Nubeva created a new way for modern network visibility so you don’t have to “make do” with legacy decryption methods. It's time to question your current approach to network visibility.
Maximize the use of existing systems by offloading the heavy processes that rely on man-in-the-middle, key regeneration, and handshake replay or session termination for decryption. We restore the use of out-of-band services broken by advanced TLS and create new visibility not previously possible. Nubeva customers achieve dramatically reduced price performance, improve overall functionality of systems, and radically simplify operations for security and application monitoring.
By design, out-of-band inspection systems can’t replay sessions to discover final encryption keys. With Elliptic Curve Diffie Hellman ciphers and PFS-enabled TLS, the certificate exchange is encrypted and the symmetric key is only known by the TLS server and TLS client. This completely breaks the ability for legacy solutions to replay sessions and regenerate keys for decryption and inspection. Add the reliance on 3rd party services and the ever-increasing volume and speed of traffic, out-of-band solutions have been essentially rendered obsolete for deep network visibility.
Nubeva’s approach to modern TLS visibility allows you to augment inline systems by offloading resource intensive man-in-the-middle decryption. With our patented Symmetric Key Discovery approach, Nubeva discovers the session specific keys allowing you to decrypt on your inspection tools simply with no need to manage or share certificates.
We let you enhance your existing solutions to inspect more traffic including inbound and outbound traffic; and traffic previously inaccessible such as those encrypted with certificate pinning and 3rd party sessions. Nubeva enables your tools to once again do what they do best, URL filtering and load balancing at high speed and top performance.
Nubeva Symmetric Key Intercept introduces a new way to discover the final encryption keys from previously “unreachable” places. Our read-only sensors discover symmetric keys from container and Kubernetes environments (including intra-Kubernetes and container to container), intra-zone VPCs and high-speed connections, cloud and 3rd party API connections, East-West traffic, cloud infrastructure calls, and pinned traffic - with more options being added all the time.
Nubeva decouples key acquisition and packet capture for optimum security. As a universal solution, it syncs with any packet acquisition source, including taps, spans, NPB and cloud-provided mirroring services, and works with your inspection tools of choice with complementing deployment options.
Get decrypted visibility and eliminate legacy performance costs. Use existing tools to inspect and monitor all traffic at line speed.
Extend the ROI of your existing solutions. Enable pure, fast symmetric decryption with Nubeva and continue to use the tools, teams and processes in place.
SKI works regardless of encryption protocol or cipher suite. The confidentiality of traffic and integrity of the session is preserved while legitimate availability is allowed and protected.
Want to learn more about how our solution can help with your use case? Have a question on how it works? Let us walk you through it and provide all the answer you need.
.png?width=574&name=3%20Enhance%20and%20Offload%20Inline%20Systems%20-%20Challenge-01%20(1).png)
