and Control (AVC) classifies applications using deep packet inspection
techniques with the Network-Based Application Recognition
provides application-level visibility and control (QoS) in wireless networks.
After the applications are recognized, the AVC feature enables you to either
drop, mark, or police the data traffic.
AVC is configured by defining
a class map in a QoS client policy to match a protocol.
Using AVC, we can detect more than 1000 applications. AVC enables you to perform real-time analysis and create policies to
reduce network congestion, costly network link usage, and infrastructure upgrades.
You can view list of 30 applications in Top Applications in Monitor Summary section of the UI.
Traffic flows are analyzed and recognized using the NBAR2 engine at the access point. For more information about the NBAR2
Protocol Library, see http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/prot_lib/config_library/nbar-prot-pack-library.html. The specific flow is marked with the recognized protocol or application, such as WebEx. This per-flow information can be
used for application visibility using Flexible NetFlow (FNF).
AVC QoS actions are applied with AVC filters in both upstream and downstream directions. The QoS actions supported for upstream
flow are drop, mark, and police, and for downstream flow are mark and police. AVC QoS is applicable only when the application
is classified correctly and matched with the class map filter in the policy map. For example, if the policy has a filter based
on an application name, and the traffic has also been classified to the same application name, then the action specified for
this match in the policy will be applied.
When you downgrade the controller from 8.0 to any earlier version, the AVC rate limit rules display the action as drop. This
action is expected since the AVC rate limit rule is introduced in the controller version 8.0.
|Cisco WLC Platform
|Cisco 2504 WLC
|Cisco 5508 WLC
|Cisco 8510 WLC
|Cisco 5520 WLC
|Cisco 8540 WLC
Visibility and Control Protocol Packs
Protocol packs are a
means to distribute protocol updates outside the
switch software release trains, and can be loaded on
switch without replacing the
Visibility and Control Protocol Pack (AVC Protocol Pack) is a single compressed
file that contains multiple Protocol Description Language (PDL) files and a
manifest file. A set of required protocols can be loaded, which helps AVC to
recognize additional protocols for classification on your network. The manifest
file gives information about the protocol pack, such as the protocol pack name,
version, and some information about the available PDLs in the protocol pack.
The AVC Protocol
Packs are released to specific AVC engine versions. You can load a protocol
pack if the engine version on the
switch platform is the same or higher than the version
required by the protocol pack.
AAA override for
The AAA attribute
for client or user profile is configured on the AAA server using authentication
from RADIUS server or Cisco ACS or ISE. The AAA attribute is processed during
layer 2 or layer 3 authentication by the
switch and the same is overridden by what is
configured on the WLAN.
The AAA AVC profile
is defined as a Cisco AV air. The string option is defined as
avc-profile-name and this value has to be
configured for any AVC profile available in the