AI agents are quickly moving beyond chat. They inspect code, run tests, read documents, search knowledge bases, query internal systems, and operate for hours on behalf of a user. This unlocks productivity, but can also give agents access to sensitive enterprise data and the ability to complete tasks and take action across business systems, making a secure, governed environment essential.

The NVIDIA Secure Agent Workspace Reference Design introduces a clear architectural shift: the user’s laptop, browser, integrated development environment (IDE), or terminal serves as the presentation layer, not the execution layer. Agent execution occurs in a managed workspace where identity, network access, credentials, runtime policy, audit, and human review can be enforced consistently.

Figure 1. Example of the NVIDIA Secure Agent Workspace in an enterprise AI factory

As the AI factory industrializes AI for enterprise, this reference design outlines how to build a secure environment for autonomous agents to operate at an organizational scale.

This post outlines the steps to implement the Secure Agent Workspace Reference Design so enterprises can provide access to autonomous, always-on AI agents to their entire employee base. The architecture creates a more secure environment that governs agent behavior and network access. Employees can accomplish more advanced, complex tasks with AI that works for longer and uses more enterprise tools.