>> Announcer: From our studios in the heart of Silicon Valley, Palo Alto, California, this is a CUBE Conversation. >> Hello everyone, welcome to theCUBE Conversation here in Palo Alto, California, theCUBE Studios, I'm John Furrier, host of theCUBE, we're here with Reinhardt Quelle who's the principle engineer, Cloud Platforms and solutions Group at Cisco. Reinhardt, thanks for coming in, good to see you. >> Reinhardt: Thanks for having me. >> So, technical conversation around Cloud is something that we love having. We've seen the evolution over the past decade, Cloud 1.0, compute, storage, greenfield, cloud opportunities, great SaaS applications being built, you've built apps for over a decade, SaaS apps. >> That's right, I've been delivering applications, both to data centers and then of course, later into Cloud for a number of years. >> So you got some scar tissue. You have some successes, you've had some struggles, probably with on-prem, but the world's changed a lot and again, we've been covering this a couple years now. We saw public Cloud, all the benefits, no questions, great, you can lift and ship stuff up there, no problem, but the complexity's still there and now the trend is everything's shifting back to on-prem with Cloud. So now the hybrid model has been validated, Amazon Outpost, Anthos in Google, Azure Stack from Microsoft, clearly this mold, all the cloud vendors are telegraphing, they are doing it, this is a reality, this has been validated. >> Yeah, I think that's no surprise to those of us who've been deploying for a number of years. We've always had data centers where we're running our applications in data centers, and yes we started taking that into the Cloud, but there was always components of our infrastructure that continued to run on-prem, whether for historical reasons, for data gravity reasons, policy reasons, any number of reasons, but what we did learn was how to operate our applications differently and so for the last number of years, we've been moving a lot of the advantages of that Cloud back to on-prem. >> So I want to get your thoughts as principle engineer and look at the overall Cisco holistic portfolio of products because Cisco is a standard in the enterprise, every big company has Cisco gear at some level form of another. You've been dealing with networking for years, but now that networking becomes so much more acute issue because you still got to move packets around, another abstraction layer does networking, security, networking, all tie in to the growth area that is now this next generation of Cloud, Cloud 2.0, intelligent edge, data center on-prem, what's the Cisco story? Why Cisco, why now? What's the story? >> Well the amusing thing, of course, is the Cloud doesn't exist without networking. The very first thing when you set up an Amazon-- a compute in Amazon, you set up a virtual private network and you start deploying into that network, so it's always been true that networking is at the core of Cloud. And so the complexity that we're seeing over time is that the workloads are everywhere. The workloads aren't just in my data center and I'm not paying attention to data center networking or just cloud networking, it's connecting them together, securing them, making sure that they're fast and well managed. And so it's always been true that networking's at the core of this and as the edges get blurry, as we move workloads from one place to the other, all of the things that Cisco does are on managed networks, programmable networks, secure networks, all become even more important. >> And everything's amplified, too, in terms of its purpose. You're seeing automation is a big trend that's impacting the infrastructure and app developers. You've deployed SaaS apps within Cisco for over a decade, you've seen your share of successes and its issues but now as the data becomes critical, you got security perimeter issues are gone, and you got Surface here with industrial in IOT it's only getting more complex. So the complexity never went, but it's still complex these are the same problems. What's changed, what's the-- what's going on? >> Well so one of the things that's changed is that we've-- and this is something we can credit the Cloud providers for doing it is we've learned to treat our infrastructure in a different way. I mean the way we deploy and manage everything including networks compute, even applications. Operating the cloud demanded that we automate those things. Demanded the way, when you're managing now, fleets of thousands or tens of thousands of machines at scale in the cloud and when your call provider won't promise you that any machine won't go away at any moment you get good at replacing machines. And now we take those same tools, concepts, ways of operating that we did on the cloud and we apply them on print. Yeah, so a big part of what Cisco has been doing across our entire portfolio is ensuring that every piece of it from networking storage security is programmable and drivable through automation. >> You and I were talking before we came on camera and I wrote this down a phrase you like to use is, referring to Cisco, why Cisco is, We bring cloud innovation on-prem, what do you mean by that? >> Well really it's taking these new way of doing things, these new opportunities. Yeah, when we talk about-- we've had some funny conversations with our security guys, for example, we're historically in security we would have some policy, we would deploy applications against that policy once every six months or twelve months we would audit against that. Well one example of bringing the cloud innovation on-prem is the way you deploy that software, or deploy a new policy is via software. So auditing that is checking your code before you commit it, this says what it's going to do. Running reporting on the things that you've deployed so that you can see. So its taking these advantages of automation, and observability, and things like code review that are just normal practice in software development and apply them to infrastructure. And so, again, what Cisco is doing is making sure that all of our infrastructure can be-- can be programmed in that way, providing tools that allow us to program the things like Network Services Orchestrator or CloudCenter Suite that allow us to deploy applications or networks or whatever else as software entities . >> How about the reality of the person who's been innovating in the cloud and their reaction when they come back on prem they go, okay I've been doing this in the cloud and I turn around and I see all this. Is this the cloud innovation dynamic that you're referring to? Is it the realization that I had some innovation in the cloud, agility, automation and then trying to figure it out, or applying it, or both what's the reality when someone goes wow, I'm on-prem now, what's that innovation layer? >> Well there's several realities, depending on who you are and where you're coming from. One of my first roles at Cisco was, I was working on the Webex operation team and that-- the way we ran that operations was typical of the time it was built. And we did an acquisition that to accompany-- of a company that had been operating in Amazon and when they saw the way we that had to deploy and manage their application and infrastructure they were horrified. It's like, what do you mean I can't deploy a server in five minutes, what do you mean I can't manage the workflow in this way? So for them it was a shock and horror that they didn't have this infrastructure and that's when we deployed our first private cloud and Webex was to support that style of deployment. The flip side of that is the people who are operating those existing data centers with those existing workflows, their world changed, I mean they had to learn new ways of doing things, they had to learn new ways of managing their infrastructure, coding skills were a requirement not something that a few guys did, scripting in the background. So it was like, there's a lot of change to the people and to the way we did things but really it's a matter of bringing those, you know, bringing the cloud, bringing software development to operations, bringing software programmable to, hard programmability, to hardware. >> Yeah, I mean that's a great point. We cover that a lot on theCube, but I think one of the things you pointed out is the realization that, okay, great, new way of doing things, innovation. But as you kind of pointed out, there's a double edged sword there. The command and control of the network, which has been an old style tactic which doesn't go away, you still need to have control of certain things and on-premise, you certainly can control it on-premise, on cloud you think you control it through software, but this is the deep dive on tech conversation I want to have with you because we're talking about app deployment, Kubernetes management and the reality, I have my own gear on-site, as well as I'm maybe serverless into the cloud, this is the new reality. That you have to manage the controls. Take us through the-- those layers. App deployment, Kubernetes, and the reality of managing infrastructure on a future basis. >> Sure so, it's-- when we think about the application deployment it's very easy to kind of think about it in terms of the layers, and the programmable layers that you provide and I'll just touch--we won't go into detail on the products, but ultimately, today for an application-- someone deploying an application increasing that means push an application into Kubernetes, in other words I'm going to package my application's container, I'm going to hand it to Kubernetes through Kubernetes API and I'm going to expect Kubernetes to do the deployment and management of that. Okay, so that just makes the problem for the guy one layer below you, where's Kubernetes come from? It's like who deploys and manages Kubernetes? And so there's a number of different solutions and the public cloud you can use, you know, AKS, or Google's Kubernetes service, or Amazon's, any of these, but on-prem, where's it come from, who's going to manage it for you, who's going to create that? So Cisco's container platform is a product to deploy and manage Kubernetes to offload that from the developer, I mean, from the operations guy or the platform manager. Of course, that deployer of Kubernetes expects programmable infrastructure, how are you going to be able to deploy a VM or manage hardware that runs below that? >> Back to your innovation message. It's the innovation they want >> Well ultimately the guy wants the simple push the button and get the application deployed, that means someone has to get this layer deployed and well to get that layered deployed, what's there? So we continue to support virtualization managers, whether VMWare or our own cVim, Cisco Virtual Infrastructure Manager. All of these products its like, how do I manage this pool of hardware to provide that next layer of service? So, but in every case the programmability of the infrastructure or as far down as you can go becomes paramount, so, you know, when the guy racks a piece of hardware in the data center he doesn't want to think about how does this read card need to get configured, right? He just wants to rack it, plug it in, and then turn it over to software as quickly as possible. >> And that's the cloud innovation on-prem that you're referring to, that's making it cloud-like operations for Agility Automation, provisioning. >> Consistency, reliability, observability, give you an example of that, I mean when we, when we were talking originally when we were starting these cloud deployments and we had this conversation with Infosac about which application lives in which zone and how do you manage that? And we were like, well the zoning processes that's used in the past don't apply anymore. The way we manage that thing is with security groups, and the security groups are created this way. Here's the software, here's the software. When I'm talking software, I'm talking about configuration and scripts in this case, Ansible, Chef, Puppet whatever, that generate those security groups that generate those rules and it's like, it changes the way the security guy interacts with your team. It's no longer, file a ticket to review your app and app deployment and have a new ticket to do a deployment, it's something that they can do in real time. We're talking about moving these processes left, you know, moving that audit to the system all the way back into the software development stage and then giving the tools to verify that afterwards. And their eyes literally popped open, it was like, you mean at any moment at any time I can say show groups and see what the security posture is right now. And it's like, yes! An that's what sold them on letting us behave in this new way, was the ability to audit in realtime. >> Yeah, and this is a major advantage. This brings up the question that comes us all the time, and I want to get your thoughts on this because this shapes into the overall cloud architecture, cloud portfolio, and in this case with Cisco products is workload portability. It used to be, oh the one way trip to the cloud, not anymore, it's not a one way trip to the cloud, it's now bi-directionally on-premise, been validated by LPOST, Anthos, and Azure Stack, this is going to be an operating model to your point about the cloud innovation now workload portability, I think that's been validated so I think we recognize, the industry recognizes that it's not just public cloud everywhere, it's hybrid. This has been validated. You agree. >> Absolutely we-- there were many things that we never did move to the cloud, never would move to the cloud. Whether it's for policy reasons, or the quantity of data that we had, or systems that weren't available on the cloud, for example DevTest Labs, that have soundproof rooms, it's all audio equipment. We sell phones, we have to test those phones, those aren't ever going to be on the cloud, they're going to be in their soundproof rooms so we can test the audio pairing. There's stuff like that that always lives unrolled. There's a myriad of-- >> Compliance resources also requires-- >> Compliance things, whether its a FedRAMP compliance, this data has to be in this country, well US in that case, European privacy things. It could be-- I was talking to one bank a number of years ago now that worked-- we're deploying, we're talking about deploying Kubernetes from, it's like what applications are you deploying? Why do they need to be here, well, they're building-- they've got a mobile first application they want to use all the latest and greatest ways to build and deploy that application. But the data that that application is accessing is in the mainframe. It hasn't moved in ten years, twenty years, it's not going to move anytime soon. So