Free Trial

(set up in your environment)

Azure. Google Cloud. IBM Cloud. Alibaba. CenturyLink. AWS. Any Cloud.

CloudLens is now the first visibility solution to support all leading cloud platforms, for both Windows and Linux!

Comprehensive Cloud Visibility

  • Any Cloud Visibility
  • Elastic Scale
  • Pay per Use Pricing
  • Cloud-Native Design
  • Cloud Visibility Ecosystem
  • Service Provider Agnostic

    Cloud Service Provider Agnostic

    CloudLens is the first service-provider agnostic visibility platform, capable of providing access to packet data in Amazon Web Services (AWS), Microsoft Azure, IBM Bluemix, Google Cloud Platform, Alibaba Cloud, CenturyLink cloud and more; the platform also supports Window and Linux environments.

    CloudLens provides a single layer that can access data directly from instances, filter it in the cloud and then send it directly to security and monitoring tools. This provides flexibility, as data from any cloud can be routed to security in monitoring tools in any other cloud or in the data center. Being able to manage this layer in a single platform and interface also simplifies management and configuration for network administrators, mitigating errors and ensuring security and monitoring tools have the visibility they need.

  • Elastic Scale

    Elastic Scale, On-Demand

    CloudLens addresses the challenges of capturing and filtering traffic in the public cloud because it scales horizontally as instances are created and destroyed. CloudLens uses metadata from cloud platform instances to classify them; because metadata inherently exists for each new instance that is created, the platform automatically knows how to treat it and which security and monitoring policies need to be applied. Consequently, traffic from instances is appropriately filtered and routed to security and monitoring tools, without requiring human intervention. With a security and monitoring tool partner ecosystem, CloudLens ensures that tool instances also scale. An auto-scaling solution eliminates the burden of management to save time and money. It also mitigates the inherent risk of error with manual configuration. CloudLens has been tested to support thousands of instances.

  • Per per Use Pricing

    Cost-effective cloud visibility

    CloudLens aligns to one of the core tenets and drivers for why organizations move to cloud: No guesswork with regards to sizing for peak use, optimizing how resources are allocated and controlling costs.

    Like the cloud scales with load on applications or systems, CloudLens scales along with workload instances, adding visibility on-demand when instances are created or destroyed, without any architectural changes. This scale means you only use what you need and consequently, only pay for what you use. Moreover, CloudLens mitigates errors because there is no potential for mis-sizing peak demand or missing instances as they get added - ensuring the right amount of visibility, cost-effectively.

    Detailed Pricing Information

  • Cloud-Native Design

    A Cloud-Native, Serverless Design

    Ixia’s CloudLens can auto-scale and is cloud-provider agnostic because it is built on the cloud. At its core, it’s an implicit microservices architecture which is orchestrated via API’s - a serverless design. It is this cloud-native aspect that allows the platform to scale so it can meet the cloud needs of highly available and scalable service across technology platforms.

    CloudLens Public has two core components:

    • A SaaS visibility management platform. This is where users can configure visibility and define filtering.
    • Sensors and connectors: software that sits within the source and tool instances respectively. The sensors and connectors are how CloudLens accesses metadata because they sit within instances. They can be Docker-container or Agent based versions.

    What does it mean to be cloud-native and why it matters.

  • Cloud Visibility Ecosystem

    Cloud Visibility Ecosystem

    Ixia offers a Cloud Visibility Ecosystem of Technology Partners that are pre-validated to receive data directly from CloudLens in the cloud. This allows flexibility of management and removes the requirement of backhauling data when not required.

    Overall, a broad range of stakeholders can leverage CloudLens to feed the packet-based tools they need to support business. Compliance and security teams can deploy security tools such as data loss prevention (DLP) and intrusion prevention systems (IPS). Application owners can deploy application performance management (APM) and performance monitors. DevOps teams can deploy troubleshooting and analysis tools. Data can be sent to both cloud-based and physical security and monitoring tools. See the complete list of Ixia Technology Partners.

