Application Visibility and Control (AVC) Overview

© 2012 Cisco and/or its affiliates. All rights reserved. 1

Application Visibility and Control Overview

Jean-Marc Barozet ([email protected]) Technical Leader

November 2012

Network Operating Systems Technology Group


Proliferation of Devices

Users/ Machines

VDI | IaaS

Private Cloud

Public/Hybrid Cloud

SaaS/IaaS

NETWORK THE

Storage

Database

Drastic Change in Application Type, Delivery, and Consumption

60% of IT professional cites performance as key challenge for cloud

How applications are Delivered and Consumed Type of Applications


Application complexity increases

Identify growing applications using more than just port

number

Cloud and Virtualization centralize application

delivery

Understand application performance from end users

perspective

Multiple entities involved in delivering

applications

Problem isolation to minimize downtime and business

impact


Use QoS or PfR to control application network usage to

improve application performance

ASR1K

ISR G2

Control

High

Med

Low

Advanced reporting tool aggregates

and reports application

performance

App Visibility & User Experience Report

Management Tool

ISR G2 & ASR collect application

performance metrics, and export to management tool

ASR1K

ISR G2

Reporting Tool Perf. Collection & Exporting

Reporting Tools

NFv9/IPFIX

3

App BW Transaction Time

…

SAP 3M 150 ms …Sharepoint 10M 500 ms …

Identify applications using L3 to L7

information

ASR1K

ISR G2

Application Recognition


•  NBAR2 QoS

•  PfR

ASR1K

ISR G2

Control

High

Med

Low

•  Cisco Prime Infrastructure

•  Cisco Insight •  3rd Party Tools


Management Tool

•  FNF •  ART •  MMON

ASR1K

ISR G2


Reporting Tools

NFv9/IPFIX

3


…

SAP 3M 150 ms …Sharepoint 10M 500 ms …

•  NBAR2

ASR1K

ISR G2

Application Recognition


Deep Packet Inspection engine (NBAR2) identifies applications using

L7 signatures

ASR1K

ISR G2

Application Classification

AGENDA


HTTP

FTP

SMTP

POP3

IMAP

HTTPS

Are these applications?

Or just ports?

80

20/21

25

110

143

443

What about these?


•  NBAR2 is a complete rebuild and the next generation in classification engine development New DPI component which provide Advanced Application Classification and Field Extraction Capabilities taken from SCE

•  NBAR2 is adopted as a Cisco cross platform protocol classification mechanism •  Backward compatibility to preserve existing NBAR investments •  In-service field upgradable Protocol Definition – no IOS upgrade required •  NBAR application library:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6558/ps6616/product_bulletin_c25-627831.html

NBAR2

IOS NBAR +150 Signatures

SCE Classification +1000 Signatures

Advanced Classification Techniques

Innovations

Native IPv6 Classification Open API 3rd Party Integration..

Supports ~1400 protocols and sub-

classification


Categorization of protocols into meaningful terms simplifies config and report aggregation

NBAR2 Category NBAR2 Sub-category NBAR2 Application Group P2P Technology Encrypted Tunnel

browsing authentication-services apple-talk-group skype-group n n n business-and-productivity-tools backup-systems banyan-group smtp-group y y y email client-server bittorrent-group snmp-group unassigned unassigned unassigned file-sharing commercial-media-distribution corba-group sqlsvr-group gaming control-and-signaling edonkey-emule-group stun-group industrial-protocols database fasttrack-group telepresence-group instant-messaging epayement flash-group tftp-group internet-privacy file-sharing fring-group vmware-group layer2-non-ip inter-process-rpc ftp-group vnc-group layer3-over-ip internet-privacy gnutella-group wap-group location-based-services license-manager gtalk-group webex-group net-admin naming-services icq-group windows-live-messanger-group newsgroup network-management imap-group xns-xerox-group obsolete network-protocol ipsec-group yahoo-messenger-group other other irc-group trojan p2p-file-transfer kerberos-group voice-and-video p2p-networking ldap-group

remote-access-terminal netbios-group rich-media-http-content nntp-group routing-protocol npmp-group storage other streaming p2p-file-transfer terminal pop3-group tunneling-protocols prm-group voice-video-chat-collaboration skinny-group


