AI, MilGov

Why Traditional Networking Fails in the Era of Agentic AI

Philip Griffiths
NetFoundry | Philip Griffiths

Philip Griffiths

Head of Strategic Sales

Key Takeaways

  • Traditional networking works on a “connect first, verify later” model.
  • Reachable systems are inherently discoverable and attackable.
  • AI dramatically compresses exploit timelines.
  • Agentic AI systems operate across multiple trust domains.
  • Identity-first reachability reduces ambient discoverability.
  • Zero Trust is incomplete unless reachability is governed by identity.

Today’s Networking Verifies Too Late

My recent talk at the 4th Annual DoW Zero Trust Learning Exchange had a simple but important premise: traditional networking still assumes you connect first and verify later. For Zero Trust, and especially for agentic AI, that is the (dangerously) wrong order.

In typical enterprise networking, Layer 3 and 4 connectivity are established before identity or policy evaluation occurs, at the application layer. This “connect first, verify later” mentality means that if a system is routable, it is discoverable, probeable, and attackable.

This architecture creates growing risk in environments shaped by AI-driven attack automation. Exploit windows that once lasted months or years are shrinking to days or hours as AI reduces the time and cost required to discover vulnerabilities, generate exploits, and verify attacks. This rapid compression of exploitation timelines outpaces traditional patch and approval cycles.

Agentic AI Expands the Attack Surface

This problem is compounded by the rise of Agentic AI. Unlike traditional applications that operate inside a single trust boundary, AI agents routinely traverse multiple environments, including cloud platforms, edge systems, enclaves, partner networks, and external tools. Each cross-domain interaction multiplies operational complexity and expands the attack surface.

Solution: Eliminate Discoverability

The solution is not to wrap every flow in complex firewall tickets and exceptions, which only slows mission tempo. Instead, the architectural goal must be to eliminate ambient discoverability.

Organizations need an identity-first model where authentication and authorization happen before a connection is ever established. Zero Trust is fundamentally incomplete until reachability itself is governed by identity.

Learn More

I discussed this topic at the 4th Annual DoW Zero Trust Learning Exchange hosted in collaboration with ATARC, DAU, and the Cloud Security Alliance.

You can watch the entire presentation on-demand or download the deck to explore the layers of autonomy governance and learn how your organization can ensure that every cross-domain connection is fundamentally governed by explicit service policies.

Let’s connect if you’d like to learn more.

Get the latest NetFoundry 
News & Insights
netfoundry is network infrastructures winner in the open source zero trust category
AI
Securing Connectivity for an AI-Driven World
Read More
This is why we started updating and now have released the CSA Software-Defined Perimeter (SDP) Architecture Guide v3.0
AI
Deep Dive into the Software-Defined Perimeter (SDP) Guide v3
Read More
Meet Our Authors
NetFoundry | Galeal Zino
Galeal Zino
NetFoundry | David Hart
David Hart
NetFoundry | Michael Pearl
Michael Pearl
NetFoundry | Siobhán Deery
Siobhán Deery
NetFoundry | Robert Caamano
Robert Caamano
NetFoundry | Mike Gorman
Mike Gorman
NetFoundry | Priyanka Bajaj
Priyanka Bajaj
NetFoundry | Philip Griffiths
Philip Griffiths
headshot clint dovholuk
Clint Dovholuk
NetFoundry | Surendran Naidu
Surendran Naidu
NetFoundry | Tod Burtchell
Tod Burtchell
NetFoundry | Mike Guthrie
Mike Guthrie
NetFoundry | Ganesh Palaniappan
Ganesh Palaniappan
NetFoundry | Secure by Design
Products
Solutions
Industries
Secure by Role
Why NetFoundry