(relaxing electronic music) >> Narrator: From around the globe, it's theCUBE! With digital coverage of Next Level Network Experience event. Brought to you by Infoblox. >> Welcome back to theCUBE's coverage, we're here in our Palo Alto studios. I'm John Furrier, host of theCUBE. We're here with Infoblox for their Next Level Networking virtual event with theCUBE. Glenn Sullivan is our guest, Principal Product Manager with Infoblox, formerly with SnapRoute, theCUBE alumni. Great to have you back on, Glenn. Great to see you, and thanks for jumping on remotely. We're doing the remote thing, the remote CUBE, good to see you. >> Yeah, it's great! I wish I could be in the studio, you guys have a great studio up there in Palo Alto, so I wish I could have joined you, but that's not possible right now. (chuckles) >> The governor's on, is off, we're get there, but when it does come back we'll certainly do a lot more remotes, and want to go to a "hybrid world." Hybrid, it sounds like the media business is turning into cloud computing, you got public videos, in person, you got hybrid, and virtual. The cloud native world is certainly spawning everywhere now with COVID, and you guys are talk about Next Level Networking, but with the word Experience. I want to get your thoughts on that because, you know, it's been six months, you've been on theCUBE, a lot's happened. Next Level Networking Experience, describe it. >> Yeah, it's really about processing things as close to where they need to be processed as possible, right? So, you don't really want to put everything in the cloud, you don't really want to have everything happen on-prem, you want to do the right data processing where it's needed, right? Have a little bit on-prem and have a lot in the cloud, or vice versa, it's really about elastic scale, right? That's what I think about with cloud native technologies is being able to run whatever you need to run service-wise as close to the delivery mechanism of either the user, or you know, as close to the app in the cloud as you need to. That's really what it means by, you know, having an elastic scale, and we try to do that every day. >> And notice the word Experience is in there, you know, that's been super important because you build and provision, manage these services from the customer standpoint. I mean, I can't drive in, there's no, there's clothes, or I got to go in, I now can do remotely. This is the key about having abstraction layer innovation, certainly DNS, DHCP, IP address management, never going away, you've got to connect stuff to the internet, I mean the network is there. >> Exactly. >> You've got to be a bit more innovative, what's your thoughts on the impact of the network now that cloud native and open source specifically are driving more action. >> Well, there's a lot going under the hood, right? And you can't just, you know, manage things the way you used to be able to, where you take and you buy a box, you know, it's that cattle vs pets thing that we talk about in cloud native, right? Where you treat this appliance very specifically and very specially, and you upgrade it and you're afraid to touch it. Now that you can't, you know, get the things, you have to do everything lights out. So, what we've learned via applying technologies in the cloud, you know, you didn't go into AWS' data center, or Google's data center, or Microsoft Azure's data center and manage these things, so what we've learned about how to manage infrastructure across the board in networking and compute and storage now is even more important, because everybody's lights out all the time now. >> And scale and speed is critical. I mean, Google's pioneered the concept of SRE, Site Reliability Engineer. What your teasing out, Glenn, is the same kind of concept for the network, you've got to have the security, you've got to have the scale. This is a huge point, can you react to that? >> Yeah, it's about spinning up instances where you need them, you know, when you need them, right? If networking equals a physical black box appliance that you specifically nurture and manage instead of just networking services, right, because DHCP is a networking service, DNS is a networking service, IPAM is a networking service, so you should be able to spin those up wherever you need to and manage those without having to worry about it all being tied to, you know, specific things that you have to manage in a very nurtured way. >> I want to get your thoughts, the term borderless enterprise is being kicked around, you guys use that term. I've heard, you know, the borderless networK, makes sense I guess, but what does the borderless enterprise mean to you. >> Well, it's really just an extension if you think about it from the software defined perimeter concept before. You know, people call it different terms now, but it's just saying that borderless means that I don't have people sitting in a office anymore, and if I do have people sitting in an office, they have the similar experience to people that are connecting remotely, no matter where they are. So, because there is no boundary to your network, right, because the edges of your network don't match edges of your walls in your branches, that's