NBAR/NBAR2 vs CBAR

It is important to understand the difference between NBAR and CBAR as the name suggest NBAR stands for Network based application recognition while CBAR is controller based application recognition. Lets talk about these two one by one and will discuss what is important in your network.

Fig 1.1- NBAR vs CBAR

NBAR (Network Based Application Recognition) is an intelligent classification mechanism that uses deep packet inspection to categorize Layer 7 applications by bandwidth usage. Now that the routers can support NBAR, layer 3 through layer 7 traffic can be recognized.

NBAR is capable of identifying packets based on its deep packet inspection capabilities as well as static TCP/UDP ports, non-UDP/TCP IP protocols, dynamically assigned TCP/UDP ports, and sub-port classification.

In addition to web-based and client/server applications, NBAR can differentiate them according to bandwidth requirements, and the network device can then program its internal ASICs to take appropriate actions such as giving higher priority, deleting packets, and routing packets accordingly.

So In simple, you can say that you are assigning the bandwidth to the applications on the bases of priority and use. Higher priority or mission critical applications have high bandwidth allocation and lower will get low but at any time you can change and do vice versa according to your needs and requirement.

Once these mission critical applications are categorized they can be assured a minimum amount of bandwidth, policy routed, and noticeable for special treatment. Non-critical applications including Internet gaming applications and MP3 file sharing applications can also be categorized using NBAR and noticeable for best effort service, policed, or blocked as required.

Check out all about NBAR below

All about NBAR/NBAR2 

CBAR (Controller based application recognition) 

A CBAR implementation is a controller-based approach for recognizing applications in which the controller interacts with any NBAR function in the network. In some cases, it is also known as SD-AVC.A protocol pack will be used in CBAR, which is managed by the controller, and can be dynamically improved by connecting to external sources via which the signatures for the applications will be improved dynamically.

By connecting to external sources such as your datacenter/VPC/DNS server/etc, CBAR helps the user find and install applications that are not included in the pack (e.g., home grown apps).

What are the benefits of using CBAR over NBAR/NBAR2?

NBAR/NBAR2 cannot classify homegrown and custom applications until unless you are going to configure the custom NBAR signatures on the every device who so every is managed and provide feeds to the Orchestrator like DNA Center but CBAR can do for unknown applications, integrate with the third party adapters to get the information through the A records and get the signatures from the home grown applications.

NBAR/NBAR2 will not able to update O365 URLs IP as it change frequently but CBAR can frequently classify these dynamic list from Microsoft.

NBAR/NBAR2 will not able to classify in the case we have asymmetric routing which actually receives packets on the different interface while CBAR can classify.

Conclusion
Well while using DNA Center in your environment, Please check with the CBAR work flow in order to get the more visibility on the applications which are custom based or home grown. 

DNA Center requires, three service packs and these are Application visibility Service, Application Registry and Application Policy in order to activate CBAR in your environment

Note: For CBAR on the device, Check the device role and the IOS-XE version.