Cisco Crosswork Cloud Traffic Analysis Data Sheet

Data Sheet

Available Languages

Download Options

  • PDF
    (1.0 MB)
    View with Adobe Reader on a variety of devices
Updated:February 9, 2022

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (1.0 MB)
    View with Adobe Reader on a variety of devices
Updated:February 9, 2022


The Cisco Crosswork Cloud Traffic Analysis platform addresses Traffic Analysis, Peering Prospecting, and Peering Engineering challenges by providing a comprehensive network view and analysis of traffic at network peering boundaries designed to visualize and optimize traffic flows.

Product overview

Your network can be complex and often unpredictable. Traffic from over-the-top applications, automated systems, malicious attacks, or variations from simple operational errors can have unforeseen effects on traffic flows. Network operators need a scalable and insightful toolset to help them visualize and optimize their traffic congestion at key points within their network. Today’s network devices can produce vast amounts of data both on statistics and flows. Operators need effective tools to consume and correlate this critical traffic data at scale and at low operational cost. Crosswork Cloud Traffic Analysis’ analytics capabilities are being integrated into the Crosswork Network Automation portfolio as a new cloud-based SaaS offering traffic analysis and recommendation for edge network devices.

Cisco Crosswork Cloud Traffic Analysis service is a hosted application that provides rich analysis, visualization, and optimization recommendations for network traffic flows. Traffic Analysis helps you understand the flow of traffic across key points in your network and is delivered as a scale-out cloud service. This allows day-zero deployment with feature sets that are always up to date, with very low ongoing maintenance requirements.

Cisco Crosswork Cloud Traffic Analysis aggregates traffic flow data across multiple devices, giving operators a view of the traffic matrix across the whole network. It adds critical context to observed traffic flows based on the existing rich data sets of external routing data from the Cisco Crosswork Cloud Traffic Analysis External Route Analysis service. This allows operators to gain a deeper understanding of the origins of traffic flows on their networks, as well as the impacts of changes in external routing state and policy.

Cisco Crosswork Cloud Traffic Analysis is designed to provide actionable recommendations for optimizing traffic at congested network edges. As the number of peering points expand in today’s distributed networks, delivering this end-to-end traffic visibility at scale becomes a critical requirement for effective network optimization. This visibility allows network operators to drive manual or automated changes that are clear and easy to implement based on defined policies – throughout the network.

Cisco Crosswork Cloud Traffic Analysis helps address key Service Provider and Enterprise customer challenges such as who should you peer with and what changes do you need to make to achieve a Peering Traffic load balance with engineering recommendations applicable at all SP Network IGP boundaries. By effectively extracting and managing huge amounts of data, operators can rapidly address and even proactively avoid disrupting events and impending security threats. Crosswork Traffic Analysis technology will help to provide reliable, timely, and actionable information about what’s happening in the network 24/7 to deliver premium networked experiences.

Cisco Crosswork Cloud Traffic Analysis offers a networking monitoring solution for complex enterprise and service provider networks. The solution supports both cloud and on-premises server, router, switch, and firewall hardware. The Cisco Crosswork Cloud Traffic Analysis solution captures, enriches, and analyzes network data to help service providers, web companies, and enterprises to improve network performance, manage costs, gain visibility, and reduce downtime.

Prominent feature

Product description

Cisco Crosswork Cloud has added a new module, Traffic Analysis. This capability expands on the existing cloud-based platform by presenting up-to-date network traffic change information. It uses standards-based traffic flow protocols in combination with a cloud-native architecture to capture the state of your network’s congestion across aggregated entry points. A critical step in reducing the Mean Time to Resolution (MTTR) for network edge congestion issues is the identification of which nodes are congested and what traffic flows are causing the congestion.

Mean Time to Resolution with Traffic Analysis

Figure 1.               

Mean Time to Resolution with Traffic Analysis

The Traffic Analysis features provide awareness of distributed congestion between multiple network elements at network boundaries. The platform differentiates itself buy its ability to view the utilization state of multiple devices and what traffic is causing the congestion. Traffic Analysis uses protocols like NetFlow, BGP, IPFix, and SNMP to enable multivendor support for traffic information awareness. Subscribers can analyze live and historical activity of the traffic matrix information for groups of network devices. Users can also quickly and easily identify what changes are required in order to better distribute traffic between multiple devices. This can enable network owners to maximize the capability of all the assets during peak operating periods.

