How Nvidia aims to demystify zero-trust security

Hear from CIOs, CTOs, and other senior executives and leaders on data and AI strategies at the Future of Work Summit on January 12, 2022. Learn more

Nvidia sees just how vulnerable its client companies’ data centers are, leading them to accelerate their zero-trust platform to fill growing cybersecurity gaps.

Many enterprise data centers rely on decades-old security infrastructure that stops at the perimeter. For bad actors and cybercriminals, this is tantamount to leaving the doors of data centers unlocked. As a result, Nvidia sees the risk of data center attacks increasing in complexity, speed and severity for customer operations, combined with a need to support AI and data science workloads.

The latest round of announcements at Nvidia’s GTC 2021 event earlier this month reflects the urgency Nvidia needs to strengthen data center security and support customer AI workloads. , machine learning and large-scale data science.

Nvidia aims to demystify zero trust in data centers

Nvidia continues to pursue an aggressive zero-trust security strategy on its data processing unit (DPU) and software cybersecurity roadmap, rapidly capitalizing on its Acquisition of Mellanox finalized in 2020. Its most recent announcements at GTC 2021 include the launch of Nvidia DOCA 1.2 software for Nvidia BlueField DPU combined with the latest version of Nvidia Morpheus. Designed to detect threats and breach attempts using unsupervised machine learning algorithms, Nvidia Morpheus is a continuous learning cybersecurity framework that adapts and changes workflows based on accumulated data patterns.

“The rise of transformative innovations such as AI, 5G and smart devices has dramatically increased the traffic flowing through the modern data center, making it more difficult to identify breaches and potential attacks,” said said Kevin Deierling, senior vice president of networks at Nvidia. “Nvidia’s three-pillar zero-trust security platform enables developers to create fully secure environments that protect virtually every aspect of the cloud-native data center, in real time. “

Nvidia is successful in its mission to demystify zero trust in data centers, starting with its BlueField DPU architecture. Its architecture includes secure boot with a hardware root of trust, secure firmware updates, and Cerberus compliance with further enhancements to support building its zero trust framework. One of Nvidia’s main strengths is its ability to extend and evolve core DPU functionality with SDKs and associated software, while evolving to support AI and data science workloads. more important.

Doubling the DOCA development this year, Nvidia used GTC 2021 to announce that version 1.2 supports new authentication, attestation, isolation and monitoring features, further strengthening Nvidia’s zero trust platform. . Additionally, Nvidia says they are seeing momentum among customers and partners who sign up for the DOCA Early Access Program.

Morpheus enables zero confidence at scale in data centers

Nvidia Morpheus is an AI-based cybersecurity framework built on Nvidia FAST and AI Nvidia. It is designed to provide DevOps tools to cybersecurity developers and practitioners implementing cybersecurity applications, systems, and networks.

The latest version of the Nvidia Morpheus framework provides zero-trust developers and partners with the tools and frameworks they need to create and refine custom models tailored to specific cybersecurity scenarios. Morpheus monitors network activity using unsupervised machine learning algorithms to understand typical behavioral patterns, as well as identity, endpoint, and location settings across multiple networks. Nvidia designed Morpheus to derive new models for tracking network behavior and anomalies, each with a specific digital footprint that is constantly scanned and analyzed.

During GTC 2021, Nvidia demonstrated how Morpheus can identify stolen privileged access credentials and breach a breach with stolen credentials and contracts. Additionally, Morpheus models running on Nvidia GPUs can be scaled and parallelized to support massive networks, allowing cybersecurity teams to apply enhanced capabilities to detect anomalies quickly and reliably. The following graphic explains how the architecture of the Morpheus AI cybersecurity framework is built on the basis of BlueField DCU, DOCA software versions and the Nvidia Morpheus network:

Above: Nvidia’s Zero Trust Platform includes Bluefield 2 DPU software, DOCA 1.2, running on Nvidia Morpheus’ AI-based cybersecurity network.

Image Credit: Nvidia

Nvidia’s zero trust platform built for partners

DOCA 1.2 software version is designed to help Nvidia partners and developers accelerate their code development and quickly set up and run software-defined and accelerated network, security, storage, and management applications on devices. DPU BlueField. In addition, version 1.2 provides partners with the support and zero-trust features they need to publish their applications and optimize them for the BlueField DPU in conjunction with Morpheus.