Containers and Kubernetes Webianr


CloudLens is the first and only solution to deliver packet visibility into containers and Kubernetes clusters across cloud platforms including AWS Elastic Container Service for Kubernetes (EKS), Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE).

See a demonstration of how you can establish packet visibility into your workloads in Physical, Virtual, Cloud, Container or in a Kubernetes Cluster by continuing to maximize on your existing investment in APM, NPM and IDS tools. 

How CloudLens Works

  • Identify Instances
  • Create a Project
  • Define Groups
  • Draw a Path
  • Setup Filters
  • Monitor
  • Source and Tool Instances

    Using CloudLens is easy. The first step is to load Ixia sensors on the source instances, where you need packet visibility. With CloudLens visibility ecosystem, security and monitoring tool instances, where the packets need to be delivered, are already setup with connectors that receive data from the sensors.

    The sensors and connectors send metadata information (e.g., Cloud service provider, region, AZ, kernel module, CPU and memory) to the SaaS management platform. The sensor serves dual functions; it also filters packet data before sending it directly to tools. If desired, CloudLens provides the flexibility to route data to a CloudLens virtual packet processor (VM) and subsequently to physical security and monitoring tools or a network packet broker.

  • Create Project

    In the SaaS management platform, create a “project” and use the project key generated to associate the sensors and connectors running in the source and tool instances, respectively, to the project. This allows the management platform to have complete context of where source instances and tool instances reside and in turn bring packet visibility from the source to tool instances.

  • Define Groups

    In the SaaS management platform, create source groups and tool groups based on metadata ingested from the sensors and connectors; a natural classification system. The user also has the flexibility to create source groups and tools groups according to business objectives. In this example “Application Instances” are grouped together as “Source Group 1” and “Web Servers” are grouped together as “Source Group 2.”

  • Draw a Path

    Once groups are created, the relationship of source and tool instances can be established. Drag and drop a connection in the management platform to create a security visibility data path. This connection forwards packet data from source instances to tool instances through a secure peer-to-peer VPN tunnel, the secure visibility path, that originates in the source sensor and terminates in the tool. 

  • Filtering Screenshot

    You can create packet filters at the source instance to filter only relevant packet data that needs to be sent to your tools.

  • Monitor

    The work is done. Sit back with the peace of mind that you can now see what is happening in your cloud environment.

All through an easy, drag and drop interface

Ixia, as always, makes its products easy to use. CloudLens has an intuitive drag-and-drop interface that shows source instances on the left and tool instances on the right – making it easy to understand network data flow.

CloudLens Drag and Drop GUI

“FireEye is excited to partner with Ixia on its new CloudLens platform to extend our industry-leading visibility and response speed into AWS, Azure, and other public cloud.  With our focus on simplifying, integrating, and automating security operations for customers with FireEye Helix, having scalable, native visibility into all cloud services, networks, endpoints, third-party security products enables us to stay ahead of our customer needs."

Martin Holste, CTO, Cloud, FireEye

“Ixia CloudLens was designed and built for the cloud and as a result, it is inherently elastic and scalable. CloudLens provides CA’s network monitoring solutions the visibility needed to monitor end-to-end response times to track and optimize the end user experience, no matter where an application is deployed.”

Sushil Kumar - SVP of Product Management and Strategy, Agile Operations, CA Technologies

“CloudLens' full-packet visibility in AWS enables Dynatrace DC RUM customers to monitor and improve the experience of business-critical applications such as SAP, Citrix, and Oracle.”

Steve Tack, Senior VP, Product Management, Dynatrace

 “Moving enterprise workloads to the cloud can create stumbling blocks for security teams, as they no longer have the network packet visibility needed to be effective. Ixia's CloudLens solves this problem by providing full, easy, and highly-scalable visibility in the public cloud. The joint Ixia and ProtectWise solution provides automated threat detection and unlimited forensic exploration.”