pretty borderless to me, right? And you have to kind of think about, you know, it's not just about adding more firewalls, It's not just about adding more network perimeter security, it's really about how do I apply foundational security across the board. I've been at Infoblocks now for a little over six months, and I can tell you, it's great to see thinking about these foundational services, right? These infrastructure services like DHCP, DNS, and IPAM being really at the foundational layer of the security that you apply to your network. Right, it's the first couple of things that happen, right? The first thing you do is you get an IP address, that's DHCP, you can figure out all kinds of stuff about a device that way. Then you start looking at services with DNS, right? And then it's like, "Okay, well now I've got a lot more information about what the user's doing, where they're going, and how to secure it," right?" So, these sound like they're really your plain vanilla protocol suites, until you really start applying borderless security across the board with them. >> Yeah, a lot of machinations, and also you now have massive amounts of connection points, 'cause with IoT, not only have more in terms of volume of things connecting, but they're being turned on and off very quickly. They have to get connected, so you have that going on. >> Yep, and then you got to make sure that they do what they're supposed to do, right? If they're supposed to phone home to a specific place that they only do that, and that they haven't been hijacked, and somebody isn't mimicking them with malware. There's all kinds of security threats when you start thinking about all the possibilities that IoT brings into account. >> Yeah, some light bulb that you screw in, wifi enabled, has a multi-threaded capability, and be, who knows what's on there, right? (laughs) I mean this is what the reality is, no one knows what connects, a little hygiene comes a long way. I want to just get back into what you said. You've been there for a few months, came from SnapRoute, which was doing some real fine work, that's where we did our feature interview on you and what you were doing there, that technology. With borderless enterprise, what is the role that cloud native and open source play? Because this is your wheelhouse, I want to get your thoughts because when you had that to borderless, things kind of happen. >> There's two things that I like to think about. One, it's scaling things down as skinny as possible, or as big as necessary, right, elastic scale, right? We talk about cloud native technologies, we always talk about elastic scale. Well, what does that mean? Well, that means that am I securing an entire data center? Am I securing a branch office? Am I securing a gas station? Or am I securing a person working from home? You know, this is what we mean by elastic scale. It doesn't mean that I'm, you know, purpose building the spoke specific security profiles for those individual use cases, it means that I have a system that I can scale up and scale down no matter where those folks are, right? That's really what you have to do when you think about cloud native technologies and the borderless network, is you have to be able to run things as close to the user as possible, or as close to the app as possible, or somewhere in between. The second thing that I think is super key is abstraction, right? You can't manage everyone working from home, or you can't manage as many instances as you need with everyone's individual laptop, right? This doesn't scale, right? Abstraction is key to cloud native technologies because it means that I don't pay attention to anything that's below me, right? If I'm an SRE, I don't necessarily care about what type of servers that application set's running on. If I'm a network engineer, I don't really care about the fiber patch panels that connect my network devices together, right? Abstracting away the underlying infrastructure is key for cloud native technologies. So, as we add more and more devices, more and more endpoints, more and more users to manage, we have to make sure that we abstract away the complexity of all the connections that need to be built between those users and whatever, you know, abstraction orchestration layer that we utilize. >> You almost peeled back the onion from the early days of DNS and go to the core, "Hey, I want to connect to this domain." And a packet moves from here to there across an IP address, "Oh, let's add some abstraction on it." This has been the innovation form for the internet for years, right? So, how do you describe the Next Level? Because you mentioned, again, the word Experience is in there, so Next Level means, okay, networks need to be programmable. You do have the Next Level opensource dynamic that you pointed out beautifully, what's that Next Level Experience? How do you see the preferred future evolving? Because if you take this further, if you believe cloud native provides some scale, as you pointed out, it should simplify, these abstraction layers should reduce complexity, or abstract away the complexities and provide more simplicity. >> Absolutely! I mean, I always come at it from an Ops perspective because