>>Hey everyone, welcome to this event, HPE Compute Security. I'm your host, Lisa Martin. Kevin Dee joins me next Senior director, future Surfer Architecture at hpe. Kevin, it's great to have you back on the program. >>Thanks, Lisa. I'm glad to be here. >>One of the topics that we're gonna unpack in this segment is, is all about cybersecurity. And if we think of how dramatically the landscape has changed in the last couple of years, I was looking at some numbers that H P V E had provided. Cybercrime will reach 10.5 trillion by 2025. It's a couple years away. The average total cost of a data breach is now over 4 million, 15% year over year crime growth predicted over the next five years. It's no longer if we get hit, it's when it's how often. What's the severity? Talk to me about the current situation with the cybersecurity landscape that you're seeing. >>Yeah, I mean the, the numbers you're talking about are just staggering and then that's exactly what we're seeing and that's exactly what we're hearing from our customers is just absolutely key. Customers have too much to lose. The, the dollar cost is just, like I said, staggering. And, and here at HP we know we have a huge part to play, but we also know that we need partnerships across the industry to solve these problems. So we have partnered with, with our, our various partners to deliver these Gen 11 products. Whether we're talking about partners like a M D or partners like our Nick vendors, storage card vendors. We know we can't solve the problem alone. And we know this, the issue is huge. And like you said, the numbers are staggering. So we're really, we're really partnering with, with all the right players to ensure we have a secure solution so we can stay ahead of the bad guys to try to limit the, the attacks on our customers. >>Right. Limit the damage. What are some of the things that you've seen particularly change in the last 18 months or so? Anything that you can share with us that's eye-opening, more eye-opening than some of the stats we already shared? >>Well, there, there's been a massive number of attacks just in the last 12 months, but I wouldn't really say it's so much changed because the amount of attacks has been increasing dramatically over the years for many, many, many years. It's just a very lucrative area for the bad guys, whether it's ransomware or stealing personal data, whatever it is, it's there. There's unfortunately a lot of money to be made into it, made from it, and a lot of money to be lost by the good guys, the good guys being our customers. So it's not so much that it's changed, it's just that it's even accelerating faster. So the real change is, it's accelerating even faster because it's becoming even more lucrative. So we have to stay ahead of these bad guys. One of the statistics of Microsoft operating environments, the number of tax in the last year, up 50% year over year, that's a huge acceleration and we've gotta stay ahead of that. We have to make sure our customers don't get impacted to the level that these, these staggering number of attacks are. The, the bad guys are out there. We've gotta protect, protect our customers from the bad guys. >>Absolutely. The acceleration that you talked about is, it's, it's kind of frightening. It's very eye-opening. We do know that security, you know, we've talked about it for so long as a, as a a C-suite priority, a board level priority. We know that as some of the data that HPE e also sent over organizations are risking are, are listing cyber risks as a top five concern in their organization. IT budgets spend is going up where security is concerned. And so security security's on everyone's mind. In fact, the cube did, I guess in the middle part of last, I did a series on this really focusing on cybersecurity as a board issue and they went into how companies are structuring security teams changing their assumptions about the right security model, offense versus defense. But security's gone beyond the board, it's top of mind and it's on, it's in an integral part of every conversation. So my question for you is, when you're talking to customers, what are some of the key challenges that they're saying, Kevin, these are some of the things the landscape is accelerating, we know it's a matter of time. What are some of those challenges and that they're key pain points that they're coming to you to help solve? >>Yeah, at the highest level it's simply that security is incredibly important to them. We talked about the numbers. There's so much money to be lost that what they come to us and say, is security's important for us? What can you do to protect us? What can you do to prevent us from being one of those statistics? So at a high level, that's kind of what we're seeing at a, with a little more detail. We know that there's customers doing digital transformations. We know that there's customers going hybrid cloud, they've got a lot of initiatives on their own. They've gotta spend a lot of time and a lot of bandwidth tackling things that are important to their business. They just don't have the bandwidth to worry about yet. Another thing which is security. So we are doing everything we can and partnering with everyone we can to help solve those problems for customers. >>Cuz we're hearing, hey, this is huge, this is too big of a risk. How do you protect us? And by the way, we only have limited bandwidth, so what can we do? What we can do is make them assured that that platform is secure, that we're, we are creating a foundation for a very secure platform and that we've worked with our partners to secure all the pieces. So yes, they still have to worry about security, but there's pieces that we've taken care of that they don't have to worry about and there's capabilities that we've provided that they can use and we've made that easy so they can build su secure solutions on top of it. >>What are some of the things when you're in customer conversations, Kevin, that you talk about with customers in terms of what makes HPE E'S approach to security really unique? >>Well, I think a big thing is security is part of our, our dna. It's part of everything we do. Whether we're designing our own asics for our bmc, the ilo ASIC ILO six used on Gen 11, or whether it's our firmware stack, the ILO firmware, our our system, UFI firmware, all those pieces in everything we do. We're thinking about security. When we're building products in our factory, we're thinking about security. When we're think designing our supply chain, we're thinking about security. When we make requirements on our suppliers, we're driving security to be a key part of those components. So security is in our D N a security's top of mind. Security is something we think about in everything we do. We have to think like the bad guys, what could the bad guy take advantage of? What could the bad guy exploit? So we try to think like them so that we can protect our customers. >>And so security is something that that really is pervasive across all of our development organizations, our supply chain organizations, our factories, and our partners. So that's what we think is unique about HPE is because security is so important and there's a whole lot of pieces of our reliance servers that we do ourselves that many others don't do themselves. And since we do it ourselves, we can make sure that security's in the design from the start, that those pieces work together in a secure manner. So we think that gives us a, an advantage from a security standpoint. >>Security is very much intention based at HPE e I was reading in some notes, and you just did a great job of talking about this, that fundamental security approach, security is fundamental to defend against threats that are increasingly complex through what you also call an uncompromising focus to state-of-the-art security and in in innovations built into your D N A. And then organizations can protect their infrastructure, their workloads, their data from the bad guys. Talk to us briefly in our final few minutes here, Kevin, about fundamental uncompromising protected the value in it for me as an HPE customer. >>Yeah, when we talk about fundamental, we're talking about the those fundamental technologies that are part of our platform. Things like we've integrated TPMS and sorted them down in our platforms. We now have platform certificates as a standard part of the platform. We have I dev id and probably most importantly, our platforms continue to support what we really believe was a groundbreaking technology, Silicon Root of trust and what that's able to do. We have millions of lines of firmware code in our platforms and with Silicon Root of trust, we can authenticate all of those lines of firmware. Whether we're talking about the the ILO six firmware, our U E I firmware, our C P L D in the system, there's other pieces of firmware. We authenticate all those to make sure that not a single line of code, not a single bit has been changed by a bad guy, even if the bad guy has physical access to the platform. >>So that silicon route of trust technology is making sure that when that system boots off and that hands off to the operating system and then eventually the customer's application stack that it's starting with a solid foundation, that it's starting with a system that hasn't been compromised. And then we build other things into that silicon root of trust, such as the ability to do the scans and the authentications at runtime, the ability to automatically recover if we detect something has been compromised, we can automatically update that compromised piece of firmware to a good piece before we've run it because we never want to run firmware that's been compromised. So that's all part of that Silicon Root of Trust solution and that's a fundamental piece of the platform. And then when we talk about uncompromising, what we're really talking about there is how we don't compromise security. >>And one of the ways we do that is through an extension of our Silicon Root of trust with a capability called S Spdm. And this is a technology that we saw the need for, we saw the need to authenticate our option cards and the firmware in those option cards. Silicon Root Prota, Silicon Root Trust protects against many attacks, but one piece it didn't do is verify the actual option card firmware and the option cards. So we knew to solve that problem we would have to partner with others in the industry, our nick vendors, our storage controller vendors, our G vendors. So we worked with industry standards bodies and those other partners to design a capability that allows us to authenticate all of those devices. And we worked with those vendors to get the support both in their side and in our platform side so that now Silicon Rivers and trust has been extended to where we protect and we trust those option cards as well. >>So that's when, when what we're talking about with Uncompromising and with with Protect, what we're talking about there is our capabilities around protecting against, for example, supply chain attacks. We have our, our trusted supply chain solution, which allows us to guarantee that our server, when it leaves our factory, what the server is, when it leaves our factory, will be what it is when it arrives at the customer. And if a bad guy does anything in that transition, the transit from our factory to the customer, they'll be able to detect that. So we enable certain capabilities by default capability called server configuration lock, which can ensure that nothing in the server exchange, whether it's firmware, hardware, configurations, swapping out processors, whatever it is, we'll detect if a bad guy did any of that and the customer will know it before they deploy the system. That gets enabled by default. >>We have an intrusion detection technology option when you use by the, the trusted supply chain that is included by default. That lets you know, did anybody open that system up, even if the system's not plugged in, did somebody take the hood off and potentially do something malicious to it? We also enable a capability called U EFI secure Boot, which can go authenticate some of the drivers that are located on the option card itself. Those kind of capabilities. Also ilo high security mode gets enabled by default. So all these things are enabled in the platform to ensure that if it's attacked going from our factory to the customer, it will be detected and the customer won't deploy a system that's been maliciously attacked. So that's got >>It, >>How we protect the customer through those capabilities. >>Outstanding. You mentioned partners, my last question for you, we've got about a minute left, Kevin is bring AMD into the conversation, where do they fit in this >>AMD's an absolutely crucial partner. No one company even HP can do it all themselves. There's a lot of partnerships, there's a lot of synergies working with amd. We've been working with AMD for almost 20 years since we delivered our first AM MD base ProLiant back in 2004 H HP ProLiant, DL 5 85. So we've been working with them a long time. We work with them years ahead of when a processor is announced, we benefit each other. We look at their designs and help them make their designs better. They let us know about their technology so we can take advantage of it in our designs. So they have a lot of security capabilities, like their memory encryption technologies, their a MD secure processor, their secure encrypted virtualization, which is an absolutely unique and breakthrough technology to protect virtual machines and hypervisor environments and protect them from malicious hypervisors. So they have some really great capabilities that they've built into their processor, and we also take advantage of the capabilities they have and ensure those are used in our solutions and in securing the platform. So a really such >>A great, great partnership. Great synergies there. Kevin, thank you so much for joining me on the program, talking about compute security, what HPE is doing to ensure that security is fundamental, that it is unpromised and that your customers are protected end to end. We appreciate your insights, we appreciate your time. >>Thank you very much, Lisa. >>We've just had a great conversation with Kevin Depu. Now I get to talk with David Chang, data center solutions marketing lead at a md. David, welcome to the program. >>Thank, thank you. And thank you for having me. >>So one of the hot topics of conversation that we can't avoid is security. Talk to me about some of the things that AMD is seeing from the customer's perspective, why security is so important for businesses across industries. >>Yeah, sure. Yeah. Security is, is top of mind for, for almost every, every customer I'm talking to right now. You know, there's several key market drivers and, and trends, you know, in, out there today that's really needing a better and innovative solution for, for security, right? So, you know, the high cost of data breaches, for example, will cost enterprises in downtime of, of the data center. And that time is time that you're not making money, right? And potentially even leading to your, to the loss of customer confidence in your, in your cust in your company's offerings. So there's real costs that you, you know, our customers are facing every day not being prepared and not having proper security measures set up in the data center. In fact, according to to one report, over 400 high-tech threats are being introduced every minute. So every day, numerous new threats are popping up and they're just, you know, the, you know, the bad guys are just getting more and more sophisticated. So you have to take, you know, measures today and you have to protect yourself, you know, end to end with solutions like what a AM MD and HPE has to offer. >>Yeah, you talked about some of the costs there. They're exorbitant. I've seen recent figures about the average, you know, cost of data breacher ransomware is, is close to, is over $4 million, the cost of, of brand reputation you brought up. That's a great point because nobody wants to be the next headline and security, I'm sure in your experiences. It's a board level conversation. It's, it's absolutely table stakes for every organization. Let's talk a little bit about some of the specific things now that A M D and HPE E are doing. I know that you have a really solid focus on building security features into the EPIC processors. Talk to me a little bit about that focus and some of the great things that you're doing there. >>Yeah, so, you know, we partner with H P E for a long time now. I think it's almost 20 years that we've been in business together. And, and you know, we, we help, you know, we, we work together design in security features even before the silicons even, you know, even born. So, you know, we have a great relationship with, with, with all our partners, including hpe and you know, HPE has, you know, an end really great end to end security story and AMD fits really well into that. You know, if you kind of think about how security all started, you know, in, in the data center, you, you've had strategies around encryption of the, you know, the data in, in flight, the network security, you know, you know, VPNs and, and, and security on the NS. And, and even on the, on the hard drives, you know, data that's at rest. >>You know, encryption has, you know, security has been sort of part of that strategy for a a long time and really for, you know, for ages, nobody really thought about the, the actual data in use, which is, you know, the, the information that's being passed from the C P U to the, the, the memory and, and even in virtualized environments to the, the, the virtual machines that, that everybody uses now. So, you know, for a long time nobody really thought about that app, you know, that third leg of, of encryption. And so a d comes in and says, Hey, you know, this is things that as, as the bad guys are getting more sophisticated, you, you have to start worrying about that, right? And, you know, for example, you know, you know, think, think people think about memory, you know, being sort of, you know, non-persistent and you know, when after, you know, after a certain time, the, the, you know, the, the data in the memory kind of goes away, right? >>But that's not true anymore because even in in memory data now, you know, there's a lot of memory modules that still can retain data up to 90 minutes even after p power loss. And with something as simple as compressed, compressed air or, or liquid nitrogen, you can actually freeze memory dams now long enough to extract the data from that memory module for up, you know, up, up to two or three hours, right? So lo more than enough time to read valuable data and, and, and even encryption keys off of that memory module. So our, our world's getting more complex and you know, more, the more data out there, the more insatiable need for compute and storage. You know, data management is becoming all, all the more important, you know, to keep all of that going and secure, you know, and, and creating security for those threats. It becomes more and more important. And, and again, especially in virtualized environments where, you know, like hyperconverged infrastructure or vir virtual desktop memories, it's really hard to keep up with all those different attacks, all those different attack surfaces. >>It sounds like what you were just talking about is what AMD has been able to do is identify yet another vulnerability Yes. Another attack surface in memory to be able to, to plug that hole for organizations that didn't, weren't able to do that before. >>Yeah. And, you know, and, and we kind of started out with that belief that security needed to be scalable and, and able to adapt to, to changing environments. So, you know, we, we came up with, you know, the, you know, the, the philosophy or the design philosophy that we're gonna continue to build on those security features generational generations and stay ahead of those evolving attacks. You know, great example is in, in the third gen, you know, epic C P U, that family that we had, we actually created this feature called S E V S N P, which stands for SECURENESS Paging. And it's really all around this, this new attack where, you know, your, the, the, you know, it's basically hypervisor based attacks where people are, you know, the bad actors are writing in to the memory and writing in basically bad data to corrupt the mem, you know, to corrupt the data in the memory. So s e V S and P is, was put in place to help, you know, secure that, you know, before that became a problem. And, you know, you heard in the news just recently that that becoming a more and more, more of a bigger issue. And the great news is that we had that feature built in, you know, before that became a big problem. >>And now you're on the fourth gen, those epic crosses talk of those epic processes. Talk to me a little bit about some of the innovations that are now in fourth gen. >>Yeah, so in fourth gen we actually added, you know, on top of that. So we've, we've got, you know, the sec the, the base of our, our, what we call infinity guard is, is all around the secure boot. The, you know, the, the, the, the secure root of trust that, you know, that we, we work with HPE on the, the strong memory encryption and the S E V, which is the secure encrypted virtualization. And so remember those s s and p, you know, incap capabilities that I talked about earlier. We've actually, in the fourth gen added two x the number of sev v s and P guests for even higher number of confidential VMs to support even more customers than before. Right? We've also added more guest protection from simultaneous multi threading or S M T side channel attacks. And, you know, while it's not officially part of Infinity Guard, we've actually added more APEC acceleration, which greatly benefits the security of those confidential VMs with the larger number of VCPUs, which basically means that you can build larger VMs and still be secured. And then lastly, we actually added even stronger a e s encryption. So we went from 128 bit to 256 bit, which is now military grade encryption on top of that. And, you know, and, and that's really, you know, the de facto crypto cryptography that is used for most of the applications for, you know, customers like the US federal government and, and all, you know, the, is really an essential element for memory security and the H B C applications. And I always say if it's good enough for the US government, it's good enough for you. >>Exactly. Well, it's got to be, talk a little bit about how AMD is doing this together with HPE a little bit about the partnership as we round out our conversation. >>Sure, absolutely. So security is only as strong as the layer below it, right? So, you know, that's why modern security must be built in rather than, than, you know, bolted on or, or, or, you know, added after the fact, right? So HPE and a MD actually developed this layered approach for protecting critical data together, right? Through our leadership and, and security features and innovations, we really deliver a set of hardware based features that, that help decrease potential attack surfaces. With, with that holistic approach that, you know, that safeguards the critical information across system, you know, the, the entire system lifecycle. And we provide the confidence of built-in silicon authentication on the world's most secure industry standard servers. And with a 360 degree approach that brings high availability to critical workloads while helping to defend, you know, against internal and external threats. So things like h hp, root of silicon root of trust with the trusted supply chain, which, you know, obviously AMD's part of that supply chain combined with AMD's Infinity guard technology really helps provide that end-to-end data protection in today's business. >>And that is so critical for businesses in every industry. As you mentioned, the attackers are getting more and more sophisticated, the vulnerabilities are increasing. The ability to have a pa, a partnership like H P E and a MD to deliver that end-to-end data protection is table stakes for businesses. David, thank you so much for joining me on the program, really walking us through what am MD is doing, the the fourth gen epic processors and how you're working together with HPE to really enable security to be successfully accomplished by businesses across industries. We appreciate your insights. >>Well, thank you again for having me, and we appreciate the partnership with hpe. >>Well, you wanna thank you for watching our special program HPE Compute Security. I do have a call to action for you. Go ahead and visit hpe com slash security slash compute. Thanks for watching.

