Introduction
The purpose of this document is to provide information on how the Cisco Prime Virtual Network Analysis Module (vNAM) and Cisco Prime™ Collaboration can be used together to monitor and troubleshoot voice, video, and other network-related issues. It provides information on each of the products, how to use the two products together, and the benefits the complete solution offers.
Cisco Prime Collaboration provides postcall analysis for voice troubleshooting. It uses call quality metrics from call detail records (CDRs) and call management records (CMRs) from Cisco® Unified Communications (UC) Manager devices. Cisco Prime Network Analysis Module (NAM) monitors voice/video traffic in real time on a minute-by-minute basis. Cisco Prime Collaboration can collect this granular, real-time data from NAM, correlating it with data from other NAMs across the network as well as with the Cisco UC Manager call records to provide multilayered information about the performance of voice/video traffic to facilitate advanced troubleshooting.
The end of sale of Cisco 1040 sensors is now imminent (see http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-collaboration/eos-eol-notice-c51-731102.html). The Cisco Prime vNAM replaces the Cisco 1040 Sensor and fills the missing capabilities gap.
The following topics are covered in this document:
● Overview of Cisco Prime vNAM
● Deployment Model
● Overview of Cisco Prime vNAM Voice/Video Monitoring Metrics
● Managing NAMs Using Cisco Prime Collaboration
● Troubleshooting Voice Call Quality Issues in Real Time: Illustrative Example
● Licensing Options and Product Specification
● Appendix
Overview of Cisco Prime vNAM
Cisco Prime Virtual Network Analysis Module (vNAM) monitors voice, video, and a variety of other network-related metrics to help ensure 24-hour connectivity and performance for all users. It delivers operational agility by permitting deployment almost anywhere in the network to improve service levels. You can deploy the vNAM in the cloud to monitor hosted workloads, at remote sites to characterize the end-user experience, or almost anywhere to eliminate blind spots. It combines deep application awareness, insightful performance analytics, and comprehensive network visibility to empower network administrators to efficiently and effectively manage their networks.
Cisco Prime vNAM allows users to:
● Lower total cost of ownership (TCO) by deploying NAM on a virtual machine
● Improve delivery of voice/video services by measuring critical parameters such as Mean Opinion Score (MOS), jitter, and packet loss in real time
● Gain Layer 4 through Layer 7 visibility using Cisco Network-based Application Recognition 2 (NBAR2) natively to easily identify business-critical applications
● Analyze network usage by application, host or virtual machine (VM), and conversation to identify bottlenecks that may affect performance and availability
● Troubleshoot performance problems by combining detailed traffic flow and packet analysis consistently across physical and virtual environments
● Take advantage of an integrated web-based interface to manage a site remotely, eliminating the need to backhaul the data to a centralized location and saving WAN bandwidth
Cisco Prime vNAM comes with a remotely accessible web-based management and reporting console, which runs the Cisco Prime Network Analysis Module Software. The software includes prepackaged dashboards that provide an immediate view of network performance and workflows that help accelerate operational decisions.
Deployment Model
This section details examples of vNAM deployment scenarios for illustrative purposes.
Simplifying Remote-Site Manageability
When deployed at a remote site, Cisco Prime vNAM can help network administrators characterize end-user experience (Figure 1), profile application traffic, and troubleshoot performance problems to cost-effectively deliver services across Cisco Enterprise Networks. An integrated web-based interface that can be cross-launched from Cisco Prime Collaboration allows administrators to access vNAM remotely at any time and from anywhere to gather network and application performance insights. The vNAM can monitor all traffic entering and leaving the remote site, identify the applications consuming the most bandwidth, proactively alert you to degradation in application performance, assess whether control and optimization techniques are effectively implemented, and help you contextually troubleshoot performance problems.
Monitor Workload in Multitenant Cloud
Deployed in a tenant network container (Figure 2), Cisco Prime vNAM analyzes the TCP-based interactions for the hosted workload to assess performance. It provides metrics such as transaction time, server response time, application delay, and more. Setting performance thresholds helpsto proactively detect application response time issues, minimizing the risk of violating service-level objectives. Cisco Prime vNAM also provides insight into network usage by applications, top talkers, and conversations to help optimize use of the cloud infrastructure, including overlay technologies such as VXLAN and LISP.