that's just my background, right? But I was running networks for a long time before I started building, you know, network operating systems, right? I can tell you that what I need is visibility. You know, I need to be able to see what's going on at any given moment. I need to be able to know that the things that I've deployed are up and running. I need to know that the information that I need to troubleshoot the issues that arise is at my fingertips, right? Because I always think about it like the 3:00 a.m. call, right? The network engineer, or sysadmin, or the DNS admin, or it doesn't matter who they are, at 3:00 a.m. they got to wake up because they've just been paged, and something's wrong. And how do they get to what's broken? So, that's one way to think about it. There's also the deployment way to think about it, right? Like how can I deploy as many new users, as many new branches, as many new locations, whatever the process is. You know, you hear zero touch provisioning, you know, all these other, these features, and they come as part of a cloud native mentality, right? They mean that I don't have to do, you know, a whole lot of pre-thinking and pre-staging, and pre-configuration, and pre-thought before I deploy stuff, right? It means I need something, I deploy whatever is required from a service level, I kickstart it, it bootstraps itself, and it joins, right? I take away the headache of having to think about where something is or when it is, and that's a lot of the synergy that we had between what we were doing at SnapRoute and when we came to Infoblox, right? I can tell you, we were pleasantly surprised by the platform that was built, and we were like, "Okay, well this is going to be great! We can add services to this and we don't have to worry about having to go an reinvent the wheel." Because when you choose technologies like Docker containerization, you choose technologies like Kubernetes orchestration and Kubernetes abstraction, you are a lot closer to where you need to be. I mean one of the thing that, you know, isn't super well-known out there is that CoreDNS is one of the major projects that Infoblox helps maintain with inside CNCF, the Cloud Native Compute Foundation, right? CoreDNS ships at the core of every Kubernetes version from now on, you know, as of a few versions ago. So if you think about it, Infoblox has got a lot of cloud native technologies built into everything that we do, and we're one of the key maintainers of one of the key DNS features of something that's at the heart of Kubernetes, and you know, I don't have to tell you how popular Kubernetes is. >> Yeah, we've chatted about that. It sounds like it's the kernel of all the action, DNS, the CoreDNS for Kubernetes. (laughs) >> Exactly, exactly! It's definitely at the core there. >> Glenn, I want to get your thoughts. First of all, I love chatting with you, you mentioned you were from an operating background, but also you can bring a lot of dev into it too, so this is ultimately, to me, the inflection point of where DevOps goes mainstream, because you used to do Ops for a fruit company, Apple? >> Yes, yes, very popular! >> Big one. >> A very popular fruit company called Apple, and we know how hardcore they are, especially they lean heavy on, you know, lock it down, make sure everything's secure, I mean it's well known in the Silicon Valley and around the world, certainly in tech circles, the security mindset. >> Absolutely. >> Large scale operations. Now, you bring also the DevOps aspect of it with cloud native. As that world has to become secure, and networks, it's an Ops game, let's face it. No matter how much DevOps you sprinkle into the equation, at the end of the day, it's Ops. Ops, operations of networks, high availability, large scale. But now you have a little bit of development goin' on on top. The programmable internet past the tip of the network layer, what's your take on that? Because you still need security, you want to have the capability to do some advanced automation. These have been hot new trends, and networking people are now hearing this not for the first time, but it's the new thing where it's like, "Okay, I can have my Ops, but I got to do some Dev now." So make sense of this, where are we in this whole programmable networking aspect? >> Yeah, there's sort of two schools of thought, and it's interesting what's happening, right? You've got kind of, on the extreme left side you've got, "I just treat the network like it's dumb plumbing and I run all of my software overlays on top of it, and I basically treat the network like it doesn't exist." And you know, it's kind of a situation that's been perpetuated by the silos that are out there, where you have the network engineers, and the server compute engineers, or SREs, and then you know, it's like, "Well, these folks never have to talk to each other because we just treat the network like it doesn't exist, and we run overlays on top." And some of the vendors in the server overlay security space have been really proud of that interaction. And I can tell you that that's one way of doing it, but it's not the optimal way, right? Like, when I was a network engineer I could tell you, you're trying