>> From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBEconversation. >> Hi brother, this is Dave Vellante and welcome to this CUBEconversation. We're going to talk about a topic that is obviously top of mind in a lot of people situations right now, which is ensuring business continuity, business resiliency. Given this work from home pivot is something that a lot of people are focused on. Many CIOs have told us that business resiliency was way too focused on disaster recovery. And we're going to talk about this in the context of VPNs. Now I've got a love-hate with VPNs. I mean, on the one hand they provide safeguards. They give us privacy, they give us protection, everything's encrypted, but they can bring forth performance problems. There could be service quality issues, video or audio. And so the problem with VPNs is a lot of times they're a black box. You don't know what's going on inside. There are different types of VPNs, and it's actually a pretty complicated situation and with me to talk about that is Paul Barrett, the CTO of Enterprise at Netscout, Paul, good to see you. >> Great to be here. >> Yeah, so what did you see with regard to the trends that hit with COVID? Obviously there was this very rapid work from home pivot, VPNs had to be deployed for remote workers who typically would come into the office, what did you see? >> So with Netscout, we service the largest, most complex organizations, both in the US and globally. But for many of these organizations, the VPN services they provided really was for quite a small subset of their workforce. People working on the road, maybe they had a small subset of their employees working from home. And as you say, obviously, as we all understand, almost overnight, everyone's found themselves struggling to work from home. And quite frankly, most organizations VPN configurations were just never architected to deal with this kind of situation. One of the perhaps most important distinctions between the different types of VPN is whether you have a so called full VPN service or a split VPN service, because that really impacted the ability of organizations to deliver VPN. >> So what does that mean full versus split? I know there's sometimes free VPNs. You kind of get what you pay for, what does that mean, split versus full? >> So with a full VPN connection, every thing that you connect to on the internet or any business service has to go over your VPN connection. You can't make any direct connections from your PC to the internet, has to go through your enterprise network. So if you think about it, if you suddenly moved tens of thousands of employees to working from home, every single communication activity performed by those employees goes through your VPN concentrators. With a split VPN, and for example, I use a split VPN, only when I need to connect to business services that are provided over my enterprise network do I actually go directly to my enterprise network over the VPN. If I'm just going to Google or any other regular internet resource, then I get a direct connection to that internet resource. And that really takes the pressure off the VPN concentrators. >> The split VPN gives you more flexibility. I can't tell you how many times I've sent a link to somebody and say, oh, I can't open it, it's got to be my VPN blocking it. You're saying it gives you this sort of you have your cake and eat it too, the split VPN. >> Well, right, yes. It just means that to say it's only the traffic that has to go into the corporate network, goes through the corporate VPNs. What we observe is, as I say, 'cause we deal with very large organizations, particularly regulated industries, such as financial services and healthcare. There was a as just a requirement that hey, everything's got to come over the VPN. We don't want any traffic kind of leaking directly onto the internet. We want to have full control, so everything goes through our security stack. So one of the things we're sort of seeing now with three months into the COVID situation, I would say most of our customers have got through the worst of it. But a lot of them would say they're still running very hot. And those of who were previously offering full VPN, are saying, "Well, can I transition "to offering a split VPN service." But it's not a trivial thing to do because especially if you're highly regulated, you've got the compliance requirements, you've got to make sure that the traffic that has to go through your security stack does so, and that you're comfortable with any traffic that's going direct, SaaS services like Office 365, you have to make sure that you're comfortable with that traffic is going direct over the internet. So let's say it's the transition from full VPN to split it's quite a challenge and it's not trivial. >> Well, and I would imagine, I mean, if I'm the compliance officer I'm saying, "Go full VPN and I don't care if there's a restriction "and some handcuffs placed on the users." If you're a line of business head, you're saying, "Hey, I want more flexibility." So the brute force approach, it's a two edged sword. So how do you help solve that problem? I know you're focused on providing visibility, but explain where Netscout fits in the value chain. >> So yeah, everything Netscout does is about analyzing the traffic flag on networks. And we do it for helping customers ensure that the applications and services are healthy, that they're available, we have products that allow people to protect their applications against DDoS attacks, but in the case of VPN, it's really about understanding how the service is being used. If you actually look at the traffic coming on the enterprise side of your VPN concentrator, so often it's been decrypted, I can see who's accessing which business services, I can see, if for example, it's a full VPN connection, how I got users going to unimportant services like YouTube, which really isn't helping the situation. I can see whether, I might actually, 'cause typically large organizations have multiple VPN concentrators around the country and even around the globe. And you get situations where one set of the VPN concentrators are sitting there under utilized, whereas I've