>>Fly from Barcelona, Spain. It's the cube covering Cisco live 2020s brought to you by Cisco and its ecosystem partners. >>Hi everyone. Welcome back to the QS live coverage here in Barcelona, Spain for Cisco live 2020 I'm John. My coasts do many minutes. We are in the dev net. Similar all the action is the accused third year covering where dev net has been evolving into the centerpiece of Cisco strategy. And all the sessions are here. We've got a great guest. Make D as product marketing for Cisco with umbrella is a takeover going on here. The Devin, thanks for joining us. Thanks for having me. So tell us about umbrella, cause that's a new brand open DNS kind of confer. What's the story with umbrella? Give us the update. >>Sure. So umbrella was first really developed an introduced in the market in 2012 under the open DNS company. We were acquired by Cisco in 2015 and rebranded it to Cisco umbrella. So we've taken the same great product that we've had for years and just continued to develop and add to it. >>And what's the main features now as that same product? Has it been integrated in, cause everything's becoming API base here. We're seeing that. What's the tweak? Is it security? What's the main linkage with the Cisco? >>Yeah, so um, umbrella really started off, uh, providing DNS layer security. So it was often an added layer or foundational layer that customers would use to reduce the amount of malware, make sure that their users were protected anywhere that they were connecting to the internet. And so we've taken that. It's, it's always been developed as an open platform and we've continued to add additional API APIs to it and a lot of additional security features too. So beyond just DNS, we now have a full secure web gateway cloud delivered firewall, uh, Cosby capabilities. So there's been a lot of new capabilities that we've built into the product. >>Can you bring us inside a little bit? We've been in the dev net zone for three years, as John said, got to dev net, create that API economy is something that is so important and that's what so many people, I mean we've seen just huge crowds all week. Help us understand how those APIs fit into Cisco and Cisco umbrella. >>Sure. So when you look at, there's a number of API APIs that we've built into umbrella. So to give you some examples, we have a, uh, a device network device API to make it easy to actually integrate different network devices that you have to umbrella. So how do you get that traffic very easily from any device to our cloud platform? So that's one example. Uh, we've rebuilt a lot of integrations but that allows you to, to help build any additional integrations that you want. Um, we have a reporting API that helps you to, you know, automate some of the, the reporting, send it and integrate it with systems that you have. Um, and then another example, even with, uh, all of the intelligence behind umbrella, we make it available through our investigate API. So we see a lot of organizations use that to enrich their Sam or threat intelligence platform. >>So being able to take all of the data that you have within umbrella and make sure that it can be integrated in the right ways. >> Any new features you guys announcing an umbrella that we should know about here this week? >> Yes. One of the big ones that we've I've been talking about at our booth and in some of the sessions is with any connect, so any connect has always been really big for a lot of Cisco customers to protect roaming users and we've had the ability to, I enable a DNS module as part of that, so that enables them to, even when users are off the VPN, their VPN isn't even turned on. They're still getting protection from umbrella and we've taken that and we've also enabled them to leverage our security gateway functionality when users are roaming as well. So that's for the use cases. >>They're on a VPN, they're doing their thing, they go to a coffee shop or go somewhere else or they're, they're moving around. Exactly. And they might not be actually connected to the VPN, so their traffic isn't actually being protected, so they might be connecting directly to the internet. That's where when they have umbrella enabled there, they can still get the right protection for those users. May talk about the dynamics going on with, with injecting hacks in DNS, because this has always been kind of a, you're always been people but always been chasing this because you are rails, they run the internet, we know some URLs could look like PayPal or this or the other bank. And so it becomes kind of a, your URL, DNS management challenge. This is something that's been fundamental for security. What's, what are some of the things that are going on that people should pay attention to? >>Sure. So I think that there's, there's a few different aspects of that that we're really delivering on today. So first of all, when it comes to just, uh, people, uh, trying to get you to click on a link that looks like PayPal, but it's actually not. Um, so there's a number of different methods that we're using in the product to detect that. So one of the things is, is we'll look at, uh, the way that the domain is actually written. A lot of times you can see some, uh, we, we look at, you know, the, the structure of the wording. And sometimes you can see little, uh, little characters or letters or numbers that are off and we can detect that that's happening. But then we also look at the infrastructure beyond behind the domain. So we look at where is that IP, uh, where is that domain actually hosted? Right? So what's the IP address? What other activity do we see happening on that IP address? Cause you can really learn a lot, right? We saw a, a, a, a PayPal, uh, domain that was supposedly a UK PayPal domain, but it was actually hosted on a Bulletproof hosting site, which no legitimate PayPal account would be or domain would be hosted on. So things like that that we're able to detect. >>Yeah. So make us this way. I saw something talked about online puny code. Is this, what we're talking about here is that there's a different topic, >>a little bit different cause that, but yeah, there, there's also, yeah, they could be embedded within puny code, things like that. But this is just some of our fundamental, what we look at when we're determining if a domain is malicious or not. >>Okay. Could you walk us through a little bit, the demos going on? We've got the takeover going on right now. What, what's the umbrella presence here in the dev net zone and throughout Cisco live? >>Yeah, so there's, there's a lot of different areas that we are. So we have a latch of Verna. Uh, the cafe. Uh, we have all of our demo stations. We have theater presentations pretty much running every 15 minutes. So you can learn more on a number of different topics. Uh, we have the dev net takeover, we have a number of breakout sessions that are happening. Um, so there's a lot of activity happening around Cisco live. >>Well the, Cisco's got a huge technical crowd here. Obviously they're their network geeks. They all know DNS. What are some of the conversations you guys are having? What are some of the cool things that are cause that's not know about programming and they getting into different formats? How is the DNS fitting into that? I've saw some cool demos. What are some of the cool tech conversations? >>Yeah, I think, I