release notes for nbar2 protocol pack 19.1.0 for cisco ... ·...

of 12 /12
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers Overview, on page 2 Supported Platforms, on page 3 New Protocols in NBAR2 Protocol Pack 19.1.0, on page 4 Updated Protocols in NBAR2 Protocol Pack 19.1.0, on page 5 Deprecated Protocols in NBAR2 Protocol Pack 19.1.0, on page 8 Caveats in NBAR2 Protocol Pack 19.1.0, on page 9 Downloading NBAR2 Protocol Pack 19.1.0, on page 11 Special Notes and Limitations, on page 12 Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers 1

Author: others

Post on 24-Sep-2020

11 views

Category:

Documents


0 download

Embed Size (px)

TRANSCRIPT

  • Release Notes for NBAR2 Protocol Pack 19.1.0for Cisco Wireless Controllers

    • Overview, on page 2• Supported Platforms, on page 3• New Protocols in NBAR2 Protocol Pack 19.1.0, on page 4• Updated Protocols in NBAR2 Protocol Pack 19.1.0, on page 5• Deprecated Protocols in NBAR2 Protocol Pack 19.1.0, on page 8• Caveats in NBAR2 Protocol Pack 19.1.0, on page 9• Downloading NBAR2 Protocol Pack 19.1.0, on page 11• Special Notes and Limitations, on page 12

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers1

  • OverviewNBAR2 Protocol Pack 19.1.0 provides classification improvements and bug fixes.

    • Early DNS decision: Uses DNS traffic to learn server IP addresses and efficiently classify future flowsfrom the first packet.

    • New protocols: Mongo and OCSP

    • Fixed a DNS socket cache issue to resolve DNS customization issue CSCuz39567.

    • Enhanced Web Classification feature supporting multi-transactions export of URLs.

    • Automatic Local Services Discovery feature.

    As a part of this feature, to handle business-relevant generic local network traffic, two protocols areadded:

    • http-local-net

    • ssl-local-net

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers2

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersOverview

    https://tools.cisco.com/bugsearch/bug/CSCuz39567

  • Supported PlatformsNBAR2 Protocol Pack 19.1.0 is supported on the following platforms:

    • Cisco 5508 Wireless Controller

    • Cisco 5520 Wireles Controller

    • Cisco Flex 7500 Series Wireless Controllers

    • Cisco 8510 Wireless Controller

    • Cisco 8540 Wireless Controller

    • Cisco Wireless Services Module 2 (WiSM2)

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers3

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersSupported Platforms

  • New Protocols in NBAR2 Protocol Pack 19.1.0The table below lists the new protocols added in NBAR2 Protocol Pack 19.1.0 (protocols added since 14.0.0).

    Long DescriptionCommon NameProtocol Name

    Mongo is a leading NoSQL database designed with bothscalability and developer agility in mind. Instead of storingyour data in tables and rows as you would with a relationaldatabase, MongoDB stores JSON-like documents withdynamic schemas.

    Mongomongo

    OCSP - Online Certificate Status ProtocolOCSPocsp

    Local network generic HTTP traffic.Local Net HTTPhttp-local-net

    Local network generic SSL traffic.Local Net SSLssl-local-net

    Online data backup software. Silently and continuouslybacks up end-user data for complete visibility and controlon a single, secure platform.

    Crashplancrashplan

    Cisco Collaboration Media - Voice, video, and desktopsharing by various CiscoUnified Communications clients.

    Cisco CollaborationMedia

    cisco-collaboration

    Cisco Spark - unified communications client and SaaSwith mobile team communication: group chat, privatechat, video calls with screen sharing, and file sharing.

    Cisco Sparkcisco-spark

    Hypertext Transfer Protocol Secure (HTTPS)Hypertext TransferProtocol Secure(HTTPS)

    https

    Pearson - education content provider.Pearsonpearson

    Statistical Conference Audio based on machine learning.Statistical ConferenceAudio

    statistical-conf-audio

    Statistical Conference Video based on machine learning.Statistical ConferenceVideo

    statistical-conf-video

    Statistical Download based on machine learning.Statistical Downloadstatistical-download

    Statistical Peer-To-Peer based on machine learning.Statistical Peer-To-Peerstatistical-p2p

    Wi-Fi Calling uses WiFi to provide better mobile phonecoverage for a mobile carrier.

    Wi-Fi Callingwifi-calling

    Microsoft Services is a set of tools, APIs and web servicesused by Microsoft applications.

    Microsoft Servicesms-services

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers4

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersNew Protocols in NBAR2 Protocol Pack 19.1.0

  • Updated Protocols in NBAR2 Protocol Pack 19.1.0The table below lists the protocol(s) updated in NBAR2 Protocol Pack 19.1.0 (protocols updated since 14.0.0).

