The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
SD-AVC architecture consists of two basic components:
Centralized SD-AVC network service component operating on a host device
SD-AVC Agent component running on each SD-AVC-enabled device in the network
SD-AVC and Application Recognition
Cisco AVC can recognize 1400+ network applications, providing recognition of most enterprise network traffic. SD-AVC offers
a network-wide approach, aggregating application information collected across the network, and centralized deployment of Protocol
Pack updates.
To improve recognition of uncommon or in-house network applications, as well as for other uses, SD-AVC enables creating user-defined
applications, expanding on the range of applications included in the Cisco-provided Protocol Packs. The user-defined applications
are distributed to all participating devices in the network.
SD-AVC improves application recognition, and offers a solution to challenges posed by complex networks that use a variety
of routing devices and routing methods. Such challenges include asymmetric routing, first packet classification, encryption,
and so on.
Collecting Application Data
Devices in the network running AVC analyze traffic and generate application data. If a device is connected to SD-AVC, the
SD-AVC agent operating on the device receives this application data, and processes and caches the data. Periodically, the
SD-AVC agent sends the latest application data to the centralized SD-AVC network service.
As new servers are detected or as server addresses change, the agent continually discovers and validates these servers and
updates the SD-AVC network service with the new information. The process of discovery and validation can take several minutes.
Server addresses usually remain constant over time, but when they do change, the SD-AVC agent detects the changes and updates
the network service.
Aggregating Application Data
The SD-AVC network service aggregates application data from multiple sources, producing an application rules pack from the
composite data. This is made available to network devices using SD-AVC.
Periodically, the network devices using SD-AVC request the application rules pack. Relying on devices to pull (request) the
application rules pack on their own schedule improves efficiency and simplifies administration.
The application rules pack contains the following type of information: ID, IP address, port, network protocol, VRF name, application
name, and so on.
Example:
ID | IP Address | Port | Protocol | VRF-name | App-Name
=================================================================
0 | 192.0.2.1 | 5901 | TCP | Mgt | VNC