Skip to main content

Governance intelligence for access, cloud, and SaaS. Now in early access

Nuxari
Platform

Edge & Connector Intelligence

Collect observed state from every environment so governance reflects reality, including on-premises systems, hybrid networks, and air-gapped environments where cloud-only tools stop.

Book a demo View docs
The problem

Governance tools that only see cloud directories miss most of the actual surface area.

Enterprise environments are not homogeneous. Identity state lives in Entra ID and on-premises Active Directory. Licenses sit in Microsoft 365 and Google Workspace. Cloud roles span AWS, Azure, and GCP. On-premises systems run workloads that never touch a cloud API. A governance system that collects from only one or two sources produces findings based on incomplete data, and misses the gaps that matter most.

Core capabilities

What it does

Identity Provider Connectors

Connect to major identity providers to pull user accounts, group memberships, role assignments, and access policies as observed state.

  • ·Microsoft Entra ID (Azure AD)
  • ·Okta
  • ·Google Workspace Directory
  • ·On-premises Active Directory via Edge Agent
  • ·Continuous pull on configurable schedule

Cloud Platform Connectors

Collect role assignments, service account permissions, and resource exposure findings from major cloud platforms.

  • ·AWS IAM roles, policies, and service accounts
  • ·Azure RBAC and subscription scoping
  • ·GCP project-level IAM and service accounts
  • ·Public resource exposure detection

SaaS Application Connectors

Connect to SaaS platforms to observe license assignments, user activity state, and access configuration.

  • ·Microsoft 365 license and role tracking
  • ·Google Workspace seat and role observation
  • ·GitHub organization membership and repository access
  • ·Slack workspace membership and license status
  • ·Salesforce user and permission set observation

Edge Agents

Deploy lightweight agents to on-premises hosts, domain controllers, and hybrid environments to collect local state and execute approved remediations without cloud dependency.

  • ·Runs on-premises, in DMZ, or hybrid environments
  • ·Collects audit.log, syslog, sudoers, SSH configuration
  • ·Executes approved actions locally with signed receipts
  • ·Heartbeat monitoring and tamper-evident telemetry

Air-Gapped Environment Support

Edge Agents operate in restricted network environments. Outbound-only architecture means no inbound connection is required from the Nuxari cloud.

  • ·Outbound-only architecture, no inbound firewall rule required
  • ·Operates in air-gapped and restricted networks
  • ·Local evidence capture with signed relay to cloud
  • ·Illustrated in the AirGapped Architecture Diagram

Connector Health Monitoring

Track the collection status, last-sync time, error rate, and coverage of each connected system so gaps in observed state are visible.

  • ·Per-connector last-sync timestamp and status
  • ·Error rate and failure alerting
  • ·Coverage map showing which systems are observed
  • ·Missing connector detection against known asset inventory
Edge & Connector

An edge agent reaches where a cloud connector cannot. On-premises, air-gapped, and hybrid environments covered without inbound firewall ports.

Edge & Connector Intelligence
Network infrastructure engineer managing data connections and edge systems in a server environment
How it works

Step-by-step lifecycle

  1. 01
    Connect each source environment
    Install connectors or Edge Agents for each environment in scope. Cloud connectors authenticate via service principal or API token. Edge Agents deploy to on-premises hosts.
  2. 02
    Observed state is collected
    Connectors pull user accounts, role assignments, group memberships, license data, and configuration from each source on a continuous schedule.
  3. 03
    State is normalized to a common schema
    Each source uses different data models. Nuxari normalizes observed state to a common representation so cross-environment comparisons are possible.
  4. 04
    Observed state is compared to approved baseline
    The normalized observed state is compared against the approved access baseline. Drift between the two surfaces as classified findings.
  5. 05
    Connector health is monitored continuously
    If a connector fails, times out, or stops syncing, an alert is raised so coverage gaps are visible before they affect governance decisions.
  6. 06
    Evidence of collection is captured
    Each collection run is logged with timestamp, source, record count, and any errors. This log is part of the audit trail for evidence completeness.
Example scenario

Hybrid environment coverage across cloud and on-premises

An organization runs identity across Entra ID (cloud) and on-premises Active Directory. Nuxari deploys an Edge Agent to the domain controller alongside cloud connectors.

Illustrative example. Not real customer data.

Demo · Illustrative only
Entra ID connector
Active, synced 4 min agoHealthy
On-prem AD (Edge Agent)
Active, synced 6 min agoHealthy
AWS IAM connector
Active, synced 8 min agoHealthy
M365 connector
Active, synced 5 min agoHealthy
GitHub connector
Warning, auth token expiringWarning
Coverage
5 of 6 systems active
Inbound rules required
None, outbound only
Audit output

What Nuxari generates

  • Collection run log with timestamp, source, and record count
  • Connector health status history
  • Observed state snapshot per source per sync
  • Error log with failure reason and recovery status
  • Coverage map showing observed vs expected sources
  • Edge Agent heartbeat log with tamper-evident telemetry
  • Air-gapped relay confirmation for restricted environments
Related use cases

See it applied

Cloud Permission Reviews
Review cloud roles observed by Nuxari connectors
Learn more
Credential & Certificate Governance
Track credentials and certificates across connected systems
Learn more
Audit Readiness
Evidence of collection coverage as part of audit readiness
Learn more
Offboarding Residual Access
Observe residual access across all connected environments
Learn more
Get started

Build the operating layerfor governance work.

See how Nuxari Ops reduces manual IT work, eliminates access drift, and generates audit evidence automatically, across your entire enterprise.

Explore the platform