got another set of VPN concentrators that are sort of overwhelmed. And by getting this visibility of that kind of usage, I can actually think about getting some of my user groups to maybe use a different VPN concentrator. And as I was talking about the migration to a split VPN, having visibility of what applications are being used. Hey, I have this particular sensitive application and I need all that traffic to come through my security stack, but actually it turns out I didn't configure my split VPN correctly and it's all leaking directly over the public internet. Then I have the visibility I need to detect that kind of situation and to remedy it. >> So is the primary reason why people use Netscout in this use case really to, obviously to provide that visibility, but to make them more secure, is there a performance aspect as well in terms of what you guys are doing? >> Yeah, one of the, I would say the facets of the move to working from home is increased emphasis on services, such as unified communications, voice and video, the use of collaboration services, has greatly increased. Those types of service, particularly voice and video, they're real time services, they're very susceptible to poor network transmission. Things like latency and packets being dropped. And as I say, people working from home are becoming much more reliant on these types of service than they are when they're in an office. And so it's critical to understand whether problems with, for example, voice and video quality are arising in your own network, because for example, you've saturated your VPN concentrator or whether they're coming from your SaaS provider. So, to give an example, I find using, one of the well known collaboration services, if I've got problems in my own network and I'm introducing packet loss into my voice feeds, if I send all of this, because of already corrupted traffic to the collaboration service, and then that gets reflected to all of my other users, everyone will go, "Oh, hey, there's a problem "with the collaboration service." And you're going to waste time pointing your thing at the collaboration service provider, who let's be honest at the moment has got much better things to do than to go chasing phantom problems. When if you have visibility inside your own network, you can actually understand that, oh, hey, no, this is a problem of my own making. So I'm not going to waste cycles, pointing the finger at the other guy, I can actually get on with isolating the problem in my own network, figure out what I need to do and then remediate it. >> So Netscout, you guys are doing some dirty work. You like Navy Seals going in, and going deep into the network. So talk a little bit about the intellectual property behind this. How does it work? What's the secret sauce that Netscout brings to the table? >> So, our CEO and co-founder Anil Singhal, over 30 years ago, the company is 35 years old, he recognized the growing importance of the computer network and he recognized the need to understand what's happening on these networks. And of course now it's almost impossible to do anything without it involving a network of some kind. So, he persevered and continue to refine and refine the technology of analyzing what happens on a network, but converting that raw traffic into actionable data, we call that the data we produce, the metadata, Adaptive Service Intelligence, and we sometimes refer to it as smart data. And of course there's an emerging trend in the industry, of AIOps saying, what can I do if I start to apply machine learning algorithms to all the data that's coming out of my environment. It's like the old garbage in, garbage out, you could only perform high quality analytics if you have a high quality data source to work with. So that's really, that's always been our focus. How can we take all of that complex traffic on a network and map it to a very simple but actionable set of high quality data? >> So it always comes back to the data, doesn't it? In these types of things, but I wonder what is the diversity and variety of the data set? Is it a fairly narrow and well understood data set or are there sort of conflicting data that you also have to rationalize? >> Well, data model has multiple levels. Everything from reduce all the raw packets, and we're intelligent how we do that. We have all the parts that you really need, and we store rich data relating to individual transactions. That's very useful for troubleshooting, but what we were also able to do, is to actually for most network protocols, we actually can map it to a common data model. And that's extremely powerful because it means that in a single pane of glass, I can get insight into all of the different applications and protocols running on my network. >> So you've sort of addressed the data quality problem in that way, I wonder, I mean, as a CTO, I would imagine you spend a fair amount of time with customers, are there any sort of examples that you can give? Either, name names or anonymous, just in terms of the 100 days, how you've helped customers, some of your favorite examples, perhaps? >> Well, as I say, I mean, a lot of energy has been put into providing that visibility around VPN services because quite honestly it was never seen as a particularly critical component of the overall enterprise. It was that, as I said earlier, it was that kind of, oh, that's just something to help the guys on the road. And all of a sudden it became the most important piece. And as I said, it's also not just been about, okay, let's give sufficient visibility for you to kind of keep the wheels on the truck, it's also helping the customers about thinking forward, about planning. We talked about planning a migration, split VPN, but also thinking about their future needs. I think a lot of customers are looking to over-provision and the ones that have already transitioned to virtualized infrastructure are actually in a stronger position because they've got a lot more flexibility and ability, for example, to split up more VPN resources, or more virtual desktop resources, for example. >> And of course you mentioned that you guys deal with many types of industries, but specifically a lot