Parenting in a hyper-connected world is increasingly challenged by lack of visibility into children’s internet usage, and by limited controls to customize internet usage policies per child. About a year ago, I installed a home router with parental-controls. My kids (teenage girls!) quickly complained about the additional latency it introduced on the network. User experience was clearly in the tank. I soon discovered that those controls were not granular enough to customize for different times of the day, for different users, and down to individual devices.
By then, I realized that I had to fundamentally rethink my home network in order to become a more effective parent. I needed better insight into my network’s traffic. Finally, last fall, the geek in me awakened and I deployed a full-fledged Cisco network in my home with advanced Application Visibility & Control (AVC) capabilities, providing me deep insight into my home’s internet traffic.
Parental controls became a breeze. Even better, all this didn’t cause any noticeable network latency. At least no complaints anymore from my daughters! Then AVC allowed me to see into all sorts of applications per family member, per device.
One day, I started noticing almost daily Netflix usage at early morning hours. Apparently, one of my daughters developed a habit of watching movies at odd hours. I quickly fixed this by creating a control policy limiting video streaming to certain hours of the day.
Surprisingly, that daughter of mine was very cooperative in negotiating the appropriate times for Netflix. This experience gave me a new perspective about negotiating with children in a digital world.
Additionally, AVC also provided me with a few powerful insights about my home’s internet traffic:
- I now know exactly which internet speed package to sign up for, so I don’t overspend on WAN bandwidth. AVC shows me that my bandwidth usage typically doesn’t exceed more than 10 Mb/s.
- Not surprisingly video streaming makes up more than 50% of my family’s total bandwidth consumption. Netflix is 70% of that number, obviously, not a surprise.
- What’s more amazing is that embedded videos on social networking sites make up around 20% of all bandwidth consumed, even though social networking on its own doesn’t consume more than 5% of the total. Wow!
- Once awhile, there are spikes up to 40 to 50 Mb/s primarily caused by file back-ups to my cloud storage provider.
Armed with these insights, AVC allows me to enable an application based QoS policy to lower the priority of back-up traffic. This ensures that file back-ups will not interfere with my daughter’s “mission critical” video and audio streaming applications. (Happy daughters, happy father!)
Imagine having AVC in your organization
I finally regained control over my home’s internet traffic. More importantly, parenting is now somewhat easier. Perhaps all this is an overkill for the home, but what about for your organization? Imagine having the same visibility and controls in the enterprise. You would be able to right size the network in terms of WAN link speeds procured from your internet provider. What about the ability to block and prioritize application traffic flows as such that the network delivers the most optimal user experience? The possibilities are endless.
AVC is a component of the Cisco IWAN solution. If you’re interested in designing a network with AVC, checkout Cisco Validate Designs for IWAN and the Cisco AVC page.
Join the Conversation
Please feel free to comment, share and connect with us on Facebook, LinkedIn, @CiscoEnterprise, and the Enterprise Networks Community.
great write-up, Hugo. Very good read and how we need to market our products – not selling technology, but compelling outcomes based value we provide with our technology.
Great post, Hugo! There is value in visibility, no doubt.
How much does your solution cost, given this is a home rather than an enterprise deployment?
George, for home usage I recommend deploying the Meraki MX64 Security Appliance which is completely managed from the cloud. Management of security, networking & application control is really made easy with the MX64. No separate servers or management stations required. The MX64 is listed at $ 595 and requires a $ 300 yearly subscription for the cloud service. Of course the Meraki MX64 is a great choice for those organizations who want to completely manage their network centrally from the cloud.
For organizations who require more granular application & security controls, are dealing with more advanced deployment scenarios and need to manage the network completely under their control, the Cisco ISR is the ideal choice. Setting up a network with the ISR will require running Cisco Prime Assurance as the central management station for Application Visibility and Cisco CWS (Cloud Web Security) to implement content security policies.
I did the same thing, except I used a server running the free home version of esxi, deployed Sophos YT? (Free home version) and a Windows DC (Server 2012, free via Dreamspark).
Cost about $500 (desktop hardware to run vmware), same results.
Hugo, could you pls. give some more details about your solution – what exactly (hw & sw) did you deploy at your home?
Robert, I deployed the Cisco Meraki MX64 at my house and put it right behind the router of the internet provider. The benefit of the Cisco Meraki MX64 is that all management tools and controls are available as a nicely packaged cloud service. The Meraki MX64 is able to classify most application flows. I would say that it is only somewhat limited in terms of the number of time schedules you can define per user on the network, but it worked out fine for me. If you want more granular visibility and controls, I would recommend the Cisco 891 Integrated Services Router. However, this will require you to set up a separate management server with Cisco Prime Assurance, which makes a lot of sense for a professional organization, not sure whether it is worth the effort for a typical household. When deploying the MX64 , don’t forget to disable NAT on the router of your internet provider.