network performance monitoring at minimal capex
TRANSCRIPT
Network Performance Monitoring at Minimal Capex
Some Cisco IOS technologies you can use to create a high performance network
Don Thomas Jacob Technical Marketing Engineer
Network
Network Monitoring
NetFlow Analysis
Network Config Mgmt
Servers & Applications
Server Monitoring
Application Perf
Monitoring
End User Experience
Desktop
Desktop Management
Asset Management
Remote Control
ServiceDesk
Helpdesk
ITIL Service Desk
Software License Tracking
Windows Infrastructure
Active Directory
SQL Server
Exchange Server
Event Log & Compliance
Windows Event Logs
Syslog Management
Firewall Log Analyzer
Security
Vulnerability Analysis
Patch Management
Password Management
ManageEngine is an IT management vendor focused on bringing a complete IT management portfolio to all types of enterprises
About ManageEngine
The Webinar will discuss:
• Why network performance management • A Network Administrator’s wish list • Some Cisco technologies you can use for network
performance monitoring
And a brief on Cisco Flexible NetFlow • NetFlow Analyzer and Cisco Technologies
Why Network Performance Monitoring
• Network connectivity and business application uptime are the keywords today
• Increasing bandwidth – but more applications and
services in the network
• Save capex – Hold the extra bandwidth or the WAN optimization device you planned
• Business critical applications have to compete with rogue applications in many networks
• Planning for VoIP – Can your current links do it?
Manage available Bandwidth?
Need a Capacity Planning Report
Is Peer to Peer apps using bandwidth?
Can the existing link carry Voice
Traffic?
What caused the Bandwidth Spike?
Traffic Analytics
Is the Network Secure?
Network Admin
A Network Admin ’s Wish List
How will the data traffic perform?
• Bandwidth Monitoring - Analyze link usage - Visualize traffic patterns - Real-time traffic reports
• Traffic Analytics
Traffic Source and related
Conversations
Real Time Traffic Graphs
to Forever History
Traffic Destination and related Conversations
Applications and Protocols Used
WHO
• Capacity Planning - Existing link meets demand ? - Increase available Bandwidth ?
A Network Admin ’s Wish List
WHAT
WHEN WHERE
• Bandwidth Monitoring - Analyze link usage - Visualize traffic patterns - Real-time traffic reports
• Traffic Analytics
Traffic Source and related
Conversations
Real Time Traffic Graphs
to Forever History
Traffic Destination and related Conversations
Applications and Protocols Used
• Capacity Planning - Existing link meets demand ? - Increase available Bandwidth ?
A Network Admin ’s Wish List
Layer 7 Analysis and Traffic Management
• Analyze Peer to Peer application usage
• Are unwanted applications using well known ports?
• Manage, Block or Shape traffic
• Validate Quality of Service policies
A Network Admin ’s Wish List
Measure Link Capability for VoIP Traffic
• Switching to VoIP to carry Voice Traffic?
• Can existing link carry the additional traffic?
• Measure performance of VoIP traffic over the link
Current Usage
Available for New Traffic
A Network Admin ’s Wish List
A Network Admin ’s Wish List
Link Performance Monitoring
• How is the WAN link performance
• Is your ISP delivering as per the SLA?
• Latency, Jitter, Packet loss, Availability
?
?
?
Growing number of Security Threats
70's 80's 1990 1995 2000 2011
Threats
Threats
A Network Admin ’s Wish List
Growing number of Security Threats
• Is my Network Secure? Are the current firewall rules sufficient?
• Track network anomalies that may have bypasses firewalls
• Is your network under attack? Is there a virus spreading or maybe a DDoS attack?
