Cisco Crosswork Cloud Network Insights Data Sheet

Data Sheet

Available Languages

Download Options

  • PDF     (1.1 MB)
    View with Adobe Reader on a variety of devices
Updated:August 29, 2023

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF     (1.1 MB)
    View with Adobe Reader on a variety of devices
Updated:August 29, 2023
 

 

The Cisco Crosswork Cloud Network Insights platform addresses routing event security and awareness challenges by providing comprehensive global monitoring and analysis capability and unprecedented insights across a hybrid cloud infrastructure.

Product overview

Your network can be a complex and often unpredictable environment. Routing events that are caused by automated systems, malicious attacks, or simply operational errors can have unforeseen effects on network services. Network operators need a scalable and insightful toolset to help them identify root cause network issues swiftly. The operational performance data provided by networks is plentiful, but the existing toolsets lack an understanding of the network control state. Routing protocol event information can be difficult to comprehend when not organized, analyzed, and displayed logically. There is great operational value in network data and using Cisco’s unparalleled expertise with routing protocols, Crosswork Cloud Network Insights has been developed to structure the information needed for quickly resolving issues throughout the network.

Network Insights is a hosted application that provides rich analysis, visualization, and alerting on actionable network events. Cisco Crosswork Cloud Network Insights operates as a hosted service and helps you assess the routing health of your network. We provide you with information you need to determine the stability of your networks and potential risks to your IP routing assets.

Network Insights aggregates global and local routing information and identifies the source of anomalies based on a consensus of the routing databases. This cloud service is a successor of BGPMon.net for multivendor networks that use BGP routing protocols. The service provides a secure and low-risk method of collecting route information at a global scale. We can do all this while tracking hundreds of thousands of IP route update records and maintaining their event history.

Product description

Cisco Crosswork Cloud Network Insights is a revolutionary cloud-based platform for presenting real-time network routing, event, and traffic information. It uses IETF standards-based routing control protocols in combination with a cloud-native architecture to capture the state of your network’s control plane. Crosswork Cloud Network Insights combines several technologies and services to provide a unique awareness of your network and how it interacts with other environments. The platform sets a new standard for its ability to provide a comprehensive view of the state of IP address assets. Subscribers can track live and historical activity of their own global BGP and IP information. They can also quickly and easily investigate other entities that might be the cause of issues based on the information provided by the platform.

Network control protocols such as BGP enable network operators to manage the scale of both the internet and their own internal routing domains. The scale that BGP brings also creates challenges in the amount of IP route information and the integrity of that information. Network routing issues can come from many sources. Network Insights is designed to give your organization the tools to identify and understand routing events as they happen. This unique cloud service will significantly reduce the time it takes to know what is happening to your network and IP address assets—a critical step in reducing the Mean Time to Resolution (MTTR) for control plane issues.

The timeline to know when a routing event has impacted your network

The timeline to know when a routing event has impacted your network

Figure 1.            

The timeline to know when a routing event has impacted your network

Cisco Crosswork Cloud Network Insights collects network data through a secure, federated collection model and provides routing data analytics to significantly reduce mean time to repair. This cloud service provides network operators the following initial capabilities:

      Real-time and historical visualizations of global BGP route events

      Alarms and notifications

      ASN and prefix registration and geographic position

      Global route table browser and looking glass services

      Dashboards including but not limited to:

    AS health

    Prefix health

    Peering analytics

This cloud-based service will continue to be expanded and enhanced for our subscriber community.

Cisco Crosswork Cloud Network Insights is built to communicate and alert on issues using new collaboration media platforms and legacy methods such as email. These collaborative tools help network operation teams’ coordinate their efforts in real time to resolve issues. The architecture also supports the integration of third-party plug-ins.

Cisco Crosswork Cloud Network Insights is designed to manage very large-scale service provider data sets. The service architecture is capable of live-tracking millions of IP prefix updates while maintaining their historical state information.

Cisco Crosswork Cloud Network Insights is for anyone who needs to understand how their networks are routed and how their IP prefixes are seen from hundreds of other networks worldwide. We give you the live tools to see issues of interest as they happen. The service will continue to evolve, providing organizations the capability to protect and understand their IP routing assets.

External route analysis use cases

External route analysis use cases

Figure 2.            

External route analysis use cases

Continuous routing event awareness and management

The Crosswork Cloud Network Insights platform features continuous monitoring of routing event workflow use cases:

      Independent out-of-band monitoring of my edge routers and my IP prefixes.

