(upbeat music) >> Narrator: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE conversation. >> Hi, I'm Stu Miniman, and welcome to this CUBE conversation. We're digging in with Pensando. Talking about the technologies that they're using. And happy to welcome to the program, two of Pensando's technical leaders. We have Krishna Doddapaneni, he's the Vice President of Software. And we have here Pirabhu Raman, he's a Principal Engineer, both with Pensando. Thank you so much for joining us. >> Thank you Stu. >> All right. >> Thank you for having us here >> Krishna, you run the Software Team. So let's start there and talk about really the mission and shortly obviously, bring us through a little bit of architecturally what Pensando was doing. >> To get started, Pensando we are building a platform, which can automate and manage the network storage and security services. So when we talk about software here, it's like the better software as you start from all the way from bootloader, to all the way it goes to microservices controller. So the fundamentally the company is building a domain specific processor called a DSP, that goes on the card called DSC. And that card goes into a server in a PCIe slot. Since we go into a server and we act as a NIC, we have to do drivers for Windows, all the OS' Windows, Linux, ESX and FreeBSD. And on the card itself, the chip itself, there are two fundamental pieces of the chip. One is the P4 pipelines, where we run all our applications, if you can think like in the firewalls, in the virtualization, all security applications. And then there's Arm SoC, which we have to bring up the platform and where we run the control plane and data and management plane so that's one piece of the software. The other big piece of software is called PSM. Which kind of, if you think about it in data center, you don't want to manage, one DSC at a time or one server at a time. We want to manage all thousands of servers, using a single management and control point. And that's where the test for the PSM comes from. >> Yeah, excellent. You talked about a pretty complex solution there. One of the big discussion points in the networking world and I think in general has been really the role of software. I think we all know, it got a little overblown. The discussion of software, does not mean that hardware goes away. I wrote a piece, many years ago, if you look at how hyperscalars do things, how they hyper optimize. They don't just buy the cheapest, most generic thing. they tend to configure things and they just roll it out in massive scale. So your team is well known for, really from a chip standpoint, I think about the three Cisco spin-ins. If you dug underneath the covers, yes there was software, but there was an Async there. So, when I look at what you're doing in Pensando, you've got software and there is a chip, at the end of the day. It looks, the first form factor of this looks like, a network card, the NIC that fits in there. So give us in there some of the some of the challenges of software and there's so much diversity in hardware these days. Everything getting ready for AI and GPUs. And you listed off a bunch of pieces when you were talking about the architecture. So give us that software/hardware dynamic, if you would. >> I mean, if you look at where the industry has been going towards, right, I mean, the Moore's law has been ending and Dennard scale is a big on Dennard scaling. So if you want to set all the network in certain security services on x86, you will be wasting a bunch of x86 cycles. The customer, why does he buy x86? He buys x86 to run his application. Not to run IO or do security for IO or policies for IO. So where we come in is basically, we do this domain specific processor, which will take away all the IO part of it, and the computer, just the compute of the application is left for x86. The rest is all offloaded to what we call Pensando. So NIC is kind of one part of what we do. NIC is how we connect to the server. But what we do inside the card is, firewalls, all the networking functions: SDNs, load balancing in all the storage functions, NVMe virtualization, and encryption of all the packets, data of data at rest and data of data in motion. All these services is what we do in this part. And you know, yes, it's an Async. But if you look at what we do inside, it's not a fixed Async. We did work on the previous spin-ins as you said, with Async, but there's a fundamental difference between that Async can this Async. In those Asyncs for example, there's a hard coded routing table or there's a hard coded ACL table. This Async is a completely programmable. It's more like it's a programmable software that we have domain specific language called P4. We use that P4 to program the Async. So the way I look at it, it's an Async, but it's mostly software driven completely. And from all the way from controllers, to what programs you run on the chip, is completely software driven. >> Excellent. Pirabhu of course, the big announcement here, HPE. You've now got the product. It's becoming generally available this month. We'd watch from the launch of Pensando, obviously, having HPE as not only an investor, but they're an OEM of the product. They've got a huge customer base. Maybe help explain, from the enterprise standpoint, if I'm buying ProLion, where now does, am I going to be thinking about Pensando? What specific use cases? How does this translate to the general and enterprise IP buyer? >> We cover of whole breadth of use cases, at the very basic level, if your use cases or if your company is not ready for all the different features, you could buy it as a basic NIC and start provisioning it, and you will get all the basic network functions. But