Cisco Crosswork Network Insights Data Sheet

Data Sheet

Available Languages

Download Options

  • PDF     (956.1 KB)
    View with Adobe Reader on a variety of devices
Updated:February 7, 2022

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF     (956.1 KB)
    View with Adobe Reader on a variety of devices
Updated:February 7, 2022
 

 

The Cisco Crosswork Cloud Network Insights platform addresses routing event security and awareness challenges by providing comprehensive global monitoring and analysis capability and unprecedented insights across a hybrid cloud infrastructure.

Product overview

Your network can be a complex and often unpredictable environment. Routing events that are caused by automated systems, malicious attacks, or simply operational errors can have unforeseen effects on network services. Network operators need a scalable and insightful toolset to help them identify root cause network issues swiftly. The operational performance data provided by networks is plentiful, but the existing toolsets lack an understanding of the network control state. Routing protocol event information can be difficult to comprehend when not organized, analyzed, and displayed logically. There is great operational value in network data and using Cisco’s unparalleled expertise with routing protocols, Crosswork Cloud Network Insights has been developed to structure the information needed for quickly resolving issues throughout the network.

Network Insights is a hosted application that provides rich analysis, visualization, and alerting on actionable network events. Cisco Crosswork Cloud Network Insights operates as a hosted service and helps you assess the routing health of your network. We provide you with information you need to determine the stability of your networks and potential risks to your IP routing assets.

Network Insights aggregates global and local routing information and identifies the source of anomalies based on a consensus of the routing databases. This cloud service is a successor of BGPMon.net for multivendor networks that use BGP routing protocols. The service provides a secure and low-risk method of collecting route information at a global scale. We can do all this while tracking hundreds of thousands of IP route update records and maintaining their event history.

Product description

Cisco Crosswork Cloud Network Insights is a revolutionary cloud-based platform for presenting real-time network routing, event, and traffic information. It uses IETF standards-based routing control protocols in combination with a cloud-native architecture to capture the state of your network’s control plane. Crosswork Cloud Network Insights combines several technologies and services to provide a unique awareness of your network and how it interacts with other environments. The platform sets a new standard for its ability to provide a comprehensive view of the state of IP address assets. Subscribers can track live and historical activity of their own global BGP and IP information. They can also quickly and easily investigate other entities that might be the cause of issues based on the information provided by the platform.

Network control protocols such as BGP enable network operators to manage the scale of both the internet and their own internal routing domains. The scale that BGP brings also creates challenges in the amount of IP route information and the integrity of that information. Network routing issues can come from many sources. Network Insights is designed to give your organization the tools to identify and understand routing events as they happen. This unique cloud service will significantly reduce the time it takes to know what is happening to your network and IP address assets—a critical step in reducing the Mean Time to Resolution (MTTR) for control plane issues.

The timeline to know when a routing event has impacted your network

The timeline to know when a routing event has impacted your network

Figure 1.               

The timeline to know when a routing event has impacted your network

Cisco Crosswork Cloud Network Insights collects network data through a secure, federated collection model and provides routing data analytics to significantly reduce mean time to repair. This cloud service provides network operators the following initial capabilities:

     Real-time and historical visualizations of global BGP route events

     Alarms and notifications

     ASN and prefix registration and geographic position

     Global route table browser and looking glass services

     Dashboards including but not limited to:

     AS health

     Prefix health

     Peering analytics

This cloud-based service will continue to be expanded and enhanced for our subscriber community.

Cisco Crosswork Cloud Network Insights is built to communicate and alert on issues using new collaboration media platforms and legacy methods such as email. These collaborative tools help network operation teams’ coordinate their efforts in real time to resolve issues. The architecture also supports the integration of third-party plug-ins.

Cisco Crosswork Cloud Network Insights is designed to manage very large-scale service provider data sets. The service architecture is capable of live-tracking millions of IP prefix updates while maintaining their historical state information.

