Parinita  /  Products  /  Parinita Sentry
Enterprise & Edge Layer

Parinita Sentry

Agentic Governance for Every Agent, Every Plane, Every POP

Artifact governance. Runtime identity. Behavioral baselining. All three, simultaneously, across all 21+ agents.

Sentry is the cross-cutting agentic-governance layer — the only product in the portfolio that watches every Parinita agent simultaneously across every plane, every POP, every workload. Three governance domains: artifact governance, runtime identity, and continuous behavioral baselining.

101
Sites Worldwide
21 +
Agents Monitored
3
Governance Domains
5
Scan Tracks
01 / The Problem

Autonomous Agents With No Runtime Oversight Are Uncontrollable

Enterprises deploying autonomous AI agents have no mechanism to enforce what those agents are permitted to do at runtime.

Documented agent permissions are not enforced — they exist in policy documents. Without hardware-level warrant enforcement, any agent can reach any resource its network path allows.

  • Agent Permissions Exist Only in Documents

    Documented agent permissions are not enforced at runtime. Any agent can reach any resource its network path allows — policy is aspirational, not technical.

  • Supply Chain Risk From Agent Artifacts

    A malicious MCP server, model, or dataset published to a marketplace can be installed by users before any review. A scan pipeline is required, not a checkbox.

  • Cross-Agent Kill Chains Are Invisible

    Individual security products see isolated events. A multi-step attack across multiple agents looks like unrelated noise until it's too late.

Capability
Current / legacy
What's needed
Agent permission enforcement
Policy documents — not enforced at runtime
BPF maps on ConnectX-7 NICs — XDP_DROP on any unauthorized packet before kernel
Artifact review
Manual review or no review before agent/model publication
Five-track parallel scan pipeline with Chrysalis QBFT attestation on approval
Behavioral monitoring
No continuous runtime monitoring of agent behavior patterns
Continuous baselining on MI350P — anomaly detection across all 21+ agents simultaneously
Audit trail
Vendor-controlled logs — alterable after the fact
Chrysalis-anchored warrant violations — tamper-proof by architecture
Cross-agent visibility
Individual agent logs in isolation — multi-agent kill chains invisible
Cross-agent behavioral correlation feeding Overwatch for kill-chain detection
Response time
Manual investigation required before any isolation action
Automatic overlay isolation via noBGP within 30-60 seconds of anomaly detection
02 / Core Capabilities

Three governance domains. One layer. Every agent.

Sentry is the only product that watches the entire agent portfolio simultaneously — artifact governance at publication, runtime identity at execution, behavioral baselining continuously.

Agent permissions compile into BPF maps distributed to ConnectX-7 NICs — a packet to an unauthorized destination is XDP_DROP'd before it touches the kernel.

  • Artifact Governance

    Five-track parallel scan: static code analysis, behavioral sandbox on gVisor, publisher reputation, P4 vector similarity to known-malicious artifacts, and version delta analysis.

  • Runtime Identity (Warden)

    The Warden agent on Plane 3 issues Ed25519 keypairs for every agent, compiles per-agent permissions into Policy Warrants, and distributes BPF maps to ConnectX-7 NICs via NATS JetStream.

  • NIC-Level Enforcement

    Policy Warrants compile to BPF maps. Crucible distributes them. ConnectX-7 ASIC enforces. A packet to an unauthorized destination is XDP_DROP'd before it touches the kernel.

  • Behavioral Baselining

    Continuously baselines every agent's tool calls, planes accessed, data volumes, and inter-agent invocations. Anomaly models on MI350P detect novel cross-agent kill chains.

  • Chrysalis Attestation for Approved Artifacts

    Approved artifacts receive a 101-validator QBFT attestation (supermajority 68) that customers can verify on-chain independently.

  • Composite Risk Scoring

    Five scan tracks produce a composite risk score that triggers approve, block, or quarantine. Post-approval, Overwatch continues monitoring for behavioral anomalies.

  • Cross-Domain Kill-Chain Detection

    Behavioral anomalies route to Overwatch for cross-domain response. Sentry detects the agent-level signal; Overwatch correlates across Sentry, Secure, and Chrysalis.

