Predefined Application Policies

Predefined Optimization Policy

The Cisco WAAS software includes over 200 predefined optimization policy rules that help your WAAS system classify and optimize some of the most common traffic on your network. The "Predefined Traffic Policy Rules" table lists the predefined applications and class maps that Cisco WAAS will either optimize or pass through based on the policy rules that are provided with the system.

Before you create an optimization policy, we recommend that you review the predefined policy rules and modify them as appropriate. Often, you can more easily modify an existing policy rule than create a new one.

When reviewing the "Predefined Traffic Policy Rules" table, note the following information:

  • The subheadings represent the application names, and the associated class maps are listed under these subheadings. For example, Authentication is a type of application and Kerberos is a class map for that application.

  • Applications and class maps with the word (monitored ) next to them are monitored by the Cisco WAAS Central Manager, which can monitor statistics for up to 25 applications and 25 class maps at a time. To view statistics for one of the unmonitored applications, use one of the following methods:

    • Use the Cisco WAAS CLI, which can display statistics for all applications and class maps on a WAAS device. For more information, see the Cisco Wide Area Application Services Command Reference.

    • Modify the application or class map settings so the Cisco WAAS Central Manager GUI displays statistics for the desired application or class map. For more information, see the chapter Configuring Application Acceleration.

  • Cisco WAAS Express devices have similar default policy rules but provide application acceleration only for HTTP, SSL, and SMB traffic. Where a different application accelerator is listed in Table A-1 , it is not part of the WAAS Action for a Cisco WAAS Express device.

The Cisco WAAS software uses the following optimization technologies based on the type of traffic that it encounters:

  • TFO (transport flow optimization): A collection of optimization technologies such as automatic windows scaling, increased buffering, and selective acknowledgment that optimize all TCP traffic over your network.

  • DRE (data redundancy elimination): compression technology that reduces the size of transmitted data by removing redundant information before sending the shortened data stream over the WAN. DRE operates on significantly larger streams and maintains a much larger compression history than LZ compression. DRE can use bidirectional, unidirectional, or adaptive caching. Unless noted in Table A-1 , DRE caching is bidirectional.

  • LZ (compression): Another compression technology that operates on smaller data streams and keeps limited compression history compared to DRE.

  • Application accelerator: A collection of individual application accelerators for the following traffic types: EPM, HTTP, ICA, MAPI, NFS, SSL, and streaming video. (Some application accelerators are not available on Cisco WAAS Express devices.)

Table 1. Predefined Traffic Policy Rules

Application/Class Map

Cisco WAAS Action

Destination Ports

class-default (monitored )

LZ+TFO+DRE-adaptive

All ports not included in other class maps

Authentication

apple-sasl

Passthrough

3659

auth

Passthrough

113

Kerberos

Passthrough

88, 888, 2053

kerberos-adm (monitored )

Passthrough

749

klogin

Passthrough

543

kpasswd

Passthrough

464

kshell

Passthrough

544

TACACS

Passthrough

49

tell

Passthrough

754

Backup(monitored)

Amanda

TFO

10080

backup-express

TFO

6123

CommVault

TFO

8400–8403

connected

TFO

16384

IBM-TSM

LZ+TFO+DRE-unidirectional

1500-1502

Legato-NetWorker

TFO

7937, 7938, 7939

Legato-RepliStor

TFO

7144, 7145

Veritas-BackupExec (monitored )

TFO

1125, 3527, 6101, 6102, 6106

Veritas-NetBackup

TFO

13720, 13721, 13782, 13785

CAD

PDMWorks

LZ+TFO+DRE

30000, 40000

Call-Management

Cisco-CallManager

Passthrough

2443, 2748

cisco-q931-backhaul

Passthrough

2428

cisco-sccp

Passthrough

2000–2002

h323hostcall

Passthrough

1720

h323hostcallsc

Passthrough

1300

mgcp-callagent

Passthrough

2727

mgcp-gateway

Passthrough

2427

sip

Passthrough

5060

sip-tls

Passthrough

5061

VoIP-Control

Passthrough

1718, 1719, 11000–11999

Citrix

Citrix (monitored )

TFO+ ICA accelerator

1494, 2598, or a dynamic port associated with the citrix protocol match

Conferencing

cuseeme

Passthrough

7640, 7642, 7648, 7649

ezMeeting

Passthrough

10101–10103, 26260, 26261

MS-NetMeeting (monitored )

Passthrough

522, 1503, 1731

proshare

Passthrough

5713–5717

PSOM-MTLS

Passthrough

8057

VocalTec

Passthrough

1490, 6670, 25793, 22555

Console

cmd

Passthrough

514

exec

Passthrough

512

login

Passthrough

513

sshell

Passthrough

614

Telnet

Passthrough

23, 107

Telnets

Passthrough

992

Content-Management (monitored)

dmdocbroker

LZ+TFO+DRE

1489

Filenet

LZ+TFO+DRE

32768–32774

Directory-Services (monitored)