    UpdatesProtocol

    Updated signaturescisco-jabber-audio

    Updated signaturescisco-jabber-control

    Updated signaturescisco-jabber-video

    Updated signaturescisco-phone-audio

    Updated signaturescisco-phone-video

    Updated signaturesdns

    Updated signaturesexchange

    Updated signatureshttp-local

    Updated signatureshttp

    Updated signaturesmysql

    Updated signaturessecondlife

    Updated signaturesssl-local

    Updated signaturesteredo-ipv6-tunneled

    Updated signaturesvmware-vsphere

    Updated signatureswebthunder

    Updated signaturescisco-collaboration

    Updated signaturescisco-jabber-audio

    Updated signaturescisco-jabber-control

    Updated signaturesconnected-backup

    Updated signaturesexchange

    Updated signaturesms-lync

    Updated signaturesms-services

    Updated signaturesms-wbt

    Updated signaturesmysql

    Updated signaturesnetflix

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers5

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0

  • UpdatesProtocol

    Updated signaturesoracle-sqlnet

    Updated signaturespearson

    Updated signaturesperforce

    Updated signaturesrtp-audio

    Updated signaturesrtp-video

    Updated signaturessecure-imap

    Updated signaturessecure-pop3

    Updated signaturessecure-smtp

    Updated signaturessqlserver

    Updated signaturesssl

    Updated signaturestelepresence-control

    Updated signaturestelepresence-media

    Updated signaturesteredo-ipv6-tunneled

    Updated signaturesvnc

    Updated signatureswindows-azure

    Updated signaturesaol-messenger

    Updated signaturescapwap-control

    Updated signaturescapwap-data

    Updated signaturescisco-jabber-control

    Updated signaturescitrix

    Updated signaturesgmail

    Updated signaturesgoogle-services

    Updated signaturesh323

    Updated signaturesip-messenger

    Updated signaturesms-lync

    Updated signaturesms-office-365

    Updated signaturesms-services

    Updated signaturesopenvpn

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers6

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0

  • UpdatesProtocol

    Updated signaturesoracle-sqlnet

    Updated signaturesperforce

    Updated signaturesskype

    Updated signaturessocks

    Updated signaturesteamviewer

    Updated signaturesventrilo

    Updated signaturesvmware-vsphere

    Updated signatureswhatsapp

    Updated signatureswindows-azure

    Updated signatureswindows-update

    Updated signaturesxbox-web-portal

    Updated signaturesxunlei-kankan

    Updated signaturesdropbox

    Updated signaturesitunes

    Updated signaturesms-live-accounts

    Signatures were updated to support the Skype business clientms-lync

    Signatures were updated to support the Skype business clientms-lync-audio

    Signatures were updated to support the Skype business clientms-lync-video

    Signatures were updated to support Cisco Telepresence MX300telepresence-media

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers7

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0

  • Deprecated Protocols in NBAR2 Protocol Pack 19.1.0In this release, the following protocol has changed status to deprecated:

    • secure-http

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers8

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersDeprecated Protocols in NBAR2 Protocol Pack 19.1.0

  • Caveats in NBAR2 Protocol Pack 19.1.0

    If you have an account on Cisco.com, you can view information on select caveats, using the Bug Search Tool( https://tools.cisco.com/bugsearch/search).

    Note

    Resolved Caveats in NBAR2 Protocol Pack 19.1.0

    The following table lists the caveats resolved in NBAR2 Protocol Pack 19.1.0 (since 14.0.0):

    DescriptionResolved Caveat

    DNS customization does not work under some conditionsCSCuz39567

    Changed teredo to generic protocolCSCuy06350

    mysql traffic is mis-classified as webthunderCSCuy09714

    RTP audio traffic is mis-classified as Second LifeCSCuy11306

    RTP-based mis-classifications: Cisco collaboration and vanilla rtpCSCux74649

    Amazon-web-services traffic is classified as SSLCSCuy68203

    Fix CLI chopped protocol names.CSCux67672

    Some cisco-jabber traffic may not be classified (in Protocol Pack 14.0.0)CSCux81395

    Traffic from Polycom device may be misclassified as cisco-jabber-audioCSCux62325

    Traffic generated by SIP based protocols (such as telepresence) might be classifiedas RTP

    CSCuu61615

    Traffic generated by capwap-data protocol might be misclassifiedCSCuu99278

    Traffic generated by Cisco Telepresence MX300 might be misclassified as RTPCSCuv56693

    Known Caveats in NBAR2 Protocol Pack 19.1.0

    The following table lists the known caveats in NBAR2 Protocol Pack 19.1.0 (since 14.0.0):

    DescriptionKnown Caveat

    PCoIP session-priority configuration limitation.CSCuh49380

    Segmented packets are not classified when using NBAR sub classification.CSCuh53623

