Cisco Wide Area Application Services Configuration Guide (Software Version 4.0.19)
Default Application Policies
Downloads: This chapterpdf (PDF - 174.0KB) The complete bookPDF (PDF - 7.67MB) | Feedback

Default Application Policies

Table Of Contents

Default Application Policies


Default Application Policies


The WAAS software includes more than 150 default application policies that help your WAAS system classify and optimize some of the most common traffic on your network.

Table A-1 lists the default applications and classifiers that WAAS will either optimize or pass through based on the policies that are provided with the system.

Before you create a new application policy, we recommend that you review the default policies and modify them as appropriate. Often, you can more easily modify an existing policy than create a new one.

When reviewing Table A-1, note the following information:

The subheadings represent the application names, and the associated classifiers are listed under these subheadings. For example, Authentication is a type of application and Kerberos is a classifier for that application.

Applications with the word Monitored next to them are monitored by the WAAS Central Manager, which can only display statistics for 20 applications at a time. To view statistics for one of the unmonitored applications, use one of the following methods:

Use the WAAS CLI, which can display statistics for all applications on a WAAS device. For more information, see the Cisco Wide Area Application Services Command Reference.

Modify the application settings so the WAAS Central Manager GUI displays statistics for the desired application. For more information, see Chapter 12, "Configuring Application Acceleration."

The WAAS software uses the following optimization technologies based on the type of traffic that it encounters:

TFO (transport flow optimization)—A collection of optimization technologies such as automatic windows scaling, increased buffering, and selective acknowledgement that optimize all TCP traffic over your network.

DRE (data redundancy elimination)—A compression technology that reduces the size of transmitted data by removing redundant information before sending the shortened data stream over the WAN. DRE operates on significantly larger streams and maintains a much larger compression history than LZ compression.

LZ (compression)—Another compression technology that operates on smaller data streams and keeps limited compression history compared to DRE.

.

Table A-1 Default Traffic Policies 

Classifier
WAAS Action
Application Accelerator Mode
WAAS Action
Replication Accelerator Mode
Destination Ports

Authentication

     

Kerberos

Passthrough

Passthrough

88, 2053, 754, 888, 543, 464, 544, 749

SASL

Passthrough

Passthrough

3659

TACACS

Passthrough

Passthrough

49

Backup

Monitored

Monitored

 

CommVault

TFO

Passthrough

8400-8403

Connected-DataProtector

TFO

Passthrough

16384

IBM-TSM

LZ+TFO+DRE

Passthrough

1500-1502

Legato-NetWorker

TFO

Passthrough

7937, 7938, 7939

Legato-RepliStor

TFO

Passthrough

7144, 7145

Veritas-BackupExec

TFO

Passthrough

6101, 6102, 6106, 3527, 1125

Veritas-NetBackup

TFO

Passthrough

13720, 13721, 13782, 13785

CAD

 

Monitored

PDMWorks

LZ+TFO+DRE

Passthrough

30000, 40000

Call-Management

     

Cisco-CallManager

Passthrough

Passthrough

2748

SIP-secure

Passthrough

Passthrough

5061

VoIP-Control

Passthrough

Passthrough

1300, 2428, 2000-2002, 1718-1720, 5060, 11720, 11000-11999

Conferencing

 

Monitored

 

CU-SeeMe

Passthrough

Passthrough

7640, 7642, 7648, 7649

ezMeeting

Passthrough

Passthrough

10101-10103, 26260-26261

Intel-Proshare

Passthrough

Passthrough

5713-5717

MS-NetMeeting

Passthrough

Passthrough

522, 1503, 1720, 1731

VocalTec

Passthrough

Passthrough

1490, 6670, 25793, 22555

Console

 

Monitored

 

SSL-Shell

Passthrough

Passthrough

614

Telnet

Passthrough

Passthrough

23, 107, 513

Telnets

Passthrough

Passthrough

992

Unix-Remote-Execution

Passthrough

Passthrough

514, 512

Content-Management

Monitored

   

Documentum

LZ+TFO+DRE

Passthrough

1489

Filenet

LZ+TFO+DRE

Passthrough

32768-32774

ProjectWise-FileTransfer

LZ+TFO+DRE

Passthrough

5800

Directory-Services

Monitored

   

LDAP

LZ+TFO+DRE

Passthrough

389, 8404

LDAP-Global-Catalog

LZ+TFO+DRE

Passthrough

3268

LDAP-Global-Catalog-Secure

Passthrough

Passthrough

3269

LDAP-secure

Passthrough

Passthrough

636

Email-and-Messaging

Monitored

   

