AWS. HYPER V. Google Cloud. KVM. azure. VMWARE. Alibaba. OPENSTACK. SEE INTO Any Cloud.

Public, private, and hybrid clouds offer varying combinations of agility, scalability, and cost-effectiveness. However, you cannot secure what you cannot see. Without packet-level cloud visibility, your tools are flying blind — powerless to prevent potential performance problems or protect vulnerable blind spots.

Network security and performance are too critical to be left to chance. That's why organizations worldwide trust CloudLens SaaS to secure their clouds by feeding their monitoring tools with timely, actionable traffic data. With an auto-scaling, cloud-native design and turnkey compatibility with leading security, application performance management (APM), and network performance management (NPM) tools, you can rest easy knowing your cloud is in the right hands.

Cloud-Native Visibility, From the Ground Up

  • Any Cloud Visibility
  • Elastic Scale
  • Subscription-Based Pricing
  • Cloud-Native Design
  • Cloud Visibility Ecosystem
  • Service Provider Agnostic

    Cloud Agnostic

    Nothing is worse than needing different tools to capture packets in your different cloud environments. That's why we built CloudLens SaaS as the first service provider-agnostic visibility platform. So, whether you are using a public cloud, a private cloud, a mix of the two, or something else (like Windows or Linux environments), you can access the packet data your tools need.

    With CloudLens, you can pull traffic directly from your virtual machines (VMs), filter it in the cloud, and then send it directly to your data center or cloud-based security and monitoring tools. Boasting a simplified user interface, CloudLens makes management and configuration easy for network administrators. With CloudLens, mitigating errors is simple — ensuring that your tools always have the visibility they need.

  • Elastic Scale

    Elastic Scale, On-Demand

    Capturing cloud traffic is not easy. Without the ability to horizontally scale as instances are created, many cloud visibility solutions fall short. A cloud-native platform, CloudLens SaaS is uniquely equipped to withstand the rigors of enterprise-level cloud environments — boasting elastic auto-scaling and tested to thousands of instances.

    Utilizing metadata, CloudLens automatically classifies new instances in your cloud environment(s) before appropriately filtering and routing them to your security and monitoring tools. With a robust ecosystem of tool partners, you can rest assured your security and monitoring tools will work as intended.

  • Subscription-Based Billing

    Cost-effective cloud visibility

    Controlling costs is not just a primary driver for public cloud adoption but a critical component of your cloud monitoring strategy. Bandwidth is money, and eliminating guesswork is a considerable concern. Like the elasticity of your cloud environments themselves, your software-as-a-service solution should let you pay as you go.

    When you need maximum flexibility, CloudLens SaaS offers convenience without the complexity of a data center deployment. No matter the size of your cloud, you will always have the visibility you need — all in a convenient, web-based platform.

  • Cloud-Native Design

    A Cloud-Native, Serverless Design

    Unlike other cloud visibility solutions, CloudLens SaaS is a completely cloud-based platform. At its core, it is an implicit microservices architecture orchestrated via APIs. This serverless design enables CloudLens to auto-scale on demand — eliminating the need for complex and costly data backhauls that bottleneck performance and drive up the cost of other visibility solutions. 

    CloudLens SaaS comprises two core components:

    • A SaaS visibility management platform. A user-friendly interface makes it easy to configure visibility and define filtering.
    • Sensors and connectors that sit within your source and tool instances, respectively. Available in Docker-container or agent-based versions, these tools enable CloudLens to access critical metadata and traffic information in any cloud environment.
  • Cloud Visibility Ecosystem

    Cloud Visibility Ecosystem

    Ixia's cloud visibility ecosystem makes it easy to get up and running quickly. Our certified technology partners are pre-validated to receive data directly from CloudLens in the cloud. Turnkey compatibility with leading security and performance monitoring tools prevents complex workarounds and saves money by avoiding costly data backhauls.

