ASTRA
Gate

Run agents at enterprise scale.
Without losing control.

ASTRA Gate is the enterprise control plane for agentic systems — one place to enforce policy, audit every action, route traffic to the right model, and keep token spend under control. The agent layer needs the same discipline as the rest of the enterprise stack.

Start a conversationSee the 5 control surfaces →
The Pain

You can't explain the bill.
You can't reconstruct what the agent did.

Two governance gaps hurt every enterprise running agents in production. Finance can't attribute token spend to its actual purpose. Compliance can't reconstruct what any specific agent did or why. Neither problem solves itself by adding more agents — both compound.

01

Token spend you can't explain

Token spend should be attributable to its actual purpose, not a mystery line on the AWS bill. When every agent calls models directly, finance sees aggregate cost without provenance. Three months in, the bill is real and the attribution is gone.

02

Audit trails you can't produce

Audit trails are not a post-incident reconstruction; they are a default property of every request. Without that default, every compliance review becomes archaeology — and every incident becomes a defensive scramble through scattered logs.

03

Five concerns. Five point solutions.

Today every agent re-implements identity, logging, policy, token tracking, and model selection. Five duplicated implementations × every agent × every team — and none of them enforced consistently.

Why Ungoverned Agents Fail

Direct calls.
No enforcement layer.
No defensible posture.

Most agent deployments start the same way — direct calls from agent code to model providers. It ships fast and demos well. Then production scale arrives, and four governance gaps surface in sequence.

  1. 01

    Policy enforced too late

    Policy applied at log-review time isn't policy — it's reporting. By the time a violation surfaces, the request has already executed and the model output is already in the workflow. Enforcement has to happen at request time, before the model is called.

  2. 02

    Identity bolted on, agent by agent

    Each agent's developer re-implements identity, access control, and credential management. The pattern drifts across teams. Inevitably one agent ships with a less-rigorous identity story than another, and the weakest link becomes the audit finding.

  3. 03

    Token attribution lost at source

    When agents call providers directly, the API key is shared. Costs aggregate at the team or org level, not at the agent-purpose level. By the time someone asks “what is this $40k spending on”, the trail is gone.

  4. 04

    Model lock-in is operational lock-in

    Agent code that calls a specific provider's SDK doesn't migrate cleanly. When a new model release outperforms the incumbent — or the incumbent's pricing changes — switching costs scale with how many agents you have.

Direct calls are fine for prototypes. They are not the right architecture for a portfolio of production agents with audit, identity, and cost expectations.

The Control-Plane Approach

Five control surfaces.
One layer.
Enforced at request time, not after the fact.

ASTRA Gate sits between every agent and every model. Every request passes through five control surfaces — policy, audit, identity, token routing, model selection — before any model is called. Enforcement is at request time. Audit is a default property, not a reporting exercise. Identity is verified once, consistently, across every agent.

Ungoverned

Direct calls
AGENT 1AGENT 2AGENT 3AGENT 4OpenAIAnthropicGoogle$$$NO AUDIT · UNATTRIBUTED COST

Agents call OpenAI / Anthropic / Google directly. No enforcement layer. No audit by default. Token spend in the aggregate. Identity per-agent. Governance is reporting, not control.

ASTRA Gate

One control plane
AGT 1AGT 2AGT 3AGT 4PAITMGATEOpenAIAnthropicGoogleAUDIT METADATA · COST ATTRIBUTED

Every request flows through one control plane. Five surfaces enforce in real-time. Audit metadata attached by default. Token spend attributed to purpose. Identity verified at the gate. Governance is a property of the architecture.

Audit trails are not a post-incident reconstruction; they are a default property of every request.

The 5 Control Surfaces

One layer.
Five enforcement points.
Every request.

A request enters the gate. It traverses five enforcement surfaces in sequence. Policy decides whether the request is permitted. Identity verifies who is asking. Token routing handles spend attribution. Model selection routes to the right backend. Audit records everything. The request exits the gate with full metadata attached.

REQUEST+ AUDITPOLICYAUDITIDENTITYTOKENMODELREQUEST-TIME ENFORCEMENT — EVERY SURFACE, EVERY REQUEST
  1. 01

    Policy & guardrails

    Per-agent, per-team, per-environment policies enforced before any model is called. Content rules, prompt-injection defences, output filtering, jurisdiction-specific restrictions. Policy decisions happen at request time, not in post-hoc log review.

