San Jose, California
Last year, a major U.S. financial services company found that its proprietary trading algorithms, developed over four years, were accessible to an AI model training pipeline on the same internal network. There was no outside breach or complex hacking. Instead, the problem was a misconfigured storage layer that the security team missed because there was no policy for AI workloads. The incident cost the company about $47 million in fixes, regulatory work, and delayed product launches.
This situation is not simply a rare warning. It shows a real risk present in thousands of enterprise data centers today. NetApp teamed with Cisco to solve this problem, not by releasing a software patch, but by redesigning hardware and administrative frameworks to secure AI factories before the next training run starts.
How NetApp Teamed With Cisco to Build Secure AI Factories
The partnership led to a new generation of FlexPod solutions. These are converged infrastructure stacks that combine Cisco’s Unified Computing System servers and networking with NetApp’s ONTAP storage operating system. The earlier FlexPod version worked well for traditional workloads in enterprise data centers. The new design tackles a different challenge: AI compute clusters packed with GPUs that process huge datasets and face ongoing regulatory scrutiny.
NetApp and Cisco FlexPod AI data engine infrastructure operates as a single, integrated system rather than separate parts managed independently. This matters in practice. When storage, computing, and networking are managed together, security policies apply to all three at once. For example, a rule that limits access to personal data updates storage permissions, network rules, and compute controls in one step, rather than requiring three separate updates across different systems.
For companies in regulated markets like healthcare (under HIPAA), finance (under SOX), or defense (under CMMC), this consistency is essential. It can mean the difference between meeting compliance requirements and leaving a gap that an auditor could find.
The Intelligent Data Infrastructure Layer Inside the AI Data Engine
At the core of the joint architecture is what NetApp calls its intelligent data infrastructure. This is a storage and data management system built specifically to meet the demands of large-model training in enterprise settings.
Training a big language model on company data creates data movement patterns that traditional storage systems were not built to handle. In one training run, a model might read the same dataset hundreds of times in random order, pulling from different storage levels at once, while the data keeps being updated by production systems.ion systems. Standard access controls, made for people making single-file requests, do not work well with this kind of fast, machine-driven, parallel access.
NetApp’s intelligent data infrastructure solves this by treating AI workloads as a separate access class with its own policies. Data marked for AI training moves through special pathways, with cryptographic checks at each step. This ensures that a model using a selected dataset cannot accidentally access nearby data stores containing sensitive or regulated information. The system keeps unchangeable access logs, so compliance teams have a clear record for audits without needing to document every data movement by hand.
Enterprise Security Architecture and the Governance Gaps AI Exposes
Five years ago, enterprise security documents did not mention the governance gaps that AI workloads now reveal, because these workloads were rare. Security teams built their frameworks to handle known threats such as external attacks, stolen credentials, or insider data exfiltration through clear human actions.
AI training pipelines create a new kind of risk that does not fit into the usual categories. A model trained on internal data does not steal information in ways that traditional data loss tools can detect, but it can still encode sensitive patterns in its weights that might later appear in its outputs. For example, a customer service model trained on unedited support tickets might start giving answers that mention details from past customers. A financial prediction model trained on unmasked deal data could produce projections that reveal confidential information. FlexPod solutions handle this at the infrastructure level by defining data boundaries before training starts, rather than trying to catch leaks after deployment. deployment. The system’s policy engine sorts data by sensitivity and uses that to decide what can go into each training dataset, blocking any uncleared data, no matter how the training job asks for it.
This is what secure AI factories look like in real life: instead of just building a perimeter defense around an AI system, there is a governance layer built into the data infrastructure itself.
What the NetApp and Cisco FlexPod AI Data Engine Infrastructure Needs From Enterprise Teams
NetApp and Cisco FlexPod AI data engine infrastructure guide asks organizations to do something most IT departments have put off: create a formal data inventory with sensitivity labels for each asset before any AI workloads use it. This requirement brings to light governance gaps in corporate data management that have existed for years. Most big companies have decades of data stored without appropriate classification. Switching to a secure AI factory setup forces this classification work, which may be expensive and uncomfortable for organizations, especially when it shows that some data has been stored, shared, or accessed beyond its original consent or regulatory limits.
Enterprise Security architecture teams that see this as just an infrastructure project may not realize what it really takes. The hardware and software are ready to use, but the real challenge is the ongoing discipline needed to classify, manage, and audit the data going into AI systems. That is where most companies will find the real work starts.
The companies that complete that work first will operate AI infrastructure that regulators and auditors can properly review. As AI governance laws advance in the U.S., the EU, and Asia-Pacific, the ability to audit systems may become just as important as the AI features themselves. NetApp and Cisco built the vault, but it is up to each company to fill it the right way.
