically looks like: carrier scale networks with thousands of network devices. Standard techniques such as hierarchi- IF [the user is the department VP] cally distributed directories, policy servers with THEN [give his traffic the highest priority]. policy caching, scalable signaling path by using multicast between policy servers and network A first-cut formula for the number of poli- devices can improve scalability of the PBM archi- cies in a PBM domain is given by: tecture. Figure 6 illustrates a scalable PBM archi- # of policies (P) = tecture augmented with these enhancements. In # of users (U) × # of current applications (C).

Distributed hierarchical directory

Directory LDAP LDAP

Policy server + Cache Event collection LDAP (Multicast) Policy server COPS COPS

Standard PBM architecture Scalable PBM architecture Figure 6 PBM scalability enhancements.

134 FUJITSU Sci. Tech. J.,36, 2,(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

It is not difficult to see that the number of into the design. policies grows very rapidly, when both the num- Protocol independent modeling (PIM) has ber of users and the number of applications been a kind of Holy Grail of telecommunication increase. To keep the complexity of the policy rules network management.7),8) It is rather a natural at a manageable level, policies need to be orga- concept from service provisioning point of view, nized using grouping (aggregation) and layering since there are often many choices of transport (abstraction) principles. For example, by classify- technologies such as ATM, SONET, IP, etc. to sup- ing users into a set of user groups, which may be port the same type of connectivity service. mapped to distinctive DiffServ traffic classes, de- Similarly, there are quite a few of management scription of policy rules can be made simpler. protocols such as SNMP, CMIP, CORBA, etc., Similarly, a set of applications can be grouped to which are dealing with essentially the same kind give an abstract application class, of which policy of management knowledge. Managing service rule dictates the behavior of all the applications provisioning will become simpler, if not easier, in the class. therefore, if we use protocol (technology) independent representation of management knowledge, 3) Management knowledge complexity particularly at service management layer. PIB (Policy Information Base) represents The power of abstraction impacts PIB design management knowledge in the network. When twofold. In the basic IF-THEN syntax of policy TMN layer principle is applied, management rules, abstraction of network/service resources knowledge is organized in such a way that higher allows simplifying the conditional statement of the layer such as SML (Service Management Layer) rule, making the rule itself to be more general and represents service management aspects whereas powerful for versatile network resource environ- lower layer such as NML (Network Management ment. For example, when the rule deals with Layer) represents network control and manage- management condition of QoS at the service lev- ment aspects. As we discussed in 2), complexity el, the rule shall equally apply to various network of policy system is largely dependent on the orga- technologies that guarantees the same QoS to end nization of management knowledge, in particular customers. In a similar manner, abstraction at how the knowledge is represented as PIB. network resources shall contribute to simplify the Classical techniques of modeling techniques action statement of the policy rule, since minor such as aggregation and abstraction are organized differences in network devices are absorbed into into principles of OOAD (Object-Oriented Analy- generic network device model represented by the sis and Design), whose notations and language PIB. mapping conventions are being standardized as Figure 7 illustrates a layered PBM archi- UML (Universal Modeling Language).12) Another tecture, which makes use of protocol independent important principle for modeling is RM-ODP (Ref- modeling and management knowledge structure erence Model of Open Distributed Processing),13) by TMN layers. As it is exemplified by DEN, com- a set of ISO standards that allow description of a bination of the two “P”s, namely policy based system from five distinctive viewpoints. Although management and protocol independent modeling, these technologies offer generic techniques to con- turned out to be powerful as well as natural. With struct models of different levels of behavior and a layered PBM architecture, it becomes possible levels of abstraction, their usage depends on the to handle service provisioning and SLA manage- application domain. When incorporated into PIB ment issues in a more structured manner, design, their usefulness is dictated by how effi- handling multiple application layer protocols for ciently management knowledge is incorporated optimal presentation of management operations.

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 135 T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

