(bright music) >> Welcome back everyone. theCube's live coverage here. Day two, of two sets, three days of theCube coverage here at VMware Explore. This is our 12th year covering VMware's annual conference, formerly called VM World. I'm John Furrier, with Dave Vellante. We'd love seeing the progress and we've got great security comes Tom Gill, senior vices, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. >> Thanks. for having me. >> Yeah, really happy we could have you on. >> I think this is my sixth edition on the theCube. Do I get frequent flyer points or anything? >> Yeah. >> You first get the VIP badge. We'll make that happen. You can start getting credits. >> Okay, there we go. >> We won't interrupt you. Seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not called out and blown up and talked specifically about on stage. It's kind of in all the narratives in the VM World for this year. But you guys have an amazing security story. So let's just step back and to set context. Tell us the security story for what's going on here at VMware and what that means to this supercloud, multi-cloud and ongoing innovation with VMware. >> Yeah, sure thing. So probably the first thing I'll point out is that security's not just built in at VMware. It's built differently. So, we're not just taking existing security controls and cut and pasting them into our software. But we can do things because of our platform, because of the virtualization layer that you really can't do with other security tools. And where we're very, very focused is what we call lateral security or East-West movement of an attacker. 'Cause frankly, that's the name of the game these days. Attackers, you've got to assume that they're already in your network. Already assume that they're there. Then how do we make it hard for them to get to the stuff that you really want? Which is the data that they're going after. And that's where we really should. >> All right. So we've been talking a lot, coming into VMware Explore, and here, the event. About two things. Security, as a state. >> Yeah. >> I'm secure right now. >> Yeah. >> Or I think I'm secure right now, even though someone might be in my network or in my environment. To the notion of being defensible. >> Yeah. >> Meaning I have to defend and be ready at a moment's notice to attack, fight, push back, red team, blue team. Whatever you're going to call it. But something's happening. I got to be able to defend. >> Yeah. So what you're talking about is the principle of Zero Trust. When I first started doing security, the model was we have a perimeter. And everything on one side of the perimeter is dirty, ugly, old internet. And everything on this side, known good, trusted. What could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So Zero Trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? 'Cause for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine. But they're not going to find 250 million credit cards. >> Right. >> Or the script of a new movie or the super secret aircraft plans. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done and that's where VMware shines. >> So if they don't have the right to get to that database, they're not in. >> And it's not even just the right. So they're so clever and so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So, it's like they have the key to unlock each one of these doors. And we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key, we're like wait a minute. That's not a real CIS Admin making a change. That's ransomware. And that's where you. >> You have to earn your way in. >> That's right. That's right. Yeah. >> And we're all kinds of configuration errors. But also some user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guys scour, the dark web for passwords that have been exposed. >> Correct. >> And go test them against different accounts. Oh one hit over here. >> Correct. >> And people don't change their passwords all the time. >> Correct. >> That's a known vector. >> Just the idea that users are going to be perfect and never make a mistake. How long have we been doing this? Humans are the weakest link. So people are going to make mistakes. Attackers are going to be in. Here's another way of thinking about it. Remember log4j? Remember that whole fiasco? Remember that was at Christmas time. That was nine months ago. And whoever came up with that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that said, "Oh yeah, I wasn't impacted by log4j." So here's some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one, right? We haven't heard anything. So the point is, the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. It's untenable, in the real world, right? >> Right. >> We don't know in there, hiding in the closet. >> They're still in. >> They're watching everything. >> Hiding in your closet, exactly. >> Moving around, nibbling on your cookies. >> Drinking your beer. >> Yeah. >> So let's talk about how this translates into the new reality of cloud-native. Because now you hear about automated pentesting is a new hot thing right now. You got antivirus on data is hot within APIs, for instance. >> Yeah. >> API security. So all kinds of new hot areas. Cloud-native is very iterative. You know, you can't do a pentest every week. >> Right. >> You got to do it every second. >> So this is where it's going. It's not so much simulation. It's actually real testing. >> Right. Right. >> How do you view that? How does that fit into this? 