Application Catalog

Table 1. Feature History

Feature Name

Release Information

Description

Application Catalog

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Cisco Catalyst SD-WAN Manager Release 20.13.1

The Application Catalog feature provides control and visibility for applications running in your network environment. The application catalog is continuously updated as new applications are developed to ensure that your Cisco SD-WAN Manager environment adapts to changes in application use.

Discover and Monitor Kubernetes Clusters

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Cisco Catalyst SD-WAN Manager Release 20.13.1

The Cisco SD-WAN Manager integrates Kubernetes cluster discovery and monitoring to monitor your network infrastructure and your containerized applications from a single interface. The Kubernetes cluster management streamlines the network and applications while providing a visibility and control on the applications.

Cloud SaaS Feeds

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Cisco Catalyst SD-WAN Manager Release 20.13.1

Cloud SaaS (Software as a Service) feeds are information or data feed from SaaS applications that are hosted on the cloud. These applications can range from customer relationship management (CRM) tools to financial software, and Cisco SD-WAN Manager provides real-time data and updates as feeds from the SaaS applications.

Cloud-Sourced Applications

Cisco IOS XE Catalyst SD-WAN Release 17.16.1a

Cisco Catalyst SD-WAN Manager Release 20.16.1

Cloud-sourced applications, derived from the Cisco SD-AVC component, complement applications from other sources, such as Protocol Packs and custom applications. You can use cloud-sourced applications in security and centralized policies, and in Cloud OnRamp for SaaS.

Information About Application Catalog

The application catalog in Cisco SD-WAN Manager provides visibility and control of applications running in your Cisco Catalyst SD-WAN environment powered by SD-AVC. For more information about SD-AVC, see Cisco SD-AVC User Guide. The application catalog includes applications ranging from business productivity apps like Office 365 or Google Workspace to social media platforms, cloud platforms, and customer-created applications.

The application catalog is a central place to take care of all operation tasks related to applications, capabilities like updating applications and cloud SaaS feeds from different sources, creating custom applications, viewing applications in different groups, creating an application list and many more. The feature optimizes network connectivity based on the specific requirements of different Kubernetes services.


Note


You can use custom applications in the same way as any other protocol when configuring policies using policy groups or using centralized policies. For more information on configuring policies using Policy Groups, see, Group of Interest - Policy.


The Application Catalog tab has the following features:

  • Overview

  • Applications

  • Application Source Settings

  • Discovered Application

  • Application List

  • Configure SD-AVC

  • Configure Cloud Connection

  • Cloud Sourced Applications

Information About Cloud-Sourced Applications

Cloud-sourced applications are applications sourced from the Cisco SD-AVC component of Cisco Catalyst SD-WAN.

Cisco SD-AVC uses cloud-based sources to continuously update its network applications database. The dynamic database adds new applications and updates existing information regularly. These are the cloud-sourced applications available in Cisco SD-WAN Manager. You can use these cloud-sourced applications in security and centralized policies, and in Cloud OnRamp for SaaS.

Adding Applications to the Application Catalog

A cloud-sourced application may match some of the same traffic as an existing application. In some cases, Cisco SD-WAN Manager prompts you to take action to resolve any conflicts.

Figure 1. Logic for Adding an Application to the Catalog

Prerequisites for Application Catalog

To fully utilize the capabilities of application catalog, the following conditions must be met:

  • Enable SD-AVC on the Administration > Settings page.


    Note


    For Cisco Cloud-hosted overlays provisioned in Cisco Catalyst SD-WAN Control Components Release 20.10.x and later releases, the SD-AVC service and Cloud Connector are enabled by default. For more information see, Cisco SD-AVC.


  • Enable SD-AVC Cloud Connector to use SaaS feeds for enhanced application classification (Optional, but recommended).

Configure SD-AVC

  1. Click SD-AVC.

    The Cluster Management page appears. The default tab is Service Configuration.

  2. Click Add Manager.

  3. In the Add Manager page, choose Node Persona from the following options:

    • Compute + Data ( Up to 5 nodes each)

    • Compute (Up to 5 nodes)

    • Data (Up to 10s of nodes)

  4. Enter the Manager IP Address, Username and Password.

  5. Choose Enable SD-AVC.

  6. Click Add.

Configure Cloud Connection

  1. Click Configure Cloud Connection.

    The Administration Settings page appears.

  2. Click SD-AVC.

  3. Enable Cloud Connector in the Settings / System SD-AVC page.

  4. Enter the OTP and the Cloud Gateway URL.

  5. Click Save.


Note


For more information on SD-AVC Connector, see Enable Cisco SD-AVC Cloud Connector.


Restrictions for Application Catalog

Restrictions for Cloud Sourced Applications

When you add a cloud-sourced application to the application catalog with Cloud Connector enabled, Cisco SD-WAN Manager restricts you from disabling Cloud Connector.

