Offloading the impact of security – piloting DPUs for security

Dr Steve Quenette1, Mr Sudarshan Ramachandran2, Mr Arik Roztal3, Mrs Gin Tan1, Mr Swe  Aung1, Mr Adam Bretel4

1Monash Eresearch Centre, Monash University, Melbourne/Clayton, Australia
2Nvidia, Melbourne, Australia
3Nvidia, Tel Aviv, Israel
4eSolutions, Monash University, Clayton, Australia

Designing high performance infrastructure for sensitive data workflows is challenging. A typical research project today will have partners beyond institutional boundaries, and require simulation, image processing and / or AI ideally suited to the scheduling of precious but shared resources (e.g. via HPC, Blazar and Kubernetes), but orchestrated within safe havens. To this end, Nectar Research Cloud users and nodes collaboratively determined firewalls and other security concerns at the project level. However, in today’s cyber landscape more is needed to integrate the robust security operating practices now prolific throughout institutions.

In 2018/19 we piloted a micro-segmentation based security tool to assure sensitive data workflows that flowed across Monash’s own pools of resource (e.g. web, VDI, HPC, AI, etc). When made transparent to the researcher would ultimately scale tighter firewalls and more actively & deeply monitored data workflows. We observed, however, a loss in the order of 10% to the researcher’s allocated computing resources to do this work.

Simultaneously NVIDIA (Mellanox) has developed BlueField, an RDMA enabled Ethernet SmartNIC, also known as Data Processing Units (DPUs). In essence these DPUs extend the ConnectX NIC now prolific in the Research Cloud with Arm cores and supporting APIs. A key use case for this technology is the emerging evolution in security technology to security everywhere.

In this talk we will discuss the collaboration between NVIDIA and Monash that explores micro-segmentation and SOC integrations that scale with cloud size. We will discuss our early findings of precursor experiments, such as off-loaded encryption and introspection.


Dr Steve Quenette, Deputy Director of the Monash eResearch Centre. This multi-disciplinary centre now includes over 40 eResearch and IT professionals providing expertise, computing, visualisation and data capabilities into numerous research areas. Since 2010, the centre has been selected to host over $50M of Australia’s federally-funded national eResearch infrastructure for specialised high-performance computing, research cloud services and data storage and data management, underpinning the research of over 4,000 researchers. The centre is also a global Centre of Excellence or a strategic technology partner for NVIDIA, Mellanox, Dell, and Redhat.

Recent Comments