A Network Admin ’s Wish List
Cisco’s Flexible NetFlow
• Primary IP Traffic accounting technology
• Reports on Who, What, When and Where of traffic
• Helps understand traffic pattern, applications used, top talkers and much more
What Cisco has to help you
Used for Visualizing Traffic Patterns Helps in - Bandwidth Monitoring - Traffic Analytics - Capacity Planning Less strain on Device CPU, Memory as well as Link Bandwidth
?? ?? ?? ?? UDP TCP ?? ?? TCP
Source Interface (ifindex)
Protocol
Source IP Address
Destination IP Address
Source Port
Destination Port
ToS
What Cisco has to help you
What is Flexible NetFlow
Cisco Flexible NetFlow
• Uses NetFlow v9 - Allows user defined Key and Non-Key Fields
• Highly flexible flow export options - Customized traffic monitoring
• Ability to monitor a wide range of IP packet information which traditional NetFlow did not have
Some Platforms and IOS with Flexible NetFlow
Cisco Flexible NetFlow
• Cisco ISR G1 - From 12.4(20)T IOS
• Cisco ISR G2 - All CCO Images
• Cisco 7200 - From 12.2(33)SRE
• Cisco ASR1K - From XE3.1 15.0(1)S
• Cisco CAT 4000 series - SUP Engine 7E
• Cisco CAT 6000 series - SUP 2T Earl8
NetFlow Performance Impact
CPU Utilization
• 10,000 active flows – 7.14 % additional CPU
• 65,000 active flows – 22.98 % additional CPU
Bandwidth Usage Estimate
• Around 2% to 3% additional bandwidth on the NetFlow enabled device
Cisco Flexible NetFlow
Application
Presentation
Session
Transport
Network
Data Link
Physical Data
Network Based Application Recognition - NBAR
Bitorrent, eDonkey, FTP, Kazaa, Skype, SIP
What Cisco has to help you
Network Based Application Recognition - NBAR
• Layer 7 traffic analytics
• Intelligent Application Categorization
• Detect Peer to Peer and dynamic port using applications
• Can work with CBQoS for custom traffic management
What Cisco has to help you
FTP
VoIP
Peer to Peer
Web
Class Based Quality of Service - CBQoS
What Cisco has to help you
Internet Link
Web
FTP
Class Based Quality of Service - CBQoS
• Prioritize, limit, block or shape IP traffic
• Drop unwanted traffic – Peer to Peer, IM, etc
• Ensure delivery of business critical applications
What Cisco has to help you
Cisco IPSLA – IP Service Level Agreement
• Monitor performance – packets reach destination, link performance, availability ?
• RTT, latency, jitter, packet loss, etc
• Verify if the ISP is delivering as promised
• Can the link can deliver your data to the destination
• Can the link carry VoIP traffic ?
What Cisco has to help you
Cisco NetFlow For Security Analytics
• Valuable information about IP traffic patterns
• Identify network anomalies, DDoS attacks, spread of malware or viruses
• Details of attack – Offender, Target, Path…
• Helps mitigate attacks that surpasses firewalls and IDS
What Cisco has to help you
NetFlow Analyzer leverages on Cisco
• Uses NetFlow data for bandwidth and traffic analysis.
• Visualize traffic pattern with real time graphs.
• Traffic analytics with application and conversation report.
• Trend analysis for Capacity Planning.
Comprehensive understanding of the Network using Cisco NetFlow
NetFlow Analyzer leverages on Cisco
• Uses NetFlow data for bandwidth and traffic analysis.
• Visualize traffic pattern with real time graphs.
• Traffic analytics with application and conversation report.
• Trend analysis for Capacity Planning.
Comprehensive understanding of the Network using Cisco NetFlow
NBAR – Network Based Application Recognition
NetFlow Analyzer leverages on Cisco
• Deep packet – Layer 7 Traffic Analysis
• NBAR reporting via SNMP as well as Flexible NetFlow
• Identify hosts involved in Peer to Peer Traffic
Class-Based QoS reporting
NetFlow Analyzer leverages on Cisco
• Validate QoS polices
• Monitor Class based pre and post policy traffic usage Class based drops Class based queuing
• Reports for each Match Statement
Cisco IPSLA – VoIP Monitoring
How NetFlow Analyzer leverages on Cisco
• VoIP performance analysis using Cisco IPSLA
• Reports on : Jitter Latency Packet Loss Mean Opinion Score - MoS
• Compare VoIP reports and Interface level NetFlow reports
• Identify reason for VoIP quality degradation
Cisco IPSLA – WAN RTT Reports
How NetFlow Analyzer leverages on Cisco
• Link performance analysis using Cisco IPSLA
• For data packets, reports on : Jitter and Latency Packet Loss and Round Trip Time Link Availability
• View least performing paths and find which of your links do the worst
• Prevent possible network issues from becoming an outage
NetFlow Analyzer leverages on Cisco
Flow based security analytics
• Network anomaly detection leveraging on NetFlow data
• Detect anomalies that surpass firewalls and IDS
• Anomaly classification based on Offender, Target, Path and Problem
• Real time threat detection using Continuous Stream Mining Engine
Conclusion
• Throwing more bandwidth does not always improve performance
• Utilize technologies available on your Cisco device
Find bandwidth used by business critical applications
NBAR – A hidden technology with wide uses
Use QoS to the fullest and ensure they work as expected
IPSLA monitoring to measure performance of data and voice
Get a 3rd layer of security beyond firewalls and IDS
• Use a tool that can leverage on all these technologies – ManageEngine NetFlow Analyzer is one
Questions?
ManageEngine NetFlow Analyzer is used by over 4000 customers worldwide. Visit our website for details:
www.manageengine.com www.netflowanalyzer.com [email protected] [email protected]