perfect all right we're good uh muhammad you ready yeah i have a watery eyes always so i always tell my interviewers or the producers that sometimes it shouldn't there shouldn't be a problem in the 10-minute window but well yeah so do that while i'm talking you'll see it on the return feed it's a little delayed but and most people have tears when they see dave vellante yeah i i have that effect on people thanks for that okay we all said we good leonard why don't you go alex bye-bye yeah alex got the i just got the thumbs up we're good okay muhammad here we go on dave in five four three we continue now with the network powering hybrid work now we just heard from lawrence wang on the rapid move to wi-fi 6e which is going to increase wi-fi efficiency enable routers and devices to more efficiently use bandwidth and that additional spectrum that lawrence talked about that means more wi-fi channels which is really going to help reduce overlap between networks and make a noticeable difference especially in crowded places we're here now with muhammad imam who's senior director of product management for catalyst switching this is a multi-billion dollar business for cisco if you ever listen to cisco's earnings calls you'll hear the cfo scott heron he'll talk about the catalyst 9000 and double-digit growth and switching this is the fastest ramping product in cisco's history so muhammad that's got to make you feel pretty good yes indeed thank you david and thank you for having me here yeah great to have you so uh look catalyst 9000 it's been really successful what does the 9000x bring to the table for your customers yeah absolutely and um indeed the catalyst 9000 family of switches have been extremely popular with our customers as you said fastest ramping product in cisco's history and the last four or five years we have really evolved the catalyst 9000 family of switches to a very comprehensive product portfolio um addressing the various enterprise use cases that that we that we address but now we see increase in demand on the networks and that really stems from some of the most recent trends that we are seeing right part of it is hybrid workspaces is going to be a video dominant hybrid workspace right a lot of cases is going to be high definition 4k 8k videos we are seeing cloud-based applications everywhere right my spreadsheet is used to be on excel sheet now it's either an office 365 or smartsheets my files used to be on my computer now it's on in the dropbox right so these are trends that are really uh putting pressure on our networks we are also seeing trends where vr headsets are becoming common they are being used for trainings and education use cases webex hologram in certain industries we are seeing robotics are becoming more and more popular and they come with a lot of um applications that are very latency sensitive and as lawrence mentioned earlier wi-fi 6e is really making over the year multi gigabit wi-fi possible right and for all of these different trends and the recent technologies that that are evolving we really need the network that can really address and deliver for these applications and that's where we are bringing the catalyst 9000 x that addresses the increase in network demand we are expanding the catalyst 9000 family with top-of-line premium introductions in the access layer of the switches of the network as well as in the aggregation and core layers so we are bringing 400 gig high-speed core and enterprise core and edge layers of the network we are bringing point-to-point ip ipsec security which will give you 100 gig of ipsec encryption um high density of multi-gigabit which is becoming very common as we evolve our wi-fi networks because we don't want our wired infrastructure to be the bottleneck when the wireless infrastructure is capable of going more than a gig high density of 90 watt powering the smart buildings use cases right right um these are all different use cases that are being enabled by the catalyst 9000 and the new getless 9000x family is really addressing some of these new trends and applications well it's good because the metaverse is coming too and we're going to need some help with that right who knows how much bandwidth will need for metabolism absolutely yeah guarantee will be a lot more but so i want to i want to hear more about the the new products that you've just launched and maybe how these offerings are going to help with this new hybrid work model that we've just been discussing absolutely so let me start with the catalyst 9300 we are introducing the catalyst 9300x which is the highest density full multi-gigabit platform with 100 gig uplinks and 90 watt of power on every port available right that's an industry first that we are bringing on the catalyst 9300 family it is also capable of one terabit per second of a stacking which is also unheard of in the industry this will serve our customers with all the new trends that we talked about including the hybrid world um and some of the new trends that are going to come in the next decade but 9300x is not just a high-end campus switch it can also be a lean branch and a box solution where you don't really need an sd van but you do need an encryption point to point from the catalyst 93 from your front branch with the catalyst 9300x to the data center or to the cloud so for the first time we are introducing the ipsec based encryption natively in the hardware and that means no compromise on performance and you can get up to 100 gig of encrypted traffic with the catalyst 9300x second is the catalyst 9400 we are introducing soup 2 and soup 2 xl with 100 gig uplinks enhancing and the the scale and performance giving our customers options for fully loaded line rate multi give it board on a 10 slot chassis right it will give you two to three times bandwidth boost to your existing line cards since it completely removes the over subscriptions and you know the soup 2 on the catalyst 9400 is coming up with the version of the asic that we used in the past on the catalyst 9600 that means it's also bringing the core capabilities that we used that we today have on 9600 on the catalyst 9400 and that brings high density 10 gig um ports on the catalyst 9400 without over subscription right with the core capabilities then we have the catalyst 9600 where we are introducing is supervisor 2 which really triples the bandwidth per slot on the catalyst 98600 it introduces 400 gig uplink and truly drives the transition to 200 gig in the core get 6k customers uh with excel scale requirements now they can transition to the cat 9k with soup 2. and by the way we are also introducing a combo line card on the catalyst 9600 which means now you don't have to burn a whole slot for your uplink pores in fact you can get up to 400 gig of uplink with this new line card um so that's that's a bunch of things that we are bringing on the catalyst 9600 in line with catalyst 9600 we are also introducing catalyst 9500x 100 gig box with 400 gig uplinks in a fixed form factor and all the benefits that i just talked about on the on the supervisor 2 and 9600 it's also available in a fixed form factor on catalyst 9500x got it so that's in summary kind of the multiple uh product lines that we are introducing yeah it's a lot to unpack there i mean your the big theme there of course is optionality you got a lot of choices for customers i love the encrypt everything without a trade-off you know no performance impact and anytime you can reduce my oversubscription it's going to make me happy you know muhammad we've reported in our breaking analysis segments the importance of custom silicon and not every company has the resources or the expertise to develop their own silicon cisco of course does catalyst 9k is bringing silicon 1 based products with this launch tell us more about that why is this important yeah that's really exciting development that we have on the cad 9k family because you know the silicon one is a powerful asic that enables high performance and high scale with modern silicon architecture bringing the architect a converged architecture for switching as well as routing cad 9k as we know has been running on a uadp asic which has been a programmable asic it has served us really well so far on the cat9k family but with the silicon one we are taking it to another level silicon one brings the capabilities of uadp asic and unlocks the excel scale and high performance in the enterprise switches this is a critical and foundational element to meet the core requirement for the next ticket silicon one is a 12.8 terabits per second chip supports up to 10 million routes supports much deeper buffers brings multi-slice voq architectures with this new architecture silicon 1a6 has paved the way to transition the cad 6k xl deployments to cat 9k right so that's kind of the the um the silicon one uh importance in the ket99k family that we are bringing now yeah and it brings differentiation a lot of people kind of sometimes don't appreciate that but but when you have the control like that you can do things that you might not be able to do with off-the-shelf silicon but so but i i want to ask you what about customers that previously purchased from you as you evolve the portfolio to 9k x how do you protect their investment yeah thank you for asking that question because when we started building the cad 9k we always thought about investment protection for our customers so if you buy today how you will have a very long life for that for that product and you will be able to unlock new powers on that platform that you have purchased maybe five years back right that's exactly what we are doing with the catalyst 199000x talking about modular right on the modular side the supervisors that that that we are introducing now are backward compatible with the line cars that you already have in some cases the lime card throughput is doubling and tripling because now you have a new machine that is going to power these line cards right so you don't have to change your line card you just change your supervisor and you have much higher performance and scale with this new supervisor similarly on the stackables you can stack with the existing catalyst 9300s for example and you will be able to you don't have to rip and replace everything it's not a forklift upgrade for our customers you can continue benefiting from your existing catalyst 9000 deployments and add to the power with the catalyst 9000x components as well as new platforms that we are introducing nice that's key this just speaks to the software content that you guys i know you have a lot of software engineers running around and this is welcome to the 2020s folks new world you know i i muhammad zero trust was kind of a buzzword before the pandemic but it's really become a mainstream topic today we talked about the infrastructure we know security has to be built in from the start it can't be bolted on and zero trust is really top of mind for customers how are their security requirements changing as a result of hybrid work and and how do you make sure that as we shift to hybrid that these new security requirements are addressed what are you doing there absolutely and we know as you said security is top of mind for our customers in fact security has been highlighted as the number one reason why a lot of customers pick cisco and cat9k we have a comprehensive zero truss architecture with software defined access where we started with segmentation and expanded into endpoint classification and visibility now we are taking that to the next level and we are introducing talus powered truss assessment for unmanaged endpoints to further make the the workplace is stronger with zero trust and software defined access truss analytics it detects traffic from end points that are exhibiting unusual um behavior by pretending to be um using a mag spoofing or probe is spoofing or man the metal techniques when truss analytics detects such anomalies it signals endpoint analytics to lower the trusted score so we have a trusted score system when when the trusted score goes down it shows up on the dashboard and the network admin can completely deny or limit the access to the network from these endpoints from other security aspect that we are introducing and i touched on that briefly earlier is um for non-sdvan internet only branches where we are where where services security services might be in the cloud right that's a trend that we are seeing to secure that connectivity from a lean branch to the cloud we are introducing the ipsec capability with the catalyst 9300x and that's built in as as we just talked about and as far as the automation is concerned for these use cases they are we are bringing those automation with our command center the cisco dna center and we are bringing the full life cycle of automation as well as assurance for the secure connectivity that is being provided with the with the cisco dna center well a couple takeaways there for me i mean endpoint security has really become much more important up for obvious reasons when you have remote workers the built-in ipsec just that really emphasizes that you got to have it you know built in from the ground up you can't just bolt it on and the automation is key the number one problem that csos face is you know lack of talent so automation you know definitely helps helps with that so okay muhammad thank you so much really appreciate you coming on in a moment we'll look at private 5g and what's been happening at mobile world congress you're watching cube's coverage of the network powering hybrid work made possible by cisco

(intro music playing) >> Hello everyone, and welcome to the power of n where HPE Aruba and Pensando are changing the game, the way customers scale with the cloud, and what's next in the evolution in switching. Hey everyone, I'm John furrier with the cube, and I'm here with Shane Corbin, director of technical product management at Pensando, and William show vice president of product management, Aruba HPE. Gentlemen, thank you for coming on and doing a deep dive and, and going into the, the big news. So the first question I want to ask you guys is um, what do you guys see from a market customer perspective that kicked this project off? um, amazing um, results um, over the past year or so? Where did it all come from? >> No, it's a great question, John. So when we were doing our homework, there were actually three very clear customer challenges. First, security threats were largely spawn with on, within the perimeter. In fact, Forrester highlighted 80% of threats originate within the internal network. Secondly, workloads are largely distributed creating a ton of east-west traffic. And then lastly, network services such as firewalls, load balancers, VPN aggregators are expensive, they're centralized, and they ultimately result in service chaining complexity. >> John: So, so, >> John: Go ahead, Shane. >> Yeah. Additionally, when we spoke to our customers after launching initially the distributed services platform, these compliance challenges clearly became apparent to us and while they saw the architecture value of adopting what the largest public cloud providers have done by putting a smart NIC in each compute node to provide these stateful services. Enterprise customers were still, were struggling with the need to upgrade fleets and brown field servers and the associated per node cost of adding a smart NIC to every compute node. Typically the traffic volumes for on a per node basis within an enterprise data center are significantly lower than cloud. Thus, we saw an opportunity here to, in conjunction with Aruba, develop a new category of switching product um, to share the processing capabilities of our unique intellectual property around our DPU across a rack of servers that net net delivers the same set of services through a new category of platform, enabling a distributed services architecture, and ultimately addressing the compliance and TCO generating huge TCO and ROI for customers. >> You know, one of the things that we've been reporting on with you guys, as well as the cloud scale, this is the volume of data and just the performance and scale. I think the timing of the, of this partnership and the product development is right on point. And you've got the edge right around the corner, more, more distributed nature of cloud operations, huge, huge change in the marketplace. So great timing on the origination story there. Great stuff. Tell me more about the platform itself, the details, what's under the hood, the hardware OS, what are the specs? >> Yeah, so we started with a very familiar premise. Rubik customers are already leveraging CX with an edge to cloud common operating model, in deploying leaf and spine networks. Plus we're excited to introduce the industry's first distributed services switch, where the first configuration has 48-25 gig ports with a hundred gig couplings running Aruba CX cloud native operating system, Pensando Asic's software inside, enabling layer four through six, seven stateful services. Shane, do you want to elaborate on. >> Yeah, let me elaborate on that a little bit further, um, you know, as we spoke existing platforms and how customers were seeking to address these challenges were, are inherently limited by the ASIC dye size, and that does limit their scale and performance and ability in traditional switching platforms to deliver truly stateful functions in, in, in a switching platform, this was, you know, architecturally from the ground up, when we developed our DPU, first and second generation, we delivered it, or we, we built it with stateful services in mind from the get-go, we leveraged the clean state design with our P four program with DPU. We evolved to our seven nanometers based pro DPU right now, which is essentially enabling software and Silicon. And this has generated a new level of performance scale, flexibility and capability in terms of services. This serves as the foundation for our 200 gig card, were we taking the largest cloud providers into production for. And the DPU itself is, is designed inherently to process stage, track stateful connections, and stateful flow is at very, very large scale without impacting performance. And in fact, the two of these DPU components server disk, services foundation of the CX 10 K, and this is how we enable stateful functions in a switching platform functions like stateful network fire-walling, stateful segmentation, enhanced programmable telemetry, which we believe will bring a whole lot of value to our customers. And this is a platform that's inherently programmable from the ground up. We can, we can build and leverage this platform to build new use cases around encryption, enabling stateful load balancing, stateful NAT to name a few, but, but the key message here is, this is, this is a platform with the next generation of architecture's in mind, is programmed, but at all, there's the stack, and that's what makes it fundamentally different than anything else. >> I want to just double click on that if you don't mind, before we get to the competitive question, because I think you brought up the state thing. I think this is worth calling out, if you guys don't mind commenting more on this states issue, because this is big. Cloud native developers right now, want speed, they're shifting left at the CICD pipeline with programmability. So going down and having the programmability, and having state is a really big deal. Can you guys just expand on that a little bit more and why it's important and, and how hard it really is to pull off? >> I, I can start, I guess, um, it's very hard to pull off because of the sheer amount of connections you need to track when you're developing something like a stateful firewall or a stateful load balancer, a key component of that is managing the connections at very, very large scale and understanding what's happening with those connections at scale, without impacting application performance. And this is fundamentally different at traditional switching platform, regardless of how it's deployed today in Asics, don't typically process and manage state like this. Um, memory resources within the chip aren't sufficient, um, the policy scale that you can um, implement on a platform aren't sufficient to address and fundamentally enable deployable firewalling, or load balancing, or other stateful services. >> That's exactly right. And so the other kind of key point here is that, if you think about the sophistication of different security threats, it does really require you to be able to look at the entire packet, and, and more so be able to look at the entire flow and be able to log that history, so that you can get much better heuristics around different anomalies, security threats that are emerging today. >> That's a great, great point. Thanks for, for, um, bringing that extra, extra point out. I would just add to this, we're reporting this all the time on Silicon angle in the cube is that, you know, the, you know, the, the automation wave that's coming with around data, you know, it's a center of data, not data centers we heard earlier on with the, in, in, in the presentation. Data drives automation, having that enabled with the state is a real big deal. So, I think that's really worth calling out. Now, I've got to ask the competition question, how is this different? I mean, this is an evolution. I would say, it's a revolution. You guys are being being humble, um, but how is this different from what customers can deploy today? >> Architecturally, if you take a look at it. We've, we've spoken about the technology and fundamentally in the platform what's unique, in the architecture, but, foundationally when customers deploy stateful services they're typically deployed leveraging traditional big box appliances for east-west our workload based agents, which seek to implement stateful security for each east-west. Architecturally what we're enabling is stateful services like firewalling, segmentation, can scale with the fabric and are delivered at the optimal point for east west which is through leaf for access layer of the network. And we do this for any type of workload. Be it deployed on a virtualized compute node, be a deployed on a containerized worker node, be deployed on bare metal, agnostic up typology, it can be in the access layer of a three tier design and a data center. It can be in the leaf layer of a VX VPN based fabric, but the goal is an all centrally managed to a single point of orchestration and control of which William will talk about shortly. The goal of this is to drive down the TCO of your data center as a whole, by allowing you to retire legacy appliances that are deployed in an east-west roll, and not utilize host based agents, and thus save a whole lot of money and we've modeled on the order of 60 to 70% in terms of savings in terms of the traditional data center pod design of a thousand compute nodes which we'll be publishing. And as, as we go forward additional services, as we mentioned, like encryption, this platform has the capability to terminate up to 800 gigs of our line rates encryption, IP sec, VPN per platform, stateful Nat load balancing, and this is all functionality we'll be adding to this existing platform because it's programmable as we've mentioned from the ground up. >> What are some of the use cases lead? And what's the top use cases, what's the low hanging fruit and where does this go? You've got service providers, enterprises. What are the types of customers you guys see implementing? >> Yeah, that's, what's really exciting about the CX 10,000. We actually see customer interest from all types of different markets, whether it be higher education, service providers to financial services, basically all enterprises verticals with private cloud or edge data centers. For example, it could be a hospital, a big box retailer, or a colon such as Iniquinate So it's really the CX 10,000 that creates a new switching category, enabling stateful services in that leaf node right at the workload, unifying network and security automation policy management. Second, the CX 10,000 greatly improves security posture and eliminates the need for hair-pinning east-west traffic all the way back to the centralized deployments. Lastly, As Shane highlighted, there's a 70% TCO savings by eliminating that appliance sprawl and ultimately collapsing the network security operations. >> I love the category creation um, vibe here. Love it. And also the technical and the cloud alignment's great. But how do the customers manage all this? Okay, I got a new category. I just put the box in, throw away some other ones? I mean, how does this all get done? And how does the customers manage all this? >> Yeah, so we're, we're looking to build on top of the river fabric composer. It's another familiar site for our customers, and what's already provides for compute storage and network automation, with a broad ecosystem integrations, such as VMware vSphere Vcenter as with Nutanix prism and so aligned with the CX 10,000 FGA, now you have a fabric composer, unified security and policy orchestration, and management with the ability to find firewall policies efficiently and provide that telemetry to collect your such a Splunk. >> John: So the customer environments right now involve a lot of multi-vendor and new frameworks, obviously, cloud native. How does this fit into the customer's existing environment with the ecosystem? How do they get, get going here? >> Yeah, great question. Um, Our customers can get going as we, we've built a flexible platform that can be deployed in either Greenfield or brownfield. Obviously it's a best of breed architecture for distributed services we're building in conjunction with Aruba. But if customers want to gradually integrate this into their existing environments and they're using other vendors, spines or cores, this can be inserted seamlessly as, as a lead for an access, access tier switch to deliver the exact same set of services within that architecture. So it plugs seamlessly in because it supports all the standard control plan protocols, a VX 90 VPN, and a traditional attitude, three tier designs easily. Now, for any enterprise solution deployment, it's critical that you build a holistic ecosystem around it. It's clear that, this will get customer deployments and the ecosystem being diverse and rich is very, very important. And as part of our integrations with the controller, we're building a broad suite of integrations across threat detection, application dependency mapping, Siemens sooam, dev ops infrastructure as code tools. (inaudible) And it's clear if you look at these categories of integrations, you know, XDR or threat detection requires full telemetric from within the data center, it's been hard to accomplish to date because you typically need agents on, on your compute nodes to give you the visibility into what's going on or firewalls for east west fuels. Now, our platform can natively provide full visibility into all flows east- west in the data center. And this can become the source of telemetry truth that these MLX CR engines require to work. The other aspects of ecosystem around application dependency mapping, this single core challenge with deploying segmentation east west is understanding the rules to put in & Right, first is how do you insert the service, um, service device in such a way that it won't add more complexity? We don't add any complexity because we're in line natively. How you would understand it, would allow you to build the rules that are necessary to do segmentation. We integrate with tools like Guardi core, we provide our flogs as source of data, and they can provide room recommendations and policy recommendations for customers. Around, we're building integrations around Siemen soam with, with tools like Splunk and elastic, elastic search that will allow NetOps and SecOps teams to visualize trend and manage the services delivered by the CX 10 K. And the other aspect of ecosystem, from a security standpoint is clearly how do I get policy for these traditional appliances and enforce them on this next generation architecture that you've built, that can enable stateful services. So we're building integrations with tools like turf and an algo sec third-party sources of policy that we can ingest and enforce on the infrastructure, allowing you to gradually, um, migrate to this new architecture over time. >> John: It's really a cloud native switch. I mean, you solve people's problems, pin- points, but yet positioned for growth. I mean, it sounds that's my takeaway, but I got to ask you guys both, what's the takeaway for the customers because it's not that simple for them, I mean it's, we a have complicated environment. (all giggling) >> Yeah, I think it's, I think it's really simple, um, you know, every 10 years or so, we see major evolutions in the data center and the switching environment, but we do believe we've created a new category with the distributed services, distributed services switch, delivering cloud scale distributed services, where the local, where the workloads reside greatly, simplifying network, security provisioning, and operations with the urban fabric composer while improving security posture and the TCO. But that's not all the folks, it's a journey, right Shane? >> Yeah, it's absolutely a journey. And this is the first step in a long journey with a great partner like Aruba. There's other platforms, hundred or 400 gig hardware platforms where we're looking at and then this additional services that we can enable over time, allowing customers to drive even more TCO value out of the platform of the architecture services like encryption for securing the cloud on-ramp, services like stateful load balancing to deploy east-west in the data center and, you know, holistically that's, that's the goal, deliver value for customers. And we believe we have an architecture and a platform, and this is a first step in a long journey. >> It's a great way of, I just ask one final, final question for both of you as product leaders, you got to be excited having a category creation product here in this market, this big wave, but what's your thoughts? >> Yeah, exactly right, it doesn't happen that often, and so we're, we're all in it's, it's exciting to be able to work with a great team like Pensando and Shane here. Um, so we're really, really excited about this launch. >> Yeah, it's awesome. The team is great. It's a great partnership between Pensando and Aruba. You know, we, we look forward to delivering value for our joint customers. >> John: Thank you both for sharing under the hood and more details on the product. Thanks for coming on. >> [William And Shane] Thank you. >> Okay. The next evolution in switching, I'm John Furrier here with the power of nHPE Aruba and Pensando changing the game, the way customers scale up in the cloud and networking. Thanks for watching. (music playing)

