Nvidia secures and protects agent AI with new NeMo Guardrails NIMs

As the use of agent-based AI continues to grow, so does the need for security.

today, Nvidia announced a series of updates for its NeMo enclosure technology designed specifically to meet the needs of agent AI. The main idea behind fences is to provide some form of policy and control for large language models (LLMs) to help prevent unauthorized and unintended inferences. The fence concept has been widely used in recent years by several vendors, including AWS.

New updates to Nvidia’s NeMo Guardrails are designed to make it easier for organizations to deploy and provide more granular control types. NeMo Guardrails are now available as NIM (Nvidia Inference microservices), which are optimized for Nvidia GPUs. In addition, there are three new dedicated NIM services that enterprises can deploy for content security, theme control, and jailbreak detection. Fencing is optimized for agent AI deployments, not just individual LLMs.

“It’s not just about protecting the model anymore,” Kari Briskey, Nvidia’s vice president of enterprise AI models, software and services, said in a press briefing. “It’s about the fence and the overall system.”

What the new NeMo Guardrails bring to enterprise Agentic AI

Using Agentic AI it is expected to be the dominant trend in 2025.

While agent-based AI has many benefits, it also brings new challenges, including security, data privacy, and governance requirements that can create significant barriers to deployment.

The three new NeMo Guardrails NIMs are designed to help solve some of these problems. They include:

• Content Safety NIM: Trained on the Nvidia Aegis content safety database of 35,000 annotated samples, this service blocks harmful, toxic, and unethical content.
• Topic Control NIM: Helps ensure AI interactions stay within pre-defined topic boundaries, preventing conversational drift and unauthorized information disclosure.
• NIM Jailbreak Detection: Helps prevent security bypasses with smart hacks, using training data from 17,000 known successful jailbreaks.

The complexity of protecting AI agent systems

The complexity of protecting agent-based artificial intelligence systems is significant, as they may include multiple interconnected agents and models.

Briskey provided an example scenario of a retail customer service agent. Consider an individual interacting with at least three agents: an LLM Intelligence, a Search Advanced Agent (RAG), and a Customer Service Assistant. All are required to enable a live agent.

“There are many different LLMs or interactions that can be created depending on the interaction with the user, and you have to fence each one off,” Briskey said.

Despite the complexity, she noted that NeMo Guardrails NIM’s primary goal is to make it easier for businesses. As part of today’s release, Nvidia also provides blueprints to demonstrate how different NIM fences can be deployed for different scenarios, including customer service and retail.

How Nvidia’s fences affect agent AI performance

Another major concern for enterprises deploying agent AI is productivity.

Briskey said that when businesses deploy agent-based AI, there can be concerns about the delay of adding fences.

“I think when people first tried to add fences in the past, they applied larger LLMs to try the fence,” she explained.

The latest NeMo Guardrail NIMs have been tuned and optimized to eliminate latency issues. Nvidia’s first testing shows that organizations can get 50% better protection with fences that add about half a second of latency.

“This is very important when deploying agents because as we know it’s not just one agent, there are multiple agents that can be in an agent system,” Briskey said.

NVIDIA NeMo Guardrails NIMs for Agent AI are available under the Nvidia AI Enterprise License, which currently costs $4,500 per GPU per year. Developers can try them out for free under an open source license, as well as on build.nvidia.com.