Text Part Number OL-22617-01
Americas Headquarters
Page
N T E N T S
Span
Network Sites
URL
Nbar
System Administration Resources
Audit Trail
Understanding Traffic Patterns at the Network Layer
Chapter Overview
About This Guide
Conventions
Audience
Convention
Boldface font
Obtaining Documentation and Submitting a Service Request
Xiv
A P T E R
Introducing NAM Traffic Analyzer
Logical Site
Dashboards
Standards-Based NBI
New Application Classification Architecture
Historical Analysis
NetFlow v9 Data Export
Overview of the NAM Platforms
Snmp v3 Support -- NAM to Router/Switch Support
WS-SVC-NAM-1-250S
WS-SVC-NAM-2-250S Cisco Branch Routers
Navigating the User Interface
Logging
Common Navigation and Control Elements
Menu Bar
Detailed Views
Quick Capture
Context Menus
Interactive Report
Chart View / Grid View
Mouse-Over for Details
Zoom/Pan Charts
Sort Grid
Bytes / Packets
Statistics
Context-Sensitive Online Help
Understanding How the NAM Works
Configuration/guide/span.html
Configuration/guide/nde.html
Ports VLANs
Understanding How the NAM Uses VACLs
Understanding How the NAM Uses Span
Module Cisco IOS Software
Guide/span.html
Guide/vacl.html
Understanding How the NAM Uses NDE
Understanding How the NAM Uses Waas
Action Description GUI Location User Guide Location
Configuration Overview
Setup Data Export
Administration System
Setup Network Sites
Setup Alarms Actions
Administration Users
Configuring and Viewing Data
Capture Packet
Capture/Decode
Cisco Waas NAM Virtual Service Blade
Traffic Analysis
Default Functions
Voice Signaling/RTP Stream Monitoring
Application Response Time Metrics
Analyze Media Voice Call Statistics
Traffic Usage Statistics
Traffic
About Span Sessions
SPAN, Data Sources, Hardware Deduplication,
Method Usage Notes
Switch CLI
NAM Traffic Analyzer the NAM GUI
Supervisor portCopyTable Snmp
Column Description
State Description
Creating a Span Session
Field Description
Choose Setup Traffic Span Sessions
Editing a Span Session
Dialog Box
Data Sources
Deleting a Span Session
SPAN, ERSPAN, VACL, NetFlow, WAAS,
Or Disabled
Router or switch or WAE device
Fields are explained in -7, NAM Data Sources
Data Port if it is a local physical port, or the IP address
Click Setup Traffic NAM Data Sources
Enabling Auto-Creation of Erspan Data Sources Using the CLI
Creating Erspan Data Sources Using the Web GUI
Disabling Auto-Creation of Erspan Data Sources Using the CLI
Creating Erspan Data Sources Using the CLI
Deleting Erspan Data Sources Using the Web GUI
Enter the device ID from Step
Enter the name you would like for the data source required
Deleting Erspan Data Sources Using the CLI
Use the no data-sourcecommand to delete the data source
Click the Delete button along the bottom of the window
Use the no device command to delete the device
Configuring Erspan on Devices
Sample Configuration of Erspan Source
Sample Configuration of Erspan Destination
Sample Configuration
Configuring Vacl on a WAN Interface
NetFlow
Configuring Vacl on a LAN Vlan
Understanding NetFlow Flow Records
Understanding NetFlow Interfaces
Configuring NetFlow on Devices
Managing NetFlow Data Sources
Output Interface Are Flows Reported?
