Citrix has unveiled new capabilities within its NetScaler platform aimed at enhancing the security and governance of enterprise AI agents utilizing the Model Context Protocol (MCP). The newly introduced NetScaler MCP Gateway serves as a centralized entry point for AI agents connecting to authorized MCP servers. Additionally, expanded features in the NetScaler AI Gateway now offer model routing and token-level visibility for large language model (LLM) traffic.
As organizations transition AI projects from pilot phases to full-scale production, managing AI agents becomes increasingly complex. These agents often interact with databases, internal tools, and business applications, executing multi-step workflows. Without centralized controls, enterprises risk facing unmanaged MCP servers, inconsistent authentication protocols, excessive permissions, and limited oversight of agent activities.
MCP is an emerging standard that facilitates interactions between AI models, agents, and external tools, services, and enterprise data. However, widespread adoption of MCP can lead to management challenges similar to those experienced in traditional API environments, such as fragmented endpoints, weak access controls, and unpredictable traffic patterns.
Citrix Unveils NetScaler MCP Gateway
The NetScaler MCP Gateway addresses these challenges by providing a unified policy and security layer for AI agent interactions. It dynamically routes agent requests to authorized backend MCP servers, reducing the need for development and infrastructure teams to manage separate access policies, authentication methods, and endpoints for each MCP deployment.
The gateway supports centralized authentication through per-user tokens, global tokens, OAuth, and hybrid authentication flows. Security teams can implement tool-based rate limits and configure server allowlists or blocklists, preventing AI agents from accessing unauthorized services or executing high-volume requests. These controls are particularly crucial in regulated sectors like healthcare, financial services, and government, where AI agents may handle sensitive records or operational systems.
Additional features include session persistence and protocol-aware health monitoring for MCP workloads. Session persistence ensures that an agent remains connected to the appropriate backend server during multi-step workflows, while health monitoring identifies unavailable or unhealthy MCP servers before they disrupt agent tasks.
Alongside the MCP Gateway, Citrix has expanded its NetScaler AI Gateway, initially launched in April. The platform now supports content switching-based model routing, enabling organizations to direct AI requests to different language models based on policy. For instance, routine requests can be routed to cost-effective models, while more complex workloads are directed to higher-capability models. The AI Gateway also tracks input and output token usage, as well as requests by team, user, or application, providing organizations with greater visibility into AI consumption. This monitoring aids in cost management, detection of unusual usage patterns, and assignment of AI spending responsibilities across business units.
Citrix is currently testing a private technology preview for Claude Code deployments, where the NetScaler AI Gateway functions as a centralized LLM gateway for developers accessing Anthropic models.
As AI integration becomes more prevalent in enterprise environments, the need for robust security and governance mechanisms grows. Citrix’s introduction of the NetScaler MCP Gateway and enhancements to the AI Gateway represent significant steps toward providing organizations with the tools necessary to manage and secure AI agent interactions effectively. These developments are crucial for maintaining compliance, ensuring data security, and optimizing AI resource utilization in complex enterprise ecosystems.