Artificial Intelligence

Redefining Secure AI Infrastructure with NVIDIA BlueField Astra for NVIDIA Vera Rubin NVL72

ASK ANA
ASK ANA

-


Large-scale AI innovation is driving unprecedented demand for accelerated computing infrastructure. Training trillion-parameter foundation models, serving them with disaggregated architectures, and processing inference workloads at massive throughput all push data center design to the bounds. To maintain up, service providers need infrastructure that not only scales but in addition delivers stronger security and higher tenant isolation.

This post introduces NVIDIA BlueField Astra running on NVIDIA BlueField-4, a breakthrough innovation that redefines how service providers manage, secure, and scale AI infrastructure.

As accelerated computing demand increases, the industry is prioritizing bare-metal computing to unlock the advantages of GPU acceleration. Unlike virtualized environments, bare-metal provisioning requires strict isolation and trusted control points to be certain that no tenant can interfere with one other’s resources. The challenge arises because AI infrastructure spans two distinct networking domains:

  • North-South (N-S): The front-end network that connects users and applications to the AI cluster
  • East-West (E-W): The backend AI compute fabric that connects GPUs at massive bandwidth and ultra-low latency

Today, CSPs already manage N-S traffic using NVIDIA BlueField DPUs, running their control software stacks on the embedded Arm cores. This model enables service providers to implement isolation, provision resources, and secure workloads effectively. 

On the E-W domain, the NVIDIA Ethernet SuperNIC is the adapter purpose-built to satisfy the intense requirements of AI workloads, delivering the performance, throughput, and congestion management that massive GPU clusters demand. 

As AI clusters scale, CSPs are in search of secure and consistent ways to increase provisioning and control into the AI compute fabric, complementing the performance and scalability that SuperNICs already provide.

What’s NVIDIA BlueField Astra? 

As announced at CES 2026, the NVIDIA Rubin platform features the brand new BlueField Advanced Secure Trusted Resource Architecture (Astra) running on BlueField-4. BlueField Astra is a breakthrough system-level architecture that mixes hardware and software innovations and is deeply integrated into the NVIDIA Vera Rubin NVL72 compute tray.

Through dedicated connections between the BlueField-4 DPU and NVIDIA ConnectX-9 SuperNICs, BlueField Astra extends manageability, provisioning, and policy enforcement into the E-W fabric. For the primary time, the DPU controls all network I/O to and from the compute node.

With BlueField Astra, CSPs can extend their trusted software stack running on BlueField-4 DPUs to securely manage tenant isolation and network policies across the AI compute fabric. These policies are programmed through the out-of-band DPU port and enforced directly in SuperNIC hardware, ensuring consistent control throughout the system.

Central to BlueField Astra is a brand new control plane architecture. Unlike traditional models, where host-based software configures each NICs and fabric, BlueField Astra completely isolates the SuperNIC control plane from the host operating system. This ensures that tenant workloads, even when running bare metal, cannot tamper with or gain visibility into network provisioning.

Network architecture diagram showcasing the VR NVL72 compute tray, supporting NVIDIA BlueField Astra management model. The directions North, South, West, and East are labeled. The BlueField-4 DPU is at the top, Vera CPUs in the middle, Rubin GPUs at the bottom, and ConnectX-9 SuperNICs on the left. Arrows and lines show the flow. Network architecture diagram showcasing the VR NVL72 compute tray, supporting NVIDIA BlueField Astra management model. The directions North, South, West, and East are labeled. The BlueField-4 DPU is at the top, Vera CPUs in the middle, Rubin GPUs at the bottom, and ConnectX-9 SuperNICs on the left. Arrows and lines show the flow.
Figure 1. The Vera Rubin NVL72 compute tray, supporting the BlueField Astra management model

As shown in Figure 1, BlueField Astra establishes a direct path between the BlueField-4 DPU and ConnectX-9 SuperNICs, making a unified control architecture. This delivers:

  • Dedicated connectivity: Each NVIDIA ConnectX-9 SuperNIC connects on to the BlueField-4 DPU, enabling the DPU to program, configure, and monitor the SuperNIC without counting on the host CPU.
  • Out-of-band control: BlueField Astra routes all provisioning instructions and network policies through the BlueField embedded Arm cores.
  • Unified control of N-S and E-W: BlueField-4 consolidates each domains under a single trusted control point. The identical DPU that manages N-S networking for tenant isolation and security policies now extends those capabilities into the E-W AI compute fabric.
  • Isolation from the tenant: Tenants use the SuperNIC for AI data movement, but don’t have any access to or control over management functions, which remain fully isolated on the DPU.
  • Security model consistency: By moving the NVIDIA DOCA stack from the host to the DPU, BlueField Astra ensures the E-W fabric inherits the identical cloud-aligned security posture already proven for N-S traffic.