at the same time in addition to the standard network functions, you will get always on telemetry. Like you will get rich set of metrics, you will get packet capture capabilities, which will help you very much in troubleshooting issues, when they happen, or you can leave them always on as well. So, you can do some of these tap kind of functionalities, which financial services do. And all these things you will get without any impact on the workload performance. Like the customers' application don't see any performance impact when any of these capabilities are turned on. So once this is as a standard network function, but beyond this when you are ready for enforcing policies at the edge or you're ready for enforcing stateful firewalls, distributed firewalling capabilities, connection tracking, some of the other things, like Krishna touched upon NVMe virtualization, there are all sorts of other features you can add on top of. >> Okay, so it sounds like what we're really democratizing some of those cloud services or cloud like services for the network, down to the end device, if I have this right. >> Exactly. >> Maybe if you could, networking, we know, our friends in network. We tend to get very acronym driven, to overlays and underlays and various layers of the stack there. When we talk about innovation, I'd love to hear from both of you, what are some of those kind of key innovations, if you were to highlight just one or two? Pirabhu, maybe you can go first and then Krishna would would love your follow up from that. >> Sure, there are many innovations, but just to highlight a few of them, right. Krishna touched upon P4, but even on the P4, P4 is very much focused on manipulating the packets, packets in and packets out, but we enhanced it so that we can address it in such a way that from memory in-packet out, packet in-memory out. Those kind of capabilities so that we can interface it with the host memory. So those innovations we are taking it to the standard and they are in the process of getting standardized as well. In addition to this, our software stack, we touched upon the always on telemetry capabilities. You could do flow based packet captures, NetFlow, you could get a lot of visibility and troubleshooting information. The management plane in itself, has some of the state of the art capabilities. Like it's distributed, highly available, and it makes it very easy for you to manage thousands of these servers. Krishna, do you want to add something more? >> Yes, the biggest thing of the platform is that when we did underlays and overlays, as you said there, everything was like fixed. So tomorrow, you wake up and come with a new protocol, or you may come up with a new way to do storage, right? Normally, in the hardware world, what happens is, Oh, you have to I have to sell you this new chip. That is not what we are doing. I mean, here, whatever we ship on this Async, you can continue to evolve and continue to innovate, irrespective of changing standards. If NVMe goes from one dot two to one dot three, or you come up with a new encapsulation of VXLAN, you do whatever encapsulations, whatever TLVs you would want to, you don't need to change the hardware. It's more about downloading new firmware, and upgrading the new firmware and you get the new feature. That is that's one of the key innovation. That's why most of the cloud providers like us, that we are not tied to hardware. It's more of software programmable processor that we can keep on adding features in the future. >> So one way to look at it, is like, you get the best of both worlds kind of a thing. You get power and performance of Async, but at the same time you get the flexibility of closer to that of a general purpose processor. >> Yeah, so Krishna, since you own the software piece of thing, help us understand architecturally, how you can deploy something today but be ready for whatever comes in the future. That's always been the challenge is, Gee, maybe if I wait another six months, there'll be another generation something, where I don't want to make sure that I miss some window of opportunity. >> Yeah, so it's a very good question. I mean, basically you can keep enhancing your features with the same performance and power and latency and throughput. But the other important thing is how you upgrade the software. I mean today whenever you have Async. When you have changed the Async, obviously, you have to pull the card out and you put the new card in. Here, when you're talking upgrading software, we can upgrade software while traffic is going through. With very minimal disruption, in the order of sub second. Right, so you can change your protocol, for example, tomorrow, we change from VXLAN to your own innovative protocol, you can upgrade that without disrupting any existing network or storage IO. I mean, that's where the power of the platform is very useful. And if you look at it today, where cloud providers are going right, and the cloud providers, you don't want to, because there are customers who are using that server, and they're deploying their application, they don't want to disturb that application, just because you decided to do some new innovative feature. The platform capability is that you could upgrade it, and you can change your mind sometime in the future. But whatever existing traffic is there, the traffic will continue to flow and not disrupt your app. >> All right, great. Well, you're talking about clouds one of the things we look at is multi cloud and multi vendor. Pirabhu, we've got the announcement with HPE now, ProLion and some of their other platforms. Tell us how much work will it be for you to support things like Dell servers or I think your team's quite familiar with the Cisco