Cloud Network Sensors
KYRA AI MDR provides deployable network security sensors for cloud environments, delivering comprehensive visibility into network traffic without requiring agents on monitored workloads.
Supported Cloud Platforms
| Cloud | Mirroring Service | Status | Deployment |
|---|---|---|---|
| AWS | VPC Traffic Mirroring | Production Ready | Nitro instances |
| GCP | Packet Mirroring | Production Ready | Region-scoped |
| Azure | Virtual Network TAP | Public Preview | Partner required |
| NCP | Packet Mirroring via SFC | Production Ready | VPC environment |
How It Works
Cloud hypervisors block promiscuous mode, so cloud sensors use the provider’s official traffic mirroring API to receive copies of network traffic from monitored instances.
flowchart TB
VM["MONITORED VM\nzero performance impact\nproduction workload"]
SENSOR["KYRA CLOUD SENSOR\nDeep packet inspection + behavioral detection\nSame analysis engine as on-premises NDR"]
PLATFORM["KYRA MDR PLATFORM\nCorrelation with log data + AI analysis"]
VM -- "Cloud provider mirrors traffic" --> SENSOR
SENSOR -- "Secure forwarding" --> PLATFORM
Deployment Options
| Method | Target | Time to Deploy |
|---|---|---|
| Single-command installer | Ops engineers | < 5 min |
| Infrastructure-as-Code module | Platform/infra teams | < 15 min |
| Container orchestration | Container operators | < 10 min |
| Marketplace image | Enterprise procurement | < 30 min |
Capabilities
- Full NDR Analysis: Same detection capabilities as the on-premises NDR module
- Zero Agent Deployment: No software installation required on monitored workloads
- Auto-Scaling: Sensors scale with traffic volume
- Cross-Cloud: Unified detection across multi-cloud environments
- Encrypted Traffic Analysis: TLS fingerprinting and certificate validation
- Integration: Alerts correlate with log-based detections in the KYRA MDR console