think a lot of times it's still, um, we're seeing more of a, a an uptake in people understanding that DNS can be used to actually deliver security as well. So I think, you know, those are some of the, the conversations still educating people about how they can add additional layers of security to their environment and DNS being really one of them. Um, I think what we're also seeing is just because with umbrella we're going beyond just DNS and really taking multiple security services, bringing them into a single cloud platform. And that's a lot of the conversation that we're having and that's where you're seeing the market going. So organizations starting to look at how does that fit into their environment, how can they start to architect their network differently for the future and, and how to wrap security in there. So a lot of the conversations we're having are around that. >>It's interesting the whole dynamic internet conversation kids interesting. Because DNS is, you got to resolve, you got named servers, get your resolution to the, to the destination URL and you load the page or app. As you start getting into more of the dynamic situations, the software is programming it. So it's interesting to see how DNS is evolves. You guys are leading the forefront on that. What's your view on that? What do you, how do you guys see that evolving as you got ACI intent based networking app dynamics over the top kind of programming down as DNS fit into all that? How does that, how does that all work? >>Definitely I think, I think DNS continues to be a, you know, a foundational part of how the internet works. And I, I don't see that really changing. I think, you know, some of the things that we've been, or even the different ways that you see attackers leveraging DNS, uh, you're seeing DNS tunneling for example, being one of the kind of, uh, I wouldn't say newer, but it's one of the types of techniques that nation States are using at times when they're actually embedding, you know, data to, into DNS to exfiltrate it. So, you know, things like that we're seeing, uh, come into place of trying to use DNS in, in different ways from the attack side. Yeah. But I think, you know, when you look at the overall, you know, network and, and all of that, it is a really important and kind of core part of this, >>it's interesting is that the international thing too is you submitted your hosting. A lot of these hosting sites are outside of North America, outside of Europe. They're in these countries where it's suspect, you know, and some of the foreign characters sets get interesting cause that's not ASCII, it's Unicode or you've got all kinds of things going on. So it's a complex not that easy is it? >>No, we have a lot of very, very smart people, doctors working on the, uh, the backend on the, on the engineering side to really look at that. And you know, one of the things that we tried to do, even from the beginning was take a different approach to security where we're not just looking strictly at the file hash or just the basic information, but seeing how can you take data science principles and apply them to use security in new ways to uncover attacks even before they launch. >>I gotta say one of the sessions I was walking around the hall, the couple of the main kind of clusters of people was obviously the big panoramic WebEx room was pretty popular. It looks pretty cool, but the IOT security section was packed. As you hit more devices out there, they're just internet addresses too. And there you've got destination, you got URLs over DNS there too. So you have now that edge piece that's a big security perimeter. I mean, and security surface area, I should say. That's popular. People are interested in this. >>Yes. And that's, I mean, and that's one of the big use cases that we've even seen with umbrella is you have hospitals who have all of these IOT devices and you know that are in their patients and, and it's really scary to think about where they could be connecting on the internet. And that's one of the things that we've seen with umbrella is because we're providing some of that security at the DNS layer, you don't need to have an agent or something on those devices when they're on the network. It's protected by umbrella. So that is one of the use cases that we see. >>I got to ask you, because you came from the acquisition open DNS, I know David, the founder of donut when he started. Great company, great success, congratulations to the whole team there. As you guys come into Cisco, what's it like, because startups are, you know, you're hungry, you grow in and then you get in here, it's almost an a waste of tech. He got new divisions. What's it been like at Cisco with the open DNS now? Umbrella brand, same product with some tweaks. What's it like? >>No, I mean it's been amazing. >>I mean I'm still here, uh, you know, almost five years later. Um, and I think one of the things that's been really exciting is, is the fact that we have been able to leverage a lot of the Cisco technology, right? We've embedded, you know, amp technology, threat grid technology, things that, that ultimately, because we're, you know, sharing those resources and, and embedding them, it's going to make the products more secure. It's going to allow us to share more information between products. And I think just the, you know, the investment, I think Cisco sees where the future is going and you know, how important the cloud is, you know, not only from just a, the way that businesses work, but from the security perspective. So there's been a lot of investment in it. Awesome. Well thanks for coming on sharing your insight. I got to ask you kind of an industry question because you've been on, again the startup now Cisco, most normal people like DNS, I know what a URL is, but they know security. So when they asked you a lot, they hae all this fake news, all this malware, spear fishing. I mean the average consumer, they get the security thing. When they asked you what's going on, what, what do you say to them? How do you explain what you do and your vision of how you see the world evolving? >>Sure. I think, I think for a lot of people, I mean I've, I've been in security now for for a while when I started it was really, it was still all the compliance conversation and you were still educating a lot of people on security. But now my grandma knows about it and you know, she'll ask me questions. So I think, you know, it has become so much more mainstream and you know when I, in in simplest terms, I just talked to people about the fact that we are making sure that wherever users are connecting to the internet, they're doing it securely. You know, no matter what application they're trying to access, we can help secure that. And so that's kind of the, >>and be careful what you click on. It would be, you know, the emails you get. Well you don't know what's in there exactly. Well thanks for come on. Great. Great to have you on. Thanks for the insight. Cisco umbrella. It's taking over dev net dev net zone is packed. It just gets bigger every year and this is where people are learning is very community driven. A lot of, a lot of education, a lot of great content. You're starting out or you're more experienced software certifications all here inside the cube coverage of Barcelona. We'll be right back after this short break.