Strategic Versus Tactical Deployment Methodologies
There are two approaches for deploying Cisco Prime vNAM: for strategic monitoring and tactical monitoring. For strategic monitoring, a Cisco Prime vNAM is deployed to continuously monitor all or subsets of endpoint devices in the network. Continuous monitoring may be needed for mission-critical purposes:
● An organization may need to continuously monitor calls made or received by its sales staff in order to ensure no calls are dropped or missed.
● A retailer may want to continuously monitor calls on a product launch day to ensure no calls are dropped or missed.
For tactical monitoring, a Cisco Prime vNAM is deployed in a site where a voice quality issue has been identified. Tactical monitoring is needed to isolate and troubleshoot a specific voice quality issue.
Overview of Cisco Prime vNAM Voice/Video Monitoring Metrics
The Cisco Prime vNAM monitors 400 concurrent Real-Time Protocol (RTP) streams per minute, which is four times the number of streams monitored by the Cisco 1040 Sensors.
NAM provides comprehensive voice/video quality measurements. The charts available include:
RTP stream statistics:
● RTP streams: Number of streams that fall in the quality bands of excellent, good, fair, and poor during the selected interval.
● Top-N source endpoints: Endpoints that generated the lowest duration weighted MOS during the selected interval.
● Top-N destination endpoints: Endpoints that experienced the lowest duration weighted MOS during the selected interval.
● Top-N RTP streams: RTP streams that have the lowest duration weighted MOS during the selected interval.
● Top-N RTP streams by adjusted packet loss: RTP streams that have the highest overall adjusted packet loss percent during the selected interval.
NAM internally evaluates the MOS value of the stream every 3 seconds.
Voice call statistics:
● Voice call statistics: Number of calls per signaling protocol (SCCP, SIP, MGCP, and H.323) at each interval during the selected interval.
● Top-N endpoints by jitter (ms): Endpoints that have the largest average of endpoint reported jitter during the selected interval.
● Top-N endpoints by packet loss (%): Endpoints that have the largest average of endpoint-reported packet loss during the selected interval.
● Top-N calls by jitter (ms): Calls that have the longest endpoint-reported jitter during the selected interval.
● Top-N calls by packet loss (%): Calls that have the most endpoint-reported packet loss percent during the selected interval.
Other metrics include details about the calls table, and detailed information about RTP conversations and streams is provided. Please refer to pages 4-36 to 4-42 of the Cisco Prime Network Analysis User Guide located at http://www.cisco.com/c/en/us/td/docs/net_mgmt/network_analysis_module_software/6-0-2/user/guide/NAM_user_book.pdf.
Managing NAMs Using Cisco Prime Collaboration
Cisco Prime Collaboration helps enable rapid installation and maintenance of Cisco Unified Communications and Cisco TelePresence® components, substantially increasing productivity and lowering operating expenses. By significantly reducing the complexity in performing moves, adds, and changes, the solution facilitates delegation of these tasks. This helps network operators to optimize IT resources and further reduce total cost of ownership.
This solution also provides efficient, integrated assurance management of applications and the underlying transport infrastructure. This includes RTP-time monitoring and troubleshooting of Cisco TelePresence solutions and the entire Cisco Unified Communications system, including Cisco Unified Communications Manager, Cisco Unity® Connection, and Cisco Unified Contact Center Enterprise. The solution expedites operator resolution of service quality issues before they affect end users and helps avoid system and service outages for a greater end-user quality of experience.
Cisco Prime Collaboration correlates data from NAMs across the network and from Cisco UC Manager call records to provide detailed information about calls associated with specific RTP streams to accelerate troubleshooting. Cisco Prime Collaboration provides the following metrics:
● Source and/or destination extension number
● Device types
● Interface through which the call flowed in the case of a call to or from a gateway
● Call disconnect reason, where possible
● Exact Unified Communications Manager server (not just the Unified Communications Manager cluster) to which the phone is connected
The Sensor/NAM Voice Call Quality report detailed below displays the MOS value that a NAM has calculated for RTP streams on a minute-by-minute basis. For each interval, a NAM report displays one or two rows of data, depending on whether data from only one or both RTP streams was captured. Each row identifies the NAM that collected the data, the endpoints involved, MOS, milliseconds of jitter, and the time stamp.
