Optimizing Enterprise Networks through SD-AVC · Optimizing Enterprise Networks through SD-AVC...

Optimizing Enterprise Networks through SD-AVC(Software Define Application Visibility and Control)

Guy Keinan

BRKCRS-2502

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

cs.co/ciscolivebot#BRKCRS-2502

Guy Keinan SW Development Manager

NBAR2 & SD-AVC

4BRKCRS-2502

This is me

• Introduction

• Why?

• NBAR2

• SD-AVC

• Q&A

• Homework

• Wrap up

Agenda

Digital

Disruption

Lack of Business

and IT Insights

63 millionnew devices

online every second by 20201

Complexity

Slow and Error

Prone Operations

3X spend on network operations

vs network2

Security

Unconstrained

Attack Surface

6 months to detect breach3

Unprecedented Demands on the Network

1: Gartner Report - Gartner’s 2017 Strategic Roadmap for Networking

2. McKinsey Study of Network Operations for Cisco – 2016

3. Ponemon Research Institute Study on Malware Detection, Mar 2016

Source: 2016 Cisco Study

Traditional Networking CANNOT Keep Pace with the Demands of Digital Business

OpEx spent on Network

Visibility and

Troubleshooting

Policy Violations Due to Human Error

Network Changes Performed Manually

Main Operational Challenges

Cisco Application Recognition

SD-AVC/NBAR2 Application Recognition Fuels several core solutions:

Cisco SD-WAN

Cisco EasyQoS

Assurance

Security

The Network. Intuitive.

11BRKCRS-2502

Cisco Application Recognition

• NBAR2 is a powerful Network Based Application Recognition Engine

• A complete remake

• Variety of features: Pack hitless upgrade, attributes, sub-cls & more...

• Wide Cross pin support (same code everywhere):

• Routers: ISR4K, ASR1K, CSR1K, ISRv, ISR1100, ISRG2

• Switches: Cat3K, Cat9K

• Wireless: AireOS WLC, IOS Aps 5520/8540, NG Aps 3800/1850

• NAM

13BRKCRS-2502

Stateful classification per session (5 tuple flow)

Not only Deep Packet Inspection (DPI) …but a combination of different techniques:

- DNS snooping- Statistical classification (Machine Learning)- Behavioral classification- Learning of main services and servers- Customization

Slow-Path and Fast-Path Model

NBAR2 Classification – Main things to keep in mind

BRKCRS-2502 14

Application Recognition – Rising Challenges

BRKCRS-2502 15

The Cisco Live US 2017 Challenge

NBAR2/SD-AVC @ CLUS17

Encrypted Apps

With NBAR2 – this is what we DID see

Encrypted Apps

Encrypted Apps Encrypted AppsEncrypted Apps

Cisco Application Recognition – CLUS ‘17

• Less than 1% unknown

• Less than 1% unclassified encrypted traffic

• 10G of traffic in less than 14% CPU utilization (ASR1002-HX)

Very good classification for encrypted traffic, in pretty good performance

20BRKCRS-2502

Ready to Dive?

21BRKCRS-2502

NBAR2 Classification – A bit terminology

• Flow == A session. Identified by 5 tuple (src IP, src Port, dst IP, dst Port, vrf)

• Socket == Identified by 3 tuple (dst IP, dst Port, vrf). Usually a server

• FIF == First packet In the Flow

• Bypass == No processing, just quick forwarding

BRKCRS-2502 22

NBAR2 Classification – HL overview

Slow Path:• Classifies the flow, based on packet processing• Potentially first packet (First In Flow – FIF classification)• Programs the Fast Path with classification result

Slow Path (NBAR2)

Fast Path (Flow Table)

Fast Path:• Completely bypasses NBAR2 processing• Uses the programmed classification

BRKCRS-2502 23

NBAR2 Classification Simplified (Slow Path)

