Transcription
LiveNX TrainingStudent GuideLiveNX TrainingDay 11 2021, LiveAction, Inc. All Rights Reserved.1Agenda – Day 1 LiveNX Overview & Architecture The LiveNX WebUI Dashboards Sites/Devices/Interfaces Reports Overview Stories Visualizations & Troubleshooting Voice, Video, Delays Flow Collection Custom Filters Add & Manage Devices Adding Devices Scheduling Grouping & Objects Custom Reports Device Semantics System Management LiveNX Engineering Client Dashboard Reports Topology Definition More Dashboards, Reports and Alerts QoS Monitoring and Configuration2 2021, LiveAction, Inc. All Rights Reserved.2Agenda - Day 2 Implementation Best Practices Installation Considerations Netflow Best Practices Other Best Practices LiveAction SD-WAN Cisco/Viptela SDWAN Overview LiveNX – SDWAN Integration Overview Day 0: Cisco SD WAN Planning for Deployment LiveNX - SDWAN Onboarding Quality of Service Day 1: Cisco SD WAN Policy Validation and Intent Concept Overview Classification & Marking Day 2: Cisco SD WAN Operations Queueing & Shaping Policing & WRED Buffer Tuning Deployment Strategies 2021, LiveAction, Inc. All Rights Reserved.33Page 1 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideClass Logistics Daily Schedule Equipment Start Laptops Breaks Internet Access Finish eLab Access4 2021, LiveAction, Inc. All Rights Reserved.4Your Training Resource Dave LauSenior Technical Trainer5 2021, LiveAction, Inc. All Rights Reserved.5Prerequisites You already: Have a basic knowledge of applications, networking, and protocols Understand TCP/IP, network addressing, and subnet masks Know basic router & switching concepts Manage NetFlow devices within your environment 2021, LiveAction, Inc. All Rights Reserved.66Page 2 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideAnd you are Name ? What do you do at your company ? Have you used LiveAction Products? What Product Certs do you maintain? (Brag if you must;-) What was your first car? 2021, LiveAction, Inc. All Rights Reserved.77LiveNXOverview & Architecture 2021, LiveAction, Inc. All Rights Reserved.88Architecture Overview Distributed Computing Architecture High-performance database Large-scale distributed analytics platform Capable of handling 1M flows/sec Monitor 40,000 devices across distributed deployment Visualize up to 1,000 active interfaces per device 3-layer architecture – client, server, nodeClient Single Pane of Glass (SPOG) over entire network Limiting user data access by groups per node Browser, Windows (32/64-bit), or Mac OSXServer Central management of nodes Virtual install - HyperVisor, Hyper-V, KVMCollector Node Hold data store, automatic data management Node management policy set at server Virtual install - HyperVisor, Hyper-V, KVM 2021, LiveAction, Inc. All Rights Reserved.99Page 3 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideSystem ifications/ Server Platform Specifications: VMware ESXi v5.0 or higher – VMware Hardware Version 8 (vmx-8) Network Hardware – At least two Physical NICS on ESXi Support up to 10 Gbps Virtual NICs on OVA are utilizing E100Proof Of ployment100-500 Devices or 100k Flows/sec.500-1000 Devices or 150k Flows/sec.Upto 1000 Devices or 500k Flows/sec.Min Requirements: 32 vCPU Xeon or i7 64 Gb RAM Max Heap Size 31GB 8TB Data DiskMin Requirements: 64 vCPU Xeon Gold 5218 768 Gb RAM Max Heap Size 384GB 32TB Data Disk(16TB usable with RAID 10) 25 Devices or 25k Flows/sec. 100 Devices or 50k Flows/sec.Min Requirements: 8 vCPU Xeon or i7 16 Gb RAM Max Heap Size 8GB 500GB Data DiskMin Requirements:Min Requirements: 16 vCPU Xeon or i7 16 vCPU Xeon or i7 32 Gb RAM 64 Gb RAM Max Heap Size 16GB Max Heap Size 31GB 2TB Data Disk 4TB Data DiskPhysicalDeployment10 2021, LiveAction, Inc. All Rights Reserved.10Network Devices SupportedCisco Device Support – SNMP & -Vendor Device Support – FlowASR 9000 Series RouterCisco AnyConnect Network Visibility Moduleon Windows and Mac OS X PlatformsCisco ASA 5500 Series FirewallsCisco Catalyst Series Switches 2900, 3650, 3850 & 4500-X 6500,6800, 9000 are supported.