Cisco Application Networking Manager 5.2 Data Sheet
PDF(640.0 KB) View with Adobe Reader on a variety of devices
Updated:May 22, 2012
® Application Networking Manager (ANM) software is part of the Cisco Application Control Engine (ACE) product family. It is also a critical component of Cisco Unified Data Center and Cloud Services architecture, enabling service orchestration, application delivery, and operations and monitoring of Cisco ACE, Cisco Global Site Selector (GSS), Cisco Content Services Switch (CSS), Cisco Content Switching Module (CSM), and Cisco CSM with SSL (CSM-S). Cisco ANM, through its comprehensive set of tools, increases the application network services awareness and capabilities of data center operations personnel while reducing the burden of operating and managing those services. Cisco ANM can be deployed as a software package for Linux-based systems or as a virtual appliance for supported virtualization platforms, as shown in Figure 1. The capabilities and functions of the Cisco ANM software are the same regardless of the how it is deployed.
Figure 1. Cisco ANM Network Deployment
Cisco ANM can help you effectively manage application delivery and data center virtualized network services by:
• Streamlining the deployment and ongoing operation of the Cisco ACE virtualized environment
• Using preinstalled and programmable application templates, supporting rapid delivery and deployment of applications, with a customizable template view, and role-based access control (RBAC)
• Simplifying the operation and monitoring of real and virtual servers across the load-balancing infrastructure
• Centralizing operation management of virtual IP answers and Domain Name System (DNS) rules for Cisco ACE and Cisco GSS devices
• Integrating with VMware vCenter and Cisco Nexus® 7000 Series Switches, enabling dynamic workload scaling (DWS)
• Enabling integration with third-party and custom-developed tools through a web services API
• Supporting smartphones and tablets with Cisco ANM Mobile (ANM Mobile is a feature and not a product)
Features and Benefits
Cisco ANM operations features allow administrators to perform operation tasks quickly and easily across the entire application delivery network. Cisco ANM users have the flexibility to use their preferred interfaces to securely perform operation tasks, selecting from the Cisco ANM GUI, ANM web services API, ANM Mobile, and ANM VMware vCenter plug-in.
• Device inventory: Cisco ANM maintains a central inventory of all Cisco ACE Family devices and their configured virtual contexts. Add, remove, and maintain the inventory of devices through simple onscreen controls and guided workflows. Make changes immediately, or schedule them for deployment at a later date or time. Single-pane multidevice management is a native function of Cisco ANM, so there are no pop-ups or redirections to individual device manager windows.
• Application topology visualization: Cisco ANM provides topology maps, allowing you to better visualize and understand the flow of traffic through Cisco ACE application networking services. As shown in Figure 2, Cisco ANM can visually navigate maps of the network services topology (with panning and zooming) and quickly find, view, and print any set of interest to you. By selecting elements on these maps, you can learn:
– Information about Cisco GSS DNS rules, answer groups, and virtual IP answers
– Information about Cisco ACE virtual servers and real servers
– Information about VMware virtual machine relationships
– Detailed information about each real server and VMware vCenter users from the Cisco Server Load Balancing (SLB) tab in VMware vCenter
Figure 2. Application Topology Mapping
• Monitoring dashboards: Cisco ANM provides up-to-date information about the health and state of all devices, virtual contexts, and applications. Using Cisco ANM's real-time monitoring dashboards, operations staff have access to critical service information and can quickly perform more in-depth analysis and accelerate troubleshooting and problem resolution.
Cisco ANM monitoring features include dashboards at the top level for all managed devices. In addition, device and virtual context levels are supported only for Cisco ACE modules and appliances. These dashboards display health, use, and performance data for such elements as devicewide traffic, context resource allocation and use, load-balancing statistics, and real-server use. For instance, the Cisco ACE device-level dashboard includes the Context with Denied Resource Usage Detected table, which lists all contexts for which a resource request was denied after the maximum limit for the resource was reached, enabling the operator to track virtual contexts that may need additional resources allocated.