FIF Payload Advanced

CacheProvisioned L3/4SD-AVC

More than 80% of the flows

BRKCRS-2502

NBAR2 Classification Simplified

Pattern matchingMulti-packet

Cache Result

BRKCRS-2502

NBAR2 Classification Simplified

Machine LearningBehavioralCross Flow

Cache result

BRKCRS-2502

NBAR2 Classification – Detailed

Multiprotocol

Text Parser

Multi-Packet

Engine

WKP = Well Known Packet

Single-Packet

Engine

FlowTable

multi-packet (3)

listenerMultiprotocol Text Parser

Multi-PacketEngine (MPE)

FIF only (1)

CachePre-Flow

first payload Only (2)

WKPEntry

Heuristiclogic

Custom

payload

Single-PacketEngine(SPE)

statistical

Cross flow

tracker

on fail success success/fail engine helper

bypass

Socketcache

Custom

BRKCRS-2502 27

multi-packet (3)

listner MTP MPE

FIF only (1)

Socket

DNS-ASBundle

first payload Only (2)

WKPHeuristic

Custom

payload

statistical

tracker

on fail success success/fail engine helper

bypass

Store for next packets

NBAR2 Classification – Detailed Flow

ProcessingSet for current flow

r futu

re flo

Payload

packets

BRKCRS-2502 28

10.10.10.1:3306

MySQL server

10.10.10.1:3306

NBAR2 Socket Cache Classification - Example

Full classification +

Learning the socket

BRKCRS-2502 32

10.10.10.1:3306

MySQL Server

10.10.10.1:3306

Learning the socket

BRKCRS-2502 33

10.10.10.1:3306

MySQL Server

10.10.10.1:3306

Learning the socket

BRKCRS-2502 34

10.10.10.1:3306

Learning the socket Cache in

Socket-Cache

Dst IP Dst Port Application

10.10.10.1 3306 MySQL

MySQL Server

10.10.10.1:3306

BRKCRS-2502 35

10.10.10.1:3306

No Processing.

Using Cache!

MySQL Server

10.10.10.1:3306Dst IP Dst Port Application

10.10.10.1 3306 MySQL

BRKCRS-2502 36

Re-validate the

socket every time

interval

Dst IP Dst Port Application

10.10.10.1 3306 MySQL

BRKCRS-2502 37

MySQL Server

10.10.10.1:3306

Classification and Encryption

Outside the organization (usually non collaborative):

• SSL handshake analysis – certificate, Server Name Indication (SNI)• DNS traffic analysis• Machine learning/Statistical classification

Inside the organization (usually collaborative):

• Customization of SSL certificates and DNS domains• Server and client discovery based on NBAR2• SD-AVC External Sources (more on this later…)

NBAR2/SD-AVC Encrypted traffic – techniques

BRKCRS-2502 39

"(.*[.])?((youtube(-nocookie)?|ytimg|googlevideo)[.]com)|youtu[.]be" cisco(config)#ip nbar custom CCSOC composite server-name "*ccsocdev.net"

NBAR2 Encryption Classification

CustomAutomatic (Signature)

BRKCRS-2502 40

10.10.10.1

DNS Request [cisco.webex.com]

DNS Server

NBAR2 DNS Classification - Example

Regex Pattern

Matching

BRKCRS-2502 41

DNS Response [10.10.10.1]

IP Application

10.10.10.1 webexWebex

10.10.10.1IP Cache

BRKCRS-2502 42

10.10.10.1

10.10.10.1Encrypted

First Packet

BRKCRS-2502 43

IP Application

10.10.10.1 webex

NBAR2 Encrypted Traffic Classification Summary

• Most of the traffic is encrypted traffic and is SSL/TLS

• Testing shows more than 80% of SSL traffic is classified by NBAR2

• All major internet/cloud applications are supported• Hundreds of applications

• NBAR2 classifies both cloud and local encrypted traffic

• NBAR2/SD-AVC use a variety of techniques to classify encrypted traffic

BRKCRS-2502 44

Performance

NBAR2 Performance Optimization Techniques

• Optimized C code engines

• Optimized processing

• skips most of the traffic

• Wise caching techniques

• we’ve added many of these…

• NBAR2 Default (Performance-Optimized) Mode: Application Classification

• Supported on all platforms

• NBAR2 Fine-Grain Mode: Analytics (Deep DPI)

