Check Point unveils blueprint for private AI security
Check Point has released an AI Factory Security Architecture Blueprint for private AI infrastructure, describing it as a tested design that spans security from hardware to applications.
The blueprint is aimed at organisations building private AI environments around GPU clusters, training systems, inference workloads and proprietary models. As spending on private AI infrastructure rises, these environments are becoming more exposed while security design struggles to keep pace with deployment.
Presented as a reference architecture for AI data centres rather than a single product, the blueprint covers four layers: perimeter security, application and large language model protection, infrastructure security, and workload and container controls.
At the network edge, the design uses Check Point Maestro Hyperscale Firewall for Zero Trust Network Access, segmentation and policy enforcement. This layer is intended to manage north-south traffic entering AI environments from external users, internet sites and enterprise networks.
At the application layer, the architecture uses Check Point AI Agent Security to protect inference application programming interfaces and large language model endpoints. The tools are designed to address prompt injection, data exfiltration, adversarial queries and API abuse, which Check Point argues are not fully covered by conventional web application firewalls.
Infrastructure security is built around an integration with NVIDIA BlueField data processing units through the NVIDIA DOCA software platform. This allows firewall and threat prevention functions to sit directly in the infrastructure layer, inspecting traffic and applying security controls without drawing on CPU or GPU resources used for AI workloads.
For workloads and containers, the design relies on integrations with third-party microsegmentation products. This is intended to limit east-west movement inside Kubernetes clusters and isolate compromised containers before problems spread across inference environments.
Rising exposure
The launch reflects a broader shift as companies seek more control over how AI systems are hosted and managed. Many businesses are moving sensitive AI work into private environments to protect intellectual property, address data sovereignty rules or reduce public cloud costs.
That shift has created new security demands. AI environments combine GPU servers, data lakes, orchestration tools and inference interfaces in ways that differ from traditional enterprise infrastructure, creating openings for attacks such as training data poisoning, model theft, supply chain compromise and lateral movement between workloads.
Check Point said its framework follows the principle that AI systems should be secure by design. In practice, that means building security controls into the underlying fabric, hardware and orchestration layer from the outset rather than adding them after systems go live.
The company also tied the blueprint to governance and compliance requirements, saying the architecture maps to the NIST AI Risk Management Framework and Gartner AI TRiSM while supporting policy enforcement and audit requirements associated with the EU AI Act, GDPR, HIPAA, PCI-DSS and ISO 42001.
That compliance emphasis is likely to resonate with companies building internal AI platforms in regulated sectors, where traceability and control over data flows can matter as much as model performance. Security suppliers are increasingly framing AI protection not only as a cyber issue but also as a governance and operational risk challenge.
More than 100,000 organisations use Check Point products worldwide. The company has been expanding its focus on AI security as customers look for ways to secure model training, inference and the infrastructure that supports both.
"AI infrastructure has become one of the most valuable and vulnerable assets in the enterprise," said Nataly Kremer, Chief Product Officer, Check Point.
"The AI Factory Security Blueprint is how we help organisations protect those investments - not as an afterthought, but from the ground up, through every layer of the stack," Kremer said.