Cisco Prime Virtual Network Analysis Module (vNAM)

Cisco Prime Virtual Network Analysis Module FAQ

  • Viewing Options

  • PDF (260.0 KB)
  • Feedback

General Overview

Q.    Why is Cisco introducing the Cisco Prime Virtual Network Analysis Module (vNAM)?
A.     The dynamic nature of today's data center and cloud creates an urgent need for IT departments to understand and maintain application and infrastructure availability and performance consistent with service-level objectives; today, changes to the network are more frequent and fluid, and users, now having more devices than ever, want to access applications wherever they are and when they need them. This new environment has made it even more important that applications continue to be delivered with a consistent, high-quality user experience no matter what, when, or where. Cisco Prime vNAM is designed to help IT departments accelerate the transition to this new reality. Its virtual footprint provides an easy-to-deploy solution to help IT departments rapidly view and tune network operations wherever required to respond to a constant stream of new demands on the network, while consistently maintaining a superior user experience.
Q.    How can Cisco Prime vNAM help IT departments?
A.     Cisco Prime vNAM delivers application visibility, comprehensive network analytics, and an intrinsic knowledge of the network. These features can empower IT departments to streamline network operations, increase agility in addressing new business requirements, and improve the way that the user experiences the applications that the network delivers. It can enable IT departments to:

   Monitor workloads in the multitenant cloud

   Understand traffic behavior within overlay technologies such as VXLAN, LISP, and OTV.

   Analyze network usage by application, host or virtual machine (VM), and conversation to identify bottlenecks that may affect performance and availability

   Troubleshoot performance problems combining detailed traffic flow and packet analysis, consistently across physical and virtual environments

   Validate infrastructure updates such as WAN optimization, Cisco TrustSec®, and quality-of-service (QoS) policy changes

   Take advantage of an integrated web-based interface to remotely manage a site, eliminating the need to backhaul the data to a centralized location, hence saving WAN bandwidth

Cisco Prime vNAM complements the rest of the Cisco Prime NAM portfolio to deliver consistent performance analytics across the network.
Q.    Where can IT departments deploy Cisco Prime vNAM?
A.     Because Cisco Prime vNAM is a virtual appliance, it offers outstanding deployment flexibility to extend visibility across desired observation points in the network. Example deployment scenarios are described here; however, Cisco Prime vNAM can be deployed almost anywhere as long as monitoring performance needs are less than 1 Gbps. If performance needs are higher, as may be typical in environments such as campus backbone and data center distribution networks, Cisco Prime NAM solutions are available to specifically address such requirements.

   Multitenant cloud: You can deploy an instance of Cisco Prime vNAM in each tenant network container to monitor the workload. Cisco Prime vNAM analyzes TCP-based interactions for the hosted workload, providing performance metrics such as transaction time, server response time, and application delay. Setting performance thresholds helps you proactively detect performance problems, troubleshoot application response time concerns, and reduce the mean time to repair. Cisco Prime vNAM also provides insight into network use by applications, top talkers, and conversations to help optimize utilization of the cloud infrastructure, including overlay technologies such as VXLAN and LISP.

   Remote site: Deployed at a remote site, Cisco Prime vNAM can help characterize the end-user experience, profile application traffic, and troubleshoot performance problems to cost effectively deliver services across Cisco® Borderless Networks. An integrated web-based interface allows administrators to access Cisco Prime vNAM remotely at any time and from anywhere to get a glimpse into the health of the network and applications. It eliminates the need to backhaul data to a centralized location for analysis. Cisco Prime vNAM monitors all traffic entering and leaving the remote site, providing information about which applications are consuming the most bandwidth, proactively identifying situations in which application performance is being affected, assessing whether control and optimization techniques are implemented effectively, and contextually troubleshooting performance problems.

   Wireless access: With the capability to decode the control and provisioning of wireless access points (CAPWAP) header, Cisco Prime vNAM deployed at a remote site or in the campus access layer can provide visibility into both wired and wireless access traffic. The network performance metrics can be analyzed using the built-in dashboards and workflows, and targeted packet captures can be performed to solve complex performance problems.

Technical Overview

Q.    What virtualization infrastructure can Cisco Prime vNAM be installed on?
A.     Cisco Prime vNAM can be installed on x86 platforms that support VMware ESXi, and kernel-based virtual machine (KVM) virtualization infrastructure. For system requirements, please refer to the Cisco Prime vNAM data sheet.
Q.    What management interfaces are available with Cisco Prime vNAMs?
A.     Cisco Prime vNAM can be accessed and managed through the following mechanisms:

   Telnet/SSH: Offers full access to the vNAM command-line interface (CLI) for configuration and management.

   Web Server (HTTP/HTTPS): Supports access to the vNAM GUI for configuration and management.

   VMware vCenter Console: Provides access to vNAM console (limited to single user session).