• Supported on routers-only

BRKCRS-2502 46

NBAR2 Performance Testing Results

Validated in real live networks and Tested on Enterprise Traffic Mix

(EMIX) benchmark

Fast Path

BRKCRS-2502 47

NBAR2 Performance Ongoing Improvements

Based on a generic

Enterprise Traffic Mix

(EMIX)40% Improvement in just 2 releases

BRKCRS-2502 48

• Most XE routers: Line rate in working point of 70% CPU utilization

• 9300: 2000 CPS, 10,000 b-directional flows for each 24 ports. CPU at ~50%

(HTTP profile)

NBAR2 Protocol Discovery Performance

BRKCRS-2502 49

Application Recognition: NBAR Evolution

Pre-NBAR

Standard Port based

Version 1

100s of Apps

DPI, Signatures, Custom Apps

Version 2

~1500 Apps

~150 Encrypted Apps

DPI, Signatures, Custom Apps

Heuristic, Statistical+Behaviorial

SD-AVC

Network Level

Analytics

External Sources

Application Recognition at Network Level

SD-AVC

Why SD-AVC?

• Useful and easy Application BW monitoring at a network level

• Better application recognition in asymmetric environments

• Better application recognition for encrypted applications

• Better first packet classification for path selection and marking policies

• Improved performance

• Automatic protocol pack deployment at a network level

• Serviceability and troubleshooting tools for application recognition issues

52BRKCRS-2502

Key for Cisco solutions such as SD-WAN, EasyQoS , Assurance.

Why SD-AVC?

53BRKCRS-2502

Reduce

Operational Complexity

Improve

Application Visibility & Policy Efficiency

SD-AVC

Analytics &

Telemetry

ASR1001xASR1001xCatalyst 3850

Service

automation

54BRKCRS-2502

SD-AVC – HL Concept

MS Office365

What is SD-AVC?

A network service which ensures Application recognition for visibility, Analytics and application based policy solutions.

• Analytics processing at a network level

• Synchronizing application state between network nodes

• Serves as a gateway for external sources, provisioning into Cisco Network

• Auto-learning and auto-signature algorithms

• Provides pack update capability at a network level for thousands of devices

55BRKCRS-2502

What is SD-AVC? Current form factor

• Hosted on IOS-XE devices using Linux container (LXC) as a virtual-service(Future: DNA-C)

• 3G RAM and 4 CPUs – Serve more than 6K devices

56BRKCRS-2502

How Does SD-AVC work? (Basics)

• SD-AVC defines Sensors and Consumers in the network data plane

• Sensors are network devices (with NBAR2) that produce classification information and export it to the SD-AVC network service

• Up to 2Kbps for a small branch router

• Consumers are network devices that consume classification information from the SD-AVC network service

• A network device can be a sensor, a consumer or both

57BRKCRS-2502

How Does SD-AVC work? (Basics)

• Sensors with NBAR2, classify traffic & cache results in the form of Application Rules

• Application Rule is defined as an L3/L4 to App-ID mapping

• Application Rule Example:

58BRKCRS-2502

==============================================================================================================================

0 | 64.103.117.145 | 5902 | TCP | 0 | global | 100 | 13 | 100 | vnc | 1 | no | 69 | 1

How SD-AVC works? (Basics) cont.

