>>from around the globe. It's the Cube with digital coverage of next level network experience event brought to you by info blocks. >>Welcome back to our coverage. The Cube. I'm John Furrier, your host. We're here with a virtual event with info blocks on next level networking. It's a virtual event hosted with the Cube of great guests Kenya Asuni, who is the EVP of products and corporate development with info blocks today. Thank you for coming on. Appreciate it. You guys are the theme of this is next level networking, which I love. Next level, it really kind of illustrates we are going to the next level with Cove in 19. We're seeing it everywhere security DNS topic that most people aren't familiar with. An i t. You know all about it. You guys are leading and reinventing d I for the folks that I want to know what that is. It's DNS de HCP and I p address management for the hybrid cloud and borderless enterprise, which is basically everything. Now, um, this is super super important. As we see every single company living this right now, which is workforce is working from home workplaces that are transforming the surface area is huge. You still got to connect to the Internet. You still need to go to a website and you still do. E commerce needs to run your business. This is a huge, huge problem that's been highlighted. Secure access there you guys are in the forefront for next gen or networking. Tell us what you define as next level. >>So, John, I think one of the things you'll see is if you, if you look at the train, is happening in our business, that is, there's an increasing adoption of SAS services, whether it's infrastructures of service being consumed from AWS, azure, Google or all the idea applications moving into SAS, you're already seeing a shift away from this data center. Being the center of the university in the Enterprise, I t infrastructure to more of a cloud edge world where a lot of the applications now sit in the cloud some in your private cloud still but a lot in the public cloud. And then you have your enterprise edge from where you want to get to these applications directly instead of back calling all the traffic into your traditional data center. We're also seeing a big push into the number of devices coming into the infrastructure, whether it be by Odie Iot G five GS or more devices coming into the infrastructure. As you said, that perimeter and the surface area of the enterprise has exploded. So you have to You have to start to think about security from a different standpoint. So all of these trends are starting to play out in the market. I think what you're going to see is over the next couple of years that the the network inside the Enterprise is gonna look very different from ordered yesterday. Today, everything gets back to the data center, and that's where all the action's. I think what you're going to see is a big shift towards what we call a hybrid multi cloud enterprise, where you may have some workloads sitting in your data center. Some workloads sitting in public clouds, some in your private cloud, and then you want the ability to move these workloads around and you're utilizing everything all your applications. You're actually continue rising all your applications, and you want all this stuff to move around so it poses a very interesting challenge. And that's why we say you need a next level network experience to deal with all the changes that you, their enterprises, are going to it. >>That's a great point. This is our top story that we've been reporting for a long time but rose recently with code 19. This notion of multiple networks, multiple environments, multiple clouds. Certainly hybrid cloud has been ratified. Everyone pretty much acknowledges that cloud operations on premises to the cloud of their. But you got to still move packets from A to B moving around, and now you're storing them and all kinds of things are happening. But I want to get your thoughts on a trend that even makes what you just said even more complex because the complexity is crazy. Right now, there's a trend of managed services. Cloud explosion comes on. You mentioned SAS more coming or deploying a managed services, sometimes multi tenant, sometimes pure instances in the cloud or on premises and data center that's causing access. I still want to integrate that into a Web presence. So, you know, I gotta integrate all these things. It's not that easy. Now. Again, DNS has been a big part of the Web presence But now you have a new dimension of hosted applications. You have managed services that that are easy to stand up. But now I gotta integrate them. This is one of the hardest challenge is that we're here, and I want to get your thoughts in reaction to that. Yeah, >>and I think Google has certainly accelerated the shift that we talked about. So I think a good point there in terms of your school reacting is there is a big accelerant in terms of the shift of the cloud. I think one of the the key role that we play as the enterprise gets much more dynamic is you need three elements you need the element to be to get visibility into everything that's going on in your cluster, you need to provide a layer of security of foundational security in your infrastructure and you need automation because then you have workloads moving around. You need to automate all your idea. Simple flows around allocating. I p address system is VMS or containers on moving as containers. Moving our retaining I P addresses assigning your i P addresses managing DNS records for them. So the work we do that dd I there really becomes the life blood of how this hybrid multi cloud enterprise comes along. And as you get to a much more distributed I T infrastructure, you are not going to be able to manage this entire infrastructure yourself the traditional. So if you have an enterprise idea administrator, you cannot sit there and say, Look, I'm gonna do the traditional model of deploying software on premise or appliances on premise, and I love my guys going out there and managing the administration of that software every six months after do a software upgrade and I'll do all that. What you need, because the enterprise has become so distributed in dynamic, is you need a cloud managed or a managed services. In either case, basically, what you see what you're looking at is a centralized management more and the ability to spin up and down the services Dynamically. We are strong believers in sass or a cloud managed approach and a cloud native architecture being the right architecture for the next level network. And that is something from a delivery standpoint and MSP can use. A managed service provider can leverage this flower manage architecture that we have to offer the services to enterprise customers and take away the whole headache off, managing and administering their own infrastructure. >>I like how you said dd I layer because there's an abstraction you can create the take away that complexity that was pretty straight forward. The best yet. DNS dhc p I p I p addresses. Okay, you manage those cases? No problem Naming whatnot. Now. You have a dynamic environment. That's key. I want to get back to and follow up what you said about the I t folks, your customers in the Enterprise. They're sitting there saying, Hey, I'm used to the on premises world and I have cloud What's the difference in your mind between on premises and cloud managed d D I and why does it matter? >>Look, I think in the traditional world, all the i t infrastructure it again was sitting in one or more regional or or regional or centralized data centers and that it was easy to manage. You could appliances from info blocks and now and it was easy. You had the folks sitting in these data centers and they could manage the entire infrastructure using someone premise management tools and things of that nature. But now I think about it. If you're if you're Walmart and you have 4500 stores right now, if you want to push DNS d A T v i p address management software into all these 5500 locations, it is very difficult to do that by deploying individual appliances or by deploying sort of shrink wrap software that has to sit in every every one of these locations. It's just from an idea administration standpoint. It's a it's a much heavier lift. But if I could take all the management and all the policy management that the policy framework and pull that up into a SAS lower that you can access from anywhere on the planet and I'll leave the protocol serving engines, if you will, on premise. So you have a container that gets spun up that can sit on any third party hardware that's sitting at your infrastructure. But it is all managed through the cloud it zero touch provisioning Andi, completely orchestrator. Now you're sitting at us at a central dashboard, and if you're in a corporate environment, you're sitting at home and just accessing our SAS service and managing your entire infrastructure from from from your from your home from your our checked at your home. Right? So it just becomes so much easier for idea administrators to operate. And I >>have so much free time on their hands to be the Watches virtual event. So be fun. There certainly >>do Stash stash. That's a great >>point. I want to get your thoughts because I like how you know I love the term next level. Anything going, the next level has been something that you talk about, whether you're a technical person and an entrepreneur or a business person. Let's go the next level. It means go the next level. But you add the word experience in there, and I want to get your thoughts on that because it is about the user experience. What >>do you >>guys do to provide that what info blocks provide specifically to provide that next level experience? >>Yeah, that's a great question. We are formed believers again that the future of networking and security in I T. Is going to shift to a cloud managed cloud native paradigm, which means you should be able to just like the hyper skaters. AWS is the Googles and Amazons of the world, right? If you look at how they build out their cloud infrastructure, it's all about separating the infrastructure layers of the compute layer from the applications that sit on top of them. So the compute nodes can scale at a difference at a different pace from that from the applications. That same mindset needs to come into into managing networking and security services as well. So if you have 1000 different educations, lets you can decide through a centralized policy framework what services you want to spin up a lease 1000 locations. Today you would have to buy a box, a small medium large box from info blocks or any one of the networking guys out there, and you would have to deploy that. And most likely, you will end up over provisioning each site because you don't want to run out of capacity. The next level experience would say, Just tell me what side you're deploying. The sites will call home. They will download the number of services needed based on some centralized policy that was defined, and you would get a right size deployment off services at that particular site. You need more services because, say, the user profile, that the profile of the users at that site change, which means you need to spend a Let's, say, a couple of additional security services. Well, that gets automatically imported from the cloud and gets incense created in that particular site. If you need more capacity because it's end of the quarter and you're doing a whole bunch of peer some financial contractions for closing the books, you need more capacity for some of the security applications. Those additional containers with those security applications can can get spun up, so you're starting to scale out as you need and scale back when you don't need the capacity. But this whole thing becomes a very dynamic experience in terms of how services get spun up. They get on down, and it's all driven by. There's this whole notion off the users that are sitting in a location, the context of the users of what devices they're trying to access these applications from what, what is the time of the day? How is the security profile of that device you bring all that know how into the house services get provisioned and how services get operationalized at any particular site in any particular enterprise. Rights are very simple experience when it comes to networking and security, and how do you deploy it at scale? >>And the thing that that sets up is what you're saying really about automation, because once you're in this mode in this experience, the environment lends itself well to automation because it is downloading the right services you need. But since it's dynamic and it needs to be ready, how does automation fit into that piece? >>Absolutely, if you disaster management is already automated for you now if you want to drive further automation and orchestration through integration with your Dev ops, SEC ops, Net ops tools, we have public FBI's through which this this can be driven. There's two ways to manage this right. We have a Cloud Services portals. If somebody wanted to go in and leverage our porter to manage their infrastructure, they can't do that. If they wanted this to be completely programmatic and driven through their their dev ops SEC ops tools, then through the public AP guys, we will tightly integrated into all the tools they have, whether it's sensible data forms some of the Dev ops tools or on the security side. If you want to integrate us into your store platform security orchestration, platforms, you can do that. And your entire workflow for networking as well as security can be completely, completely automated. >>That's awesome. I want to get as we get limited time left and you got to go. We have to hard stop with segment here. Customer example. I'll see customers have a need for this. You're in business to do this. Can you give an example of a customer? That kind of illustrates the next level networking >>we have. We have 6000 plus active customers. We have over 50% share when it comes to this DNS DCP eye Pam market. So you will see has deployed and have you deployed in 95. Out of the Fortune 100 enterprises in four blocks is some someone you will see in any customer that you that you go through. We have some public references such as Adobe, a great customer of ours on our website. They, their entire global network, runs on the foundational layer of D. I. We have some very large customers that are not as comfortable being public references, but we have again. If you have 95 of the Fortune 100 enterprises want you, you can imagine how sticky VR how broadly deployed we are. Typically, what happens is we would go in and we would go in as the FBI there for them to control and manage that I p address space and their DNS infrastructure. Then they take on more off. They take on a security lens at this and say, Look through the http and eye Pam, I know everything that is sitting in my infested toe, DNS. I have full visibility into all the communication happening from that employer. So that's a great data source for me to leverage as a first layer of defense from a security stand. So then they start to bring in security into the into the mix in terms of how they leverage our products and then through our SAS platforms and SAS offerings. They take that and extended as they're driving this edge transformation. So they push these services now to the edge of the infrastructure so and that the new infant, the new offerings are blocks one platform is our SAS platform and blocks one based applications on our new offerings that integrates very nicely with some of our traditional offerings. So you get a very comprehensive single pane of glass in terms of how you can manage your entire enterprise footprint, whether it's it's on prim at the edge, in the public cloud at the cloud edge, right? >>You know, having a good business model that puts abstractions and reduces complexity is is a great one. We've seen the innovation with DNS and anything that needs an Internet address. You got to connect, and I o. T only creates more need for connection. This is the key enterprises know DNS. They know it differently that it's the plumbing we all know. But every time there's an innovation inflection point, a new abstraction layer emerges for simplicity, ease of use. >>DNS is the phone book of the end of off the Internet. Right, So you want to call anywhere you have to first, your DNS. Look up and you brought up I o t. That's a great example. You're not going to be able to put in these eye ot sensors. You're not going to be able to put endpoint security software, but they're going to call home so you can leverage DNS and do some behavioral analysis of the DNS. Traffic coming out of those Iot. The sensors are I ot endpoints and say, Hey, look, is there something militias going on? Why is my thermostat talking to a server in China? You can detect that to a DNS based security earlier that this foundational >>and to your point, whether it's a light bulb or anything untested device, they're being turned on and turned off all the time at massive scale. There's no other way to handle it, but having abstraction and automation. Absolutely. Thank you. Thank you very much for your time. Great segment. We're here at the info blocks. Virtual event. This is the cube coverage. I'm John Furrier. Thanks for watching. Thank you, John. Yeah, Yeah, yeah, yeah.