    Receive fully out-of-band notifications using SMS and mobile application tools.

      Monitor changes to critical routes inside and outside my network.

    Monitor critical third-party routes.

    Monitor how my routes are seen by third parties.

      Forensic BGP update analysis.

    Evidence chain of route changes seen over time.

    Identify short-lived route events and their state that is no longer current.

      BGP hi-jack event signatures.

    Detect AS origin violations without ROA/RPKI.

    Detect ROA/RPKI violations.

    Detect malicious, more-specific IP prefix advertisements.

    Detect Man-in-the-Middle (MiTM) attacks.

      BGP route leak event signatures.

    Detect unexpected new prefixes originated from an ASN.

    Detect unexpected, more-specific IP prefix advertisements.

    Detect unexpected prefixes from specific peer devices.

    Detect unexpected AS neighbor changes.

    Detect AS path length violations at specific peer locations.

      Integration with Crosswork automation tools.

    Automate pre- and post-change route state changes.

    Automate and validate ingress route filtering.

    Identify route event situations and define remediation opportunities.

    For more information go to www.cisco.com/go/crosswork.

Express configuration

The express configuration feature enables first-time users to quickly configure and start monitoring their IP prefixes based on their ASN information. The feature will automatically populate the configuration of the service for all IP prefixes based on their current observed state.

Express Setup Feature

Figure 3.            

Express Setup Feature

Monitored IP prefix alarm history

The alarm history enables the user to quickly identify IP prefix alarm events of importance. Events can be sorted and searched in various ways to quickly locate the root cause of a service-impacting incident. Once an event is located, the detailed information for that event can be viewed as part of the next action. Subscribers will have different lookback periods based on the tier of subscription purchased.

Alarm History

Figure 4.            

Alarm History

IP prefix alarm details

Each alarm event can be viewed in detail. Detailed BGP event information can be viewed to assess the cause and impact of each BGP event signature. The detailed forensic BGP update information can then be viewed to locate offending route change sources and to quickly identify the appropriate remediation action. A history of the frequency of each BGP event signature can then be compared to understand related route events for the same policy.

Detailed BGP Event Information

Figure 5.            

Detailed BGP Event Information

IP Prefix Path Topology

The BGP Path Topology feature enables effective and easy searching of key BGP changes over time. IP Route Prefix Path Topologies can be observed as a point in time ‘Snapshot’ or as a ‘Time Comparison’. BGP path events can be visualized to help identify changes in Autonomous Systems (AS) paths via intermediate networks. Filters support visualization of BGP updates from All Peers or specifically Peers owned by the user.

BGP Path Topology View

Figure 6.            

BGP Path Topology View

Features and benefits

Table 1.        Lists the main features and benefits of the Crosswork Cloud Network Insights

Feature

Benefit

Cloud Delivered

Easy to order, provision, and instantly available.

Faster delivery of ongoing innovation.

Easier to integrate with other systems through APIs.

Software as a Service (SaaS)

Less technical and operational overhead needed to set up, operate, and maintain servers and software.

Ability to seamlessly add capacity, scale, and features, securely and reliably.

Frees you to focus on business objectives.

Subscription Pricing

Flexibility of payments, with 12- to 60-month terms and annual renewals.

Lower up-front CapEx and overall Total Cost of Ownership (TCO).

Ability to add capacity or term as needed to meet business requirements.

Three subscription tiers:

  Essentials
  Advantage
  Premier

Subscription tiers are based on the number of configured IP Prefixes to be monitored.

Subscription tiers cannot be mixed in the same tenancy.

External Route Analysis

Analyze any IPv4 and IPv6 prefix regardless of paid subscription state.

  Global BGP looking glass for each prefix.
  Global BGP update history with lookback based on entitlement tier.
  Internet Registrar Maintainer Information (RIR).
  Route Origin Authorization (ROA) status.
  Resource Public Key Infrastructure Information (RPKI).

External Route Monitoring

Subscribe based on the number of IP prefixes to be monitored.

Internet IPv4 and IPv6 Prefix Analysis and Monitoring.

Internet BGP ASN Analysis and Monitoring.

Monitor IPv4 and IPv6 prefixes using BGP from your edge routers.

  Origin Routes.
  Transit Routes.
  Critical DNS Root Server Routes.
  Critical Certificate Authority Server Routes.
  Key third-party external routes (AWS, GSP, Azure, etc).