you put the application next to the data that it needs. An IoT, it might be control devices, or video devices, or any number of things that's like, I think there's a trend overall, it's less about workload portability for a lot of people or being able to move workloads, it's saying, where's the best place for this particular workload to run, and so then provide the appropriate infrastructure to run that workload. And that's where we get back to saying, wait a minute I want to use containerization, I want to use orchestration systems, I want to use all these modern tools for doing this, but still put the workload where it needs to be. >> That is a profound statement, I want to just quickly unpack that a little bit because that really is the heart of the issue, cloud innovation. The workloads are going to be defining the requirements it needs, whether it's cloud selection or where it resides on-prem with what resources underneath it. That's not saying a company has to decide that because of that workload that the entire company has to use that 'cause the choices now because of the levels or granularity that cloud brings, the applications can get almost custom built or-- well not custom built but a specific hardware and compute to serve their needs. So if its a-- you're soul sourcing a set of resources for the workload. That's not saying that the infrastructure has to be that for everything, it's just the whole single cloud versus multi cloud dynamic. >> Yeah I mean, in fact, one of the things we're seeing more and more in our customers is, like, they don't have one cloud, they have multiple clouds, for multiple purposes. On-prem there's not one big private cloud that runs everything, there's lots of Kubernetes clusters and one of the things that a product like CCP does is allow you to deploy and manage multiple Kubernetes clusters for multiple purposes. Multiple problem domains, multiple political domains, financial domains, who's paying for this thing? Well, it's easy if you just buy the servers that are appropriate to your department and you run it. You still get to take advantage of all the way you deploy and package and run these applications, which is just hands down better than we ever did before. And that's some of the innovation we have. Now once you start doing this, once you start deploying these applications in multiple places, in multiple-- well, where are your security borders, where are your perimeters, how do you secure any of this, how do you connect all this stuff? How do you visualize all this stuff? And so, as you look at our products from, you know, we talked a little bit about the infrastructure pieces of that, you know the, Kubernetes deploying to an infrastructure manager, deploying ultimately to hardware, every layer of that. You know, UCS and CVIM and CCP, all of those layers are there and programmable. Okay, now we're deploying workloads, now I've got to connect the things together, how do I monitor it, how do I-- and so that's why you see products like Stealthwatch Cloud, and AppD, and the other applications to do monitoring and security across a now fully distributed application. >> You know, sometimes it's hard for me as a cube host to kind of get the story out about certain trends, especially when big players like Cisco, a lot of people know that I'm pretty bullish on Cisco, I've been very vocal about the Cisco opportunity with respect to cloud and critical, by the way in some areas and I think I would probably advise certain things to be certain ways. But one of the things, I think, is a great opportunity that you guys have, and you're kind of getting at, I want to just get your reaction and thoughts on this, is that what you're talking about here is an environment that's going to be constantly dynamic. That's constantly changing. And being complex is not going away, abstracting away the complexity is the game. But Cisco has always been successful in multi environments, different environments because networking has always been about diversity of networks. Campus this, and SD-- so it's not a new concept for Cisco to deal with this concept of multiple environments. Do you agree with that? What's your reaction to that? How would you answer that? Is that something you think Cisco's dominating in? Is that reason why Cisco is serving all these choices? What's your thoughts on that? >> I would have to say that overall the integrating lots of disparate things. Connecting lots of disparate things is in Cisco's DNA, I mean from our original routers and switches at the very beginning it was always multiple things connected to each other often multi-vendor working across standards and across standard things. When we talk about Kubernetes we're not talking about the Cisco Kubernetes we're talking about Kubernetes, the real thing, the actual Kubernetes, we're talking about-- and we're talking about ceiling, we're talking about openstack a standard, we're talking about-- so across all these boards connecting and integrating disparate things, is kind of what Cisco does. >> And so if you're deploying applications you've done that and certainly your customers are, they're never going to have one general purpose situations that's going to be scenarios, right? And certain things will be guiding principles, some will be governors that will then dictate things that might not be classic cloud native. Can you talk about that and give some examples why that's important and the reality of the statement. >> Yeah so, just use one example of an application, Webex teams our enterprise chat application, for example, that is your classic microservices modern cloud native application. There are three ways of deploying applications in that platform that are appropriate for the three different things. We got the services themselves, the media bridges, or the switching engines that runs these containers in a container orchestration fabric. There's the VM base things that are things like media bridges that don't run in containers very well, not because of the problem with the containers, but because of the overlay networks the containers bring with it and the way you route data to those. And we got physical machines. Now when we're actually running certain things on physical machines and so all of these exist in any kind of, even a brand new modern application so even within a single product family there's not one true way of doing things, what's the appropriate way to deploy this application. What's the right deployment target for this thing and how do I connect these things. >> You measure InfoSec so politics might be a driver that have nothing to do with technology, could be a human capital, resource issue, it could be something scalable. >> And the politics or even or can be even these temporal things, it's like, look I can spend, you know, three weeks trying to convince an InfoSec to do things in a particular way or it can just deploy somewhere where it makes them happy and move on, move on to the next problem and then later when they catch up with the way we're doing things, we may move it later. The other thing about timing on all this is the story is changing constantly when we deployed that application, we did not use Docker containers. And everybody says, why aren't you using Docker? Because Docker didn't exist three years ago! It's like the decisions we were making at that time are changing ever more rapidly. And the reality for our enterprise customers is that you don't just forklift one and then replace it with another one, you tend to manage them all in parallel even as you're making transitions, you know, eventually you kind of get rid of the old stuff, maybe, the mainframe still exists >> Mhmm. >> But in general for most of our enterprise customers it's not and or it's not on-prem or on the cloud, it's not containers or visible machines, its and, I'm running all of the above. >> And to your point about the docker not being around when you guys were doing that, that's going to be a concept that's going to be applied down the road, hey that wasn't around when we set the architecture, so as an enterprise, your customers that you talk to, what is the guiding principle? What is the preferred architecture? Again, a lot of choices you guys are trying to make your portfolio fit the bill. What are some of the decisions they have to make? So, to future-proof because they don't want to foreclose an opportunity and or create technical debt for that matter. Why would they do that? So they kind of have to be holistic in their thinking. >> Yeah, future proof is always-- is a funny concept because the reality is, that the... The way you do things will change. You didn't make something that was future proof, you built an environment that allowed you to do this way and that way. So if you take a look at the way we deployed, for example, our infrastructure in general we start with the UCS substrate, we can run Oracle on bare-metal on those things when we need to. We can run virtualization on top of that, and run a layer of vms on top of that. We can run containers, now I've got choices. Common substrate, common way of managing those things but at least three different ways of deploying on those. So ultimately we're looking for standard practices that enables me to have to do the and to where I can run things side by side and can connect things, I can secure things over the top but run all of the above. And it's really a matter of building things that have kind of clean our connectural layers where one thing consumes the other and then be able to mix and match and plug them together Lego style as it were. >> This a great chat, and really reminds me of the conversations that we'll be having here in theCube. We've been doing a series with engineering leaders and you know, you mentioned foreclose in the future, future proofing which is kind of a buzz word. The conversation happening in the technical circles is about technical debt and I think, you know, I've always seen that enterprise you know, cost of ownership, you know, and the shark fin, the iceberg and what you don't see. Certainly that's been a paradigm that's been known but now you're getting into this notion of not just so much future proofing, it's really the balance of technical debt because you know something new is coming. This is a modern concept that takes costs of ownership and future proofing and kind of puts it to reality because you're essentially taking on some sort of technical debting from point A to point B, but you don't want to take on too much that you can't pay it back if new technology comes in. So this is what's been going on in some of the you know, top customers that we've been talking to. A new management concept, this is kind of a modern new management discipline. Your thoughts and reaction to that? >> So there's at least two different vectors that talk about on it. So, one of the things is, how do I take these older applications, these older ways of managing things and incrementally improve them. Because we can actually make it-- it is easier today to deploy a process running on a machine than it ever was before. Five years ago I would have a ticket, some guy would go and then install software manually, today we don't do that, we use configuration management, puppet and chefs, ansible, etc. We improve the way I do those things incrementally rather than just forklift them. I'm not rewriting these applications and saying okay, we're going to make these into cloud native applications and microservices and bla, bla, bla and replatform them. No I incrementally improve the way I operate that thing. Even if its just deploying the hardware more consistently underneath or improving this layer. So I incrementally reduce my debt by applying, again, deploying some of these new cloud... Cloud innovations, they're grown out of the cloud to the existing ways of doing things. But the other point I'll make on a lot of this, is that, certainly for our team, and for a lot of the customers I talk about we don't just arbitrarily go and replatform things, right? It's like if the thing is working, let it continue to work. Don't deploy the new thing alongside it. You know, we're more concerned about delivering new features, new capabilities, new things. And we do that, and we concentrate our efforts and our engineering efforts on that and not constantly rewriting the past. >> A container can certainly help you there too. >> Absolutely. Containers are beautiful tool for that, for encapsulating dependencies around a thing. And so you'll find in many cases we have applications that are not ready to deploy to run in Kubernetes with a schedule that's going to move it around but I can still take advantage of the container packaging and run it on a physical box with a normal Linux operating system and containerize it. So it's usually valuable. >> Reinhardt, I want to get your thoughts on one last talking track, that is relevant to something that we've been covering. Stu Miniman, co-host of theCube with me on many of these events around networking, we both love networking, both networking nerds. Always joke about how networking is where you go to find out about the state of the industry is. Look at what's going on with the network. Because network ultimately tells the truth. Movin' things around, security people go to the network. You start to see, everything's revolving around the network now, more than ever. I mean, still, it's been that way forever. But you made a comment before we went on camera you said, just adding another layer of networking. If you think about what you just said, the networking paradigm is just kind of slowly moving to another layer. So networking is happening, it's just happening differently. So as the dev ops innovations in the cloud happens it's really a network innovation. 'cause security pivots off the network data used applications, instrumentations, on the network data, everything's around networks. >> It's intrinsically tied. In the past we had a machine, a physical machine had a network interface, singular, and a network identity an address. VMs, multiple network interfaces, multiple on every VM. Kubernetes, an IP address per application, right? And it's like the networking space is exploding as we move up. And yes, we now have a network connectivity and management problem that's over of magnitudes more complicated than it was before because now, individual workloads have IP addresses. And by the way I'm deploying workloads in multiples. I don't run a single application, I run a pool of applications, each one has an address. And so yeah networking is-- continues to be intrinsic and it just moves up. >> And it's fascinating too, you know, we always speculate about looking for that new technology, the new protocol, something new, the shiny new toy. But if you think about it, all the science and intellectual property has been built already. It's usually a combination of a couple different things. In network theory, in network management, the concepts are still around. It's being applied differently now. >> Or sliced into smaller, you know, smaller, the bites are smaller that you're dealing with, right? Everything has an IP address, we got thousands of IP addresses now that we're managing. Having IP address management problems, we have other things to manage now. >> The game is still the same. >> The game is still the same, it's still TCP IP networking. >> So final question, bottom line, why Cisco and the cloud networking as it comes together? As this stuff starts to modernize, hybrid is certainly reality hardcore, as people are doing today. Multi cloud is also another reality right around the corner. Why Cisco? Why Cisco's products and portfolios for the cloud? >> Well fundamentally, as we said earlier, the cloud has a networking problem. Networking underpins everything that we do. The networking, from physical networking the compute has to run on something. So networking, compute, orchestration systems for all of that, security that overlays all of that. I think Cisco uniquely has all of the components that it takes to build a modern infrastructure stack, and in fact deploy applications to that. I think, the breath of knowledge and capabilities Cisco has across those is unique. And then, also, I would say, Cisco's experience. We have many-- several of the world's largest SaaS applications in the Cisco family. Things like umbrella, DNS security, or Webex, web conferencing, we also have deep expertise in running applications and that's within the Cisco domain of expertise. >> Certainly in good position, I really I'm really bull-ish on what you guys can do. I think the network is where the trust is, it's where the data is, that's where the action is, and I think that's the cloud 2.0 equation. Thanks for coming in. Thanks for the insight. Reinhardt Quelle, principle engineer, Cloud Platforms of Cisco here sharing his insight on this Cube conversation. I'm John Furrier, thanks for watching. (upbeat music)

