Modern networks have become increasingly complex as enterprises adopt cloud, SaaS, and support distributed workforces. With the internet now serving as the corporate network, network operations teams face significant challenges. They lose visibility across the internet, into zero trust environments, and further into applications. Mapping the internet is difficult, and pinpointing the root cause of issues is nearly impossible since they no longer own the network infrastructure. Additionally, routing traffic based on individual users is impractical, as traffic now rides the internet, where routing control is unavailable. These factors lead to unresolved performance issues, poor user experiences, and productivity loss. According to Gartner, 70% of organizations report that growing network complexity and lack of end-to-end visibility are major barriers to managing digital user experience. Many network professionals still rely on user-reported issues to identify performance problems, leading to delayed response times and increased operational risk. IDC estimates that unplanned IT downtime costs enterprises an average of $250,000 per hour globally-making reactive troubleshooting both costly and unsustainable in today’s hybrid and cloud-first environments. Zscaler Digital Experience (ZDX) Network Intelligence enhances visibility and insights by collecting data from every user’s device within the customer environment. ZDX runs MTR probes to gather network metrics such as network latency and packet loss. ZDX uses this data to establish a baseline and measure the performance against it and notify operations teams of any network anomaly. This ultimately helps network operations troubleshoot faster and regain control of distributed networks. As networks grow more complex, proactive visibility is no longer optional—it’s essential.Common Use CasesGlobal Network health monitoring: Centralized view with end-to-end network visibility to detect and classify network issues (e.g., Last Mile ISP problems or Intermediate ISP problems). Detect and diagnose network anomalies impacting performance:ZDX uses Cloudpath probes from user endpoints to baseline network performance and flag anomalies, highlighting key metrics and severity. By correlating anomalies with geolocation-based user experience scores, ZDX identifies network impacts, accelerating MTTD and MTTR for faster resolutions and improved user experiences. Optimize traffic via the best ISPs and data center: Leverage end-to-end network telemetry to evaluate ISP performance across multiple network paths, enabling identification of the most reliable ISPs and optimal routing paths to data centers based on metrics such as latency and packet loss. This facilitates improved application performance and network efficiency. Benchmark best and worst ISP performance: Recommend the best-performing ISPs based on metrics (latency, packet loss), helping customers choose optimal connectivity providers. Technical Deep DiveToday, millions of devices across various customer environments are deployed with Zscaler Client Connector running cloud probes at five-minute intervals. ZDX Network Intelligence leverages the cloud probe data and applies machine learning algorithms to establish a baseline for normal network performance. It continuously monitors for deviations in key metrics such as latency, packet loss, and jitter. When anomalies are detected, they are flagged as network issues, and the affected paths are visually represented with severity-based color coding: red for critical issues and yellow for moderate degradation. This enables faster root cause identification and enhances network troubleshooting efficiency.ZDX Network Intelligence goes beyond simply detecting anomalies—it assesses their impact by correlating probe data with ZDX scores. By leveraging existing ZDX metrics, we can determine whether an anomaly is affecting the user experience. This correlation enables us to understand the scale of the issue and identify which users are impacted.Global Network Health Monitoring The Network Intelligence Dashboard provides end-to-end network visibility. Network teams can use this dashboard proactively or reactively to assess the health of their global network. Based on the impacted locations, they can drill down further to identify the root cause of issues. Additionally, they can correlate network problems with the ZDX score for each location to understand the potential impact and scale of the problem For example, if the average ZDX score in a specific geolocation is low and a majority of users are experiencing degraded performance—coinciding with a detected network anomaly—this strongly indicates that the network anomaly is negatively impacting user experience and contributing to the reduced score.Detect and Diagnose Network Anomalies Impacting Performance The section below outlines the location selected for troubleshooting and the specific time intervals during which network anomalies occurred. This helps the network team identify which time windows to focus on for deeper analysis and root cause investigation. Additionally, correlating network anomalies with the number of users with poor ZDX scores at the same time can help networking teams to better understand the impact of the network problem. Optimize