resources banner desktop
 
Gain Visibility in VMs and Containers
Request a Demo
What We Solve

Kubernetes Blind Spots for Network Security

Kubernetes adoption increased 57% year over year and is the future of enterprise application delivery (1). Security teams face a daunting charter to monitor and inspect all traffic, at any time, without impacting production. The problem is twofold:

  1. Lack of access to container-to-container and pod-to-pod packets
  2. Ubiquitous use of modern SSL/TLS encryption renders security teams blind to this new area in both datacenter and cloud environments.

Without network visibility, advanced threats will land, move laterally and execute all within the confines of the cluster itself and masked as normal encrypted traffic. Kubernetes and Docker do not provide built-in packet mirroring. “Hair-pinning” traffic through outside or inline control points isn't an acceptable solution for security, cloud or DevOps teams. Depending entirely on endpoint protection and application level logging is insufficient.

How We Solve It

Packet Capture and Decryption of Container Traffic

Nubeva enables full packet inspection of container traffic in your data centers and cloud environments. Our simple, yet powerful software solutions let security teams capture and decrypt container and pod traffic then securely forward it to any tool for inspection and analysis. Nubeva is a passive, out-of-band system that overlays and enhances existing infrastructure to preserve investments in tools, policies and procedures for full-time and on-event monitoring.

packet

 

Nubeva Traffic Mirroring

Nubeva traffic mirroring fills gaps in the most basic function of network security - packet access. Traditionally, access to packets for inspection has been trivial. But containers, and especially container-to-container traffic in Kubernetes, represents a new challenge. Nubeva sensors run as DaemonSets and mirrors inter- and intra- Kubernetes pod traffic to one or many tools. Filtering and slicing are supported as well. We offer the industry's only high performance, native Kubernetes solution. The simple, drop-in solution creates the visibility you need for full packet inspection and monitoring.

Nubeva Traffic Decrypt

Nubeva’s patent-pending Symmetric Key Intercept method introduces the new way to capture session-specific keys, out-of-band. With the introduction of next-gen Diffie-Hellman-based SSL, legacy passive decryption systems are inoperable and inline systems are only practical for ingress decryption of client traffic. Nubeva provides the industry’s only true solution for decryption of modern SSL. The solution will decrypt nearly any protocol and cipher; works with any tool and any packet broker system; and it works in any cloud where it can decrypt any session - north-south or east-west - including sessions to tier two servers and services such as clouds and other third parties.

Learn more
Get a Demo
How It Works!

Capture, Mirror and Decrypt Your Network Traffic

Nubeva TLS Decrypt paired with Nubeva Traffic Mirroring is the perfect combination for secure decrypted visibility in Kubernetes environments. It works like this:

  1. Sensors are deployed as a DaemonSet on Kubernetes nodes or as Docker containers on cloud instances, to capture and mirror out all traffic to and from containers.
  2. Sensors discover TLS session symmetric encryption keys that are needed to decrypt.
  3. Decryptors are deployed on a dedicated instance or on security tools themselves. The decryptor receives mirrored traffic and pairs with discovered symmetric keys for end-to-end encryption using the mirrored traffic and keys.
  4. SaaS or private management and control

video_bg

Enable Full Packet Monitoring When and
Where You Need It

icon
Public Clouds
Learn more
icon
Data Centers
Learn more
How it Benefits You

Enable Your Core Security Tools and Processes

Access to more traffic with decrypted payload visibility improves core monitoring functions in any cloud:

  • Threat hunting
  • Threat detection
  • Alert validation
  • Incident response
  • Forensics
  • Compliance
  • Performance monitoring
  • Application troubleshooting

 

WHY NUBEVA

Key Advantages

01
Unmatched Decryption
Capability

Supports all TLS ciphers including TLS 1.3 and TLS 1.2 with PFS and ECDH; and supports both TLS client and TLS server side connections from VMs and containers.

02
Non-Disruptive,
Passive Solution

The cloud demands out-of-band solutions. Nubeva requires no app or library changes, no network or architecture restrictions and no inline interruptions.

03
Unrivaled Packet
Mirroring

The highest performing packet mirroring solution on the market to capture traffic when and where you need it including Kubernetes and container traffic.

04
Enterprise
Grade

With enterprise grade security, scale from micro to massive to fit the needs of an individual team or the requirements of large enterprises.

05
Universal
Solution

Our universal solution works with any tap, mirror, packet broker system, with any monitoring tool, in all public and private cloud environments.

06
Low Total Cost of
Ownership

Nubeva is offered at <1/5th the cost of traditional solutions. It is easy to get started and use, thereby unlocking modern network visibility for everyone, anywhere.

Don't Have the Tools?

Learn more about Nubeva Cloud Tools -
Network Visibility with Open Source Tools

Watch now

resources banner desktop

Gain Visibility in VMs and Containers

Request a Demo
try

Try For Free

Sign up

Have a question about something?

Let us help you apply and deploy your own advanced packet security
and monitoring solution with Nubeva.

Schedule a Demo