>> Narrator: TheCUBE presents Ignite 22, brought to you by Palo Alto Networks. >> Good afternoon guys and gals. We're so glad you're here with us. Welcome back to the MGM Grand, Las Vegas. This is day two of theCUBE's coverage of Palo Alto Networks Ignite22. Lisa Martin here with Dave Valante. Dave, as I mentioned, our second day of coverage. We've learned a lot about cybersecurity, the complexity, the challenges, but also the opportunities. We've had some great conversations, really dissecting some recent survey data. We know that every industry, no industry is immune from this but healthcare is one of the ones that's quite vulnerable. We're going to be talking about that next, in part. >> Yeah. Cause we always talk about the super cloud and connecting hybrid across clouds and you know, on-prem, but also now out to the edge. >> Yes. >> You know, and nobody wants a separate stove pipe, but we saw this during the pandemic. We saw the pivot, work from home, to end point and cloud security rearchitecting the network, identity and you know, more stove pipes. Right? So, but that's not what the industry wants or needs, so. >> Right. >> Yeah. >> Well I never would think about, you know you go to the doctor's office, you go to a hospital, X-ray machines, CT scanners, all these proliferation of medical IoT devices. Great for the patient, great for the providers, but a lot of opportunities for the attackers, as well. We're going to be talking about that, in part, in our next conversation with an alumni that's coming back to the program. Anand Oswal is here. The SVP and GM of network security at Palo Alto Networks. Great to have you back. >> Great to have me. Thank you. >> It's been a few years. >> Oswal: Yeah. It's been a time. >> So, I was looking at some of the unit 42 research: medical devices are the weakest link on the hospital network. >> Oswal: Yeah. >> But, so great for patient care, for doctors, providers, et cetera. But, a challenge and an opportunity for the adversaries. >> Oswal: Yeah. >> What are some of the things that you guys are seeing? I know you have some news on the medical IoT front. >> Yeah. Thanks for having me by the way. So, if you look at every industry has benefited from connected devices. Changes the outcome and the experiences, both for the end users, as well as the businesses. And healthcare is no different. If you look at the experience that we had as patients over the last decade has changed dramatically. And in the pandemic, even more changes happened, right? This is really ushering in a new era of patient care. It's connected devices. You know, I have a family member of mine who has diabetes. And, as you know, you got to check the blood glucose level periodically. It's usually pricking, it's cumbersome, it can hurt you. But now, with this new IoT based glucose margin systems, you can monitor these levels in real time, constantly. If it drops, can inject the right amount of insulins. So, changing the experience and the outcome for patients. Taking data from this devices to ensure that you have different outcomes. So, really, changing how you experience as patient. But, like you said, along with all of this is adding increased cybersecurity. Right? And we've seen over the last, I don't know, year or so, a 200% increase in cyber attacks on healthcare organizations. And, in the next couple of years, you're going to see 1.3 billion, yes, the "B," billion, new connected devices come to healthcare. So, that's including the attack surface. So, we've got to stay vigilant. There's a lot of great things you get from connected devices. It has cyber risk, just plan it properly. >> But, it's hard just to secure a medical IoT devices. Why is it so challenging? And how do you help? >> Yeah. Look, you can only secure what you see, first of all, right? So, it's very important to understand what devices you have on your network. And these can't be done statically, right? Because you're, they're made by different manufacturers and you're adding so many every day. So, you need to use machine learning to identify what these devices are. But just not what are devices, who's the manufacturer? What's the make, what's the model? What's the unpatched vulnerabilities? That's one part. I tell people that having visibility is good, but just that's not enough. It's like me telling you, you have a leak in your house. I don't give you any information on where the leak is. How do I call the plumber? What's the home warranty? Home insurance coverage? So you got visibility. Then you need to do segmentation. Segmentation all about who can talk to whom. Should your CT scan machine or MRI machine be talking to a server in the corporate environment? Should be talking to your point of sale terminal in the hospital? Maybe not. Right? So you need to define those policies. Again, those can be manual. They have to be automated because you're adding new devices every day. After you do that, it's around the data that is transporting on those devices. Do they have threats? Are they command controlled connections? Because threats can move laterally and need to inspect this in real time every day, constantly. Not just one time. Right? That's the whole notion of zero trust, which is no notion of implied trust. You want to have least privilege access. And the most important is that, look, we talked about this before. Majority of healthcare organizations have legacy security architectures. You can't have it solved better, the point product a new