'cause that seems like a good direction to me. >> Yeah. If it's right in, and you were talking to my buddy, Ahjay, earlier about what VMware can do to help our customers build cloud native applications with Tanzu. My team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within. Looking at the individual piece parts and how they talk to each other and figuring out, wait a minute, that should never happen. By almost having an x-ray machine on the innards of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based. And we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with a hypervisor with NSX. We see all the inner workings. In a container world we have this thing called a service mesh that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. This API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit cards. That doesn't make any sense. The anomalies stick out like a sore thumb. If you can see them. At VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that East-West or lateral security. >> You don't belong in this room, get out or that that's some weird call from an in memory database, something over here. >> Exactly. Where other security solutions won't even see that. It's not like there algorithms aren't as good as ours or better or worse. It's the access to the data. We see the inner plumbing of the app and therefore we can protect the app from. >> And there's another dimension that I want to get in the table here. 'Cause to my knowledge only AWS, Google, I believe Microsoft and Alibaba and VMware have this. >> Correct >> It's Nitro. The equivalent of a Nitro. >> Yes. >> Project Monterey. >> Yeah. >> That's unique. It's the future of computing architectures. Everybody needs a Nitro. I've written about this. >> Yeah. >> Right. So explain your version. >> Yeah. >> It's now real. >> Yeah. >> It's now in the market, right? >> Yeah. >> Or soon will be. >> Here's our mission. >> Salient aspects. >> Yeah. Here's our mission of VMware. Is that we want to make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud. >> And secure. >> And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Not just on the edges of it. Okay. How do we go on that journey? As you pointed out, the public cloud providers realized five years ago that the right way to build computers was not just a CPU and a graphics process unit, GPU. But there's this third thing that the industry's calling a DPU, data processing unit. And so there's kind of three pieces of a computer. And the DPU is sometimes called a Smartnic. It's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what Nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So with vSphere 8, we have the ability to take the network processing, that East-West inspection I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that Ahjay and team are building. >> So no performance degradation at all? >> Correct. To CPU offload. >> So even the opposite, right? I mean you're running it basically Bare Metal speeds. >> Yes, yes and yes. >> And you're also isolating the storage from the security, the management, and. >> There's an isolation angle to this, which is that firewall, that we're putting everywhere. Not just that the perimeter, but we put it in each little piece of the server is running when it runs on one of these DPUs it's a different memory space. So even if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >> So who has access to that resource? >> Pretty much just the infrastructure layer, the cloud provider. So it's Amazon, Google, Microsoft, and the enterprise. >> Application can't get in. >> Can't get in there. Cause you would've to literally bridge from one memory space to another. Never say never, but it would be very. >> But it hasn't earned the trust to get. >> It's more than barbwire. It's multiple walls. >> Yes. And it's like an air gap. It puts an air gap in the server itself so that if the server is compromised, it's not going to get into the network. Really powerful. >> What's the big thing that you're seeing with this supercloud transition. We're seeing multi-cloud and this new, not just SaaS hosted on the cloud. >> Yeah. >> You're seeing a much different dynamic of, combination of large scale CapEx, cloud-native, and then now cloud-native drills on premises and edge. Kind of changing what a cloud looks like if the cloud's on a cloud. >> Yeah. >> So we're the customer, I'm building on a cloud and I have on premise stuff. So, I'm getting scale CapEx relief from the hyperscalers. >> I think there's an important nuance on what you're talking about. Which is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really going to work. Oh some people realize. >> It's not secure. >> Yeah. It's not secure. >> That one's like, no, no, no it's secure. It works. And it's good. So then there was this sort of over rush. Let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm going to move those onto the cloud. You got to take them all apart, put them on the cloud and put them all back together again. And little tiny details like changing an IP address. It's actually much harder than it looks. So my argument is, for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. We pretty much every. >> And the benefit of the customer is what. >> You can literally VMotion and just pick it up and move it from private to public, public to private, private to public, Back and forth. >> Remember when we called Vmotion BS, years ago? >> Yeah. Yeah. >> VMotion is powerful. >> We were very skeptical. We're like, that'll never happen. I mean we were. This supposed to be pat ourselves on the back. >> Well because alchemy. It seems like what you can't possibly do that. And now we do it across clouds. So it's not quite VMotion, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine. Things got super tense, super fast and they had to go from their private cloud data center in the Ukraine, to a public cloud data center out of harm's way. They did it over a weekend. 