Question

The Cisco Network Analysis Module (NAM) is an integrated traffic monitoring service module that occupies a single slot in the chassis of the Cisco Catalyst® 6500 Series Switch. It gives Cisco network administrators full application layer visibility, providing this information to the network engineer using a browser from any point on the network. After it is installed, the NAM enables both real-time and historical application monitoring, including data and voice. With proactive monitoring capabilities, it is easy to capture and decode packets, analyze trends, isolate network problems, and find application response delays before they occur. New VoIP and QoS monitoring capabilities let administrators analyze IP telephony sessions and validate QoS policies. Overview Remote Monitoring (RMON) data helped provide real-time traffic information, and the Cisco Catalyst 6500 Series exports limited RMON data - but not enough data. “To get all the RMON data from the Cisco Catalyst 6500 Series including backplane traffic - we needed the NAM. NAM gives us voice and data, along with switching statistics. It collects information 24 hours a day, seven days a week, on all ports. Competitive solutions would plug into a single port, or, if they saw passing data, they couldn't decipher what port it was coming in on.” With NAM modules deployed across the Cisco data center network, the Cisco team has an impressive view of network traffic and what goes on. The list of applications they can monitor is exceptional. Administrators can look at customer relationship management applications like Siebel and Oracle, as well as front-end Web applications like Oracle Web Forms. As more applications have Web interfaces, NAM's capabilities are more crucial, because they allow administrators to look at enterprise Web communication and behavior. Cisco also uses NAM monitoring for IP telephony, checking the data layer for problems. In the data center, NAM is essential when monitoring content switching. Ng describes Cisco IT moving toward content farms in the data centers and the advantages of NAM in that environment: “Traditionally, there's been a standalone Web server. From standalone server, Web servers were load balanced to scale Web applications. Next, you take specific content and use multiple servers, make a farm out of it. If you're looking for video, you go to a video farm, for example. In the next year, our content will be spread across content farms. We'll take the Web servers and break them down into more specific pieces. By then, our content will be distributed in a wide range, segregated by both data and content type. When you go to this kind of distributed architecture, the NAM can play a crucial role, because it can look at different applications between servers. Because the network plays a crucial role in this kind of distribution when you've got farms of machines, network analysis is more important. We need to understand how they connect and communicate, and NAM will let us." In addition, the Cisco team also uses NAM for collecting RMON-1 and 2 port statistics remotely, without requiring a separate RMON probe. Similar to Simple Network Management Protocol (SNMP), RMON takes traps and reports on the data performance across the wire between devices from Layer 2 through Layer 7, enabling administrators to see all seven layers of data on the Layer 2 network where NAM is installed. Because NAM can look at all seven layers of traffic on the backplane of the device in which it is installed, NAM can see more than what is running on the wire: it can look at traffic on the wire between two devices to analyze performance, on the wire, between devices. NAM can also use NetFlow records to monitor applications, hosts, and application conversations for more visibility into the business of the network.

Justify how the above Cisco module will achieve better performance and how it can help in network troubleshooting. [5 marks] 2. How can VoIP applications benefit from NAM for high quality service? Explain in detail. [5 marks]

Answer 1

Network administrators need multifaceted visibility into the network and application to help ensure consistent and cost-effective delivery of service to end users. Understanding who is using the network, knowing what applications are running on the network, assessing how the applications are performing, characterizing how traffic over the network is being used are the foundation for managing and improving the delivery of your business-critical applications. It is the foundation for establishing and verifying quality of service (QoS) policies, undertaking converged wired-wireless access projects, or rolling out voice over IP (VoIP). It is also the foundation for recognizing when a configuration change has unintentionally degraded application performance or for providing proof points that it is the application and not the network that is causing one of your business planning systems to perform poorly so that the appropriate actions can then be taken.

