The Cisco method is outlined below. However, you might also want to check out the NetEqualizer video filmed in front of the IT staffs at Eastern Michigan and Western Michigan Universities for a perspective on a simple alternate philosophy.
There is quite a bit of history with traffic classification in the higher-ed market, so you can research some of the pros and cons of Layer 7 shaping before investing. You might also find some of these higher ed testimonials on the NetEqualizer worth reading.
The following was pulled from Cisco marketing material specific to their bandwidth control solution for educational networks:
A fundamental requirement of any bandwidth control solution is the ability to apply QoS mechanisms. These mechanisms control the bandwidth of specific users and prioritize traffic to help ensure appropriate handling of delay-sensitive applications. QoS capabilities are essential for carrying delay-sensitive IP voice and video traffic over an institution’s ISP link, as well as for rate limiting recreational P2P traffic.
The Cisco SCE uses three levels of QoS:
Hierarchical bandwidth control: The Cisco SCE supports granular bandwidth control by allocating part of a link’s bandwidth for groups of specific application flows. Academic IT departments can define these groups according to categories such as “all P2P traffic,” “browsing and streaming traffic,” “all traffic flowing off net,” and so on. In addition, colleges and universities can use the Cisco SCE to enforce minimum and maximum bandwidth limits and priorities for the total traffic that is produced by a given user, as well as for the specific applications (browsing, gaming, and so on) in which the user engages. These advanced mechanisms are used in a tiered fashion.
Differentiated Services (DiffServ) queuing: Internet applications use DiffServ to help ensure that packets from delay-sensitive applications are prioritized over other packets. The Cisco SCE includes DiffServ-compliant transmit queues using “Best Effort Forwarding,” four levels of “Assured Forwarding,” and “Expedited Forwarding” for delay-sensitive applications.
DiffServ marking: The Cisco SCE’s advanced classification capabilities can also be used for marking the IP type of service (ToS)/DiffServ codepoint (DSCP) byte of the associated traffic. Each flow or group of flows can be marked with a relevant DiffServ value based on the application or service. The next-hop Layer 3 device, such as a switch or router, then uses this marking to carry the delay-sensitive traffic appropriately. As a result, the Cisco SCE, crucial to the Cisco Bandwidth Control Solution, can serve as the ideal network element for classifying and marking application traffic for other DiffServ-enabled network elements.
NetEqualizer News Blog 