Policy-based hybrid management architecture for IP-based VPN
نویسندگان
چکیده
Using IP-based Virtual Private Network (IP-VPN) technology, a company can establish its virtual private network over public networks. Recently, IP-VPN emerges as one of main technologies for increasing business competitiveness with reasonable costs. The standards for IP-VPN are currently being developed by Internet Engineering Task Forces (IETF) and others. In this paper, we identify the limitations of current standard of IETF for the global policy management. We propose a new policy-based hybrid management architecture for IP-VPN services which makes a use of a centralized global management server. A global poilcy is classified into a set of levels depending on the administrator’s authority. The procedures for automatically verifying, decorrelating, and resolving the global policies have been designed for the various policy levels by extending mntner class and policy class of Security Policy Specification Language (SPSL). Finally, we have built a prototype of VPN service management system to demonstrate the functionality.
منابع مشابه
A Policy-based Network Management System for IP VPN
Even though IP VPN has practically proven itself to be a cost-effective solution, the lack of centralized network management capabilities of current IP VPN deployment makes the management of growing VPN networks an extremely tedious procedure. This paper proposes to use policy-based network management method to address this challenge. Firstly, a policy-based IP VPN management architecture is pr...
متن کاملRule-Driven Mobile Intelligent Agents for Real-Time Configuration of IP Networks
Even though intelligent agent has proven itself to be a promising branch of artificial intelligence (AI), its mobility capacity has yet been paid enough attention to match the pervasive trend of networks. This paper proposes to inject intelligence into mobile agent of current literature by introducing ruledriven mobile agent so as to maintain both intelligence and mobility of current agent. Par...
متن کاملA policy information model for RFC2547-Like IP VPNs
This article presents a Policy Information Model for RFC2547-like IP VPNs. Policy Information Models are the key component of Policy-based Management. They describe a set of service specific policy conditions or policy actions, that are used to formulate the policy rules that formalize the managed service in the network. In this article, the principles of Policy-based Management are reminded, a...
متن کاملMulti-domain architecture for policy management inumts ip multimedia subsystem
The Universal Mobile Telecommunications System (UMTS) offers IP based multimedia applications and services with end-to-end Quality of Service (QoS) guarantee. The key component providing these services is the IP Multimedia Subsystem (IMS) that uses Service-Based Local Policy (SBLP) management for QoS control. To support end-to-end QoS, the UMTS IMS network should be scalable, reliable and flexi...
متن کاملCasual Virtual Private Networks
Virtual Private Networks (VPNs) provide a cost-effective way for securing communications using public and insecure networks like the Internet. The main purpose of a VPN is to securely and transparently connect two or more remote networks to form virtually a single network, using centralized security policies for better management and protection. However, in certain scenarios, users may not requ...
متن کامل