Introducing Software Defined Application Visibility and Control
The Network Intuitive has ushered in a new era networking and as the landscape of this era reveals itself, it becomes apparent that there are several innovative ways of managing the network. One such service, that my team has been passionately working on, leverages analytics to provide application awareness in the network. Read on to learn about what it is, how it can be used, and more.
Enter SD-AVC
Application recognition is what makes network management more intuitive. Changing bits, bytes and packets into meaningful applications and translating them into actual business intent is what enterprises strive to achieve.
Software Defined Application Visibility and Control (SD-AVC) is a service that harnesses the capabilities of Cisco’s network devices to identify, aggregate and effectively communicate application data in order to make decisions like reprioritizing applications’ traffic using industry-leading QoS capabilities, group applications using attributes based on traffic class and business relevance or choose application paths based on real-time performance. The SD-AVC service gleans information from devices, processes the information, and then uses it to improve the application classification and the network’s operation. First, it defines sensors within the network devices that can process traffic in real time and create rules that reflect the application services in real time. This information is then sent from the network devices to the central SD-AVC service which synthesizes this information gathered from disparate participating devices in the network to generate rules packages. These composite rules packages are then downloaded back into the participating devices to assist in the steady improvement of application recognition across the network. What all of this does is to continuously improve the efficacy of the application recognition process by leveraging information learned from across the network while also automating the management and distribution of this information to make the whole operation (dare we say it!) intuitive. The distributed computing of the AVC information at the edge nodes also reduces processing in the network overall by sharing information between the different participating devices and enables automatic learning of applications, all in real time. This distributed learning also allows in many cases the recognition of application traffic on the very first packet again helping to reduce the aggregate network traffic processing requirement for application recognition and allow better responsivity of application based solutions
SD-AVC as a gateway to the Network
SD-AVC can be augmented by external sources of application information which can enrich the flow of information about applications into the network, serving to make the solution of identifying applications more efficient and robust. This new capability enables us to provide more resilient application recognition by this leverage of knowledge from different sources, like the Microsoft Office365 RSS feed or security components like Cloudlock CASI. With the Microsoft Office365 RSS feed, for instance, Microsoft provides updates to the URLs and IP addresses that its cloud services use which are often used in application recognition. Such changes are a common occurrence as cloud vendors add new capacity in datacenters or regions. The augmentation of SD-AVC with such feeds means that there is now a centralized automated update of the AVC agents on the devices possible via new rule packs as the feed publishes changes to the URL and IP information for these services. This coupled with the automatic and seamless propagation of large volumes of new application signatures across the network serve to make this a self-managing cycle of continuous improvement in application recognition.
By simplifying and automating the operation of application visibility and control while dramatically increasing the efficiency and efficacy of its operation across the network, SD-AVC is paving the way for the intuitive intent-driven network.
SD-AVC – The idea seems great! It is like adding AI to the way applications are prioritized.
I think it would also be beneficial to add in Encrypted Traffic Analysis to it, as most of the application communication are secure channel based.
SD-AVC – The idea seems great! It is like adding AI to the way applications are prioritized.
I think it would also be beneficial to add in Encrypted Traffic Analysis to it, as most of the application communication are secure channel based.
Hi Panathi,
This is not an idea – this is a product you can start using right now: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/avc/sd-avc/1-1-0/ug/sd-avc-1-1-0-ug.html
SD-AVC works on top of NBAR which already classifying encrypted traffic as well.
In addition, you should stay tuned – with SD-AVC 2.1.0 you will be able to investigate generic hosts and sockets.
@Eliran: Good to know..The link you pointed to is very informative.
Is it a component of DNA or new technology still in development phase.
Hi Dillip, SD-AVC is a new technology that is constantly improving and runs as a service on your Cisco device. Read more here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/avc/sd-avc/1-1-0/ug/sd-avc-1-1-0-ug.html
Next Generation traffic shaping , self-learned from application , defined on the network. Superb!!!
Any real-time Demo available ?