**(Limited LiveNX QoS Monitor support on Layer 3-routable interfaces and VLANsdepending upon Cisco hardware capabilities.)Cisco ISR Series Routers: 800, 900, 1700, 1800, 1900, 2600, 2600XM,2800, 2900, 3600, 3700, 3800, 3900, 4200, 4300, 4400, 4500, 7200,7600**, ASR 1001x, 1002x Series Routers, CSR 1000V**Cisco Meraki MX Security ApplianceCisco Nexus Switches(Nexus 3000, 7000, 6000 & 9000 Series)Cisco NetFlow Generation ApplianceCisco SD-WAN vEdge, Cisco IOS XE SD-WAN Edge DevicesAdtran NetVanta Series RoutersAlcatel-Lucent RoutersBarracuda FirewallBrocade Series RoutersCheckpoint FirewallCitrix NetScaler Load BalancerExtreme Network SwitchesF5 Load-BalancerGigamon GigaSMARTHewlett-Packard Enterprise Procurve Series SwitchesIxia’s Network Visibility SolutionJuniper MX Series RoutersNtop nProbePalo Alto Networks FirewallsRiverbed SteelHead WAN Optimization ControllersSilver Peak WAN Optimization ControllersSophos FirewallZiften ZFlow11 2021, LiveAction, Inc. All Rights Reserved.11Bandwidth Overhead – Server/Node Data is stored on the Collector Nodes Server requests data from Node(s) on demand In case of loss of communication, server may initiate to reestablish communications Minimal synchronization communication between the Server and Node(s). “Keep-alive” (not really more a “I have new data!”) Bandwidth is proportional to the number of devices being monitored by each Node End-user actively monitoring LiveNX also increases bandwidth.Examples ofNode/ServerBandwidthDevicesPer NodeNode to Server Traffic(Avg./Peak)Server to ps500625Kbps/ 1.75Mbps25Kbps-125Kbps10001.25Mbps/ 2.25Mbps50Kbps/ 250KbpsNote: These are typical bandwidth estimates that LiveAction would expect to see. Each network is different so results may vary. 2021, LiveAction, Inc. All Rights Reserved.1212Page 4 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideLiveNX Flow CapabilitiesLiveNX is a flow collector Supports NetFlow V5/V9, FNF, sFlow, jFlow, IPFIX, and other multi-vendor flowtypes Provides unique end-to-end flow visualization for a holistic view of the network Provides hop-by-hop color-coded application and flow path analyses fornetwork and application performance issues Visually shows mis-marked DSCPs for traffic priority Easily enables Cisco advanced flow technologies Topology can be exported to Visio Keep all raw data as long as there is sufficient disk space13 2021, LiveAction, Inc. All Rights Reserved.13LiveNX Communication with DevicesLiveNX uses SSH or Telnet access to read IOS configurations, as well asto make desired configuration changes to the device(s); QoS Configurations Netflow Configurations IP SLA Configurations Policy Based RoutingLiveNX does not save the router configuration in our database!14 2021, LiveAction, Inc. All Rights Reserved.14LiveNX Communication with Devices LiveNX uses SNMP v2 or v3 RO (Read Only) access to devices Polling for reading the MIB (Management Information Base) CBQoS MIB IP SLA MIB LAN MIBs Routing MIBs Updates statistics according touser configured polling intervals 2021, LiveAction, Inc. All Rights Reserved.1515Page 5 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideLiveNX Network Protocol RequirementsProtocolPort NumberDirectionDescriptionTCP7000Java Client to NX ServerJava Client Access to PlatformTCP443Web Browser to NX ServerUser Access to Web UI of PlatformTCP7026Server to Node (Bidirectional)Server - Node CommunicationUDP2055Network devices to nodesNetflow ExportUDP161NX Node/Server to Network DevicesSNMP Polling of Network DevicesRequired network protocols for normal operation of the LiveNX platform. This can be used as the basis for anyfirewall rules required.16 2021, LiveAction, Inc. All Rights Reserved.16Our Training Infrastructure Each attendee will connect to adedicated “Training Pod” The Instructor will provide credentialsfor each attendee All Pods are monitoring similar trafficflows. We’ll connect over the Internet andrun a Browser and Client locally. Initial device configuration has beenperformed on all Training Pods.17 2021, LiveAction, Inc. All Rights Reserved.17LiveNX Class InfrastructureThe “Internet” 2021, LiveAction, Inc. All Rights Reserved.1818Page 6 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideSites Used in This Training CourseCourse ComponentSiteDescriptionStudent sources/Your copy of the slides to follow thepresentation/make notesLab Workbook Pt ces/Day 1 Lab Workbook: Lab ExercisesLab Workbook Pt ces/Day 2 Lab Workbook: Lab ExercisesLiveNX Client(Mac or gresources/Client Access to be installed forsome exercisesWebsite for Access toHands-On Labshttps://portal.criterionnetworks.com/You will be given your specific logininformation by the instructor19 2021, LiveAction, Inc. All Rights Reserved.19LAB 0: Setup and Get Connected Turn on / Plug-in, and verify network & internetconnectivity. Note the addressing and credentials provided by yourinstructor. Install and run: LiveNX Client https://cloudkeys.liveaction.com/downloads You may now ping your LiveNX Server 2021, LiveAction, Inc. All Rights Reserved.20 2021, LiveAction, Inc. All Rights Reserved.2120LiveNX Web UI21Page 7 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideFrom Any Browser from Anywhere!https:// LiveNXserverIP Create and View Dashboards Configure: User Management Devices Alerts View: Reports Device Detail Interface Detail 2021, LiveAction, Inc. All Rights Reserved.2222Customizable Dashboards 2021, LiveAction, Inc. All Rights Reserved.2323Sites DetailsDrill into Sites Devices Interfaces 2021, LiveAction, Inc. All Rights Reserved.2424Page 8 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideInterfaces 2021, LiveAction, Inc. All Rights Reserved.25 2021, LiveAction, Inc. All Rights Reserved.2625WAN Applications26WAN Applications Flows 2021, LiveAction, Inc. All Rights Reserved.2727Page 9 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideGeo Topology 2021, LiveAction, Inc. All Rights Reserved.28 2021, LiveAction, Inc. All Rights Reserved.2928Stories29View ANY Report Defined in LiveNX 2021, LiveAction, Inc. All Rights Reserved.3030Page 10 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideRun Reports 31 2021, LiveAction, Inc. All Rights Reserved.31WebUI Reporting – ToolsInclude Report ElementsCopy URL to ClipboardPrint/Download (opensnew URL)Re-open Run ReportDialogReturn to Reports EntryPage 2021, LiveAction, Inc. All Rights Reserved.32 2021, LiveAction, Inc. All Rights Reserved.3332Report Groups33Page 11 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideWebUI Reporting – Create & Groups of ReportsSchedule Group to run Now, Hourly, Daily,Weekly, or MonthlyAdvanced Report Group can be emailed to oneor multiple usersAdvanced Reports allow the creation ofgroups of reports 2021, LiveAction, Inc. All Rights Reserved.34 2021, LiveAction, Inc. All Rights Reserved.3534LiveNX Alerting35User Management Supports Local or AD-LDAP Authentication 3 Levels – Admin, Config, View 2021, LiveAction, Inc. All Rights Reserved.3636Page 12 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideSystem ManagementUsing the WebUI to manage your LiveNX server and nodes User Management System Health System Support37 2021, LiveAction, Inc. All Rights Reserved.37User ManagementLocal or LDAP Multiple Roles (privilege levels) LDAP Server configuration under LDAP Management tab See who is currently logged in and Active under the Sessions tab38 2021, LiveAction, Inc. All Rights Reserved.38System Health Under the Settings gear choose System Diagnostics Here you can monitor many system health statistics for either the server ornodes: CPU / Memory / Disk Space / Flow Statistics / Etc 2021, LiveAction, Inc. All Rights Reserved.3939Page 13 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideWhat to do when you need support Often the support team will ask for diagnostic information Under (1) Settings (top right), you will find (2)Troubleshooting in the Menu Here you can collect diagnostic information as well as (3) system logs 2021, LiveAction, Inc. All Rights Reserved.4040LAB 1: Using the Web UI View & Create Reports User Management View/Modify Alerts Create/Edit Dashboard 2021, LiveAction, Inc. All Rights Reserved.41 