October 1999

UNIFIED MANAGEMENT
How It Applies To Converging (And Converged) Networks

BY TONY RYBCZYNSKI

Network-enabled applications. Reaching beyond enterprise desktops, they traverse public wireline and wireless networks, conjoining telecommuters, road warriors, suppliers, partners, and customers. They represent the very basis of the emerging digital global economy. They are critical to business success.

But how do we prepare for network-enabled applications? Deploy them? Maintain them?

A diverse set of challenges, to be sure. However, it is possible to stage a response that is at least as comprehensive as the challenges are diverse. What?s necessary is to evolve network management. Ideally, network management should encompass both the process of convergence as well as the consequences of convergence. It should, moreover, impose some sense of coherence over far-flung and ever-mutable networks. It should, ultimately, promote a unified approach. Hence, the concept of unified management.

MANIFESTATIONS OF CONVERGENCE
Responding to business requirements for “human touch” interactions, and enabled by IP telephony technology, network-enabled applications increasingly incorporate telephony and data (and, in some cases, video) components. An example or two may help here. Consumer-to-business e-commerce applications are moving from self-serve Web sites and call centers to fully transactional and collaborative customer contact centers integrated with enterprise resource planning and supply chain management applications. Business-to-business e-commerce applications (today dominated by EDI) are also moving to leverage these developments.

Convergence at the application level and continued pressures for managing total-life-cycle networking costs are driving unification of the networking infrastructure towards a highly reliable, high-performance network utility, ultimately around IP. For example, many enterprises have already converged their voice and data networks in the WAN as a means of achieving much greater price/performance and networking agility, with solid economic justification in the form of 6 to 18 month paybacks. At the same time, enterprises are developing secure Internet access architectures to fully leverage Internet remote access and virtual private network (VPN) capabilities.

RESPONSES TO CONVERGENCE
As convergence proceeds at a pace dictated by business priorities, demands on the IT manager increase. Managing the process of converging network infrastructures and managing the resultant converged networks require simple, pragmatic, and comprehensive unified management solutions.

These unified management systems must meet three fundamental needs.

1. Network management: Tools to ensure that the end-to-end network reliability, performance, and cost are optimized on an on-going basis across data and telephony environments.
2. Policy management: Tools to ensure that the security and performance needs of every business-critical application are met, consistent with the policies of the enterprise.
3. Service management: Tools to ensure that individual users and user communities receive the appropriate/committed levels of service for their networked applications.

REALITY CHECK
Management systems deployed in enterprise networks range in sophistication. Can we take it for granted that these systems, particularly the less sophisticated ones, will prove adequate in a converging (or converged) environment?

Ill-Defined Service Levels
In telephony, high service levels are practically a given. And high service levels are by no means unknown in the realm of computing. For example, in the world of IBM mainframe applications, high service levels were achieved through tight engineering of network and processing resources, and by leveraging the attributes of SNA protocols (that is, IBM’s System Network Architecture). In contrast, service management is not a part of the vast majority of IP networks.

Desultory Policy Enforcement
Policy management generally isn’t a distinct management discipline, although enterprises often enforce a range of written and unwritten policies. These may be enforced by separate networks and integrated into applications. Also, enterprises may build firewalls between networks (including to the Internet).

Disparate Directories, Networks, And Management Systems
Moves and changes are complex and time-consuming, especially considering that the average large enterprise has employee information distributed across 10 to 20 directories, probably representing 10 percent of the corporate directories being managed.

Disparate directories, as complicating factors, are often accompanied by multiple networks, which may be managed through multiple sites, or through multiple WAN and telephony management systems. At the network management level, managing costs and growth, and detecting, locating, and resolving problems are all major challenges. Adding to this are flat budgets and the fact that skilled operational personnel are hard to attract and retain.

A BETTER WAY?
Unified management, in conjunction with convergence strategies in the networking infrastructure, is the light at the end of the tunnel that can enhance the networking environment and allow corporate resources to focus on rapid deployment of a broad range of business-driven applications. This is a very broad topic, so let’s highlight some really interesting areas in the unified management space.

MANAGING THE NETWORK ITSELF COMES FIRST
Network management encompasses configuration, fault, performance, and security management, and includes capabilities that can significantly enhance network reliability as perceived by users. Let’s look at three specific areas within this broad topic to understand the opportunities and challenges of unification.

Moves And Changes
Some interesting opportunities exist to greatly simplify moves and changes for users in a unified networking environment based on IP. In today’s environment, coordinating movement of an employee’s PC and a telephone is an administratively intensive and error-prone activity. In a pure IP environment, each device has a burnt-in Ethernet MAC (media access control) address.

