Q. Why is Cisco introducing the Cisco Prime™ Virtual Network Analysis Module (vNAM)?
A. The dynamic nature of today's data center and cloud creates an urgent need for IT departments to understand and maintain application and infrastructure availability and performance consistent with service-level objectives; today, changes to the network are more frequent and fluid, and users, now having more devices than ever, want to access applications wherever they are and when they need them. This new environment has made it even more important that applications continue to be delivered with a consistent, high-quality user experience no matter what, when, or where. Cisco Prime vNAM is designed to help IT departments accelerate the transition to this new reality. Its virtual footprint provides an easy-to-deploy solution to help IT departments rapidly view and tune network operations wherever required to respond to a constant stream of new demands on the network, while consistently maintaining a superior user experience.
Q. How can Cisco Prime vNAM help IT departments?
A. Cisco Prime vNAM delivers application visibility, comprehensive network analytics, and an intrinsic knowledge of the network. These features can empower IT departments to streamline network operations, increase agility in addressing new business requirements, and improve the way that the user experiences the applications that the network delivers. It can enable IT departments to:
• Monitor tenant workloads in hosted network containers to characterize performance
• Analyze network use by applications, hosts, virtual machines, and conversations to identify bottlenecks that may affect performance and availability
• Troubleshoot performance problems consistently across physical and virtual environments using application performance metrics, network traffic trends, and detailed flow and packet analyses
• Eliminate the need to backhaul the data to a centralized location by instead using the integrated web-based interface to remotely manage the site
• Validate infrastructure updates such as WAN optimization, new application rollouts, and quality-of-service (QoS) policy changes
Cisco Prime vNAM complements the rest of the Cisco Prime NAM portfolio to deliver consistent performance analytics across the network.
Q. Where can IT departments deploy Cisco Prime vNAM?
A. Because Cisco Prime vNAM is a virtual appliance, it offers outstanding deployment flexibility to extend visibility across desired observation points in the network. Example deployment scenarios are described here; however, Cisco Prime vNAM can be deployed almost anywhere as long as monitoring performance needs are less than 1 Gbps. If performance needs are higher, as may be typical in environments such as campus backbone and data center distribution networks, Cisco Prime NAM solutions are available to specifically address such requirements.
• Multitenant cloud: You can deploy an instance of Cisco Prime vNAM in each tenant network container to monitor the workload. Cisco Prime vNAM analyzes TCP-based interactions for the hosted workload, providing performance metrics such as transaction time, server response time, and application delay. Setting performance thresholds helps you proactively detect performance problems, troubleshoot application response time concerns, and reduce the risk of violating service-level objectives. Cisco Prime vNAM also provides insight into network use by applications, top talkers, and conversations to help optimize utilization of the cloud infrastructure.
• Remote site: Deployed at a remote site, Cisco Prime vNAM can help characterize the end-user experience, profile application traffic, and troubleshoot performance problems to cost effectively deliver services across Cisco® Borderless Networks. An integrated web-based interface allows administrators to access Cisco Prime vNAM remotely at any time and from anywhere to get a glimpse into the health of the network and applications. It eliminates the need to backhaul data to a centralized location for analysis. Cisco Prime vNAM monitors all traffic entering and leaving the remote site, providing information about which applications are consuming the most bandwidth, proactively identifying situations in which application performance is being affected, assessing whether control and optimization techniques are implemented effectively, and contextually troubleshooting performance problems.
• Wireless access: With the capability to decode the control and provisioning of wireless access points (CAPWAP) header, Cisco Prime vNAM deployed at a remote site or in the campus access layer can provide visibility into both wired and wireless access traffic. The network performance metrics can be analyzed using the built-in dashboards and workflows, and targeted packet captures can be performed to solve complex performance problems.
Q. On what virtualization infrastructures can Cisco Prime vNAM run?
A. Cisco Prime vNAM can be installed on x86 platforms that support VMware ESXi, and kernel-based virtual machine (KVM) virtualization infrastructure. The supported version numbers will be published closer to the general availability of the product.
Q. What is the performance of Cisco Prime vNAM?
A. Cisco Prime vNAM is targeted for monitoring performance up to 1-Gbps traffic. The performance benchmarks will be published closer to the general availability of the product.
Q. How does Cisco Prime vNAM gather information from the network?
A. Cisco Prime vNAM supports a variety of data sources (Table 1) to gather information from the network. For example, Cisco Prime vNAM collects packets using mechanisms such as Switched Port Analyzer (SPAN), Remote SPAN (RSPAN), Encapsulated RSPAN (ERSPAN), and traffic flow information using NetFlow Data Export (NDE) from network devices. Cisco Prime vNAM processes the information, extracts relevant details, computes performance analytics, and stores the data in the built-in performance database. The database provides valuable insights about voice, video, and data traffic; VLANs; VXLANs; overlay transport virtualization (OTV); differentiated services (DiffServ); hosts; conversation pairs; application use; etc. This information is presented in the Cisco Prime vNAM GUI with easy-to-navigate interactive reports. In addition to the computed analytics, Cisco Prime vNAM can store packet captures, which allows you to solve complex application performance problems.
Table 1. Cisco Prime vNAM Data Sources
SPAN, RSPAN, and ERSPAN
Using the SPAN, RSPAN, and ERSPAN capabilities of Cisco network devices, traffic from ports and VLANs can be mirrored to the vNAM. RSPAN allows traffic to be collected from other RSPAN-enabled devices in the same VLAN Trunk Protocol (VTP) domain. ERSPAN allows traffic to be sent to the NAM using generic routing encapsulation (GRE) tunnels from a Layer 3 network.
VLAN access control lists (VACLs)
The vNAM uses VACLs to capture, or filter, selected VLANs and WAN traffic (on Cisco IOS® Software devices only) to the vNAM ports. Additional filtering rules can be applied to target specific data flows. The vNAM must be specified as the capture destination for VACL entries when configuring the local supervisor.
Cisco NetFlow Data Export records offer an aggregate view of the network traffic. When enabled on network devices, Cisco Prime vNAM can be configured as the destination.
Cisco Wide Area Application Services (WAAS)
The vNAM uses the built-in instrumentation of Cisco WAAS to gather information about the optimized and pass-through traffic. Deployed in the data center, the vNAM provides end-to-end application performance visibility in a Cisco WAAS environment. The vNAM measures application response time, transaction time, bandwidth use, and LAN and WAN data throughput to accurately monitor and quantify the effect of Cisco WAAS optimizations. Deployed at the remote site, the vNAM offers insight into the effect of Cisco WAAS optimization from the client perspective.
Cisco Performance Agent
Cisco Performance Agent deployed at the remote sites extends performance visibility across Cisco Borderless Networks. Cisco Performance Agent is a licensed feature of Cisco IOS Software introduced in Cisco IOS Software Release 15.1(4)M and is supported on Cisco Integrated Services Router Generation 2 (ISR G2) and Cisco 880 and 890 router platforms.
Q. How is Prime vNAM Software secured?
A. Cisco Prime vNAM can be secured with up to 256-bit encryption. Cisco Prime vNAM also supports role-based user authorization and authentication locally or using TACACS+.
Reporting and Management
Q. What integration mechanisms does Cisco Prime vNAM offer?
A. Cisco Prime vNAM offers a REST/XML API to allow an external application to configure various capabilities in the vNAM and extract the computed analytics in real time for consumption as part of external management workflows.
Q. When will Cisco Prime vNAM be available?
A. Cisco Prime vNAM is expected to be available in 3Q-CY13.
Q. What are the part numbers for Cisco Prime vNAM?