Using Cisco Prime Virtual Network Analysis Module and Cisco Prime Collaboration to Monitor and Troubleshoot Voice and Video

Introduction

The purpose of this document is to provide information on how the Cisco Prime Virtual Network Analysis Module (vNAM) and Cisco Prime^™ Collaboration can be used together to monitor and troubleshoot voice, video, and other network-related issues. It provides information on each of the products, how to use the two products together, and the benefits the complete solution offers.

Cisco Prime Collaboration provides postcall analysis for voice troubleshooting. It uses call quality metrics from call detail records (CDRs) and call management records (CMRs) from Cisco^® Unified Communications (UC) Manager devices. Cisco Prime Network Analysis Module (NAM) monitors voice/video traffic in real time on a minute-by-minute basis. Cisco Prime Collaboration can collect this granular, real-time data from NAM, correlating it with data from other NAMs across the network as well as with the Cisco UC Manager call records to provide multilayered information about the performance of voice/video traffic to facilitate advanced troubleshooting.

The end of sale of Cisco 1040 sensors is now imminent (see http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-collaboration/eos-eol-notice-c51-731102.html). The Cisco Prime vNAM replaces the Cisco 1040 Sensor and fills the missing capabilities gap.

The following topics are covered in this document:

●   Overview of Cisco Prime vNAM

●   Deployment Model

●   Overview of Cisco Prime vNAM Voice/Video Monitoring Metrics

●   Managing NAMs Using Cisco Prime Collaboration

●   Troubleshooting Voice Call Quality Issues in Real Time: Illustrative Example

●   Licensing Options and Product Specification

●   Appendix

Overview of Cisco Prime vNAM

Cisco Prime Virtual Network Analysis Module (vNAM) monitors voice, video, and a variety of other network-related metrics to help ensure 24-hour connectivity and performance for all users. It delivers operational agility by permitting deployment almost anywhere in the network to improve service levels. You can deploy the vNAM in the cloud to monitor hosted workloads, at remote sites to characterize the end-user experience, or almost anywhere to eliminate blind spots. It combines deep application awareness, insightful performance analytics, and comprehensive network visibility to empower network administrators to efficiently and effectively manage their networks.

Cisco Prime vNAM allows users to:

●   Lower total cost of ownership (TCO) by deploying NAM on a virtual machine

●   Improve delivery of voice/video services by measuring critical parameters such as Mean Opinion Score (MOS), jitter, and packet loss in real time

●   Gain Layer 4 through Layer 7 visibility using Cisco Network-based Application Recognition 2 (NBAR2) natively to easily identify business-critical applications

●   Analyze network usage by application, host or virtual machine (VM), and conversation to identify bottlenecks that may affect performance and availability

●   Troubleshoot performance problems by combining detailed traffic flow and packet analysis consistently across physical and virtual environments

●   Take advantage of an integrated web-based interface to manage a site remotely, eliminating the need to backhaul the data to a centralized location and saving WAN bandwidth

Cisco Prime vNAM comes with a remotely accessible web-based management and reporting console, which runs the Cisco Prime Network Analysis Module Software. The software includes prepackaged dashboards that provide an immediate view of network performance and workflows that help accelerate operational decisions.

Deployment Model

This section details examples of vNAM deployment scenarios for illustrative purposes.

Simplifying Remote-Site Manageability

When deployed at a remote site, Cisco Prime vNAM can help network administrators characterize end-user experience (Figure 1), profile application traffic, and troubleshoot performance problems to cost-effectively deliver services across Cisco Enterprise Networks. An integrated web-based interface that can be cross-launched from Cisco Prime Collaboration allows administrators to access vNAM remotely at any time and from anywhere to gather network and application performance insights. The vNAM can monitor all traffic entering and leaving the remote site, identify the applications consuming the most bandwidth, proactively alert you to degradation in application performance, assess whether control and optimization techniques are effectively implemented, and help you contextually troubleshoot performance problems.

Monitor Workload in Multitenant Cloud

Deployed in a tenant network container (Figure 2), Cisco Prime vNAM analyzes the TCP-based interactions for the hosted workload to assess performance. It provides metrics such as transaction time, server response time, application delay, and more. Setting performance thresholds helpsto proactively detect application response time issues, minimizing the risk of violating service-level objectives. Cisco Prime vNAM also provides insight into network usage by applications, top talkers, and conversations to help optimize use of the cloud infrastructure, including overlay technologies such as VXLAN and LISP.