Cisco Prime Collaboration can concurrently manage 50 NAMs. Up to 1000 CDRs/minute and up to 3000 RTP streams/minute can be processed by Cisco Prime Collaboration. Additional information about system specifications can be found at http://docwiki.cisco.com/wiki/System_Capacity_for_Cisco_Prime_Collaboration_10.5.
Viewing Sensor Stream Correlation Data
To launch a Sensor Stream Correlation window, generate a sensor diagnostic report and click the MOS value for the stream that interests you. This report can be generated by:
● Step 1: Choose Report > Interactive Reports > UCM/CME Voice Call Quality Reports > Sensor/NAM.
● Step 2: Specify filter criteria.
The MOS value that you click from the result generated is a measure of the listener’s experience captured from that RTP stream. Cisco Prime Collaboration displays the following tables:
● Stream summary: A subset of the data that was displayed on the sensor diagnostic report. Additionally, the source synchronization ID (SSRC) for the stream is listed. An SSRC identifies the source of a stream of RTP packets and remains unique during an RTP session.
● Call record: Information from the Unified Communications Manager CDR that correlates to the stream.
● Stream details: Details from one or more sensors where the SSRC matches the one in the stream summary.
Figure 3 shows a sample correlation report.
Cisco Prime NAM Cross-Launch
While performing troubleshooting for a session, you can also cross-launch Cisco Prime NAM to further analyze an issue associated with network devices that are connected to the endpoints.
To launch the Cisco Prime NAM features for a particular device while troubleshooting (described in the Setting Up Cross-Launch for a Single Cisco Prime NAM Device section below), you must ensure that the device is managed in both Cisco Prime NAM and Cisco Prime Collaboration applications.
Cisco Prime Collaboration requires host IP address, management IP address, and user credentials to launch the Cisco Prime NAM that is installed on the network devices.
Besides the Cisco Prime vNAM, other NAM products are supported in Cisco Prime Collaboration:
● Cisco Prime Network Analysis Module (NAM) for ISR G2 SRE
● Cisco Catalyst® 6500 Series NAM (NAM-3)
● Cisco Prime NAM 2300 Series Appliances (2304, 2320)
● Cisco Prime NAM for Cisco Nexus® 1110
● Cisco Nexus 7000 Series Network Analysis Module (NAM-NX1)
Based on the Cisco Prime NAM user privilege, you can launch the following features of the Cisco Prime NAM application:
● Device Interface View: Displays the total packet distribution on all interfaces.
● NAM Host View: Displays the input and output traffic for the host over time, top-N application activity of the host over the selected interval, and total application usage distribution for the host.
● NAM Homepage: Displays the top-N applications, top-N application groups, top-n hosts (in and out), IP distribution by bits (or bytes), top-N differentiated services code point (DSCP), and top-N VLAN being monitored on your network.
In order to access NAM, please make sure it is reachable from Cisco Prime Collaboration through HTTP.
Setting Up Cross-Launch for a Single Cisco Prime NAM Device
While you are performing troubleshooting for a session, you can cross-launch Cisco Prime NAM for a single device to further analyze the issue on network devices that are connected between the endpoints.
To set up cross-launch for a single Cisco Prime NAM device:
● Step 1: Choose Administration > System Setup > Assurance Setup > Cisco Prime 360 Integration.
● Step 2: Click Add.
● Step 3: Enter the appropriate details into the dialog box. Add cross-reference for field descriptions.
● Step 4: Click Save.
Table 1 lists the field descriptions in the Cisco Prime NAM dialog box.