sensor, a partial solution. You need to get fully integrated because you need to reduce their operational cost. You need to ensure that they have better security. Right? I tell people what do organization want? Make more money, save money, and steer out trouble. Right? In simple ways. >> Valante: Yeah. >> I need to ensure that they're able to get this done securely. That's very important. >> So, a lot of the devices, so you think about oT, a lot of the devices been naturally air gaped. That was sort of the safety. What's it like in healthcare? Is the MRI machine, was it historically net-, you know, fenced off from the network and how is that changing? >> Yeah. I'll give an example. I talked to a customer, this is a few months ago. And this happened before the pandemic, luckily. They were doing, a doctor was doing a surgery on a patient at roughly two in the morning, on a, and using a ventilator. And guess what happened? The ventilator rebooted and said: firmware upgrading. >> Yeah. >> Right? >> Wow. >> And luckily when I doctor, their customer, they said they had another ventilator that they could quickly do. This ventilator was connected to an ethernet cable, in this case. And somebody decided that two AM is the right time to upgrade things. Like, you know, you have windows of when you upgrade things. But, you need to be able to manage a lifecycle of these devices more intelligently. When is it being used? When it's upgraded? There's a life of a device, and then there's a cyber life. Now we have too many devices with end of life operating systems. We all remember the 2017 WannaCry attack. That was an end of life operating system. So, you have a shelf life and you have a cyber life. Need to be able to manage the life cycle of these devices and easily onboard new devices, but also have, be able to sunset devices as needed. >> Okay. So the business generally stays ahead, you know, of cyber, but are those worlds coming together? I mean, I feel like with digital transformation we're beginning to see that everybody talks about, you know, cyber can't just be a bolt on. >> Oswal: Yes. >> But it oftentimes is. So what's the state of play in healthcare? >> I think it's changing. If you think about the healthcare organizations or generally even oT environments, the decision maker is not just the CIO and CISO, it's also your plant manager, the hospital owner, or manager of the operations of the hospital. They have to be taken into account. The other, the other stakeholders: the clinical and biomed engineer who operates these devices, right? I was talking to a healthcare customer that said that asset utilization or devices important. Many times you find nurses or doctors will keep an infusion pump with them in their room because they want easy to use. And then they say, I want five more or 10 more, right? We all living in an environment where budget will be more and more important. So how do you get a full inventory of what's using what, how often are they used? For example, MRI machines are many times preset for scanning certain parts of the body. Now you can change it, but it takes time. It's effort. So if you know the actual utilization of what you're doing, you can be more efficient and have a much more efficient organization. >> And so how do they do that? Is that some kind of predictive analytics that they're using? Is it... >> Yes. It's the whole lifecycle of a zero trust architecture. It is the whole lifecycle of managing these devices effectively and then simplifying your operations. The three things that we have to do. >> How can zero trust be really tailored to healthcare specifically? >> Yeah. Let me tell you, first of all, when I talk of zero trust, I have a simple way of talking about it. Which is no notion of implied trust, right? Just because I'm in an environment doesn't mean have access to a device and application, et cetera. And when we think of medical device, it's like, who's the user who's accessing it? How do you authenticate that user? And that can be the things the organization has: password, an MFA, et cetera. That's, that's good. That's not enough. If you're accessing some, if I authentic authenticated you from this device, but what if this device itself is infected with malware? So, I need to know that it's the state of your device. Then what are you trying to access? Medical records, healthcare records, you'd like permission sets to access it. Are they read only, write only? Do you have confidential information about it? And when you're exchanging this information, is there malware in that data? You need to do this on a continuous basis. So, user, endpoint, access, and transaction. These four constructs have to be done continuously. That's the whole notion of zero trust. >> So, okay. Cause you had, we were talking off camera, you said, you know, get, say ask somebody what zero trust is, you get 10 different answers. 