from the cube studios in palo alto in boston bringing you data-driven insights from the cube and etr this is breaking analysis with dave vellante aws is pointing the way to a revolution in system architecture much in the same way that aws defined the cloud operating model last decade we believe it is once again leading in future systems design the secret sauce underpinning these innovations is specialized designs that break the stranglehold of inefficient and bloated centralized processing and allows aws to accommodate a diversity of workloads that span cloud data center as well as the near and far edge hello and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we'll dig into the moves that aws has been making which we believe define the future of computing we'll also project what this means for customers partners and aws many competitors now let's take a look at aws's architectural journey the is revolution it started by giving easy access as we all know to virtual machines that could be deployed and decommissioned on demand amazon at the time used a highly customized version of zen that allowed multiple vms to run on one physical machine the hypervisor functions were controlled by x86 now according to werner vogels as much as 30 of the processing was wasted meaning it was supporting hypervisor functions and managing other parts of the system including the storage and networking these overheads led to aws developing custom asics that help to accelerate workloads now in 2013 aws began shipping custom chips and partnered with amd to announce ec2 c3 instances but as the as the aws cloud started to scale they really weren't satisfied with the performance gains that they were getting and they were hitting architectural barriers that prompted aws to start a partnership with anaperta labs this was back in 2014 and they launched then ec2 c4 instances in 2015. the asic in c4 optimized offload functions for storage and networking but still relied on intel xeon as the control point aws aws shelled out a reported 350 million dollars to acquire annapurna in 2015 which is a meager sum to acquire the secret sauce of its future system design this acquisition led to a modern version of project nitro in 2017 nitro nitro offload cards were first introduced in 2013 at this time aws introduced c5 instances and replaced zen with kvm and more tightly coupled the hypervisor with the asic vogels shared last year that this milestone offloaded the remaining components including the control plane the rest of the i o and enabled nearly a hundred percent of the processing to support customer workloads it also enabled a bare metal version of the compute that spawned the partnership the famous partnership with vmware to launch vmware cloud on aws then in 2018 aws took the next step and introduced graviton its custom designed arm-based chip this broke the dependency on x86 and launched a new era of architecture which now supports a wide variety of configurations to support data intensive workloads now these moves preceded other aws innovations including new chips optimized for machine learning and training and inferencing and all kinds of ai the bottom line is aws has architected an approach that offloaded the work currently done by the central processing unit in most general purpose workloads like in the data center it has set the stage in our view for the future allowing shared memory memory disaggregation and independent resources that can be configured to support workloads from the cloud all the way to the edge and nitro is the key to this architecture and to summarize aws nitro think of it as a set of custom hardware and software that runs on an arm-based platform from annapurna aws has moved the hypervisor the network the storage virtualization to dedicated hardware that frees up the cpu to run more efficiently this in our opinion is where the entire industry is headed so let's take a look at that this chart pulls data from the etr data set and lays out key players competing for the future of cloud data center and the edge now we've superimposed nvidia up top and intel they don't show up directly in the etr survey but they clearly are platform players in the mix we covered nvidia extensively in previous breaking analysis and won't go too deep there today but the data shows net scores on the vertical axis that's a measure of spending velocity and then it shows market share in the horizontal axis which is a measure of pervasiveness within the etr data set we're not going to dwell on the relative positions here rather let's comment on the players and start with aws we've laid out aws how they got here and we believe they are setting the direction for the future of the industry and aws is really pushing migration to its arm-based platforms pat morehead at the 6-5 summit spoke to dave brown who heads ec2 at aws and he talked extensively about migrating from x86 to aws's arm-based graviton 2. and he announced a new developer challenge to accelerate that migration to arm instances graviton instances and the end game for customers is a 40 better price performance so a customer running 100 server instances can do the same work with 60 servers now there's some work involved but for the by the customers to actually get there but the payoff if they can get 40 improvement in price performance is quite large imagine this aws currently offers 400 different ec2 instances last year as we reported sorry last year as we reported earlier this year nearly 50 percent of the new ec2 instances so nearly 50 percent of the new ec2 instances shipped in 2020 were arm based and aws is working hard to accelerate this pace it's very clear now let's talk about intel i'll just say it intel is finally responding in earnest and basically it's taking a page out of arm's playbook we're going to dig into that a bit today in 2015 intel paid 16.7 billion dollars for altera a maker of fpgas now also at the 6.5 summit nevin shenoy of intel presented details of what intel is calling an ipu it's infrastructure processing unit this is a departure from intel norms where everything is controlled by a central processing unit ipu's are essentially smart knicks as our dpus so don't get caught up in all the acronym soup as we've reported it's all about offloading work and disaggregating memory and evolving socs system-on-chip and sops system on package but just let this sink in a bit a bit for a moment intel's moves this past week it seems to us anyway are designed to create a platform that is nitro like and the basis of that platform is a 16.7 billion dollar acquisition just compare that to aws's 350 million dollar tuck-in of annapurna that is incredible now chenoy said in his presentation rough quote we've already deployed ipu's using fpgas in a in very high volume at microsoft azure and we've recently announced partnerships with baidu jd cloud and vmware so let's look at vmware vmware is the other you know really big platform player in this race in 2020 vmware announced project monterrey you might recall that it's based on the aforementioned fpgas from intel so vmware is in the mix and it chose to work with intel most likely for a variety of reasons one of the obvious ones is all the software that's running on on on vmware it's been built for x86 and there's a huge install base there the other is pat was heading vmware at the time and and you know when project monterey was conceived so i'll let you connect the dots if you like regardless vmware has a nitro like offering in our view its optionality however is limited by intel but at least it's in the game and appears to be ahead of the competition in this space aws notwithstanding because aws is clearly in the lead now what about microsoft and google suffice it to say that we strongly believe that despite the comments that intel made about shipping fpgas and volume to microsoft that both microsoft and google as well as alibaba will follow aws's lead and develop an arm-based platform like nitro we think they have to in order to keep pace with aws now what about the rest of the data center pack well dell has vmware so despite the split we don't expect any real changes there dell is going to leverage whatever vmware does and do it better than anyone else cisco is interesting in that it just revamped its ucs but we don't see any evidence that it has a nitro like plans in its roadmap same with hpe now both of these companies have history and capabilities around silicon cisco designs its own chips today for carrier class use cases and and hpe as we've reported probably has some remnants of the machine hanging around but both companies are very likely in our view to follow vmware's lead and go with an intel based design what about ibm well we really don't know we think the best thing ibm could do would be to move the ibm cloud of course to an arm-based nitro-like platform we think even the mainframe should move to arm as well i mean it's just too expensive to build a specialized mainframe cpu these days now oracle they're interesting if we were running oracle we would build an arm-based nitro-like database cloud where oracle the database runs cheaper faster and consumes less energy than any other platform that would would dare to run oracle and we'd go one step further and we would optimize for competitive databases in the oracle cloud so we would make oci run the table on all databases and be essentially the database cloud but you know back to sort of fpgas we're not overly excited about about the market amd is acquiring xi links for 35 billion dollars so i guess that's something to get excited about i guess but at least amd is using its inflated stock price to do the deal but we honestly we think that the arm ecosystem will will obliterate the fpga market by making it simpler and faster to move to soc with far better performance flexibility integration and mobility so again we're not too sanguine about intel's acquisition of altera and the moves that amd is making in in the long term now let's take a deeper look at intel's vision of the data center of the future here's a chart that intel showed depicting its vision of the future of the data center what you see is the ipu's which are intelligent nixed and they're embedded in the four blocks shown and they're communicating across a fabric now you have general purpose compute in the upper left and machine intelligent on the bottom left machine intelligence apps and up in the top right you see storage services and then the bottom right variation of alternative processors and this is intel's view of how to share resources and go from a world where everything is controlled by a central processing unit to a more independent set of resources that can work in parallel now gelsinger has talked about all the cool tech that this will allow intel to incorporate including pci and gen 5 and cxl memory interfaces and or cxl memory which are interfaces that enable memory sharing and disaggregation and 5g and 6g connectivity and so forth so that's intel's view of the future of the data center let's look at arm's vision of the future and compare them now there are definite similarities as you can see especially on the right hand side of this chart you've got the blocks of different process processor types these of course are programmable and you notice the high bandwidth memory the hbm3 plus the ddrs on the two sides kind of bookending the blocks that's shared across the entire system and it's connected by pcie gen 5 cxl or ccix multi-die socket so you know you may be looking to say okay two sets of block diagrams big deal well while there are similarities around disaggregation and i guess implied shared memory in the intel diagram and of course the use of advanced standards there are also some notable differences in particular arm is really already at the soc level whereas intel is talking about fpgas neoverse arms architecture is shipping in test mode and we'll have end market product by year end 2022 intel is talking about maybe 2024 we think that's aspirational or 2025 at best arm's road map is much more clear now intel said it will release more details in october so we'll pay attention then maybe we'll recalibrate at that point but it's clear to us that arm is way further along now the other major difference is volume intel is coming at this from a high data center perspective and you know presumably plans to push down market or out to the edge arm is coming at this from the edge low cost low power superior price performance arm is winning at the edge and based on the data that we shared earlier from aws it's clearly gaining ground in the enterprise history strongly suggests that the volume approach will win not only at the low end but eventually at the high end so we want to wrap by looking at what this means for customers and the partner ecosystem the first point we'd like to make is follow the consumer apps this capability the capabilities that we see in consumer apps like image processing and natural language processing and facial recognition and voice translation these inference capabilities that are going on today in mobile will find their way into the enterprise ecosystem ninety percent of the cost associated with machine learning in the cloud is around inference in the future most ai in the enterprise and most certainly at the edge will be inference it's not today because it's too expensive this is why aws is building custom chips for inferencing to drive costs down so it can increase adoption now the second point is we think that customers should start experimenting and see what you can do with arm-based platforms moore's law is accelerating at least the outcome of moore's law the doubling of performance every of the 18 to 24 months it's it's actually much higher than that now when you add up all the different components in these alternative processors just take a look at apple's a5 a15 chip and arm is in the lead in terms of performance price performance cost and energy consumption by moving some workloads onto graviton for example you'll see what types of cost savings you can drive for which applications and possibly generate new applications that you can deliver to your business put a couple engineers in the task and see what they can do in two or three weeks you might be surprised or you might say hey it's too early for us but you'll find out and you may strike gold we would suggest that you talk to your hybrid cloud provider as well and find out if they have a nitro we shared that vmware they've got a clear path as does dell because they're you know vmware cousins what about your other strategic suppliers what's their roadmap what's the time frame to move from where they are today to something that resembles nitro do they even think about that how do they think about that do they think it's important to get there so if if so or if not how are they thinking about reducing your costs and supporting your new workloads at scale now for isvs these consumer capabilities that we discussed earlier all these mobile and and automated systems and cars and and things like that biometrics another example they're going to find their way into your software and your competitors are porting to arm they're embedding these consumer-like capabilities into their apps are you we would strongly recommend that you take a look at that talk to your cloud suppliers and see what they can do to help you innovate run faster and cut costs okay that's it for now thanks to my collaborator david floyer who's been on this topic since early last decade thanks to the community for your comments and insights and hey thanks to patrick morehead and daniel newman for some timely interviews from your event nice job fellas remember i published each week on wikibon.com and siliconangle.com these episodes are all available as podcasts just search for breaking analysis podcasts you can always connect with me on twitter at d vallante or email me at david.velante at siliconangle.com i appreciate the comments on linkedin and clubhouse so follow us if you see us in a room jump in and let's riff on these topics and don't forget to check out etr.plus for all the survey data this is dave vellante for the cube insights powered by etr be well and we'll see you next time

>> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Hi, I'm Stu Miniman, and welcome to a CUBE conversation. I'm coming to you from our Boston Area studio. And we're going to be digging into some interesting news regarding networking. Some important use cases these days, in 2020, of course, AI is a big piece of it. So happy to welcome to the program. First of all, I have one of our CUBE alumni, Kevin Deierling. He's the Senior Vice President of Marketing with Nvidia, part of the networking team there. And joining him is Scott Tease, someone we've known for a while, but first time on the program, who's the General Manager of HPC and AI, for the Lenovo Data Center Group. Scott and Kevin, thanks so much for joining us. >> It's great to be here Stu. >> Yeah, thank you. >> Alright, so Kevin, as I said, you you've been on the program a number of times, first when it was just Mellanox, now of course the networking team, there's some other acquisitions that have come in. If you could just set us up with the relationship between Nvidia and Lenovo. And there's some news today that we're here to talk about too. So let's start getting into that. And then Scott, you'll jump in after Kevin. >> Yeah, so we've been a long time partner with Lenovo, on our high performance computing. And so that's the InfiniBand piece of our business. And more and more, we're seeing that AI workloads are very, very similar to HPC workloads. And so that's been a great partnership that we've had for many, many years. And now we're expanding that, and we're launching a OEM relationship with Lenovo, for our Ethernet switches. And again, with our Ethernet switches, we really take that heritage of low latency, high performance networking that we built over many years in HPC, and we bring that to Ethernet. And of course that can be with HPC, because frequently in an HPC supercomputing environment, or in an AI supercomputing environment, you'll also have an Ethernet network, either for management, or sometimes for storage. And now we can offer that together with Lenovo. So it's a great partnership. We talked about it briefly last month, and now we're coming to market, and we'll be able to offer this to the market. >> Yeah, yeah, Kevin, we're super excited about it here in Lenovo as well. We've had a great relationship over the years with Mellanox, with Nvidia Mellanox. And this is just the next step. We've shown in HPC that the days of just taking an Ethernet card, or an InfiniBand card, plugging it in the system, and having it work properly are gone. You really need a system that's engineered for whatever task the customer is going to use. And we've known that in HPC for a long time, as we move into workloads, like artificial intelligence, where networking is a critical aspect of getting these systems to communicate with one another, and work properly together. We love from HPC perspective, to use InfiniBand, but most enterprise clients are using Ethernet. So where do we go? We go to a partner that we've trusted for a very long time. And we selected the Nvidia Mellanox Ethernet switch family. And we're really excited to be able to bring that end-to-end solution to our enterprise clients, just like we've been doing for HPC for a while. >> Yeah, well Scott, maybe if you could. I'd love to hear a little bit more about kind of that customer demand that those usages there. So you think traditionally, of course, is supercomputing, as you both talked about that move from InfiniBand, to leveraging Ethernet, is something that's been talked about for quite a while now in the industry. But maybe that AI specifically, could you talk about what are the networking requirements, how similar is it? Is it 95% of the same architecture, as what you see in HPC environments? And also, I guess the big question there is, how fast are customers adopting, and rolling out those AI solutions? And what kind of scale are they getting them to today? >> So yeah, there's a lot there of good things we can talk about. So I'd say in HPC, the thing that we've learned, is that you've got to have a fabric that's up to the task. When you're testing an HPC solution, you're not looking at a single node, you're looking at a combination of servers, and storage, management, all these things have to come together, and they come together over InfiniBand fabric. So we've got this nearly a purpose built fabric that's been fantastic for the HPC community for a long time. As we start to do some of that same type of workload, but in an enterprise environment, many of those customers are not used to InfiniBand, they're used to an Ethernet fabric, something that they've got all throughout their data center. And we want to try to find a way to do was, bring a lot of that rock solid interoperability, and pre-tested capability, and bring it to our enterprise clients for these AI workloads. Anything high performance GPUs, lots of inner internode communications, worries about traffic and congestion, abnormalities in the network that you need to spot. Those things happen quite often, when you're doing these enterprise AI solutions. You need a fabric that's able to keep up with that. And the Nvidia networking is definitely going to be able to do that for us. >> Yeah well, Kevin I heard Scott mention GPUs here. So this kind of highlights one of the reasons why we've seen Nvidia expand its networking capabilities. Could you talk a little bit about that kind of expansion, the portfolio, and how these use cases really are going to highlight what Nvidia helped bring to the market? >> Yeah, we like to really focus on accelerated computing applications. And whether those are HPC applications, or now they're becoming much more broadly adopted in the enterprise. And one of the things we've done is, tight integration at a product level, between GPUs, and the networking components in our business. Whether that's the adapters, or the DPU, the data processing unit, which we've talked about before. And now even with the switches here, with our friends at Lenovo, and really bringing that all together. But most importantly, is at a platform level. And by that I mean the software. And the enterprise here has all kinds of different verticals that are going after. And we invest heavily in the software ecosystem that's built on top of the GPU, and the networking. And by integrating all of that together on a platform, we can really accelerate the time to market for enterprises that wants to leverage these modern workloads, sort of cloud native workloads. >> Yeah, please Scott, if you have some follow up there. >> Yeah, if you don't mind Stu, I just like to say, five years ago, the roadmap that we followed was the processor roadmap. We all could tell you to the week when the next Xeon processor was going to come out. And that's what drove all of our roadmaps. Since that time what we found is that the items that are making the radical, the revolutionary improvements in performance, they're attached to the processor, but they're not the processor itself. It's things like, the GPU. It's things like that, especially networking adapters. So trying to design a platform that's solely based on a CPU, and then jam these other items on top of it. It no longer works, you have to design these systems in a holistic manner, where you're designing for the GPU, you're designing for the network. And that's the beauty of having a deep partnership, like we share with Nvidia, on both the GPU side, and on the networking side, is we can do all that upfront engineering to make sure that the platform, the systems, the solution, as a whole works exactly how the customer is going to expect it to. >> Kevin, you mentioned that a big piece of this is software now. I'm curious, there's an interesting piece that your networking team has picked up, relatively recently, that the Cumulus Linux, so help us understand how that fits into the Ethernet portfolio? And would it show up in these kind of applications that we're talking about? >> Yeah, that's a great question. So you're absolutely right, Cumulus is integral to what we're doing here with Lenovo. If you looked at the heritage that Mellanox had, and Cumulus, it's all about open networking. And what we mean by that, is we really decouple the hardware, and the software. So we support multiple network operating systems on top of our hardware. And so if it's, for example, Sonic, or if it's our Onyx or Dents, which is based on switch def. But Cumulus who we just recently acquired, has been also on that same access of open networking. And so they really support multiple platforms. Now we've added a new platform with our friends at Lenovo. And really they've adopted Cumulus. So it is very much centered on, Enterprise, and really a cloud like experience in the Enterprise, where it's Linux, but it's highly automated. Everything is operationalized and automated. And so as a result of that, you get sort of the experience of the cloud, but with the economics that you get in the Enterprise. So it's kind of the best of both worlds in terms of network analytic, and all of the ability to do things that the cloud guys are doing, but fully automated, and for an Enterprise environment. >> Yeah, so Kevin, I mean, I just want to say a few things about this. We're really excited about the Cumulus acquisition here. When we started our negotiations with Mellanox, we were still planning to use Onyx. We love Onyx, it's been our IB nodes of choice. Our users love, our are architects love it. But we were trying to lean towards a more open kind of futuristic, node as we got started with this. And Cumulus is really perfect. I mean it's a Linux open source based system. We love open source in HPC. The great thing about it is, we're going to be able to take all the great learnings that we've had with Onyx over the years, and now be able to consolidate those inside of Cumulus. We think it's the perfect way to start this relationship with Nvidia networking. >> Well Scott, help us understand a little more. What you know what does this expansion of the partnership mean? If you're talking about really the full solutions that Lenovo opens in the think agile brand, as well as the hybrid and cloud solutions. Is this something then that, is it just baked into the solution, is it a reseller, what should customers, and your your channel partners understand about this? >> Yeah, so any of the Lenovo solutions that require a switch to perform the functionality needed across the solution, are going to show up with the networking from Nvidia inside of it. Reasons for that, a couple of reasons. One is even something as simple as solution management for HPC, the switch is so integral to how we do all that, how we push all those functions down, how we deploy systems. So you've got to have a switch, in a connectivity methodology, that ensures that we know how to deploy these systems. And no matter what scale they are, from a few systems up, to literally thousands of systems, we've got something that we know how to do. Then when we're we're selling these solutions, like an SAP solution, for instance. The customer is not buying a server anymore, they're buying a solution, they're buying a functionality. And we want to be able to test that in our labs to ensure that that system, that rack, leaves our factory ready to do exactly what the customer is looking for. So any of the systems that are going to be coming from us, pre configured, pre tested, are all going to have Nvidia networking inside of them. >> Yeah, and I think that's, you mentioned the hybrid cloud. I think that's really important. That's really where we cut our teeth first in InfiniBand, but also with our Ethernet solutions. And so today, we're really driving a bunch of the big hyper scalars, as well as the big clouds. And as you see things like SAP or Azure, it's really important now that you're seeing Azure stack coming into a hybrid environment, that you have the known commodity here. So we're something that we're built in to many of those different platforms, with our Spectrum ASIC, as well as our adapters. And so now the ability with Nvidia, and Lenovo together, to bring that to enterprise customers, is really important. I think it's a proven set of components that together forms a solution. And that's the real key, as Scott said, is delivering a solution, not just piece parts, we have a platform, that software, hardware, all of it integrated. >> Well, it's great to see you. We've had an existing partnership for a while. I want to give you both the opportunity, anything specific, you've been hearing kind of the customer demand leading up this. Is it people that might be transitioning from InfiniBand to Ethernet? Or is it just general market adoption of new solutions that you have out there? (speakers talk over each other) >> You go ahead and start. >> Okay, so I think that there's different networks for different workloads, is what we've seen. And InfiniBand certainly is going to continue to be the best platform out there for HPC, and often for AI. But as Scott said, the enterprise frequently is not familiar with that, and for various reasons, would like to leverage Ethernet. So I think we'll see two different cases, one where there's Ethernet with an InfiniBand network. And the other is for new enterprise workloads that are coming, that are very AI centric, modern workloads, sort of cloud native workloads. You have all of the infrastructure in place with our Spectrum ASICs, and our Connectx adapters, and now integrated with GPUs, that we'll be able to deliver solutions rather than just compliments. And that's the key. >> Yeah, I think Stu, a great example, I think of where you need that networking, like we've been used to an HPC, is when you start looking at deep learning in training, scale out training. A lot of companies have been stuck on a single workstation, because they haven't been able to figure out how to spread that workload out, and chop it up, like we've been doing in HPC, because they've been running into networking issues. They can't run over an unoptimized network. With this new technology, we're hoping to be able to do a lot of the same things that HPC customers take for granted every day, about workload management, distribution of workload, chopping jobs up into smaller portions, and feeding them out to a cluster. We're hoping that we're going to be able to do those exact same things for our enterprise clients. And it's going to look magical to them, but it's the same kind of thing we've been doing forever. With Mellanox, in the past, now Nvidia networking, we're just going to take that to the enterprise. I'm really excited about it. >> Well, it's so much flexibility. We used to look at, it would take a decade to roll out some new generations. Kevin, if you could just give us latest speeds and feeds. If I look at Ethernet, did I see that this has from n gig, all the way up to 400 gig? I think I lose track a little bit of some of the pieces. I know the industry as a whole is driving it. But where are we with the general customer adoption of some of the some of the speeds today? >> Yeah indeed, we're coming up on the 40th anniversary of the first specification of Ethernet. And we're about 4000 times faster now, 40,000 times faster at 400 gigabits, versus 10 megabits. So yeah, we're shipping today at the adapter level, 100 gig, and even 200 gig. And then at the switch level, 400 gig. And people sort of ask, "Do we really need all that performance?" The answer is absolutely. So the amount of data that the GPU can crunch, and these AI workloads, these giant neural networks, it needs massive amounts of data. And then as you're scaling out, as Scott was talking about, much along the lines of InfiniBand Ethernet needs that same level of performance, throughput, latency and offloads, and we're able to deliver. >> Yeah, so Kevin, thank you so much. Scott, I want to give you a final word here. Anything else you want your customers to understand regarding this partnerships? >> Yeah, just a quick one Stu, quick one. So we've been really fortunate in working really closely with Mellanox over the years, and with Nvidia. And now the two together, we're just excited about what the future holds. We've done some really neat things in HPC, with being one of the first watercool an InfiniBand card. We're one of the first companies to deploy Dragonfly topology. We've done some unique things where we can share a single IP adapter, across multiple users. We're looking forward to doing a lot of that same exact kind of innovation, inside of our systems as we look to Ethernet. We often think that as speeds of Ethernet continue to go higher, we may see more and more people move from InfiniBand to Ethernet. I think that now having both of these offerings inside of our lineup, is going to make it really easy for customers to choose what's best for them over time. So I'm excited about the future. >> Alright, well Kevin and Scott, thank you so much. Deep integration and customer choice, important stuff. Thank you so much for joining us. >> Thank you Stu. >> Thanks Stu. >> Alright, I'm Stu Miniman, and thank you. Thanks for watching theCUBE. (upbeat music)

