20 questions for the Agentic Enterprise (and how Agent Platform can help) Google launched the Gemini Enterprise Agent Platform to help IT leaders build, scale, and govern AI agents. The platform addresses challenges like tool fragmentation, data security, and cost management by providing a unified environment for no-code, low-code, and high-code developers. Google also released 20 essential questions and code examples to guide engineering teams in agent deployment. If you’re an IT leader, you might be getting a lot of questions about how to build and deploy agents. The pressure to move fast is intense, but the engineering reality is incredibly complex. Where do your teams even begin? How do you untangle a fragmented mess of disconnected tools? And as things grow, how do you ensure your agents don’t accidentally leak sensitive data, or burn through your token budget in an afternoon? It’s a lot to balance, and trying to establish a secure foundation for an entire organization can quickly feel overwhelming. That’s why we built Gemini Enterprise Agent Platform https://cloud.google.com/blog/products/ai-machine-learning/introducing-gemini-enterprise-agent-platform?e=0 . It gives your technical teams a unified destination to build, scale, govern, and optimize both customer-facing agents and the ones managing your internal operations. Agent Platform handles the underlying complexity so your teams can focus on driving actual business value. To help you navigate these conversations, we gathered 20 essential questions to ask your engineering teams, along with some practical advice and code examples to get you going. Let’s dive in. 0 Who is building the application? Before choosing a tool, look at who on your team is actually doing the work. Is it your engineer? Your legal team? Building with AI is no longer exclusive to high-code engineers. Anyone can The ecosystem now spans a spectrum of personas: no-code business experts defining logic via visual interfaces think: your business teams, sales, and marketing , low-code developers assembling modular parts, and high-code engineers creating bespoke, custom reasoning loops. Successful adoption means choosing a platform that empowers all three personas without siloing your data or security. 1 Where should my developers start? When setting up an agentic strategy, it's easy to focus exclusively on the end product, like the agents that will handle customer support or financial analysis. But to build those sophisticated agents, you have to start by empowering the builders who write their underlying logic. Your developers need their own specialized AI tools, like coding agents, to accelerate code generation, scaffolding, and integration. However, most coding agents are isolated. They can only analyze the immediate file they are working on, with no connection to your live databases, internal documentation, tech stack, or business systems. To keep your devs moving quickly without sacrificing governance, we recommend using Google Antigravity https://codelabs.developers.google.com/getting-started-google-antigravity 0 as your primary engineering harness, and then integrating specific extensions based on what that team is building. Here’s a helpful breakdown: For core application engineers: Use the upgraded Agent Development Kit ADK https://adk.dev/tutorials/coding-with-ai/ as your baseline framework, paired with Agents CLI https://google.github.io/agents-cli/guide/getting-started/ to handle the entire agent lifecycle from the terminal. For data engineers: Plug in the Google Cloud Data Agent Kit, https://github.com/gemini-cli-extensions/data-agent-kit-starter-pack which provides dedicated skills and Model Context Protocol MCP tools tailored for data pipelines. For Google Cloud ecosystems: Deploy Agent Skills https://github.com/google/skills to give your coding environment native capabilities across Google products. For integrated IDE experiences: Connect the Developer Knowledge Base https://developers.google.com/knowledge/mcp via MCP to stream official documentation directly into your teams' workflows. 2 Who are we building for? Humans, or other agents? Like 1, this might sound like a straightforward question, but you'll want to decide early on if you're building an AI agent for your employees to talk to directly, or if it's meant to coordinate with other agents behind the scenes. Your design requirements will look completely different depending on who — or what — is interacting with the system, so keeping everything under your team's control starts with knowing exactly who you're building for. If your answer is humans building for employees or customers , focus on user experience. You can host and share these tools in a single place like the Gemini Enterprise app https://cloud.google.com/gemini-enterprise?e=48754805 , or use the If your answer is agents and you’re building agents meant to talk to other agents , focus on interoperability. By adopting the open Agent2Agent A2A protocol, an open standard for seamless communication and collaboration between AI agents, your agents can use standardized metadata to discover each other, pass context, and securely delegate background work across completely different enterprise frameworks. See question 14 for more on user and agent identity. 