Monitor your edge routing devices using BGP for out-of-band connectivity awareness.

  Ensure your management infrastructure is available remotely.

BGP AS Monitoring

Dashboard provides quick insights into an ASN’s current and historical number of prefixes flapping, update and withdrawal trending, and deviation from baselines.

AS Daily Routing Reports.

Detailed sliding time series charts show subscribed ASNs and their properties, including.

Alerts and Notifications:

  Alarm Count.
  Alarm Type.
  Alarm State.
  Unexpected Prefix Detection (not previously seen)..
  Prohibited Prefix Detection (RFC 1918 and Bogon lists)
  Automated WHOIS and Regional Internet Registry (RIR) information lookup.

Per Autonomous System Number (ASN):

  Up/down status of origin peers.
  Prefix change statistics (origin and transit).
  Origin Prefix Count.
  Origin Prefix State Snapshots.
  Origin Prefix Geo Location.
  Origin Prefix Global Update History.
  Origin Prefix Global Looking Glass.
  Automated WHOIS and Regional Internet Registry (RIR) information lookup.

BGP Prefix Monitoring

Dashboards that provide current and historical information for a set of subscribed prefixes.

Daily Prefix Routing Reports.

Detailed sliding time series charts show subscribed Prefixes and their properties.

Alarms and Notifications, including:

  Prefix Change.

    Advertisement.

    Withdrawal.

    AS Path Expression.

  Prefix Hi-Jack.

    More-Specific Prefix Detection.

    ROA Failure.

    Origin ASN Violation (without ROA).

    New AS Path Edge (man in the middle).

  Prefix Leak.

    Next Hop AS Path Violation.

    ASN Path Length Violation.

    Parent Aggregate Change.

  Prefix Compliance.

    ROA Expiry Approaching.

Per Prefix:

  BGP Path Topology Visualization.
  BGP Global Update History.
  BGP Global Looking Glass.
  Origin ASN lookup.
  Origin Geo Location.
  Automated WHOIS and Regional Internet Registry (RIR) information lookup.

BGP Peer Health

Remote monitor your peering router health and its adjacency through BGP connection

Detailed sliding time series charts showing peer statistics, including:

  Peering Connection Events
  Prefix Withdrawals and Advertisements
  Prefix and ASN Statistics

Alarms and Notifications, including:

  Alarm Count
  Alarm Type
  Alarm State
  Peer Specific

    Prefix Alarms and Notifications

    ASN Alarms and Notifications

    BGP Session Availability

    Prefix Count (IPv4 and IPv6 specific)

    Unexpected Prefix Detection (not previously seen)

    Prohibited Prefix Detection (RFC 1918 and Bogon lists)

    DNS and CA Prefix Withdrawal

    BGP Policy Violation Detection

BGP ROA Validation Service

Monitor and alert on BGP Route Origin Authorization (ROA) state and incidents.

  RPKI Status Checking (Valid, Invalid, Unknown, Max Path).
  RPKI Signature Expiry and Alarms.
  Route Origin Validation.

    BGP update Validation using ROA information.

Data Learning Intelligence

Provides deeper insight into event correlation and root cause analysis.

Enables machine learning methods to be applied to various data and event inputs.

Send alarms to external event management or AIOps platform for deeper learning.

Collaboration Platform Integration

Collaboration platform notifications present a unique ability to send alarm notification events into an open channel with external parties to help validate and solve issues.

Traditional alarm notifications via:

  Email
  SMS
  Structured Syslog to Cloud File Storage (AWS S3 & Google Storage) 1 & 6

Collaboration integration sends alarm notifications via:

  Cisco Webex® Teams Channel 2
  Microsoft Teams Channel 3
  PagerDutyl 4
  Slack Channel 5

API Framework

Provides easy-to-use APIs for all tasks.

  REST/JSON “pull” based APIs.
  gRPC/Protobuf “streaming” based APIs.

The platform can be integrated into other SDN platforms:

  Validate route change visibility as part of an automation playbook.
  Use alarm events to trigger automation playbooks.

Configure all interface components, including.

  Prefixes and ASNs
  Policies
  Notification Endpoints

The platform supports Stream based BGP Events to enable event-driven frameworks.

Multitenant

Role-Based Access Controls.

  Admin, Read/Write, Read Only.

Cisco.com Federated One Identity for easy access to multiple customer tenancies.