to build credibility, right? So, if I was talkin' to a network engineer now, and I'd say like, "How do you get your credibility built with your server folks?" It's kind of like learning a different language, right? If you try, if you try to speak the other language, the person actually is appreciative of that and will help you. So, I always found, you know, find thing things you can automate, run that code base, figure out the API structures, build some pseudo-code together to make it happen, and figure out what you're doing over, and over, and over again and automate it. Automate away, right? And that's some of the nice things that are the same here, right, everything we could ever want to do in any GUI is all REST API'd underneath the hood, right? So it's like, we don't have to pitch to people that, "Oh, you can automate this code if you want to, you can run these APIs if you want to." They know it, and they use it, and people are happy with it. And I think if you're a network engineer, you've got to spend the extra effort to try to, you know. You don't have to do anything complicated! >> It's not rocket science. You know, it's not like you got to go right C, I'm sorry? >> It's not rocket science. >> No, start with Ansible, you'll learn some Python, you'll learn some Django on top of that, and then keep running, right? Keep automating on top of that. >> All right, great stuff, Glenn. I know you've got a a tight deadline, appreciate you comin' on for this virtual fireside chat as part of the Infoblox Next Level Networking virtual event. What specifically can companies do to get what they need from a technology standpoint to secure the borderless enterprise? How do you see it playing out, now that you're on Infoblox side from SnapRoute, with what Infoblox has, which is a holistic portfolio approach, a holistic view, what are you guys offering customers, and how do they secure their borderless enterprise? Really start with DDI, right? I know DDI is something that is not specific to Infoblox, but if you look at what we're doing with DNS, DHCP and IPAM, it's really the foundational layer to start securing the rest of your network. We don't necessarily make it so you don't need the rest of your security stacks that are running on top, but we do optimize 'em and we make it so you can right-size 'em, and we really think that if you focus on getting that layer solid, and you really focus on the DNS security, you can apply a lot of lightweight, high impact features as early on in the packet forwarding process as possible. Right, if you think about, I'm a network engineer at heart, so I always think about the path of a packet from the start to the end, and DDI happens really early in the process, so if you give that right, the rest of your security infrastructure built on top of that is just going to work that much better. >> You're the Principal Product Manager at Infoblox, formerly with SnapRoute, how do you fit into this? What product are you managing? Can you give a little bit of background, kind of what you're working on? >> So, I'm an emerging technologies PM, so basically anything kind of new and cool that we look to add to our platform, that'll come out of myself and my group. >> And Kubernetes obviously is one of 'em. >> Well, Kubernetes is already there, so we're already doing stuff with Kubernetes inside Infoblox, like, our whole platform. If you buy BloxOne DDI and BloxOne Threat Defense today, it's all deployed using Kubernetes and Docker containers, and orchestration layers, and everything today. So, everything that we're building on my team, is all building on top of that well sold platform that's already been developed. >> There's definitely demand out there, you're startin' to see the big companies like VMware, very operational focused companies start acquiring cloud native and open source, kind of a new kind of section to them. Obviously it's a tell sign, the markers are all there in terms of the trends. What are people missing? What's real, what's vape or what's reality when you look at the landscape, and what does Infoblox bring to the table? >> So, I think what's important to know is that when you're lookin' at open source technologies, a lot of them have been hardened over many years, and there's new stuff coming out all the time, and there's definitely new uses for them. But what's kind of important is what you put on top, right? Everyone's got open source under the hood, or they've got technologies they've OEM'd under the hood, right? But the experience that you present to customers is really key, right? Because you can take any kind of open source project and wrap a, you know, very thing layer on top of it, and you can either, you know, trump up the open source software, and say is the open source software we use underneath, or you can downplay it and say hey, this open source software, you know, we don't really talk about what's under the hood and it just all works magically. We find that transparency is really helpful. You know, you let people know what's under the hood, and you contribute to it, and you show that you're involved in this community, and you use that as a leverage to kind of push forward. So, if you look