whitepaper - network policy control methods and considerations network policy control: methods and...

Download Whitepaper - Network Policy Control Methods and Considerations Network Policy Control: Methods and Considerations

Post on 15-Oct-2019

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Version 2.0

    An Industry Whitepaper

    Contents Executive Summary ................................... 1

    Introduction to Policy Control ...................... 2

    Functional Components ........................... 2

    Identifying Convergent Conditions ........... 3

    Evaluating Business Logic ...................... 3

    Enforcing Policy Actions ....................... 3

    Types of Policy Elements ......................... 3

    Methods and Considerations......................... 4

    Policy Expression ................................... 4

    Identification: Available Conditions ......... 4

    Evaluation: Linking Conditions to Actions .. 5

    Enforcement: Taking Action .................. 8

    Example: Congestion Management .......... 9

    Access Type Dependencies ...................... 10

    Control and Data Plane Synergy ................ 11

    Policy Decision Points ......................... 12

    Other Considerations ............................. 14

    Usability ......................................... 14

    Extensibility ..................................... 14

    Scalability ....................................... 15

    Conclusions ............................................ 16

    Related Resources ................................ 16

    Invitation to Provide Feedback ................. 16

    Executive Summary Network policy control is an indispensable technology for ensuring the efficient and effective delivery of Internet data services. Communications service providers (CSPs) use network policy control to enable a wide variety of solutions across a broad range of functions. With so many factors in play, CSPs have much to consider when determining the best approach to policy management for their network.

    This paper explores how CSPs can benefit from the convergence of compatible features in supporting desired use cases with minimal overhead.

    Network Policy Control: Methods and Considerations

  • Network Policy Control: Methods and Considerations

    2

    Introduction to Policy Control Network policy control is an indispensable technology for ensuring the efficient and effective delivery of Internet data services. Communications service providers (CSPs) use network policy control to enable a wide variety of solutions across a broad range of functions, including:

    • to gain valuable business intelligence for informed decision-making • to create new revenue streams by powering new services • to optimize data delivery for improved efficiency and higher subscriber quality of experience • to protect subscribers and the network from security threats

    Network policy control, and the related (but slightly narrower) concept of policy management, is fundamentally about achieving business objectives by specifying how the network itself behaves in response to an infinitely diverse stream of events and conditions across the data, control, and business/operations support systems (B/OSS) planes.

    More succinctly: network policy control provides the network with the decision-making intelligence and enforcement capabilities to bring business objectives to life. Table 1 shows some straightforward business objectives, and, in plain language, interprets these objectives as instructions for a policy control solution.

    Table 1 – Relating business objectives with policy control ‘instructions’

    Business Objective Policy Control ‘Instructions’

    Understand the end user quality of experience

    For each application type (e.g., video, web browsing, voice-over-IP, gaming, etc.) and overall (i.e., for all traffic), quantitatively measure and clearly present quality of experience scores.

    Prevent subscriber bill shock Measure per-subscriber usage in real time, then trigger a notification (e.g., via SMS, in-browser, etc.) at appropriate thresholds (e.g., 80%, 95%, 100%)

    Implement shared data plans Concurrently measure usage for each user and aggregate the total, while comparing to available family or multi-device quota

    Prevent network congestion Detect network congestion in real time, and trigger precise management to protect high-value applications for the maximum number of subscribers

    Mitigate DDoS attacks Detect, automatically mitigate, and report on Distributed Denial of Service (DDoS) attacks.

    Functional Components A network policy is the technological implementation of a CSP’s desired business objectives for their network. There are three distinct functions in any network management policy:

    1. Identify convergent conditions/events in the network 2. Evaluate business logic to determine the appropriate response behavior 3. Enforce policy actions to achieve the desired result

    These functions are briefly introduced in the next three subsections, and are subsequently explored in greater detail later in this document.

  • Network Policy Control: Methods and Considerations

    3

    Identifying Convergent Conditions There are many conditions occurring within the network (and its supporting systems) that CSPs can incorporate into their overall policy management design in support of a particular business objective.

    Condition examples include:

    • The classification of data plane (i.e., user traffic) protocol and flow characteristics; in other words, what the traffic is

    • The detection of data plane events (i.e., something specific happens) and measurement of its characteristics (e.g., values including volume, counts, duration, etc. and characteristics like resolution, codec, device, browser, user location, etc.)

    • Specific control plane events (e.g., a subscriber connects to the network) and information provided by B/OSS elements (e.g., that subscriber’s plan details)

    Evaluating Business Logic Bridging the gap between conditions-as-inputs and actions-as-outputs is the decision-making logic that translates business objectives into network management policies.

    A solution’s ability to evaluate ‘what to do’ or ‘how to handle’ the rich diversity of control and data plane conditions and events is largely determined by how it expresses policy. That is, how effective a solution is at turning abstract (and, oftentimes, deceptively simple) business objectives and concepts, which are expressed in human language, into instructions for network systems.

    Enforcing Policy Actions Once conditions and events have been evaluated by a policy, actions enforce the desired outcome in support of the overall business objective.

    An action might impact how traffic flows through the network (e.g., traffic steering/redirection , prioritization, etc.), or an action might only exist in the control or B/OSS plane (e.g., as a statistic being written to the database, or decrementing a quota allowance, or noting a change of state).

    Types of Policy Elements At the very highest level, policy elements are hardware and software platforms that host expressed policies and perform one or more of the three functions (e.g., identify, evaluate, enforce) to transform a CSP’s ideas into the reality of desired network operation.

    These elements can be components of the network transport infrastructure, or an industry-defined, standards-based network element, or a vendor product that fulfills a particular use case. Examples include:

    • PCRF (Policy and Charging Rules Function) • PCEF (Policy Charging and Enforcement Function) • TDF (Traffic Detection Function) • OCS (Online Charging System) and OFCS (Offline Charging System) • CMTS (Cable Modem Termination System) • P-GW/PDN-GW (Packet Data Network Gateway) • Specialized solutions that evaluate and/or enforce network policies (stateful firewalls, deep-

    packet inspection appliances, cloud services policy controllers, transparent caches, parental control filters, etc.)

  • Network Policy Control: Methods and Considerations

    4

    Methods and Considerations There are a number of important criteria to consider as part of an overall policy management design or when evaluating potential solutions. The sections and subsections that follow relate each criterion to the identification, evaluation, and/or enforcement components of the network policy control solution.

    Policy Expression The method of policy expression largely determines how a solution evaluates sets of conditions and what it can do in response. This is the real-time ‘thinking’ component of policy management, where human ideas about what to do in a particular situation are expressed in technical terms to achieve the desired outcome. For example, consider Table 2, which shows how the examples introduced in Table 1 can be achieved in terms of linking conditions to actions.

    Table 2 - Relating business objectives with conditions and actions (conditions in bold, actions in italics)

    Business Objective Conditions and Actions

    Understand the end user quality of experience

    Measure network latency and measure video buffering1 and measure video bailouts and measure CDN performance and publish measurements to database

    Prevent subscriber bill shock If subscriber usage is 80% then send notification

    If subscriber usage is 100% then redirect browsing to a captive portal

    Implement shared data plans If subscriber Jeff quota used 50 MB then deduct from Smith family plan

    If subscriber Ann quota used 5 MB then deduct from Smith family plan

    Prevent network congestion If resource is c

Recommended

View more >