    This day-one compatibility makes it easy for everyone in your organization to feed the packet-based tools they need to support business. Included are the data loss prevention (DLP) and intrusion prevention systems (IPS) that your security and compliance teams rely on, as well as the performance monitoring and analysis tools that your application owners and DevOps teams need. You can rest easy knowing the right tools are getting the right data at the right time.

CloudLens Containers + Kubernetes Visibility


CloudLens is the first and only solution to deliver packet visibility into containers and Kubernetes clusters across cloud platforms, including AWS Elastic Container Service for Kubernetes (EKS), Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE).

Discover how to maximize your APM, NPM, and security tools by establishing packet visibility into your workloads in container-based environments and Kubernetes clusters!

How CloudLens Works

  • Identify Instances
  • Create a Project
  • Define Groups
  • Draw a Path
  • Setup Filters
  • Monitor
  • Source and Tool Instances in CloudLens

    Using CloudLens is easy. The first step is to load Ixia sensors on the source instances where you need packet visibility. With the cloud visibility ecosystem, security and monitoring tool instances (where the packets need to be delivered) are already set up with connectors to receive data from your sensors.

    The sensors capture, filter, and deliver packet data to your tools — along with sending metadata information (for example, cloud service provider, region, availability zone, kernel module, CPU, and memory) to the CloudLens SaaS management platform. For maximum flexibility, you can also route your data to physical tools or a network packet broker through a CloudLens virtual packet processor (VM).

  • Creating a Project in CloudLens

    With your sensors set up, you need to provide context so the management platform knows where source and tool instances reside. Otherwise, you cannot enable packet visibility from the source to tool instances. In the management platform, simply create a "project” and use the auto-generated project key to associate the sensors and connectors running in the source and tool instances.

  • Defining Groups in CloudLens

    A natural classification system, CloudLens' SaaS management platform enables you to create source and tool groups based on metadata captured from sensors and connectors or according to your own business objectives.

    This example shows “Application Instances” grouped together as “Source Group 1” and “Web Servers” grouped together as “Source Group 2.”

  • Drawing a Path in CloudLens

    After creating groups, you need to establish the relationship of source and tool instances. Simply drag and drop a connection in the management platform to create a data path. This enables you to forward packet data from source instances to tool instances through a secure peer-to-peer VPN tunnel. 

  • CloudLens Filtering Screenshot

    Some of your tools do not need all of your data. In the case of your security tools, too much noise can lead to false positives and diminished performance. So once you have established your source and tool relationships, you can create packet filters to ensure that your tools are receiving only relevant packet data.

  • CloudLens monitoring diagram

    Congratulations! Your work here is done. Sit back with the peace of mind that you can now monitor packet data across all of your clouds.

Cloud visibility has never been easier to manage

Few things are worse than a great platform ruined by a clunky user interface. That's why we built CloudLens with an intuitive drag-and-drop interface that makes it easy to understand network data flow. By cutting the complexity, you get to spend more time using CloudLens — and less time fiddling with it.

CloudLens Drag and Drop GUI
Cloud Visibility Ecosystem

Ixia works with leading security, APM and NPM tool providers, including open source providers, to pre-validate CloudLens compatibility directly from cloud. The tools of the cloud visibility ecosystem providers operate directly with CloudLens, without requiring data backhaul to a VM or network packet broker. That provides a seamless experience and complete visibility into cloud environments.

See complete list of Ixia Technology Partners.

Amazon Web Services

For 11 years, Amazon Web Services has been the world's most comprehensive and broadly adopted cloud platform. AWS offers over 90 fully featured services for compute, storage, networking, database, analytics, application services, deployment, management, developer, mobile, Internet of Things (IoT), Artificial Intelligence (AI), security, hybrid, and enterprise applications, from 44 Availability Zones (AZs) across 16 geographic regions in the U.S., Australia, Brazil, Canada, China, Germany, India, Ireland, Japan, Korea, Singapore, and the UK. AWS services are trusted by millions of active customers around the world -- including the fastest growing startups, largest enterprises, and leading government agencies -- to power their infrastructure, make them more agile, and lower costs.

