CrossNodes Product Briefing: Policy Management

by Dayna Delmonico

Policy Management software has promised a great deal, but what do the vendors actually offer for the money?

If you've had to research policy management offerings you have rapidly come to the conclusion that there are plenty of products, but a clear definition of "policy management" as it pertains to products is sorely lacking.

Deciding what policy management product is right for your company is daunting. First, this is a relatively new class of software. Second, "policy management" can refer to security, VPNs, network traffic, network QoS (quality of service) and/or LANs -- therefore communications, network/systems management and security vendors all have products. So don't look for consistent feature sets.

At the low-end, policy management products are templates designed to help managers define and publish policies usually on their intranet. As for the products included in this guide, some configure network devices remotely to simplify implementation and maintenance of policies. Some are products that enforce system checks and security policy. Others are part of network or systems management suites and try to integrate all policy features. Because products are so varied, we added brief vendor product descriptions to each of the products we've included in this guide.

Some descriptions note that the product supports or is COPS (Common Open Policy Service) compliant. This is a standard for exchanging policy information in a network. It permits switches and routers to reserve bandwidth based on a policy that stipulates group or individual user priority.

For more on the basics of policy management read the companion CrossNodes Briefing on Policy Management by Gerry Williams, and try these keywords:

  • policy management
  • systems management
  • network management
  • system security
  • quality of service
  • QoS
  • policy server
  • COPS

Vendor:  Allot Communications
Product: NetPolicy
NOS:     Windows NT 4.0
Description: Policy-based system that allows the defining of 
   policies that automatically effect change on specific equipment 
   in the network environment. Manages, controls and monitors traffic 
   enforcement devices and enables QoS settings in Cisco routers. 
   Supports Allot, Cisco and RADGUARD devices.
Web Product Information: www.allot.com/html/products_netpolicy.shtm

Vendor:  CheckPoint Software Technologies Ltd.
Product: Visual Policy Editor
NOS:     Windows platform
Description: A security policy visualization tool that provides 
  a detailed, graphical map of an organization's security deployment. 
Web Product Information: www.checkpoint.com/products/vpe.html

Vendor:  Cisco Systems
Product: CiscoWorks2000 QoS Policy Manager
NOS:     Windows NT with Service Pack 5 or higher; 
         Windows 2000 with Service Pack 1
Description:  Provides end-to-end quality of service (QoS) for converged networks. 
   Delivers differentiated services across network infrastructures with converged 
   voice, video, and data applications, using Cisco IOS. and 
   Catalyst. OS Software 
   with built-in QoS mechanisms in LAN and WAN switching and routing equipment.
Web Product Information: www.cisco.com/warp/public/cc/pd/wr2k/qoppmn/index.shtml

Vendor:  Enterasys Networks 
Product: NetSight Policy Manager
NOS:     Windows NT/98/2000; Solaris 2.6, 2.7, 2.8
Description: Role-based administration modeling. Provides a graphical 
   view of the whole enterprise, not only individual devices. Instead 
   of viewing and configuring each switch, router or other network device 
   individually to achieve a common goal for the network, the network is 
   configured as a single system. 
Web Product Information: www.enterasys.com/products/items/NETSIGHT-PM/

Vendor:  IP Highway
Product: PerformancePro
NOS:     Windows NT 4.0 and Service Pack 4 or higher; Windows 2000
Description:  3-tier, distributed, software solution. Components include a 
   Management Console, Policy Administrator and Policy Server. Supports 
   Cisco, Nortel, COPS complaint and devices supported by IPHighway device driver.
Web Product Information:  www.policymanagement.com/

Vendor:  Nortel Networks
Product: Access Policy Manager
NOS:     Windows NT 4.0, HP-UX 10.20, Solaris 2.6
Description: Provides secure application access through role-based policy 
   management.  A software suite that manages access to distributed web-based 
Web Product Information: 

Product: Optivity Policy Services
NOS:     Windows NT 4.0, Solaris 2.5, 2.6
Description: Provides a system-level management framework for policy management. 
   Allows Quality of Service (QoS) to be configured on a system-wide level 
   rather than a per-device basis. 
Web Product Information: 

Vendor:  Packeteer Inc.
Product: PolicyCenter
NOS:     Windows NT V4.0 with Service Pack 6 or higher
Description: Centralized policy management and operating system software for 
   Packeteer bandwidth management devices running PacketWise 5.0. Centralizes 
   performance information and propagates configuration changes to large numbers 
   of Packeteer appliances.
Web Product Information: www.packeteer.com/products/cntlMgmt/index.cfm

Vendor:  Tivoli Systems
Product: SecureWay Policy Director
NOS:     AIX, Solaris, Windows NT 4.0, Windows 2000, HP-UX 11.0
Description: Provides role-based policy management. A secure policy-based 
   authorization solution for e-business and legacy applications. 
Web Product Information: 
This article was originally published on Monday Aug 20th 2001