Restrictions for Kubernetes Clusters and Kubernetes Services

  • Only Google Cloud and Amazon Web Services are supported as cloud providers.


    Note


    AWS GovCloud is not supported.

    Other cloud providers can utilize Kubernetes Clusters and Kubernetes Services feature using the manual upload option.


  • Maximum number of custom applications: 1100

  • Maximum number of L3/L4 rules: 20000

  • Maximum number of server names: 50000

Application Catalog Overview

Applications in Registry

The Applications in Registry provide a visual representation of different types of applications in the system. It helps to understand the distribution and proportions of the applications based on their categories.

  • Built in: Applications that are built-in or pre-installed in the system.

  • Discovered: Applications that are discovered or detected by the system.

  • Custom: Custom-built applications specifically developed for the system.

The chart segments represent the application categories, and the size of each segment indicates the relative proportion of applications in that category. Use this chart to gain insights into the application landscape and understand the composition of applications in the system. This chart illustrates the applications in the Cisco SD-WAN Manager Application registry. The device application registry is updated after pushing a configuration to the devices. For example, when a new custom application is created, it is not updated in the device application registry until a policy with that custom application is pushed to the device, however, it will be counted in the custom application on this chart since Cisco SD-WAN Manager already has the definition in its registry. All the custom applications created are seen in the Applications tab and in the chart as custom apps.

Top Applications Observed in Network

The Applications Observed in Network doughnut chart provides insights into the types of top applications observed within the network traffic. It displays the distribution and prevalence of different application categories.

Each segment in the chart represents a specific application category, and the size of the segment indicates the relative presence or frequency of that category within the observed network traffic. Use this chart to gain insights into the types of applications that are prominent within the network and understand the traffic composition. You can view the application details based on the timestamp. For example, Last 1 Hour, Last 3 Hours and so on. The maximum time period you can select is 24 hours.

View Applications

View the applications associated with your cloud account including the applications you create and the default applications on Cisco SD-WAN Manager.

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog > Applications.

    A list of applications associated with your Cisco SD-WAN Manager appears.

  2. Choose an application attribute from the Select Application Attributes drop-down box. For example, Application Source.

    From the Choose Filter drop-down choose a filter to view only the relevant applications.

Configure Custom Applications

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog > Applications > Custom Application

  2. Enter Application name.

    Configure the following:

    Field

    Description

    Application Name

    Enter a name for the application list.

    Server Names

    Enter the server names. The names specify the fully qualified domain names or regex starting with '*' but not ending with '*', or both separated by commas. For example, *.customapp.com, customapptest.com, *appcustom.

    Application Family

    Choose the application family. The options include instant messaging, game, mail, routing, and so on.

    Application Group

    Choose the application group. The options include flash-group, ipsec-group, concur-group, and so on.

    Traffic Class

    Choose the traffic class. The options include multimedia-conferencing, network-control, real-time-interactive, and so on.

    Note

     

    This attribute is used to categorize network traffic into different classes based on specific criteria like source and destination IP addresses, port numbers, etc. Traffic classes are crucial in the traffic matching process because they enable the Cisco Catalyst SD-WAN to identify and sort traffic, which helps in efficiently managing bandwidth and resources. When setting up the policy group workflow, different traffic classes can be allocated different priorities.

    Business Relevance

    Choose the business relevance from the drop-down

    list. The options are:

    • Bronze

    • Gold

    • Silver

    Note

     

    This attribute is used to specify the priority of network traffic based on its relevance to business operations. For example, traffic related to critical business applications can be assigned a higher relevance, and therefore, a higher priority. This ensures that important traffic gets the resources it needs for optimal performance.

    IPv4 Address

    Enter the IPv4 addresses separated by commas.

    Subnet prefix length is 24 to 32.

    Ports

    Enter the port number or range or both separated by a space. For example, 1 2 10-20.

    L4 Protocol

    Enter L4 protocol. The options are:

    • TCP

    • UDP

    • TCP-UDP

  3. Click Save.

Export Application List

  1. Click Export to export the application list.

    The Applications.csv file is downloaded to the local desktop.

    You can use custom applications in the same way as any other protocol when configuring Cisco Catalyst

    SD-WAN policies using policy groups or using centralized policies. For more information on configuring

    policies using Policy Groups, see, Group of Interest - Policy.

Configure Application List

Create Application List

  1. From the Configuration > Application Catalog > Application List, click Create Application List.

  2. Choose Create New to create a new application list, or choose Existing to update an existing application list.

  3. Enter the Application List or choose an Application List from the drop-down list to update an existing application list.

  4. Choose an application or application family from the Application or Application Family drop-down list.

  5. Click Save.

    The application list is created.

To find application or application set, perform the following steps:

  1. On the Application Lists page, you can find the existing application or application family by using the Find Application/ Application Set field.

  2. Choose the Default Application List or Custom Application List from the Show drop-down list.

    The selected application list appears. You can filter the application or application family lists.