HP-OpenMail

LZ+TFO+DRE

Passthrough

5755, 5757, 5766, 5767, 5768, 5729

Internet-Mail

LZ+TFO+DRE

Passthrough

25, 110, 143, 220

Internet-Mail-secure

TFO

Passthrough

995, 993, 465

Lotus-Notes

LZ+TFO+DRE

Passthrough

1352

MAPI1

LZ+TFO+DRE

Passthrough

UUID:a4f1db00-ca47-1067-b31f-00dd010662da

MDaemon

LZ+TFO+DRE

Passthrough

3000, 3001

NNTP

LZ+TFO+DRE

Passthrough

119

NNTP-secure

TFO

Passthrough

563

Novell-Groupwise

LZ+TFO+DRE

Passthrough

1677, 1099, 9850, 7205, 3800, 7100, 7180, 7101, 7181, 2800

PCMail-Server

LZ+TFO+DRE

Passthrough

158

QMTP

LZ+TFO+DRE

Passthrough

209

X400

LZ+TFO+DRE

Passthrough

102

Enterprise-Applications

Monitored

Monitored

 

SAP

LZ+TFO+DRE

Passthrough

3200-3399, 3600-3699

Siebel

LZ+TFO+DRE

Passthrough

8448, 2320, 2321

File-System

Monitored

Monitored

 

AFS

LZ+TFO+DRE

Passthrough

7000-7009

Apple-AFP

LZ+TFO+DRE

Passthrough

548

NFS-non-wafs

LZ+TFO+DRE

Passthrough

2049

Novell-NetWare

LZ+TFO+DRE

Passthrough

524

File-Transfer

Monitored

   

BFTP

LZ+TFO+DRE

Passthrough

152

FTP-Control2

Passthrough

Passthrough

src20, 21

FTP-Data2

LZ+TFO+DRE

Passthrough

src20, 21

FTPS2

TFO

Passthrough

src990

FTP-Control2

Passthrough

Passthrough

src989

Simple-FTP

LZ+TFO+DRE

Passthrough

115

TFTP

LZ+TFO+DRE

Passthrough

69

TFTPS

TFO

Passthrough

3713

Instant Messaging

     

AOL

Passthrough

Passthrough

5190-5193

Apple-iChat

Passthrough

Passthrough

5297, 5298

IRC

Passthrough

Passthrough

531, 6660-6669

Jabber

Passthrough

Passthrough

5222, 5269

Lotus-Sametime-Connect

Passthrough

Passthrough

1533

MS-Chat

Passthrough

Passthrough

6665, 6667

MSN-Messenger

Passthrough

Passthrough

1863, 6891-6900

Yahoo-Messenger

Passthrough

Passthrough

5000, 5001, 5050, 5100

Name Services

     

DNS

Passthrough

Passthrough

53

iSNS

Passthrough

Passthrough

3205

Service-Location

Passthrough

Passthrough

427

WINS

Passthrough

Passthrough

42, 137, 1512

Other

Monitored

   

Basic-TCP-services

Passthrough

Passthrough

1-19

MS-EndPointMapper

EPM

Passthrough

135

MS-Message-Queuing

LZ+TFO+DRE

Passthrough

1801, 2101, 2103, 2105

NTP

Passthrough

Passthrough

123

Other-Secure

Passthrough

Passthrough

261, 448, 684, 695, 994, 2252, 2478, 2479, 2482, 2484, 2679, 2762, 2998, 3077, 3078, 3183, 3191, 3220, 3410, 3424, 3471, 3496, 3509, 3529, 3539, 3660, 3661, 3747, 3864, 3885, 3896, 3897, 3995, 4031, 5007, 5989, 5990, 7674, 9802, 11751, 12109

SOAP

LZ+TFO+DRE

Passthrough

7627

Symantec-AntiVirus

LZ+TFO+DRE

Passthrough

2847, 2848, 2967, 2968, 38037, 38292

Unclassified

LZ+TFO+DRE

Passthrough

Other

P2P

Monitored

Monitored

 

BitTorrent

Passthrough

Passthrough

6881-6889, 6969

eDonkey

Passthrough

Passthrough

4661, 4662

Gnutella

Passthrough

Passthrough

6346-6349, 6355, 5634

Grouper

Passthrough

Passthrough

8038

HotLine

Passthrough

Passthrough

5500-5503

Kazaa

Passthrough

Passthrough

1214

Laplink-ShareDirect

Passthrough

Passthrough

2705

Napster

Passthrough

Passthrough

8875, 8888, 7777, 6700, 6666, 6677, 6688

Qnext

Passthrough

Passthrough

44, 5555

SoulSeek

Passthrough

Passthrough

2234, 5534

WASTE

Passthrough

Passthrough

1337

WinMX

Passthrough

Passthrough

6699

Printing

Monitored

   

AppSocket

LZ+TFO+DRE

Passthrough

9100

IPP

LZ+TFO+DRE

Passthrough

631

SUN-Xprint

LZ+TFO+DRE

Passthrough

8100

Unix-Printing

LZ+TFO+DRE

Passthrough

515, 170

Remote-Desktop

Monitored

   