Cisco ANM stores historical data for a selected list of statistics calculated over the past 1, 2, 4, 8, or 24 months. Operators can view this historical statistical graph.
Additional monitoring features include:
– Export of graphed data in a JPEG image file for Microsoft Excel file format
– Health and performance dashboards that include top-N and alarm and event graphs and tables
– Support for multiple levels of monitoring views
Figure 3 shows the monitoring dashboard with device resource use information.
Figure 3. Monitoring Dashboard
• Event logging and threshold-crossing alerts: Syslog and Simple Network Management Protocol (SNMP) trap events are stored for all managed Cisco ACE devices. Critical alert information is presented in Cisco ANM dashboards and can be used with notification rules to email or page personnel when problems are identified on any managed devices.
Deployment of new applications can be a complex and error-prone task, involving extensive configuration and application-specific tuning. Cisco ANM makes deployment of new applications easy, eliminating the need for long configuration guides along with potential typing errors and application-tuning difficulties.
• Service configuration: Easily perform service provisioning on any managed Cisco ACE device with Cisco ANM guided workflows, application templates, and manual service policy creation. Provision all Cisco ACE configuration elements, including virtual contexts, virtual servers, real servers, sticky groups, inspections, matching rules, application control lists (ACLs), VLANs, SSL encryption, HTTP compression, and IPv6. Guided workflows save time and confusion by conducting users through common provisioning tasks, providing diagrams and help along the way.
• Programmable application templates: Rapidly provision new applications by using one of the many application templates included in Cisco ANM 5.2 (Figure 4). Select a template and supply a few required pieces of information (such as the virtual IP address) to provision a new application. Complex deployments are now as simple as a few mouse clicks. Using the built-in XML editor, users can create their own application templates for custom applications, or for applications that do not yet have a template supplied by Cisco available.
Figure 4. Application Template
The template editor supports code-editing capabilities for creating and editing application templates. Users can create and edit application templates based predefined templates or create their own within Cisco ANM. The main features that enhance the usability of the editor include:
– Tools for performing common tasks such as search and replace, undo and redo, and indentation operations and implementing the insert command and opening and closing tags for loop commands (if, for, and for each)
– Autocompletion code tag entry or a list of possible options based on the entered tag
– Errors and warning indicators with highlights showing the section of the code that contains the errors; details of the errors appear in the error description pane
– Embedded function button to validate the application template prior to service deployment
For more information, and to collaborate and share templates with other Cisco ANM users, visit the Cisco ANM section of the Cisco Developer Network at http://developer.cisco.com/web/anm/.
Cisco ANM is a powerful administration tool for the entire application delivery network. In addition to its single-pane management capabilities, Cisco ANM can be fine-tuned to work with users of all roles and skill levels. You can give each user the specific access that user needs and monitor every action that the user takes.
• Securely delegated operations and RBAC: Cisco ANM gives managers the power to delegate specific use privileges to each Cisco ANM user, with fine granularity. Each Cisco ANM user can also be restricted to view or perform actions only on specific elements, such as a set of Cisco ACE real servers or virtual servers. Delegating and restricting user privileges in this way allows Cisco ANM to be safely used by any level of user, from event-motivated network operations center (NOC) staff to highly skilled application delivery engineers. RBAC also extends to what users can view in an application template, according to their privileges.
• Automatic discovery: Cisco ANM can automatically discover new devices and add them to its inventory using network scans or Cisco Discovery Protocol.
• Data export for planning: Cisco ANM provides an optional statistical data export facility so that you can identify baselines and trends as well as perform capacity planning based on application networking services use and performance over time. To simplify data management, the Cisco ANM server manages database disk use, performing such tasks as purging exported data according to user-defined urles and providing notifications when disuse thresholds are reached.
• Action logging: All actions taken in Cisco ANM by users can be logged for audit purposes. Find out who did what, when, and from where.
• Secure access: All user access to Cisco ANM is secured using 128-bit SSL encryption. Users can be authenticated using local accounts or by TACACS+, RADIUS, Lightweight Directory Access Protocol (LDAP), or Microsoft Active Directory authentication.