For Devices Running Cisco IOS
For NAMs Located in a Device Slot
Creating NetFlow Data Sources Using the Web GUI
Enabling Auto-Creation of NetFlow Data Sources Using the CLI
Snmp Credentials
Creating NetFlow Data Sources Using the CLI
Security Level
Deleting NetFlow Data Sources Using the CLI
Deleting NetFlow Data Sources Using the Web GUI
Testing NetFlow Devices
Understanding Waas
Contact information for the device
Snmp read test result. For the local device only
Configure a Client data source
Setting Description
Point, configure a Client WAN data source
Configure a Server WAN data source
Monitoring WAN Data Sources
Monitoring Client Data Sources
Monitoring Server Data Sources
Server data source
Managing Waas Devices
Deployment Scenarios
Deployment Scenario
Adding Data Sources for New Waas Device
Choose Setup Traffic NAM Data Sources
Deleting a Waas Data Source
Editing Waas Data Sources
Choose Setup Traffic Hardware Deduplication
Hardware Deduplication
Auto Create of New Waas Devices
Alarms
Alarm Actions
Alarm Actions, Thresholds, User Scenario,
Alarm Action Configuration
Editing Alarm Actions
Deleting Alarm Actions
Choose Setup Alarms Actions
Name of the threshold
Thresholds
Application associated with this threshold
Site associated with this threshold
Alarm Summary dashboard Monitor Overview Alarm Summary
Setting Host Thresholds
Choose Setup Alarms Thresholds
Field
Setting Conversation Thresholds
Dashboard Monitor Overview Alarm Summary , where you
Setting Application Thresholds
Setting Response Time Thresholds
Give the Dscp Alarm Threshold a name
Setting Dscp Thresholds
Dashboard Monitor Overview Alarm Summary, where you
Chose a Dscp value from the list
Give the RTP Streams Alarm Threshold a name
Setting RTP Stream Thresholds
High, Low, or High and Low alarms
Alarm actions
Setting Voice Signaling Thresholds
Dashboard Monitor Overview Alarm Summary , where you can
Setting NDE Interface Thresholds
Give the NDE Interface Alarm Threshold a name
Choose a data source from the list
Deleting a NAM Threshold
Editing an Alarm Threshold
User Scenario
Data Export
NetFlow
NetFlow, Scheduled Exports, Custom Export,
Viewing Configured NetFlow Exports
Choose Setup Data Export NetFlow
NetFlow Exports screen appears shown in Figure
Description of the NetFlow Export
Configuring NetFlow Data Export
Port number of the device to be exported to
Valid characters 1-9. Length Min 1, Max
Application
Record types supported by NAM for NetFlow are
Host
ART Client Server Application
Scheduled Exports
Editing NetFlow Data Export
Click
Choose Setup Data Export Scheduled Exports
Editing a Scheduled Export
Deleting a Scheduled Export
Managed Device
Custom Export
Device Information
Total time the switch has been running
Choose Setup Managed Device Device Information
Name of the network administrator for the router
Name of the Snmp read-write community string configured on
Nbar Protocol Discovery
Sites
Network
Field / Operation Description
Sites, NDE Interface Capacity, Dscp Groups,
Specifying a Site Using Subnets
Specifying a Site Using WAE devices Waas Data Sources
Definition Rules
Specifying a Site Using Multiple Rules
Viewing Defined Sites
Resolving Ambiguity Overlapping Site Definitions
Defining a Site
Shows if the site is Enabled or Disabled
Name of the site
Description of what the site includes
Unique text string for naming a site
See -7for an example
Optional text string for describing site
Subnet Detection
Editing a Site
Subnet Detection
Enter an IPv4 or IPv6 address
NDE Interface Capacity
Dscp Groups
Creating an NDE Interface
Creating a Dscp Group
Choose Setup Network Dscp Groups
Field Description Usage Notes
Through Dscp AF/EF/CS Format Bit Field Format
Classification
Editing a Dscp Group
Deleting a Dscp Group
8shows an example of what the screen may look like
Applications
Creating a New Application
Choose Setup Classification Applications
Editing an Application
That list, highlight it and click the left arrow
Repeat through as many times as desired
Application Groups
Choose Setup Classification Application Groups
Deleting a Protocol
Creating an Application Group
Editing an Application Group
URL-based Applications
Deleting an Application Group
To edit an application group
Example
Choose Setup Classification URL-based Applications
Deleting a URL-based Application
Editing a URL-Based Application
Monitoring
Choose Setup Classification Encapsulations
Encapsulations
Aggregation Intervals, Response Time, Voice, RTP Filter,
Choose Setup Monitoring Aggregation Intervals
Aggregation Intervals
URL, Waas Monitored Servers,
Response Time
