Purpose Built Network Visibility for
Public Clouds

Ixia’s CloudLens SaaS is a software as a service (SaaS) platform for cloud visibility.
It is a collection of Amazon Web Services (AWSs) coordinated to support cloud agility
and allowing for horizontal scale. At its core, it is an implicit microservices architecture
that is orchestrated via application program interfaces (APIs). As a serverless design,
it meets the cloud needs of highly available and scalable service. The solution has two
primary components:

1. Source and tool sensors – Installed within both the source instances (that require
   monitoring) and the tool instances (that will analyze the data), the source sensor filters
   traffic before sending it to the tools.
2. Centralized management platform – Users can control and operate the sensors
   installed in the source and tool instances. The management platform creates a secure
   visibility path that transfers packet data from the source to the tool sensors.
   These components work together to provide the benefits of a cloud visibility solution
   and address core needs in a cloud environment.
   Step 1: The Sensors
   The CloudLens visibility sensors are installed as Docker containers on both the source
   and tool instances; this allows sensors to leverage information that is inherent to the
   instance and forward it as metadata to the central management platform:
   • Gathering and filtering traffic

• Network data gathering is possible, as packets from the source machine can be
  obtained at the OS layer directly.
• Gathering data from within the instance is secure, as this allows the sensors to
  inherit the existing security context, preventing cross-tenant security violations.
• Network blind spots normally caused by SSL are eliminated, because the sensors
  are running directly on the source instances themselves, which are behind SSL
  off-load services.
  • Scaling tools to parallel cloud elasticity
• Filtering data allows for more robust options, as the sensor has access to
  additional instance-level metadata. This provides administrators access to a
  larger set of criteria when setting filtering rules. For example, packet collection
  or filtering decisions could include metadata including OS, instance metadata,
  or even metrics, like CPU and memory load.
• Elasticity and scaling events are handled implicitly; the visibility sensors scale
  dynamically along with the source instances based on applications’ needs.

Network Packet Brokers:
The Right Data for the Right Tools
NPBs are central to providing dynamic network intelligence throughout your network.
Using application-aware traffic filtering, decryption, and deduplication, NPBs enable your
security and monitoring tools to be more efficient and effective by ensuring that each tool
gets the right data — nothing more, nothing less. Furthermore, unlike many competitive
offerings, Keysight NPBs offer hardware acceleration enabled by field-programmable
gate arrays (FPGAs). This functionality is a key consideration for any visibility deployment
supporting mission-critical security or network monitoring because it allows the application
of features and filters at line rate without lost traffic, blind spots, or dropped packets.
Keysight NPBs offer these key features:
• zero-loss architecture
• load balancing for multiple monitoring or security tools
• centralized decryption, including advanced TLS 1.3
• dynamic filter compiler reduces operational complexity
• easy-to-use graphical user interface (GUI)