    The Summary pane displays the total, custom and default application lists.

  3. Click Create Application List to create or edit an existing application list.


Note


Application lists configured in the Application Catalog can only be used in the configuration of policies using Policy Groups.


Add Cloud-Sourced Applications to the Application Catalog

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog.

  2. Click Cloud-sourced Application.

  3. Choose one or more cloud-sourced applications by clicking the check box adjacent to the applications.

  4. Click Apply Application(s) and choose Apply Selected Application(s).

    A cloud-sourced application may match some of the same traffic as an existing application. If this creates a conflict, Cisco SD-WAN Manager prompts you to take action to resolve any conflicts. For information about the logic, see Information About Cloud-Sourced Applications.

  5. If the policy conflict pop-up window opens, choose one of the following:

    • Fix Conflicts: Opens the Conflicts tab to enable you to update the policy.

    • Click Manage Cloud-Sourced Application Conflicts to add cloud-sourced applications after fixing the policy conflicts.

    • Ignore and Apply: Defer resolving conflicts that affect policies and add cloud-sourced applications to application catalog.


    Note


    To remove cloud-sourced applications from the application catalog, contact Cisco technical support.


Benefits of Kubernetes Clusters and Kubernetes Services

  • Unified Network Management: Cisco SD-WAN Manager gives the ability to add Kubernetes clusters and it discovers any applications running on them.

  • Enhanced Visibility: The Cisco SD-WAN Manager and Kubernetes clusters integration provides complete visibility over both network infrastructure and application definitions, making it easier to identify and resolve issues.

  • Improved Performance: Cisco Catalyst SD-WAN’s ability to optimize network traffic, combined with direct visibility over Kubernetes resources, results in improved application performance.

  • Greater Efficiency: The network management based on application requirements and Kubernetes services leads to greater operational efficiency.

  • Advanced Security: The Cisco SD-WAN Manager and Kubernetes clusters integration provides more robust security for both network and application layers.

Benefits of Cloud SaaS Feeds

  • Cloud SaaS feeds provide real-time data on cloud application classification. Cisco SD-WAN Manager uses this information to make intelligent decisions about routing and optimizing traffic to ensure the best possible performance for these applications.

  • The Application classification is enhanced and up-to-date with latest Cloud SaaS feeds.

Configure, Discover Kubernetes Clusters and Kubernetes Services

Enable Kubernetes Clusters for Cloud-based Deployment

  1. From the Cisco SD-WAN Manager menu, click Configuration > Application Catalog.

  2. Click the Application Source Setttings tab.

  3. In the Kubernetes Cluster section, click Cloud Account.

  4. Click Add Account.

  5. Select a cloud account and click Enable.

    The Kubernetes Cluster table displays the cloud accounts with the Kubernetes discovery status in the Status column.


    Note


    You'll see a list of cloud accounts appearing already in the Kubernetes Cluster cluster table if you've configured the cloud accounts using the Cloud OnRamp for Multicloud feature.


Enable Manual Discovery of Kubernetes Clusters

  1. In the Cisco SD-WAN Manager menu, click Configuration > Application Catalog

  2. Navigate to the Application Source Setttings tab.

  3. In the Kubernetes Cluster section, click Manually Upload.

  4. Choose or drag and drop a kubeconfig file and click Add.


    Note


    Maximum file size: 10 MB


    The Kubernetes Cluster table displays the cloud accounts, with the Kubernetes discovery status in the Status column.

Once you configured the Kubernetes cluster, navigate to the Discovered Application tab to view the services and applications discovered on those Kubernetes clusters and create custom applications if needed.

Configure Cloud SaaS Feed Using Cisco SD-WAN Manager

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog > Application Source Settings.

  2. In the Cloud SaaS Feeds table, you see a list of cloud application feeds.


    Note


    Only if you've enabled SD-AVC and Cloud connections, you'll see the list of cloud SaaS feeds.


  3. In the Actions column, click the ... icon adjacent to the respective cloud SaaS feed row.

  4. Click Enable to view cloud SaaS feeds for the application of your choice.


    Note


    Choose Disable so that the application classification doesn't use the Cloud SaaS feeds and instead uses NBAR classification logic.


Monitor Kubernetes Clusters and Kubernetes Services

Monitor Kubernetes Clusters

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog.

  2. Navigate to the Application Source Settings tab in the Application Catalog page.

  3. The Kubernetes Cluster table displays the cluster details along with the Kubernetes cluster discovery status.

Monitor Applications

  1. Navigate to the Discovered application tab in the Application Catalog page.

  2. The Kubernetes Services table displays the discovered applications and the details to monitor the application status.

Monitor Cloud SaaS Feed

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Application Catalog > Application Source Settings.

  2. In the Action column, click ... icon and choose View Feeds.

  3. In the the View Feeds page, you see detailed information regarding the particular cloud SaaS feeds.