Cisco Systems QoS Policy Manager 1.1 and User Registration Tool 1.2 (Beta)
Cisco, the vendor that eats small networking companies for breakfast, has perhaps the greatest challenge in this category. Every system we tested has designs for managing Cisco equipment on its road map. And though Cisco's strengths have never been in network management, it shoulders the burden to develop an integrated solution that surpasses everything the competition offers. So how'd the company do? We feel Cisco ably rises to the occasion. No one knows Cisco better than Cisco, and the company dominates the WAN router market, which is where this technology will do best. Furthermore, Cisco's full-circle story of management, reporting and dynamic feedback seems closer to reality than many rival offerings.

Cisco arrived at our labs with two products: its QoS Policy Manager (QPM) version 1.1 and User Registration Tool (URT) version 1.2. These tools are equal to almost everything the competition does, and offer a spiffy interface that leaves few questions unanswered. We began by testing the QPM software on a network consisting of a Cisco Catalyst 6000 switch, a Cisco 7200 VXR router and a Cisco 1600 router. From the get-go, QPM was very aware of the equipment it was managing. It automatically detected device interfaces and capabilities as we configured the hardware. Although most other vendors could manage some Cisco routers, only Cisco supported the Catalyst 6000 switch.

QPM 1.1 has a magnificent mechanism for defining multiple conditions--this condition matrix supports source and destination IP address; IP subnet mask or group of IP hosts; protocol type (IP, TCP or UDP); application port numbers (UDP and TCP port numbers and ranges); and IP Precedence. Cisco also supports some advanced application tracking through its new NBAR (Network-Based Application Recognition) software, which is only available in the 12.05XE IOS software build. NBAR enables the Cisco router platforms to track deep-packet application information, including stateful inspection of protocols, such as H.323, Real Audio, NetShow and Exchange, that use dynamic port numbers, as well as deep-packet analysis of HTTP URLs.

Cisco handles roles on a per-interface basis. Before defining a policy, you select an interface or group of interfaces from the management console, and define the type of queuing mechanism to employ. Once the appropriate role has been defined, a policy can be applied to that interface. The available policy action choices reflect the state of the interface; that is, if an interface is in priority-queuing mode, some custom weights and shaping may not be available. The user interface provides an intelligent means of discerning which Cisco products support which forwarding characteristics. Available roles for interfaces include priority queuing, custom queuing, WFQ (weighted fair queuing), WRED (weighted random early detection) and class-based WFQ. QPM's actions include coloring a flow with IP Precedence information, limiting a flow to a particular bandwidth, direct prioritization by dumping traffic into a particular queue, traffic shaping (defining an upper bandwidth limit for a particular flow) and custom queuing.

Cisco's URT software ties into the policy-management picture as well. URT is a separate package that serves as Cisco's user-tracking mechanism in Windows NT and NetWare NDS-enabled IP environments. Where QPM applied policies to certain IP flows, URT serves as the VLAN policy-administration agent for a Cisco network. URT uses a combination of client-side and server-side technologies to dynamically track a user at login, assign that user to a VLAN and track that user's location.

One of the best things about the Cisco QPM interface is its capability to show you exact CLI commands that will change the way your router operates. No other product told us what was going on when we applied a policy to the network. Cisco supports CLI for its switches and routers, but a built-in COPS agent will address future multivendor interoperability.

Cisco's vision incorporates an incredible number of tools from the Cisco Management Software umbrella. Already present is the capacity to import topology information from the CWSI (CiscoWorks for Switches Internetworks) management platform. Future integration will bring Cisco's SLAM (Service Level Agreement Management) software and IP management software together. Long term, Cisco aims to build a feedback system so powerful that the network will be able to reprovision itself based on changing network conditions. Future products will use directories as an interface to outside-world data. Cisco has no firm plans to move the policy data to a directory tree. With the number of tools it has available to back up its claims, Cisco is ready to compete.

Cisco QoS Policy Manager 1.1, $9,995; Cisco User Registration Tool 1.2, $9,995, Cisco Systems, (800) 553-6387, (408) 526-4000; fax (408) 526-4100. www.cisco.com/ciscoassure