2021, LiveAction, Inc. All Rights Reserved.4241The LiveNX Client42Page 14 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideThe LiveNX Client is Your Engineering Console A Java client application Runs on a standard Windows 32/64-bit PC LiveAction’s Mac client runs on OSX .9 . View & Configure: Devices Alerts Reports Client interface to visualize and configure network topologies & trafficflows.43 2021, LiveAction, Inc. All Rights Reserved.43Download & Launch the Client https://cloudkeys.liveaction.com/downloads44 2021, LiveAction, Inc. All Rights Reserved.44The LiveNX Client is a Busy Place Module TabsHome Tree ViewSearchFilterGroup ContainerTopology PaneDevicesAlerts & Notifications 2021, LiveAction, Inc. All Rights Reserved.4545Page 15 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideThe Home Tree-view Groups Devices Interfaces Select Home to view allGroups/Devices in the TopologyPane Select & Modify Devices &Interfaces Right-click Zoom-to 46 2021, LiveAction, Inc. All Rights Reserved.46Immediate Feedback Look at the bottom of the screen for information about: CPU Memory Buffer Alerts Advisories Nodes 2021, LiveAction, Inc. All Rights Reserved.47 2021, LiveAction, Inc. All Rights Reserved.4847Immediate Results!Select any Interfaceto generate realtime graphs48Page 16 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideManage, Create, View, Provision****Configure in the WebUI! 2021, LiveAction, Inc. All Rights Reserved.4949LAB 2: LiveNX Client Launch the LiveNX Desktop Client Connect from your Desktop Explore Topology visualization 2021, LiveAction, Inc. All Rights Reserved.50 2021, LiveAction, Inc. All Rights Reserved.5150Visualizations51Page 17 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideFlow VisualizationEnd-to-End Application Flows Through the NetworkLiveNX discovers and draws topology based on SNMPLiveNX imposes end-to-end flows on topology52 2021, LiveAction, Inc. All Rights Reserved.52Ingress BandwidthDevice ViewHover cursor overinterface shows moreinfoEgress BandwidthGreen: functionalAmber: congestedLarge circle representsdevice (router/switch)53 2021, LiveAction, Inc. All Rights Reserved.53Flow Troubleshooting, Decision MakingTraffic started out as EF (red) and gets de-classified asBE (blue) after SP cloudMis-marked Packets! 2021, LiveAction, Inc. All Rights Reserved.5454Page 18 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideEliminate the Detractors!Filter early, and filter often! 2021, LiveAction, Inc. All Rights Reserved.55 2021, LiveAction, Inc. All Rights Reserved.5655The Search FieldPre-populates with type-ahead ALL available fields/records56Search Functions – Order of Operation1st - Filter applied2nd- Search applied topulldowns’ results 2021, LiveAction, Inc. All Rights Reserved.5757Page 19 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideFilters & Search RetentionSearch strings are cachedand are reusable inTopology Pane and ReportsAll Filters can be used in both theTopology Pane as well as Reports 2021, LiveAction, Inc. All Rights Reserved.58 2021, LiveAction, Inc. All Rights Reserved.5958Flow VisualizationDevice Level Traffic59AVC Flow VisualizationApplication Performance NBAR2 application recognition and performance metrics Alert on application performance with AVC with color-coded statusNBAR applications 2021, LiveAction, Inc. All Rights Reserved.6060Page 20 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideFlow VisualizationNetwork Delays and Application Delays Reported by AVC flowsAVC Flow Type61 2021, LiveAction, Inc. All Rights Reserved.61Application Path AnalysisPath view based on AVC flows Drill down toreports DSCP along path Historical flows Gray arrows mean AVC flows not enabled62 2021, LiveAction, Inc. All Rights Reserved.62Medianet Flow Path AnalysisTraffic NotReaching HereTraffic BeingDropped Here 2021, LiveAction, Inc. All Rights Reserved.Pinpoint Root CauseGray means devicenot exporting PerfMon6363Page 21 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideFlow Visualization Over Time Flow Playback / DVR64 2021, LiveAction, Inc. All Rights Reserved.64Identify IssuesView the traffic transiting the Device What you expect does it make sense?Find anomalous behavior use DevicePlayback Too much to strange ports?Identifiable addresses?Gremlins/Glitches? 