    IPv4 bundles might be used in IPv6 traffic.CSCun61772

    CPUHOGmessage appears when loading Protocol Pack on Cisco ISR 800 Seriesrouters

    CSCuz48467

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers9

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersCaveats in NBAR2 Protocol Pack 19.1.0

    https://tools.cisco.com/bugsearch/searchhttps://tools.cisco.com/bugsearch/bug/CSCuz39567https://tools.cisco.com/bugsearch/bug/CSCuy06350https://tools.cisco.com/bugsearch/bug/CSCuy09714https://tools.cisco.com/bugsearch/bug/CSCuy11306https://tools.cisco.com/bugsearch/bug/CSCux74649https://tools.cisco.com/bugsearch/bug/CSCuy68203https://tools.cisco.com/bugsearch/bug/CSCux67672https://tools.cisco.com/bugsearch/bug/CSCux81395https://tools.cisco.com/bugsearch/bug/CSCux62325https://tools.cisco.com/bugsearch/bug/CSCuu61615https://tools.cisco.com/bugsearch/bug/CSCuu99278https://tools.cisco.com/bugsearch/bug/CSCuv56693https://tools.cisco.com/bugsearch/bug/CSCuh49380https://tools.cisco.com/bugsearch/bug/CSCuh53623https://tools.cisco.com/bugsearch/bug/CSCun61772https://tools.cisco.com/bugsearch/bug/CSCuz48467

  • DescriptionKnown Caveat

    (Applies only to Cisco IOS XE 3.16.1S Version 15.5(3)S1, and IOS Version15.5(3)M1)

    Microsoft Lync audio/video is not classified correctly in some cases.

    If your organization uses Microsoft Lync and one of these releases, it is notrecommended to upgrade to Protocol Pack 16.0.0. Use a later release (such as3.16.2S and above) for full Protocol Pack 16.0.0 support of Microsoft Lyncaudio/video.

    CSCux33859

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers10

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersCaveats in NBAR2 Protocol Pack 19.1.0

    https://tools.cisco.com/bugsearch/bug/CSCux33859

  • Downloading NBAR2 Protocol Pack 19.1.0NBAR2 Protocol Packs are available for download on the Cisco.com software download page(http://www.cisco.com/cisco/software/navigator.html). On the download page, specify a platform model todisplay software available for download. One software option will be NBAR2 Protocol Packs.

    Example

    To display protocol packs available for the Cisco ASR 1001 platform, the navigation path is:

    Products > Routers > Service Provider Edge Routers > ASR 1000 Series Aggregation Services Routers >ASR 1001 Router

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers11

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersDownloading NBAR2 Protocol Pack 19.1.0

    http://www.cisco.com/cisco/software/navigator.html

  • Special Notes and LimitationsSpecial Note or LimitationProtocol Name

    Login and a few encrypted sessions are classified as iTunes.apple-app-store

    HTTP traffic generated by the bitcomet bittorrent client might be classifiedas HTTP.

    bittorrent

    For capwap-data to be classified correctly, capwap-control must also beenabled.

    capwap-data

    Cisco WLC upgraded to NBAR Protocol Pack 24 resolves trafficclasification issues faced using PP 19.1.

    cisco-phone

    Cisco WLC upgraded to NBAR Protocol Pack 24 resolves trafficclasification issues faced using PP 19.1.

    cisco-jabber-audio

    During configuring QoS class-map with ftp-data, the FTP protocol mustbe selected. As an alternative, the FTP application group can be selected.

    ftp

    Encrypted video streaming generated by hulu may be classified as itsunderlying protocol rtmpe.

    hulu

    Traffic generated by the logmein android app may be classified incorrectlyas ssl.

    logmein

    Login and chat traffic generated by the ms-lync client may be classifiedincorrectly as ssl.

    ms-lync

    Traffic generated by pcanywhere for mac may be classified as unknown.pcanywhere

    Some perfect-dark sessions may be classified as unknown.perfect-dark

    Login to QQ applications which is not via the internet may not be classifiedas qq-accounts.

    qq-accounts

    Voice traffic generated by secondlife may be classified incorrectly as ssl.secondlife

    The Sub Classification (SC) mechanism was modified to include searchfor wildcard.

    The SC rule for the part of the Server Name Indication (SNI) orthe common name (CN) can now include a wildcard. If awildcard is not used, the complete SNI or the CN is required.

    For example, you can either use, "*.pqr.com" or "abc.pqr.com"to classify abc.pqr.com.

    Note

    ssl

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers12

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersSpecial Notes and Limitations

    Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersOverviewSupported PlatformsNew Protocols in NBAR2 Protocol Pack 19.1.0Updated Protocols in NBAR2 Protocol Pack 19.1.0Deprecated Protocols in NBAR2 Protocol Pack 19.1.0Caveats in NBAR2 Protocol Pack 19.1.0Downloading NBAR2 Protocol Pack 19.1.0Special Notes and Limitations