Use Case · AI Agents

Secure agent access to internal resources

Autonomous agents now query databases, call internal APIs, and update your CRM, reaching private systems never meant to be public. Instead of broad credentials or open firewall ports, NetBird gives each agent its own network identity and lets it reach only what policy allows.

NetBird Control Center showing an Agents group with policy-based access to databases, a CRM, web servers, and the Anthropic API

One network for every internal resource

Agents connect over encrypted tunnels to the exact systems they need, and nothing else on the network is reachable.

Databases

Postgres, MySQL, Mongo, and managed cloud databases, reachable without public exposure.

Internal web servers & APIs

Private HTTP APIs, internal dashboards, and backend services.

CRMs & business apps

Self-hosted or private-network CRMs, ERPs, and line-of-business tools.

Staging & infrastructure

Staging environments, message queues, caches, and admin tooling.

How it works

01

Give the agent its own identity

Run the NetBird client alongside your agent, as a sidecar or on the same host. It joins your network as its own peer with its own identity, not a shared service account that everything reuses.

02

Scope it with policy

Put the agent in a group and write a policy: this agent reaches only the database and the CRM API. Everything else on the network isn't even routable to it.

03

Connect over encrypted tunnels

The agent reaches each resource through direct peer-to-peer WireGuard tunnels. Internal systems stay private with no public ingress, and traffic is encrypted end to end across cloud, on-prem, and hybrid.

04

Audit and revoke instantly

Every connection is logged with the agent's identity. Tighten a policy or pull the agent from its group and its access drops within seconds, containing a misbehaving or compromised agent on the spot.

Why it matters

Scoped to exactly what it needs

Access is default-deny: an agent can reach only the destinations its policy allows. No broad network access, no standing credentials waiting to be over-scoped or leaked.

Nothing exposed to the internet

Internal databases, APIs, and apps stay off the public network. Agents reach them through private tunnels, not open ports or forwarded firewalls.

Identity on every connection

Each agent carries its own identity, so access logs name the agent, not an anonymous shared account, for real attribution and forensics.

Instant containment

If an agent goes rogue or is compromised, remove it from its group and it's cut off from every resource at once, with no credential hunt.

Give your agents access to internal systems without opening a single port.

Get Started Free