Learn More about Amazon Web Services
AppNeta Logo

Appneta's award-winning suite of application performance management tools ensure optimized web app, SaaS app and end-user monitoring

Learn More about AppNeta
Bricata Logo

Detect. Hunt. Prevent Threats.

Help your organization achieve complete network security visibility of threats with Bricata, and reduce complexity, dwell time, and time to containment.

Learn More about Bricata
Bro Logo

Bro is an open source network security platform that illuminates your network's activity in detail, with the stability and flexibility for production deployment at scale.

Learn More about Bro
CA technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments.

Learn More about CA Technologies

Corelight is the most powerful network visibility solution for information security professionals. We provide real-time data that organizations use to understand, detect, and prevent cyber attacks. Our solution is built on Bro, the powerful and widely-used open source monitoring framework created by our founders.

Learn More about Corelight

Dynatrace is the innovator behind the industry's premier Digital Performance Platform, making real-time information about digital performance visible and actionable for everyone across business and IT. We help customers of all sizes see their applications and digital channels through the lens of their end users. More than 7,500 organizations use these insights to master complexity, gain operational agility and grow revenue by delivering amazing customer experiences.

Learn More about Dynatrace
Empirix Logo

Empirix is the Leader in End-to-End Network Visibility and Test Automation for Telecommunications Service Providers and Contact Center Operations, DevOps and QA Professionals We provide testing software and services for regression, load testing and monitoring of Enterprise and call center technologies

Learn More about Empirix
endace logo

For more than 15 years, Endace has provided high-speed, network recording and visibility solutions to monitor and protect some of the world’s largest, most complex networks. Customers include global banks, telcos and service providers, media and broadcast companies, health organizations, retailers, e-commerce and web giants, governments and large enterprises. Customers choose Endace technology because it can monitor and capture network traffic with 100% accuracy regardless of network speeds or loads. It can scale to meet the needs of the fastest networks and is built on an open architecture that enables integration with a wide variety of custom, open source and commercial solutions.

Learn More about Endace
Esentire Logo

eSentire Managed Detection and Response™ leads the industry in Managed Detection and Response services. We detect and mitigate cyber threats for mid-sized enterprise that existing security technology will miss, 24 hours a day, 7 days a week.

Learn More about Esentire

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,700 customers across 67 countries, including more than 730 of the Forbes Global 2000.

Security – joint with FireEye

Learn More about Fireeye

Flowmon Networks empowers businesses to manage and secure their computer networks confidently. Through our high performance network monitoring technology and lean-forward behavior analytics, IT pros worldwide benefit from absolute network traffic visibility to enhance network & application performance and deal with modern cyber threats. Driven by a passion for technology, we are leading the way of NetFlow/IPFIX network monitoring that is high performing, scalable and easy to use. The world’s largest businesses, internet service providers, government entities or even small and midsize companies rely on our solutions to take control over their networks, keep order and overcome uncertainty.

Learn More about Flowmon

JASK is purpose-built to accelerate security operations

Attack surfaces are expanding. The perimeters of growing companies continuously shift. And the pace of new weaponization is unrelenting. In this environment, efficacy depends on speed. But traditional security operations technology is a speed barrier. Heavy and difficult to change, it delivers more noise than signal, overwhelming analyst resources and clogging security operations. Enter JASK.

Learn More about Jask

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

Learn More about LogRhythm
Microsoft Azure

Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.

Learn More about Microsoft Azure
Moloch Logo

Moloch is a large scale, open source, full packet capturing, indexing, and database system.

Moloch augments your current security infrastructure by storing and indexing network traffic in standard PCAP format, while also providing fast indexed access. Moloch is not meant to replace Intrusion Detection Systems (IDS), instead it provides more visibility. Moloch is built with an intuitive UI/UX which reduces the analysis time of suspected incidents.

