Need Assistance?

Newsletter

For a Free Quote...

Ixia CloudLens Public

CL Public header

Organizations, even those not typically associated with technology, are migrating to the cloud. This trend is growing because the cloud offers increased flexibility and agility. With this mass migration, organizations have more segments to manage and more potential blind spots in their networks. Regardless of where infrastructure and applications reside, security and compliance needs remain the same. Organizations are finding that their traditional network visibility solutions are unable to meet their needs for visibility of cloud-based data.

CloudLens™, Ixia's platform for public, private and hybrid cloud visibility addresses the challenges of granular data access in the cloud. CloudLens Public, the arm that supports public cloud platforms,  is the first network-level solution that provides Visibility-as-a-Service (VaaS) through a Software-as-a-Service (SaaS). Designed from the ground up to retain the elastic scale, flexibility, and agility benefits of the cloud, CloudLens Public provides an intelligent and automated cloud VaaS that scales with public cloud infrastructures.

CLOUDLENS PUBLIC
  • Elastically scales on-demand – so visibility auto-scales horizontally along with the instances monitored and the cluster of instances that are needed to do the monitoring
  • Automates cloud visibility management by providing it as a service – so no architectural changes required
  • Reduces errors by eliminating manual configuration
  • Easy to use and setup with a drag and drop interface
  • Reduces bandwidth to tools by filtering packets at the source instances, eliminating unwanted traffic so tools operate optimally

cl public 3 diagram

ELASTIC SCALE, ON-DEMAND

CL Tools

CloudLens Public addresses the challenges of capturing and filtering traffic in the public cloud because it scales horizontally as instances are created and destroyed. CloudLens Public uses metadata from cloud platform instances to classify them; because metadata inherently exists for each new instance that is created, the platform automatically knows how to treat it and which security and monitoring policies need to be applied. Consequently, traffic from instances is appropriately filtered and routed to security and monitoring tools, without requiring human intervention. With a security and monitoring tool partner ecosystem, CloudLens Public ensures that tool instances also scale. An auto-scaling solution eliminates the burden of management to save time and money. It also mitigates the inherent risk of error with manual configuration.  CloudLens Public has been tested to support thousands of instances.

CloudLens Public aligns to one of the core tenets and drivers for why organizations move to cloud: No guesswork with regards to sizing for peak use, optimizing how resources are allocated.

With CloudLens Public, you can achieve cloud visibility without having to size a virtual packet broker, which is a virtual instance meant to act as a packer broker, to address peak size. Moreover, you do not have to configure secondary or sandbox environments at peak size either. As the cloud scales, so will CloudLens by adding units on-demand, without any architectural changes. This ensures that errors in sizing do not affect security in monitoring and that resources are not lost to over-sizing across multiple environments.

 A CLOUD-NATIVE, SERVERLESS DESIGN

Ixia’s CloudLens Public can auto-scale and its design is cloud-provider agnostic because it is built on the cloud. At its core, it’s an implicit microservices architecture which is orchestrated via API’s - a serverless design. It is this cloud-native aspect that allows the platform to scale so it can meet the cloud needs of highly available and scalable service across technology platforms.
CloudLens Public has two core components:
  • A SaaS visibility management platform. This is where users can configure visibility and define filtering.
  • Sensors and connectors that are containerized, Docker-based software that sit within the source and tool instaCL Purposences respectively. The sensors and connectors are how CloudLens accesses metadata because they sit within instance

CL Public Interface

 

cl pictures

ALL THROUGH AN EASY, DRAG AND DROP INTERFACE

Ixia, as always, makes its products easy to use. CloudLens Public has an intuitive drag-and-drop interface that shows source instances on the left and tool instances on the right – as expected of a network based diagram. The CloudLens Public platform allows easy configuration of filters and ongoing management.

A broad range of stakeholders can leverage CloudLens Public to feed the packet-based tools they need to support your business. Compliance and security teams can deploy security tools such as data loss prevention (DLP) and intrusion prevention systems (IPS). Application owners can deploy application performance management (APM) and performance monitors. DevOps teams can deploy troubleshooting and analysis tools.

 

HOW CLOUDLENS WORKS

  • IDENTIFY INSTANCES

  • CREATE A PROJECT

  • DEFINE GROUPS

  • DRAW A PATH

  • SETUP FILTERS

  • MONITOR

Using CloudLens is easy. The first step is to load Ixia sensors on the source instances, where you need packet visibility. With CloudLens Public's visibility ecosystem, tool instances, where the packets need to be delivered, are already setup to work with the sensors. The sensors and connectors are containerized and run on top of a Docker engine – The sensors and connectors send metadata information (e.g., Cloud service provider, region, AZ, kernel module, CPU and memory) to the SaaS management platform. Moreover, the sensor is also what filters data before sending it to tools.

CL Public Instances

CL PUBLIC SCREEN

 In the SaaS management platform, create a “project” and use the project key generated to associate the sensors and connectors running in the source and tool instances, respectively, to the project. This allows the management platform to have complete context of where source instances and tool instances reside and in turn bring packet visibility from the source to tool instances.

 

CL public GroupIn the SaaS management platform, create source groups and tool groups based on metadata ingested from the sensors and connectors; a natural classification system. The user also has the flexibility to create source groups and tools groups according to business objectives. In this example “Application Instances” are grouped together as “Source Group 1” and “Web Servers” are grouped together as “Source Group 2.”

 

 

 

 

 

 

CL Public Draw Path

Once groups are created, the relationship of source and tool instances can be established. Drag and drop a connection in the management platform to create a security visibility data path. This connection forwards packet data from source instances to tool instances through a secure peer-to-peer VPN tunnel, the secure visibility path, that originates in the source sensor and terminates in the tool.

 

 

CL PUBLIC SETUP FILTER

You can create packet filters at the source instance to filter only relevant packet data that needs to be sent to your tools.

 

 

 

 

 

The work is done. Sit back with the peace of mind that you can now see what happening in your public cloud environment.

 CL PUBLIC MONITOR

 

 

 

RESOURCES 

CL Public DS pic