Akamai Guardicore Segmentation and NVIDIA DOCA bring real-time, Zero Trust enforcement to AI factory data, context memory, and agentic AI workloads, with NVIDIA Vera BlueField-4 STX
Securing AI factories has, until recently, required a compromise that most infrastructure teams quietly accepted: add security controls and accept the performance cost, or prioritize throughput and accept the exposure. Neither option was satisfying, and in environments where GPU cycles and storage bandwidth are measured against the economics of running frontier models, the performance argument usually won.
Akamai and NVIDIA are dismantling that trade-off. The two companies have announced an expansion of their security collaboration that brings Akamai Guardicore Segmentation directly onto the NVIDIA Vera BlueField-4 STX storage architecture, running through the NVIDIA DOCA software platform. The result is Zero Trust enforcement that operates inside the infrastructure fabric itself – applied in silicon, at line speed, without touching the GPU, CPU, or storage cycles that AI workloads depend on.
Why Host-Based Security Breaks Down in AI Factories
The problem with conventional security tooling in high-performance AI environments is structural. Host-based agents consume compute resources on the same systems running training pipelines and inference services. In a standard enterprise environment, that overhead is tolerable. In an AI factory where every clock cycle has a measurable cost, it is not.
Ofer Wolf, Senior Vice President of Enterprise Security at Akamai, put the issue plainly: “In environments where every clock cycle matters, traditional host-based security tools behave like a speed bump on a racetrack. By moving workload-aware segmentation onto NVIDIA Vera BlueField-4 STX and DOCA, we are enforcing Zero Trust at the speed of AI workloads themselves, helping organizations contain threats before they spread across high-performance environments.“
The architectural shift that makes this possible is moving enforcement off the host entirely. NVIDIA Vera BlueField-4 STX is a data processing unit that handles security functions in the data path, inside the infrastructure fabric, rather than on the systems being protected. Security policies are applied before traffic reaches the workload, at the speed of the network itself, without competing for the resources the AI system needs to function.
What the Combined Architecture Actually Does
The integration operates across four sequential layers, each building on the one before it.
Visibility comes first. Akamai Guardicore Segmentation continuously maps communication relationships across data centers, cloud environments, Kubernetes clusters, and edge systems using an agentless architecture. Training pipelines, inference services, data ingestion systems, and orchestration platforms are all observed without interference. The system builds a live picture of how workloads interact, which is the prerequisite for everything that follows.
Policy definition translates that visibility into explicit rules. Workload identity, application context, and runtime behavior determine what each component is permitted to communicate with, not static network addresses that shift as environments scale. A preprocessing node can reach a dataset and a training service, but nothing outside that defined scope. Research environments are separated from production inference. As pods scale and services evolve, the policy boundary holds.
Enforcement is where BlueField-4 silicon takes over. NVIDIA DOCA applies those policies in the data path at line speed, running segmentation, telemetry, anomaly detection, and isolation functions inside the infrastructure fabric. The host is uninvolved. GPU and storage cycles are unaffected.
Containment is the outcome when something goes wrong. A compromised workload is isolated to a small, identified segment of the environment. The rest of the AI factory continues running. The blast radius of a breach is bounded by infrastructure rather than managed reactively after the fact.
Kevin Deierling, Senior Vice President of Networking at NVIDIA, framed the underlying requirement: “Data is the foundation of agentic AI factories, powering the intelligence behind autonomous decision-making and making robust protection more critical than ever for enterprises. The Akamai Guardicore enterprise security platform and NVIDIA Vera BlueField-4 STX bring a Zero Trust layer directly into the infrastructure fabric, helping protect enterprise data by intelligently controlling how AI workloads communicate at scale.“
The Broader Context
This collaboration builds on an architecture agreement the two companies introduced in February, and it arrives as the security challenge in AI factory environments is becoming harder to defer. Frontier LLM-driven attacks are increasing in speed and sophistication, and the infrastructure running those models is simultaneously becoming more valuable as a target. AI factories hold training data, model weights, context memory, and the agent systems that increasingly automate consequential enterprise decisions – all of which represent attractive targets for adversaries who understand what is running inside them.
The conventional response to that threat profile has been to layer more security tooling onto existing infrastructure. What Akamai and NVIDIA are proposing instead is that security should be a property of the infrastructure itself – identity-based, workload-aware, and enforced at the point where data moves rather than monitored after the fact. For enterprises building out AI factory capacity at scale, that distinction is the difference between a security posture that degrades performance and one that simply holds.
Research and Intelligence Sources: Akamai, NVIDIA
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
