The Access Visibility Control

Published Date: 02 Nov 2017

Access visibility control is a Cisco proprietary and it’s a technique which can be implemented in an network to control the bandwidth utilization of various applications. In the recent years the number of new application have grown exponentially and its increasing day by day. These applications are categorized in two different types of networks. Some belong to private cloud and the rest belong to the public cloud network. AVC can be used in an network to monitor applications and their response time and usage and can be used to export information to the network administrator. Based upon these facts one can prioritize the applications based upon how important is bandwidth for a particular application. AVC is based upon layer 7 mechanisms where a network traffic can be matched with an application not only with their port number, but also with deep pack inspection of packets it can monitor the packet flow and can extract the application id’s from which it will help to identify which application is using more bandwidth. This will help to reduce congestion and can improve the efficiency of the network for important business applications

2 Network Analysis:

Network in an organization can be analyzed in different ways. Network monitoring tools can be installed in various parts of a network and can help to produce reports based on the information collected. Due to various applications used by end users the network bandwidth will not be used efficiently, because there are number of important applications which require more bandwidth than other applications. Cisco has introduced application visibility control technique to assign more bandwidth for high priority applications.

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-05 at 8.16.23 PM.png

Fig 1 : Analysis of a network by network monitoring tool.

From the above figure we can see that the total number of ports monitored in an network. Network monitoring tool helps to find the bandwidth usage of applications with the help of their port numbers . Due to the many number of applications which have been increased in the recent years it doesn’t help an network administrator to find which application in particular is using more number of bandwidth since the monitoring tools are not based upon the layer 7 mechanisms.

2 Application Trends

2.1 Increased number of applications:

There are two categories of applications based upon its priority in an network. They are classified as:

Guest level applications.

Business level applications.

2.2 Guest level applications.

Users in an network use both the applications. Some of the guest level applications are

You Tube

Bit Torrent

Skype

Netflix

These type of applications can use more bandwidth by downloading data from the internet and can affect the performance of the business level applications.

2.3 Business level applications:

These are the applications which are owned by an organization for official purposes. Some of the high priority application used in various networks are:

Cisco Webex

Sap

Oracle

Sharepoint

Microsoft Exchange

Instead of analyzing applications based upon its port number there must be another way to look deeper into the network traffic and analyzing the traffic. AVC is a solution for this issue as it not only analysis the network traffic, but it also helps to control the bandwidth of the network by identifying the applications using more bandwidth based upon the layer 7 mechanism which wasn’t implemented in other network monitoring tools.

3 Network problems and Solutions :

There are various problems associated with a network . Based upon the bandwidth usage of a network it can be differentiated from other network problems. They are

Network congestion

Increased application response rate

Decrease in network efficiency

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-05 at 9.05.46 PM.png

Fig 2 : Traffic associated with only port numbers.

Various network tools deployed in an network classify traffic in an network based upon port numbers. The increased number of applications have added more complexity to this issue. As a result bandwidth related with various applications can only be tried to match with associated port numbers.

3.1 Solutions

In most of the organizations Cisco’s devices are used. To overcome this problem Cisco have come up with a solution called Application visibility control. A networks efficiency can be increased by not increasing the bandwidth of a network, but the available bandwidth can be controlled efficiently. Network efficiency cannot be achieved by just blocking a port number resulting in blocking an application completely. Instead of just stopping an application traffic can be monitored and if a low priority application uses more bandwidth, then less bandwidth can be assigned to that particular application, so that it will not affect the efficiency of the network. This would be more appropriate if it could be implemented in routers and that is where AVC mechanism comes into action.

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-05 at 10.54.33 PM.png

Fig 3 : Implementation of AVC in a network.

The red arrows in the above figure indicates the positions where AVC can be installed. The ASR 1000 and ISR G2 series routers can support this mechanism.

4 NBAR & NBAR 2:

NBAR stands for Network based application recognition. It is a classification engine in Cisco’s IOS which can classify applications based upon the port numbers, protocol which it uses by deep packet inspection and sub port classification.

