Cloud Visibility
CloudLens Self-Hosted
Packet-level visibility for private cloud — deployed in your own data center
Monitor And Secure Your Private Cloud With A Platform Based In Your Data Center
Private clouds are flexible, scalable, and leverage your existing infrastructure. But a lack of packet-level visibility can complicate things considerably. The environment may be virtual, but the blind spots are not. Without the ability to monitor traffic between virtual machines (VMs) in your private cloud, your security and performance management tools lack the critical data they need to identify attackers and prevent network outages.
That's why companies trust Cloudlens to deliver complete, packet-level visibility for their private clouds. Instead of the pay-as-you-go approach offered by CloudLens SaaS, CloudLens Self-Hosted runs in your data center — enabling you to supply your monitoring tools with critical packet data from your virtual environment, even when you are offline.
ELASTIC SCALE
DATA ACCESS ANY TIME, ANYWHERE
MULTI-CLOUD CAPABLE
What You Get
Pick a Hypervisior, Any Hypervisor
With support for leading virtual environments, VMware ESXi and NSX, Nutanix AHV, OpenStack KVM, and Microsoft Hyper-V, CloudLens Self-Hosted enables complete visibility into all your private cloud deployments via a single management interface.
Moreover, CloudLens Self-Hosted is vSwitch/router agnostic—giving you even more flexibility when needed.
Capture Inter-VM Traffic With VTAP
Packet data traveling between VMs is notoriously difficult to capture. However, CloudLens Self-Hosted captures this east-west traffic with its proprietary vTap capability. The platform can virtually tap both inline and out-of-band (OOB) traffic in two modes:
- Tap only: copies and forwards data, similar to a physical tap,
- Tap and filter: copies data and filters it with basic Layer 2 to Layer 4 criteria, so only relevant data is forwarded
Additionally, Cloud Sensor vTaps can access network traffic in environments where your administrators have limited or no hypervisor access, such as with Microsoft Azure Stack. This enables you to achieve true hypervisor-agnostic visibility, since you can run CloudLens vTap sensors in your virtual workloads, filter the tapped traffic with L2 to L4 criteria, and forward packet data to any available interface with GRE tunneling.
As with any of our products, management is simple. The easy-to-use CloudLens Sensor Management Platform integrates seamlessly with the CloudLens GUI — enabling you to deploy sensors wherever you need them, even in secure environments or without internet access.
Save Bandwidth and Reduce Latency by Filtering at the Source
Packet-level cloud visibility makes your tools better, but more data isn't always the answer. Security tools rely on timely, contextual intelligence — and unfiltered packet data can easily lead to false positives or undetected intrusions. While many tools offer intelligent filtering themselves, CloudLens is more efficient. This reduces costs while enabling you to maximize your existing security and monitoring investments.
The only platform that aggregates, filters, and processes packets virtually, CloudLens Self-Hosted offers Keysight's industry-leading visibility intelligence, including NetStack, PacketStack, and AppStack.
With NetStack, you can aggregate, load-balance, and filter traffic with L2 to L4 criteria — similar to what a physical packet broker can offer, but as a set of software agents deployed on your private cloud infrastructure.
From there, you can utilize PacketStack and AppStack for more advanced capabilities such as de-duplication, header stripping, signature-based application detection, geolocation, Layer 7-based filtering, threat detection, and NetFlow generation.
Easily Adaptable For Multiple Architecutures
Because it deploys and runs in your data center, CloudLens Self-Hosted is flexible. This enables you to select the right approach to get the right data to your security and monitoring tools.
Route A
- Send tapped traffic directly to virtual tools
- Send L2 to L4 filtered traffic to virtual tools
- Send virtually processed, brokered packets to virtual tools
Route B
- Send tapped traffic directly to physical tools
- Send L2 to L4 filtered traffic to physical tools
- Send virtually processed, brokered packets to physical tools
Route C
- Send tapped traffic directly to a physical network packet broker, which aggregates, processes, and sends it to tools
- Send L2-L4 filtered traffic to a physical network packet broker, which then aggregates, processes, and sends it to tools
Find Your Platform
The Risk of Blind Spots in Inter-VM Traffic
A limited view of network traffic makes troubleshooting application performance and network security a serious challenge. Since it's difficult to capture packet data flowing between VMs on the same server, virtual systems like cloud environments are tempting targets for attackers to exploit.
When you need to capture this hard-to-reach data, CloudLens Self-Hosted bridges the gap between your virtual and physical networks — protecting your private cloud by extending complete visibility to your virtualized environments and inter-VM traffic.
CloudLens is Nutanix Ready
We are proud to announce our partnership with Nutanix that provides total visibility, test, and security solutions across physical and virtual networks — helping your teams, and your tools, make the right decisions at the right time.
A key component of CloudLens Self-Hosted, CloudLens vTap offers a specific integration for Nutanix AHV to provide a tailor-made solution for monitoring east-west traffic.
Containers And Kubernetes: Visibility Through CloudLens
CloudLens is the first and only solution to deliver packet visibility into containers and Kubernetes clusters across cloud platforms, including AWS Elastic Container Service for Kubernetes (EKS), Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE).
Discover how to maximize your APM, NPM, and security tools by establishing packet visibility into your workloads in container-based environments and Kubernetes clusters!
Easy to Install and Use
How easy is it to start using CloudLens? Watch as one of our senior product managers, Christophe Olivier, configures vTap — enabling private cloud visibility in just a matter of minutes!
Visibility Intelligence
Not only does CloudLens Self-Hosted enable you to capture packet data in your private clouds, it also offers industry-leading virtual packet processing and advanced, Layer 7-based application filtering. Unlike other cloud visibility solutions, we do not require you to backhaul traffic to a physical device (however, we provide the option to do so).
Discover how our leading visibility intelligence features can optimize your traffic analysis and security tool performance in physical and cloud environments! To learn more, click on each stack.
NetStack
Robust filtering, aggregation, replication, and more, with 3 stages of filtering (ingress, dynamic, and egress) and dynamic filter compiler
PacketStack
Intelligent packet filtering, manipulation, and transport with deduplication, header (protocol) stripping, packet trimming, and burst protection
AppStack
Context-aware, signature-based application layer filtering with application identification, geolocation & tagging, and optional RegEx filtering
MobileStack
Visibility intelligence tailored for the mobile carrier evolved packet core with GTP & SIP correlation and load balancing