BlueField Astra enables control, consistency, and confidence  

BlueField Astra transforms AI infrastructure management by making a unified control plane across each N-S and E-W domains. With a single point of control anchored within the BlueField-4 DPU, service providers can streamline provisioning, implement policies consistently, and reduce operational complexity—all without touching the host CPU.

By design, BlueField Astra delivers stronger isolation and security. The SuperNIC control plane is isolated from tenant workloads and fully managed by the DPU, ensuring that tenants cannot bypass or alter policies. This model prevents lateral movement and configuration drift while giving CSPs confidence that bare-metal GPU nodes could be offered securely in multi-tenant environments.

BlueField Astra also brings operational consistency. Service providers can extend the identical DOCA-based management tools and workflows they already use on the N-S front end into the E-W compute fabric. Policies are pushed down into SuperNIC hardware for enforcement, enabling fine-grained tenant-aware provisioning while maintaining the performance benefits NVIDIA SuperNICs are known for.

Finally, BlueField Astra supports compliance and auditability. With policies and configurations residing on the DPU somewhat than the host, CSPs gain clearer audit trails and a security posture aligned with the necessities of regulated industries. This ensures that security isn’t bolted on—it’s embedded into the operating system of AI infrastructure at scale.

BlueField Astra builds on the DOCA software platform to supply a consistent technique of deploying and operating infrastructure services on BlueField-4. By anchoring networking, security, storage, and management functions on the DPU, Astra enables existing DOCA microservices and operational workflows to increase naturally into bare-metal AI systems and the E-W compute fabric.

With Astra, DOCA microservices run directly on BlueField-4 and interface with NVIDIA ConnectX-9 SuperNICs through a DPU-managed control plane. This model preserves compatibility with existing DOCA deployments while enabling the stronger isolation and control required for multitenant, bare-metal AI environments, without introducing recent dependencies on the host operating system.

BlueField Astra supports a set of DOCA microservices that together form the infrastructure control layer for AI systems:

  • Networking
    • N-S: DOCA Host-Based Networking (HBN) provides tenant-aware provisioning, isolation, and policy enforcement on the front-end of the AI cluster.
    • E–W: DOCA-accelerated Open vSwitch (OVS) extends software-defined networking into the AI compute fabric, enabling controlled connectivity between GPU nodes while keeping fabric control isolated from tenant workloads.
  • Security
    • DOCA Argus delivers infrastructure-level telemetry and runtime visibility from the DPU, supporting monitoring and enforcement outside the tenant trust boundary.
  • Storage
    • DOCA SNAP offloads storage services through the DPU, enabling secure, isolated data paths that operate independently of host software.
  • Management
    • DOCA DMS provides device discovery, lifecycle management, and secure provisioning, allowing CSPs to administer AI nodes and SuperNICs through a centralized, DPU-anchored control point.

Together, these DOCA microservices allow BlueField Astra to take care of a consistent, software-defined infrastructure model across each N-S and E-W domains, while preserving the performance characteristics required by large-scale AI workloads.

Securing the longer term of AI infrastructure

As AI workloads scale to recent levels, service providers must deliver bare-metal performance while maintaining strict multi-tenant security. With BlueField Astra, NVIDIA extends trusted control from the front-end network into the AI compute fabric itself. By combining BlueField DPUs with SuperNICs under a unified, isolated architecture, BlueField Astra empowers CSPs to confidently construct, provision, and secure the following generation of AI infrastructure.

To learn more about how NVIDIA Vera Rubin NVL72 and NVIDIA BlueField-4 are shaping the longer term of AI infrastructure, watch the NVIDIA Live presentation at CES 2026 with NVIDIA CEO Jensen Huang. To dive deeper into BlueField-4 features and capabilities, see the BlueField-4 datasheet. 



Source link

ASK ANA

0

What are your thoughts on this topic?
Let us know in the comments below.

0 0 votes
Article Rating
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
ASK ANA
ASK ANAhttp://bardai.ai

Share this article

Recent posts

Previous article
Text2SQL using Hugging Face Dataset Viewer API and Motherduck DuckDB-NSQL-7B
Next article
Stone Center on Inequality and Shaping the Way forward for Work Launches at MIT

Our Newsletter

Subscribe To Receive Our Daily News Directly In Your Inbox!

This field is required.

© Copyright - All Right Reserved By Bardai.ai

0
Would love your thoughts, please comment.x
()
x