>> Announcer: Live from San Diego, California it's The Cube! Covering Cisco Live US 2019. Brought to you by Cisco and it's ecosystem partners. >> Welcome back to The Cube's coverage of Cisco Live Day 2 from sunny San Diego. I'm Lisa Martin joined by Dave Vallante. Dave and I have an alumni, a Cube alumni back with us, Jeff Moncrief, consulting systems engineer from Cisco. Jeff, welcome back! >> Thank you very much, it's great to be back! >> So, we're in the DevNet Zone, loads of buzz going on behind us. This community is nearly 600,000 strong. We want to talk with you about Stealthwatch. You did a very interesting talk yesterday. You said, it had a couple hundred folks in there. War stories from real networks. War stories ... strong descriptor. Talk to us about what that means, what some of those war stories are, and how Stealthwatch can help customers learn from that and eradicate those. >> So it's called Saved by Stealthwatch. It was a really good session. This is the third Cisco Live that I've presented this session at. And it's really just stories from actual customer networks where I've actually deployed Stealthwatch into. I've been selling Stealthwatch for about five years now. And I've compiled quite a list of stories, right? And it really ... if you think about advanced threats and insider threats and those kinds of exciting things, the presentation was really about getting back to fundamentals. Getting back to the fact that in all these years that I've been working with customers and using Stealthwatch, a lot of the scary things that I have found have nothing to do with that. With the advanced type threat stuff. It really has to do with the fact that they're forgetting the basics. Their firewalls are wide open, their networks are flat. Their segmentation boundaries aren't being adhered to. So it's allowed us to come in and expose a lot of scary things that were going on and they were just completely oblivious to it. >> Why are those gaps there? Is it because of a change management issue? Technology's moving so quickly? Lack of automation? >> Yeah, I think there's a couple reasons that I've seen. It's a recurring theme really. Limited resources ... number one. Number two, limited budgets, so your priorities have to shift. But I think a big one that I've seen a lot is turnover and attrition. A lot of times we'll go in with Stealthwatch and we'll kick off an evaluation or whatnot and the customer will say, I just don't know what's there. I don't know if I have 100 machines that need visibility or for a thousand. And I'm a Stealthwatch cloud consulting systems engineer so the cloud world is where I spend a lot of my time now and what I'm seeing as it relates to the cloud realm is that's exponentially worse now. Because now you've got things like devops and shadow IT that are all playing in the customer's public cloud environment deploying workloads, deploying instances and building things that the security team has no awareness of. So there's a lot of things that are living and breathing on the network that they just don't know about. >> And so the tribal knowledge leaves the building, how do you guys help solve that problem? >> So we come in ... and you know the last time that you and I spoke, you used the term cockroaches, I think, which I loved. I actually have used that a lot since then, so thank you for that. >> Dave: Yeah, you're welcome. >> No, but, you know ... we come in and we actually, we turn the customer's network infrastructure ... Whether it's on-prem or in the public cloud into a giant security sensor grid. And we leverage something called NetFlow, which you've probably heard of. And it's essentially allowing us to account for every conversation throughout the entire infrastructure, whether or not it's on-prem or in the public cloud or maybe even in a private cloud. We've got you covered in that area. And it allows us to expose every one of those living, breathing things. And then we can just query the system. So think of us like a giant network DVR on steroids. We see everything, you can't hide from us, because we're using the network to look at everything. And then we can just set little trip wires up. And that's kind of what I go into in my presentation also is how you can set these trip wires ahead of time to find things that are going on that you just didn't know about and frankly, they're probably going to scare ya. >> One of the stories that you shared in your talk yesterday. You talk about people really forgetting the basics. A university that had a vending machine breach. You just think, a vending machine in a cafeteria? >> Jeff: That's right. >> Really? Tell us about that. What kind of data was exposed from a vending machine? >> So that's one of my favorite stories to tell. We had gone in and we'd installed Stealthwatch at a small university in the US. And they had a very small team. Okay, you're going to see that recurring theme. Limited staff. And they really just had a firewall. Okay, that was what they were doing for security. So we came in, we enabled NetFlow, we kind of let Stealthwatch do it's thing for a couple of days, and I just queried the system. Okay, it's not rocket science, it's not AI a lot of times, it's really the fundamentals. And I just said, tell me anything talking on remote desktop protocols inside the network out to the internet. And lo and behold, there was one IP address that had communication from it to every bad country you can imagine ... actively. And I said to them ... I said, what is this IP address? What's it doing? And that was in the conference room in the university with their staff and the guy looked it up in the asset inventory system, and he looked at me and he goes, that's a vending machine. And I said, a vending machine? And he said, yeah. And then I was like, okay, well that's a first, I've never heard of that before. And he goes wait a minute, it's a dirty tray return machine. You ever heard of one of those? >> Lisa: No. >> I hadn't either. >> Lisa: Explain. >> So for loss prevention, I guess universities and other public institutions, they will buy these unique vending machines that are designed for loss prevention. So that the college students don't go around and you know, steal or throw away the trays from the cafeteria. You have to return the tray to get a coin. There's a common supermarket chain that does the same thing with their shopping carts. And it's for loss prevention. So I said, okay, that's pretty strange. Even stranger than just vending machine. And I said, well did you realize that it was talking to a remote desktop all over the world? And he said no. And I said so, can you tell me what it has access to? So he looked it up in the firewall manager right there and he said, it has access to the entire network. Flat network, no segmentation. No telling how long this had been going on, and we exposed it. >> And Stealthwatch exposes those gaps with just kind of old school knock on the door. >> Yeah, it really is. We're talking about fundamental network telemetry that we're gathering off the route switch infrastructure itself. You know, obviously, we're at Cisco Live, we work really well with Cisco gear. Cisco actually invented NetFlow about 20 years ago. And we leveraged that to give visibility footprint that allow us to expose things like the vending machine. I've found hospital x-ray machines that were scanning all the US military, for instance. I find things in the cloud that are just completely wide open from a security ACL standpoint. So we've got that fundamental level of visibility with Stealthwatch, and then we kick in some really cool machine learning and statistical analytics and machine running analytics and that allows us to look for anomalies that would be indicators of compromise. So we're taking that visibility footprint and we're taking it to that next level looking for threats that might be in the customer's environment. >> So before we get to the machine intelligence, I presume that cloud and containers only makes this problem worse. What are you seeing in the field? How are you dealing with that? >> So we're in a landscape today where we've got a lot of customers that might be cloud averse. But we've also got a lot of customers that are on the wide other side of that spectrum and they're very cloud progressive. And a lot of them are doing things like server-less micro services, containers and, when you think of containers you think of container orchestration ... kubernetes. So Stealthwatch Cloud is actually in that realm right now today, able to protect and illuminate those environments. That's really the Wild West right now, is trying to protect those very abstract server-less and containerized environments but yeah, we come in, we are able to deploy inside kubernetes clusters or AWS or azure or GCP, and tell the Stealthwatch story in those environments, find segmentation violations, find firewall holes just like we would on premise, and then look for anomalies that would be interesting. >> So the security paradigm for those three you mentioned, those three cloud vendors, and you're on-prem, and maybe even some of your partners, is a lot of variability there. How should customers deal with maintaining the edicts of the organization and sort of busting down those silos? >> Yeah, so you think about like Stealthwatch Cloud which is the product that I'm a CSE for, we're really focusing on automation, high efficacy and accuracy. All right, we're not going to be triggering hundreds or thousands of alerts whenever you plug us in. It's going to further bog down a limited team. They've got limited time and they have to change their priorities constantly. This solution is designed to work immediately out of the box quickly deploy within a matter of hours. It's all SAAS based so actually it lives in the cloud. And it really takes that burden off of the organization of having to go and set a bunch of policies and trip wires and alerts. It does it automatically. It's going to let you know when you need to take a look at it so that you can focus on your other priorities. >> So curious where your conversations are within an organization - whether it's a hospital, or a university when what you're finding is in this multi-cloud world that we live in where there's attrition and all of these other factors contributing to organizations that don't know what they have with multi-cloud edge comes this very amorphous perimeter, right? Where are those conversations because if data is the lifeblood of an organization, if it's not secure and protected, if it's exposed there's a waterfall of problems that could come with that. So is this being elevated into the C-Suite of an organization? How do you start those conversations? >> So it's not just the C-Suite and the executive type structure that we're having to talk to now, traditionally we would go in with the Stealthwatch opportunity and talk to the teams in the organization it's going to be the InfoSec team, right? As we move to the cloud though, we're talking about a whole bunch of different teams. You've got the InfoSec team, you've got the network operations team now, they're deploying those workloads. The big one though that we've really got to think about and what we've really got to educate our customers on is the Dev Ops teams. Because the Dev Ops teams, they're really the ones that are deploying those cloud workloads now. You've got to think about ... they've got API access, they've got direct console login access. So you've got multiple different entry points now into all these different heterogeneous environments. And a lot of times, we'll go in and we'll turn on Stealthwatch and we show the organization, yeah, you knew that Dev Ops was in the VPC's deploying things, but you didn't know the extent that they were deploying them. >> Lights up like a Christmas tree? >> Yeah, lights up like a Christmas tree and like a conversation I had last week with a customer. I asked them, I said, all right so you're in AWS, are we talking do you have 50 instances or do you have 500? He said, I have no idea. Because I'm not the one deploying these instances. I'm just lucky enough to get permission to have access to them to let you plug your stuff in to show me what's going on in that environment. But yet they're in charge of securing that data. So it's quite frightening. >> So you've got discovery, you've got ways to expose the gaps, and then you're obviously advising on remediation activity. And you're also bringing in machine intelligence. So what's the endgame there? Is it automation? Is it systems of agency where the machine is actually taking action? Can