•  Ability to extract certain fields out of protocol

Protocol Fields Length FNF Configuration Syntax HTTP URL * collect application http url HTTP Host 50 collection application http host HTTP User-agent 200 collection appllication http user-agent HTTP Referer * collect application http referer RTSP Host 50 collection application rtsp host-name SMTP Server 50 collect application smtp server SMTP Sender 50 collect application smtp sender POP3 Server 50 collect application pop3 server NNTP Group Name 50 collect application nntp group-name SIP Source Domain 50 collect application sip source SIP Destination Domain 50 collect application sip destination


GET /weather/getForecast?time=37&&zipCode=95035 HTTP/1.1 Host: svcs.cnn.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.cnn.com/US/

www.cnn.com (IP=157.166.255.18)

http://www.cnn.com/US Se0/0/0

(IP=192.168.100.100)

  Ability to extract information from HTTP message

collect application http url collect application http host

collect application http user-agent

collect application http referer


•  Discover application protocols transiting an interface, and populate CISCO-NBAR-PROTOCOL-DISCOVERY-MIB

•  Supports both input and output traffic •  Detection of IPv6 in IPv4 traffic (ISATAP, Teredo,6to4,..)

•  Stateful application classification for IPv6 in IPv4 traffic

BR BR

HQ

MC/BR MC/BR BR MC/BR

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

interface GigabitEthernet0/0/2!

ip nbar protocol-discovery!

ASR-1000#sh ip nbar protocol-discovery top-n !

!

GigabitEthernet0/0/2 !

[snip]!

Input Output !

----- ------ !

Protocol Packet Count Packet Count !

Byte Count Byte Count !

5min Bit Rate (bps) 5min Bit Rate (bps) !

5min Max Bit Rate (bps) 5min Max Bit Rate (bps) !

------------------------ ------------------------ ------------------------!

itunes 1352704 413286 !

2042671577 28254387 !

3395000 18000 !

15000000 208000 !

secure-http 584678 330847 !

640511303 76683682 !

2357000 196000 !

8847000 353000 !

youtube 139631 66440 !

207492818 3869014 !

1296000 17000 !

3575000 80000 !

bittorrent 37186 82432 !

11025469 113101301 !

81000 248000 !

84000 2465000 !


•  New IOS and IOS XE release ship with new PDLs – Protocol Description Language (show ip nbar version)

•  PDLM defines an update to or new application (PDLM can be downloaded from CCO)

•  Bundle of multiple PDLMs will be released as protocol pack (show ip nbar protocol-pack)

PDLM e.g.

bittorrent.pdlm citrix.pdlm

Protocol Pack

PD

LM

PD

LM

PD

LM

NBAR2 ip nbar pdlm <path_to_pdlm_file>!

ip nbar protocol-pack <path_to_protocol_pack>!

router#sh ip nbar protocol-pack active !!ACTIVE protocol pack: !!Name: Default Protocol Pack!Version: 1.0!Publisher: Cisco Systems Inc.!!router#!

router#show ip nbar protocol-pack active!!ACTIVE protocol pack: !Name: Advanced Protocol Pack!Version: 3.0!Publisher: Cisco Systems Inc.!File: flash:pp-adv-asr1k-15.2(04)S-13-1.1(0).pack!


AGENDA


L7 signatures

ASR1K

ISR G2



bandwidth and response time

metrics, and export to management tool

ASR1K

ISR G2

FNFv9 IPFIX

FNF IOS PA


Reporting Tools


What applications, how much bandwidth, flow direction? (Flexible Netflow and NBAR/NBAR2) Basic Monitoring

•  Integrated performance monitoring available for different type of applications and use cases

HTTP HTTP

Voice and Video Performance (Media Monitoring)

Advanced Monitoring

30% of traffic is voice and video

Critical Applications Performance(Performance Agent)

40% of traffic is critical applications


•  Evolution from Traditional Netflow (TNF) •  Feature to collect and export network information and

statistics Backward compatible with TNF records

Flexibility in defining fields and flow record format

Utilize Netflow Version 9 Format which is extensible

UDP-based transport

•  Consist of data collection (flow monitor) and data export (flow export)

•  Flow export format can be Netflow version 9 (RFC 3954) or IPFIX (RFC 5101)