priority class. Customer (End user, SOHO, Business user) 6. Active policy and intelligent agent SML (WEB/XML) Policy-based management is likely to be the SLA negotiation SLA Security most expressive statement of the Internet impact (CORBA/PIB-COPS/RMON) NML Monitoring Configuration on the telecommunication management. It is also a positive statement on the value of network in- Service provider (ISP, Network operator) telligence, particularly in the form of management Hierarchical expansion knowledge. Among the three planes of the tele- SML policy rules communication, namely data, control, and NML policy rules management, the management plane is to assume most of network intelligence so as to provide bet- Policy engine (Distributed policy servers) ter customer care and service provisioning for end customers. Subsequently the other two planes had Figure 7 Multi-layered PBM. better be simple and fast to provide very high- speed IP connectivity. In particular, the control In this architecture, service requirements of plane must perform a large volume of connectivi- the customer drive provisioning of service and net- ty provisioning request in real-time through work resources in the service provider, and PBM signaling, thus it usually can not afford much serves as the key execution mechanism to deploy intelligence to handle complex customer data. the service requirements dictated by the SLA (Ser- An intelligent agent is a piece of program- vice Level Agreement) between the customer and ming code that can move around in the network. the service provider. The service terms of SLA, It is expected to behave more intelligently than a which are resulted from negotiation between the piece of data, by adjusting itself to versatile customer and the service provider, can include network environment. Therefore, it does not nec- both SML (Service Management Layer) terms and essarily contribute something drastically different NML (Network Management Layer) terms. from what is achieved by a current network man- For example, conditions on security and bill- agement system (NMS). It should rather be ing terms are considered at SML level, whereas considered a technical concept to be used comple- monitoring and QoS requirements such as band- mentarily in combination with NMS. It is also to width and packet loss rate are considered at NML be noted that intelligent agents and policy-based level. SML terms had better be negotiated using management have a common theme, which is rep- application level representations such as Web and resentation of management knowledge through a XML, whereas NML terms had better be handled set of agents (rules) with rudimentary intelligence. using protocols such as CORBA and COPS. These Active policy14) is a crossover of the two con- SLA terms need to be translated into appropriate cepts, i.e. intelligent agents and policy-based policy rules, so that the policy engine of service management. In particular, when the policy rules provider OSS (Operation Support System) can are written in a protocol independent, platform execute and enforce the prescribed SLA terms. independent language, the policy rule can execute Some SML policy rules such as application-spe- on the client side as an “active” policy, when the cific QoS requirements need to be translated into policy is deployed. Therefore, an active policy can NML policy rules first, so that the requirements be seen as a special case of PBM as well as of are deployed in terms of network resources intelligent agent. We consider the following fea- such as bandwidth and assignment of a proper tures of active policy are most important, giving

136 FUJITSU Sci. Tech. J.,36, 2,(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

extra advantages over regular (non-active) PBM. monitoring between customer and service provid- Improved SLA negotiation: added intelli- er. An active policy, for example, is able to measure gence permitted by active policy should allow more QoE of the end customer with regards to Web serv- intelligent negotiation between the customer and er response. the service provider, improving the SLA negotiation process. For example, this process resembles IF [the Web server response >= 8 sec] personalization at portal services, which addition- THEN [notify it to the Web server operator]. al intelligence at the portal server assists the customer to make better selections in presumably This active policy shown above seems like a shorter time. In a similar token, added intelli- normal policy rule, but it works only when the gence of active policy should help customize policy rule is (actively) downloaded to client equip- service requirements of the customer, assisting the ment, and the notification address of the Web customer to set up his/her own system environ- server operator is dynamically filled when the ment. active policy is initiated. It should be noted also Improved customer self-operation: once that QoE of the end customer can not be measured SLA is negotiated and agreed between the two and reported by any other way. parties, its execution can also be assisted by ac- Figure 9 shows a physical architecture im- tive policy. For example, an active policy can age of QoE monitoring using active policy. Access communicate with a policy server in the service provider, so that it optimizes user profile of the Customer customer and relevant policy rules, improving customer self-operation with less or no assistance from human customer service representatives. Better customer care management: the Active policy: SLA negotiation + QoE monitoring two features above inclusively contribute to bet- SML ter customer care management, as the customer Management NML should find that the network is more responding knowledge base (PIB) to his/her service needs and management require- SNMP/COPS Measurement/Sampling ments. Intimately related to this issue is Service provider monitoring of service perception of the customer, Network devices which is called QoE (Quality of Experience), an essential tool for measuring and improving cus- Figure 8 tomer care. As we illustrate in the following, active Active PBM architecture. policy provides the potential to improve QoE.

Figure 8 illustrates our architectural view Customer Service provider on the active policy. The active policy augments Active policy Policy server the network intelligence of network OSS (Opera- (Agent) IP core tion Support System) by adding more intelligent Access L7 switch switch behavior at service management layer (SML). QoE Management knowledge is represented by PIB, measurement which is constantly updated by periodic measure- Local cache IP core switch ment and sampling from network devices. Operations at SML takes advantage of active pol- Figure 9 icies to support better SLA negotiation and QoE QoE monitoring using active policy.