2021, LiveAction, Inc. All Rights Reserved.6565Device Configuration 2021, LiveAction, Inc. All Rights Reserved.6666Page 22 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideLiveNX Topology – A Blank SlateLiveNX acts as a framework to help you visually manage andtroubleshoot your network devices Add devices Routers & switchesTurn this Configure interfaces Enable SNMP & Flow collection Identify end-points Various icons Create Groups Filter flows Into THIS!67 2021, LiveAction, Inc. All Rights Reserved.67Adding DevicesLiveNX contains many “wizards” to guide you through the process Both on the client,and the WebUI 2021, LiveAction, Inc. All Rights Reserved.68 2021, LiveAction, Inc. All Rights Reserved.6968Adding Devices69Page 23 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideDevice DiscoveryScan and find connected devices Use a “seed” device SNMP settings & Creds Is the collection Node Local or Returns a dialog with suggesteddevices to add.70 2021, LiveAction, Inc. All Rights Reserved.70Device Discovery Configure Cisco DevicesAllows you to pre-configure specific features on recognized devices.**Creates a config t script to push71 2021, LiveAction, Inc. All Rights Reserved.71Working Topology AlmostDevices installed But no Flows? 2021, LiveAction, Inc. All Rights Reserved.7272Page 24 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideConfigure Flow Collection73 2021, LiveAction, Inc. All Rights Reserved.73View Traffic Flows!Refresh the Screen!Pretty colors andlines/arrows butstill not connected!74 2021, LiveAction, Inc. All Rights Reserved.74Merge Clouds*A “Merged” cloud is when you combineseparate networks that logically formone cloud, i.e; MPLSOnce merged flows will properly drawthrough the topology*Merge Clouds only applied in LiveNX Client 2021, LiveAction, Inc. All Rights Reserved.7575Page 25 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideLAB 3: Add & Configure DevicesWe’ve already installed the Server, Client, and a singledevice (HQ SJ). It’s up to you to: Add additional device(s) to the topology Enable / Configure Flow collection Merge Clouds 76 2021, LiveAction, Inc. All Rights Reserved.76Collecting Flows inLiveNX 2021, LiveAction, Inc. All Rights Reserved.7777Flow Collection Netflow is a brand name for Cisco Flow Like Jaguar is a brand name for an automobile The industry standard for flow type is “IPFIX” Cisco uses sflow for certain devices types, such as Nexus 5k Switch Juniper uses a flow type called “jflow” LiveNX can ingest most types of flowtechnology If a Flow Export is v5, v9, or IPFIXLiveNX can gather that information! 2021, LiveAction, Inc. All Rights Reserved.7878Page 26 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideConfigure NetFlow Monitoring (LiveNX Console) Two types of Cisco Netflow – Traditional and Flexible Traditional - an older flow type that uses a set record that cannot be configured Flexible - newer flow type that allows for more granular record configuration Traditional Netflow should only be used if Flexible is not available! LiveNX can discover what type of Netflow is supported and configure it for you! LiveNX will not let you configure both Traditional and Flexible on the same interface79 2021, LiveAction, Inc. All Rights Reserved.79Traditional v. Flexible Netflow - Preview CLIThis points to your flow collector(ie; LiveNX Node)Cisco’s Best-Practices Templates80 2021, LiveAction, Inc. All Rights Reserved.80Enable Flow Collection Within LiveNX ConsoleEasily Setup Flow Configurations at the Device Level 2021, LiveAction, Inc. All Rights Reserved.8181Page 27 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideEnable Flow Collection on InterfacesSetup Flow Configurations at the Interface Level82 2021, LiveAction, Inc. All Rights Reserved.82Re-Direct Collected Flows Ability to specify alternatetarget