Today, the number of applications which is delivered over HTTP are increasing– both business and other applications. Many applications use dynamic ports such as Exchange, voice and video which are delivered over RTP. This makes them impossible to be identified by looking at port number. In addition, some applications disguise themselves as HTTP because they do not want to be detected. As a result, identifying applications by checking well known port is no longer sufficient. The need for application visibility in the network is on the rise and NetFlow which relies on port & protocol for application categorization is not enough to get the visibility that they require.
In order to bridge this gap Cisco came up with Cisco AVC (Application Visibility and Control) technology which provides application-level classification, monitors application performance to help IT teams get that required visibility into the network traffic and optimize business critical applications which is now supported by NetFlow Analyzer.
The different reports that one can generate through Cisco AVC monitoring in NetFlow Analyzer are:
The benefits of Cisco AVC include:
NetFlow Analyzer now supports Cisco NBAR2 to analyze and classify application traffic in real time. It provides insight into Layer 7 application traffic through NBAR(Network Based Application Recognition) that encompasses a wide array of over 1,000 applications within it, by default. NBAR2 reports show the list of applications that are identified with NBAR2 along with their traffic details and the contribution of a particular application's traffic to the total traffic in the network. This helps in ensuring that the network bandwidth is used efficiently. By knowing this QoS standards can be set.
HTTP Host reports in NetFlow Analyzer tabulates the URLs and their respective hit counts along with the traffic information for that particular URL. It provides the number of new connections connected with a particular URL and the traffic percentage it caused. This helps the IT team monitor the most frequently accessed URLs in the network and profile user behavior. Drilling down a particular http host gives details such as Source IP, destination IP, packet count, traffic percentage etc.
Control application bandwidth usage with app-centric QoS monitoring and set different priorities and dynamically choose network paths based on application and business needs. The QoS stats tab lists QoS-specific information with mainly has 2 reports viz. QoS class hierarchy and QoS drop reports. The QoS class hierarchy report lets the user see the application's class of hierarchy and the application distribution for a particular app. QoS drops lists the pre-policy, post-policy and drops in different traffic class along with the queuing status enables you to validate the efficiency of your QoS settings.
ART refers to Application Response time and the ART report helps identifying the most latent applications in the network based on their response times. The report shows client packets, server packets, transactions, retransmissions, new connections, responses and traffic. Further, drilling down each application shows graphs depicting client experience by plotting responses against time. QoS and ART will be shown dynamically under device & interfaces column for the AVC enabled device only.
For more information refer Cisco website: http://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/90364_product_bulletin_c25_627831.pdf
- Ross Hunton
Operations & Network Manager in Tropical Shipping USA, LLC