If we create a database describing the mapping between employees and the MAC addresses of their devices, and if we use an IP assignment protocol called the Dynamic Host Configuration Protocol (DHCP), we may enable plug-and-play operation. When coupled with policy management, this approach provides a very flexible environment. In such an environment, moves and changes, so common in today’s ever-changing organizational environment, may become a non-issue.

Provisioning Bandwidth
Today’s IP networks are “bulk engineered,” treating all traffic on an equal footing, leading to over-provisioning of bandwidth. The convergence of telephony traffic onto IP networks and the growing need to differentiate among different data applications creates a situation in which multiple classes of services must be supported.

However, once these different service classes exist, we have an opportunity to actually provision less bandwidth. We may do so by ensuring that higher priority traffic, typically representing less than 30 percent of the traffic, is adequately supported, while treating lower priority traffic as a background task. Unified planning tools based on historical and projected traffic loads and patterns ensure that appropriate network resources are in place to address normal and failure conditions.

Broadening Skill Sets
At the operations level, it is important to promote organizational unification and skills cross-training between telecom and data personnel. It is also necessary to develop and observe more rigorous and more formal procedures. Otherwise, making sound, business-driven procedures becomes more difficult.

Adequate training and detailed procedures can ease the deployment of new software releases in the network. They may, for example, facilitate the design and execution of backout plans, test plans, and maintenance windows.

More sophisticated operational environments are necessary because IP networks have evolved. At one time, LANs and PCs carried with them procedures such as pressing the restart button to restore stability. Such procedures are unacceptable in telephony environments. However, better procedures may result if we promote terminology convergence and translation between the telephony and data staff.

POLICY MANAGEMENT FOR APPLICATION-OPTIMIZED NETWORKING
Providing preferential treatment for certain applications and users is a key requirement for IP telephony. In next-generation campus infrastructures, this requirement is being met through the addition of switch- and network-level QoS and security capabilities, within an environment structured by policy management.
Policy management defines network-wide control mechanisms that ensure that the “right” applications and end users have access to network resources. Policy management is an implementation of a set of rules or policies that dictate the access and use of resources on a per user application, or company basis to meet established business objectives.

It is essentially focused on providing end-to-end QoS (bandwidth, latency, priority) and security (authentication, authorization, auditing). Policy-enabled networking ensures that applications such as voice, e-commerce, supply chain management, and Web access are given the appropriate treatment. It also ensures that the highest availability (even under failure conditions) is provided to business-critical applications; it simplifies operations by providing a unified directory environment; and it generally lowers the total cost of ownership by making the best use of available bandwidth.

Logical directory unification through the use of protocols such as the industry standard Lightweight Directory Access Protocol (LDAP) is a key enabler to implementing an end user oriented configuration and policy management environment. However, it is not a prerequisite to implementing policy management systems that apply at the application level (for example, uniformly classifying all IP telephony traffic at a higher level or all incidental Web access at a lower level).

DELIVERING AND MANAGING CLIENT SERVICE LEVEL
AGREEMENTS
Finally, service management provides tools to ensure satisfactory application performance from an end user perspective. More specifically, service management is a set of client and management capabilities that allow the IT manager to proactively track the performance of the network from the end user application perspective.

To encourage the tracking of latency and trunk utilization performance and loss rates from an application perspective, we may need to cultivate a better appreciation of service level management. Service level management should be thought of as a set of tools that supports not only telephony but also business-critical applications such as engineering resource planning, supply chain management, and e-commerce.

Managing service level agreements from carriers is a key area that will be addressed through service level management. However, this function will most likely be performed at an aggregate application level, rather than on a per user basis.

WHERE TO FROM HERE?
Vendors are rolling out simple, pragmatic, and comprehensive management solutions as part of their convergence strategies. Generally, these solutions will begin addressing management requirements at the infrastructure level, and then progressively at the application and end user levels, the latter through directories populated with service profiles.

Tony Rybczynski is director of strategic marketing and technologies for Nortel Networks’ Enterprise Solutions unit. This business unit offers a full range of enterprise terminal, workgroup, campus, and wide-area unified networks and applications, through direct and indirect channels. For more information, visit the company’s Web site at www.nortelnetworks.com.

• Management of the infrastructure as a system.
• Delivery of pragmatic directory-based policy management.
• Monitoring and enforcement of application service levels.
• Operational simplicity.