  • Warrant Violation Logging

    Every warrant violation — a packet XDP_DROP'd — logs to Chrysalis as an immediate revocation event. The audit trail is immutable by architecture.

  • gVisor Behavioral Sandbox

    New agents run in a gVisor sandbox on Plane 3 before approval. Behavioral execution in isolation catches runtime behavior that static analysis misses.

03 / Architecture

The Plane Model

Orchestra introduces "planes" — logical groupings of hardware optimized for a specific workload class. Unlike Kubernetes node pools, planes represent fundamentally different hardware architectures with different drivers, network requirements, and scheduling semantics.

The plane model is what makes Orchestra different from every other orchestration tool. Kubernetes sees nodes. Orchestra sees purpose-built hardware tiers and routes workloads accordingly.

P1
Reasoning Cortex
AMD Instinct MI350P
Primary AI inference · LLM serving
1,450+ nodes · 288GB HBM3e · high-bandwidth accelerator
P2
Training & Generation
NVIDIA RTX PRO 6000 Blackwell
Training · TTS · creative compute
950+ nodes · 96GB GDDR7
P3
Chain & CPU Compute
AMD EPYC Turin 9005
Chrysalis validators · CPU inference
700+ nodes · Zen 5c
P4
Knowledge & Retrieval
Intel Sierra Forest
Almanac vector search · RAG anchor
1,250+ nodes · 144 E-cores
P5
Long-Term Memory
NVMe Storage
Enclave · Stratum immutable object
850+ nodes · ransomware-resistant
P6
Media & Acceleration
RTX 4500 BSE · Alveo MA35D
Four tiers · GPU + FPGA + CPU
2,150+ nodes · 4K/8K hardware acceleration
P7
Edge Reflex
Qualcomm Cloud AI 100 Ultra
Ultra-low-latency edge inference
2,000+ nodes · sub-10ms response
P8
Coordination Layer
AmpereOne A128
Orchestra · Chorus routing · agents
2,400+ nodes · 128 ARM cores
P9
Nervous System
Cisco 8000 · Palo Alto · Arista
Routing · firewall · dual fabric
3,500+ devices · ConnectX-7 NICs
04 / Governance Model

Three domains. NIC-level enforcement.

Sentry's three governance domains work together — an agent approved at publication can still be isolated if its runtime behavior deviates from its baseline.

  1. 01
    Agent identity
    Every agent operates under a Sentry-issued Ed25519 keypair — cryptographic identity attached at the NIC, not asserted by the agent itself.
  2. 02
    Policy Warrant
    Per-agent permissions compiled into a BPF map distributed to ConnectX-7 NICs. The warrant is the enforced policy, not the documented one.
  3. 03
    Artifact risk score
    Composite score from five scan tracks determines approve, block, or quarantine. Approved artifacts receive a Chrysalis QBFT attestation.
  4. 04
    Behavioral baseline
    Continuous monitoring of tool calls, plane access patterns, data volumes, and inter-agent invocations establishes a behavioral fingerprint per agent.
  5. 05
    Anomaly threshold
    MI350P anomaly models flag deviations from the behavioral baseline. Novel cross-agent patterns route to Overwatch for coordinated response.
  6. 06
    Plane authorization
    Each agent's Policy Warrant specifies which planes it is authorized to access. Cross-plane access outside the warrant is XDP_DROP'd at the NIC.
  7. 07
    Publisher reputation
    One of five artifact scan tracks. Publisher history, signing key continuity, and prior artifact behavior contribute to the composite risk score.
  8. 08
    Revocation event
    Warrant violations anchor on Chrysalis as immediate revocation events — immutable audit trail regardless of subsequent agent or platform state.
python
import sentry

client = sentry.Client(seat_token='your_seat_token')

# List active agent warrants
for warrant in client.warrants.list():
    print(f"Agent: {warrant.agent_id}, Planes: {warrant.planes}, Risk: {warrant.risk_score}")

# Stream behavioral anomaly events
for event in client.anomalies.stream():
    print(f"Agent: {event.agent_id}, Type: {event.anomaly_type}, Severity: {event.severity}")
05 / Proof

Proven at scale. Not in a lab.