48 hours. If you've ever migrated a data center, that's usually six months. Right. And a lot of heartburn and a lot of angst. Boop. They just drag and dropped and moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructures defined in software. If you're relying on hardware, load balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, they're really, really expensive. And by the way, they eat a lot of power. So that was an architecture from the 90's. In the cloud operating model your data center. And this comes back to what you were talking about is just racks and racks of X86 with these magic DPUs, or smart nics, to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >> We just had Ahjay taking us to school, and everyone else to school on applications, middleware, abstraction layer. And Kit Culbert was also talking about this across cloud. We're talking supercloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It feels to me, and again, this is your wheelhouse. If supercloud happens with this kind of past layer where there's vMotioning going on. All kinds of spanning applications and data across environments. >> Yeah. Assume there's an operating system working on behind the scenes. >> Right. >> What's the security posture in all this? >> Yeah. So remember my narrative about the bad guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff, is you've got to understand it at what we call Layer 7. At the application layer. Trying to do security to the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible. It's buried in some cloud provider. So Layer 7 understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Nothing to do with the infrastructure. >> And where's the progress bar on that paradigm. One to ten. Ten being everyone's doing it. >> Right now. Well, okay. So we as a vendor can do this today. All the stuff I talked about, reading APIs, understanding the individual services looking at, Hey, wait a minute this credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle? Early days 10%. So there's a whole lot of headroom for people to understand, Hey, I can put these controls in place. They're software based. They don't require appliances. It's Layer 7, so it has contextual awareness and it's works on every single cloud. >> We talked about the pandemic being an accelerator. It really was a catalyst to really rethink. Remember we used to talk about Pat as a security do over. He's like, yes, if it's the last thing I do, I'm going to fix security. Well, he decided to go try to fix Intel instead. >> He's getting some help from the government. >> But it seems like CISOs have totally rethought their security strategy. And at least in part, as a function of the pandemic. >> When I started at VMware four years ago, Pat sat me down in his office and he said to me what he said to you, which is like, "Tom," he said, "I feel like we have fundamentally changed servers. We fundamentally change storage. We fundamentally change networking. The last piece of the puzzle of security. I want you to go fundamentally change it." And I'll argue that the work that we're doing with this horizontal security, understanding the lateral movement. East- West inspection. It fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with Endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so Pat, thanks for the mission. We delivered it and it's available now. >> Those WET web applications firewall for instance are around, I mean. But to your point, the perimeter's gone. >> Exactly. >> And so you got to get, there's no perimeter. so it's a surface area problem. >> Correct. And access. And entry. >> Correct. >> They're entering here easy from some manual error, or misconfiguration or bad password that shouldn't be there. They're in. >> Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall. Bad guys come in the window. >> And then the windows open. With a ladder. >> Oh my God. Cause it's hot, bad user behavior trumps good security every time. >> And then they move around room to room. We're the room to room people. We see each little piece of the thing. Wait, that shouldn't happen. Right. >> I want to get you a question that we've been seeing and maybe we're early on this or it might be just a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CISOs and CSOs, two roles. Chief information security officer, and then chief security officer. Amazon, actually Steven Schmidt is now CSO at Reinforce. They actually called that out. And the interesting point that he made, we had some other situations that verified this, is that physical security is now tied to online, to your point about the service area. If I get a password, I still got the keys to the physical goods too. >> Right. So physical security, whether it's warehouse for them or store or retail. Digital is coming in there. >> Yeah. So is there a CISO anymore? Is it just CSO? What's the role? Or are there two roles you see that evolving? Or is that just circumstance. >> I think it's just