Altiris-CarbonCopy

Passthrough

Passthrough

1680

Apple-NetAssistant

Passthrough

Passthrough

3283

Citrix-ICA

LZ+TFO+DRE

Passthrough

1494

ControlIT

TFO

Passthrough

799

Danware-NetOp

TFO

Passthrough

6502

Laplink-Host

TFO

Passthrough

1547

Laplink-PCSync

TFO

Passthrough

8444

Laplink-PCSync-secure

TFO

Passthrough

8443

MS-Terminal-Services

TFO

Passthrough

3389

Netopia-Timbuktu

TFO

Passthrough

407, 1417-1420

PCAnywhere

TFO

Passthrough

73, 5631, 5632, 65301

RAdmin

TFO

Passthrough

4899

Remote-Anything

TFO

Passthrough

3999, 4000

Vmware-VMConsole

TFO

Passthrough

902

VNC

TFO

Passthrough

5800-5809, 6900-6909

XWindows

TFO

Passthrough

6000-6063

Replication

Monitored

Monitored

 

EMC-Celerra-Replicator

LZ+TFO+DRE

LZ+TFO+DRE

8888

MS-AD-Replication1

LZ+TFO+DRE

LZ+TFO+DRE

UUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2

MS-Content-Replication-Service

TFO

LZ+TFO+DRE

560, 507

MS-FRS1

LZ+TFO+DRE

LZ+TFO+DRE

UUID:f5cc59b4-4264-101a-8c59-08002b2f8426

Netapp-SnapMirror

LZ+TFO+DRE

LZ+TFO+DRE

10566

Remote-Replication-Agent

TFO

LZ+TFO+DRE

5678

Rsync

TFO

LZ+TFO+DRE

873

SQL

Monitored

Monitored

 

Borland-Interbase

LZ+TFO+DRE

Passthrough

3050

IBM-DB2

LZ+TFO+DRE

Passthrough

523

InterSystems-Cache

LZ+TFO+DRE

Passthrough

1972

MS-SQL

LZ+TFO+DRE

Passthrough

1433

MS-SQL-RPC1

LZ+TFO+DRE

Passthrough

UUID:3f99b900-4d87-101b-99b7-aa0004007f07

MySQL

LZ+TFO+DRE

Passthrough

3306

Oracle

LZ+TFO+DRE

Passthrough

66, 1525, 1521

Pervasive-SQL

LZ+TFO+DRE

Passthrough

1583

PostgreSQL

LZ+TFO+DRE

Passthrough

5432

Scalable-SQL

LZ+TFO+DRE

Passthrough

3352

SQL-Service

LZ+TFO+DRE

Passthrough

156

Sybase-SQL

LZ+TFO+DRE

Passthrough

1498, 2638, 2439, 3968

UniSQL

LZ+TFO+DRE

Passthrough

1978, 1979

SSH

     

SSH

TFO

Passthrough

22

Storage

Monitored

   

FCIP

LZ+TFO+DRE

LZ+TFO+DRE

3225

iFCP

LZ+TFO+DRE

LZ+TFO+DRE

3420

iSCSI

LZ+TFO+DRE

LZ+TFO+DRE

3260

EMC-SRDFA-IP

LZ+TFO+DRE

LZ+TFO+DRE

1748

Streaming

Monitored

   

Liquid-Audio

LZ+TFO+DRE

Passthrough

18888

MS-NetShow

LZ+TFO+DRE

Passthrough

1755

RTSP

LZ+TFO+DRE

Passthrough

554, 8554

VDOLive

LZ+TFO+DRE

Passthrough

7000

Systems-Management

Monitored

   

BMC-Patrol

Passthrough

Passthrough

6161, 6162, 8160, 8161, 6767, 6768, 10128

HP-OpenView

Passthrough

Passthrough

7426-7431, 7501, 7510

HP-Radia

LZ+TFO+DRE

Passthrough

3460, 3461, 3464, 3466

IBM-NetView

Passthrough

Passthrough

729-731

IBM-Tivoli

LZ+TFO+DRE

Passthrough

94, 627, 1965, 1500, 1580, 1581

LANDesk

LZ+TFO+DRE

Passthrough

9535, 9593-9595

NetIQ

Passthrough

Passthrough

2220, 2735, 10113-10116

Netopia-netOctopus

Passthrough

Passthrough

1917, 1921

Novell-ZenWorks

LZ+TFO+DRE

Passthrough

1761-1763, 517, 2544, 8039, 2037, 2638

WBEM

Passthrough

Passthrough

5987, 5988

Version Management

Monitored

Monitored

 

Clearcase

LZ+TFO+DRE

Passthrough

371

CVS

LZ+TFO+DRE

Passthrough

2401

VPN

     

L2TP

TFO

Passthrough

1701

OpenVPN

TFO

Passthrough

1194

PPTP

TFO

Passthrough

1723

WAFS

Monitored

Monitored

 

CIFS

LZ+TFO+DRE, WAFS acceleration

Passthrough

139, 445

WAFS

LZ+TFO+DRE

Passthrough

139, 145

Web

Monitored

Monitored

 

HTTP

LZ+TFO+DRE

Passthrough

80, 8080, 8000, 8001, 3128

HTTPS

TFO

Passthrough

443

1 These classifiers use the EPM service in WAAS to accelerate traffic. EPM-based applications do not have predefined ports so the application's UUID must be used to identify the traffic.

2 These classifiers identify the source port instead of the destination port.