en.Wedoany.com Reported - US-based Versa embeds zero trust controls into the AI agent execution chain. On May 21, Versa announced a zero trust architecture for the Model Context Protocol (MCP), which is patent-pending. The core mechanism verifies every step generated by an AI agent—before it takes effect—based on user identity, role permissions, and system policies.

After enterprises connect AI agents to network, security, operations, and business systems, a single user prompt may trigger multiple backend operations. The zero trust MCP architecture proposed by Versa specifically sets pre-execution controls for such "invisible operation chains." Under this architecture, AI-generated actions are no longer trusted by default. Before an action is executed, the system checks who the initiating user is, whether the user's role permits the operation, whether the current system context matches, and whether the operation type and risk level comply with preset policies. Administrators can predefine three outcomes: allow automatic execution, require manual confirmation, or block outright. Every permitted action retains a complete attribution record for subsequent visualization, auditing, and policy tracking.

Versa delivers this architecture within Versa Verbo. Verbo is Versa's AI operations co-pilot, and the zero trust MCP capability is also integrated into the VersaONE Universal SASE Platform, used to incorporate AI-driven event correlation, anomaly detection, and guided troubleshooting into a unified security and networking platform. For NetOps and SecOps teams, this means AI is not just an assistant for querying information but is also placed into a controlled execution environment jointly constituted by identity, permissions, policies, logs, and manual confirmation.

The role of MCP is to enable standardized connections between AI assistants and the systems where enterprise data resides. When Versa previously released its MCP Server, it explained that MCP is an open standard published by Anthropic in November 2024, which can connect AI assistants to data locations such as content repositories, business tools, and development environments, reducing fragmented point-to-point integrations. The Versa MCP Server is already used to allow Claude, ChatGPT, Gemini, Microsoft Copilot, and enterprise internal Copilots to securely query Versa systems through the Versa API, helping network and security teams view device status, alerts, path health, route summaries, template configurations, and bandwidth metrics within a unified API layer. The company disclosed that customers previously spent up to 70% of incident response time gathering information across systems; after using the MCP Server, mean time to repair was reduced by 45%. This background indicates that after AI agents enter network and security operations, efficiency gains come from cross-system connections, but risk also comes from the same connection chain; the zero trust MCP architecture moves the control point forward to before each step is executed, rather than tracing results after actions are completed.

With this move, Versa pushes MCP further from a "secure query system" to "secure action execution." In AI-driven operations, querying alerts, reading configurations, and summarizing status are only the first steps; subsequent actions may involve modifying policies, adjusting routes, triggering tickets, isolating devices, or invoking other security systems. If AI misinterprets prompts, has incomplete context, or unclear permission boundaries, automated operations could impact the production network. Through policy judgments based on identity, role, system context, action type, and risk level, enterprises can delegate low-risk actions to AI for automatic execution, route high-risk actions for manual confirmation, and directly block unauthorized actions. This type of mechanism provides clearer operational boundaries for AI agents entering production-grade network and security scenarios.

US-based Versa's introduction of the zero trust MCP architecture reflects that enterprise AI governance is extending from model output review to action execution control. Whether AI agents can be deployed at scale in enterprise environments depends critically not only on answer accuracy but also on whether every step can be verified, authorized, recorded, and held accountable. For enterprises already using SASE, SD-WAN, SSE, and unified network security platforms, AI agents will increasingly participate in troubleshooting and security operations, and zero trust controls will become one of the foundational requirements for their entry into production environments.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com