1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking...
-
Upload
cecilia-short -
Category
Documents
-
view
220 -
download
0
Transcript of 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking...
![Page 1: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/1.jpg)
1Directories and Policy-Based Networking - Strassner
Directories & Policy-Based Networking
0827_02F8_c1
John StrassnerCisco Systems
![Page 2: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/2.jpg)
2Directories and Policy-Based Networking - Strassner
UsersApplications
Computers...
ConfigurationConfigurationComplexityComplexity
Need for Policy
Application/Application/NetworkNetwork
IntegrationIntegration
Network DevicesNetwork ServicesNetwork Resources
IntelligentNetwork
InconsistentInconsistentPoliciesPolicies
![Page 3: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/3.jpg)
3Directories and Policy-Based Networking - Strassner
Policy-Based Networking
Directory
EnabledDirectory
Enabled
User
Requirements
User
Requirements
Net
wo
rkS
ervi
ces
Net
wo
rkS
ervi
ces
![Page 4: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/4.jpg)
4Directories and Policy-Based Networking - Strassner
What is a Network Policy?
Linkage Between User, Applications, and Network Services
Enterprise Policy
Mobility
FirewallsCampus
• What are my policies?
• Where are my users?
• What are their privileges?
UNIVERSALUNIVERSALPASSPORTPASSPORT
KjkjkjdgdkkjdkjfdkI kdfjkdjIkejkejKkdkdfdKKjkdjdKjkdjfkdKjkdKjdkfjkdj Kjdk
USA
************************
************************
Kdkfldkaloeekjfkjajjakjkjkjkajkjfiejijgkd
kdjfkdkdkdkddfkdjfkdjkdkdkfjdkkdjkfd
kfjdkfjdkjkdjkdjkajkjfdkjfkdjkfjkjajjajdjfla
kjdfkjeiieiefkeieooei
![Page 5: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/5.jpg)
5Directories and Policy-Based Networking - Strassner
Prioritize Applications
QoSPolicyServerQoS
PolicyServer Net Manager
CampusBackbone
TrainingServers
PublicFrame Relay
Order Entry, Order Entry, Finance, Finance,
ManufacturingManufacturing
RemoteCampus
• Create QoS policy» Mission-critical—high
• Distribute policy bindings» QoS Policy Servers
» Network enforcement nodes
![Page 6: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/6.jpg)
6Directories and Policy-Based Networking - Strassner
Restrict Multimedia ApplicationsQoSPolicyServerQoS
PolicyServer Net Manager
CampusBackbone
TrainingServers
PublicFrame Relay
Order Entry, Order Entry, Finance, Finance,
ManufacturingManufacturing
RemoteCampus
• Create QoS policy» Multimedia bandwidth
less than 100 kbps
• RSVP Proxy
• Policy enforcement
![Page 7: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/7.jpg)
7Directories and Policy-Based Networking - Strassner
PSTNISDN
Campus Backbone
AS 5300
Remote Access Policy
Mobile Users
EncryptedEncryptedID/PasswordID/PasswordID/PasswordID/Password
ID/PasswordID/PasswordID/PasswordID/Password
ID/PasswordID/PasswordID/PasswordID/PasswordID/PasswordID/Password
CiscoSecure
Telecommuters
• Authentication, Authorization, Accounting (AAA)
• Centralized administration
![Page 8: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/8.jpg)
8Directories and Policy-Based Networking - Strassner
New Management Paradigm
• New Model for Integrationthe Management Intranet
»WEB Link integration»WEB Data Integration»WEB Task Integration
• Knowledge-Based Operationsfor Assured Network Services
»Local network knowledge»Vendor-augmented knowledge»Change notification
![Page 9: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/9.jpg)
9Directories and Policy-Based Networking - Strassner
</XML>HTTP,
LDAP, etc.
Data Description
TransportEncoding
Access
WBEM Environment
![Page 10: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/10.jpg)
10Directories and Policy-Based Networking - Strassner
The Management Intranet
Heterogeneous Management Servers
Cisco MicrosoftIntel CompaqBMC
CIM/XML CIM/XML
CIMDENXMLMOF
Directory
Device ID
DigitalCertificate
![Page 11: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/11.jpg)
11Directories and Policy-Based Networking - Strassner
OtherVendor
Intelligent Network Management
Device Device Device DeviceService Service Device DeviceService
Helpdesk, Trouble-ticket, Event-Based Middleware
DatabaseAppSystem
ManagementServer DesktopNetwork
OtherVendor
Service
![Page 12: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/12.jpg)
12Directories and Policy-Based Networking - Strassner
Role of Directories
• Common information model
• User profiles, applications, and network services
• Single-user identity
• Integrated policies
Desktop
Application
User
Network
Integration
Directory Directory ServicesServices
![Page 13: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/13.jpg)
13Directories and Policy-Based Networking - Strassner
Multi-Service Profiles
cisco.com Password = cisco vpdn:tunnel-id=cisco-gw vpdn:ip-addresses=1.1.1.2 vpdn:nas-password=12000 vpdn:gw-password=GSR
VoIP Password = cisco vpdn:tunnel-id=voip-gw vpdn:ip-addresses=3.3.2.1 vpdn:nas-password=pin vpdn:gw-password=drop
Games Password = cisco vpdn:tunnel-id=games-gw vpdn:ip-addresses=3.1.3.1 vpdn:nas-password=Space vpdn:gw-password=Invader
Service ProfilesUser Profiles
jdoe Password = letmein Service = Internet Service = cisco.com Service = Games
GroupA Service = Internet Service = coke.com Service = Games
Dashboard
Guest Password=No Password Service = Internet Service = VoIP Service = Games
jdoe
********
Go
Services
Internet
username
password
GamesCisco
![Page 14: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/14.jpg)
14Directories and Policy-Based Networking - Strassner
Scalable Policy Infrastructure
Server
Cache
LDAPLDAP
PolicyEngine
PolicyEngine
Security
Addresses
RADIUS
DNS/DHCPLDAPLDAP
LDAPLDAP
DistributedPolicy Enforcement Intelligent
InfrastructureCentral Policy
Repository
Services and SLAs
User and Devices
Profiles and PoliciesPolicyEngine
QoS
LDAPLDAP
![Page 15: 1 Directories and Policy-Based Networking - Strassner Directories & Policy-Based Networking 0827_02F8_c1 John Strassner Cisco Systems.](https://reader036.fdocuments.in/reader036/viewer/2022062421/56649e055503460f94af1701/html5/thumbnails/15.jpg)
15Directories and Policy-Based Networking - Strassner