Why Traditional Multi-Tenant Networking Falls Short
In the era of agentic AI and hyperscale HPC, network fabric security is no longer optional—it's foundational. Traditional Ethernet-based networks often rely on endpoint-driven policies, leading to misconfigurations and inconsistent security postures. NVIDIA Quantum InfiniBand takes a different approach: a software-defined, centrally managed fabric where the Subnet Manager (SM) enforces global policies.
Despite InfiniBand's robust hardware-enforced isolation mechanisms (PKeys, MKeys, GUID filters), these features have been underutilized due to configuration complexity. As clusters scale to tens of thousands of GPUs, manual SM configuration becomes error-prone and time-consuming. A single misconfigured partition key can expose sensitive proprietary data or disrupt massive distributed training jobs.
NVIDIA's answer is intent-based security profiles in Unified Fabric Manager (UFM)—a one-click solution that automates the entire security stack. This blog post breaks down the architecture, profiles, and validation methodology.
For a broader perspective on understanding user needs and building secure systems, check out our related article on four levels of customer understanding in UX research.
![]()
The Three Intent-Based Security Profiles
NVIDIA defines three profiles, each tailored to a specific deployment model. The key insight: instead of manually configuring dozens of parameters, you select a profile, and UFM orchestrates the underlying settings.
| Profile | Use Case | Key Features Enabled |
|---|---|---|
| General | Single-tenant, basic out-of-the-box | Minimal security; suitable for development or lab environments |
| Bare Metal Cloud | Multi-tenant cloud | PKey-based isolation, MKey protection, GUID access control |
| Secured Bare Metal Cloud | Highly secure multi-tenant | Full MAD key protection (MKEY, VSKEY, PMKEY, CCKEY, SMKEY, SAKEY), service-level authentication, SA trust model, MAD rate limiting, DoS/DDoS protection, source-based rate limiting |
Bare Metal Cloud Profile in Action
This profile enables PKey-based isolation—analogous to Ethernet VLANs but enforced in hardware. Port attributes are stored in silicon and accessible only via the Management Key (MKey), known exclusively to the SM. This means tenants sharing the same physical fabric are cryptographically and logically separated at the hardware level, with no reliance on host-side software that a privileged tenant could bypass.
# Example: Querying PKey assignments via UFM API (simplified)
import requests
ufm_endpoint = "https://ufm-cluster.example.com"
headers = {"Authorization": "Bearer <token>"}
# Get all partitions
response = requests.get(f"{ufm_endpoint}/resources/partitions", headers=headers)
partitions = response.json()
for pkey in partitions:
print(f"PKey: {pkey['pkey']} | Members: {len(pkey['members'])}")
# Expected output: PKey: 0x8001 | Members: 1024
Secured Bare Metal Cloud: Hardened Multi-Tenancy
This profile builds on the previous layer, enabling comprehensive security:
- Full MAD key protection with randomized seeds for all key types
- GUID-based access control via
allowed_guid_list - Service-level authentication using
service_key(e.g., for AM services) - Enhanced SA trust model applied to all commands
- MAD rate limiting to protect against abuse and congestion
- DoS/DDoS protection that automatically identifies and limits excessive packet rates
- Source-based rate limiting based on LID addresses
This reduces complexity, minimizes configuration errors, and ensures consistent security enforcement across deployments.

Validating Security Posture with Continuous Security Verification (CSV)
UFM introduces Continuous Security Verification (CSV)—a proactive diagnostic capability that performs static analysis and log-based auditing. It provides a Security Health Score along with automated remediation steps for detected vulnerabilities.
The CSV report can be generated from the System Health tab in UFM. Users select a verbosity level (Errors, Warnings, or Info) and optionally test PKey settings. The report then lists errors, warnings, and informational messages, enabling rapid remediation.
# Example: Using UFM CLI to trigger CSV report (conceptual)
ufm security verify --profile secured-bare-metal-cloud --verbosity errors-and-warnings
# Output: Security Health Score: 92/100
# Remediation: Update MAD key for partition 0x8002
Limitations and Caveats
While intent-based profiles dramatically simplify security, they are not a silver bullet:
- Profile granularity: You cannot mix settings from different profiles on the same fabric. If your deployment requires a hybrid model (e.g., some tenants need Secured BMC, others General), you must use separate fabrics or manual overrides.
- Learning curve: Teams unfamiliar with InfiniBand concepts (PKeys, MAD keys, GUIDs) may still need initial training to interpret UFM reports.
- Vendor lock-in: These profiles are specific to NVIDIA Quantum InfiniBand. If you operate a multi-vendor fabric, you'll need to manage security policies separately for each vendor.
Next Steps
- Read the official NVIDIA Quantum InfiniBand security white paper for detailed configuration guides.
- Explore how to integrate UFM security profiles with your existing CI/CD pipeline for zero-touch deployment.
- For a deeper look at API authorization patterns, see our case study on fine-grained API authorization with Amazon Verified Permissions.

Conclusion
NVIDIA's intent-based security profiles represent a paradigm shift for InfiniBand fabric security. By abstracting complex, multi-step configurations into three declarative profiles, UFM enables cloud providers and enterprise data centers to deploy hardware-enforced tenant isolation in minutes—not days. Combined with Continuous Security Verification, teams gain proactive visibility into their security posture without manual audits.
Key takeaway: In the world of agentic AI and massive GPU clusters, security must be as scalable as the infrastructure itself. Intent-based profiles make that possible.
Next learning path:
- Hands-on: Deploy a test InfiniBand fabric with UFM and apply the Bare Metal Cloud profile.
- Deep dive: Understand MAD key hierarchy and how randomized seeds improve security.
- Advanced: Implement custom CSV remediation scripts in your automation framework.
This article is based on the NVIDIA Developer Blog.