Table 1. Cisco Prime NAM Dialog Box - Field Descriptions
Field |
Description |
NAM Host Device IP |
IP address of the network device that contains NAM software. Cisco Prime Collaboration manages the NAM host IP address only. A device may be accessible through multiple IP addresses. However, the IP address that you enter must be the same as that listed in the Inventory page. |
NAM Management IP |
IP address assigned in the network device to launch the NAM user interface. You must ensure that the NAM management IP address is unique. |
Username and Password |
Credentials to access the Cisco Prime NAM user interface. The user must have the required privilege to launch the Cisco Prime NAM Device Interface view, NAM Host view, and NAM homepage. |
Setting Up Cross-Launch for a Set of Cisco Prime NAM Devices
While you are performing troubleshooting for a session, you can cross-launch Cisco Prime NAM for a set of devices to further analyze the issue on network devices that are connected between the endpoints.
To set up cross-launch for a single Cisco Prime NAM device:
● Step 1: Choose Administration > System Setup > Assurance Setup > Cisco Prime 360 Integration.
● Step 2: Click Import NAM.
● Step 3: Import the NAM configuration file in comma-separated value (CSV) file format, as follows:
host IP address, management IP address, username, password
● Step 4: Check the Replace existing entries with imported data check box to avoid duplicate entries of the Cisco NAM server in the Cisco Prime Collaboration database.
● Step 5: Click OK.
Receiving Service Quality Alarms Based on Monitoring MOS from NAMs
Cisco Prime Collaboration monitors NAMs at regular intervals and raises service quality (SQ) alarms based on user-defined thresholds for MOS values. To set up:
● Step 1: Choose Administration > Alarm & Event Setup >Threshold Settings >Sensor Call Quality Settings.
● Step 2: Click Add.
● Step 3: Select NAM IP address from the Select Sensors pull-down menu.
● Step 4: Specify device type filter from the Select Devices pull-down menu.
● Step 5: Select filter criteria for MOS threshold settings for the codecs of interest.
● Step 6: Click OK.
Troubleshooting Voice Call Quality Issue in Real Time: Illustrative Example
Figure 4 shows an example scenario for troubleshooting a voice call quality issue in real time.
In this example, a vNAM is installed at headquarters (HQ) and another vNAM is installed at the branch office (BR). When a call is made from headquarters, the vNAM at HQ records the MOS value from the originating endpoint at HQ. This score is 4.5. The MOS value at the receiving endpoint is recorded by the vNAM at the branch location. This MOS value is 3. By inspecting MOS values from both endpoints recorded by vNAMs deployed at HQ and BR, the user can quickly come to the conclusion that degradation in call quality has occurred with the routers that are deployed between HQ and the branch office. By correlating CDR/CMR information, the user can quickly identify phone numbers and device types that are affected as well as obtain insight into the cause of degradation and/or termination of the call.
Licensing Options and Product Specification
Cisco offers two Cisco Prime vNAM licenses, NAM-VX10 and NAM-VX20 (Table 2). They are distinguished by their traffic monitoring throughput. Both Cisco Prime vNAMs support the same feature set.
Licensing for the Cisco Prime vNAMs takes advantage of standard Cisco Software Licensing, for which additional information is available at http://www.cisco.com/go/clm. The Cisco Prime vNAM includes a 60-day evaluation license.* The software can be downloaded from the Cisco Promotional Software Store.
Table 2. Cisco Prime vNAM License Information
vNAM License Part Number |
Description |
Supported Virtual Environment |
Traffic Monitoring Performance |
R-NAM-VX10-6.1-K9= |
Cisco Prime Virtual NAM (NAM-VX10) Software Version 6.1 |
Red Hat Enterprise Linux KVM 0.12 or later, |
Up to 150 Mbps |
R-NAM-VX20-6.1-K9= |
Cisco Prime Virtual NAM (NAM-VX20) Software Version 6.1 |
Red Hat Enterprise Linux KVM 0.12 or later, |
Up to 1 Gbps |
Product Specifications
Table 3 provides the specifications for the Cisco Prime vNAM.