10 people, 10 different answers. So, I always would used to think unless a device or a person has been explicitly authorized and authenticated, they don't get access. But, you just added something more. It also has to be clean essentially. >> Yes. >> Right? And you've got the technology to do that? >> Absolutely. And we can, if you think about it, we can do this across all facets, all use cases. If you think of traditional network security, right? It doesn't secure the network. Like I said, it secures everything on the network. The users, the IoT devices, and the applications they access. Now I can be in the office, I can be on the road, or I can be home. I may use different notions of stacks. I may use a hardware-centric firewall for accessing data center based applications in my private data center. I may use a software firewall application for accessing things in the public cloud. I may use a cloud deliver SASE architecture from home or for remote branches. I wanted consistent security. The way I do threat, the way I do phishing protection, ransomware protection, IoT security. It should be consistent no matter where the user is, no matter where the data is, no matter where the applications is. And that's really what we can do with a consistent platform approach. >> So on-prem. In... >> The cloud, yes. >> In all the clouds, at the edge. >> Yes. >> Not only healthcare, but operational technologies? The factory? >> You want to make sure that it's not only the best in class security, it's also consistent security and consistent manageability. Right? Which means that the experience I have as an admin, from day minus one to day n. And it can be for any use case I have, it could be for securing my applications in my private data center, my application is the public cloud, or remote access from home or remote branch. I want that consistent security. I want that consistent policy. So, what is the treatment for you, the user, when you are in the office, on the go, or somewhere else? You don't want different experience. >> Valante: Yeah. >> You want same experience. >> Right? That goes... >> It should be optimal. It can be slow, it can be like, it takes you a long time to access your application either. Cause all of us are, we spoiled, we want it right away. >> Yeah. It can't be a blocker to productivity. >> Exactly. >> I was looking at some of the unit 42 data about, just the, all the vulnerabilities in different machines. We talk about cyber resilience a lot. How and, as I mentioned, and I think even the survey that Palo Alto Networks released yesterday, "What's Next in Cyber", was even demonstrating healthcare being one of the most vulnerable. >> Yes. >> And we talk about, you know, it being one of the weakest links. How can Palo Alto Networks work with healthcare organizations, large and small, across the globe to help them really dial up cyber resilience. >> Oswal: Yeah. >> And start reducing the vulnerabilities that are there as device proliferation is just going to happen. >> Yeah, absolutely. I think you hit a very good point. We have data which says that 83% of imaging systems run end of life operating system stacks, right? And you remember in 2017, the WannaCry attack started with an end of life operating system device. Right? It affected 150 countries in the UK alone. 70,000 devices, 30,000 patient cancellations. We know that, if you think about infusion pumps, three out of four have unpatched vulnerabilities. Which means that you can patch it. But it's very hard for the biomed or clinical engineer to understand what to do and what not to do. Healthcare organization have lot of compliance requirements. Right? They have HIPAA compliance, they have other regulations. So, you need to make them audit ready: inventory of the devices, status of each device, make it audit ready, compliance ready. So, they're able to do what they do best in serving patients versus worrying about other things that they, that we can automate for themselves. Lastly, I'll say is that, you also want to simplify the operations of the health environment, right? Having more point products, more point solutions, that's solving only a certain aspect of what you do. Like only visibility, telling you have a leak, but not putting the end solution. Adds more and more complexity to organizations. >> So it's a different dynamic in this world, healthcare world, because you got to all these devices and they're not, you know, I think about Patch Tuesday, Right? I mean Microsoft's always putting out patches. And so, that tells the hackers, Hey, you know, go in on Wednesday. >> Yeah. >> And hack away. It's probably different in healthcare. They're probably not as frequent patches published or maybe there are, I don't know. I'll be curious as to whether they are. But I mean the, the device manufacturers, they're not, you know, the biggest software company in the world. >> Yeah. >> You know, so they're probably not as on top of it. >> Yeah. >> So I'm not saying it's better or worse, it's just a different environment. >> The patches to the end devices may not be as frequent, but patches that you can apply on from a security perspective on a security stack are like happening continuously in real time. The second things that you also want to ensure that the capabilities of your security product itself are able to stop attacks inline, in real time. For example, 95% of all malware in the world is MORF malware, which means it's variations of existing malware. You can stop this inline real time, right? Attackers are using more and more sophisticated techniques today, to evade traditional sand boxing techniques. So, you have to out-innovate them. And that's what we've done by all our cloud services. We move them very early on to the cloud to get the agility and scale that we get. But we invested a lot in machine learning and deep learning to stop these day-zero threats in line, real time. Attackers are using that window of opportunity, like you mentioned, between the time when a breach is announced or detected, and patched. And that breach could, that time window