Msp-Ios Sensor Device Classifier Interaction - Cisco Catalyst 4500 series Administration Manual

Chapter 46 Configuring 802.1X Port-Based Authentication
previously been received within a given access session. You can enable client notifications and
accounting events for TLV changes; that is, when a previously received TLV is received with a different
value.
Device Sensor port security protects a switch from consuming memory and crashing during deliberate
or unintentional denial-of-service (DoS)-type attacks. Device Sensor limits the maximum number of
device monitoring sessions to 32 per port. While hosts are inactive, the age session limit is 12 hours.

MSP-IOS Sensor Device Classifier Interaction

To enable MSP, you must configure the profile flow command. Once done, when SIP, H323, or mDNS
Note
traffic are present, appropriate (SIP, H323, or mDNS) TLV notifications are sent to the IOS sensor.
MSP (Media Service Proxy) offers bandwidth reservation for audio or video flows and Metadata services
to 3rd-party endpoints. To offer and install Media services, MSP must identify flow attributes and device
details. MSP device identification requires automatic identification of various media end points in the
network, thereby avoiding any change to the installed end point base. To offer MSP device discovery
services, MSP leverages current IOS sensor capability for device classification. (Starting with Release
IOS XE 3.3.0SG and IOS 15.1(1)SG, IOS sensor can be used to perform device identification. MSP uses
the same functionality with the addition of SIP, H323, and Multicast DNS (mDNS) protocols.) Starting
with Release IOS XE 3.4.0SG and IOS 15.1(2)SG, MSP offers Media services to two kinds of media
endpoints: IP Surveillance Cameras and Video-Conferencing Endpoints. Surveillance cameras are
identified using mDNS protocol whereas Video-conference-Endpoints are identified using SIP and
H.323 protocols.
mDNS compatible devices (Axis, Pelco cameras etc) send mDNS messages for DNS service discovery
to a multicast IP address (224.0.0.251) on a standard mDNS port 5353. The mDNS client module listens
to this UDP port, receives the mDNS message, and sends it in TLV format to the mDNS IOS sensor shim
for further device classification. The module parses the mDNS query and Answer messages fields to
create these TLVs.
A Session Initiation Protocol (SIP) registration message is used for SIP based device-discovery and is
sent to Cisco Call manager by the SIP Client. A H.225 RAS client registration message is used for
H323-based device discovery.
If no Cisco Unified Communicator Manager or GateKeeper exists in the topology, the Endpoint will not
generate device Register messages. To handle device discovery in these scenarios, MSP expects the
endpoint to make a SIP or H323 call so that MSP snoops the SIP invite or the H323 setup message to
identify endpoint details and notify the IOS sensor.
After the IOS sensor receives these protocol details from MSP, the IOS sensor prepares Normalized
TLVs, with the new protocols. These protocol details are sent to session manager for further
classification.
Configuring Device Sensor
Device Sensor is enabled by default. Complete the following tasks when you want Device Sensor to
include or exclude a list of TLVs (termed filter lists) for a particular protocol.
OL_28731-01
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
Configuring Device Sensor
46-119