(relaxing electronic music) >> Narrator: From around the globe, it's theCUBE! With digital coverage of Next Level Network Experience event. Brought to you by Infoblox. >> Welcome back to theCUBE's coverage, we're here in our Palo Alto studios. I'm John Furrier, host of theCUBE. We're here with Infoblox for their Next Level Networking virtual event with theCUBE. Glenn Sullivan is our guest, Principal Product Manager with Infoblox, formerly with SnapRoute, theCUBE alumni. Great to have you back on, Glenn. Great to see you, and thanks for jumping on remotely. We're doing the remote thing, the remote CUBE, good to see you. >> Yeah, it's great! I wish I could be in the studio, you guys have a great studio up there in Palo Alto, so I wish I could have joined you, but that's not possible right now. (chuckles) >> The governor's on, is off, we're get there, but when it does come back we'll certainly do a lot more remotes, and want to go to a "hybrid world." Hybrid, it sounds like the media business is turning into cloud computing, you got public videos, in person, you got hybrid, and virtual. The cloud native world is certainly spawning everywhere now with COVID, and you guys are talk about Next Level Networking, but with the word Experience. I want to get your thoughts on that because, you know, it's been six months, you've been on theCUBE, a lot's happened. Next Level Networking Experience, describe it. >> Yeah, it's really about processing things as close to where they need to be processed as possible, right? So, you don't really want to put everything in the cloud, you don't really want to have everything happen on-prem, you want to do the right data processing where it's needed, right? Have a little bit on-prem and have a lot in the cloud, or vice versa, it's really about elastic scale, right? That's what I think about with cloud native technologies is being able to run whatever you need to run service-wise as close to the delivery mechanism of either the user, or you know, as close to the app in the cloud as you need to. That's really what it means by, you know, having an elastic scale, and we try to do that every day. >> And notice the word Experience is in there, you know, that's been super important because you build and provision, manage these services from the customer standpoint. I mean, I can't drive in, there's no, there's clothes, or I got to go in, I now can do remotely. This is the key about having abstraction layer innovation, certainly DNS, DHCP, IP address management, never going away, you've got to connect stuff to the internet, I mean the network is there. >> Exactly. >> You've got to be a bit more innovative, what's your thoughts on the impact of the network now that cloud native and open source specifically are driving more action. >> Well, there's a lot going under the hood, right? And you can't just, you know, manage things the way you used to be able to, where you take and you buy a box, you know, it's that cattle vs pets thing that we talk about in cloud native, right? Where you treat this appliance very specifically and very specially, and you upgrade it and you're afraid to touch it. Now that you can't, you know, get the things, you have to do everything lights out. So, what we've learned via applying technologies in the cloud, you know, you didn't go into AWS' data center, or Google's data center, or Microsoft Azure's data center and manage these things, so what we've learned about how to manage infrastructure across the board in networking and compute and storage now is even more important, because everybody's lights out all the time now. >> And scale and speed is critical. I mean, Google's pioneered the concept of SRE, Site Reliability Engineer. What your teasing out, Glenn, is the same kind of concept for the network, you've got to have the security, you've got to have the scale. This is a huge point, can you react to that? >> Yeah, it's about spinning up instances where you need them, you know, when you need them, right? If networking equals a physical black box appliance that you specifically nurture and manage instead of just networking services, right, because DHCP is a networking service, DNS is a networking service, IPAM is a networking service, so you should be able to spin those up wherever you need to and manage those without having to worry about it all being tied to, you know, specific things that you have to manage in a very nurtured way. >> I want to get your thoughts, the term borderless enterprise is being kicked around, you guys use that term. I've heard, you know, the borderless networK, makes sense I guess, but what does the borderless enterprise mean to you. >> Well, it's really just an extension if you think about it from the software defined perimeter concept before. You know, people call it different terms now, but it's just saying that borderless means that I don't have people sitting in a office anymore, and if I do have people sitting in an office, they have the similar experience to people that are connecting remotely, no matter where they are. So, because there is no boundary to your network, right, because the edges of your network don't match edges of your walls in your branches, that's pretty borderless to me, right? And you have to kind of think about, you know, it's not just about adding more firewalls, It's not just about adding more network perimeter security, it's really about how do I apply foundational security across the board. I've been at Infoblocks now for a little over six months, and I can tell you, it's great to see thinking about these foundational services, right? These infrastructure services like DHCP, DNS, and IPAM being really at the foundational layer of the security that you apply to your network. Right, it's the first couple of things that happen, right? The first thing you do is you get an IP address, that's DHCP, you can figure out all kinds of stuff about a device that way. Then you start looking at services with DNS, right? And then it's like, "Okay, well now I've got a lot more information about what the user's doing, where they're going, and how to secure it," right?" So, these sound like they're really your plain vanilla protocol suites, until you really start applying borderless security across the board with them. >> Yeah, a lot of machinations, and also you now have massive amounts of connection points, 'cause with IoT, not only have more in terms of volume of things connecting, but they're being turned on and off very quickly. They have to get connected, so you have that going on. >> Yep, and then you got to make sure that they do what they're supposed to do, right? If they're supposed to phone home to a specific place that they only do that, and that they haven't been hijacked, and somebody isn't mimicking them with malware. There's all kinds of security threats when you start thinking about all the possibilities that IoT brings into account. >> Yeah, some light bulb that you screw in, wifi enabled, has a multi-threaded capability, and be, who knows what's on there, right? (laughs) I mean this is what the reality is, no one knows what connects, a little hygiene comes a long way. I want to just get back into what you said. You've been there for a few months, came from SnapRoute, which was doing some real fine work, that's where we did our feature interview on you and what you were doing there, that technology. With borderless enterprise, what is the role that cloud native and open source play? Because this is your wheelhouse, I want to get your thoughts because when you had that to borderless, things kind of happen. >> There's two things that I like to think about. One, it's scaling things down as skinny as possible, or as big as necessary, right, elastic scale, right? We talk about cloud native technologies, we always talk about elastic scale. Well, what does that mean? Well, that means that am I securing an entire data center? Am I securing a branch office? Am I securing a gas station? Or am I securing a person working from home? You know, this is what we mean by elastic scale. It doesn't mean that I'm, you know, purpose building the spoke specific security profiles for those individual use cases, it means that I have a system that I can scale up and scale down no matter where those folks are, right? That's really what you have to do when you think about cloud native technologies and the borderless network, is you have to be able to run things as close to the user as possible, or as close to the app as possible, or somewhere in between. The second thing that I think is super key is abstraction, right? You can't manage everyone working from home, or you can't manage as many instances as you need with everyone's individual laptop, right? This doesn't scale, right? Abstraction is key to cloud native technologies because it means that I don't pay attention to anything that's below me, right? If I'm an SRE, I don't necessarily care about what type of servers that application set's running on. If I'm a network engineer, I don't really care about the fiber patch panels that connect my network devices together, right? Abstracting away the underlying infrastructure is key for cloud native technologies. So, as we add more and more devices, more and more endpoints, more and more users to manage, we have to make sure that we abstract away the complexity of all the connections that need to be built between those users and whatever, you know, abstraction orchestration layer that we utilize. >> You almost peeled back the onion from the early days of DNS and go to the core, "Hey, I want to connect to this domain." And a packet moves from here to there across an IP address, "Oh, let's add some abstraction on it." This has been the innovation form for the internet for years, right? So, how do you describe the Next Level? Because you mentioned, again, the word Experience is in there, so Next Level means, okay, networks need to be programmable. You do have the Next Level opensource dynamic that you pointed out beautifully, what's that Next Level Experience? How do you see the preferred future evolving? Because if you take this further, if you believe cloud native provides some scale, as you pointed out, it should simplify, these abstraction layers should reduce complexity, or abstract away the complexities and provide more simplicity. >> Absolutely! I mean, I always come at it from an Ops perspective because that's just my background, right? But I was running networks for a long time before I started building, you know, network operating systems, right? I can tell you that what I need is visibility. You know, I need to be able to see what's going on at any given moment. I need to be able to know that the things that I've deployed are up and running. I need to know that the information that I need to troubleshoot the issues that arise is at my fingertips, right? Because I always think about it like the 3:00 a.m. call, right? The network engineer, or sysadmin, or the DNS admin, or it doesn't matter who they are, at 3:00 a.m. they got to wake up because they've just been paged, and something's wrong. And how do they get to what's broken? So, that's one way to think about it. There's also the deployment way to think about it, right? Like how can I deploy as many new users, as many new branches, as many new locations, whatever the process is. You know, you hear zero touch provisioning, you know, all these other, these features, and they come as part of a cloud native mentality, right? They mean that I don't have to do, you know, a whole lot of pre-thinking and pre-staging, and pre-configuration, and pre-thought before I deploy stuff, right? It means I need something, I deploy whatever is required from a service level, I kickstart it, it bootstraps itself, and it joins, right? I take away the headache of having to think about where something is or when it is, and that's a lot of the synergy that we had between what we were doing at SnapRoute and when we came to Infoblox, right? I can tell you, we were pleasantly surprised by the platform that was built, and we were like, "Okay, well this is going to be great! We can add services to this and we don't have to worry about having to go an reinvent the wheel." Because when you choose technologies like Docker containerization, you choose technologies like Kubernetes orchestration and Kubernetes abstraction, you are a lot closer to where you need to be. I mean one of the thing that, you know, isn't super well-known out there is that CoreDNS is one of the major projects that Infoblox helps maintain with inside CNCF, the Cloud Native Compute Foundation, right? CoreDNS ships at the core of every Kubernetes version from now on, you know, as of a few versions ago. So if you think about it, Infoblox has got a lot of cloud native technologies built into everything that we do, and we're one of the key maintainers of one of the key DNS features of something that's at the heart of Kubernetes, and you know, I don't have to tell you how popular Kubernetes is. >> Yeah, we've chatted about that. It sounds like it's the kernel of all the action, DNS, the CoreDNS for Kubernetes. (laughs) >> Exactly, exactly! It's definitely at the core there. >> Glenn, I want to get your thoughts. First of all, I love chatting with you, you mentioned you were from an operating background, but also you can bring a lot of dev into it too, so this is ultimately, to me, the inflection point of where DevOps goes mainstream, because you used to do Ops for a fruit company, Apple? >> Yes, yes, very popular! >> Big one. >> A very popular fruit company called Apple, and we know how hardcore they are, especially they lean heavy on, you know, lock it down, make sure everything's secure, I mean it's well known in the Silicon Valley and around the world, certainly in tech circles, the security mindset. >> Absolutely. >> Large scale operations. Now, you bring also the DevOps aspect of it with cloud native. As that world has to become secure, and networks, it's an Ops game, let's face it. No matter how much DevOps you sprinkle into the equation, at the end of the day, it's Ops. Ops, operations of networks, high availability, large scale. But now you have a little bit of development goin' on on top. The programmable internet past the tip of the network layer, what's your take on that? Because you still need security, you want to have the capability to do some advanced automation. These have been hot new trends, and networking people are now hearing this not for the first time, but it's the new thing where it's like, "Okay, I can have my Ops, but I got to do some Dev now." So make sense of this, where are we in this whole programmable networking aspect? >> Yeah, there's sort of two schools of thought, and it's interesting