could be a minute. They're going to exploit that time. You want to reduce that to almost zero, which means that you need to stop it in line, in real time, continuously. >> So, take the sandbox example. >> Yeah. >> So, what do you say? So, if I'm doing a sandbox on-prem, one of the vulnerabilities is if my capacity is out of 10,000 files, they're just going to overwhelm me with a hundred thousand and then I'm going to be trying to figure out what's going on. And while I'm doing that, they're going to be sneaking in. And is that an example of... >> No. >> Valante: That you address because you're in the cloud, or...? >> Yeah, that's one. But, think about examples where attackers are devising malware, are creating malware that will basically evade traditional sand boxing techniques. So, if I do a memory lookup on the register, that malware will diffuse. It only detonates on an end user on a device or a database. So, now you need to do intelligent techniques. So, we built this, lot of infrastructure for intelligent realtime memory analysis to ensure that we are able to stay ahead of the competition. And we did that for phishing, we did that for command control connections, we did for software exploits, we did data for malware, for DNS. We're able to stop about 11 to 12 million additional phishing sites than anybody else. We're able to have our sand boxing more effective than anybody else. We're able to stop 26% more malicious sessions than others in the industry. >> Valante: Why? Architecture? >> Architecture. Couple of things. First, architecture. Second is that, through a lot of innovation that we've done in both machine learning and deep learning, to be able to look at unstructured data and be able to stop the attacks inline, real time. Think about it, the traditional way of doing URL filtering has always been to build a database of URLs in the world. And you categorize as URLs into groups of categories: news, adult. And then you say, what's my risk profile for each of these? And you put a score and you say, I want to have this tolerance. That doesn't work anymore. The reason is because attackers are sophisticated. Websites come in, up and down, in seconds. Before I build a database, it's gone. I can't do this old way of doing things, signature and databases. I've got to use the power of machine learning. I've got to use the power of deep learning and data. >> And it's, are healthcare leaders, do they have an appetite for that? >> I think healthcare data looking for outcomes. They're looking, when I talk to healthcare professionals, they want to basically do what they do best. Serve patients, right? Give them optimal care. They want someone to take care of all these things holistically, end to end. Simplify all the things that they have to do from a compliance perspective, architectural perspective, reduce their cost, give them a better outcome. That's what they want. >> It's all about outcomes. >> Oswal: It's all about outcomes. >> And we know you cover much more than healthcare, but we obviously used most of our time on that. It's such an interesting, fascinating industry. Obviously, a lot of opportunities there for organizations to work with companies like Palo Alto to really dial up their cyber resilience. >> Absolutely. >> And ultimately, to your point, deliver the outcomes that they are there to do. >> Absolutely, yes. >> We'll have to have you back cause we just, I feel like we just scratched the surface. Right? >> Oswal: Happy to come back. >> Valante: Thank you. >> Oswal: Thank you. >> Awesome. >> Oswal: Thank you so much. >> Our pleasure to have you on the program. For Anand Oswald and Dave Valante, I'm Lisa Martin. You're watching theCUBE, the leader in live and emerging tech coverage. [Pedantic Music Fades]

>> Live from San Diego, California It's the queue covering Sisqo live US 2019 Tio by Cisco and its ecosystem. Barker's >> Welcome back to San Diego. Everybody watching the Cube, the leader and live check coverage. My name is David Locke. I'm here with my co host student in recovering Day to hear Sisqo live. 2019 on. On On. On on. Oswald is here. Excuse me. Sees the senior vice president of enterprise networking Engineering at Cisco. And John A postal, a polis. Italians in the Greeks. We have a lot in common. He is the VP and CTO of Enterprise Network. And get Sisko. Gentlemen, welcome to the Cube. How'd I do? Do you know it? Also, that you're bad, right? Thank you. All right, Good. Deal it out. Let's start with you. You guys have had a bunch of news lately. Uh, you're really kind of rethinking access to the network. Can you explain what's behind that to our audience? >> Yeah, even think about it. The network is getting has running more and more critical. Infrastructure at the same time is increasing. Bottom scale and complexity. What? We expected that you'll only be obvious. Violence on workspace is on the move. Are you? You're working here in your office, in the cafe, The sock off everywhere you want. An uninterrupted unplugged experience for that is violence. First, it's cloud driven and is dead optimist. So we had to rethink our way to access. It's not just about your laptops and your fool on the wireless network. In the end of the digital management systems, Coyote devices, everything is going to provide us with means reaching the access on that. But >> so, John, this obviously ties into, you know, you hear all the buzz about five g and WiFi. Six. Can you explain the connection? And you know what? We need