Strategic Versus Tactical Deployment Methodologies

There are two approaches for deploying Cisco Prime vNAM: for strategic monitoring and tactical monitoring. For strategic monitoring, a Cisco Prime vNAM is deployed to continuously monitor all or subsets of endpoint devices in the network. Continuous monitoring may be needed for mission-critical purposes:

●   An organization may need to continuously monitor calls made or received by its sales staff in order to ensure no calls are dropped or missed.

●   A retailer may want to continuously monitor calls on a product launch day to ensure no calls are dropped or missed.

For tactical monitoring, a Cisco Prime vNAM is deployed in a site where a voice quality issue has been identified. Tactical monitoring is needed to isolate and troubleshoot a specific voice quality issue.

Overview of Cisco Prime vNAM Voice/Video Monitoring Metrics

The Cisco Prime vNAM monitors 400 concurrent Real-Time Protocol (RTP) streams per minute, which is four times the number of streams monitored by the Cisco 1040 Sensors.

NAM provides comprehensive voice/video quality measurements. The charts available include:

RTP stream statistics:

●   RTP streams: Number of streams that fall in the quality bands of excellent, good, fair, and poor during the selected interval.

●   Top-N source endpoints: Endpoints that generated the lowest duration weighted MOS during the selected interval.

●   Top-N destination endpoints: Endpoints that experienced the lowest duration weighted MOS during the selected interval.

●   Top-N RTP streams: RTP streams that have the lowest duration weighted MOS during the selected interval.

●   Top-N RTP streams by adjusted packet loss: RTP streams that have the highest overall adjusted packet loss percent during the selected interval.

NAM internally evaluates the MOS value of the stream every 3 seconds.

Voice call statistics:

●   Voice call statistics: Number of calls per signaling protocol (SCCP, SIP, MGCP, and H.323) at each interval during the selected interval.

●   Top-N endpoints by jitter (ms): Endpoints that have the largest average of endpoint reported jitter during the selected interval.

●   Top-N endpoints by packet loss (%): Endpoints that have the largest average of endpoint-reported packet loss during the selected interval.

●   Top-N calls by jitter (ms): Calls that have the longest endpoint-reported jitter during the selected interval.

●   Top-N calls by packet loss (%): Calls that have the most endpoint-reported packet loss percent during the selected interval.

Other metrics include details about the calls table, and detailed information about RTP conversations and streams is provided. Please refer to pages 4-36 to 4-42 of the Cisco Prime Network Analysis User Guide located at http://www.cisco.com/c/en/us/td/docs/net_mgmt/network_analysis_module_software/6-0-2/user/guide/NAM_user_book.pdf.

Managing NAMs Using Cisco Prime Collaboration

Cisco Prime Collaboration helps enable rapid installation and maintenance of Cisco Unified Communications and Cisco TelePresence^® components, substantially increasing productivity and lowering operating expenses. By significantly reducing the complexity in performing moves, adds, and changes, the solution facilitates delegation of these tasks. This helps network operators to optimize IT resources and further reduce total cost of ownership.

This solution also provides efficient, integrated assurance management of applications and the underlying transport infrastructure. This includes RTP-time monitoring and troubleshooting of Cisco TelePresence solutions and the entire Cisco Unified Communications system, including Cisco Unified Communications Manager, Cisco Unity^® Connection, and Cisco Unified Contact Center Enterprise. The solution expedites operator resolution of service quality issues before they affect end users and helps avoid system and service outages for a greater end-user quality of experience.

Cisco Prime Collaboration correlates data from NAMs across the network and from Cisco UC Manager call records to provide detailed information about calls associated with specific RTP streams to accelerate troubleshooting. Cisco Prime Collaboration provides the following metrics:

●   Source and/or destination extension number

●   Device types

●   Interface through which the call flowed in the case of a call to or from a gateway

●   Call disconnect reason, where possible

●   Exact Unified Communications Manager server (not just the Unified Communications Manager cluster) to which the phone is connected

The Sensor/NAM Voice Call Quality report detailed below displays the MOS value that a NAM has calculated for RTP streams on a minute-by-minute basis. For each interval, a NAM report displays one or two rows of data, depending on whether data from only one or both RTP streams was captured. Each row identifies the NAM that collected the data, the endpoints involved, MOS, milliseconds of jitter, and the time stamp.

