Classifying Network Traffic Using NBAR Features Roadmap

Available Languages

Download Options

PDF (124.9 KB)
View with Adobe Reader on a variety of devices

Updated:April 3, 2006

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Classifying Network Traffic Using NBAR Features Roadmap

Table Of Contents

Classifying Network Traffic Using NBAR Features Roadmap

Classifying Network Traffic Using NBAR Features Roadmap

First Published: April 4, 2006

Last Updated: May 7, 2007

This roadmap lists the features related to Network-Based Application Recognition (NBAR) and maps them to the modules in which they appear.

Feature and Release Support

Table 1 lists NBAR-related feature support for the following Cisco IOS software release trains:

•Cisco IOS Release 12.2ZY

•Cisco IOS Releases 12.2T, 12.3, and 12.3T

•Cisco IOS Releases 12.4 and 12.4T

Only features that were introduced or modified in Cisco IOS Release 12.2(1) or later appear in the table. Not all features may be supported in your Cisco IOS software release.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.

Table 1 Supported NBAR-Related Features

Release

Feature Name

Feature Description

Where Documented

Cisco IOS Release 12.2ZY

12.2(18)ZY

NBAR—Network-Based Application Recognition (Hardware Accelerated NBAR)

Enables NBAR functionality on the Catalyst 6500 series switch that is equipped with a programmable intelligent services accelerator (PISA).

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

Cisco IOS Releases 12.2T, 12.3, and 12.3T

12.3(4)T

NBAR Extended Inspection for HTTP Traffic

Allows NBAR to scan TCP ports that are not well known and identify HTTP traffic that traverses these ports.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

NBAR PDLM Versioning

Enables the ability to verify the Cisco IOS and NBAR Packet Description Language Module (PDLM) versions for ensuring software compatibility.

"Classifying Network Traffic Using NBAR"

"Adding Application Recognition Modules"

NBAR User-Defined Custom Application Classification

Provides the ability to identify TCP- or UDP-based applications by using a character string or value. The character string or value is used to match traffic within the packet payload.

"Classifying Network Traffic Using NBAR"

"Creating a Custom Protocol"

12.2(15)T

NBAR Protocol Discovery MIBs

NBAR Protocol Discovery MIBs expand the capabilities of NBAR Protocol Discovery by providing the following new Protocol Discovery functionality through SNMP:

•Enable or disable Protocol Discovery per interface.

•Display Protocol Discovery statistics.

•Configure and view multiple top-n tables that list protocols by bandwidth usage.

•Configure thresholds based on traffic of particular NBAR-supported protocols or applications that report breaches and send notifications when these thresholds are crossed.

Network-Based Application Recognition Protocol Discovery Management Information Base

NBAR Real-Time Transport Protocol Payload Classification

Enables stateful identification of real-time audio and video traffic.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

Cisco IOS Releases 12.4 and 12.4T

12.4(4)T

QoS: DirectConnect PDLM

Provides support for the DirectConnect PDLM and protocol. The DirectConnect protocol can now be recognized when using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC) to classify traffic.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

"Adding Application Recognition Modules"

QoS: Skype Classification

Provides support for the Skype protocol. The Skype protocol can now be recognized when using the MQC to classify traffic.

Note Currently, Cisco supports only Skype version 1. Version 2 is not yet supported.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

12.4(2)T

NBAR—BitTorrent PDLM

Provides support for the BitTorrent PDLM and protocol. The BitTorrent protocol can now be recognized when using the MQC to classify traffic.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

"Adding Application Recognition Modules"

NBAR—Citrix ICA Published Applications

Enables NBAR to classify traffic on the basis of the Citrix Independent Computing Architecture (ICA) published application name and tag number.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

NBAR—Multiple Matches Per Port

Provides the ability for NBAR to distinguish between values of an attribute within the traffic stream of a particular application on a TCP or UDP port.

"Classifying Network Traffic Using NBAR"

"Configuring NBAR Using the MQC"

"Creating a Custom Protocol"

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2006-2007 Cisco Systems, Inc. All rights reserved.

Table 1 Supported NBAR-Related Features
Release	Feature Name	Feature Description	Where Documented
Cisco IOS Release 12.2ZY
12.2(18)ZY	NBAR—Network-Based Application Recognition (Hardware Accelerated NBAR)	Enables NBAR functionality on the Catalyst 6500 series switch that is equipped with a programmable intelligent services accelerator (PISA).	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC"
Cisco IOS Releases 12.2T, 12.3, and 12.3T
12.3(4)T	NBAR Extended Inspection for HTTP Traffic	Allows NBAR to scan TCP ports that are not well known and identify HTTP traffic that traverses these ports.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC"
NBAR PDLM Versioning	Enables the ability to verify the Cisco IOS and NBAR Packet Description Language Module (PDLM) versions for ensuring software compatibility.	"Classifying Network Traffic Using NBAR" "Adding Application Recognition Modules"
	NBAR User-Defined Custom Application Classification	Provides the ability to identify TCP- or UDP-based applications by using a character string or value. The character string or value is used to match traffic within the packet payload.	"Classifying Network Traffic Using NBAR" "Creating a Custom Protocol"
12.2(15)T	NBAR Protocol Discovery MIBs	NBAR Protocol Discovery MIBs expand the capabilities of NBAR Protocol Discovery by providing the following new Protocol Discovery functionality through SNMP: •Enable or disable Protocol Discovery per interface. •Display Protocol Discovery statistics. •Configure and view multiple top-n tables that list protocols by bandwidth usage. •Configure thresholds based on traffic of particular NBAR-supported protocols or applications that report breaches and send notifications when these thresholds are crossed.	Network-Based Application Recognition Protocol Discovery Management Information Base
NBAR Real-Time Transport Protocol Payload Classification	Enables stateful identification of real-time audio and video traffic.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC"
Cisco IOS Releases 12.4 and 12.4T
12.4(4)T	QoS: DirectConnect PDLM	Provides support for the DirectConnect PDLM and protocol. The DirectConnect protocol can now be recognized when using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC) to classify traffic.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC" "Adding Application Recognition Modules"
QoS: Skype Classification	Provides support for the Skype protocol. The Skype protocol can now be recognized when using the MQC to classify traffic. Note Currently, Cisco supports only Skype version 1. Version 2 is not yet supported.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC"
12.4(2)T	NBAR—BitTorrent PDLM	Provides support for the BitTorrent PDLM and protocol. The BitTorrent protocol can now be recognized when using the MQC to classify traffic.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC" "Adding Application Recognition Modules"
	NBAR—Citrix ICA Published Applications	Enables NBAR to classify traffic on the basis of the Citrix Independent Computing Architecture (ICA) published application name and tag number.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC"
NBAR—Multiple Matches Per Port	Provides the ability for NBAR to distinguish between values of an attribute within the traffic stream of a particular application on a TCP or UDP port.	"Classifying Network Traffic Using NBAR" "Configuring NBAR Using the MQC" "Creating a Custom Protocol"

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)