Hi, I have made a “non-marketing” video about our implementation of TLS mirroring for Linux end-systems. It is a new way of doing passive TLS mirroring especially well suited for cloud environments (but it also works on-premise). We did some testing with Suricata and it seems to work well with no tweeks other than adding some ports to the configuration. Registration at nsm.metaflows.com will activate 4 testing/non-commercial licenses. If you need more, let us know.
For now, we support RHEL/CentOS 7/8, Ubuntu 18/20, and Amazon Linux 2 endpoints. It passed the AWS foundational technical review and the Amazon Linux 2 ready test (Amazon Linux 2 is almost identical to CentOS 7). Here are links to:
The non-marketing video (16 minutes)
The web page
The docs
We would love to get some feedback.
Thanks!
Livio.