Akamai, NVIDIA launch agentless OT security via DPUs

Akamai has unveiled a new security offering that combines its Guardicore Segmentation software with NVIDIA BlueField data processing units (DPUs), aiming to protect operational technology and industrial control systems from cyberattacks.

The product targets environments where organisations have struggled to deploy modern controls because many systems cannot run additional security software without risking performance. Industrial sites often rely on older controllers and specialist equipment that can be difficult to update and monitor, yet sit at the centre of essential services such as power generation, water treatment, transport networks, and manufacturing.

Agentless model

The joint approach centres on "agentless" Zero Trust segmentation. In many security architectures, endpoint agents provide visibility and policy enforcement by running directly on servers, workstations, and controllers. Critical infrastructure operators often avoid agents across fragile legacy systems, concerned they could cause crashes, downtime, or interference with operational processes.

In the Akamai-NVIDIA design, segmentation and related security functions run on NVIDIA BlueField DPUs rather than on the host system. This shifts security processing away from the machine running the operational workload. It also changes how policy enforcement works: the DPU sits in the data path and can apply controls without software installed on the protected host.

The integration is intended to provide out-of-band visibility across systems, networks, and applications, while applying security policies in real time. The goal is to create clear boundaries around key operational systems while maintaining the stability of machinery and the underlying control environment.

Containment focus

Beyond segmentation, the solution includes detection for anomalous network connections and indicators of compromise. Akamai and NVIDIA described it as a way to contain threats even after an initial breach. Using hardware-level isolation through the DPU, the system can filter and restrict traffic around a compromised asset.

The companies describe the DPU as an independent "bump-in-the-wire" control point designed to reduce reliance on host-based security components and limit changes to production systems. This reflects a common constraint in industrial environments, where change management can be slow and maintenance windows limited.

For critical infrastructure operators, segmentation has long been a priority because it reduces the pathways an attacker can use for lateral movement. The issue has drawn increased attention as ransomware and destructive attacks have spread from IT systems into operational technology networks, often via shared services, remote access tools, or misconfigured connections between environments.

Sector pressure

Akamai and NVIDIA pointed to heightened pressure on the energy and transportation sectors. These industries face strict availability requirements and complex supply chains, alongside a growing attack surface that includes remote monitoring, cloud-connected analytics, and increasing automation.

They also linked the agentless approach to regulatory expectations and cyber insurance scrutiny. Operators in regulated sectors often need stronger evidence of controls around sensitive environments. Insurers have also tightened requirements around segmentation, incident response maturity, and the ability to limit business interruption.

Akamai highlighted the performance impact of traditional approaches in sensitive environments.

"Whether you are running a water plant or a high-performance computing (HPC) cluster, your priority is keeping the system moving at full speed. You can't afford to let security software tax your performance," said Ofer Wolf, Senior Vice President, Enterprise Security at Akamai.

Wolf said these constraints have limited how organisations protect systems that cannot tolerate overhead from conventional tools.

"In the past, these environments were extremely difficult to secure because the machines could not handle the overhead of traditional tools without risking a crash or slowing down vital calculations. Akamai and NVIDIA are changing that. By offloading segmentation and observability to the DPU, we're giving organizations a way to stop attacks in their tracks while maximizing CPU power for the heavy lifting it was meant to do," Wolf said.

NVIDIA linked the announcement to broader shifts in automation and growing reliance on data-driven systems.

"AI is fundamentally reshaping every business, and as automation scales, safeguarding enterprise data and resources is absolutely critical - but security cannot come at the expense of uptime or resilience," said Kevin Deierling, Senior Vice President, Networking at NVIDIA.

Deierling said the integration applies security controls at a lower layer of infrastructure.

"By integrating Akamai's segmentation capabilities directly into NVIDIA BlueField, organizations can enforce Zero Trust at the infrastructure layer, protecting their most sensitive operations without impacting system stability or production performance," he said.

The joint solution is expected to be available globally in Q2 2026.