ADC Administration Guide, StarOS Release 21.10First Published: 2018-11-02
Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000
800 553-NETS (6387)Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITHTHE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version ofthe UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHERWARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OFMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUTLIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERSHAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, networktopology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentionaland coincidental.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.comgo trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and anyother company. (1721R)
© 2018 Cisco Systems, Inc. All rights reserved.
C O N T E N T S
About this Guide viiP R E F A C E
Conventions Used vii
Supported Documents and Resources viii
Related Common Documentation viii
Related Product Documentation viii
Obtaining Documentation ix
Contacting Customer Support ix
Application Detection and Control Overview 1C H A P T E R 1
ADC Overview 1
Qualified Platforms 2
License Requirements 2
Dynamic Software Upgrade 2
Overview 2
ADC Protocol Group Detection 3
Behavioral Traffic 4
SNI Detection 4
SSL Renegotiation Tracking 4
Analyzer Interworking 5
Traffic Sub-classification 5
ADC Support for TRM/FP 5
ADC Support for FAPA 5
ADC Support over Gx 7
Limitations 9
Dynamic Advertisement Server Correlation 9
Bulk Statistics Support 10
ADC Administration Guide, StarOS Release 21.10iii
How ADC Works 11
Limitations 11
Application Detection and Control Configuration 13C H A P T E R 2
Configuring Dynamic Software Upgrade 13
How to perform Dynamic Software Upgrade 13
Configuring System for ADC 15
Initial Configuration 16
Enabling Enhanced Charging 16
Modifying the Local Context 16
ADC Configuration 17
Creating the Active Charging Service 17
Configuring ADC Rules 18
Configuring P2P Protocol Groups 19
Configuring Behavioral Detection 20
Configuring P2P Advertisement server 21
Configuring SSL Renegotiation 21
Configuring Analyzers 22
Configuring the Charging Action 22
Configuring the Rulebase 23
Setting EDR Formats 24
Configuring IP Protocol and Server port mapping 24
Configuring EDR for P2P Events 25
Gathering ADC Statistics 26
Supported Bulk Statistics 27
P2P Reports 27
App-based Tethering Detection 29C H A P T E R 3
Feature Information 29
Feature Description 30
How It Works 30
Licensing 30
Configuring App-based Tethering Detection 30
Enabling App-based Tethering Detection at Rulebase Level 30
ADC Administration Guide, StarOS Release 21.10iv
Contents
Enabling App-based Tethering Detection at Ruledef Level 31
Enabling App-based Tethering Detection at Rule-variable 31
Monitoring and Troubleshooting the App-based Tethering Detection 32
Show Commands and Outputs 32
Peer-to-Peer Protocol and Application Detection Support 35C H A P T E R 4
Supported Protocols and Applications 35
New in this Release 35
All Supported Protocols and Applications 37
Port-based Protocols 101
IP Protocols 129
Reporting SSL Parameters in EDR 135C H A P T E R 5
Feature Summary and Revision History 135
Feature Description 136
How It Works 136
EDR 136
Configuring SSL Parameters in EDR 138
Enabling SSL Parameters 138
Monitoring and Troubleshooting 138
Show Commands and/or Outputs 138
Support for SNI Detection 141C H A P T E R 6
Feature Description 141
QUIC SNI Detection 141
Relationships to Other Features 142
Configuring SNI Detection 143
Configuring SNI in Ruledef 143
Configuring SNI rule variable 144
Enabling HTTPS Analyzer Interworking 145
Verifying the SNI Configuration 145
Monitoring and Troubleshooting the SNI Detection 145
SNI Detection Show Command(s) and/or Outputs 145
show active-charging analyzer statistics name cdp 145
ADC Administration Guide, StarOS Release 21.10v
Contents
show active-charging flows type cdp 146
Bulk Statistics 146
ADC Administration Guide, StarOS Release 21.10vi
Contents
About this Guide
This preface describes the ADC Administration Guide, how it is organized and its document conventions.
Application Detection and Control (ADC) is a StarOS™ in-line service application that runs on Cisco® ASR5500 platform.
The ADC in-line service makes use of innovative and highly accurate protocol behavioral detection techniquesto reliably detect protocols and applications in the network. ADC is mainly used to detect Peer-to-Peer protocolsby analyzing traffic, and can also detect network traffic created by audio and video clients.
• Conventions Used, on page vii• Supported Documents and Resources, on page viii• Contacting Customer Support , on page ix
Conventions UsedThe following tables describe the conventions used throughout this documentation.
DescriptionNotice Type
Provides information about important features orinstructions.
Information Note
Alerts you of potential damage to a program, device,or system.
Caution
Alerts you of potential personal injury or fatality. Mayalso alert you of potential electrical hazards.
Warning
DescriptionTypeface Conventions
This typeface represents displays that appear on yourterminal screen, for example:
Login:
Text represented as a screen display
ADC Administration Guide, StarOS Release 21.10vii
DescriptionTypeface Conventions
This typeface represents commands that you enter,for example:
show ip access-list
This document always gives the full form of acommand in lowercase letters. Commands are notcase sensitive.
Text represented as commands
This typeface represents a variable that is part of acommand, for example:
show card slot_number
slot_number is a variable representing the desiredchassis slot number.
Text represented as a command variable
This typeface represents menus and sub-menus thatyou access within a software application, for example:
Click the File menu, then click New
Text represented as menu or sub-menu names
Supported Documents and Resources
Related Common DocumentationThe following common documents are available:
• AAA Interface Administration and Reference• Command Line Interface Reference• GTPP Interface Administration and Reference• Installation Guide (platform dependant)• Release Change Reference• SNMP MIB Reference• Statistics and Counters Reference• System Administration Guide (platform dependant)• Thresholding Configuration Guide
Related Product DocumentationThe most up-to-date information for this product is available in the product Release Notes provided with eachproduct release.
The following product documents are also available and work in conjunction with ADC:
• ECS Administration Guide• GGSN Administration Guide• PDSN Administration Guide• P-GW Administration Guide
ADC Administration Guide, StarOS Release 21.10viii
About this GuideSupported Documents and Resources
Obtaining DocumentationThe most current Cisco documentation is available on the following website:
http://www.cisco.com/cisco/web/psa/default.html
Use the following path selections to access the ADC documentation:
Products > Wireless > Mobile Internet > In-Line Services > Cisco Peer-to-Peer
Contacting Customer SupportUse the information in this section to contact customer support.
Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a servicerequest. A valid username and password are required to access this site. Please contact your Cisco sales orservice representative for additional information.
ADC Administration Guide, StarOS Release 21.10ix
About this GuideObtaining Documentation
C H A P T E R 1Application Detection and Control Overview
This chapter provides an overview of the Application Detection and Control (ADC) in-line service, formerlyknown as Peer-to-Peer Detection.
The System Administration Guide provides basic system configuration information, and the productadministration guides provide procedures to configure basic functionality of core network service. It isrecommended that you select the configuration example that best meets your service model, and configurethe required elements for that model, as described in the respective product Administration Guide, beforeusing the procedures in this chapter.
This chapter covers the following topics:
• ADC Overview, on page 1• How ADC Works, on page 11
ADC OverviewThe ADC in-line service is mainly used to detect Peer-to-Peer protocols by analyzing traffic. Other popularapplications that generate the bulk of Internet traffic like Social Networking and Gaming applications can bedetected.
The ADC in-line service works in conjunction with the following products:
• GGSN• PDSN• P-GW
The in-line service now known as ADC is continued to be referred as "P2P" in the configuration.
Peer to Peer (P2P) is a term used in two slightly different contexts. At a functional level, it means protocolsthat interact in a peering manner, in contrast to client-server manner. There is no clear differentiation betweenthe function of one node or another. Any node can function as a client, a server, or both — a protocol maynot clearly differentiate between the two. For example, peering exchanges may simultaneously include clientand server functionality, sending and receiving information. P2P is a type of transient Internet network thatallows a group of computer users with the same networking program to connect with each other and directlyaccess files from one another's hard drives. A common use case of a P2P application is file sharing.
Once the P2P Client is downloaded and installed, it will log on to a central indexing server. This central serverindexes all users who are currently online connected to the server. This server does not host any files fordownloading. The P2P client can search for a specific file. The utility queries the index server to find otherconnected users with the specific file. When a match is found, the central server directs to find the requested
ADC Administration Guide, StarOS Release 21.101
file. The result is chosen from the search query and the utility will then attempt to establish a connection withthe computer hosting the requested file. If a successful connection is made, it will begin downloading the file.Once the file download is complete, the connection will be broken.
The stunning growth and intensive bandwidth nature of P2P applications can have a significant impact on theunderlying network. As most deployments are designed with a significant bias towards downstream traffic,P2P applications stress uplink capacity resulting in increased latency, decreased responsiveness and packetloss.
To avoid detection, P2P software undergoes frequent changes and this requires service providers to upgradethe software with the latest P2P detection logic. This upgrade is time consuming, also causing disruption inservices and revenue loss. The Dynamic Software Upgrade (DSU) addresses these problems by enablingoperators to upgrade their detection capabilities with no downtime. The detection logic is separated out fromthe main code and shipped as a plugin. Whenever there is a need for software upgrade, the new plugin willbe shipped and loaded into the system. For more information, refer to theDynamic Software Upgrade section.
Qualified PlatformsADC is a StarOS in-line service application that runs on Cisco ASR 5500 platforms. For additional platforminformation, refer to the appropriate System Administration Guide and/or contact your Cisco accountrepresentative.
License RequirementsThe ADC is a licensed Cisco feature. A separate feature license may be required. Contact your Cisco accountrepresentative for detailed information on specific licensing requirements. For information on installing andverifying licenses, refer to theManaging License Keys section of the SoftwareManagement Operations chapterin the System Administration Guide.
Dynamic Software UpgradeThis section describes the Dynamic Software Upgrade (DSU) process that can be used to dynamically updateplugins without having to update StarOS and reload the system.
OverviewDynamic Software Upgrade is the new approach to upgrade the P2P library version that will enable operatorsto upgrade their detection capabilities with no downtime. This is done by providing updates in the form ofsoftware patches which the operator can apply in a live setup with minimal interference.
In this approach, P2P detection code is now delivered as a plugin within the StarOS binary. The plugin isloaded into the system at run time.Whenever there is a change in P2P detection logic of an existing applicationor a new P2P protocol/application needs to be added, a new version of the plugin is provided as a pluginmodule. The new plugin is loaded onto the system dynamically without disrupting other services. Once theplugin has been installed and configured, the new P2P rules come into effect for detection.
The dynamically loaded plugins are not incremental. A plugin loads protocol detection logic for all theprotocols/applications. A user can update to a higher priority plugin or rollback to a lower priority plugin.
Important
ADC Administration Guide, StarOS Release 21.102
Application Detection and Control OverviewQualified Platforms
Patching is the process used to install a plugin as an update to a StarOS release. One patch can be providedto multiple compatible, concurrent product releases. A plugin patch is distributed in the form of a compresseddistribution kit through the internet or by other means (USB, CD, etc.).
A plugin is a functional software entity that provides updates to a pre-existing StarOS software component.Plugins can be dynamically loaded at runtime and do not require a system restart.
A plugin module is a specific instance of a plugin version consisting of at least one file that can be added toa running, in-service system. The module contains the information or instructions for a specific component'supdate. Typically this will be a single plugin file.
The Version Priority List (VPL) is a linked list of module versions associated with a specific plugin. Eachplugin has one VPL. The list is sorted in ascending order by the priority number that is assigned by theadministrator. When updating, the lowest priority number is loaded first and if that version is not successful,the version in the VPL with the next sequentially greater priority number is loaded. This list is iterated untila successful version is found. The VPL also supports manual rollback to a previous version (higher prioritynumber).
The basic sequence for the dynamic software upgrade process is as follows:
• Downloading the Patch Kit
• Unpacking the Patch Kit
• Configuring the Plugin
• Loading the Plugin
• Rolling Back to a Previous Plugin Version
For the detailed procedure on performing dynamic software upgrade, refer to the Configuring DynamicSoftware Upgrade section of the Application Detection and Control Configuration chapter.
License Requirements
From Release 21.6 onwards, DSU is a licensed-controlled feature. A separate feature license may be required.Contact your Cisco account representative for detailed information on specific licensing requirements. Forinformation on installing and verifying licenses, refer to theManaging License Keys section of the SoftwareManagement Operations chapter in the System Administration Guide.
Limitations for DSU
This section lists the limitations of Dynamic Software Upgrade.
• Support for session recovery is limited and there is no support for ICSR in this release.
• The system will allow loading two plugins at the most at any point of time. If there is a need to upgradethe system again, the oldest plugin will be unloaded.
• Detection state for a few subscribers may be lost if a plugin is unloaded from the memory.
• The newly upgraded plugin will be used for all new calls. The existing calls will continue to use theprevious plugin.
ADC Protocol Group DetectionApplication Detection and Control (ADC) performs traffic analysis and classifies flows into applications andits traffic type. To provide a high-level classification, the protocol grouping feature is implemented to support
ADC Administration Guide, StarOS Release 21.103
Application Detection and Control OverviewLicense Requirements
various application/protocol groups like gaming, file-sharing, e-mail, communicator, etc. Protocol Groupingis done based on the functionality provided by the application. For example, applications like Skype andYahoo are used for VoIP, so these applications are grouped as Communicator group. The feature is implementedbased on the Dynamic Software Upgrade plugin philosophy.
For configuration-related information, refer to theConfiguring P2P Protocol Groups section of the ApplicationDetection and Control Configuration chapter.
Behavioral TrafficBehavioral Traffic Analysis is a method to analyze network traffic such that all the traffic is analyzed by thegeneric behavior of each flow. ADC supports behavioral traffic analysis for P2P (Peer-to-Peer), Video, VoIP(Voice over IP), Upload and Download. If the generic behavior of protocols is detected and traffic classifiedcorrectly using behavioral analysis, lesser amount of unknown traffic flows can be seen. These behavioraldetections must not be used for charging purposes. This feature is based on the Dynamic Software Upgradeplugin philosophy.
Behavioral P2P and behavioral VoIP are meant for zero day detection of P2P/file sharing protocols and VoIPtraffic respectively. Behavioral Video is meant for support of video detection. Behavioral Upload/Downloadmust detect flows of non-standard ports that cannot be detected by ECS. This is similar to client-serverupload/download using HTTP/FTP/SFTP encrypted download.
This feature is disabled by default and meant only for statistical purposes (not for charging purposes).Important
For configuration-related information, refer to the Configuring Behavioral P2P and VoIP section of theApplication Detection and Control Configuration chapter.
SNI DetectionServer Name Indication (SNI) is an extension of the Transport Layer Security (TLS) protocol that providesa mechanism for the client to tell the server which hostname it is trying to connect to.
ADC detects encrypted traffic using the SNI field (signatures) of TLS/SSL (Secure Sockets Layer) traffic.Due to increased number of applications moving towards TLS/SSL, an option is provided to configure theSNI in ruledef and classify traffic based on the configured SNI with this release.
For detailed overview and configuration information, see the Support for SNI Detection chapter in this guide.
SSL Renegotiation TrackingSSL Renegotiation flows can be detected by tracking the SSL Session ID and its associated protocol. Thisfeature is disabled by default. CLI support is added to enable or disable this feature. The maximum entries ofSSL Session ID tracked per Session Manager and the reduce factor can be configured.
Certain applications like Facebook, Gmail, Yahoo, Skype, Twitter, iCloud, etc. widely use the SSL SessionRenegotiation feature in their mobile applications to reduce the computational intensive operations involvedin a complete SSL negotiation.
Limitations: In certain cases, the SSLRenegotiation detection logic does not work if the SSL sessions involvedin the negotiation is spread across more than one subscriber session.
For configuration-related information, refer to the Configuring SSL Renegotiation section of the ApplicationDetection and Control Configuration chapter.
ADC Administration Guide, StarOS Release 21.104
Application Detection and Control OverviewBehavioral Traffic
Analyzer InterworkingAnalyzer interworking feature is implemented to analyze the various analyzers simultaneously if the flow isdetected as P2P and based on ruledef priority, appropriate charging action will be taken. Currently supportedanalyzers are FTP, HTTP, RTSP and SIP. CLI support is added to enable or disable this feature. This featureis enabled by default if P2P detection/protocol is enabled.
For configuration-related information, refer to theConfiguring Analyzers section of the Application Detectionand Control Configuration chapter.
Traffic Sub-classificationADC has the capability to detect network traffic for sub-classification of audio, file transfer, instant messaging,video, voipout or unclassified traffic. The duration of the call is a direct indication to the revenue impact ofthe network operator. The ADC in-line service is well poised to process the network traffic online to detectand control the presence of different network traffic, and generate records that can be used to calculate thetraffic call duration.
ADC Support for TRM/FPP2P flows now support the Transactional Rule Matching (TRM) feature. The TRM/FP feature enables theEnhanced Charging Service (ECS) to bypass per-packet rule matching on a transaction once the transactionis fully classified. This enables ECS to better utilize CPU resources and accommodate additional throughputfor the system, thus improving the overall performance.
A transaction for TRM can be defined as the entire UDP flow, the ACK of the 3-way handshake to the FIN/RSTof a TCP flow, or the HTTP request to the next HTTP request, or HTTP request to the FIN/RST for the finalrequest of the flow. The TRM feature can also perform rule matching on IP L4 rules (UDP, TCP), HTTP, andHTTPS.
For more information on the TRM/FP feature, refer to the ECS Administration Guide.
ADC Support for FAPAThe Flow Aware Packet Acceleration (FAPA) feature improves the throughput in terms of PPS, by cachingrule matching results of a flow for selected flows so as not to incur the lookup penalty for a large number ofpackets in that flow. This new accelerated path is capable of performing a full range of basic functions includinghandling charging, modification of packet headers, and incrementing various counters. The accelerated pathdynamically evaluates the current flow state and reverts back to the slow path when the flow cannot be handledon the fast path.
TRM/FP support has been extended beyond rule-matching. The FAPA function identifies packets that needonly a small amount of processing, and performs necessary tasks on these packets. Only those packets thatdo not require DPI are allowed to enter the Accelerated path. VoLTE, encrypted, HTTP, HTTPS, RTP andplain TCP/UDP traffic where L7 analysis is not enabled, and so on are all the flows that will get accelerated.
A Flow Aware Packet Acceleration license is required on ASR5500 and VPC platforms.Important
P2P flows will be optimized and accelerated using FAPA. ADC when enabled with FAPA improves P2Pperformance considerably.
ADC Administration Guide, StarOS Release 21.105
Application Detection and Control OverviewAnalyzer Interworking
FAPA accelerates P2P flows for most protocols except for some protocols/applications explicitly listed below.Important
FAPA accelerates some P2P flows for the following protocols and not all:
• Ares• Bittorrent• Didi• DirectConnect• Edonkey• Iskoot• PPlive• Scydo• Soulseek• Thunder• ThunderHS• Tunnelvoice• Viber• Whatsapp• Winny• Zattoo
The following protocols do not support FAPA:
• ActionVoip• BBM• Blackdialer• Facetime• Gtalk• Jabber• Jumblo• Kakaotalk• Magicjack• MyPeople• Nateontalk• Oscar• Paltalk• Plingm• Skype• Smartvoip• Tango• Voipdiscount• Vopium• Vtok
For more information on the FAPA feature, refer to the ECS Administration Guide.
ADC Administration Guide, StarOS Release 21.106
Application Detection and Control OverviewADC Support for FAPA
ADC Support over GxThe ADC Rule feature will support detection of application level flows as described in Release-11 of 3GPPstandard. ADC Rules are certain extensions to dynamic and predefined PCC Rules in order to supportspecification, detection and reporting of an application flow. These rules are installed (modified/removed) byPCRF via CCA-I/CCA-U/RAR events. ADC rules can be either dynamic PCC or predefined PCC rules, andthe existing attributes of dynamic and predefined rules will be applicable.
ADC Rule support is a licensed-controlled feature. Contact your Cisco account representative for detailedinformation on specific licensing requirements.
Important
When the license is not enabled, P2P continues to function as per its original behavior, that is, it monitors thetraffic at the entire rulebase level. When the license is enabled, the P2P behavior changes such as to monitortraffic at per subscriber level.
In 19.3 and later releases, this feature is extended to support non-ADC based rules (ECS protocols) in additionto existing P2P protocols, and also detection of application flows for Group of Ruledefs. The followingenhancements are supported:
• ADC rules support combination of P2P and non-P2P rule lines in the same ruledef.
• Detection of application flows based on group of ruledefs.
• Application START/STOP event reporting at instance level, that is, per flow basis. This was supportedper Application ID basis in previous releases.
• Support of dynamic routes to analyzers for installed ADC rules. Dynamic routes will be supported onlyfor these protocols - HTTP, HTTPS, FTP, RTP, RTCP and SIP.
• Support multi-line AND logic for rulelines when configuring ADC ruledefs.
• Removal of all PCC rules will result in termination of Application Detection for that application. Inprevious releases, if more than one PCC rule with same Application ID is installed, then removal of anyof the PCC rules will terminate Application Detection for that application.
Dynamic PCC rule contains either traffic flow filters or Application ID. When Application ID is present, therule is treated as ADC Rule. Application ID is the name of the ruledef which is pre-defined in the ASR 5500.This ruledef contains application filters that define the application supported by P2P protocols and non-P2Pprotocols.
In releases prior to release 19.3: PCEF will process and install ADC rules that are received from PCRFinterface, and will detect the specified application(s) and report detection of application traffic to the PCRF.Reporting of application traffic are controlled by PCRF and generates Application Start/Stop events alongwith the Application ID. Application mute status can be enabled or disabled on both dynamic and predefinedADC rules. When mute is disabled, Application Start/Stop event trigger will be generated by PCEF for thatspecific Application ID. Mute status can be enabled or disabled by PCRF for dynamic rules, and configuredon ASR 5500 for pre-defined rules.
