Q. What are Cisco
® Network Planning Solution (NPS) and Cisco Network Planning Solution-Service Provider (NPS-SP)?
A. Cisco NPS is a decision support tool that helps network planning, engineering, and operations organizations support growth, maintain network resiliency even during unplanned changes or failures, improve application and service continuity, plan for new technology deployments, and validate planned configuration changes. It uses a high-fidelity software model of the IT infrastructure, accurately simulating the behavior of routers, switches, protocols, and individual applications, to enable a broad scope of change impact ("what-if") analyses. Using current or projected traffic data, Cisco NPS automates network design and optimization to support the deployment of new applications and services and to help ensure efficient use of resources. Cisco NPS also incorporates a rules-based engine for configuration analysis, so that proposed changes can be validated prior to deployment.
The optional Cisco NPS-Network Validation Module (NPS-NVM) extends "what if" analysis to include validation of proposed configuration changes using a rules-based analysis engine and an extensive suite of configuration checks. Cisco Virtual Network Data Server (VNDS) is a complementary application that users may implement with Cisco NPS and Cisco NPS-SP to facilitate the creation of a high-fidelity network model based on configuration, topology, and traffic information. While Cisco VNDS is available optionally for Cisco NPS and Cisco NPS-SP, it is highly recommended for most large deployments and all service provider environments.
Cisco NPS-SP incorporates all the functionality of Cisco NPS and extends support to encompass service provider protocols and technologies, including MPLS, Intermediate System-to-Intermediate System (IS-IS), IPv6, Private Network-Network Interface (PNNI), and modeling of Cisco IOS XR Software-based devices. Cisco NPS-SP also includes Cisco NPS-NVM, which is optional for Cisco NPS.
Q. Why is Cisco VNDS no longer being offered as part of Cisco NPS?
A. Cisco VNDS is available separately in order to accommodate a broader range of operational models that may encompass implementing multiple instances of Cisco VNDS.
Q. Is Cisco IOS XR supported by Cisco NPS?
A. Cisco IOS XR (including Cisco 12000 XR and Cisco Carrier Routing System-1) is only supported in Cisco NPS-SP. Cisco VNDS is also required to collect Cisco IOS XR data.
Q. Is Cisco NPS part of the Cisco Network Application Performance Analysis Solution?
A. Yes. The Cisco Network Application Performance Analysis Solution redefines how enterprises can monitor and manage application performance and network services to support business initiatives. For more information about the Cisco Network Application Performance Analysis Solution, please visit
Q. What types of users will benefit from Cisco NPS and Cisco NPS-SP?
A. Cisco NPS is suitable for any medium-sized or large enterprise that operates an IP or ATM-based network to support critical business applications. It supports numerous planning and operational decision studies for network planning, operations, and engineering staff. Cisco NPS and Cisco NPS-SP are unique in their broad and detailed support for Cisco devices and configuration commands and their integrated modeling of IP (and ATM) networks.
Cisco NPS-SP is intended for network service providers. It supports numerous planning and operational decision studies for network planning, operations, and engineering staff. It provides the same functionality that is available with Cisco NPS, with additional support for service provider-class technologies and protocols such as MPLS, IS-IS, IPv6.
Q. What are some typical studies a user would perform with Cisco NPS and
A. Typical studies include:
• Visualizing and understanding connectivity, routing, and link utilization in the production network
• Planning network capacity, including projecting future traffic demands and automatically sizing links
• Assessing network survivability by predicting the impact of link, node, and resource group failures on application flows and link utilization
• Validating the integrity and effectiveness of a network change before deploying it, such as a configuration or topology change
• Planning for the deployment of new applications or technologies and services such as VPNs, voice over IP (VoIP), and others
• Developing and "testing" alternative strategies for network convergence, consolidation, and migration
• Visualizing the Services Layer, mapped to the underlying network infrastructure
• Cisco NPS-SP enables planning for MPLS networks, including the initial deployment of MPLS Traffic Engineering, MPLS-based VPNs, VPLS, and IPv6.
