WAN Experience Use Case

The WAN use case is applicable to all companies that are deploying SD-WAN or
hybrid WAN technology.

Challenge
The Cisco SD-WAN solutions may provide a lot of useful functionalities like added
security, high scalability, and centralized management but are often lacking in providing
detailed analytics and troubleshooting tools. SD-WAN solutions are typically focused
on detecting link issues like high latency or packet loss and consequently routing traffic
via the secondary path. However, sometimes a company might want to address those
issues as well, which could be done only if the company would have some more
insights into the underlying network. SD-WAN solutions typically do not provide such
insights. A company might also want to measure the connectivity from a user that is
consuming a SaaS application by remotely connecting to the SD-WAN deployment.
This is one of the aspects that SD-WAN providers also do not focus on—they are more
concerned with the connectivity between the IPsec tunnel endpoints.

Solution
Cisco ThousandEyes compliments the existing SD-WAN deployments by providing
insight into the underlying network and into the usage of SD-WAN from a remote user's
perspective. All this is achieved by running real-time comprehensive Layer 3 and Layer
4 network tests from various environments such as branch offices and remote user's
home offices and correlating the gathered data.

How Cisco ThousandEyes Does It

Cisco ThousandEyes has eyes on many areas of the network. To get ready for deploying
tests, you must first become familiar with three vantage points and three corresponding
agent types that are available on the platform.

Cisco ThousandEyes has three vantage point types. External Vantage Points are about
looking from the perspective of various geographically dispersed points of the internet,
Internal Vantage Points are about understanding the experience that is available from
the enterprise and all its premises, and the End-User Experience Vantage Points are all
about understanding the experience that your employees or customers are having in
whenever environment they might find themselves into. All agents are monitoring the
digital experience; however, different vantage points also mean different agent types.
External Vantage Points
If you were to deliver a cloud service, you would probably want to be reassured that
your service is available to everyone. Even if the service seems to operate seamlessly,
users from some parts of the world might still have issues reaching it since there might
be an issue on the path through the internet. The solution is to use some of the agents
called Cloud Agents that are deployed by the Cisco ThousandEyes around the globe and
are hosted by various cloud providers, ISPs, and Internet Exchange Points (IEPs). Cloud
Agents are deployed in almost 200 cities, and the arbitrary combination of them can be
used in your test. It might be a good idea to pick Cloud Agents from the countries that
you expect your users to consume the service. The current selection of Cloud Agents
can be seen at https://www.thousandeyes.com/product/cloud-agents.

Internal Vantage Points

Some private services and network segments are just not reachable from the outside.
Companies are able to deploy Enterprise Agents, which are designed to give you an
insight into the operation of private networks, data centers, private services, and your
WAN connections.

Internal vantage points can also be used to assess the digital experience of a cloud-based
SaaS from branch offices. For example, it can be used for monitoring a business-critical
data-storage cloud service that the enterprise heavily relies on.

Enterprises can deploy those Enterprise Agents anywhere they see fit. Enterprise Agents
are pieces of software that come in different flavors such as Virtual Appliances, Linux
Packages, Docker Containers, and so on. Besides being virtualized in VMware,
VirtualBox or in the Hyper-V, Enterprise Agents can be deployed on consumer-grade
hardware such as Raspberry PIs and Intel NUCs or on enterprise-grade hardware such
as Catalyst 9000 Series Switch that is running Cisco IOS XE.

End-User Experience Vantage Points

Enterprise Agents are great, but employees are not always working from branch offices.
How can you assess their digital experience of business-critical services when they are
working from home or from a hotel that they are staying at during their business trip?
What's more, even the employees that are working in the same office might be getting a
different digital experience—for example, Wi-Fi coverage might be good only in one
part of the office.

The only way to address those challenges is to get insights into every User's Experience
Vantage Point. This task can be accomplished by deploying Endpoint Agents. Endpoint
Agents are pieces of software that get installed on the user's endpoint device such as a
laptop or a desktop computer that are running a Windows or macOS operating systems.
The software consists of two components—a browser-based plug-in that is available for
Chromium-based browsers and a program that gets installed into the operating system
itself. The Endpoint Agent is monitoring the digital experience of all services that are
configured on the Cisco ThousandEyes web portal by performing various tests, which
are performed in two ways. The first way is passively observing the user's usage of the
device such as opening a web page and the second way is actively performing
background tests on a pre-set interval. All results are being uploaded to Cisco
ThousandEyes cloud in real time and also include the environmental data such as
connection type, Wi-Fi signal strength, path trace to the service, and so on.

