NetFoundry Introduces Secure AI Enclave with OpenZiti to Power Zero Trust AI Environments
NetFoundry has announced the launch of its new secure AI enclave capabilities, extending OpenZiti—the world’s most widely adopted open-source zero trust platform—into enterprise AI ecosystems. This innovation is designed to help organizations securely deploy and scale AI workloads without compromising performance or security.
With this release, NetFoundry introduces advanced features such as zero trust MCP and LLM gateways. These capabilities directly address the growing “AI Connectivity Conundrum”—the challenge of balancing seamless AI access to enterprise data with the need to secure an increasingly complex attack surface.
The latest release is now available at https://openziti.ai.
Simplifying Secure AI Deployment in Enterprises
In addition to the open-source release, NetFoundry has launched a limited early access program for upcoming AI capabilities within its commercial cloud platform. These enhancements are built to simplify the deployment and ongoing management of internal AI systems.
By eliminating traditional network and firewall complexities, enterprises can:
- Accelerate AI deployment timelines
- Reduce operational overhead
- Gain end-to-end visibility into AI system activities
Organizations can register for early access at: www.netfoundry.io/EarlyAccessAI
The Growing Challenge of AI Connectivity and Security
Modern AI systems must operate across diverse environments—including multi-cloud infrastructures, VPCs, data centers, and edge networks. However, enabling this level of connectivity often increases exposure to cyber threats.
AI agents, MCP servers, LLMs, and enterprise data become more vulnerable when exposed to traditional network architectures. Without strict controls, AI agents can behave like highly privileged users, creating significant security risks.
Additionally, exposing AI tooling over networks makes them highly attractive targets for cyber attackers.
A New Zero Trust Model for AI Workloads
NetFoundry’s latest innovation replaces legacy network-based security models with an identity-first approach tailored for AI.
According to Galeal Zino, CEO and Founder of NetFoundry:
“Agentic AI breaks traditional network assumptions. Enterprises cannot scale AI using IP-based access controls and static API keys. With identity-first AI capabilities, organizations can secure their AI systems while accelerating deployment and improving operational efficiency.”
Key Features of NetFoundry’s AI Security Approach
1. Identity-First Architecture
Every AI agent, service, and resource is assigned a unique cryptographic identity, eliminating reliance on IP-based controls.
2. Service-Level Authorization
Access is granted at the service level rather than the network layer, ensuring tighter control and reduced risk.
3. Ephemeral and Authenticated Connections
All connections are temporary, continuously verified, and fully auditable for maximum security.
4. Complete Visibility and Auditability
Every interaction is logged with identity and policy details, providing full transparency into AI system behavior.
OpenZiti Zero Trust Gateways for AI
At the core of this solution are OpenZiti’s zero trust LLM and MCP gateways—lightweight components deployed alongside AI agents, MCP servers, and protected resources.
These gateways ensure:
- All connections are outbound-only
- No inbound firewall exceptions are required
- All services remain invisible to public and internal networks
- Strict “deny-all” firewall policies remain intact
This architecture significantly reduces the attack surface while maintaining seamless connectivity.
Why This Matters for AI-Driven Enterprises
As AI adoption accelerates, organizations need a secure, scalable way to connect AI systems without exposing critical infrastructure. NetFoundry’s zero trust AI enclave provides a modern solution that combines security, agility, and operational simplicity.
For businesses looking to future-proof their AI deployments, adopting an identity-first, zero trust architecture is no longer optional—it’s essential.