(bright music) >> Announcer: From the Cube studios in Palo Alto in Boston, connecting with thought leaders all around the world. This is a Cube conversation. >> Hi, I'm Stu Miniman, and welcome to a Cube conversation. I'm coming to you from our Boston area studio. And we're going to be digging into P4, which is, the programming protocol independent packet processors. And to help me with that, first time guest on the program, Mario Baldi, he is a distinguished technologist with Pensando. Mario, so nice to see you. Thanks for joining us. >> Thank you. Thank you for inviting. >> Alright, so Mario, you have you have a very, you know, robust technical career, lot of patents, you've worked on, you know, many technologies, you know, deep in the networking and developer world, but give our audience a little bit of your background and what brought you to Pensando. >> Yeah, yes, absolutely. So I started my my professional life in academia, actually, I worked for many years in academia, about 15 years exclusively in academia, and I was focusing both my teaching in research on computer networking. And then I also worked in a number of startups and established companies, in the last about eight years almost exclusively in the industry. And before joining Pensando, I worked for a couple of years at Cisco on a P4 programmable switch and that's where I got in touch with P4 actually. For the occasion I wore a T shirt of one of the P4 workshops. Which reminds me a bit of those people when you ask them, whether they do any sports, they tell you they have a membership at the gym. So I don't just have membership, I didn't just show up at the workshop. I've really been involved in the community and so when I learned what pensando was doing, I immediately got very excited that the ASIC that Pensando has developed these is really extremely powerful and flexible because it's fully programmable, partly programmable, with P4 partly programmable differently. And Pensando is starting to deploy these ASIC at the edge and Haas. And I think such a powerful and flexible device, at the edge of the network really opens incredible opportunities to, on the one hand implement what we have been doing in a different way, on the other hand, implement completely different solution. So, you know, I've been working most of my career in innovation, and when when I saw these, I immediately got very excited and I realized that Pensando was really the right place for me to be. >> Excellent. Yeah, interesting, you know, many people in the industry, they talk about innovation coming out of the universities, you know, Stanford often gets mentioned, but the university that you, you know, attended and also were associate professor at in Italy, a lot of the networking team, your MPLS, you know, team at Pensando, many of them came from them. Silvano guy, you know, written many books, they're, you know, very storied career in that environment. P4, maybe step back for a second, you know, you're you're deep in this group, help us understand what that is, how long it's been around, you know, and who participates in it with P4? >> Yeah, yeah. So as you were saying before, one of the few P4 from whom I've heard saying it, because everyone calls it P4 and nobody says what it really means. So programming protocol, independent packet processor. So it's a programming language for packet processors. And it's protocol independent. So it doesn't start from assuming that we want to use certain protocols. So P4 first of all allows you to specify what packets look like. So what the headers look like, and how they can be parsed. And secondly, because P4 is specifically designed for packet processing, and it's based on the idea that you want to look up values in tables. So it allows you to define tables, in keys that are being used to look up those tables and find an entry in the table. And when you find an entry, that entry contains an action and parameters to be used for that action. So the idea is that the package descriptions that you have in the program, define how the package should be processed. Header fields should be parsed, values extracted from them, and those values are being used as keys to look up into tables. And when the appropriate entry in the table is found, an action is executed and that action is going to modify those header fields, and these happens a number of times, the program specifies a sequence of tables that are being looked up, header fields being modified. In the end, those modified header fields are used to construct new packets that are being sent out of the device. So this is the basic idea of a P4 program. You specify a bunch of tables that are being looked up using values extracted from packets. So this is very powerful for a number of reasons. So first of all, its input, which is always good as we know, especially in networking, and then it maps very well on what we need to do, when we do packet processing. So writing a packet processing program, is relatively easy and fast. Could be difficult to write a generic programming in P4, you could not, but the packet processing program, it's easy to write. And last but not least, P4 really maps well on hardware that was designed specifically to process packet. What we call domain specific processes, right. And those processes are, in fact designed to quickly look up tables that might have decamping side, they might have processes that are specialized in performing, in building keys and performing table lookup, and modifying those header fields. So when you have those processors that are usually organized in pipelines to achieve a good throughput, then you can very efficiently take a P4 program and compile it to execute it very high speed on those processors. And this way, you get the same performance of a fixed function ASIC, but it's fully programmable, nothing is fixed. Which means that you can develop your features much faster, you can add features and fix bugs, you know, with a very short cycle, not with a four or five year cycle of baking a new ASIC. And this is extremely powerful. This is the strong value proposition of P4. >> Yeah, absolutely. I think that that resonates Mario, you know, I used to do presentations about the networking industry and you would draw timelines out there in decades. Because from the standard to get deployed for, you know, the the hardware to get baked, the customers to do the adoption, things take a really long time. You brought up, you know, edge computing, obviously, you know, we are, you know, it is really exciting, but it is changing really fast, and there's a lot of different, you know, capabilities out there. So if you could help us, you know, connect the dots between what P4 does and what the customers need. You know, we talked about multi-cloud and edge. What is it that you know, P4 in general, and what Pensando is doing with P4 specifically, enables this next generation architecture? >> Yeah, sure. So, Pensando has developed these card, which we call DSC distribute services card, that is built around an ASIC, that has a very very versatile architecture. It's a fully programmable. And it's fully programmable it's various levers, and one of them is in fact P4. Now this card and has a PCIE interface. So it can be installed in horse. And by the way, this is not the only way this powerful as you can be deployed. It's the first way Pensando has decided to use it. And so we have this card, it can be plugged into a host, it has two network interfaces. So it can be used as a network adapter. But in reality, because the card is fully programmable and it has several processors inside, it can be used to implement very sophisticated services. Things that you wouldn't even dream of doing with the typical network adapter, with a typical NIC. So in particular, this card, this ASIC contains a sizable amount of memory. Right now we have two sizes four, an eight gig but we are going to have versions of the card with even larger memory. Then it has some specialized hardware for specific functions like cryptographic functions, compression, computation of CRCs and if sophisticated queueing system with packet buffer with the queuing system to end the packets that have to go out to the interfaces or coming from the interfaces. Then it is several types of processors. It has generic processors, specifically arms, arm processors that can be programmed with general purpose languages. And then a set of processors that are specific for packet processing that are organized in a pipeline. In those, idea to be programmed with P4. We can very easily map a P4 program, on those pipeline of processor. So that's where Pensando is leveraging P4, is the language for programming those processes that allow us to process packets at the line rate of our 200 gigabit interfaces that we have in the card. >> Great. So Mario, what about from a customer viewpoint? Do they need to understand you know, how to program in P4, is this transparent to them? What's the customer interaction with it? >> Oh yeah, not at all. The Pensando platform, Pensando is offering a platform that is a completely turnkey solution. Basically the platform, first of all, the platform has a controller with which the user interacts, the user can configure policies on this controller. So using an intent based paradigm, the user defines policies that the controller is going to push those policies to the cards. So in your data center in your horse, in your data center, you can deploy thousands of those cards. Those cards implement distributed services. Let's say, just to give a very simple example, a distributed stateful firewall implemented on the all of those cards. The user writes a security policy, says this particular application can talk to these other particular application, and then translate it into configuration for those cards. It's transparently deployed on the cards that start in force the policies. So the user can use this system at this very high level. However, if the user has more specific needs, then the system, the platform offers several interfaces and several API's to program the platform through those interfaces. So the one at the highest level, is a REST API to the controller. So if the customer has an orchestrator, they can use that orchestrator to automatically send policies to the controller. Or if a customer already have their own controller, they can interact directly with the DSCs with the cards on the horse, with another API's that's fully open, is based on GRPC. And in this way, they can control the cards directly. If they need something even more specific, if they need a functionality that Pensando doesn't offer on those card, hasn't already ever written software for the cards, then customers can program the card, and the first level at which they can program it is the ARM processors. We have ARM processors, those are running in version of Linux, so customers can program it by writing C-code or Python. But if they have very specific needs, like when they write a software for the ARM processor, they can leverage the P4 code that we have already written for the card for those specialized packet processors. So they can leverage all of the protocols that our P4 program is already supported. And by the way because that's software, they can pick and choose in a Manga library of many different protocols and features we support, and decide to deploy them and then integrate them in their software running on the ARM processor. However, if they want to add their own proprietary protocols, if they want, if they need to execute some functionalities at very high performance, then they that's when they can write P4 code. And even in that case, we are going to make it very simple for them. Because they don't have to write everything from scratch. They don't have to worry about how to process AP packets, how to terminate TCP, we have to solve the P4 code for them. They can focus just on their own feature. And we are going to give them a development environment that allows them to focus on their own little feature and integrate it with the rest of our P4 program. Which by the way, is something that P4 is not designed for. P4 is not designed for having different programmers, write different pieces of the program and put them together. But we have the means to enable this. >> Okay, interesting. So, you know, maybe bring us inside a little bit, you know the P4 community, you're very active in it, when I look online, there's a large language consortium, many of, you know, all the hardware and software companies that I would expect in the networking space are on that list. So what's Pensando's participation in the community? And you were just teasing through, you know, what does P4 do and then what does Pensando, maybe enable, you know, above and beyond what, you know, P4 just does on its own? >> Yeah, so yes Pensando is very much involved in the community. There has been recently an event, online event that substituted the yearly P4 workshop. It was called the P4 expert round-table series. And Pensando had very strong participation. our CTO, Vipin Jain, had the keynote speech. Talking about how P4 can be extended beyond packet processing. P4, we said, has been designed for packet processing, but today, there are many applications that require message processing, which is more sophisticated then. And he gave a speech on how we can go towards that direction. Then we had a talk that was resulting from a submission that was reviewed and accepted on in fact, the architecture of our ASIC, and how it can be used to implement many interesting use cases. And finally, we participated into a panel in which we discussed how to use P4 in mix-ins Martin at the edge of the network. And there we argued with some use cases and example and code, how before it needs to be extended a little bit because NICs have different needs and open up different opportunities rather than switches. Now P4 was never really meant only for switches. But if we looked at what happened, the community has worked mostly on switches. For example it is defined that what is called the PSA, portable switch architecture. And we see that the NICs have an edge devices, have a little bit different requirements. So, one of the things we are doing within the communities working within one of the working groups, is called the architecture work group. And they are working in there to create the definition of a PNA, Portable NIC Architecture. Now, we didn't start this activity, this activity has started already in 2018. But it did slow down significantly, mostly because there wasn't so much of a push. So now Pensando coming on the market with this new architecture really gave new life to this activity. And we are contributing, actively we have proposed a candidate for a new architecture which has been discussed within the community. And, you know, just to give you an example, why do we need a new architecture? Because if you think of the switch, there are several reasons but one, it's very intuitive. If you think of a switch, you have packets coming in, they've been processed and packets go out. As we said before, there's the PMA then sorry, PSA architecture is meant for these kinds of operation. If you think of a NIC, it's a little bit different because yes, you have packets coming in, and yes, if you have multiple interfaces like our card, you might take those packets and send them out. But most likely what you want to do, you want to process those packets, and then not give the packets to the host. Otherwise the host CPU will have to process them again, to pass them again. You want to give some artifacts to the host, some pre-processed information. So you want to, I don't know take those packets for example, assemble many TCP messages and provide a stream of bytes coming out of this TCP connection. Now, these requires a completely different architecture, packets come in, something else goes out. And goes out, for example, through a PCI bus. So, you need the some different architecture and then you will need in the P4 language, different constructs to deal with the fact that you are modifying memory, you are moving data from the card to the host and vice versa. So again, back to your question, how are we involved in the workgroups? We are involved in the architecture workgroup right now to define the PNA, the Portable NIC Architecture. And also, I believe in the future we will be involved in the language group to propose some extensions to the language. >> Excellent. Well, Mario, thank you so much for giving us a deep dive into P4, where it is and you know some of the potential futures for where it will go in the future. Thanks so much for joining us. >> Thank you. >> Alright. I'm Stu Miniman, thank you so much for watching the Cube. (gentle music)

(upbeat music) >> Announcer: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is theCUBE Conversation. >> Stu: Hi, I'm Stu Miniman and welcome to this special Cube presentation. We're talking with Pensando, and their event is "Future Proof Your Enterprise", to help us really understand where the company is, and the partnerships, what they're hearing from customers. Really happy to welcome back to our program Randy Pond, he's the Chief Financial Officer at Pensando. Randy, thanks so much for joining us. >> Randy: My pleasure, thanks for having me. >> All right, well Randy, obviously today, we're talking to people everywhere, they're remote so, not quite as plush as the last time we talked to you at the Goldman-Sachs office, in New York City, beautiful view in the background. That was a great backdrop, when you talk about bringing a company out of stealth, John Chambers there, your chairman, Antonio Neri >> Yeah Neri. >> Talking about the investment in the partnership. And Goldman-Sachs, an excellent customer there, here we are little bit more than six months later and that partnership with HPE is taking the next step. You've got the general availability, this month, of the HPE Proliant with Pensando Solutions. Bring us up to speed a little bit though, we'll talk about HPE maybe in a second but, your customers, your progress, you had, I believe it was up to your C round of funding, when you came out of stealth so, give us your viewpoint as to where the company is today. >> So today, I think, we're sort of, divide the conversation between financial and a business perspective. So financially, we're in great shape, the C round came together very well, we were way over subscribed. We raised our limits to secure additional funding, which has worked out really well, getting where we are currently with the pandemic. So financially, we're in great shape, our case burn has held steady and we've done a good job of forecasting, that's why I thing the Bird's pleased. From a business perspective, we've done a really good job delivering on our real maximum product perspective. So, the team has released the cloud production, we released the cloud to customers about a month or two ago. We just did a release to the enterprise space, through HPE. We got another release coming up the end of this month. There's releases scheduled for Q3 and Q4 of this year. Our second ASIC will come back, I think, the 15th of June, so we're going to get access to our new design, I think that's great news. You know our cloud customers are excited about that 'cause it provides a little more capability than the current device does. And we had a great Q1 and we're off to a great start on Q2. We overachieved in Q1, we look like we're going to overachieve again in Q2, both in terms of units and dollars, so we're in a pretty good place. >> Yeah, I'd like to see if we could break down say kind of the financial and the business piece. On the financial side piece, you've worked with this team for quite a long time, there's got to be a different financial model that you put in place when you know that you've got, really, your exit built in, add from the three spin-ins before, proof the product, get it out there and then, well, I've got an in-house feed with a full panel there, as opposed today. Is the model we should be thinking, what percentage of that is OEM? You talk about there's the cloud model, and the enterprise model and, how do you structure things a little bit differently for that type of model versus, maybe, what the spin-ins were or a traditional start-up. >> Sure. >> that might have a different, a few different models to choose from? >> So, we're much closer aligned to a traditional start-up environment. Now, the one unique point is the HPE relationship because they've been my partner, they are my primary go to market partner in the enterprise space today but, they're also a strategic investor. So, the reality is, in the enterprise space we have to sell the product through the OEMs, the average enterprise customer doesn't have the capacity to install themself. But that is a very different model than it is in the cloud side. So, it's an indirect sales model, most likely through HPE and other server providers, like Dell, Cisco possibly, and Super Micro. Every customer has their sort of, requested server manufacturer. On the cloud side, individuals build their own so, that's a, I ship to them and they install it themselves, it's a different software model, it's a different manufacturing model as in, we have a more traditional direct sales model on that side, but we've got a partner middle model on the enterprise side today. We've set 'em up as both, HPE sort of serves like a quasi Cisco environment for us, because we're depending on their engine to find our leads, and it's worked out really really well. >> Excellent, maybe bring us inside a little bit, where you are with (away from microphone) about customer acquisition leading up to now and what's the expectation now that HPE is fully ready to roll. >> So, we, I'm going to start the conversation again. There's the cloud side, so on the cloud side we have three committed customers today. One is in production, the other two are going into production later part of this year, they need the release we're going to give them in September/October timeframe but they've committed to us from a design perspective. And then there's a follow-on generational product in '21 where they really ramp hard. I already have a bind contract with two, I'm working on the third. And, on the enterprise side, we're modeling ourselves after the top 200 HPE customers right now. They normally align themselves around financial services, pharmaceuticals, transportation, sled, we're working through those customers. We have active talks with many of them today, they're in our sales pipeline, we manage that relationship together. Generally, HPE opens the door, we explain the technology to the technical team, they say they can see a place for us and they let us stand up a plat, and then we go from there. >> Excellent, so Randy we referenced the global pandemic going on right now. It's been a bit of a bifurcated model in the tech world. Though it's been definitely a tailwind, somewhat, from the cloud standpoint, there's many infrastructure pieces that have seen an immediate acceleration, things like work from home technology. So, there's certain devices and certain deployments. And there's other things that, of course, we put a pause button trying, too much uncertainty out there. What are you seeing at the market and how's that impacting you, as a relatively new start-up? >> Yeah, so in general, your point is well taken. The cloud players are telling us their demand is up dramatically and therefore the signal they're sending us is, they want to accelerate deployment and it's likely it's going to be bigger than we originally had estimated so, that's been great news for us. In the enterprise space it's really very different, you know we're not selling a lot of product to Walmart, or Gap, or the retail space, they're struggling mightily, any hotels, motels, Carnival Lines is not buying our product today. But, if you look at the financials, if you look at the pharmas, their demand's up quite a bit, they're both buying ahead a little bit to hedge their bets in the supply chain, for the situation today, and they're actually seeing the real demand go up. And, the banks especially have seen it go up 'cause their work from home has gone through the roof. So, it's been a good opportunity for us to sort of seize the moment and demonstrate how we can be part of their new implementations, and bring new services to 'em. >> Yeah, Randy, wonder if you can actually give us, a little bit, that voice of the customer and what is the problem you're solving? Because, we talked about, there's certain immediate initiatives that accompany the era, absolutely like, today, security is more important than ever. When people are working from home, the bad actors actually are trying even harder to get involved there, we talked a little bit about cloud, so what is that itch that Pensando scratches and, therefore, how do you fit into the current landscape? >> Sure, you know, with our customers today there's similar problems and dissimilar problems, between the cloud and the enterprise. The similar problems is that Pensando quickly solves things, like East West security inside of their environments, their computer environments, which is difficult to do today, it's expensive and difficult to do today. We've provided pervasively and wire rate, and that's sort of an easy sell, initially. Another one that's been pretty easy for everyone to look at is observability and telemetry because of where we're positioned, in the computer space, we see every packet, which provides us with a lot of knowledge about what's going on in their environment. So, that's been a pretty easy initial sell. In the case of the enterprise customers, we can sell other pieces of their solution that are either expensive, or introduce latency or management problems. Whether it's firewall technology, or load balancing technology, or micro segmentation technology, all of which we can do