• The SD-AVC service compiles application rules received from the different network sensors (as well as external authoritative sources)

• The service generates an Application Rules Pack

• Consumers pull the application rules pack from the SD-AVC service and install the application rules in their data-plane

• On-device classification is enhanced with the newly installed SD-AVC application rules

• This process is periodic

59BRKCRS-2502

SD-AVC – Asymmetric Webex example

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

Path Policy: Webex => MPLS

NBAR2 Can’t classify flow in the downstream (no certificate)

NBAR2 Classify first flow upstream as Webex (based on Certificate)

WebexNBAR2 Classify first flowas Webex (based on Certificate)

The problem:Webex downstreamIs routed via Internet due to bad classification

176.70.168.183

BRKCRS-2502 60

SD-AVC – Asymmteric Webex example

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 61

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 61

Exported sockets:

=================

===========================================================================================

1 | 179.36.9.210 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

2 | 179.36.9.205 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

3 | 179.36.9.208 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

4 | 176.70.168.183 | 443 | TCP | 2 | Mgt | 1306 | 13 | 414 | webex-meeting | no |

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 61

Exported sockets:

=================

===========================================================================================

1 | 179.36.9.210 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

2 | 179.36.9.205 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

3 | 179.36.9.208 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 64

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 65

Imported sockets:

=================

==========================================================================================

1 | 179.36.9.210 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

2 | 179.36.9.205 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

3 | 179.36.9.208 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

176.70.168.183

BRKCRS-2502 66

Imported sockets:

=================

===========================================================================================

1 | 179.36.9.210 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

2 | 179.36.9.205 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

3 | 179.36.9.208 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

Asymmetric Fixed Webex example - with SD-AVC

branch

hubMPLS

Internet

internet

Corporate Servers

rtrDNS

NBAR2 Classify WebexDownstream(based on SD-AVC)

Webex DownstreamIs routed via MPLS

NBAR2 Classify first flowas Webex (based on Certificate)

176.70.168.183

Imported sockets:

=================

===========================================================================================

1 | 179.36.9.210 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

2 | 179.36.9.205 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

3 | 179.36.9.208 | 5901 | TCP | 2 | Mgt | 100 | 13 | 100 | vnc | no |

BRKCRS-2502 67

SD-AVC External Sources

SD-AVC and External sources

• The SD-AVC service connects with external authoritative sources to enrich application classification dynamically and seamlessly

Enables us to:• Connect Cisco Security databases

• Provide real-time Cloud/SaaS information

• Provision Home-grown Applications

• Example use cases are:• Automatic Enrichment of Cloud/SaaS applications (MS RSS, CASI)• Automatic Learning of Enterprise Local or Private apps (Infoblox/ACI/CUCM)

69BRKCRS-2502

SD-AVC Operation (Data Flow)

70BRKCRS-2502

Consumer Sensor & Consumer

Network Layer

SD-AVC

Network Service

Application Rules

pack Cached application

rules (JSON)

Application Rules Pack

Generation

Application Rules

Controller

MS RSS

Infoblox4

CloudLock

SD-AVC Connectors

Microsoft Office 365 – contains geolocation and world wide FQDN and URL information

CASI – contains 10,000 applications with domain and certificate information (PoC)

- Provides DNS information for home grown applications (PoC)

BRKCRS-2502 71

SD-AVC and Microsoft Office365

Using Microsoft RSS – How does it work?

Office 365 URLs and IP address ranges

• Requires connectivity to the internet (from the SD-AVC service)

• XML format

• Huge list of IP addresses and ranges

• Much more robust list of domains

BRKCRS-2502 73

BRKCRS-2502 74

BRKCRS-2502 75

New Domain Information from Microsoft

Example: jpn.delve.office.com

Cisco Protocol Pack Application Data

Imported Data from Microsoft

BRKCRS-2502 76

New Domain Information from Microsoft

Cisco Protocol Pack Application Data

Imported Data from Microsoft

jpn.delve.office.com

(Second step)

1. Find the correct application for the new domains

2. Using machine learning based on the previous learning set of Office 365 and existing host mappings supplied by Cisco NBAR2 Protocol Pack

Algorithm:

Given a the previous learning set and a new domain that we want to map it to an application:

jpn.delve.office.com ???ms-office365

77BRKCRS-2502

SD-AVC

(Third Step)

Compile a new pack with the new signature and make it available for the devices

The secondary pack is installed along side with Cisco NBAR2 protocol-pack

New domains are now supported automatically

78BRKCRS-2502

What we’ll show in the Demo

We will demonstrate how complete asymmetric devices can teach each other with classification information, using SD-AVC.

