Release Notes for NBAR2 Protocol Pack 39.0.0

Overview

The NBAR2 Protocol Pack 39.0.0 release includes:

  • New protocols: apple-location-services, cisco-cta, cisco-meraki, cisco-stealthwatch, iperf, llmnr, mdns, mindtouch

  • Improvements to classification of the following protocols: bittorrent, cisco-umbrella, dns, gree, htc-services, icloud, kerberos, ldap, linkedin, netflix, salesforce, samsung, skype, the-pirate-bay, youtube


Note

Beginning with Cisco IOS XE Fuji 16.9.1, the application-group attribute has been enhanced to provide better grouping of the various individual applications provided by several major cloud services, such as Microsoft and Google. The improved grouping of these cloud services with application-group simplifies policy configuration and improves the ability to perform more efficient direct cloud access (DCA) when matching specific types of traffic using the application-group attribute.

Supported Platforms

NBAR2 Protocol Pack 39.0.0 is supported on the following platforms:

  • Cisco ASR 1000 Series Aggregation Services Routers (ASR1000)

  • Cisco 4000 Series Integrated Services Routers (ISR4000)

  • Cisco 1100 Series Integrated Service Routers (ISR1100)

  • Cisco Cloud Services Router CSR 1000V

  • Cisco Catalyst 3650, 3850, and 9300 Series Switches

Supported Releases

NBAR Protocol Pack 39.0.0 is supported on the following releases:

Built-in

Supported on Maintenance Releases

Cisco IOS XE Gibraltar 16.10.1

Routing platforms:

  • Cisco IOS XE Everest 16.6.2 and later maintenance releases of 16.6.x
  • Cisco IOS XE Fuji 16.9.1 and later maintenance releases of 16.9.x

Switching platforms (Catalyst):

  • Cisco IOS XE Everest 16.6.4 and later maintenance releases of 16.6.x
  • Cisco IOS XE Fuji 16.9.1 and later maintenance releases of 16.9.x

New Protocols

The following protocols were added in NBAR2 Protocol Pack 39.0.0.

Protocol Name

Common Name

Long Description

apple-location-services

Apple Location Services

Apple Location Services allows Apple and third-party apps and websites to gather and use information based on the current location of your iPhone or Apple Watch to provide a variety of location-based services. This traffic was previously classified as “apple-services”. This change might require policy changes. The “apple-group” group can be used for aggregation.

cisco-cta

Cisco Cognitive Threat Analytics

Cisco Cognitive Threat Analytics pinpoints attacks before they can extract sensitive data. It analyzes web traffic, endpoint data from Cisco AMP for Endpoints, and network data from Cisco Stealthwatch Enterprise. It then uses machine learning to identify malicious activity.

cisco-meraki

Cisco Meraki

Cisco Meraki is a cloud managed solution that includes wireless, switching, security, EMM, communications, and security cameras, all centrally managed from the web.

cisco-stealthwatch

Cisco Stealthwatch

Cisco Stealthwatch provides continuous real-time monitoring and pervasive views into network traffic.

iperf

 iPerf

iPerf is a widely used tool for network performance measurement and tuning. Support for releases 2.x and later.

llmnr

Link-Local Multicast Name Resolution

The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link.

mdns

mDNS

The multicast DNS (mDNS) protocol resolves host names to IP addresses within small networks that do not include a local name server.

mindtouch

MindTouch

MindTouch enables a team to create, publish, and edit content, and then structure the content within a responsive user interface.

Updated Protocols

The following protocols have been updated to improve accuracy.

  • bittorrent
  • cisco-umbrella
  • dns
  • gree
  • htc-services
  • icloud
  • kerberos
  • ldap
  • linkedin
  • netflix
  • salesforce
  • samsung
  • skype
  • the-pirate-bay
  • youtube

Deprecated Protocols

The following protocols have been deprecated in this release:

Table 1. Deprecated Protocols

Application

Description

NBAR2 Protocols Deprecated

Babelgum

Babelgum is an internet TV website based on streaming TV shows and music videos. Also supporting Apple mobile devices, including the iPhone, iPod Touch and iPad.

babelgum

Downloading

NBAR2 Protocol Packs are available for download on the Cisco software download page (https://software.cisco.com/download/home). On the download page, specify a platform model to display software available for download. One software option will be NBAR2 Protocol Packs.

Example

To display Protocol Packs available for the Cisco ASR 1001 platform, enter "ASR 1001 Router" in the search field.

You can also enter a platform series, such as "ASR 1000 Series," and then select a model from the results.

Additional References

Related Documentation

Related Topic

Document Title

Application Visibility and Control

Cisco Application Visibility and Control User Guide

Classifying Network Traffic Using NBAR

Classifying Network Traffic Using NBAR module

NBAR Protocol Pack

NBAR Protocol Pack module

QoS: NBAR Configuration Guide

QoS: NBAR Configuration Guide, Cisco IOS XE Fuji 16.9.x

QoS: NBAR Configuration Guide, Cisco IOS XE Fuji 16.8.x

QoS: NBAR Configuration Guide, Cisco IOS XE Fuji 16.7.x

QoS: NBAR Configuration Guide, Cisco IOS XE Everest 16.6.x

QoS Command Reference

Quality of Service Solutions Command Reference