VPN-specific AA services are enabled using operator defined partitions of an AA Group into AA policy partitions, typically with one partition for each VPN-specific AA service. The partition allows VPN specific custom protocols/application/application group definition, VPN specific policy definition and VPN specific reporting (some VPNs with volume-only reports, while others with volume and performance reports). Each partition’s policy can be again divided into multiple application QoS policies using ASOs.
The use of ISA groups and partitions also improves scaling of policies, as needed with VPN-specific AA policies.
If partitions are not defined, all of the AA group acts as a single partition. When partitions are configured, application identification, policy and statistics configuration applies only to the specific partition and not any other partitions configured under the same AA group.
The definition of application profiles (and related ASO characteristics/values) are within the context of a specific partition (however, application profiles names must have node-wide uniqueness).
The definition of applications, application groups and AQP are also specific to a partition. This allows:
the definition of unique applications and app-groups per partition
the definition of AQP policy per partition
the definition of common applications and app-groups per partition with per partition processing and accounting
Partitions also enable accounting/reporting customization for every AA subscriber associated with a partition, for example:
the ability to define different types of reporting/accounting policies for different partitions in a single AA group, such as uniquely defining which application, protocols, app groups are being reported on for every AA subscriber that uses a given partition.
AA group level protocol statistics with partition visibility (for example, protocol counts reported for each partition of the group separately)
The system provides independent editing and committing of each partition config (separate begin/commit/abort commands).
Policer templates allow group-wide policing, and can be referenced by partition policies.