Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Available Languages

Download Options

  • PDF
    (771.6 KB)
    View with Adobe Reader on a variety of devices
Updated:September 3, 2019

Available Languages

Download Options

  • PDF
    (771.6 KB)
    View with Adobe Reader on a variety of devices
Updated:September 3, 2019
 

 

The Cisco Crosswork Network Insights platform addresses Routing Event Security and Awareness challenges by providing comprehensive global monitoring and analysis capability and unprecedented insights across a hybrid cloud infrastructure.

Product overview

Your network can be a complex and often unpredictable environment. Routing events that are caused by automated systems, malicious attacks, or simply operational errors can have unforeseen effects on network services. Network operators need a scalable and insightful toolset to help them identify root cause network issues swiftly. The operational performance data provided by networks is plentiful, but the existing toolsets lack an understanding of the network control state. Routing protocol event information can be difficult to comprehend when not organized, analyzed, and displayed logically. There is great operational value in network data and using Cisco’s unparalleled expertise with routing protocols, Cisco Crosswork Network Insights has been developed to structure the information needed for quickly resolving issues throughout the network.

Cisco Crosswork Network Insights is a hosted application that provides rich analysis, visualization, and alerting on actionable network events. Cisco Crosswork Network Insights operates as a hosted service and helps you assess the routing health of your network. We provide you with information you need to determine the stability of your networks and potential risks to your IP Routing assets.

Cisco Crosswork Network Insights aggregates global and local routing information and identifies the source of anomalies based on a consensus of the routing databases. This service is a successor of BGPMon.net for multivendor networks that use BGP routing protocols. The service provides a secure and low-risk method of collecting route information at a global scale. We can do all this while tracking hundreds of thousands of IP Route update records and maintaining their event history.

Product description

Cisco Crosswork Network Insights is a revolutionary cloud-based platform for presenting real-time network routing, event, and traffic information. It uses IETF standards-based routing control protocols in combination with a cloud-native architecture to capture the state of your network’s control plane. Cisco Crosswork Network Insights combines several technologies and services to provide a unique awareness of your network and how it interacts with other environments. The platform sets a new standard for its ability to provide a comprehensive view of the state of IP address assets. Subscribers can track live and historical activity of their own global BGP and IP information. They can also quickly and easily investigate other entities that might be the cause of issues based on the information provided by the platform.

Network control protocols such as BGP enable network operators to manage the scale of both the Internet and their own internal routing domains. The scale that BGP brings also creates challenges in the amount of IP route information and the integrity of that information. Network routing issues can come from many sources. Cisco Crosswork Network Insights is designed to give your organization the tools to identify and understand routing events as they happen. This unique service will significantly reduce the time it takes to know what is happening to your network and IP address assets—a critical step in reducing the Mean Time to Resolution (MTTR) for control plane issues.

The timeline to know when a routing event has impacted your network

datasheet-c78-740228_0.png

Cisco Crosswork Network Insights collects network data through a secure, federated collection model and provides routing data analytics to significantly reduce mean time to repair. This cloud service provides network operators the following initial capabilities:

     Real-time and historical visualizations of global BGP route events.

     Alarms and notifications

     ASN and prefix registration and geographic position

     Global route table browser and looking glass services

     Dashboards including but not limited to:

     AS health

     Prefix health

     Peering analytics

This cloud-based service will continue to be expanded and enhanced for our subscriber community.

Cisco Crosswork Network Insights is built to communicate and alert on issues using new collaboration media platforms and legacy methods such as email. These collaborative tools help network operation teams’ coordinate their efforts in real time to resolve issues. The architecture also supports the integration of third-party plug-ins.

Cisco Crosswork Network Insights is designed to manage very large-scale service provider data sets. The service architecture is capable of live-tracking millions of IP Prefix updates while maintaining their historical state information.

Cisco Crosswork Network Insights is for anyone who needs to understand how their networks are routed and how their IP Prefixes are seen from hundreds of other networks worldwide. We give you the live tools to see issues of interest as they happen. The service will continue to evolve, providing organizations the capability to protect and understand their IP routing assets.

External Route Analysis use cases

datasheet-c78-740228_1.png

Continuous Routing Event Awareness and Management

The Cisco Crosswork Network Insights platform features continuous monitoring of Routing Event workflow use cases:

     Independent out of band monitoring of my edge Routers and my IP prefixes

     Receive fully out of band notifications using SMS and Mobile Application tools

     Monitor changes to critical routes inside and outside my network

     Monitor critical third-party routes

     Monitor how my routes are seen by third parties

     Forensic BGP Update Analysis

     Evidence chain of Route changes seen over time

     Identify short lived Route events and their state that is no longer current.