what's happening, right? You've got kind of, on the extreme left side you've got, "I just treat the network like it's dumb plumbing and I run all of my software overlays on top of it, and I basically treat the network like it doesn't exist." And you know, it's kind of a situation that's been perpetuated by the silos that are out there, where you have the network engineers, and the server compute engineers, or SREs, and then you know, it's like, "Well, these folks never have to talk to each other because we just treat the network like it doesn't exist, and we run overlays on top." And some of the vendors in the server overlay security space have been really proud of that interaction. And I can tell you that that's one way of doing it, but it's not the optimal way, right? Like, when I was a network engineer I could tell you, you're trying to build credibility, right? So, if I was talkin' to a network engineer now, and I'd say like, "How do you get your credibility built with your server folks?" It's kind of like learning a different language, right? If you try, if you try to speak the other language, the person actually is appreciative of that and will help you. So, I always found, you know, find thing things you can automate, run that code base, figure out the API structures, build some pseudo-code together to make it happen, and figure out what you're doing over, and over, and over again and automate it. Automate away, right? And that's some of the nice things that are the same here, right, everything we could ever want to do in any GUI is all REST API'd underneath the hood, right? So it's like, we don't have to pitch to people that, "Oh, you can automate this code if you want to, you can run these APIs if you want to." They know it, and they use it, and people are happy with it. And I think if you're a network engineer, you've got to spend the extra effort to try to, you know. You don't have to do anything complicated! >> It's not rocket science. You know, it's not like you got to go right C, I'm sorry? >> It's not rocket science. >> No, start with Ansible, you'll learn some Python, you'll learn some Django on top of that, and then keep running, right? Keep automating on top of that. >> All right, great stuff, Glenn. I know you've got a a tight deadline, appreciate you comin' on for this virtual fireside chat as part of the Infoblox Next Level Networking virtual event. What specifically can companies do to get what they need from a technology standpoint to secure the borderless enterprise? How do you see it playing out, now that you're on Infoblox side from SnapRoute, with what Infoblox has, which is a holistic portfolio approach, a holistic view, what are you guys offering customers, and how do they secure their borderless enterprise? Really start with DDI, right? I know DDI is something that is not specific to Infoblox, but if you look at what we're doing with DNS, DHCP and IPAM, it's really the foundational layer to start securing the rest of your network. We don't necessarily make it so you don't need the rest of your security stacks that are running on top, but we do optimize 'em and we make it so you can right-size 'em, and we really think that if you focus on getting that layer solid, and you really focus on the DNS security, you can apply a lot of lightweight, high impact features as early on in the packet forwarding process as possible. Right, if you think about, I'm a network engineer at heart, so I always think about the path of a packet from the start to the end, and DDI happens really early in the process, so if you give that right, the rest of your security infrastructure built on top of that is just going to work that much better. >> You're the Principal Product Manager at Infoblox, formerly with SnapRoute, how do you fit into this? What product are you managing? Can you give a little bit of background, kind of what you're working on? >> So, I'm an emerging technologies PM, so basically anything kind of new and cool that we look to add to our platform, that'll come out of myself and my group. >> And Kubernetes obviously is one of 'em. >> Well, Kubernetes is already there, so we're already doing stuff with Kubernetes inside Infoblox, like, our whole platform. If you buy BloxOne DDI and BloxOne Threat Defense today, it's all deployed using Kubernetes and Docker containers, and orchestration layers, and everything today. So, everything that we're building on my team, is all building on top of that well sold platform that's already been developed. >> There's definitely demand out there, you're startin' to see the big companies like VMware, very operational focused companies start acquiring cloud native and open source, kind of a new kind of section to them. Obviously it's a tell sign, the markers are all there in terms of the trends. What are people missing? What's real, what's vape or what's reality when you look at the landscape, and what does Infoblox bring to the table? >> So, I think what's important to know is that when you're lookin' at open source technologies, a lot of them have been hardened over many years, and there's new stuff coming out all the time, and there's definitely new uses for them. But what's kind of important is what you put on top, right? Everyone's got open source under the hood, or they've got technologies they've OEM'd under the hood, right? But the experience that you present to customers is really key, right? Because you can take any kind of open source project and wrap a, you know, very thing layer on top of it, and you can either, you know, trump up the open source software, and say is the open source software we use underneath, or you can downplay it and say hey, this open source software, you know, we don't really talk about what's under the hood and it just all works magically. We find that transparency is really helpful. You know, you let people know what's under the hood, and you contribute to it, and you show that you're involved in this community, and you use that as a leverage to kind of push forward. So, if you look at, you know, what we're doin' with some of the different projects within, you know, BloxOne DDI uses Kea, and we're part of IC that's part of the maintainers of that, like we're openly in this space, right? And I already mentioned CoreDNS before, right? So, you can either take open source, and use it, and pretend that you don't, or you can take open source and contribute to it and be a community member, and be an advocate, and usually when you're on that side of the equation, you end up in a better place with your customers, building, you know, building confidence in your customer base. >> That's great stuff, Glenn Sullivan, thanks for comin' on, I really appreciate it. I'll give you the last word. In a nutshell, if I have cloud native and open source, how do I secure my borderless enterprise? >> Think about it as close to where the source is as possible and scale things elastically so that you can do as much processing of the user experience as possible so that you aren't trying to, you know, funnel everything to a single place and apply some magical policies in a single centralized location, to where you have to process a lot of data across the board. If you think about it from a hybrid approach where you've got a little bit on-prem and you've got a little bit in the cloud, or in some combination that's right for your organization, the hybrid approach that really trumps the local survivability, and really, you know, keeps focusing on securing things as close to the user possible, or as close to the source as possible, then you're going to be in good shape. >> Glenn, great stuff. As always, a masterclass in networking. Appreciate the insights, thanks for comin' on this Infoblox Next Level Networking virtual event for theCUBE. I'm John Furrier, your host. Stay with us, and thanks for watching. (relaxing electronic music)

>> Announcer: From around the globe, it's theCUBE with digital coverage of next level network experience event, brought to you by Infoblox. >> Okay, welcome back everyone's to CUBE's coverage and co creation with Infoblox. Next Level networking event, virtual event, I'm John Furrier, your host to theCUBE. We're here with Craig Sanderson, Vice President security products at Infoblox. Talking about securing the borderless enterprise, obviously Infoblox, we had a variety of different conversations. Craig, welcome to theCUBE. >> Thank you. Thanks, it's great to be here. >> Remote CUBE, normally we're in person, but since it's COVID-19, we're doing our best to get the stories out and one of things I want to chat with you is with COVID-19, this shift to remote working is interesting and the word work is interesting you got the work forces which are people work places which are locations, which is now home, workflows and work loads all work related, right? So if you think about the enterprise, you know, just the disruption to business model around this unforeseen, almost 100% VPN usage maybe or you got all this remote action, no one could have foreseen all this coming. How is this shift change the security paradigm and posture for enterprises? >> Yeah, I think for a lot of the customers that we've talked to, a lot of them are thinking about digital transformation for some time. What COVID has really done is rapidly expanded or kind of accelerated the need for them to think about what the digital transformation plans are. And unfortunately for some organizations who may be not as far down the line as others, they've looked at their current implementation for remote access, and their traditional security models of like perimeter based and they found that you know in this current environment where suddenly you've gone from being only a partial set of your workforce or remote to now all of them being remote and their applications, their data, the users, they're all kind of spread anytime, anyplace, anywhere. Their traditional models don't really work. So what it's caused a lot of organizations to do is to really accelerate their digital transformation plans and quite often for some of those organizations, they've realized that they've had to make the move relatively quickly because their traditional architectures have just not been designed for this level of disruption the digital transformation has had on their businesses. >> Give some examples of how companies have either been flat footed or on their heels, kind of push back and saying, well, we got caught off guard to ones that are kind of in place that kind of managed the pandemic well, what's the difference? Can you just give some color commentary around, you know, the the profile who got it right or some were right, and some that have gotten it wrong, or are struggling? >> So I think the ones who got it right are the ones who were already thinking about digital transformation. They're looking at the fact that a lot of the applications that their consumers or their users are consuming are increasingly going to be in the Cloud anyway. So the traditional architecture of all the good stuffs on the inside and the bad stuff on the outside, that simply doesn't work with Cloud and those organizations who were looking at obviously Cloud deployments for their applications, SDN IoT, those organizations have had be thinking about how they can secure those devices, the applications and users in a way that is going to be ubiquitous. The fact that you can deploy the security controls wherever those applications users or devices are going to be. So those organizations are already starting to think about how they can build a networking architecture that is going to be suited for digital transformation, and by extension, they've been recognizing that the security model has to change, 'cause they were much further down the path. Really, this has been an acceleration. For those organizations that well, I'm not really interested in Cloud, are worried about the risks associated with Cloud and things like that, who tended to try and stick or cling to the old traditional model. Where they really run into trouble now, it's like this model just doesn't work. And now the decisions almost been taken out of the hands with COVID, because now their users are not on the corporate network. They can't build a rock wall around those users. They now have to provide protection for a user who's potentially not even using the device that they can control. So for those organizations who are already thinking about cloud and SDN and IoT, because of that digital transformation effect they've been starting to think about security, for those who have not thought about that or who have tried have been pushing that off, they're the ones who've been caught somewhat flat footed and now they're been forced to make a decision which maybe not they're actually feeling comfortable already ready to go off and do. >> You know, Craig, I sat with a friend the other day and we're like briefing on hey, you know, COVID-19 really, kind of, exposes almost like the tide coming out as that tsunami comes. You can see everything, all the scabs and all the problems. And then we started talking about the whole work at home situation, like this is probably the biggest use case of IoT in real life because you can really see it play out, not just a factory or sensor or device at the edge of the network, these are work, people doing work, right? So this whole IoT Edge, it's about addressability. So you know, I have to ask you, 'cause we've talked with you guys earlier in other segments around this next level networking experience, I love the word experience, but next level networking means next level. So DDI has an abstraction, DDI being DNS DHCP, and IP address management. How does the security piece fit in? Because certainly, yes, you got at home, we got a bunch of IoT people running their stuff from their home networks and so remote access, and you got also the business around, which includes everything that's connected to the network now, and literally is borderless. So I like that term. So how does DDI security fit into that? Yeah, I mean, it's part of having the experience, I mean, one of the things that's changed, I mean, I've been in security for over 20 years, probably about 10 or 15 years ago, as a security guy, you could come back and you had a veto, you'd come back and say, well, no, we're not going to roll this thing out, these applications, or these services, because it's a risk to the business. Now in a lot of the CSOs that I've talked to is that veto is going away. If this application is going to get rolled out, we're going to run this service security has to catch up. Now what you can't have is from a seamless experience point of view, is to say well, okay, you've now got wonderful application experience, but