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 137 T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

L7 switch is able to either switch or to retrieve paper. The authors also thank Dr. Frank McCabe from local cache, depending on the application and Network Agent Research group members at characteristics as Web switches in CDN (Content Fujitsu Laboratories of America, and Dr. David Delivery Networks) use them. An active policy is Blight of Palm Computing for helpful discussions downloaded from a policy server on a host com- and suggestions on intelligent agent systems. puter in the customer domain. Application performance is directly measured as QoE on the References host computer, which is fed back to the access L7 1) G. Gilder: Telecosm: How Infinite Bandwidth switch to control application specific network Revolutionize Our World, Free Press, 2000. flows. 2) A. Moridera, K. Murano, and Y. Mochida: The Network Paradigm of the 21st Century and 7. Conclusion Its Key Technologies. IEEE Communication Policy-based management is likely to serve Magazine, 38, 11, pp.94-98 (Nov. 2000). as a key integration technology for end-to-end IP 3) M. Sloman: Policy Driven Management for management, and also for IP-nized telecommuni- Distributed Systems. Journal Of Network cation network. Though the concept was originally and Systems Management, 2, 4, pp.333-360 motivated by technical developments in the en- (1994). terprise network market, we have examined PBM 4) J. Strassner: Directory Enabled Networks. in this paper, and have concluded that Macmillan Technical Publishing, 1999. PBM is applicable, with several architectural 5) IETF draft: draft-ietf-policy-terminology- enhancements, to the management of new tele- 00.txt, work in progress, July 2000. communication network service environment. We 6) DMTF, CIM schema ver.2.4, Aug. 2000. have also discovered that PBM, despite its histor- http://www.dmtf.org ical context, has key technical concepts rooted deep 7) TINA-C: Resource Information Model ver.4.0, both in the development of IP management and Aug. 2000. that of telecommunication management, confirm- 8) TMF, CaSMIM (Connection and Service Man- ing our belief in PBM that it will continue playing agement Information Modeling) team. an important role as the key technology for man- http://www.tmforum.org aging the new service environment. 9) Internet 2 project home page. Active policy is a relatively new research http://www.internet2.org area, which is to be explored in a coming few years. 10) K. Fukuda et al.: Policy-based Networking It is of particular interest whether and how PBM Service over Heterogeneous Public IP Service and intelligent agent systems are advanced and (DynaServ). Proc. of ICCC’99, Tokyo, June integrated, to offer better service management and 1999. customer care in the new service environment. 11) D. Blight and T. Hamada: Policy-Based Net- working Architecture for QoS Interworking Acknowledgement in IP Management. Proc. of IM’99, Boston, The authors like to thank Mr. Katsuyama, May 1999. Mr. Chugo of Fujitsu Laboratories, Japan, and 12) OMG, UML 2.0 WG draft, available form Mr. Ejiri of Fujitsu Ltd. for their expert http://www.omg.org knowledge and discussions on PBM and telecom- 13) ISO/IEC DIS 10746-1-5: Information technol- munication management. Special thanks go to ogy – Open Distributed Processing Reference Mr. Iseda of Fujitsu Laboratories, Japan, for his Model, 1995. comments and advices on the early drafts of this 14) T. Hamada, D. Blight, and P. Czezowski:

138 FUJITSU Sci. Tech. J.,36, 2,(December 2000) T. Hamada et al.: Policy-based Management for Enterprise and Carrier IP Networking

Active Policies in Knowledge Hyperspace: pp.31-41 (Dec. 1999). Intelligent Agents and Policy-Based http://dpnm.postech.ac.kr/knom/knom- Networking. KNOM-review Journal, 2, 2, review/index.html

Takeo Hamada received B.E. and M.E. Takafumi Chujo joined Fujitsu Labora- degrees in Electrical Engineering both tories Ltd., Kawasaki, Japan in 1978. from the University of Tokyo, Tokyo, He graduated from Kanazawa Univer- Japan in 1984 and 1986, respectively sity, Kanazawa, Japan and from Nagoya and Ph.D. in Computer Science from UC University, Nagoya, Japan with B.E. and San Diego. He joined Fujitsu Labora- M.E. degrees in Electronics Engineer- tories Ltd., Kawasaki, Japan in 1986. ing, respectively. Since he joined He has been with Fujitsu Labs. of Fujitsu, he engaged in broad range of America, Inc. since 1998. His current network systems design, including research interests include network man- SONET/SDH, ATM link system, network agement, service management issues management system for WDM optical in IP networks, and policy-based management. He is a member cross-connect system. He is currently a senior research fellow of IEICE Japan, IEEE, and ACM. at Fujitsu Laboratories Ltd., Japan. He has served regularly as program committee member of several international conferenc- es on network management. His current research interests include optical networking, network management systems, telecommunication OSS, security management, and policy-based management. Peter J. Czezowski joined Fujitsu Labs. of America, Inc. as a Member of the Research Staff in March 1999. He holds a M.Sc. in Electrical Engineering from the University of Manitoba, Canada in 1994, where he is currently a Ph.D. can- didate. His research interests include policy-based network management, agent-based computing, and the Inter- net. He is a member of IEEE.

FUJITSU Sci. Tech. J.,36, 2,(December 2000) 139