The Security Questions Every Enterprise AI Team Should Answer

If you're responsible for an enterprise AI platform, you've probably deployed an AI gateway by now. Something that proxies LLM requests, manages API keys, tracks costs, runs some guardrails on prompts. That's table stakes at this point.

But a question that keeps coming up for platform and security teams: what's happening at the network layer?

Your AI gateway sees the requests that flow through it, but it doesn't see what your agents can reach. It doesn't control which MCP servers a compromised agent could discover. It doesn't isolate agent A from agent B when agent A starts misbehaving. It doesn't enforce engagement terms between agents from different organizations. It doesn't even know those agents exist until they send a request.

This is a blind spot. It's the same blind spot the industry had with microservices before service mesh, and with remote access before zero trust started replacing VPNs. The application layer handles what it can see, but the network layer handles everything else.

The problem, concretely