In 19.3 and later releases: When a subscriber attaches to the network, PCRF will install ADC rule/Group ofRuledefs towards PCEF to detect Application flow. The Install ADC rules will additionally enable defaultroutes to HTTP, HTTPS, FTP, RTSP, RTCP or SIP analyzer based on the rule-definition. The default routesuse the standard ports associated with the respective protocol. When a new flow comes, the route matchinghappens for dynamic routes first, then static routes and finally default routes. When a flow matches that ADC
ADC Administration Guide, StarOS Release 21.107
Application Detection and Control OverviewADC Support over Gx
rule, an APP-START notification is sent to PCRF with Application ID, Instance ID and flow information.Instance ID is a unique identifier for a particular ADC flow. PCRF then takes necessary action for the detectedapplication. When ADC flow terminates, an APP-STOP notification is sent to PCRF with Application ID andInstance ID.
The following types of ADC ruledefs can be configured.
• ruledef adc_rulep2p protocol = <name>p2p protocol-group = <name>p2p behavioral = <name>multiline-or all-linesend
multiline-or all-lines is optional if rule contains only one line.
• ruledef adc_rule_type2p2p protocol = <name>p2p traffic-type = <sub_type_name>end
• ruledef adc_rule_type3p2p anymatch = TRUEend
When p2p any-match = TRUE is configured, only one rule containing this rule line can be installed.This rule line must not be used with any other P2P rule line.
ADC Mute Customization
Earlier, 3GPP ADC over Gx did not support application MUTE status change. Once the application wasmuted, it was not possible to unmute it. From release 21.1, this feature introduces custom MUTE/UNMUTEfunctionality. ASR 5500 PCEF now supports customization to control reporting of the Application DetectionInformation CCRUs. For this, an AVP has been introduced with two possible values - custom MUTE andcustom UNMUTE.
• A Gx message might contain both Standards based MUTE and the custom MUTE.• Standards based MUTE is given preference over the custom MUTE/UNMUTE.• A dynamic ADC rule can be installed and modified with a custom MUTE.• Custom-Mute-Notification AVP can be sent by the PCRF in CCA-I and RAR.• A dynamic ADC rule can be modified with a custom UNMUTE.• On a custom MUTE for a given dynamic ADC rule, PCEF sends a single APPLICATION_START/APPLICATION_STOP response for the entire application traffic rather the per flowAPPLICATION_START /APPLICATION_STOP response.
• On a custom MUTE for a given dynamic ADC rule, if no APPLICATION_START has been sent priorto the custom MUTE then a single APPLICATION_START is sent on the next flow packet that hits thedynamic rule.
• On a custom MUTE for a given dynamic rule, the APPLICATION_START response is sent with theflow's 5-tuple information.
• On a custom MUTE for a given dynamic rule, the APPLICATION_START response is sent withTDF-Application-Instance-Identifier = 0.
ADC Administration Guide, StarOS Release 21.108
Application Detection and Control OverviewADC Support over Gx
• On a customMUTE for a given dynamic rule, a single APPLICATION_STOP is sent when the last flowassociated with the given dynamic rule is terminated. Such an APPLICATION_STOP will not contain5-tuple information of the last flow and is sent with TDF-Application-Instance-Identifier = 0.
• On a custom UNMUTE for a given dynamic rule, APPLICATION STARTs response is matched withthe given dynamic rule and then sent to all the forthcoming flows.
• There is no change in behavior for a custom UNMUTE, which has not been customMUTED or standardMUTED before UNMUTING. APPLICATION_STARTs and APPLICATION_STOPs is continued tobe sent per flow as before.
• On a custom UNMUTE, PCEF sends an APPLICATION_STOP each for all flows that terminate thenonwards.
• A given dynamic rule is recovered in both SR and ICSR including the CustomMUTE/UNMUTE status.The APPLICATION_START status for a given dynamic rule is check-pointed and recovered. Thisensures that an extra APPLICATION_START is not sent to the PCRF post recoveries.
TOS/DSCP Support
In 19.3 and later releases, the ADC functionality is extended to identify applications and distinguish bearertraffic based on TOS/DSCP. DSCP/TOS based ADC dynamic rules over Gx will be supported for default anddedicated bearers. Bearer mapping and rule matching will be done based on DSCP/TOS value. Filters can becreated for PCC rules based on TOS-Traffic-Class AVP under flow information.
When a subscriber attaches to the network, PCRF will install PCC rule with TOS/DSCP filter towards PCEF.PCEF will create a dedicated bearer and send the packet filters to UE as well. When a new flow comes withfirst packet as Uplink, UE does bearer matching based on the TOS/DSCP value, and sends flow on the correctdedicated bearer. For downlink packet, ECS does bearer lookup and assigns correct bearer to the flow basedon the TOS/DSCP value.
ADC Event reporting will contain flow template with outer IP 3 tuples (Source IP, Destination IP, Port).L4-L7 rule match will also work for PMIP service.
LimitationsThe limitations for the ADC over Gx feature are:
• Registration of the duplicate application IDs are not supported.• Readdress/Redirection for P2P flows will not be supported.• Redirection happens only on transactions of GET/Response.• Port based, IP Protocol based, and URL based applications are not supported.• Pre-configured options (precedence, redirect-server-ip) for dynamic ADC Rules are not supported.• Simultaneous instances of an application for the same subscriber are not distinguished.• Flow recovery is not supported for application flows.
Dynamic Advertisement Server CorrelationADC supports many streaming applications that are ad-supported and the flows corresponding to thesethird-party advertisements are generic. These advertisement flows could not be differentiated from specificapplication flows based on the deterministic pattern. As part of this feature, a configurable option is providedto dynamically correlate advertisement flows and associate the respective applications.
Any advertisement service is associated with the corresponding application protocol. The type of ad-flow willbe configured per application. Refer to the Configuring P2P Advertisement server section in the Application
ADC Administration Guide, StarOS Release 21.109
Application Detection and Control OverviewLimitations
Detection and Control Configuration chapter for more information on configuring the P2P AdvertisementServer correlation group.
Limitations
Some limitations of this feature are listed below:
• Maximum number of ads groups that can be configured is 100.
• Maximum number of ad-source lines per ads-group that can be configured is 32.
• Configuration will take effect only for new flows.
• Applications added using TLS/SNI ruledefs (custom defined protocols) will not be supported.
Bulk Statistics SupportThe system can be configured to collect bulk statistics (performance data) and send them to a collection server(called a receiver). Bulk statistics are statistics that are collected in a group. The individual statistics aregrouped by schema. ADC uses P2P schema for bulk statistics support.
The bulk statistics format previously supported by the older implementation for individual ADC protocols inECS schema is deprecated, and the new bulk statistics format is supported in 14.0 and later releases in thenew P2P schema.
Important
The P2P schema is designed in such a way that all variables that end with numeral value "name" are used toextract all data with numeral values "value" for all the protocols supported by the currently loaded patch.Withthe Dynamic Software Upgrade, the operator need not change the P2P schema by adding or removing variablesrelated to a particular protocol manually for each new patch.
The following is a sample configuration of bulk statistics in the P2P schema:
p2p schema p2p format
"%p2p-protocol%\n%p2p-protocol-group%\n%p2p-uplnk-bytes-name%:%p2puplnk-bytes-value
%\n%p2p-dwlnk-bytes-name%:%p2p-dwlnk-bytes-value%\n%p2p-uplnk-pktsname%:%p2p-uplnk-pkts-value%
p2p-uplnk-pkts-value%\n%p2p-dwlnk-pkts-name%:%p2p-dwlnk-pkts-value%\n%p2pduration-name%:
%p2p-duration-value%\n-------------------------------------\n"
If detection of a specific P2P protocol is enabled, bulk statistics for that protocol will be automatically generatedbased on the plugin installed on the chassis. In the case of protocols that support sub-classification (audio/filetransfer/instant messaging/video/voipout/unclassified), the bulk statistics will be dynamically generated foreach of the supported sub-classifications per protocol and also the corresponding total count which is the sumof values of the sub-classified data.
Important
For more information, see the P2P Schema chapter of the Statistics and Counters Reference.
ADC Administration Guide, StarOS Release 21.1010
Application Detection and Control OverviewBulk Statistics Support
How ADC WorksAs part of traffic analysis, packets will be first passed through the ADC analyzers when "p2pdynamic-flow-detection" is enabled. If it is not detected as P2P by any of the ADC analyzers, then it willfollow the rule matching to find an application analyzer.
ADC analyzers examine uplink and downlink traffic and use rules that define what packet content to takeaction on and what action to take when the rule is true. The analyzers also generate usage records for thebilling system. The rules are configured/defined in the same way as ECS in-line service ruledefs and rulebases.
For a few specific protocols, packets will be sent to non-ADC analyzers even after marking the flow as P2P.If the flow is marked as P2P and also analyzed by other analyzers, the statistics for display and debug purposesreflect in both analyzers. The EDR also displays the ADC application/protocol names if configured.
ADC also interfaces to a PCRF Diameter Gx interface to accept policy ACLs and rulebases from a PDF. ADCsupports real-time dynamic policy updates during a subscriber session. This includes modifying the subscriber'spolicy rules during an active session by means of ACL name and Rulebase name.
In Gx interface, a Charging Rulebase will be treated as a group of ruledefs. A group of ruledefs enablesgrouping rules into categories, so that charging systems can base the charging policy on the category. Whena request contains names of several Charging Rulebases, groups of ruledefs of the corresponding names areactivated. For ADC rules to work in the group of ruledefs, P2P detection has to be enabled in the rulebasestatically.
Static policy is supported initially. A default subscriber profile is assumed and can be overwritten on thegateway. Per-subscriber static policy is pulled by the gateway from theAAA service at subscriber authentication.
The following figure illustrates how packets travel through the system using ADC. The packets are investigatedand then handled appropriately using ruledefs for charging.Figure 1: Overview of Packet Processing in ECSv2
LimitationsThis section lists the limitations for the ADC protocols that support audio and video sub-classification.
ADC Administration Guide, StarOS Release 21.1011
Application Detection and Control OverviewHow ADC Works
If Audio and Video contents are in the same flow (TCP/UDP), video is considered as the predominantcomponent and the flow is marked as "video". In this scenario, throttling video will block both audio andvideo. Throttling only audio or video is not possible.
ADC Administration Guide, StarOS Release 21.1012
Application Detection and Control OverviewLimitations
C H A P T E R 2Application Detection and Control Configuration
This chapter describes how to configure the Application Detection and Control (ADC) feature.
This chapter covers the following topics:
• Configuring Dynamic Software Upgrade, on page 13• Configuring System for ADC, on page 15• Gathering ADC Statistics, on page 26• P2P Reports, on page 27
Configuring Dynamic Software UpgradeThis section describes how to install and configure the dynamic software upgrade plugin in the ASR 5500.
How to perform Dynamic Software UpgradeThe procedure for the dynamic software upgrade is as follows:
Step 1 Obtain the patch TAR file from your designated Cisco representative.Step 2 Copy the patch file into the /flash directory of the ASR 5500 chassis by the TFTP or FTP method.
patch plugin plugin_name filepath
For example:patch plugin p2p /flash/libp2p-1.97.354.so.tgz
Step 3 After the file has been copied, install the plugin using the following install plugin command from the Exec mode.
install plugin plugin_name patch_file_name
For example:install plugin p2p patch_libp2p-1.97.354.so.tgzpatch file patch_libp2p-1.97.354.so.tgz installed successfully
The plugin will be unpacked into /flash/patch/p2p directory. Ensure that there is enough space in the /flashdirectory before installing a given patch. Verify if the file is installed correctly using the dir/flash/patch/p2p/[patch_version_number.so] command. For example: dir /flash/patch/p2p/libp2p-1.97.354.so
Important
ADC Administration Guide, StarOS Release 21.1013
Step 4 After the patch has been successfully installed, the patch version must be configured before it can be loaded into thesystem. To configure the patch before any other version of patch, first check the existing plugin configuration usingthe following command. This command entered in the Exec mode is used to list the priorities on the configured patches.
show plugin plugin_name
For example:
show plugin p2p
The data is read from /flash/module.sys and if it is not available, reads the default priorities from /etc/plugin.conf(read only) and lists the priorities.
Important
Step 5 Configure the plugin using the plugin command from theGlobal Configurationmode, and enters the Plugin Configurationmode.plugin <plugin_name>module priority <number> version <module_version>For example:configureplugin p2pmodule priority 1 version 1.97.354
The plugin name must match the name of the plugin which has been copied to and unpacked on the system or an errormessage is displayed.
The above configuration will be internally stored in /flash/module.sys so that the current configuration survivesan ASR 5500 reload. Ensure that the file is not deleted by mistake.
Important
Step 6 Enter the following command to update the specified module running in the system. Wait 5-10 seconds for the updateto occur on all the PSC cards.
update module <plugin_name>
For example:update module p2pUpdate to module p2p version 1.97.354 successful
When the above command is issued, the priorities configured usingmodule priority command is converted into aModule priority List and then the module with least priority is loaded. If it fails to load, the module with next higherpriority is attempted and so on till a successful load occurs.
If none of the configured modules load properly, then the system automatically tries to load the default patchthat comes along with the currently loaded build.
Important
Step 7 Enter the following command to rollback a running patch version in the system:
rollback module <plugin_name>
For example:rollback module p2prollback plugin p2p module priority 10 library /var/opt/lib/libp2p-1.97.357.so load successful
When the above command is issued, the system automatically tries to load the patch with next highest priority in theVPL and if that fails, it tries to load the next one and so on.
Step 8 Enter the following command in Exec mode to view the status of the currently running VPL. Ensure that the patch withleast priority is loaded. Others will have the "loaded" column displayed as "no".
ADC Administration Guide, StarOS Release 21.1014
Application Detection and Control ConfigurationHow to perform Dynamic Software Upgrade
show module <plugin_name> [ verbose ]
For example:show module p2pModule p2pPriority version loaded location update/rollback time status
1 1.97.354 no /var/opt/lib FRI Feb 28 07:15:42 2014 success2 1.97.357 yes /var/opt/lib FRI Feb 28 07:15:42 2014 successX 1.82.118 no /lib (never) N/A
Step 9 Delete older patch files. Unconfigure plugin from configuration and manually delete the older patch files from/flash/patch/<plugin_name> directory to save disk space if necessary.
plugin <plugin_name>
no module priority <plugin_number>
For example:configureplugin p2pno module priority 1end
del /flash/patch/p2p/libp2p-1.97.354.sodel /flash/patch/p2p/patch_libp2p-1.97.354.so.tgz
Step 10 For an ICSR setup:If the ASR 5500 system is in ICSR mode (geographical redundancy) then the operator has to repeat the above stepsfor update/rollback in both the systems individually. If it is not done, then after an SRP switchover the new active ASR5500 comes up with an outdated plugin priority which can lead to loading an older version of patch for a particularplugin. Using the srp validate-configuration command, check for the same plugin module priority and raise error ifit is different across the active-standby pair.
Configuring System for ADCThis section lists the high-level steps to configuring the system with enhanced charging services for ADC inconjunction with ECS services.
To configure the system for ADC support with ECS:
Step 1 Set initial configuration parameters such as modifying the local context as described in the Initial Configuration section.Step 2 Enable the Enhanced Charging service with ADC and set basic ECS parameters such as service configuration, Ruledefs,
charging actions, and EDRs as described in the ADC Configuration section.Step 3 Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
command save configuration. For additional information on how to verify and save configuration files, refer to the SystemAdministration Guide and the Command Line Interface Reference.
ADC Administration Guide, StarOS Release 21.1015
Application Detection and Control ConfigurationConfiguring System for ADC
Commands used in the configuration examples in this section provide base functionality to the extent that themost common or likely commands and/or keyword options are presented. In many cases, other optionalcommands and/or keyword options are available. Refer to the Command Line Interface Reference for completeinformation regarding all commands.
Important
Initial ConfigurationTo perform initial system configuration for ADC support with ECS:
Step 1 Enable ACS as described in the Enabling Enhanced Charging, on page 16 section.Step 2 Set local system management parameters as described in the Modifying the Local Context, on page 16 section.
Enabling Enhanced ChargingUse the following configuration example to enable enhanced charging on the system:
configurerequire active-chargingend
After you configure the require active-charging command, you must save the configuration and then reloadthe chassis for the command to take effect. For information on saving the configuration file and reloading thechassis, refer to the System Administration Guide for your deployment.
Important
Modifying the Local ContextUse the following configuration example to set the default subscriber and AAA group in the local context:
configurecontext local
interface <interface>
ip address <ipv4/ipv6_address/mask>
ip arp timeout <timeout>
exitserver ftpdexitserver sshd
subsystem sftpexit
server telnetdexit
subscriber defaultexit
administrator <security_admin> encrypted password <password> ftpaaa group default
ADC Administration Guide, StarOS Release 21.1016
Application Detection and Control ConfigurationInitial Configuration
exitgtpp group default
exitip route <route> SPIO1exitport ethernet <slot/port>
no shutdownbind interface <interface> local
exitsnmp engine-id local <id_number>
end
ADC ConfigurationTo configure ADC with ACS:
Step 1 Create the ACS service as described in the Creating the Active Charging Service, on page 17 section.Step 2 Configure ADC rules as described in the Configuring ADC Rules section.Step 3 Configure P2P protocol groups as described in the Configuring P2P Protocol Groups, on page 19 section.Step 4 Configure behavioral traffic as described in the Configuring Behavioral Detection, on page 20 section.Step 5 Configure the P2P Advertisement server correlation group as described in the Configuring P2P Advertisement server,
on page 21 section.Step 6 Configure SSL renegotiation as described in the Configuring SSL Renegotiation section.Step 7 Configure analyzers as described in the Configuring Analyzers section.Step 8 Configure the charging action as described in the Configuring the Charging Action, on page 22 section.Step 9 Configure the rulebase as described in the Configuring the Rulebase section.Step 10 Optional: Set EDR formats as described in the Setting EDR Formats section.Step 11 Configure the IP protocol and server port mapping for EDRs as described in the Configuring IP Protocol and Server
port mapping, on page 24 section.Step 12 Configure the P2P events for generation of EDRs as described in the Configuring EDR for P2P Events, on page 25
section.
Commands used in the configuration examples in this section provide base functionality to the extent thatthe most common or likely commands and/or keyword options are presented. In many cases, other optionalcommands and/or keyword options are available. Refer to theCommand Line Interface Reference for completeinformation regarding all commands.
Important
Creating the Active Charging ServiceUse the following configuration example to create the ACS service:
configureactive-charging service <acs_service_name> [ -noconfirm ]end
ADC Administration Guide, StarOS Release 21.1017
Application Detection and Control ConfigurationADC Configuration
The p2p-dynamic-rules protocol all CLI command under Active Charging service is deprecated, and notsupported in 12.0 and later releases.
Important
Configuring ADC RulesUse the following configuration example to set the P2P detection protocols in the ACS and the rule definitionsfor each P2P protocol.
The list of P2P protocols will be populated based on the currently installed plugin.Important
configureactive-charging service <acs_service_name>
p2p-detection protocol allruledef <charging_ruledef_actionvoip>
p2p protocol = actionvoipexitruledef <charging_ruledef_facebook>
p2p protocol = facebookexitruledef <charging_ruledef_jabber>
p2p protocol = jabberexitruledef <charging_ruledef_skype>
p2p protocol = skypeexit# Configuration example to report audio, file transfer, instant messaging, video, voipoutand unclassified components:ruledef <charging_ruledef_<protocol>_audio>
p2p protocol = <protocol>p2p traffic-type = audioexitruledef <charging_ruledef_<protocol>_ft>
p2p protocol = <protocol>p2p traffic-type = file-transferexitruledef <charging_ruledef_<protocol>_im>
p2p protocol = <protocol>p2p traffic-type = imexitruledef <charging_ruledef_<protocol>_video>
p2p protocol = <protocol>p2p traffic-type = videoexitruledef <charging_ruledef_<protocol>_voipout>
p2p protocol = <protocol>p2p traffic-type = voipoutexit
ADC Administration Guide, StarOS Release 21.1018
Application Detection and Control ConfigurationConfiguring ADC Rules
ruledef <charging_ruledef_<protocol>_unclassified>
p2p protocol = <protocol>p2p traffic-type = unclassifiedexitend
Configuring ADC Ruledef Types
Use the following configuration to configure ADC ruledefs in support of the ADC over Gx feature:
configureactive-charging service service_name
ruledef adc_rule_type1
p2p protocol = protocol_name
p2p protocol-group = protocol_group
p2p behavioral = behavioral_list
multi-line-or all-linesexit
ruledef adc_rule_type2
p2p protocol = protocol_name
p2p traffic-type = traffic-type
exitruledef adc_rule_type2
p2p any-match = TRUEexit
Sample Ruledef Configuration for Windows Updates
Use the following ruledef CDP configuration for detecting Windows Updates:
Ruledef Name: windowsupdatetls sni ends-with windowsupdate.comtls sni ends-with update.microsoft.comhttp host ends-with windowsupdate.comhttp host ends-with update.microsoft.comtls set-app-proto windowsupdateRule Application Type: ChargingCopy Packet to Log: DisabledTethered Flow Check: DisabledMulti-line OR: All Lines
Configuring P2P Protocol GroupsUse the following configuration example to configure P2P protocol groups:
configureactive-charging service <acs_service_name>
ruledef <ruledef_name>
[ no ] p2p protocol-group <operator> <group_list>
end
Notes:
<group_list> must be one of the following:
ADC Administration Guide, StarOS Release 21.1019
Application Detection and Control ConfigurationConfiguring ADC Ruledef Types
• anonymous-access• business• communicator• cloud• e-mail• e-news• e-store• internet-privacy• filesharing• gaming• p2p-anon-filesharing• p2p-filesharing• remote-control• social-nw-gaming• social-nw-generic• social-nw-videoconf• standard• streaming• untagged
For more information, refer to the ACS Ruledef Configuration Mode Commands chapter of the CommandLine Interface Reference.
