Start on one host. Scale to governed enterprise AI.

Deploy Agent Access Manager in your own environment to govern how AI agents and applications access models and MCP tools. Protect provider credentials, enforce guardrails, budgets, and rate limits at runtime, and maintain auditable records as you scale from Docker Compose to Kubernetes. Provider usage stays in your own accounts.

Agent Access Manager
Evaluate securely

Evaluation Edition

Free Trial

30-day self-hosted evaluation

Start evaluation

Full platform evaluation includes:

  • Full technical feature set for the 30-day evaluation
  • Docker Compose, multi-replica, and Kubernetes deployment options
  • Governed model access, routing, virtual keys, budgets, and rate limits
  • Multi-user RBAC, identity integration, guardrails, searchable audit, and security analytics
  • AI-classifier guardrails with Presidio PII and Llama Guard content safety
  • SIEM detections, Sigma rules, behavioral analytics, and SOAR containment
  • MCP Gateway, MCP Registry, and MCP Orchestration
Scale securely

Professional Edition

$90,000/year

Annual agreement based on deployment scope and support requirements

Contact sales

Professional production license includes:

  • Distributed multi-replica deployment behind a load balancer
  • Kubernetes deployment with Helm and horizontal autoscaling
  • Shared runtime state across application replicas
  • Cluster-wide rate limiting and containment via shared counters
  • External managed PostgreSQL and scalable OpenSearch integration
  • S3-compatible object storage for report artifacts
  • Custom identity-provider architecture
  • MCP Orchestration for isolated self-hosted MCP servers
  • Priority Support included
  • Business Critical Support available
Compare Editions

What each edition includes.

Evaluate the full technical platform for 30 days, then choose the production license that matches your deployment and support requirements. Provider usage stays in your own accounts.

CapabilityEvaluation EditionStandard EditionProfessional Edition
Platform and deployment
Deployment locationCustomer environmentCustomer environmentCustomer environment
Primary deploymentDocker Compose or Kubernetes with HelmDocker Compose with production overlaysMulti-replica or Kubernetes with Helm
Application instancesN replicas1N replicas
Offline installation
Horizontal scaling
Administration dashboard
Gateway and routing
OpenAI-compatible gateway
Gateway APIsChat, embeddings, responses, messages, and modelsChat, embeddings, responses, messages, and modelsChat, embeddings, responses, messages, and models
Virtual keys
Key expiry suspension and revocation
Provider credential encryptionAES-256-GCMAES-256-GCMAES-256-GCM
Provider catalog and model aliases
Provider adaptersOpenAI-compatible, Anthropic, Gemini, and VertexOpenAI-compatible, Anthropic, Gemini, and VertexOpenAI-compatible, Anthropic, Gemini, and Vertex
Health-aware routing and fallback
Governance and guardrails
Spend and token budgetsOrg, team, project, and keyOrg, team, project, and keyOrg, team, project, and key
RPM and TPM rate limitsOrg, team, project, and keyOrg, team, project, and keyOrg, team, project, and key
Request and response guardrails
Guardrail actionsAllow, flag, redact, or blockAllow, flag, redact, or blockAllow, flag, redact, or block
Pattern and regex detectors
AI-classifier detectors
Presidio and Llama Guard
Tool-call argument screeningFlag or blockFlag or blockFlag or block
Reversible redaction with client-side restore
Identity and access
Bundled Keycloak
Multi-user access and human RBAC
Human rolesOwner, admin, operator, user, guest, and team leadOwner, admin, operator, user, guest, and team leadOwner, admin, operator, user, guest, and team lead
External OIDC providerOptional
Provider keys hidden from agents
Observability and audit
Searchable audit trailsAdvanced security searchAdvanced security searchAdvanced security search
Usage and security reporting
Report formatsHTML, CSV, JSON, and PDFHTML, CSV, JSON, and PDFHTML, CSV, JSON, and PDF
SIEM search and detections
Sigma rules and UEBA
SOAR containmentAlert, quarantine, and throttleAlert, quarantine, and throttleAlert, quarantine, and throttle
Prometheus metrics
RetentionAdministrator-configuredAdministrator-configuredAdministrator-configured
MCP security and operations
MCP Gateway with tool-call guardrails
MCP Registry of approved servers
Per-key and per-team tool permissions
MCP Orchestration for isolated self-hosted servers
Scale-out and enterprise infrastructure
Application replicas behind a load balancer
Kubernetes deployment with Helm
Horizontal autoscaling
Shared rate-limit counters across replicas
External managed PostgreSQL and OpenSearch
S3-compatible report artifact storage
Custom identity-provider architecture
Support
Documentation
Support channelCommunityStandard SupportPriority Support
OnboardingSelf-servicePaid remote onboarding availableScoped remote onboarding available
Business Critical SupportNot availableNot availableOptional paid add-on
Frequently Asked Questions

Questions enterprise teams ask before deployment.

Understand how Agent Access Manager is deployed, licensed, integrated, implemented, and supported in customer-managed environments.