•  Open-standard, can be analyzed by Cisco Insight, Cisco Prime NAM, Cisco Prime Assurance Manager, and 3rd Party Tools

•  Is required to collect application info from NBAR2

BR

HQ


WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

NetFlow Collector

NetFlow Export Packets: 1. Templates 2. Data Records

  Applica(ons   Performance   Security   Billing   …

BR


•  Key fields are unique per flow record (match statement)

•  Non-key fields are attributes or characteristics of a flow (collect statement)

•  If packet key fields are unique, new entry in flow record is created

•  Otherwise, update the non-key fields, i.e. packet count

Key Fields Packet 1

Source IP 1.1.1.1

Destination IP 2.2.2.2

Source port 23

Destination port 22078

Layer 3 Protocol TCP - 6

TOS Byte 0

Non-key Fields Packet 1

Length 1250

1 2 1 2

Key Fields Packet 2

Source IP 3.3.3.3

Destination IP 4.4.4.4

Source port 80

Destination port 22079

Layer 3 Protocol TCP - 6

TOS Byte 0

Non-key Fields Packet 2

Length 519

Source IP Dest. IP Dest. I/F Protocol TOS … Pkts

1.1.1.1 2.2.2.2 E1 6 0 … 11000

Source IP Dest. IP Dest. I/F Protocol TOS … Pkts

3.3.3.3 4.4.4.4 E1 6 0 … 50

1.1.1.1 2.2.2.2 E1 6 0 … 11000

Netflow Cache After Packet 1 Netflow Cache After Packet 2


•  Matching ID numbers are the way to associate template to the data records •  The header follows the same format as prior NetFlow versions so collectors will be backward compatible •  Each data record represents one flow •  If exported flows have different fields, they cannot be contained in the same template record (i.e., BGP next hop

cannot be combined with MPLS-aware, NetFlow records)

Data FlowSet Template FlowSet #0 Option Template FlowSet

#1 FlowSet ID #256

Data FlowSet FlowSet ID #257

Template ID 258

(Specific Field Types

and Lengths)

(Version, # Packets,

Sequence #, Source ID)

Flows from Interface A

Flows from Interface B

To Support Technologies Such as MPLS or Multicast, This Export Format Can Be Leveraged to Easily Insert New Fields

FlowSet ID

Option Data Record

(Field Values)

Option Data Record

(Field Values)

Template Record Template ID #257 (Specific Field

Types and Lengths)

Template Record Template ID #254 (Specific Field

Types and Lengths)

Data Record (Field Values)

Data Record

(Field Values)

Option Data FlowSet

Data Record (Field Values)


Interface

Source IP Address

Source Port

Destination Port

NetFlow   Monitors data in Layers 2 thru 4   Determines applications by combination of

Port or Port/IP Addressed   Flow information who,

what, when, where

NBAR   Examines data from

Layers 3 thru 7   Utilizes Layers 3 and 4

plus packet inspection for classification   Stateful inspection of

dynamic-port traffic   Packet and byte counts

Protocol

Link Layer Header

Deep Packet (Payload) Inspection

ToS NetFlow

NBAR

Destination IP Address

IP Header

TCP/UDP Header

Data Packet


flow exporter my-exporter! destination 1.1.1.1 !

flow record my-record ! match ipv4 destination address! match ipv4 source address! collect counter bytes!

flow monitor my-monitor! exporter my-exporter! record my-record!

int s3/0! ip flow monitor my-monitor input!

Configure the Exporter

Configure the Flow Record

Configure the Flow Monitor

Configure the interface

For Your Reference


flow exporter EXPORTER! destination 10.151.1.131! source loopback0! transport udp 9991! option interface-table timeout 3600! option sampler-table timeout 3600! option application-table timeout 3600!

For Your Reference

flow record RECORD-FNF-NBAR-INGRESS! match interface input! match flow direction! match application name account-on-resolution! collect interface output! collect counter bytes long! collect counter packets! (..)!

flow record RECORD-FNF-NBAR-EGRESS! match interface output! match flow direction! match application name account-on-resolution! collect interface input! collect counter bytes long! collect counter packets! (..)!

flow monitor MONITOR-FNF-NBAR-INGRESS! record RECORD-FNF-NBAR-INGRESS! exporter EXPORTER!

flow monitor MONITOR-FNF-NBAR-EGRESS! record RECORD-FNF-NBAR-EGRESS! exporter EXPORTER!

interface GigabitEthernet0/0/1! ip flow monitor MONITOR-FNF-NBAR-INGRESS input! ip flow monitor MONITOR-FNF-NBAR-EGRESS output!