LDAP

LZ+TFO+DRE-unidirectional

389, 8404

ldaps

Passthrough

636

msft-gc

LZ+TFO+DRE-unidirectional

3268

msft-gc-ssl

Passthrough

3269

Email-and-Messaging (monitored)

ccmail

LZ+TFO+DRE

3264

groupwise

LZ+TFO+DRE

1677, 2800, 3800, 7100, 7101, 7180, 7181, 7205, 9850

imap

LZ+TFO+DRE

143

imap3

LZ+TFO+DRE

220

imaps

TFO

993

iso-tsap

LZ+TFO+DRE

102

lotusnote

LZ+TFO+DRE

1352

MAPI1 (monitored )

LZ+TFO+DRE+ MAPI accelerator

UUID:a4f1db00-ca47-1067-b31f-00dd010662da

MDaemon

LZ+TFO+DRE

3000, 3001

MS-Exchange-Directory-NSPI1

Passthrough

UUID:f5cc5a18-4264-101a-8c59-08002b2f8426

MS-Exchange-Directory-RFR1

Passthrough

UUID:1544f5e0-613c-11d1-93df-00c04fd7bd09

NNTP (monitored )

LZ+TFO+DRE

119

nntps (monitored )

TFO

563

openmail

LZ+TFO+DRE

5755, 5757, 5766, 5767, 5768, 5729

pcmail-srv

LZ+TFO+DRE

158

pop3

LZ+TFO+DRE

110

pop3s

LZ+TFO+DRE

995

QMTP

TFO

209

smtp (monitored )

LZ+TFO+DRE

25

smtps

TFO

465

Enterprise-Applications (monitored)

MS-GROOVE

TFO

2492

SAP (monitored )

LZ+TFO+DRE

3200–3204, 3206–3219, 3221–3224, 3226–3259, 3261–3263, 3265–3267, 3270–3282, 3284–3305, 3307–3351, 3353–3388, 3390–3399, 3600–3658, 3662–3699

Siebel

LZ+TFO+DRE

2320, 2321, 8448

File-System (monitored)

afpovertcp

LZ+TFO+DRE

548

afs3

LZ+TFO+DRE

7000–7009

ncp

LZ+TFO+DRE

524

NFS

LZ+TFO+DRE+ NFS accelerator

2049

sunrpc

Passthrough

111

File-Transfer (monitored)

BFTP

LZ+TFO+DRE

152

ftp (monitored )

Passthrough

21

ftp-data2

LZ+TFO+DRE

20 (source port)

ftps

TFO

990

ftps-data2

Passthrough

989 (source port)

sftp

LZ+TFO+DRE

115

TFTP

LZ+TFO+DRE

69

TFTPS

TFO

3713

Instant Messaging

AOL

Passthrough

5190–5193

Apple-iChat

Passthrough

5297, 5298

ircs

Passthrough

994

ircu

Passthrough

531, 6660–6665, 6667–6669

msnp

Passthrough

1863, 6891–6900

sametime

Passthrough

1533

talk

Passthrough

517

xmpp-client

Passthrough

5222

xmpp-server

Passthrough

5269

Yahoo-Messenger

Passthrough

5000, 5001, 5050, 5100

Name Services

DNS

Passthrough

53

isns

Passthrough

3205

nameserver

Passthrough

42

netbios

Passthrough

137

svrloc

Passthrough

427

WINS (monitored )

Passthrough

1512

Other

Basic-TCP-services

Passthrough

1–19

BGP

Passthrough

179

corba-iiop-ssl

Passthrough

684

epmap (monitored )

TFO, EPM accelerator

135

msmq

LZ+TFO+DRE

1801, 2101, 2103, 2105

NTP

Passthrough

123

Other-Secure

Passthrough

261, 448, 695, 994, 2252, 2478, 2479, 2482, 2484, 2679, 2762, 2998, 3077, 3078, 3183, 3191, 3220, 3410, 3424, 3471, 3496, 3509, 3529, 3539, 3660, 3661, 3747, 3864, 3885, 3896, 3897, 3995, 4031, 5007, 7674, 9802, 12109

ssc-agent

LZ+TFO+DRE

2847, 2848, 2967, 2968, 38037, 38292

Unclassified

LZ+TFO+DRE

P2P (monitored)

BitTorrent

Passthrough

6881–6889, 6969

eDonkey

Passthrough

4661, 4662

Gnutella

Passthrough

5634, 6346–6349, 6355

Grouper

Passthrough

8038

HotLine

Passthrough

5500–5503

Kazaa

Passthrough

1214

Laplink-ShareDirect

Passthrough

2705

Napster

Passthrough

6666, 6677, 6688, 6700, 7777, 8875

Qnext

Passthrough

44, 5555

SoulSeek

Passthrough

2234, 5534

WASTE

Passthrough

1337

WinMX

Passthrough

6699

Printing (monitored)

hp-pdl-datastr

LZ+TFO+DRE

9100

IPP

LZ+TFO+DRE

631

printer

LZ+TFO+DRE

515

print-srv

LZ+TFO+DRE

170

xprint-server

LZ+TFO+DRE

8100

Remote-Desktop (monitored)