3 Which agent development tool should I use? With so many frameworks available, it’s easy for engineering teams to default to fragmented, homegrown setups. To simplify this, Rung 1: Agent Studio low-code : A visual workspace inside Agent Platform for rapid prototyping and business teams. Build an agent with Agent Studio here http://console.cloud.google.com/agent-platform/studio/multimodal . Rung 2: Managed Agents API Agent-as-a-Service : For technical teams who want to define agent behavior via API and let Google handle the infrastructure inside a secure sandbox. Build a custom agent with Managed Agents API here https://ai.google.dev/gemini-api/docs/agents . Rung 3: Antigravity 2.0: A dedicated workspace for developers leveraging AI for advanced coding tasks and engineering pipelines. Build with Antigravity here https://codelabs.developers.google.com/getting-started-google-antigravity 0 . Rung 4: Agent Development Kit ADK 2.0 : An engineering-first, code-first framework for software engineers building highly custom, multi-agent networks from scratch. Build a sample agent with ADK here https://adk.dev/tutorials/multi-tool-agent/ . 4 Should I start with one agent or many, and how do I specialize them? Always advocate for your teams to start with a single, highly specialized agent for initial prototyping. If an agent tries to do everything, a few things might happen: accuracy drops, latency spikes, and debugging becomes a nightmare. To avoid this, write tight instructions and limit the tools it can access. As your workflows grow more complex – or if you hit model context limits – have your engineers graduate to a multi-agent system https://cloud.google.com/blog/topics/developers-practitioners/building-collaborative-ai-a-developers-guide-to-multi-agent-systems-with-adk?e=48754805 . At its core, a multi-agent system is a collection of individual, autonomous agents that collaborate to achieve a goal. Using a framework like ADK, they can organize agents into a network of sub-agents where a coordinator delegates specific tasks to specialized team members, maintaining clear organizational logic. Example: Build a sample multi-agent solution with ADK here https://adk.dev/tutorials/agent-team/ . 5 How do we connect enterprise data and maintain the right business context? Your agents need access to the right data to be truly useful. This is where “ While there are several ways to accomplish this, the emerging practice is using open standards like Model Context Protocol MCP to connect your agents directly to live databases and business apps. However, simply establishing connectivity isn’t enough. To help your agents work accurately and avoid hallucinations, you must also organize this data with clear business context, metadata, and logic. This structured approach ensures your agents don’t just pull raw information, but actually interpret it correctly to and make better decisions across your organization Example: Build a sample multi-agent solution with ADK and MCP Toolbox https://adk.dev/integrations/mcp-toolbox-for-databases/ Managed Server . 6 How do we connect agents built on completely different frameworks? In a large organization, different teams will naturally build agents using the tools that best fit their specific needs, whether that's LangGraph, a homegrown framework, or something else entirely. However, if these systems can’t communicate, you end up with isolated data and workflow silos. Establishing a universal communication standard allows agents developed on completely different platforms or frameworks to exchange intents, state, and results without specialized integration work. For cross-framework connectivity e.g., connecting a LangGraph-based HR agent to an ADK-based CRM agent , you can implement the A2A protocol. This allows a microservices-style communication pattern https://www.youtube.com/watch?v=0J fz6RlqVg&list=PLIivdWyY5sqKGeYWUYi1lDJPl77xk kOa across multiple distinct agents, ensuring they can securely talk to each other. Example: Build a sample multi-agent solution with ADK and A2A https://adk.dev/a2a/quickstart-exposing/ . 7 How do we help agents find the specific tools they need? Stuffing an agent's context window with multiple tools and APIs degrades performance, increases latency, and drives up token costs. Just as we use RAG to dynamically fetch data on demand, we must apply the same dynamic retrieval strategy to agent tooling. By utilizing focused agentic Skills, agents load capabilities only when a task requires them. Instead of parsing a massive library of generic instructions, the agent pulls from a single, task-specific index card—ensuring precise, tightly controlled execution. Example: Build a multi-agent orchestration pattern with ADK and Skills https://adk.dev/skills/ 8 How do we deploy our agents so they can easily scale? This is the million-dollar question — or, perhaps more accurately, the "tokens-per-minute" question. The key isn't just about choosing the cheapest option, but about finding the right recipe of tools and services