Can we evaluate Agent Access Manager in our own environment?

Yes. Evaluation Edition provides a 30-day self-hosted evaluation at no charge. It can be deployed with Docker Compose so your team can validate gateway integration, virtual keys, provider routing, budgets, rate limits, guardrails, and audit visibility using your own applications and provider accounts. Assisted remote evaluation is also available for $5,000 and is credited toward an annual license when purchased within 60 days.

Where does Agent Access Manager run, and can it scale to Kubernetes?

Every edition runs in infrastructure controlled by your organization. Evaluation Edition supports a single-host Docker Compose deployment, while Standard Edition licenses a customer-managed production deployment. Professional Edition supports multi-replica and Kubernetes deployments using Helm, with shared runtime state so rate limits and containment hold across replicas.

How is the on-premises software licensed?

Agent Access Manager is licensed through an annual software subscription rather than a month-to-month hosted-service plan. Standard Edition is $30,000 per year per production deployment and includes one non-production deployment, updates, security patches, and Standard Support. Professional Edition starts at $90,000 per year and is scoped according to production clusters, environments, identity integrations, operational requirements, and support needs. Customer infrastructure and AI-provider usage charges are separate from the software subscription.

Which model providers, endpoints, and application frameworks can we connect?

Agent Access Manager supports OpenAI-compatible endpoints and provider adapters for Anthropic, Gemini, and Vertex AI, along with supported self-hosted model endpoints. Applications and frameworks that can use a configurable OpenAI-compatible base URL can connect through scoped virtual keys and model aliases. Provider usage remains in the customer’s existing provider accounts.

What is the difference between Standard Edition and Professional Edition?

Standard Edition licenses a single-instance production deployment and includes the complete governance feature set: virtual keys, routing, budgets, rate limits, guardrails with AI classifiers, searchable audit, detections, behavioral analytics, and SOAR containment. Professional Edition adds the scale-out architecture: multiple application replicas behind a load balancer, Kubernetes deployment with Helm and horizontal autoscaling, shared runtime state so rate limits and containment hold cluster-wide, integration with external managed PostgreSQL and OpenSearch, S3-compatible report storage, custom identity-provider architecture, and Priority Support.

What MCP capabilities are included, and in which editions?

The MCP Gateway governs agent tool calls to MCP servers with the same guardrail, policy, and audit pipeline as model traffic. The MCP Registry provides a private catalog of approved remote and self-hosted MCP servers with per-agent, per-key, and per-team tool permissions. MCP Orchestration, included in Professional Edition, additionally deploys self-hosted MCP servers as isolated workloads and manages their configuration, secrets, logs, status, and restarts. The MCP Gateway and MCP Registry are available in every edition.

How are credentials and customer data protected?

Provider credentials are encrypted with AES-256-GCM and accessed only by the gateway when executing authorized requests. Agents and applications use scoped virtual keys — stored only as hashes — instead of receiving reusable provider credentials. Agent Access Manager, its policy configuration, and its audit records run in the customer’s environment, while model inputs are sent only to the providers or endpoints the customer configures.

What controls can be enforced before an AI request reaches a provider?

Agent Access Manager can enforce provider, model, budget, RPM, TPM, content, PII, and secret policies at runtime. Configured request and response guardrails can allow, flag, redact, or block activity, including tool-call arguments and streamed responses. Budgets and rate limits are checked before any provider is called and are enforced across the organization, team, project, and key at once. Every request is recorded with the applicable identity, policy decision, and outcome for investigation and operational review.

What is included in implementation and remote onboarding?

Standard Edition remote onboarding is available for a one-time fee of $7,500. Professional Edition remote onboarding starts at $20,000 and is scoped according to deployment complexity, Kubernetes architecture, identity integration, and operational readiness. A typical engagement can include architecture review, deployment guidance, provider integration planning, policy configuration, validation, and administrator handoff. The final scope, schedule, responsibilities, and deliverables are confirmed before the engagement begins.

Can AethosHub provide onsite architecture, deployment, or training assistance?

Yes. Onsite professional services are available at $2,500 per consultant-day with a three-day minimum. Travel, lodging, visa costs, and local transportation are billed separately. International travel days are billed at 50% of the consultant-day rate, and the engagement scope is agreed in advance.

What support coverage and response targets are available?

Standard Edition includes Standard Support with 8x5 local business-hours coverage and initial response targets of 4 business hours for P1, 1 business day for P2, and 2 business days for P3. Professional Edition includes Priority Support with 24x7 P1 coverage and initial response targets of 2 hours for P1, 4 business hours for P2, and 1 business day for P3. Business Critical Support is an optional Professional Edition add-on starting at $30,000 per year or 25% of annual license value, whichever is greater. It provides 24x7 P1 and P2 coverage with initial response targets of 1 hour for P1, 2 hours for P2, and 4 business hours for P3. These are initial response targets, not guaranteed resolution times or customer-infrastructure uptime commitments.