Q. What technologies and protocols do Cisco NPS and Cisco NPS-SP support?
A. They enable modeling of hundreds of technologies and protocols. The following is a partial list, featuring primary examples:
• IP, ATM, Frame Relay
• Interior Gateway Routing Protocol (IGRP), Enhanced IGRP (EIGRP), Open Shortest Path First (OSPF), I-BGP, E-BGP, Routing Information Protocol (RIP), RIP Next Generation
• Ethernet, Gigabit Ethernet, Spanning Tree Protocol, Token Ring, SONET, Fiber Distributed Data Interface (FDDI), VLAN, VPN, Virtual Private LAN Services (VPLS), and more
• IPv4, IP Multicast, Internetwork Packet Exchange (IPX) protocol, Hot Standby Router Protocol (HSRP)
• Quality of service (QoS)-Committed access rate (CAR)/Policing, Custom Queuing, Distributed Weighted Fair Queuing (DWFQ), Class-Based Weighted Fair Queuing (CBWFQ), Deficit Weighted Round Robin (DWRR), Modified Deficit Round Robin (MDRR), Modified Weighted Round Robin (MWRR), FIFO, Low Latency Queuing (LLQ) with Rate Limit, Marking, Priority Queuing, Random Early Detection (RED), and Weighted RED (WRED)
• VoIP, HTTP, FTP, Telnet, e-mail, video, others
With Cisco NPS-SP, the following additional features are supported:
• Cisco IOS XR Software modeling (Cisco VNDS is an additional requirement)
• IPv6 and PNNI
Q. How is the software model of a network created?
A. The model of an existing network can be created automatically through the Cisco VNDS. For a relatively simple network, you can create a model by importing static Cisco device-configuration files. ATM network configuration information can be imported through ASCII files. You can also use the GUI to create a model.
Q. How can I apply changes to the network model to analyze impact?
A. You can apply modifications to an existing network through the GUI. The configuration of Cisco devices in the model can also be modified using a "virtual" command-line interface (CLI). The model can also be "updated" by incrementally importing new or revised Cisco configuration files that contain the changes to be analyzed.
Q. How do Cisco NPS and Cisco NPS-SP support network security?
A. Cisco NPS and Cisco NPS-SP support network security through configuration analysis and validation, with more than 150 rules for security-related issues. It includes rule suites for authentication, authorization, and accounting (AAA), Kerberos Protocol, RADIUS, TACACS+, Simple Network Management Protocol (SNMP), system logging, device administration, and others. An automated Port Scan analysis performs a non-intrusive vulnerability assessment. Unlike typical online vulnerability testing, a Port Scan analysis can be conducted under simulated failure conditions to help ensure that the backup network configuration is secure.
Q. Are Cisco NPS and Cisco NPS-SP based on solutions from OPNET Technologies?
A. Yes, Cisco NPS is based on OPNET applications and modules to provide comprehensive network planning and operations support.
Q. With what other Cisco products do Cisco NPS and Cisco NPS-SP integrate?
A. Cisco NPS and Cisco NPS-SP use the Cisco VNDS to obtain network data automatically through Telnet/Secure Shell (SSH) Protocol and SNMP from Cisco routers (running Cisco IOS Software and Cisco ISO XR Software), Cisco Catalyst
® switches (running Catalyst OS, Cisco IOS Software), and the Cisco PIX
® security appliance. Data can be imported from CiscoWorks LAN Management Solution (LMS), including CiscoWorks Resource Manager Essentials and CiscoWorks Campus Manager, and CiscoWorks Network Compliance Manager for supported devices, as well as Cisco WAN Manager for wide-area ATM switches. Traffic data can be imported from Cisco CNS Netflow Collection Engine.
The Cisco VNDS can be configured to integrate with CiscoWorks Resource Manager Essentials, CiscoWorks Network Compliance Manager, and Cisco Info Center to obtain real-time awareness of network events that may indicate a configuration change, and automatically update its data for the affected devices. For topology and configuration information, the Cisco VNDS will automatically reconcile conflicting or overlapping data based on user-configurable priorities.
Cisco NPS and Cisco NPS-SP can also integrate with Cisco Application Analysis Solution (AAS). Cisco AAS is a software application that provides a detailed, quantitative understanding of the complex interactions among applications, servers, and networks to efficiently and cost-effectively deploy and support networked applications. Application flows that have been captured, profiled, and analyzed in Cisco AAS can be imported into Cisco NPS and Cisco NPS-SP to perform detailed network planning to support the target application, including capacity, QoS, and resiliency.
Q. Do Cisco NPS and Cisco NPS-SP provide multiple-vendor device support? How does this support differ from support for Cisco devices?
A. Cisco NPS and Cisco NPS-SP support Check Point, Extreme, Foundry, Juniper, Nokia, Nortel, Riverstone, and Tellabs devices. In every case, support is more robust for Cisco devices. That is, the scope of supported configuration commands and device attributes is significantly broader for Cisco devices.
