Nvidia unveiled its third-generation BlueField data processing unit (DPU) at GTC 2021 today. The smartNIC is the company’s first since acquiring Mellanox in 2019, and is specifically designed to accelerate SDN, storage, security, and now artificial intelligence applications.

The DPU offloads data center services — networking, storage, and security functionality — in order to free the CPU to run business-critical applications and alleviate bottlenecks.

Nvidia claims DPU will deliver a tenfold improvement in compute performance and a 400% increase in cryptographic workloads, compared to the previous generation BlueField-2, thanks in part to the inclusion of 16 Arm A78 processor cores.

“BlueField-2 currently offloads an equivalent of 30 CPU cores for software-defined networking, security, and storage,” Justin Boitano, VP and GM of enterprise and edge computing, said in a press briefing. “It would take 300 CPU cores to secure, offload, and accelerate the networking traffic at 400 Gb/s line rates. That’s a 10x leap in performance that’s required and that’s what BlueField-3 delivers.”

A single BlueField-3 DPU is capable of running the entire VMware ESXi virtualization stack through the Project Monterey partnership the vendors announced last fall, according to Boitano.

The additional horsepower offered by BlueField-3 will also enable zero-trust-like security functionality to infrastructure environments.

“The rise of microservice-based applications and hybrid clouds means there are no data center boundaries anymore. Modern zero-trust security models assume the intruder's already inside your data center and all container-to-container communication needs to be inspected, even within every node,” Boitano said. “The traditional approach that relied on appliances at the edge of the data center can't be adapted to this new threat landscape.”

SDN, security, and storage are simply not feasible at the scale necessary to inspect all container-to-container communication for threats, Boitano explained. “The CPU load of monitoring every piece of traffic is just simply too great."

To address this challenge, BlueField-3 — and BlueField-2 to a lesser extent — can isolate data center infrastructure from business applications using Nvidia’s Morpheus security framework.

“With the introduction of Nvidia Morpheus, cybersecurity vendors can now inspect all data center communication in real time,” Boitano said, adding that “because BlueField is effectively a server running at the edge of every server in your data center, it acts as a sensor to monitor all the traffic between all the containers in [virtual machines] in your data center.”

BlueField and Morpheus’ potential isn’t limited to the data center either. The DPUs can also be deployed in Nvidia’s EGX edge platform to inspect every packet of traffic for unencrypted data to identify any security policies that may need to be updated, Boitano added.

Nvidia’s BlueField-2 DPU is now generally available and offers dual 100 Gb/s Ethernet or Nvidia InfiniBand network interfaces and eight Arm CPU cores. Nvida's data center infrastructure on a chip architecture (DOCA) software development kit (SDK) for programming the smartNIC is also available starting today.

The chip’s more powerful sibling, the BlueField-3, is expected to begin sampling in the first quarter of 2022.