Implementing Directory Enabled Networks Using Windows 2000 Technology

	Read Document Microsoft Word Version DENuse.doc 267 KB Word 2000 file 2 min @ 28.8 kbps Office File Viewers Download Compressed Word Document DENuse.exe 88 KB executable file 1 min @ 28.8 kbps Office File Viewers

Introduction

Directory enabled networks (DEN) integrate directory services with the network infrastructure in ways that can reduce the total cost of ownership of the network. This document provides a framework for building directory enabled networks integrated with Active Directory^TM, the directory service included in the Microsoft® Windows® 2000 operating system. Network equipment vendors, network management software developers, and service providers can use the information in this white paper when developing network applications specifically designed for a Windows 2000 environment.

Directory enabled networks (DEN) refers to the industry initiative, sponsored by the Distributed Management Task Force (DMTF), to develop a standard information model for representing network elements and services in a directory that both stores the network state and exposes the network information. Vendors can use this information model to build interoperable network applications and services according to a consistent set of policies.

Through such integration of the directory service and the network, the directory service takes on a new role. It not only acts as a repository for information about users and computing resources (such as servers or printers), but also is extended to include information about network devices, services, and applications. More significant, the directory includes information about the relationships among all the elements in the directory. In this expanded view of directory services, users along with computing and network resources use the directory service to publish information about themselves and to discover other resources and obtain information about them. Once information about users, network elements, and services is available in a single location, it is possible to manage the network based on policies.

Directory enabled networks resonate with the enterprise market because they let network managers replace the device-by-device management model with a more holistic approach to managing network resources so they don’t have to manually configure various network devices.

Enterprises also look to directory enabled networks to help them deploy quality of service (QoS) across networks to allocate resources, such as bandwidth, to applications. Network administrators use QoS to guarantee that critical applications receive high quality service, without being affected by other resource hungry applications such as streaming media. However, QoS implementation is often unwieldy, requiring manual configuration of hundreds of routers and switches, making the process error-prone and driving up the cost of network administration. Using directory enabled network management, QoS can be deployed from a central management console that creates policies in directories and automatically distributes configurations to network devices, operating systems, and applications. Furthermore, based on policy, critical, time-sensitive, or confidential information can be directed to special routes that are set aside to handle this type of traffic.

Overall, automatic configuration and troubleshooting devices can save expensive network engineering time, allowing IT managers to concentrate on adding greater value with other efforts.

Note: Directory enabled networks is the comprehensive term that includes all the technologies necessary to make directory-based control of networks a reality. The term is often used interchangeably with policy-based network management.

This document provides a framework for building directory enabled networks that integrate with Active Directory^TM, the directory service included in the Microsoft® Windows® 2000 operating system. This framework can serve as a basis for network equipment vendors, network management software developers, and service providers to develop components specifically designed for distributed networking in a Windows 2000 environment. The purpose of this document is to provide the reader with the following information:

• Introduce the background and technology behind directory enabled networks.
• Identify the ways that directory enabled networks ease network administration in the areas of infrastructure management and network service provisioning.
• Identify the key components of a policy based networking architecture, how Windows 2000 can be used to enhance these components, and how to provide for any missing functionality.
• Present a roadmap for integrating with Active Directory and creating a directory enabled networking product strategy using the Windows 2000 platform.

This document is not intended to be a tutorial on DEN, the DMTF’s Common Information Model (CIM), the Lightweight Directory Access Protocol (LDAP), Active Directory, or any of the related Windows 2000 technology components discussed in this document. Pointers to more detailed documentation are included in this document wherever appropriate.

Note: Please see Active Directory: A Platform for Directory-enabled Networking for an important supplement to this white paper, including information on how the next release of Active Directory will benefit DEN.