Tightening Traffic Control

College's network manager uses Allot's NetEnforcer to regulate campus bandwidth use.

Think back to your college dining hall and recall the 300-pound football player who paid the same board you paid but consumed three times the food. When it comes to bandwidth consumption, college campuses—and enterprises everywhere—can allocate resources much more fairly.

At Swarthmore College, in Swarthmore, Pa., students use the Internet to research term papers, but, left to their own devices, students are likely to use far more bandwidth for entertainment-oriented, peer-to-peer applications. "Literally, 80 percent of our traffic was Napster," said Mark Dumic, manager of networking, systems and telecommunications, about the colleges network in the fall of 2000. "The answer was not to keep buying more bandwidth."

With some 800 faculty and staff members and 1,500 students—98 percent with computers in their dorm rooms—it was a relatively small group at Swarthmore causing network congestion, Dumic said.

Swarthmore had been monitoring network activity with a system that collected 5-minute samples of traffic and provided a 24-hour overview, but the system did not allow limits on each students usage by application. A year and a half ago, Dumic installed a policy-based networking system from Allot Communications Ltd. called NetEnforcer. With NetEnforcer, he can make sure students who need access to the Web for scholarly purposes are not denied access because of congestion caused by P2P users.

Last month, Allot upgraded NetEnforcer with new application recognition capabilities, including content inspection for monitoring, classification and traffic shaping. The upgraded version lets network managers classify HTTP by content type and inspect multimedia content. It can also classify P2P protocols, including AudioGalaxy, Kazaa and Morpheus, which is the most popular P2P application at Swarthmore today.

With NetEnforcer, Dumic assigns each student a virtual channel. All P2P traffic is limited to 2M bps incoming and 4M bps outgoing. Non-P2P users get a minimum of 128K bps and, when available, 1,024K bps incoming and 512K bps outgoing.

"One place that Allot distinguishes itself from the competition is in the number of virtual channels you make available on NetEnforcer," Dumic said.

The system delivers a fair allocation of resources without the need for content or application censorship. "I dont want to be a cyber-cop," Dumic said. "This is an academic institution. Generally, freedom is considered a pretty good thing around here."

Allot, of Eden Prairie, Minn., offers policy-driven network management tools to enterprises and service providers. A virtual bandwidth monitoring module allows ISPs to let subscribers see their own bandwidth use via the Web and enables service providers to offer service-level agreement auditing.

Allot last month released updated NetPolicy software, which is a quality-of-service management offering. The update lets network managers monitor bandwidth without investing in additional networking gear and create high-level graphic and tabular reports.