Nvidia intros new guardrail microservices for agentic AI

Nvidia today added new Nvidia inference microservices (NIMs) for AI guardrails to its Nvidia NeMo Guardrails software tools. The new microservices aim to help enterprises improve accuracy, security, and control of agentic AI applications, addressing a key reservation IT leaders have about adopting the technology.

“One-in-ten organizations are already using AI agents today, and more than 80% plan to adopt AI agents within the next three years,” Kari Briski, vice president of enterprise AI models, software, and services at Nvidia, said in a press conference Wednesday. “This means that you don’t just build agents for accuracy of the task, but you must also evaluate AI agents to meet security, data privacy, and governance requirements, and that can be a major barrier to deployment.”

Briski explained that beyond trust, safety, security, and compliance, successfully deploying AI agents in production requires they be performant. They must stay on track while remaining fast and responsive in their interactions with end users and other AI agents. To that end, Nvidia today introduced three new NIMs for NeMo Guardrails aimed at content safety, topic control, and jailbreak detection.

The content safety NIM is targeted at preventing AI from generating biased or harmful outputs, by ensuring that gen AI responses align with ethical standards. It was trained on Nvidia’s open-source Aegis Content Safety Data Set, which includes 35,000 human-annotated data samples flagged for AI safety. Aegis is used to teach AI how to moderate potentially harmful content generated by other AI models.

The topic control NIM keeps AI agents focused on approved topics, preventing them from digressing or veering into inappropriate content. It could, for example, prevent an AI agent from discussing a competitor’s product.

The jailbreak detection NIM helps maintain AI integrity in “adversarial scenarios” by protecting against “jailbreak” attempts that seek to intentionally bypass an agentic AI’s safeguards. It was built on Nvidia Garak, an open-source toolkit for vulnerability scanning trained on a dataset of 17,000 known jailbreaks.

Better governance with guardrails

NeMo Guardrails is part of the NeMo platform, a scalable platform for defining, orchestrating, and enforcing policies on AI agents and other gen AI application models.

“Guardrails help maintain the credibility and the reliability of AI operations by enforcing specifications for AI models, agents, and systems,” Briski said. “It helps keep AI agents on track.”

For example, the new microservices could help a car manufacturer create an AI agent for vehicle operations that could assist users with climate control, seat adjustment, infotainment, navigation, and so on. The manufacturer could use the microservices to specify disallowed topics, such as other car brands or providing endorsements or opinions.

NeMo Guardrails leverage small language models (SLMs) with lower latency than LLMs, meaning they can run efficiently in resource-constrained or distributed environments. Briski noted they’re ideal for scaling AI applications in industries such as healthcare, automotive, and manufacturing. Some CIOs are already turning to SLMs for purpose-built solutions and as alternatives to more generic large language models (LLMs).

While it’s possible to use NeMo Guardrails in default configurations, Briski said their real power lies in customizing and extending rails.

“Using multiple customizable rails is important because one size really does not fit all,” she said. “There are policies and requirements that vary across use cases, brands, company guidelines, or even different regulatory requirements based on industry and geography. Developers want to be able to choose the right rails for their specific needs and the varying requirements across agentic AI systems.”

The IT department will now be the “HR of agents,” Briski said, suggesting that this where the new microservices shine, allowing developers to apply multiple lightweight, specialized models as guardrails to cover gaps that may occur when only more general global policies and protections exist.

The new microservices, as well as NeMo Guardrails for rail orchestration and the Nvidia Garak toolkit, are all now available for developers and enterprises.