to know about that. >> Okay, it's so fine. Five. Jean WiFi 62 new wireless technologies coming about now, and they're really awesome. So y fi six is the new version. WiFi. It's available today, and it's going to be available for down predominately indoors as wi WiFi indoors and high density environments where you need a large number. Large data bait for square meter una WiFi. Once again, the new WiFi six fight in the coverage indoors uh, five is going to be used predominately outdoors in the cellular frequency. Replacing conventional for Geo lt will provide you The broad coverage is your roam around outdoors. And what happens, though, is we need both. You need great coverage indoors, which wife Isis can provide, and you need great coverage outdoors. Which five year cried >> for G explosion kind of coincided with mobile yet obviously, and that caused a huge social change. And, of course, social media took off. What should we expect with five G? Is it? You know, I know adoption is gonna take a while. I'll talk about that, but it feels like it's more sort of be to be driven, but but maybe not. Can you >> see why 5 65 gr actually billions Some similar fundamental technology building blocks? You know you will be in the ball game for the Warriors game like a few weeks ago when they were winning on DH. After a bit of time to send that message. Video your kid something on the WiFi slow laden Z with WiFi, 61 have a problem. The WiFi six has four times the late in C 14. The throughput and capacity has existing y find Lowell Agency and also the battery life. You know, people say that that is the most important thing today. Like in the mass Maharaj three times the battery life for WiFi, 16 points. So you're gonna see a lot of use cases where you have inter walking within 556 and five g WiFi six foot indoors and find you for outdoor and some small overlap. But the whole idea is how do you ensure that these two disparate access networks are talking to each other explaining security policy and it is invisibility. >> Okay, so first what? Your warriors fan, right? Yeah. Awesome way. Want to see the Siri's keep going, baby? That was really exciting. Because I'm a Bruins fan, sir, on the plane the other night and in the JetBlue TV. Shut down, you know, So I immediately went to the mobile, But it was terrible experience, and I was going crazy checks in my friends. What's happening? You say that won't happen? Yeah, with five Julia and WiFi sexy. Exactly. Awesome. >> So, John, help connect for us. Enterprise. Not working. We've been talking about the new re architectures. You know, there's a c I there now intent based networking. How does this play into the five G and WiFi six discussion that we're having today? >> So one of the things that really matters to our customers and for everybody, basically, they want these sort of entering capability. They had some device is they want to talk to applications. They want access to data. We want to talk with other people or try ot things. So you need this sort of end twin capability wherever the ends are. So one of the things I've been working on a number of years now it's first all intent Basin that working, which we announced two and 1/2 years ago. And then multi domain, we try to connect across the different domains. Okay, well across campus and when, and data center all the way to the cloud and across the Service Fighter network and trad security has foundational across all of these. This was something that David Buckler and Chuck Robbins talked about at their keynote yesterday, and this is a huge area for us because we're going to make this single orchestrated capability crop customers to connect and to and no matter where the end of ices are >> alright so sewn on I have to believe that it's not the port, you know, administrator saying, Oh my God, I have all these signs of them. Is this where machine learning in A I come in to help me with all these disparate system absolutely are going very simple. Any user on any device had access to any application. Sitting in a data center in a cloud of multiple clouds over any network, you want that securely and seamlessly. You also wanna have nature. Its whole network is orchestrator automated, and you're the right visibility's recipes for idea on with the business insights on the eye. An ML. What's happening is there for the next book is going in complexity and skill. The number of alerts are growing up, so you are not able to figure it out. That's where the power of a I and machine learning comes. Think about it in the industry revolution, the Industrial Revolution made sure that you are. You don't have limitations or what humans can do right, like machines. And now we want to make sure businesses can benefit in the digital revolution, you know, in limited by what I can pass through all the logs and scrolls on ornament. Everything and that's the power of air and machine learning >> are there use cases where you would want some human augmentation. We don't necessarily want the machine taking over for you or Or Do you see this as a fully automated type of scenario? >> Yeah, so what happens is first ball visibility is really, really important. The operator of an effort wants the visibility and they want entwined across all these domains. So the first thing we do is we apply a lot of machine learning to get to take that immense amount of data is an unmentioned and to translate it into piece of information to insights into what's happening so that we could share