Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco ... ·...
Transcript of Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco ... ·...
Release Notes for NBAR2 Protocol Pack 19.1.0for Cisco Wireless Controllers
• Overview, on page 2• Supported Platforms, on page 3• New Protocols in NBAR2 Protocol Pack 19.1.0, on page 4• Updated Protocols in NBAR2 Protocol Pack 19.1.0, on page 5• Deprecated Protocols in NBAR2 Protocol Pack 19.1.0, on page 8• Caveats in NBAR2 Protocol Pack 19.1.0, on page 9• Downloading NBAR2 Protocol Pack 19.1.0, on page 11• Special Notes and Limitations, on page 12
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers1
OverviewNBAR2 Protocol Pack 19.1.0 provides classification improvements and bug fixes.
• Early DNS decision: Uses DNS traffic to learn server IP addresses and efficiently classify future flowsfrom the first packet.
• New protocols: Mongo and OCSP
• Fixed a DNS socket cache issue to resolve DNS customization issue CSCuz39567.
• Enhanced Web Classification feature supporting multi-transactions export of URLs.
• Automatic Local Services Discovery feature.
As a part of this feature, to handle business-relevant generic local network traffic, two protocols areadded:
• http-local-net
• ssl-local-net
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers2
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersOverview
Supported PlatformsNBAR2 Protocol Pack 19.1.0 is supported on the following platforms:
• Cisco 5508 Wireless Controller
• Cisco 5520 Wireles Controller
• Cisco Flex 7500 Series Wireless Controllers
• Cisco 8510 Wireless Controller
• Cisco 8540 Wireless Controller
• Cisco Wireless Services Module 2 (WiSM2)
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers3
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersSupported Platforms
New Protocols in NBAR2 Protocol Pack 19.1.0The table below lists the new protocols added in NBAR2 Protocol Pack 19.1.0 (protocols added since 14.0.0).
Long DescriptionCommon NameProtocol Name
Mongo is a leading NoSQL database designed with bothscalability and developer agility in mind. Instead of storingyour data in tables and rows as you would with a relationaldatabase, MongoDB stores JSON-like documents withdynamic schemas.
Mongomongo
OCSP - Online Certificate Status ProtocolOCSPocsp
Local network generic HTTP traffic.Local Net HTTPhttp-local-net
Local network generic SSL traffic.Local Net SSLssl-local-net
Online data backup software. Silently and continuouslybacks up end-user data for complete visibility and controlon a single, secure platform.
Crashplancrashplan
Cisco Collaboration Media - Voice, video, and desktopsharing by various CiscoUnified Communications clients.
Cisco CollaborationMedia
cisco-collaboration
Cisco Spark - unified communications client and SaaSwith mobile team communication: group chat, privatechat, video calls with screen sharing, and file sharing.
Cisco Sparkcisco-spark
Hypertext Transfer Protocol Secure (HTTPS)Hypertext TransferProtocol Secure(HTTPS)
https
Pearson - education content provider.Pearsonpearson
Statistical Conference Audio based on machine learning.Statistical ConferenceAudio
statistical-conf-audio
Statistical Conference Video based on machine learning.Statistical ConferenceVideo
statistical-conf-video
Statistical Download based on machine learning.Statistical Downloadstatistical-download
Statistical Peer-To-Peer based on machine learning.Statistical Peer-To-Peerstatistical-p2p
Wi-Fi Calling uses WiFi to provide better mobile phonecoverage for a mobile carrier.
Wi-Fi Callingwifi-calling
Microsoft Services is a set of tools, APIs and web servicesused by Microsoft applications.
Microsoft Servicesms-services
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers4
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersNew Protocols in NBAR2 Protocol Pack 19.1.0
Updated Protocols in NBAR2 Protocol Pack 19.1.0The table below lists the protocol(s) updated in NBAR2 Protocol Pack 19.1.0 (protocols updated since 14.0.0).
