Cisco AVC monitoring

    Cisco Application Visibility and Control allows you to identify the traffic utilization and performance of applications in the network. Cisco AVC uses next generation deep packet inspection (DPI) technology called NBAR2 (Network Based Application Recognition 2) to identify more than 1,000 applications and its subcategories. With NBAR2, you can categorize applications based on similar functionalities like email (Gmail, Yahoo, etc), browsing, and more. It also identifies peer-to-peer applications, encrypted applications, and other application types. It provides much deeper visibility on application traffic usage like URLs visited. This helps network admins to define policies to derive maximum performance on the business-critical applications and control resource usage on the network.

    Advantages of Cisco AVC:

    1. Identifies over 1,000 applications along with their categories
    2. Provides performance metrics such as jitter, packet loss, latency, and ART
    3. Identifies the QoS policies applied to applications and allows modification of policies
    4. Improves the user experience in application usage
    5. Improves capacity planning by providing deeper visibility on application usage and performance
    6. Makes troubleshooting faster with reduced downtime
    7. Helps reduce operational costs through network optimization

    Refer below steps to configure AVC:

    https://www.manageengine.com/products/netflow/help/how-to-configure-avc-in-netflow-analyzer.html

    The different reports that one can generate through Cisco AVC monitoring in NetFlow Analyzer are:

    • NBAR2 application reports
    • URL hit count (HTTP host report)
    • QoS class hierarchy reports
    • Application response time monitoring reports (ART monitoring)

    NBAR2 application reports

    NBAR2 application reports

    NBAR2 report in NetFlow Analyzer show the list of applications that are identified with NBAR2 along with their traffic details and the contribution of a particular application's traffic to the total traffic in the network. Drilling down a particular application lists the conversation details such as source IP, destination IP, source port, destination port, DSCP value etc.

    URL hit count

    URL hit count

    HTTP host report in NetFlow Analyzer tabulates the URLs and their respective hit counts along with the traffic information for that particular URL. It provides the number of new connections connected with a particular URL and the traffic percentage it caused. This helps the IT team monitor the most frequently accessed URLs in the network and profile user behavior. Drilling down a particular http host gives details such as Source IP, destination IP, packet count, traffic percentage etc.

    QoS class hierarchy

    QoS class hierarchy

    The QoS stats tab lists QoS-specific information with mainly has 2 reports viz. QoS class hierarchy and QoS drop reports. The QoS class hierarchy report lets the user see the application's class of hierarchy and the application distribution for a particular app. QoS drops lists the pre-policy, post-policy and drops in different traffic class along with the queuing status enables you to validate the efficiency of your QoS settings.

    ART monitoring

    ART monitoring

    ART refers to Application Response time and the ART report helps identifying the most latent applications in the network based on their response times. The report shows client packets, server packets, transactions, retransmissions, new connections, responses and traffic. Further, drilling down each application shows graphs depicting client experience by plotting responses against time. QoS and ART will be shown dynamically under device & interfaces column for the AVC enabled device only. Using this reports, a network admin can easily narrow down the problem. If the problem is on the client network, the admin might reinforce some strong QoS policies on the edge router to prioritize business-critical application traffic. And, if the delay is due to the application or server network, the cloud service provider may have to tweak the service.