Configuring Behavioral DetectionUse the following configuration example to configure behavioral detection of unidentified traffic:
configureactive-charging service <acs_service_name>
[ no ] p2p-detection behavioral <behavioral_list>
end
Use the following to define rule expressions to match behavioral detection type—P2P, Video, VoIP, BehavioralUpload or Behavioral Download.
configureactive-charging service <acs_service_name>
ruledef <ruledef_name>
[ no ] p2p behavioral <operator> <behavioral_list>
end
Notes:
• Here the<behavioral_list> is the list of supported behavioral detection logic populated from the currentlyloaded P2P plugin. The supported behavioral list is:
• download: Detects unknown flows which are data download using behavioral analysis
• p2p: Detects P2P and file sharing protocols using behavioral analysis
• upload: Detects unknown flows which are data upload using behavioral analysis
• video: Detects video flows using behavioral analysis
ADC Administration Guide, StarOS Release 21.1020
Application Detection and Control ConfigurationConfiguring Behavioral Detection
• voip: Detects VoIP (voice and video) protocols using behavioral analysis
Behavioral P2P, behavioral video and behavioral VoIP are meant for zero day detection of P2P/file sharingprotocols, video traffic and VoIP traffic respectively. Behavioral Upload/Download must detect flows ofnon-standard ports that cannot be detected by ECS. This feature is meant only for statistical purposes (not forcharging purposes). For more information, refer to the ACS Configuration Mode Commands and ACS RuledefConfiguration Mode Commands chapters of the Command Line Interface Reference.
Configuring P2P Advertisement serverUse the following configuration to configure the P2P Advertisement server correlation group:
configureactive-charging service acs_service_name
[ no ] p2p ads-group ads_group_name
[ no ] ad-source operator http_host_name/ssl_server_name
[ no ] map-to-application { p2p_list } +end
Notes:
• On entering this command, the CLI prompt changes to the P2PAdvertisement Server Group ConfigurationMode:
[context_name]hostname(config-acs-p2p-ads)#
• ads_group_name must be an alphanumeric string of 1 through 63 characters.
• The following two commands are supported in the new P2P Advertisement Server Group ConfigurationMode.
• ad-source operator http_host_name/ssl_server_name: Configures the P2P Advertisement sourcethat can be a HTTP host or SSL server. SSL supports the Server Name indication (SNI) field.
operator can be “=”, “contains”, “ends-with” or “starts-with”.
http_host_name/ssl_server_name must be an alphanumeric string of 1 through 127 characters.
• map-to-application p2p_list: Configures the P2P advertisement application that will map theadvertisement group to the corresponding application/protocol. p2p_list is the list ofprotocols/applications supported in the P2P plugin. The maximum number of map-to-applicationrule lines that can be configured is equal to the number of the applications present in p2p_list.
• The existing analyzer statistics and EDR will accumulate P2P related statistics based on the ads-groupconfiguration. Bulk statistics will accumulate "ads" subtype statistics for the configured protocol inp2p-ads-group.
• The existing ruledef configuration will be used to configure any charging action.
For more information, refer to the ACS ConfigurationMode Commands and P2P Advertisement Server GroupConfiguration Mode Commands chapters of the Command Line Interface Reference.
Configuring SSL RenegotiationUse the following configuration example to configure SSL renegotiation:
ADC Administration Guide, StarOS Release 21.1021
Application Detection and Control ConfigurationConfiguring P2P Advertisement server
configureactive-charging service <acsservice_name>
[ no ] p2p-detection attribute { <attribute_list> [<sub_attribute_name> <sub_attribute_value> ] }
end
Notes:
• Here the <attribute_list> is the list of configurable P2P detection attributes populated from the currentlyloaded P2P plugin.
Supported attribute: ssl-renegotiation
• <sub_attribute_name> is the list of configurable P2P detection sub-attributes related to the attributeselected from the attribute list. This list is populated from the currently loaded P2P plugin.
Supported sub-attributes if selected attribute is ssl-renegotiation:
• max-entry-per-sessmgr
• id-reduce-factor
• <sub_attribute_value> is the value of the selected sub-attribute. If sub-attribute is not specified, thedefault value set in the P2P plugin will be used.
For more information, refer to theACSConfigurationMode Commands chapter of theCommand Line InterfaceReference.
Configuring AnalyzersUse the following configuration example to configure analyzers for ECS analysis:
configurerequire active-chargingactive-charging service <acs_service_name>
[ no ] p2p-detection ecs-analysis { all | ftp | http | rtsp| sip }
end
After you configure require active-charging and active-charging service<acs_service_name> commands,you must save the configuration and then reload the chassis for the command to take effect. For informationon saving the configuration file and reloading the chassis, refer to the System Administration Guide for yourdeployment.
Important
For more information, refer to theACSConfigurationMode Commands chapter of theCommand Line InterfaceReference.
Configuring the Charging ActionUse the following configuration example to configure the charging actions:
configureactive-charging service <acs_service_name>
charging-action <charging_action_name1>
ADC Administration Guide, StarOS Release 21.1022
Application Detection and Control ConfigurationConfiguring Analyzers
flow limit-for-bandwidth direction downlink peak-data-rate 4000peak-burst-size 1024 violate-action discard committed-data-rate 3200committed-burst-size 512 exceed-action discard
exitcharging-action <charging_action_name2>
content-id 1exit
charging-action <charging_action_name3>
flow action terminate-flowend
Configuring the RulebaseUse the following configuration example to configure the rulebases for P2P.
configureactive-charging service <acs_service_name>
rulebase <rulebase_name>
action priority action_priority { [ dynamic-only { adc [ mute ] } |static-and-dynamic | timedef timedef_name ] { group-of-ruledefsruledefs_group_name | ruledef ruledef_name } charging-action charging_action_name [monitoring-key monitoring_key ] [ description description ] }
# Configurationexample to detect P2P applications configured for the Active ChargingService:action priority <priority> ruledef <charging_ruledef_actionvoip> charging-action<charging_action_name>
action priority <priority> ruledef <charging_ruledef_facebook> charging-action<charging_action_name>action priority <priority> ruledef <charging_ruledef_jabber> charging-action<charging_action_name>action priority <priority> ruledef <charging_ruledef_skype> charging-action<charging_action_name># Configuration example to report audio, file transfer, instant messaging, video, voipoutand unclassified components:action priority <priority> ruledef <charging_ruledef_protocol_audio>
charging-action <charging_action_name>
action priority <priority> ruledef <charging_ruledef_protocol_ft> charging-action<charging_action_name>
action priority <priority> ruledef <charging_ruledef_protocol_im> charging-action<charging_action_name>
action priority <priority> ruledef <charging_ruledef_protocol_video>
charging-action <charging_action_name>
action priority <priority> ruledef <charging_ruledef_protocol_voipout>
charging-action <charging_action_name>
action priority <priority> ruledef <charging_ruledef_protocol_unclassified>
charging-action <charging_action_name>
endend
Notes:
• The adc keyword option specifies the ruledef to be given as ADC rule. This predefined rule can beactivated from PCRF/Gx. This can be configured only with the dynamic-only keyword and optionalalong with ruledef. Group-of-ruledefs is not supported in this release.
ADC Administration Guide, StarOS Release 21.1023
Application Detection and Control ConfigurationConfiguring the Rulebase
• Themute keyword is optional and can be configured only with the adc keyword. This keyword optionwill disable ADC application reporting to PCRF, that is, will mute the Application Start and ApplicationStop notifications to PCRF/Gx. Detection of protocols in the rule will still happen. Whenever theapplication traffic matches the specified ruledef for the first time in that flow, it is considered as ApplicationStart. At the end of flow, it is considered as Application Stop.
Setting EDR FormatsECS generates postpaid charging data files which can be retrieved from the system periodically and used asinput to a billing mediation system for post-processing. Event Detail Records (EDRs) are generated accordingto action statements in rule commands.
Up to 32 different EDR schema types may be specified, each composed of up to 32 fields or analyzer parameternames. The records are written at the time of each rule event in a comma-separated (CSV) format. Thisconfiguration aids in capturing the detected P2P protocol data in the EDR.
Use the following example to set the EDR configuration:
configureactive-charging service <ecs_service>
edr-format <edr_flow_format>
rule-variable traffic-type priority <priority>
rule-variable p2p duration priority <priority>
attribute sn-start-time format seconds priority <priority>
attribute sn-end-time format seconds priority <priority>
attribute radius-calling-station-id priority <priority>
rule-variable ip server-ip-address priority <priority>
attribute sn-server-port priority <priority>
attribute sn-port-service-name priority <priority>
attribute sn-app-protocol priority <priority>
attribute sn-parent-protocol priority <priority>
rule-variable ip protocol priority <priority>
attribute sn-ip-protocol-name priority <priority>
rule-variable p2p protocol priority <priority>
rule-variable p2p protocol-group priority <priority>
attribute sn-volume-amt ip bytes uplink priority <priority>
attribute sn-volume-amt ip bytes downlink priority <priority>
attribute sn-volume-amt ip pkts uplink priority <priority>
attribute sn-volume-amt ip pkts downlink priority <priority>
rule-variable bearer 3gpp charging-id priority <priority>
rule-variable bearer 3gpp imei priority <priority>
rule-variable bearer 3gpp rat-type priority <priority>
rule-variable bearer 3gpp user-location-information priority<priority>
end
For information on EDR format configuration and rule variables, refer to the EDR Format ConfigurationMode Commands chapter of the Command Line Interface Reference Guide.
Configuring IP Protocol and Server port mappingUse the following configuration to enable IP protocol and server port mapping for EDRs:
ADC Administration Guide, StarOS Release 21.1024
Application Detection and Control ConfigurationSetting EDR Formats
configureactive-charging service <acs_service_name>
[ default | no ] edr-ipproto-port-mapend
For information, refer to the ACS Configuration Mode Commands chapter of the Command Line InterfaceReference.
Configuring EDR for P2P EventsADC supports sub-protocol detection for certain applications like Skype, Yahoo, MSN, GTalk, etc. Alongwith sub-protocol tracking, the application detection logic can track start and end duration of audio/videoflow. This audio-end/video-end tracking heavily depends on the audio/video patterns used by the applicationdetection logic. For example, in the case of audio flow start for a sub-protocol tracking, application detectionlogic begins tracking the start time and if that flow toggles to another sub-protocol that is video or unclassified,the end time for that sub-protocol is set and the EDR for that flow is dumped. Since certain applications usesimultaneous flows for audio/video, parallel flow is tracked for all such flows instead of tracking separatedaudio/video flows.
Use the following configuration to generate EDRs for P2P events. This command is associated with theDynamic Software Upgrade process.
configureactive-charging service <acs_service_name>
rulebase <rulebase_name>
edr p2p <p2p_event_list> [ charging-edr <charging_edr_format_name> |edr-format <edr_format_name> | reporting-edr <reporting_edr_format_name> ] +
end
When the 1.97.357 ADC Plugin is used, Voice Duration details in EDR logs are missing. This has been fixedin plugins later than 1.97.357.
Important
Notes:
• The plugin supports only the "audio-end" and "video-end" events. The P2P event list can be any P2Pevent that is supported by the plugin.
• The EDR generated for audio-end/video-end must not be used for flow analysis, and must be used onlyfor audio/video duration analysis.
• For audio/video duration analysis (for example, VCD reports), the "sn-closure-reason" field must bechecked to identify the reason for closure and the appropriate EDR chosen to generate the reports. The"sn-closure-reason" field will be set to 14 for capturing audio-end and video-end generated EDRs. Forexample, in case of audio-end events, all VoIP call related statistics such as VoIP duration andbytes/packets are captured along with traffic-type field set as "audio" and sn-closure-reason set as "14".
For information, refer to the ACS Rulebase Configuration Mode Commands chapter of the Command LineInterface Reference.
ADC Administration Guide, StarOS Release 21.1025
Application Detection and Control ConfigurationConfiguring EDR for P2P Events
Gathering ADC StatisticsIn the following table, the first column lists what statistics to gather, the second column lists an action toperform, and the third column describes what information is displayed or what information to look for in theresulting output.
Table 1: Gathering Statistics
Information to Look ForAction to PerformStatistics Wanted
The output of this commanddisplays the analyzer statistics if aP2P analyzer is used. Since theanalyzer statistics are not bound toany service, the traffic informationper gateway can be obtained.
show active-charging analyzerstatistics name p2p verbose
Analyzer statistics
The output of this commanddisplays the Ruledef statisticsincluding the packet count, bytecount and hits.
show active-charging ruledefstatistics name <name>
Ruledef statistics
The output of this commanddisplays the number of P2P audio,file transfer, instant messaging,video, voipout and unclassifiedflows.
show active-charging flows typep2p traffic-type audio
show active-charging flows typep2p traffic-type file-transfer
show active-charging flows typep2p traffic-type im
show active-charging flows typep2p traffic-type video
show active-charging flows typep2p traffic-type voipout
show active-charging flows typep2p traffic-type unclassified
P2P flow statistics
The output of this commanddisplays the charging actioninformation and correspondingstatistics configured in the activecharging service.
show active-chargingcharging-action statistics
Charging Action information
The output of the commanddisplays the information forsessions that have received ortransmitted data which matches thecriteria.
show active-charging sessionstx-data <operator> <bytes>
show active-charging sessionsrx-data <operator> <bytes>
Transmit and Receive data
ADC Administration Guide, StarOS Release 21.1026
Application Detection and Control ConfigurationGathering ADC Statistics
Information to Look ForAction to PerformStatistics Wanted
The output of this commanddisplays information for thesessions using the specifiedprotocol.
show active-charging sessionstype p2p application <protocol>
show active-charging sessions fullall
Sessions using specific protocol
The output of this commanddisplays total and current P2P flowsand P2P audio/file-transfer/instantmessaging/video/voipout/unclassifiedflow statistics, and total number ofsubscribers.
show active-charging subsystemall
Total and current P2P flows andP2P audio, file-transfer, im, video,voipout, or unclassified flows
The output of this commanddisplays the voice and non-voiceanalyzer statistics for voicesupported protocols.
show active-charging analyzerstatistics name p2p application [actionvoip | facetime | gtalk | icall| jumblo | magicjack | msn | oscar| plingm | rynga | skype |smartvoip | talkatone |voipdiscount | vopium | yahoo ]verbose
Voice Statistics
The output of this commanddisplays the P2P protocol groupstatistics if a P2P analyzer is used.
show active-charging analyzerstatistics name p2pprotocol-group wide all verbose
P2P Protocol Group Statistics
In support of the ADC over Gxfeature, the output of this commanddisplays readdress statistics atsubscriber level for a given call ID.
show subscribers callid <callid>adc readdress statistics
Subscriber Readdress Statistics
Supported Bulk StatisticsADC bulk statisticsa are available as part of the P2P schema. If detection of a specific P2P protocol is enabled,bulk statistics for that protocol will be automatically generated using the Dynamic Software Upgrade plugininstalled on the chassis. In the case of protocols that support sub-classification (audio/video/unclassified), thebulk statistics will be generated for each of the supported sub-classifications per protocol and also thecorresponding cumulative count.
For information on ADC bulk statistics and bulk statistics configuration and collection, refer to the BulkStatistics ConfigurationMode Commands chapter of theCommand Line Interface Reference, and the Statisticsand Counters Reference.
P2P ReportsThe P2P reports provide details of the bandwidth consumption of P2P traffic over time. These reports areused to analyze network performance, identify the customer trends, network usage patterns, and networkcategorization.
ADC Administration Guide, StarOS Release 21.1027
Application Detection and Control ConfigurationSupported Bulk Statistics
In 9.0 and earlier releases, the P2P reporting functionality was available in theWeb ElementManager software.For more information, refer to theWeb Element Manager Online Help documentation.
Important
In 10.0 and later releases, the P2P reporting functionality is supported in Mobility Unified Reporting (MUR)/ Mobility Unified Reporting and Analytics (MURAL) system. For more information on MUR, refer to theMobility Unified Reporting Online Help documentation. For more information on MURAL support, refer totheMURAL Installation and Administration Guide andMURAL User Guide.
Important
The following bandwidth usage reports are supported:
• Cumulative analyzer count - representing the total bandwidth consumed by the P2P traffic in bits/sec.Daily, monthly or yearly reports are supported.
• Total bandwidth consumed P2P traffic against other protocols like HTTP, RTSP, etc. Daily or monthlyreports are supported.
• Per protocol type - total bandwidth consumed by the individual P2P protocol traffic in packets/sec orbytes/sec plotted against time range or date range. Daily reports are supported. The graph uses separatecolors to differentiate among the multiple protocol types.
• The number of active users per application for specified date/time range. Daily reports are supported.
• Analysis of the percentage of total bandwidth consumed by P2P traffic from the total subscriber traffic.Weekly reports are supported.
For additional information about viewing reports, refer to theWeb Element Manager Online Helpdocumentation.
Important
ADC Administration Guide, StarOS Release 21.1028
Application Detection and Control ConfigurationP2P Reports
C H A P T E R 3App-based Tethering Detection
• Feature Information, on page 29• Feature Description, on page 30• How It Works, on page 30• Configuring App-based Tethering Detection, on page 30• Monitoring and Troubleshooting the App-based Tethering Detection, on page 32
Feature InformationSummary Data
New FeatureStatus
21.2Introduced-In Release
Not ApplicableModified-In Release(s)
P-GWApplicable Product(s)
ASR 5500Applicable Platform(s)
DisabledDefault Setting
CSCvd65410Related CDETS ID(s)
Not ApplicableRelated Changes in This Release
ADC Administration Guide
Command Line Interface Reference
Related Documentation
Revision History
Revision history details are not provided for features introduced before release 21.2.Important
ADC Administration Guide, StarOS Release 21.1029
Release DateReleaseRevision Details
April 27, 201721.2New in this release.
Feature DescriptionThe tethering of IPv4 and IPv6 traffic has increased, and the native device recognition techniques are lessviable with the advent of proxy tethering Apps on smartphones.
A new App-based Tethering Detection is introduced with this release. This solution interwork with otherexisting Tethering Detection techniques.
How It WorksThis solution is built around the existing ADC plugins for App identifications. Tethering specific patterns areadded on top of recognized App plugins. These plugins successively return if the App flow is tethered or not.
With this release, App-based Tethering Detection is introduced only for Netflix and YouTube.Important
LicensingThis feature requires both ADC, and Tethering Detection License. Contact your Cisco account representativefor detailed information on specific licensing requirements. For information on installing and verifying licenses,refer to theManaging License Keys section of the Software Management Operations chapter in the SystemAdministration Guide.
Configuring App-based Tethering DetectionThis section describes how to enable support for App-based Tethering Detection.
Enabling App-based Tethering Detection at Rulebase LevelUse the following commands to enable App-based Tethering Detection for ADC traffic under ACS RulebaseConfiguration Mode:
configureactive-charging service service_name
rulebase rulebase_name
tethering-detection applicationexit
exitexit
Notes:
ADC Administration Guide, StarOS Release 21.1030
App-based Tethering DetectionFeature Description
• The default tethering-detection command configures its default setting.
Default: By default, the Tethering Detection feature is disabled.When enabled, unless a specific databaseis specified to be used, tethering detection will make use of both the databases by default.
• If previously configured, use the no tethering-detection command to remove the tethering detectionconfiguration from the rulebase.
Enabling App-based Tethering Detection at Ruledef LevelUse the following commands to enable App-based Tethering Detection for ADC traffic under ACS RuledefConfiguration Mode:
configureactive-charging service service_name
ruledef ruledef_name
tethering-detection application flow-tetheredexit
exitexit
Notes:
• If previously configured, use the no tethering-detection command to remove the tethering detectionconfiguration from the ruledef.
Enabling App-based Tethering Detection at Rule-variableUse the following commands to enable App-based Tethering Detection field in EDRs under EDR FormatConfiguration Mode:
configureactive-charging service service_name
edr-format format_name
rule-variable flow tethered-application priority priority
exitexit
exit
Notes:
• flow tethered-application: The flow specifies Flow related fields. tethered-application specifies applicationbased tethering detected on flow.
• priority priority: Specifies the CSV position of the field (protocol rule) in the EDR. prioritymust be aninteger from 1 through 65535.
• If previously configured, use the no rule-variable rule_variable [ priority priority ] command to removethe specified rule variable configuration.
ADC Administration Guide, StarOS Release 21.1031
App-based Tethering DetectionEnabling App-based Tethering Detection at Ruledef Level
Monitoring and Troubleshooting the App-based TetheringDetection
This section provides information regarding commands available to monitor and troubleshoot the App-basedTethering Detection.