at, you know, what we're doin' with some of the different projects within, you know, BloxOne DDI uses Kea, and we're part of IC that's part of the maintainers of that, like we're openly in this space, right? And I already mentioned CoreDNS before, right? So, you can either take open source, and use it, and pretend that you don't, or you can take open source and contribute to it and be a community member, and be an advocate, and usually when you're on that side of the equation, you end up in a better place with your customers, building, you know, building confidence in your customer base. >> That's great stuff, Glenn Sullivan, thanks for comin' on, I really appreciate it. I'll give you the last word. In a nutshell, if I have cloud native and open source, how do I secure my borderless enterprise? >> Think about it as close to where the source is as possible and scale things elastically so that you can do as much processing of the user experience as possible so that you aren't trying to, you know, funnel everything to a single place and apply some magical policies in a single centralized location, to where you have to process a lot of data across the board. If you think about it from a hybrid approach where you've got a little bit on-prem and you've got a little bit in the cloud, or in some combination that's right for your organization, the hybrid approach that really trumps the local survivability, and really, you know, keeps focusing on securing things as close to the user possible, or as close to the source as possible, then you're going to be in good shape. >> Glenn, great stuff. As always, a masterclass in networking. Appreciate the insights, thanks for comin' on this Infoblox Next Level Networking virtual event for theCUBE. I'm John Furrier, your host. Stay with us, and thanks for watching. (relaxing electronic music)

>>live from San Francisco. It's the queue covering our essay conference 2020 San Francisco Brought to you by Silicon Angle Media >>Hey, welcome back here. Ready? Jeff Frick here with the Cube. We're in our 2020 the biggest security conference in the country, if not the world. I guess there's got to be 50,000 people. We'll get the official word tomorrow. It's our sixth year here and we're excited to be back. I'm not sure why. It's 2020. We're supposed to know everything at this point in time with the benefit on inside. We got two people that do. You know a lot. We're excited to have him. My left is Chris Bets is the SVP and chief security officer for Centurylink. Chris, Great to see you. And to his left is Chris Smith, VP Global security Services for Centurylink. Welcome. >>Thank you for having me. >>Absolutely. You guys just flew into town >>just for the conference's great To be here is always a really exciting space with just a ton of new technology coming out. >>So let's just jump into it. What I think is the most interesting and challenging part of this particular show we go to a lot of shows you 100 shows a year. I don't know that there's one that's got kind of the breadth and depth of vendors from the really, really big the really, really small that you have here. And, you know, with the expansion of Moscone, either even packing more women underneath Howard Street, what advice do you give to people who are coming here for the first time? Especially on more than the buyer side as to how do you navigate this place >>when I when I come here and see So I'm always looking at what the new technologies are. But honestly, having a new technology is not good enough. Attackers are coming up with new attacks all the time. The big trick for me is understanding how they integrate into my other solutions. So I'm not so I'm not just focused on the technology. I'm focused on how they all fit together. And so the vendors that have solutions that fit together that really makes a difference in my book. So I'm looking for for products that are designed to work with each other, not just separate >>from a practice standpoint. The theme of IRA say this year is the human element, and for us, if you look at this floor, it's overwhelming. And if you're a CSO of an average enterprise, it's hard to figure out what you need to buy and how to build a practice with all of the emerging tools. So for us core to our practice, I think any mature, 30 security practices having a pro services capability and consulting capability that can be solved this all together, that helps you understand what to buy, what things to piece together and how to make it all work >>right. And it's funny, the human element that is the kind of the global theme. And what's funny is for all the technology it sounds like. Still, the easiest way in is through the person, whether it's a phishing attack or there's a myriad of ways that people are getting him to the human. So that's kind of a special challenge or trying to use technology to help people do a better job. At the end of the day, sometimes you're squishy ISS or easier access point is not a piece of technology, but it's actually a person. It's >>often because We asked people to do the wrong things. We're having them. Focus on security steps. Use email. Security is an easy to grasp example way all go through training every