of regulated industries, financial services, healthcare, government, et cetera. And so I would imagine that, that those guys really had to tap your services over the past 100 days. >> Exactly, and as we mentioned earlier, those are the organizations that are much more likely to be using full VPN and have a lot more constraints on their ability. So even if they do move to split VPN, then there's going to be limits on how much of the traffic that they can truly allow direct over the internet. >> I wonder if we could end just sort of riffing on the whole notion of digital transformation and automation. I mean, prior to COVID, we talk a lot about automation, talk about digital transformation, but the reality is a lot of it was lip service. A lot of customers or companies would really kind of prioritize other initiatives, but overnight, if you weren't digital, you couldn't transact business and automation has really become imperative. People don't seem to be afraid of it anymore, they seem to be sort of glomming onto it. And really as a productivity driver, how do you see the nation in this post-isolation economy and what are the impacts to some of your customers? >> Well, as we all understand, digital transformation is all about trying to be agile, to be able to move as fast as possible, to be able to deploy new services quickly, to respond to disruption in the marketplace and new opportunities. The only way you can really achieve that as you mentioned, is through large scale automation. But I like to make two observations about automation. Automation is very good at taking a small building block and then replicating it and deploying it, many hundreds or thousands of times over. But if you've got a bug or a defect in that building block, when you go and replicate it, you go and replicate whatever that failure moment was or that bug. So if you don't have visibility, very quickly, you can find that a very small little area that was overlooked by the quality guys has got the huge implications. The other thing about wholesale automation, and as we build these increasingly complex systems where we have machines talking to machines, largely unobserved, I'm always reminded of the stock market crash of 1987, so called Black Monday on October the 19th. And this was one of the biggest crashes ever, something like a trillion dollars was wiped off the US markets alone. And although, a lot of people said a correction was due, when we look back, we see that the thing that was different about that crash is that it was the first time we really had automated trading algorithms in play. Now, I don't believe anybody who wrote one of those algorithms was deliberately trying to crash the markets, they were trying to make money. But what no one had thought about is how all of these different algorithms by different people would interact with each other when they were pushed sort of out of their comfort zone, if you like. And I think we have a very strong analogy with digital transformation. As I say, we continue to build increasingly complex systems with machines talking to machines. So for me to operate these kinds of environments without maximum visibility, it's almost terrifying. It's like driving a racing car without a safety harness. So, visibility is absolutely key as we move towards further automation. >> That's interesting, I mean, I wasn't around in the 1920s, but my understanding was that when stock market crash hit then, depression then it took hours and hours and hours to determine, what the market actually closed at. You actually saw that in the 60s as well. And then I remember, well, 1987, there were no, for you younger people in United States, there were no real time quotes then, unless you had like a Bloomberg Terminal, which we had one, actually, I was at IDC at the time. And it took like many, many minutes to actually get a quote back. I mean, the volume was so high and the infrastructure just really wasn't there. But now to your point, you see things happening today in the stock market, Paul and they chalk it up to a computer glitch, which essentially means they have no idea what happened. And to your point about the complexity and machines to machines, if you think about AI, a lot of AI is again, back to this black box. So are you suggesting that you guys can actually provide visibility? It's solves some of that black box problem? >> Well, absolutely, what we can do is we can provide a visibility into the interactions between all of these different systems. It's amazing how often in these large complex environments, there may be dependencies that people didn't even know existed. That can be that complex. So by looking at all of the traffic flowing between all of these different systems, we can help people understand what the dependencies are. Is a particular sub-component starting to fail? Is it becoming slow? Is it generating errors? And if things do go wrong, it's about troubleshooting as fast as possible. We need to get these systems back up and running. So the ability to rapidly isolate problems and to get away from the situation where different organizations in IT are pointing the finger at each other, 'cause nobody really knows where to start. And that's kind of human nature. It's like, well, it could be my responsibility, but it could be the other guy, so I'm pointing the finger at the other guy. What we do is we provide that information that first of all, isolates the location of the problem. So we can put the correct team working on it and the other guys can get back to their day jobs. And by providing evidence of a problem, you can actually allow someone to get to the bottom of a problem much faster. >> You got to have tooling, with all this public internet, the public cloud, now with IOT, it's just going to get more and more complicated. We'll probably look back on the 2010s and say that was nothing compared to what we're entering here. But Paul, thanks so much for coming to theCUBE it was a great conversation. Really appreciate your insights. >> Thank you, I enjoyed it's my pleasure. >> All right and thank you for watching everybody. This is Dave Vellante for theCUBE, we'll see you next time. (upbeat music)