Choose Setup Monitoring Response Time
Short-Term Long-Term
Normal Minimum
Monitor Setup Window
Choose Setup Monitoring Voice
Voice
Field Appliance
RTP Filter
Choose Setup Monitoring RTP Filter
10,000 500 1,750 000 1,000 250
Enabling a URL Collection Changing a URL Collection
Choose Setup Monitoring URL
Enabling a URL Collection
Disabling a URL Collection
Element Description Usage Notes
Changing a URL Collection
To change a URL collection
URL page -10displays
Waas Monitored Servers
Choose Setup Monitoring URL Collection
Disabling a URL Collection
Adding a Waas Monitored Server
Choose Setup Monitoring Waas Servers
Deleting a Waas Monitored Server
To delete a Waas monitored server data source
Navigation,
Monitor
Analyze
Interactive Report
Navigation
Saving Filter Information
Saving Filter Parameters
Traffic Summary
Response Time Summary
Site Summary
Alarm Summary
Top N Hosts by Site and Alarm Count
Top N Sites by Alarm Count
Top N Applications by Alarm Count
Top N Applications by Site and Alarm Count
Analyzing Traffic
Hosts Detail
Application
Applications Detail
Host
Application group set of applications that can be
NDE Interface Traffic Analysis
Monitored as a whole
Traffic rate number of bytes per second
Viewing Interface Details
Dscp Detail
Dscp value
Applicable site or Unassigned if no site
Application Groups Detail
Viewing Collected URLs
URL Hits
Filtering a URL Collection List
Viewing Collected URLs Filtering a URL Collection List
Host Conversations
Network Conversation
Top Application Traffic
Top Application Traffic
WAN Optimization
Application Traffic By Host
Top Talkers Detail
Conversation Multi-Segments
Application Performance Analysis
NAM Application Response Time Measurements
Response Time
Metric Description
7lists and describes the ART metrics measured by NAM
Metric Description
Application Response Time
Network Response Time
Network
Client Response Time
Server Response Time
Client-Server Response Time
Server Application Responses
Detailed Views Server Application Transactions
Server Application Transactions
Server Network Responses
Client-Server Application Responses
Client-Server Application Transactions
Client-Server Network Responses
Server-response packet, excluding retransmission time
Packet as observed at NAM probing point
Interface,
Interface
Interfaces Stats Table
Health, NBAR,
Switch Health
Health
Interface Statistics Over Time
Chassis Information
Chassis Health
CPU usage
Backplane Utilization
Crossbar Switching Fabric
Ternary Content Addressable Memory Information
Router Health
Router Health
Router Information
Current state of the power supply being instrumented
Information on how to contact this person
Media
Time in hundredths of a second since the network management
Purpose
RTP Streams
RTP Stream Information
RTP Stream Stats Summary
Voice Call Statistics
Monitoring RTP Streams
RTP Stream Stats Details
Calling number as it appears in the signaling protocol
Called number as it appears in the signaling protocol
Calls Table
Inspecting call signaling protocol
From inspecting the call signaling protocol
Time when the call was detected to start
Time when the call was detected to end
Field Purpose
RTP Conversation
Header
Synchronization source number as it appear in the RTP
NAM calculated score that takes into account
Duration of the stream
OL-22617-01
Quick Capture
Capturing and Decoding Packet Data
Sessions
Name of the capture session
Viewing Capture Sessions
Many times as necessary
Size of the session
Configuring Capture Sessions
Operation Description
Choose Capture Packet/Capture Decode Sessions
Name of the capture Enter a capture name
Configure Capture Session Window
Administration System Capture Data Storage
Maximum Capture Session Sizes for NAM Platforms
Maximum Session NAM Platform Size
Maximum Session
Software Filters
NAM Platform Size
300 MB
Creating a Software Filter
Choose Capture Packet Capture/Decode Sessions
Software Filter Dialog -4 displays
Default if blank is
IPv4 address in dotted-quad format n.n.n.n, where n is 0 to
For MAC address, enter hh hh hh hh hh hh, where hh is a
Hexadecimal number from 0 to 9 or a to f. The default is
Choose GTP.IPv6 for IPV6 address for tunneled packet over
To edit software capture filters
Editing a Software Capture Filter
To cancel the changes, click Cancel
Configuring a Hardware Filter
Hardware Assisted Filters
Vlan and IP IP and TCP/UDP IP and Payload Data
List is also shown in Figure
Vlan and IP
IP and Payload Data
IP and TCP/UDP
Payload Data
Files
Delete files
Display the packets in a file
Analyzing Capture Files
Error Scan