UCS platform. Two pieces on that number one: how easy or hard is it to do that integration? And from an architectural design? Does a customer need to be homogeneous from their environment or is whatever cloud or server platform they're on independent, and we should be able to work across those? >> Yeah, first off, I should start with thanking HPE. They have been a great partner and they have been quick to recognize the synergy and the potential of the synergy. And they have been very helpful towards this integration journey. And the way we see it, a lot of the work has already been done in terms of finding out the integration issues with HPE. And we will build upon this integration work that has been done so that we can quickly integrate with other manufacturers like Dell and Cisco. We definitely want to integrate with other server manufacturers as well, because that is in the interest of our customers, who want to consume Pensando in a heterogenous fashion, not just from one server manufacturer. >> Just want to add one thing to what Pirabhu's saying. Basically, the way we think about it is that, there's x86 and then the all the IO, the infrastructure services, right. So for us, as long as you get power from the server, and you can get packets and IO across the PCIe bus, we are kind of, we want to make it a uniform layer. So the Pensando, if you think about it, is a layer that can work across servers, and could work inside the public cloud and when we have, one of our customers using this in hybrid cloud. So we want to be the base where we can do all the storage network and security services, irrespective of the server and where the server is placed. Whether it's placed in the call log, it's placed in the enterprise data center, or it's placed in the public cloud. >> All right, so I guess Krishna, you said first x86. Down the road, is there opportunity to go beyond Intel processors? >> Yes. I mean, we already support AMD, which is another form of x86. But other architecture doesn't prevent us from any servers. As long as you follow the PCIe standard, we should, it's more of a testing matrix issue. It's not about support of any other OS, we should be able to support it. And initially, we also tested once on PowerPC. So any kind of CPU architecture, we should be able to support. >> Okay, so walk me up the application stack a little bit though. Things like virtualization, containerization. There's the question of does it work but does it optimize? Any of us live through those waves of, Oh, okay, well it kind of worked, but then there was a lot of time to make things like the origin networking work well in virtualization and then in containerization. So how about your solution? >> I mean you should look at, a good example is AWS, like what AWS does with Nitro. So on Nitro, you do EBS, you do security, and you do VPC. In all the services is effectively, we think about it, all of those can be encapsulated in one DSC card. And obviously, when it comes to this kind of implementation on one card, right, the first question you would ask what happens to the noisy neighbor? So we have the right QOS mechanisms to make sure all the services go through the same card, at the same time giving guarantees to the customer that (mumbles) especially in the multi-tenant environment, whatever you're doing on one VPC will not affect the other VPC. And the advantage of the platform that what we have is very highly scalable and highly performing. Scale will not be the issue. I mean, if you look at existing platforms, even if you look at the cloud, because when you're doing this product, obviously, we'll do benchmarking with the cloud and enterprises. With respect to scale, performance and latency, we did the measurements and we are order of magnitude compared to (sneezes) given the existing clouds and currently whatever enterprise customers have. >> Excellent, so Pirabhu, I'm curious, from the enterprise standpoint, are there certain applications, I think about like, from an analytic standpoint, Splunk is so heavily involved in data that might be a natural fit or other things where it might not be fully tested out with anything kind of that ISV world that we need to think about. >> So if we're talking in terms of partner ecosystems, our enterprise customers do use many of the other products as well. And we are trying to integrate with other products so that we can get the maximum value. So if you look at it, you could get rich metrics and visualization capabilities from our product, which can be very helpful for the partner products because they don't have to install an agent and they can get the same capability across bare metal virtual stack as well as containers. So we are integrating with various partners including some CMDB configuration management database products, as well as data analytics or network traffic analytics products. Krishna, do you want to add anything? >> Yeah, so I think it's just not the the analytics products. We're also integrating with VMware. Because right now VMware is a computer orchestrated and we want to be the network policy orchestrator. In the future, we want to integrate with Kubernetes and OpenShift. So we want to add integration so that our platform capability can be easily consumable irrespective of what kind of workload you use or what kind of traffic analytics tool you use or what kind of data link that you use in your enterprise data center. >> Excellent, I think that's a good view forward as to where some of the work is going on the future integration. Krishna and Pirabhu, thank you so much for joining us. Great to catch up. >> Thank you Stu. >> Thanks for having us. >> All right. I'm Stu Miniman. Thank you for watching theCUBE. (gentle music)