Agentic Networks VPC-inspired network architecture for building secure, isolated multi-agent systems with granular communication controls.
Overview Traditional agent frameworks treat agents as isolated entities. AgentArea takes a different approach: agentic networks where agents can communicate, collaborate, and coordinate within controlled network boundaries.
Core Concepts Workspaces Workspaces provide tenant-level isolation. Each workspace has:
Isolated data : Agents, tasks, MCP servers scoped to workspaceUser access : Workspace-specific user permissionsNetwork boundaries : Agents can only communicate within workspace
# All entities are workspace-scoped class Agent ( BaseModel , WorkspaceScopedMixin ): id : UUID name: str workspace_id: UUID # Required for isolation
Agent Networks Within a workspace, organize agents into logical networks:
Hierarchical Manager → Workers pattern for task distribution
Peer-to-Peer Collaborative agents with shared context
Pipeline Sequential processing chain
Mesh Full interconnection for complex workflows
Network Policies Communication Rules Control which agents can communicate:
network_policy : workspace_id : "ws-123" rules : # Allow researcher to send to writer - from : "researcher-agent" to : "writer-agent" action : allow channels : [ "tasks" , "messages" ] # Deny direct access to database agent - from : "researcher-agent" to : "database-agent" action : deny # Allow manager to communicate with all - from : "manager-agent" to : "*" action : allow
A2A Protocol Agents communicate via the Agent-to-Agent (A2A) protocol:
Message Structure
Agent Card
{ "jsonrpc" : "2.0" , "method" : "tasks/send" , "params" : { "id" : "task-123" , "message" : { "role" : "user" , "parts" : [{ "text" : "Analyze this data" }] } } }
{ "name" : "Data Analyst" , "description" : "Analyzes datasets and generates reports" , "capabilities" : { "streaming" : true , "push_notifications" : true }, "skills" : [ { "name" : "analyze" , "description" : "Analyze data" } ] }
Implementation Workspace Scoping All data is automatically scoped to workspaces:
# Repository pattern enforces workspace scoping class WorkspaceScopedRepository (Generic[T]): def __init__ ( self , session : AsyncSession, user_context : UserContext): self .session = session self .workspace_id = user_context.workspace_id async def list ( self ) -> list[T]: # Automatically filters by workspace return await self .session.execute( select( self .model).where( self .model.workspace_id == self .workspace_id ) )
User Context Every request carries user context for scoping:
@dataclass class UserContext : user_id: str workspace_id: str roles: list[ str ] | None = None
A2A Bridge The A2A bridge handles inter-agent communication:
# Internal routing class A2ABridge : async def route_message ( self , from_agent : str , to_agent : str , message : dict ): # Check network policy if not self .policy.is_allowed(from_agent, to_agent): raise CommunicationDeniedError() # Route to target agent await self .agent_manager.deliver(to_agent, message)
Best Practices Network Design
Security Considerations Practice Why Deny by default Only allow necessary communication Audit all messages Compliance and debugging Rate limiting Prevent agent spam Workspace isolation Multi-tenant security
Next Steps