you explain that? So when the statistical analysis comes in and the anomaly detection comes in, it's really that network DVR, so we've got the data, now let's do some really cool things with it. And that's where we're in actually, for every single one of these entities, and I do stress entities because the days of operating systems and IP addresses are going away. Face it, it's happening. Things are becoming more and more abstract. You know, API keys, user accounts, lambda's and runtime compute, we have to think about those. So what we do for all these different entities is we build a model for each one of these, and that model, that's where all the math and the AI comes in. We're going to learn Known Good for it. Who do they talk to? How much data's sent or received? And then we start looking for activity in that infrastructure as it relates to that entity that's outside of that Known Good model. So that would be the anomaly detection and you know, our anomaly detection, it really can be attributed to two different major categories. Number one is going to be, we're looking for things that cross the cyber kill chain. So those different IOC's as a threat actually manifests. That's what the anomaly detection's doing. And then we're also looking for just straight compliance and configuration violations in the customer's cloud infrastructure, for instance, that would just be a flat out security risk today, day one, forget base lining anomaly detection, it should just not be configured that way. >> Let's see, roughly 25% of Cisco's revenue is in services, what role does the customer service team play in all this? How do you interact ... how do the product guys and the service guys work together? >> So we've got a great customer experience team, customer services team for Stealthwatch and it doesn't matter if we're talking Stealthwatch on-premise or the Stealthwatch cloud, they cover both. And what will happen is we'll come in from a pre-sales standpoint, we do the evaluation, show good value, and then we've got a good relationship with the CX team where we'll hand that off to them, and then we'll work with the CX team to make sure that customer is good to go, they're taken care of, and it's not we've sold this and we're just going to forget you type scenario. They do a good job of coming in, they make sure that the customer's needs are met, any feature requests that they like taken care of. You know, they have routine touchpoints with the customers and they make sure that the product, for all intents and purposes, doesn't lose interest or visibility in the customer's environment. That they're using it, they're getting good value out of it, and we're going to build a relationship. I call it cradle to grave. We're going to be with that customer cradle to grave. >> Now Jeff, one of the things I didn't talk to you about at Google Next was ... first I got to ask you, you're a security guy, right? Have you always been a security guy? >> Yeah, security for about 20 years now, dating back to internet security systems. >> The question I often ask security guys is who's your favorite superhero? >> My favorite superhero ... I'd say Batman. >> Dave: Batman? >> Yeah. >> I like Batman. (chuckles) The reason I ask is that somebody told me one time that true security guys, they love superheroes because they grew up kind of wanting to save the world and protect the innocent. So ... just had to ask. >> Yeah there you go .. Batman. >> I'm sensing a tattoo coming. Last question for you Jeff is in terms of time to business impact, the vending machine story is just so polarizing because it's such a shocking massive exposure point, did they ever discover how long it had been open and in terms of being able to remedy that, how quickly can Stealthwatch come in, identify these- >> So very quick operation wise. So like the vending machine story, that's something that if you turn on Flow, and you send it to Stealthwatch right now, we can pick that up in 10 minutes. That quick to visibility and value. Now how long has it been going on? A lot of times they can't answer that question because they've never had anything to illuminate that to begin with. But moving forward, now they've got a forensic incident response audit trail capability with Stealthwatch which is actually a pretty common use case. Especially if you think about things like PCI that have got auto requirements and whatnot. A lot of organizations if they're not using a Flow based security analytics tool, they can't always meet those audit and forensic requirements. So at least from the point of installing Stealthwatch they'll be good to go from that point forward. >> So if they can find an anomaly that needs to be rectified in 10 minutes, what's the next step for them to actually completely close that gap? >> So like with Cisco Identity Services engine, we've got a great integration there where we can actually take action, shut off that machine instantly. We can shut off a switch port. We can isolate that machine to an isolated sandboxed VLAN, get it off the network, and then in the cloud, we can do things like automated remediation. We can use things like Amazon and Lambda to actually shut off an instance that might be compromised. We can actually use Lambda's to insert firewall rules. So if we find a hole, we can plug it. Very easily, automated- >> Ship a function to it and plug a hole. >> Batman slash detective. I think you need a tattoo and a badge. >> I can work on that, I like it. >> Jeff thank you so much for joining Dave and me on The Cube this afternoon. >> My pleasure. >> Really interesting stuff, we appreciate your time. >> Absolutely. >> For Dave Vallante, I'm Lisa Martin. You're watching The Cube's second day of coverage of Cisco Live from San Diego. Thanks for watching. (upbeat music)

(upbeat jazz music) >> Woman: From our studio's, in the heart of Silicon Valley Palo Alto California this is a CUBE conversation. >> John: Hello and welcome to this CUBE conversation here, exclusive coverage of Google Next 2019. I'm John Furrier, host of theCUBE. Big Google Cisco news, we're here with KD who's the vice president of the data center for compute for Cisco and Kip Compton, senior vice president of Cloud Platform and Solutions Group. Guys, welcome to this exclusive CUBE conversation. Thanks for spending the time. >> KD: Great to be here. >> So Google Next, obviously, showing the way that enterprises are now quickly moving to the cloud. Not just moving to the cloud, the cloud is part of the plan for the enterprise. Google Cloud clearly coming out with a whole new set of systems, set of software, set of relationships. Google Anthos is the big story, the platform. You guys have had a relationship previously announced with Google, your role in joint an engineering integrations. Talk about the relationship with Cisco and Google. What's the news? What's the big deal here? >> Kip: Yeah, no we're really excited. I mean as you mentioned, we've been working with Google Cloud since 2017 on hybrid and Multicloud Kubernetes technologies. We're really excited about what we're able to announce today, with Google Cloud, around Google Cloud's new Anthos system. And we're gonna be doing a lot of different integrations that really bring a lot of what we've learned through our joint work with them over the last few years, and we think that the degree of integration across our Data Center Portfolio and also our Networking and Security Portfolios, ultimately give customers one of the most secure and flexible Multicloud and hybrid architectures. >> One of the things we're seeing in the market place, I want to get your reactions to this Kip because I think this speaks to what's going on here at Google Next and the industry, is that the company's that actually get on the Cloud wave truly, not just say they're doing Cloud, but ride the wave of the enterprise Cloud, which is here. Multicloud is big conversation. Hybrids and implementation of that. Cloud is big part of it, the data center certainly isn't going away. Seeing a whole new huge wave. You guys have been big behind this at Cisco. You saw what the results are with Microsoft. Their stock has gone from where it was really low to really high because they were committed to the Cloud. How committed is Cisco to this Cloud Wave, what specifically are you guys bringing to the table for Enterprises? >> Oh we're very committed. We see it as the seminal IT transformation of our time, and clearly on of the most important topics in our discussions with CIO's across our customer base. And what we're seeing is, really not as much enterprises moving to the Cloud as much as enterprises extending or expanding into the Cloud. And their on-prem infrastructures, including our data centers as you mentioned, certainly aren't going away, and their really looking to incorporate Cloud into a complete system that enables them to run their business and their looking for agility and speed to deliver new experiences to their employees and to their customers. So we're really excited about that and we think sorta this Multicloud approaches is absolutely critical and its one of the things that Google Cloud and Cisco are aligned on. >> I'd like to get this couple talk tracks. One is the application area of Multicloud and Hybrid but first lets unpack the news of what's going on with Cisco and Google. Obviously Anthos is the new system, essentially its just the Cloud platform but that's what they're calling it, Googles anthem. How is Cisco integrating into this? Cause you guys had great integration points before Containers was a big bet that you guys had made. >> Kip: That's right. >> You certainly have, under the covers we learned at Cisco Live in Barcelona around what's going on with HyperFlex and ACI program ability, DevNet developer program going on. So good stuff going on at Cisco. What does this connect in with Google because ya got containers, you guys have been very full throttle on Kubernetes. Containers, Kubernetes, where does this all fit? How should your customers understand the relationship of how Cisco fits with Google Cloud? What's the integration? >> So let me start with, and backing it with the higher level, right? Philosophically we've been talking about Multicloud for a long time. And Google has a very different and unique view of how Cloud should be architected. They've gone 'round the open source Kubernetes Path. They've embraced Multicloud much more so then we would've expected. That's the underpinning of the relationship. Now you bring to that our deep expertise with serving Enterprise IT and our knowledge of what Enterprise IT really needs to productize some of these innovations that are born elsewhere. You get those two ingredients together and you have a powerful solution that democratizes some of the innovations that's born in the Cloud or born elsewhere. So what we've done here with Anthos, with Google HyperFlex, oh with Cisco's HyperFlex, with our Security Portfolio, our Networking Portfolio is created a mechanism for Enterprise ID to serve their constituent developers who are wanting to embrace Containers, readily packaged and easily consumable solution that they can deploy really easily. >> One of the things we're hearing is that this, the difference between moving to the Cloud versus expanding to and with the Cloud, and two kind of areas pop up. Operational's, operations, and developers. >> Kip: Yep. >> People that operate IT mention IT Democratizing IT, certainly with automation scale Cloud's a great win there. But you gotta operate it at that level at the same time serve developers, so it seems that we're hearing from customers its complicated, you got open source, you got developers who are pushing code everyday, and then you gotta run it over and over networks which have security challenges that you need to be managing everyday. Its a hardcore op's problem meets frictionalist development. >> Yeah so lets talk about both of these pieces. What do developers want? They want the latest framework. They want to embrace some of the new, the latest and greatest libraries out there. They want to get on the cutting edge of the stuff. Its great to experiment with open source, its really really hard to productize it. That's what we're bringing to the table here. With Anthos delivering a manage service with Cisco's deep expertise and taking complex technologies, packaging it, creating validated architectures that can work in an enterprise, it takes that complexity out of it. Secondly when you have a enterprise ID operator, lets talk about the complexities there, right? You've gotta tame this wild wild west of open source. You can't have drops every day. You can't have things changing every, you need a certain level of predictability. You need the infrastructure to slot in to a management framework that exists in the dollar center. It needs to slot into a sparing mechanism, to a workflow that exists. On top of that, you've got security and networking on multiple levels right? You've got physical networking, you've got container networking, you've got software define networking, you've got application level networking. Each layer has complexity around policy and intent that needs to marry across those layers. Well, you could try to stitch it together with products from different vendors but its gonna be a hot stinking mess pretty soon. Driving consistency dry across those layers from a vendor who can work in the data center, who can work across the layers of networking, who can work with security, we've got that product set. Between ACI Stealthwatch Cloud providing the security and networking pieces, our container networking expertise, HyperFlex as a hyper converge infrastructure appliance that can be delivered to IT, stood up, its scale out, its easy to deploy. Provides the underpinning for running Anthos and then, now you've got a smooth simple solution that IT can take to its developer and say Hey you know what? You wanna do containers? I've got a solution for you. >> And I think one of the things that's great about that is, you know just as enterprise's are extending into the Cloud so is Cisco. So a lot of the capabilities that KD was just talking about are things that we can deliver for our customers in our data centers but then also in the Cloud. With things like ACI Anywhere. Bringing that ACI Policy framework that they have on-prem into the Cloud, and across multiple Clouds that they get that consistency. The same with Stealthwatch Cloud. We can give them a common security model across their on-prem workloads and multiple public Cloud workload areas. So, we think its a great compliment to what Google's doing with Anthos and that's one of the reasons that we're partners. >> Kip I want to get your thoughts on this, because one of the things we've seen over the past