Ramon Peypoch, Chief Product Officer, ProtectWise

“As a provider of large scale SaaS-based performance management solutions hosted in AWS, AppNeta is very familiar with the challenges associated with obtaining actionable packet-level visibility in the public cloud. We found CloudLens met the elastic demands of public cloud customers in a multi-tenant, self-serve model like ours—and, unlike other solutions we've examined, performed well with minimal overhead. With CloudLens, deploying monitoring solutions in the public cloud occurs in a matter of minutes, not hours or days.”

Sean Armstrong, VP of Products, AppNeta

“The NetFort LANGuardian software download ensures users can get granular, real-time visibility of network and user activity on any remote site or data center in minutes. Now, using Ixia CloudLens, this has been expanded to ensure the cloud is no longer a blind spot. The combination of Ixia and NetFort ensures organizations always have a unified view of their environment from a single console that provides real visibility, metadata, and context for faster detection and response across their virtual, physical, and cloud networks.”

Morgan Doyle, CTO, NetFort

“Extending actionable network forensics into the cloud is both difficult and important. With Ixia CloudLens, Savvius is able to bring cloud capabilities to Omnipeek and Omnipliance in a manner that is scalable, elastic, and reliable.”

Nadeem Zahid, Sr Director of Business Development at Savvius

“The adoption of public cloud solutions is continuing to grow at a rapid pace. With this comes unique and significant challenges around how organizations ensure the security and integrity of their data and applications. Ixia’s CloudLens solution solves the critically-important problem of providing access to network traffic within and across cloud environments to enable solutions like LogRhythm’s Network Monitor to perform deep packet inspection, rich metadata extraction, analytics, and full-packet capture around cloud-based workloads. Together, LogRhythm and CloudLens give our customers the necessary visibility and threat detection capabilities to instill confidence as they migrate to the cloud.”

Matt Winter, VP Business Development, LogRhythm

 “As organizations move applications to the cloud, it has become more and more difficult to efficiently obtain the packets required for deep analytics on the usage and integrity of those applications. Ixia’s CloudLens provides a scalable and flexible way to efficiently collect packets from cloud hosted instances. This solution has been validated to work with our ntopng traffic analysis tool.”

Luca Deri, Founder, NTOP
AWS Badge

CloudLens Achieves AWS Networking Competency

Now an AWS Networking Competency partner solution, CloudLens assists enterprises with adopting, developing, and deploying networks in AWS by providing network health information, network visualization, and capability to alert and notify on network issues.

AWS Networking Competency Partners

Cloud Visibility Ecosystem

Ixia works with leading security, APM and NPM tool providers, including open source providers, to pre-validate CloudLens interoperability direct from cloud. The tools of the cloud visibility ecosystem providers operate directly with CloudLens, without requiring data backhaul to a virtual machine or network packet broker, for a seamless experience and complete visibility into cloud environments.

See complete list of Ixia Technology Partners.

AppNeta Logo

Appneta's award-winning suite of application performance management tools ensure optimized web app, SaaS app and end-user monitoring

Learn More about AppNeta
Bricata Logo

Detect. Hunt. Prevent Threats.

Help your organization achieve complete network security visibility of threats with Bricata, and reduce complexity, dwell time, and time to containment.

Learn More about Bricata
Bro Logo

Bro is an open source network security platform that illuminates your network's activity in detail, with the stability and flexibility for production deployment at scale.

Learn More about Bro
CA technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments.

Learn More about CA Technologies

Corelight is the most powerful network visibility solution for information security professionals. We provide real-time data that organizations use to understand, detect, and prevent cyber attacks. Our solution is built on Bro, the powerful and widely-used open source monitoring framework created by our founders.

Learn More about Corelight

Dynatrace is the innovator behind the industry's premier Digital Performance Platform, making real-time information about digital performance visible and actionable for everyone across business and IT. We help customers of all sizes see their applications and digital channels through the lens of their end users. More than 7,500 organizations use these insights to master complexity, gain operational agility and grow revenue by delivering amazing customer experiences.

