A Scalable Platform Built on top of Kubernetes to Provide Secure Remote Access, Deployment, Dynamic Routing, Unified Identity and User Management as well as L7-aware Access Control and Visibility to All Your MCP Servers Wherever They are Whether Internal Servers Behind NAT(e.g. Private Clouds, Containers, IoT, Your own Laptop) as well as Publicly Protected MCP Servers

Seamlessly Deploy, Scale and Provide Secure Access to your Streamable HTTP/SSE-based MCP Servers whose Docker Images are Stored in Public and Private Container Registries

Application-layer Aware Access Control where You can Control Access to HTTP Paths, Methods, Headers and Serialized JSON-RPC Body Content including Request Parameters and Methods via Identity-based Context-aware ABAC and Policy-as-Code via CEL and Open Policy Agent (OPA) on a per-Request Basis.

Apply your Own Custom Identity-based, Context-aware Request/Response Manipulation and Validation with Lua Scripts and Envoy ExtProc Compliant Servers. Dynamically Enforce Dynamic Rate Limiting, Caching and JSON Schema Validation on a Per-Request Basis.

Provide Unified Access for all your MCP Clients written in any Programming Language via Standard OAuth2 Client-Credentials Flow and Bearer Authentication without having to use Special SDKs or install any Clients

OpenTelemetry-ready Layer-7 Aware, Real-Time Visibility and Auditing to Your Log Management and SIEM Providers that Captures Request/Response Information, Including Serialized JSON Body Content

Application-layer Aware Dynamic Configuration where You can Route to Different MCP Servers and Manipulate the Request/Response Headers and Body Content Differently Based on Identity and Context via Policy-as-Code

A Scalable Platform Built on top of Kubernetes for Automatic Horizontal Scalability and Availability

Designed to be Administered like Kubernetes via DevOps/GitOps-friendly Centralized and Declarative Way. The Cluster is furthermore fully Programmable over gRPC.