years is that Public Cloud was a great green field, people, you know born in the Cloud no problem. (Kip laughs) And Enterprise would want to put workloads in the Cloud and kind of eliminate some of the compute pieces and some benefits that they could put in the cloud have been great. But the data center never went away, and they're a large enterprise. It's never going away. >> Kip: Yep. >> As we're seeing. But its changing. How should your customers be thinking about the evolution of the data center? Because certainly computes become commodity, okay need some Cloud from compute. Google's got some stuff there, but the network still needs to move packets around. You still got to store stuff, you still need security. They may not be a perimeter, but you still have the nuts and bolts of networking, software, these roles need to be taking place, how should these customers be thinking about Cloud, compute, integration on data primus? >> That is a great point and what we've seen is actually Cloud makes the network even more important, right? So when you have workloads and staff services in the Cloud that you rely on for your business suddenly the reliability and the performance and latency of your networks more important in many ways than it was before, and so that's something any of our customers have seen, its driving a lot of interest and offerings like SD-WAN from Cisco. But to your point on the data center side, we're seeing people modernize their data centers, and their looking to take a lot of the simplicity and agility that they see in a Public Cloud and bring it home, if you will, into the data center. Cause there are lots of reasons why data centers aren't going away. And I think that's one of the reasons we're seeing HyperFlex take off so much is it really simplifies multiple different layers and actually multiple different types of technology, storage, compute, and networking together into a sort of a very simple solution that gives them that agility, and that's why its the center piece of many of our partnerships with the Public Cloud players including Anthos. Because it really provides a Cloud like workload hosting capability on-prem. >> So the news here is that you guys are expanding your relationship with Google. What does it mean? Can you guys summarize the impact to your customers and the industry? >> Well I think that, I mean the impact for our customers is that you've two leaders working together, and in fact they're two leaders who believe in open technology and in a Multicloud approach. And we believe that both of those are fundamentally more aligned with our customers and the market than other approaches and so we're really excited about that and what it means for our customers in the future. You know and we are expanding the relationship, I mean there's not only what we're doing with Google Cloud's Anthos but also associated advances we've made about expanding our collaboration actually in the collaboration area with our Webex capabilities as well as Google Swed. So we're really excited about all of this and what we can enable together for our customers. >> You guys have a great opportunity, I always say latency is important and with low latency, moving stuff around and that's your wheelhouse. KD, talk about the relationship expanding with Google, what specifically is going on? Lets get down and dirty, is it tighter integration? Is it policy? Is it extending HyperFlex into Google? Google coming in? What's actually happening in the relationship that's expanding? >> So let me describe it in three ways. And we've talked a little bit about this already. The first is, how do we drive Cloud like simplicity on-prem? So what we've taken is HyperFlex, which is a scale out appliance, dead simple, easy to manage. We've integrated that with Anthos. Which means that now you've got not only a hyper conversion appliance that you can run workloads on, you can deliver to your developers Kubernetes eco system and tool set that is best in class, comes from Google, its managed from the Cloud and its not only the Kubernetes piece of it you can deliver the silver smash pieces of it, lot of the other pieces that come as part of that Anthos relationship. Then we've taken that and said well to be Enterprise grade, you've gotta makes sure the networking is Enterprise grade at every single layer, whether that is at the physical layer, container layers, fortune machine layer, at the software define networking layer, or in the service layer. We've been working with the teams on both sides, we've been working together to develop that solution and bring back the market for our customers. The third piece of this is to integrate security, right? So Stealthwatch Cloud was mentioned, we're working with the other pieces of our portfolio to integrate security across these offerings to make sure those flows are as secure as can be possible and if we detect anomalies, we flag them. The second big theme is driving this from the Cloud, right? So between Anthos, which is driving the Kubernetes and RAM from the Cloud our SD-WAN technology, Cisco's SD-WAN technology driven from the Cloud being able to terminate those VPN's at the end location. Whether that be a data center, whether that be an edge location and being able to do that seamlessly driven from the Cloud. Innerside, which takes the management of that infrastructure, drives it from the Cloud. Again a Cisco innovation, first in the industry. All of these marry together with driving this infrastructure from the Cloud, and what did it do for our eventual customers? Well it gave them, now a data center environment that has no boundaries. You've got an on-prem data center that's expanding into the Cloud. You can build an application in one place, deploy it in another, have it communicate with another application in the Cloud and suddenly you've kinda demolished those boundaries between data center and the Cloud, between the data center and the edge, and it all becomes a continuum and no other company other than Cisco can do something like that. >> So if I hear you saying, what you're saying is you're bringing the software and security capabilities of Cisco in the data center and around campus et cetera, and SD-WAN to Google Cloud. So the customer experience would be Cisco customer can deploy Google Cloud and Google Cloud runs best on Cisco. That's kinda, is that kind of the guiding principles here to this deal? Is that you're integrating in a deep meaningful way where its plug and play? Google Cloud meets Cisco infrastructure? >> Well we certainly think that with the work that we've done and the integrations that we're doing, that Cisco infrastructure including software capabilities like Stealthwatch Cloud will absolutely be the best way for any customer who wants to adopt Google Cloud's Anthos, to consume it, and to have really the best experience in terms of some of the integration simplicity that KD talked about but also frankly security's very important and being able to bring that consistent security model across Google Cloud, the workloads running there, as well as on-prem through things like Stealthwatch Cloud we think will be very compelling for our customers, and somewhat unique in the marketplace. >> You know one of the things that interesting, TK the new CEO of Google, and I had this question to Diane Green she had enterprise try ops of VM wear, Google's been hiring a lot of strong enterprise people lately and you can see the transformation and we've interviewed a lot of them, I have personally. They're good people, they're smart, and they know what they're doing. But Google still gets dinged for not having those enterprise chops because you just can't have a trajectory of those economy of scales over night, you can't just buy your way into the enterprise. You got to earn it, there's a certain track record, it seems like Google's getting a lot with you guys here. They're bringing Cloud to the table for sure for your customer base but you're bringing, Cisco complete customer footprint to Google Cloud. That seems to be a great opportunity for Google. >> Well I mean I think its a great opportunity for both of us. I mean because we're also bringing a fantastic open Multicloud hybrid solution to our customer base. So I think there's a great opportunity for our customers and we really focus on at the end of the day our customers and what do we do to make them more successful and we think that what we're doing with Google will contribute to that. >> KD talk about, real quickly summarize what's the benefits to the customers? Customers watching the announcements, seeing all the hype and all the buzz on this Google Next, this relationship with Cisco and Google, what's the bottom line for the customer? They're dealing with complexity. What are you guys solving, what the big take away for your customers? >> So its three things. First of all, we've taken the complexity out of the equation, right? We've taken all the complexity around networking, around security, around bridging to multiple Clouds, packaged it in a scale out appliance delivered in an enterprise consistent way. And for them, that's what they want. They want that simplicity of deployment of these next gen technologies, and the second thing is as IT serves their customers, the developers in house, they're able to serve those customers much better with these latest generation technologies and frameworks, whether its Containers, Kubernetes, HDL, some of these pieces that are part of the Anthos solution. They're able to develop that, deliver it back to their internal stakeholders and do it in a way that they control, they feel comfortable with, they feel their secure, and the networking works and they can stand behind it without having to choose or have doubts on whether they should embrace this or not. At the end of the day, customers want to do the right things to develop fast. To be nimble, to act, and to do the latest and greatest and we're taking all those hurtles out of the equations. >> Its about developers. >> It is. >> Running software on secure environments for the enterprise. Guys that's awesome news. Google Next obviously gonna be great conversations. While I have you here I wanna get to a couple talk tracks that are I important around the theme's recovering around Google Next and certainly challenges and opportunities for enterprises that is the application area, Multicloud, and Hybrid Cloud. So lets start with application. You guys are enabling this application revolution, that's the sound bites we hear at your events and certainly that's been something that you guys been publicly talking about. What does that mean for the marketplace? Because certain everyone's developing applications now, (Kip laughs) you got mobile apps, you got block chain apps, we got all kinds of new apps coming out all the time. Software's not going away its a renaissance, its happening. (Kip laughs) How is the application revolution taking shape? How is and what's Cisco's roll in it? >> Sure, I mean our role is to enable that. And that really comes from the fact that we understand that the only reason anyone builds any kind of infrastructure is ultimately to deliver applications and the experiences that applications enable. And so that's why, you know, we pioneered ACI is Application Centric Infrastructure. We pioneered that and start focusing on the implications of applications in the infrastructure any years ago. You know, we think about that and the experience that we can deliver at each layer in the infrastructure and KD talked a little bit about how important it is to integrate those layers but then we also bring tools like AppDynamics. Which really gives our customers the ability to measure the performance of their applications, understand the experience that they're delivering with customers and then actually understand how each piece of the infrastructure is contributing to and affecting that performance and that's a great example of something that customers really wanna be able to do across on-prem and multiple Clouds. They really need to understand that entire thing and so I think something like App D exemplifies our focus on the application. >> Its interesting storage and compute used to be the bottle necks in developers having to stand that up. Cloud solved that problem. >> Kip: That's right. >> Stu Miniman and I always talk about on theCUBE networking's the bottle neck. Now with ACI, you guys are solving that problem, you're making it much more robust and programmable. >> It is. >> This is a key part for application developers because all that policy work can be now automated away. Is that kinda part of that enablement? >> It sure is. I mean if you look at what's happening to applications, they're becoming more consumerized, they're becoming more connected. Whether its micro services, its not just one monolithic application anymore, its all of these applications talking to each other. And they need to become more secure. You need to know what happens, who can talk to whom. Which part of the application can be accessed from where. To deliver that, when my customer tell me listen you deliver the data center, you deliver security, you deliver networking, you deliver multicloud, you've got AppDynamics. Who else can bring this together? And that's what we do. Whether its ACI that specifies policy and does that programmable, delivers that programmable framework for networking, whether its our technologies like titration, like AppDynamics as Kip mentioned. All of these integrate together to deliver the end experience that customers want which is if my application's slow, tell me where, what's happening and help me deliver this application that is not a monolith anymore its all of these bits and pieces that talk to each other. Some of these bits and pieces will reside in the Cloud, a lot of them will be on-prem, some of them will be on the edge. But it all needs to work together-- >> And developers don't care about that they just care about do I get the resources do I need, And you guys kinda take care of all the heavy lifting underneath the covers. >> Yeah and we do that in a modern programmable way. Which is the big change. We do it in intent based way. Which means we let the developers describe the intent and we control that via policy. At multiple levels. >> And that's good for the enterprises, they want to invest more in developing, building applications. Okay track number two, talk track number two Multicloud. its interesting, during the hype cycle of Hybrid Cloud which was a while, I think now people realize Hybrid Cloud is an implementation thing and so its beyond hype now getting into reality. Multicloud never had a hype cycle because people generally woke up one day and said yeah I got multiple Clouds. I'm using this over here, so it