then it gets ruined by all the security controls are very invasive. So all organizations are having to do is to think about how you can build a seamless networking architecture that can also seamlessly include the security as part of that. And so you can still have the security of the organization needs without it becoming a massive disruption to the experience. And one of the good examples is, for a lot of organizations their remote access, going back to the COVID example, is based on VPN. VPNs are cumbersome and have got troubles with passwords and all these sort of like traditional issues associated with the user experience from a VPN perspective. I mean, a lot of users have the patience to deal with that, and they don't necessary follow all the necessary security controls. So people are being forced to rethink how they can build the quality application experience underpinned by a digitally transformed network, but at the same time, making sure you could layer in at foundational layer, the security functions as well. And that's where a lot of organizations who are a little bit more forward thinking understood that and start to think about like DNS, is essentially this ubiquitous platform, which is already there it can already provide the sort of security services by default. Because going back to your example about IoT, one of the jokes with one of my friends is, and for every IoT security, sorry, every IoT offering, there's a separate IoT security offering. And one of the things that was a lightbulb moment for us is, if you're trying to secure all these heterogeneous IoT devices, well, one thing they have in common, they're all going to get an IP address, so we're going to use DNS. So what people have to start to do is to try and make security seamless, it has to be built into the foundations. It can't be this extra thing that you kind of glob on the side, because it then ruins the overall experience for the users. The nice thing about DNS is its ubiquitous, and you can apply the security, regardless of what the endpoint and application is, because the common denominator they choose they get an IP address and they use DNS. >> And DNS has such a great track record over the years of having layers of abstractions on top of it to pace with the functionality and it's really been an operating model and you bring up the different security packages and postures for each thing. And you mentioned, you know, the old days security guy, oh, no we're killing that, no we're going this way. That was the operational model, but now with DevOps, you put a Cloud earlier, DevOps has proven that agility, speed scale can work, and how to security catch up? It's an operating model. So this is really kind of the key epiphany is, hey, VPNs, that's not the experience that people want. And, you know, I was just talking with someone from Amazon this morning in another interview segment and the discussion was new expectations, new solutions. So that's kind of what we're seeing right now. So how do you enable that out at speed by not screwing over the operations people, right? So 'cause they got to be, operationally, I need to be really rock solid, so you need automation, you got to have those factors and requirements built in, but you got the agility for development. your reaction> >> Yeah, absolutely. We see that especially is one of the things about 'cause DNS essentially ubiquitous. You can apply similar security controls regardless of the environment. So, right now I'm stuck at home because of the COVID virus. So again, I'm going to use DNS, I go through one of our Cloud platforms, I have DNS applying the security controls there. But within the same thing because DNS works as one ubiquitous system and it's like how the internet works with DNS is quite easily, not only can you block malicious threats for myself, but also you can push that same block mitigation to a DNS server that's running in AWS. So if your workload that may also have been compromised, trying to go to the same malicious domain, you can also be blocked by DNS. And so that ubiquity, the fact that it's built as this ubiquitous system, mean one thing is very different in the networking world standards are great. We can plug different things together, they all kind of fit together nicely. Insecurity is not normally that not only the cases, normally, you've got this jigsaw puzzle, where all the pieces don't really fit together. The nice thing with DNS is is absolutely ubiquitous. So one basic example is, if I try to go to a malicious domain, or I tried to steal data over DNS, not only would we be able to block it, but we'd also be able to dynamically share that mitigation to all of the on prem DNS servers, the DNS servers rather in your public or private Cloud, and for all the other like remote users. So the fact you've got this pre built fabric, and it's not that we're security geniuses, it's just it happens to already be there because of DNS and how DNS has been developed over the last 30 or 40 years. So I think the nice thing about it is a lot of organizations are starting to realize that you've got this foundation already there. Ostensibly, it's there for networking purposes, but the ability to repurpose all the core assets of DNS, the scalability, the flexibility, adaptability, the ubiquity, all those things are there by default. Why don't you use that as the new foundation for that next gen security architecture? >> And you know, you got me as a fan, I'll say that right away, because when we think about the simplicity of going to the low level building block in DNS, it fits for what I said earlier, the future of work, the word Work, workplace, workforce, workload, workflows, no matter what it is, it works across. So it's a consistent, primitive. I mean, it makes total sense. Why would you want to have different things. So again, this brings up the whole foundational level of DDI that's got my interest. And I want you to explain this for folks, because I think it's not obvious. Abstractions are pretty clear, people get abstraction layers, reduce complexity, and increase functionality and capability. But DDI, you guys have from a foundational security standpoint, is kind of the unique thing Infoblox has. How is that different, DDI from other offerings in the security stack? >> Yeah, I think the one thing is pretty unique, especially when it comes to DNS is the fact that it's built together as this ubiquitous system, and it's there by default. I mean, otherwise, the internet just wouldn't work. So the nice thing is, is that if you deploy a DNS system we can deploy as a grid, so whether it's the an appliance running on prem or sitting in a public Cloud, or even for roaming users who are going through one of our points of presence, it works as one big ubiquitous system, whereas you take like traditional firewalls, you're configuring these devices separately, and you have to manually stitch it together. And you take multiple different vendors and you know, it doesn't quite fit neatly together. DNS is based on the standard, you could take a DNS server for master DNS server from another company and because it's based on standards, it will work seamlessly together, in fact, that the threat mitigation mechanism where you distribute threat intelligence to tell the DNS, what is the malicious domains or IP addresses to block is based on so called response policy zones. That's been part of the DNS standard since 2010. And it works seamlessly across multiple vendors, whereas in the security world, as I said, it's kind of like a jigsaw where you get all the pieces together that you think you need and then the burden is always on the customer or the organization to then piece these things together and as a chief source it doesn't fit together. I can see that burden can cause a hell of a lot of issues for a lot of the customers. >> Yeah, I got to ask you since DNS is so foundational to element *and have all internet activities obviously, you know URLs is DNS, it's string actually. So everything's based on DNS, how it resolves. So what what about the, how would you respond if someone said, hey, you know, I don't even know DNS is still around. I know it's palm. It's underneath there somewhere, I don't even have to deal with it, it just runs things, we've been using it for years. What's the big deal? So how do you go in and say, hey, customer, hey, enterprise, you're not borderless, I get a hitch. But they have DNS. How do they modernize it? How do they assess it? How do you go in and some of the young kids don't even know what DNS might even is? I mean, like, it's a new, so like, *what do you go where, how do you approach that and what's the pitch because they got it and as an opportunity to innovate. what's the story there? >> *Is really two aspects to it. The first one is, I mean, DNS is a bit like oxygen. If it's not there, you really need to notice it. You just take when we had the Mirai botnet attack a few years back, all these organizations suddenly realized how important DNS is. And there's a reason why DNS is the number one attack vector for DDoS attacks. If I'm an adversary, I could try and take out individual applications it's going to take me forever. I take out your DNS, everything's going to stop. I mean, it's that *foundational z. But because its been >> *Hackers no problem, yeah. >> Exactly, so and for that reason, that's why it's constantly targeted. So firstly, my first pitch to customers is, you've got to take this stuff seriously, because when it goes down, everything is down. And the impact to your organization, not just from a brand reputation, but just from running your business is going to be huge. But on top of that, the way to think of DNS is, the nice thing is is you don't have to change your network architecture. If you think about a typical user who clicks on a phishing link. When they click on a phishing link, who's going to see the malicious requests first? Is it your firewall? No, your DNS server. Because you made the request, you have to resolve the malicious domain that you're going to try and connect to. You need to find out the IP address of it. So your DNS server and it's been proven multiple studies that, the vast majority of malware uses DNS as its control plane. So if you want to understand what the bad guys are doing, you know, your DNS servers got a front row seat to exactly what the bad guys are doing. And to implement security on it is you don't have to change your network architecture, because your DNS is already there by default. All you need to do is infuse it with security knowledge, whether that is machine learning, analytics or threat intelligence. But those DNS servers are ideally positioned. They're going to see the malicious activity, regardless of what the application is. So it's foundational, not just in terms of, if it's not there, it's going to cause a massive issue to your field or environment anyway. But even if you secure the DNS, the DNS is also this wonderful tool that is in all the right places and it's also deeper into the network. One of the challenges you mentioned about operations is the challenges is okay, you can block malware but if you don't know the source address of the device that is actually trying to make the request, you don't know what to go and clean up, where's your DNS server, your DHCP server knows exactly who it is because we handed out the IP address, we know the MAC address, we know the IP address, we know the user name, we have all that information that is going to be critical for security operations. And now you can see what *it's or about maybe the first report, you start to see that organizations are waking up to the fact that you have this treasure trove of security operations data that you haven't tapped largely for political reasons, because the security guys can't reach over and grab the necessary DDI network context from those DNS platforms, because typically they're owned by the networking or the server team. >> Before we get into that *force reports, I think that had some threat investigation data. What you're getting at about this DNS is that basically, it's critical infrastructure. And if you try to forget about it, 'cause it works, you lose sight of the real opportunity, which is, if it's critical infrastructure, you got to treat it like critical infrastructure, and make sure it's modernized, refreshed in the right position to manage all this, right? >> Absolutely. Absolutely, yeah. It's unfortunate With the Mirai botnet attack. A lot of organizations, as they said well, okay, we'll just outsource this, we don't have to worry about it. But when it wasn't there, and it wasn't the fact that, I mean, it was an attempt to take out like Minecraft servers. Nothing to do with most of the businesses who were impacted, but there was a lot of collateral damage. And unfortunate is like one of those things is because DNS is a victim of its own success. The fact that is reliable, it is consistent. You don't have lots of DNS outages typically. As a result of that people tend to forget about how critical it is as the role it plays in serving all of your applications and your users. >> Let's get into the *fourth report 'cause they surveyed a bunch of hundreds of security and risk management leaders, both compliance and also security pros that are using DNS, what were your key thoughts on the takeaways from that study? What should people know about it? >> It's very encouraging as up in Infoblox about five years when I first joined, the usage of DNS as a network context as a way to help with security operations is very, very low. And that causes all sorts of issues for organizations when it comes to doing security operations. I mean, a prime example is, the guys who work in security operations, that is the biggest issue for customers right now. They've bought almost too much security gear. And each of those security tools and platforms, they're generating security events. So again, security events from your firewall, or from your IPS or from your neck system, or whatever it happens to be and the burden now falls on the security operations teams. And it's been proven that there's huge amounts of open opportunities because there just, isn't enough trained security operations staff and the ones who are already in the business, are massively overworked and struggle to get through all the security events that have been firing from their security operations tools. So for what I was encouraging from the first report is that organizations are realizing that DHCP is going to help* you be able to identify the fact that these two security events seem completely separate. One of them is got a source address of 10.1, the other ones 20.1, well, you know what? This laptop moved from one side