General

1. What is Cisco® Application Visibility and Control (AVC)?

Cisco® Application Visibility and Control (AVC) is a solution that uses multiple technologies of the Cisco ASR 1000 Series Aggregation Services Routers and Cisco Integrated Service Routers Generation 2 (ISR G2), and network management tools which together provide powerful and pervasive integrated solution for discovering, monitoring as well as controlling applications.

 

2. How does Cisco® AVC work?

AVC works by enabling the software features within the Cisco ASR 1000 and Cisco ISR G2 in conjunction with network management tools to perform the following functions:

Application recognition – Uses Deep Packet Inspection (DPI) to recognize and identify applications regardless of port number

Performance monitoring - Utilizes embedded monitoring capabilities within the routers to extract and collect application usage, performance metrics, aggregate and export this information using open export format such as Netflow Version 9 and IPFIX for network management

Network Management – Enables Cisco and 3rd party network management tools to provide visualization of network application bandwidth usage and performance to end users, as well as to provide feedback and implement policy to network devices to fine tune performance

Control - Controls per-application bandwidth usage and intelligently selects the path to deliver application data based on real time performance

 

3. What technology is used in Cisco® AVC solution?

Cisco® AVC consists of the following technologies:

  • Next-generation DPI technology called NBAR2, which can identify more than 1000 applications and support application categorization, with the ability to perform in-service update of application signatures.
  • Flexible NetFlow (FNF) infrastructure and data export to select and export data of interest, allowing easy consumption of AVC information by Cisco and third-party applications.
  • Performance collection engine to collect Application Response Time (ART) for TCP applications, and Media Monitoring (MMON) to collect voice and video performance such as jitter and loss. All the information is exported through the Flexible Netflow infrastructure.
  • Reporting and management tools, such as Cisco Prime Infrastructure with Assurance module which is an enterprise-grade infrastructure management and service monitoring tool for reporting of application and network performance; and Cisco Insight which can provide up to 30 different reports for application visibility.
  • QoS to facilitate optimization and control of application performance.
  • Performance Routing (PfR) to provide per-application intelligent path selection based on real time performance data

 

Hardware, Software, and Licenses

1. What routing platforms support AVC?

AVC is currently supported on the Cisco ASR 1000 and Cisco ISR G2 routers.

 

2. Which software releases support AVC?

AVC is supported on the Cisco ASR 1000 starting IOS XE 3.4S and Cisco ISR G2 starting IOS 15.2(4)M2.

 

3. What license do I need to enable AVC?

AVC support is provided by Right-To-Use (RTU) license on both Cisco ASR 1000 and Cisco ISR G2

Platform

Required license

ISR G2 (880 and 890)

Advanced IP license

ISR G2

Data license

ASR1K

Advanced IP Services (AIS) or Advanced Enterprise Services (AES) license, and in addition, AVC license (FLASR1-AVC-RTU)

 

4. Is there a demo license for AVC?

Yes, the software license is available for demo and evaluation. Please contact your Cisco representative to obtain the license applicable for your platform.

 

5. I already have Flexible Packet Inspection (FPI) license for my Cisco ASR 1000, can I enable AVC?

No, starting with IOS XE release 3.4S the FPI license (FLASR1-FPI-RTU) has been obsoleted by AVC license (FLASR1-AVC-RTU). There is an upgrade license (FLASR1-AVC-UPG) to upgrade your FPI license to AVC.

 

6. Do I need AVC if I just want to use NBAR2 and QoS?

Yes, both NBAR2 and QoS are components of AVC and provide per-application bandwidth control.

 

Features and Functionalities

1. How many applications does AVC recognize?

AVC, through NBAR2 technology, currently recognizes more than one thousand applications including but not limited to web and enterprise applications, cloud services, voice and video, email, file sharing, gaming and peer-to-peer (P2P) applications.

 

2. Where do I find more information about NBAR2?

Please visit http://www.cisco.com/go/nbar

 

3. Do we need new IOS software for recognizing newer applications?

No, NBAR2 provides application signature updates through the NBAR2 Protocol Pack. The software releases that support loading of the NBAR2 Protocol Pack begin at IOS XE 3.7S and IOS 15.2(4)M2.

 

4. How do I control applications bandwidth with AVC?

NBAR2 and QoS on the Cisco ASR 1000 and ISR G2 routers are the main mechanism for application control in AVC. With AVC, the QoS class-map has been enhanced to match the application name and attributes such as category as sub-category which are recognized by NBAR2. These added matching capabilities can also work in conjunction with all other match criteria already supported by QoS class-map such as ACL or DSCP. QoS actions such as shape, police or priority can then be applied to the application traffic.

 

5. How easy is it for a customer to use AVC to control P2P traffic?

AVC identifies more than 1000 applications, several among these being P2P applications. In addition, AVC has a special category for P2P applications that customers can use in their QoS policies to filter or rate limit P2P traffic. The following example shows how to identify and limit P2P applications.

class-map match-any p2p-app

 match protocol dht

 match protocol attribute sub-category p2p-file-transfer

policy-map control-policy

 class p2p-app

  police 8000 conform-action transmit exceed-action drop

 

6. What control option do I have for my applications?

There are two types of controls in AVC

  • Bandwidth Control - Through NBAR2 and QoS, users can choose to drop, limit, guarantee bandwidth or mark application traffic flow
  • Path Control – Intelligent path selection is provided by Cisco Performance Routing (PfR). Users can define policy to dynamically select paths that meet application performance requirements.

 

7. Can I use AVC to monitor and control applications running over IPv6?

Yes, AVC supports identifying, monitoring and controlling bandwidth for applications running over IPv6.

 

8. Can AVC provide per VRF monitoring?

On the Cisco ASR 1000 AVC can also collect and export information per VRF.

 

9. What is the Cisco IOS Performance Agent (PA)? How is it relevant to Cisco AVC?

IOS Performance Agent (PA) is one of the software features used in Cisco AVC. It collects and exports the Application Response Time (ART) such as Network Delay, Response Time and Transaction Time for TCP applications.  Network administrators can use this information to better understand application performance and bottlenecks in the network.

 

Network Management

1. What network management tools support Cisco AVC?

AVC exports information using open export formats such as Netflow Version 9 and IPFIX. This standard format allows Cisco and 3rd party network management applications to support Cisco AVC. Cisco Prime Infrastructure supports Cisco AVC. In addition, there are already Cisco Developer Network (CDN) partners such as ActionPacked, InfoVista, LivingObjects and Plixer, who support Cisco AVC.

 

2. Where do I find more information about Cisco Prime Infrastructure?

Please visit http://www.cisco.com/go/primeinfrastructure