inside of our blade. And today it's done either through appliances or through virtual machines consuming CPUs. In the cloud space, we do all of that, plus we allow them to download their own image into our devices today, which is pretty powerful, we have a lot of memory and we have a lot of capacity, from an Arm core perspective. And we allow them to pick and choose the features and functionalities they want, and then run everything at wire speeds, at much faster speeds. The enterprise is running 10/25, the cloud partners are running 25/50 going to 100, where we're even more compelling, we think. >> Randy, want to get back to talk a little bit more about HPE. You spent long time working at Cisco, for a good part of that HPE was one of your bigger partners on that. So, tell us what it's like working with HPE, any compare/contrast would be welcome. >> You know, it's interesting, so the cultural environment of HPE, under Antonio Neri, is very similar to what we saw at Cisco. And he and John have a phenomenal relationship, it's a very collegial environment, it's a very bright environment. They move quickly, for a big business. Where it's vastly different is they are much tougher on the numbers side because they're under much more margin pressure, and compounded pressures, that we never had (chuckles) at Cisco, just in all fairness to them. But, if we look through the organization, like the executive that was assigned to our account, from a sales perspective, used to work at Cisco. I think one or two of his guys used to work with Cisco. There's program management people that used to work with Cisco, there're people in engineering that came from Cisco so, it's an environment that's similar enough that it's easy enough for us to navigate. And, we're connected sort of on all levels, which has really been useful, and we have a weekly standing dialog across all the different functions. So, we're pretty deeply embedded with HPE right now and it's gone very very well. >> Yeah, you said that, even with the global pandemic right now, that Pensando is a bit ahead of where you expected shipments to be. I'm curious always, when I talk to a CFO, how do you see macroeconomic impact of what is going on there? Any concerns on your end about supply chain, either for yourselves or for partners, like HPE? How do you see what we're currently going through and the recovery future? >> So, it's an interesting question. You know, getting this pandemic sort of processed through the supply chains like a pig through a python, there's just no way to get around it. I mean, you know we had the first breakdown when they closed the country of Malaysia and I just couldn't build final product. They literally just shut the place down so, it took us about 10 days to get ourselves up and running, from a skeleton perspective. The government worked with us, they let a small crew come into our manufacturing partner to get some finished goods off for one of our OEM customers. As we've come back up, we've seen lead times extend on some of the custom parts, it's just a fact of life. I think there's a little bit of an artificial demand that's driving the supply chain a little bit crazy right now because now people are panicked that what happens if it comes back, will I get caught again, can I get enough inventory to buffer myself for, you know, two weeks to three or four months, depending on how aggressive you want to be, or conservative you want to be in that space. And then, I think, as the supply chain trickles back online, you end up discovering that yes, I can build final product, and I can get the Asics, and the memory, but now I want to buy some, you know, RS232 devices and it turns out that sure he's got 'em but the magnetic, that goes inside of it, that comes from Western China, they aren't quite up and running just yet. But we're seeing legacy problems, nothing catastrophic, nothing that's been painful. We've had to move some work around to get an incremental volume for ourselves, we've added fab vendors, and a few other things. So, it's really made us focus on second sourcing everywhere we can because we thought we were small enough, and the volume perspective wasn't that big a deal, we'll just get second sourcing once we get the product to market. That's heated back up and we're doing all that work now. So, I think, knock on wood, our recovery has gone very well we don't see any big problems in the supply chain. Now, I think, the bigger the player, like an HPE, and the longer the window they were shut down, the harder they pull when they turn the supply chain back on. But I think the big players, Cisco, HPE, and others it's going to take them a longer time, I think, to really see how this trickles all the way through, 'cause you can't really get good visibility how much safety stock or buffer stock does everybody have, at every level of the chain. So, everybody pulls at once, you run dry in a week, a month? Is it fast enough to recover, from a production perspective? All those things, I think, they're still not quite resolved yet. >> Just one other related aspect of the pandemic, that I would love your viewpoint on. You know, work from home, obviously, is what everyone is doing right now. I'm curious if you think that, what the recovery would look like from that standpoint, is there anything from Pensando that makes you shift where you think about hiring it? I've been to the Cisco headquarters and the long street, with a lot of buildings, and a lot of people. And everybody's wondering, will that headquarters, and centralized structure, that we had before, is that forever changed? >> You know that's a great question. So, it's for certain changed, I think, in terms of therapeutic, or a vaccine, for the current covid virus. So, that's just a fact of life and we've been comparing notes with a lot of other companies about what they're doing to bring the workers back, who want it, who are comfortable and want to come back to work. 'Cause, even inside of Pensando, I've got some folks who're like, "Listen, I'm not comfortable coming back, "I've got kids at home , I don't want to take the chance." That's fine, we don't have a problem with that. And, quite frankly, we can make a case that, in some of our functional areas, we're more productive than we were before the pandemic. In India specifically, this has been a boon for us because they're not getting on and off buses, they're not spending three or four hours trying to get back and forth to work, they're happy working from home, we're happy having them at home. The guy who runs India for us says productivity's up, and employee satisfaction couldn't be higher. Our plans now is, we have to bring a small team back into our headquarters, in Milpitas, to bring up our new Asic. But, that's going to be 15 to 20 people, and not all at one time, we're going to spread them out. We're already articulating what parts of the building can and can't be used , one way hallways, masking, temperature taking, everything you would expect. The next phase for us is some sort of rotational work where we'll say, "We're going to bring 25% of the people in, "30% of the people in, you work the week, you're off "for two, you work the week you're off two." And so we can get through the back of this thing, it's unlikely, it's almost impossible, in my mind, we would bring back 100% of our employees in the building. Now, does that change the view longterm? It's a great question because, I think what it's forced us to do is to get more comfortable with remote work, so that we can truly make it an option of any one employee, in specific areas. Like, the lab guys have to be in the lab, and the IT guys got to be in the computer room, but if you're a software developer, or if you're a marketing guy, do you really have to be in the building? And I think it's pushed us to really learn to manage them more effectively, with remoteness. And I think it provides us, at least, with options going forward. When I hire the next 100, do I have to put 'em in a building someplace or do I just deal with them where they are and bring them into the fold? We've brought on dozens of people, since the pandemic started, and quite honestly, we onboard 'em , we train 'em, and we mainstream 'em remotely and it's worked out great. >> Excellent, all right Randy let's bring it back to the HPE partnership for the final question. >> Sure! >> Tell us what we should be looking at, through the rest of this year, what the general availability of this means to your business and the impact you expect it to have on your customer. >> So, from an HPE perspective, I think this is going to be great innovation that they're bringing to the marketplace, to their customer set. It allows them, I think, to separate themselves from the market, at least for some period of time, until the other players get pulled along by the end users. Their product has a pretty steep ramp, their front half and the back half of the year, for us, are dramatically different, in terms of size and ramp. And it really sets us up for a very large, we hope, fiscal '22, which , for us, will end in January 31st of '22. But we're going to know, I mean we go GA in just a few weeks and we're going to get a sense if we can turn these POCs into end customers. And we're also going to see the ramp of the cloud customers in Q4. So, you know, I really feel like, both for us and for HPE, the next three four months, as we start getting back to some regularity of interacting with customers physically, not just remotely, and we see the early benefits and some of the early profit ownership analysis on deployment erect technology. This could be dramatic for us and for them, quite honestly. >> All right, well Randy Pond, CFO of Pensando, thanks so much, really a pleasure catching up with you and getting to discuss about how Pensando's helping to future proof your enterprise. >> Thank you much, my pleasure, have a great day. >> All right, I'm Stu Miniman, check out theCUBE.net for all our coverage, thank you for watching, thank you. (soft music)

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hey welcome back here ready Jeff Rick here with the cube we're in our pal 2 studios today for a cube conversation to talk about a pretty interesting topic right which is the security issue that is pervasive and needs to be baked in all over the place and combining that with networking and software to find networking which is often talked about as kind of the last area of really software-defined execution and a lot of activity around SD win so we're happy to have with us today from Fortin at John Madison he's the CMO and EVP of products for fortinet John great to see you you too and also joining us from Atlanta is Hilton styrsky he is the CIO of Crawford & Company Hilton great to see you as well so let's just jump into it big issue right Crawford & Company Hilton give us a little bit of the which you guys are and more importantly kind of what a distributed company that you are y SD win and when particularly is a pretty important piece of the equation absolutely SD wins very important to us as we look at growth so I'm a confident company we are 77 year old you asked in management's claims company we we haven't focus on restoring and enhancing lives businesses in communities in 2018 we processed about one and a half million claims they are translated into north of fifteen billion dollars in payments but more importantly when you think about the insurance space and really any highly transactional organization will go through a digital disruption and korfin and company is no difference and in particular with the culture of innovation that we have a profiling company we looking at all facets of the business to disrupt and that's our basic infrastructure all the way to the business process applications that interact with our customers and when we think about the network that's the lifeblood of our organization span in seven countries with almost 9,000 employees and NATO it touches every facet of our organization and our business and being on an innovative modern technology enables us to support the Scanlan growth that's invariably coming down the pipes in this industry thank you thanks for that summary and John over to you you know we got a lot of conferences as we go to your guys conference we go to RSA and security the topic because all these security needs to bake be baked in throughout the process it can't just be added on at the end and you guys have taken that to heart so tell us a little bit about you know your guys solution in this SD win space and how you're approaching it slightly differently yes he'll concern just about every company's going through this digital disruption and that means they really need to make sure that network is of high quality high speed can access the applications but most importantly is secure so what we do is make sure with all my networking gear and SDRAM being a specific example that security is totally integrated within that solution and you do it in a different way - right you're not just doing it with software but you've actually introduced you know a hardware component into this into this equation as well yeah well now obviously the software is still very important to make sure you can orchestrate and you've got the feature set but earlier this year we announced the the world's first sd1 ASIC which allows us to get that performance of the networking stack and security stack on a single appliance we're talking about five to 10 X performance and again allows the customer such as Crawford to run and networking and their security in that single appliance so help I'm curious from your perspective I have to say I feel sorry for CIOs cuz that you know as again we go to all these shows we walk around there's so much technology and in security specifically when you walk around RSA as the the granddaddy of all those conferences you know there's hundreds and hundreds and hundreds of vendors and I think my goodness how do you go through how do you evaluate so you know what do you do when you're looking for technology partners among this giant sea of potential opportunities and people telling you to do this that and the other you got to find a partner that's going to help you absolutely so I mean they're number of facets that come to that but first and foremost we take security and privacy not just security extremely or seriously hope it ends because of that we rely on our cyber team to help us make decisions and drive those discussion so these relationships are not just you know come about because of benefits that we see on white papers or interactions with the PIO they really are driven from our cyber organization in the indian research that they do envy attend products we're not just looking for a sexy brands name to put in our our branches in our data centers but we're really looking for a tried and tested product and it wasn't a network that really came down to our cyber team because of the integrated nature of the ESD way and the security applies it to em i'm curious in terms of the changing kind of government regulations you know ii had gdpr we've got the California Privacy Act has that impacted your you know kind of prioritization of security and privacy or has that always just been a top priority and that's just you know kind of another box to check yeah man it's always been there we haven't seen it impacted from a sigh from a networking perspective tea to date but as we think about applications we're looking for the flexibility in the application stack to adhere to GT bernini quite frankly any other regulatory control been in the insurance industry we are highly regulated and that type of scale and flexibility is something that we look to as we build new products more modern future and John to you I'm just curious you know some of the advantages of bringing these two things together to really bake the security and the SD win appliance what is that enable you to do that you couldn't do so much before well it's all about supporting the business and the applications so corporate for example you know obviously voice is very important to me they speak to a lot of people and branch offices video training their applications in the cloud and so bringing mass security and that networking together and accelerating it means they get a high quality of service to all the applications which are important to their business so what's next John what are some of the the things as you look forward and you see this this market to continuing to evolve you guys are really starting to take a real leadership position what are some of your priorities as you as you look forward and we're gonna flip the calendar here in just a few short months you know and definitely you know sd-1 an application on our appliance has exploded we just announced we're actually in the top three in terms of sd-1 benders globally what's coming next well I think what we call cloud on-ramp isn't very important where we provide specific routes and information to make sure we have even higher QoS of devices and users getting to the applications and I knew that on the land side of it was starting to roll out something called ST branch which gives you the same kind of fabric topology view control and workflow of access from Wi-Fi from Ethernet switching and we've also integrated nak network access control which gives you that visibility control of IOT devices great so I want it I want to give you the last word you know to share with your peers as they're going through this journey a lot of talk about digital transformation but when the rubber hits the road right you actually got to do do the things and do the small things that make a difference as you've gone through this and you've dealt the security you got a lot of remote branches this continuation around hybrid cloud and and distributed infrastructure what are some of the things on your top of mind and what would you share with some of your peers as they you know start to look at some of these technologies well you've got to have an open mindset and obviously like anything it's okay to fail as long as you learn from your mistakes but as we think specifically about our network and coordinate in particular I think trying to reference some of the technologies and that that requires a lot of data so you need to understand what the future looks like and provide a scale and flexible solution for our customers and John also reference Borden ACK we are in the process of deploy in that and it's all about having that single pane of glass in an integrated solution and makes it easier for a smaller supports team to manage and ultimately Triberr you and Ally investments and other parts of their company well Hilton I know we're up against it on the time I want to thank you for for taking some time out of your busy day and lovely Atlanta and sharing your story and John you know nothing but continued success to you and fortunate we've really been happy to be part of the story and share it and come to the conference's and just another step on that on that journey to success thank you thanks a lot all right thanks gentlemen all right you've been watching the cube from our Palo Alto studios thanks for watching we'll see you next time [Music]

>> Narrator: Live, from San Diego, California, it's The Cube, covering Cisco Live, US, 2019. Brought to you by Cisco, and it's Ecosystem Partners. >> Welcome back to San Diego, everybody, you're watching The Cube, the leader in live tech coverage. My name is Dave Volante. I'm here with my co-host Stu Miniman, we're covering day two here of Cisco Live, 2019. Anand Oswal is here, he's the Senior Vice President of Enterprise Networking Engineering at Cisco, and John Apostolopoulos. The Italians and the Greeks, we have a lot in common. He is the VP and CTO of Enterprise Networking at Cisco. Gentlemen, welcome to The Cube. How did I do? >> You did awesome. >> Dave: Not too bad, right? Thank you. (chuckles) All right. Anand, let's start with you. You guys have had a bunch of news lately. You're really kind of re-thinking access to the network. >> Anand: Yeah. >> Can you explain what's behind that, to our audience? >> Yeah. If you think about it, the network is running more and more critical infrastructure. At the same time, it's increasing modern scale and complexity. What we expect, is that you always need wireless on. The workspace is on the move. You're working here, in your office, in the cafe, in the soccer field, everywhere. You want an uninterrupted, unplugged experience. For that, it's wireless first, it's cloud-driven, and it's data-optimized. So, we had to rethink how we do access. It's not just about your laptops and your phones on the wireless network, in the enterprise it's digital management systems. IOD devices, everything's connected wirelessly. And we need to rethink the access, on that part. >> So John, this obviously ties in to, you know, you hear all the buzz about 5G and WIFI 6. Can you explain the connection and, you know, what do we need to know about that? >> Okay, so 5G and WIFI 6 are two new wireless technologies, which are coming about now, and they're really awesome. So, WIFI 6 is the new version of WIFI. It's available today, and it's going to be available predominantely indoors. As we use WIFI indoors, in high-density environments, where we need a large database per square meter. And the new WIFI 6, the coverage indoors. 5G is going to be used predominately outdoors, in the cellular frequency. Replacing conventional 4G or LTE, and it'll provide you the broad coverage as you roam around, outdoors. And what happens though, is we need both. You need great coverage indoors, which WIFI 6 can provide, and you need great coverage outdoors, which 5G will provide. >> So, the 4G explosion kind of coincided with mobile-- >> Anand: Yep. >> Obviously, and that caused a huge social change-- >> Anand: Yep. >> And of course, social media took off. What should we expect with 5G, is it, you know, I know adoption is going to take a while, we'll talk about that, but it feels like it's more, sort of, B-to-B driven, but maybe not. Can you, sort of, give us your thoughts there. >> Well think about it, if you see WIFI 6 and 5G have actually been on some similar fundamental technology building blocks. You know, you've all been at a ball game. Or the Warriors game, like a few weeks ago, when they were winning. And, after a great play, you're trying to send that message, a video to your kid or something, and the WIFI is slow, latency. With WIFI 6, you won't have that problem. 'Cause WIFI 6 has four times the latency, sorry, four times the throughput and capacity as existing WIFI. Lower latency. And also, the battery life. You know, people say that batteries are the most important thing today, like in the Maslow Hierarchy Chart-- >> Dave: Yeah, yeah, yeah. >> Three times the battery life, for WIFI 6 endpoints. So, you're going to see a lot of use cases where you have inter-working with WIFI 6 and 5G. WIFI 6 for indoors, and 5G for outdoor, and there'll be some small overlap, but the whole idea is that, how do you ensure that these two disparate access networks are talking to each other? Exchanging security, policy, and there is some visibility. >> Okay, so, well, first of all, you're a Warriors fan, right? >> Anand: Yeah, I am. >> Awesome, we want to see this series keep going. >> Game six, baby! >> That was really exciting. Now of course, I'm a Bruins fan, so we're on the plane the other night, and the JetBlue TV shut down, you know, so I immediately went to the mobile. >> Yeah. >> But it was a terrible experience, I was going crazy. Texting my friends, what's happening? >> Anand: Yeah. >> You're saying that won't happen-- >> Anand: Yeah. >> With 5G and WIFI 6? >> Anand: Yeah. Exactly. >> Oh, awesome. >> So, John, help connect for us, Enterprise Networking. We've been talking about the new re-architectures, you know, there's ACI, there's now intent-based networking, how does this play into the 5G and WIFI 6 discussion that we're having today? >> Okay, so one of the things that really matters to our customers, and to everybody, basically, is that they want the sort of end-to-end capability. They have some devices, they want to talk through applications, they want access to data, they want to talk with other people, or to IoT things. So you need this sort of end-to-end capability, wherever the ends are. So one of the things we've been working on for a number of years now, is first of all intent-based networking, which we announced two and a half years ago. And then, multi-domain, where we try to connect across the different domains. Okay, across campus, and WAN, and data center, all the way to the cloud, and across the service finder network. And to add security, as foundational across all of these. This is something that Dave Goeckeler and Chuck Robbins talked about at their keynote yesterday. And this is a huge area for us, 'cause we're going to make this single-orchestrated capability for our customers, to connect end-to-end, no matter where the end devices are. >> All right, so Anand, I have to believe that it's not the poor, you know, administrator, saying, oh my God, I have all these pieces and I need to manage them. (laughing) Is this where machine learning and AI come in to help me with all these disparate systems? >> Absolutely. Our goal is very simple. Any user, on any device, should have access to any application. Whether it's sitting in a data center, in a cloud, or multiple clouds. Or any network. You want that securely and seamlessly. You also want to make sure that the whole network is orchestrated, automated, and you have the right visibilities. Visibilities for ID, and visibility for business insights. Talk of AI and ML, what's happening is that as the network is growing in complexity and scale, the number of alerts are growing up the wazoo. So you are not able to figure it out. That's where the power of AI and machine learning comes. Think about it. In the industrial revolution, the industrial revolution made sure that you don't have the limitations of what humans can do, right? You had machines. And now, we want to make sure that businesses can benefit in the digital revolution. You're not limited by what I can pass through the logs and scrolls. I want to automate everything. And that's the power of AI and machine learning. >> Are there use cases where you would want some human augmentation, where you don't necessarily want the machine taking over for you, or do you see this as a fully-automated type of scenario? >> Yeah, so what happens is, first of all, visibility is really, really important. The operator of a network wants to have visibility, and they want end-to-end across all these domains. So the first thing we do is we apply a lot of machine learning, to take that immense amount of data, as Anand mentioned, and to translate it into pieces of information, to insights into what's happening. So then we can share to the user and they can have visibility in terms of what's happening and how well it's happening, are they anomalies, or is there a security threat, so forth. And then, we can provide them additional feedback. Hey, this is ananomaly, this could be a problem. This is the root cause of the problem, and we believe these are the solutions for it. What do you want to do? Do you want to actuate one of these solutions? And then they get to choose. >> And if you think about the other way, our goal is really to take the bits and bites of data in the network, convert that data into information. That information into insights. That insights that lead to outcomes. Now, you want to also make sure that you can augment the power of AI and machine learning on those insights, so you can drill down exactly what's happening. So, for example, you want to first baseline your network. What's normal for your environment? And when you have deviations. That's anomalies. Then you narrow down exactly what the problem is. And then you want to automate the remediation of that problem. That's the power of AI and ML. >> When you guys, as engineers, when you think about, you know, applying machine intelligence, there's a lot of innovation going on there. Do you home-grow that? Do you open source it? Do you, you know, borrow? Explain the philosophy there, in terms of from a development standpoint. >> Yeah. From a development point of view it's a combination of all the other aspects. We will not reinvent what already exists, but there's always a lot of secret sauce that you need to apply, because everything flows to the network, right? If everything flows to the network, Cisco has a lot of information. It's not just a data lake. We're a data source as well. So taking this disparate source of information, normalizing it, harmonizing it, creating a language, applying the algorithm of AI and machine learning. For example, we do the model learning and training in the cloud. We do inference in the cloud, and you push the rules down. So it's a combination of all of the aspects we talked about. >> Right, and you use whatever cloud tooling is available. >> Yes. >> But it sounds like from a Cisco engineering standpoint, it's how you apply the machine intelligence, for the benefit of your customers and those outcomes-- >> Anand: Yeah. >> Versus us thinking of Cisco as this new AI company, right? >> Anand: Yeah. >> That's not the latter, it's the former, is that fair? >> So one of the things that's really important is as you know, Cisco's been making, we've been designing our A6 for many years, with really, really rich telemetry. And as you know, data is key to doing good machine learning and stuff. So we've been designing the A6, to do do real time at wire speed telemetry. And also to do various sorts of algorithmic work on the A6 to figure out, hey, what is the real data you want to send up? And then we've optimized the OS, IOS XE, to be able to perform various algorithms there, and also to host containers where you can do more machine learning at the switch, at the router, even in the future, maybe, at the AP. And then with DNA