Akamai has announced an expansion of its collaboration with NVIDIA to bring advanced security capabilities directly into AI factories. The proposal combines Akamai Guardicore Segmentation with NVIDIA Vera BlueField-4 STX storage architecture, supported by the NVIDIA DOCA software platform, aiming to implement Zero Trust controls within the infrastructure layer itself.
The announcement addresses one of the major emerging challenges in AI data centers: how to protect environments designed to move vast volumes of data, context memory, autonomous agents, and accelerated workloads without compromising performance. In an AI factory, every GPU, CPU, or storage cycle counts. That’s why traditional security tools, installed on the host system, can become obstacles if they consume resources or introduce latency.
The integration proposed by Akamai and NVIDIA seeks to change that model. Instead of placing all security measures on the servers running the models, it shifts some detection and policy enforcement to the programmable infrastructure, specifically to BlueField-4 and DOCA. The idea is that segmentation, telemetry, anomaly detection, and isolation of compromised loads operate in the data plane, at line rate, without competing for resources needed by AI models.
Why AI factories need different security
AI factories are not like traditional enterprise data centers. They are designed to train, tune, and run models, serve inference, feed agents, move massive datasets, and maintain context memory across services. In such environments, data is not just another resource; it is the raw material underpinning decisions, automation, and critical operations.
Akamai’s premise is clear: these environments are being built faster than they are being secured. The company warns that attacks driven by large language models can increase both the speed and scale of threats. In an infrastructure where autonomous agents can query systems, chain actions, and access sensitive data, uncontrolled lateral movement can have serious consequences.
The Zero Trust approach fits especially well here. Instead of assuming a load is trustworthy because it is inside the network, every communication must be justified by identity, context, and behavior. A preprocessing task may need access to a dataset and a training service but should not reach production environments or unrelated repositories. A research cluster can be isolated from inference services serving clients. A Kubernetes pod can scale without losing policy boundaries.
Maintaining this level of control with static rules based only on IP addresses is challenging. AI workloads change, move, scale, and integrate with services across data centers, cloud, Kubernetes, and edge. Akamai Guardicore Segmentation provides the intelligence layer that maps how applications, data, and workloads communicate in hybrid environments, while NVIDIA BlueField-4 STX and DOCA act as an application layer within the infrastructure fabric.
Intelligence first, enforcement second
The architecture outlined by Akamai functions in four steps. First is visibility. Guardicore Segmentation observes communication relationships among workloads across data centers, cloud, Kubernetes, and edge. This view includes training pipelines, inference services, data ingestion systems, and orchestration platforms.
Next comes policy. Instead of defining rigid rules based solely on network addresses, policies are based on workload identity, application context, and runtime behavior. This allows for boundaries better aligned with how AI applications actually operate.
The third step is enforcement. NVIDIA DOCA applies these policies within BlueField-4, directly in the data plane, at line rate. This means security functions are not run as an additional load on the host but are integrated into the infrastructure itself. For AI operators, this distinction is crucial: protection should not consume cycles from GPUs, CPUs, or storage systems that support critical loads.
The final step is containment. If a load becomes compromised, the goal is to limit its impact to a small, identified segment. The rest of the AI factory should continue to operate seamlessly. This is key because, in high-availability environments, shutting down large systems for security alerts is often not feasible. Security must isolate precisely and effectively.
Protection for agents, data, and context memory
The collaboration also signifies a shift in what needs to be protected. In traditional applications, focus is on users, servers, databases, and applications. In an AI factory, new assets appear: context memory, embeddings, training datasets, inference services, autonomous agents, connected tools, evaluation pipelines, and orchestration systems.
Securing these elements requires a more nuanced approach than traditional perimeter security. An agent may behave correctly one moment and deviate later if it receives malicious instructions, accesses unauthorized tools, or if a dependency is compromised. An inference service can be exploited to extract sensitive data. A training pipeline can be contaminated with manipulated data. Context memory can become a leak point if access is not properly controlled.
Workload-aware segmentation doesn’t solve all these issues but reduces the risk of uncontrolled propagation of incidents. If each workload can only communicate with the necessary services, an attacker has fewer avenues. And policies applied at the infrastructure layer can be maintained even when hosts are under strain or partially compromised.
| Layer | Role in Integration |
|---|---|
| Akamai Guardicore Segmentation | Maps communications, defines policies by identity and behavior, detects anomalies |
| NVIDIA Vera BlueField-4 STX | Provides security enforcement capabilities within programmable infrastructure |
| NVIDIA DOCA | Enables programming and enforcement of policies in the data plane |
| Zero Trust | Limits communication based on identity, context, and behavior |
| Containment | Reduces impact if a workload is compromised |
Availability and market readiness
The integration of Akamai Guardicore Segmentation with NVIDIA BlueField and DOCA is scheduled for the second half of 2026, targeting conscious segmentation of workloads in AI factories. The specific integration with NVIDIA Vera BlueField-4 STX is expected in storage and infrastructure platforms from partner vendors during the first half of 2027.
This aligns with NVIDIA’s broader goal of transforming AI infrastructure into a comprehensive system. It’s no longer just about GPUs, HBM memory, or fast networking, but about AI factories where computing, storage, power, cooling, security, and software are designed cohesively. Akamai aims to play a key role in that design: internal segmentation and security.
For businesses, the message is clear. Agent-based AI and large-scale inference environments cannot be protected with outdated approaches. The more autonomous and sensitive the data, the more critical it becomes to control load communication, access to context, and containment before an intrusion affects the entire infrastructure.
Security for AI factories must be integrated from the outset, not added afterward. Akamai and NVIDIA focus precisely on this: safeguarding the infrastructure at the speed of AI, without turning security into a performance bottleneck.
Frequently Asked Questions
What did Akamai and NVIDIA announce?
They have expanded their collaboration to integrate Akamai Guardicore Segmentation with NVIDIA Vera BlueField-4 STX and DOCA, bringing Zero Trust security into AI factories.
Why is this important for AI data centers?
Because AI factories handle large volumes of data, agents, and context memory, requiring security that contains threats without consuming critical GPU, CPU, or storage resources.
What does Akamai Guardicore Segmentation offer?
Provides visibility into communications, policy definition based on identity and behavior, workload segmentation, and anomaly pattern detection in hybrid environments.
When will it be available?
The integration with NVIDIA BlueField and DOCA is expected in late 2026, with integration with NVIDIA Vera BlueField-4 STX on partner storage and infrastructure platforms scheduled for the first half of 2027.
via: akamai