UpdatesProtocol
Updated signaturescisco-jabber-audio
Updated signaturescisco-jabber-control
Updated signaturescisco-jabber-video
Updated signaturescisco-phone-audio
Updated signaturescisco-phone-video
Updated signaturesdns
Updated signaturesexchange
Updated signatureshttp-local
Updated signatureshttp
Updated signaturesmysql
Updated signaturessecondlife
Updated signaturesssl-local
Updated signaturesteredo-ipv6-tunneled
Updated signaturesvmware-vsphere
Updated signatureswebthunder
Updated signaturescisco-collaboration
Updated signaturescisco-jabber-audio
Updated signaturescisco-jabber-control
Updated signaturesconnected-backup
Updated signaturesexchange
Updated signaturesms-lync
Updated signaturesms-services
Updated signaturesms-wbt
Updated signaturesmysql
Updated signaturesnetflix
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers5
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0
UpdatesProtocol
Updated signaturesoracle-sqlnet
Updated signaturespearson
Updated signaturesperforce
Updated signaturesrtp-audio
Updated signaturesrtp-video
Updated signaturessecure-imap
Updated signaturessecure-pop3
Updated signaturessecure-smtp
Updated signaturessqlserver
Updated signaturesssl
Updated signaturestelepresence-control
Updated signaturestelepresence-media
Updated signaturesteredo-ipv6-tunneled
Updated signaturesvnc
Updated signatureswindows-azure
Updated signaturesaol-messenger
Updated signaturescapwap-control
Updated signaturescapwap-data
Updated signaturescisco-jabber-control
Updated signaturescitrix
Updated signaturesgmail
Updated signaturesgoogle-services
Updated signaturesh323
Updated signaturesip-messenger
Updated signaturesms-lync
Updated signaturesms-office-365
Updated signaturesms-services
Updated signaturesopenvpn
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers6
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0
UpdatesProtocol
Updated signaturesoracle-sqlnet
Updated signaturesperforce
Updated signaturesskype
Updated signaturessocks
Updated signaturesteamviewer
Updated signaturesventrilo
Updated signaturesvmware-vsphere
Updated signatureswhatsapp
Updated signatureswindows-azure
Updated signatureswindows-update
Updated signaturesxbox-web-portal
Updated signaturesxunlei-kankan
Updated signaturesdropbox
Updated signaturesitunes
Updated signaturesms-live-accounts
Signatures were updated to support the Skype business clientms-lync
Signatures were updated to support the Skype business clientms-lync-audio
Signatures were updated to support the Skype business clientms-lync-video
Signatures were updated to support Cisco Telepresence MX300telepresence-media
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers7
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersUpdated Protocols in NBAR2 Protocol Pack 19.1.0
Deprecated Protocols in NBAR2 Protocol Pack 19.1.0In this release, the following protocol has changed status to deprecated:
• secure-http
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers8
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersDeprecated Protocols in NBAR2 Protocol Pack 19.1.0
Caveats in NBAR2 Protocol Pack 19.1.0
If you have an account on Cisco.com, you can view information on select caveats, using the Bug Search Tool( https://tools.cisco.com/bugsearch/search).