center, we've been able to gather all of the data together, in a single data lake, where we can perform machine learner on top. >> That's a very important point John mentioned, because you want layer one to layer some of the analytics. And that's why the Catalyst 9120 access point we launched has the Cisco RF ASIC, that provides things like clean air for spectrum, we've also got the analytics from layer one level, all the way to layer seven. >> Yeah, I really like the line actually, from Chuck Robbins yesterday, he said, the network sees everything and Cisco wants to you know, give you that visibility. Can you walk us through some of the new pieces, what people, either things that, they might not have been aware of, or new announcements this week. >> So, as part of the Cisco AI network analytics, we announced three things. The first thing is automated baselining. What that really means is that, what's normal for your environment, right? Because what's normal for your own environment might not be the same for my environment. Once I understand what that normal baseline is, then, as I have deviations, I can do anomaly detection. I can correlate and aggregate issues. I can really bring down apply AI and machine learning and narrow down the issues that are most critical for you to look at right now. Once I narrow down the exact issue, I go on to the next thing, and that is what we call machine reasoning. And machine reasoning is all about automating the workflow of all you need to do to debug and fix a problem. You want the network to become smarter and smarter, the more you use it. And all of this is done through model learning and training in the cloud, inference in the cloud, and pushing it down, the rules as we have devices online, on plan. >> So do you see the day, if you think about the roadmap for machine intelligence, do you see the day where the machine will actually do the remediation of that workflow? >> Absolutely. That's where we need to get to. >> When you talk about the automated baselining, I mean there's obviously a security, you know, use case there. Maybe talk about that a little bit, and are there others? Really, it depends on your objective, right? If my objective is to drive more efficiency-- >> Yeah. >> Lower costs, I presume a baseline is where you start, right? So... >> When I say, baseline, what I mean really is like, say if I tell you that on this laptop, to connect to the WIFI network, it took you three seconds. And I ask you is that good or bad? You'll say, I don't know. (laughs) >> What's the baseline for the environment? >> Dave: Yeah. >> What's normal? And next time, if you take eight seconds, and your baseline is three, something is wrong. But, what is wrong? Is it a laptop issue? Is it a version on there, on your device? Is it an application issue? A network issue? An RF issue? I don't know. That's where AI machine learning will determine exactly what the problem is. And then you use machine reasoning to fix the problem. >> Sorry, this is probably a stupid question, but, how much data do you actually need, and how much time do you need, to actually do a good job in that type of use case? >> Well, what happens is you need the right data, okay? And you're not sure where the right data is. (chuckles) >> So originally what we'd do, a lot of our expertise, that Cisco has for 20 years, is figuring out what the right data is. And also, with a lot of the machine learning we've done, as well as machine reasoning, where we put together templates and so forth, we've basically gathered the right data, for the customer, and we refined that over time. So over time, like, this venue here, the way this venue's network, what it is, how it operates and so forth, varies with time, and we need to refine that over time, keep it up to date, and so forth. >> And when we talk about data, we're talking about tons of metadata here, right? I mean, do you ever see the day where there'd be more metadata than data? (laughs) >> Yeah-- >> Rhetorical question. (laughs) >> All right, so-- >> It's true though, it's true. >> Right? (laughing) >> We're here in the DevNet zone, lots of people learning about building infrastructures, code, tell us how the developer angle fits into what we've been discussing here. >> Oh, yes. So what happens is, as part of intent-based networking, a key part's the automation, right? And another key part's the assurance. Well, it's what DevNet's trying to do right now, by working with engineering, with us, and various partners, other customers, is they're putting together, what are the key use cases that people have, and what is code that can help them get that done? And what they're also doing, is they're trying to, they're looking through the code, they're improving it, they're trying to instill best practice and stuff, so it's a reasonably good code, that people can use and start building off of. So we think this can be very valuable for our customers to help move into this more advanced automation, and so forth. >> So, architecture matters, we sort of touched upon it, but I want you to talk more about multi domain architecture. We heard Chuck Robbins, you know, talk about it. What is it, why is it such a big deal, and how does it give Cisco a competitive advantage? >> Think about it, I mean, multi domain architecture's nothing but all the components of a modern enterprise network behind the scenes. From giving access to a user or device, to access to an application, and everything in between. Now traditionally, each of these domains, like an access domain, the WAN domain, can have hundreds of thousands of network nodes and devices. Each of these are configured, generally manually, the the CLI. Multi domain architecture's all about stitching these various domains into one cohesive, data-driven, automated, programmable network. So, your campus, your branch, your WAN, your data center and cloud, with security as an integral part of it, if at all. >> So, it's really a customer view of an architecture, isn't it. >> Absolutely. Yeah. Absolutely. >> Okay. It's good, I like that answer. I thought you were going to come out with a bunch of Cisco-- >> Anand: No. >> Mumbo-jumbo and secret sauce-- >> No. >> But it really is, you guys thinking about, okay, how would our customers need to architect their network? >> Exactly. Because if you think about it, it's all about a customer use case. For example, like, we talked earlier, today we are working everywhere. Like, on the poolside, in the cafe, in the office, and always on the go. You're accessing your business-critical applications, whether that's Webex, salesforce.com, O365. At the same time, you're reading Facebook, and WhatsApp, and YouTube, and other applications. Cisco's SD-WAN domain will talk to Cisco's ACI domain, exchange SLAs and policies, so now you can prioritize that application that you want, which is business-critical. And place the right part, for the best experience for you. Because you want the best experience for that app, no matter where you are. >> Well, and the security implications too, I mean-- >> Anand: Absolutely. >> You're basically busting down the security silos-- >> Yeah. >> Dave: And sort of the intent here, right? >> Yeah. Absolutely. >> Great. All right, last thoughts on the show, San Diego, last year we were Orlando, we were in Barcelona earlier this year, your thoughts about that. >> I think it's been great so far. If you think about it, in the last two years we've filled out the entire portfolio for the new access network. On the Catalyst 9100 access points, with WIFI 6, the switches, next generation campus core, the wireless LAN controller, eyes for unified policy, DNA center for automation, analytics, DNA spaces for business insights, the whole access network has been reinvented, and it's a great time. >> Nice, strong summary, but John, we'll give you the last word. >> What happens here is also, everything Anand says, and we have 5000 engineers who've been doing this over multiple years, and we have a lot more in the pipe. So you're going to see more in six months from now, more in nine months, and so forth. It's a very exciting time. >> Excellent. Guys, it's clear you, like you say, completing the portfolio, positioning for the next wave of access, so congratulations on all the hard work, I know a lot goes into it >> Thank you. >> Thank you very much for coming on The Cube. >> Thank you so much. >> All right, keep right there, Dave Volante with Stu Miniman, Lisa Martin is also in the house. We'll be back with The Cube, Cisco Live 2019, from San Diego. (fast electronic music)

(music) >> Live from Barcelona, Spain, it's theCube. Covering Cisco Live Europe. Brought to you by Cisco and it's eco system partners. >> Welcome back everyone. Live here in Barcelona. It's theCubes coverage day two of three days of coverage. I'm John Furrier With Stu Miniman and Dave Vellante. Dave in this segment. Our next guest is Gordon Thompson, Vice President, Global Enterprise Network from Cisco Worldwide. Run a lot of countries here in Cisco. Knows the territory. Knows the lay of the land in Europe, Middle East, Africa and Russia. Now global. Welcome to the Cube. >> Thank you very much. Glad to be with you. >> You're on stage in the keynote. You say we're here in Barcelona. Lot of action in Europe. Europe's different than North America, but you start to see them leading the trends on how to handle these complex environments like highly regulated compliance. GDPR, we've been hearing about that. Security, cyber security. So a lot of trends in Europe are actually leading in some areas. That's impacting the network. Your thoughts on this show so far. How's it going? >> Yeah. I think, there's a fundamental phenomenal opportunity for our customer base and for Cisco at the moment in terms of where technology is going. It's mostly being driven by software innovation in the business. For many, many years we built world class hardware and a software operating system that did one thing. It provided connectivity. But it did one thing. Reliable, secure, performance based connectivity but it did one thing. The opportunity now, going back to your question is we're developing software that doesn't do one thing. It's software that does multiple different things. On top of that hardware that therefore helps solve some of the challenges around compliance and all of these sorts of things, but at the same time start to provide much deeper insight and analytics into what's going on in your environment and that then starts to let you say, hey, there's information here in the network that I've never been exposed to before, that I'm now exposed to and I can start to do something meaningful with that data. That's the opportunity, I think, for our customers is how they monetize that. How they use that information. Providing that information on a real time basis is going to be the critical thing. We see lots, it's a very competitive environment Amir, we see lots of business in Amir looking to see how they can use technology to drive differentiation for them in the market and they're beginning to realize that data is the key to being able to do that and they're now seeing how much data they've got on their network that if they can get exposure to they can start to use in a meaningful way. Really exciting. It's very innovative here. We're seeing customers starting to realize how important the network is. >> In your keynote, you made a bunch of people uncomfortable saying you have to change. >> Yeah. >> And then admitted I don't like it when people tell me I have to change, but you need to change. What do they have to change? >> They have to think about truly how they're architecting and designing their networks. As I said earlier, on Ciscos an organization's been phenomenally successful but we've really done one thing in 30 years, provide reliable, secure, connectivity. And over the last four years our innovation strategy has changed to say we're not just going to deliver connectivity, we're going to look at how we can deliver automation on top of the network. We're going to look at how we deliver security embedded in the network. We're going to look at how we take real time analytical insights off of the network. When you think differently about how you use a network you'll then start to think differently about the value the network can bring. I was making that comment 'cause I was wanting customers to think about the network no longer just being something that's going to deliver connectivity. It's something that will absolutely drive business transformation for them if they approach it with that thought process in mind. It was really a challenge to get people to think slightly differently. >> Yeah. Wake up a little bit and say, okay, what's going on here? And I want to get your thoughts on the trend because the tail winds, I think that Cisco's feeling right now is, in every major inflection point there's always complexity and abstraction layers of software always take away the complexities. Software check, big time trend. But cloud scale and horizontal scale now with the Enterprise, HyperFlex out to the edge, ACI Anywhere, so you start to see Cisco as one large scalable network with complexities that's being managed by software across domains. This seems to be a beautiful formula for what customers want which is secure networks. Do you see it that way? Is that a major wave you're riding? Is that what customers are saying? Because I think you're getting at something that's important which is I'm moving packets around, moving data around but I got to put my solution out in front of customers. The applications. How they access and engage. These are big picture items, but what's your thoughts on this? >> Okay. It's interesting, right. 'cause what we've created is, so we've created this software overlay network in various different areas. We've created a fabric. In the data center we've created an ACI fabric. In the Branch and the Campus we've created what we call software defined access fabric. And in the ONE we've created this software defined ONE fabric with our WHIPTAIL acquisition. Also with Meraki. The interesting thing is people have created these software fabrics to drive southbound automation onto the network to save money. To move more quickly. What we are saying to our customers is actually the value isn't just about driving southbound automation onto each of these fabrics, it's about how you take information from each of these fabrics, connect that information together holistically and then start to provide more value around behavioral analytics. To secure your environment more. Et cetera, et cetera. You're going to see individual fabrics, but then what Dave Goeckeler was talking about was how he connects these fabrics or domains together. Connecting them together is going to help us secure the environment even more effectively. It's also going to help us analyze what's going on more effectively as well. This is really the sweet spot, I think, for us to work more closely with our customers. >> Talk about security because I think this is a great point. I think if you guys can, well you have the fabrics now, product portfolio has broadened. It's filled in, but security still is hot. It's still number one. You guys are embedding that foundational into the network and lifting the data up to create insight. What are some of the actionable things that you're seeing enabled from, one the fabrics coming together and talk about the dynamic of security specifically because if you don't fix the security paradigm at the network level, it's a house of cards. Everything crashes. That's my opinion. Your thoughts. Do you agree with that? >> I hope that nothing crashes at entity, but the key thing, I think is, we like to say we put security in the network, whereas we looked at all of the other networking vendors applying security on top of the network. >> What's the difference? Explain the difference. >> In our own, one word each with two letters in them but a massive difference in terms of what they do. Ultimately the network can provide us with loads of contextual information around what's happening in the environment. It's about how you use that information in a real time basis to help make better security decisions. It's really taking the value of networking devices and passing that information from a network switch or a wireless controller to a security policy control capability is really where we start to see value come together. And it sees things that are important to us. For example, I met with a sales leader recently in a very large pharmaceutical company in Europe, and their problem was their salespeople were handing in their resignation but they were doing it the day after they'd taken all the intellectual property out of the company. They had gone and taken all of the customer data base. They'd put it on a stick. They put it in their pocket. And they went away. It happens every day. The challenge is the network should be able to see a behavioral change. If that was you or me we normally perform the same activities on the network every day. We don't really change what we do, but the minute we start to go to old servers to download information that we haven't downloaded in years, you know, that's a behavioral change. And the network should be able to identify that, pass that information to the network administrator and deal with it so we can stop that sort of data leakage from our organization. These are the sorts of things that I think are exciting. >> And Cisco's unique because of the scope of your portfolio or the technology? >> Well, a bit of both. Cisco's unique because of the scope of the technology, but it's also about the amount of information we take off the network. You know, people talked about in this software overlay world the network becoming, hardware becoming commoditized. Oh, Cisco, your hardwire is going to be commoditized. We'll move to white box. The reality is it's the power of our hardware, our ASIC Design that allows us to pull all of this information off the network. People are beginning to realize how important data is now. And now they're beginning to see actually hardware's really important. Although it's the software that does all the sexy stuff, hardware's really important. We're beginning to see customers recognize two things, the breadth of the portfolio, as we mentioned earlier on, but also the power of the hardware to allow the software to do everything it does. >> Gordon, I know you got to go. Thanks for coming on. One final question while you're here 'cause I know you have a unique perspective. Want to get it real quick. Quick soundbite here. Global is now a big part of everyone's plan. Global economy. You have good experience globally with Cisco and also here in Amir, how should companies think about global networking? What's your insight into how people should start thinking about global architectures, global clouds, global networks? Your thoughts. >> I think every organization is looking to build out these capabilities. There's absolutely no doubt they are, but I think the way to approach it nowadays with all of the software capabilities we have, is to build bit by bit, right? To build your networks in different islands and then look to how you join those islands together. I think, ultimately, that's how most organizations are looking to move forward. From our point of view, I think, we'll look to connect those islands or fabrics together with the power of data. Ultimately, I think, we've always said data is the new oil, but I think, truly in the networking industry now, data is the new oil and it's truly how organizations will differentiate themselves in the future. >> Gordon, thank you for spending the time on the Cube. I know you got to hard stop. Appreciate it. >> No problem. >> Thank you for your precious time. It's the Cube live coverage from Barcelona. I'm John Furrier with Dave Elante. More live coverage. Stay with us after this short break. (techno music)

(funky music) >> Live from Barcelona, Spain, it's theCUBE. Covering CISCO Live Europe. Brought to you by CISCO and it's ecosystem partners. >> Everyone welcome back to theCUBE's live coverage here in Barcelona, Spain for Cisco Live Europe 2019, I'm John Furrier, and my co-host, Stu Miniman. Our next guest Sachin Gupta, senior vice-president of product management in Cisco's enterprise networking business, it's the crown jewels of Cisco, Sachin got the keys to the kingdom. Runs project management, so we get all the info from you, thanks for joining us. Good to see you again, good to see you again, king alumni. >> Yes, thanks. >> Thanks for coming on, I know you've got a keynote at 12 coming up shortly, thanks for spending the time, I'll get right to it. Networking is being reinvented, David Geckler said that onstage yesterday in the keynote. It's not changing, it's just shaping differently for customer needs intent-based networking, we talked briefly last year at Cisco Live in North America moving up the stack, it's here. Intent-based networking, cloud connections, IOT, all kinds of edge con activity, everything's connected, now on to the network. This is real. >> This is real, and John, look, it's been really exciting, right? We've gone through an 18 month journey here, when we first introduced in tent-based networking we talked about moving away from CLI box by box to really solving the problem at an abstracted, intent layer. Specify what user groups and what segments you want, what experience you want to deliver for those applications, and then the network feeding the data back up so you can learn from it, you can manage it, you can troubleshoot it in a much, much simpler way. We're now into this, as I said, 18 months. We have thousands of customers already using intent based networking we talked about software defining access for automated segmentation in the campus, talked about insurance, and then we've been adding capability along the way. And in just this week, David Geckler had people on stage, talked about more innovations with intent-based networking in the data center with ACI anywhere, with innovations on hyper flex. Liz came on and talked about IOT, and how that fits into the framework. And then Gordon talked about what we're doing with SD Ren, really, really exciting stuff going on there. >> Well, why don't you take a minute and quickly explain for the folks watching want to get us on the record so we can get definition. What is intent-based networking? What does it mean, what's the impact for the customers, what is it? >> Intent-based networking means that you can now express your business intent. Here's the outcome I'm looking for from the infrastructure. The system and the architecture will convert that automatically, provision, all the underlying components get the data and the context back out and prove to you that the intent you wanted was delivered. >> And what is changing now, more than ever, because applications are coming on. We see DevNet, we're in the DevNet zone. Seeing a lot of activity, developers. >> Yeah, so now you've got networks that are preventable instead of individual devices that you have to learn from the ground up, all their bells and whistles, you can now live at that intent layer, add an API layer on top of the controllers and move much more quickly. You can now start thinking about multiple domains, and how you cross those domains. >> What is the big product change, if any, especially software, is key to all of this? We've got plenty of hardware. You mentioned Liz in IOT, still runs router, she takes that software, she packages them. We interviewed her yesterday, she was talking about the synergies between code bases in which she customizes for the IOT market, then you've got the intent-based networking. What's the product look like, what's the products as they get more horizontal? >> Yes, so make no mistake, the hardware is still very important. Silicon ASIC's very important, but the magic now is in the software layer. So it starts with the operating system, and Liz talked about how we now have the Cisco IOS EXE operating system, which is modular hot patchable API driven programmable, and now runs across the entire portfolio. It runs on her ruggedized IOT infrastructure, runs on our switches, run on the wireless controller, runs on the routers and the SDWAN nodes, virtual and physical, same operating system. And then the SD controller layer on top of that. So for the campus, you've got DNA centers. So let's code DNA center, and then for the WAN you've got Cisco, the TeleV manage solution that provides a controller layer for automation, for analytics on top of the infrastructure. >> I wonder if we can unpack that SDWAN piece a bit, because WAN's been around a long time. I think back to the 90s, WAN was something that helped us get the internet. In the 2000s there was WAN optimization, I worked on a lot of replication solutions. I'm not sure that people understand the connection between SDWAN and really enabling the multi-cloud world that we need today, and the portfolio that Cisco has to attract that. >> You mentioned the 90s, I joined Cisco in 97, and I actually worked in WAN technical support. (laughing) So I've been with WAN for a very long time. And the customers aren't waking up and saying hey, I need a new WAN. That's not how the conversation starts. What's happening is it's a business transformation question. The companies, the customers are using infrastructure as a service, AWS services. They're using ACER, they're using Google Cloud platform. They're using all the SaaS products. Webex from Cisco, right, they're using Office 365. They're using all of these new applications and their data is not sitting in the data center. I mean, as we've noticed this week, the data center moves to where your data is. Well now, if your data isn't in it's data center that's conveniently connected through a WAN connection and it's all over the place. It's in the cloud, in many clouds. You have to think about, how do you get traffic in and out, how do you deliver security, and in this world where you may be using internet connections and all kinds of connections, how do you deliver the right application experience, and then oh, by the way, how do you manage all of this? That's what SDWAN is about, I need to transfer my business as I move applications or consume cloud services, I need to re-architect my WAN, and SDWAN helps me go do that. >> A big piece of that is what a network person needs to manage today, a lot of what they need to manage, they don't own. They don't control it, and some of that means I can't necessarily put a box that I can dial into and do this, so I need a software piece that I can put there as part of my overall configuration. >> Yes, you need a software piece, and you need something that scales to something that is cloud delivered. You can't be going to hundreds or thousands of sites and manually provisioning these for these services. You need to be able to have virtual services. If you're consuming a cloud service, you need your router or your service presence, your SDWAN presence in the cloud, right? So virtual network functions, virtual services become really critical in this world. >> Just on scale, you know, I've worked with Cisco on a lot of branch solutions over my career, there's lots of different components of scale that these type of solutions play into. >> Okay, people say if everything is in the cloud, does the scale requirement go down? All you think about is do I have 100 sites and I had one or two data centers. Alright, well now I have the same hundred sites, and I have hundreds of services. SaaS applications I'm consuming, and as I said, infrastructure as a service. And I still have some data centers for my legacy applications as well. So the complexity has actually increased, the scale requirement has increased. I need a much better software method, a software define method, to manage all of this. >> This is a key point, a lot of inflection points in the industry always have an abstraction layer to abstract away complexities. So you got two things going on here that are pretty clear, there's more complexity and more scale. So software's the perfect solution to manage that, is that what you're saying? >> Software's the perfect solution to manage this, and that's sort of one more level to that complexity. Because your traffic isn't neatly going from your branch through sort of a lease line or MPLS circuit that you can VPN into a data center, it's a more complicated traffic flow. I might be connecting directly to the internet securely is a huge concern. >> This is a great point, I was going to ask you the flow question, you know the old expression "follow the money and you'll find your answers." In networking, in this business, follow the traffic. Remember, north, south, east, west. That became a paradigm that helped shape a lot of network architecture. Now you have new traffic patterns. Can you give some color around the new traffic patterns and with cloud, comes with Edge, it's not just north, south, east, west, it's everywhere, so give- >> So a new traffic pattern now can be, instead of from the branch through your headquarters to your data center, now the traffic pattern is direct internet access to the SaaS application. Or go to a regional hub that I have in a co-location facility. Well, in the old world you had a security stack in your DMC. So it had your best firewall, your best IPS solution, all layered in there. Now in this new world with your traffic hitting directly, those applications and data in the cloud, you have to rethink security. So what we did in our SDWAN solution, we embed the best Cisco security technology application firewall, URL filtering, IPS solutions natively in our SDWAN software stack. And so you can deploy this across hundreds of branches now, and so you have assurance that the same level of security that you had in your data center can be delivered in a distributed way, in an easy way. And what happens is, customers also want to consume cloud security. You know, maybe I don't want to run