Azure. Google Cloud. IBM Cloud. Alibaba. CenturyLink. AWS. Any Cloud.

CloudLens is now the first visibility solution to support all leading cloud platforms, for both Windows and Linux!

Organizations, even those not typically associated with technology, are migrating to public cloud. This trend is growing because the cloud offers increased flexibility and agility. However, regardless of where infrastructure and applications reside, security and compliance needs remain the same. Organizations are finding that their traditional network visibility solutions are unable to meet their needs for visibility of cloud-based data.

Ixia's CloudLens Public is the first Software-as-a-Service (SaaS), network-level solution that provides Visibility-as-a-Service (VaaS). Designed from the ground up to retain the elastic scale, flexibility, and agility benefits of the cloud, CloudLens Public provides intelligent and automated cloud VaaS that scales with public cloud infrastructures.


  • Elastically scales on-demand – so visibility auto-scales along with the instances monitored and the cluster of instances that are needed to do the monitoring
  • Automates cloud visibility management by providing it as a service – so no architectural changes required
  • Reduces errors by eliminating manual configuration
  • Easy to use and setup with a drag and drop interface
  • Reduces bandwidth to tools by filtering packets at the source instances, eliminating unwanted traffic so tools operate optimally

Sign-up now for your CloudLens Public FREE TRIAL!


Comprehensive Cloud Visibility

  • Any Cloud Visibility
  • Elastic Scale
  • Pay per Use Pricing
  • Cloud-Native Design
  • Cloud Visibility Ecosystem
  • Service Provider Agnostic

    Cloud Service Provider Agnostic

    CloudLens is the first service-provider agnostic visibility platform, capable of providing access to packet data in Amazon Web Services (AWS), Microsoft Azure, IBM Bluemix, Google Cloud Platform, Alibaba Cloud, CenturyLink cloud and more; the platform also supports Window and Linux environments.

    CloudLens provides a single layer that can access data directly from instances, filter it in the cloud and then send it directly to security and monitoring tools. This provides flexibility, as data from any cloud can be routed to security in monitoring tools in any other cloud or in the data center. Being able to manage this layer in a single platform and interface also simplifies management and configuration for network administrators, mitigating errors and ensuring security and monitoring tools have the visibility they need.

  • Elastic Scale

    Elastic Scale, On-Demand

    CloudLens addresses the challenges of capturing and filtering traffic in the public cloud because it scales horizontally as instances are created and destroyed. CloudLens uses metadata from cloud platform instances to classify them; because metadata inherently exists for each new instance that is created, the platform automatically knows how to treat it and which security and monitoring policies need to be applied. Consequently, traffic from instances is appropriately filtered and routed to security and monitoring tools, without requiring human intervention. With a security and monitoring tool partner ecosystem, CloudLens ensures that tool instances also scale. An auto-scaling solution eliminates the burden of management to save time and money. It also mitigates the inherent risk of error with manual configuration. CloudLens has been tested to support thousands of instances.

  • Per per Use Pricing

    Cost-effective cloud visibility

    CloudLens aligns to one of the core tenets and drivers for why organizations move to cloud: No guesswork with regards to sizing for peak use, optimizing how resources are allocated and controlling costs.

    Like the cloud scales with load on applications or systems, CloudLens scales along with workload instances, adding visibility on-demand when instances are created or destroyed, without any architectural changes. This scale means you only use what you need and consequently, only pay for what you use. Moreover, CloudLens mitigates errors because there is no potential for mis-sizing peak demand or missing instances as they get added - ensuring the right amount of visibility, cost-effectively.

  • Cloud-Native Design

    A Cloud-Native, Serverless Design

    Ixia’s CloudLens can auto-scale and is cloud-provider agnostic because it is built on the cloud. At its core, it’s an implicit microservices architecture which is orchestrated via API’s - a serverless design. It is this cloud-native aspect that allows the platform to scale so it can meet the cloud needs of highly available and scalable service across technology platforms.

    CloudLens Public has two core components:

    • A SaaS visibility management platform. This is where users can configure visibility and define filtering.
    • Sensors and connectors: software that sits within the source and tool instances respectively. The sensors and connectors are how CloudLens accesses metadata because they sit within instances. They can be Docker-container or Agent based versions.

    What does it mean to be cloud-native and why it matters.

  • Cloud Visibility Ecosystem

    Cloud Visibility Ecosystem

    Ixia offers a Cloud Visibility Ecosystem of Technology Partners that are pre-validated to receive data directly from CloudLens in the cloud. This allows flexibility of management and removes the requirement of backhauling data when not required.

    Overall, a broad range of stakeholders can leverage CloudLens to feed the packet-based tools they need to support business. Compliance and security teams can deploy security tools such as data loss prevention (DLP) and intrusion prevention systems (IPS). Application owners can deploy application performance management (APM) and performance monitors. DevOps teams can deploy troubleshooting and analysis tools. Data can be sent to both cloud-based and physical security and monitoring tools. See the complete list of Ixia Technology Partners.

