Decoupling policy from configuration in campus and enterprise networks

TitleDecoupling policy from configuration in campus and enterprise networks
Publication TypeConference Papers
Year of Publication2010
AuthorsFeamster N, Nayak A, Kim H, Clark R, Mundada Y, Ramachandran A, bin Tariq M
Conference NameLocal and Metropolitan Area Networks (LANMAN), 2010 17th IEEE Workshop on
Date Published2010/05//
KeywordsAccess control, Business communication, campus network, decoupling policy, enterprise network management tasks, enterprise network operator, information flow control, software defined network, software radio, telecommunication network management, telecommunication security

This paper surveys our ongoing work on the use of software-defined networking to simplify two acute policy problems in campus and enterprise network operations: access control and information flow control. We describe how the current coupling of high-level policy with low-level configuration makes these problems challenging today. We describe the specific policy problems faced by campus and enterprise network operators; illustrate our approach, which leverages recent trends in separating the network's #x201C;control plane #x201D; from the data plane; and show how this approach can be applied to simplify these two enterprise network management tasks. We also describe our ongoing deployment efforts to build a campus network testbed where trial designs can be deployed and evaluated. We close with a summary of current and future research challenges for solving challenges within enterprise networks within the context of this new paradigm.