Record for ingress traffic

Record for egress traffic

Usage record is aggregated by application, flow direction, and interface

© 2012 Cisco and/or its affiliates. All rights reserved. 22 22

Increased Latency

WAN Problem

Application Problem

Server Problem

User Problem

Your network is so slow I cannot get any work done

today I do not see

anything wrong

End Users

Network Admin

What the users see What network admins see What can happen

ping? show ip route?

traceroute? show interface?


ASR

HQ

ISR ISR ISR ISR

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

Reporting Tool

PA

ASR

Key Features   27 Application Response Time (ART) Metrics   Interact with NBAR or NBAR2 for Application ID   Standard NFv9 and IPFIX export   In ISR G2, provide by Performance Agent (PA)   In ASR1K, ART is part of unified monitoring policy

Benefits   Visibility into application usage and performance   Quantify user experience   Troubleshoot application performance   Track service levels for application delivery

PA PA PA

My query is taking

long time!

My email is

slow!

How do I ensure my SLA is met


•  Application response time provides insight into application behavior (network vs server bottleneck) to accelerate problem isolation

•  Separate application delivery path into multiple segments •  Server Network Delay (SND) approximates WAN Delay •  Latency per application

Application Servers

Total Delay

Client Network

Clients

Client Network Delay (CND)

Application Delay (AD)

Network Delay (ND)

IOS ART

Server Network

Request

Response Server Network Delay (SND)


TT

Client IOS PA

Server

X

SYN

SYN-ACK

ACK 6

Request 1

ACK

DATA 4

DATA 3

DATA 5

DATA 3

Request 1 (Cont)

X

DATA 4

DATA 1

Request 2

DATA 6

DATA 2

ACK 3

ACK

SND

CND

•  Response Time (RT) t(First response pkt) – t(Last request pkt)

•  Transaction Time (TT) t(Last response pkt) – t(First request pkt)

•  Network Delay (ND) ND = CND + SND

•  Application Delay (AD) AD = RT – SND

Request

Response

Quantify User Experience

Identify Server Performance Issue

Retransmission

RT

For Your Reference


•  ‘collect application name’ exports application ID field to reporting tool

Src IP Dst IP Dst Port App ID Resp Time …

192.168.100.100 66.114.168.178 443 0 100

cisco.webex.com (IP=66.114.168.178)

https://cisco.webex.com

IOS PA

Se0/0/0

(IP=192.168.100.100)

Src IP Dst IP Dst Port App ID Resp Time …

192.168.100.100 66.114.168.178 443 0x0D00019E 100

Without NBAR

With NBAR

Indicate this is webex application

Flow Record

flow record type mace pa-record! collect application name! collect art all!


ASR

HQ

ISR ISR ISR ISR

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

Reporting Tool ASR

Key Features   Monitor media performance metrics, i.e. jitter, loss   Integrate with NBAR2 to identify applications   Setting threshold and generating alert/alarm   Standard FNFv9 export

Benefits   Real-time monitoring of voice and video

performance across network   Accelerate troubleshooting – identify what, where,

when is the problem   Proactive troubleshooting   Validate SLA


•  Consistent provisioning and correlation across multiple clients

•  Alert architecture – syslog, SNMP etc

•  Export architecture – v9 and IPFIX

•  Scalable database – multi tier database model

•  Aggregation mode – flexible match and collect aggregation

•  API driven provisioning - On demand provisioning

NBAR2 NBAR2 PA

(ART)

PerfMon QoS

NBAR2

ART PerfMon

QoS

MMA

Agent

FNF

Cisco Prime Infrastructure NetFlow Partners

NetFlow v9 IPFIX

FNF


flow record FNF-RECORD! match ipv4 source address! match ipv4 destination address! match application name! collect counter bytes long! (..)!!!flow monitor FNF-MONITOR! (..)!! interface Gi0/0/1! ip flow monitor FNF-MONITOR input! ip flow monitor FNF-MONITOR output!