Show Commands and OutputsThis section provides information regarding show commands and their outputs in support of this enhancement.
show active-charging tethering-detection statistics
The following fields are available in the output of this show command in support of this enhancement:Current Tethered Subscribers: 0Total flows scanned: 0Total Tethered flows detected: 0Total Tethered flows recovered: 0Total flows bypassed for scanning : 0
Tethering Detection Statistics (os-ua):TAC ID lookups: 0TAC ID matches: 0OS signature lookups: 0OS signature matches: 0IPv6 OS signature lookups: 0IPv6 OS signature matches: 0UA signature lookups: 0UA signature matches: 0Total flows scanned: 0Tethered flows detected: 0Non-tethered flows detected: 0Tethered Uplink Packets: 0Tethered Downlink Packets: 0Current tethering-detected indications sent: 0Total tethering-detected indications sent: 0
Tethering Detection Statistics (ip-ttl):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Tethering Detection Statistics (DNS Based):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Tethering Detection Statistics (Application):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Change Statistics for Multiple SYN in Flow:
ADC Administration Guide, StarOS Release 21.1032
App-based Tethering DetectionMonitoring and Troubleshooting the App-based Tethering Detection
Tethered to Non-Tethered: 0Non-Tethered to Tethered: 0Tethered to Tethered: 0Non-Tethered to Non-Tethered: 0
show active-charging rulebase statistics
The following fields are available in the output of this show command in support of this enhancement:Tethering Detection:
TAC ID lookups: 0TAC ID matches: 0OS signature lookups: 0OS signature matches: 0IPv6 OS signature lookups: 0IPv6 OS signature matches: 0UA signature lookups: 0UA signature matches: 0Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Tethering Detection (ip-ttl):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Tethering Detection (DNS Based):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
Tethering Detection (Application):Total flows scanned: 0Tethered flows detected: 0Tethered uplink packets: 0Tethered downlink packets: 0
ADC Administration Guide, StarOS Release 21.1033
App-based Tethering DetectionShow Commands and Outputs
ADC Administration Guide, StarOS Release 21.1034
App-based Tethering DetectionShow Commands and Outputs
C H A P T E R 4Peer-to-Peer Protocol and Application DetectionSupport
This appendix lists all the protocols and applications currently supported by Cisco ASR 5500 ADC.
• Supported Protocols and Applications, on page 35
Supported Protocols and ApplicationsThis section lists all the supported P2P protocols, sub-protocols, and the applications using these protocols.
Please note that various client versions are supported for the protocols. The client versions listed in the tablebelow are the latest supported version(s).
Important
Please note that the release version in the Supported from Release column has changed forprotocols/applications that are new since the ADC plugin release in August 2015. This will now be the ADCPlugin Build number in the x.xxx.xxx format. The previous releases were versioned as 1.1 (ADC plugin releasefor December 2012 ), 1.2 (ADC plugin release for April 2013), and so on for consecutive releases.
Important
New in this ReleaseThis section lists the supported P2P protocols, sub-protocols and applications introduced in the ADC Pluginrelease for October 1, 2018.
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.28.990
Streaming-video
Unclassified
Streaming7.1.2ABSCBN(Android)
ABSCBN
10.3.3ABSCBN (iOS)
—ABSCBN (Web)
ADC Administration Guide, StarOS Release 21.1035
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.28.990
Streaming-video
Unclassified
Streaming1.0.13Smashcast(Android)
Smashcast
1.0.13Smashcast (iOS)
—Smashcast(Web)
ADC Plugin2.28.990
Streaming-audio
Unclassified
Streaming1.01Danzwave(Android)Danzwave
3.3Danzwave (iOS)
—Danzwave(Web)
—PreDanz(Android)
—PreDanz (iOS)
—PreDanz (Web)
—RadioDanz(Android)
—RadioDanz(iOS)
—RadioDanz(Web)
—Chilltrax(Android)
—Chilltrax (iOS)
—Chilltrax (Web)
ADC Plugin2.28.990
Streaming-audio
Unclassified
Streaming4.0Dashradio(Android)Dashradio
4.4Dashradio (iOS)
—Dashradio(Web)
ADC Administration Guide, StarOS Release 21.1036
Peer-to-Peer Protocol and Application Detection SupportNew in this Release
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.28.990
Streaming-video
Unclassified
Streaming3.0.1Vimeo(Android)
Vimeo
6.30Vimeo (iOS)
—Vimeo (Web)
—IndieFlix(Android)
—IndieFlix (iOS)
—IndieFlix (Web)
—Tribeca Shortlist(Android)
—Tribeca Shortlist(iOS)
—Tribeca Shortlist(Web)
ADC Plugin2.28.990
Unclassified3.5.053AndroidMessages forWeb (Android)
AndroidMessages forWeb
—AndroidMessages forWeb (iOS)
—AndroidMessages forWeb (Web)
ADC Plugin2.28.990
UnclassifiedStreamingCA.4.4.1Taxify(Android)
Taxify
CI.3.54Taxify (iOS)
—Taxify (Web)
All Supported Protocols and ApplicationsThis section lists all the supported P2P protocols, sub-protocols and applications supported until ADC Pluginrelease on August 1, 2018.
ADC Administration Guide, StarOS Release 21.1037
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.21.912
Streaming-video
Unclassified
Streaming1.6120Sports(Android)
120Sports
1.8.9120Sports (iOS)
—120Sports(Windows)
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming4.4.16play (Android)6Play
4.4.16play (iOS)
—6play(Windows)
ADC Plugin2.11.833
Streaming-audio
Streaming-video
Unclassified
Streaming3.1.18.417Abcnetworks(Android)
Abcnetworks
5.0.13Abcnetworks(iOS)
—Abcnetworks(Windows)
3.16.0Disney Channel(Android)
5.6.1Disney Channel(iOS)
—Disney Channel(Windows)
3.16.0Disney XD(Android)
5.6.1Disney XD(iOS)
—DisneyXD(Windows)
3.16.0Disney Junior(Android)
5.6.1Disney Junior(iOS)
—Disney Junior(Windows)
ADC Administration Guide, StarOS Release 21.1038
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.2.719
Streaming-audio
Unclassified
Streaming1.57Accuradio(Android)
Accuradio
2.32Accuradio (iOS)
—Accuradio(Windows)
Pre StarOS 12.0—Business——ActiveSync
1.2Audio
Unclassified
Communicator4.01ActionVoip(Android)
ActionVoip
1.0ActionVoip(iOS)
4.13ActionVoip(Windows)
1.4—Business2.1.2Adobe Connect(Android)
Adobe Connect
2.1Adobe Connect(iOS)
9.0.4Adobe Connect(Windows)
ADC Administration Guide, StarOS Release 21.1039
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.1.701
Streaming-video
Unclassified
Streaming2.2.0A&E (Android)AENetworks
2.6.0A&E (iOS)
—A&E(Windows)
ADC Plugin2.28.990
3.1.3Lifetime(Android)
ADC Plugin2.28.990
3.8.4Lifetime (iOS)
—Lifetime(Windows)
ADC Plugin2.28.990
2.3.3Lifetime MovieClub (Android)
ADC Plugin2.28.990
3.3.3Lifetime MovieClub (iOS)
—Lifetime MovieClub (Windows)
ADC Plugin2.5.771
2.3.2History(Android)
2.6.4History (iOS)
—History(Windows)
ADC Plugin2.9.813
—1.2.0History Vault(Android)
2.2History Vault(iOS)
—History Vault(Windows)
ADC Plugin2.28.990
—FYI (Android)
—FYI (iOS)
—FYI (Web)
Pre StarOS 12.0—File Sharing——Aimini
ADC Administration Guide, StarOS Release 21.1040
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.2—Cloud3.5.0AmazonCloud(Android)
AmazonCloud
3.9.0.0AmazonCloud(iOS)
1.5.0AmazonCloud(Windows)
ADC Plugin1.141.522
—Streaming4.6.5.60050AmazonMusic(Android)
Amazon Music
3.1.0AmazonMusic(iOS)
—AmazonMusic(Windows)
ADC Plugin1.146.551
Streaming-video
Unclassified
Streaming3.0.57Amazon Video(Android)
Amazon Video
3.30.13182Amazon Video(iOS)
StarOS 12.0—Peer to PeerAnonymous FileSharing
1.6.0AntsP2PAntsP2P
ADC Plugin2.1.701
—Internet Privacy4.0.05054AnyConnect(Android)
AnyConnect
4.0.05055AnyConnect(iOS)
4.1.06020AnyConnect(Windows)
1.9—E-store2.9.2App store (iOS)Apple-store
Pre StarOS 12.0—Peer to Peer FileSharing
0.31.149.110AppleJuiceAppleJuice
1.6—Untagged7Apple Maps(iOS)
Apple Maps
—Web
1.10UnclassifiedUntagged—Apple PushNotification(iOS)
Apple Push
ADC Administration Guide, StarOS Release 21.1041
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
2.1.8AresAres
—KCEasy
Pre StarOS 12.0—Gaming——Armagettron
1.1—Streaming——AVI
1.6—Social Network- Generic
4.1.10Badoo (Android)Badoo
2.23.1Badoo(BlackBerry)
3.19.0Badoo (iOS)
ADC Plugin2.21.912
Streaming-video
Unclassified
Streaming1.11.22Baeble Music(Android)
Baeble Music
7.8.0Baeble Music(iOS)
—Baeble Music(Window)
1.5—Streaming4.5.3Baidumovie(Android)
Baidumovie
2.4.5Baidumovie(iOS)
3.2Baidumovie(Windows)
—Web
Pre StarOS 12.0—Gaming——Battlefield
1.7Unclassified
Audio
Communicator1.0.3.87BBM (Android)BBM
1.0.5.134BBM (iOS)
ADC Plugin2.11.833
—Internet Privacy3.8.5Betternet VPN(Android)
Betternet VPN
3.3.18Betternet VPN(iOS)
—Betternet VPN(Windows)
ADC Administration Guide, StarOS Release 21.1042
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.5—Cloud2.0Bitcasa(Android)
Bitcasa
2.0.1Bitcasa (iOS)
1.1.2.11Bitcasa(Windows)
—Web
ADC Plugin2.19.895
—Streaming1.1.0.2Beatport(Android)
Beatport
2.4.0Beatport (iOS)
—Beatport(Windows)
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming3.0.9BFM TV(Android)
BFM TV
5.0.7BFM TV (iOS)
—BFMTV(Windows)
ADC Administration Guide, StarOS Release 21.1043
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
3.1_02ABCBittorrent
—Acquisition
—Anatomic P2P
—Arctic Torrent
5.0Azureus / Vuze(Windows)
1.2.0.2Azureus / Vuze(MAC)
1.36BitComet
—BitFlu
2.2BitLord
—BitPump
0.3.3BitRocket
—Bits on Wheels
3.6BitSpirit
0.3.1.8BitTornado
7.4.1BitTorrent(MAC)
7.9.2.32895BitTorrent
—BitTyrant
—BlizzardDownloader
—Blog Torrent -BTG
—BtManager
—BTSharp
—burst!
—CTorrent
—Deluge
ADC Administration Guide, StarOS Release 21.1044
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
FlashGet 3.7.0.1203
—Freeloader
5..6.9FrostWire
—G3 Torrent
—GnomeBitTorrent
—Halite
4.1.3KTorrent
5.4.6LimeWire
—Localhost
—MLDonkey
—MonoTorrent
—MooPolice
4.8.0.0MovieTorrent
0.6OneSwarm
—Opera
—QBittorrent
—QTorrent
—rTorrent
—Rufus
—Shareaza
—Sharktorrent
—SymTorrent
—Tomato Torrent
—Torrent Swapper
—TorrentFlux
—TorrentSpy
—TorrentVolve
ADC Administration Guide, StarOS Release 21.1045
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Transmission 1.8
2.82Transmission(Mac)
—Tribbler
—Turbo Torrent
0.9.1.2utorrent (MAC)
3.2.0Warez
—WizBit
—WMTorrent(WindowsMobile)
2.1Xtorrent (Mac)
—ZipTorrent
3.4.2.32891μTorrent
1.5.2μTorrent (Mac)
1.8—Cloud1.2.14Bittorrent-sync(Android)
Bittorrent-sync
1.2.47Bittorrent-sync(iOS)
—Bittorrent-sync(Web)
1.3.14Bittorrent-sync(WindowsPhone)
12.0Audio
Unclassified
Business——Blackberry
1.9—E-store5.0.0.131BlackberryWorld (BB)
Blackberry-store
1.4Audio
Unclassified
Communicator1.0.11Blackdialer(Windows)
Blackdialer
ADC Administration Guide, StarOS Release 21.1046
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.2.719
Streaming-audio
Unclassified
Streaming5.1.15.22BlackPlanetRadio (Android)
BlackPlanetRadio
5.1.21BlackPlanetRadio (iOS)
—BlackPlanetRadio(Windows)
1.7—Cloud2.3.0Box (Android)Box
2.8.7Box (iOS)
1Box (BB)
1.6.4.1921Box (WindowsPhone)
—Box (Web)
ADC Plugin2.22.939
Streaming-video
Unclassified
Streaming7.0825Btn (Android)Btn
6.8Btn (iOS)
—Btn (Windows)
StarOS 14.0—Gaming4.1.1Call Of Duty(Android)
Call Of Duty
4.1.1Call Of Duty(iOS)
ADC Plugin2.22.939
Streaming-video
Unclassified
Streaming9.6.3.2Cbs Sports(Android)
Cbs Sports
10.6.1Cbs Sports (iOS)
—Cbs Sports(Window)
1.7UnclassifiedE-mail1.4.4Chikka mail(Android)
Chikka
2.4Chikka mail(iOS)
—Chikka mail(Web)
ADC Administration Guide, StarOS Release 21.1047
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.8Audio
Video
Unclassified
Business11.8.2.251552Cisco Jabber(Android)
Cisco Jabber
ADCdetectionsupport is onlyprovided forCisco JabberVideo forTelepresence.Cisco JabberCommunicatoror Webexmeetings willbe detected asWebex byADC.
Important
11.8.1Cisco Jabber(iOS)
4.6.3Cisco Jabber(Windows)
Pre StarOS 12.0—Business——Citrix
ADC Plugin2.28.990
UnclassifiedGaming2.4.3Clash Royale(Android)
Clash Royale
2.4.2Clash Royale(iOS)
—Clash Royale(Windows)
1.5—File Sharing2.2.4.8Clubbox(Windows)
Clubbox
—Web
Pre StarOS 12.0—Gaming——ClubPenguin
StarOS 14.0—Internet Privacy3.0.2.0ComodoComodoEasyVPN
ADC Plugin1.145.545
Streaming-video
Unclassified
Streaming4.4.5.0Crackle(Android)
Crackle
4.4.1Crackle (iOS)
Pre StarOS 12.0—Gaming——CrossFire
ADC Administration Guide, StarOS Release 21.1048
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.5.771
Streaming-video
Unclassified
Streaming2.0.11Crunchyroll(Android)
Crunchyroll
3.00.4Crunchyroll(iOS)
—Crunchyroll(Windows)
ADC Plugin1.157.618
Streaming-video
Unclassified
Streaming2.2.4Curiosity Stream(Android)
Curiosity Stream
2.1.4Curiosity Stream(iOS)
1.4—Internet Privacy6.0.65CyberGhost(Android)
CyberGhostVPN
6.7.0CyberGhost(iOS)
5.0.14.12CyberGhost(MAC)
6.0.5.2405CyberGhost(Windows)
ADC Plugin2.4.739
Streaming-video
Unclassified
Streaming9498Dailymotion(Android)
Dailymotion
5.6.10Dailymotion(iOS)
—Dailymotion(Windows)
1.2.1DailymotionGames(Android)
1.2DailymotionGames (iOS)
—DailymotionGames(Windows)
ADC Administration Guide, StarOS Release 21.1049
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.5.771
Streaming-audio
Unclassified
Streaming5.4.2.129Deezer(Android)
Deezer
6.16.0Deezer (iOS)
—Deezer(Windows)
1.10Audio
Unclassified
Communicator1.4.3DiDi (Android)DiDi
1.4.4DiDi (iOS)
Pre StarOS 12.0—File Sharing—turbobit.netDirectDownload Link(DDL) —filesonic.in
—4shared.com
2.0.7DDLink (iOS)
ADC Administration Guide, StarOS Release 21.1050
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
2.22AirDCDirectConnect
1.5.1ApexDc++
0.782BCDC++
—CZDC
—DC#
0.2.19dc_gui/HUB
0.843DC++
—dctc
—Dolda Connect
—Elise
—fulDC
—GtkDC
2.03iDC
—ldcc
—LinuxDC++
—microdc
—microdc2
—oDC
0.674pRevconnect
—SababaDC
—ShakesPeer
—StrongDC++
—Valknut
0.668zZDc++
ADC Plugin2.0.683
Streaming-video
Unclassified
Streaming4.6.008DirecTV(Android)
DirecTV
4.6.009DirecTV (iOS)
ADC Administration Guide, StarOS Release 21.1051
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.1.701
—Communicator3.0.2Discord(Android)
Discord
1.7.3Discord (iOS)
—Discord(Windows)
ADC Plugin1.150.572
—Streaming4.4.73Dish Anywhere(Android)
Dish Anywhere
6.5.24Dish Anywhere(iOS)
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming1.8.2Disney MoviesAnywhere(Android)
Disney MoviesAnywhere
1.7.7Disney MoviesAnywhere (iOS)
—Disney MoviesAnywhere(Windows)
Pre StarOS 12.0—Gaming——Dofus
ADC Plugin2.19.895
UnclassifiedStreaming—DPAN TV(Android)
DPAN TV
—DPANTV (iOS)
—DPAN TV(Browser only)
ADC Plugin2.9.813
Streaming-video
Unclassified
Streaming3.5.1DramaFever(iOS)
DramaFever
—DramaFever(Windows)
1.1.46DramaFever(Android)
ADC Administration Guide, StarOS Release 21.1052
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.5—Cloud2.5.0.4Dropbox(Android)
Dropbox
2.6.2Dropbox (MAC)
3.8.1Dropbox (iOS)
2.8.3Dropbox(Windows)
StarOS 14.0—Untagged2.21.2eBuddy(Android)
eBuddy
2.3eBuddy (iOS)
—eBuddy (Web)
3.5.1.0eBuddy(WindowsPhone)
Pre StarOS 12.0—Peer to Peer FileSharing
2.2.5aMuleeDonkey
—amule (MAC)
—eDonkey2000
0.50.97eMule and itsMods
—eMule Plus
—Hydranode
1.2.5iMule
—Jubster
—Lphant
2.9.6MLDonkey
3.0.0MLDonkey(MAC)
—Morpheus
—obfuscatedeMule ext.
2.5.5.0Shareaza
—xMule
ADC Administration Guide, StarOS Release 21.1053
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.26.968
Streaming-video
Unclassified
Streaming1.335.20180418Epix (Android)Epix
3.7.2Epix (iOS)
—Epix (Web)
ADC Plugin2.23.953
Streaming-audio
Streaming-video
Unclassified
Streaming3.7.8Eros Now(Android)
Eros Now
3.8Eros Now (iOS)
—Eros Now(Windows)
ADC Plugin2.4.739
Streaming-audio
Streaming-video
Unclassified
Streaming1.0.1ESNE (Android)ESNE
1.3ESNE (iOS)
—ESNE(Windows)
ADC Plugin1.145.545
Streaming-video
Unclassified
Streaming4.7ESPN (Android)ESPN
1.6.1ESPN (iOS)
ADC Plugin2.5.771
Streaming-audio
Unclassified
Streaming5.6.1ESPN Radio(Android)
ESPN Radio
5.6.2ESPN Radio(iOS)
—ESPN Radio(Windows)
ADC Plugin2.11.833
—Internet Privacy6.4.1ExpressVPN(Android)
ExpressVPN
6.5.5ExpressVPN(iOS)
—ExpressVPN(Windows)
ADC Administration Guide, StarOS Release 21.1054
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
Streaming-video
Unclassified
Social Network- Generic
151.0.0.44.205Facebook(Android)
10.2.2.6Facebook(Blackberry)
150.0Facebook (iOS)
—Facebook (Web)
1.6141.0.0.31.76FacebookMessenger(Android)
142.0FacebookMessenger (iOS)
ADC Plugin2.28.990
Streaming-video—FacebookWatch(Android)
—FacebookWatch(iOS)
—FacebookWatch(Web)
Pre StarOS 12.0Audio
Video
Unclassified
Communicator9.0.2FaceTime (iOS)FaceTime
3FaceTime(MAC)
ADC Plugin2.4.739
Streaming-video
Unclassified
Streaming2.8.2FandangoNow(Android)
FandangoNow
2.2.1FandangoNow(iOS)
—FandangoNow(Windows)
ADC Plugin1.152.582
Streaming-video
Unclassified
Streaming1.5.1Fandor(Android)
Fandor
2.7.04Fandor (iOS)
ADC Administration Guide, StarOS Release 21.1055
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
—ApollonFastTrack
—Grokster
3.2.7Kazaa
—Kazaa Lite
—KCeasy
v2.7k-lite
—MLDonkey
Pre StarOS 12.0—Streaming——Feidian
StarOS 14.0—Communicator——Ficall
Pre StarOS 12.0—Gaming——Fiesta
Pre StarOS 12.0—Peer to Peer FileSharing
3.04.100FiletopiaFiletopia
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming2.4.3FilmOn TV(Android)
FilmOn TV
2.0.39FilmOn TV(iOS)
—FilmOn TV(Windows)
ADC Plugin2.28.990
—OVGuide(Android)
—OVGuide (iOS)
—OVGuide (Web)
ADC Plugin2.23.953
Streaming-audio
Unclassified
Streaming2017.12.11.1830Fit Radio(Android)
Fit Radio
2017.12.11.1830Fit Radio (iOS)
—Fit Radio(Window)
Pre StarOS 12.0Streaming-video
Unclassified
Standard——Flash
ADC Administration Guide, StarOS Release 21.1056
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.5—File Sharing4.0.7Flickr (Android)Flickr
4.0.7Flickr (iOS)
2.1.0.0Flickr (WindowsMobile)
—Web
ADC Plugin2.23.953
Streaming-video
Unclassified
Streaming11.0.2Flixsea(Android)
Flixsea
9.0.1Flixsea (iOS)
—Flixsea(Windows)
Pre StarOS 12.0—Gaming——Florensia
1.6—Social Network- Generic
013.10.29Foursquare(Android)
Foursquare
6.4.1Foursquare(iOS)
3.1.3Foursquare(Windows)
—Web
ADC Plugin2.0.683
Streaming-video
Unclassified
Streaming3.0Fox Business(Android)
Fox Business
3.0Fox Business(iOS)
ADC Plugin2.0.683
Streaming-video
Unclassified
Streaming2.1.8Fox News(Android)
Fox News
2.2.6Fox News (iOS)
—Fox News(Windows)
ADC Plugin2.11.833
2.6.5Fox News LiveTV (Android)
2.6.6Fox News LiveTV (iOS)
—Fox News LiveTV (Windows)
ADC Administration Guide, StarOS Release 21.1057
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.2.719
Streaming-video
Unclassified
Streaming2.10.1FoxNow(Android)
FoxNow
2.16.3FoxNow (iOS)
—FoxNow(Windows)
ADC Plugin1.150.572
Streaming-video
Unclassified
Streaming3.5.10FOX Sports(Android)
FOX Sports
3.5.11FOX Sports(iOS)
ADC Plugin2.22.939
Streaming-audio
Unclassified
Streaming3.6.0Fox Sports Go(Android)
Fox Sports Go
3.6.1Fox Sports Go(iOS)
—Fox Sports Go(Windows)
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming7.0.0France TV(Android)
France TV
6.0.2France TV (iOS)
—France TV(Windows)
Pre StarOS 12.0—Peer to PeerAnonymous FileSharing
0.7.5FreenetFreenet
1.10UnclassifiedSocial-nw-gaming—Friendster(Windows)
Friendster
Pre StarOS 12.0—Communicator4.5.1Fring (Android)Fring
6.5Fring (iOS)
3.36Fring (Symbian)
1.1.0.4Fring(Windows)
ADC Plugin1.157.618
Streaming-video
Unclassified
Streaming2.2.0Fubo TV(Android)
Fubo TV
2.0.7.1506Fubo TV (iOS)
ADC Administration Guide, StarOS Release 21.1058
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Streaming1.7.2.2Funshion(Android)
Funshion
1.2.9.2Funshion (iOS)
2.8.6Funshion(Windows)
—Web
ADC Plugin2.2.719
Streaming-video
Unclassified
Streaming1.9FxNow(Android)
FxNow
1.9FxNow (iOS)
—FxNow(Windows)
ADC Plugin2.21.912
Streaming-audio
Unclassified
Streaming7.8.3.1Gaana (Android)Gaana
5.0.7Gaana (iOS)
—Gaana(Windows)
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator3.9.2GaduGadu(Android)
Gadu-Gadu
3.11.1GaduGadu (iOS)
11.2.35.10307GaduGadu(Windows)
0.9.38Miranda
Pre StarOS 12.0—Social NetworkGaming
—iPhone4GameKit
ADC Administration Guide, StarOS Release 21.1059
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
—AcqliteGnutella
—Acquisition
—Apollon
8.1BearShare
5.2.5BearShareLite
—Cabos
—CocoGnut
—DM2
1.9.10Foxy
5.3.2FrostWire
—gift
—Gluz
2.0.2.0Gnucleus
—Gtk-gnutella
—KCeasy
—Kiwi Alpha
5.4.6LimeWire
—MLDonkey
7.0.xMorpheus
—Mutella
3.4.2.116Phex
—Poisoned
—Qtella
2.5.5.0Shareaza
—Swapper.NET
—Symella
—Turbo
ADC Administration Guide, StarOS Release 21.1060
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
XFactor —
—XNap
—XoloX
ADC Plugin1.144.540
—Streaming2.11.0.99297Go90 (Android)Go90
2.11.1Go90 (iOS)
StarOS 14.0—Communicator3.0.0.9GooberGoober
2.0Goober (iOS)
1.4—Standard2.1.495Google Drive(Android)
3.5.0Google Drive(iOS)
1.10.4769.0632Google Drive(Windows)
2.8Google Latitude(Android)
2.2.1Google Latitude(iOS)
9.4.0Google Maps(Android)
Trafficoriginatingfrom theAndroidversion ofGoogleMaps willbedetectedasGoogle.
