1.2 Agent Location

Selecting the right agent location is crucial for effective network assurance. This involves choosing the optimal observation point for collecting actionable metrics to troubleshoot network issues. When a service or application experiences problems, you need to determine the best location to deploy a ThousandEyes agent to pinpoint the root cause.

Traditional troubleshooting methods like packet captures, Simple Network Management Protocol (SNMP), flow protocols (e.g., NetFlow, sFlow), and syslog are classified as passive monitoring. This guide focuses on synthetic monitoring, where ThousandEyes agents actively generate traffic to the target to retrieve metrics and provide a real-time view of the user experience.

Consider these factors when deciding on agent location:

• Protocols used
• Protocol enablement methods
• Supported platforms for agent deployment
• Specific use cases

Focus on delivering an excellent end-user experience by ensuring the network meets requirements and providing evidence to quickly resolve problems.

Key Concepts

Agent Location Considerations

• Network Topology: Understand the network architecture and the flow of traffic from users to applications and services. This helps determine the best agent and test type to deploy and where. For example, to gain visibility from an enterprise network to a specific web server, deploy an Enterprise Agent in the data center and configure an HTTP server test to the server's URL. This provides Border Gateway Protocol (BGP), network, and web metrics.
• Security Requirements: Ensure proper data protection and access control. Enterprise Agents require direct internet access to register with the ThousandEyes platform and obtain test configurations. Account for any proxies or firewalls in the network path.
• Infrastructure: Choose the best agent type based on your existing infrastructure. You can enable Enterprise Agents on devices like Catalyst 9300/9400 switches, Nexus 9K switches, and Meraki MX security appliances. You can also deploy them on virtualization platforms (e.g., HyperV, VMware), as a Linux package, or as a Docker container on a server. For RoomOS devices, enable the ThousandEyes Endpoint Agent. If you don't have infrastructure in a specific location, consider using a Cloud Agent in that geographic region.

Agent Deployment Strategies

Agent by Vantage Point

• Outside-in Monitoring (Cloud Agents): ThousandEyes operates and maintains a global network of Cloud Agents. These agents are deployed in tier 2 and 3 Internet Service Providers (ISPs), internet exchange points, and cloud providers (e.g., AWS, Google, Azure, Alibaba). Cloud Agents can run all ThousandEyes tests and are available to all customers. They provide an "outside-in" perspective, simulating user traffic from various global locations. For more information about the location of ThousandEyes Cloud Agents, see the Cloud Agent World Map.
• Inside-out Monitoring (Enterprise Agents): Customers deploy Enterprise Agents within their own infrastructure to monitor internal networks, data centers, cloud environments, and branch offices. They provide visibility into the performance of applications and services from the perspective of internal users and systems. For more information, see the Enterprise Agents documentation.
• Last-Mile Monitoring (Endpoint Agents): Endpoint Agents are installed on end-user devices, such as laptops and desktops, to monitor the last mile of the network connection. They provide insights into Wi-Fi performance, ISP routing, VPN gateway performance, and application availability from the user's location. For more information on managing and troubleshooting Endpoint Agents, refer to the ThousandEyes Endpoint Agent documentation.

Agent Location by Use Case

• Hybrid Work:
  • Collaboration Tools: Use Endpoint Agents to monitor the performance of tools like Slack, Microsoft Teams, Webex, and Zoom from the end-user perspective. Cloud and Enterprise Agents can monitor server-side performance.
  • SaaS and API: Monitor SaaS application and API performance using:
    • Endpoint Agents: For user experience monitoring of specific SaaS application URLs.
    • Enterprise Agents: For monitoring the experience from branch offices to SaaS applications, services, or cloud workloads.
    • Cloud Agents: For monitoring the customer experience of APIs or applications hosted in your data center.
  • Wi-Fi Monitoring: Endpoint Agents can monitor Wi-Fi connectivity, including signal strength, throughput, and roaming events.
  • Secure Access: Deploy Endpoint Agents as part of the Cisco Secure Client to monitor and secure user access.
• Secure Access Service Edge (SASE): Monitor the performance of SASE components, such as SD-WAN, Cisco Umbrella, Meraki SD-WAN, and Catalyst SD-WAN, using the appropriate agent type based on the component and desired vantage point.
• Core Network: Deploy Enterprise Agents within the core network to monitor the performance of infrastructure components like SD-WAN, WAN, VPN headends, access networks, Wi-Fi, and Catalyst switches.
• Hybrid Cloud: Use Enterprise Agents in both on-premises and cloud environments to monitor the performance of hybrid cloud infrastructure, including data center switching and routing, cloud services, and cloud networking components.
• Full Stack Observability (FSO): Integrate ThousandEyes with tools like Open Telemetry and Cisco AppDynamics to gain network-level insights into application and infrastructure performance.

Resources

• Beginner's Guide To Enterprise Network Monitoring

• Endpoint Agent use cases deployment and data privacy models

• A Simple, Secure Way to Connect Your Branches

• Cisco Security Application

• ThousandEyes on Meraki

• Workforce Digital Experience

Sample Questions

1.2 Question 1

A network engineer wants to measure their SD-WAN performance metrics. Which agent deployment method is most suitable for this scenario?

• A) Install an agent on the overlay network
• B) Install an agent on the DMZ
• C) Install an agent on their LAN
• D) Install an agent on the underlay network

1.2 Question 2

A network engineer needs to monitor the performance of a business-critical web application accessed by remote employees connecting through a Cisco AnyConnect VPN. Which two agent deployment methods are most suitable for this scenario? (Choose two)

• A) Deploy ThousandEyes Cloud Agents in the same geographical regions as the remote employees.
• B) Integrate ThousandEyes with Cisco AppDynamics to monitor application performance from the server-side.
• C) Deploy ThousandEyes Enterprise Agents on the VPN concentrator where the AnyConnect clients terminate.
• D) Utilize the ThousandEyes Endpoint Agent and deploy it on a subset of remote employee machines running Cisco AnyConnect.
• E) Configure ThousandEyes tests from Enterprise Agents located in the data center where the web application is hosted.