Agent Deployment Architecture

Run the reasoning inside your control boundary

Agentic automation adds a non-deterministic component to your systems: an agent that interprets its context and autonomously decides what to do. Where it runs determines who can see its actions, constrain its access, and audit its behavior.

An agent held inside a control boundary, reaching an external system through a single deterministic API call

The non-deterministic agent belongs inside your control boundary.

Keep the reasoning in-house. Let only deterministic APIs cross the boundary.

Two architectures

Where your agents should run

The difference is where the non-deterministic agent runs, and which direction crosses your control boundary.

Where your agents should run. The secure way: your NuDay agent runs inside your control boundary under one control plane, encrypted by default, and only a deterministic API call crosses out to external systems such as GitHub and Salesforce. The insecure way: a non-deterministic third-party agent runs in another company's cloud outside your visibility and reaches straight into your private repos, customer records, and business systems.

The architecture

The architectural choice every deployment makes

Every agentic deployment makes an architectural choice: does the reasoning happen inside your systems, or somewhere you cannot see. An agent is the non-deterministic part of your automation. It interprets whatever lands in its context and decides what to do next. Put that outside your purview, and you have uncontrolled automation. Keep it inside, and you get the same automation with the visibility, audit, and containment your systems and data need. A core tenet of AI sovereignty.

The risk

The limits of an outsourced agent

When an agent runs inside a third party's environment and reaches into your systems, the non-deterministic part of your automation sits outside your control. That leaves gaps no configuration on your side can close:

No visibility into its actions

The agent's reasoning and actions happen in an environment you do not operate, so you cannot see what it accessed or why it acted.

Standing, broad access

A hosted agent typically holds persistent, wide-ranging access to your systems rather than task-scoped, least-privilege access.

Unconstrained runtime behavior

An agent acts on whatever enters its context. Running outside your boundary, that input cannot be validated and the resulting action cannot be constrained.

No audit or remediation

Without a tamper-evident record of each action, an incident cannot be investigated, attributed, or rolled back.

The approach

Keep the non-deterministic component inside your boundary

NuDay runs your agents on infrastructure you control, on-prem or in your own cloud, under a single control plane. The reasoning, the memory, and the data stay inside your walls.

One control plane

Start, stop, modify, clone, and organize agents into governed working groups from a centralized plane.

Encrypted by default

Data the agents touch and store is encrypted, so the impact of an error is contained by design.

Least-privilege access

Agents operate with scoped, task-specific access bound to a verified identity, not standing credentials.

The boundary

Let only deterministic APIs cross the boundary

An API is deterministic and well defined. It has a contract, scoped permissions, authentication, rate limits, and audit logs, and it does exactly what it specifies. That makes it the right mechanism to cross a trust boundary. NuDay agents reach external systems such as GitHub, Salesforce, or any internal service through these deterministic endpoints, while the agent itself stays inside your control. Automation still runs end to end, with the non-deterministic component kept at home.

Deterministic by design

A defined contract and scope make an API call predictable, which is what you want crossing a trust boundary.

Fully automatable

Keeping the reasoning in-house preserves end-to-end automation with no loss of capability.

The outcome

What in-house deployment provides

The result is agentic automation your security, audit, and compliance teams can examine.

Visibility and audit

Every decision, tool call, and data access is traceable, so an incident is an investigation you can run.

A contained blast radius

Encryption and least-privilege access by default keep the impact of an error small and reversible.

Control and remediation

You can adjust the agent, revoke access, and roll back, then keep the dependent business systems running.

Deploy agents you control

Keep the reasoning in-house. Automate everything anyway.

Bring the workflows you want to automate. We will walk through how NuDay runs your agents under one control plane, encrypts what they touch, and lets only deterministic APIs cross your boundary.