Network control protocols such as IGPs, BGP, RSVP-TE, and segment routing enable network operators to influence how traffic enters and exits internal routing domains. Network boundaries often have multiple entry points. It can be difficult to continuously identify which IP routes can be manipulated in order to meet operational needs. The Cisco Crosswork Cloud Traffic Analysis module is designed to give your organization the tools to identify and understand what changes need to be made to manage distributed congestion events at the edges of your networks. This unique service will significantly reduce the time it takes to know which edge devices are being congested and what traffic is causing that congestion.

The Traffic Analysis module removes the complexity and steps required for network operators or automation systems to quickly answer questions about short-lived edge congestion that cannot wait for hardware upgrades or significant changes to the network structure. The service is designed to improve the performance and reduce operational costs of multi-homed networks. By adding intelligence to routing changes, Traffic Analysis leverages a company’s existing network connectivity to deliver substantial network performance improvements, allowing for a better return on investment.

Cisco Crosswork Cloud Traffic Analysis collects network data through a secure, federated collection model and provides traffic data analytics to significantly reduce mean time to resolve edge congestion. This cloud service provides network operators the following initial capabilities:

     Real-time and historical visualizations of traffic matrixes for devices, device groups, and interfaces

     Alarms and notifications

     ASN and per-IP route traffic statistics

     Top-X traffic matrix table browser

     Flexible traffic dashboards and reports

Key use cases

Figure 2.               

Key use cases

Continuous traffic event awareness and management

The Cisco Crosswork Cloud Traffic Analysis platform features continuous monitoring of traffic event workflow use cases:

     Independent monitoring traffic forwarding matrix information

     Monitor changing traffic flows to critical destinations inside and outside my network

    Monitor critical third-party traffic flows

    Monitor traffic flows to my hosted infrastructure

     Forensic combination of BGP and traffic flow update analysis

    Understand how route changes impact traffic capacity

    Identify which route events triggered specific traffic profile changes

     Traffic event search criteria

    Top-X prefix searches associated with ASN, device, and interface groupings

    Utilization per top prefixes based on ASN, device, and interface groupings

Monitored IP route prefix and ASN traffic history

The traffic history enables the user to quickly identify IP prefix traffic events of importance. Events can be sorted and searched in various ways to quickly locate the root cause of a service impacting incident. Once an event is located, the detailed information for that event can be viewed as part of the next action. Subscribers will have different lookback periods based on the tier of subscription purchased.

Top talkers dashboards

The dashboard feature provides an immediate view of top talker information for various network elements, including top transit and to/from ASNs as well as top prefixes and top devices. This view is the entry point into identification of which network segments are the most frequently consuming network elements.

Top Talker Dashboard

Figure 3.               

Top Talker Dashboard

Traffic matrix index search

The traffic search feature enables users to quickly locate specific prefixes or ASNs that are of interest based on the size and direction of flows and to then use these selections to graphically compare their traffic rates over time.

Traffic Search Feature

Figure 4.               

Traffic Search Feature

Device and interface traffic statistics

The time series traffic statistics feature shows the data rates for both devices and interfaces over a respective sample period. This can be useful to determine when specific traffic events occurred and use these time points. A user can further apply this information to quickly locate which IP route prefixes or ASNs are causing the event.

Time Series Traffic Statistics Feature

Figure 5.               

Time Series Traffic Statistics Feature

Traffic grouping view

When a number of items need to be compared over time, the user can group common items and compare their traffic profile over time. This feature can be beneficial when investigating traffic flows based on unexpected or disjoint groups of network objects. It can also be useful in matching flow capacities based on opposite directions, to better understand the impact based on direction through different places in the network.

Traffic Grouping Feature

Figure 6.               

Traffic Grouping Feature

Features and benefits

Table 1.           List the main features and benefits of the Cisco Crosswork Cloud Traffic Analysis module



Cloud Delivered

Easy to order, provision, and set up

Faster delivery of ongoing innovation

Easier to integrate with other systems through APIs

Software as a Service (SaaS)

Less technical and operational overhead needed to set up, operate, and maintain servers and software

Ability to seamlessly add capacity, scale, and features, securely and reliably

Frees you to focus on business objectives

Subscription Pricing

Flexibility of payments, with 12- to 60-month terms and annual renewals

Lower upfront Capex and overall Total Cost of Ownership (TCO)

Ability to add capacity or term as needed to meet business requirements

The current subscription tiers are:


Subscription tiers are based on the number of configured device routing devices to be monitored and the size of the device and the size of the device traffic forwarding capacity

Scale-Out On-Premises Traffic Collection

Cloud Data Gateway is easy to deploy and manage and provides a consistent low-maintenance platform for cloud-to-ground connectivity and data collection. Designed to scale to multiple sites, these data gateways are 100% cloud managed and require little maintenance once deployed. Scaling collection is as simple as automating the deployment of new data gateways.