Important
4.4.0Google Maps(iOS)
4.1.0google search(iOS)
—Web
ADC Administration Guide, StarOS Release 21.1061
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.23.953
UnclassifiedStreaming9.77.2Google Maps(Android)
Google Maps
—Google Maps(iOS)
—Google Maps(Windows)
1.10UnclassifiedStreaming6.9.2920Google Music(Android)
Google Music
3.10.1005Google Music(iOS)
—Google Music(Web)
1.10UnclassifiedUntagged—Google PushNotification(Android)
Google Push
Pre StarOS 12.0—Email4.9Gmail (Android)
Trafficoriginatingfrom thisAndroidversion ofGmailwill bedetectedasGoogle.
Important
Gmail
2.71828Gmail (iOS)
—Gmail (Web)
1.1—E-store5.9.12Google Play(Android)
Google Play
1.4—Social Network- Generic
5.3.0.91Googleplus(Android)
Google+
TrafficoriginatingfromGoogle+will bedetectedasGoogle.
Important
4.8.3Googleplus(iOS)
ADC Administration Guide, StarOS Release 21.1062
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator2.5.83Hangouts(Android)
Google Talk/Hangouts
2.5.13Hangouts (iOS)
—Web
StarOS 14.0—Business5.0.799.1288Gotomeeting(Android)
Gotomeeting
6.3.0.557Gotomeeting(iOS)
5.3.970Gotomeeting(Windows)
Pre StarOS 12.0—Gaming——GuildWars
Pre StarOS 12.0—Gaming——Half-Life 2 andMods
Pre StarOS 12.0—Internet Privacy2.2.0.227Hamachi(Windows)
HamachiVPN
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming1.1.4Hayu (Android)Hayu
1.25Hayu (iOS)
—Hayu(Windows)
1.12UnclassifiedStreaming4.3.2.11hbogo (Android)HBO Go
2.5.0hbogo (iOS)
—hbogo(Windows)
ADC Plugin1.145.545
Streaming-video
Unclassified
Streaming1.3.0HBONOW(Android)
HBO NOW
1.4.0.2984HBONOW(iOS)
ADC Plugin2.22.939
Streaming-video
Unclassified
Streaming2.2.0HBO Nordic(Android)
HBO Nordic
4.1.1HBO Nordic(iOS)
—HBO Nordic(Windows)
ADC Administration Guide, StarOS Release 21.1063
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.11.833
—Internet Privacy1.8.6HexaTech VPN(Android)
HexaTech VPN
1.6.4HexaTech VPN(iOS)
—HexaTech VPN(Windows)
1.5—Communicator3.1.0.384Heytell(Android)
Heytell
3.1.2Heytell (iOS)
ADC Plugin1.149.565
Streaming-video
Unclassified
Streaming—HGTV Folio(Android)
HGTV
1.5.1HGTV Folio(iOS)
4.2.0HGTV Watch(Android)
6.4HGTV Watch(iOS)
1.10UnclassifiedCommunicator3.1.0.0Hike-messenger(Android)
Hike-messenger
2.5.3Hike-messenger(iOS)
2.6.2.0Hike-messenger(WindowsPhone)
2.6.2Hike-messenger(Blackberry)
1.8—Streaming2.8.7HLS Player(Web)
Hls
1.5—Internet Privacy1.6HotspotVPN(Android)
HotspotVPN
2.1.3HotspotVPN(iOS)
3.20HotspotVPN(Windows)
ADC Administration Guide, StarOS Release 21.1064
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.9—Streaming3.5.1Huluplus (iOS)Hulu
—hulu.com (Web)
1.2.0.0Huluplus(WindowsPhone)
1.4—Social Network- Generic
2.1.6Hyves (Android)Hyves
5.0.0Hyves (iOS)
2.4.6154Hyves(Windows)
—Web
Pre StarOS 12.0—Standard—DiaxIAX
—Firefly
—IAXComm
—IAXPhone
—Idefisk
—Kiax
—LoudHush
—PURtel
—YakaPhone
—ZiaxPhone
1.2Audio
Video
Unclassified
Communicator0.9.34iCall (Android)iCall
2.1.4iCall (iOS)
7.1.524iCall (Mac)
7.1.524iCall (Windows)
—Web
Pre StarOS 12.0—Streaming——Icecast
1.1—Cloud——iCloud
ADC Administration Guide, StarOS Release 21.1065
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.10UnclassifiedCloud3.4.5iDrive (Android)iDrive
2.4.9iDrive (iOS)
2.2.0.0iDrive(WindowsPhone)
2.6.26.1.0.13iDrive(Windows)
1.9—Maps2.5Igo Primo (iOS)Igo
1.12Ads
Unclassified
Streaming8.4.0iheartradio(Android)
iHeartRadio
1.1.2.92iheartradio(Blackberry)
8.5.0iheartradio (iOS)
—iheartradio(Windows)
1.1.820iheartradio(WindowsPhone)
Pre StarOS 12.0—Peer to Peer FileSharing
—BearFlixiMesh
8.1BearShare
11iMesh
1.4—Communicator6.1.3iMessage (iOS)iMessage
The IM(text)trafficwill bedetectedas ApplePush andnot asiMessage.
Important 8iMessage(MAC)
1.7—Social Network- Generic
1.3.0Imgur (Android)Imgur
1.2.3Imgur (iOS)
—AENetworks
Imgur (Web)
ADC Administration Guide, StarOS Release 21.1066
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
StarOS 14.0—Communicator6.6.1Implus(Android)
IM+
6.5Implus (iOS)
StarOS 12.2—Communicator9.8.000000008432IMO (Android)IMO
7.1.16IMO (iOS)
—IMO (Web)
1.2—Social Network- Generic
13.0.0.7.91Instagram(Android)
13.0Instagram (iOS)
ADC Plugin2.28.990
—IGTV (Android)
—IGTV (iOS)
—IGTV (Web)
—Web
• https://stickygram.com/
• http://www.instagrab.com/
• http://web.stagram.com/
• http://ink361.com/
• http://statigr.am/
• http://webbygram.com/
• http://hashgr.am/
• http://instarchive.recollect.com/
• http://copygr.am/
• http://www.gramfeed.com/
• http://quickagram.com/
• http://extragr.am/
ADC Administration Guide, StarOS Release 21.1067
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
StarOS 14.0—Streaming2.0.2.8iPlayer(Android)
iPlayer
1.0.2iPlayer (Mac)
3.2.15iPlayer(Windows)
—Web
Pre StarOS 12.0—Streaming——IPTV
Pre StarOS 12.0File Transfer
Unclassified
Communicator0.9.88.2ChatZillaIRC
1.9.8ClickNWhistles
2.2.0.1dIRC
0.3KoroIRC
4.0.4kvIRC
0.9.38Miranda
7.25mIRC
6.7.12NetTalk
1.7.0PhibianIRC
2.10.4pidgin
0.5bpIRC
7TurboIRC
2.8.9Xchat
Pre StarOS 12.0—Internet Privacy——ISAKMP
Pre StarOS 12.0—Communicator1.1.6.0ISKOOT -Skype
ISKOOT
12.0—E-store1.1.2Apple Music(Android)
iTunes
9.3.1Apple Music(iOS)
ADC Administration Guide, StarOS Release 21.1068
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator0.9.10ExodusJabber
—Gaim
1.0.0.104Google Talk
5.0.1iChat (MAC)
—Kopete
0.9.1.38Miranda
2.6.106Pandion
—Trillian / TrillianPro
1.6—AnonymousAccess
00.19.001Jap (Windows)Jap
1.2Audio
Unclassified
Communicator3.71Jumblo(Android)
Jumblo
1.0Jumblo (iOS)
4.12Jumblo(Windows)
StarOS 14.0Audio
Unclassified
Communicator4.8.4Kakaotalk(Android)
Kakaotalk
4.6.9Kakaotalk (iOS)
ADC Plugin1.157.618
Streaming-video
Unclassified
Streaming3.5.2 and 3.5.4Kidoodle(Android)
Kidoodle
3.3.2Kidoodle (iOS)
48.0.2564.116Kidoodle(Windows)
1.10UnclassifiedCommunicator7.2.2.99Kik Messenger(Android)
Kik Messenger
7.2.1Kik Messenger(iOS)
2.1.0.0Kik Messenger(WindowsPhone)
ADC Administration Guide, StarOS Release 21.1069
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.26.968
Streaming-video
Unclassified
Streaming4.7.2Kiswe (Android)Kiswe
4.7.2Kiswe (Android)
—Kiswe (Web)
ADC Plugin2.2.719
—Streaming2.4.8KlowdTV(Android)
KlowdTV
2.4.8KlowdTV (iOS)
—KlowdTV(Windows)
Pre StarOS 12.0—Business——Kontiki
1.2—Streaming7.4Kugou(Android)
Kugou
5.1.1Kugou(Windows)
—Web
1.5—Streaming3.9.1Kuro (Android)Kuro
4.0.1Kuro (iOS)
4.0Kuro (iPad)
1.1.0.0Kuro (WindowsMobile)
ADC Plugin2.26.968
Streaming-video
Unclassified
Streaming3.6.0LigonierMinistries(Android)
LigonierMinistries(Underthe keywordsubsplash)
4.9.0LigonierMinistries (iOS)
—LigonierMinistries (Web)
ADC Administration Guide, StarOS Release 21.1070
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.4—Social Network- Generic
3.4.6LinkedIn(Android)
10.1.5LinkedIn(BlackBerry)
8.6LinkedIn (iOS)
1.1LinkedIn(WindowsMobile)
—Web
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming4.1.7Livestream(Android)
Livestream
4.1.5Livestream(iOS)
—Livestream(Windows)
1.8Audio
File transfer
Video
Unclassified
Communicator2013Lync (Windows)Lync
1.2Audio
Unclassified
Communicator2.6.661.3MagicJack(Android)
MagicJack
2.1.6213MagicJack (iOS)
Pre StarOS 12.0—Peer to Peer FileSharing
—BlubsterManolito
3.1.1Manolito
—Piolet
1.9—Maps1.1.5GPS Navigation(Android)
Mapfactor
12.3.0Navigator Free(Android)
1.2—Email——MAPI
Pre StarOS 12.0—Gaming——MapleStory
ADC Administration Guide, StarOS Release 21.1071
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
StarOS 12.2—Untagged2.2Meebo(Android)
Meebo
1.98.14Meebo (iOS)
—Meebo (Web)
ADC Plugin2.22.939
Streaming-video
Unclassified
Streaming3.25.3Meetic(Android)
Meetic
4.9.1Meetic (iOS)
—Meetic(Windows)
Pre StarOS 12.0—Standard——MGCP
ADC Plugin2.4.739
—Cloud1.0.1MSOffice365(Android)
Microsoft Office365 HomeVersion
1.29MSOffice365(iOS)
2016MSOffice365(WindowsPhone)
50.1.0MSOffice365(FirefoxBrowser)
StarOS 14.0—Communicator3.15.255Mig33(Android)
Mig33
46Mig33(Symbian)
5.0.17Mig33(Windows)
—Web
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming5.2.3MiKandi(Android)
MiKandi
—MiKandi (iOS)
—MiKandi(Windows)
ADC Administration Guide, StarOS Release 21.1072
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin1.148.562
Streaming-video
Unclassified
Streaming6.0.1MLB (Android)MLB
10.0.1MLB (iOS)
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming17.07.02Mobcrush(Android)
Mobcrush
17.7.2Mobcrush (iOS)
—Mobcrush(Windows)
StarOS 14.0—Peer to Peer FileSharing
—MojoMojo
1.6—Streaming1.17Monkey3(Android)
Monkey3
3_2.2.4Monkey3 (iOS)
5.1.14Monkey3(Windows)
1.9—Cloud1.6.2Mozy (Android)Mozy
1.6.1Mozy (iOS)
—Mozy (Web)
ADC Administration Guide, StarOS Release 21.1073
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator—GaimMSN
—Kopete
0.9.1.38Miranda
1.4.0MSN (Android)
10.1.1.16MSN(Blackberry)
1.2.3MSN (iOS)
4.0.1MSN (MAC)
7.0.2MSN (MAC)
—MSN (WindowsMobile)
16.4.3503MSN(Windows)
—Trillian / TrillianPro
StarOS 14.0—Standard——MSRP
Pre StarOS 12.0—Peer to PeerAnonymous FileSharing
——Mute
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming3.2.0.1myCANAL(Android)
myCANAL
2.2.6myCANAL(iOS)
—myCANAL(Windows)
StarOS 12.2Audio
Unclassified
Communicator3.6.1Mypeople(Android)
MyPeople
4.4.0Mypeople (iOS)
1.5.72Mypeople(Windows)
ADC Administration Guide, StarOS Release 21.1074
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
12.0—Social Network- Generic
—MyspaceMySpace
1.8.3Myspace(Android)
3.5Myspace (iOS)
—Web
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming6.8.5MYTF1(Android)
MYTF1
7.4.2MYTF1 (iOS)
—MYTF1(Windows)
1.11Streaming-audioStreaming5.7.3Napster(Android)
Napster(formerly knownas Rhapsody)
7.3.0Napster (iOS)
4.0Napster(Windows)
StarOS 14.0—Communicator1.2.8Nateontalk(Android)
NateOn Talk
3.7Nateontalk(Windows)
ADC Plugin2.2.719
Streaming-video
Unclassified
Streaming1.1.0Nat Geo TV(Android)
Nat Geo TV
1.1.1Nat Geo TV(iOS)
—Nat Geo TV(Windows)
StarOS 14.0—Communicator5.2.0Line (Android)Naver Line
1.1.12Line(Blackberry)
5.1.2Line (iOS)
3.1.9.34Line (Windows)
ADC Administration Guide, StarOS Release 21.1075
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.9—Maps5.2.0Navigon(Android)
Navigon
2.7.1Navigon (iOS)
ADC Plugin1.149.565
Streaming-video
Unclassified
Streaming5.0NBC Sports(Android)
NBC Sports
5.0.2NBC Sports(iOS)
ADC Plugin2.0.683
Streaming-video
Unclassified
Streaming3.1.2.278NBC TV(Android)
NBC TV
3.1.3.530NBC TV (iOS)
StarOS 14.0Ads
Streaming-video
Unclassified
Streaming5.7.0Netflix(Android)
Netflix
9.41.0Netflix (iOS)
—Web
ADC Plugin2.5.771
1.0.0Netflix VR(Android)
—Netflix VR(iOS)
—Netflix VR(Windows)
StarOS 12.2—Internet Privacy——Netmotion
ADC Plugin1.152.582
Streaming-video
Unclassified
Streaming3.3.1Newsy(Android)
Newsy
3.0.1Newsy (iOS)
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming2.0.1Nick (Android)Nick
—Nick (iOS)
—Nick (Windows)
StarOS 12.2—Communicator2.6.4Nimbuzz(Android)
Nimbuzz
2.3.0Nimbuzz (iOS)
2.3.1Nimbuzz(Windows)
ADC Administration Guide, StarOS Release 21.1076
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming1.2.1Noggin(Android)
Noggin
3.0Noggin (iOS)
—Noggin(Windows)
1.9—E-store3.34.1.18Nokia Ovi Store(Symbian)
Nokia-store
ADC Plugin2.21.912
Streaming-video
Unclassified
Streaming1.7.2NRK TV(Android)
NRK TV
4.9.8NRK TV (iOS)
—NRK TV(Windows)
Pre StarOS 12.0—Streaming——Octoshape
ADC Plugin2.28.990
Streaming-video
Unclassified
Streaming1.8.26On DemandKorea (ODK)Media (Android)
On DemandKorea (ODK)Media
1.4.0.950On DemandKorea (ODK)Media (iOS)
—On DemandKorea (ODK)Media(Windows)
ADC Administration Guide, StarOS Release 21.1077
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin1.155.604
Streaming-audio
Streaming-video
Unclassified
Streaming16.12.22
This versionmight changewith everydevice.
