>> Hi, I'm Peter Birds. And welcome to another Cube conversation from the Cube studios here in Beautiful >> Powell to California. >> Today, we're going to talk about network assurance that problem that's becoming increasingly important to large organizations as they envisioned greater distribution of their digital capabilities and have that conversation you've got. David Ericsson is the CEO and co founder of Forward Networks David. Welcome to the Cube. >> Thank you. Pleasure to be here. >> So let's start by getting a sense of what forward networks is. Tell us a little bit about four networks, and then we'll jump into it. >> Yeah, four networks is ah, startup company here in Silicon Valley. Were based out of Palo Alto. Been in business for about five years now. Our background was four of us is co founders were in the networking group at Stanford under Nick McEwen. We graduated with PhDs in computer science and working in twenty thirteen, saw major problem and network operations and in the network Assurance space, and decided to go after it. Big hairy problem which will dig into. But it's been about two years since we've been in market. And >> all right, so let's talk about the big hairy problem. Aiken. Remember the days when network administration and operations was about finding a device plugging something into it, making sure that you had electrical circuit in place and then going back and telling everybody you've done your job? That was Those were very simple network, so it took a long time. Some of them are pretty complex as we move to increasingly complex physical networks, but even more complex software to find networks that assurance that that certainty that we have the network that we think we have kind of has gone away. So talk a little bit about this notion of network assurance. What is thie enterprise problem that we're trying to solve? >> Yeah, I mean, you're you're dead on If you look at the history of networking, we started very simple. We could manage this with humans. We only had so many changes we had to make on a day to day week. Do we basis but over time were now operating networks with thousands, even tens of thousands and hundreds of thousands of network devices in them. And that's as you indicated on ly growing with software to find. Networking is we're bringing and dropping software elements. They're also doing forwarding to bear on this, but unfortunately, well at the same time, we also had a huge increase in applications and mission critical day today, business operations and infrastructure that depend on this network to stay up and working. But if you look at what actually has done to ensure they're working properly and what the change process looks like, it's it's somewhat depressing. To be completely honest, we make an awful lot of changes in production with minimal, if any, pre testing. Our post testing is, you know, our customers calling us or our internal customers calling us, telling us it works or not if they're not, you know, maybe we'll do a couple of peeing and simple trace route tests and and and move on. And of course, this is tremendously risky to the business, let alone security, which is a whole nother topic we can dig into. But we need to bring in. And this is what part of what for Knox has focused on is helping our customers understand and ensure that their network is always up in stable, achieving what they want to achieve that they've changed what they wanted to change and that it's as secure as they expect it to be. >> Now let me let me let me build on this notion over network assurance because we could think about it. Don't just say three levels right now. There's a lot of folks who do some sort of network device assurance. Have you updated that device? Have you updated that software construct? We got answer, but we've got a number of other tools. You could do some of those things. We also have tooling that Khun tell you. Generally speaking, you know, in a knock whether or not the network is up available, but I think what you're talking about is something that's in between where we're talking about the network being, ah, logical organization of resources that communicate with each other and assuring that as we make changes that context, that notion of things in a relationship working together is not lost. If I got that right, >> perfectly right. So today it's reasonably straightforward to with answerable or N S o R T a laugh. You know, whatever. Like some some system today to go out, make a change to the network, and then you come along behind and maybe with some other scripts ensure that that actually went out. But what's really hard is to paint the holistic picture that even though I made these changes, all of my critical applications are actually still functioning. And so this is what we would bucket in a higher level term called intent based networking. This is a reason, you know, reasonably recent entrant into how we think about networking. But it's very simple. From a high level, it's I need to. I need to holistically paint a picture for what my network should deliver to me on an end in basis. And I need to assure that this is always happening. And this Khun B from a connectivity perspective. You know, imagine, imagine I'm ah Web company that has a bunch of customers that need to come in from the Internet and hit my critical application. That's that's underpinning everything my business does, right? So I need to know that my network has paths in it that are enabling that to occur one hundred percent of the time. And so that's that's kind of the crux of of intent based networking. Butt's thinking in high level Indian actions as opposed to the very nitty gritty nuances of what's going on in any of these guys, >> actually give you know, the use case. So I can imagine a Tell Cohen operator that used to have physical devices and cordon off some of those physical devices by customers to provide their network. But as they try to, you know, gain flexibility, gain speed, game profitability. They're using a software based network approached to do a better job of ministering changes and management of those resources. It's whether customers so they want to be able to assure a customer that the network that the customer thinks it has in the context of the telcos overall network is assured it's there. The customer can weaken, validate for the customer that even though he made a change, their network is still in place, right? >> Absolutely. Multi tendency is a great use case for this, where you've got a bunch of different, even isolated networks that maybe sharing underlying physical infrastructure that are also being spun up with software software elements that are really, you know, sucking the software out of existing hardware but making it more flexible on demand. All of those capabilities, and we see that for sure, in telcos and and in that space. But we also see it in the cloud is people are moving applications up to the cloud. The same type of software elements are being controlled and set up there and have all the same pain and suffering that you see on premise. And I think you know, there's certainly not enough people that have set those up that understand that today. But as soon as they dive in and and realize all of the configuration permutations that exist in cloud networking, they can pattern majin sale. This is the same difficulty that I've had for years in my own Prem environment. >> Well, let's talk a bit about that security thing because we can dive into it because there is a close relationship between being able to say being able state categorically that this network contractually is in place on assured and that we now have an understanding of what security is required on that set of resources. How does network assurance, intent