• Failover and high availability: Deploy a second Cisco ANM server and pair the two servers for automatic failover. Cisco ANM is much more than just a device manager, so maintaining access to its monitoring and alerting features is of critical importance.
Maintaining a large application delivery network can be a challenge, involving numerous devices, a multitude of SSL files, and extensive configuration. Cisco ANM makes maintaining and securing these items simple and trouble free.
• SSL certificate monitoring: Cisco ANM makes managing numerous SSL certificates and keys for applications simple. Cisco ANM dashboards display an overview of the data center SSL status and warnings for expiring or expired SSL certificates. Administrators can be notified when SSL certificates are nearing their renewal dates. Users can be securely delegated so that they have only the capability to monitor and manage SSL files, without access to other Cisco ANM features.
• Checkpoint management: Checkpoints allow administrators to easily return any Cisco ACE configuration to a previously saved checkpoint. Create a checkpoint prior to any changes and then roll back if necessary.
• Centralized backup: Cisco ANM maintains automatic backup copies of the configurations for Cisco ACE devices, including the running configuration, licenses, scripts, checkpoints, certificates, and keys (if they are exportable). Backup can be performed manually or on daily, weekly, or monthly schedules.
Cisco ANM is the management gateway to your entire application delivery network, and it is equipped with many integration features to allow you access to its features from any location or platform.
• VMware vCenter plug-in: Install the Cisco ANM plug-in for VMware vCenter with a few clicks and give server administrators and network administrators a simplified way to perform provisioning and maintenance tasks. As shown in Figure 5, by clicking the Cisco ACE SLB tab, server administrators can add, remove, rebalance, and monitor load-balancing services for their virtual machines from within VMware vCenter, without ever needing to log into Cisco ANM or call the network administration team. From within Cisco ANM, network administrators gain visibility into the mappings between Cisco ACE real servers and virtual machines, as well as detailed operating information about these virtual machines. Figure 3 and Figure 5 display the same topology details from Cisco ANM and from VMware vCenter.
As with all Cisco ANM functions, the VMware vCenter plug-in implements RBAC. Although application and server administrators are allowed to manage the appropriate portions of the application-delivery services, they cannot see or make changes to the underlying application-delivery services or Cisco ACE devices.
Figure 5. Cisco ANM VMware vCenter Plug-In
Cisco ANM also let administrators configure DWS, which is a Cisco ACE feature that permits on-demand access to remote virtual machines. Cisco ACE supports DWS through integration with Cisco Nexus 7000 Series Switches and VMware vCenter. Cisco ACE queries the Cisco Nexus 7000 Series Switch to obtain virtual machine locality data and VMware vCenter to obtain CPU and memory utilization data for local virtual machines. When the average load of the local data center crosses a configured threshold, using Cisco Overlay Transport Virtualization (OTV) technology, Cisco ACE adds the remote virtual machines to its load-balancing rotation pool, adding more computing resources to serve the increased load.
• Cisco ANM Mobile application: Cisco ANM includes support for Cisco ANM Mobile (Figure 6), which is a set of remote management tools available on number of popular mobile devices. Cisco ANM Mobile can be accessed in variety of ways:
– A native Cisco ANM Mobile app is available from the App Store for Apple iPhones
– A native Cisco ANM Mobile app is available from the Android marketplace for Android-based smartphones
– A native Cisco ANM Mobile app is available from Cisco AppHQ on Cisco Cius™ tablets
– A web version of the Cisco ANM Mobile app can accessed using the web browser on most mobile devices, including tablets
Both native and web versions of Cisco ANM Mobile provide the same features; with the exception of push notifications, which are available only when using native apps.
Cisco ANM Mobile allows administrators to receive push notifications on their mobile devices whenever one of their specified servers (real or virtual) or other devices goes offline or online. Push notifications allow administrators to be notified of potential application problems immediately.
