Architecture¶

This page describes how Tevyra works and how the different components interact. You don't need to know these details to use the platform, but they can help you understand the overall system.

General diagram¶

┌────────────────────────────────────────────────────────────┐
│                       Tevyra Cloud                         │
│                                                            │
│  ┌──────────────┐    ┌──────────────┐                      │
│  │  Web UI       │──▶│  Tevyra API  │                      │
│  │ app.tevyra.com│    │api.tevyra.com│                      │
│  └──────────────┘    └──────┬───────┘                      │
│                             │                              │
│                      ┌──────┴───────┐                      │
│                      │  Database    │                      │
│                      └──────────────┘                      │
└────────────────────────────────────────────────────────────┘
                              │
                    Secure connection (HTTPS)
                              │
┌────────────────────────────────────────────────────────────┐
│                     Your network                           │
│                                                            │
│  ┌──────────────┐                                          │
│  │ Tevyra Proxy │──▶ Active Directory                      │
│  │              │──▶ Zabbix                                │
│  │              │──▶ Freescout                             │
│  │              │──▶ Other tools...                        │
│  └──────────────┘                                          │
└────────────────────────────────────────────────────────────┘

Components¶

Web interface¶

This is your main access point. From app.tevyra.com, you can:

View dashboards for each module
Execute actions (create a user, acknowledge an alert, etc.)
Install and configure modules
Manage users and access rights

Tevyra API¶

The API is the core of the platform. It receives requests from the web interface and proxy, manages authentication, stores data, and orchestrates modules.

Tevyra Proxy¶

The proxy is a lightweight agent you install in your local network. It allows Tevyra to access your internal tools without exposing them to the Internet.

The proxy only communicates outbound (to the Tevyra API). No inbound ports need to be opened on your firewall.

How data flows¶

Data collection¶

The proxy queries your tools (AD, Zabbix...) at regular intervals
Collected data is sent to the Tevyra API over an encrypted connection
You view the data in your dashboard

Action execution¶

You trigger an action from the interface (e.g. disable an AD account)
The API forwards the request to the proxy
The proxy executes the action on your system
The result is displayed in the interface

Internet-accessible modules¶

For tools accessible from the Internet (hosted Freescout, Microsoft 365), the Tevyra API can connect directly without going through the proxy.

Security¶

Measure	Description
Encryption	All communications use HTTPS/TLS
Authentication	Secure login with optional 2FA (email or app)
Permissions	Role-based access control (administrator, operator, reader)
Secrets	Passwords and tokens are encrypted in the database
Audit	All actions are logged
Proxy	No inbound ports to open — the proxy only communicates outbound