NBAR 2 is called as next generation NBAR. It is a modified architecture of NBAR. An advanced classification technique is used in this new architecture. This new generation NBAR can identify evasive applications like skype, Facetime, Tor, cloud 365, ms-lync etc. It has the field extraction support which can extract pre- defined fields from packet headers and can export it via flexible net flow for reporting purposes.

4.1 Flexible Net flow:

At present Cisco uses traditional net flow and now it has introduced a new concept called flexible net flow. The disadvantage with traditional net flow is it has only fixed fields. It cannot transport additional information as in the case of AVC because in this technique additional information called application id is collected to recognize an application and its exported along with the other information.

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-06 at 6.07.52 AM.png

Fig 4 : Flexible net flow operating from Layer 2 through Layer 7.

As we can see from the above figure the Netflow at present does not operate at Layer 7 whereas flexible net flow works in conjunction with NBAR 2 to collect and export additional information such as an application id. The key fields in the Flexible net flow are unique. When a new packet comes in and when the information or the key field is different it will store the new data to collect information about that particular traffic flow.

5 AVC ( Application Visibility Control ) Mechanism.

AVC is installed in ASR 1000 and ISR G2 series routers in a network. The AVC mechanism consists of four steps. They are:

Application Recognition

Performance collecting & Exporting

Management tool

Control

5.1 Application Recognition:

This can be applied to QOS policies of a network and accordingly an application can be prioritized. NBAR2 is an embedded functionality in an IOS which extracts the information from traffic and recognizes applications. It uses deep packet inspection technology to extract the application id and can export them

5.2 Performance Collecting & Exporting

After collecting information from traffic flow it is sent towards a management tool using a standard format. It works in conjunction with Flexible net flow and NBAR 2 technique and with that the help of these it can collect information about application distribution, bandwidth usage , input and output interfaces, flow information etc. These information is collected at the application layer level (Layer 7) instead of just collecting at Layer 4 level.

5.3 Management tool

The NBAR ( Network based application recognition ) sends the report of various applications to a performance agent which acts as a monitoring tool. This tool checks and analyzes the application response time metrics which includes:

Number of retransmissions

Layer 7 throughput

Latency

Number of connections

5.4 Control

After collecting all the information and the performances about the application the Qos policies must be altered if performance of an application is to be increased. By shaping, prioritizing, and adjusting the policies bandwidth can be limited, burst can be reduced, latency can be minimized and traffic flow properties can be altered.

5.4.1 Controlled and Uncontrolled bandwidth usage:

When bandwidth of a network is not controlled all the bandwidth is utilized equally among all other applications and as a result of which efficiency for applications drops. Both business level and guest level applications will share almost the equal bandwidth.

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-06 at 6.02.06 AM.pngMacintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-06 at 6.02.34 AM.png

Fig 5 : Controlled & Uncontrolled bandwidth usage.

From the below figure we see that the bandwidth which is represented in yellow has more space than the others. This will result in high efficiency rate of business critical applications. Even though other applications tries to use the bandwidth, it will not be able to use more than what is assigned for it.

The graph in the following figure shows a difference in bandwidth usage of an application. After applying certain policies to Qos the bandwidth usage is reduce for applications.

Macintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-06 at 5.44.53 PM.pngMacintosh HD:Users:rosariorajkumarthobias:Desktop:Screen Shot 2013-03-06 at 5.45.21 PM.png

Fig 6 : Limited bandwidth usage.

Conclusion:

AVC helps to reduce congestion in a network and helps to identify evasive applications used by end users in a network. As a result of which bandwidth can be utilized in a useful manner. AVC not only helps in shaping the policies of a network, but it also helps network administrators to analyze a network completely and helps them to come to concrete solution instead of just approximate answers. Even though third part monitoring tools helps in maintaining a network this Cisco proprietary on the Cisco’s devices will combine to produce the best results in a network and can reduce the complexity in analyzing a network.