Parinita AI Edge is the production deployment of the Parinita platform and the largest heterogeneous AI infrastructure deployment in the United States.

Reference Deployment

Parinita AI Edge

The most complex heterogeneous AI infrastructure in the United States. 101 sites, 9 planes, 12,000+ nodes, 4 accelerator vendors, dual network fabrics, four-layer tenant isolation — all through a single sovereign control plane.

101
Points of Presence
4 tiers: T1 (32), T2 (29), T3 (19), T4 (21)
909+
K8s Clusters
101 sites x 9+ plane types
12K+
Compute Nodes
Supermicro, Dell, Ampere, Cachengo
4
Accelerator Vendors
Intel Habana, NVIDIA, AMD, Qualcomm

Network & Security Infrastructure

2,491+
Cisco Switches
+ 303 routers (EVPN-VXLAN)
1,734+
Arista Switches
Lossless GPU backend fabric
367+
Palo Alto Firewalls
PA-5580/PA-5560 series
152+
Petabytes Storage
NVMe over RDMA
  • Multi-vendor accelerators
    Four accelerator vendors — Intel Habana, NVIDIA, AMD, Qualcomm — orchestrated through one control plane with unified scheduling, monitoring, and lifecycle management.
  • Dual-fabric networking
    Cisco production fabric and Arista GPU backend fabric operating as a coordinated system, bridged by identity-aware routing.
  • Nationwide scale
    101 sites across 42 U.S. states, each operating autonomously with a local control agent and a sovereign cross-site routing plane.
  • Multi-tenant isolation
    Four-layer defense-in-depth: VXLAN VNIs, identity-routing, Palo Alto firewalls, and Cilium eBPF — validated across every plane and site.
  • Compliance readiness
    FIPS 140-2 at launch, with FedRAMP Moderate, CJIS, and IL4/IL5 certification paths active through Parinita compliance profiles.
  • Sub-millisecond routing
    Every request classified and dispatched in under 1ms, enabling real-time SLA enforcement without perceptible overhead.
06 / Use Cases

Required for any deployment with autonomous agents acting on real systems.

Sentry is not optional for agentic workloads — it is the governance layer that makes autonomous operation safe in regulated environments.

Any regulated workflow where demonstrating runtime control over agent behavior is a compliance requirement, not just a documentation exercise.

  • Autonomous Agent Deployments

    Any workload with AI agents acting on real systems requires runtime governance. Sentry is the governance layer, not an optional add-on.

  • Regulated AI Workflows

    Compliance frameworks increasingly require demonstrable runtime control over AI agent behavior — not just documented permissions.

  • Agent Marketplace Operations

    Every model, MCP server, and dataset published to Parinita Central passes through Sentry's five-track artifact governance pipeline before listing.

  • Insider Threat Detection

    Behavioral baselining catches agents whose runtime behavior deviates from their approved pattern — including agents compromised after approval.

  • Cross-Domain Security Correlation

    Sentry's behavioral anomaly signals feed Overwatch for cross-domain kill-chain correlation across the full Parinita security stack.

07 / Getting Started

Deployment Models

Sentry deploys as a platform-level service — not provisioned per agent. All agents in the fabric automatically fall under Sentry governance.

Platform-Level Governance
No Per-Agent Provisioning

Sentry activates automatically for all agents in the fabric. Every agent registered with the platform falls under Sentry governance from first registration.

Warden Keypair Issuance
Identity on First Registration

Warden issues Ed25519 keypairs and compiles Policy Warrants on first agent registration. BPF maps distribute to all NICs via NATS JetStream.

Artifact Submission Pipeline
For Central Publishers

Artifacts submitted to Parinita Central enter the five-track scan pipeline automatically. Composite risk score determines listing eligibility.

08 / Get Started

Talk to Us

Our security team can walk through Sentry's artifact governance pipeline and behavioral baselining for your specific agent deployment.