Traffic via the Best ISPs and Data CenterUnderstanding where network anomalies occur is critical for effective troubleshooting. With end-to-end network visibility, you can pinpoint whether issues arise within intermediate ISPs or at the last-mile ISP level. This visibility provides valuable insights into key network metrics such as latency and packet loss—enabling you to identify the root cause of degraded performance.By default, the data is aggregated at the Autonomous System Number (ASN) level, offering a high-level view of the network. However, if you’re looking to trace the exact path traffic is taking and analyze which geographic regions it traverses, you can apply the GeoLabel filter. This allows for a more granular view, helping teams correlate performance issues with specific geographic routes and ISPs.Benchmark Best and Worst ISP PerformanceAnalyze trends in last-mile ISP and application performance using ZDX scores to identify patterns and assess performance, enabling timely and informed action.Network Anomaly Alerts Rules To effectively identify network anomalies or deviations from the established baseline, customers should be alerted proactively. Network Intelligence Alert Rules enable customers to configure alerts for any detected anomalies or baseline deviations. These rules offer flexibility to define thresholds for deviation intensity, minimum network latency criteria, and throttling conditions. This ensures customers receive advanced notifications when potential network issues arise, allowing for faster response and reduced impact.ConclusionIn today’s complex, distributed enterprise networks, traditional monitoring methods are insufficient. Network Intelligence addresses this by deploying intelligent probes that collect real-time telemetry data—such as latency, packet loss, and path changes—and analyze it using machine learning to establish performance baselines and detect anomalies. By correlating these anomalies with user experience metrics like ZDX scores, IT teams can assess the impact on end-users and prioritize remediation efforts effectively. This approach enables proactive detection of issues, reduces mean time to resolution (MTTR), and enhances overall network reliability, making it essential for modern network management. As enterprises continue their cloud and remote work transformations, this level of visibility is not just valuable—it’s mission-critical.Want to learn more about how Zscaler Digital Experience can transform your network troubleshooting? Contact us today for a demo and see how real-time insights can help your organization stay connected and efficient.
[#item_full_content] Modern networks have become increasingly complex as enterprises adopt cloud, SaaS, and support distributed workforces. With the internet now serving as the corporate network, network operations teams face significant challenges. They lose visibility across the internet, into zero trust environments, and further into applications. Mapping the internet is difficult, and pinpointing the root cause of issues is nearly impossible since they no longer own the network infrastructure. Additionally, routing traffic based on individual users is impractical, as traffic now rides the internet, where routing control is unavailable. These factors lead to unresolved performance issues, poor user experiences, and productivity loss. According to Gartner, 70% of organizations report that growing network complexity and lack of end-to-end visibility are major barriers to managing digital user experience. Many network professionals still rely on user-reported issues to identify performance problems, leading to delayed response times and increased operational risk. IDC estimates that unplanned IT downtime costs enterprises an average of $250,000 per hour globally-making reactive troubleshooting both costly and unsustainable in today’s hybrid and cloud-first environments. Zscaler Digital Experience (ZDX) Network Intelligence enhances visibility and insights by collecting data from every user’s device within the customer environment. ZDX runs MTR probes to gather network metrics such as network latency and packet loss. ZDX uses this data to establish a baseline and measure the performance against it and notify operations teams of any network anomaly. This ultimately helps network operations troubleshoot faster and regain control of distributed networks. As networks grow more complex, proactive visibility is no longer optional—it’s essential.Common Use CasesGlobal Network health monitoring: Centralized view with end-to-end network visibility to detect and classify network issues (e.g., Last Mile ISP problems or Intermediate ISP problems). Detect and diagnose network anomalies impacting performance:ZDX uses Cloudpath probes from user endpoints to baseline network performance and flag anomalies, highlighting key metrics and severity. By correlating anomalies with geolocation-based user experience scores, ZDX identifies network impacts, accelerating MTTD and MTTR for faster resolutions and improved user experiences. Optimize traffic via the best ISPs and data center: Leverage end-to-end network telemetry to evaluate ISP performance across multiple network paths, enabling identification of the most reliable ISPs and optimal routing