Cisco Crosswork Cloud Network Insights is for anyone who needs to understand how their networks are routed and how their IP prefixes are seen from hundreds of other networks worldwide. We give you the live tools to see issues of interest as they happen. The service will continue to evolve, providing organizations the capability to protect and understand their IP routing assets.

External route analysis use cases

External route analysis use cases

Figure 2.               

External route analysis use cases

Continuous routing event awareness and management

The Crosswork Cloud Network Insights platform features continuous monitoring of routing event workflow use cases:

     Independent out-of-band monitoring of my edge routers and my IP prefixes

     Receive fully out-of-band notifications using SMS and mobile application tools

     Monitor changes to critical routes inside and outside my network

     Monitor critical third-party routes

     Monitor how my routes are seen by third parties

     Forensic BGP update analysis

     Evidence chain of route changes seen over time

     Identify short-lived route events and their state that is no longer current

     BGP hi-jack event signatures

     Detect AS origin violations without ROA/RPKI

     Detect ROA/RPKI violations

     Detect malicious, more-specific IP prefix advertisements

     Detect Man-in-the-Middle (MiTM) attacks

     BGP route leak event signatures

     Detect unexpected new prefixes originated from an ASN

     Detect unexpected, more-specific IP prefix advertisements

     Detect unexpected prefixes from specific peer devices

     Detect unexpected AS neighbor changes

     Detect AS path length violations at specific peer locations

     Integration with Crosswork automation tools

     Automate pre- and post-change route state changes

     Automate and validate ingress route filtering

     Identify route event situations and define remediation opportunities

     For more information go to www.cisco.com/go/crosswork

Express configuration

The express configuration feature enables first-time users to quickly configure and start monitoring their IP prefixes based on their ASN information. The feature will automatically populate the configuration of the service for all IP prefixes based on their current observed state.

Express Setup Feature

Figure 3.               

Express Setup Feature

Monitored IP prefix alarm history

The alarm history enables the user to quickly identify IP prefix alarm events of importance. Events can be sorted and searched in various ways to quickly locate the root cause of a service-impacting incident. Once an event is located, the detailed information for that event can be viewed as part of the next action. Subscribers will have different lookback periods based on the tier of subscription purchased.

Alarm History

Figure 4.               

Alarm History

IP prefix alarm details

Each alarm event can be viewed in detail. Detailed BGP event information can be viewed to assess the cause and impact of each BGP event signature. The detailed forensic BGP update information can then be viewed to locate offending route change sources and to quickly identify the appropriate remediation action. A history of the frequency of each BGP event signature can then be compared to understand related route events for the same policy.

Detailed BGP Event Information

Figure 5.               

Detailed BGP Event Information

Features and benefits

Table 1.           Lists the main features and benefits of the Crosswork Cloud Network Insights

Feature

Benefit

Cloud Delivered

Easy to order, provision, and instantly available

Faster delivery of ongoing innovation

Easier to integrate with other systems through APIs

Software as a Service (SaaS)

Less technical and operational overhead needed to set up, operate, and maintain servers and software

Ability to seamlessly add capacity, scale, and features, securely and reliably

Frees you to focus on business objectives

Subscription Pricing

Flexibility of payments, with 12- to 60-month terms and annual renewals

Lower up-front CapEx and overall Total Cost of Ownership (TCO)

Ability to add capacity or term as needed to meet business requirements

Three subscription tiers:

  Essentials
  Advantage
  Premier

Subscription tiers are based on the number of configured IP Prefixes to be monitored.

Subscription tiers cannot be mixed in the same tenancy.

External Route Analysis

Analyze any IPv4 and IPv6 prefix regardless of paid subscription state

  Global BGP looking glass for each prefix
  Global BGP update history with lookback based on entitlement tier
  Internet Registrar Maintainer Information (RIR)
  Route Origin Authorization (ROA) status
  Resource Public Key Infrastructure Information (RPKI)

External Route Monitoring

Subscribe based on the number of IP prefixes to be monitored

Internet IPv4 and IPv6 Prefix Analysis and Monitoring

Internet BGP ASN Analysis and Monitoring

Monitor IPv4 and IPv6 prefixes using BGP from your edge routers

  Origin Routes
  Transit Routes
  Critical DNS Root Server Routes
  Critical Certificate Authority Server Routes
  Key third-party external routes (AWS, GSP, Azure, etc.)

