Ixia Visibility Solutions provide real-time, end-to-end dynamic network intelligence for physical, virtual, SDN and NFV based infrastructure, delivering the control, coverage and performance in a seamless fashion to protect and improve crucial networking, data center and cloud business assets.

Industry leading Ixia Network Packet Brokers (NPB) deliver intelligent, sophisticated and programmable network flow optimization providing visibility and security coverage to businesses assets and help IT teams quickly resolve application performance bottlenecks, trouble shoot problems, improve data center automation, better utilize expensive network analysis and security tools and help better business execution because of the improved understanding of the network and data center.

Ixia's best-in-class Vision portfolio of network packet brokers are easy-to-use, perform under pressure and offer true application intelligence.

NPBs help you focus on your tools
Ixia's Network Packet Brokers

Scalable, lossless visibility solutions for all your network needs.


Key Features
  • Dedicated hardware acceleration provides a Zero packet loss architecture
  • Aggregation of traffic from multiple TAPs or SPAN ports
  • Filtering of traffic so that each monitoring or inline security tool receives exactly the right data
  • Load-balancing of traffic to multiple analysis tools
  • SSL decryption to quickly detect emerging threats encrypting exploits within application traffic
  • L7 application awareness efficiently allows for packet processing based on unique applications
  • Dynamic filter compiler handles all filter rule complexities automatically - no overlapping filter rule headaches
  Vision E40 Vision E100 Vision E10S Vision E1S Vision ONE Vision X Vision 7300
  Vision Edge 40 Vision Edge 100 Vision E10S Vision E1S Vision ONE Vision X Vision 7300
Visibility Intelligence

Robust filtering, aggregation, replication, and more


Intelligent packet filtering, manipulation and transport


Optimized handling for secure traffic


Context aware, signature based application filtering

Chassis & Ports
Rack Units 1 1 1 1 1 3 7
1G/10G Support   10G only       10G only  
40G Support              
100G Support              
Mode of Operation
Inline Capable              
Out-of-Band Capable              
Simultaneous Inline & Out-of-Band              

Click here for a Detailed Breakdown 

Visibility Intelligence

Used with a network packet broker, dynamic network intelligence stack features allow you to modify, mold and transport traffic specific to tool needs. To learn more, click on each stack.


NetStack Icon


Robust filtering, aggregation, replication, and more

  • Three stages of filtering (ingress, dynamic, and egress)
  • Dynamic filter compiler
  • Priority based filtering
  • Source port labeling (VLAN tagging & untagging)
  • Aggregation & replication
  • Load balancing
  • Double your Ports- DyP (Simplex)
PacketStack Icon


Intelligent packet filtering, manipulation, and transport

  • Deduplication
  • Header (protocol) stripping
  • Packet trimming
  • Timestamping
  • Data masking
  • GRE tunneling
  • Burst protection (deep packet buffering)
  • NetFlow generation
SecureStack Icon


Optimized handling for secure traffic

  • Active SSL
  • Passive SSL decryption
  • Threat insights
  • Data masking +


Context-aware, signature-based application layer filtering

  • Application identification
  • Geolocation & tagging
  • Optional RegEx filtering
  • IxFlow (NetFlow + metadata)
  • Packet capture
  • ATI subscription
  • Real-time dashboard
MobileStack Icon


Visibility intelligence tailored for the mobile carrier evolved packet core

  • GTP & SIP correlation
  • GTP & SIP load balancing
  • Subscriber filtering
  • Subscriber sampling
  • Subscriber whitelisting
  • Packet core filtering


Marked data feed monitoring

  • Gap detection
  • Feed and channel health
  • High-resolution traffic statistics
  • Microburst detection
  • Subscription for feed updates
  • Simplified feed management
Awarded Frost & Sullivans Global Network Packet Broker Market Leadership Award

Frost & Sullivan 2017 Award


Ixia offers an easy-to-use, intuitive click-and-drop NPB interface to allow operators to make connections from taps or SPAN ports to their connected tools. The configuration of filters is streamlined and easy, with overall setup requiring minimal time and effort, even for large shops and complicated networks. No professional services or expensive training is required to learn and implement the Ixia visibility solutions. This eliminates the need to use time-consuming command line interface (CLI) or web user interface (WebUI) dialogs, or invest hours or days designing complex logic. 