one. And I think that the stakes are incredibly high in security. Just look at the impact that these security attacks are having on. Companies get taken down. Equifax market cap was cut 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. It determines the fate of nations. I know that sounds grand, but it's true. And so companies care so much about it they're looking for one leader, one throat to choke. One person that's going to lead security in the virtual domain, in the physical domain, in the cyber domain, in the actual. >> I mean, you mention that, but I mean, you look at Ukraine. I mean that cyber is a component of that war. I mean, it's very clear. I mean, that's new. We've never seen. this. >> And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. >> Yeah. >> So the US, we have a policy of strategic deterrence. Where we develop some of the most sophisticated cyber weapons in the world. We don't use them. And we hope never to use them. Because our adversaries, who could do stuff like, I don't know, wipe out every bank account in North America. Or turn off the lights in New York City. They know that if they were to do something like that, we could do something back. >> This is the red line conversation I want to go there. So, I had this discussion with Robert Gates in 2016 and he said, "We have a lot more to lose." Which is really your point. >> So this brand. >> I agree that there's to have freedom and liberty, you got to strike back with divorce. And that's been our way to balance things out. But with cyber, the red line, people are already in banks. So they're are operating below the red line line. Red line meaning before we know you're in there. So do we move the red line down because, hey, Sony got hacked. The movie. Because they don't have their own militia. >> Yeah. >> If their were physical troops on the shores of LA breaking into the file cabinets. The government would've intervened. >> I agree with you that it creates tension for us in the US because our adversaries don't have the clear delineation between public and private sector. Here you're very, very clear if you're working for the government. Or you work for an private entity. There's no ambiguity on that. >> Collaboration, Tom, and the vendor community. I mean, we've seen efforts to try to. >> That's a good question. >> Monetize private data and private reports. >> So at VMware, I'm very proud of the security capabilities we've built. But we also partner with people that I think of as direct competitors. We've got firewall vendors and Endpoint vendors that we work with and integrate. And so coopetition is something that exists. It's hard. Because when you have these kind of competing. So, could we do more? Of course we probably could. But I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera. And as the threats get worse, you'll probably see us continue to do more. >> And the government is going to trying to force that too. >> And the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called processing quantum. >> Quantum. Quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. That's not good at all because our whole system is built around these private communications. So the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption. So, when the day quantum becomes available, we can change them and stay ahead of these quantum people. >> Well, didn't NIST just put out a quantum proof algo that's being tested right now by the community? >> There's a lot of work around that. Correct. And NIST is taking the lead on this, but Google's working on it. VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is a, it's an x-ray machine. It's like a dilithium crystal that can power a whole ship. It's a really, really, really powerful tool. >> Bad things will happen. >> Bad things could happen. >> Well, Tom, great to have you on the theCube. Thanks for coming on. Take the last minute to just give a plug for what's going on for you here at VMWorld this year, just VMware Explore this year. >> Yeah. We announced a bunch of exciting things. We announced enhancements to our NSX family, with our advanced load balancer. With our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and Zero Trust built into everything you do. And that's what we're working on. Pushing that further and further. >> Tom Gill, senior vices president, head of the networking at VMware. Thanks for coming on. We do appreciate it. >> Thanks for having us. >> Always getting the security data. That's killer data and security of the two ops that get the most conversations around DevOps and Cloud Native. This is The theCube bringing you all the action here in San Francisco for VMware Explore 2022. I'm John Furrier with Dave Vellante. Thanks for watching. (bright music)