Odnoklassniki(Android)
Odnoklassniki
6.9.1Odnoklassniki(iOS)
ADC Plugin2.5.771
1.1.4OK Live(Android)
17.3.16OK Ru(Android)
1.1.11OK Messages(Android)
1.2.1OK Live (iOS)
6.13OK Ru (iOS)
1.2.3OK Messages(iOS)
Pre StarOS 12.0—Peer to Peer FileSharing
——OFF
StarOS 12.2—Streaming—OGG (Clientplayer)
OGG
—OGG (Webplayer)
1.7—Communicator1.105Oist (Android)Oist
1Oist (iOS)
Pre StarOS 12.0—Social Network- VideoConference
2.0.7ooVoo(Android)
ooVoo
2.0.5ooVoo (iOS)
3.5.9.41ooVoo(Windows)
ADC Administration Guide, StarOS Release 21.1078
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.9—Cloud2.0.1Opendrive(Android)
Opendrive
2.3.1Opendrive (iOS)
1.0.25Opendrive(MAC)
—Opendrive(Web)
1.5.6.4Opendrive(Windows)
Pre StarOS 12.0—Business——OpenFT
StarOS 12.2—Internet Privacy2.1. 0-3 v1OpenVPNOpenVPN
StarOS 14.0—Browser7.5.2Operamini(Android)
Operamini
6.5Operamini(Blackberry)
7.0.4Operamini (iOS)
6.5Operamini(Symbian)
12.0—Streaming5.3.49Orb (Android)ORB
3.11.5Orb (iOS)
5.1.117Orb (Windows)
ADC Administration Guide, StarOS Release 21.1079
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator2.3.4.1AIM (Android)Oscar
5.0.4AIM (iOS)
1.5AIM (MAC)
8.0.6019AIM (Windows)
—Gaim
—iChat (MAC)
4.5.1ICQ (Android)
4.1.3ICQ (iOS)
8.2.6870ICQ (Windows)
—Kopete
0.9.38Miranda
—Trillian / TrillianPro
1.6—E-mail2.1.58Outlook(Android)
Outlook
2.4.5Outlook (iOS)
1.2Outlook(WindowsPhone)
12.0Audio
File Transfer
Video
Unclassified
Communicator4.9Paltalk(Android)
Paltalk
4.1.4416Paltalk (iOS)
10.3PaltalK(Windows)
0.2betaPaltalk/SuperIM
StarOS 12.2—Peer to Peer FileSharing
2.5.11PandoPando
ADC Administration Guide, StarOS Release 21.1080
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Ads
Unclassified
Streaming7.9Pandora(Android)
Pandora
7.9Pandora (iOS)
—Pandora(Windows)
1.2.0.0Pandora(WindowsPhone)
1.8—Social Network- Generic
3.4.2Path (Android)Path
3.4.2Path (iOS)
ADC Plugin2.14.860
Streaming-video
Unclassified
Streaming2.0.4PBS (Android)PBS
3.2.4PBS (iOS)
—PBS (Windows)
2.1.1PBS Kids(Android)
3.0.4PBS Kids (iOS)
—PBS Kids(Windows)
StarOS 14.0—Remote Control12.1.0.446pcanyware(Windows)
pcAnywhere
ADC Plugin1.146.551
—Streaming1.3Periscope (iOS)Periscope
1.2—Social Network- Generic
2.8.5Pinterest(Android)
4.5.1Pinterest (iOS)
—Web
ADC Plugin2.1.701
Streaming-video
Unclassified
Streaming4.0.5PlayStation(Android)
PlayStation
2.6.1PlayStation(iOS)
—PlayStation(Windows)
ADC Administration Guide, StarOS Release 21.1081
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.2Audio
Unclassified
Communicator1.8.3Plingm(Android)
Plingm
2.7.2Plingm
1.4—Social Network- Generic
2.0Poco (Android)Poco
1.1.0Poco (iOS)
2.0Poco (Windows)
ADC Plugin2.0.683
—Gaming0.31.0Pokemon-Go(Android)
Pokemon-Go
0.29.3Pokemon-Go(iOS)
Pre StarOS 12.0—Communicator1.1.0911PoPoPoPo
Pre StarOS 12.0—Streaming1.3PPLive(Android)
PPLive
1.2PPLive (iOS)
3.2.2.0022PPLive(Windows)
StarOS 12.2—Streaming—WebPPStream
2.2.2PPStream(Android)
2.5.0PPStream (iOS)
3.1.0.1166PPStream(Windows)
Pre StarOS 12.0—Gaming——PS3
ADC Plugin2.21.912
Streaming-audio
Streaming-video
Unclassified
Streaming2.3Qello Concerts(Android)
Qello Concerts
2.6.1Qello Concerts(iOS)
—Qello Concerts(Windows)
ADC Administration Guide, StarOS Release 21.1082
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator2.10.1PidginQQ
2009QQ
3.5.1QQ (Android)
2.2.0QQ (iOS)
1.6QQ (Windows)
—Web
Pre StarOS 12.0—Gaming——QQGame
Pre StarOS 12.0—Streaming—QqliveQQLive
1.1.1Qqlive(Android)
1.9.2Qqlive (iOS)
—Qqlive (Web)
8.42Qqlive(Windows)
Pre StarOS 12.0—Gaming——Quake
ADC Administration Guide, StarOS Release 21.1083
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin1.146.551
—Standard——Quic
ADC Plugin2.9.813
Amazon Video
HBO Now
Netflix
Vevo
ADC Plugin2.11.833
ESPN
HBO Go
FandangoNow
Fox Business
Fox News
FoxNow
FxNow
Hulu
MLB
Nat Geo TV
NBC Sports
NBC TV
Twitch
Univision
StarOS 12.2—Streaming7.7.5QuickTime(Windows)
QuickTime
1.13—Streaming3.12.3Radio Paradise(Android)
Radio Paradise
6.0.9Radio Paradise(iOS)
—Radio Paradise(Web)
Pre StarOS 12.0—Remote Control——RDP
ADC Administration Guide, StarOS Release 21.1084
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
StarOS 12.2—Standard——RDT
Pre StarOS 12.0—Streaming16.0.3.513Real Player(Windows)
Real MediaStream
ADC Plugin2.0.683
Streaming-video
Unclassified
Streaming4.0.0Red Bull TV(Android)
Red Bull TV
4.0.3Red Bull TV(iOS)
ADC Plugin2.11.833
4.1.12Red Bull LiveTV (Android)
4.2.1Red Bull LiveTV (iOS)
—Red Bull LiveTV (Windows)
ADC Plugin2.22.939
Not applicableNot applicable2.22.9Reddit(Android)
4.2.0Reddit (iOS)
—Reddit(Windows)
1.7—Social Network- Generic
1.2Regram (iOS)Regram
Pre StarOS 12.0—Gaming——Rfactor
1.5—P2P File Sharing0.3.60Rodi (Windows)Rodi
1.2Audio
Unclassified
Communicator4.01Rynga (Android)Rynga
1Rynga (iOS)
4.13.735Rynga(Windows)
1.9—E-store14040104.21.007Samsung apps(Android)
Samsung-store
1.0.16Samsung apps(Bada)
12.0—Communicator5.27Scydo (Android)Scydo
2.0.6Scydo (iOS)
ADC Administration Guide, StarOS Release 21.1085
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Social NetworkGaming
——Secondlife
ADC Plugin2.26.968
Streaming-video
Unclassified
Streaming2.0Shalom World(Android)
Shalom World
5.0Shalom World(iOS)
—Shalom World(Web)
Pre StarOS 12.0—Streaming1.4.10Winamp(Android)
Shoutcast
1.4.5Winamp(Windows)
ADC Plugin1.147.554
Streaming-video
Unclassified
Streaming1.1.1Showtime(Android)
Showtime
1.2.1Showtime (iOS)
ADC Plugin1.147.554
Streaming-video
Unclassified
Streaming2.6.2ShowtimeAnytime(Android)
ShowtimeAnytime
2.6.4ShowtimeAnytime (iOS)
1.4—Streaming5.1.20125.0Silverlight(Windows)
Silverlight
Pre StarOS 12.0———EkigaSIP
—Gizmo
—OpenWengo
—SipGate
—Twinkle
—Vonage
—XMeeting
1.4—Internet Privacy6.1.3Siri (iOS)Siri
Pre StarOS 12.0—Remote Control——Skinny
ADC Administration Guide, StarOS Release 21.1086
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.5—Cloud2.6.2Skydrive(Android)
Skydrive
3.0.1Skydrive (iOS)
17.0.4041.0512Skydrive(Windows)
3.6.3.0Skydrive(WindowsPhone)
—Web
Pre StarOS 12.0Audio
Video
Unclassified
Communicator—BeboSkype
—Buffallo
—eBay
—eBay-Cn
—PCHome
8.10.0.4Skype (Android)
6.20.0.104Skype(Windows)
4.9.507.46973Skype(Blackberry)
5.2Skype(linux/ubuntu)
6.11Skype (Mac)
8.10.1Skype (iOS)
2.21.0.161Skype(WindowsMobile)
6.5.0.351Skype Mobile(Android)
ADC Administration Guide, StarOS Release 21.1087
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.12Ads
Unclassified
Streaming6.0.1366slacker-radio(Android)
Slacker Radio
1.0.0.268slacker-radio(Blackberry)
7.5.5slacker-radio(iOS)
—slacker-radio(Windows)
2.0.15.0slacker-radio(WindowsPhone)
Pre StarOS 12.0—Streaming1.5USSlingboxSlingbox
—Sling box350/500
—Slingbox M1
—Slingbox Solo
ADC Plugin1.143.531
—Streaming4.5.2.326SlingTV(Android)
SlingTV
4.1.3SlingTV (iOS)
1.2Audio
Unclassified
3.7.1Smartvoip(Android)
SmartVoip
1.08.239Smartvoip (iOS)
4.12Smartvoip(Windows)
ADC Plugin2.21.912
Streaming-audio
Streaming-video
Unclassified
Streaming5.1.5Smule (Android)Smule
6.2.3Smule (iOS)
—Smule(Windows)
ADC Pulgin2.28.990
—Social Network- Generic
10.38.5.0Snapchat(Android)
Snapchat
10.38.0.25Snapchat (iOS)
ADC Administration Guide, StarOS Release 21.1088
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.4—Internet Privacy4.0Softether/packetix(Windows)
SoftEther
Pre StarOS 12.0—Streaming—WebSopCast
3.8.3SopCast(Windows)
1.1—Streaming——Soribada
Pre StarOS 12.0—Peer to Peer FileSharing
1.2.9NicoTineSoulSeek
—pySoulSeek
v157NS 13cSoulSeek
1.14—Streaming15.04.10SoundCloud(Android)
SoundCloud
3.8.0SoundCloud(iOS)
—SoundCloud(Windows)
ADC Plugin2.9.813
Streaming-video
Unclassified
Streaming2.0.3499Spark (Android)Spark
2.3Spark (iOS)
—Spark(Windows)
1.2—Standard——SPDY
ADC Plugin2.23.953
—Untagged4.1.5Speedtest(Android)
Speedtest
4.0.5Speedtest (iOS)
—Speedtest(Windows)
1.0.0Speedtest(WindowsPhone)
ADC Plugin2.11.833
Streaming-video
Unclassified
Streaming1.0.6Spike (Android)Spike
3.3.0Spike (iOS)
—Spike(Windows)
ADC Administration Guide, StarOS Release 21.1089
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Gaming——SplashFighter
StarOS 12.2—Streaming8.4.18.743Spotify(Android)
Spotify
8.4.18Spotify (iOS)
5.2.2.0Spotify(Windows)
Pre StarOS 12.0—Standard——SSDP
ADC Plugin1.142.526
—Standard——SSL
ADC Plugin1.148.562
Streaming-video
Unclassified
Streaming3.4.1Starz (Android)Starz
3.4.1Starz (iOS)
ADC Plugin2.28.990
—MoviePlex(Android)
—MociePlex (iOS)
—MoviePlex(Web)
Pre StarOS 12.0—Peer to PeerAnonymous FileSharing
——StealthNet
Pre StarOS 12.0—Gaming——Steam
Pre StarOS 12.0—Standard——Stun
1.4—Communicator1.0.6Sudaphone(Android)
Sudaphone
1.2.2Sudaphone(iOS)
1.4—Streaming2.1.0svtplay (iOS)SVT play
ADC Administration Guide, StarOS Release 21.1090
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.10UnclassifiedSocial-nw-generic4.0.7Tagged(Android)
Tagged
7.1.7Tagged (iOS)
1.0.0.0Tagged(WindowsPhone)
—Tagged(Windows)
1.2Audio
Unclassified
Communicator1.1.3Talkatone(Android)
Talkatone
3.0.3Talkatone (iOS)
StarOS 12.2Audio
Video
Unclassified
Communicator3.4.7Tango (Android)Tango
3.3.6Tango (iOS)
8.0.16642Tango(Windows)
Pre StarOS 12.0—Communicator3.0.12TeamSpeak(Windows)
TeamSpeak
12.0—Remote Control9.0.1555TeamViewer(Android)
TeamViewer
7.0.9TeamViewer(iOS)
9.0.31064TeamViewer(Windows)
1.10UnclassifiedE-mail3.0.1Telegram(Android)
Telegram
3.0Telegram (iOS)
ADC Plugin2.4.739
Streaming-video
Unclassified
Streaming5.0907Tennis ChannelEverywhere(Android)
Tennis ChannelEverywhere
4.4Tennis ChannelEverywhere(iOS)
—Tennis ChannelEverywhere(Windows)
ADC Administration Guide, StarOS Release 21.1091
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
7.9Thunder(Windows)
Thunder(Xunlei)
7.9kanka(Windows)
ADC Plugin2.0.683
Streaming-audio
Streaming-video
Unclassified
Streaming1.11.0.668Tidal (Android)Tidal
1.14.0Tidal (iOS)
—Tidal (Windows)
ADC Plugin2.9.813
InstantMessaging
Unclassified
—6.10.0Tinder(Android)
Tinder
7.3.0Tinder (iOS)
—Tinder(Windows)
ADC Plugin1.148.562
Streaming-video
Unclassified
Streaming4.5.0.58TMO-TV(Android)
TMO-TV
7.3.53TMO-TV (iOS)
StarOS 12.2—AnonymousAccess
——Tor
ADC Plugin2.19.895
Streaming-audio
Streaming-video
Unclassified
Streaming9.0Toon Goggles(Android)
Toon Goggles
9.1Toon Goggles(iOS)
—Toon Goggles(Windows)
ADC Plugin1.146.551
Streaming-audio
Unclassified
Streaming3.3.88tracks(Android)
8tracks
3.3.478tracks (iOS)
ADC Administration Guide, StarOS Release 21.1092
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.4—Untagged3.32Truecaller(Android)
Truecaller
2.9Truecaller(Blackberry)
3.3.2Truecaller (iOS)
2.90.0Truecaller(Symbian)
2.90.0Truecaller(WindowsMobile)
Pre StarOS 12.0—Communicator5.4.3Truphone(Android)
Truphone
5.4.3Truphone (iOS)
1.5—Social Network- Generic
3.4.4.0Tumblr(Android)
Tumblr
3.4.3Tumblr (iOS)
1.0.1.7Tumblr(WindowsMobile)
1.0.5Photoset (iOS)
—Web
ADC Plugin2.19.895
Streaming-video
Unclassified
Streaming2.11.4Tubi TV(Android)
Tubi TV
4.0.4Tubi TV (iOS)
—Tubi TV(Windows)
ADC Plugin1.147.554
—Streaming14.4TuneIn Radio(Android)
TuneIn Radio
8.9.2TuneIn Radio(iOS)
ADC Administration Guide, StarOS Release 21.1093
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.11.833
—Internet Privacy1.8.1Turbo VPN(Android)
Turbo VPN
1.8.3Turbo VPN(iOS)
—Turbo VPN(Windows)
StarOS 12.2—Internet Privacy——TunnelVoice
ADC Plugin2.23.953
Streaming-video
Unclassified
Streaming2.2.0Tv2Sumo(Android)
Tv2Sumo
3.0.10Tv2Sumo (iOS)
—Tv2Sumo(Windows)
ADC Plugin2.9.813
Streaming-video
Unclassified
Streaming2.1.1TV Land(Android)
TV Land
2.6.4TV Land (iOS)
—TV Land(Windows)
Pre StarOS 12.0—Streaming1.6.0Ants (Windows)TVAnts
Pre StarOS 12.0—Streaming2.5.3.1TVUPlayer(Windows)
TVUPlayer
1.11—Gaming4.10.2Twitch(Android)
Twitch
3.10.1Twitch (iOS)
—Twitch(Windows)
12.0Streaming-video
Unclassified
Social Network- Generic
7.11.0Twitter(Android)
10.2.1.2Twitter(Blackberry)
7.6Twitter (iOS)
—Twitter (Web)
ADC Administration Guide, StarOS Release 21.1094
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.4.739
—Standard3.134.8Uber (Android)Uber
3.225.3Uber (iOS)
4.0.4.0Uber (Windows)
ADC Plugin2.22.939
Streaming-video
Unclassified
Streaming3.3UFC (Android)UFC
8.0126UFC (iOS)
—UFC (Windows)
StarOS 12.2—File Sharing9.2.4UltraBac(Windows)
UltraBac
1.4—Internet Privacy13.01Ultrasurf(Windows)
UltraSurf
ADC Plugin2.11.833
1.0.6Ultrasurf(Android)
ADC Plugin1.149.565
Streaming-video
Unclassified
Streaming10.2.0UnivisionDeportes(Android)
Univision
5.4UnivisionDeportes (iOS)
7.0309Univision NOW(Android)
2.6Univision NOW(iOS)
1.12Audio
Unclassified
Communicator2.0.1upc-phone(Android)
UPC Phone
1.0.1upc-phone (iOS)
StarOS 12.2—Standard5.78Usenet(Windows)
Usenet
1.4—Streaming3.0.2Ustream(Android)
Ustream
3.2.2Ustream (iOS)
—Web
Pre StarOS 12.0—Streaming5.9.303.3UUSee (iOS)UUSee
Pre StarOS 12.0———VCast
ADC Administration Guide, StarOS Release 21.1095
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.7—Social Network- VideoConference
1.1VChat (MAC)VChat
Pre StarOS 12.0—Streaming——VeohTV
ADC Plugin1.143.531
Streaming-video
Unclassified
Streaming1.0.706Vessel(Android)
Vessel
2.3.0Vessel (iOS)
ADC Plugin1.148.562
Streaming-video
Unclassified
Streaming2.2.17Vevo (Android)Vevo
5.0.4Vevo (iOS)
Pre StarOS 12.0Audio
InstantMessaging
Unclassified
Communicator7.7.0.21Viber (Android)Viber
7.7.1Viber (iOS)
1.6—Social Network- Generic
5.36.0Vine (Android)Vine
5.37.0Vine (iOS)
2.5.6.2Vine (Windows)
1.2Audio
Unclassified
Communicator4.14VoipDiscountVoipDiscount
1.2Audio
Unclassified
Communicator——Vopium
1.5Audio
Unclassified
Video
Communicator1.2.1.001Voxer (Android)Voxer
2.7.0Voxer (iOS)
0.9.2.0Voxer(WindowsMobile)
ADC Plugin2.23.953
Streaming-video
Unclassified
Streaming4.14.4Viki (Android)Viki
5.1.0Viki (iOS)
—Viki (Windows)
ADC Administration Guide, StarOS Release 21.1096
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
ADC Plugin2.11.833
—Internet Privacy6.0.2VPN Master(Android)
VPN Master
2.5.2VPN Master(iOS)
—VPN Master(Windows)
Pre StarOS 12.0—Internet Privacy——VPN-X
1.5—Communicator1.0.1Vtok (Android)Vtok
3.0.1Vtok (iOS)
Pre StarOS 12.0—Internet Privacy——VTun
ADC Plugin1.144.540
—Streaming1.2.1Vudu (Android)Vudu
1.2Vudu (iOS)
Pre StarOS 12.0—Gaming——Warcraft3
1.8—Untagged3.7.8Waze (Android)Waze
3.7.8Waze (iOS)
3.7.4.5Waze (WindowsPhone)
StarOS 14.0—Business9.9.0Webex(Android)
Webex
9.9.0Webex (iOS)
7.2.0Webex(Windows7)
1.1—Communicator6.5.13Wechat(Android)
6.5.17Wechat (iOS)
ADC Administration Guide, StarOS Release 21.1097
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.9—Social Network- Generic
4.3.5Weibo(Android)
1.1.0.6Weibo(Blackberry)
4.3.0Weibo (iOS)
3.0.5.35670Weibo(Windows)
3.3.0Weibo(WindowsPhone)
Pre StarOS 12.0Audio
Video
Unclassified
Communicator2.17.395WhatsApp(Android)
2.10.8002WhatsApp(Blackberry)
2.17.80WhatsApp (iOS)
—WhatsApp(Web)
1.7.0.0WhatsApp(WindowsMobile)
Pre StarOS 12.0—Gaming——WII
ADC Plugin2.26.968
Streaming-video
Unclassified
Streaming5.4Willow TV(Android)
Willow TV
3.10Willow TV(iOS)
—Willow TV(Web)
1.9—Cloud—Windows-azure(Web)
Windows-azure
1.9—E-store8.0Windows Store(WindowsPhone)
Windows-store
Pre StarOS 12.0—Streaming——Windows MediaStream(WMStream)
ADC Administration Guide, StarOS Release 21.1098
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
Pre StarOS 12.0—Peer to Peer FileSharing
——WinMX
Pre StarOS 12.0—Peer to PeerAnonymous FileSharing
2.0.b6.6WinnyWinny
Pre StarOS 12.0—Gaming——World ofKungfu
Pre StarOS 12.0—Gaming——World ofWarcraft
1.1—Cloud——Wuala
ADC Plugin1.157.618
Streaming-video
Unclassified
Streaming3.9.039001418WWE (Android)WWE
3.10.0WWE (iOS)
Pre StarOS 12.0—Gaming——Xbox
Pre StarOS 12.0—Peer to Peer FileSharing
—XDCC CatcherXDCC
—XDCC Fetcher
—XDCC Klipper
ADC Plugin2.2.719
Streaming-video
Unclassified
Streaming3.9.0.036Xfinity TV(Android)
Xfinity TV
3.0.1.664Xfinity TV(iOS)
—Xfinity TV(Windows)
1.10UnclassifiedSocial-nw-generic4.1.1.610Xing (Android)Xing
4.9.3Xing (iOS)
5.2.0.0Xing (WindowsPhone)
—Xing (Windows)
Pre StarOS 12.0Audio
File Transfer
Video
Unclassified
Communicator—GaimYahoo
—Kopete
—Miranda
ADC Administration Guide, StarOS Release 21.1099
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
TrillionTrillion
11.5.0.228Yahoo(Windows)
6.4.1Yahoo(Android)
6.4.0Yahoo (iOS)
3.0.2Yahoo (MAC)
1.6—E-mail5.1.0Yahoomail(Android)
Yahoo Mail
4.0.3Yahoomail(iOS)
—Yahoomail(Web)
ADC Plugin2.9.813
Streaming-video
Unclassified
Streaming5.1.0YipTV(Android)
YipTV
5.1YipTV (iOS)
—YipTV(Windows)
ADC Plugin2.11.833
—Internet Privacy3.1.006Yoga Free VPN(Android)
Yoga Free VPN
—Yoga Free VPN(iOS)
—Yoga Free VPN(Windows)
1.8—Streaming3.7Youku(Android)
Youku
3.3Youku (iOS)
3.1Youku(WindowsPhone)
—Youku (Web)
12.0—AnonymousAccess
20111213-13Your FreedomTunnel
Your FreedomTunnel
ADC Administration Guide, StarOS Release 21.10100
Peer-to-Peer Protocol and Application Detection SupportAll Supported Protocols and Applications
Supported fromRelease
ClassificationGroupClient VersionClientProtocol /Application
1.5Ads
File Transfer
Streaming-video
Unclassified
Streaming12.42.59Youtube(Android)
YouTube
12.43Youtube (iOS)
49.0.2623.110Youtube(WindowsMobile)
—Youtube (Web)
ADC Plugin2.28.990
—Great Big Story(Android)
—Great Big Story(iOS)
—Great Big Story(Web)
Pre StarOS 12.0—Streaming——Zattoo
ADC Plugin2.23.953
—Communicator3.99Zello (Android)Zello
3.53Zello (iOS)
—Zello (Windows)
Port-based ProtocolsThis section lists the port-based protocols currently supported by Cisco ADC. These are TCP and UDPprotocols that are classified according to their well-known ports. The default TCP and UDP ports of each ofthe protocols are listed. As part of IP Protocol and Transport Port Mapping, a static mapping of transport portto strings is provided in EDRs.
