Release Notes: October 2025

2025-10-01

New Agent Selector for Test Creation

The updated agent selector is now available for all users. The new selector provides you with a more refined and intuitive experience, allowing you to quickly build tests without searching through long lists of agents, gain a clearer picture of agent coverage and provider diversity, and fine tune your test deployment.

This update includes:

  • Geographical View: View agents on a map to quickly identify coverage gaps and ensure the right regions are covered.

  • Enhanced Search: Use the search bar and filters to quickly find the agents you want.

  • Labels Up Front: Custom labels are brought to the foreground to ensure they are easy to access and filter by.

  • Better Provider Grouping: Agents are now grouped more clearly by provider, making large lists simpler to navigate.

  • Advanced Mode: Unlock deeper insights and agent metadata when you need them.

Network Test Settings Basic Agent Selector
Network Test Settings Advanced Agent Selector

2025-10-02

Dashboard Support for Event Detection

Event detection is now supported as a data-source for the following dashboard widgets:

  • Color Grid

  • Line Graph

  • List

  • Map

  • Number

  • Table

For more information, see Event Detection and Dashboard Widgets.

2025-10-06

Endpoint Agent Client Version 2.20.3

The following enhancements have been made to the Endpoint Agent client:

All Platforms

  • In Zscaler version 4.6, the previous method for detecting VPN connections has been removed. A new, more effective method for monitoring VPN status has been introduced.

2025-10-07

Views Explanations GA

Views explanations are now available for all users. You can leverage our integrated AI capabilities to help you quickly interpret and understand your Cloud and Enterprise Agent test results, and generate natural language summaries and fault domain analyses of test rounds. These explanations provide actionable insights into network and application performance across the following observed test layers:

  • Page Load

  • HTTP Server

  • Agent to Server

For more information, see AI Views Explanations.

Account Health Skill for the AI Assistant

The AI Assistant can review the health and operational hygiene of your environment, and provide a prioritized summary of issues, with clear recommendations for updates and changes.

You can ask the AI Assistant questions like:

  • "Are any of my enterprise agents offline or overloaded?"

  • “Do any of my enterprise agents have errors?

For more information about the AI Assistant, see Cisco AI Assistant.

Login and Authentication Updates

Improved Login Experience for Locally Authenticated Organizations

We're excited to announce an important upgrade to the ThousandEyes login experience for organizations using local authentication (users who sign in directly at app.thousandeyes.com with a username and password, without using their organization's Identity Provider). Cisco is introducing a centralized authentication system to simplify access, enhance security, and provide a seamless single sign-on (SSO) experience across all Cisco products.

What You Need to Know

  • Automatic Migration Beginning the Week of October 20, 2025, Through Mid-November: Your organization’s identity management will be migrated to the new Cisco Identity Provider (IdP) during this period. You will continue to log in without disruption and no action is required.

  • Updated Password Expiration Policy: Please note that the new IdP has a new default password expiration policy of 30 days, with the option to change to two years.

  • No action is required from you for the automatic migration of your local-authentication users.

If your organization is currently using SSO, this migration will not impact you. We appreciate your attention and encourage you to stay tuned for future updates.

Support

If you or your users run into issues, please see Contacting Support. For more information on our login experience, see Logging In.

Allow Network Traffic for Login and Access

To ensure uninterrupted login and access to the ThousandEyes platform and Cisco services, please ensure that your network allows outbound traffic to the following domains:

  • https://idbroker*.webex.com/idb/**

  • https://idbroker-static.webex.com/**

  • https://*.cisco.com/**

These domains are critical for authentication, as they delegate login processes to Webex and Cisco services. Blocking traffic to any of these domains may result in login failures or session interruptions.

2025-10-09

Cisco ThousandEyes Mobile Metrics on Dashboards (Android)

Mobile telemetry is now fully supported in Dashboards through the Mobile Endpoint Agent.

Supported metrics include:

  • Cellular telephony and telemetry: Carrier name, RSSI, RSRP, RSRQ, SINR, network generation (3G, 4G, 5G, LTE), and network subtype (LTE, HSPA).

  • Wireless and local network health: Wireless profile signal quality and throughput, local network profile link speed, and wireless signal quality.

  • Scores: Device health score, connection health score (Wi-Fi and cellular), gateway health score, and memory.

Coming soon: Experience score, battery, temperature, and mobile template.

Not supported: CPU, retransmission rate, roaming or channel swap events, TCP protocol, and dynamic or real user tests.

SINR data is available from September 19, 2025.

For more information on getting started, see the Dashboard documentation and sample dashboard.

Cisco Application Hosting Framework (CAF) version 5.1.2

CAF version 5.1.2 has now been released. This release is intended to replace the 5.1.1 image on all supported Cisco devices.

For upgrade instructions, see Upgrading Enterprise Agents.

New Features

CAF 5.1.2 adds support for the REPO_PROXY_* environment variables available with our Docker Enterprise Agent. This will add more flexibility to the proxy configurations used by the agent and package manager.

For more information, see Configuring an Enterprise Agent.

Bug Fixes

  • An issue was found in CAF versions 5.0.1 and 5.1.1 where images would fail when being copied onto a Cisco Catalyst 9300 series switch, if the switch was running IOS XE 17.3.3. This was caused by unsupported PAX headers. The image format has been modified to be backwards compatible with earlier IOS XE software versions.

  • An issue was found where agents running CAF version 5.1.1 on either ASR1k or ISR devices and configured as Traffic Insights forwarders may encounter failures. This was caused by the agent's inability to resolve "localhost", and has been fixed.