We will show how external sources can enhance application recognition

We will show these new automatic signatures help the application recognition in an asymmetric scenario with SD-AVC

80BRKCRS-2502

SD-AVC

CSR1KvCSR-Demo-

upstream

CSR1Kvcsr-demo-

downstream

Traffic

Generator

Stream

UpstreamUpstream

Application

Analytics

(JSON)

Analytics

(JSON)

Application

Microsoft

Office365

BRKCRS-2502 81

Demo Script

Note: We expedited some of the timers, this may lead to skew in status indications

1. Downstream Setup Not connected to SD-AVC

2. Connect Downstream to the SD-AVC Network Service• First level of Asymmetry fix

3. Enrich the devices with a Secondary Pack based on MS Office365 Cloud Info

4. Downstream Setup classifies based on the MS Info using SD-AVC• Second level of Asymmetry fix

82BRKCRS-2502

SD-AVC and Cloudlock CASI

• Database synchronization between Cloudlock SaaS Security Index and SD-AVC/NBAR

• Better SaaS application recognition leveraging on Cloudlock Security Cloud infrastructure

• Better response time to the application and domain changes

• Cloudlock Shadow IT visibility leveraging SD-AVC on Cisco enterprise network

SD-AVC and Cloudlock CASI – Why?

BRKCRS-2502 84

Learning

Analysis & Feedback

Application database & Shadow-IT

Network Device

Cloudlock

SD-AVC

SD-AVC and Cloudlock – Self-Learning Network

BRKCRS-2502 85

Cloudlock

SD-AVC

How it works?

Enterprise Network

BRKCRS-2502 86

Learning process of unfamiliar domains

Cloudlock

SD-AVC

How it works?

2 Enterprise Network

BRKCRS-2502 87

Cloudlock

SD-AVC

How it works?

2 Enterprise Network

BRKCRS-2502 88

Cloudlock

SD-AVC

How it works #2?

Update CASI with offline application information from NBAR/CASI R&D

Enterprise Network

BRKCRS-2502 89

SD-AVC Delivery Plan

SD-AVC Delivery plan

• Phase 1 (FCS- Oct 2017)

• IWAN 2.2.1: SD-AVC hosted on XE Container

• Improved application recognition in Hub Asymmetric Routing environment

• Improved first packet classification decision

• Application recognition function serviceability

• Protocol Pack automatic update

• Phase 2 (FCS Jan 2018)

• Cloud/SaaS automatic signatures push (MS RSS)

• High scale of SD-AVC sensors (6K) – support asymmetrical routing in branch routers

• Support IWAN 2.3 DCA (Direct Cloud Access) – FCS March 2018

• Furture

• Unknown and Generic Traffic Discovery

• High scale custom application support (1000+)

• Viptela vManage integration

• DNA-C App-Policy/EasyQoS use cases

• Wireless & Switching

91BRKCRS-2502

Homework

What you can do?

- Use Application Visibility on WebUI(Device level visibility)

- XE routers – supported 3.16 and up- Cat3K/9K – supported 16.6.1 and up

- Download and install SD-AVC on a router (network level visibilty)

- Enlist to NBAR2/SD-AVC announcements send an email with SUBSCRIBE to

cisco-nbar2-pp-announcement@cisco.com

94BRKCRS-2502

Wrap up

- NBAR2 has evolved and matured to tackle today’s networks challenges

- SD-AVC introduces new innovation and advances to network level using analytics and external sources

- The evolution Cisco application recognition technology unleashes great capabilities both in the device side and controller side, to provide application based solutions like SD-WAN, EasyQoS, Assurance and Security

95BRKCRS-2502

Wrap up

96BRKCRS-2502

SD-AVC makes the network more intuitive.

