The east-west security blind spot in GPU cloud builds (and why you can’t “add it later”)
I’ve been the infrastructure manager on the receiving end of a “completed” platform handoff: the kit is racked, the fabric is flying, the benchmarks look great, and everyone wants to move on.
In GPU-first data centre builds, that moment is happening at scale. Fabrics are tuned for raw throughput (RDMA/RoCE, lossless Ethernet, PFC/ECN), validated, and handed over to a neocloud operator.
Then, a week later, someone asks the question that wasn’t in the build checklist:
“How do you isolate tenants and prove east-west security?”
And the honest answer is often:
“VLANs… and we’ll be careful.”
That’s not a posture. It’s a future incident report.