Flexible NetFlow

Flow byte-count, interface, etc.

flow record type performance-monitor medianet-record! match ipv4 source address! collect transport rtp-jitter! (..)!!!flow monitor type performance-monitor medianet-mon! (..)!! policy-map type performance-monitor medianet! class rtp-traffic! flow monitor medianet-mon!!!interface Gi0/0/1! service-policy type performance-monitor input medianet! service-policy type performance-monitor output medianet!

Perfmon

flow record type mace mace-record! collect art all! (..)!!!flow monitor type mace ios-pa! (..)!!!policy-map mace_global! class http-traffic! flow monitor type mace ios-pa!!!interface Gi0/0/1! mace enable!!!

Performance Agent

Voice/video RTP metrics, jitter, etc.

App. Response Time, etc.

For Your Reference


flow record type performance-monitor rtp-record! match ipv4 source address! match ipv4 destination address! match application name! collect transport rtp-jitter! (..)!flow record type performance-monitor art-record! match ipv4 source address! match ipv4 destination address! match application name! collect art all! (..)!

Define Flow Records

Policy-driven monitoring – what to monitor, what to collect in single policy

flow monitor type performance-monitor rtp-mon! (..)!flow monitor type performance-monitor app-mon! (..)!!

Define Flow Monitors

policy-map type performance-monitor avc! class rtp-traffic! flow monitor rtp-mon! class tcp-app! flow monitor app-mon! (..)!!!interface Gi0/0/1! service-policy type performance-monitor input avc! service-policy type performance-monitor output avc!

Filter what traffic to monitor

Flow byte-count, interface. Voice/video RTP metrics, jitter. App. Response Time, etc.


•  RTP SSRC •  RTP Jitter (min/max/mean) •  Transport Counter (expected/loss) •  Media Counter (bytes/packets/rate) •  Media Event •  Collection interval •  TCP MSS •  TCP round-trip time

•  CND - Client Network Delay (min/max/sum)

•  SND – Server Network Delay (min/max/sum)

•  ND – Network Delay (min/max/sum) •  AD – Application Delay (min/max/sum) •  Total Response Time (min/max/sum) •  Total Transaction Time (min/max/sum) •  Number of New Connections •  Number of Late Responses •  Number of Responses by Response Time

(7-bucket histogram) •  Number of Retransmissions •  Number of Transactions •  Client/Server Bytes •  Client/Server Packets

•  L3 counter (bytes/packets) •  Flow event •  Flow direction •  Client and server address •  Source and destination address •  Transport information •  Input and output interfaces •  L3 information (TTL, DSCP, TOS, etc.) •  Application information (from NBAR2) •  Monitoring class hierarchy

Media Monitoring Application Response Time Other Metrics

•  All performance metrics are consolidated into one flow record type performance-monitor

For Your Reference


Traffic Statistics

•  Application Usage per client IP/subnet/site

•  Top clients per application

Application Response Time

•  Per-application end-to-end latency

•  Application response time & transaction time

•  Application processing time

•  Top conversation per application

Media Performance

•  Per-stream jitter and packet loss

•  RTP conversations

URL Visibility

•  Most visited web-site

•  Per-URL application response time


Enterprise Voice & Video Match enterprise subnet Match RTP traffic Enterprise TCP Apps Match datacenter subnet Match TCP Enterprise Cloud Apps Match SFDC Match Office 365

Web Browsing Match HTTP

Rest of traffic Match any

AVC Monitoring Policy

Collect Media Performance

Collect Traffic Statistics

Collect ART Collect Traffic Statistics

Collect ART Collect Traffic Statistics

Collect URL Sample Collect Traffic Statistics

Collect Traffic Statistics



improve application

performance

ASR1K

ISR G2

Control

High

Med

Low

AGENDA


L7 signatures

ASR1K

ISR G2





ASR1K

ISR G2

FNFv9 IPFIX

FNF IOS PA


Reporting Tools


•  Guarantee bandwidth to protect critical applications from network congestion

•  Provide low latency to delay sensitive applications

•  Stop or limit unwanted applications from using WAN resources

•  Application routing based-on real-time performance Information

•  Intelligent load sharing provides resiliency and fully utilizes all available WAN resources