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

cs.co/ciscolivebot#BRKCRS-2502

• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

Continue Your Education

• Come and meet us on DevNet zone SD-AVC Demo Pod

• Whisper Suite

• Meet the Engineer 1:1 meetings

99BRKCRS-2502

Thank you

Optimizing Enterprise Networks through SD-AVC · Optimizing Enterprise Networks through SD-AVC...

Documents

Application Visibility and Control (AVC) (IOS Advantage Webinar: Deploying AVC Policies)

Guide to Additional Voluntary Contributions · Guide to Comment AVC Additional Voluntary Contribution AVC account Money that you have built up under the AVC arrangements AVC funds

H.264/AVC HD/SD Encoder HVE9210/HVE9230 - NTT … · · 2017-09-01※ Please refer to the option table on the reverse side of this brochure. HVE9210/HVE9230 H.264/AVC HD/SD Encoder

未命名 -1 - Golden Media...MPEG2 SD, MPEG2 HD, H.264/AVC SD, H.264/AVC HD,MP4 Embedded Conax SCPC and MCPC receivable from C/Ku band satellite Automatic PAL/NTSC conversion 5000

+3 SD Optimizing + 2 SD Effectiveness - SLMTA€œTheoretically, laboratory QC is easy. Simply calculate the mean and SD for a set of data and use one or more QC rules to warn when

Livret d Autoreeducation AVC France AVC

AVC GRAVES Thérapeutiques Spécifiques - …resuval.free.fr/EG AVC/2014/03_PlaceNeurochirurgieAVCAigus_Bresson... · Etats généraux de l'AVC, Lyon, Octobre 2014 Craniectomie: AVC

Denon AVC A11SR

AVC 16.04.2014 Joan.xlsx

AVC Networks Company Business Policy - Panasonic · PDF file4 AVC Networks Company Business

Instruction Manual For Automatic Valve Controller AVC-485 · March 21, 2003 AVC-485 AVC-485 Automatic Valve Controller Page4 of 27 1.1 Description The AVC -485 (P/N 285862), control

Avc report25

ION AVC InstallGde - Harmonic Inc · PDF fileDiviCom™ Ion AVC SD Standard Definition H.264 Video Encoder Installation Guide Rev K © 2011 Harmonic Inc. Manual Part No. MAN-IONHW-3.0

ULSAB-AVC Executive Summary Brochure - Autosteel/media/Files/Autosteel/Programs/ULSAB-AVC/avc... · MYK The ULSAB-AVC (Advanced Vehicle Concepts) Program is a study undertaken by

vellumcraftusa@yahoo...vellumcraftusa@yahoo.com AVC-1000-01 Buck AVC-1000-02 Butterflies AVC-1000-03 Basket weave BG AVC-1000-04 Wild Flowers AVC-1000-05 Criss Cross Flowers AVC-1000-06

Avc fishing

AVC/H.264 AVC/H.264 HDTV/SDTV …...AVC/H.264 HDTV/SDTV Encoder/Decoder HVE9100 / HVD9100 AVC/H.264 HDTV/SDTV Encoder/Decoder HVE9100 / HVD9100 AVC/H.264 Chroma 4:2:2 Compliant The

Bedroom 3.0 avc

AVC HOME INSPIRATION

· 2020. 10. 28. · sd sd press thx sljte a premium chjb suite b g sd sd sd sd sd sd sd sd 9 sd sd sd sd 5 sd sd sd sdsd 5 (sd sd g g g q sd sd sd 5 sd sd sd sd sd sd sd sd sd sd