Network devices commonly employ policy mechanisms to limit certain types of behavior of clients connected to the device. One common policy mechanism is referred to as Quality of Service (“QoS”). QoS allows for the ability to provide different priority levels to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. For example, a required bit rate, delay, jitter, packet dropping probability and/or bit rate error may be guaranteed. When implementing QoS, as packets are sent through a network, typically a network device (e.g., a network switch) monitors packets to inspect for certain types of traffic.
As an example, a QoS policy can be implemented and configured to prevent overuse of a network's bandwidth by file-sharing programs. Consider two clients A and B residing on a network wherein client A negotiates a connection with client B using a file-sharing protocol. During this initial connection, (commonly referred to as a handshake process), both clients A and B use a designated port to exchange packets to initiate and complete the handshake process. Since file-sharing programs commonly use one of a small number of select ports, the QoS policy can be configured to recognize activity of such ports and limit or block packet transmissions from client A to Client B on the identified port accordingly.
As shown above, policy mechanisms provide the ability to limit or block certain classes or types of traffic. Traditional policy mechanisms of this type are statically configured in that they are configured manually (e.g., by an administrator), and will only affect the specific types of traffic that they are programmed to affect.