Alan Shimel sits down with Umesh Mahajan, VP & GM of the Application Networking and Security Division at Broadcom, for a candid conversation about what it really takes to secure the private cloud in the era of frontier AI.

Umesh explains why the classic perimeter-and-insurance security posture is collapsing now that attackers can spin up AI agents to carpet-bomb environments in parallel, compromising hosts in 30 minutes instead of six months. He makes the case that signature-based deep packet inspection, micro-segmentation and defense-in-depth — the "old faithfuls" of security — have become urgent again, but only when delivered as a single integrated stack rather than stitched together from five vendors.

He walks through VMware vDefend, Broadcom's full lateral-security platform built directly into the ESXi hypervisor for VMware Cloud Foundation. Because vDefend's data plane runs at the hypervisor level and plugs seamlessly into vSphere, customers get 100% east-west visibility, integrated distributed firewall, IDS/IPS, NDR, advanced threat protection and virtual patching — without bolting on appliances or sending traffic out for inspection. Umesh also explains how Broadcom is doubling firewall and load-balancing throughput every other year through a distributed, software-defined architecture that scales with workloads rather than against them.

The centerpiece of the conversation is the DFW 1-2-3-4 prescriptive model: step 1 — visibility and scoring on existing distributed firewall data; step 2 — infrastructure services hygiene (DNS, LDAP, NTP); step 3 — macro-segmentation and zoning; step 4 — true micro-segmentation. The result: a zero trust journey that used to take a year of services engagements can now be executed in weeks, and as little as three days with a top architect.

Umesh and Alan close with a sharp warning: with frontier AI accelerating the threat landscape, enterprises that wait until next year to modernize their lateral security will, with high probability, be attacked. The time to move is now.