All through an easy, drag and drop interface

Ixia, as always, makes its products easy to use. CloudLens Public has an intuitive drag-and-drop interface that shows source instances on the left and tool instances on the right – as expected of a network based diagram. The CloudLens Public platform allows easy configuration of filters and ongoing management.

CloudLens Drag and Drop GUI

How CloudLENS Works

  • Identify Instances
  • Create a Project
  • Define Groups
  • Draw a Path
  • Setup Filters
  • Monitor
  • Source and Tool Instances

    Using CloudLens is easy. The first step is to load Ixia sensors on the source instances, where you need packet visibility. With CloudLens Public's visibility ecosystem, tool instances, where the packets need to be delivered, are already setup to work with the sensors. The sensors and connectors are containerized and run on top of a Docker engine – The sensors and connectors send metadata information (e.g., Cloud service provider, region, AZ, kernel module, CPU and memory) to the SaaS management platform. Moreover, the sensor is also what filters data before sending it to tools.

  • Create Project

    In the SaaS management platform, create a “project” and use the project key generated to associate the sensors and connectors running in the source and tool instances, respectively, to the project. This allows the management platform to have complete context of where source instances and tool instances reside and in turn bring packet visibility from the source to tool instances.

  • Define Groups

    In the SaaS management platform, create source groups and tool groups based on metadata ingested from the sensors and connectors; a natural classification system. The user also has the flexibility to create source groups and tools groups according to business objectives. In this example “Application Instances” are grouped together as “Source Group 1” and “Web Servers” are grouped together as “Source Group 2.”

  • Draw a Path

    Once groups are created, the relationship of source and tool instances can be established. Drag and drop a connection in the management platform to create a security visibility data path. This connection forwards packet data from source instances to tool instances through a secure peer-to-peer VPN tunnel, the secure visibility path, that originates in the source sensor and terminates in the tool. 

  • Filtering Screenshot

    You can create packet filters at the source instance to filter only relevant packet data that needs to be sent to your tools.

  • Monitor

    The work is done. Sit back with the peace of mind that you can now see what is happening in your public cloud environment.


“FireEye is excited to partner with Ixia on its new CloudLens platform to extend our industry-leading visibility and response speed into AWS, Azure, and other public cloud.  With our focus on simplifying, integrating, and automating security operations for customers with FireEye Helix, having scalable, native visibility into all cloud services, networks, endpoints, third-party security products enables us to stay ahead of our customer needs."

Martin Holste, CTO, Cloud, FireEye

“Ixia CloudLens was designed and built for the cloud and as a result, it is inherently elastic and scalable. CloudLens provides CA’s network monitoring solutions the visibility needed to monitor end-to-end response times to track and optimize the end user experience, no matter where an application is deployed.”

Sushil Kumar - SVP of Product Management and Strategy, Agile Operations, CA Technologies

“CloudLens' full-packet visibility in AWS enables Dynatrace DC RUM customers to monitor and improve the experience of business-critical applications such as SAP, Citrix, and Oracle.”

Steve Tack, Senior VP, Product Management, Dynatrace

 “Moving enterprise workloads to the cloud can create stumbling blocks for security teams, as they no longer have the network packet visibility needed to be effective. Ixia's CloudLens solves this problem by providing full, easy, and highly-scalable visibility in the public cloud. The joint Ixia and ProtectWise solution provides automated threat detection and unlimited forensic exploration.”

Ramon Peypoch, Chief Product Officer, ProtectWise

“As a provider of large scale SaaS-based performance management solutions hosted in AWS, AppNeta is very familiar with the challenges associated with obtaining actionable packet-level visibility in the public cloud. We found CloudLens met the elastic demands of public cloud customers in a multi-tenant, self-serve model like ours—and, unlike other solutions we've examined, performed well with minimal overhead. With CloudLens, deploying monitoring solutions in the public cloud occurs in a matter of minutes, not hours or days.”

Sean Armstrong, VP of Products, AppNeta

“The NetFort LANGuardian software download ensures users can get granular, real-time visibility of network and user activity on any remote site or data center in minutes. Now, using Ixia CloudLens, this has been expanded to ensure the cloud is no longer a blind spot. The combination of Ixia and NetFort ensures organizations always have a unified view of their environment from a single console that provides real visibility, metadata, and context for faster detection and response across their virtual, physical, and cloud networks.”

Morgan Doyle, CTO, NetFort

“Extending actionable network forensics into the cloud is both difficult and important. With Ixia CloudLens, Savvius is able to bring cloud capabilities to Omnipeek and Omnipliance in a manner that is scalable, elastic, and reliable.”

Nadeem Zahid, Sr Director of Business Development at Savvius

“The adoption of public cloud solutions is continuing to grow at a rapid pace. With this comes unique and significant challenges around how organizations ensure the security and integrity of their data and applications. Ixia’s CloudLens solution solves the critically-important problem of providing access to network traffic within and across cloud environments to enable solutions like LogRhythm’s Network Monitor to perform deep packet inspection, rich metadata extraction, analytics, and full-packet capture around cloud-based workloads. Together, LogRhythm and CloudLens give our customers the necessary visibility and threat detection capabilities to instill confidence as they migrate to the cloud.”