UDP PortsTCP PortsProtocol Name
6296293COM-AMP3
1061063COM-TSMUX
211211914C/G
5645649PFS
674674ACAP
6262ACAS
888888ACCESSBUILDER
ADC Administration Guide, StarOS Release 21.10101
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
699699ACCESSNETWORK
187187ACI
774—ACMAINT_DBD
775—ACMAINT_TRANSD
599599ACP
104104ACR-NEMA
149149AED-512
705705AGENTX
—5190–5193AIM
463463ALPES
26392639AMINET
7013, 7500–75017013, 7500–7501ANARCHY
212212ANET
116116ANSANOTIFY
124124ANSATRADER
654654AODV
539539APERTUS-LDP
458458\QTC
545545APPLEQTCSRVR
999—APPLIX
262262ARCISDMS
419419ARIEL1
421421ARIEL2
422422ARIEL3
384384ARNS
386386ASA
502502ASA-APPL-PROTO
9000–90139000–9013ASHERONS CALL
ADC Administration Guide, StarOS Release 21.10102
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
626626ASIA
687687ASIPREGISTRY
311311ASIP-WEBADMIN
449449AS-SERVERMAP
203203AT-3
205205AT-5
207207AT-7
208208AT-8
204204AT-ECHO
202202AT-NBP
201201AT-RTMP
206206AT-ZIS
114114AUDIONEWS
182182AUDIT
4848AUDITD
364364AURORA-CMGR
387387AURP
113113AUTH
623623AUX_BUS_SHUNT
486486AVIAN
50725072AYIYA IPv6 Tunneled
567567BANYAN-RPC
573573BANYAN-VIP
581581BDP
152152BFTP
264264BGMP
179179BGP
482482BGS-NSI
ADC Administration Guide, StarOS Release 21.10103
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
354354BH611
357357BHEVENT
248248BHFHS
310310BHMDS
512—BIFF
—2611–2612BLACK AND WHITE
142142BL-IDM
632632BMPP
415415BNET
6868BOOTPC
6767BOOTPS
707707BORLAND-DSJ
998998BUSBOY
282282CABLEPORT-AX
595595CAB-PROTOCOL
770770CADLOCK
216216CAILIC
588588CAL
20500, 20510, 2896028960CALL OF DUTY
223223CDC
120120CFDPTKT
1919CHARGEN
562562CHSHELL
673673CIMPLEX
130130CISCO-FNA
132132CISCO-SYS
711711CISCO-TDP
131131CISCO-TNA
ADC Administration Guide, StarOS Release 21.10104
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
504504CITADEL
172172CL/1
371371CLEARCASE
356356CLOANTO-NET-1
164164CMIP-AGENT
163163CMIP-MAN
15291529COAUTHOR
370370CODAAUTH2
622622COLLABORATOR
542542COMMERCE
2, 32, 3COMPRESSNET
437437COMSCM
759759CON
786786CONCERT
531531CONFERENCE
693693CONNENDP
454, 3365454, 3365CONTENTSERVER
683683CORBA-IIOP
684684CORBA-IIOP-SSL
284284CORERJD
1200, 27000–2701427020–27039COUNTER STRIKE
530530COURIER
6464COVIA
455, 3366455, 3366CREATIVEPARTNR
453, 3364453, 3364CREATIVESERVER
507507CRS
624624CRYPTOADMIN
348348CSI-SGWP
ADC Administration Guide, StarOS Release 21.10105
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
105105CSNET-NS
8484CTF
528528CUSTIX
442442CVC_HOSTD
551551CYBERCASH
763763CYCLESERV
772772CYCLESERV2
497497DANTZ
2621426214DARK REIGN
439439DASP
461461DATASURFSRV
462462DATASURFSRVSEC
355355DATEX-ASN
1313DAYTIME
217217DBASE
9393DCP
675675DCTP
447447DDM-DFM
446446DDM-RDB
625625DEC_DLM
403403DECAP
316316DECAUTH
579579DECBSRV
410410DECLADEBUG
441441DECVMS-SYSMGT
618618DEI-ICDA
3100, 3999, 3568, 35693100, 3999DELTA FORCE
7676DEOS
ADC Administration Guide, StarOS Release 21.10106
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
801801DEVICE
552552DEVICESHARE
647647DHCP-FAILOVER
847847DHCP-FAILOVER2
546546DHCPv6-CLIENT
547547DHCPv6-SERVER
6113–61196113–6119DIABLO
619619DIGITAL-EVM
466466DIGITAL-VRC
242242DIRECT
22342234DIRECTPLAY
60736073DIRECTPLAY8
33373337DIRECTV-CATLG
33353335DIRECTV-SOFT
33363336DIRECTV-TICK
33343334DIRECTV-WEB
99DISCARD
667667DISCLOSE
9696DIXIE
197197DLS
198198DLS-MON
195195DN6-NLM-AUD
196196DN6-SMM-RED
436436DNA-CML
9090DNSIX
666666DOOM
315315DPSI
378378DSETOS
ADC Administration Guide, StarOS Release 21.10107
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
438438DSFGW
3333DSP
246246DSP3270
352352DTAG-STE-SB
365365DTK
644644DWR
77ECHO
—520EFS
704704ELCSD
26000, 27500—ELITE FORCE
394394EMBL-NDT
141141EMFIS-CNTL
140140EMFIS-DATA
—775ENTOMB
680680ENTRUST-AAAS
681681ENTRUST-AAMS
710710ENTRUST-ASH
709709ENTRUST-KMSH
640640ENTRUST-SPS
309309ENTRUSTTIME
121121ERPC
621621ESCP-IP
642642ESRO-EMSDP
259259ESRO-GEN
592592EUDORA-SET
—135EXCHANGE
—512EXEC
589589EYELINK
ADC Administration Guide, StarOS Release 21.10108
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
3862, 3863—F16
3874–3875, 4533, 4534—F22 SIMULATOR (LIGHTNING3)
347347FATSERV
510510FCP
7979FINGER
744744FLEXLM
221221FLN-SPX
61126112FSGS
574574FTP-AGENT
2020FTP-DATA
989989FTPS-DATA
747747FUJITSU-DEV
286286FXP-1
190190GACP
—29001GAME-SEARCH
6515, 279006500, 28900, 29000GAME-SPY
—999GARCON
538538GDOMAP
402402GENIE
176176GENRAD-MUX
678678GGF-NCP
634634GINAD
—1201GLT POLIANE
491491GO-LOGIN
7070GOPHER
103103GPPITNP
4141GRAPHICS
ADC Administration Guide, StarOS Release 21.10109
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
24922492GROOVE
488488GSS-HTTP
128128GSS-XLICEN
21522152GTP-USER
694694HA-CLUSTER
7002, 27015, 27025—HALFLIFE
661661HAP
375375HASSLE
686686HCP-WISMAR
263263HDAP
652652HELLO-PORT
151151HEMS
2891028910HERETIC II
2690026900HEXEN
612612HMMP-IND
613613HMMP-OP
101101HOSTNAME
8181HOSTS2-NS
383383HP-ALARM-MGR
381381HP-COLLECTOR
382382HP-MANAGED-NODE
591591HTTP-ALT
280280HTTP-MGMT
593593HTTP-RPC-EPMAP
473473HYBRID-POP
418418HYPER-G
692692HYPERWAVE-ISP
480480IAFDBASE
ADC Administration Guide, StarOS Release 21.10110
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
479479IAFSERVER
432432IASD
385385IBM-APP
523523IBM-DB2
67146714IBPROTOCOL
425425ICAD-EL
887887ICLCNET_SVINFO
886886ICLCNET-LOCATE
903903IDEAFARM-CATCH
902902IDEAFARM-CHAT
549549IDFP
651651IEEE-MMS
695695IEEE-MMS-SSL
535535IIOP
220220IMAP3
993993IMAPS
406406IMSP
244244INBUSINESS
414414INFOSEEK
134134INGRES-NET
495495INTECOURIER
484484INTEGRA-SME
503503INTRINSA
576576IPCD
600600IPCSERVER
578578IPDD
631631IPP
213213IPX
ADC Administration Guide, StarOS Release 21.10111
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
994994IRCS
529529IRC-SERV
379379IS99C
380380IS99S
5555ISI-GL
20422042ISIS
499499ISO-ILL
147147ISO-IP
146146ISO-TP0
102102ISO-TSAP
399399ISO-TSAP-C2
828828ITM-MCELL-S
148148JARGON
22132213KALI
287287K-BLOCK
8888KERBEROS
749749KERBEROS-ADM
584584KEYSERVER
3151031510KINGPIN
186186KIS
543543KLOGIN
157157KNET-CMP
3855, 174373855, 17437KOHAN IMMORTALSOVEREIGNS
60856085KONSPIRE2B
464464KPASSWD
398398KRYPTOLAN
544544KSHELL
ADC Administration Guide, StarOS Release 21.10112
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
5151LA-MAINT
637637LANSERVER
389389LDAP
636636LDAPS
646646LDP
373373LEGENT-1
374374LEGENT-2
245245LINK
472472LJK-LOGIN
40454045LOCKD
127127LOCUS-CON
125125LOCUS-MAP
—513LOGIN
660660MAC-SRVR-ADMIN
313313MAGENTA-LOGIC
505505MAILBOX-LM
174174MAILQ
997997MAITRD
269269MANET
224224MASQDIALER
350350MATIP-TYPE-A
351351MATIP-TYPE-B
112112MCIDAS
638638MCNS-SEC
800800MDBS_DAEMON
685685MDC-PORTMAPPER
668668MECOMM
669669MEREGISTER
ADC Administration Guide, StarOS Release 21.10113
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
393393META5
9999METAGRAM
570, 571570, 571METER
8686MFCOBOL
54025402MFTP
490490MICOM-PFS
15341534MICROMUSE-LM
445445MICROSOFT-DS
9191MIT-DOV
8383MIT-ML-DEV
534534MM-ADMIN
—1755MMS
434434MOBILEIP-AGENT
435435MOBILIP-MN
471471MONDEX
561561MONITOR
367367MORTGAGEWARE
16000, 16010–1603016000, 16010–16030MOTORHEAD
31553155MPEG
4545MPM
4444MPM-FLAGS
4646MPM-SND
218218MPP
397397MPTN
679679MRM
639639MSDP
691691MSEXCH-ROUTING
32683268MSFT-GC
ADC Administration Guide, StarOS Release 21.10114
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
32693269MSFT-GC-SSL
3131MSG-AUTH
2929MSG-ICP
18631863MSNP
2393, 2394, 2382, 23842393, 2394, 2382, 2384MS-OLAP
1818MSP
569569MS-ROME
568568MS-SHUTTLE
14341434MS-SQL-M
14331433MS-SQL-S
777777MULTILING-HTTP
171171MULTIPLEX
188188MUMPS
467467MYLEX-MAPD
34533453MYTH
4242NAME
167167NAMP
991991NAS
404404NCED
405405NCLD
524524NCP
353353NDSAUTH
94429442NEED FOR SPEED
10301030NEED FOR SPEED 3
489489NEST-PROTOCOL
18301830NET8-CMAN
32833283NET-ASSISTANT
137, 138, 139137, 138, 139NETBIOS
ADC Administration Guide, StarOS Release 21.10115
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
741741NETGW
532532NETNEWS
742742NETRCS
7171NETRJS-1
7272NETRJS-2
7373NETRJS-3
7474NETRJS-4
155155NETSC-DEV
154154NETSC-PROD
729729NETVIEWDM1
730730NETVIEWDM2
731731NETVIEWDM3
533533NETWALL
396396NETWARE-IP
—100NEWACCT
550550NEW-RWHO
178178NEXTSTEP
20492049NFS
4343NICNAME
4747NI-FTP
6161NI-MAIL
376376NIP
758758NLOGIN
689689NMAP
537537NMSP
433433NNSP
119119NNTP
563563NNTPS
ADC Administration Guide, StarOS Release 21.10116
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
13521352NOTES (LOTUS NOTES)
30163016NOTIFY
3460–34653460–3465NOVADIGM
308308NOVASTORBAKCUP
611611NPMP-GUI
610610NPMP-LOCAL
609609NPMP-TRAP
9292NPP
607607NQS
760760NS
261261NSIIOPS
359359NSRMP
159159NSS-ROUTING
2727NSW-FE
518518NTALK
126126NXEDIT
650650OBEX
9494OBJCALL
183183OCBINDER
429429OCS_AMU
428428OCS_CMU
184184OCSERVER
366366ODMR
506506OHIMSRV
698698OLSR
900900OMGINITIALREFS
764764OMSERV
417417ONMUX
ADC Administration Guide, StarOS Release 21.10117
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
536536OPALIS-RDV
314314OPALIS-ROBOT
423423OPC-JOB-START
424424OPC-JOB-TRACK
260260OPENPORT
557557OPENVMS-SYSIPC
—47624OPERATION FLASH POINT
15751575ORACLENAMES
16301630ORACLENET8CMAN
15251525ORA-SRV
30763076ORBIX-CONFIG
15701570ORBIXD
30753075ORBIX-LOCATOR
30773077ORBIX-LOC-SSL
192192OSU-NMS
53105310OUTLAWS
65826582PARSEC-GAME
511511PASSGO
627627PASSGO-TIVOLI
586586PASSWORD-CHG
345345PAWSERV
5631, 56325631, 5632PCANYWHERE
158158PCMAIL-SRV
344344PDAP
281281PERSONAL-LINK
662662PFTP
481481PH
583583PHILIPS-VC
ADC Administration Guide, StarOS Release 21.10118
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
767767PHONEBOOK
468468PHOTURIS
496496PIM-RP-DISC
321321PIP
553553PIRP
829829PKIX-3-CA-RA
318318PKIX-TIMESTAMP
109109POP2
494494POV-RAY
485485POWERBURST
515515PRINTER
170170PRINT-SRV
409409PRM-NM
408408PRM-SM
136136PROFILE
191191PROSPERO
1007010070–10080PS2
3478, 3479, 36585223PS3
645645PSSC
597597PTCNAMESERVICE
319319PTP-EVENT
320320PTP-GENERAL
751751PUMP
663663PURENOISE
129129PWDGEN
368368QBIKGDP
189189QFT
628628QMQP
ADC Administration Guide, StarOS Release 21.10119
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
209209QMTP
1717QOTD
752752QRH
787—QSC
762762QUOTAD
4899, 62224899, 6222RADMIN
7777, 8777, 97777777, 8777, 9777RAINBOX SIX
256256RAP
469469RCP
—1571RDA
688688REALM-RUSD
5050RE-MAIL-CK
—3389REMOTE DESKTOP
556556REMOTEFS
185185REMOTE-KIS
641641REPCMD
653653REPSCMD
283283RESCAP
750750RFILE
521521RIPNG
180180RIS
748748RIS-CM
55RJE
3939RLP
635635RLZDBASE
657657RMC
10981098RMIACTIVATION
10991099RMIREGISTRY
ADC Administration Guide, StarOS Release 21.10120
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
560560RMONITOR
411411RMT
520—ROUTER
—774RPASSWD
369369RPC2PORTMAP
753753RRH
648648RRP
222222RSH-SPX
168168RSVD
363363RSVP_TUNNEL
873873RSYNC
107107RTELNET
771771RTIP
19351935RTMP
322322RTSPS
—43594–43595RUNESCAPE
696696RUSHD
761761RXE
487487SAFT
643643SANITY
582582SCC-SECURITY
617617SCO-DTMGR
457457SCOHELP
360360SCOI2ODIALOG
615615SCO-INETMGR
616616SCO-SYSMGR
598598SCO-WEBSRVRMG3
620620SCO-WEBSRVRMGR
ADC Administration Guide, StarOS Release 21.10121
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
470470SCX-PROXY
558558SDNSKMP
664664SECURE-AUX-BUS
990990SECURE-FTP
995995SECURE-POP3
992992SECURE-TELNET
361361SEMANTIX
169169SEND
20892089SEP
633633SERVSTAT
257257SET
452452SFS-CONFIG
451451SFS-SMP-NET
115115SFTP
440440SGCP
153153SGMP
160160SGMP-TRAPS
—514SHELL
16261626SHOCKWAVE
358358SHRINKWRAP
498498SIAM
608608SIFT-UFT
706706SILC
416416SILVERPLATTER
2245022450SIN
5060–50615060–5061SIP
26312631SITARADIR
26302630SITARAMGMT
ADC Administration Guide, StarOS Release 21.10122
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
26292629SITARASERVER
460460SKRONK
122122SMAKYNET
426426SMARTSDP
901901SMPNAMERES
420420SMPTE
596596SMSD
413413SMSP
199199SMUX
108108SNAGAS
—509SNARE
166166S-NET
161161SNMP
162162SNMPTRAP
580580SNTP-HEARTBEAT
10801080SOCKS
215215SOFTPC
28911–28915—SOLDIER OF FORTUNE
572572SONAR
656656SPMP
478478SPSC
90889088SQLEXEC
—1521SQLNET
66, 15066, 150SQL-NET
118118SQLSERV
156156SQLSRV
200200SRC
193193SRMP
ADC Administration Guide, StarOS Release 21.10123
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
362362SRSSEND
477477SS7NS
2222SSH
614614SSHELL
266266SST
29001–29009—STARSIEGE
28060–28062, 28070–28081—STARWARS JEDI KNIGHT
133133STATSRV
501501STMF
15581558STREAMWORK
566566STREETTALK
527527STX
587587SUBMISSION
—773SUBMIT
247247SUBNTBCST_TFTP
8989SU-MIT-TG
665665SUN-DR
111111SUNRPC
9595SUPDUP
10101010SURF
243243SUR-MEAS
427427SVRLOC
1663816639SWAT3
9797SWIFT-RVF
412412SYNOPTICS-TRAP
392392SYNOTICS-BROKER
391391SYNOTICS-RELAY
514—SYSLOG
ADC Administration Guide, StarOS Release 21.10124
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
1111SYSTAT
4949TACACS
6565TACACS-DS
9898TACNEWS
517517TALK
268268TD-REPLICA
267267TD-SERVICE
559559TEEDTAP
754754TELL
2323TELNET
526526TEMPO
658658TENFOLD
3544—TEREDO
333333TEXAR
492492TICF-1
493493TICF-2
407407TIMBUKTU
3737TIME
525525TIMED
655655TINC
15271527TLISRV
377377TNETOS
590590TNS-CML
476476TN-TL-FD1
—474TN-TL-W1
474—TN-TL-W2
594594TPIP
2800128001TRIBES
ADC Administration Guide, StarOS Release 21.10125
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
450450TSERVER
145145UAAC
219219UARPS
390390UIS
372372ULISTPROC
522522ULP
483483ULPNET
17371737ULTIMA
17971797UMA
388388UNIDATA-LDM
181181UNIFY
7778–77837778UNREAL_UT
401401UPS
659659URL-RENDEZVOUS
606606URM
519519UTIME
431431UTMPCD
430430UTMPSD
540540UUCP
117117UUCP-PATH
541541UUCP-RLOGIN
697697UUIDGEN
671671VACDSM-APP
670670VACDSM-SWS
690690VATP
575575VEMMI
769769VID
516516VIDEOTEX
ADC Administration Guide, StarOS Release 21.10126
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
175175VMNET
214214VMPWSCS
577577VNAS
—5900, 5901, 5902VNC
677677VPP
676672VPPS-QUA
996996VSINET
312312VSLMP
29482948WAP-PUSH
40354035WAP-PUSH-HTTP
40364036WAP-PUSH-HTTPS
29492949WAP-PUSHSECURE
92059205WAP-VCAL
92079207WAP-VCAL-S
92049204WAP-VCARD
92069206WAP-VCARD-S
92029202WAP-WSP-S
92019201WAP-WSP-WTP
—9203WAP-WSP-WTP-S
37243724WARCRAFT
765765WEBSTER
1140, 1234, 40001140, 1234, 4000WESTWOOD ONLINE
513—WHO
565565WHOAMI
6363WHOIS
27950, 27951, 27952, 27960,27965
27952, 27960, 27965WOLFENSTEIN ENEMYTERRITORY
400400WORK-SOL
ADC Administration Guide, StarOS Release 21.10127
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
UDP PortsTCP PortsProtocol Name
2595–25962595–2596WORLDFUSION
776776WPAGES
780780WPGS
28052805WTA-WSP-S
911911XACT-BACKUP
265265X-BONE-CTL
30743074XBOX LIVE
177177XDMCP
30883088XDTP
8282XFER
682682XFR
5656XNS-AUTH
5454XNS-CH
165165XNS-COURIER
5858XNS-MAIL
5252XNS-TIME
508508XVTTP
6000–60636000–6063XWINDOWS
173173XYPLEX-MUX
1199911999YAHOO GAMES
258258YAK-CHAT
210210Z39.50
317317ZANNET
7845—ZNES
346346ZSERV
ADC Administration Guide, StarOS Release 21.10128
Peer-to-Peer Protocol and Application Detection SupportPort-based Protocols
IP ProtocolsThis chapter lists the IP protocols supported by Cisco ADC. These are protocols (such as ICMP), other thanTCP and UDP protocols that are identified according to the IP protocol number of the transaction. For eachprotocol, the protocol index number in the IP header is provided. As part of IP Protocol and Transport PortMapping, a static mapping of IP protocol to strings is provided in EDRs.
