Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Mining Policies From Enterprise Network Configuration Theophilus Benson
 

Summary: Mining Policies From Enterprise Network Configuration
Theophilus Benson
, Aditya Akella
and David A. Maltz

University of Wisconsin, Madison and
Microsoft Research
{tbenson,akella}@cs.wisc.edu, dmaltz@microsoft.com
ABSTRACT
Few studies so far have examined the nature of reachability poli-
cies in enterprise networks. A better understanding of reachability
policies could both inform future approaches to network design as
well as current network configuration mechanisms. In this paper, we
introduce the notion of a policy unit, which is an abstract representa-
tion of how the policies implemented in a network apply to different
network hosts. We develop an approach for reverse-engineering a
network's policy units from its router configuration. We apply this
approach to the configurations of five productions networks, includ-
ing three university and two private enterprises. Through our empir-
ical study, we validate that policy units capture useful characteristics

  

Source: Akella, Aditya - Department of Computer Sciences, University of Wisconsin at Madison
Liblit, Ben - Department of Computer Sciences, University of Wisconsin at Madison

 

Collections: Computer Technologies and Information Sciences