Matt Winter, VP Business Development, LogRhythm

 “As organizations move applications to the cloud, it has become more and more difficult to efficiently obtain the packets required for deep analytics on the usage and integrity of those applications. Ixia’s CloudLens provides a scalable and flexible way to efficiently collect packets from cloud hosted instances. This solution has been validated to work with our ntopng traffic analysis tool.”

Luca Deri, Founder, NTOP
Cloud Visibility Ecosystem

Ixia works with leading security, APM and NPM tool providers, including open source providers, to pre-validate CloudLens interoperability direct from cloud. The tools of the cloud visibility ecosystem providers operate directly with CloudLens, without requiring data backhaul to a virtual machine or network packet broker, for a seamless experience and complete visibility into cloud environments.

See complete list of Ixia Technology Partners.

AppNeta Logo

Appneta's award-winning suite of application performance management tools ensure optimized web app, SaaS app and end-user monitoring

Learn More about AppNeta
Bro Logo

Bro is an open source network security platform that illuminates your network's activity in detail, with the stability and flexibility for production deployment at scale.

Learn More about Bro
CA technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments.

Learn More about CA Technologies

Dynatrace is the innovator behind the industry's premier Digital Performance Platform, making real-time information about digital performance visible and actionable for everyone across business and IT. We help customers of all sizes see their applications and digital channels through the lens of their end users. More than 7,500 organizations use these insights to master complexity, gain operational agility and grow revenue by delivering amazing customer experiences.

Learn More about Dynatrace
Eastwind Networks

Eastwind offers the only breach analytics cloud that provides complete visibility of your key cyber terrain. We help analyze the flight data flowing across your corporate networks, virtual networks, cloud provider networks, cloud application networks, and your mobile workforce—with speed and precision. Always watching, our automated hunters enable you to identify malicious activity that evades all other security solutions.

Eastwind Networks is a select Ixia cloud partner who has bundled a complete security & monitoring solution with CloudLens. Simplified setup saves time and effort, and ensures seamless & complete data collection, visibility, and analytics. 

Learn More about Eastwind Networks

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,700 customers across 67 countries, including more than 730 of the Forbes Global 2000.

Security – joint with FireEye

Learn More about Fireeye

JASK is purpose-built to accelerate security operations

Attack surfaces are expanding. The perimeters of growing companies continuously shift. And the pace of new weaponization is unrelenting. In this environment, efficacy depends on speed. But traditional security operations technology is a speed barrier. Heavy and difficult to change, it delivers more noise than signal, overwhelming analyst resources and clogging security operations. Enter JASK.

Learn More about Jask

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

Learn More about LogRhythm
Netfort Logo

NetFort LANGuardian is the industry's leading deep packet inspection software for monitoring, troubleshooting, and reporting on user and network activity.

Learn More about Netfort

ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does.

Learn More about NTOP
Perch Security

Perch Security is the first Community Defense Platform. Perch makes threat intelligence accessible and affordable for the "everyone else" – organizations who don't have dedicated threat analyst teams. Now small and mid-size businesses can mount a cyber defense with curated community intelligence and participate with the sharing community; all without a SIEM, a TIP, or increasing staff. Perch is headquartered in Tampa, Florida. 

Learn More about Perch Security

ProtectWise shifts network security to the cloud to provide complete visibility and detection of enterprise threats and accelerated incident response. By harnessing the power of the cloud, the ProtectWise Grid™ has the unique ability to create an unlimited retention window with full-fidelity forensics, automated retrospection and advanced visualization — all with the ease and cost-savings of an on-demand deployment model. Security professionals can see threats in real-time and continuously goes back in time to discover previously unknown threats automatically.

Learn More about Protectwise
RSA Security

RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats.  With RSA’s award-winning products, organizations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime.

Learn More about RSA

Savvius offers a range of powerful software and hardware products that automate the collection of critical network data for network forensics in security investigations and for network and application performance diagnostics. Savvius and Ixia have partnered to bring full visibility, performance, scalability, and decryption to our enterprise customers with high-speed networks. The joint solution provides accurate time-stamping, SSL decryption, de-duplication, filtering, and load-balancing across multiple Savvius appliances.

Learn More about Savvius

Sinefa provides visibility and control for data networks. It allows network managers to see all the applications, users, devices, and links on the network, and to easily redirect bandwidth to critical applications. Increased network performance boosts productivity, eases user frustration and reduces network management costs. Sinefa is the simplest solution on the market, providing immediate total visibility and control that saves users and managers time.

Learn More about Sinefa
Suricata Logo

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline packet capture (pcap) processing.

Learn More about Suricata
VoIP Monitor

VoIPmonitor is an open source network packet sniffer with commercial frontend for SIP RTP RTCP and SKINNY(SCCP) VoIP protocols running on linux. VoIPmonitor is designed to analyze quality of VoIP call based on network parameters - delay variation and packet loss according to ITU-T G.107 E-model which predicts quality on MOS scale.

Learn More about VoIP Monitor

Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.  Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Learn More about Wireshark