Protocol NameIP Protocol Number
HOPOPT0
ICMP1
IGMP2
GGP3
IP-v44
ST5
TCP6
CBT7
EGP8
IGP9
BBN-RCC-MON10
NVP-II11
PUP12
ARGUS13
EMCON14
XNET15
CHAOS16
UDP17
MUX18
DCN-MEAS19
HMP20
PRM21
XNS-IDP22
TRUNK-123
ADC Administration Guide, StarOS Release 21.10129
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
Protocol NameIP Protocol Number
TRUNK-224
LEAF-125
LEAF-226
RDP27
IRTP28
ISO-TP429
NETBLT30
MFE-NSP31
MERIT-INP32
DCCP33
3PC34
IDPR35
XTP36
DDP37
IDPR-CMTP38
TP++39
IL40
IPv641
SDRP42
IPv6-Route43
IPv6-Frag44
IDRP45
RSVP46
GRE47
DSR48
BNA49
ESP50
AH51
ADC Administration Guide, StarOS Release 21.10130
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
Protocol NameIP Protocol Number
I-NLSP52
SWIPE53
NARP54
NHRP54
MOBILE55
TLSP56
SKIP57
IPv6-ICMP58
IPv6-NoNxt59
IPv6-Opts60
CFTP62
SAT-EXPAK64
KRYPTOLAN65
RVD66
IPPC67
SAT-MON69
VISA70
IPCV71
CPNX72
CPHB73
WSN74
PVP75
BR-SAT-MON76
SUN-ND77
WB-MON78
WB-EXPAK79
ISO-IP80
VMTP81
ADC Administration Guide, StarOS Release 21.10131
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
Protocol NameIP Protocol Number
SECURE-VMTP82
VINES83
TTP84
NSFNET-IGP85
DGP86
TCF87
EIGRP88
OSPFIGP89
Sprite-RPC90
LARP91
MTP92
AX.2593
IPIP94
MICP95
SCC-SP96
ETHERIP97
ENCAP98
GMTP100
IFMP101
PNNI102
PIM103
ARIS104
SCPS105
QNX106
A/N107
IPComp108
SNP109
Compaq-Peer110
ADC Administration Guide, StarOS Release 21.10132
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
Protocol NameIP Protocol Number
IPX-in-IP111
VRRP112
PGM113
L2TP115
DDX116
IATP117
STP118
SRP119
UTI120
SMP121
SM122
PTP123
ISIS-over-IPv4124
FIRE125
CRTP126
CRUDP127
SSCOPMCE128
IPLT129
SPS130
PIPE131
SCTP132
FC133
RSVP-E2E-IGNORE134
Mobility-Header135
UDPLITE136
MPLS-in-IP137
manet138
HIP139
ADC Administration Guide, StarOS Release 21.10133
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
Protocol NameIP Protocol Number
Shim6140
WESP141
ROHC142
ADC Administration Guide, StarOS Release 21.10134
Peer-to-Peer Protocol and Application Detection SupportIP Protocols
C H A P T E R 5Reporting SSL Parameters in EDR
This chapter describes the following topics:
• Feature Summary and Revision History, on page 135• Feature Description, on page 136• How It Works, on page 136• Configuring SSL Parameters in EDR, on page 138• Monitoring and Troubleshooting, on page 138
Feature Summary and Revision HistorySummary Data
All Products supporting ADCApplicable Product(s) or Functional Area
Applicable Platform(s) • ASR 5500
• VPC-DI
• VPC-SI
Enabled - Always-onFeature Default
Not ApplicableRelated Changes in This Release
ADC Administration GuideRelated Documentation
Revision History
ReleaseRevision Details
21.5First introduced.
ADC Administration Guide, StarOS Release 21.10135
Feature DescriptionThe ADC (P2P) engine detects encrypted traffic using Server Name Indication (SNI)/ Canonical Name(CNAME) field (signatures) of SSL flow in Client and Server Hello packets. To mark the flow as SSL, bothClient and Hello packets must be parsed without any error. There could be several error conditions due towhich ADC SSL decoder could fail, such as failure to receive Server Hello, invalid Type Value Length (TLV),invalid header length, absence of a certificate, and so on. When any of these error conditions are seen, theflow is marked as "p2p-unknown" instead of SSL although the packets are exchanged on TCP Port 443. Asa result, the flow is matched to the "ip any-match" rule instead of an SSL rule.
With this feature, these failure reasons are reported in EDR for better debugging purposes and to know whya flow is not marked as SSL. Subsequently, marking a flow as an application traffic based on SNI has alimitation of users spoofing the SNI field to gain advantage of the various service provider monetary plans.SSL makes use of certificates to authenticate the endpoints. As such, to overcome SNI spoofing, ADC parsesthe various information in the SSL Server Hello packet and reports the same in EDR for debugging.
How It WorksThis section provides a brief overview of how this feature works.
• ADC stores the reason for SSL decode failure.
• ADC stores the validity of SSL certificate.
• Has the certificate expired (> not-after).
• Is the certificate still valid (between not-before and not-after).
• Can the certificate be used (< not-before).
Currently, ADC decodes ‘not-after’ and ‘not-before’ and stores them internally. As part of thisfeature, the ‘not-after’ and ‘not-before’ is parsed with current system time and report values 0, 1, 2in EDR.
• Support is added to configure the required SSL certificate parameters in EDR.
• Support is added to report the certificate information in charging EDR.
• Support is added to generate charging EDR for that flow and report the parsed information.
• Boxer is compatible with a plugin with and without changes.
• If the value of attributes; SSL ISSUER CNAME, SSL ISSUER ORG or SSL SUBJECT ORG contains“,”, the Boxer converts the same to “_” before printing in EDR.
EDRThe SSL parameters issued from plugin can be configured as EDR fields. The particular values correspondingto different EDR fields is populated, if present in the flow.
Following SSL parameters are identified to be reported in EDR:
• SSL decode failure: A flow can fail to be detected as SSL due to one of the following reasons:
ADC Administration Guide, StarOS Release 21.10136
Reporting SSL Parameters in EDRFeature Description
1. IPOQUE_SSL_CLIENT_HELLO_DECODE_SUCCESS,
2. IPOQUE_SSL_SERVER_HELLO_DECODE_SUCCESS,
3. IPOQUE_SSL_CLIENT_HELLO_INVALID_EXT_LEN,
4. IPOQUE_SSL_SERVER_HELLO_INVALID_EXT_LEN,
5. IPOQUE_SSL_SERVER_HELLO_NO_CERTIFICATE,
6. IPOQUE_SSL_SERVER_HELLO_INVALID_SNO_LEN,
7. IPOQUE_SSL_SERVER_HELLO_INVALID_SIGNATURE_LEN,
8. IPOQUE_SSL_SERVER_HELLO_ISSUER_NOT_FOUND,
9. IPOQUE_SSL_SERVER_HELLO_INVALID_VALIDITY,
10. IPOQUE_SSL_SERVER_HELLO_INVALID_VALIDITY_NOT_BEFORE,
11. IPOQUE_SSL_SERVER_HELLO_INVALID_VALIDITY_NOT_AFTER,
12. IPOQUE_SSL_SERVER_HELLO_INVALID_SUBJECT_LEN
EDR will contain a value of 1-12 corresponding to above reasons in the same order withIPOQUE_SSL_CLIENT_HELLO_DECODE_SUCCESS being 1 andIPOQUE_SSL_SERVER_HELLO_INVALID_SUBJECT_LEN being 12.
Following are the conditions when above failure reasons will be reported:
• Client Hello Success – Client Hello decoded successfully but further packets are not received in flow(absence of Server Hello).
• Server Hello Success – SSL flow decoded successfully without any issues, both Client and Server Hellopackets.
• Invalid Client/Server Hello Extension Length – When length of any of the TLVs in Client/Server Hellois 0 (zero) or more than packet length respectively.
• Server Hello No certificate – Absence of any certificates in Server Hello.
• Server Hello Invalid Subject/SNO/Signature Len – When length of Subject/Serial Number/SignatureTLVs in Server Hello is 0 (zero) or more than packet length respectively.
• Server Hello Issuer Not Found – Absence of Issuer certificate in Server Hello.
• Server Hello Invalid Validity/Validity Not Before/Validity Not After – Absence of these fields in ServerHello.
• Subject Organization Name – Name of the Organization/Company to which the SSL certificate is issued.
• Issuer CNAME – Canonical Name of the Organization/Company issuing the certificate
• Issuer Organization Name – Name of the Organization/Company issuing the SSL certificate
• SSL Certificate Validity:
• EDR value of 1 – Current date is less than Certificate not before date
• EDR value of 2 – Current date is greater than Certificate not after date
ADC Administration Guide, StarOS Release 21.10137
Reporting SSL Parameters in EDREDR
• EDR value of 3 – Current date is within Certificate not before and not after dates
Issuer provides a certificate subjected for a particular duration of time, after which the same mustbe renewed or the certificate is deemed invalid. This field states whether the certificate exchangedin Server Hello is currently valid or expired.
Configuring SSL Parameters in EDRThis section provides information on CLI commands available in support of this feature.
Enabling SSL ParametersUse the following configuration to enable SSL Parameters under EDR Format Configuration Mode:
active-charging service service_name
edr-format format_name
rule-variable p2p ssl-params { cert-issuer-cname | cert-subject-oname| cert-issuer-oname | cert-validity | ssl-decode-failure } priority
priorityend
NOTES:
• ssl-params: Specifies the SSL flow parameters.
• cert-issuer-cname: Specifies the SSL Certificate Issuer CName.
• cert-subject-oname: Specifies the SSL Certificate Subject Organization Name.
• cert-issuer-oname: Specifies the SSL Certificate Issuer Organization Name.
• cert-validity: Specifies the validity of SSL Certificate.
• ssl-decode-failure: Specifies the reason for SSL Decode failure.
Monitoring and TroubleshootingThis section provides information about show CLI commands and/or their outputs in support of this feature.
Show Commands and/or Outputs
show active-charging edr-format all
The output of this CLI command has been enhanced to display the new SSL parameters. Following is a sampleoutput:show active-charging edr-format allService Name: service_1Edr Format Name: edr_1
rule-variable p2p ssl-params cert-subject-oname priority 1
ADC Administration Guide, StarOS Release 21.10138
Reporting SSL Parameters in EDRConfiguring SSL Parameters in EDR
show configuration active-charging service all
The output of this CLI command has been enhanced to display the new SSL parameters. Following is a sampleoutput:show configuration active-charging service allconfigactive-charging service service_1no ng-ecs-enablededr-format edr_1rule-variable p2p ssl-params cert-subject-oname priority 1
exitrulebase defaultno tcp check-window-size
exitpolicy-control burst-size auto-readjust duration 5
exitend
ADC Administration Guide, StarOS Release 21.10139
Reporting SSL Parameters in EDRShow Commands and/or Outputs
ADC Administration Guide, StarOS Release 21.10140
Reporting SSL Parameters in EDRShow Commands and/or Outputs
C H A P T E R 6Support for SNI Detection
This chapter describes the Server Name Indication (SNI) Detection feature in ADC, and provides detailedinformation on the following topics:
• Feature Description, on page 141• Configuring SNI Detection, on page 143• Monitoring and Troubleshooting the SNI Detection, on page 145
Feature DescriptionServer Name Indication (SNI) is an extension of the Transport Layer Security (TLS) protocol that allowsmultiple secure (HTTPS) websites (or any other service over TLS) to be served from the same IP addresswithout requiring all those sites to use the same certificate. SNI provides a mechanism for the client to tellthe server which hostname it is trying to connect to.
ADC detects encrypted traffic using the SNI field (signatures) of TLS/SSL (Secure Sockets Layer) traffic.These signatures are added along with other detection mechanisms and delivered as a plugin. If there are newSNI fields either in the already detected applications or new applications, then these new fields are added tothe plugin and a new version of the plugin is released. This results in frequent releases of plugin versionscausing delay in upgrading the new plugin in the network and leading to revenue leak to the operator. Due toincreased number of applications moving towards TLS/SSL, an option is provided to configure the SNI inruledef and classify traffic based on the configured SNI with this release.
The SNI Detection feature requires a valid Application Detection and Control license. Contact your CiscoAccount representative for more information.
The SNI field in the TLS/SSL handshake is used to determine the type of TLS/SSL flow being setup. SNIrule variable is added as an optional field in EDRs for detection of TLS/SSL flows. When the “tls sni” rulevariable is configured and a valid SNI name is detected in the flow, the SNI field is populated in the EDR.
Important
QUIC SNI DetectionThe SNI Detection feature is enhanced to support QUIC SNI configuration and classify traffic based on theconfigured SNI. The CLI commands added to configure the SNI are generic such that otherapplication-identifiers added in the future are taken care of with the Plugin changes only.
ADC Administration Guide, StarOS Release 21.10141
This feature requires the latest ADC Plugin to be loaded from the adc_v2.x stream along with StarOS changes.The default plugin does not support this feature. Contact your Cisco account representative for more information.
Important
When a QUIC flow is analyzed, the P2P rule match takes place on this flow with the configured SNI. If theflow/packet matches the rule, the custom-defined-protocol (CDP) name specified in the ruledef is taken andthe flow is marked as CDP. If no CDP is configured in the rule, then the flow is treated as QUIC flow.
Within the P2P plugin, when a QUIC flow arrives with SNI that is already hardcoded and the same SNI isalso configured in ruledef, the ruledef with higher priority takes precedence. Based on rule priority, rulematching is done and CDP statistics get incremented. When the new QUIC flow comes with SNI that is nothardcoded, the flow will be marked as a QUIC flow.
• The p2p app-identifier and p2p set-app-proto commands are added in the ACS Ruledef Configurationmode to configure QUIC-SNI and TLS-SNI that are dynamically populated from the P2P plugin andmatch the traffic against it.
• EDR attributes are added to support app-identifiers supplied from plugin. EDR logs the matched CDPin the "p2p-protocol" field for the flow. If QUIC-SNI is configured in the EDR field, then QUIC-SNIstring will be populated.
• Analyzer statistics, ruledef statistics, and bulk statistics are updated for newly identified protocols
• Backward compatibility for the TLS-SNI feature is maintained such that this feature works seamlesslywith new CLI commands added in this release.
Limitations
The limitations with this feature are listed in this section:
• The quic-sni identifier is configured in the EDR with the new plugin. When rolled back to old plugins,the EDR headers will print p2p-unknown since the old plugin does not support the configuredapp-identifier. When upgraded to a new plugin that supports QUIC-SNI identifier, p2p-unknown willbe updated to display p2p-quic-sni in the EDR.
• The help strings related to the new CLI keywords will be updated in a later release.
Relationships to Other FeaturesThis section describes how the SNI Detection feature relates to other ADC features.
• Analyzer Interworking: In support of SNI Detection, HTTPS protocol support is added for ECS analysisof all SSL flows as part of the Analyzer Interworking feature. This feature is enabled by default for allanalyzers including HTTPS if P2P detection/protocol is enabled.
The different behaviors when Analyzer Interworking is enabled or disabled is listed in the table below.
HTTPS Routing DisabledHTTPS Routing EnabledCondition
With SNI feature in 17.5 and later releases:
ADC Administration Guide, StarOS Release 21.10142
Support for SNI DetectionRelationships to Other Features
HTTPS Routing DisabledHTTPS Routing EnabledCondition
App-proto = P2P(29) and p2pprotocol = SSL
• Analyzer Interworkingenabled for HTTPS:
App-proto = HTTPS(6) andp2p protocol = SSL
• Analyzer Interworkingdisabled for HTTPS:
App-proto = P2P(29) andp2p protocol = SSL
If SSL protocol is enabled,SNI/EDR features will work ifany routing rule is configured
App-proto =Unknown(0) and p2pprotocol = Unknown
App-proto = HTTPS(6) and p2pprotocol = Unknown
If SSL protocol is disabled,SNI/EDR features will not work.
Without SNI feature in releases prior to 17.5:
App-proto =Unknown(0) and p2pprotocol = Unknown
App-proto = HTTPS(6) and p2pprotocol = Unknown
SNI/EDR features will not workand SSL will not be exposed toASR 5500.
• SSL Renegotiation Tracking: With the SNI Detection feature, the ADC plugin must be able to storeSession ID in SSL renegotiated table, map the renegotiated flow to stored Session ID, and map thecorresponding CDP name to the flow in the same way as it is done for SSL Renegotiation feature.
For more information on these features, refer to the ADC Administration Guide.
Configuring SNI DetectionThis section describes how to configure the SNI Detection feature.
Configuring SNI in RuledefUse the following configuration to configure the TLS/SSL and QUIC Server Name Indication (SNI) and thecorresponding custom defined protocol (CDP).
The QUIC SNI Detection feature requires the latest ADC Plugin to be loaded from the adc_v2.x stream alongwith StarOS changes. The default plugin does not support this feature. Contact your Cisco account representativefor more information.
Important
configureactive-charging service service_name
ruledef ruledef_name
[ no ] tls { set-app-proto cdp_name_string | sni operator server_name_string
}[ no ] p2p app-identifier { quic-sni operator quic_sni_string | tls-cname
operator tls_cname_string | tls-sni operator tls_sni_string }
ADC Administration Guide, StarOS Release 21.10143
Support for SNI DetectionConfiguring SNI Detection
[ no ] p2p set-app-proto cdp_name_string
end
Notes:
• The tls set-app-proto command specifies the name of the custom defined protocol for TLS/SSL flowsmatching the ruledef.
• The tls sni command specifies the TLS/SSL Server Name Indication (SNI) field value in the Client Hellopacket.
• In release 20.2, the p2p app-identifier command configures "quic-sni", "tls-sni", and "tls-cname"app-identifiers supported by the P2P dynamic library.
• In release 20.2, the p2p set-app-proto command configures the custom-defined protocol (CDP) name.
• The following commands must be configured for SNI rules to work:
• Enable SSL protocol in the Active Charging Service configuration:
[local]P2P_SSl(config-acs)# p2p-detection protocol ssl
If the p2p-detection protocol all CLI command is enabled in the Active Charging Serviceconfiguration, then the ssl keyword need not be enabled again as it will be already enabled with theall keyword.
The ssl protocol is available only in Plugin releases 1.142.526 and later.
• Enable P2P in the ACS Rulebase configuration:
[local]P2P_SSl(config-rule-base)# p2p dynamic-flow-detection
• The action priority for SNI ruledef must be configured in the rulebase similar to other ruledefs.
For more information, refer to the ACS Ruledef Configuration Mode chapter of the Command Line InterfaceReference.
Configuring SNI rule variableUse the following configuration to configure the SNI rule variable for TLS/SSL and QUIC flows in EDR.
configureactive-charging service acs_service_name
edr-format format_name
rule-variable tls sni priority priority
rule-variable p2p app-identifier { quic-sni | tls-cname | tls-sni} priority priority
end
Notes:
• The tls sni command specifies the TLS/SSL SNI rule variable configured for TLS/SSL flows in EDR.
• In release 20.2, the p2p app-identifier command specifies the QUIC-SNI, TLS-SNI, and TLS-CNAMEapplication identifiers populated from the plugin.
• priority priority: Specifies the CSV position of the field (protocol rule) in the EDR. prioritymust be aninteger from 1 through 65535.
ADC Administration Guide, StarOS Release 21.10144
Support for SNI DetectionConfiguring SNI rule variable
For more information, refer to the EDR Format Configuration Mode chapter of the Command Line InterfaceReference.
Enabling HTTPS Analyzer InterworkingUse the following configuration to enable or disable ECS analysis for HTTPS analyzer interworking.
configureactive-charging service service_name
[ no ] p2p-detection ecs-analysis { https }end
Notes:
• The Active Charging flows will have the app-proto marked as "HTTPS" instead of P2P for all SSL flowsif analyzer interworking for HTTPS is enabled.
• The Active Charging flows will have the app-proto marked as "P2P" for all SSL flows if analyzerinterworking for HTTPS is disabled.
• By default, analyzer interworking for all analyzers including HTTPS is enabled when P2P detection isenabled.
For more information on the commands listed above, refer to the Command Line Interface Reference.
Verifying the SNI ConfigurationExecuting the following command displays the application/protocol configured in the "set app-proto" stringof TLS ruledef:
show active-charging analyzer statistics name cdp [ application app_name | instance instance_number |summary | verbose | wide ]
Executing the following command displays the fields for TLS/SSL SNI and CDP as configured in the TLSruledef:
show active-charging ruledef name ruledef_name
Monitoring and Troubleshooting the SNI DetectionThis section provides information on the show commands available to support this feature.
SNI Detection Show Command(s) and/or Outputs
show active-charging analyzer statistics name cdpThe following fields display the analyzer statistics for the custom defined protocol.
• CDP Summary:
• Total Uplink Bytes• Total Downlink Bytes
ADC Administration Guide, StarOS Release 21.10145
Support for SNI DetectionEnabling HTTPS Analyzer Interworking
• Total Uplink Pkts• Total Downlink Pkts
For description of the fields listed above see, Statistics and Counters Reference.
show active-charging flows type cdpThe following fields display the flow-level statistics for the custom defined protocol.
• Session ID• Flow-ID• Application Protocol• Transport Protocol• Tethered Flow• Bytes-Up• Bytes-Down• Pkts-Up• Pkts-Down
Bulk StatisticsIn support of the SNI detection feature, the "p2p-protocol" field in the P2P schema will display the applicationprotocol configured in the "set app-proto" string of TLS ruledef.
For more information on bulk statistics, see the P2P Schema Statistics chapter in the Statistics and CountersReference.
ADC Administration Guide, StarOS Release 21.10146
Support for SNI Detectionshow active-charging flows type cdp
Top Related