in my branch, I actually have a SaaS application, I want to use the Cisco Umbrella service. Alright, so this is a secure internet gateway that processes this traffic, makes sure things are clean, makes sure we are safe, the customers are safe, and we can now integrate with cloud services in our SDWAN solution with just one click. >> How important is this security paradigm you just mentioned? Because there probably will be consequences. We've seen IOT become a talking point around oh, surface area, more surface area for the security breaches. This security paradigm's different. Why is it important and what are the consequences if not followed? >> If you don't follow this paradigm, I think the risk you run into that first of all, you will make a compromise on application experience because you're so worried about security. Let me give you an example, customers may choose, hey, you know what, I'll continue hair pinning all my traffic through my headquarters because I have a rich security stack there, and suffer an application experience because I'm going this way to get to the cloud asset rather than going directly, and so by enabling that rich security stack to be virtually enabled anywhere you want it, anywhere you need it, we can ensure that you can have the maximum level security that you need in your architectural design, and still get the application experience by selecting the best path for your application. >> And it's good business to be in enabling technology. We've seen that, you guys have lived that at Cisco. What is the most important story coming out of Cisco, out of this show, as you guys move forward that customers and the industry should pay attention to in your opinion? What's the most important story? >> I think the most important part of the story is, intent-based networking and the architectural shift, the reinvention that it's created isn't about any single domain, right? This is happening in the WAN to solve application experience problems, SaaS application experience problems, security problems, automations, scale. It's happening in the campus for segmentation, prevent lateral movement of threats. It's happening in the data center with ACI, and the customers want simple outcomes. What they're looking for is users, devices, things connecting to applications and data, doesn't matter where they sit, and ensuring that from a policy based model, they can automate end to end, and they can get the visibility, the telemetry end to end to solve problems and to learn and to improve the network. >> So cross domain traffic, application probability of the network, and the role of data that plays in that seems to be a common thread. >> Beautifully summarized, John, that's exactly right. >> Well, what's coming up in the keynote? What are you going to talk about at noon here in Barcelona? >> Yeah so in the keynote, I'm going to recap why have we done this, why does it matter, and why isn't CLI still going to work for you, and why did we need to reinvent networking? And then talk about the journey so far, all the new things we've announced, and then what I'm really excited about is I have a partner coming on stage with me talking about how we're delivering SDWAN solutions for our customers, how does that conversation work, and what should you really worry about as you select the service, design the architecture you're going to go with. >> Sachin, I want to go back in time, jog your memory, I remember back in the 90s, multi vendor was a big word, multi vendor improbability. Multi vendor meant working with multiple industry standard stuff. I hear multi cloud, I get a similar vibe. This seems to be the trend that people want to pay attention to just as much as hybrid cloud or maybe more on the multi cloud side, some are even saying, multi cloud is hotter than hybrid cloud. Do you agree with that, and how does multi vendor, multi cloud jive to Cisco? You guys thrived in a multi vendor world. What's your thoughts on this multi cloud? >> I think in both of those situations, customers are looking for freedom. It needs to be open, API driven. I should be able to move my traffic from one place to the other, my applications from one place to the other and not feel locked in. And so it's critical to support open protocols, open APIs and to provide customers that freedom. An SDWAN actually helps provide that. We're using open protocols open APIs, but at the same time, if I need to move my service from here to there, and I still need to deliver security, application experience, scale, automation, you can do that. So we provide that freedom to run that application in the multi cloud environment. >> One of the things that comes up all the time when we have conversations with the geeks out there at the conferences, it's microservices in containers on one side, and then on the networking side it's still latency and cost, you've still got latency issues and cost to move traffic around. Still a dynamic, how are you guys still looking there? 'Cause latency is certainly super important, and networking will be moving packets around, moving traffic around, and cost, there's still cost. Is this the concept of data center moving to the applications? How do you guys look at that cost equation and the latency equation, that's still important, can't change the laws of physics. >> The cost of latency equation is still really important, but the problem has changed, now. As your applications now, your data center is sort of moving with the cloud. Think about Office 365, we still need to help you get the best experience for Office 365 as if you were running an on-prem solution. For that we need to do things very different, we need to manage latency, to manage jitter, to manage cost overall. So what we've done is we use an API integration with Office 365 to give you 40% better performance for that fast application, and we're doing this for many applications. So I think you're right, you're solving for similar things, but now everything's changed on here. The applications are in a different place. So you just have to solve them in a fundamentally new way. >> And that's the traffic patterns, really comes down to it, and that's a tell sign of user expectation, user behavior, application behavior, this is the new normal. >> This is the new normal. >> What are you excited for looking forward as you look at your business, you look at Cisco, positioning style, I like the new position, very tight, very good, I like A Bridge to Tomorrow, A Bridge to the Future, kind of makes sense. Bridge, I like the double entendre there. But as you look at the portfolio coming together with multi cloud, what are you excited about? >> Look, and I've heard this from many customers and partners this week as well at Cisco live, we've been on this journey for many years. Building out intent-based networking for each of these domains, and now we've got thousands of customers already using it. But the conversations are going from hey, why did we need to do this? To, hey, help me perfect my design, and I now need to connect two or three domains together, how do we go do that? So we're now having richer, more mature next phase conversations. So it's working with our customers to realize that value across all of the domains from anywhere where there are users and things start anywhere with data and application sessions. >> And the network is foundational with the security architecture, you can build on that, that's where the magic will happen from your perspective, you see that. >> That's where the magic will happen, and you know what, only Cisco can pull this off. Because we have leadership in every one of those domains, and we're following the same architectural principles across all of them. >> So if someone said Sachin, this is not your grandfather's SDWAN, what do you respond to that? How do you update that narrative? What is the SDWAN new message, what's the new picture for SDWAN, what does that mean? >> The new SDWAN is about connecting to your applications and data in any cloud in a multi cloud environment, SaaS, IOS applications, it doesn't matter. Any private data center, still delivering the best security, best application experience in an automated way at the skill that you need. >> Okay, at the center of the value properties, have been saying on theCUBE for nine years, finally it's happening, a lot of stuff coming together meeting the road, congratulations on your success, and thanks for spending the time to come in. Great to see you, good luck on your keynote. This is theCUBE coverage live in Barcelona. I'm John Furrier, Stu Miniman, back with more coverage here from Cisco Live after this short break, stay with us. (funky music)

>> Live from Orlando, Florida, it's theCube, covering Cisco Live 2018. Brought to you by Cisco, NetApp, and theCube's ecosystem partners. >> Welcome back, I'm Stu Miniman, and this theCube's coverage of Cisco Live 2018 in Orlando, Florida. We've got three days of programming we've been doing. We're heading towards the end, but still going strong. Happy to welcome to the program, first time guest, John Apostolopousos, who's the vice president and CTO of Enterprise Networking and lab director of the Innovation's Lab with Cisco. It all rolls right off the tongue, right John. >> Yes, yes. >> But welcome to the program, thanks so much for joining us. >> Thank you for joining me, it's a pleasure being here. >> Alright so you and I were rapping, we both have some background in networking in innovation labs. So, you know, it's one of the things I love to talk about, who doesn't love to talk about innovation. Tell us a little bit about your background and what are the innovation labs inside of Cisco? >> Okay, so I've been working in various areas of R and D and innovation for many years. And I joined Cisco about five years ago, both to be CTO and also to create a group, a lab, a group of people to help identify and try to solve problems of a strategic importance to Cisco's future. And by doing these, we believe that we can have a significant effect on our customers and bring great value to them and differentiation for Cisco. Yeah, it's a lot of fun. >> It's kind of a, you know what, one of the things I poked at, I worked in a CTO office at one of the big vendors for a few years, and it's like we need the place where people can play and learn and try and fail, it's okay. There's always a push from this, well it needs to lead to product that leads to revenue. How does that work inside of Cisco? >> So it actually works quite well because there's strong push from the top from Chuck Robbins, Dave Decker, from my boss, Scott Harrel, my junior colleagues, Robby Chandra and so forth, to identify these key problems, invest, try to solve them and so forth. Because they know if we can succeed, it's going to be huge revenues. >> Okay, yeah. John, the level we get a CTO on, there's no shortage of cool and interesting things to look at. What are some of the main areas that you and your team look at? >> Sure, so one of the things which actually I with Robby Chandra and other very talented colleagues across Cisco started about five years ago now, was looking at what are some of the key use cases that customers need to have addressed three to five years down the road? And what architectures do they need to solve it? And we started that work four or five years ago, that leads to what we call the digital network architecture DNA that we are hearing all about today. So that work actually started in December 2013, it would really ramp up in 2014 and 2015. And it takes so long because it takes a long time to figure out what are the real problems customers need to address and then how can you build the ASICs and the operating system and the software on top and the platforms and DNA center and now DNA center platform that's needed. And we have a whole bunch of additional things in the pipe. >> Yeah, so bring us back, because you know in technology three to five years, that's a really long time. >> That's a long time. >> So what were some of the original kind of customer needs that you saw and what was on target and what's changed in that time period? >> Sure, so some of the things the customer needs, is they need to be able to role out new services really fast, okay. Today it takes and it historically takes a long time to role out a new service. Let's say we want to have a tele-present system or let's say you want to bring a new IOT device on the network, and you want to segment it relative to all the other devices so there can't be any security threats. And you want to apply all the best practices for networking and security. Typically that's been really, really hard. It's been really hard because you have to figure out for the new application what network and security requirements do you need. Then how should that, how should the network be architected, how should each device in the network be programmed for QOS or anything else. And then go out and do it. Device by device typically. And then be able to look to say hey, is that actually working the way that I intended? Or is there a problem, if so, where's the problem. How can I fix it? How can I change it? Historically that process has taken a long time. Now what we've done is by taking a more wholeistic view, and with things like DNA center, we have a full understanding of what's happening end to end. So we can role out a new service, we can identify both the network policies that are required, the security policies, figure out what's needed in each element in the network, go out and employ it. Then look to see what's happening, verify if it's doing what's needed, and if not, make recommended fixes and so forth. So this is one of the major fundamental shifts that is occurring and it's something we're very excited about and our customers are also really excited, which is, because it brings them great value. It increases their speed. It increases their security, lowers their costs. It's pretty exciting stuff. >> Yeah, John, if I wind the clock back 10 or 15 years ago, intelligence in the network, using data and analytics in the network, we were talking about it back then. >> We were, we were. >> So tell me why it's different now. Why, you know, I know all the people that work on this, we're quite excited for the things that we can actually accomplish today. Not like we were just talking about it, we were building real solutions, but what's different today? >> It's different at every single level. For example, 10 years ago we did not really have ASICs to be programmable. Today with a lot of the ASICs we have with UADP, unified access data platform ASIC. As new protocols become important, we can go and change more for to support it. Our new Cat9ks actually we have x86's built in, so you have an x86, which you can have a containerized environment there, so third parties can take their applications in a container, deploy it and run it across switches. That was never possible before. So these are some of the major advances that happened that just makes it so much easier to deploy these. >> Yeah, well one of the things that we've been really interested to dig into is some of the new applications that aren't just running on the network but the network is involved in how we build those environments. So when I think about you know just the theme of the show, it's you know, imagine what we can do, and here in the dev net zone, it's customers talking about helping to build those applications. Talk a little bit about that. How does that tie in to some of these mega trends like machine learning, AI, you know, choose your favorite buzz word of choice there. >> Yeah, so what happens is now when you role out a new application, one of the key things you want is visibility and know how it's working. In the past you've had visibility at the server. You may have visibility in the client. You haven't had visibility end to end, and you often haven't had it real time. But now you can actually have end to end visibility and you can be able to automatically self optimize the network to be able to do what needs to be done. For example, here we have thousands of people just on this floor here, and you want to optimize which APs they're talking to and what paths they're taking through their networks. So that whatever they're doing, could it be a Face Time or anything else could be done with very high end to end quality. And all that you want to happen automatically. >> Yeah, the place I've actually been a little critical of Cisco is when we first started talking about IOT, it was like well everything needs a networking part of it. I'm like well a lot of these devices aren't going to have connectivity or have limited connectivity. Transport isn't, you know, the piece of it, but when I take that, when I look at solutions like NFV that are coming out, all of these coming together, this great new term we're talking about, edge computing. So what are you seeing, what's happening today, what are you looking at from a research standpoint? And, you know, where does the edge start? >> Yes, so the edge is a really fun topic. And it's something Cisco cares a lot about because it's often for many applications you have to run them at the edge, especially for IoT. For instance today, you mentioned IoT, you mentioned machine learning. Each of those applications, it's typically a lot of the process ended, the analytics for IoT, the machine learning AI for other sort of applications, that's usually done in the Cloud. However, many times you can't do it in the Cloud or you don't want to do it in the Cloud, because it's too expensive or you just can't get things to the Cloud. >> Yeah, if I'm driving an autonomous vehicle, I can't wait for it to do the round trip before I hit you know whatever that was. >> Yes, and that's a great point. Because what happens is there's a latency issue. There's also scalability. Scalability in the amount of data that's coming for a single IoT device or in a place like this you may have thousands of IoT devices. So it's huge scalability issues. Also reliability. You want your systems, your IOo applications, everything to work. And usually you're counted on being connected to Cloud, but in case you're not connected, in case something breaks down, a storm, a backhoe takes out your internet connection, you still want it to work. So for reliability, you also want to do things at the edge. Also for privacy. You see for privacy, what happens is you want to limit the information that you send to the Cloud. And if it's possible not to send anything, or just to summarize and send only a very small part of information. That could lead to major gains in privacy. So doing processing at the edge, especially with machine learning, AI, can lead to improvements in scalability, lower latency, improved reliability, lower costs, and improvements in privacy. So lots of gains by doing things at the edge of the network. >> Okay, and were does Cisco play in some of these edge solutions? >> Yes, first of all, Cisco has been building computer at the edge with ISRs for many years, okay. I view this as one of the hidden gems that Cisco has. Also we've been working on, what we call, fog commuting for many years. Actually I joined Cisco five years ago, but even before that, my colleagues realized that hey, for some IoT applications, you can't do it in the Cloud. You actually have to do it in the edge. And so they coined the term fog, which basically means taking a part of the Cloud, bringing it to the edge of the network, and a cloud on the ground is called fog, hence the term. And then we've been developing it ever since. And so this is what led to us including for example x86s and containerized frame works on switches and so forth so it makes it much easier for developers to deploy things at the edge of the network. >> Yeah, we just have to make sure enterprises don't choke on it because then it would just be smog. (laughter) >> Luckily we're working really hard on that, and also to make it very secure. Because that's another key component. High scalability, privacy, reliability, low costs, and security. >> Okay, so. >> And no smog. >> No smog. What are some of the things, you know, give us a little inside into the innovation labs, what are some of the things as you look out that maybe we're not yet talking about on the show floor here? >> Sure, for example, some of the major things upcoming is 802.11ax, it's the next generation of wifi. So it gives significant improvements in wifi performance. We've been working on that for a number of years. When I say we, it's myself and other colleagues throughout Cisco. And often colleagues and universities and standards organizations and other companies, wherever it makes sense, because we're trying to push the industry forward. So 802.11ax is a major effort we're working on. Also 5G cellular, you may have heard a lot about it because it's getting a huge amount of attention. And we're also trying to connect these two. Because, for example, in indoor environments like this, wifi is going to be, wifi is the best solution. On the other hand, as you take your mobile device and you go outside, you have 5G, or you will have 5G. As a concrete example, you're familiar with network segmentation, okay, this is incredibly powerful. It's very good for security, for giving the applications the bandwidth allegiance they need and so forth, so very, very powerful. DNA provides that capability within the campus branch, across wired and wireless. And that's what we're shipping today. What happens is with 5G as defined by 3GPP standards, when they come out, you're going to have something very similar, it'll be called network slices, instead of network segmentation. But exact same concept. And it'll be provided on service provider networks. And now what you can do is you can use DNA center to set up the policies in the network segment to go across the enterprise campus and also on the service provider network. So when you go outside with your mobile devices, wherever you are, you'll still have your network segment with your security, you QOS and so forth that they need for applications. >> John I'm just sitting here smiling because I worked in telecom back in the nineties. And there were the trucking companies that was like my phone was a walkie talkie, and then it was also a cell phone, which was pretty cool back in the nineties. When we talk about data, that's been the ultimate promise. It should be ubiquitous, 5G, working with the wireless has been an interesting thing to kind of dig into. So how long until, you know, that becomes reality? >> Well in the enterprise, indoors, campus branch, so forth, end up going to data center. We're working with our data center team very closely to build network segments across both. That's, in some cases it's already available today, in other cases it'll be coming in six months and so forth. With 5G, it depends on the deployment of 5G. And so that's 2020, 2021. But we're already working to make that possible. >> Alright, John, I want to give you the final word. I've worked on some of those projects when it's kind of years in the making, and something comes out the door and then that's what you have with the DNA solution. You know, tell us a little bit about the celebration, the pride, the excitement, that the team is seeing. >> Yeah, it's a lot, right now, it's a great time because as you mentioned, we started some of this work four years ago. We brought some of it out, SDA and DNA center, last summer. Assurance in January. IoT, DNA IoT recently. We just brought out the world's best AP with a 4800. So it's all these sequence of things that finally came out that we've been working on for years, so it's really an awesome feeling. And there's a lot more in the pipe. And so it's going to be a fun, fun future ahead. And our customers are going to get a lot of value. >> John Apostolopousos, really a pleasure. Thank you for joining. You're now a part of theCube alumni here where we always love talking about innovation, driving that pipeline to help customers through all of these new technologies. Stay with us, we got a couple more interviews left. Three days, wall to wall coverage here in Orlando, Florida. I'm Stu Miniman, and as always thank you for watching theCube. (techno sounds)

>> Announcer: Live from Las Vegas, it's the Cube. Covering Dell Technologies World 2018. Brought to you by Dell EMC, and its ecosystem partners. >> Welcome back to SiliconANGLE media's coverage of Dell Technologies World 2018. I'm Stu Miniman here with my cohost Keith Townsend, happy to welcome back to the program Tom Burns, who's the SVP of Networking and Solutions at Dell EMC. Tom, great to see ya. >> Great to see you guys as well. Good to see you again. >> All right, so I feel like one of those CNBC guys. It's like, Tom, I remember back when Force10 was acquired by Dell and all the various pieces that have gone on and converged in infrastructure, but of course with the merger, you've gotten some new pieces to your toy chest. >> Tom: That's correct. >> So maybe give us the update first as to what's under your purview. >> Right, right, so I continue to support and manage the entire global networking business on behalf of Dell EMC, and then recently I picked up what we called our converged infrastructure business or the VxBlock, Vscale business. And I continue also to manage what we call Enterprise Infrastructure, which is basically any time our customers want to extend the life of their infrastructure around memory, storage, optics, and so forth. We support them with Dell EMC certified parts, and then we add to that some third-party componentry around rack power and cooling, software, Cumulus, Big Switch, things like that. Riverbed, Silver Peak, others. And so with that particular portfolio we also cover what we call the Dell EMC Ready Solutions, both for the service provider, but then also for traditional enterprises as well. >> Yeah, well luckily there's no change in any of those environments. >> Tom: No, no. >> Networking's been static for decades. I mean they threw a product line that I mean last I checked was somewhere in the three to four billion dollar range. With the VxBlock under what you're talking there. >> Yeah it's a so, yeah-- >> Maybe you could talk, what does this mean? 