Kubernetes adoption increased 57% year over year and is the future of enterprise application delivery (1). Security teams face a daunting charter to monitor and inspect all traffic, at any time, without impacting production. The problem is twofold:
Without network visibility, advanced threats will land, move laterally and execute all within the confines of the cluster itself and masked as normal encrypted traffic. Kubernetes and Docker do not provide built-in packet mirroring. “Hair-pinning” traffic through outside or inline control points isn't an acceptable solution for security, cloud or DevOps teams. Depending entirely on endpoint protection and application level logging is insufficient.
Nubeva enables full packet inspection of container traffic in your data centers and cloud environments. Our simple, yet powerful software solutions let security teams capture and decrypt container and pod traffic then securely forward it to any tool for inspection and analysis. Nubeva is a passive, out-of-band system that overlays and enhances existing infrastructure to preserve investments in tools, policies and procedures for full-time and on-event monitoring.
Nubeva traffic mirroring fills gaps in the most basic function of network security - packet access. Traditionally, access to packets for inspection has been trivial. But containers, and especially container-to-container traffic in Kubernetes, represents a new challenge. Nubeva sensors run as DaemonSets and mirrors inter- and intra- Kubernetes pod traffic to one or many tools. Filtering and slicing are supported as well. We offer the industry's only high performance, native Kubernetes solution. The simple, drop-in solution creates the visibility you need for full packet inspection and monitoring.
Nubeva’s patent-pending Symmetric Key Intercept method introduces the new way to capture session-specific keys, out-of-band. With the introduction of next-gen Diffie-Hellman-based SSL, legacy passive decryption systems are inoperable and inline systems are only practical for ingress decryption of client traffic. Nubeva provides the industry’s only true solution for decryption of modern SSL. The solution will decrypt nearly any protocol and cipher; works with any tool and any packet broker system; and it works in any cloud where it can decrypt any session - north-south or east-west - including sessions to tier two servers and services such as clouds and other third parties.
Nubeva TLS Decrypt paired with Nubeva Traffic Mirroring is the perfect combination for secure decrypted visibility in Kubernetes environments. It works like this:
Access to more traffic with decrypted payload visibility improves core monitoring functions in any cloud:
Supports all TLS ciphers including TLS 1.3 and TLS 1.2 with PFS and ECDH; and supports both TLS client and TLS server side connections from VMs and containers.
The cloud demands out-of-band solutions. Nubeva requires no app or library changes, no network or architecture restrictions and no inline interruptions.
The highest performing packet mirroring solution on the market to capture traffic when and where you need it including Kubernetes and container traffic.
With enterprise grade security, scale from micro to massive to fit the needs of an individual team or the requirements of large enterprises.
Our universal solution works with any tap, mirror, packet broker system, with any monitoring tool, in all public and private cloud environments.
Nubeva is offered at <1/5th the cost of traditional solutions. It is easy to get started and use, thereby unlocking modern network visibility for everyone, anywhere.