AI Agent Gateways Become the Enterprise Control Plane for Governed Agentic AI
forbes.com

AI Agent Gateways Become the Enterprise Control Plane for Governed Agentic AI

Tech News
5 min read

Published by AINave Editorial • Reviewed by Ramit

TL;DRA new product category, the AI agent gateway, is emerging as a centralized control plane between AI agents and the models/tools they access. Nutanix, Arcade, and Manufact are launching solutions to enforce authentication, rate limiting, tool permissions, and audit logging across agent traffic. The market is consolidating through acquisitions (Portkey into Palo Alto Networks) and open governance (Linux Foundation's Agentic AI Foundation). For AI builders, gateways address the growing need to govern agent traffic, control costs, and maintain observability as agent pilots scale. However, MCP governance features remain tech previews, and Gartner warns over 40% of agentic AI projects may be canceled by 2027 due to cost and risk.

A new infrastructure layer is taking shape in enterprise AI: the AI agent gateway. It sits between AI agents and the models and tools they call, enforcing authentication, rate limiting, tool permissions, and audit logging. Nutanix, Arcade, and Manufact have all launched gateway products in recent weeks, and the category is already consolidating through acquisitions and open-source governance. For teams building and deploying AI agents at scale, this layer determines whether agent traffic stays governed or spirals into unmanageable cost and security risk.

What happened

Nutanix shipped the Nutanix Agent Gateway as a generally available part of Nutanix Enterprise AI 2.7 in late May. The gateway provides a unified endpoint that routes agent requests to models such as OpenAI GPT on Azure, Anthropic Claude, or a self-hosted Llama model, with consistent authentication and rate limiting across all of them. If the primary provider fails, traffic falls over to a configured backup. The same gateway sits in front of Model Context Protocol (MCP) servers, applying tool-level filtering so a customer service agent gets read-only database access while a DevOps agent gets full GitHub write permissions. Every request is logged for audit, and token usage is metered per agent and per team.

Arcade made its agent authorization and tool-execution runtime available through the Microsoft Azure and AWS marketplaces on July 3, letting enterprises deploy it inside their own cloud with one click. A day earlier, Manufact opened its MCP hosting cloud to take an MCP server from a GitHub push to a monitored production endpoint.

The market is consolidating along two paths. On one side, security incumbents are buying the layer outright: Palo Alto Networks completed its acquisition of Portkey in May, folding a standalone AI gateway into its security platform. On the other side, the plumbing is moving to neutral ground. Solo.io donated agentgateway to the Agentic AI Foundation in June, making it the fourth hosted project under the group's Linux Foundation governance. The Apache 2.0 project handles MCP, agent-to-agent, inference, HTTP, and gRPC traffic through one data plane, with more than 300 contributors across 60 organizations including CoreWeave, Red Hat, Adobe, Salesforce, and Microsoft.

Gartner has predicted that more than 40% of agentic AI projects will be canceled by 2027 over escalating costs, unclear value, or weak risk controls.

Why AI builders should care

An agent gateway inserts one governed hop into the path between agents and everything they touch. Without it, an organization ends up with dozens of agents hitting production systems directly, with no single place to see the traffic or stop it. The gateway provides a centralized control point that can reduce uncontrolled traffic and data exposure.

For teams building multi-agent systems or deploying agents that call external tools (GitHub, Stripe, databases, internal APIs), the gateway enforces policy consistently. It applies authentication across models and tools, implements rate limiting, and enforces tool permissions (read-only vs. write access) for different agents or teams. Every request is logged for audit and cost attribution.

The open governance push matters for procurement decisions. The Agentic AI Foundation's Apache 2.0 project offers a vendor-agnostic data plane that no single company owns, which could influence future deployment models and reduce lock-in risk.

Practical implications

For security and procurement teams evaluating gateways, the Forbes article recommends a diligence checklist with three questions:

  • Ownership: Which parts of the governance are proprietary, and which are thin wrappers around an AWS or Azure primitive you already pay for?
  • Cost behavior: What does the bill do when tool calls double, and when agent volume falls short of the vendor's assumptions?
  • Enforcement: Is authentication required for every tool and every MCP method, or only for the obvious ones? Inconsistent enforcement is the failure mode CyCognito keeps finding in the wild.

Vendors are diverging in strategy. Nutanix approaches from private inference and hybrid infrastructure. Arcade comes from authorization. Manufact comes from the developer lifecycle. Portkey sold into a security platform. agentgateway moved to open governance. Buyers must decide whether the control point belongs within a vendor's security suite or within an open project.

Caveats

Not every tool call needs a gateway. Developers have argued that agents already handle human-built command-line tools and REST APIs when a project rules file points them there. For a stable, repo-local script, wrapping it in a gateway adds unnecessary surface area. The gateway earns its place where an integration is shared, permissioned, observable, or reused across many agents.

Nutanix ships the MCP server governance and the bundled test agent as tech preview, meaning those pieces are not yet meant for production. The token routing, observability, and rate limiting are the generally available core. The tech-preview status of MCP governance features across several products is a reminder that the security story is still maturing, even as agents are already in production.

Gartner's cost-risk warning highlights how rapidly governance spending could outpace value if not carefully managed. A gateway promises to control token spend, yet it is another service to run, and its pricing logic often assumes that agent volume will keep climbing.

FAQs

What is an AI agent gateway and why are enterprises adopting it?

An AI agent gateway is an inline control plane that sits between AI agents and their target models and tools. It enforces authentication, rate limiting, tool permissions, and audit logging for every agent request. Enterprises are adopting gateways to manage traffic, control costs, and maintain security as agent pilots scale across departments. Without a gateway, organizations risk ungoverned agents hitting production systems directly with no centralized visibility.

Which vendors are offering AI agent gateway solutions?

Nutanix offers the Nutanix Agent Gateway as part of Nutanix Enterprise AI 2.7, providing centralized token routing, authentication, rate limiting, and auditing. Arcade provides agent authorization and tool-execution runtime via cloud marketplaces. Manufact enables MCP server governance to centralize discovery and calls via MCP endpoints. Additionally, Portkey (acquired by Palo Alto Networks) and the open-source agentgateway project (under the Linux Foundation's Agentic AI Foundation) are key players.

How do AI agent gateways enforce authentication, rate limiting, and tool permissions?

Gateways apply authentication across all models and tools through a unified endpoint. They implement rate limiting per agent or team, and enforce tool-level permissions (e.g., read-only database access for a customer service agent vs. full GitHub write permissions for a DevOps agent). Every request is logged for audit, and token usage is metered for cost attribution. If a primary model provider fails, traffic falls over to a configured backup.

What governance and security concerns do MCP and agent gateways address?

Governance concerns include controlling which tools and models agents can reach, ensuring auditable traces of agent actions, and managing cost attribution. Security concerns include discovery of externally reachable MCP servers that expose business operations, and insider risk from privileged agents. Gateways address these by centralizing authentication, permissions, and logging. Open governance efforts like the Agentic AI Foundation aim to provide standardized, vendor-agnostic data planes with broad community involvement.

Sources

Latest Tech News