← How It Works

Inference Gateway

A routing layer between your agents and multiple model providers. One API, many models — with fallbacks, cost controls, and unified observability.

Your Infrastructure
Gateway Layer
Model Providers
Security Concern

Gateway Options

Managed Gateway

OpenRouter, Portkey, Helicone

  • Hosted service — no infrastructure to manage
  • Pre-configured provider connections
  • Built-in usage dashboards and cost tracking
  • Your data transits through the gateway provider
Trade-off: convenience vs. data passing through a third party

Self-Hosted Gateway

LiteLLM, AI Gateway (Cloudflare)

  • Runs on your infrastructure — you control the proxy
  • Data only leaves your network to reach model providers
  • Full control over routing logic, retries, and caching
  • You manage uptime, scaling, and configuration
Trade-off: more control, more operational responsibility

Security Surface

The gateway adds a routing layer between your agents and model providers. This creates both new security opportunities (centralised controls) and new risks (single point of failure).

HIGH

Key Aggregation Risk

The gateway holds API keys for every connected provider. A single breach exposes all your model provider accounts simultaneously — Anthropic, OpenAI, Google, and any others.

Mitigation: Encrypted key storage, secret manager integration, per-key rotation schedules, key access audit logging, network isolation for the gateway.
HIGH

Gateway Compromise

If the gateway is compromised, an attacker can intercept every prompt and response flowing through the system. They see all data, can modify requests, and can redirect traffic to malicious endpoints.

Mitigation: mTLS between agents and gateway, integrity monitoring, minimal attack surface (no unnecessary services), container isolation, regular security audits.
MEDIUM

Managed Gateway Data Exposure

When using a managed gateway (OpenRouter, Portkey), your prompts and responses transit through their infrastructure. You're trusting an additional third party beyond the model provider itself.

Mitigation: Self-host the gateway (LiteLLM), or verify managed provider's data handling policies, SOC 2 compliance, and zero-retention guarantees.
MEDIUM

Routing Manipulation

If routing rules are misconfigured or tampered with, requests intended for a secure provider could be silently redirected to a less secure one — or to a malicious endpoint entirely.

Mitigation: Routing config in version control, change detection alerts, provider endpoint allowlisting, configuration integrity checks.
MEDIUM

Logging & Caching Sensitivity

Gateways often cache responses and log requests for debugging. This creates persistent copies of sensitive data in places you might not expect — cache stores, log files, debug endpoints.

Mitigation: Disable or encrypt request/response caching, log redaction policies, ephemeral logging, no PII in debug logs.
LOW

Single Point of Failure

Centralising all model access through one gateway creates an availability risk. If the gateway goes down, all AI functionality stops — even if every provider is healthy.

Mitigation: HA deployment (multiple instances), health checks, circuit breakers, direct-to-provider fallback for critical paths.

Why Use a Gateway?

Model Flexibility

Switch between Claude, GPT, Gemini, and open-source models without changing your agent code. Route by task type, cost, or capability.

Automatic Fallbacks

If one provider is down or rate-limited, automatically fall back to another. No more single-provider outages taking down your system.

Cost Control

Route cheap tasks to cheaper models and reserve frontier models for complex reasoning. Set spend limits, track per-team usage, and optimise costs centrally.

Unified Observability

One place to see all model usage, latency, error rates, and costs — regardless of which provider handles each request.

Need help choosing a gateway strategy?

I help design inference routing — managed vs. self-hosted, provider selection, security hardening, and cost optimisation.

Start a Conversation On-Premise → SaaS / API →