Start on one host. Scale to governed enterprise AI.
Deploy Agent Access Manager in your own environment to govern how AI agents and applications access models and MCP tools. Protect provider credentials, enforce guardrails, budgets, and rate limits at runtime, and maintain auditable records as you scale from Docker Compose to Kubernetes. Provider usage stays in your own accounts.
Distributed multi-replica deployment behind a load balancer
Kubernetes deployment with Helm and horizontal autoscaling
Shared runtime state across application replicas
Cluster-wide rate limiting and containment via shared counters
External managed PostgreSQL and scalable OpenSearch integration
S3-compatible object storage for report artifacts
Custom identity-provider architecture
MCP Orchestration for isolated self-hosted MCP servers
Priority Support included
Business Critical Support available
Compare Editions
What each edition includes.
Evaluate the full technical platform for 30 days, then choose the production license that matches your deployment and support requirements. Provider usage stays in your own accounts.
Capability
Evaluation Edition
Standard Edition
Professional Edition
Platform and deployment
Deployment location
Customer environment
Customer environment
Customer environment
Primary deployment
Docker Compose or Kubernetes with Helm
Docker Compose with production overlays
Multi-replica or Kubernetes with Helm
Application instances
N replicas
1
N replicas
Offline installation
Horizontal scaling
—
Administration dashboard
Gateway and routing
OpenAI-compatible gateway
Gateway APIs
Chat, embeddings, responses, messages, and models
Chat, embeddings, responses, messages, and models
Chat, embeddings, responses, messages, and models
Virtual keys
Key expiry suspension and revocation
Provider credential encryption
AES-256-GCM
AES-256-GCM
AES-256-GCM
Provider catalog and model aliases
Provider adapters
OpenAI-compatible, Anthropic, Gemini, and Vertex
OpenAI-compatible, Anthropic, Gemini, and Vertex
OpenAI-compatible, Anthropic, Gemini, and Vertex
Health-aware routing and fallback
Governance and guardrails
Spend and token budgets
Org, team, project, and key
Org, team, project, and key
Org, team, project, and key
RPM and TPM rate limits
Org, team, project, and key
Org, team, project, and key
Org, team, project, and key
Request and response guardrails
Guardrail actions
Allow, flag, redact, or block
Allow, flag, redact, or block
Allow, flag, redact, or block
Pattern and regex detectors
AI-classifier detectors
Presidio and Llama Guard
Tool-call argument screening
Flag or block
Flag or block
Flag or block
Reversible redaction with client-side restore
Identity and access
Bundled Keycloak
Multi-user access and human RBAC
Human roles
Owner, admin, operator, user, guest, and team lead
Owner, admin, operator, user, guest, and team lead
Owner, admin, operator, user, guest, and team lead
External OIDC provider
Optional
Provider keys hidden from agents
Observability and audit
Searchable audit trails
Advanced security search
Advanced security search
Advanced security search
Usage and security reporting
Report formats
HTML, CSV, JSON, and PDF
HTML, CSV, JSON, and PDF
HTML, CSV, JSON, and PDF
SIEM search and detections
Sigma rules and UEBA
SOAR containment
Alert, quarantine, and throttle
Alert, quarantine, and throttle
Alert, quarantine, and throttle
Prometheus metrics
Retention
Administrator-configured
Administrator-configured
Administrator-configured
MCP security and operations
MCP Gateway with tool-call guardrails
MCP Registry of approved servers
Per-key and per-team tool permissions
MCP Orchestration for isolated self-hosted servers
—
Scale-out and enterprise infrastructure
Application replicas behind a load balancer
—
Kubernetes deployment with Helm
—
Horizontal autoscaling
—
Shared rate-limit counters across replicas
—
External managed PostgreSQL and OpenSearch
—
S3-compatible report artifact storage
—
Custom identity-provider architecture
—
Support
Documentation
Support channel
Community
Standard Support
Priority Support
Onboarding
Self-service
Paid remote onboarding available
Scoped remote onboarding available
Business Critical Support
Not available
Not available
Optional paid add-on
Frequently Asked Questions
Questions enterprise teams ask before deployment.
Understand how Agent Access Manager is deployed, licensed, integrated, implemented, and supported in customer-managed environments.
1.
Can we evaluate Agent Access Manager in our own environment?
A
Yes. Evaluation Edition provides a 30-day self-hosted evaluation at no charge. It can be deployed with Docker Compose so your team can validate gateway integration, virtual keys, provider routing, budgets, rate limits, guardrails, and audit visibility using your own applications and provider accounts. Assisted remote evaluation is also available for $5,000 and is credited toward an annual license when purchased within 60 days.
