Information Technology Reference
In-Depth Information
6.3 Policy Management Tool (PMT)
The PMT provides to the administrator the mechanisms for creating, modifying or
deleting CIM policy documents. It is done by means of a high-level language or a
graphical interface. In our case, we have developed a complete graphical web
application that is accessible from the Policy Console Terminal. It has been
implemented using JavaServer Pages (JSP), JavaBeans and Java Servlets technologies
and it runs over Tomcat web server, which is IPv6-enabled and works well from its
version 5 (previous versions have some problems when dealing with different IPv6
security realms).
Inside the PMT server, authorized network administrator can create, modify,
and/or delete different types of CIM policies, and monitor how network end nodes are
behaving.
Routing policies (in the same manner as IPsec, QoS and multihoming policies)
could be created from the routing templates. The template concept represents a high-
level representation and grouping of predefined policy values so the creation of new
policies is easy.
Other interesting concept is the role. A role represents a logical group of network
nodes that are managed in a similar way. PMT allows the network administrator to
create, edit and/or delete network roles. Moreover allows the assignment of these
roles to the current policies.
Clearly the main objective of PMT is the policies creation. With this objective in
mind, PMT have been implemented by two main components as it is showed in
Figure 5.
Policy GUI
DB Manager
Interface
Label
(JSP )
JavaBeans
Objects
Servlets
Core
Authorization
Manager
XML Policy Validator
JavaBeans
Objects
Servlets
Core
Fig. 5.
PMT components