Traffic Reporting and Visualization

  Route Prefix Analysis (Top 10 Src/Dst Prefixes)
  Route Prefix Group Analysis (Top 10 Src/Dst Prefixes by group)
  ASN Analysis (Top 100 Src/Dst Prefixes)
  ASN Group Analysis (Top 100 Src/Dst Prefixes by group)
  Device Analysis (Top 100 Src/Dst Prefixes)
  Device Group Analysis (Top 100 Src/Dst Prefixes by group)

Data Learning Intelligence

Provides deeper insight into event correlation and root cause analysis

Enables machine learning methods to be applied to various data and event inputs

Send alarms to log-based event tools for deeper learning

API Framework

Provides easy-to-use REST/JSON APIs for all tasks

The platform can be integrated into other SDN platforms

Validate traffic change as part of an automation playbook

Use policy events to trigger automation playbooks

Configure traffic components, including

  Devices and Device Groups
  Interfaces and Interface Groups
  Prefixes and Prefix Groups
  ASNs and ASN Groups


Role-based access controls Federated One Identity for easy access to multiple customer tenancies

Enterprise Single Sign-On with Federated Identity to reduce user support and onboarding

Network Automation Integration

Trigger traffic balancing automation events using customizable criteria:

  Prefix Pre-change and Post-change State Checking
  Prefix Presence, Absence, Redundancy, and Coverage
  Prefix BGP ASN Path Match Criteria
  Prefix BGP Community Match Criteria
  Prefix eBGP Segment Routing SID

Integrated options with Cisco Crosswork Change Automation and Cisco® NSO


Products subscription tiers

The Cisco Crosswork Cloud Traffic Analysis service is a new capability to provide insight and analysis of traffic matrix information. The services provides expanded near real-time and historical state information for each monitored IP routing device. Future license tiers will contain longer data retention as well as new enrichment capabilities via the delivery of Function Packs. The Function Packs will continue to enhance the Essentials offer with new alarms, reporting and continuous analysis, and recommendation capabilities over time. The primary difference between the Essentials tier and the Function Packs is the accessibility to automation use cases as well as proactive policy-based alerting.

All Cisco Crosswork Cloud subscription tiers can be used independently or in combination with each other. The Traffic Analysis module integrates the information and features of the Free license tier for Network Insights Exterior Route Analysis. Customers familiar with the Exterior Route Analysis module can integrate their existing service offering of Cisco Crosswork Cloud Traffic Analysis or create a separate tenancy as required. Customers will be able to mix and match higher level license tiers based on allocation of tiered licenses to specific devices. License compliance is flexible and reported within the user interface.


Figure 7.               

Crosswork Cloud Traffic Analysis Essentials Tier Benefits

The following feature support matrix is per subscripted device for the Traffic Analysis service.

Feature support may be subject to the configured mapped state of a device to a license tier:

Y = Yes, supported per associated device

P = Partial support per associated device

O = Feature is Optional but must be purchased separately

A = Feature is Always available regardless of Device License Association

Table 2.           Product Subscription Tiers

Product Subscription Tier

Essentials Device RTM

Product Availability


Data Granularity

5 minutes

Polling Interval

1 minutes

Data Retention and Lookback

3 months

Prefix Traffic Analysis


Prefix Traffic Group Analysis


ASN Traffic Analysis


ASN Group Traffic Analysis


Interface Traffic Analysis


Interface Group Traffic Analysis


Device Traffic Analysis


Device Group Traffic Analysis


Intent-Based Policies - Traffic


Traffic Rules and Alarms

(future roadmap)

Utilization Threshold

O (future roadmap)

Device Connectivity Failure

O (future roadmap)

Protocol Connectivity Failure

O (future roadmap)







NetFlow v5, v9


IP Fix








Notification Endpoints

(future roadmap)





Structured Syslog to Cloud File Storage (AWS S3) 1


Cisco Webex® Teams Channel 2


Microsoft Teams Channel 3


PagerDuty 4


Slack Channels 5


Identity Management

Unlimited Users per Tenancy

Y User Accounts


Federated Identity and SSO via OKTA


Role-Based Access Controls (RBAC)


API Support

(future roadmap)

Technical Support for API Usage


API Signing Key


API Bearer Token


Function Packs

(future roadmap)

Peering Prospecting


Load Balancing – Equal Share


Load Balancing – Unequal Share


Exterior Routing Analysis Features

Cisco Crosswork Cloud Traffic Analysis - Free Tier


Configured Prefixes Included


WHOIS Lookup for Prefixes and ASNs


RPKI/ROA Lookup and Validation


RADB/RPSL Lookup and Validation


BGP Global Looking Glass


BGP Global Updates

1 Day

1 AWS S3 is the property of Amazon Web Services, Inc. Customers are required to provide their own storage subscription entitlement.
2 Cisco Webex Teams is the property of Cisco Systems, Inc. Customers are required to provide a separate subscription and API entitlement.
3 Microsoft is the property of Slack Technologies Inc. Customers are required to provide their own subscription and API entitlement.
4 PagerDuty is the property of PagerDuty, Inc. Customers are required to provide a separate subscription and API entitlement.
5 Slack is the property of Slack Technologies Inc. Customers are required to provide their own subscription and API entitlement.