wasn't like a, there was no real socialization around the concept of Multicloud they got it right away. They can see it, >> Yep. >> They know what they're paying for. So Multicloud has been a big part of your strategy at Cisco and certainly plays well into what's happening at Google Next. What's going on with Multicloud? Why's the relation with Google important? And where do you guys see Multicloud going from a Cisco perspective? >> Sure enough, I think you're right. The latest data we saw, or have, is 94 percent of enterprises are using or expect to use multiple Clouds and I think those surveys have probably more than six points of potential error so I think for all intensive purposes its 100 percent. (John and KD laughing) I've not met a customer who's unique Cloud, if that's a thing. And so you're right, its an incredibly authentic trend compared with some of these things that seem to be hype. I think what's happening though is the definition of what a Multicloud solution is is shifting. So I think we start out as you said, with a realization, oh wait a second we're all Multicloud this really is a thing and there's a set of problems to solve. I think you're seeing players get more and more sophisticated in how they solve those problems. And what we're seeing is its solving those problems is not about homogenizing all the Clouds and making them all the same because one of the reasons people are using multiple Clouds is to get to the unique capabilities that's in each Cloud. So I think early on there were some approaches where they said okay well we're gonna put down like a layer across all these Clouds and try to make them all look the same. That doesn't really achieve the point. The point is Google has unique capabilities in Google Cloud, certainly the tenser flow capabilities are one that people point to. AWS has unique capabilities as well and so does Dajour. And so customers wanna access all of that innovation. So that kind of answers your question of why is this relationship important to us, its for us to meet our customers needs, we need to have great relationships, partnerships, and integrations with the Clouds that are important to our customers. >> Which is all the Clouds. >> And we know that Google Cloud is important. >> Well not just Google Cloud, which I think in this relationship's got my attention because you're creating a deep relationship with them on a development side. Providing your expertise on the network and other area's you're experts at but you also have to work with other Clouds because, >> That's right we do. >> You're connecting Clouds, that's the-- >> And in fact we do. I mean we have, solutions for Hybrid with AWS and Dejour already launched in the marketplace. So we work with all of them, and what our roll, we see really is to make this simpler for our customers. So there are things like networking and security, application performance management with things like AppDynamics as well as some aspects of management that our customers consistently tell us can you just make this the same? Like these are not the area's of differentiation or unique capabilities. These are area's of friction and complexity and if you can give me a networking framework, whether its SD-WAN or ACI Anywhere that helps me connect those Clouds and manage policy in a consistent way or you can give me application performance the same over these things or security the same over these things, that's gonna make my life easier its gonna be lower friction and I'm expecting it, since your Cisco, you'll be able to integrate with my own Prime environment. >> Yeah, so then we went from hard to simple and easy, is a good business model. >> Kip: Absolutely. >> You guys have done that in the past and you certainly have the, from routing, everything up to switches and storage. KD, but talk about the complexity, because this is where it sounds complex on paper but when you actually unpack the technologies involved, you know in different Cloud suppliers, different technologies and tools. Throw in open sources into the mix is even more complex. So Multicloud, although sounds like a simple reality, the complexities pretty significant. Can you just share your thoughts on that? >> It is, and that's what we excel. We excel, I think complexity and distilling it down and making it simple. One other thing that we've done is, because each Cloud is unique and brings some unique capabilities, we've worked with those vendors along those dimension's that they're really really passionate about and strong end. So for example, with Google we've worked on the container front. They are, maybe one of the pioneers in that space, they've certainly delivered a lot of technologies into that domain. We've worked with them on the Kubeflow front on the AI front, in fact we are one of the biggest contributors to the open source projects on Kubeflow. And we've taken those technologies and then created a simple way for enterprise IT to consume them. So what we've done with Anthos, with Google, takes those technologies, takes our networking constructs, whether its ACI Anywhere, whether its other networking pieces on different parts of it, whether its SD-WAN and so forth. And it creates that environment which makes an enterprise IT feel comfortable with embracing these technologies. >> You said you're contributing to Kubeflow. A lot of people don't look at Cisco and would instantly come to the reaction that you guys are heavily contributing into open source. Can you just share, you know, the level of commitment you guys are making to open source? Just get that out there, and why? Why are you doing it? >> Yeah. For us, some of these technologies are really in need for incubation and nurturing, right? So Kubeflow is early, its really promising technology. People, in fact there's a lot of buzz about AI-- >> In your contributing to Kubeflow, significantly? >> Yes, yeah. >> Cisco? >> We're number three contributor actually. Behind Google. >> Okay so you're up there? You're up at the top of the list? >> Yeah one of the top three. >> Top of the list. >> And why? Is this getting more collaborative? More Multicloud fabric-- >> Well I mean, again it comes back to our customers. We think Kubeflow is a really interesting framework for AI and ML and we've seen our customers that workload type is becoming more and more important to them. So we're supporting that because its something we think will help our customers. In fact, Kubeflow figures into how we think about Hybrid and Multicloud with Google and the Anthos system in terms of giving customers the ability to run those workloads in Google Cloud with TPU's or on-prem with some of the incredible appliances that we've delivered in the data centers using GPU's to accelerate these workings. >> And it also certainly is compatible with the whole Multicloud mission as well-- >> Exactly, yeah. >> That's right. >> So you'll see us, we're committed to open source but that commitment comes through the lens of what we think our customers need and want. So it really again it comes back to the customer for us, and so you'll see us very active in open source areas. Sometimes, I think to your point, we should be louder about that. Talk more about that but we're really there to help our customers. DevNet, DevNet Create that Susie Wee's been working on has been a great success. I mean we've witnessed it first hand, seeing it at the Cisco Live packed house. >> In Barcelona. >> You've got developers developing on the network its a really big shift. >> Yeah absolutely. >> That's a positive shift. >> Well its a huge shift, I think its natural as you see Cisco shifting more and more towards software you see much much more developer engagement and we're thrilled with the way DevNet has grown. >> Yeah, and networking guys in your target audience gravitates easily to software it seems to be a nice fit. So good stuff there. Third talk track, Hybrid. You guys have deep bench of tech and people on network security, networking security, data center, and all the things involved in the years and years of enterprise evolution. Whether its infrastructure and all the way through the facilities, lot of expertise. Now Hybrid comes onto the scene. Went through the little hype cycle, people now get it, you gotta operate across Clouds on-prem to the Cloud and now multiple Clouds so what's the current state of Cisco-Google relationship with Hybrid? How is that fitting in, Google Next and beyond? >> So let me tease that in the context of some history, right? So if we go back, say 10 years, virtualization was the bad word of the day. Things were getting virtualized. We created the best data center infrastructure for virtualization in our UCS platforms. Completely programmable infrastructure's code, a very programmable environment that can back a lot of density of virtual machines, right? Roll forward three or four years, storage and compute were getting unwieldily. There was complexity there to be solved. We created the category of converge infrastructure, became the leader of that category whether we work with DMC and other players. Roll forward another four or five years we got into the hyper conversion infrastructure space with the most performant ACI appliance on the market anywhere. And most performant, most consistent, deeply engineered across all the stacks. Can took that complexity, took our learnings and DNA networking and married it together to create something unique for the industry. Now you think, do other domains come together? Now its the Cloud and on-prem. And if that comes together we see similar kinds of complexity. Complexity in security, complexity in networking, complexity in policy and enforcement across layers. Complexity, frankly in management, and how do you make that management much more simple and consumerized? We're taking that complexity and distilling it down into developing a very simple appliance. So what we're trying to deliver to the customer is a simple appliance that they can stand and procure and set up much in the way that they're used to but now the appliance is scale out. Its much more Cloud like. Its managed from the Cloud. So its got that consumer modern feel to it. Now you can deliver on this a container environment, a container development environment, for your developer stakeholders. You can deliver security that's plumed through and across multiple layers, networking that's plumed through and across multiple layers, at the end of the day we've taken those boundaries between Cloud and data center and blown them away. >> And you've merged operational constructs of the old data center operations to Cloud like operations, >> Yeah. >> Everything's just a service, you got Microservices coming, so you didn't really lose anything, you'd mentioned democratizing IT earlier, you guys are bringing the HyperFlex to ACI to the table so you now can let customers run, is that right? Am I getting it right? >> That's right. Its all about how do you take new interesting technologies that are developed somewhere, that may have complexity because its open source and exchanging all the time or it may have complexity because it was not been for a different environment, not for the on-prem environment. How do you take that innovation and democratize it so that everybody, all of the 100's of thousands and millions of enterprise customers can use it and feel comfortable using it and feel comfortable actually embracing it in a way that gives them the security, gives them the networking that's needed and gives them a way that they can serve their internal stakeholders very easily. >> Guys thanks for taking the time for this awesome conversation. One final question, gettin you both to weigh in on, here at Google Next 2019, we're in 2019. Cloud's going a whole other level here. What's the most important story that customers should pay attention to with respect to expanding into the Cloud, taking advantage of the growing developer ecosystem as open source continues to go to the next level. What's the most important thing happening around Google Next and the industry with respect to Cloud and for the enterprise? >> Well I think certainly here at Google Next the Google Cloud's Anthos announcement is going to be of tremendous interest to enterprises cause as you said they are extending into the Cloud and this is another great option for enterprises who are looking to do that. >> Yeah and as I look at it suddenly IT has a set of new options. They used to be able to pick networking and compute and storage, now they can pick Kubeflow for AI or they can pick Kubernetes for container development, Anthos for an on-prem version. They're shopping list has suddenly gone up. We're trying to keep that simple and organized for them so that they can pick the best ingredients they can and build the best infrastructure they can, they can do it. >> Guys thanks so much. Kip Compton senior vice president Cloud Platform and Solutions Group and KD vice president of the Data Center compute group for Cisco. Its been exclusive CUBE conversation around the Google-Cisco big news at Google Next 2019 and I'm John Furrier thanks for watching. (upbeat jazz music)