Learn More about Moloch
Netfort Logo

NetFort LANGuardian is the industry's leading deep packet inspection software for monitoring, troubleshooting, and reporting on user and network activity.

Learn More about Netfort

ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does.

Learn More about NTOP
Perch Security

Perch Security is the first Community Defense Platform. Perch makes threat intelligence accessible and affordable for the "everyone else" – organizations who don't have dedicated threat analyst teams. Now small and mid-size businesses can mount a cyber defense with curated community intelligence and participate with the sharing community; all without a SIEM, a TIP, or increasing staff. Perch is headquartered in Tampa, Florida. 

Learn More about Perch Security

ProtectWise shifts network security to the cloud to provide complete visibility and detection of enterprise threats and accelerated incident response. By harnessing the power of the cloud, the ProtectWise Grid™ has the unique ability to create an unlimited retention window with full-fidelity forensics, automated retrospection and advanced visualization — all with the ease and cost-savings of an on-demand deployment model. Security professionals can see threats in real-time and continuously goes back in time to discover previously unknown threats automatically.

Learn More about Protectwise

In today’s world, digital performance defines business success. But performance in the digital age is about more than speed. That’s why Riverbed provides a fully unified and integrated platform that eliminates tradeoffs and helps customers rethink possible. We help enhance digital performance across every aspect of a customer’s business—whether that’s gaining insight into new customers and industries, improving time to market, increasing productivity, or simply delivering fast, secure digital experiences today’s users demand. The Riverbed Digital Performance Platform helps transform the way customers run the powerful network- and cloud-based apps that connect people, businesses, and experiences in our digital world.

Troubleshooting – joint with Riverbed

Learn More about Riverbed
RSA Security

RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats.  With RSA’s award-winning products, organizations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime.

Learn More about RSA

Savvius offers a range of powerful software and hardware products that automate the collection of critical network data for network forensics in security investigations and for network and application performance diagnostics. Savvius and Ixia have partnered to bring full visibility, performance, scalability, and decryption to our enterprise customers with high-speed networks. The joint solution provides accurate time-stamping, SSL decryption, de-duplication, filtering, and load-balancing across multiple Savvius appliances.

Learn More about Savvius

Sinefa provides visibility and control for data networks. It allows network managers to see all the applications, users, devices, and links on the network, and to easily redirect bandwidth to critical applications. Increased network performance boosts productivity, eases user frustration and reduces network management costs. Sinefa is the simplest solution on the market, providing immediate total visibility and control that saves users and managers time.

Learn More about Sinefa
Suricata Logo

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline packet capture (pcap) processing.

Learn More about Suricata

Symantec™ and Ixia have teamed to deliver the complete, ongoing visibility and insight needed to hone cyber security processes and shrink your company’s attack surface. The joint solution makes your hybrid network and security infrastructures more intelligent, integrated, and automated — saving you time and effort and reducing your organization’s cyber risk.

Webinar: Breached! Next Generation Network Forensics for the Cloud

Learn More about Symantec
Vectra Logo

Vectra® Networks is the leader in automated threat management solutions for real-time detection of in-progress cyber attacks. The company’s solution automatically correlates threats against hosts that are under attack and provides unique context about what attackers are doing so organizations can quickly prevent or mitigate loss. Vectra prioritizes attacks that pose the greatest business risk, enabling organizations to make rapid decisions on where to focus time and resources.

Learn More about Vectra Networks
Viavi Solutions

Viavi (NASDAQ: VIAV) software and hardware platforms and instruments deliver end-to-end visibility across physical, virtual and hybrid networks. Precise intelligence and actionable insight from across the network ecosystem optimizes the service experience for increased customer loyalty, greater profitability and quicker transitions to next-generation technologies. Viavi is also a leader in anti-counterfeiting solutions for currency authentication and high-value optical components and instruments for diverse government and commercial applications.

