Network function virtualization architecture with device isolation

What is claimed is: 1. A network system comprising: a central processing unit; a peripheral device in electrical communication with the central processing unit, wherein the peripheral device has at least one power input and a data input; and an out of band controller in electrical communication with the central processing unit, the peripheral device, and an external management interface, wherein responsive to an identified threat the out of band controller is configured to: disable the at least one power input and the data input to the peripheral device, wherein the disablement indicates to the central processing unit that a hot plug event has occurred with respect to the peripheral device; and enable auxiliary power to the peripheral device such that the out of band controller remains in communication with the peripheral device during remediation of the identified threat. 2. The network system of claim 1 , wherein the peripheral device comprises a peripheral component interconnect express (PCIe) device, and wherein the PCIe device has a PCIe card that includes a power management integrated circuit (PMIC) and a buffer. 3. The network system of claim 2 , wherein the out of band controller uses the PMIC to disable the at least one power input to the PCIe device. 4. The network system of claim 2 , wherein the out of band controller uses the buffer to block the data input. 5. The network system of claim 2 , further comprising a system management bus, wherein the PMIC and the out of band controller are connected to the system management bus. 6. The network system of claim 1 , wherein the peripheral component comprises a network interface card (NIC) that is in electrical communication with an external network. 7. The network system of claim 1 , wherein the out of band controller is configured to transmit an alert to the central processing unit in advance of disablement of the at least one power input such that the central processing unit is able to complete a routine involving the peripheral component. 8. The network system of claim 7 , wherein the central processing unit is configured to send a response to the out of band controller in response to the alert, wherein the response indicates that the disablement can proceed. 9. The network system of claim 8 , wherein the out of band controller is configured to proceed with the disablement of the at least power input in response to expiration of a threshold time period following transmission of the alert irrespective of whether the central processing unit sends the response to the out of band controller. 10. The network system of claim 1 , further comprising a hypervisor in electrical communication with the central processing unit, wherein the out of band controller is configured to determine whether the hypervisor is compromised as a result of the identified threat. 11. The network system of claim 10 , wherein the out of band controller is configured to instruct the central processing unit to conduct a test on the hypervisor, wherein results of the test are used by the out of band controller to determine whether the hypervisor is compromised. 12. The network system of claim 10 , wherein the out of band controller instructs the central processing unit to conduct the test by way of a system management bus or by way of a separate communication path between the out of band controller and the central processing unit. 13. A method of responding to threats in a network system, the method comprising: receiving, by an out of band controller, an instruction to disable a peripheral device in response to an identified threat, wherein the peripheral device is in electrical communication with a central processing unit, and wherein the peripheral device has at least one power input and a data input; disabling, by the out of band controller, the at least one power input and the data input to the peripheral device, wherein the disabling indicates to the central processing unit that a hot plug event has occurred with respect to the peripheral device; and enabling, by the out of band controller, auxiliary power to the peripheral device such that the out of band controller remains in communication with the peripheral device during remediation of the identified threat. 14. The method of claim 13 , wherein the peripheral device comprises a peripheral component interconnect express (PCIe) device, wherein the PCIe device has a PCIe card that includes a power management integrated circuit (PMIC), and wherein disabling the at least one power input comprises sending, by the out of band controller, a power input disablement instruction to the PMIC to disconnect the at least one power input. 15. The method of claim 14 , wherein the PCIe card includes a buffer, and wherein disabling the data input comprises sending, by the out of band controller, a data input disablement instruction to the buffer to disconnect the data input. 16. The method of claim 13 , further comprising transmitting, by the out of band controller, an alert to the central processing unit in advance of disablement of the at least one power input such that the central processing unit is able to complete a routine involving the peripheral component. 17. The method of claim 13 , wherein the central processing unit is in electrical communication with a hypervisor, and further comprising determining, by the out of band controller, whether the hypervisor is compromised as a result of the identified threat. 18. The method of claim 17 , wherein determining whether the hypervisor is compromised comprises: instructing the central processing unit to conduct a test on the hypervisor; and analyzing a result of the test to determine whether the hypervisor is compromised. 19. The method of claim 17 , further comprising instructing, by the out of band controller, at least one of the central processing unit and the hypervisor to rebuild one or more compromised virtual machines. 20. The method of claim 13 , wherein the instruction to disable the peripheral device is received by the out of band controller from an operator device through an external management interface. 21. A non-transitory computer-readable storage medium having computer-readable instructions stored thereon that, upon execution by one or more processors in a network system, result in operations comprising: processing an instruction to disable a peripheral device in response to an identified threat, wherein the peripheral device is in electrical communication with a central processing unit, and wherein the peripheral device has at least one power input and a data input; disabling the at least one power input and the data input to the peripheral device, wherein the disabling indicates to the central processing unit that a hot plug event has occurred with respect to the peripheral device; and enabling auxiliary power to the peripheral device such that the out of band controller remains in communication with the peripheral device during remediation of the identified threat. 22. The non-transitory computer-readable storage medium of claim 21 , wherein disabling the at least one power input comprises sending a power input disablement instruction to a power management integrated circuit (PMIC) to disconnect the at least one power input. 23. The non-transitory computer-readable storage medium of claim 21 , wherein disabling the data input comprises sending a data input disablement instruction to a buffer associated with the periphe