     BGP Hi-jack Event Signatures

     Detect AS origin violations without ROA/RPKI

     Detect ROA/RPKI violations

     Detect malicious more specific IP Prefix advertisements

     Detect Man in the Middle (MiTM) attacks

     BGP Route Leak Event Signatures

     Detect unexpected new prefixes originated from an ASN

     Detect unexpected more specific IP Prefix advertisements

     Detect unexpected prefixes from specific peer devices

     Detect unexpected AS neighbour changes

     Detect AS path length violations at specific peer locations

     Integration with Crosswork Automation Tools

     Automate pre and post change Route state changes

     Automate and validate ingress Route filtering

     Identify Route event situations and define remediation opportunities

     For more information go to https://www.cisco.com/go/crosswork

Express Configuration

The express configuration feature enables first time users to quickly configure and start monitoring their IP prefixes based on their ASN information. The feature will automatically populate the configuration of the service for all IP prefixes based on their current observed state.

datasheet-c78-740228_2.jpg

Monitored IP Prefix Alarm History

The Alarm History enables the user to quickly identify IP Prefix alarm events of importance. Events can be sorted and searched in various ways to quickly locate the root cause of a service impacting incident. Once an event is located the detailed information for that event can be viewed as part of the next action. Subscribers will have different lookback periods based on the tier of subscription purchased.

datasheet-c78-740228_3.jpg

IP Prefix Alarm Details

Each Alarm event can be viewed in detail. Detailed BGP event information can be viewed to assess the cause and impact of each BGP event signature. The detailed forensic BGP update information can then be viewed to locate offending Route change sources and to quickly identify the appropriate remediation action. A history of the frequency of each BGP event signature can then be compared to understand related Route events for the same Policy.

datasheet-c78-740228_4.jpg

Features and benefits

Table 1.             Lists the main features and benefits of the Cisco Crosswork Network Insights

Feature

Benefit

Cloud Delivered

Easy to order, provision, and set up

Faster delivery of ongoing innovation

Easier to integrate with other systems through APIs

Software as a Service (SaaS)

Less technical and operational overhead needed to set up, operate, and maintain servers and software

Ability to seamlessly add capacity, scale, and features, securely and reliably

Frees you to focus on business objectives

Subscription Pricing

Flexibility of payments, with 12 to 60-month terms and annual renewals

Lower up-front Capex and overall Total Cost of Ownership (TCO)

Ability to add capacity or term as needed to meet business requirements

Three subscription tiers:

  Basic
  Essentials
  Standard

Subscription Tiers are based on the number of Configured IP Prefixes to be monitored

Subscription Tiers cannot be mixed in the same tenancy

External Route Analysis

Analyze any IPv4 and IPv6 Prefix regardless paid subscription state

  Global BGP Looking Glass for each prefix
  Global BGP Update history with lookback based on entitlement tier
  Internet Registrar maintainer information (RIR)
  Route Origin Authorization (ROA) status
  Resource Public Key Infrastructure information (RPKI)

External Route Monitoring

Subscribe based on the number of IP Prefixes to be monitored

Internet IPv4 and IPv6 Prefix Analysis and Monitoring

Internet BGP ASN Analysis and Monitoring

Monitor IPv4 and IPv6 Prefixes using BGP from your edge routers

  Origin Routes
  Transit Routes
  Critical DNS Root Server Routes
  Critical Certificate Authority Server Routes
  Key third party external routes (AWS, GSP Azure etc.)

Monitor your edge routing devices using BGP for out of band connectivity awareness

  Ensure your management infrastructure is available remotely

BGP AS Monitoring

Dashboard provides quick insights into an ASN’s current and historical number of prefixes flapping, update and withdrawal trending and deviation from baselines.

AS Daily Routing Reports

Detailed sliding time series charts show subscribed ASNs and their properties, including

Alerts and Notifications including:

  Alarm Count
  Alarm Type
  Alarm State
  Unexpected Prefix Detection (not previously seen)
  Prohibited Prefix Detection (RFC 1918 and Bogon lists)
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

Per Autonomous System Number (ASN):

  Up/down status of origin peers
  Prefix change statistics (origin and transit)
  Origin Prefix Count
  Origin Prefix State Snapshots
  Origin Prefix Geo Location
  Origin Prefix Global Update History
  Origin Prefix Global Looking Glass
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

BGP Prefix Monitoring

Dashboards that provide current and historical information for a set of subscribed prefixes.

Daily Prefix Routing Reports

Detailed sliding time series charts show subscribed Prefixes and their properties.