Monitor your edge routing devices using BGP for out-of-band connectivity awareness

  Ensure your management infrastructure is available remotely

BGP AS Monitoring

Dashboard provides quick insights into an ASN’s current and historical number of prefixes flapping, update and withdrawal trending, and deviation from baselines.

AS Daily Routing Reports

Detailed sliding time series charts show subscribed ASNs and their properties, including

Alerts and Notifications:

  Alarm Count
  Alarm Type
  Alarm State
  Unexpected Prefix Detection (not previously seen)
  Prohibited Prefix Detection (RFC 1918 and Bogon lists)
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

Per Autonomous System Number (ASN):

  Up/down status of origin peers
  Prefix change statistics (origin and transit)
  Origin Prefix Count
  Origin Prefix State Snapshots
  Origin Prefix Geo Location
  Origin Prefix Global Update History
  Origin Prefix Global Looking Glass
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

BGP Prefix Monitoring

Dashboards that provide current and historical information for a set of subscribed prefixes

Daily Prefix Routing Reports

Detailed sliding time series charts show subscribed Prefixes and their properties.

Alarms and Notifications, including:

  Prefix Change

      Advertisement

      Withdrawal

      AS Path Expression

  Prefix Hi-Jack

      More-Specific Prefix Detection

      ROA Failure

      Origin ASN Violation (without ROA)

      New AS Path Edge (man in the middle)

  Prefix Leak

      Next Hop AS Path Violation

      ASN Path Length Violation

      Parent Aggregate Change

  Prefix Compliance

      ROA Expiry Approaching

Per Prefix:

  BGP Global Update History
  BGP Global Looking Glass
  Origin ASN lookup
  Origin Geo Location
  Automated WHOIS and Regional Internet Registry (RIR) information lookup

BGP Peer Health (Future)

Remote monitor your peering router health and its adjacency through BGP connection

Detailed sliding time series charts showing peer statistics, including:

  Peering Connection Events
  Prefix Withdrawals and Advertisements
  Prefix and ASN Statistics

Alarms and Notifications, including:

  Alarm Count
  Alarm Type
  Alarm State
  Peer Specific

      Prefix Alarms and Notifications

      ASN Alarms and Notifications

      BGP Session Availability

      Prefix Count (IPv4 and IPv6 specific)

      Unexpected Prefix Detection (not previously seen)

      Prohibited Prefix Detection (RFC 1918 and Bogon lists)

      DNS and CA Prefix Withdrawal

      BGP Policy Violation Detection

BGP ROA Validation Service

Monitor and alert on BGP Route Origin Authorization (ROA) state and incidents

Data Learning Intelligence

Provides deeper insight into event correlation and root cause analysis

Enables machine learning methods to be applied to various data and event inputs

Send alarms to external event management or AIOps platform for deeper learning

Collaboration Platform Integration

Collaboration platform notifications present a unique ability to send alarm notification events into an open channel with external parties to help validate and solve issues.

Traditional alarm notifications via:

  Email
  SMS
  Structured Syslog to Cloud File Storage (AWS S3) 1

Collaboration integration sends alarm notifications via:

  Cisco Webex ® Teams Channel 2
● Microsoft Teams Channel 3
● PagerDutyl 4
  Slack Channel 5

API Framework

Provides easy-to-use REST/JSON APIs for all tasks

The platform can be integrated into other SDN platforms:

  Validate route change visibility as part of an automation playbook
  Use alarm events to trigger automation playbooks

Configure all interface components, including

  Prefixes and ASNs
  Policies
  Notification Endpoints

The platform will support a HTTPs Stream Subscription Architecture to enable event-driven frameworks (future)

Multitenant

Role-Based Access Controls

Cisco.com Federated One Identity for easy access to multiple customer tenancies

Enterprise Single Sign-On with Federated Identity to reduce user support and onboarding

