Cisco Cisco Prime Virtual Network Analysis Module (vNAM) 6.1 White Paper
3-37
Cisco Virtualized Multiservice Data Center (VMDC) Virtual Services Architecture (VSA) 1.0
Design Guide
Chapter 3 VMDC VSA 1.0 Design Details
System Level Design Considerations
Application Visibility and Control
Cisco's Application Visibility and Control solution is a suite of services for application classification,
traffic control and monitoring that support capacity planning and resource management, improve
business-critical application performance, and in the public environment, allow for highly tuned service
assurance. Technologies such as Quality of Service, previously discussed, Network Based Application
Recognition, Netflow, Network Analysis and Application Optimization form the basis of this solution
set.
traffic control and monitoring that support capacity planning and resource management, improve
business-critical application performance, and in the public environment, allow for highly tuned service
assurance. Technologies such as Quality of Service, previously discussed, Network Based Application
Recognition, Netflow, Network Analysis and Application Optimization form the basis of this solution
set.
NBAR
Cisco Network Based Application Recognition (NBAR) provides the option of using stateful deep
packet inspection for granular, application-level traffic inspection and traffic classification for
performance monitoring and tuning or for other use cases, such as application monitoring for security
purposes. NBAR currently provides the ability to identify over 1000 application signatures. NBAR is
also capable of defining customized application profiles based on ports, URL or even payload values.
NBAR is implemented in hardware on physical routers such as the ASR1000 or ISRG2, however on the
CSR, NBAR is software-based. This means that caution should be employed in deploying NBAR to
understand the impact on forwarding performance and insure the desired packet throughput.
packet inspection for granular, application-level traffic inspection and traffic classification for
performance monitoring and tuning or for other use cases, such as application monitoring for security
purposes. NBAR currently provides the ability to identify over 1000 application signatures. NBAR is
also capable of defining customized application profiles based on ports, URL or even payload values.
NBAR is implemented in hardware on physical routers such as the ASR1000 or ISRG2, however on the
CSR, NBAR is software-based. This means that caution should be employed in deploying NBAR to
understand the impact on forwarding performance and insure the desired packet throughput.
NetFlow
Cisco developed NetFlow to provide better insight into IP traffic. A key component of Cisco's
Application, Visibility and Control suite of features and functionality, NetFlow defines flows as records
and exports the records to collection devices. NetFlow provides information about the applications in
and utilization of the data center network. The NetFlow collector aggregates and assists network
administrators and application owners to interpret the performance of the data center environment.
Application, Visibility and Control suite of features and functionality, NetFlow defines flows as records
and exports the records to collection devices. NetFlow provides information about the applications in
and utilization of the data center network. The NetFlow collector aggregates and assists network
administrators and application owners to interpret the performance of the data center environment.
The use of NetFlow is well documented in traditional network environments, but the Nexus 1000V
provides this capability in the virtual network environment. Nexus 1000V supports NetFlowv9 and by
default uses the management 0 interface as an export source.
provides this capability in the virtual network environment. Nexus 1000V supports NetFlowv9 and by
default uses the management 0 interface as an export source.
Caution
Using advanced features such as NetFlow consumes additional ESXi host resources (memory and
CPU). It is important to understand these resource dynamics before enabling advanced features.
shows the Cisco NAM application traffic statistics on the Nexus 1000V virtual Ethernet
interfaces. The Nexus 1000V can also monitor flows from the physical interfaces associated with the
platform and VMkernel interfaces including vMotion traffic, as seen in
platform and VMkernel interfaces including vMotion traffic, as seen in