In the age of instant communication and information exchange, managing the settings of portable devices may be a significant challenge for individuals and enterprises. Network device settings may be difficult to manage because of the increasing complexity of networks and network devices. In particular, location owners may face the challenge of managing network device settings of mobile devices that enter their locations. For example, cell phones and laptops in a library may be allowed for the benefit of patrons, but left unregulated they may prove a distraction and disturbance to other patrons. However, traditional policy management and administration may be insufficient for allowing the library, or any other location owner or manager, to manage portable computing device usage on their property.
Traditional policy management may include both policy definition and policy enforcement. Policy definition may refer to the tools or techniques that allow administrators to define how a network device may be controlled. The second component of traditional policy management—policy enforcement—may refer to the tools or techniques that enforce policy definitions. The automated nature of policy enforcement may reduce the time and effort an administrator spends monitoring a network or network device.
Administrators may implement traditional policy management through fixed-policy enforcement. To implement fixed-policy enforcement, a network administrator may define a set of fixed policies for a network device. The set of fixed policies does not change, regardless of the location or status of the network device, unless the network administrator makes the policy change. While fixed-policy enforcement may be somewhat effective for a small network with a small number of non-portable network devices, fixed-policy enforcement may not be particularly useful to administrators managing portable network devices.
One policy management technique that attempts to address the limitations of fixed-policy enforcement is Network Location Awareness (NLA). NLA may change policy definitions for a device when the device changes networks. NLA may involve technology that allows a device to detect a network, receive a set of policy definitions for that network, then enforce the policies on the device. For example, a laptop with NLA may include one set of policy definitions that corresponds to a home network and another set of definitions that corresponds to a work network. NLA may provide some flexibility over fixed policy in managing portable-computing network devices, but growth and expansion in network environments and use of portable devices may present challenges that neither fixed policy or NLA may address.
NLA and other traditional network-policy management techniques may have limited capabilities in traditional networks and may be even less effective in attempts to control mobile-computing devices within certain physical locations. For example, NLA may be ineffective where a mobile-computing device may be in multiple physical locations but still connected to a single network (e.g., a municipal or 3G network). Thus, location owners and managers may need more effective tools to control network devices within their locations.