Alarms and Notifications including:

  Prefix Change
   Advertisement
   Withdrawal
   AS Path Expression (future)
  Prefix Hi-Jack
   More Specific Prefix Detection
   ROA Failure
   Origin ASN Violation (without ROA)
   Man in the Middle (future)
  Prefix Leak
   Next Hop AS Path Violation
   ASN Path Length Violation
   Parent Aggregate Change
  Prefix Compliance
   ROA Expiry Approaching

Per Prefix:

  BGP Global Update History
  BGP Global Looking Glass
  Origin ASN lookup
  Origin Geo Location
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

BGP Peer Health (future)

Remote monitor your peering router health and its adjacency through BGP connection

Detailed sliding time series charts showing Peer Statistics, including

  Peering Connection Events
  Prefix Withdrawals and Advertisements
  Prefix and ASN Statistics

Alarms and Notifications including:

  Alarm Count
  Alarm Type
  Alarm State
  Peer Specific
   Prefix Alarms and Notifications
   ASN Alarms and Notifications
   BGP Session Availability
   Prefix Count (IPv4 and IPv6 specific)
   Unexpected Prefix Detection (not previously seen)
   Prohibited Prefix Detection (RFC 1918 and Bogon lists)
   DNS and CA Prefix Withdrawal

BGP Policy Violation Detection

BGP ROA Validation Service

Monitor and Alert on BGP Route Origin Authorization (ROA) state and incidents

Data learning intelligence

Provides Deeper insight into event correlation and root cause analysis.

Enables Machine Learning methods to be applied to various Data and Event inputs

Send Alarms to Cisco Crosswork Situation Manager for deeper learning

Collaboration Platform Integration

Collaboration Platform Notifications present a unique ability send Alarm notification events into an open channel with external parties to help validate and solve issues.

Traditional Alarm notifications via:

  Email
  SMS
  Structured Syslog to Cloud File Storage (AWS S3) 2

Collaboration Integration sends Alarm Notifications via:

  Cisco WebEx Teams Channel 1
  Slack Channel 3

API Framework

Provides easy to use REST / JSON APIs for all tasks

The platform can be integrated into other SDN platforms:

  Validate route change visibility as part of an automation playbook
  Use alarm events to trigger automation playbooks

Configure All Interface components including

  Prefixes and ASNs
  Policies
  Notification Endpoints

The platform will support a HTTPs Stream Subscription Architecture to enable event driven frameworks (future)

Multi-Tennant

Role Based Access Controls

Cisco.com Federated One Identity for easy access to multiple customer tenancies

Enterprise Single Sign On with Federated Identity to reduce user support and onboarding

Network Automation Integration

Trigger Per Prefix Automation Events using customizable criteria:

  Prefix Pre-change and Post-change state checking
  Prefix Presence, Absence, Redundancy and Coverage
  Prefix BGP ASN Path Match Criteria
  Prefix BGP Community Match Criteria
  Prefix eBGP Segment Routing SID

Integrated Options with Cisco Crosswork Change Automation

1 Slack.com is the property of Slack Technologies Inc. Customers are required to provide their own subscription and API entitlement.
2 AWS S3 is the property of Amazon Web Services, Inc. are required to provide their own storage subscription entitlement.
3 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.

Products subscription tiers

The Cisco Crosswork Network Insights is a natural evolution of the BGPmon.net service. Customers familiar with the BGPmon Premium service can purchase an equivalent service offering using the Crosswork Network Insights subscription tier. This basic service provides approximate price and feature parity with the now End of Sale BGPmon.net Premium Service.

The Cisco Crosswork Network Insights Essentials and Standard service tiers expand on new platform to provide new insight and analysis capabilities. These new services provide expanded near real time and historical state information for each monitored IP Prefix. Unlike the basic tier service, these tiers will continue to be enhanced with new Alarm, Reporting and Analysis capabilities over time. The primary different between the Essentials Tier and the Standard Tier is the accessibility of historical route information and it’s use in event normalization.

datasheet-c78-740228_5.png

The following feature support matrix per subscripted Tenancy and Prefix for the External Route Analysis service.

Feature support may be subject to the configured state of an IP Prefix:

A = Any IP Prefix advertised on the Internet

C = Only Configured IP Prefixes advertised on the Internet

X = Feature is available regardless of IP Prefix information

Table 2.             Product subscription tiers

Product Tier

Basic

L-SPAUTO-NI-B

Essentials

L-SPAUTO-NI-E

Standard

L-SPAUTO-NI-S

Prefixes Limitation

Prefix State Lookup

Unlimited (A)

Unlimited (A)

Unlimited (A)

Configured Prefixes

As Purchased (C)

As Purchased (C)

As Purchased (C)