Major partners operating on the BlueField DPU using DOCA code include Juniper Networks, which was among the first to commit DevOps resources to the project. “Zero trust security should be a fundamental pillar of any security strategy. Introducing new ways to operationalize technology will make it more ubiquitous in the industry, ”said Raj Yavatkar, CTO of Juniper Networks. “Juniper has a long history of advocating for open architectures to give customers choice. With DOCA, each individual organization will be well aligned to meet their digital transformation needs. Applying such approaches will help customers better secure their cloud workloads and embrace zero trust principles. “

ARIA Cybersecurity Solutions, Cloudflare, F5, Fortinet Guardicore and hybrid cloud platform providers Canonical, Red Hat and VMware are also working with Nvidia to optimize and integrate data center security software with the Nvidia Morpheus AI framework, a declared the company. Having no faith in silicon is the reassurance that Information Security Officers (CISOs) need to anchor and secure technology stacks: Atos, Dell Technologies, GIGABYTE, H3C, HPE, Inspur, Lenovo, QCT and Supermicro now have Nvidia certified systems.

Zero Trust Platforms Must Evolve On Hardware To Be Successful

Nvidia aligns its core strengths with the most potentially deadly cybersecurity risks of its customers. The release of DOCA 1.2 with support for the Zero Trust Platform, so that partners can develop and scale their systems on the Nvidia BlueField DPU, is needed to further simplify and scale zero trust in the centers. data.

Like Nvidia CUDA, which enables developers to build applications that take advantage of Nvidia GPUs, DOCA enables developers to build software-defined and accelerated network, security, storage, and management applications for BlueField DPUs. Other cybersecurity companies taking a hardware approach to deliver zero-trust security in businesses include Absolute Software, The Hewlett Packard Enterprise iLO Five Silicon Root of Trust, Sepio Systems and Intel’s many zero-trust developments, including Intel Software Guard Extensions (Intel SGX), Intel Virtualization Technology, Intel Control-Flow Enforcement Technology, and Intel Threat Detection Technologies,

Unlike semiconductor producers who build zero trust into their infrastructure-on-chip designs, Absolute has partnered with 28 device manufacturers to build endpoint visibility and control into device firmware. At last count, there are 500 million devices that have Absolute’s firmware installed, according to the company.

Like Nvidia, Absolute also pursues a partner-based strategy to extend support for zero-trust security across all businesses. Its recently announced Persistence-as-a-Service (APaaS) app focuses on providing DevOps tools to independent software vendors and system manufacturers to integrate with Absolute firmware already installed on endpoints. The goal of the program is to provide partners with access to health, asset management and threat detection data at the device level, further increasing endpoint resiliency. Absolute recently completed the acquisition of NetMotion, bringing the necessary Zero Trust Network (ZTNA) access products into the Absolute platform, which is now considered the first self-healing zero trust platform.

Meeting the challenges of zero trust in the data center

RSSIs tell VentureBeat that data centers are often the most difficult aspect of implementing any zero trust strategy, as domain configurations based on server-level trust dominate technology stacks. Implement the least privileged access at the configuration and integration levels of the server, let alone achieve microsegmentation or true Identity Access Management (IAM) and Privileged Access Management (PAM) in one legacy infrastructure environment, is a colossal undertaking. Top-down approaches to repairing legacy technology stacks to support zero trust are difficult to do well. Nvidia’s approach of starting with silicon, improving zero trust capabilities at scale with DOCA versions that also capitalize on the learning accumulated on Morpheus, takes a more fundamental approach to solving zero trust in centers of data. Building the partner base, as well as Nvidia’s ability to keep pace with innovation on DOCA and its BlueField DPU, will determine the success of Nvidia’s Zero Trust solution.


VentureBeat’s mission is to be a digital public place for technical decision-makers to learn about transformative technology and conduct transactions. Our site provides essential information on data technologies and strategies to guide you in managing your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the topics that interest you
  • our newsletters
  • Closed thought leader content and discounted access to our popular events, such as Transform 2021: Learn more
  • networking features, and more

Become a member

Source link