year to teach folks how to make sure that they avoid clicking on the wrong emails for us more often than a year. So the downside of that is arresting people to take a step away from their job and try to figure out how to protect themselves. And is this a bad emails that are really focusing on the job? So that's why it's so important to me to make sure that we've got solutions that help make the human better and frankly, even worse in security. We don't have the staff that we need. And so how do we help Make sure that the right tools are there, that they work together. They automate because asking everybody to take those steps, it's just it's a recipe for disaster because people are going to make mistakes >>right? Let's go a little deeper into the email thing. A friend of mines and commercial real estate, and he was describing an email that he got from his banker describing a wire transfer from one of his suppliers that he has a regular, ongoing making relationship with. You know, it's not the bad pronunciation and bad grammar and kind of the things that used to jump out is an obvious. But he said it was super good to the point where thankfully, you know, it was just this time. But, you know, he called the banker like, did you just send me this thing? So you know where this as the sophistication of the bad guys goes up specifically targeting people, how do you try to keep up with how do you give them the tools to know Woe versus being efficient? I'm trying to get my job done. >>Yeah, for me, it starts with technology. That takes a look. We've only got so many security practitioners in the company. Actually. Defend your email example. We've got to defend every user from those kinds of problems. And so how do I find technology solutions that help take the load off security practitioners so they can focus on the niche examples that really, really well crafted emails and help take that load off user? Because users just not gonna be able to handle that right? It's not fair to ask them. And like you said, it was just poorly time that helped attack. So how do we help? Make sure that we're taking that technology load off, identify the threats in advance and protect them. And so I think one of the biggest things that Chris and I talk a lot about is how to our solutions help make it easier for people to secure themselves instead of just providing only technology technology advantage, >>our strategy for the portfolio and it sort of tied to the complexity. CN This floor is simplicity. So from our perspective, our goal is a network service provider is to deliver threat free traffic to our customers even before it gets to the human being. And we've got an announcement that we launched just a week ago in advance of the show called Rapid Threat Defense. And the idea is to take our mature threat Intel practice that Chris has a team of folks focused on that. We branded black Lotus labs and Way built a machine learning practice that takes all the bad things that we see out in the network and protects customers before it gets to their people. >>So that's an interesting take. You have the benefit of seeing a lot of network traffic from a lot of customers and not just the stuff that's coming into my building. So you get a much more aggregated approach, so tell us a little bit more about that. And what is the Black Lotus Labs doing? And I'm also curious from an industry point of view, you know, it's just a collaboration with the industry cause you guys are doing a lot of traffic. There's other big network providers carrying a lot of traffic. How well do you kind of work together when you identify some nasty new things that you're doing the horizon? And where do you draw the line between better together versus still independent environment? >>When we're talking about making the Internet safer, it's not really to me a lot about competitive environment. It's really about better together. That's one of things I love about the security community. I'm sure you see it every year when you're here. You're talking security practitioners how across every industry security folks work together to accomplish something that's meaningful. So as the largest world's largest global I P we get to see a ton of traffic, and it's really, really interesting we'll be able to put together, you know, at any given point in time. We're watching many tens of thousands of probable malware networks. We're protecting our customers from that. But we're also able to ourselves take down nearly 65 now where networks every month just knock them off the Internet. So identify the command and control, and we take it off the Internet. We work with our partners. We go talk to hosting providers, maybe competitors of ours. And we say, Hey, here's a bad, bad actors bad server that's being used to control now where? Going shut it down. And so the result of that is not only protecting our customers, but more importantly, protecting tens of thousands of customers every month. By removing now where networks that were attacking, that really makes a difference. To me, that's the biggest impact we bring. And so it really is a better together. It's a collaboration story and, of course, for said, we get the benefit