Basic Alarms

Prefix Withdrawal

C

C

C

Prefix Advertisement

C

C

C

Sub-Prefix Advertisement

C

C

C

AS Origin Violation

C

C

C

ROA Failure

C

C

C

ROA Expiry

C

C

C

Upstream AS Change

C

C

C

Unexpected AS Prefix

A

A

A

Parent Aggregate Change

C

C

C

Premium Alarms

AS Path Expression Match

C

C

C

Man in the Middle

C

C

C

AS Path Length Violation

 

C

C

Peer Device State Change

 

X

X

Peer Device Prohibited Prefix

 

X

X

DNS Root Server Withdrawal

 

X

X

General Features

Intent Based Policies

C

C

C

Alarm Details

C

C

C

Alarm BGP Update History

1 Day

7 Days

90 Days

Prefix Details

A

A

A

Prefix Looking Glass

A

A

A

Prefix History BGP Updates

1 Day

7 Days

90 Days

ASN Details

A

A

A

ASN Looking Glass

A

A

A

ASN History Snapshot

1 Day

7 Days

90 Days

ASN History BGP Updates

1 Day

7 Days

90 Days

Peermon Device Features

Peer Devices – Manage Existing

X

X

X

Peer Devices – Add New

On Approval1

X

X

Peer Device Details

 

X

X

Peer Device Looking Glass

 

X

X

Peer Device BGP Update History

 

7 Days

90 Days

IRR and RPSL Policy Features

ASN IRR and RPSL State Report

 

X

X

ASN IRR and RPSL Details

 

7 Days

90 Days

Report Features

State Report – Prefixes

C

C

C

State Report – Prefix ROA

C

C

C

State Report – ASN

X

X

X

State Report – Peer Devices

 

X

X

Notification Endpoint Types

Email

X

X

X

SMS

X

X

X

Cisco Webex Teams4

 

X

X

Slack.com Channels2

 

X

X

Syslog via AWS S3 File Storage3

 

X

X

Roadmap Notification Endpoint Types

 

 

 

SSO Identify Management

Unlimited Users per Tenancy

X

X

X

Cisco.com User Accounts

X

X

X

Dedicated SSO and Unique URL

 

 

X

Topology Features

ASN to ASN Topology

 

X

X

ASN to ASN Topology History

 

7 Days

90 Days

API Technical Support

Technical Support for API Usage

 

X

X

1 The addition of new peermon devices to the Crosswork Network Insights Service for the Basic Tier is subject to approval by Cisco. New peered device data sources will be permitted based on an assessment of size of the IP route table published and the stability of the peered network device over time. Cisco will reserve the right to disconnect a peered device from a Basic Peer where the peer does not conform to operating requirements provided by Cisco.
2 Slack.com is the property of Slack Technologies Inc. Customers are required to provide their own subscription and API entitlement.
3 AWS S3 is the property of Amazon Web Services, Inc. are required to provide their own storage subscription entitlement.
4 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.

Ordering information

Cisco Crosswork Network Insights is available. To order, please visit the Cisco Ordering Home Page.

Cisco Crosswork Network Insights feature tiers can be ordered in one-year, three-year, and five-year subscription periods. In addition, volume discounts are available for customers ordering higher numbers of Monitored IP Prefixes at the same time. There are separate license options for Basic, Essentials and Standard tiers, detailed below, the SaaS software is accessible crosswork.cisco.com.

Cisco Smart Accounts and Smart Licensing are supported for Cisco Crosswork Network Insights. In addition, a Cisco Connection Online (CCO) user accounts are mandatory to use the Cisco Crosswork Network Insights user interface unless the customer has purchased an configured the Standard Tier with an Enterprise Single Sign-on (SSO) dedicated URL and federated identity source.

Table 3.             Ordering information

Part Number

Description

Entitlement Model

L-SPAUTO-NI-B

External Route Analysis Basic Tier

Per Configured IP Prefix Monitored

L-SPAUTO-NI-E

External Route Analysis Essentials Tier

Per Configured IP Prefix Monitored

L-SPAUTO-NI-S

External Route Analysis Standard Tier

Per Configured IP Prefix Monitored

Cisco and Partner Services

https://www.cisco.com/

Cisco offers a wide range of services to help accelerate your success in connecting to Cisco Crosswork Network Insights. The innovative Cisco Services offerings are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your network control. Cisco Advanced Services use an architecture-led approach to help you align your network infrastructure with your business goals and achieve long-term value. Cisco Crosswork Products can be combined with Cisco SMARTnet Service to help you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. Spanning the entire network lifecycle, Cisco Services offerings help increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise. For more information, please visit https://www.cisco.com/go/services.

Document History

Table 4.             Document Revisions.

New or revised topic

Described in

Date

Subscription Tiers Added

Crosswork Network Insights Release Notes

Aug, 30th2019

General Availability

Crosswork Network Insights User Guide

Jan, 30th2019

Learn more