that aligns with your workload patterns. To scale your agents without racking up massive infrastructure overhead, your teams should deploy agents within a fully managed, serverless execution environment. Agent Runtime https://docs.cloud.google.com/gemini-enterprise-agent-platform/build/runtime is a set of services that enables developers to deploy, manage, and scale AI agents in production. Agent Runtime handles the infrastructure to scale agents in production so you can focus on creating applications. A production-ready runtime must offer elastic auto-scaling to handle sudden usage spikes, containerized flexibility to bundle custom software dependencies, and native support for bidirectional streaming to ensure low-latency, real-time interactions. The architecture must also integrate built-in private networking interfaces to securely connect to internal enterprise data without public internet exposure. Example: Build a multi-agent orchestration pattern with Agent Runtime https://docs.cloud.google.com/gemini-enterprise-agent-platform/build/runtime 9 What if our agents lose track of context during long-running tasks? To help your AI agents work more effectively, you can give them both short-term and long-term memory. This means using real-time session state to keep immediate conversations going, and a long-term storage layer to remember user preferences and past interactions — all while keeping your agents safely under your team's control. Agent Platform handles this across two layers. In ADK, a sessionService handles the immediate steps of a multi-stage task, while Agent Memory Bank acts as a persistent, long-term storage layer to recall past user preferences and project outcomes over time. Example: Build a multi-agent orchestration pattern with Agent Memory Bank https://adk.dev/sessions/memory/ and ADK memory https://adk.dev/sessions/session/ 10 How do we limit the blast radius for an agent running scripts or using a browser? If your agents need to run Python, execute scripts, or browse the web to gather data, they shouldn’t do it directly on your network. Running these tasks in a temporary, isolated sandbox environment makes it easy to isolate any untrusted code or runtime logic errors, keeping them completely separate from your core enterprise systems. Plus, using our agent runtime with a built-in sandbox helps protect your primary infrastructure and lets your agents safely execute tool calls under your team's full control. Example: Build a multi-agent orchestration pattern with Agent Sandbox https://docs.cloud.google.com/gemini-enterprise-agent-platform/scale/sandbox/code-execution-overview 11 How do I ensure my agent stays on-brand? An agent represents your corporate identity. While defining system prompts with clear constraints is a starting point, relying on prompts alone is insufficient and risky for production security. You need a mandatory safety layer that enforces core corporate rules and tone constraints, making sure the agent remains bounded regardless of the model's inherent probabilistic nature. Guardrails turn an unpredictable LLM into a safe enterprise system by allowing the agent to have the flexibility to make autonomous decisions, while keeping it incapable of violating core safety rules. Because these boundaries are implemented as deterministic constraints outside of the agent’s reasoning, they cannot be bypassed. Complementing this safety layer, structured workflows drive even greater predictability by breaking complex tasks into deterministic, step-by-step pipelines that use code-level routing, conditional logic, and state management to guide the agent through repeatable paths. Example: Build a multi-agent orchestration pattern with Guardrails agent https://adk.dev/safety/ callbacks-and-plugins-for-security-guardrails . See also ADK Workflows https://adk.dev/workflows/ 12 How do we trust the result? Trust is earned through evidence gathered from rigorous testing and ongoing evaluations across the agent’s entire lifecycle. It’s not an automatic given, but rather a result of your method. At scale, evaluation is automated using a mix of metrics, human-in-the-loop oversight, and LLM-as-a-judge patterns. By using a more capable model or a specialized self-evaluation agent to audit the primary agent’s output before it reaches the end-user, you can systematically catch inaccuracies and protect the user experience. Example: Build a multi-agent orchestration pattern with LLM-as-a Judge https://github.com/google/adk-samples/tree/1757c02ae77c5f1e10d1eb3e1b5f4a4ed0d5e337/python/agents/safety-plugins gemini-as-a-judge-plugin and Self Evaluation https://google.github.io/agents-cli/guide/evaluation/ agent built in 13 How do I control costs that are going overboard? High-performance reasoning is powerful, but it isn’t cheap. To optimize your spend, try using a tiered approach: employ For high-volume production, switch to Provisioned Throughput https://cloud.google.com/blog/products/ai-machine-learning/provisioned-throughput-on-vertex-ai?e=48754805?utm source%3Dtwitter?utm source%3Dtwitter?utm source%3Dlinkedin PT . Think of it like booking dedicated capacity for your