Note
Resolved Caveats in NBAR2 Protocol Pack 19.1.0
The following table lists the caveats resolved in NBAR2 Protocol Pack 19.1.0 (since 14.0.0):
DescriptionResolved Caveat
DNS customization does not work under some conditionsCSCuz39567
Changed teredo to generic protocolCSCuy06350
mysql traffic is mis-classified as webthunderCSCuy09714
RTP audio traffic is mis-classified as Second LifeCSCuy11306
RTP-based mis-classifications: Cisco collaboration and vanilla rtpCSCux74649
Amazon-web-services traffic is classified as SSLCSCuy68203
Fix CLI chopped protocol names.CSCux67672
Some cisco-jabber traffic may not be classified (in Protocol Pack 14.0.0)CSCux81395
Traffic from Polycom device may be misclassified as cisco-jabber-audioCSCux62325
Traffic generated by SIP based protocols (such as telepresence) might be classifiedas RTP
CSCuu61615
Traffic generated by capwap-data protocol might be misclassifiedCSCuu99278
Traffic generated by Cisco Telepresence MX300 might be misclassified as RTPCSCuv56693
Known Caveats in NBAR2 Protocol Pack 19.1.0
The following table lists the known caveats in NBAR2 Protocol Pack 19.1.0 (since 14.0.0):
DescriptionKnown Caveat
PCoIP session-priority configuration limitation.CSCuh49380
Segmented packets are not classified when using NBAR sub classification.CSCuh53623
IPv4 bundles might be used in IPv6 traffic.CSCun61772
CPUHOGmessage appears when loading Protocol Pack on Cisco ISR 800 Seriesrouters
CSCuz48467
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers9
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersCaveats in NBAR2 Protocol Pack 19.1.0
DescriptionKnown Caveat
(Applies only to Cisco IOS XE 3.16.1S Version 15.5(3)S1, and IOS Version15.5(3)M1)
Microsoft Lync audio/video is not classified correctly in some cases.
If your organization uses Microsoft Lync and one of these releases, it is notrecommended to upgrade to Protocol Pack 16.0.0. Use a later release (such as3.16.2S and above) for full Protocol Pack 16.0.0 support of Microsoft Lyncaudio/video.
CSCux33859
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers10
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersCaveats in NBAR2 Protocol Pack 19.1.0
Downloading NBAR2 Protocol Pack 19.1.0NBAR2 Protocol Packs are available for download on the Cisco.com software download page(http://www.cisco.com/cisco/software/navigator.html). On the download page, specify a platform model todisplay software available for download. One software option will be NBAR2 Protocol Packs.
Example
To display protocol packs available for the Cisco ASR 1001 platform, the navigation path is:
Products > Routers > Service Provider Edge Routers > ASR 1000 Series Aggregation Services Routers >ASR 1001 Router
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers11
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersDownloading NBAR2 Protocol Pack 19.1.0
Special Notes and LimitationsSpecial Note or LimitationProtocol Name
Login and a few encrypted sessions are classified as iTunes.apple-app-store
HTTP traffic generated by the bitcomet bittorrent client might be classifiedas HTTP.
bittorrent
For capwap-data to be classified correctly, capwap-control must also beenabled.
capwap-data
Cisco WLC upgraded to NBAR Protocol Pack 24 resolves trafficclasification issues faced using PP 19.1.
cisco-phone
Cisco WLC upgraded to NBAR Protocol Pack 24 resolves trafficclasification issues faced using PP 19.1.
cisco-jabber-audio
During configuring QoS class-map with ftp-data, the FTP protocol mustbe selected. As an alternative, the FTP application group can be selected.
ftp
Encrypted video streaming generated by hulu may be classified as itsunderlying protocol rtmpe.
hulu
Traffic generated by the logmein android app may be classified incorrectlyas ssl.
logmein
Login and chat traffic generated by the ms-lync client may be classifiedincorrectly as ssl.
ms-lync
Traffic generated by pcanywhere for mac may be classified as unknown.pcanywhere
Some perfect-dark sessions may be classified as unknown.perfect-dark
Login to QQ applications which is not via the internet may not be classifiedas qq-accounts.
qq-accounts
Voice traffic generated by secondlife may be classified incorrectly as ssl.secondlife
The Sub Classification (SC) mechanism was modified to include searchfor wildcard.
The SC rule for the part of the Server Name Indication (SNI) orthe common name (CN) can now include a wildcard. If awildcard is not used, the complete SNI or the CN is required.
For example, you can either use, "*.pqr.com" or "abc.pqr.com"to classify abc.pqr.com.
Note
ssl
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless Controllers12
Release Notes for NBAR2 Protocol Pack 19.1.0 for Cisco Wireless ControllersSpecial Notes and Limitations