Using NIM Guardrails To Keep Agentic AI From Jumping To Wrong Conclusions

AI agents are the latest evolution in the relatively short life span of generative AI, and while some organizations are still trying to figure out how the emerging technology fits in their operations, others are making strides into agentic AI.

LangChain, the company behind the popular AI software framework of the same name and the LangGraph orchestration tool, found in a survey of more than 1,300 companies that 78.1 percent of those polled plan to develop their own agent and put it into production and 51.1 percent already have an agent of some kind (likely from a third party like Google, Microsoft, Salesforce, or others) in production.

Nvidia, the accelerated computing giant whose name is becoming synonymous with AI, is also seeing rapid adoption of AI agents among organizations using its technologies, with one in ten already using AI agents and more than 80 percent planning to adopt agentic AI within the next three years, according to Kari Briski, Nvidia’s vice president AI software product management.

Agents are AI systems that use large language models to solve complex problems through planning and reasoning, interacting with their environments, collecting data, and working together, all without human intervention. The enterprise benefits are vast, from completing tasks and reducing costs to improving efficiency and collecting and analyze huge amounts of data.

However, as with most aspects of IT both inside and outside of the rapidly expanding AI bubble, such promised benefits and advancements can easily go by the wayside if critical topics like security, trust, and compliance are not paid heed – if in the rush to embrace AI agent they are allowed to go off the rails, so to speak.

It puts into play that familiar pull-and-tug when developing technologies, including AI models: How to incorporate security and safety without putting the brakes on performance.

The apparent rapid adoption of AI agents “means that you don’t build agents just for accuracy or for tasks, but you also must evaluate AI agents for security, data privacy, and governance requirements, and that can be a major barrier to deployment,” Nvidia’s Barski told journalists during presentation this week. “Also, with enterprises going beyond this experimentation phase and into deployment and production, agents must also be performant. They need to respond quickly and utilize infrastructure efficiently.”

The key, she said, “is we need to keep AI agents on track while also making sure that they’re fast and responsive to interact with other AI agents and also end users.”

All major AI players are developing guardrails for AI workloads, applications, and models to ensure they’re protected from cyberthreats, comply with regulations and policies, protect data, and don’t spit out harmful or offensive content. For Nvidia, those are NeMo Guardrails, a portfolio of software tools for integrating them into LLM-based application. Within that are NIM microservices for AI guardrails.

“Guardrails help maintain a credibility and reliability of AI operations by enforcing AI specifications for models, agents, and actually systems,” she said. “In other words, it helps keep AI agents on track. It does this by making it easy to apply multiple specialized rails.”

Rails are guidelines or rules that can be customized based on business and use case requirements. They do this while also maintaining low latency for faster response times.

Nvidia this week is introducing three new NIM microservices for AI guardrails aimed at ensuring content safety, keeping conversation topics on track, and detecting attempts at jailbreaking, a technique used by hackers to bypass content filters by using malicious inputs in the model.

The content safety NIM, trained on Nvidia’s Aegis dataset, blocks harmful content, while the topic control microservice keeps the interaction between the user and AI agent focused within predefined boundaries.

“We all have that friend, that chatty friend, that tends to not only diverge from the topic but also will divulge some information that they really shouldn’t have,” Barski said. “Topic control keeps agents on track throughout the conversations and interactions.”

The jailbreak NIM was trained on 17,000 hours of known and successful jailbreak hacks and built using Nvidia’s Garak tool, an open source framework for scanning for security vulnerabilities in LLMs. (Yes, we know garak is not capitalized in the project, but we have proper nouns for a reason and we are licensed English majors that can and will enforce the rules of grammar. As best we can under the circumstances, of course. . . . <Smile>)

Such microservices are becoming important in the age of agentic AI, she said, adding that “one size really does not fit all. There are policies and requirements that vary across use cases, brands, company guidelines, or even different regulatory requirements based on industry and geography.” Agents also are changing the role of guardrails, moving them beyond security, safety, and compliance and making them fit within the system as a whole.

“It’s not just about guardrailing a model anymore,” Barski said. “It’s about guardrailing a total system. As enterprises are deploying, it’s about latency as well – the latency of the total system – by adding these guardrails. As people were initially trying to add guardrails in the past, they were applying larger LLMs to try to guardrail another language model, like an LLM as a judge. What we’ve done with guardrails is we’ve made sure that we’ve explored all different types of model sizes and model effectiveness so the NIMs that we’re announcing today are really about the latency. They’re now part of the NeMo Guardrails platform.”

The NIMs are available under the Nvidia AI Enterprise License, which is $4,500 per GPU per year, though companies can test and evaluate them for free.

Sign up to our Newsletter

Featuring highlights, analysis, and stories from the week directly from us to your inbox with nothing in between.
Subscribe now

1 Comment

  1. > “(Yes, we known garak is not capitalized in the project, but we have proper nouns for a reason and we are licensed English majors that can and will enforce the rules of grammar)”

    As a prof, … Prescriptivism will never win! Using glyphs to propagate an aesthetic is legit language use too! 🙂

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.