Three Ways to Implement MCP Servers

Three Ways to Implement MCP Servers (and How to Choose the Right One)

You can build the smartest agent in the world and still fail in production for one reason: tool access. Todays enterprise landscape presents many challenges, including uncontrolled APIs, inconsistent permissions, brittle integrations, and almost zero governance. That’s why MCP servers are suddenly everywhere in serious agent conversations.

The takeaway is simple:

Agents are non-deterministic. They interpret intent, pick tools, and predict the next best action.
Production systems need determinism. Authentication, authorization, validation, rate limits, and stable output schemas.

That’s the gap MCP is designed to close.

What an MCP server actually is

At the protocol level, Model Context Protocol (MCP) is an open standard for connecting LLM applications to external tools and data sources. The “server” side exposes capabilities (tools/resources) through a standardized interface so clients (agents, IDEs, assistants) can discover and use them consistently.

In practical terms: An MCP server is an intermediary layer that safely exposes enterprise resources (data) and tools (actions) to agents in real time, validating requests, enforcing security policies, and executing approved actions on the underlying system.

This matters because “just let the agent call APIs” doesn’t scale. It turns into a sprawling set of one-off integrations you can’t confidently secure, audit, or reuse.

So the strategic question becomes:

What’s your MCP plan: CRM, ERP, data warehouse, internal apps?

There are three practical ways to implement.

Path 1: Pre-built MCP servers (fastest time-to-value)

What it is: You adopt an MCP server that’s already built and maintained—typically by a vendor, platform provider, or ecosystem community.

When this wins:

You need value quickly (days/weeks, not months).
Your use cases align with standard objects/actions (read/write common records, search, create ticket, fetch file, etc.).
You’re okay with the vendor’s supported auth models, rate limits, and payload shapes.

Practical guidance: Use pre-built MCPs as the default starting point, then tighten scope aggressively: expose only the minimum tool surface your agents require (least privilege).

Pros:

Speed: Stand up agent tool access quickly.
Lower engineering burden: Less custom code to maintain.
Pattern correctness: Good pre-builts usually include basic guardrails and schemas out of the box.

Cons:

Scope mismatch: Pre-builts often expose either too much (risk) or not enough (noisy UX).
Limited governance depth: You may still need stronger policy and audit controls as you scale.
Enterprise nuance: Your real process is never “just CRUD”—it’s approvals, validation rules, and exception handling.

Path 2: MCP via governance platforms (the “enterprise scale” option)

What it is: You implement MCP servers through (or alongside) a governed integration layer—think ETL/integration-style platforms, policy engines, API gateways, and observability tooling—so MCP isn’t just connectivity, it’s operational control.

When this wins:

You have multiple agents across teams and need consistent access patterns.
You need enterprise requirements: audit logs, approvals, throttling, centralized policy, environment separation, etc.
You want “build once, reuse everywhere” across agent ecosystems.

Pros:

Real governance: Central policy + access control + audit trails, not “hope-based security.”
Reusability: One MCP server can power multiple agents and use cases.
Operational maturity: Monitoring, incident response, and change management all become feasible.

Cons:

More moving parts: You’re introducing a platform layer, not just an adapter.
Org coordination required: Security, integration, and app teams must align on ownership and patterns.
You still need design: A governance platform doesn’t automatically give you good tool boundaries—someone must model the “right” tool surface.

Practical guidance: Treat MCP servers like productized infrastructure:

Publish versioned tools
Define “golden paths” for common workflows
Standardize response schemas
Instrument everything (latency, error rates, tool usage, cost)

This lane is often the correct answer once you have more than one serious agent in production.

Path 3: DIY MCP servers (maximum control, maximum responsibility)

What it is: You build your own MCP server(s) to match your exact systems, workflows, and security model—especially when your tools are highly specific, regulated, or require deep transformation.

When this wins:

Your tool needs are proprietary or complex (multi-step workflows, validations, approvals).
You need to normalize verbose enterprise outputs into agent-safe payloads.
You’re operating under strict compliance controls and need custom policy logic.

Practical guidance: DIY is worth it when you can clearly articulate:

Pros:

Perfect fit to your domain: Tools match real workflows, not generic endpoints.
Best safety posture (when done right): You can embed least-privilege, PII redaction, and consent gates by design.
Higher agent quality: You can return concise, context-efficient responses instead of overwhelming agents with raw API payloads.

Cons:

Build + maintain: You own uptime, auth flows, upgrades, and support.
Design complexity: You must define tools, schemas, error handling, and observability rigorously.
Governance still required: DIY doesn’t eliminate governance needs—it makes them your problem.

Practical guidance
DIY is worth it when you can clearly articulate:

The workflow you’re productizing (not endpoints), and
The policy boundary you must enforce (what’s allowed, by whom, and under what conditions).

If you can’t state those cleanly, you’ll build an expensive “API passthrough” that doesn’t improve safety or scale.

A simple decision framework

Use this fast rubric to choose your lane:

Choose Pre-built when…

One team, one agent, narrow scope
Standard system operations
Speed matters most

Choose a Governance platform when…

Multiple agents / multiple teams
You need central policy + audit + reuse
Your company cares about operational control (it should)

Choose DIY when…

You need custom workflows, transformations, or compliance controls
Pre-built tools don’t map to reality
You want MCP servers to become durable enterprise building blocks

Closing thought

Agents reason. MCPs execute. Keep the brain flexible and make the tools boring, governed, and reliable. If you would like more information on this topic, please contact us, and we would love to facilitate the discussion.

Still not clear on MCP servers? Tim Harting and Gavin Franklin break it down (with real examples) on Podcast 23.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Three Ways to Implement MCP Servers