NVIDIA creates zero-trust cybersecurity platform
Share this content
Growing enterprises are faced with managing exponentially increasing numbers of users, data, devices and applications in their data centres. Along with that come heightened cybersecurity threats.
To help them stay ahead of ever more sophisticated threats, NVIDIA has announced a zero-trust cybersecurity platform with a suite of capabilities that allows the cybersecurity industry to build solutions that defend customer data centres in real time.
The zero-trust platform combines three technologies — NVIDIA BlueField DPUs, NVIDIA DOCA and the NVIDIA Morpheus cybersecurity AI framework. Doing so enables development partners to bring a new level of security to data centres — by isolating applications from infrastructure, by supercharging next-generation firewalls and by bringing the power of accelerated computing and deep learning to continuously monitor and detect threats — at speeds up to 600x faster than servers without NVIDIA acceleration.
“The rise of transformative innovations such as AI, 5G and smart devices has dramatically expanded traffic moving through the modern data centre, making it more difficult to identify potential breaches and attacks,” said Kevin Deierling, Senior Vice President of Networking at NVIDIA. “NVIDIA’s three-pillar zero-trust security platform allows developers to create fully secure environments that protect virtually every aspect of the cloud-native data centre, in real time.”
BlueField and DOCA 1.2
NVIDIA BlueField offloads the CPU burden of running security software and empowers developers using the new cybersecurity capabilities of NVIDIA DOCA 1.2 to build metered cloud services that control resource access, validate each application and user, isolate potentially compromised machines and help protect data from breaches and theft.
Other DOCA 1.2 advanced zero-trust features — available as libraries and containerised services –– include software and hardware authentication, hardware-accelerated line-rate data cryptography, support for distributed firewalls and smart telemetry, as well as policy enforcement, such as role-based access control and security isolation between microservices or tenants.
Morpheus: Accelerated cybersecurity AI on a massive scale
DOCA 1.2 complements NVIDIA Morpheus, a deep learning cybersecurity framework supercharged by accelerated computing. The latest release of NVIDIA Morpheus includes a new workflow that creates digital fingerprints using unsupervised learning to detect when cyber adversaries have taken over a user account or machine.
NVIDIA Morpheus is built on NVIDIA RAPIDS to speed data science pipelines and NVIDIA AI along with pretrained models that enable enterprises to simultaneously inspect all telemetry across their data centre fabric.
To recognise potential threats before they become disruptive, Morpheus monitors streaming telemetry from diverse sources, including the BlueField DPU and network traffic, application and cloud logs. It analyses deviations in subtle data centre characteristics generated by every user, machine and service — in real time — and then immediately alerts security operations teams of issues.
Partners build software-defined, hardware-accelerated applications
The DOCA 1.2 zero-trust security platform is the foundational software that powers the NVIDIA BlueField DPU, which offloads, accelerates and isolates data centre infrastructure tasks. Similar to NVIDIA CUDA enabling developers to build applications that take advantage of NVIDIA GPUs, DOCA lets developers build software-defined, hardware-accelerated networking, security, storage and management applications for BlueField DPUs.
Juniper Networks is among the first cybersecurity providers taking advantage of BlueField and DOCA.
“Zero-trust security should be a fundamental pillar of any security strategy. Introducing new ways to operationalise the technology will make it more pervasive across the industry,” said Raj Yavatkar, CTO of Juniper Networks. “Juniper has long advocated for open architectures to ensure customers have a choice. With DOCA, each individual organisation will be well aligned to meet their digital transformation needs. The application of such approaches will help customers better secure their cloud workloads and adopt zero-trust principles.”
BlueField DPUs are available soon in systems from ASUS, Atos, Cisco, Dell Technologies, GIGABYTE, H3C, Inspur, Lenovo, Nettrix, Quanta/QCT and Supermicro, with more than a dozen infrastructure partners lending their support, including Canonical, OVHcloud, Red Hat, UCloud, StackPath and VMware. More partners supporting BlueField include Aria Cybersecurity Solutions, Check Point Software, Cloudflare, DataDirect Networks (DDN), Excelero, F5, Fortinet, Guardicore, Juniper Networks, Nebulon, NetApp, Nutanix, VAST Data and WekaIO.