Datacenter computing and private cloud are becoming highly meshed, virtualized environments. Network security teams are tasked to monitor and fully inspect any or all traffic in these environments, at any time, without impacting production. With the advent of Kubernetes and the broadening use of modern SSL, such as TLS 1.3 and Diffie-Hellman/PFS-based network encryption, security teams must navigate growing blind spots. All too often, advanced threats land, expand and operate undetected. Even if alerted, the response is severely impaired because modern encryption, container clusters and Kubernetes networking are too complicated to analyze and detect exactly what is happening in these environments:
Nubeva restores full visibility in data centers with our suite of simple yet powerful software solutions: Nubeva TLS Decrypt and Nubeva Traffic Mirroring. Together these solutions allow network security teams to capture container and VM traffic and decrypt it on any tool for inspection and analysis. Our solutions are out-of-band, non-intrusive systems that overlay and enhance existing infrastructure to preserve investments in tools, policies and procedures for full-time and on-event monitoring needs.
Nubeva traffic mirroring fills gaps in the most basic function of network security - packet access. Traditionally, access to packets for inspection has been trivial. But containers, and especially container-to-container traffic in Kubernetes, represents a new challenge. Nubeva sensors run as DaemonSets and mirrors inter- and intra- Kubernetes pod traffic to one or many tools. Filtering and slicing are supported as well. We offer the industry's only high performance, native Kubernetes solution. The simple, drop-in solution creates the visibility you need for full packet inspection and monitoring.
Nubeva’s symmetric key discovery re-enables out-of-band decryption. The state of the art Nubeva sensor is deployed on any workload and discovers the session keys from memory. The containerized Nubeva decryptor pairs the final session keys with the mirrored traffic. Historic pcap volumes can also be decrypted. The Nubeva decryptor is software-based and can deploy directly on your security and monitoring tools or run as a stand-alone decryption appliance that forwards traffic to your security tools.
Nubeva TLS Decrypt paired with Nubeva Traffic Mirroring is the perfect combination for secure decrypted visibility in Kubernetes environments. It works like this:
Access to more traffic with decrypted payload visibility improves core monitoring functions in any cloud:
Supports all TLS ciphers including TLS 1.3 and TLS 1.2 with PFS and ECDH; and supports both TLS client and TLS server side connections from VMs and containers.
The cloud demands out-of-band solutions. Nubeva requires no app or library changes, no network or architecture restrictions and no inline interruptions.
The highest performing packet mirroring solution on the market to capture traffic when and where you need it including Kubernetes and container traffic.
With enterprise grade security, scale from micro to massive to fit the needs of an individual team or the requirements of large enterprises.
Our universal solution works with any tap, mirror, packet broker system, with any monitoring tool, in all public and private cloud environments.
Nubeva is offered at <1/5th the cost of traditional solutions. It is easy to get started and use, thereby unlocking modern network visibility for everyone, anywhere.