Policy-based Virtual Networking

Abstract:Today, businesses need to connect multiple layers ofpeople and electronic resources virtually, yet securely. This could includeemployees, suppliers, customers and partners across multiple networks.Traditionally, this is accomplished with gateways, provisioning policies on firewalls and filters added to the physical infrastructure, which is very complex and difficult to do and does not scale well.

Enter virtualnetworks, software networks, created with virtual network drivers in computersand a coordinating directory server. Hence, users and systems are associated together into overlays of virtual communities. To secure a virtual community,the server act as a security policy manager and trust center as well. When a computer joins a virtual network, it receives the policies. Policies areenforced by both communicating computers whenever any two computers communicate with each other in the same virtual network. Since virtual networks are created with software, unlike physical networks, they are easy to set up, modify,operate and tear down.

Policies associated with a virtual network are notlimited to security policies. Quality of service policies or specificapplication policies can be applied as well. Hence, policy-based virtualnetworks can offer a new flexible platform for value added network services. Through the creation of virtual network overlays, a service provider cancustomize the services for its customers with unprecedented ease.

Bycombining NAT and firewall traversal techniques, the scope of a virtual networkcan transcend the physical network and enterprise boundaries. The result issimple secure connectivity without boundaries. This paradigm has been applied to build a platform for Secure Virtual Network services, which is now startingto be deployed by carriers worldwide. As businesses collaboration becomes morecritical to success, policy-based Virtual Networks will become a critical part of the network fabric.

Bio:Hasan founded IP Dynamics in 1999 and drives the longtermstrategy and vision for IP Dynamics' products and technology. He isa widely recognized and well-published expert in the areas of networking,distributed computing and the Internet and is the author of IP Dynamics’core technology patents. Prior to forming IP Dynamics, Hasan foundedand ran a successful R&D consulting firm focused on networkingtechnologies. Between 1981 and 1998, he was a professor of ComputerEngineering at Santa Clara University where he also served as Director ofthe Distributed Computing Research Lab and headed the Ph.D. program inComputer Engineering. Hasan holds a Ph.D. from the University ofCalifornia, Santa Barbara in Electrical and Computer Engineering, an M.S.and B.S. degrees in Electrical Engineering from the Illinois Institute ofTechnology and the University of Baghdad, respectively.