  2. 02

    Audit & compliance trails

    Every request is logged with provenance — who, what, when, which model, which policy decision, which evidence chain. Audit metadata is immutable and queryable. Compliance reviewers and incident responders read from the same record.

  3. 03

    Identity & access

    Every agent action is bound to a verified identity — service account, user identity, or delegated principal. Access control respects organisational boundaries. No agent calls a model without an identified caller.

  4. 04

    Token routing & cost guardrails

    Token spend is attributable to its actual purpose — by agent, by team, by use case, by environment. Budget guardrails enforce spending caps at request time. Cost visibility is a property of the layer, not an add-on.

  5. 05

    Model selection & multi-model

    Routing decisions across OpenAI, Anthropic, Google, Azure-hosted, and self-hosted open-weights happen at the gate — configuration, not code. Model substitutions, A/B routing, fallback chains, and cost-optimised selection are all enforced here.

Four capabilities, all enforced at the layer — not bolted on per agent.

One layer, not five point solutions

Unified control plane — identity, policy, audit, token, model — in one place.

Enforced at request time

Not after the fact. Policy decisions, identity checks, and routing happen before the model is called.

Vendor-neutral

Vendor-neutral orchestration across OpenAI, Anthropic, Google, Azure-hosted models, and self-hosted open weights. Model decisions are configuration, not code.

Cost visible and bounded

Token spend attributable to its actual purpose. Budget guardrails at request time.

Target State

Audit by default.
Cost attributable.
Model decisions in configuration, not code.

When governance is a property of the architecture, it stops being a quarterly project. Compliance reviewers read the same record incident responders read. Finance sees token spend attributed at the agent-purpose level. Engineering swaps models in configuration files, not pull requests. The control plane is the deliverable.

Multi-model routing · cost attributed

INVESTIGATION$80DRAFTING$45Q&A$30ASTRA GATEROUTING POLICY+ COST GUARDRAILOpenAIAnthropicSelf-hostedTOTAL · ATTRIBUTEDMODEL · CONFIGURATION

Routing is policy. Cost is attributed to the agent purpose, not the bill. The model on the right of each row is a configuration decision — change it without rewriting any agent.

01

Stop re-implementing the same five concerns

Stop re-implementing identity, logging, and policy in every agent. One layer handles all five. Engineering capacity returns to the work that differentiates your product.

02

Audit becomes a query, not an archaeology dig

Reviewers ask the gate, not the team. Provenance, policy decisions, model selections, identity bindings — all queryable. Incident response shortens; compliance reviews stop being engineering interruptions.

03

Token spend you can defend

Finance sees attribution at the agent-purpose level. Budget conversations move from “what is this number” to “is this purpose worth the spend”. The conversation is about value, not mystery.

04

Model decisions are configuration, not code

When a new model release outperforms the incumbent, you change a configuration file — not a pull request across every agent. Vendor-neutral by architecture, not by aspiration.

R&D Backbone

Built on regulatory-technology research.
From the InnoHK lab ASTRA spun out of.

ASTRA Gate is built on regulatory-technology research from AIFT — the Laboratory for AI-Powered Financial Technologies, ASTRA's parent R&D lab. AIFT's research surface includes banking regulatory technology, capital-markets compliance, and AI governance for regulated environments. The control-plane architecture inherits that posture.

  1. 01

    Regulatory-tech heritage

    Audit trails, policy enforcement, and compliance-grade provenance aren't bolt-ons we added to the product later — they're the engineering posture the parent lab has been building in for years. The control plane reflects that, not a vendor's interpretation of “governance.”

  2. 02

    60+ engineer R&D bench

    When a Gate engagement needs research-grade depth — novel policy models, regulatory-jurisdiction routing, custom evaluation frameworks — we have the bench to build it. Senior engineers with direct access to AIFT's research team, not associates working from a playbook.

  3. 03

    InnoHK FinTech lab heritage

    AIFT is the only FinTech research laboratory recognised by InnoHK — Hong Kong SAR Government's flagship innovation programme. Co-founded by City University of Hong Kong, Columbia University, and Tsinghua University. ASTRA Gate inherits the regulatory-grade engineering posture by design.

Start

Bring the control plane in

If your agent portfolio is outgrowing the governance posture it started with, let's talk.

Tell us how many agents are in production today, where audit and cost gaps are surfacing, and what your model-selection roadmap looks like. We'll sketch the control-plane shape and the engagement model for your team.

Gate team

See where ASTRA Gate fits in /solutions →The Forge deep-dive →