Displays a graphic image of network traffic KB/second
Displays packets and bytes transferred for each protocol
Choose Capture Packet Capture/Decode Files
Downloading Capture Files
Deleting Multiple Files
Deleting a Capture File
Stop packet loading
Viewing Packet Decode Information
Load and decode the previous block of packets from the NAM
Load and decode the next block of packets from the NAM
Browsing Packets in the Packet Decoder
Choose a Filter Mode
Filtering Packets Displayed in the Packet Decoder
Choose an Address Filter
Define a Protocol Filter
Viewing Detailed Protocol Decode Information
Custom Display Filters
Using Alarm-Triggered Captures
Creating Custom Display Filters
To create custom display filters
Custom Decode Filter Dialog Box
See Tips for Creating Custom Decode Filter Expressions
Tips for Creating Custom Decode Filter Expressions
Operator Meaning
Format
Field Filter By Format
Editing Custom Display Filters
Examples of Custom Decode Filter Expressions
Choose Capture Packet Capture/Decode Display Filters
To delete custom display filters
Deleting Custom Display Filters
OL-22617-01
System Administration
User and System Administration
Choose Administration System Network Parameters
Resources
Network Parameters
Snmp Agent
Working with NAM Community Strings
Choose Administration System Snmp Agent
Creating NAM Community Strings
Snmp Agent Dialog Box displays
System Time
Testing the Router Community Strings
Deleting NAM Community Strings
To delete the NAM community strings
Choose Administration System System Time
Synchronizing the NAM System Time with the Switch or Router
Synchronizing the NAM System Time Locally
Clock set hhmmss mm/dd/yyyy
Mail Setting
Configuring the NAM System Time with an NTP Server
Choose Administration System E-Mail Setting
Choose Administration System Web Data Publication
To enable Web Data Publishing
Web Data Publication
Capture Data Storage
Configuring the NFS Server
Configuring the NFS Storage Location on the NAM
Creating NFS Storage Locations
Editing NFS Storage Locations
Creating iSCSI Storage Locations
ISCSI target name configured on the remote iSCSI server
Editing iSCSI Storage Locations
Name of the remote storage entry
Snmp Trap Setting
Syslog Setting
Choose Administration System Syslog Setting
Choose Administration System Snmp Trap Setting
Preferences
Editing a NAM Trap Destination
Deleting a NAM Trap Destination
System Alerts
Diagnostics
Audit Trail
System Alerts, Audit Trail, Tech Support,
Choose Administration Diagnostics Tech Support
Choose Administration Diagnostics Audit Trail
Tech Support
Downloading Core Files
Recovering Passwords
User Administration
Privilege Access Level
Local Database
Choose Administration Users Local Database
Creating a New User
To create a new user
Choose the Administration Users Local Database
Editing a User
Deleting a User
Field Usage Notes
Establishing TACACS+ Authentication and Authorization
Click Network Configuration Click Add Entry
Configuring a Cisco ACS TACACS+ Server
For Windows NT and 2000 Systems
Click Submit/Restart
Adding a NAM User or User Group
Configuring a Generic TACACS+ Server
Parameter Enter
Current User Sessions
NAM Traffic Analyzer 5.0 Usage Scenarios
Deploying NAMs in the Branch
Deployment
Deploying NAMs for Voice/Video applications
Deploying NAMs for WAN Optimization
Autodiscovery Capabilities of NAM
Creating Custom Applications
Integrating NAM with Third Party Reporting Tools
Understanding Traffic Patterns at the Network Layer
Integrating NAM with LMS
See Dscp Groups,
See Application Response Time, See Thresholds,
Using NAM for Problem Isolation
Troubleshooting
Using NAM for SmartGrid Visibility
General NAM Issues
Troubleshooting
Does the session from the switch/router work?
Error Messages
Packet Drops
NAM Not Responding
NAM Behavior
Waas Troubleshooting
OL-19530-02
Module Object Identifier OID and Description Source
Supported MIBs
Objects10 Power, Temperature and Fan Status
Mib-21.rmon16.tokenRing10.ringStationConfig RFC
Mib-21.rmon16.tokenRing10.ringStation RFC
Mib-21.rmon16.tokenRing10.ringStation RFC OrderTable3
CiscoMgmt9.ciscoCat6kCrossbarMIB217.cisco
Cisco9.workgroup5.ciscoStackMIB1.ciscoStatck
Cat6kXbarMIBObjects1
Crossbar statistics
OL-22617-01
Downloading to a file
Capture settings, configuring
Custom display filters
Creating
IN-2
Configuring as datasource
Ipesp IPIP4
Alarm thresholds
IN-4
Creating Deleting Editing Spanning, directing traffic for
Server, configuring to support NAM
Authentication and authorization, establishing
See Virtual Switch Software Waas data sources
Voice data Collecting Viewing Voice signaling thresholds