based network and security come together? Especially for you guys? >> Absolutely. So I think this to talk about this is good to talk a little bit about how the software works. So underneath the covers, we go and collect all of the data from the individual network elements without agents without actually needing packets. We build a digital twin or a model of the underlying network in software, and then we run analytics that air, based on research that came out of years and years of phD study by one of my colleagues, plus US production izing that as an organization that using an actual mathematical model we can trace where every packet could ever go in that entire environment and why this is important is to be able to prove security properties of a network. You have to know where everything could ever go to conclusively prove it right. And more often than not today we're using very small sampling methods to try toe, prove properties with humans and doing port scans and things of that nature that just aren't comprehensive. And so this is This is part of our core technology that we bring to bear on. This problem is knowing everything the network is capable of and then being able to mathematically prove security problems to your to your previous case. Imagine you've got a service provider that's offering and a network to two competitors, right? You want to make sure that those networks air actually completely isolated and that there's no possible cross talk that could occur between there. So with our software, we can analyze that we can prove the disc, you know that they're completely disconnected. And in the event that there not show you exactly why they're not when it began occurring and then quickly help you get that corrected and prove that you fixed it. >> You know it's interesting because increasingly digital business is going to mean that very, very complex partnerships are engaged through digital mechanisms. And in the world of contracting, there's a notion of a secured facility where I put something in there and you can take it out. You can look at it, but you can't take it out. And I could imagine you're your tool could also be used to set up those kinds of, you know, we used to come to Militarize owns all these types of things, but at a business level, a facility where we can assure that we know who gets in when they get in and how to get in and when they don't >> absolutely on obvious use case that occurs all the time is guest WiFi. Every company on this planet has no right. You want to make sure, though, that when people are coming and consuming your guest WiFi that they're not able to get back into your database and cause you a privacy or security incident, And this is this is something we can assist with. >> So we're talking about moving from a probabilistic approach to assurance to a categorical mathematical approach to insurance and being able to start to layer on some of those intent based networking things. Let's talk about how the prom is going to get worse. Five. G for folks who might be saying, Oh, yeah, well, I got this issue. It's going to get even richer and more complex as we put out networks out there that can have greater densities of devices within them. Higher band with, you know, even less time to assure that the networks behaving the way we expect it to. How is that going to fold into this whole story? >> Yeah, absolutely. In almost every dimension, networking is growing in complexity every single year five g is a perfect example. We talked about cloud earlier U. C S D When is another one is we kind of shift from MP lest overlays over the Internet? Um, and in the pace, the pace of that is just increasing. So if we don't, if we don't catch up to that from an operational capabilities perspective, it was going to lose control of it, frankly, and the amount of outages, security incidents, time to deliver product internally in my business. If that all continues to increase, we're going to be in a really bad place. And so that's why four networks has focused on trying to solve that and to bring up the capabilities of the operational teams to match that growing complexity and tow. Level it out, frankly, and so that it becomes something that we can consistently bring into our environmental want to transform our networks to bring in these technologies. But if we can't get ahead of the operational aspect of it, we can't do it >> way failed to adopt them. So you know, you raise something interesting, so just really quickly. How does network assurance tooling like what four Network provides change the mindset of the network administrator from I used to do it this way. And now I'm going to do it that way. >> Yeah, we think of it, Really, as Net Dev ops. It's bringing the devil ops mindset that we have in software development of all the way to test driven development where you write the test, then you write your code and then when the test passes, you know that you did what you need to do. You push that into production, you tested again and you just continue. You know, the continuous integration cadenas deployment cycle, that is the type. And we've refined that over thirty to forty years in software development. That's what enables us to have all the amazing services that we get on the broader Internet today. We believe that that same sort of mentality and the characteristics of that pipeline need to be brought to networking, to be able to give us confidence before we make changes. What the outcome of that's going to be into my network as we deploy them out to the network, that it's doing exactly what we expected to dio and then to continue to monitor that because networks are living, breathing things that have humans that are out there on keyboards, touching and changing things. If you don't keep an eye on it, it can run away from your really quickly. And so >> which one is one makes a knox such an exciting place your hand out of your All right. So very quickly. Last couple minutes here, uh, where do you see four networks going with the tooling? What's next? >> Yeah, we think that we think of it very holistically, as we would like for networks to be the single source of truth for everything about your networking environment today. This is, you know, layer two through layer for switching, routing, load balancers, firewalls, allowing you to get the visibility that you've craved across all of that to get that across the cloud, to get that across all of the leading technologies, from the various vendors and and toe layer in additional data over time. But ultimately, it's to help you have up time confidence in what you're doing to be ableto speed through the roadblocks and hurdles that you deal with internally and delivering product, delivering network applications into your network, and then just evolving that into the future. I think that this is the enabling technology to get us to the place that we have scalable five G services that we have. You know, these planet wide networks that are being put into space shortly, right, Tio, help reach every corner of the planet. And to enable the next generation of overlay services that change our lives, we need the network needs to be as reliable as power delivery and deliver the bandwidth and all of these things that we need. But to do that, we have to have scaleable network operations. Otherwise, the companies that deliver the services to us can't pay for it. >> Yeah, so it's it's Ah, it's a major challenge for and I digital business Transformation on DH. Quite frankly. Good guys versus bad guys. Yeah, Alright. David Erickson, CEO and co founder of Forward Networks. Thanks for B again for being on the Cube. Thank you very much. And I'm Peterborough's. Thanks for listening about talking about network assurance. So until next time