You'd reach for this when you need to lock down MCP access in production or multi-user environments. It sits between your AI clients and backend MCP servers, handling authentication, enforcing access policies, redacting sensitive data from requests and responses, and maintaining audit logs of all activity. Think of it as a reverse proxy specifically built for Model Context Protocol traffic. The security layer means you can expose internal tools and data sources through MCP without giving Claude or other AI systems unfettered access to everything. Useful when compliance, data governance, or basic access control matters more than running everything wide open in development mode.