•  Improve performance of voice, video, and critical applications

Application Bandwidth Control Application Path Control

Internet No SLA

WAN 1 High SLA

WAN 2 Med SLA

WAN LAN WAN LAN

Email

HTTP


•  Statefull classification for creating policies irrespective of v4/v6 traffic, simplifying policy management

•  Discover applications using NBAR2 •  Supports both input and output traffic

BR BR

HQ


WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

IPv4 Native IPv6

WAN2 (IPVPN, DMVPN)

class-map match-any peer2peer! match protocol kazaa2! match protocol gnutella! match protocol fastrack!

policy-map limit-p2p! class peer2peer! bandwidth percent 10!

interface Serial1! service-policy input limit-p2p!

What Traffic?

HOW to treat the traffic?

Where to apply?

class-map peer2peer! match protocol attribute category <name>!


Internet Presence & Enterprise WAN

•  The Decision Maker: Master Controller (MC) Apply policy, verification, reporting No packet forwarding/ inspection required

•  The Forwarding Path: Border Router (BR) Learn, measure, enforcement

Optimize by: Reachability, Delay, Loss, Jitter, MOS, Throughput, Load, and/or $Cost

Internet ISP-‐1 ISP-‐2

WAN1 (IP-‐VPN)

WAN2 (IPVPN, DMVPN)

MC/BR

MC/BR

BR

MC/BR

BR

BR

HQ

MC

BR BR

MC


Protecting critical applications while Maximizing bandwidth utilization

•  Protect business Cloud applications from network brownout

Loss > 10%

•  Cloud Service preferred path – ISP1 •  Maximize all ISP bandwidth by load sharing other

Internet traffic

Cloud Service & Load Balancing Policy

ISP-1 (Primary) ISP-2 (Secondary)

Detect loss > 10%

Cloud Service

Best Effort traffic

Internet

•  Protect voice and video quality Latency > 200ms; Jitter > 30ms

•  Protect VDI applications from brownouts Loss > 5%

•  Voice & Video preferred path SP-A •  VDI preferred path SP-B •  Maximize utilization by load sharing

Multimedia & Critical Data Policy

SP-A (MPLS VPN) SP-B (MPLS VPN)

VDI

Detect high jitter

Voice&Video

Best Effort traffic

WAN


•  Globally

•  Or per group (link-group, similar to class-maps for QoS)

39

Learning   Prefixes   ACL   DSCP Based   Applications

Traffic Classes

BR BR

HQ


MC

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)

Rest of the Traffic

Voice - Video

Critical Application


Traffic Classes

Passive

  PfR Netflow Monitoring   Flows Need not be symmetrical

Delay Loss

Egress BW

Reachability

Ingress BW

Passive Performance

Metrics BR BR

HQ


MC

NetFlow Cache

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN) Active

  PfR enables IP SLA feature   Probes sourced from BR   ICMP probes learned or configured   TCP, UDP, JITTER need ip sla

responder

Delay Loss

Jitter

Reachability

MOS


•  Global policies – for all traffic classes •  Or policies per application group

Voice/video: link-group, jitter, delay, loss

Critical: link-group, delay, loss Rest: load-balancing

41

Traffic Classes Link

  Load balancing   Max utilization   Link grouping   $Cost

Application Performance   Reachability   Delay   Loss   MOS   Jitter

BR BR

HQ


MC

Voice, Video, Critical

The Rest of the Traffic

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)


Destination Prefix   BGP

-  Egress: route injection or Modifying the BGP Local Preference attribute

-  Ingress: BGP AS-PATH Prepend or AS Community

  EIGRP Route Control   Static Route Injection   PIRO

Application   Dynamic PBR   NBAR/CCE BR BR

HQ


Voice, Video, Critical

The Rest of the Traffic

MC

WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)


•  Multisite MC Peering Framework •  MC to MC Peering Framework can be used to

exchange policies, services and feedback •  Remote Site Discovery

Simplifies Configuration – prefix and target discovery

Probing Efficiency – sharing of probe data across policies

43

BR BR

HQ

MC


WAN2 (IPVPN, DMVPN)

WAN1 (IP-‐VPN)



improve application

performance

ASR1K

ISR G2

Control

High

Med

Low

AGENDA

Advanced reporting tool

aggregates and reports application

performance


Reporting Tool


…

WebEx 3 Mb 150 ms …Citrix 10 Mb 500 ms …


L7 signatures

ASR1K

ISR G2





ASR1K

ISR G2

FNFv9 IPFIX

FNF IOS PA


Reporting Tools


•  Configuration of AVC features (2.0)

•  Network Monitoring

•  Service Monitoring

•  Reporting and Trends

•  Multi-NAM Manager

•  Packet and Flows Analysis

•  Application Response Time

•  Voice and Video Metrics

•  Operates Standalone or Cisco Prime NCS

•  Distributed SNMP and Flexible Netflow Collection

45


How is the Server performing?