Learn More about Dynatrace
Eastwind Networks

Eastwind offers the only breach analytics cloud that provides complete visibility of your key cyber terrain. We help analyze the flight data flowing across your corporate networks, virtual networks, cloud provider networks, cloud application networks, and your mobile workforce—with speed and precision. Always watching, our automated hunters enable you to identify malicious activity that evades all other security solutions.

Eastwind Networks is a select Ixia cloud partner who has bundled a complete security & monitoring solution with CloudLens. Simplified setup saves time and effort, and ensures seamless & complete data collection, visibility, and analytics. 

Learn More about Eastwind Networks
Empirix Logo

Empirix is the Leader in End-to-End Network Visibility and Test Automation for Telecommunications Service Providers and Contact Center Operations, DevOps and QA Professionals We provide testing software and services for regression, load testing and monitoring of Enterprise and call center technologies.

Learn More about Empirix
endace logo

For more than 15 years, Endace has provided high-speed, network recording and visibility solutions to monitor and protect some of the world’s largest, most complex networks. Customers include global banks, telcos and service providers, media and broadcast companies, health organizations, retailers, e-commerce and web giants, governments and large enterprises. Customers choose Endace technology because it can monitor and capture network traffic with 100% accuracy regardless of network speeds or loads. It can scale to meet the needs of the fastest networks and is built on an open architecture that enables integration with a wide variety of custom, open source and commercial solutions.

Learn More about Endace
Esentire Logo

eSentire Managed Detection and Response™ leads the industry in Managed Detection and Response services. We detect and mitigate cyber threats for mid-sized enterprise that existing security technology will miss, 24 hours a day, 7 days a week.

Learn More about Esentire

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,700 customers across 67 countries, including more than 730 of the Forbes Global 2000.

Security – joint with FireEye

Learn More about Fireeye

Flowmon Networks empowers businesses to manage and secure their computer networks confidently. Through our high performance network monitoring technology and lean-forward behavior analytics, IT pros worldwide benefit from absolute network traffic visibility to enhance network & application performance and deal with modern cyber threats. Driven by a passion for technology, we are leading the way of NetFlow/IPFIX network monitoring that is high performing, scalable and easy to use. The world’s largest businesses, internet service providers, government entities or even small and midsize companies rely on our solutions to take control over their networks, keep order and overcome uncertainty.

Learn More about Flowmon

JASK is purpose-built to accelerate security operations

Attack surfaces are expanding. The perimeters of growing companies continuously shift. And the pace of new weaponization is unrelenting. In this environment, efficacy depends on speed. But traditional security operations technology is a speed barrier. Heavy and difficult to change, it delivers more noise than signal, overwhelming analyst resources and clogging security operations. Enter JASK.

Learn More about Jask

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

Learn More about LogRhythm
Moloch Logo

Moloch is a large scale, open source, full packet capturing, indexing, and database system.

Moloch augments your current security infrastructure by storing and indexing network traffic in standard PCAP format, while also providing fast indexed access. Moloch is not meant to replace Intrusion Detection Systems (IDS), instead it provides more visibility. Moloch is built with an intuitive UI/UX which reduces the analysis time of suspected incidents.

Learn More about Moloch
Morphick Logo

Morphick provides security Managed Detection and Response (MDR) services to organizations globally. Morphick’s proven approach combines attack detection, threat hunting, incident response, and tailored threat intelligence to deliver morphing defensive postures. Organizations can also leverage Morphick’s NSA CIRA-Accredited Incident Response services for breach response support. Morphick provides threat intelligence for deep intelligence gathering and analysis, and other incident response services such as malware reverse engineering and customer signature development.


Netfort Logo

NetFort LANGuardian is the industry's leading deep packet inspection software for monitoring, troubleshooting, and reporting on user and network activity.

Learn More about Netfort

ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does.

