reference deployment

Security with CloudLens and Eastwind on AWS

Threat intelligence and insights with Eastwind Cloud Network Sensors and Ixia CloudLens data visibility platform

This Quick Start deploys the Ixia CloudLens platform with Eastwind Cloud Network Sensors in a highly available environment on the Amazon Web Services (AWS) Cloud in about 10 minutes.

CloudLens is a data visibility platform that provides data access and capture, data grooming, and data delivery to security and monitoring tools. Eastwind Cloud Network Sensors are powered by CloudLens to provide intelligence and insight to help you identify and respond to threats in the cloud. This Quick Start deploys the Eastwind CloudVu sensor.

This Quick Start is for users who would like to use these technologies to identify malicious activity, insider threats, and data leakage in their virtual private clouds (VPCs) and Amazon Elastic Compute Cloud (Amazon EC2) instances. Container-based CloudLens agents are deployed on your monitored instances, capturing packet traffic as they flow through these instances. The packets are sent over a secure tunnel to be analyzed and visualized in Eastwind’s software as a service (SaaS) platform. This gives you clear visibility into your network traffic, so you can identify unexpected network behavior, perform network analysis, and detect any intrusions.

The Quick Start includes AWS CloudFormation templates and a guide that provides step-by-step deployment instructions.

couchbase logo
couchbase logo

This Quick Start was developed by Ixia, a Keysight business, in collaboration with AWS.
Ixia is an APN Partner.

  •  What you'll build
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • Use this Quick Start to set up the following configurable environment on AWS:

    • A highly available architecture that spans two Availability Zones.*
    • A VPC configured with public subnets according to AWS best practices, to provide you with your own virtual network on AWS.*
    • In the public subnets:
      • Managed NAT gateways to allow outbound internet access for resources in the subnets.*
      • A source instance in an Auto Scaling group (of size 1). This is the application instance that you want to monitor. You can add more instances to monitor in the CloudLens project dashboard after deployment. 

        The source instance has a container-based CloudLens agent deployed. This agent listens on all available interfaces and sends a copy of the packet stream to the tool instance for analysis.
      • The Eastwind Cloud Network Sensor, CloudVu, in an Auto Scaling group (of size 1). This is the tool instance that analyzes the packet stream sent over by the CloudLens agent.

    * The template that deploys the Quick Start into an existing VPC skips the tasks marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy
  • To deploy CloudLens and Eastwind on AWS, follow the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at https://aws.amazon.com.
    2. Prepare your CloudLens account and find the project key.
    3. Subscribe to the Amazon Machine Image (AMI) for Eastwind CloudVu in AWS Marketplace and create your Eastwind account.
    4. Launch the Quick Start. Each deployment takes about 10 minutes. You can choose from two options:
    5. Test the deployment by viewing a simulated threat and searching the network metadata that is generated by the Eastwind sensor.

    To customize your deployment, you can configure your VPC and change the settings for the source and tool instances.

  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings, such as instance type, will affect the cost of deployment. See the pricing pages for each AWS service you will be using for cost estimates. Prices are subject to change.

    Tip     After you deploy the Quick Start, we recommend that you enable the AWS Cost and Usage Report to track costs associated with the Quick Start. This report delivers billing metrics to an S3 bucket in your account. It provides cost estimates based on usage throughout each month, and finalizes the data at the end of the month. For more information about the report, see the AWS documentation.

    This Quick Start requires a 45-day trial license for CloudLens. You can convert the trial license to a standard license at any time.

    The Quick Start uses an Amazon Machine Image (AMI) from AWS Marketplace for Eastwind CloudVu. Before you deploy the Quick Start, you must subscribe to Eastwind CloudVu in AWS Marketplace, and additional pricing, terms, and conditions may apply.