Q.    How does Cisco Prime vNAM gather information from the network?
A.     Cisco Prime vNAM supports a variety of data sources (Table 1) to gather information from the network. For example, Cisco Prime vNAM collects packets using mechanisms such as Switched Port Analyzer (SPAN), Remote SPAN (RSPAN), Encapsulated RSPAN (ERSPAN), and traffic flow information using NetFlow Data Export (NDE) from network devices. Cisco Prime vNAM processes the information, extracts relevant details, computes performance analytics, and stores the data in the built-in performance database. The database provides valuable insights about voice, video, and data traffic; VLANs; VXLANs; overlay transport virtualization (OTV); differentiated services (DiffServ); hosts; conversation pairs; application use; and so on.
This information is presented in the Cisco Prime vNAM GUI with easy-to-navigate interactive reports. In addition to the computed analytics, Cisco Prime vNAM can store packet captures, which allows you to solve complex application performance problems.

Table 1.       Cisco Prime vNAM Data Sources

Traffic Source



Using the SPAN, RSPAN, and ERSPAN capabilities of Cisco network devices, traffic from ports and VLANs can be mirrored to the vNAM. RSPAN allows traffic to be collected from other RSPAN-enabled devices in the same VLAN Trunk Protocol (VTP) domain. ERSPAN allows traffic to be sent to the NAM using generic routing encapsulation (GRE) tunnels from a Layer 3 network.

Promiscuous mode (with VMware vSwitch)

Using the promiscuous mode configured at the virtual switch or port group level in vSphere ESXi, monitor the traffic traversing the virtual switch as per the defined VLAN policy.

VLAN access control lists (VACLs)

The vNAM uses VACLs to capture, or filter, selected VLANs and WAN traffic (on Cisco IOS® Software devices only) to the vNAM ports. Additional filtering rules can be applied to target specific data flows. The vNAM must be specified as the capture destination for VACL entries when configuring the local supervisor.


Cisco NetFlow Data Export records offer an aggregate view of the network traffic. When enabled on network devices, Cisco Prime vNAM can be configured as the destination.

Cisco Wide Area Application Services (WAAS)

The vNAM uses the built-in instrumentation of Cisco WAAS to gather information about the optimized and pass-through traffic. Deployed in the data center, the vNAM provides end-to-end application performance visibility in a Cisco WAAS environment. The vNAM measures application response time, transaction time, bandwidth use, and LAN and WAN data throughput to accurately monitor and quantify the effect of Cisco WAAS optimizations. Deployed at the remote site, the vNAM offers insight into the effect of Cisco WAAS optimization from the client perspective.

Cisco Performance Agent

Cisco Performance Agent deployed at the remote sites extends performance visibility across Cisco Borderless Networks. Cisco Performance Agent is a licensed feature of Cisco IOS Software introduced in Cisco IOS Software Release 15.1(4)M and is supported on Cisco Integrated Services Router Generation 2 (ISR G2) and Cisco 880 and 890 router platforms.

Q.    How is Cisco Prime vNAM Software secured?
A.     Cisco Prime vNAM can be secured with up to 256-bit encryption. Cisco Prime vNAM also supports role-based user authorization and authentication locally or using TACACS+.
Q.    Where can I find more details on Cisco Prime Virtual NAM software features?
A.     Cisco Prime Virtual NAM has been introduced starting with NAM software version 6.0. More details on the software features can be obtained from the Cisco Prime NAM Software version 6.0 datasheet and Q&A documents.

Reporting and Management

Q.    What integration mechanisms does Cisco Prime vNAM offer?
A.     Cisco Prime vNAM offers a REST/XML API to allow an external application to configure various capabilities in the vNAM and extract the computed analytics in real time for consumption as part of external management workflows.
Q.    How can Cisco Prime Virtual NAMs be centrally managed?
A.     Cisco Prime Infrastructure offers centralized management of NAMs deployed across the network. It provides functions such as inventory, configuration, and image and fault management. It can also roll up the performance intelligence from NAMs deployed across the network into a consolidated dashboard.

Ordering and Licensing

Q.    How is the Cisco Prime vNAM licensed?
A.     Cisco Prime vNAM licensing is tied to the traffic monitoring throughput. The vNAM licenses (perpetual) are available for monitoring up to 1 Gbps traffic. Please refer to the Cisco Prime vNAM datasheet for details on vNAM licensing and traffic monitoring throughput.
Q.    Where can I download the Cisco Prime vNAM for evaluation?
A.     The Cisco Prime vNAM can be downloaded from Cisco Promotional Software Store. It includes a 60-day evaluation license. The traffic monitoring performance of evaluation license is limited to 100 Mbps.
Q.    What are the part numbers for Cisco Prime vNAM?
A.     For ordering information, please refer to the Cisco Prime vNAM data sheet.
Q.    Where can I find additional information about Cisco Prime vNAM?
A.     For more information about Cisco Prime vNAM, please visit or contact the NAM product marketing group at