Future of AIAI

The Hidden Infrastructure Behind Securing Enterprise AI

By Sheng Liang, CEO at Obot AI

AI requires system integration to be effective – but it’s not as simple as linking them together. Think of it like adding new appliances to your home: each one needs to be plugged into the right outlet, with the right protections, or you risk overloading the system. In the enterprise, the Model Context Protocol (MCP) is the standard that makes sure AI tools like agents, copilots and chat interfaces can “plug in” to applications and data. The challenge is keeping all of those connections secure and organized. 

This is where MCP Gateways come in. A gateway acts like the breaker box in your house. It is the single point of control that manages power flow, prevents overloads and keeps everything labeled so you know what is connected where. Without this control, companies risk a tangle of connections that are hard to track and potentially unsafe. 

Why Enterprises Need MCP Gateways 

Vendors, developers and even business teams are spinning up their own versions of MCP servers as AI’s adaptation expands. They’re connecting everything from from internal apps to SaaS platforms, but without a central point of control, IT teams run into familiar headaches: 

  • Lack of discoverability: Employees often do not know which MCP servers exist, what they do or how to access them. 
  • Scattered instructions: Decentralized MCP deployments make it difficult to find accurate and up-to-date usage guidance. 
  • Security blind spots: Shadow MCP servers can expose sensitive systems without IT oversight. 
  • Governance gaps: Enforcing access policies, tracking usage and ensuring compliance across dozens or hundreds of servers is nearly impossible without the right tools. 

MCP Gateways provide a solution: They act as a single layer to catalog, secure and monitor MCP servers while making them easier for employees and AI tools to access.  

Three new open source projects — Obot MCP Gateway, Microsoft MCP Gateway, and IBM ContextForge MCP Gateway — highlight different approaches to this emerging need. 

Obot MCP Gateway 

The Obot MCP Gateway (GitHub), functions as both a gateway and a proxy, giving organizations one hub to manage MCP connections. Employees can use a browser-based chat client to connect with approved servers and even build workflows that link multiple tools together. At the same time, IT teams can set policies, track use and maintain security oversight. 

Key features include: 

  • Secure, Compliant Gateway & Proxy: Route all MCP traffic securely with OAuth 2.1 authentication, encryption, request filtering, and audit logging for enterprises – all while enforcing policies for hosted and remote MCP servers. 
  • Chat client: Interact with web-based LLMs and connected MCP’s that maintain threaded conversations, and orchestrate multi-step workflows. 
  • Workflow & Task Configuration: Create repeatable tasks and chain servers together for automated processes directly from the chat interface. 
  • Discovery & Catalog Management: Search and explore MCP servers tailored to user roles, with detailed documentation and capabilities. 
  • Administrative controls: One pane to onboard servers, deploy hosted instances, define access control policies, monitor usage and manage users, groups, and LLM providers. 
  • Scalable & Open-Source: Deploy on-premises or in the cloud, integrate custom servers or tools and adapt to shifting environments without vendor lock-in. 

Obot’s combination of gateway, proxy and chat interface provides enterprises with a comprehensive, standards-based platform for scaling AI adoption safely and efficiently, while giving users a productive, flexible environment for interacting with LLMs and MCP-connected tools.  

Microsoft MCP Gateway 

Microsoft’s approach (GitHub) is built for scale, focusing on infrastructure and lifecycle management. Key features include: 

  • Data gateway: Directs traffic to the right server with session affinity. 
  • Control plane: Provides tools to deploy, update and retire server instances so environments remain organized and current. 
  • Enterprise integration: Built-in hooks for telemetry, access control, and observability for IT to track performance and enforce security. 
  • Adapters: Represent MCP servers under the /adapters scope, coexisting with other resource types like /agents in a unified AI development platform 
  • Session-aware routing: Ensures all requests tied to a session_id are consistently routed to the same MCP server instance. 

For enterprises, Microsoft’s gateway is like a high-capacity utility grid: It keeps connections flowing smoothly and ensures systems scale without losing reliability 

IBM ContextForge MCP Gateway 

IBM’s ContextForge (GitHub) takes a federation approach, bringing multiple MCP and REST services under one endpoint. It can also adapt older APIs so they work within the MCP standard, helping organizations extend the value of their existing systems. 

Key features include: 

  • Federation layer: Consolidates multiple MCP and REST APIs into a single, unified access point. 
  • Legacy adaptation: Converts older APIs into MCP-compliant tools, reducing the need for costly integrations or rebuilds. 
  • Flexible protocols: Supports communication methods such as HTTP and WebSocket to fit different environments. 
  • Admin dashboard: Provides a visual interface for configuring servers and monitoring activity without relying only on code. 
  • Built-in protections: Includes authentication, retries and rate limits to safeguard systems from overload or misuse. 

It also supports Agent-to-Agent (A2A) integration, enabling external AI agents like OpenAI or Anthropic to connect with federated MCPs. 

However, it’s important to note that ContextForge is currently in alpha/early beta (v0.5.0). For now, it is better suited for testing than live use. 

Looking Ahead 

As MCP adoption accelerates, gateways are becoming the layer that keeps connections secure, discoverable and governed. Each option takes a different approach, so the best fit depends on your organization’s priorities: 

  • Use Obot if you want a flexible platform that combines discovery, chat and workflow tools in one place. 
  • Use Microsoft if your priority is large-scale reliability, strong routing and lifecycle management. 
  • Use IBM if you need to connect many different services and adapt legacy systems, while recognizing the project is still in its early stages. 

MCP Gateways are clearing the way for safer, more reliable AI use inside enterprises. They give IT the levers to manage discovery, security and governance while reducing the risks of uncontrolled growth. As Obot, Microsoft and IBM refine their approaches, gateways will increasingly shape how organizations connect AI to their data and workflows — not as an afterthought, but as core infrastructure for the next phase of adoption. 

Author

Related Articles

Back to top button