System requirements

The Cisco Crosswork Cloud Traffic Analysis application is delivered via a Software-as-a-Service (SaaS) offer and does not have any specific system requirements to operate the software itself. Users of the Cisco Crosswork Cloud products require one of the following browsers in order to access the SaaS application:

Table 3.           Cisco Crosswork Data Gateway System Requirements



Web Browser

Google Chrome 70 or later

Mozilla Firefox 62 or later

The Traffic Analysis features require the use of the Cisco Crosswork Data Gateway to aggregate device data and transmit this to the cloud service as a form of network telemetry. The following system requirements are a guide to a base collector Virtual Machine (VM) specification. The Cisco Crosswork Cloud application may require multiple CDG instances depending on the number of devices to be associated with the service and the amount of redundancy required from the collection framework.

For Cisco Crosswork Cloud applications, Cisco Crosswork Data Gateway software is included in your application cost. The Cisco Crosswork Data Gateway is prevented from being used for other on-premises Cisco Crosswork applications.

Table 4.           Cisco Crosswork Data Gateway System Requirements




VMWare ESXi 6.5 (update 2 or later) and 6.7.x


32 GB minimum

Disk Space



8 vCPU

Network Interfaces

Up to three virtual interfaces depending on requirements*

  One interface for management access, including SSH and GUI access to the VM. The DNS and NTP servers, and the default gateway, must be reachable via this interface.
  One interface for southbound device access. Associated devices must be reachable via this interface (routable).
  One interface for northbound cloud access. The data destination must be reachable via this interface (routable).
*Interfaces can be consolidated subject to deployment requirements.

For more information about the Cisco Crosswork Data Gateway, please see the Crosswork Data Gateway Data Sheet.

Ordering information

Cisco Crosswork Cloud Traffic Analysis is available. To order, please visit the Cisco Ordering Home Page.

Traffic Analysis feature tiers can be ordered in one-year, three-year, and five-year subscription periods. In addition, volume and term discounts are available for customers ordering higher numbers of monitored routers at the same time. There is currently only a license options Essentials features detailed above. More comprehensive license features will follow later. The SaaS software is accessible via

Cisco Smart Accounts and Smart Licensing are supported for Traffic Analysis. In addition, Cisco Connection Online (CCO) user accounts are mandatory in order to use the Cisco Crosswork Cloud user interface.

Table 5.           Ordering information

Part #

Product Description

Entitlement Model


Assemble to Order (ATO) top-level SKU, Essentials RTU Tier

Per Subscription


TA Essentials Device RTU < 5 Gbps Throughput, Extra Small

Per Configured Router Device


TA Essentials Device RTU < 25 Gbps Throughput, Small

Per Configured Router Device


TA Essentials Device RTU < 100 Gbps Throughput, Medium

Per Configured Router Device


TA Essentials Device RTU < 350 Gbps Throughput, Large

Per Configured Router Device


TA Essentials Device RTU < 1000 Gbps Throughput, Extra Large

Per Configured Router Device


Crosswork Data Gateway RTU



Cloud Basic Product Support Entitlement SKU


Cisco and Partner Services

Cisco offers a wide range of services to help accelerate your success in connecting to Cisco Crosswork. The innovative Cisco Services offerings are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operational efficiency and improve your network control. Cisco Advanced Services use an architecture-led approach to help you align your network infrastructure with your business goals and achieve long-term value. Cisco Crosswork products can be combined with the Cisco SMARTnet® service to help you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. Spanning the entire network lifecycle, Cisco Services offerings help increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise. For more information, please visit

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

Learn more

For more information on Cisco's network automation portfolio please visit To learn more about Cisco Crosswork or to schedule a demonstration contact your Cisco sales representative.

Document history

New or Revised Topic

Described In


General Availability

Crosswork Data Gateway – Data Sheet


General Availability

Crosswork Cloud - Release Notes


General Availability

Crosswork Network Insights – Traffic Analysis – User Guide


General Availability

Crosswork Network Insights – Traffic Analysis – Data Sheet






Learn more