the building to the other and got a different address, it's actually the same device. But based on the traditional security events you're getting from the existing tools, you know, you're going to think it's two separate events, and they're not. Likewise, one of the things that's coming out is that people start to use DNS as an audit trail. And one of the challenges for organizations is, if you get a data breach, what's one of the first questions a journalist is going to ask you is like, well, what is the scope of the breach? What was impacted? And quite often organizations are not prepared. They come back and say, well, at this stage, we don't know. That's a great way for a CEO or CFO to get fired. So a smarter way of doing it is, if you think about you got the devices under investigation, the DNS queries that those* machines have been making is a wonderful audit trail of not just the external resources it's been accessing, but also the internal resources as well, what has been potentially exposed. So I think from the forest report, we're certainly seeing people realizing what were their biggest challenges security operations. Essentially, the DDI data is almost like the oil that's going to grease the wheels of security operations. And if you don't do that, buying more security gear, it's not going to make the problem better, it's actually going to make it worse unless you can operationalize it. >> Yeah, at the end of the day, the failures right there in the low level of critical infrastructure and building floors no one cares what happened on the 10th floor foundations. I got to get your thoughts on this because as you guys have DDI abstraction, DNS, you know, as it's growing, had its evolutions with abstractions, you know, as these things kind of flex, used to be an old expression DNS tricks, you know, you would mangle DNS, and it was a naming system. So you use it the way you use it and then new innovation layers create more upside and more, takes away complexities. How does DNS scale enable value? Because now you got Cloud, you got Cloud native, new software's being written and developers want to rely on the DNS as a critical infrastructure, but also want to be enabled to have, you know, really robust applications. >> Yeah and I think with the, given the fact that all the work has been put into DNS over the last 20 or 30 years, work has resolved in a very highly available very resilient system. And so a lot of stuff has to go wrong for DNS to fully go down. And it's easy to just take things like *Anycast, Anycast allows you to connect to the nearest DNS server, that's going to give you the resolution. So it's going to give you the best performance. This also can give you the high availability and resilience that goes along with that. And I think also from the security guys point of view, is if all the things that we've started to realize is that DNS is a great avenue by which you can detect somewhat unique threats. So one of the things that comes up quite a lot, we're starting to see old malware being re weaponized to exfiltrate data over DNS. So if you're a DevOps guy, and you're building your new application, if someone compromises your application, if I tried to extract the data over HTTP or email, you probably have a solution for that. 6But how many organizations have visibility in the billions of DNS queries that's going to come out your network in a day. Which ones are those might be actually data that has been stolen, it gets encoded and corrupted, chopped up and sent out and DNS packets. Is very difficult for traditional security appliances to understand and really differentiate between legitimate DNS requests, the malicious ones are actually the ones who are benign applications that essentially tunnel over DNS because they're trying to bypass firewalls. So increasingly, DNS is a threat vector for basic data loss. It's also important to understand is really gives you a window into what the adversary is doing. So not just when it comes to data exfiltration, but other things like domain generation algorithms that allow adversaries to maintain control of devices that they compromised. So a lot of that stuff is not just about the high availability and the ubiquity of DNS, but also making sure you can be fully on top of the potential impact of DNS being exploited as a potential backdoor out of your network. >> Critical infrastructure, but also that's where you're going to see the footprints of any kind of activity right there, it's a great observation space as well for detection and analysis, great stuff. Craig, thank you for taking the time, great insight, great conversation. DNS is critical infrastructure, get on it, and people are on it, they're going to go the next level. Getting the next level networking experience is about having that security always on high availability, and protecting the bad guys. Craig, thanks for joining me on this CUBE conversation for the Infoblox virtual event. Thank you. >> Pleasure. Thanks for having me. >> Okay, that's the CUBE coverage of Infoblox is next level networking virtual event. I'm John Furrier, your hosts of the CUBE. Thanks for watching. (upbeat music)

>> Announcer: Live from New York City It's TheCube. Covering CyberConnect 2017. Brought to you by Centrify and the Institute for Critical Infrastructure Technology. >> It got out of control, they were testing it. Okay, welcome back everyone. We are here live in New York City for CyberConnect 2017. This is Cube's coverage is presented by Centrify. It's an industry event, bringing all the leaders of industry and government together around all the great opportunities to solve the crisis of our generation. That's cyber security. We have Cricket Liu. Chief DNS architect and senior fellow at Infoblox. Cricket, great to see you again. Welcome to theCUBE. >> Thank you, nice to be back John. >> So we're live here and really this is the first inaugural event of CyberConnect. Bringing government and industry together. We saw the retired general on stage talking about some of the history, but also the fluid nature. We saw Jim from Aetna, talking about how unconventional tactics and talking about domains and how he was handling email. That's a DNS problem. >> Yeah, yeah. >> You're the DNS guru. DNS has become a role in this. What's going on here around DNS? Why is it important to CyberConnect? >> Well, I'll be talking tomorrow about the first anniversary, well, a little bit later than the first anniversary of the big DDoS attack on Dyn. The DNS hosting provider up in Manchester, New Hampshire. And trying to determine if we've actually learned anything, have we improved our DNS infrastructure in any way in the ensuing year plus? Are we doing anything from the standards, standpoint on protecting DNS infrastructure. Those sorts of things. >> And certainly one of the highlight examples was mobile users are masked by the DNS on, say, email for example. Jim was pointing that out. I got to ask you, because we heard things like sink-holing addresses, hackers create domain names in the first 48 hours to launch attacks. So there's all kinds of tactical things that are being involved with, lets say, domain names for instance. >> Cricket: Yeah, yeah. >> That's part of the critical infrastructure. So, the question is how, in DDoS attacks, denial-of-service attacks, are coming in in the tens of thousands per day? >> Yeah, well that issue that you talked about, in particular the idea that the bad guys register brand new domain names, domain names that initially have no negative reputation associated with them, my friend Paul Vixie and his new company Farsight Security have been working on that. They have what is called a -- >> John: What's the name of the company again? >> Farsight Security. >> Farsight? >> And they have what's called a Passive DNS Database. Which is a database basically of DNS telemetry that is accumulated from big recursive DNS servers around the internet. So they know when a brand new domain name pops up, somewhere on the internet because someone has to resolve it. And they pump all of these brand new domain names into what's called a response policy zone feed. And you can get for example different thresh holds. I want to see the brand new domain names created over the last 30 minutes or seen over the last 30 minutes. And if you block resolution of those brand new domain names, it turns out you block a tremendous amount of really malicious activity. And then after say, 30 minutes if it's a legitimate domain name it falls off the list and you can resolve it. >> So this says your doing DNS signaling as a service for new name registrations because the demand is for software APIs to say "Hey, I want to create some policy around some techniques to sink-hole domain address hacks. Something like that? >> Yeah, basically this goes hand in hand with this new system response policy zone which allows you to implement DNS policy. Something that we've really never before done with DNS servers, which that's actually not quite true. There have been proprietary solutions for it. But response policy zones are an open solution that give you the ability to say "Hey I do want to allow resolution of this domain name, but not this other domain name". And then you can say "Alright, all these brand new domain names, for the first 30 minutes of their existence I don't want-- >> It's like a background check for domain names. >> Yeah, or like a wait list. Okay, you don't get resolved for the first 30 minutes, that gives the sort of traditional, reputational, analyzers, Spamhaus and Serval and people like that a chance to look you over and say "yeah, it's malicious or it's not malicious". >> So serves to be run my Paul Vixie who is the contributor to the DNS protocol-- >> Right, enormous contributor. >> So we should keep an eye on that. Check it out, Paul Vixie. Alright, so DNS's critical infrastructure that we've been talking about, that you and I, love to riff about DNS and the role What's it enabled? Obviously it's ASCII, but I got to ask you, all these Unicode stuff about the emoji and the open source, really it highlight's the Unicode phenomenon. So this is a hacker potential haven. DNS and Unicode distinction. >> It's really interesting from a DNS standpoint, because we went to a lot of effort within the IETF, the Internet Engineering Task Force, some years ago, back when I was more involved in the IETF, some people spent a tremendous amount of effort coming up with a way to use allow people to use Unicode within domain name. So that you could type something into your browser that was in traditional or simplified Chinese or that was in Arabic or was in Hebrew or any number of other scripts. And you could type that in and it would be translated into something that we call puny code, in the DNS community, which is an ASCII equivalent to that. The issue with that though, becomes that there are, we would say glifs, most people I guess would say characters, but there are characters in Unicode that look just like, say Latin alphabet characters. So there's a lowercase 'a' for example, in cyrillic, it's not a lowercase 'a' in the Latin alphabet, it's a cyrillic 'a', but it looks just like an 'a'. So it's possible for people to register names, domain names, that in there Unicode representation, look like for example, PayPal, which of course has two a's in it, and those two a's could be cyrillic a's. >> Not truly the ASCII representation of PayPal which we resolve through the DNS. >> Exactly, so imagine how subtle an attack that would be if you were able to send out a bunch of email, including the links that said www.-- >> Someone's hacked your PayPal account, click here. >> Yeah, exactly. And if you eyeballed it you'd think Well, sure that's www.PayPal.com, but little do you know it's actually not the -- >> So Jim Ruth talked about applying some unconventional methods, because the bad guys don't subscribe to the conventional methods . They don't buy into it. He said that they change up their standards, is what I wrote down, but that was maybe their sort of security footprint. 1.5 times a day, how does that apply to your DNS world, how do you even do that? >> Well, we're beginning to do more and more with analytics DNS. The passive DNS database that I talked about. More and more big security players, including Infoblox are collecting passive DNS data. And you can run interesting analytics on that passive DNS data. And you can, in some cases, automatically detect suspicious or malicious behavior. For example you can say "Hey, look this named IP address mapping is changing really, really rapidly" and that might be an indication of let's say, fast flux. Or you can say "These domain names have really high entropy. We did an engram analysis of the labels of these". The consequence of that we believe that this resolution of these domain names, is actually being used to tunnel data out of an organization or into an organization. So there's some things you can do with these analytical algorithms in order to suss out suspicious and malicious. >> And you're doing that in as close to real time as possible, presumably right? >> Cricket: That's right. >> And so, now everybody's talking about Edge, Edge computing, Edge analytics. How will the Edge effect your ability to keep up? >> Well, the challenge I think with doing analytics on passive DNS is that you have to be able to collect that data from a lot of places. The more places that you have, the more sensors that you have collecting passive DNS data the better. You need to be able to get it out from the Edge. From those local recursive DNS servers that are actually responding to the query's that come from say your smart phone or your laptop or what have you. If you don't have that kind of data, you've only got, say, big ISPs, then you may not detect the compromise of somebody's corporate network, for example. >> I was looking at some stats when I asked the IOT questions, 'cause you're kind of teasing out kind of the edge of the network and with mobile and wearables as the general was pointing out, is that it's going to create more service area, but I just also saw a story, I don't know if it's from Google or wherever, but 80% plus roughly, websites are going to have SSL HTBS that they're resolving through. And there's reports out here that a lot of the anti virus provisions have been failing because of compromised certificates. And to quote someone from Research Park, and we want to get your reaction to this "Our results show", this is from University of Maryland College Park. "Our results show that compromised certificates pose a bigger threat than we previously believed, and is not restricted to advanced threats and digitally signed malware was common in the wild." Well before