of that information as we're developing it as we're building it, we can protect our customers right away while we're building the confidence necessary to take something as dramatic and action as shutting down on our network. Right. Unilaterally, >>Citrix. I was gonna ask you kind of the impact of I o t. Right in this in this crazy expansion of the tax services, when you hear about all the time with my favorite example, somebody told the story of attacking a casino through the connected thermometer in the fish tank in the lobby, which may or may not be true, is still a great story. Great story. But I'm curious, you know, looking at the network, feeding versus the devices connecting that's really in an interesting way to attack this proliferation of attack services. You're getting it before it necessarily gets to all these new points of presence doing it based on the source. For >>us, that's the only way to make it scalable. It is true that automation blocking it before it gets to the azure to a device. It is what will create simplicity and value for our customers. >>Right on the other piece of the automation. Of course, that we hear about all the time is there just aren't enough security professionals, period. So if you don't have the automation. You don't have the machine learning, as you said, to filter low hanging fruit and the focus your resource. If they need to be, you're not going to do it. The bad news is the bad guys, similar tools. So as you look at kind of the increase in speed of automation, the increase in automated connectivity between these devices making decisions amongst each other, how do you see that kind of evolving? But you're kind of role and making sure you stay a step ahead of the bad guys. For >>me, it's not about just automation. It's about allowing smart people to put their brains against hard problems, hard impactful problems and so on. So simply automating is not enough. It's making sure that automation is reducing the the load on people so that they're able to focus on those hard, unique problems really solve all those solutions and, yes, Attackers, Attackers build automation as well. And so if we're not building faster and better than we're falling behind, so like every other part of this race, it's about getting better, faster and why it's so important that technology work together because we're constantly throwing out more tools and if they don't work better together, even if we got incremental automation, these place way still miss overall because it's end to end that we need to defend ourselves and our customers >>layered on what he said. For the foreseeable future, you're gonna need smart security people that help protect your practice. Our goal in automation is take the road tasks out of out of the gate. They live so they can focus on the things that provide the most value protecting their enterprise. >>Right when you're looking, you talked about making sure things work together, for you talked about making sure things work together. How do you decide what's kind of on the top of the top of the stack, where everybody wants to own the single pane of glass? Everybody wants to be the control plane. Everybody wants to be that thing that's on your computer all the time, which is how you work your day to day. How do you kind of dictate what are the top level tools while still going out? And, he said, exploring some of these really cutting edge things out around the fringe, which don't necessarily have a full stack solution that you're going to rely on but might have some cool kind of point solutions if you will, or point products to help you plug some new and emerging holes. Yeah, >>yeah. So for us, yeah, we take security capabilities and we build them into the other things that we sell. So it's not a bolt on. So when you buy things from us, whether whether it's bandwidth or whether its SD wan and security comes baked in, so it's not something you have to worry about integrating later. It's an ingredient of the things that we sell in all of the automation that we build is built into our practice, So it's simple for our customers to understand, like, simple and then layered. On top of that, we've got a couple different ways that we bring pro services and consulting to our practice. So we've got a smart group of folks that could lean into staff, augment and sit on site, do just about anything to help customers build a practice from day zero to something more mature. But now we're toying with taking those folks in building them into products and services that we sell for 10 or 20 hours a month as an ingredient. So you get that consulting wrapper on top of the portfolio that we sell as a service provider. >>Get your take on kind of budgets and how people should think about their budgets. And when I think of security, I can't help but think of like insurance because you can't spend all your money on security. But you want to spend the right amount on security. But at the end of the day, you can't be 100% secure, right? So it's kind of kind of working the margins game, and you have to make trade offs in marketing, wants their money and product development, wants their money and sales, wants their money. So what people