Ixia Fabric Controller (IFC) is a SDN controller for visibility that is allows multiple network packet brokers to work collectively within a single plan of glass. IFC extends a full set of API controls and integrates with Cisco ACI, as well as other SDN architectures. 

Inline vs Out-of-Band

There are two different ways to deploy network packet brokers:

  1. Inline Security inspect live traffic before it hits your data center network. Tools are grouped serially before traffic enters your production data center enabling real-time traffic inspection and active threat prevention.

  2. Out-of-Band Monitoring provides Passive Traffic Inspection, detection and recording for routine analysis. Tools perform passive traffic inspection, detection, and recording for routine analysis. This model is used extensively in detailed threat analysis, but does not enable any active prevention safeguards or countermeasures.

Common Inline security tools include:

  • Intrusion prevention systems (IPS)

  • Firewalls and next-generation firewalls (NGFWs)

  • Data loss prevention (DLP) systems

  • Unified threat management (UTM) systems

  • SSL decryption appliances


Common out-of-band security tools include:

  • Intrusion detection systems (IDS)

  • Forensic tools

  • Data recording

  • Malware analysis tools

  • Log management systems

  • Packet capture (PCAP) tools

out of band

Network Packet Broker Capabilities

  • Performance
  • Ease of Use
  • Dynamic Network Intelligence
  • Performance

    Zero Packet Loss

    We have instrumented purpose-built dedicated hardware in our physical packet brokers to ensure zero packet loss, which ensures that your tools receive 100% of the packets they need to perform their job. Our packet brokers will NOT drop data due to congestion regardless of what features used or packet size

    Video: Performance Matters

    Simultaneous Features

    Unlike many competitor solutions where many features such as SSL decryption, NetFlow generation and packet trimming can’t work together in the same module, Ixia provides line-rate guarantee on any combination of features.

    Video: Network Visibility - Feature Compatibility Matters

    Active-Active Inline

    Active-Active is the predominant use case for inline security tool deployment. It performs load balancing during normal operation, and offers safe cut-over on failures.

  • Ease of Use

    Drag and Drop User Graphical Interface

    We offer an intuitive graphical user interface that allow users to easily define the connections and filter rules between network ports and tools. Configuration of the network is a simple point and click, drag and drop interface, where users can visually represent their network connection needs within minutes. 

    Video: Ease of Use

    Handles Filter Rule Complexities Automatically

    When it comes to creating and managing filters, Ixia's Dynamic Filter Compiler that takes care of the all the complexities of filter rules, allows users to tie any network port to any tool port without being concerned about existing filter logic in any other filter rules. This means that new filter rules can be added at will into existing filters and the Ixia Dynamic Filter compiler takes care of overlap resolution behind the scene

    Three Levels of Filter Logic

    When creating filter rules, you can add them at three levels: the ingress network ports, a dynamic filter in the middle, and tool filters at at egress. This multiple level of filtering offers natural AND and OR logic thus allow complex Boolean logic to filter traffic in the stringiest way to protect expensive tools from being overloaded.

    No Limits on Filter Types

    Finally, when managing filter rules, there are not restrictions to the advanced filtering features that can be utilized together. This means users can worry less about what they can and can not do, and focus more on their tools, and what they need to perform at highest levels. 

  • Application Intelligence

    Signature Based Application Detection

    We have a team of specialists that manage a database of application signatures that are regularly updated. These signatures allow us to more accurately detect applications, as well as allow for different application streams within applications to be filtered out. 

    Dynamic Pattern Identification

    Application traffic patterns are identified dynamically using Ixia’s patented technology. When a session cannot be identified with existing application signatures, the packet headers are sent to a special engine which identifies reusable patterns. Well-known services (applications) can also be identified based on their used port and protocol. 

    Detect Unknown Applications

    Using our database of known application allows the ability to identify unknown applications which can be used as a filter mechanism to send your security tools more relevant data.

    Filter on Application Group

    If you want to send all Email traffic, or Microsoft Office 365 documents to a specific monitoring, security or performance tool, no problem, we've made it easy to extract and send a different groups of applications data.

    Filter on Specific Application Traffic

    If you want to filter on specific applications, it's easy, just point-and-click. You can send Netflix streaming media data, or all Amazon EC2 or S3 data to your monitoring tools. Also, the application intelligence can go deep into applications to easily allow you to filter out different types of data types within an application. For example you can select different streaming media genres from Netflix, like Sci-Fi from Romantic or if you want to separate IMAP traffic from normal email traffic, it’s a simply point-and-click.