LineSider’s patented OverDrive technology automates common network services simultaneously across large distributed networks using sophisticated business-level policies, which define and control the desired behavior of the network. OverDrive achieves this high level of automation through three primary technology components:
- the Policy Management Portal,
- the Policy Server, and
- Intelligent Software Agents deployed directly on, or remotely to infrastructure devices (routers, switches or converged firewall's) referred to as a Policy Enforcement Point.
Policy Management Portal
The OverDrive Policy Management Portal allows network engineers and administrators to define, control and manage all IP services across the entire networked environment through an easy-to-use graphical interface. The OverDrive Policy Management Portal is a Java-based GUI application designed to run under Microsoft® Windows™ NT, 2000 and XP or any other popular Java supported platforms.
The primary purpose of the portal is to capture the needs of the enterprise in a business-level language as a ‘policy request’. It is this policy request that defines and controls the behavior of the infrastructure as network services are initiated and managed ongoing.
Once a policy request is created and submitted via the portal, it is sent to the Policy Server where it is interpreted and deconstructed into actionable service directives. These directives are ultimately sent down to the deployed software agents in the network to dynamically initiate or change infrastructure services in real-time.
In addition to capturing policy requests, the portal also provides critical feedback on already deployed services, configurations and devices, also in real-time. This feedback offers network administrators the ability to visually see how a deployed network environment is operating.
The Business Policy view allows the network administrator to drill-down into individual policies that are not functioning correctly, further identifying all the individual network services that comprise that particular policy and the current status of each of those services. The administrator can continue to drill-down deeper into any of the specific services and see the status of the actual device(s) that support the service in question.
The Policy Server
The Policy Server is the heart of the OverDrive system and maintains a persisted, real-time model of the deployed network and service infrastructure. The primary function of the Policy Server is to accept policy requests from the portal and translate policy requests into device-level configuration directives that are then disseminated to the appropriate OverDrive agents managing network devices.
The Policy Server’s automation capabilities are extensive and can translate a single policy request into multiple device-level configuration directives. These directives are able to initiate multiple network services on devices across a network simultaneously with no manual intervention required. This is crucial for network engineers and administrators managing large enterprise network environments, where a single policy request could easily generate hundreds of separate device-level configuration updates to establish the routing, VPN and/or VLAN connectivity and firewall access rules across a fully deployed enterprise network.
Without OverDrive, the manual process of updating all the configurations across a deployed network would take days, if not weeks, to accomplish. With OverDrive, this entire process is completed within seconds.
In addition to exponential operational efficiencies afforded by the technology, the original policy request that generated the configuration updates and changes is persisted in the Policy Server repository where it is forever linked to the deployed configuration updates that were implemented.
This persisted linkage between the policy request and the deployed configuration is crucial, as the operational costs of supporting compliance regulations, such as SOX, HIPAA and PCI-DSS, are taking an enormous toll on existing IT budgets and resources.
The persistence maintained by the Policy Server ensures the deployed network environment is always in compliance. Plus, it makes generating audit and compliance reports for a fully deployed network environment as easy as a single keystroke.
The Policy Enforcement Point
The policy enforcement point is an intelligent, bi-directional software agent residing on an OverDrive enabled network device such as routers, switches and converged firewall devices. The software agent maintains a secure communication control plane with the Policy Server from which it accepts incoming configuration directives and provides real-time, asynchronous feedback on the current status of deployed polices and services back to the administrative portal(s).
A key feature of the OverDrive agent is its ability to understand the service capabilities of the underlying device it manages. By relaying the capabilities of the device back to the policy server, administrators are quickly notified through the portals when desired policies or actions cannot be deployed because the device is unable to provide the service or has performance issues that may impact the desired request.
OverDrive enabled devices can be installed directly at the wide-area network edge or behind an enterprise firewall to provide IP-based services, such as Voice over IP (VoIP), or higher level application services further into the enterprise LAN environment.
The method in which the software agent always initiates communication back to the Policy Server allows deployment behind enterprise firewall's without having to compromise security by opening up a firewall port. This feature is critical in order for OverDrive to support and manage large enterprise network that have services running behind multiple layers of firewall security.
All information flows through the OverDrive communications plane between components - including the deployed software agents - are managed by X.509 digital certificates and 128-bit SSL encryption to ensure full end-to-end security.
This fully secure bi-directional communication plane between OverDrive components enables a single policy request, captured in the language of the business through the portal, to be deconstructed by the Policy Server into specific configuration directives sent to the deployed devices while continuous real-time feedback from deployed agents managing the devices are relaying performance and service information back to the Policy Server and administrative portal. |
