Broadcom Inc. said today it’s transforming its VMware Cloud Foundation 9.0 software into an artificial intelligence-native platform, giving developers a secure, modern and private cloud infrastructure that’s geared for the development of sophisticated AI applications and agents.

At VMware Explore 2025 in Las Vegas, the company announced the addition of VMware Private AI Services as a standard component of VCF 9.0, paving the way for organizations to design, deploy, run and govern AI models on private infrastructure.

VMware Cloud Foundation is one of the most popular tools for designing, building and managing private clouds, integrating compute, storage and networking resources into a single platform. With the launch of VCF 9.0 in June, Broadcom said it’s embracing a vision of a more modular and programmable private cloud.

It’s aiming to deliver a more integrated, secure and developer-friendly experience that looks and feels just like the public cloud, not just in how it’s delivered by also how it’s secured and scaled. As such, that means greater automation, more application programming interfaces and better visibility into performance and cost.

Private clouds for AI workloads

With today’s announcement, it becomes clear that it also means more AI compatibility. The addition of VMware Private AI Services means VCF 9.0 can now be used as a platform for Private AI, where developers can find everything they need to get started building, and later deploy AI models and AI agents.

VMware Private AI Services will launch early next year and span everything from fine-tuning to inference, with capabilities such as graphics processing unit monitoring, an AI model store, a model runtime, agent builder, vector database and data indexing and retrieval services, all available as part of the broader VCF 9.0 subscription. Developers will also be aided by a generative AI assistant called VCF Intelligent Assist, available in preview now, to help diagnose and resolve infrastructure problems.

VCF 9.0 also gets support for the Model Context Protocol, enabling AI agents to tap into external data sources and tools and use them to collaborate with other agents, as well as a multi-accelerator model runtime that supports the flexible deployment of AI models on GPUs from Advanced Micro Devices Inc. and Nvidia Corp. In addition, customers will get access to multi-tenant models-as-a-service, which helps to lower costs by securely sharing AI models across tenants or separate lines of business.

Streamlined infrastructure delivery

Broadcom said it wants developers to embrace VCF 9.0 as a single, unified platform for both AI and non-AI workloads, and to that end it has also announced a host of new updates that aim to speed up infrastructure delivery.

For instance, VMware vSAN, a software-defined storage solution that combines local storage from multiple servers into a single shared storage pool, now gets native support for Amazon S3 compatible object storage interfaces. This, it said, will enable unstructured data to be stored on vSAN directly without any proprietary hardware or third-party licensing, so organizations can create unified storage policies for block, file and object storage and reduce storage infrastructure complexity.

VCF 9.0 is also integrating with GitOps, Argo CD and Istio to secure application delivery, using Git as a source of truth for Kubernetes. It means developers will be able to store both their infrastructure and apps as code in Git, and use Argo CD to automate consistent deployments. Meanwhile, the Istio Service Mesh provides zero-trust networking, traffic control and observability for containers, which host the components of applications.

Another change sees Broadcom expand its partnership with the Ubuntu developer Canonical Ltd. Customers will automatically be able to use the Ubuntu operating system with their private clouds with full enterprise support, including expedited security patch management and enhanced security. They’ll also get the option to use “chiseled containers” based on lighter images that consume less storage space, thereby helping to optimize resource consumption.

Finally, Ubuntu also supports faster AI deployments with its precompiled virtualized GPU drivers for air-gapped environments. These eliminate the need for on-node driver compilation in order to optimize performance.

VMware Cloud Foundation Senior Vice President and General Manager Krish Prasad said enterprises are increasingly building out private clouds to support more cost-efficient AI deployments.

“With VMware Cloud Foundation, infrastructure and cloud operators get the cost and operational benefits of virtualization for AI workloads without sacrificing performance,” he said. “Developers get access to native AI services delivered directly from the private cloud platform for a frictionless experience.”

Automated compliance and stronger security

Whenever companies push out major software updates, they usually do a lot of work on the security side too, and Broadcom did not disappoint in this regard. Along with VMware Private AI Services, VCF 9.0 gets an all-new Cyber Compliance Advanced Service, which integrates various third-party technologies to handle policy management, enhance infrastructure security and boost resilience. In addition, Broadcom said, it’s updating VMware’s vDefend security and Avi Load Balancer products.

Cyber Compliance Advanced Service is based on VCF SaltStack and adds integrated compliance operations that can be accessed directly from the VCF operations console. It’s said to provide real-time application and infrastructure monitoring and automatic remediation capabilities. According to Broadcom, this means industry-specific compliance operations can now be fully automated.

VMware Defend gets new capabilities including zero-trust-based lateral security for AI and agentic workloads running on VCF to address the new attack surface they create, securing both communication paths and access controls. It also gets new automated controls for accelerating the implementation of zero trust security, plus extended threat detection tools based on a Network Detection and Response sensor that can be deployed directly within existing monitoring fabrics to collect traffic from AI workloads and network devices.

Finally, there’s a new fileless malware defense function, which is designed to target stealthy in-memory attacks that leverage PowerShell, VBScript and Jscript rather than traditional files. It can inspect and intercept malicious scripts before they can be executed, closing a major blind spot in cybersecurity, Broadcom said.

As for the Avi Load Balancer, which is used to deploy a layered threat defense to protect against web-level attacks, this gets support for post-quantum cryptography and cryptographic authentication for client and server connections. It also gets a new web application firewall assessment tool and MCP traffic security for agentic workloads.

Paul Turner, vice president of products at VMware Cloud Foundation, said the new tools provide companies with a unified approach for infrastructure hardening, threat prevention, compliance and cyber recovery. “It inherently eliminates the complexities and vulnerabilities of disparate point solutions,” he said. “We’re taking the next step in simplifying cyber compliance and better protecting AI workloads.”

Image: Broadcom