Network Automation Integration

Trigger Per Prefix Automation Events using customizable criteria:

  Prefix pre-change and post-change state checking.
  Prefix Presence, Absence, Redundancy, and Coverage.
  Prefix BGP ASN Path Match Criteria.
  Prefix BGP Community Match Criteria.

Integrated Options with Cisco Crosswork Network Controller.
1 AWS S3 is the property of Amazon Web Services, Inc. Customers are required to provide their own storage subscription entitlement.
2 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.
3 Microsoft Teams is the property of Microsoft Corp., Inc. Customers are required to provide a separate subscription and API entitlement.
4 PagerDuty is the property of PagerDuty, Inc. Customers are required to provide a separate subscription and API entitlement.
5 Slack.com is the property of Slack Technologies, Inc. Customers are required to provide their own subscription and API entitlement.
6 Google Drive is a the property of Google LLC. Customers are required to provide their own storage subscription entitlement.

Products subscription tiers

Crosswork Cloud Network Insights is a natural evolution of the BGPmon.net service. Customers familiar with the BGPmon Premium service can purchase an equivalent service offering using the Crosswork Network Insights Essentials subscription tier. This Essentials service provides approximate price and feature parity with the now end-of-sale BGPmon.net Premium Service.

The Crosswork Cloud Network Insights Advantage and Premier service tiers expand on the new platform to provide new insight and analysis capabilities. These new services provide expanded near real-time and historical state information for each monitored IP prefix. Unlike the basic tier service, these tiers will continue to be enhanced with new alarm, reporting, and analysis capabilities over time. The primary difference between the Advantage Tier and the Premier Tier is the accessibility of historical route information and its use in event normalization.

Crosswork Cloud Network Insights Service Tiers

Figure 7.            

Crosswork Cloud Network Insights Service Tiers

The following matrix details feature supported per subscripted tenancy and prefix options for Crosswork Network Insights.

Feature support may be subject to the configured state of an IP prefix:

A = Any IP prefix advertised on the internet.

C = Only configured IP prefixes advertised on the internet.

X = Feature is available regardless of IP prefix information.

Table 2.        Product subscription tiers

Product Tier

Free

Essentials

Advantage

Premier

Prefixes Limitation

Prefix State Lookup

Unlimited (A)

Unlimited (A)

Unlimited (A)

Unlimited (A)

Configured Prefixes

5

As Purchased (C)

As Purchased (C)

As Purchased (C)

Basic IP Prefix Alarms

Prefix Withdrawal

C

C

C

C

Prefix Advertisement

C

C

C

C

Sub-Prefix Advertisement

C

C

C

C

AS Origin Violation

C

C

C

C

ROA Failure

C

C

C

C

ROA Expiry

C

C

C

C

ROA Not Found

C

C

C

C

Upstream AS Change

C

C

C

C

Unexpected AS Prefix

A

A

A

A

Parent Aggregate Change

C

C

C

C

AS Path Expression Match

C

C

C

C

AS Path Length Violation

C

C

C

C

New Global Peer Edge (Man in the Middle)

C

C

C

C

Premium IP Prefix Alarms

Prefix Withdrawal – My Peers

 

 

C

C

Prefix Advertisement – My Peers

 

 

C

C

AS Origin Violation – My Peers

 

 

C

C

Upstream AS Change – My Peers

 

 

C

C

Parent Aggregate Change – My Peers

 

 

C

C

AS Path Expression Match – My Peers

 

 

C

C

AS Path Length Violation – My Peers

 

 

C

C

Basic Peer Alarms

Peer Down

X

X

X

X

Peer Device State Change

X

X

X

X

Peer Device Prohibited Prefix

X

X

X

X

Peer DNS Root Server Withdrawal

X

X

X

X

General Features

Intent-Based Policies

C

C

C

C

Alarm Details

C

C

C

C

Alarm BGP Update History

1 Day

1 Day

7 Days

90 Days

Prefix Details

A

A

A

A

Prefix Looking Glass

A

A

A

A

Prefix History BGP Updates

1 Day

1 Day

7 Days

90 Days

ASN Details

A

A

A

A

ASN Looking Glass

A

A

A

A

ASN History Snapshot

1 Day

1 Day

7 Days

90 Days

ASN History BGP Updates

1 Day

1 Day

7 Days

90 Days

Peermon Device Features

Peer Devices – Manage Existing

X

X

X

X

Peer Devices – Add New*

X

X

X

X

Peer Device Details

X

X

X

X

Peer Device Looking Glass

X

X

X

X

Peer Device BGP Update History

1 Days

1 Days

7 Days

90 Days

IRR and RPSL Policy Features

ASN IRR and RPSL Details

 