for Flow Collectors LiveNX Node LiveNX Flow Replicationon Port# Other IP / Port(Gigamon, Samplicator,SolorWinds ) 2021, LiveAction, Inc. All Rights Reserved.8383NetFlow Collects Statistics on Packets as they pass To Flow CollectorCreate a Flow Record from the Packet Attributes1. A flow is unidirectional2. Defined by inspecting a packet’s key fields (common properties) andidentifying the values3. If the set of key field values is unique, create a flow record or cacheentry 2021, LiveAction, Inc. All Rights Reserved.8484Page 28 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideNetflowBy analyzing the data acrossinterfaces and exporting the Netflowdata to LiveAction, a networkadministrator can determine: Traffic source and destination Class of service Protocol Ports etc per device.85 2021, LiveAction, Inc. All Rights Reserved.85Netflow Interface ViewView quantity & typeof traffic traversing aspecific interface86 2021, LiveAction, Inc. All Rights Reserved.86Application Flow ViewEnd-to-end quantityof traffic for selectedapplications 2021, LiveAction, Inc. All Rights Reserved.8787Page 29 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideOther types of Flow in LiveNX LiveNXcan also ingest the following types of flows: NSEL Flow (Network Security Event Logging) Cisco ASA firewalls Zone Based Firewalls (ASR, ISR4k) Wireless Flow (SSID, Wireless Client, Access Point information) Wireless Lan Controllers Cisco 3850 Switches “Unknown” (SFLOW, JFLOW, almost any flow technology using v5, v9, or IPFIX Export protocol)88 2021, LiveAction, Inc. All Rights Reserved.88Netflow Performance Monitors; AVC & Medianet AVC and Medianet use a Netflow Performance Engine that capturesadvanced metrics about a flow AVC (Application Visibility and Control) is Application Response Time (ART)for TCP applications LiveNX leverages AVC to assist users with troubleshooting TCP performance in thenetwork such as application delay, application response time, and network delay. Medianet is a Media Monitoring (MMON) engine that collects voice andvideo performance parameters, such as jitter and loss, in a network LiveNX leverages Medianet to assist users with understanding RTP (Video,Teleconference, VOIP) Performance89 2021, LiveAction, Inc. All Rights Reserved.89Netflow Performance Monitors; AVC and Medianet AVC * and Medianet * are available on: Cisco Integrated Services Routers Generation 2 (ISR G2) Cisco ASR 1000 Series Aggregation Service Routers (ASR 1000s) Cisco ISR 4k routers. Cisco Wireless LAN Controllers LiveNX’s AVC and Medianet Templates may be pushed to supporteddevices through its’ GUI 2021, LiveAction, Inc. All Rights Reserved.9090Page 30 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideNetwork Based Application Recognition (NBAR2) NBAR2 uses the Service Control Engine (SCE) with advanced classification techniquescalled PDLMs (Packet Description Language Modules). This engine inspects packetsthrough the actual payload of the traffic. Much more accurate classification of traffic rather than only based-upon IP and port number NBAR2 is Cisco’s standard cross platform protocol classification mechanism. supports 1400 application and sub-application definitions. Cisco updates NBAR2 protocol packs regularly to match new application definitions. LiveNX recommends updating protocol packs as they come out. S nbar/prot lib/config library/nbar-prot-pack-library.html91 2021, LiveAction, Inc. All Rights Reserved.91NBAR2 How does Deep Packet Inspection help? For example, Most web traffic is HTTP IANA Port for HTTP is 80 NBAR2 can still define the Application LiveNX uses NBAR2 in Flow records for detailed application information You can use NBAR2 definitions for granular QoS configuration If your application is not known, you can set a NBAR application on the CLI If NBAR2 is supported, LiveNX will push the configuration to the devicesduring Netflow configuration92 2021, LiveAction, Inc. All Rights Reserved.92IANA.Org If LiveNX is not able to get the NBAR2 application definitions from thedevice: Uses the IANA (Internet Assigned