>> Live from Barcelona, Spain, it's theCUBE! Covering Cisco Live! Europe, brought to you by Cisco and its ecosystem partners. >> Hey, welcome back everyone. We're live here in Barcelona, Spain, theCUBE's coverage of Cisco Live! Europe 2019. I'm John Furrier, Stu Miniman, and Dave Vellante all here this week getting all the action. Our next guests is Ron Sterbenz who's the marketing manager of Stealthwatch Cloud. Formerly is part of the acquisition the original team of observable networks. >> Correct, that's a good one. >> A small startup that was bought by Cisco in 2017. Now you're in the big company. Key part of the portfolio and security and cloud. Welcome to the cube again. Good to see you. >> Thank you John. >> So what's going on in Europe? What are the big trends obviously you here in Barcelona its a mirror, Europe, Middle east, Africa, and Russia. >> Yup. A lot of compliance, a lot of regulated industries across the board. >> Yup. >> A lot of security concerns, a lot of privacy concerns. >> That's right. >> Security is at the center of the values in the Cisco network approach. >> Yup. You know as of last year we were down in the front of this of the event. And I would say that traffic was pretty good. Now we're in the back, we're seeing a lot more interest, we're seeing actual customers come up, subscribers to our product, and service say "I've been with you now for a year, what's new?" So its nice to see that, that we didn't have right after the acquisition, which was where we were last year. >> So, in Europe, what are some of the trends, what's resonating? >> Kubernetes You know, you guys were out at KubeCon, for us that was a great show, lot of interesting kubernetes, and we're seeing the same thing here in the base, as well as the Cisco solution for it. >> And the definite zone which we're in has all these classrooms, I got to say, right next to us is Classroom One, the kubernetes session yesterday, >> Mhmm >> Was overflowing into our set. >> Yeah. >> Why don't we explain a little bit, what's exciting people about Kubernetes, do you have any guidance as to, you know, who they're using, cause I think back a year ago, a lot of the customers I talked to, they were like, building their own. Is kubernetes the hard way, as opposed to today, you know, Cisco's got a solution, you've got deep partnership with AWS, with Google and the like, so, yeah. >> We're seeing it all across the board. Lot of folks using Amazon to do it, we would always teach customers... Google was a natural for it, we are actually having customers come up to say, We're using the Cisco platform for it. So, for us it's the whole breath. What's also nice about it is we really simplify the deployment for kubernetes, so it doesn't matter whether any of those environments are going to be used from a security perspective. Real easy to inject it into the kubernetes environments, expand and contract, and feed the security solution that we offer. So, again, what's also really nice is the multi-cloud, so whether it's kubernetes, a little bit of AWS on the web servers, a little bit of the on PREM, any of the other Cisco kind of compute platforms, all of that data is coming in. >> I wonder if, when you look at security, it felt like a few years ago we got over the hump of the public cloud can be secure, but one of the challenges I have is if I'm in a multi-cloud environment, security is different in every one of those, so I've got different skill sets I have to match then, how are you helping customers? How are they sorting through that? >> Yeah, and then the other part of it is, they're used to what they would see on PREM in a physical network. So, by doing what we do into the cloud, allows the customer to have that traditional security perspective across all those environments of things that they're used to. So, if you look at it from the automation and simplicity, that's a great value prop. The other one that's a really interesting value prop is, I don't want to have to normalize for every data feed and element that comes out of those clouds, so, by for us doing it across all of our portfolio, when a feed changes with AWS, we're normalizing it and bringing it in as a security perspective for the customer, so you basically outsource a lot of the easy or hard lift of modifying those particular feeds into our solution or service. >> Talk about the cloud center service that you guys have as a suite now, gives a variety of, mentioned portfolio, certainly securities in there, stealth watch cloud, you mentioned kubernetes, you can't look at without containers being part of that, you've got the Cisco container service, Google and AWS, how do you guys fit into that? What's the key Stealthwatch Cloud value proposition? >> Yeah, so there is a reference architecture that Cisco has put out where we look at ACI anywhere, we look at the container platform, security on the top of it, we're able to integrate in other solutions, we're seeing a lot more interest in SD-WAN part of the house, being able to, again, simplify the security for all of those infrastructures back, so that's a really nice reference for architecture to go into an environment and try to leverage the whole portfolio for simplicity, broader breadth and depth. >> What are some of the conversations you're having with the customers around multi-cloud? Do they come in and say, Okay, give me some of that Stealthwatch Cloud, or, how do I architect it in, how does it fit in, what are some of those customer conversations? What do they look like? >> Well, the first one is simplicity, how difficult is this to do, how broad can I put it in a solution, and will it really do what you're forecasting or saying it will, with this thing called Endpoint Modeling, or Entity Modeling. What we also encourage free trial, so we allow customers to use the full service across all of those platforms, go as broad as they want during that trial period, and we prove out the value prop, in other words, you're able to see these devices in the real time, devices that you're normal and familiar with, the ability to again, to expand and contract in kubernetes, and see those whether you put an Apache server on a node, and that's the way it performs, and you expand out and get six of those, they will perform exactly the same way, and the expectation is that they will. But what we do in the demos in the booth is show the customer how easy it is to do that, and then encourage them to do it with their own environment in a trial, and that's where we solidify the customer into a sale. Into an ongoing subscriber. >> So, Ron, it's been interesting to watch this, we've got a lot of background and history with Cisco. Your solution, you're in the AWS marketplace, they buy you software, in the Google marketplace it's not boxes and that model, talk about how it's been coming into Cisco now, and kind of the go to market, how that, you know, we're watching a lot of Cisco change to go more towards where you were pre acquisition, even, so, how's that dynamic changing? >> We went from a team of 14, I think we're up to 21, 22 now, and then we've got the other partnership, our brothers and sisters of 70 thousand people, so it is one influencing that product, plus all the partners, and then getting them to encourage them to sell, the ability to sell on Cisco GPL, also the ability to transact, and Cisco is really supportive of whatever the customer wants to be, whether that's AWS, Azure, AWS marketplace, very easy to do a transaction there, and at the same time, we don't lose any of the internal compensation for Cisco employees or Cisco salers, so that's really nice, and it's simple for our customer. >> As you move from being a startup, which is nimble, you guys are small, you're in the front lines, you come into Cisco, what was your impression about how Cisco's portfolio was coming together, and where is it now, almost one year later, coming up on your one year anniversary >> Yeah, I think you can see that in the floor space here when you look at cloud. So, the first year that we were here, we were included in that whole piece, probably lighter traffic. This year we're seeing a lot more people with the interest in cloud, I think next year you will see more Cisco sellers, partners, buyers in that space, asking about what's coming next, I mean we're getting MSPs this year to say, Look, we're trying to do a kubernetes practice, is there a way that we can attach a security perspective to that? In a multi-tennancy, servicing our customers, being able to do the mediation, and we are and I don't think that's a conversation we had last year. >> Take a minute to explain, simply, the story for multi-cloud for Cisco from a security perspective. How would you describe to someone the multi-cloud story from Cisco? What is it? Take a minute to explain that. >> The multi-cloud story for Cisco for security is the ability to see and leverage intelligence, actionable insight across any one of those platforms. Normalizing it, bring it in, show me the interaction, whether that customer is sitting on a Cisco network, or this customer's sitting at the end point, outside of a web server on AWS. What can I see across that, what are my expectations of that interaction? >> Susie Wee was on yesterday, she's the champion of DevNet, this whole DevNet zone where we're located, lot of energy, lot of developers, Cisco app dynamics, which brings that app perspective, as the network becomes programmable, and you see the rise of kubernetes, great indicator that you mentioned that earlier, how should customers think about programmability with the security paradigm that's put forth from Cisco today? What's the guiding principals, what are some of the strategies they should take, what's your view on that? >> Intelligence and interoperability. So, whether we're looking at like an ICE integration, or a crypto threat analytics, or any of the other services that Cisco puts together, bringing all that intelligence back in, and putting it into usable fashion. Simplicity of integrating the products and suites services. >> Service providers you mentioned before, they're used to programmability, what I've seen over the last few years is they're embracing the multi-cloud message before. Five years ago it was, Oh my god, that's the enemy, I need to fight against them, now they're direct connecting into a lot of these public clouds, they're figuring out what of their services they keep vs offering services to customer and pass them through, seems like a great opportunity for you to help them expand, especially their security footprint across those environments. >> It definitely is. The ability for a customer to say, Hey, what is my real value at in this vs the pipe and the mechanics from behind the scene, so for us we focus on what we do really well, we allow our partners, look if you're going to do remediation, if you're going to do deployments into the web front end, or new applications, if you're going to look at portability across cube environments, whatever the cost benefit or ratio is, we let them focus on that, and we take the back end processing, which is the back end processing of alerts, back end processing of what we call observations, simplicity of bringing on partners for MSPs, and servicing 'em. >> I want to get your thoughts on a quote we heard on theCUBE yesterday from a practitioner, talking about multi-cloud, and cloud in general, as people move to SAS models and cloud, they don't really own the equipment, the quote was, "IT doesn't own the equipment, but owns the outcome." So the operating models changing a little bit, okay, I buy that, makes sense to me, and the quote was, "It moves from find and fix, to get evidence and escalate." How to handle the data becomes the core issue. Security data's a super important part of it, can you comment on your reaction to that quote, the positioning, cause certainly cloud is a rent vs buy, that's classic, you've still got the on premise, but security's dealing across the holistic environment where data and escalating, sharing data, big part of it, what's your thoughts on the role, how to handle the data? >> Well, if you look at security and look at SAS, what is our role? Our role is to normalize that data and be responsive every time a change is made in a cloud platform. The other thing what's great about a SAS service is upgrading, right, so upgrading is updates and everything else that comes at you from a security perspective, SAS is best to handle that, because we are looking at that, we're providing updates as well as changes to our platform almost daily, we publish that back to the customers, and as a subscriber, you don't renew if you're not happy. So, it continually puts us on the forefront of saying, look, we've got to innovate, we've got to be responsive to the customer, we've got to be able to address any other kind of... And it isn't always just malware or something that goes wrong, it could also be malfunction, it could also be left over assets that are sitting in AWS environment, or LAM defunctions that go awry, so we have multiple ways of providing value to the customer on those infastructures. >> Lot of moving parts, dependencies could be, >> That's right. >> We could move the availability zone, have some dependencies across the network, lot of things (laughs) at play here. >> Right, and what's really good about Stealthwatch Cloud is from the back end of it we're sitting out and addressing that, we're trying to put a human's touch to what we would find in an alert, and what would be important to a customer, and how we drive that value. >> So, Ron, we know that security's always an ongoing journey, so there's no end to where you need to go, you mentioned LAM defunctions, serverless something that your team's involved in, or are there other areas that we should be looking for throughout 2019 for some to maturation. >> I think there is, but I don't... As far as the road map goes, there's always integration, look, integration with Meraki, integration with other Cisco products, and the same thing goes with any other, I had just finished a meeting with Google about, what other data elements can we get to enrich that security perspective from Google, that would be the exact same thing with AWS functions, the team will look at all of those feeds, which ones are relative to things that we can provide from a security perspective, or generate value to the customer and integrate those first. >> This highlights the operating model for Cisco as a company, you mentioned Google, Amazon, these are real integrations, these are real partnerships, deep, meaningful, technical relationships. Share some insight into how that's going. >> There's a lot. There's always a lot from each of those platforms, so you do have to kind of pick and choose as to what you're going to address, I'm sure all of us on the team that are in the forefront of selling are saying, What about this? What about that? Can we incorporate it? >> Worth the backlog >> It's difficult, but, I would also say what's really big here in Europe is Azure. That's a real big potential customer base to address as well. >> We talked to the DNA center platform guys, and they're like, the backlog is huge and we're just going to work the backlog, to your point about SAS, you knock these things down one at a time, you go get you, prioritize, do the classic product management. But Ron, thanks for coming on, really appreciate the insight, final minute, just give a plug for what's going on at Stealthwatch Cloud. What are some of the highlights, what are some of the things you guys are promoting, what's the good news? Share with us. >> I would say probably the best news is adding all the cloud platforms, being able to truly be a multi-cloud story. Integration with other Cisco products that are coming in the forefront that we'll be announcing at other events, throughout I think RSA we've got some other announcements coming out, so if you'll be there, and then the part that we keep hitting home is meeting with the sales teams, starting the trial, and allowing us to kind of prove out the value of the product and service. >> Security portfolios expand, you get Tetracia and SAS coming around the corner, a lot of other interesting things happening in the Cisco world. >> Duo. >> Hey, thanks for coming on, we're here inside theCUBE in Barcelona, Spain for Cisco Live Europe, I'm John Furrier, stay with us for more Day Three coverage, after this short break.