Cisco Prime Collaboration can concurrently manage 50 NAMs. Up to 1000 CDRs/minute and up to 3000 RTP streams/minute can be processed by Cisco Prime Collaboration. Additional information about system specifications can be found at http://docwiki.cisco.com/wiki/System_Capacity_for_Cisco_Prime_Collaboration_10.5.

Viewing Sensor Stream Correlation Data

To launch a Sensor Stream Correlation window, generate a sensor diagnostic report and click the MOS value for the stream that interests you. This report can be generated by:

●   Step 1: Choose Report > Interactive Reports > UCM/CME Voice Call Quality Reports > Sensor/NAM.

●   Step 2: Specify filter criteria.

The MOS value that you click from the result generated is a measure of the listener’s experience captured from that RTP stream. Cisco Prime Collaboration displays the following tables:

●   Stream summary: A subset of the data that was displayed on the sensor diagnostic report. Additionally, the source synchronization ID (SSRC) for the stream is listed. An SSRC identifies the source of a stream of RTP packets and remains unique during an RTP session.

●   Call record: Information from the Unified Communications Manager CDR that correlates to the stream.

●   Stream details: Details from one or more sensors where the SSRC matches the one in the stream summary.

Figure 3 shows a sample correlation report.

Cisco Prime NAM Cross-Launch

While performing troubleshooting for a session, you can also cross-launch Cisco Prime NAM to further analyze an issue associated with network devices that are connected to the endpoints.

To launch the Cisco Prime NAM features for a particular device while troubleshooting (described in the Setting Up Cross-Launch for a Single Cisco Prime NAM Device section below), you must ensure that the device is managed in both Cisco Prime NAM and Cisco Prime Collaboration applications.

Cisco Prime Collaboration requires host IP address, management IP address, and user credentials to launch the Cisco Prime NAM that is installed on the network devices.

Besides the Cisco Prime vNAM, other NAM products are supported in Cisco Prime Collaboration:

●   Cisco Prime Network Analysis Module (NAM) for ISR G2 SRE

●   Cisco Catalyst^® 6500 Series NAM (NAM-3)

●   Cisco Prime NAM 2300 Series Appliances (2304, 2320)

●   Cisco Prime NAM for Cisco Nexus^® 1110

●   Cisco Nexus 7000 Series Network Analysis Module (NAM-NX1)

Based on the Cisco Prime NAM user privilege, you can launch the following features of the Cisco Prime NAM application:

●   Device Interface View: Displays the total packet distribution on all interfaces.

●   NAM Host View: Displays the input and output traffic for the host over time, top-N application activity of the host over the selected interval, and total application usage distribution for the host.

●   NAM Homepage: Displays the top-N applications, top-N application groups, top-n hosts (in and out), IP distribution by bits (or bytes), top-N differentiated services code point (DSCP), and top-N VLAN being monitored on your network.

In order to access NAM, please make sure it is reachable from Cisco Prime Collaboration through HTTP.

Setting Up Cross-Launch for a Single Cisco Prime NAM Device

While you are performing troubleshooting for a session, you can cross-launch Cisco Prime NAM for a single device to further analyze the issue on network devices that are connected between the endpoints.

To set up cross-launch for a single Cisco Prime NAM device:

●   Step 1: Choose Administration > System Setup > Assurance Setup > Cisco Prime 360 Integration.

●   Step 2: Click Add.

●   Step 3: Enter the appropriate details into the dialog box. Add cross-reference for field descriptions.

●   Step 4: Click Save.

Table 1 lists the field descriptions in the Cisco Prime NAM dialog box.

Table 1.       Cisco Prime NAM Dialog Box - Field Descriptions

Setting Up Cross-Launch for a Set of Cisco Prime NAM Devices

While you are performing troubleshooting for a session, you can cross-launch Cisco Prime NAM for a set of devices to further analyze the issue on network devices that are connected between the endpoints.

To set up cross-launch for a single Cisco Prime NAM device:

●   Step 1: Choose Administration > System Setup > Assurance Setup > Cisco Prime 360 Integration.

●   Step 2: Click Import NAM.