to the user. And they can have visibility in terms of what's happened, how well it's happening. Are they anomalies? Are is this security threat so forth? And then we can find them additional feedback. Hate. This is anomaly. This could be a problem. This is the root cause of the problem, and we believe these are the solutions for what do you want to do? You wantto Do you want actuate one of these solutions and then they get to choose. >> And if you think of any other way, our goal is really take the bits and bytes of data on a network. Convert that data into information that information into insights that inside that lead to outcomes. Now you want. Also make sure that you can augment the power of a machine. Learning on those insights, you can build on exactly what's happening. For example, you want first baseline, your network, what's normal for your environment and when you have deviations and that anomalies. Then, you know, I don't know exactly what the problem is. Anyone automated the mediation of the problem. That's the power of A and women you >> When you guys as engineers, when you think about, you know, applying machine intelligence, there's a lot of, you know, innovation going on there. Do you home grow that? Do you open source it? Do you borrow? Explain the philosophy there in terms of it. From a development standpoint, >> development point of it is a combination of off all the aspects, like we will not green when they leave it all the exists. But it's always a lot of secrets are that you need to apply because everything flows through the network, right? If everything first netbooks, this quarter of information is not just a data link, their data source as well. So taking this district's also information. Normalizing it, harmonizing it, getting a pretty language. Applying the Alberta and machine learning, for example. We do that model, model learning and training in the clouds. Way to infants in the cloud, and you pushed the rules down. There's a combination, all of all, of that >> right, and you use whatever cloud tooling is available. But it sounds like it's really from an interest from a Cisco engineering standpoint. It's how you apply the machine intelligence for the benefit of your customers and those outcomes versus us. Thinking of Sisko is this new way I company right. That's not the ladder. It's the former. Is that >> fair? One of the things that's really important is that, as you know, Cisco has been making, uh, we've been designing a six for many years with really, really rich telemetry and, as you know, Data's key to doing good machine learning and stuff. So I've been designing the A six to do really time at wire speed telemetry and also to do various sorts of algorithmic work on the A six. Figure out. Hey, what is the real data you want to send up? And then we have optimized the OS Iowa sexy to be able to perform various algorithms there and also post containers where you could do more more machine learning at the switch at the router, even in the future, maybe at the A P and then with DNA Center way, have been able to gather all the data together in a single data life where we could form a machine learning on top. >> That's important, Point John mentioned, because you want Leo want layers and analytics. And that's why the cattle's 91 191 20 access point we launch has Cisco are basic that provides things like cleaning for spectrum were also the analytic from layer one level are literally a seven. I really like the line, actually from Chuck Robbins, yesterday said. The network sees everything, and Cisco wants to give you that visibility. Can you walk us through some of the new pieces? What, what what people, Either things that they might not have been aware of our new announcements this week as part of the Sisko, a network analytics, announced three things. First thing is automated based lining. What it really means. Is that what's normal for your environment, right? Because what's normal for your own environment may not be the same for my environment. Once I understand what that normal baseline is, then, as I have deviations I canto anomaly detection, I can call it an aggregate issues I can really bring down. Apply here and machine learning and narrow down the issues that are most critical for you to look at right now. Once and Aragon exact issue. I wanted the next thing, and that is what we call machine. Reasoning on machine reasoning is all about ordering the workflow off what you need to do to debug and fix the problem. You want the network to become smarter and smarter, the more you use it on. All of this is done through model learning and putting in the clouds infants in the cloud and pushing it down the rules as way have devices on line on time. So, >> do you see the day? If you think about the roadmap for for machine intelligence, do you see the day where the machine will actually do the remediation of that workflow. >> Absolutely. That's what we need to get you >> when you talk about the automated base lining is obviously a security, you know, use case there. Uh, maybe talk about that a little bit. And are there others? It really depends on your objective, right? If my objective is to drive more efficiency, lower costs, I presume. A baseline is where you start, right? So >> when I say baseline what I mean really, like, say, if I tell you that from this laptop to connect on a WiFi network, it took you three seconds and ask, Is that good or bad? You know, I don't know what the baseline for his