Learn More about Viavi Solutions
VoIP Monitor

VoIPmonitor is an open source network packet sniffer with commercial frontend for SIP RTP RTCP and SKINNY(SCCP) VoIP protocols running on linux. VoIPmonitor is designed to analyze quality of VoIP call based on network parameters - delay variation and packet loss according to ITU-T G.107 E-model which predicts quality on MOS scale.

Learn More about VoIP Monitor

Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.  Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Learn More about Wireshark

“FireEye is excited to partner with Ixia on its new CloudLens platform to extend our industry-leading visibility and response speed into AWS, Azure, and other public cloud.  With our focus on simplifying, integrating, and automating security operations for customers with FireEye Helix, having scalable, native visibility into all cloud services, networks, endpoints, third-party security products enables us to stay ahead of our customer needs."

Martin Holste, CTO, Cloud, FireEye

“Ixia CloudLens was designed and built for the cloud and as a result, it is inherently elastic and scalable. CloudLens provides CA’s network monitoring solutions the visibility needed to monitor end-to-end response times to track and optimize the end user experience, no matter where an application is deployed.”

Sushil Kumar - SVP of Product Management and Strategy, Agile Operations, CA Technologies

“CloudLens' full-packet visibility in AWS enables Dynatrace DC RUM customers to monitor and improve the experience of business-critical applications such as SAP, Citrix, and Oracle.”

Steve Tack, Senior VP, Product Management, Dynatrace

 “Moving enterprise workloads to the cloud can create stumbling blocks for security teams, as they no longer have the network packet visibility needed to be effective. Ixia's CloudLens solves this problem by providing full, easy, and highly-scalable visibility in the public cloud. The joint Ixia and ProtectWise solution provides automated threat detection and unlimited forensic exploration.”

Ramon Peypoch, Chief Product Officer, ProtectWise

“As a provider of large scale SaaS-based performance management solutions hosted in AWS, AppNeta is very familiar with the challenges associated with obtaining actionable packet-level visibility in the public cloud. We found CloudLens met the elastic demands of public cloud customers in a multi-tenant, self-serve model like ours—and, unlike other solutions we've examined, performed well with minimal overhead. With CloudLens, deploying monitoring solutions in the public cloud occurs in a matter of minutes, not hours or days.”

Sean Armstrong, VP of Products, AppNeta

“The NetFort LANGuardian software download ensures users can get granular, real-time visibility of network and user activity on any remote site or data center in minutes. Now, using Ixia CloudLens, this has been expanded to ensure the cloud is no longer a blind spot. The combination of Ixia and NetFort ensures organizations always have a unified view of their environment from a single console that provides real visibility, metadata, and context for faster detection and response across their virtual, physical, and cloud networks.”

Morgan Doyle, CTO, NetFort

“Extending actionable network forensics into the cloud is both difficult and important. With Ixia CloudLens, Savvius is able to bring cloud capabilities to Omnipeek and Omnipliance in a manner that is scalable, elastic, and reliable.”

Nadeem Zahid, Sr Director of Business Development at Savvius

“The adoption of public cloud solutions is continuing to grow at a rapid pace. With this comes unique and significant challenges around how organizations ensure the security and integrity of their data and applications. Ixia’s CloudLens solution solves the critically-important problem of providing access to network traffic within and across cloud environments to enable solutions like LogRhythm’s Network Monitor to perform deep packet inspection, rich metadata extraction, analytics, and full-packet capture around cloud-based workloads. Together, LogRhythm and CloudLens give our customers the necessary visibility and threat detection capabilities to instill confidence as they migrate to the cloud.”

Matt Winter, VP Business Development, LogRhythm

 “As organizations move applications to the cloud, it has become more and more difficult to efficiently obtain the packets required for deep analytics on the usage and integrity of those applications. Ixia’s CloudLens provides a scalable and flexible way to efficiently collect packets from cloud hosted instances. This solution has been validated to work with our ntopng traffic analysis tool.”

Luca Deri, Founder, NTOP