Figure 1. Cisco Catalyst 6500 Series Network Analysis Module (NAM-3)

This integrated service module (Figure 1) combines application visibility, rich performance analytics, and insightful packet captures, embracing a service-centered approach to network analysis. It helps you to:

● Lower total cost of ownership with reduced network footprint and savings in operational expenses

● Enhance operational efficiency with prepackaged interactive reports and intuitive workflows

● Accelerate problem resolution with advanced hardware and software filters, intelligent packet captures, and historical data analysis

● Improve end-user service levels with accurate characterization of application performance and assessment of impact due to control and optimization techniques

● Preserve investments in your existing network switching infrastructure and management assets

The Cisco Catalyst 6500 Series NAM-3 has been purpose-designed to deliver high performance traffic monitoring, taking advantage of backplane integration, advanced hardware filters, best-in-class performance analytics combined with remotely accessible web-based management, and the reporting console. It supports Cisco Prime™ Network Analysis Module Software that implements a snappy graphical user interface (GUI) with prepackaged dashboards (Figure 2) to give you an immediate view of network performance and workflows to streamline your troubleshooting and optimization decisions.

Figure 2. Cisco NAM Traffic Summary Dashboard

Cisco Catalyst 6500 Series NAM-3 Features and Benefits

The NAM-3 offers an extensive set of features (Table 1) that provide a multidimensional view of network performance to help you successfully navigate the labyrinth of application delivery challenges in today’s hyperconnected world. Detailed description of software features and benefits can be obtained from Cisco Prime NAM Software data sheet.

Table 1. Cisco Catalyst 6500 Series NAM-3 Features and Benefits

Feature	Benefit
Infrastructure integration	Deployed in the Cisco Catalyst 6500 Series or Catalyst 6807 Switch, the NAM-3 takes advantage of backplane integration. It provides greater investment protection, lower total cost of ownership, and a reduced footprint, saving premium rack space. Backplane integration allows collection of packets right from the source, helping to ensure high reliability and precision analytics.
Application performance intelligence	Characterize the end-user experience for TCP-based applications and isolate application response time problems to the network, server, or the application, minimizing any triage process.
Comprehensive voice quality monitoring and real-time troubleshooting	Gather real-time reports on Mean Opinion Score (MOS) and other key performance indicators (KPIs) such as jitter and packet loss to understand and improve how the end user experiences the delivery of voice services. MOS is computed based on ITU-T Recommendations G.107, offering accurate characterization of voice quality. Combine monitoring with real-time troubleshooting using prepackaged dashboards to improve end-user service levels.
Detailed traffic analytics	View short- and long-term performance data on hosts, conversations, and applications that use critical network resources.
Insight into CAPWAP traffic	Visibility into CAPWAP tunnels unveils a wealth of information that helps to improve service delivery over wireless access network. Reports on performance and usage statistics on a per access point or per endpoint basis help to quickly identify network bottlenecks and application performance issues.
Monitor Virtual Switching System (VSS) deployments	Monitor both virtual switches in VSS environments, reducing management overhead while improving operational efficiency.
WAN-optimized network visibility	Obtain end-to-end proof points demonstrating how Cisco Wide Area Application Services (WAAS) has improved application delivery (for example, decreased application transaction times, improved WAN bandwidth utilization). Accelerate the return on investment (ROI) by assessing the best site and application candidates for optimization as part of the phased rollout plan.
IEEE 1588 hardware time-stamping	Packet capture from the backplane combined with a precise hardware time stamp results in accurate performance measurements with metrics such as application response time and jitter. The IEEE 1588 hardware time stamps also facilitate accurate packet capture analysis.
Advanced hardware and software filters	Reduce the time to get to the critical data to accelerate troubleshooting and analysis of network traffic behavior.
Deep, insightful packet captures	Solve complex performance issues with triggered or scheduled captures, display filters, decodes, and error scan features. Packet captures can be triggered based on performance thresholds, allowing you to focus on specific performance issues. In addition, utilize external storage to collect extensive packet captures for offline analysis.
Historical analysis	Look back to the past with the embedded Performance Database to understand what happened when an event that affects network performance occurred to accelerate root-cause analysis and prevent any reoccurrence. Use historical analysis for advancing optimization and capacity decisions.
Pre- and postdeployment analysis	Glean valuable before and after traffic analytics to help plan for and verify changes in network resources, such as introducing new applications, establishing QoS policies, consolidating servers, and deploying VoIP.
Open interface	Ease NAM configuration and export of computed NAM data using REST/XML-based APIs.
Anytime, anywhere access	Access the web interface from any desktop, eliminating the need to send personnel to remote sites or haul large amounts of data over WAN links to the central site