2.
Where does Agent Access Manager run, and can it scale to Kubernetes?
A
Every edition runs in infrastructure controlled by your organization. Evaluation Edition supports a single-host Docker Compose deployment, while Standard Edition licenses a customer-managed production deployment. Professional Edition supports multi-replica and Kubernetes deployments using Helm, with shared runtime state so rate limits and containment hold across replicas.
3.
How is the on-premises software licensed?
A
Agent Access Manager is licensed through an annual software subscription rather than a month-to-month hosted-service plan. Standard Edition is $30,000 per year per production deployment and includes one non-production deployment, updates, security patches, and Standard Support. Professional Edition starts at $90,000 per year and is scoped according to production clusters, environments, identity integrations, operational requirements, and support needs. Customer infrastructure and AI-provider usage charges are separate from the software subscription.
4.
Which model providers, endpoints, and application frameworks can we connect?
A
Agent Access Manager supports OpenAI-compatible endpoints and provider adapters for Anthropic, Gemini, and Vertex AI, along with supported self-hosted model endpoints. Applications and frameworks that can use a configurable OpenAI-compatible base URL can connect through scoped virtual keys and model aliases. Provider usage remains in the customer’s existing provider accounts.
5.
What is the difference between Standard Edition and Professional Edition?
A
Standard Edition licenses a single-instance production deployment and includes the complete governance feature set: virtual keys, routing, budgets, rate limits, guardrails with AI classifiers, searchable audit, detections, behavioral analytics, and SOAR containment. Professional Edition adds the scale-out architecture: multiple application replicas behind a load balancer, Kubernetes deployment with Helm and horizontal autoscaling, shared runtime state so rate limits and containment hold cluster-wide, integration with external managed PostgreSQL and OpenSearch, S3-compatible report storage, custom identity-provider architecture, and Priority Support.
6.
What MCP capabilities are included, and in which editions?
A
The MCP Gateway governs agent tool calls to MCP servers with the same guardrail, policy, and audit pipeline as model traffic. The MCP Registry provides a private catalog of approved remote and self-hosted MCP servers with per-agent, per-key, and per-team tool permissions. MCP Orchestration, included in Professional Edition, additionally deploys self-hosted MCP servers as isolated workloads and manages their configuration, secrets, logs, status, and restarts. The MCP Gateway and MCP Registry are available in every edition.
7.
How are credentials and customer data protected?
A
Provider credentials are encrypted with AES-256-GCM and accessed only by the gateway when executing authorized requests. Agents and applications use scoped virtual keys — stored only as hashes — instead of receiving reusable provider credentials. Agent Access Manager, its policy configuration, and its audit records run in the customer’s environment, while model inputs are sent only to the providers or endpoints the customer configures.
8.
What controls can be enforced before an AI request reaches a provider?
A
Agent Access Manager can enforce provider, model, budget, RPM, TPM, content, PII, and secret policies at runtime. Configured request and response guardrails can allow, flag, redact, or block activity, including tool-call arguments and streamed responses. Budgets and rate limits are checked before any provider is called and are enforced across the organization, team, project, and key at once. Every request is recorded with the applicable identity, policy decision, and outcome for investigation and operational review.
9.
What is included in implementation and remote onboarding?
A
Standard Edition remote onboarding is available for a one-time fee of $7,500. Professional Edition remote onboarding starts at $20,000 and is scoped according to deployment complexity, Kubernetes architecture, identity integration, and operational readiness. A typical engagement can include architecture review, deployment guidance, provider integration planning, policy configuration, validation, and administrator handoff. The final scope, schedule, responsibilities, and deliverables are confirmed before the engagement begins.
10.
Can AethosHub provide onsite architecture, deployment, or training assistance?
A
Yes. Onsite professional services are available at $2,500 per consultant-day with a three-day minimum. Travel, lodging, visa costs, and local transportation are billed separately. International travel days are billed at 50% of the consultant-day rate, and the engagement scope is agreed in advance.
11.
What support coverage and response targets are available?
A
Standard Edition includes Standard Support with 8x5 local business-hours coverage and initial response targets of 4 business hours for P1, 1 business day for P2, and 2 business days for P3. Professional Edition includes Priority Support with 24x7 P1 coverage and initial response targets of 2 hours for P1, 4 business hours for P2, and 1 business day for P3. Business Critical Support is an optional Professional Edition add-on starting at $30,000 per year or 25% of annual license value, whichever is greater. It provides 24x7 P1 and P2 coverage with initial response targets of 1 hour for P1, 2 hours for P2, and 4 business hours for P3. These are initial response targets, not guaranteed resolution times or customer-infrastructure uptime commitments.