Table 3. Cisco Prime vNAM Specifications
Feature |
Description |
System requirements (both vNAM licenses) |
Cisco Prime vNAM can be deployed on any x86 platform. The system requirements include:
● Two 64-bit CPUs
• Two virtual Ethernet ports
• Network interface card (NIC) driver type: VMXNET3 (for ESXi) and virtio (for KVM)
• 4 GB RAM
● 100 GB disk space
|
Supported topologies and data sources |
|
Supported communication protocols |
● HTTP/Secure HTTP (HTTPS) with embedded web-based user interface
• Simple Network Management Protocol Version 1 (SNMPv1) and Version 2c, with standards-based applications
|
Cisco Prime NAM Software |
● Cisco Prime NAM Software Version 6.1
• Requires Microsoft Internet Explorer 10+ or Firefox ESR 24+
• Support for Secure Sockets Layer (SSL) security with up to 256-bit encryption
● Role-based user authorization and authentication locally or using TACACS+
|
MIBs |
The Cisco Prime vNAMS are standards compliant. They support the following major MIB groups:
• MIB-II (RFC 1213): All groups except Exterior Gateway Protocol (EGP) and transmission
● Remote Monitoring (RMON; RFC 2819): Alarm and Event groups only
● RMON2 (RFC 2021): trapDestTable only
● Cisco Discovery Protocol
● EntityMIB (RFC 2737)
|
Applications and protocols |
The Cisco Prime vNAM supports two protocol classification modes, DPI (NBAR2) and Classic. A list of the NBAR2 protocols supported in NAM 6.1 can be found at: NBAR2 Protocol Packs for NAM can be found, when available, on the Cisco Prime NAM Software support site at: http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network-analysis-module-software/tsd-products-support-general-information.html. The DPI mode is the default mode. Cisco Prime NAM in Classic mode identifies hundreds of unique protocols (Layers 2 through 4) and automatically detects unknown protocols. It also supports URL-based application definition. Supported protocols include, but are not limited to:
● TCP and User Datagram Protocol (UDP) over IP, including IPv6
● HTTP and HTTPS
● Voice over IP (VoIP) including Skinny Client Control Protocol (SCCP), Real-Time Protocol/Real-Time Control Protocol (RTP/RTCP), Media Gateway Control Protocol (MGCP), and Session Initiation Protocol (SIP)
● SIGTRAN protocols
● Mobile IP protocols, including General Packet Radio Service (GPRS) Tunneling Protocol (GTP)
● SAN protocols
● Database protocols
● Peer-to-peer protocols
● Switch and router protocols
● Cisco proprietary protocols
• Unknown protocols by TCP/UDP ports and Remote Procedure Call (RPC) program numbers
|
For additional information, refer to the vNAM data sheet located at http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-virtual-network-analysis-module-vnam/data_sheet_c78-723214.html. Information about other NAM models is available at http://www.cisco.com/c/en/us/products/cloud-systems-management/network-analysis-module-nam/index.html.
Appendix
Other Capabilities of NAM
NAM empowers users to troubleshoot network-related issues in real time by providing the following capabilities:
● Network layer traffic analysis: NAM provides comprehensive traffic analysis to identify what applications are running over the network, how much network resources are consumed, and who is using these applications. NAM software offers a rich set of reports with which to view traffic by hosts, applications, or conversations.
● Application response time: NAM can provide passive measurement of TCP-based applications for any given server or client, supplying a wide variety of statistics like response time, network flight time, and transaction time.
● WAN optimization insight: NAM provides insight into WAN optimization offerings that compress and optimize WAN traffic for pre- and postdeployment scenarios. This is applicable for optimized and pass-through traffic.
● Advanced troubleshooting: NAM provides robust capture and decode capabilities for packet traces that can be triggered or terminated based on user-defined thresholds.
NAM delivers the above functionality by analyzing a wide variety of data sources that include:
● Port mirroring technology like SPAN and RSPAN/ERSPAN. Cisco Prime NAM can analyze Ethernet VLAN traffic from the following sources: Ethernet, Fast Ethernet, Gigabit Ethernet, trunk port, or Fast EtherChannel SPAN, RSPAN, or ERSPAN source port.
● VACL
● NetFlow Data Export (NDE): Cisco Prime NAM analyzes NetFlow from managed devices (routers/switches)
● WAAS
● SNMP
● Performance Agent (PA)
● Network tap device: Applies to Cisco NAM appliances only