AVC: Application Visibility and Control. Cisco Deep Packet Inspection feature embedded in routers. it enables application recognition based on signature and fields extraction. ART: Application Response Time. Cisco passive probe embedded in routers. It enables TCP application performance metrics such as latency per network part. BR: Border Router. Cisco PfR component CSR: Cloud Services Router […]
Compared to the relative simplicity of SNMP monitoring metrics, IWAN features comes at an expense on the Network device in terms of memory (need for anticipation in configuring the cache size) and CPU (for advanced processing). Cisco has introduced EZPM in latest version of IWAN to decrease CPU load. Service providers have to check if […]
Launching IWAN services is: Deciding service scope available for enterprise customers. Adapting user rights and eye.lo features accordingly, Reviewing the network customer topologies to define routers templates and check IWAN impact on existing CPE portfolio Sizing the collection link and eye.lo hosting hardware Adapting the provisioning system to automatically deliver the seed files to eye.lo […]
On Top of Cisco IWAN dictionary, eye.lo can recognize traffic based on IP, port, HTTP hostname, SSL (HTTPS) server name. The workflow is the following: Does the flow match an embedded eye.lo customer specific application ? If no match, does it belong to the Nbar2 dictionary? If no match, does it match with a IANA […]
5 minutes is the default recommended granularity for all counters.
You need to configure data export on CPEs. Data will be exported using Netflow/IPFIX towards eye.lo. The Exporter defines the source interface (LAN/WAN) and the destination IP address of the remote collector The Monitor attaches records and exporters to the devices interfaces to activate the monitoring. It also configures the cache maximum size (32k recommended […]
The key difference resides in the information access: SNMP requires collectors to request the information. Netflow collectors passively receive and process flows from all devices. For first case (polling), devices need to store the data available on request. With Netflow, devices send data once processed. Thus, if devices embed the right processing engines (Deep Packet […]
1. Netflow 5: (IPV4-specific,) NFV5 is the most commonly deployed version. The flows exported by the equipment provides 5-tuple keyed fields, Source IP/port, Destination IP/port and protocol, to describe the identities of the systems involved in the conversation and the amount of data transferred. 2. Flexible NetFlow FNF V9: (IPv4&6 compatible) Version v9 has brought […]
NetFlow provides the ability to collect IP network information as it enters or exits an interface. A Flow Record consists of keyed fields and non-keyed fields. Keyed fields are all field(s) which need to be unique in order for a new Flow Record cache entry to be created in the CPE memory. Non-keyed fields provide […]
In the past, typical network traffic could easily be identified using well known port number. HTTP, HTTPS, POP3, or IMAP were among common traffic seen in enterprise. Today, there is increasing number of applications which is delivered over HTTP – both business and recreational applications. And many applications use dynamic ports such as Exchange, and […]
