Identify latency and packet loss faster to improve the user experience and IT operations. Credit: iStock Performance monitoring of private applications accessed remotely via VPN has always been a challenge. The encrypted tunnel between the user and the data center blocked the ability to truly understand what might have been causing performance issues on those network connections. Without a proper flashlight, this dark tunnel often hid the root cause of persistent problems. This is the bane of any VPN administrator’s existence—the all-too-predictable support ticket: “my experience accessing this app over the VPN is extremely slow! But it works fine when I’m at my desk…” How do you even begin to troubleshoot? It could be a memory or CPU constraint on the user’s device, slow local WiFi, congestion in the local ISP, problems on the backbone, congestion in the data center or cloud hosting environment, or latency on the back-end app server. Enter Zscaler… The Zscaler Zero Trust Exchange (ZTE) provides seamless, zero trust access to private applications running on the public cloud or within the data center; and Zscaler Private Access (ZPA) ensures that applications are never exposed to the internet, making them completely invisible to unauthorized users and traditional monitoring tools. With the integration of Zscaler Digital Experience (ZDX) and ZPA, it is now possible to understand the user’s experience accessing internal applications, from both the application and network perspective. Visibility is the foundation of zero trust; you can’t protect what you don’t know. Replacing your legacy VPN with ZPA allows ZDX to shine a bright light into that dark tunnel, an area where even traditional monitoring tools have no visibility. zscaler Figure 1: Traditional monitoring tools cannot monitor the performance of private applications, but ZDX uniquely provides deep visibility. Using ZDX, application, network performance, and device health statistics are collected for every employee every few minutes and are used to calculate a ZDX score that reflects the user’s experience with that private (or public) application. The health data is aggregated across all regions, offices, and users to provide macro-level visibility into company-wide performance and degradations. zscaler Figure 2: ZDX shows the performance of both public and private applications by calculating the ZDX score of individual users. This ZDX score is combined with hop-by-hop network path analytics using CloudPath to provide segment-by-segment latency and loss breakdowns to easily isolate the network’s contribution to performance degradations (see Figure 3). zscaler Figure 3: CloudPath calculates segment latency every few minutes from every employee for both private and public applications. CloudPath leverages Zscaler’s integrated agent and the Zero Trust Exchange itself to measure network performance. This allows CloudPath to make use of ZDX’s unique 360-degree monitoring (see my recent blog here). CloudPath creates an end-to-end view of the network path by stitching the entire packet journey together (see Figure 4). zscaler Figure 4: ZDX exposes hop-by-hop network details This is particularly useful because ZDX exposes the hops and network details of the connection between the user’s device, their gateway, and the connection to their ISP. These hops would be invisible to traditional monitoring tools and in VPN environments, and is often where the performance issue is coming from (see Figure 5). zscaler Figure 5: ZDX displays the connection between the user device and their gateway and ISP. We finally have the solution we need to address that painful support ticket and identify exactly why access to an application may be slow for a remote user when it works fine on premises. ZDX and ZPA, working together, illuminate the invisible by shining a bright light into zero trust environments. Further reading: ZDX: Fast, Seamless Digital Experiences – Now For Your Collaboration Apps Related content brandpost Sponsored by Zscaler How customers can save money during periods of economic uncertainty Now is the time to overcome the challenges of perimeter-based architectures and reduce costs with zero trust. By Zscaler Dec 01, 2023 4 mins Security brandpost Sponsored by Zscaler How customers capture real economic value with zero trust Unleashing economic value: Zscaler's Zero Trust Exchange transforms security architecture while cutting costs. By Zscaler Nov 30, 2023 4 mins Security brandpost Sponsored by Zscaler More connected, less secure: Addressing IoT and OT threats to the enterprise A forward-thinking zero trust strategy is necessary to securely manage IoT and OT devices at scale. Effectively protecting networks begins with an honest look at connectivity. By Zscaler Nov 14, 2023 7 mins Security brandpost Sponsored by Zscaler Why you must extend Zero Trust to public cloud workloads Rising to the cloud security challenge: Protecting workloads with Zero Trust principles in an ever-evolving threat landscape. By Dhawal Sharma Nov 08, 2023 7 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe