When autonomous agents read, write, and act on enterprise data without a human in the loop, the data path becomes the place where When autonomous agents read, write, and act on enterprise data without a human in the loop, the data path becomes the place where performance, governance, and security are decided. NVIDIA Vera BlueField-4 STX moves enforcement into silicon so that security control holds even when the host is compromised. DDN’s role is to be the data foundation fast enough that this enforcement costs no GPU cycles. This post covers what Vera BlueField-4 STX does, why it changes the economics of an AI factory, and where DDN fits.
At GTC Taipei during COMPUTEX 2026, enterprise AI is in industrialized production. The work now is operationalizing autonomous systems that reason, retrieve, generate, and act on enterprise data securely, with governance, and in real time. Agentic AI has changed the threat model: a single compromise propagates through autonomous actions, degrading model reliability and every downstream decision. DDN supports NVIDIA’s direction here as one of the Vera BlueField-4 STX co-design partners.
BlueField-4 STX Moves Enforcement Into DPU Silicon
NVIDIA Vera BlueField-4 STX is a modular foundation for AI-native storage, built around NVIDIA Vera CPUs, Rubin GPUs, NVIDIA BlueField-4 data and storage processors, and NVIDIA Spectrum-X Ethernet. Enforcement runs in an isolated trust domain on the BlueField-4 silicon itself, independent of the host OS and the storage system. Three DOCA services anchor the model:
DOCA Argus gives runtime visibility into AI workload and agent behavior, providing AI discovery, exposure management, and real-time threat detection across multi-tenant environments. NVIDIA cites runtime threat detection up to 1,000× faster than agentless runtime solutions.
DOCA Vault enforces granular authorization on every file-access request in silicon, independent of the host. Policies control which workloads read which data, which programs execute, whether new files can be created, and whether AI models can leave the environment. It establishes a zero-trust access layer for file-based storage.
DOCA Flow enforces network policy at line rate up to 800 Gb/s, isolating agents, tenants, and inference pipelines. Inspection, segmentation, and secure communication happen in the data path, with the host CPU out of the loop.
Every interaction between agents and data is inspected, governed, and controlled at agent speed, in silicon. A compromised host leaves enforcement intact.
Enforcement at 800 Gb/s Keeps Security off the GPU’s Critical Path
Two properties matter for anyone designing AI factories now.
Enforcement keeps pace with the workload. Host-based security agents impose CPU overhead, contend with the workloads they protect, and run well below modern AI data rates. NVIDIA Vera BlueField-4 STX runs enforcement on a dedicated processor in the data path, so network policy at 800 Gb/s and per-access authorization in silicon keep security off the path that determines GPU utilization.
The trust boundary moves to the infrastructure. Because DOCA Vault, Argus, and Flow run in an isolated domain on the NVIDIA BlueField-4 silicon, policy holds when the host OS or storage system is compromised. For multi-tenant AI services — inference pipelines shared across business units, sovereign workloads, partner integrations — the operator now trusts the infrastructure rather than the host.
Agent behavior is the new attack surface. An agent that drifts from expected behavior, attempts to exfiltrate a model, or accesses data outside its policy has to be contained before its next autonomous action. DOCA Argus behavioral monitoring plus DOCA Flow network isolation make that containment happen in the infrastructure, so application logic carries no policing burden.
Idle GPUs Are the Cost STX Is Designed To Remove
AI infrastructure is a production system tied to revenue, productivity, and competitive position. Enterprises spending $50M–$500M on GPU clusters strand a large share of that capacity on data bottlenecks, weak orchestration, and fragmented security, leaving GPUs waiting on data instead of producing tokens. Idle GPUs are lost revenue; every inference delay raises cost per query, and every governance gap raises risk. The economics follow:
Higher GPU utilization cuts cost per token. Faster inference raises AI productivity and improves user experience. Better data orchestration delivers the same output on fewer GPUs. Inline governance cuts operational complexity and risk. Smarter data movement lowers footprint, power draw, and opex.
Executives now measure cost per token, GPU utilization, time-to-inference, power and cooling efficiency, governance, and time-to-value. In that frame, inline in-silicon enforcement adds the governance an agentic AI factory needs while leaving the GPU cycles that pay for it untouched. An AI factory holds performance and security at the same time.
DDN Is the Data Layer That Makes In-Silicon Enforcement Worth Having
DDN’s focus is the data layer of the AI factory: keeping GPUs fed, sustaining microsecond latency under heavy concurrency, and delivering deterministic performance for training, checkpointing, and inference at scale. In-silicon security raises the stakes on this, because inline enforcement is only useful when the data platform sustains the throughput the policies protect.
Agentic workloads compound the demand. Autonomous agents interact continuously with enterprise data, vector databases, retrieval pipelines, models, APIs, and external systems, generating constant data movement across training, inference, reasoning, and orchestration. That puts a premium on real-time access to distributed data, deterministic low-latency performance, secure multi-tenant isolation, and continuous observability.
The DDN AI data intelligence platform operates alongside the NVIDIA model with AI-optimized data orchestration for training, checkpointing, and inference; high-throughput, low-latency access for vector databases, RAG pipelines, and agent workloads; multi-tenant deterministic performance isolation across concurrent workloads; real-time observability and governance across AI workflows; and infrastructure efficiency that cuts cost per token by sustaining GPU utilization.
NVIDIA anchors enforcement in BlueField-4 silicon, consistent regardless of what runs above it. DDN supplies the data foundation underneath: fast enough that security pays nothing out of GPU cycles, predictable enough that multi-tenant policy means something, and observable enough that operators understand what their workloads are doing.
Looking Ahead
Agentic AI is shifting the center of gravity in enterprise infrastructure. Operators are asking how to trust an autonomous agent, how to contain one that misbehaves, and how to scale to thousands of agents across tenants while holding performance and GPU utilization. These now have infrastructure-level answers. NVIDIA Vera BlueField-4 STX and the DOCA security services are a meaningful step there. DDN supports this work as an NVIDIA launch partner and looks forward to seeing how joint customers deploy these capabilities as they become available.