Learn More about NTOP
Perch Security

Perch Security is the first Community Defense Platform. Perch makes threat intelligence accessible and affordable for the "everyone else" – organizations who don't have dedicated threat analyst teams. Now small and mid-size businesses can mount a cyber defense with curated community intelligence and participate with the sharing community; all without a SIEM, a TIP, or increasing staff. Perch is headquartered in Tampa, Florida. 

Learn More about Perch Security

ProtectWise shifts network security to the cloud to provide complete visibility and detection of enterprise threats and accelerated incident response. By harnessing the power of the cloud, the ProtectWise Grid™ has the unique ability to create an unlimited retention window with full-fidelity forensics, automated retrospection and advanced visualization — all with the ease and cost-savings of an on-demand deployment model. Security professionals can see threats in real-time and continuously goes back in time to discover previously unknown threats automatically.

Learn More about Protectwise

In today’s world, digital performance defines business success. But performance in the digital age is about more than speed. That’s why Riverbed provides a fully unified and integrated platform that eliminates tradeoffs and helps customers rethink possible. We help enhance digital performance across every aspect of a customer’s business—whether that’s gaining insight into new customers and industries, improving time to market, increasing productivity, or simply delivering fast, secure digital experiences today’s users demand. The Riverbed Digital Performance Platform helps transform the way customers run the powerful network- and cloud-based apps that connect people, businesses, and experiences in our digital world.

Troubleshooting – joint with Riverbed

Learn More about Riverbed
RSA Security

RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats.  With RSA’s award-winning products, organizations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime.

Learn More about RSA

Savvius offers a range of powerful software and hardware products that automate the collection of critical network data for network forensics in security investigations and for network and application performance diagnostics. Savvius and Ixia have partnered to bring full visibility, performance, scalability, and decryption to our enterprise customers with high-speed networks. The joint solution provides accurate time-stamping, SSL decryption, de-duplication, filtering, and load-balancing across multiple Savvius appliances.

Learn More about Savvius

Sinefa provides visibility and control for data networks. It allows network managers to see all the applications, users, devices, and links on the network, and to easily redirect bandwidth to critical applications. Increased network performance boosts productivity, eases user frustration and reduces network management costs. Sinefa is the simplest solution on the market, providing immediate total visibility and control that saves users and managers time.

Learn More about Sinefa
Suricata Logo

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline packet capture (pcap) processing.

Learn More about Suricata

Symantec™ and Ixia have teamed to deliver the complete, ongoing visibility and insight needed to hone cyber security processes and shrink your company’s attack surface. The joint solution makes your hybrid network and security infrastructures more intelligent, integrated, and automated — saving you time and effort and reducing your organization’s cyber risk.

Learn More about Symantec
Vectra Logo

Vectra® Networks is the leader in automated threat management solutions for real-time detection of in-progress cyber attacks. The company’s solution automatically correlates threats against hosts that are under attack and provides unique context about what attackers are doing so organizations can quickly prevent or mitigate loss. Vectra prioritizes attacks that pose the greatest business risk, enabling organizations to make rapid decisions on where to focus time and resources.

Learn More about Vectra Networks
Viavi Solutions

Viavi (NASDAQ: VIAV) software and hardware platforms and instruments deliver end-to-end visibility across physical, virtual and hybrid networks. Precise intelligence and actionable insight from across the network ecosystem optimizes the service experience for increased customer loyalty, greater profitability and quicker transitions to next-generation technologies. Viavi is also a leader in anti-counterfeiting solutions for currency authentication and high-value optical components and instruments for diverse government and commercial applications.

Learn More about Viavi Solutions
VoIP Monitor

VoIPmonitor is an open source network packet sniffer with commercial frontend for SIP RTP RTCP and SKINNY(SCCP) VoIP protocols running on linux. VoIPmonitor is designed to analyze quality of VoIP call based on network parameters - delay variation and packet loss according to ITU-T G.107 E-model which predicts quality on MOS scale.

Learn More about VoIP Monitor

Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.  Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Learn More about Wireshark

Interested in CloudLens? submit your information to contact sales