Installation and Implementation
Q. Do multiple concurrent users require more than one license?
A. Yes. Concurrent users require an equivalent number of Cisco NPS licenses. Alternatively, multiple users may share a single license for Cisco NPS but not concurrently. A license server allows each user to "check out" a license on an as-needed basis and return it automatically when completed.
Q. What is the difference between a restricted license for Cisco NPS or Cisco NPS-SP and an unrestricted license?
A. The restricted license confines use within a single IP network by default subnet class. The unrestricted license offers the most flexibility for organizations that operate multiple IP networks. Licenses can be accessed by users of workstations on the same IP network as the license server and up to 100 additional IP networks. Users must maintain connectivity to the designated IP networks in order to use each license.
Q. What are the various licensing options?
A. Cisco NPS and Cisco NPS-SP obtain a license from a license server at the time of startup. The product is implemented on a user desktop. The license server can be implemented on the user desktop as well, if the license is not intended to be shared among multiple users. Alternatively the license can be shared from a license server accessible to all the intended users. Only a single user at a time can "check out" a license. Multiple licenses are required for multiple concurrent users.
Q. Is a separate license required for Cisco NPS-NVM?
A. Yes. Installation requires a separate license for Cisco NPS-NVM as well as a license for the underlying Cisco NPS software.
Q. What skill level is required to implement and use Cisco NPS or Cisco NPS-SP?
A. A basic working understanding is required of the network technologies, protocols, and devices that are to be analyzed in Cisco NPS, such as IP/ATM; EIGRP, IGRP, OSPF, BGP, and others; and routers, switches, and firewalls. In general, enough expertise is required to understand what types of questions or studies are reasonable-for example, how OSPF link weight metrics might be changed to achieve a particular operational objective to "test" these in Cisco NPS or Cisco NPS-SP.
Cisco NPS actually provides an excellent training environment. It provides a better understanding of "real-world" network behavior, and accelerates learning for new technologies such as VPNs and VoIP by simulating their operational characteristics in the "virtual" network.
Q. How much time and effort is required to implement Cisco NPS or Cisco NPS-SP? Are professional services needed for implementation?
A. The time and effort required to implement the Cisco NPS or Cisco NPS-SP engine is small-very little "configuration" is required. Sample models and tutorials are provided to introduce users to the GUI, product features, scope of technology, and protocol support, and so on, thereby accelerating their "learning curve." Additionally, detailed methodology guides are included in the product documentation to walk the user through workflows and approaches for common analyses, such as network capacity planning. Professional services are not needed.
Q. How is the software model of a network created?
A. The model of an existing network can be created automatically through Cisco VNDS. This complementary product automatically maintains a detailed, near-real-time data model of the production network comprising configuration, topology, and traffic information. You can obtain data automatically directly from a broad scope of network devices using Telnet/ SSH Protocol and SNMP, including Cisco routers, Cisco CRS-1 Carrier Routing System (CRS), Cisco Catalyst switches, the Cisco PIX security appliance, and devices from many other vendors. You can import data from CiscoWorks LMS (including CiscoWorks Resource Manager Essentials and CiscoWorks Campus Manager) for supported devices and CiscoWorks Network Compliance Manager, as well as Cisco WAN Manager for wide-area ATM networks. Topology data can be imported from Cisco Connectivity Center, HP OpenView NNM, SMARTS InCharge, and others. Alternatively, integrated Layer 2 and Layer 3 connectivity can be inferred automatically by analyzing neighbor protocol information, content-addressable memory (CAM) and Address Resolution Protocol (ARP) tables, and other sources. You can import traffic information from Cisco CNS NetFlow Collection Engine or a broad scope of third-party tools. The Cisco VNDS can also poll devices directly for baseline interface utilization statistics.
Q. How is Cisco VNDS licensed?
A. Cisco VNDS operates automatically, rather than being operated by multiple users. It is essentially licensed per instance. It is recommended that the license server be implemented on the same platform as Cisco VNDS for availability reasons.
Q. How much time and effort is required to implement Cisco VNDS? Are professional services needed for implementation?
A. Cisco VNDS is integrated with the production network and management environment and requires thoughtful planning, some assessment and configuration of target data sources to enable integration, custom configuration of Cisco VNDS, and subsequent validation of the end-to-end workflow. Troubleshooting is often required to resolve unanticipated issues that result from target devices or network management platforms not being configured properly, device credentials being inaccurate, source data being unreliable, and so on.
Cisco VNDS requires professional services to accelerate solution deployment. Engagements vary, depending on the scope and complexity of the target network and data sources, but are typically two to four weeks long. These services are priced, contracted, and delivered separately.