Numbers Authority) definitions s.xhtmlTrivia Quiz:How many ports are available in TCP?65,535 2021, LiveAction, Inc. All Rights Reserved.9393Page 31 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideCustom Application Label What if you have your own custom applications in the Network? You can go into LiveNX and define applications based on Protocol,Ports or IP Address and see the application name you desire94 2021, LiveAction, Inc. All Rights Reserved.94Using Flows for QoS Quality of Service (QoS) refers to the capability of a network to prioritize providebetter service to selected network traffic over various applications Without QoS policies, each packet is given equal access to network resources. For example, Voice and Video applications are delay and jitter sensitive. If a FTP transfer anda Voice transfer are both being processed through the same interface at the same time, thenthe Voice transfer could have to wait until the FTP packets are processed. This could result indropped voice packets and complaints by the those utilizing the voice application. Using QoS a network administrator could prioritize those Voice packets over theFTP packets, ensuring good quality for those utilizing the Voice application.95 2021, LiveAction, Inc. All Rights Reserved.95Differentiated Service Control Point (DSCP) Depending on your network, youwould define which traffic needspriority, then mark the traffic withthe correct DSCP values. These values may then be used togive priority to traffic throughout thenetwork, specifying Per-HopBehaviour. 2021, LiveAction, Inc. All Rights Reserved.9696Page 32 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuidePackets & DSCP MarkingsIPv4 Packet otoFCSIP SAIP DADataUnusedIP PrecedenceDiffServ Code Point (DSCP)RFC 2474DiffServe ExtensionsIP ECNRFC 3169IP ECN Bits97 2021, LiveAction, Inc. All Rights Reserved.97QoS Techniques After setting DSCP Markings in yournetwork you can easily conform thetraffic to your network needs with: Queuing Shaping Policing98 2021, LiveAction, Inc. All Rights Reserved.98LAB 4 & 5: Working With Flow and Customizing Filters Discover Flows Identify Flows Create Custom Filters ACL Creation 2021, LiveAction, Inc. All Rights Reserved.9999Page 33 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideTopology Definition 2021, LiveAction, Inc. All Rights Reserved.100100Topology Basics – Grouping**Grouping only applied in LiveNX Client(WebUI Uses Sites)Devices appear collapsed in theirgroups on the device tree.Devices appear on the topologywithin their shaded groups.Grouping makes device management easier!101 2021, LiveAction, Inc. All Rights Reserved.101Topology BasicsDevices reporting issues will changecolors to prompt for investigation.Quickly identify many problem sitesvisually 2021, LiveAction, Inc. All Rights Reserved.102102Page 34 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideTopology Basics – Add Network ObjectAssociate Network Objects with IP Addresses help to visualize devices such as PCs, Servers,IP Phones, Laptops Step 1Right-Click and createNetwork ObjectStep 2Draw connection to cloudStep 3Flows now connect103 2021, LiveAction, Inc. All Rights Reserved.103Topology Basics – Add Network ObjectDo it the EASY way!Step 1Right-Click on FlowEndpointStep 3Flows now connectStep 2Select the Object Shape104 2021, LiveAction, Inc. All Rights Reserved.104Device SemanticsSet Interface Labels, Destination, Speeds, Capacities 2021, LiveAction, Inc. All Rights Reserved.105105Page 35 2021, LiveAction, Inc. All Rights Reserved.
LiveNX TrainingStudent GuideManaging Data StorageExpand to see devicesemantic informationLiveNX creates pointers as data is collectedinto the database.Device or InterfaceWAN/Cross ConnectTagged InterfacesSite or configured Tags106 2021, LiveAction
F5 Load-Balancer Gigamon GigaSMART Hewlett-Packard Enterprise Procurve Series Switches Ixia's Network Visibility Solution Juniper MX Series Routers Ntop nProbe Palo Alto Networks Firewalls Riverbed SteelHead WAN Optimization Controllers Silver Peak WAN Optimization Controllers