Network Automation Integration

Trigger Per Prefix Automation Events using customizable criteria:

  Prefix pre-change and post-change state checking
  Prefix Presence, Absence, Redundancy, and Coverage
  Prefix BGP ASN Path Match Criteria
  Prefix BGP Community Match Criteria
  Prefix eBGP Segment Routing SID

Integrated Options with Cisco Crosswork Change Automation
1 AWS S3 is the property of Amazon Web Services, Inc. Customers are required to provide their own storage subscription entitlement.
2 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.
3 Microsoft Teams is the property of Microsoft Corp., Inc. Customers are required to provide a separate subscription and API entitlement.
4 PagerDuty is the property of PagerDuty, Inc. Customers are required to provide a separate subscription and API entitlement.
5 Slack.com is the property of Slack Technologies, Inc. Customers are required to provide their own subscription and API entitlement

Products subscription tiers

Crosswork Cloud Network Insights is a natural evolution of the BGPmon.net service. Customers familiar with the BGPmon Premium service can purchase an equivalent service offering using the Crosswork Network Insights Essentials subscription tier. This Essentials service provides approximate price and feature parity with the now end-of-sale BGPmon.net Premium Service.

The Crosswork Cloud Network Insights Advantage and Premier service tiers expand on the new platform to provide new insight and analysis capabilities. These new services provide expanded near real-time and historical state information for each monitored IP prefix. Unlike the basic tier service, these tiers will continue to be enhanced with new alarm, reporting, and analysis capabilities over time. The primary difference between the Advantage Tier and the Premier Tier is the accessibility of historical route information and its use in event normalization.

Crosswork Cloud Network Insights Service Tiers

Figure 6.               

Crosswork Cloud Network Insights Service Tiers

The following matrix details feature supported per subscripted tenancy and prefix options for Crosswork Network Insights.

Feature support may be subject to the configured state of an IP prefix:

A = Any IP prefix advertised on the internet

C = Only configured IP prefixes advertised on the internet

X = Feature is available regardless of IP prefix information

Table 2.           Product subscription tiers

Product Tier

Essentials

Advantage

Premier

Prefixes Limitation

Prefix State Lookup

Unlimited (A)

Unlimited (A)

Unlimited (A)

Configured Prefixes

As Purchased (C)

As Purchased (C)

As Purchased (C)

Basic Alarms

Prefix Withdrawal

C

C

C

Prefix Advertisement

C

C

C

Sub-Prefix Advertisement

C

C

C

AS Origin Violation

C

C

C

ROA Failure

C

C

C

ROA Expiry

C

C

C

Upstream AS Change

C

C

C

Unexpected AS Prefix

A

A

A

Parent Aggregate Change

C

C

C

AS Path Expression Match

C

C

C

Man in The Middle

C

C

C

Premium Alarms

AS Path Expression Match

C

C

C

New Global Peer Edge (Man in the Middle)

C

C

C

AS Path Length Violation

 

C

C

Peer Device State Change

 

X

X

Peer Device Prohibited Prefix

 

X

X

DNS Root Server Withdrawal

 

X

X

General Features

Intent-Based Policies

C

C

C

Alarm Details

C

C

C

Alarm BGP Update History

1 Day

7 Days

90 Days

Prefix Details

A

A

A

Prefix Looking Glass

A

A

A

Prefix History BGP Updates

1 Day

7 Days

90 Days

ASN Details

A

A

A

ASN Looking Glass

A

A

A

ASN History Snapshot

1 Day

7 Days

90 Days

ASN History BGP Updates

1 Day

7 Days

90 Days

Peermon Device Features

Peer Devices – Manage Existing

X

X

X

Peer Devices – Add New

On Approval*

X

X

Peer Device Details

 

X

X

Peer Device Looking Glass

 

X

X

Peer Device BGP Update History

 

7 Days

90 Days

IRR and RPSL Policy Features

ASN IRR and RPSL State Report

 