Stuxnet. >> Yeah, yeah. >> And so breaches have been caused by compromising certificates of actual authority. So this brings up the whole SSL was supposed to be solving this, that's just one problem. Now you've got the certificates, well before Stuxnet. So Stuxnet really was kind of going on before Stuxnet. Now you've got the edge of the network. Who has the DNS control for these devices? Is it kind of like failing? Is it crumbling? How do we get that trust back? >> That's a good question. One of the issues that we've had is that at various points, CAs, Certificate Authorities, have been conned into issuing certificates for websites that they shouldn't have. For example, "Hey, generate a cert for me". >> John: The Chinese do it all the time. >> Exactly. I run www. Bank of America .com. They give it to the wrong guy. He installs it. We have I think, something like 1,500 top level certification authorities. Something crazy like that. Dan Komenski had a number in one of his blog posts and it was absolutely ridiculous. The number of different CA's that we trust that are built into the most common browsers, like Chrome and Firefox and things like that. We're actually trying to address some of those issues with DNS, so there are two new resource records being introduced to DNS. One is TLSA. >> John: TLSA? >> Yeah, TLSA. And the other one is called CAA I think, which always makes me think of a California Automotive Association. (laughter) But TLSA is basically a way of publishing data in your own zone that says My cert looks like this. You can say "This is my cert." You can just completely go around the CA. And you can say "This is my cert" and then your DNS sec sign your zone and you're done. Or you can do something short of that and you can say "My cert should look like this "and it should have this CA. "This is my CA. "Don't trust any other one" >> So it's metadata about the cert or the cert itself. >> Exactly, so that way if somebody manages to go get a cert for your website, but they get that cert from some untrustworthy CA. I don't know who that would be. >> John: Or a comprimised-- >> Right, or a compromised CA. No body would trust it. No body who actually looks up the TSLA record because they'll go "Oh, Okay. I can see that Infoblox's cert that their CA is Symantech. And this is not a Symantech signed cert. So I'm not going to believe it". And at the same time this CAA record is designed to be consumed by the CA's themselves, and it's a way of saying, say Infoblox can say "We are a customer of Symantech or whoever" And when somebody goes to the cert and says "Hey, I want to generate a certificate for www.Infoblox.com, they'll look it up and say "Oh, they're a Symantech customer, I'm not going to do that for you". >> So it creates trust. So how does this impact the edge of the network, because the question really is, the question that's on everyone's mind is, does the internet of things create more trust or does it create more vulnerabilities? Everyone knows it's a surface area, but still there are technical solutions when you're talking about, how does this play out in your mind? How does Infoblox see it? How do you see it? What's Paul Vixie working on, does that tie into it? Because out in the hinterlands and the edge of the network and the wild, is it like a DNS server on the device. It could be a sensor? How are they resolving things? What is the protocol for these? >> At least this gives you a greater assurance if you're using TLS to encrypt communication between a client and a web server or some other resource out there on the internet. It at least gives you a better assurance that you really aren't being spoofed. That you're going to the right place. That your communications are secure. So that's all really good. IOT, I think of as slightly orthogonal to that. IOT is still a real challenge. I mean there is so many IOT devices out there. I look at IOT though, and I'll talk about this tomorrow, and actually I've got a live event on Thursday, where I'll talk about it some more with my friend Matt Larson. >> John: Is that going to be here in New York? >> Actually we're going to be broadcasting out of Washington, D.C. >> John: Were you streaming that? >> It is streamed. In fact it's only streamed. >> John: Put a plug in for the URL. >> If you go to www.Infoblox.com I think it's one of the first things that will slide into your view. >> So you're putting it onto your company site. Infoblox.com. You and Matt Larson. Okay, cool. Thursday event, check it out. >> It is somewhat embarrassingly called Cricket Liu Live. >> You're a celebrity. >> It's also Matt Larson Live. >> Both of you guys know what you're talking about. It's great. >> So there's a discussion among certain boards of directors that says, "Look, we're losing the battle, "we're losing the war. "We got to shift more on response "and at least cover our butts. "And get some of our response mechanisms in place." What do you advise those boards? What's the right balance between sort of defense perimeter, core infrastructure, and response. >> Well, I would certainly advocate as a DNS guy, that people instrument their DNS infrastructure to the extent that they can to be able to detect evidence of compromise. And that's a relatively straight forward thing to do. And most organizations haven't gone through the trouble to plumb their DNS infrastructure into their, for example, their sim infrastructure, so they can get query log information, they can use RPZs to flag when a client looks up the domain name of a known command and control server, which is a clear indication of compromise. Those sorts of things. I think that's really important. It's a pretty easy win. I do think at this point that we have to resign ourselves to the idea that we have devices on our network that are infected. That game is lost. There's no more crunchy outer shell security. It just doesn't really work. So you have to have defensive depth as they say. >> Now servs has been around for such a long time. It's been one of those threats that just keeps coming. It's like waves and waves. So it looks like there's some things happening, that's cool. So I got to ask you, CyberConnect is the first real inaugural event that brings industry and some obviously government and tech geeks together, but it's not black hat or ETF. It's not those geeky forums. It's really a business community coming together. What's your take of this event? What's your observations? What are you seeing here? >> Well, I'm really excited to actually get the opportunity to talk to people who are chiefly security people. I think that's kind of a novelty for me, because most of the time I think I speak to people who are chiefly networking people and in particular that little niche of networking people who are interested in DNS. Although truth be told, maybe they're not really interested in DNS, maybe they just put up with me. >> Well the community is really strong. The DNS community has always been organically grown and reliable. >> But I love the idea of talking about DNS security to a security audience. And hopefully some of the folks we get to talk to here, will come away from it thinking oh, wow, so I didn't even realize that my DNS infrastructure could actually be a security tool for me. Could actually be helpful in any way in detecting compromise. >> And what about this final question, 'cause I know we got a time check here. But, operational impact of some of these DNS changes that are coming down from Paul Vixie, you and Matt Larson doing some things together, What's the impact of the customer and they say "okay, DNS will play a role in how I role out my architecture. New solutions for cyber, IOT is right around the corner. What's the impact to them in your mind operationally. >> There certainly is some operational impact, for example if you want to subscribe to RPZ feeds, you've got to become a customer of somebody who provides a commercial RPZ feed or somebody who provides a free RPZ feed. You have to plumb that into your DNS infrastructure. You have to make sure that it continues transferring. You have to plumb that into your sim, so when you get a hit against an RPZ, you're notified about it, your security folks. All that stuff is routine day to day stuff. Nothing out of the ordinary. >> No radical plumbing changes. >> Right, but I think one of the big challenges in so many of the organizations that I go to visit, the security organization and the networking organization are in different silos and they don't necessarily communicate a lot. So maybe the more difficult operational challenge is just making sure that you have that communication. And that the security guys know the DNS guys, the networking guys, and vice versa. And they cooperate to work on problems. >> This seems to be the big collaboration thing that's happening here. That it's more of a community model coming together, rather than security. Cricket Liu here, DNS, Chief Architect of DNS and senior fellow of Infoblox. The legend in the DNS community. Paul Vixie amongst the peers. Really that community holding down the fort I'll see a lot of exploits that they have to watch out for. Thanks for your commentary here at the CyberConnect 2017 inaugural event. This is theCUBE. We'll be right back with more after this short break. (techno music)

>> Hello, we are here On the Ground. This is theCUBE's On the Ground program at Centrify's Headquarters. We go to Cricket Liu, chief DNS officer at Infoblox. Been with the company from the beginning. Great to see you again. Wrote the book on DNS. What year was that? That was between DNS, was like, when I was born. >> Yeah, 1992. September 1992 was when it was published. >> Great to see you. We've done some podcasts together over the years. >> Yeah, good to see you too. >> DNS, now obviously global, ICANN's now global, it's part of the U.N., all different governance bodies, but it's certainly still critical infrastructure. >> Yeah, absolutely. >> Critical infrastructure is now the big conversation as the security paradigm has moved from data center to the Cloud, there's no perimeter anymore. >> Yeah. >> How is that changing the DNS game? >> Well, I think that folks are starting to realize how critical DNS is. In October of last year, we had that huge DDoS attack against Dyn, the big DNS hosting provider in New Hampshire and I think that woke a lot of folks up. A lot of folks realized, holy cow, these guys are not too big to fail as they say. Even though they have enormous infrastructure, widely distributed around the globe, they have such a concentrational power that a huge number of really, really popular web properties were inaccessible for quite sometime, so I think that caused a lot of people to look at their own DNS infrastructure and to reevaluate it and say, well maybe I need to do something. >> Interesting about the stack wars that are going on, that attack, as we've lived through and you've been part of it as chief technical officer in many companies. DNS was always that part where it'd be secure but now you have block change, you have new kinds of infrastructure with mobile computing now over 10 years post iPhone. >> Yep, the critical moment. >> How has infrastructure changed, beyond DNS 'cause it still needs to work together? >> Yeah, well, it's funny because we do have all of these new types of devices. We do have new technologies. But a lot of things have remained the same. DNS is still the same. The remarkable thing is that the latest version in my book is 10 years old, actually 11 years old now, so it's older than the iPhone and people still buy it because the underlying theory is still the same. It hasn't changed. It's a testament, really, to the quality of the original design of DNS that it still works for anything and that it's scaled to serve a network as diverse and as large as the internet is today. >> What's your biggest observation, looking back over the past decade with DNS, about the emergence of virtual machines, now Cloud. Again, the game is still the same 'cause DNS is the plumbing and it provides a lot of the key critical infrastructure for the web and now mobile. What's the biggest observations that you've seen over the decade? >> Well I'd say one of the things that's happened over the last several years that's maybe the most important development in DNS is something that we call response policy zones. Up until now, DNS servers have just been sort of blithely complicit when it comes to, for example, malware. Malware wakes up on a device and it assumes that it has DNS available to it and it uses DNS, for example, to find command to control server, maybe a drop server to exfiltrate data to. In the DNS server, even though it's being asked to look up the address record for CommandAndControlServer.Malware.Org, it just happily goes along with it. A few years ago, Paul Vixie, who I've known for a very long time, came up with this idea called response policy zones which is basically to imbue our DNS servers with resolution policy so that you can tell them, hey if you get a query for a domain name that we know is being used maliciously, don't answer it. Don't resolve it like you normally do. Instead, hand back a little white lie like that doesn't exist and moreover, log the fact that somebody looked it up because it's a good indication that they're infected. >> So bringing policy to DNS is really making it more intelligent. >> Yeah, that's right. >> And certainly as networks grow, I was just watching some of my friends setting up the wireless at Burning Man and the whole new change of how Wi-Fi is being deployed and how networks are being constructed is really coming down to some of the basic principles of DNS to route more, be responsive, and this is kind of a new change. >> Yeah, there's a lot going on in changes to the deployment of DNS. It used to be that most big companies ran all their own DNS infrastructure. At this point, I think most large companies don't bother running, for example, what we'd call their external authoritative DNS infrastructure. They give that to a big hosting provider to do, somebody like Dyn or Verisign or Neustar or somebody like that, so that's a big change. >> Cricket, I want to ask you about the CyberConnect Event going on in New York. Infoblox is involved. Security is paramount, so now an industry event. Centrify is the main sponsor. You guys are involved as a vendor, but it's not a vendor event, it's a industry event. It's a broad category. What's your thoughts on this kind of industry event? Usually in events it's been Black Hat or vendor events pushing their wares and selling their stuff but now security is global. What's your take on this event? >> Well, I'm hoping to be able to spend a little bit of time talking to folks who come to