'Cause if I give you your networking guy. >> Right. >> Keith and I are networking guys by background, obviously networking's a piece of this, but give us a little bit of how the sausage is made inside to-- >> Tom: Sure. >> Get to this stuff. >> Well I think when you talk about all these solutions, Cloud, Hybrid Cloud, Public Cloud, when you think about software-defined X, the network is still pretty darn important, right? I often say that if the network's not working, it's going to be a pretty cloudy day. It's not going to connect. And so the fabric continues to remain one of the most critical parts of the solution. So the thought around the VxBlock and moving that in towards the networking team is the importance of the fabric and the capability to scale out and scale up with our customers' workloads and applications. So that's probably the reason primarily the reason. And then we can also look at how we can work very closely with our storage division 'cause that's the key IP component coming from Dell EMC on the block side. And see how we can continue to help our customers solve their problems when it comes to this not your do-it-yourself but do-it-for-me environment. >> All right, I know Keith wants to jump in, but one just kind of high-level question for you. I look at networking, we've really been talking about disaggregation of what's going on. It's really about disaggregated systems. And then you've got convergence, and there's other parts of the group that have hyper convergence. How do you square the circle on those two trends and how do those go together? >> Well, I think it's pretty similar on whether you go hyper converge, converge, or do-it-yourself, you build your own block so to speak. There's a set of buyers that want everything to be done for them. They want to buy the entire stack, they want it pre-tested, they want it certified, they want it supported. And then there's a set of customers that want to do it themselves. And that's where we see this opportunity around disaggregation. So we see it primarily in hyperscale and Cloud, but we're seeing it more and more in large enterprise, medium enterprise, particular verticals where customers are in essence looking for some level of agility or capability to interchange their solutions by a particular vendor or solutions that are coming from the same vendor but might be a different IP as an example. And I'm really proud of the fact that Dell EMC really kicked off this disaggregation of the hardware and software and networking. Some 4 1/2 years ago. Now you see some of the, let's say, larger industry players starting to follow suit. And they're starting to disaggregate their software as well. >> Yeah, I would have said just the commonality between those two seemingly opposed trends it's scale. >> Right. >> It's how do customers really help scale these environments? >> Exactly, exactly. It depends a lot around the customer environment and what kind of skill sets do they have. Are they willing to help go through some of that do-it-yourself type of process. Obviously Dell EMC services is there to help them in those particular cases. But we kind of have this buying conundrum of build versus buy. I think my old friend, Chad Sakac, used to say, there's different types of customers that want a VxRail or build-it-themselves, or they want a VxBlock. We see the same thing happen in a networking. There's those customers that want disaggregated hardware and software, and in some cases even disaggregated software. Putting those protocols and features on the switch that they actually use in the data center. Rather than buying a full proprietary stack, well we continue to build the full stack for a select number of customers as well because that's important to that particular sector. >> So again, Tom, two very different ends of the spectrum. I was at ONS a couple of months ago, talked to the team. Dell is a huge sponsor of the Open Source community. And I don't think many people know that. Can you talk about the Open Source relationship or the relationship that Dell Networking has with the Open Source community? >> Absolutely, we first made our venture in Open Source actually with Microsoft in their SONiC work. So they're creating their own network operating software, and we made a joint contribution around the switch abstraction interface, or side. So that was put into the Open Compute Project probably around 3 1/2, maybe four years ago. And that's right after we announced this disaggregation. We then built basically an entire layer of what we call our OS10 base, or what's known in the Linux foundation as OPX. And we contributed that to the OPX or to the Linux foundation, where basically that gives the customer the capability through the software that takes care of all the hardware, creates this switch subtraction interface to gather the intelligence from the ASIC and the silicon, and bringing it to a control plane, which allows APIs to be connected for all your north-bound applications or your general analysis that you want to use, or a disaggregated analysis, what you want to do. So we've been very active in Linux. We've been very active in OCP as well. We're seeing more and more of embracing this opportunity. You've probably seen recently AT&T announced a rather large endeavor to replace tens of thousands of routers with basically white box switches and Open Source software. We really think that this trend is moving, and I'm pretty proud that Dell EMC was a part of getting that all started. >> So that was an awful lot of provider talk. You covered both the provider's base and the enterprise space. Talk to us about where the two kind of meet. You know the provider space, they're creating software, they're embracing OpenStack, they're creating plug-ins for disaggregated networking. And then there's the enterprise. There's opportunity there. Where do you see the enterprise leveraging disaggregation versus the service provider? >> Well, I think it's this move towards software-defined. If you heard in Michael's keynote today, and you'll hear more tomorrow from Jeff Clarke. The whole world is moving to software-defined. It's no longer if, it's when. And I think the opportunity for enterprises that are kind of in that transformation stage, and moving from traditional software-defined, or excuse me, traditional data centers to the software-defined, they could look at disaggregation as an opportunity to give them that agility and capability. In a manner of which they can kind of continue to manage the old world, but move forward into the new world of disaggregation software-defined with the same infrastructure. You know it's not well-known that Dell EMC, we've made our switching now capable of running five different operating softwares. That's dependent upon workloads and use cases, and the customer environment. So, traditional enterprise, they want to look at traditional protocols, traditional features. We give them that capability through our own OS. We can reduce that with OS partners, software coming from some of our OS partners, giving them just the protocols and features that they need for the data center or even out to the edge. And it gives them that flexibility and change. So I think it really comes at this point of when are they going to move towards moving from traditional networking to the next generation of networking. And I'm very happy, I think Dell Technologies is leading the way. >> So I'm wondering if you could expand a little bit about that. When I think about Dell and this show, I mean it is a huge ecosystem. We're sitting right near the Solutions Expo, which will be opening in a little bit, but on the networking side, you've got everything from all the SD-WAN pieces, to all the network operating systems that can sit on top. Maybe, give us kind of the update on the overview, the ecosystem, where Dell wins. >> Yeah, yeah I mean, if you think about 30-something years ago when Michael started the company and Dell started, what was it about. It was really about transforming personal computing, right? It was about taking something that was kind of a traditional proprietary architecture and commoditizing it, making sure it's scalable and supportable. You think of the changes that's occurred now between the mainframe and x86. This is what we think's happening in networking. And at Dell Technologies in the networking area whether it's Dell EMC or to VMware, we're really geared towards this SDX type of market. Virtualization, Layer two, day or three disaggregated switching in the data center. Now SD-WAN with the acquisition of Velocloud by VMware. We're really hoping customers transform at the way networking is being managed, operated, supported to give them much more flexibility and agility in a software-defined market. That being said, we continue to support a multitude of other partners. We have Cumulus, Big Switch, IP infusion, and Pluribus as network operating software alternatives. We have our own, and then we have them as partners. On the SD-WAN area while we lead with Velocloud, we have Silver Peak and we also have Versa Technology, which is getting a lot of upkick in the area. Both in the service provider and in the enterprise space. Huge area of opportunity for enterprises to really lower their cost of connectivity and their branch offices. So, again, we at Dell, we want to have an opinion. We have some leading technologies that we own, but we also partner with some very good, best-of-breed solutions. But being that we're open, and we're disaggregated, and we have an incredible scaling and service department or organization, we have this capability to bring it together for our customers and support them as they go through their IT transformation. >> So, Dell EMC is learning a lot of lessons as you guys start to embrace software-defined. Couple of Dell EMC World's ago, big announcement Chad talked about, ScaleIO, and abstracting, and giving away basically, ScaleIO as a basic solution for free. Then you guys pulled back. And you said, you know what, that's not quite what customers want. They want a packaged solution. So we're talking on one end, total disaggregation and another end, you know what, in a different area of IT, customers seem to want packaged solutions. >> Tom: Yeah. >> Can you talk to the importance of software-defined and packaged solutions? >> Right, it's kind of this theory of appliances, right? Or how is that software going to be packaged? And we give that flexibility in either way. If you think of VxRail or even our vSAN operating or vSAN ready node, it gives that customer the capability to know that we put that software and hardware together, and we tested it, we certified it, most importantly we can support it with kind of one throat to choke, one single call. And so I think the importance for customers are again, am I building it myself or do I want to buy a stack. If I'm somewhere in the middle maybe I'm doing a hybrid or perhaps a Rail type of solution, where it's just compute and storage for the most part. Maybe I'm looking for something different on my networking or connectivity standpoint. But Dell EMC, having the entire portfolio, can help them at any point of the venture or at any part of the solution. So I think that you're absolutely right. The customer buying is varied. You've got those that want everything from a single point, and you got others that are saying I want decision points. I think a lot of the opportunity around the cost savings, mostly from an Opex standpoint are those that are moving towards disaggregated. It doesn't lock 'em in to a single solution. It doesn't get 'em into that long life cycle of when you're going to do changes and upgrades and so forth. This gives them a lot more flexibility and capability. >> Tom, sometimes we have the tendency to get down in the weeds on these products. Especially in the networking space. One of my complaints was, the whole SDN wave, didn't seem to connect necessarily to some of the big businesses' challenges. Heard in the keynote this morning a lot of talk about digital transformation. Bring us up to speed as to how networking plays into that overall story. What you're hearing from customers and if you have any examples we'd love to hear. >> Yeah, no so, I think networking plays a critical part of the IT transformation. I think if you think of the first move in virtualization around compute, then you have the software-defined storage, the networking component was kind of the lagger. It was kind of holding back. And in fact today, I think some analysts say that even when certain software-defined storage implementations occur, interruptions or issues happen in the network. Because the network has then been built and architected for that type of environment. So the companies end up going back and re-looking at how that's done. And companies overall are I think are frustrated with this. They're frustrated with the fact that the network is holding them back from enabling new services, new capabilities, new workloads, moving towards a software-defined environment. And so I think this area again, of disaggregation, of software-defined, of offering choice around software, I think it's doing well, and it's really starting to see an uptick. And the customer experiences as follows. One is, open networking where it's based upon standard commodity-based hardware. It's simply less expensive than proprietary hardware. So they're going to have a little bit of savings from the CapEx standpoint. But because they moved towards this disaggregated model where perhaps they're using one of our third-party software partners that happens to be based in Linux, or even our own OS10 is now based in Linux. Look at that, the tools around configuration and automation are the same as compute. And the same as storage. And so therefore I'm saving on this configuration and automation and so forth. So we have examples such as Verizon that literally not only saves about 30% cost savings on their CapEx, they're saving anywhere between 40 and 50% on their Opex. Why? They can roll out applications much faster. They can make changes to their network much faster. I mean that's the benefit of virtualization and NSX as well, right? Instead of having this decisions of sending a network engineer to a closet to do CLI, down in the dirt as you would say, and reconfigure the switch, a lot of that now has been attracted to a software lever, and getting the company much more capability to make the changes across the fabric, or to segregate it using NSX micro segmentation to make the changes to those users or to that particular environment that needs those changes. So, just the incredible amount of flexibility. I think SDN let's say six, seven years ago, everyone thought it was going to be CapEx. You know, cheaper hardware, cheaper ASICs, et cetera. It's all about Opex. It's around flexibility, agility, common tool sets, better configuration, faster automation. >> So we all have this nirvana idea that we can take our traditional stacks, whether it's pre-packaged CI configurations that's pre-engineered, HCI, SDN, disaggregated networking. Add to that a software layer this magical automation. Can you unpack that for us a little bit? What are you seeing practically whether it's in the server provider perspective or on the enterprise. What are those crucial relationships that Dell EMC is forming with the software industry to bring forth that automation? >> Well obviously we have a very strong relationship with VMware. >> Keith: Right. >> And so you have vRealize and vROps and so forth, and in fact in the new VxBlock 1000, you're going to see a lot of us gearings, a lot of our development towards the vRealize suite, so that helps those customers that are in a VMware environment. We also have a very strong relationship with Red Hat and OpenStack, where we've seen very successful implementations in the service provider space. Those that want to go a little bit more, a little bit more disaggregated, a little bit more open, even it from the storage participation like SAP and so forth. But then obviously we're doing a lot of work with Ansible, Chef, and Puppet, for those that are looking for more of a common open source set of tools across server, compute, networking storage and so forth. So I think the real benefit is kind of looking at it at that 25,000-foot view on how we want to automate. Do you want to go towards containers, do you want to go traditional? What are the tool sets that you've been using in your compute environment, and can those be brought down to the entire stack? >> All right, well Tom Burns, really appreciate catching up with you. I know Keith will be spending a little time at Interop this week too. I know, I'm excited that we have a lot more networking here at this end of the strip also this week. >> Appreciate it. Listen to Pat's talk this afternoon. I think we're going to be hearing even more about Dell Technology's networking. >> All right. Tom Burns, SVP of Networking and Solutions at Dell EMC. I'm Stu Miniman and this is Keith Townsend. Thanks for watching The Cube. (upbeat music)

>> (Narrator) Live from Madrid, Spain. It's The Cube covering HP Discover Madrid 2017, brought to you by Hewlett Packard Enterprise. >> We're back at HPE Discover Madrid 2017. This is The Cube, the leader in live tech coverage. My name is Dave Vellante and I'm with my co-host for the week, Peter Burris. Cat Graves is here, she's a research scientist at Hewlett Packard Enterprises. And she's joined by Natalia Vassilieva. Cube alum, senior research manager at HPE. Both with the labs in Palo Alto. Thanks so much for coming on The Cube. >> Thank you for having us. >> You're welcome. So for decades this industry has marched to the cadence of Moore's Law, bowed down to Moore's Law, been subservient to Moore's Law. But that's changing, isn't it? >> Absolutely. >> What's going on? >> I can tell Moore's Law is changing. So we can't increase the number, of course, on the same chip and have the same space. We can't increase the density of the computer today. And from the software perspective, we need to analyze more and more data. We are now marching calls into the area of artificial intelligence when we need to train larger and larger models, we need more and more compute for that. And the only possible way today to speed up the training of those modules, to actually enable the AI, is to scale out. Because we can't put more cores on the chip. So we try to use more chips together But then communication bottlenecks come in. So we can't efficiently use all of those chips. So for us on the software side, on the part of people who works how to speed up the training, how to speed up the implementation of the algorithms, and the work of those algorithms, that's a problem. And that's where Cat can help us because she's working on a new hardware which will overcome those troubles. >> Yeah, so in our lab what we do is try and think of new ways of doing computation but also doing the computations that really matter. You know, what are the bottlenecks for the applications that Natalia is working on that are really preventing the performance from accelerating? Again exponentially like Moore's Law, right? We'd like to return to Moore's Law where we're in that sort of exponential growth in terms of what compute is really capable of. And so what we're doing in labs is leveraging novel devices so, you've heard of memristor in the past probably. But instead of using memristor for computer memory, non volatile memory for persistent memory driven computer systems, we're using these devices instead for doing computation itself in the analog domain. So one of our first target applications, and target core computations that we're going after is matrix multiplication. And that is a fundamental mathematical building block for a lot of different machine learning, deep learning, signal processing, you kind of name it, it's pretty broad in terms of where it's used today. >> So Dr. Tom Bradicich was talking about the dot product, and it sounds like it's related. Matrix multiplications, suddenly I start breaking out in hives but is that kind of related? >> That's exactly what it is. So, if you remember your linear algebra in college, a dot product is exactly a matrix multiplication. It's the dot in between the vector and the matrix. The two itself, so exactly right. Our hardware prototype is called the dot product engine. It's just cranking out those matrix multiplications. >> And can you explain how that addresses the problem that we're trying to solve with respect to Moore's Law? >> Yeah, let me. You mentioned the problem with Moore's Law. From me as a software person, the end of Moore's Law is a bad thing because I can't increase their compute power anymore on the single chip. But for Cat it's a good thing because it forced her to think what's unconventional. >> (Cat) It's an opportunity. >> It's an opportunity! >> It forced her to think, what are unconventional devices which she can come up with? And we also have to mention they understand that general purpose computing is not always a solution. Sometimes if you want to speed up the thing, you need to come up with a device which is designed specifically for the type of computation which you care about. And for machine learning technification, again as I've mentioned, these matrix-matrix multiplications matrix-vector multiplications, these are the core of it. Today if you want to do those AI type applications, you spend roughly 90% of the time doing exactly that computation. So if we can come up with a more power efficient and a more effective way of doing that, that will really help us, and that's what dot product engine is solving. >> Yes, an example some of our colleagues did in architectural work. Sort of taking the dot product engine as the core, and then saying, okay if I designed a computer architecture specifically for doing convolutional neural networks. So image classification, these kinds of applications. If I built this architecture, how would it perform? And how would it compare to GPUs? And we're seeing 10 to 100 X speed up over GPUs. And even 15 X speed up over if you had a custom-built, state of the art specialized digital Asic. Even comparing to the best that we can do today, we are seeing this potential for a huge amount of speed up and also energy savings as well. >> So follow up on that, if I may. So you're saying these alternative processors like GPUs, FGPAs, custom Asics, can I infer from that that that is a stop-gap architecturally, in your mind? Because you're seeing these alternative processors pop up all over the place. >> (Cat) Yes. >> Is that a fair assertion? >> I think that recent trends are obviously favoring a return to specialized hardware. >> (Dave) Yeah, for sure. Just look at INVIDIA, it's exploding. >> I think it really depends on the application and you have to look at what the requirements are. Especially in terms of where there's a lot of power limitations, right, GPUs have become a little bit tricky. So there's a lot of interest in the automotive industry, space, robotics, for more low power but still very high performance, highly efficient computation. >> Many years ago when I was actually thinking about doing computer science and realized pretty quickly that I didn't have the brain power to get there. But I remember thinking in terms of there's three ways of improving performance. You can do it architecturally, what do you do with an instruction? You can do it organizationally, how do you fit the various elements together? You can do it with technology, which is what's the clock speed, what's the underlying substrate? Moore's Law is focused on the technology. Risk, for example, focused on architecture. FPGAs, arm processors, GPUs focus on architecture. What we're talking about to get back to that doubling the performance every 18 months from a computing standpoint not just a chip standpoint, now we're talking about revealing and liberating, I presume, some of the organization elements. Ways of thinking about how to put these things together. So even if we can't get improvements that we've gotten out of technology, we can start getting more performance out of new architectures. But organizing how everything works together. And make it so that the software doesn't have to know, or the developer, doesn't have to know everything about the organization. Am I kind of getting there with this? >> Yes, I think you are right. And if we are talking about some of the architectural challenges of today's processors, not only we can't increase the power of a single device today, but even if we increase the power of a single device, then the challenge would be how do you bring the data fast enough to that device? So we will have problems with feeding that device. And again, what dot product engine does, it does computations in memory, inside. So you limit the number of data transfers between different chips and you don't face the problem of feeding their computation thing. >> So similar same technology, different architecture, and using a new organization to take advantage of that architecture. The dot product engine being kind of that combination. >> I would say that even technology is different. >> Yeah, my view of it we're actually thinking about it holistically. We have in labs software working with architects. >> I mean it's not just a clock speed issue. >> It's not just a clock speed issue. It's thinking about what computations actually matter, which ones you're actually doing, and how to perform them in different ways. And so one of the great things as well with the dot product engine and these kind of new computation accelerators, is with something like the memory driven computing architecture. We have now an ecosystem that is really favoring accelerators and encouraging the development of these specialized hardware pieces that can kind of slot in in the same architecture that can scale also in size. >> And you invoke that resource in an automated way, presumably. >> Yeah, exactly. >> What's the secret sauce behind that? Is that software that does that or an algorithm that chooses the algorithm? >> A gen z. >> A gen z's underlying protocol is to make the device talk to the data. But at the end of the system software, it's algorithms also which will make a decision at every particular point which compute device I should use to do a particular task. With memory driven computing, if all my data sits in the shared pool of memory and I have different heterogeneous compute devices, being able to see that data and to talk to that data, then it's up to the system management software to allocate the execution of a particular task to the device which does that the best. In a more power efficient way, in the fastest way, and everybody wins. >> So as a software person, you now with memory driven computing have been thinking about developing software in a completely different way. Is that correct? >> (Natalia) Yeah. You're not thinking about going through I/O stack anymore and waiting for a mechanical device and doing other things? >> It's not only the I/O stack. >> As I mentioned today, the only possibility for us to decrease the time of processing for the algorithms is to scale out. That means that I need to take into account the locality of the data. It's not only when you distribute the computation across multiple nodes, even if we have some number based which is we have different sockets in a single system. With local memory and the memory which is remote to that socket but which is local to another socket. Today as a software programmer, as a developer, I need to take into account where my data sits. Because I know in order to accept the data on a local memory it'll take me 100 seconds to accept my data. In the remote socket, it will take me longer. So when I developed the algorithm in order to prevent my computational course to stall and to wait for the data, I need to schedule that very carefully. With memory driven computing, giving an assumption that, again, all memory not only in the single pool, but it's also evenly accessible from every compute device. I don't need to care about that anymore. And you can't even imagine such a relief it is! (laughs) It makes our life so much easier. >> Yeah, because you're spending a lot of time previously trying to optimize your code >> Yes for that factor of the locality of the data. How much of your time was spent doing that menial task? >> Years! In the beginning of Moore's Law and the beginning of the traditional architectures, if you turn to the HPC applications, every HPC application device today needs to take care of data locality. >> And you hear about when a new GPU comes out or even just a slightly new generation. They have to take months to even redesign their algorithm to tune it to that specific hardware, right? And that's the same company, maybe even the same product sort of path lined. But just because that architecture has slightly changed changes exactly what Natalia is talking about. >> I'm interested in switching subjects here. I'd love to spend a minute on women in tech. How you guys got into this role. You're both obviously strong in math, computer backgrounds. But give us a little flavor of your background, Cat, and then, Natalia, you as well. >> Me or you? >> You start. >> Hm, I don't know. I was always interested in a lot of different things. I kind of wanted to study and do everything. And I got to the point in college where physics was something that still fascinated me. I felt like I didn't know nearly enough. I felt like there was still so much to learn and it was constantly challenging me. So I decided to pursue my Ph.D in that, and it's never boring, and you're always learning something new. Yeah, I don't know. >> Okay, and that led to a career in technology development. >> Yeah, and I actually did my Ph.D in kind of something that was pretty different. But towards the end of it, decided I really enjoyed research and was just always inspired by it. But I wanted to do that research on projects that I felt like might have more of an impact. And particularly an impact in my lifetime. My Ph.D work was kind of something that I knew would never actually be implemented in, maybe a couple hundred years or something we might get to that point. So there's not too many places, at least in my field in hardware, where you can be doing what feels like very cutting edge research, but be doing it in a place where you can see your ideas and your work be implemented. That's something that led me to labs. >> And Natalia, what's your passion? How did you arrive here? >> As a kid I always liked different math puzzles. I was into math and pretty soon it became obvious that I like solving those math problems much more than writing about anything. I think in middle school there was the first class on programming, I went right into that. And then the teacher told me that I should probably go to a specialized school and that led me to physics and mathematics lyceum and then mathematical department at the university so it was pretty straightforward for me since then. >> You're both obviously very comfortable in this role, extremely knowledgeable. You seem like great leaders. Why do you feel that more women don't pursue a career in technology. Do you have these discussions amongst yourselves? Is this something that you even think about? >> I think it starts very early. For me, both my parents are scientists, and so always had books around the house. Always was encouraged to think and pursue that path, and be curious. I think its something that happens at a very young age. And various academic institutions have done studies and shown when they do certain things, its surmountable. Carnegie Mellon has a very nice program for this, where they went for the percentage of women in their CS program went from 10% to 40% in five years. And there were a couple of strategies that they implemented. I'm not gonna get all of them, but one was peer to peer mentoring, when the freshmen came in, pairing them with a senior, feeling like you're not the only one doing what you're doing, or interested in what you're doing. It's like anything human, you want to feel like you belong and can relate to your group. So I think, yeah. (laughs) >> Let's have a last word. >> On that topic? >> Yeah sure, or any topic. But yes, I'm very interested in this topic because less than 20% of the tech business is women. Its 50W% of the population. >> I think for me its not the percentage which matters Just don't stay in the way of those who's interested in that. And give equal opportunities to everybody. And yes, the environment from the very childhood should be the proper one. >> Do you feel like the industry gives women equal opportunity? >> For me, my feeling would be yes. You also need to understand >> Because of your experience Because of my experience, but I also originally came from Russia, was born in St. Petersburg, and I do believe that ex-Soviet Union countries has much better history in that. Because the Soviet Union, we don't have man and woman. We have comrades. And after the Second World War, there was women who took all hard jobs. And we used to get moms at work. All moms of all my peers have been working. My mom was an engineer, my dad is an engineer. From that, there is no perception that the woman should stay at home, or the woman is taking care of kids. There is less of that. >> Interesting. So for me, yes. Now I think that industry going that direction. And that's right. >> Instructive, great. Well, listen, thanks very much for coming on the Cube. >> Sure. >> Sharing the stories, and good luck in lab, wherever you may end up. >> Thank you. >> Good to see you. >> Thank you very much. >> Alright, keep it right there everybody. We'll be back with our next guest, Dave Vallante for Peter Buress. We're live from Madrid, 2017, HPE Discover. This is the Cube.