are trying to assess kind of the risk in their investment trade offs. What are some of the things they should be thinking about to determine what is the proper investment on security? Because it can't just be, you know, locker being 100% it's not realistic, and then all the money they help people frame that. >>Usually when companies come to us in, Centurylink plays in every different segment, all the way down to, you know, five people company all the way to the biggest multinationals on the planet. So that question is, in the budget is a little bit different, depending on the type of customer, the maturity and the lens are looking at it. So, typically, way have a group of folks that we call security account managers those our consultants and we bring them in either in a dedicated or a shared way. Help companies that's us, wear their practices today in what tool sets for use again things that they need to purchase and integrate to get to where they need to be >>really kind of a needs analysis based on gaps as much as anything else. >>That's part of the reason why we try to build prisons earlier, so many of the technologies into our solution so that so that you buy, you know, SD wan from us, and you get a security story is part of it is that that allows you to use the customer to save money and really have one seamless solution that provides that secure experience. We've been building firewalls and doing network based security for going on two decades now, in different places. So at this point, that is a good place that way, understand? Well, we can apply automation against it. We can dump, tail it into existing services and then allow focused on other areas of security. So it helps. From a financial standpoint, it also helps customers understand from where they put their talent. Because, as you talked about, it's all about talents even more so than money. Yes, we need to watch our budgets. But if you buy these tools, how do you know about the talent to deploy them? And easier You could make it to do that simpler. I think the better off right >>typical way had the most success selling security practices when somebody is either under attacker compromised right, then the budget opens right up, and it's not a problem anymore. So we thought about how to solve that commercially, and I'll just use Vitas is an example. We have a big D dos global DDOS practice that's designed to protect customers that have applications out on the Internet that are business critical, and if they go down, whether it's an e commerce or a trading site losing millions of dollars a day, and some companies have the money to buy that up front and just have it as a service. And some companies don't purchase it from us until they're under attack. And the legacy telco way of deploying that service was an order and a quote. You know, some days later, we turned it up. So we've invested with Christine the whole orchestration layer to turn it up in minutes and that months so you can go to our portal. You can enter a few simple commercial terms and turn it on when you need it. >>That's interesting. I was gonna ask you kind of how has cloud kind of changed the whole go to market and the way people think about it. And even then you hear people have stuff that's secure in the cloud, but they mis configured a switch left something open. But you're saying, too it enables you to deploy in a very, very different matter based on you know, kind of business conditions and not have that old, you know, get a requisite get a p o requisition order, install config. Take on another kind of crazy stuff. Okay, so before I let you go, last question. What are your kind of priorities for this show for Centurylink when it's top of mind, Obviously, you have the report and the Black Lotus. What do you guys really prioritizing for this next week? Here for Cisco. >>We're here to help customers. We have a number of customers, a lot of learning about our solutions, and that's always my priority. And I mentioned earlier we just put out a press release for rapid threat defense. So we're here to talk about that, and I think the industry and what we're doing this little bit differently. >>I get to work with Chris Motions Week with customers, which is kind of fun. The other part that I'm really excited about, things we spent a bunch of time with partners and potential partners. We're always looking at how we bring more, better together. So one of the things that we're both focused on is making sure that we're able to provide more solutions. So the trick is finding the right partners who are ready to do a P I level integration. The other things that Chris was talking about that really make this a seamless and experience, and I think we've got a set of them that are really, really interested in that. And so those conversations this week will be exceptionally well, I think that's gonna help build better technology for our customers even six months. >>Alright, great. Well, thanks for kicking off your week with the Cube and have a terrific week. Alright. He's Chris. He's Chris. I'm Jeff. You're watching the Cube. Where? The RSA Conference in downtown San Francisco. Thanks for watching. See you next time. >>Yeah, yeah.