Using Cisco ANM Mobile, administrators can also view configuration and monitoring information for their list of favorite real servers, virtual servers, and devices, and even Cisco GSS answers and rules. Administrators can also perform operation tasks on these elements such as placing a real server in or out of service.
Figure 6. Cisco ANM Mobile
• Web services API: The Cisco ANM web services API provides a programmable interface for system developers to integrate Cisco ANM with external applications. Use the API to provision and monitor application delivery services on all managed devices. For more information and to collaborate with other Cisco ANM users, visit the ANM section of the Cisco Developer Network at http://developer.cisco.com/web/anm/.
The Cisco ANM web services API supports the most common operations for Cisco ACE modules and appliances, Cisco GSS, Cisco CSS, Cisco CSM, and Cisco CSM-S, including operations to:
– List devices and virtual contexts
– List server farms and real servers
– List associations of VMware virtual machines and real servers
– List all virtual IP answers configured on the specific Cisco GSS
– Add and remove real servers from Cisco ACE server farms
– Activate and suspend real servers for participation in load balancing
– Activate and suspend Cisco GSS answers and DNS rules
– Change real-server weight for load-balancing algorithms
Table 1 lists the product specifications for Cisco ANM 5.2.
Cisco ANM High Availability is a configuration option for implementing Cisco ANM servers in a highly available active and standby mode. In this configuration, the active Cisco ANM server maintains a stateful synchronization with the standby Cisco ANM server so that if the active server fails, or if an administrative action failover occurs, the standby server can transparently take over operations. High availability is available only on Cisco ANM Server for Red Hat Enterprise Linux (RHEL). It is not available in the virtual appliance version of Cisco ANM
Cisco ANM is designed to support up to 50 Cisco ACE devices for full management; up to 40 Cisco CSS, CSM, and CSM-S devices for delegated activation and suspension of real and virtual servers with monitoring; and up to 3 clusters of Cisco ACE GSS. The exact number of devices supported depends on the scale of operations on each device. For Cisco ACE devices, this value is weighted by the number of virtual contexts per Cisco ACE instance and the number of configured components and services within each virtual context (servers, server farms, and health-monitoring probes) and the complexity of service configurations. For other devices, the value is weighted by the number of real and virtual servers (Cisco CSS, Cisco CSM, and Cisco CSM-S) and by the number of virtual IP answers and DNS rules and cluster sizes (Cisco GSS).
Cisco ANM can be run either as the Cisco ANM Virtual Appliance for VMware or as an application installed on a RHEL-based server.
The Cisco ANM virtual appliance is interchangeable with Cisco ANM Server for RHEL, which makes the virtual appliance easy to deploy and scale, provides more efficient use of hardware resources, and eliminates the need to acquire, install, and maintain the operating system separately.
The installation files for the Cisco ANM Virtual Appliance for VMware are provided in the same package as those for the Cisco ANM Server for RHEL 32-bit and 64-bit solutions.
Table 2 lists the system requirements for the Cisco ANM Virtual Appliance for VMware, and Table 3 lists the system requirements for the Cisco ANM Server for RHEL.
Table 2. System Requirements for Cisco ANM Virtual Appliance for VMware
Cisco ANM Versions 4.1 and later are offered for order at no charge, but they do require licensing. Cisco ANM ships with a 90-day evaluation period, which enables users to begin using it immediately in their production networks. However, to continue to use the product, a permanent software license needs to be installed before the 90-day evaluation period expires. Cisco Software Application Support (SAS) requires a separate purchase.
Cisco ANM is available for order through regular Cisco sales and distribution channels worldwide. To place an order, visit the Cisco Ordering homepage. To download software, visit the Cisco Software Center. Table 4 provides ordering information.
The installation files for the Cisco ANM Virtual Appliance for VMware and the Cisco ANM Server for RHEL are provided in the same package only for postal-delivered orders.
Table 4. Ordering Information
Postal Delivered Cisco ANM Server Software
Electronically Delivered ANM Server Software
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco Services programs help you protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see
Cisco Technical Support Services and
Cisco Advanced Services.