 

7 Days

90 Days

Report Features

Daily State Reports – ASN

 

 

X

X

Notification Endpoint Types

Email

X

X

X

X

SMS

X

X

X

X

Syslog via AWS S3 File Storage 1

 

 

X

X

Syslog via Google File Storage6

 

 

X

X

Cisco Webex Teams 2

 

 

X

X

Microsoft Teams 3

 

 

X

X

PagerDuty 4

 

 

X

X

Slack Channels 5

 

 

X

X

Single Sign On (SSO) Identify Management

Unlimited Users per Tenancy

X

X

X

X

Cisco.com User Accounts

X

X

X

X

Topology Features

ASN to ASN Topology

 

X

X

X

ASN to ASN Topology History

 

1 Days

7 Days

90 Days

API Support

Support for JSON / REST API Usage

 

 

X

X

Support for Protobuf / gRPC API Streaming Usage

 

 

X

X

Technical Support

Technical support via TAC or Inband Tickets

 

X

X

X
* The addition of new PeerMon devices to the Network Insights Service for the Essentials Tier is subject to approval by Cisco. New peered device data sources will be permitted based on an assessment of size of the IP route table published and the stability of the peered network device over time. Cisco will reserve the right to disconnect a peered device from an Essentials or Free Peer where the peer does not conform to operating requirements provided by Cisco.
1 AWS S3 is the property of Amazon Web Services, Inc. Customers are required to provide their own storage subscription entitlement.
2 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.
3 Microsoft Teams is the property of Microsoft Corp., Inc. Customers are required to provide a separate subscription and API entitlement.
4 PagerDuty is the property of PagerDuty, Inc. Customers are required to provide a separate subscription and API entitlement.
5 Slack.com is the property of Slack Technologies, Inc. Customers are required to provide their own subscription and API entitlement.
6.Google Drive is a the property of Google LLC. Customers are required to provide their own storage subscription entitlement.

Ordering information

Cisco Crosswork Cloud Network Insights is available. To order, please visit the Cisco Ordering Home Page.

Cisco Crosswork Cloud Network Insights feature tiers can be ordered in one-year, three-year, and five-year subscription periods. In addition, volume discounts are available for customers ordering higher numbers of monitored IP prefixes at the same time. There are separate license options for Essentials, Advantage, and Premier tiers, detailed below. The SaaS software is accessible at crosswork.cisco.com.

Cisco Smart Accounts and Smart Licensing are supported for Cisco Crosswork Cloud Network Insights. In addition, Cisco Connection Online (CCO) user accounts are mandatory to use the Network Insights user interface. Enterprise Single Sign-on (SSO) with federated identity source is supported via OKTA federation with Cisco.com.

Table 3.        Ordering information

Description

Entitlement Model

External Route Analysis Essentials Tier

Per Configured IP Route Prefix Monitored

External Route Analysis Advantage Tier

Per Configured IP Route Prefix Monitored

External Route Analysis Premier Tier

Per Configured IP Route Prefix Monitored

Cisco and Partner Services

www.cisco.com

Cisco offers a wide range of services to help accelerate your success in connecting to Cisco Crosswork Cloud Network Insights. The innovative Cisco Services offerings are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your network control. Cisco Advanced Services use an architecture-led approach to help you align your network infrastructure with your business goals and achieve long-term value. Cisco Crosswork products can be combined with the Cisco SMARTnet® service to help you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. Spanning the entire network lifecycle, Cisco Services offerings help increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise. For more information, please visit www.cisco.com/go/services.

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

Learn more

For more information on Cisco's network automation portfolio for Service Providers please visit www.cisco.com/go/crosswork.To learn more about Cisco Crosswork or to schedule a demonstration contact your Cisco sales representative.

Document history

Table 4.        Document revisions

New or revised topic

Described in

Date

IP Prefix Peer Alarm Updates

Features and Benefits

August 2023

Offer updates

Features and Benefits

February 2022

Offer and UI Updates

Crosswork Network Insights User Guide

July 30, 2021

User Interface Update

Crosswork Network Insights User Guide

November 28, 2019

Subscription Tiers Added

Crosswork Network Insights Release Notes

October 30, 2019

General Availability

Crosswork Network Insights User Guide

January 30, 2019

 

 

 

Learn more