environment. What's normal next time? If you take eight seconds on your baseline street, something is wrong. But what is wrong isn't a laptop issue isn't a version on the on your device is an application issue on network issue and our issue I don't know. That's why I'm machine learning will do exactly what the problem is. And then you use machine reasoning to fix a problem. >> Sorry. This is probably a stupid question, but how much data do you actually need. And how much time do you need to actually do a good job in that? That type of use case? >> What happens is you need the right data, Okay? And you're not sure where the right data is originally, which we do a lot of our expertise. It's this grass for 20 years is figuring out what the right data is and also with a lot of machine learning. We've done as well as a machine reason where we put together templates and so forth. We've basically gathered the right made for the right cause for the customer. And we refined that over time. So over time, like this venue here, the way this venue network, what it is, how it operates and so forth varies with time. We need to weigh need to refine that over time, keep it up to date and so forth. >> And when we talk about data, we're talking about tons of metadata here, right? I mean, do you see the day where there'll be more metadata than data? Yeah, it's a rhetorical question. All right, so So it's true you were hearing >> the definite zone. Lots of people learning about a building infrastructure is code. Tell us how the developer angle fits into what we've been discussing. >> Here we ask. So what happens is is part of intent based on African key parts of automation, right? And another key parts. The assurance. Well, it's what Devon it's trying to do right now by working with engineering with us and various partners are customers is putting together one of the key use cases that people have and what is code that can help them get that done. And what they're also doing is trying to the looking through the code. They're improving it, trying to instill best practice and stuff. So it's recently good po'd people can use and start building off. So we think this could be very valuable for our customers to help move into this more advanced automation and so forth. >> So architecture matters. We've touched upon it. But I want you to talk more about multi domain architectures wear Chuck Robbins. You know, talk about it. What is it? Why is it such a big deal on DH? How does it give Sisko competitive advantage? >> Think about it. I mean, my dad go being architectures. Nothing but all the components of a modern enterprise that look behind the scenes from giving access to a user or device to access for application and everything in between. Traditionally, each of these domains, like an access domain, the land domain can have 100 thousands off network know that device is. Each of these are configured General Manual to see a live my domain architectures almost teaching these various domains into one cohesive, data driven, automated programmable network. Your campus, your branch, your ran. But he doesn't and cloud with security as an integral part of it if it all. >> So it's really a customer view of an architecture isn't? Yeah, absolutely. Okay, that's good. I like that answer. I thought you're going to come out with a bunch of Cisco No mumbo jumbo in secret sauce. Now it really is you guys thinking about Okay, how would our customers need to architect there? >> But if you think about it, it's all about customer use case, for example, like we talked earlier today, we were walking everywhere on the bull's eye, in the cafe, in office and always on the goal. You're accessing your business school applications, whether it's webex salesforce dot com, 40 65. At the same time you're doing Facebook and what's happened. YouTube and other applications. Cisco has the van Domain will talk to Sisko. The domains action escalates and policies. So now you can cry tears the application that you want, which is business critical and fixing the night watchers but miss experience for you. But you want the best experience for that matter, where you are well >> on the security implications to I mean, you're basically busting down the security silos. Sort of the intent here, right? Right. Last thoughts on the show. San Diego last year. Orlando. We're in Barcelona earlier this year. >> I think it's been great so far. If you think about it in the last two years, we fill out the entire portfolio for the new access network when the cattle is 90. 100. Access points with WiFi six Switches Makes emission Campus core. Waterston, Controller Eyes for Unified Policy Data Center for Automation Analytics. Delia Spaces Business Insights Whole Access Network has been reinvented on It's a great time. >> Nice, strong summary, but John will give you the last word. >> What happens here is also everything about It says that we have 5,000 engineers have been doing this a couple years and we have a lot more in the pipe. So you're going to Seymour in six months from now Morn. Nine months and so forth. It's a very exciting time. >> Excellent. Guys. It is clear you like you say, completing the portfolio positioning for the next wave of of access. So congratulations on all the hard work I know a lot goes into it is Thank you very much for coming. All right, Keep it right there. David. Dante was stupid. And Lisa Martin is also in the house. We'll get back with the Cube. Sisqo live 2019 from San Diego.