the event about DNS and how it can be used as a tool in their security tool chain. The folks who come to us as Infoblox to our events already know about DNS. They're already network administrators or they're responsible for DNS or something like that. My hope is that we can reach a broader audience through CyberConnect and actually talk to folks who maybe haven't considered DNS as a security tool. Who maybe haven't thought about the necessity to bolster their DNS infrastructure. >> One final question since we're on bonus material time. I've got to ask you about the global landscape. I mean, in my early days involved in DNS when I came was from the '98 to the 2000 time frame. International domain names were Unicode. That's not ASCII. So that technically wasn't DNS, but still, they were keywords. They had this global landscape in, say, China, that actually wasn't DNS so there's all these abstraction layers. Has anything actually evolved out of that trend of really bringing an abstraction layer on top of DNS and certainly now with the nation-states with security are issues, China, Russia, et cetera. How does all that play out? >> Well, international domain names have actually taken off in some areas. And basically it's as you say, you have the ability now to use Unicode labels in domain names in certain contexts, for example, if you're using your web browser you can type in a Unicode domain name and then what the web browser does is it translates it into an equivalent ASCII representation and then resolves it using DNS which is the traditional DNS that doesn't actually know about Unicode. There are actually some very interesting security implications to using Unicode. For example, people can register things that have Unicode, we would say, glyphs in them that look exactly like regular ASCII characters. For example, you could register paypal.com where the A's are actually lowercase A's in Cyrillic. It's not the same code point as an ASCII A. So it's visually. >> Great for hackers. >> Oh yeah. Visually indistinguishable from paypal.com in a lot of contexts and people might click on it and go to a page that looks like PayPal's. >> John: So its a phishing dream. >> Yeah, really dangerous potentially and so we're working out some of the implications of that, trying to figure out, within, for example, web browsers, how do we protect the user from things like this? >> And a lot of SSL out there, now you're seeing HTTPS everywhere. Is that now the norm? >> Yeah, actually, within the internet engineering task force, the IETF, after it became obvious that state-sponsored-- >> John: Attacks. >> Eavesdropping. >> You were smiling. >> Was kind of the norm. >> Got to find the right word. >> Yeah, the IETF embarked on an effort called DPRIVE and DPRIVE is basically a bunch of individual tracks to encrypt basically every single part of the DNS channel, especially that between what we call a stub resolver and the recursive DNS server so that if you're a customer here in the United States and a subscriber to an ISP like Comcast or whomever, you can make sure that that first hop between your computer and the ISP is secured. >> We're getting down and dirty under the hood with Cricket Liu on DNS. I got to ask kind of up level to the consumer. One of the things that kind of pisses me off the most when I'm surfing the web is you see the browser doesn't resolve or you go hit someone's website, oh yeah, something.io, these new domain names, top level gTLDs are out there, .media, all these, and companies have firewalls or whatever their equipment is and it doesn't let it through. Because they're trying to protect the perimeter still, must be, I mean, what does that mean when companies aren't letting those URLs then, it is a firewall issue or is it more they're still perimeter based, they're not resolving it, they're afraid of malware? Somethings aren't resolving in? What does that mean? >> Well I think as often as not it's an operational problem. It could be just a misconfiguration on the part of the folks who are hosting the target website's DNS. It could be that. I don't know a lot of folks who-- >> So it's one of their policies or something, it's just kind of locking down. >> Could be that too. Or it could be, for example, that they have a proxy server and they're trying to limit access to the internet by category. Maybe it does categorization and filtering by-- >> Can you work on that? Can you write some code for that? Well thanks, great to see you, thanks for sharing this conversation here On The Ground at Centrify. >> You're welcome. >> And good luck with the CyberConnect Conference. >> Yeah, nice to see you too. >> Alright, I'm John Furrier with On The Ground here on theCUBE at Centfity's headquarters in Silicon Valley. Thanks for watching.

>> Narrator: From around the globe, It's the CUBE with digital coverage of next level network experience event. (upbeat music) Brought to you by Infoblox. >> Everyone welcome back to the CUBE's coverage and co-hosting of the Infoblox next level networking experience virtual event. With a pop up event, only a few hours, but four great segments. Officer Stu Miniman helped me kick it off this morning, and Stu, I want to bring you in, Stu Miniman who's the... He host for the CUBE, covering networking with me Stu we do all the cloud native shows. We can, we can smell what's relevant, and I want to get your take on this, because, Infoblox putting out some pretty good content with some great guests. But, next level networking, let's just unpack that, next level networking and next level networking experience. The word experience changes the context of that definition, because going the next level with networking is one thing, having an experience is another, just what's your take, you seen, we talk about this all the time, what's your take? >> Yeah, so John, one of the words that we've talked about so much is, how do we simplify this environment? Networking is known for its complexity. Too often, it's, stuck down in protocols and just the arcane arts that I don't want to think about. Networking at its best, is just going to work. And I don't want to think about it, so, if I'm adopting SaaS models, if I'm going cloud native, it should, tie into everything else we're doing. What I was hearing, the themes, John, and the interviews you discussed, they're talking about SaaS, they're talking about cloud native, things like visibility, moving real time, really changes so much of these environments, so, IP addresses used to be a lot more static. We know now, things just change constantly and that's one of the big challenges. How do I monitor that environment? How do I keep them secure? And that's where modern environments need to go to the next level to be able to keep up with all of those changes. >> The word experience means something to me in a sense, I think contemporary, right? I think something new, relevant and cool, and still we're old enough to remember the '80s and '90s, and I was coming out of college late '80s, and I remember I never had a punch, I never did any program with a punch card. I was kind of the young gun, coming into the workforce with a technical degree, and I remember looking at the mainframe guys going, "who are those old relics?" And they, those guys hung onto their job as long as they could, and the smart ones moved and said, "Hey, I'm going to jump on this mini computer bandwagon, Oh, there's inter networking and local area networking that the PC toys are attaching to, that's interesting." And so you had a migration of systems talent move to the new, the new way. Some didn't, and I look at that and I say, hmm, that's similar to what's going on in networking, if you're the old networking guy or gal, and you're hugging onto the router, or you're hugging onto that old way, you could be extinct, because there is a new experience coming. It's programmable, it's automation, it's different. It's not, the big, old way, similar to the mainframe. So, a lot of psychology in this networking industry right now is, and the young people come in. It's like, why we do it that way? This to me is about next level networking, experience. Your reaction to that. >> Yeah, well, John, it's been interesting here in 2020, you talk about the acceleration of things moving, people that were dipping their toe in cloud and have to move in a matter of weeks, if not, hours and days to get things up and running. So, leveraging software, open source is a big component of what a lot of companies are doing, and of course, cloud and that cloud experience means in the public cloud and edge environments, you talked a bit about IOT in some of these cases, the order of magnitude of networking challenges that are out there are such that I have to have automation, it needs to be simpler because I could not do things the manual old way. John, I lived through so many generations, you work with people in the networking, it's manually done. It was done via CLI, because I knew how to do it. Maybe I did some scripting, but in today's day and era, things change too fast and the amount of work that needs to be done is so much so that that's why automation needs to be front and center. And you see Infoblox, as some of their new solutions, especially leveraging SnapRoute take advantage of the modern way that people need to do things. >> Well, we actually did a deep dive on SnapRoute and it was super impressive, again, I thought it was way too early, but they were doing some stuff with Kubernetes thinking, just thinking like Linux kernel, low level thinking. And I think Stu, this is what I want to get your thoughts on, because in the industry we cover Cisco aggressively. We saw them by open DNS, manage services versus low level, we got automation, you got Amazon out there, I mean, hell I can just have a screen that goes in and manages my DNS in the cloud, I can start thinking differently about how I wire my services together, if I think about Amazon, for instance, or hybrid and multicloud, this a whole new level of thinking. And, these are going to be new solutions, and this is the theme that came up and it's come up across every single major vendor, whether we're talking the Google cause they have a pretty damn good network. You got Cisco, you've got, all these people out there, they got to reinvent themselves. And, new expectations require new solutions. This has been something that's clearly coming out of the COVID, that, you know what I like working from home, I'm more productive. We don't need the real estate costs, wait, why do we even need a VPN? Why we over-provisioned? What are we paying for? Let's just build and secure. So again, all these projects are going to come out of the woodwork, I think that they're going to create a new vendor, a new brand or new opportunity because, these new solutions need to come because of the demand has been highlighted by COVID and other cloud scale. What's your thoughts on that, because this may not be your grandfather's networking company that comes out of the woodwork, It might be a cloud app. >> Yeah, well John, first of all, I think you nailed it. You look at a company like Infoblox, founded back in the .com era, back in 1999 and dominant in their space. So, they're not here saying, oh, we're the tried and trusted company that you work with, and you shouldn't try that new Fangled, Kubernetes piece or anything like that. It's not ready for prime time. As you said, they're getting, they're looking to skate where, to where the pack is going, they're aggressively going after these environments to make sure that they maintain their leadership in this environment. And, you're absolutely right, for the longest time, generally in networking, you were talking about, it was Cisco and everybody else out there, but now the cloud is such a big piece of what's going on, we've seen chip acquisitions by the big Hyperscalers, we've seen how they build their environments, and in many ways there's been consolidation, but there's also been dis-aggregation. So, the fundamental layer, but like what Infoblox has with their DDI stack, is something that customers need, I need to make sure my identity and my IP is something that I can manage wherever I am in all of these environment. >> It's funny Stu, we joke about SD-WAN, and now that's the internet and you think about the internet, one constant in all of it is you got to move packets from point a to point B and store a packet in a storage device, and ultimately you need to have to resolve addresses. And DNS, as old as it is, is fundamentally the standard, and a lot of people take it for granted, so to me, DNS has survived. It's a low level building block, but as things evolve, new abstraction layers come up, and I think we'll see more. I mean, I think there'll be a new naming system on how to deal with different scale across multicloud. And I think, Amazon is talking about it. We hear Ava Trix talking about it, we hear, things going on within Google talking about it, so, I think you're going to start to see new levels of innovation because, that's where the packets are moving, that's what the bad guys are, and you can't cover your footprints if you're trying to get in there. So, huge change is coming will be on it, And the CUBE we'll be monitoring it, as always, we can see the waves coming, Stu, what do you see? What's your future ball, tell you, as we come out of COVID, networking world, cloud collision, multicloud, apps, microservices, all this massive wave, what's your take, What's going to happen? >> Well yeah John, we've talked so much, It's those builders out there, how do I make sure that I can build my application, allow my users to access things wherever they are. The shift we hear for post COVID, it goes from work from home to work from anywhere. So, we were not going to see everybody just go back to the pre COVID era, this will have a lasting impact, and especially from a networking standpoint, we were starting to look at how does 5G and IOT change the way we think of networking? This just accelerates what we Needed to look at. Some networking technologies, take a long time to go through their maturation and standards, but being able to manage my entire environment, be able to spin up my new applications, and as you said John, DNS, like identity is something that is a fundamental piece that I need to make sure is rock solid so that I can get my employees access to the information while still keep things secure. >> Well, when you click on a link, that's malware, that's DNS, so this is where the action is, and people got to preserve it. Stu, We're going to be covering it, we're going to be watching all the waves, and again, this the CUBE on top of the big wave of networking and as networking evolves, I just still, I just still think, it's one big IOT world now, and it's an internet of things. They're all connected, there's no perimeter, it's borderless. This is going to change the game. I think in the next 18 months, we're going to see really different connected experiences and whoever can deliver them, will be the winner. Of course, we'll be watching it, go to siliconangle.com. We have a special report on next gen networking, Rob hope from Paul Gillin are constantly reporting, Stu has been getting a ton of great interviews, and again, we're getting the stories out, during COVID-19, with our remote interviews. Thanks for watching the CUBE, for the special next level networking experience event by Infoblox. (upbeat music)