MD5 Checksum Verification

ThousandEyes recommends validating the checksum of downloaded packages. The md5 checksums for the CAF version 5.1.2 images are:

  • f4cab9a36dd1e886df8eb76bbc80a0be thousandeyes-enterprise-agent-aarch64-5.1.2.cisco.tar

  • e8145b92e77c7b88753fed406c9d5517 thousandeyes-enterprise-agent-x86_64-5.1.2.cisco.tar

Improvements in OAuth Token Configuration for Webhook Integration

You can now specify a scope parameter when setting up OAuth 2.0 Client Credentials authentication for custom webhook integrations. With this update, ThousandEyes custom webhooks can authenticate successfully using Microsoft Entra ID and other standards-compliant OAuth providers that require a scope parameter.

2025-10-10

Updates to Cloud Insights

Cloud Insights: Azure ExpressRoute Visualization

Cloud Insights now visualizes Azure ExpressRoute circuits in the path visualization and topology views for Network & App Synthetics tests.

For organizations with hybrid cloud environments, this provides end-to-end visibility into traffic from on-premises data centers to the Azure cloud. By mapping the ExpressRoute connection directly within the test's topology view, you can now monitor the performance and connectivity of these critical datacenter-to-cloud links. This enhancement helps you more effectively troubleshoot connectivity issues, validate network paths, and assure the performance of your hybrid Azure infrastructure. See Dedicated Connections for more information.

Cloud Insights: Azure Integration Policies

You can now configure granular integration policies for Microsoft Azure, allowing you to select which resource types and subscriptions Cloud Insights monitors.

This update gives you precise control over the data Cloud Insights ingests from your Azure environment. The new Integration Policies page for Azure is divided into two sections:

  • Enabled Resource Types: Select which types of Azure resources (such as Virtual WAN, ExpressRoute, or Security) to monitor. This helps you tailor data collection to your needs and avoid unnecessary permissions warnings for resources you don't intend to monitor.

  • Subscription Rules: Define a set of ordered rules to include or exclude specific Azure subscriptions from monitoring based on their name or ID. Using Java regular expressions, you can create powerful policies, such as monitoring only production subscriptions or excluding all development environments, ensuring that you only ingest relevant inventory data.

For detailed instructions on configuring these policies, see the Azure Integration Policies documentation.

Network & App Synthetics: New Cloud Insights Filter for Test Lists

A new filter is now available on the Test Settings page to quickly identify tests that are enriched with Cloud Insights data.

On the Network & Application Synthetics > Views page, you can now use the Cloud Insights enriched tests checkbox in the Test filter to narrow the test list. This makes it easier to manage and focus on tests that provide deep visibility into your cloud network topology. Selecting the filter shows only those tests that have been enriched with inventory data from your integrated AWS or Azure accounts, helping you isolate your cloud-endpoint tests from the rest. See Filtering for Cloud Layer Tests for more information.

Network & App Synthetics: AWS Network and Security Layer Enhancements

In addition to the interfaces and security groups that make up the Network and Security topology in your Network & App Synthetics > Views > Cloud layer, we've added routing tables, transit gateway routing tables, subnets, and network access control lists (ACLs). These additions give you a significantly more detailed and granular view of the infrastructure that connects your cloud resources. See Network and Security View for more information.

2025-10-15

Test Button Now Available in Integrations 2.0

The Test button is now available for operations in the Integrations 2.0 experience. This feature lets you validate Custom Webhook operations before assigning them to alert rules.

  • The Test button appears at the operation level, not on connectors.

  • The Test button is also available in the Custom Webhook integration template.

  • For operations without an associated connector, the button is visible but remains disabled.

This update replaces the temporary Pending status that was displayed for migrated Custom Webhooks and provides a more direct way to confirm configuration before deployment. For operations with a status of Pending you will need to manually click on the test button to update the status.

For more information, including the earlier update where this was first announced, see Integrations 2.0 Now Supports Custom Webhooks.

Legacy Network and App Synthetics Test Creation Workflow Deprecation Notice

As previously announced, we are rolling out an updated and improved interface for creating Network and App Synthetics tests in ThousandEyes. After November 15th, 2025, all test types will be supported by the updated test creation workflow. At that time, all legacy test creation methods will be removed from the platform.

No action is required by you at this time.

2025-10-21

Multi-Service View Support for Additional Test Types

We have added multi-service views support for the following test types:

  • DNS Trace

  • DNSSEC

  • FTP

  • SIP

This allows these tests to be stitched together in a single correlated view, helping users tell a more complete story across different protocol layers and vantage points during investigation. For more information about multi-service views, see Multi-Service Views.

New Cloud Agents

New Cloud Agents have been added in the locations listed below. For a full list of Cloud Agents, see ThousandEyes Cloud Agent Locations.

  • Kuwait City, Kuwait (Ooredoo)

  • Lima, Peru (Movistar)

  • Lima, Peru (Movistar) (IPv6)

  • Macau, Macau (HK Telecom)

  • Macau, Macau (HK Telecom) (IPv6)

  • Mombasa, Kenya

  • Mombasa, Kenya (IPv6)

  • Sharjah, United Arab Emirates (Etisalat)

2025-10-24

Endpoint Agent Client Version 2.23.0

The following enhancements have been made to the Endpoint Agent client:

All Platforms

  • The UDP path trace currently uses the UDP checksum to match ICMP replies. However, some middle boxes modify the checksum, causing incomplete path traces. To address this, we have modified the path trace to send UDP packets of varying sizes and correlate ICMP replies using the UDP packet length instead of the checksum.

PreviousRelease Notes: November 2025NextRelease Notes: September 2025

Last updated