●   Step 3: Import the NAM configuration file in comma-separated value (CSV) file format, as follows:
host IP address, management IP address, username, password

●   Step 4: Check the Replace existing entries with imported data check box to avoid duplicate entries of the Cisco NAM server in the Cisco Prime Collaboration database.

●   Step 5: Click OK.

Receiving Service Quality Alarms Based on Monitoring MOS from NAMs

Cisco Prime Collaboration monitors NAMs at regular intervals and raises service quality (SQ) alarms based on user-defined thresholds for MOS values. To set up:

●   Step 1: Choose Administration > Alarm & Event Setup >Threshold Settings >Sensor Call Quality Settings.

●   Step 2: Click Add.

●   Step 3: Select NAM IP address from the Select Sensors pull-down menu.

●   Step 4: Specify device type filter from the Select Devices pull-down menu.

●   Step 5: Select filter criteria for MOS threshold settings for the codecs of interest.

●   Step 6: Click OK.

Troubleshooting Voice Call Quality Issue in Real Time: Illustrative Example

Figure 4 shows an example scenario for troubleshooting a voice call quality issue in real time.

In this example, a vNAM is installed at headquarters (HQ) and another vNAM is installed at the branch office (BR). When a call is made from headquarters, the vNAM at HQ records the MOS value from the originating endpoint at HQ. This score is 4.5. The MOS value at the receiving endpoint is recorded by the vNAM at the branch location. This MOS value is 3. By inspecting MOS values from both endpoints recorded by vNAMs deployed at HQ and BR, the user can quickly come to the conclusion that degradation in call quality has occurred with the routers that are deployed between HQ and the branch office. By correlating CDR/CMR information, the user can quickly identify phone numbers and device types that are affected as well as obtain insight into the cause of degradation and/or termination of the call.

Licensing Options and Product Specification

Cisco offers two Cisco Prime vNAM licenses, NAM-VX10 and NAM-VX20 (Table 2). They are distinguished by their traffic monitoring throughput. Both Cisco Prime vNAMs support the same feature set.

Licensing for the Cisco Prime vNAMs takes advantage of standard Cisco Software Licensing, for which additional information is available at http://www.cisco.com/go/clm. The Cisco Prime vNAM includes a 60-day evaluation license.^* The software can be downloaded from the Cisco Promotional Software Store.

Table 2.       Cisco Prime vNAM License Information

Product Specifications

Table 3 provides the specifications for the Cisco Prime vNAM.

Table 3.       Cisco Prime vNAM Specifications

For additional information, refer to the vNAM data sheet located at http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-virtual-network-analysis-module-vnam/data_sheet_c78-723214.html. Information about other NAM models is available at http://www.cisco.com/c/en/us/products/cloud-systems-management/network-analysis-module-nam/index.html.

Appendix

Other Capabilities of NAM

NAM empowers users to troubleshoot network-related issues in real time by providing the following capabilities:

●   Network layer traffic analysis: NAM provides comprehensive traffic analysis to identify what applications are running over the network, how much network resources are consumed, and who is using these applications. NAM software offers a rich set of reports with which to view traffic by hosts, applications, or conversations.

●   Application response time: NAM can provide passive measurement of TCP-based applications for any given server or client, supplying a wide variety of statistics like response time, network flight time, and transaction time.

●   WAN optimization insight: NAM provides insight into WAN optimization offerings that compress and optimize WAN traffic for pre- and postdeployment scenarios. This is applicable for optimized and pass-through traffic.

●   Advanced troubleshooting: NAM provides robust capture and decode capabilities for packet traces that can be triggered or terminated based on user-defined thresholds.

NAM delivers the above functionality by analyzing a wide variety of data sources that include:

●   Port mirroring technology like SPAN and RSPAN/ERSPAN. Cisco Prime NAM can analyze Ethernet VLAN traffic from the following sources: Ethernet, Fast Ethernet, Gigabit Ethernet, trunk port, or Fast EtherChannel SPAN, RSPAN, or ERSPAN source port.

●   VACL

●   NetFlow Data Export (NDE): Cisco Prime NAM analyzes NetFlow from managed devices (routers/switches)

●   WAAS

●   SNMP

●   Performance Agent (PA)

●   Network tap device: Applies to Cisco NAM appliances only