>> Narrator: Live from Boston, Massachusetts, it's the CUBE covering OpenStack Summit 2017, brought to you by the OpenStack Foundation; Red Hat, an additional ecosystem of support. (upbeat synthesizer music) >> Welcome back, I'm Stu Miniman, joined by my cohost John Troyer. This is The CUBE, worldwide leader in live enterprise tech coverage. Coming into the show this year, here, at OpenStack, discussion of edge was something that had a little bit of buzz. Last year's show in Austin, the telecommunication all of the NFV solutions were definitely one of the highlights. Happy to welcome to the program a first-time guest, Beth Cohen, who is the SDN and NFV Network Product Strategy at Verizon. Thanks so much for joining us. >> Thank you, yes. >> All right, so Beth, I mean, we hear cloud in a box, Edge, all those pieces in the keynote, Monday. People are excited, you know, telecommunications. I worked in telecom back in the '90s. I'm excited to see that people are getting involved and looking at this, but before we get into all the tech, just tell us, briefly, about you and your role inside Verizon. >> Sure. So, I actually work at Verizon as a New Product Strategist, so I come up with new products, so I do product management. This is actually my second product for Verizon. The previous one was Secure Cloud Interconnect which is a very successful product. Who would have thought that connecting privately to the cloud would be a good idea? It turns out, everybody thinks that's an excellent idea, but I worked in telecom back, for GTE, back in the 1990s and through BBN, so I've been in this industry for a while and I've always stayed kind of on the cutting edge of things, so I'm very excited to be working on these cutting-edge projects within Verizon. >> All right, so speaking of cutting edge, let's cut to the Edge. >> Beth: Cut to the Edge (laughs). >> And, give our audience a little bit about what the announcement was, >> Sure. >> the actual product itself. >> So, Virtual Network Services, is the product. We originally announced it in July with a universal CP box. That box was not a, what we're calling a white box which I think is the industry term, now. That one was based on the Juniper NFX250 which is, we call, a gray box, so it's using the Juniper NFX software, but the new, new announcement is this is truly a white box. It's an x86 box. It's generic, any x86 will work, and, in fact, the product has, we realized, actually, working with customers that some customers want to have a very small box, very small footprint, low cost, that only supports maybe two, possibly three, NFVs, Virtual Network Functions, all the way up to our largest box, is 36 core. So, we have four core at the bottom, so that's used for the coffee shops or the small retail-type functions where they're only looking for security in routing or security in SDN or SD-WAN or whatever, so very small, compact use all the way up to 36 core which can support, you know, 10 or 12 different functions, so load balancing, routing, security, whatever you want, >> Yeah. >> cloud in a box. >> There's so many pieces of OpenStack and they've been, for years, talking about the complexity. This, really, if I understand it right, I mean, it's OpenStack at the edge in a small box, so how do we kit such a complicated thing in a little box and what kind of functionality does that bring? You know, what will customers get with it? >> So, obviously, it's, we didn't take old everything, >> Right. >> of course, so, you know, it does include Neutron for the networking and it does include Nova in the computes and so it has the core components that you need for OpenStack. And, why did we choose that? Because OpenStack really gave us that consistent platform across both out at the edge and also within the core, so we are building the hosted network services platform which we're using internally, as well, to host our, to support our network services and we're also supporting customers on this same platform. So, that gives us the ability to give a customer experience both out at the edge and within the core. So, of course, everybody wants to know the secret source. How did we cram that in? Containers, so we containerize OpenStack. One of the requirements is it had to be a single core, so it is a single core in the box because, of course, particularly in a small box, you want to leave as much space as possible for services that our customers want because the OpenStack is the infrastructure that supports it all. >> That's great, I mean, so, Beth, that was one of the highlights of the whole show, for me, right. I like when tech blows my mind a little bit and the idea of something that we might have run on a some embedded Linux source or embedded OS before, now, it's actually running a whole cloud platform, in a box, in my office, was amazing. As you're looking at the center of the network versus the edge, is that one, to you and to network ops, is that one big cloud, is that a cloud of clouds? What's kind of the architecture? >> Beth: Cloud of clouds. >> Yeah. >> Is it fog? (co-hosts laughing) >> It's, yeah, you could say it is a fog, because one of the things when you pull a network to the edge like that, Verizon lives, I mean, we live and breathe networks and the networks are WANs, Wide Area Networks, right, they're everywhere, so we live and breathe that every day. So, traditionally, as I mentioned in the keynote, is that cloud has been sort of the data center centric, right, and that changes the equation because, if you think about it, most data center centric clouds, the network ends at, there's some mystery thing that happens and the end, right? It just goes to that network router, you know, NNI, network-to-network net router and it just kind of disappears, right? Well, of course, we know what's on the other side, so what we've done is we've said, okay, we have functionality within that data center, but we've expanded that out to the edge and we understand that you can't just have everything sitting in the cloud and then rely on that edge to just work, so you need to move pieces of it out so it's not reliant on that inside data center. So, there's tools back there, but if that data center connection goes away, that function will still work out at the edge. >> That's great. You talked about both SDN and NFV, a big conversation at OpenStack for the last several years. >> Yeah. >> Can you talk a little bit about maybe the state of SDN and NFV and how you all are looking at that and are we there yet? What do we still, >> (laughs) Are we there yet? >> what places do you still see we need to go? >> So, when I worked with the marketing team, they were like, "Oh, we're going to have to use this NFV term. "We have to use the SDN," and when I talk to customers, inevitably, they're like, "What is the NFV stuff?" They have no idea, so, really, at the end of the day, I see NFV as a telco thing. Absolutely, we need it, but we have to translate what that means to customers because all that back-end stuff, as far as they're concerned, that's magic. That's the magic: that we deliver the services. Those packets just arrive, they do what they're supposed to do. So, I say, okay, network services is really what you're talking about, because they understand, "Oh, yeah, I need that security, I need that firewall, "I need that WAN Optimizer, I need that load balancer." That, they understand. >> Yeah. >> Well, Beth, I, with my telecom background, I think of, there's lots of hardware, there's lots of cabling, there's the challenges that you have with wireless and we're talking a lot about 5G, you're talking about software, though, and it's delivering >> Yeah. >> those services that the customer needs, so, right, is that what they ask for? Is it, I need these pieces and now I can do it via software as opposed to before, I had to, you know, we talked, it's the appliances to the software move? >> Right. >> What are the, your customers asking for and how are they embracing this? >> Well, so our customers are very excited. I can't think of a single customer that I have gone to that have said, "Why would I do that?" They're all saying, "No, this is really exciting," and so what they're doing is they're really rethinking the network because they're used to having stacks of boxes, so the appliance base, you know, that was really pioneered back, of course, Cisco sort of pioneered it back in the '90s but I remember talking to Infoblox back in the, oh, like the early 2000s when they came out with DHCP DNS appliance and I was like, "Wow, that's so cool." So, this is sort of the next generation, so why do you need to have six different boxes that do a single thing? Why don't we just make it a cloud in the box and put all those functions together and service chain them? That gives you a lot more flexibility. You're not stuck with that proprietary hardware and then worrying about, I mean, I can't tell you how many customers want to do this for tech refresh. They have end-of-life equipment that the vendor is saying, "Forget it, (laughs) this is 10-year-old equipment. "We're not supporting it anymore." >> Yeah, but what are the security implications, here, though? We've seen the surface area of where attacks can come from just seems to be growing exponentially. I think, I go to the edge, I've got way more devices, there's more vulnerabilities. Your last product, you said, was security. How does security fit into all of this? What are you hearing from your costumers? How do you partner with other people? >> So, security is absolutely paramount to our customers. As I mentioned in the talk, there was a, we did a survey of our customers. Security was absolutely the top priority, but security's a lot more sophisticated, as you said, than it used to be and the vectors for attack are much more sophisticated and so it's not enough to just have a firewall. That's, your attack is, you know, the sqiushy inside and the hard outside, forget it. That's just (laughs)-- >> Yeah, yeah, yeah. You get it. >> That's just not there anymore. >> Indeed, the moats are gone. They're in the castle. >> Yeah. >> They're in the castle, right. So, for us, it's very appealing to our customers, that, the idea that they can put the security where they need it, so they can put it out at the edge and some of them so want it at the edge and we give them the choice of setting up a sort of a minimal basic firewall or a full-featured next-gen firewall. We also find customers kind of like the brand names, so we offer Palo Alto, Fortinet, Cisco, Juniper and others will be coming, so that appeals to them. They tend to be a shop of one or the other. >> John: All on a software basis? >> All on a software basis. >> Giving them the virtual clients discount? >> Right, yeah, all virtual clients is right. And, you know, at the end of the day, our customers don't actually care about the hardware. For them, it's the service. >> I wanted to take it over to OpenStack itself for a little bit. You know, the great conversation here, this week, has been something about modularization, talking about the ecosystem, talking about containers, both the app layer up on top and the packaging layer down below, which is kind of really cool, as well. How are you seeing the OpenStack community engage with the ecosystem be available to different use cases like this? Right, slim it down, take what you need, leave the rest, different, for a while, the conversation was, there were so many projects and, about everything, and do you feel like OpenStack is going where we need it to go, now, in terms of, again, a usable partner and community to work with? >> I do believe that because, so, my product is really a portfolio, if you think about it, so it's a portfolio of services and I view our use of OpenStack in the same way. So, we're really taking that portfolio of OpenStack services and pulling, you know, putting together the package that we need to deliver the services. So, what's out at the edge, that package of OpenStack services at the edge, that's not the same set of services as what's within the core data center. There's some commonality, but we've chosen the ones that are important to us for the edge and chosen the ones that are important to us for the core. So, I think that the OpenStack community is really embracing this notion and we really welcome that, that thing. Now, what I'm finding is that the vendors that we're supporting, you know, that, in the ecosystem, at the application layer, are still struggling with, "Okay, do we containerize? "Do we support, what do, how do we support it?" I can't tell you how many vendors I've gone to and I said, "If you want to be in our portfolio," and obviously most of them do, you know, Verizon's a big company, "you have to be virtualized. "You have to be able to support, run under OpenStack," and they have to get past that, (laughs) that issue. >> Beth, I noticed in some of your social feeds, you've attended some of the Women at OpenStack event. >> Yes. >> I wonder if you have any comment on the events there and diversity in general in the community? >> So, one of the things I love about OpenStack is it's really, really gone out of its way in, within the open source community, in general, to really focus on the value of diversity and it really does track the number of women that, you know, there's a metric that says the percentage of women at every summit and it's going up and the Women of OpenStack community focus on mentoring, and it's not just women, because mentoring's very important, but it really allows, but women are, have sort of special challenges and minorities have special challenges, as well, and we really try to embrace that fact that you do need a leg up if you're not a 50-year-old white guy (laughs). >> All right, Beth Cohen, really appreciate you joining us. Congratulations on the keynote, the product and wish you the best of luck going forward. >> Thank you. >> We'll be back with more coverage here from OpenStack Summit in Boston. For John and myself, thanks for watching The CUBE. (upbeat synthesizer music)