>>Welcome back everyone Cube's live coverage here. Day two, two sets, three days of cube coverage here at VMware Explorer. This is our 12th year covering VMware's annual conference, formally called world I'm Jean Dave ante. We'd love seeing the progress and we've got great security comes Tom Gill, senior rights, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. Thanks >>For having me. Yeah, really happy we could have you on, you know, I think, I think this is my sixth edition on the cube. Like, do I get freaking flyer points or anything? >>Yeah, you get first get the VIP badge. We'll make that happen. You can start getting credits. >>Okay. There we go. >>We won't interrupt you. No, seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not like called out and, and blown up and talked specifically about on stage. It's kind of in all the narratives in, in the VM world for this year. Yeah. But you guys have an amazing security story. So let's just step back into set context. Tell us the security story for what's going on here at VMware and what that means to this super cloud multi-cloud and ongoing innovation with VMware. Yeah, >>Sure thing. So, so probably the first thing I'll point out is that, that security's not just built in at VMware it's built differently, right? So we're not just taking existing security controls and cut and pasting them into, into our software. But we can do things because of our platform because of the virtualization layer that you really can't do with other security tools and where we're very, very focused is what we call lateral security or east west movement of an attacker. Cuz frankly, that's the name of the game these days. Right? Attackers, you gotta assume that they're already in your network. Okay. Already assume that they're there, then how do we make it hard for them to get to what the, the stuff that you really want, which is the data that they're, they're going after. Right. And that's where we, >>We really should. All right. So we've been talking a lot coming into world VMware Explorer and here the event about two things security as a state. Yeah. I'm secure right now. Yeah. Or I, I think I'm secure right now, even though someone might be in my network or in my environment to the notion of being defensible. Yeah. Meaning I have to defend and be ready at a moment's notice to attack, fight, push back red team, blue team, whatever you're gonna call it, but something's happening. I gotta be a to defend. Yeah. >>So you, what you're talking about is the principle of zero trust. So the, the, when we, when I first started doing security, the model was we have a perimeter and everything on one side of the perimeter is dirty, ugly, old internet and everything on this side known good, trusted what could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So zero trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? Cuz for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine, but they're not gonna find 250 million credit cards. Right. Or the, the script of a new movie or the super secret aircraft plans, right. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done. Yeah. And that's where VMware shines. If they don't >>Have the right to get to that database, they're >>Not >>In and it's not even just the right, like, so they're so clever. And so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So it's like they have the key to unlock each one of these doors and we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key where like, wait a minute, that's not a real CIS admin making a change. That's ransomware. Yeah. Right. And that's, that's where we, you have to earn your way in. That's right. That's >>Right. Yeah. And we're all, there's all kinds of configuration errors. But also some, some I'll just user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guy's scour, the dark web for passwords that have been exposed. Correct. And go test them against different accounts. Oh one hit over here. Correct. And people don't change their passwords all the time. Correct? Correct. That's a known, known vector. We, >>We just, the idea that users are gonna be perfect and never make mistake. Like how long have we been doing this? Like humans with the weakest link. Right. So, so, so people are gonna make mistakes. Attackers are gonna be in here's another way of thinking about it. Remember log for J. Remember that whole ago, remember that was a Christmas time. That was nine months ago. And whoever came up with that, that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that was said, oh yeah, I wasn't impacted by log for J. So seers, some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one. Right? We haven't heard anything. So the point is the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. Like it's untenable, the real world. Right, right. >>We don't even go in there. They're still in there >>Watching your closet. Exactly. Moving around, nibbling on your ni line, your cookies. You know what I mean? Drinking your beer. >>Yeah. So, so let's talk about how this translates into the new reality of cloud native, because now know you hear about, you know, automated pen testing is a, a new hot thing right now you got antivirus on data. Yeah. Is hot is hot within APIs, for instance. Yeah. API security. So all kinds of new hot areas, cloud native is very iterative. You know, you, you can't do a pen test every week. Right. You gotta do it every second. Right. So this is where it's going. It's not so much simulation. It's actually real testing. Right. Right. How do you view that? How does that fit into this? Cuz that seems like a good direction to me. >>Yeah. It, it, it fits right in. And you were talking to my buddy AJ earlier about what VMware can do to help our customers build cloud native applications with, with Zu, my team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within looking at the individual piece parts and how they talk to each other and figuring out, wait a minute. That, that, that, that, that should never happen by like almost having an x-ray machine on the ins of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based and we, and