steady, predictable everyday traffic, while unexpected spikes safely overflow into standard pay-as-you-go billing. You can further protect your budget by trimming context windows with precision RAG, utilizing context caching, setting hard stops on agent iterations, and transitioning predictable parts of the agent workflow into deterministic code where feasible. Example: Build with cost control https://docs.cloud.google.com/architecture/framework/perspectives/ai-ml/cost-optimization in mind and KPIs https://cloud.google.com/transform/the-kpis-that-actually-matter-for-production-ai-agents?e=48754805 that matter 14 How do I align an agent’s data access to match that of its human user? Aligning an agent’s data access starts with establishing a secure For many employee-facing workflows, leveraging delegated authority is the most secure approach. The agent automatically inherits and respects the existing permissions of the employee interacting with it. This guarantees that the agent cannot access data it isn't explicitly authorized to see, eliminating the need to rebuild complex permission structures from scratch while maintaining a clean audit trail. Example: Build with Agent Identity https://docs.cloud.google.com/gemini-enterprise-agent-platform/scale/runtime/agent-identity 15 How do I manage shadow AI and agent sprawl? Example: Build with Agent Registry https://adk.dev/integrations/agent-registry/ 16 How do I define how users, agents, data, and tools are allowed to interact? Scaling enterprise automation safely requires a dual-layered policy architecture. First, apply Example: Build with Policies https://docs.cloud.google.com/gemini-enterprise-agent-platform/govern/policies/overview 17 How do I enforce those policies and gain visibility into agent activity? Policies are meaningless without runtime enforcement and a clear audit trail. To achieve this, you need to route all agent traffic through an Example: Build with Agent Gateway https://docs.cloud.google.com/gemini-enterprise-agent-platform/govern/gateways/agent-gateway-overview 18 How do I protect prompts and responses against data leakage, prompt injections, and offensive content? When integrated with Agent Platform, Model Armor intercepts prompts before they reach Gemini models, and intercepts responses before your application receives them. Based on your configuration, Agent Platform calls the Model Armor service, which inspects or blocks traffic that violates your defined policies — enforcing security measures like prompt injection and jailbreak detection, responsible AI filters, and sensitive data protection. You can configure this integration either by using floor settings for project-level protection or by using templates for per-request protection. Example: Build with Model Armor https://docs.cloud.google.com/model-armor/model-armor-vertex-integration 19 How do I know if something has gone wrong with one of my agents? To protect your systems, you need to look for behavioral anomalies by auditing your agent's decision-making loop in real time. Running this continuous behavioral audit alongside threat detection ensures you instantly catch whenever a compromised agent attempts a high-risk, uncharacteristic action. This is where Agent Platform Threat Detection part of Security Command Center comes in. If an agent attempts unauthorized database commands or connects to unverified external network addresses, the system flags the event in near-real time for rapid isolation — keeping your automated workforce safely under control. Example: Build with Threat Detection https://docs.cloud.google.com/security-command-center/docs/agent-platform-threat-detection-overview and Agent Anomaly Detection https://docs.cloud.google.com/security-command-center/docs/concepts-security-sources anomaly detection 20 How can I manage the complete agent lifecycle in one place? Nobody wants to click through five different cloud consoles just to push an update or run a test. With Agent Platform, you can simply give your coding agents the specific skills and commands needed to build, scale, govern, and optimize production-ready agents. We recommend using the Agents CLI https://github.com/google/agents-cli in Agent Platform as the central command tool for your development teams. It acts as a direct bridge between local terminal work and live production management, making it much easier for developers to transition from testing to a live launch. It also allows your teams to version-control agent configurations, run automated evaluations, and seamlessly push updates through your existing CI/CD pipelines. Because the underlying tools and skills are built and rigorously tested by Google's experts, your team can deploy with confidence without having to reinvent the wheel or break their day-to-day coding workflows. Example: Build with Agents CLI here https://github.com/google/agents-cli By tackling these 20 questions early, you can build agents that actually do real work for your business — without keeping your security and operations teams up at night. Get started with Gemini Enterprise Agent Platform here https://console.cloud.google.com/agent-platform/overview .