Purpose Built Network Visibility for
Public Clouds

Ixia’s CloudLens SaaS is a software as a service (SaaS) platform for cloud visibility.
It is a collection of Amazon Web Services (AWSs) coordinated to support cloud agility
and allowing for horizontal scale. At its core, it is an implicit microservices architecture
that is orchestrated via application program interfaces (APIs). As a serverless design,
it meets the cloud needs of highly available and scalable service. The solution has two
primary components:

  1. Source and tool sensors – Installed within both the source instances (that require
    monitoring) and the tool instances (that will analyze the data), the source sensor filters
    traffic before sending it to the tools.
  2. Centralized management platform – Users can control and operate the sensors
    installed in the source and tool instances. The management platform creates a secure
    visibility path that transfers packet data from the source to the tool sensors.
    These components work together to provide the benefits of a cloud visibility solution
    and address core needs in a cloud environment.
    Step 1: The Sensors
    The CloudLens visibility sensors are installed as Docker containers on both the source
    and tool instances; this allows sensors to leverage information that is inherent to the
    instance and forward it as metadata to the central management platform:
    • Gathering and filtering traffic
  • Network data gathering is possible, as packets from the source machine can be
    obtained at the OS layer directly.
  • Gathering data from within the instance is secure, as this allows the sensors to
    inherit the existing security context, preventing cross-tenant security violations.
  • Network blind spots normally caused by SSL are eliminated, because the sensors
    are running directly on the source instances themselves, which are behind SSL
    off-load services.
    • Scaling tools to parallel cloud elasticity
  • Filtering data allows for more robust options, as the sensor has access to
    additional instance-level metadata. This provides administrators access to a
    larger set of criteria when setting filtering rules. For example, packet collection
    or filtering decisions could include metadata including OS, instance metadata,
    or even metrics, like CPU and memory load.
  • Elasticity and scaling events are handled implicitly; the visibility sensors scale
    dynamically along with the source instances based on applications’ needs.

Network Packet Brokers:
The Right Data for the Right Tools
NPBs are central to providing dynamic network intelligence throughout your network.
Using application-aware traffic filtering, decryption, and deduplication, NPBs enable your
security and monitoring tools to be more efficient and effective by ensuring that each tool
gets the right data — nothing more, nothing less. Furthermore, unlike many competitive
offerings, Keysight NPBs offer hardware acceleration enabled by field-programmable
gate arrays (FPGAs). This functionality is a key consideration for any visibility deployment
supporting mission-critical security or network monitoring because it allows the application
of features and filters at line rate without lost traffic, blind spots, or dropped packets.
Keysight NPBs offer these key features:
• zero-loss architecture
• load balancing for multiple monitoring or security tools
• centralized decryption, including advanced TLS 1.3
• dynamic filter compiler reduces operational complexity
• easy-to-use graphical user interface (GUI)

Leave a Reply