+1 (412) 533-7830 info@mirasecurity.com
  • LinkedIn
  • YouTube
  • LinkedIn
  • YouTube

Mira ETO in the AWS Cloud

The Mira Security Cloud vETO provides safe and secure visibility into encrypted traffic within the public cloud, allowing tools used by enterprise security teams to function effectively. It seamlessly integrates with existing cloud security tools to protect their technical investments.

Mira’s vETO for the public cloud offers many advantages, including the ability to easily and quickly provision computing resources (eliminating the need for upfront investment in hardware and infrastructure), scale up or down as needed, and access a wide range of services and tools.

The Mira ETO automatically detects SSL, TLS, and SSH traffic, and can decrypt this traffic in order to send the unencrypted data to one or more security tools. The decrypted flows may be sent to security tools using tunnels. Decrypted data is sent to security tools with the same packet header details as the original encrypted flow encapsulated within the tunnel. Optionally, the decrypted flow can be marked allowing the tool to determine that the flow was originally encrypted.

No special interfaces or software changes are required to the security tools with ETO/vETO, thus allowing a plug-and-play instance without the responsibility of maintenance, security, or upgrades of underlying infrastructure.

How the Mira Cloud vETO Works on AWS

The Mira ETO is compatible with the AWS Gateway Load Balancer (GWLB), enabling easy deployment and automatic scaling within a centralized security architecture. The AWS GWLB allows for a resilient architecture across multiple AWS availability zones ensuring high availability within the cloud. Mira ETO, when paired with AWS GWLB, allows for TLS decryption of AWS VPC traffic, and can provide the decrypted traffic to existing IDS tools on AWS such as Suricata, Zeek, Corelight, Stamus, and Trellix NX.

Mira Security AWS Cloud vETO Architecture

Mira vETO Software Subscription Options

The Mira vETO cloud software can be licensed as a subscription model with BYOL (Bring Your Own License) or at an hourly rate using AWS marketplace billing. BYOL subscriptions can be for 12 months or 36 months. The license purchased determines the amount of encrypted traffic that can be decrypted to provide visibility for security tools. The Mira vETO software will run on c6i, c6in, and c7i EC2 instance types.

Mira vETO subscription options table

Performance numbers shown here are measured on a system using Intel® Cascade Lake CPUs (Xeon® Gold 6248) running vETO v1.9. Performance is likely to be lower on systems with older CPUs. Currently the maximum licensed capacity is throttled to 5 Gbps.

Visit Mira Security on the AWS Marketplace

Interested in Learning More? Visit Mira Security on the AWS Marketplace for product information and to purchase a license, or request a demo using our contact form below.

AWS logo

Visit the AWS repository for example cloudformation templates to help you get started.

GitHub Logo

Request a Mira AWS Cloud vETO Demo Today.

We always respect your privacy. Read our PRIVACY POLICY.