Aviatrix has integrated its Cloud Native Security Fabric with Microsoft Agent Control Specification, extending policy enforcement for AI agents to the network layer across multiple cloud environments.
The integration applies a single policy file across Amazon Web Services, Microsoft Azure, Google Cloud, and on-premises Kubernetes deployments, giving security teams one set of controls for AI agents regardless of where they run.
Aviatrix is positioning the arrangement as a way to address a gap in AI agent security. Many existing controls sit inside the software runtime, where they can govern tool use and other actions while an agent behaves as expected. But they may be less effective if the runtime itself is compromised or deceived.
Under the new setup, the same Agent Control Specification policy file used at the application layer is also translated into network rules. Those rules can then be enforced on outbound connections made by the agent across cloud and Kubernetes environments.
How It works
Microsoft Agent Control Specification is an open-source framework for setting rules on AI agents through a shared .guardrails.yaml file. The file is intended to define what tools an agent can use, which models it can access, and what boundaries apply to its behaviour.
With the Aviatrix integration, one workflow deploys the agent into environments such as AKS, EKS, GKE, or on-premises Kubernetes. A second workflow converts the policy file into firewall rules, which are reconciled by the Aviatrix controller and applied across the customer's cloud estate.
The result, according to the companies, is a two-layer approach. The Microsoft software development kit enforces controls inside the agent runtime, while Aviatrix applies restrictions at the network level on where the agent can connect and what traffic it can send.
The announcement reflects wider concern among security teams over how to control AI agents as businesses adopt them across different platforms and cloud providers. Unlike conventional applications, agents can make decisions, call tools, and use credentials with little human intervention, increasing the importance of strict boundaries around the systems they can reach.
Cross-cloud reach
The integration works across supported runtimes including AKS, EKS, GKE, and on-premises Kubernetes. Supported frameworks include Strands, LangChain, AutoGen, and other conformant runtimes built to the Microsoft specification.
Aviatrix described the integration as one of the first network-layer implementations of the Microsoft standard with cross-cloud enforcement. The product is available through its early access programme and is included in existing customer subscriptions at no additional cost.
That cross-cloud element is significant because many companies run AI workloads in more than one public cloud while also keeping some applications on their own infrastructure. Security teams often have to apply and audit separate controls in each environment, creating operational complexity and leaving gaps between platforms.
By using one policy format across clouds, the integration is intended to give security teams a single source of truth for what an agent is permitted to do. It also offers a clearer audit trail for regulated organisations that need to show which systems and services an AI agent could access.
Chris McHenry, chief product officer at Aviatrix, said the company's work with the Microsoft specification showed that a common standard alone was not enough without consistent enforcement across the environments where agents operate.
"Agents do not ask for permission, they do not respect platform boundaries, and they do not stop at the perimeter," McHenry said.
"After running Microsoft Agent Control Specification in private preview, what became clear is that a shared standard is only as strong as the layer that enforces it everywhere the agent operates. The Aviatrix Cloud Native Security Fabric delivers that enforcement at the one layer the agent does not control," he said.
Microsoft framed the partnership as part of a broader effort to make Agent Control Specification an open standard that works across vendors rather than a feature tied only to its own cloud products.
Sarah Bird, chief product officer for responsible AI at Microsoft, said: "We built Microsoft Agent Control Specification because customers should not have to negotiate a different security model for every agent platform they adopt. The ecosystem is what makes that vision real, and Aviatrix is exactly the kind of partner we hoped would step up. Its Cloud Native Security Fabric enforces Agent Control Specification at the network layer with the pervasive, cross-platform reach no single product can match. That is how an open control plane becomes a defensible enterprise standard."