Fortinet has announced an integration of its FortiGate virtual firewall (VM) with the NVIDIA BlueField-3 data processing unit (DPU), enabling core security functions to run directly on the DPU and bypass the host CPU. Fortinet claims this approach enhances security and performance for high-density private cloud and artificial intelligence (AI) data centers by embedding protection within the data center infrastructure itself.
The integration runs FortiGate VM on BlueField-3 DPU hardware, powered by the FortiOS operating system. According to Fortinet, this architecture moves critical security processes—such as firewalling, segmentation, and zero-trust policy enforcement—onto the DPU. This solution aims to improve workload isolation, lower network latency, and enable policy enforcement at line rate across evolving data center, private cloud, and edge environments supporting AI workloads.
John Whittle, Chief Operating Officer at Fortinet, said, “Integrating FortiGate VM on BlueField-3 DPU gives customers a practical way to keep security aligned with these new performance demands. By moving firewalling, segmentation, and zero-trust controls on the DPU, we help organizations improve isolation, reduce latency, and simplify consistent policy enforcement across their environments.”
Kevin Deierling, Senior Vice President of Networking at NVIDIA, added, “AI factories demand an entirely new class of secure, accelerated infrastructure. By running FortiGate VM directly on NVIDIA BlueField-3 DPUs, we’re extending the model of infrastructure-offloaded services to include advanced security. This collaboration allows organizations to enforce firewalling, segmentation and zero-trust policies at line rate, without impacting GPU workloads. Together with Fortinet, we’re delivering the secure, high-performance fabric customers need to build and scale their AI-powered data centers with confidence.”
Technical features include zero-impact high performance, achieved by offloading security tasks from the host CPU to the DPU, which reduces latency and supports higher traffic throughput. The solution supports zero-trust segmentation with security enforced in an isolated trust domain on the BlueField hardware. Fortinet also notes that deployment is simplified using Open vSwitch (OVS) standards for WAN and VXLAN LAN tunnels, and the solution provides scalability for multitenant architectures in colocation and cloud service environments.
The integrated offering is available starting with FortiOS version 7.6.3, and Fortinet advises customers and service providers to contact its sales representatives for details on hardware requirements and deployment guidance.
Source: Fortinet