we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with the hypervisor, with NSX, we see all the inner workings in a container world. >>We have this thing called a service me that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. You know, this API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit card that doesn't make any sense. Right? The anomalies stick out like a sore thumb. If you can see them. And VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that east west or lateral >>Security. Yeah. You don't belong in this room, get out or that that's right. Some weird call from an in-memory database, something over >>Here. Exactly. Where other, other security solutions won't even see that. Right. It's not like there algorithms aren't as good as ours or, or better or worse. It's that, it's the access to the data. We see the, the, the, the inner plumbing of the app. And therefore we can protect >>The app from, and there's another dimension that I wanna get in the table here, cuz to my knowledge only AWS, Google, I, I believe Microsoft and Alibaba and VMware have this, it nitro the equivalent of a nitro. Yes. Project Monterey. Yeah. That's unique. It's the future of computing architectures. Everybody needs a nitro. I've I've written about this. Yeah. Right. So explain your version. Yeah. Project. It's now real. It's now in the market right. Or soon will be. Yeah. Here. Here's our mission salient aspects. Yeah. >>Here's our mission of VMware is that we wanna make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud >>And secure >>And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Right. Not just on the edges of it. So, so, so, okay. How do we go on that journey? As you pointed out, the public cloud providers realized, you know, five years ago that the right way to build computers was not just a CPU and a GPU graphics process, unit GPU, but there's this third thing that the industry's calling a DPU data processing unit. So there's kind of three pieces of a computer. And the DPU is sometimes called a smart Nick it's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So, so with vSphere eight, we have the ability to take the network processing that east west inspection. I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that AJ and team are building. >>So no performance degradation at all, correct. >>To CPU >>Offload. So even the opposite, right? I mean you're running it basically bare metal speeds. >>Yes, yes. And yes. >>And, and, and you're also isolating the, the storage right from the, from the, the, the security, the management. And >>There's an isolation angle to this, which is that firewall that we're putting everywhere. Not just that the perimeter, we put it in each little piece of the server is running when it runs on one of these DPU, it's a different memory space. So even if, if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >>So who has access to that? That, that resource >>Pretty much just the infrastructure layer, the cloud provider. So it's Google Microsoft, you know, and the enterprise, the >>Application can't get in, >>Can't get in there. Cause it, you would've to literally bridge from one memory space to another, never say never, but it would be very, very, >>It hasn't earned the trust >>To get it's more than Bob wire. It's, it's, it's multiple walls and, and >>It's like an air gap. It puts an air gap in the server itself so that if the server's compromised, it's not gonna get into the network really powerful. >>What's the big thing that you're seeing with this super cloud transition we're seeing, we're seeing, you know, multicloud and this new, not just SAS hosted on the cloud. Yeah. You're seeing a much different dynamic of combination of large scale CapEx, cloud native. And then now cloud native develops on premises and edge kind of changing what a cloud looks like if the cloud's on a cloud. So rubber customer, I'm building on a cloud and I have on-prem stuff. So I'm getting scale CapEx relief from the, from the cap, from the hyperscalers. >>I, I think there's an important nuance on what you're talking about, which is, is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really gonna work. And some people realize >>It's not secure. Yeah. >>It, it's not secure that one's like, no, no, no, it's secure. It works. And it, and it's good. So then there was this sort of over rush. Like let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm gonna move those onto the cloud. You gotta take 'em all apart, put 'em on the cloud and put 'em all back together again. And little tiny details, like changing an IP address. It's actually much harder than it looks. So my argument is for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. Right. We pretty much every, and >>The benefit of the customer is what you >>Can literally vMotion and just pick it up and move it from private to public public, to private, private, to public, public, back and forth. >>Remember when we called VMO BS years ago. Yeah, yeah, yeah. >>We were really, skeptic is >>Powerful. We were very skeptical. We're like, that'll never happen. I mean, we were, I mean, it's supposed to be pat ourselves on the back. We, well, >>Because it's alchemy, it seems like what you can't possibly do that. Right. And so, so, so, and now we do it across clouds, right? So we can, you know, it's not quite VMO, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine, things got super tense, super fast, and they had to go from their private cloud data center