Altiris-CarbonCopy

Passthrough

1680

citrixadmin

LZ+TFO+DRE-unidirectional

2513

citrixima

LZ+TFO+DRE-unidirectional

2512

citriximaclient (monitored )

LZ+TFO+DRE

2598

ControlIT

TFO

799

Danware-NetOp

TFO

6502

ica (monitored )

LZ+TFO+DRE

1494

laplink

LZ+TFO+DRE-unidirectional

1547

Laplink-surfup-HTTPS

TFO

1184

ms-wbt-server (monitored )

TFO

3389

net-assistant

Passthrough

3283

netrjs-3

TFO

73

pcanywheredata

TFO

5631, 5632, 65301

radmin-port

TFO

4899

Remote-Anything (monitored )

TFO

3999, 4000

timbuktu

TFO

407

timbuktu-srv

TFO

1417–1420

Vmware-VMConsole

TFO

902

VNC (monitored )

TFO

5800–5809, 5900–5909

x11

TFO

6000–6063

Replication (monitored)

Double-Take

LZ+TFO+DRE-unidirectional

1100, 1105

EMC-Celerra-Replicator

LZ+TFO+DRE-adaptive

8888

MS-AD-Replication1

LZ+TFO+DRE

UUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2

ms-content-repl-srv

TFO

507, 560

MS-FRS1

LZ+TFO+DRE

UUID:f5cc59b4-4264-101a-8c59-08002b2f8426

netapp-snapmirror

LZ+TFO+DRE-adaptive

10565-10569

pcsync-http

LZ+TFO+DRE

8444

pcsync-https

TFO

8443

rrac

TFO

5678

Rsync (monitored )

LZ+TFO+DRE-unidirectional

873

SQL (monitored)

gds_db

LZ+TFO+DRE

3050

IBM-DB2

LZ+TFO+DRE

523

intersys-cache

LZ+TFO+DRE

1972

ms-olap4

TFO

2383

ms-sql-m

LZ+TFO+DRE

1434

MS-SQL-RPC1

LZ+TFO+DRE

UUID:3f99b900-4d87-101b-99b7-aa0004007f07

ms-sql-s (monitored )

LZ+TFO+DRE

1433

MySQL

LZ+TFO+DRE

3306

Oracle

LZ+TFO+DRE

66

orasrv

LZ+TFO+DRE

1521, 1525

Pervasive-SQL

LZ+TFO+DRE

1583

PostgreSQL

LZ+TFO+DRE

5432

sqlexec

LZ+TFO+DRE

9088, 9089

sql-net

LZ+TFO+DRE

150

sqlserv

LZ+TFO+DRE

118

sqlsrv

LZ+TFO+DRE

156

ssql

LZ+TFO+DRE

3352

sybase-sqlany

LZ+TFO+DRE

1498, 2439, 2638, 3968

UniSQL

LZ+TFO+DRE

1978, 1979

SSH

SSH (monitored )

TFO

22

SSL (monitored)

HTTPS (monitored )

TFO

443

Storage (monitored)

EMC-SRDFA-IP

LZ+TFO+DRE

1748

FCIP

LZ+TFO

3225

iFCP

LZ+TFO+DRE

3420

iscsi

LZ+TFO+DRE

3260

Streaming (monitored)

Liquid-Audio

LZ+TFO+DRE-unidirectional

18888

ms-streaming (monitored )

LZ+TFO+DRE-unidirectional

1755

RTSP (monitored )

LZ+TFO+DRE-unidirectional

554, 8554

Systems-Management (monitored)

BMC-Patrol

Passthrough

6161, 6162, 6767, 6768, 8160, 8161, 10128

eTrust-policy-Compliance

TFO

1267

flowmonitor

LZ+TFO

7878

HP-OpenView

Passthrough

7426–7431, 7501, 7510

LANDesk

LZ+TFO+DRE

9535, 9593–9595

NetIQ

Passthrough

2220, 2735, 10113–10116

Netopia-netOctopus

Passthrough

1917, 1921

netviewdm

Passthrough

729–731

novadigm

LZ+TFO+DRE

3460, 3461, 3464

novell-zen

LZ+TFO+DRE

1761–1763, 2037, 2544, 8039

objcall

LZ+TFO+DRE

94, 627, 1965, 1580, 1581

WBEM

Passthrough

5987–5990

Version-Management (monitored)

Clearcase

LZ+TFO+DRE

371

cvspserver

LZ+TFO+DRE

2401

VPN

L2TP

TFO

1701

OpenVPN

TFO

1194

PPTP

TFO

1723

Web (monitored)

HTTP (monitored )

LZ+TFO+DRE+ HTTP accelerator

80, 3128, 8000, 8080, 8088

soap-http

LZ+TFO+DRE-adaptive

7627

1 These classifiers use the EPM service in WAAS to accelerate traffic. EPM-based applications do not have predefined ports so the application’s UUID must be used to identify the traffic.
2 These classifiers identify the source port instead of the destination port.