Which site is slowest?

How is user experience at a site?


Company Product Use Cases Status

PAM Network and App Monitoring. Control GUI (future)

PAM 2.0 – Adding PfR, new metrics in XE 3.8S

Gomez & DynaTrace

APM combined with App-aware Network Monitoring

Adding NBAR2, PA, WAAS

5View App-aware Network Monitoring

Already support WAAS Adding NBAR2, PA

LiveAction Control (QoS) GUI, App-aware Network Monitoring

Already supports medianet Adding NBAR2, PA, PfR

Scrutinizer App-aware Network Monitoring

Already support PfR, medianet Adding NBAR2, PA

Others: Living Object, Insight, CA



Managed Service Provider

  Provide value added services from the same CPE used for connectivity

  Application visibility and application performance report

  3rd Party Reporting tool integration

Internet Edge & SP Edge

Enterprise WAN

  Discover application usage on Internet router

  Traffic shaping limit recreational, bandwidth hogging application, i.e. P2P

  GUI for reporting and configuration

  Branch and WAN aggregation deployment

  Application-aware Network Performance Monitoring

  Application-aware QoS and intelligent path selection

  Integration with enterprise infrastructure, i.e. switch, wireless

IOS XE 3.4S (Q4CY11) IOS 15.2(4)M2 (Q4CY12) IOS XE 3.8S (Q4CY12) IOS 15.2(4)M2 (Q4CY12)


Internet Router

Internet Router + App Visibility +

QoS NBAR2, FNF, and QoS

NFv9/IPFIX Reporting Tool

Cisco Prime Infrastructure 2.0 Cisco Insight 4.0

Application Monitoring

•  NBAR2 recognizes application •  FNF exports application

usage information using NFv9 or IPFIX

Application Control

•  NBAR2 and QoS controls application bandwidth usage and prioritization

Network Management

•  Cisco Insight or Cisco Prime receives NFv9 or IPFIX

•  Cisco Prime provides configuration GUI*

Instrumentation


3

Customer Portal Top N App

App Transaction Time

SP Cloud


•  NBAR2 provides application recognition service

•  FNF & PA for tier monitoring service export NFv9 or IPFIX records

Control

•  Application-aware QoS in VPN service pre-provisioned by MSP

Network Management

•  Multi-tenant 3rd party tool with customer portal access, e.g. Living Object, Insight, InfoVista, CA

CSR in CSP data center (future)

•  Application usage •  Top talkers •  URL hit count •  Network performance

NFv9/IPFIX


Internet

Branch

Branch

Data Center

WAN

Prime Infrastructure

NFv9/IPFIX


•  NBAR2 for Visibility with field extraction

•  Performance Metrics and Export using NFv9/IPFIX

Control & Optimization

•  Application-aware QoS •  Intelligent path selection with

PfR •  Optimization with WAAS

Network Management

•  Cisco Prime Infrastructure 2.x •  Identity Service Engine 1.1

(Optional)

ISR G2

ISR XE

ASR1K

ASR1K


•  Insight license (FLASR1-NSIGHT-RTU) - $6000 per install

•  *880 (non 3G) and 3900E will support AVC starting 15.2(4)M

Platform Today Future

800* AdvIPServices - $150 No change

1900 Data License - $600 No change

2900 Data License - $700 No change

3900* Data License - $1000 No change

ASR1K AIS/AES - $10000

FLASR1-AVC-RTU - $10000

Starting XE 3.8S Proposed tier pricing based

on session count

Thank you.

Date post:	03-Dec-2014
Category:	Technology
Upload:	get-your-build-on-with-software-for-the-network-beyond
View:	1,756 times
Download:	1 times