>> Live from Las Vegas, it's theCUBE covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Hey, welcome back, everyone. Live coverage here with theCUBE at Amazon Web Service re:Invent. I'm John Furrier. My cohost, Lauren Cooney, here. Breaking down all the action. Lot of announcements coming out of Amazon Web Services. Lot of killers new technologies, but also the IT game is changing. The two great guests from Cisco Assistant, Dave Cope, who's the Senior Director of Cloud Market Development, and Kip Compton, Senior Vice President Cloud Platform and Solutions. We got the big chiefs here. We've got the marketing development here. The Cisco store. I Tweeted just about an hour ago that your story is really aligned with Amazon. You had a recent announcement. The holy trinity of storage networking and compute is never going to go away, but it's changing. This is absolutely a big, pivotal moment with on-premises activity. You guys are on-premises king at Cisco. How is this changing your business with AWS? >> Well no, it's been an incredible year. Dave and I were just reflecting on it as we got ready for AWS. And it's a year where we started with people questioning hybrid. Multicloud was kind of new. Kubernetes looked like it was going to take off. And I think every major cloud provider now has announced the Kubernetes service. Hybrid is described as the new normal. And of course, Kubernetes and containers are an almost ideal technology for things like hybrid and multicloud. So its been an incredible year. And you mentioned the announcement we made three weeks ago with our hybrid, Kubernetes solution on AWS. And we've just gotten incredible interest in that. A lot of people interested in that solution, because most enterprises, as exciting as public cloud is, and as fast as they can move in that environment, have things that for whatever reason are on-prem and need to stay on-prem for some period of time. So really being able to bring those environments together is critical. >> You know, I got to say, Kip. I'm really impressed with Cisco's business model evolution. I've obviously been a big fan from day one, proud of the network. I just interviewed John Chambers just two weeks ago. Great to see the legend there. But what a great business model Cisco has with networking. Moving up the stack has always been a challenge, but since DevNet and DevNet Create, you started to see that the DevNet developer community, the Cisco ecosystem, was really gravitating towards cloud. Network guys are fickle. You either win 'em or you don't. They hold on to the network. They got to protect it. The cloud somehow changed the dynamic. And cloud-native, what is the dynamic there? 'Cause you guys have now stated publicly, developers, cloud-native, the Kubernetes announcement, you see a world where the network is borderless. >> Yep. >> But hybrid is the standard. Call it whatever you want, cloud or hybrid. It is what it is. How has cloud changed Cisco so much? >> Well, I mean I think not just cloud, but the network has changed. All of our customers, since they're adopting DevOps, and I think it's 54% of enterprises have begun a DevOps journey, because it just drives innovation at a much higher pace. And we're finding in almost every industry, in order to compete, companies have to be able to move fast in delivering incredible experiences to their customers and their employees in the form of apps. And DevOps is the way to do that. And to do DevOps, you need a fully-automated infrastructure. And so that, I think, is one of the reasons why DevNet, our developer program, has grown so much. We're really excited to see DevNet pass 500,000, half a million members of DevNet, right? And many of these are networking engineers who are learning how to program on Cisco equipment as we've added APIs across our portfolio, and brought programmable controllers into the picture as well. So we're seeing that then mesh very well with cloud, 'cause obviously DevOps is not just for on-prem, but it's for cloud, it's for hybrid. And as we bring a fully-automated infrastructure on-prem, that matches up very well with fully-automated infrastructures like AWS and enables these hybrid-use cases and DevOps in a hybrid model. >> That's great. And I think what you're doing with open-source technology is just phenomenal as well. Talk about some of the use cases that you guys see across the industry. If you can mention customer names, that's awesome. If you can't, I get it. But I'd love to hear more about how they're applying the solution today. >> You know, I think there's a number of use cases. One thing that's been really interesting, Kip reflected on sort of coming out of last year into this realization that multicloud was real. And I think we also, there was this realization that it wasn't just about saving money to move to the cloud. That now it was about going to different cloud environments to leverage innovation that could be occurring in different environments. So one of the use cases we see is how do we maybe develop a new application on a cloud that has a unique service, maybe like machine learning or AI that I want to leverage? We're starting to see other use cases where people are realizing it's not about lifting and shifting, or moving applications. But now I want to take an on-premise resource and maybe give it a facelift with a new, cool capability that resides on a different cloud. All of that, by having sort of common management, policy-based governance, are some of the use cases that we see. Certain DevOps is a big one. At the end of the day, we talked about developers. At the end of the day, developers want their apps to be able to move into production. And so with DevOps, the cloud, we're starting to see this overlap between developers and IT ops now working together to be able to ensure that these new applications can be put into production across many different environments. >> What's the biggest challenge you guys see customer's having? What problem are they trying to solve? Networking, you own the network. Networking's not going away. It's evolving. What's the big challenge that your buyers and your customers have right now? >> Maybe I'll say a few words, and he can add as well. Networking and security regularly show up at the top of any sort of survey about what's difficult with cloud. We're very fortunate that those are areas where we have very deep portfolios and could solve a lot of customer problems. It's very interesting to me, and I mentioned this in my talk this morning, but a study we did with IDC on cloud maturity found that only 14% of enterprises had an optimized cloud strategy. And what that means is 86% are trying to improve their cloud strategy, and are looking for solutions and things they can solve. So it's incredibly fertile area for us to help our customers really take advantage of their on-prem assets, but also multiple clouds in the multicloud world. >> I think one of the realizations is the cloud is not like the cloud. It's multiple public clouds. It's private clouds, virtual private clouds. And so even traditional disciplines like security and network management, when you're trying to do that across environments that you both control and don't control, they take on a whole new complexion. And so that's some of the challenges and the opportunities, I think, that companies are looking for across the cloud today. >> Well, I think it's an interesting story, too, with Cisco, because the strength has really emerged in the security arena, and that is the one thing that people are most concerned about when they're using Kubernetes. So I think just phenomenally, that's really something that's coming together nicely. Are you guys working with a security team and really kind of making things more secure for folks to make them more comfortable utilizing this solution, or can you talk a little bit about that? >> Yeah, sure, no. We are certainly working with a security team. And that's, as a former Cisco employee, I know you're familiar with Cisco. But one of the things that's different about cloud for us is that every part of Cisco is involved in our cloud strategy, right? So as you know from Cisco, and lot of customers who with Cisco know, we tend to have big groups inside the company that focus on certain technologies, be it data center or networking or whatever. Cloud is across all of those. And a big part of what Dave and I do, and the group that I lead does, is work across all of those groups to make sure that things come together for our customers. >> That's awesome. >> For instance, the solution that we announced three weeks ago on AWS for hybrid Kubernetes actually works with our security products, and has Stealthwatch Cloud from our security group integrated in the solution to give consistent security across the AWS EKS environment and the on-prem data center environment. So we're very much stitching security into everything we do. >> When you guys talk to customers, what do you say to them when they say okay, I'm a Cisco shop. We have a lot of on-premise. I'm looking at cloud. What do I do? How do you describe the ideal architecture and playbook for really working with cloud? To give the customer the best choice, all the stuff that they want, what's your recommendation? How do you talk to that customer? What do you recommend? >> Yeah, I don't know if there's a single path. I mean, that's one thing we found is it's, I hate to say it's complicated. But every customer has a different set of apps, maybe different constraints depending on what industry they're in, or what part of the world they're in, in terms of data protection. They may have different on-premise states. Applications that maybe they can't move, like an old ERP system. Or maybe simply investments that they want to continue to get value out of. So a lot of times, we end up engaging with them or one of our Cisco partners ends up engaging with them on sort of a cloud advisory process to understand their environment. But you know, there are definitely some trends that we're seeing. I think Dave and I can talk about. One is I've seen a lot more interest in how you develop new experiences in applications. And Dave mentioned it, but a big shift towards accelerating innovation with cloud, as opposed to minimizing cost. And I think it's a logical maturation as people see that as a lever to be more competitive. But really, every customer has a slightly different journey. >> Beauty is in the eye of the beholder. Scale, automation, moving from the command-line interface to dashboards. (laughs) >> Yeah, all about APIs in between, by the way. >> All right, guys. Give us the final word here on what's next. You guys got a great deal going on with Amazon. I love the Kubernetes announcement. As you know, we've been hiring Kubernetes since it started, but recently there's a lot going on there under the covers. Containers, different workloads, great for inter-clouding or multiclouding or hybrid clouding, whatever word they're calling it these days. What's next for you guys? Give us a quick peak into the, what's come up at Cisco Live in Barcelona? What's on the roadmap? What's your budget look like? (laughs) >> I know that look, so I definitely want to hear what that is. >> Tell us the secret sauce. >> Maybe I'll just tee it up and you jump in. When I look at a hybrid cloud and multicloud, a lot of the innovation we've seen was first really about cloud management platforms, creating some degree of abstraction across clouds. And then along came containers, Kubernetes you could develop and deploy anywhere. I think the big opportunity and challenge today is all of those have been focused on the app. Now how do we create this fluidity of data sources across this multicloud world? And that's an exciting opportunity right now. How do I not have the requirement to move big loads of data around, but access that data anywhere it resides to feed these new applications? So I think that's a big part of where hybrid cloud is going. >> You're focused. Are you hiring? What's the focus? What's coming on? What's the next deals you're going to do? >> Well, I mean we're big on Kubernetes as you can tell as well, so you're going to see continued innovation there, as well as security. You mentioned that. We think serverless is very interesting for where that could go. It's going to take some time, I think, for that to become mainstream from a developer perspective. But just to pile on to what Dave said, we started the year with oh, this hybrid, or is Kubernetes, is multicloud? All of that seems to be a resounding yes at this point, but we're moving from creating similar environments to really starting to integrate those environments. I think what we announced three weeks ago is a good example of where we create a single control play between those environments. Data exchange and tying that data together for hybrid, I think going from hybrid and evolving to multicloud, right? Where we have customers already saying oh, wait a second. We love your AWS announcement. We remember your Google announcement. You're giving us a common infrastructure on the on-prem side that can connect to multiple clouds. That's lowering the friction, lowering the complexity, making it easier for us. 'Cause customers are saying look, we need to harvest all the innovation. AWS is amazing, but TensorFlow at Google is a real thing. That's a real deal for some people. >> And that's important here in their framework, too, Amazon is. >> Yeah, absolutely. So we think it's an exciting time, and the pace of innovation's going to be, the one thing is the future's going to be hard to predict. That's the safe bet. >> You guys are on it. I'm excite to see. We've been pounding our fists on the table for years. The TCP/IP of the future is right in front of you. It's called Kubernetes! (laughs) Really great opportunity. You guys have good strategy. Congratulations. See how it plays out. Multicloud, make what's obvious, pretty obvious. Thanks for coming on, appreciate it. >> Great. >> Thanks. >> Thanks for your insight, thanks for the insight. Live coverage here on theCUBE. Stay with us for more after this short break. We'll be right back. Wall-to-wall coverage here at AWS re:Invent. I'm John Furrier and Lauren Cooney. Stay with us. (upbeat music)