X

X

ASN IRR and RPSL Details

 

7 Days

90 Days

Report Features

State Report – Prefixes

C

C

C

State Report – Prefix ROA

C

C

C

State Report – ASN

X

X

X

State Report – Peer Devices

 

X

X

Notification Endpoint Types

Email

X

X

X

SMS

X

X

X

Syslog via AWS S3 File Storage 1

 

X

X

Cisco Webex Teams 2

 

X

X

Microsoft Teams 3

 

X

X

PagerDuty 4

 

X

X

Slack Channels 5

 

X

X

SSO Identify Management

Unlimited Users per Tenancy

X

X

X

Cisco.com User Accounts

X

X

X

Federated Identity Technical Support
and Single Sign-On

 

X

X

Topology Features

ASN to ASN Topology

 

X

X

ASN to ASN Topology History

 

7 Days

90 Days

API Technical Support

Technical Support for API Usage

 

X

X
* The addition of new PeerMon devices to the Network Insights Service for the Essentials Tier is subject to approval by Cisco. New peered device data sources will be permitted based on an assessment of size of the IP route table published and the stability of the peered network device over time. Cisco will reserve the right to disconnect a peered device from an Essentials Peer where the peer does not conform to operating requirements provided by Cisco.
1 AWS S3 is the property of Amazon Web Services, Inc. Customers are required to provide their own storage subscription entitlement.
2 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.
3 Microsoft Teams is the property of Microsoft Corp., Inc. Customers are required to provide a separate subscription and API entitlement.
4 PagerDuty is the property of PagerDuty, Inc. Customers are required to provide a separate subscription and API entitlement.
5 Slack.com is the property of Slack Technologies, Inc. Customers are required to provide their own subscription and API entitlement.

Ordering information

Cisco Crosswork Cloud Network Insights is available. To order, please visit the Cisco Ordering Home Page.

Cisco Crosswork Cloud Network Insights feature tiers can be ordered in one-year, three-year, and five-year subscription periods. In addition, volume discounts are available for customers ordering higher numbers of monitored IP prefixes at the same time. There are separate license options for Essentials, Advantage, and Premier tiers, detailed below. The SaaS software is accessible at crosswork.cisco.com.

Cisco Smart Accounts and Smart Licensing are supported for Cisco Crosswork Cloud Network Insights. In addition, Cisco Connection Online (CCO) user accounts are mandatory to use the Network Insights user interface. Enterprise Single Sign-on (SSO) with federated identity source is supported via OKTA federation with Cisco.com.

Table 3.           Ordering information

Description

Entitlement Model

External Route Analysis Essentials Tier

Per Configured IP Route Prefix Monitored

External Route Analysis Advantage Tier

Per Configured IP Route Prefix Monitored

External Route Analysis Premier Tier

Per Configured IP Route Prefix Monitored

Cisco and Partner Services

www.cisco.com

Cisco offers a wide range of services to help accelerate your success in connecting to Cisco Crosswork Cloud Network Insights. The innovative Cisco Services offerings are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your network control. Cisco Advanced Services use an architecture-led approach to help you align your network infrastructure with your business goals and achieve long-term value. Cisco Crosswork products can be combined with the Cisco SMARTnet® service to help you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. Spanning the entire network lifecycle, Cisco Services offerings help increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise. For more information, please visit www.cisco.com/go/services.

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

Learn more

For more information on Cisco's network automation portfolio for Service Providers please visit www.cisco.com/go/crosswork.To learn more about Cisco Crosswork or to schedule a demonstration contact your Cisco sales representative.

Document history

Table 4.           Document revisions

New or revised topic

Described in

Date

Offer updates

Features and Benefits

February 2022

Offer and UI Updates

Crosswork Network Insights User Guide

07/30/2021

User Interface Update

Crosswork Network Insights User Guide

11/28/2019

Subscription Tiers Added

Crosswork Network Insights Release Notes

08/30/2019

General Availability

Crosswork Network Insights User Guide

01/30/2019

 

 

Learn more