Conclusion
Cisco ThousandEyes provides you with three types of agents that will allow you to run
custom digital experience tests. The agents are reporting their results in real time to the
Cisco ThousandEyes cloud, where all received data gets correlated and processed by
Big Data Analytics. After the processing is done, the results can be observed on the web
platform or pulled from the cloud via REST API.

Cisco ThousandEyes Visibility

With Cisco ThousandEyes, you are provided with great visibility beyond the borders of
your internal network.

Tests that Cisco ThousandEyes agents perform are not only designed to give you an
insight into the digital experience as a whole but also to give you an insight into every
hop on the path that the packets take to reach the requested server, even the ones on the
internet. Some of the tools that allow this to happen are BGP Monitoring, where the
BGP path changes are constantly monitored and Path Visualization, where all hops
along the path are analyzed with a help of advanced traceroute utilities, network
performance metrics, and publicly available information about ISPs and IEPs. Cisco
ThousandEyes detects when a hop misbehaves and gives you some context along with
some probable causes. For example, Cisco ThousandEyes could pinpoint a network hop
that is having issues by not forwarding traffic along the path and label it as a router of a
particular ISP. It might also discover the reason behind it—there might be a BGP route
update in which a path from this faulty ISP to the destination server is no longer
available, so the ISP no longer knows where to forward packets. In this case, you could
easily share a report of the incident with this ISP and wait for its resolution, following
an evidence-and-escalate model.

Collective Data
The additional strength of Cisco ThousandEyes lies in using multiple test agents in a
single digital experience test, which greatly improves the overall insight into the public
network since different agents usually mean different vantage points and different
physical locations. The cause for inaccessible service can be tracked down much faster
that way. For example, three agents having a good digital experience and one agent
being unable to access the service might indicate that the service is operational and that
the issue probably lies somewhere in the path between the agent with issues and the
server or in one of the support systems that the agent with issue uses, like a local DNS
provider. The data that gets aggregated from all those agents and that gets processed by
big data analytics and machine learning techniques is called collective data.

Most Correlated Visibility in One View

Since Cisco ThousandEyes is performing a lot of individual tests on behalf of
customers, a lot of data is being collected. Those tests include BGP Monitoring, Path
Visualization, Network Metrics, HTTP Server tests, App Experience tests, and others.
Because all customers are using the same internet and are relying on the same SaaS
providers, Cisco ThousandEyes decided to correlate all this data together. This data is
presented in a view called Internet Insights, where all detected issues that are currently
present on the internet are displayed on a world map and can also be examined further.
Those issues include ISP outages, SaaS outages, and others. What is handy is that those
insights also get added to your digital experience test reports if algorithms detect that a
test may be affected by those outages.

Modern IT Visibility Architecture

Take a look at how monitoring was done in the past, what has changed since then, and
what kind of visibility gaps Cisco ThousandEyes fills in modern network infrastructure.

In the Past
In the past, the vast majority of infrastructure was under the enterprise's control.
Enterprises took advantage of that and deployed several monitoring tools based on the
categories that needed to be monitored. One of the most popular tools included SNMP
for monitoring, management, and telemetry, NetFlow for network traffic statistics, and
Syslog for aggregating and examining device logs. If an issue occurred on the network,
the network engineer simply performed some packet captures on different points of the
network and analyzed the traffic using a protocol analyzer such as Wireshark. In this
model, enterprises had the whole business infrastructure under control.

Migrating to the Cloud

The most consequential trend that most enterprises are or will be a part of is the
migration from on-prem data centers to the cloud. Migration to the cloud takes the
whole architecture upside-down since the equipment and the networks that you are
relying upon are not under your control anymore. This migration exposed a huge
visibility gap that enterprises were struggling to close. Because of this gap,
ThousandEyes, Inc. was founded in 2010 with the objective of closing it and providing
their customers with the monitoring control they once had possessed. With applications
and services becoming more and more complex, a new category of tools for monitoring
the applications and services called has also emerged, called application performance
 management (APM). Those tools are now widely used by the companies that are
developing and delivering their SaaS applications. One of the most advanced APM
providers is AppDynamics, a child company of Cisco.

Summary
After completing this course, you are now able to achieve the following objectives:
• Identify challenges in today’s networks.
• Summarize the Cisco ThousandEyes solution.
• Discuss the see inside-out use case.
• Discuss the see outside-in use case.
• Discuss the WAN experience use case.
• Compare different ThousandEyes vantage points.
• Recognize the value of ThousandEyes correlated visibility.
• Differentiate tools for monitoring modern networks.