paths to data centers based on metrics such as latency and packet loss. This facilitates improved application performance and network efficiency. Benchmark best and worst ISP performance: Recommend the best-performing ISPs based on metrics (latency, packet loss), helping customers choose optimal connectivity providers. Technical Deep DiveToday, millions of devices across various customer environments are deployed with Zscaler Client Connector running cloud probes at five-minute intervals. ZDX Network Intelligence leverages the cloud probe data and applies machine learning algorithms to establish a baseline for normal network performance. It continuously monitors for deviations in key metrics such as latency, packet loss, and jitter. When anomalies are detected, they are flagged as network issues, and the affected paths are visually represented with severity-based color coding: red for critical issues and yellow for moderate degradation. This enables faster root cause identification and enhances network troubleshooting efficiency.ZDX Network Intelligence goes beyond simply detecting anomalies—it assesses their impact by correlating probe data with ZDX scores. By leveraging existing ZDX metrics, we can determine whether an anomaly is affecting the user experience. This correlation enables us to understand the scale of the issue and identify which users are impacted.Global Network Health Monitoring The Network Intelligence Dashboard provides end-to-end network visibility. Network teams can use this dashboard proactively or reactively to assess the health of their global network. Based on the impacted locations, they can drill down further to identify the root cause of issues. Additionally, they can correlate network problems with the ZDX score for each location to understand the potential impact and scale of the problem For example, if the average ZDX score in a specific geolocation is low and a majority of users are experiencing degraded performance—coinciding with a detected network anomaly—this strongly indicates that the network anomaly is negatively impacting user experience and contributing to the reduced score.Detect and Diagnose Network Anomalies Impacting Performance The section below outlines the location selected for troubleshooting and the specific time intervals during which network anomalies occurred. This helps the network team identify which time windows to focus on for deeper analysis and root cause investigation. Additionally, correlating network anomalies with the number of users with poor ZDX scores at the same time can help networking teams to better understand the impact of the network problem. Optimize Traffic via the Best ISPs and Data CenterUnderstanding where network anomalies occur is critical for effective troubleshooting. With end-to-end network visibility, you can pinpoint whether issues arise within intermediate ISPs or at the last-mile ISP level. This visibility provides valuable insights into key network metrics such as latency and packet loss—enabling you to identify the root cause of degraded performance.By default, the data is aggregated at the Autonomous System Number (ASN) level, offering a high-level view of the network. However, if you’re looking to trace the exact path traffic is taking and analyze which geographic regions it traverses, you can apply the GeoLabel filter. This allows for a more granular view, helping teams correlate performance issues with specific geographic routes and ISPs.Benchmark Best and Worst ISP PerformanceAnalyze trends in last-mile ISP and application performance using ZDX scores to identify patterns and assess performance, enabling timely and informed action.Network Anomaly Alerts Rules To effectively identify network anomalies or deviations from the established baseline, customers should be alerted proactively. Network Intelligence Alert Rules enable customers to configure alerts for any detected anomalies or baseline deviations. These rules offer flexibility to define thresholds for deviation intensity, minimum network latency criteria, and throttling conditions. This ensures customers receive advanced notifications when potential network issues arise, allowing for faster response and reduced impact.ConclusionIn today’s complex, distributed enterprise networks, traditional monitoring methods are insufficient. Network Intelligence addresses this by deploying intelligent probes that collect real-time telemetry data—such as latency, packet loss, and path changes—and analyze it using machine learning to establish performance baselines and detect anomalies. By correlating these anomalies with user experience metrics like ZDX scores, IT teams can assess the impact on end-users and prioritize remediation efforts effectively. This approach enables proactive detection of issues, reduces mean time to resolution (MTTR), and enhances overall network reliability, making it essential for modern network management. As enterprises continue their cloud and remote work transformations, this level of visibility is not just valuable—it’s mission-critical.Want to learn more about how Zscaler Digital Experience can transform your network troubleshooting? Contact us today for a demo and see how real-time insights can help your organization stay connected and efficient.