in the Ukraine to a public cloud data center outta harm's way. They did it over a weekend, 48 hours. If you've ever migrated data, that's usually six months, right? And a lot of heartburn and a lot of angst, boom. They just drag and drop, moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructure's defined in software. >>If you're relying on hardware, load, balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, really, really expensive. And by the way, they eat a lot of power, right? So that was an architecture from the nineties in the cloud operating model, your data center. And this goes back to what you were talking about is just racks and racks of X 86 with these magic DPU or smart necks to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >>We just said, AJ taking us to school and everyone else to school on applications, middleware abstraction layer. Yeah. And kit Culver was also talking about this across cloud. We're talking super cloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It has. It feels to me. And again, this is, this is your wheelhouse. If super cloud happens with this kind of past layer where there's B motioning going on, all kinds of yeah. Spanning applications and data. Yeah. Across environments. Yeah. Assume there's an operating system working on behind the scenes. Right. What's the security posture in all this. Yeah. >>So remember my narrative about like VA guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff is you've gotta understand it at what, you know, we call layer seven at the application layer the in, you know, trying to do security, the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible, right. It's buried in some cloud provider. So layer seven, understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Right. Nothing to do with >>The infras. And where's the progress bar on that, that paradigm early one at the 10, 10 being everyone's doing it >>Right now. Well, okay. So we, as a vendor can do this today. All the stuff I talked about about reading APIs, understanding the, the individual services looking at, Hey, wait a minute. This credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle, early days, 10%. So, so there's a whole lot of headroom. We, for people to understand, Hey, I can put these controls in place. There's software based. They don't require appliances. It's layer seven. So it has contextual awareness and it's works on every single cloud. >>You know, we talk about the pandemic. Being an accelerator really was a catalyst to really rethink. Remember we used to talk about pat his security a do over. He's like, yes, if it's the last thing I'm due, I'm gonna fix security. Well, he decided to go try to fix Intel instead, but, >>But, but he's getting some help from the government, >>But it seems like, you know, CISOs have totally rethought, you know, their security strategy. And, and at least in part is a function of the pandemic. >>When I started at VMware four years ago, pat sat me down in his office and he said to me what he said to you, which is like Tom, he said, I feel like we have fundamentally changed servers. We fundamentally changed storage. We fundamentally changed networking. The last piece of the puzzle of security. I want you to go fundamentally change it. And I'll argue that the work that we're doing with this, this horizontal security understanding the lateral movement east west inspection, it fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so pat, thanks for the mission. We delivered it and available >>Those, those wet like web applications firewall for instance are, are around. I mean, but to your point, the perimeter's gone. Exactly. And so you gotta get, there's no perimeter. So it's a surface area problem. Correct. And access and entry, correct. They're entering here easy from some manual error or misconfiguration or bad password that shouldn't be there. They're >>In. Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall bad guys, come in the window. Right. And >>Then the window's open and the window with a ladder room. Oh my >>God. Cause it's hot, bad user behavior. Trump's good security >>Every time. And then they move around room to room. We're the room to room people. Yeah. We see each little piece of the thing. Wait, that shouldn't happen. Right. >>I wanna get you a question that we've been seeing and maybe we're early on this, or it might be just a, a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CSOs and CSOs, two roles, chief information security officer, and then chief security officer Amazon, actually, Steven Schmidt is now CSO at reinforced. They actually called that out. Yeah. And the, and the interesting point that he made, we've had some other situations that verified. This is that physical security is now tied to online to your point about the service area. If I get a password, I still at the keys to the physical goods too. Right. Right. So physical security, whether it's warehouse for them is, or store or retail digital is coming in there. Yeah. So is there a CSO anymore? Is it just CSO? What's the role or are there two roles you see that evolving or is that just, >>Well, >>I circumstance, >>I, I think it's just one. And I think that, that, you know, the stakes are incredibly high in security. Just look at the impact that these security attacks are having on it. It, you know, companies get taken down, Equifax market cap was cut, you know, 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. Right. It determines the fate of nations. I know that sounds grand, but it's true. Yeah. And so, so, so companies care so much about it. They're looking for one liter, one throat to choke, you know, one person that's gonna lead security in the virtual domain, in the physical domain, in the cyber domain, in, in, you know, in the actual, well, it is, >>I mean, you mentioned that, but I mean, mean you look at Ukraine. I mean the, the, that, that, that cyber is a component of that war. I mean, that's very clear. I mean, that's, that's new, we've never seen >>This. And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. Yeah, yeah. Right. So the us, we have a policy of, of strategic deterrents where we develop some of the most sophisticated cyber weapons in the world. We don't use them and we hope never to use them because the, the, our adversaries who could do stuff like, oh, I don't know, wipe out every bank account in north America, or turn off the lights in New York city. They know that if they were to do something like that, we could do something back. >>I, this discuss, >>This is the red line conversation I wanna go there. So >>I had this discussion with Robert Gates in 2016 and he said, we have a lot more to lose, which is really >>Your point. So this brand, so I agree that there's the, to have freedom and Liberty, you gotta strike back with divorce and that's been our way to, to balance things out. Yeah. But with cyber, the red line, people are already in banks. So they're addresses are operating below the red line, red line, meaning before we know you're in there. So do we move the red line down because Hey, Sony got hacked the movie because they don't have their own militia. Yeah. If they were physical troops on the shores of LA breaking into the file cabinets. Yeah. The government would've intervened. >>I, I, I agree with you that it creates, it creates tension for us in the us because our, our adversaries don't have the clear delineation between public and private sector here. You're very, very clear if you're working for the government or you work for an private entity, there's no ambiguity on that. And so, so we have different missions in each department. Other countries will use the same cyber capabilities to steal intellectual, you know, a car design as they would to, you know, penetrate a military network. And that creates a huge hazard for us on the us. Cause we don't know how to respond. Yeah. Is that a civil issue? Is that a, a, a military issue? And so, so it creates policy ambiguity. I still love the clarity of separation of, you know, sort of the various branches of government separation of government from, >>But that, but, but bureau on multinational corporation, you then have to, your cyber is a defensible. You have to build the defenses >>A hundred percent. And I will also say that even though there's a clear D mark between government and private sector, there's an awful lot of cooperation. So, so our CSO, Alex toshe is actively involved in the whole intelligence community. He's on boards and standards and we're sharing because we have a common objective, right? We're all working together to fight these bad guys. And that's one of the things I love about cyber is that that even direct competitors, two big banks that are rivals on the street are working together to share security information and, and private, is >>There enough? Is collaboration Tom in the vendor community? I mean, we've seen efforts to try to, that's a good question, monetize private data, you know? Yeah. And private reports and, >>And, you know, like, so at VMware, we, we, I'm very proud of the security capabilities we've built, but we also partner with people that I think of as direct competitors, we've got firewall vendors and endpoint vendors that we work with and integrate. And so cooperation is something that exists. It's hard, you know, because when you have these kind of competing, you know, so could we do more? Of course we probably could, but I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera, you know, and, you know, as the threats get worse, you'll probably see us continue to do more. >>And the governments is gonna trying to force that too. >>And, and the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called quantum processing, calling out. Yeah. Yeah. Quantum, quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. Right. That's not good at all because our whole system is built around these private communications. So, so the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption? So when the day quantum becomes available, we can change them and stay ahead of these quantum people. Well, >>Didn't this just put out a quantum proof algo that's being tested right now by the, the community. >>There's a lot of work around that. Correct. And, and, and this is taking the lead on this, but you know, Google's working on it, VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is like a, it's a, it's a x-ray machine. You know, it's like, it's like a, a, a di lithium crystal that can power a whole ship. Right. It's a really, really, really powerful >>Tool. It's bad. Things will happen. >>Bad things could happen. >>Well, Tom, great to have you on the cube. Thanks for coming. Take the last minute to just give a plug for what's going on for you here at world this year, VMware explore this year. Yeah. >>We announced a bunch of exciting things. We announced enhancements to our, our NSX family, with our advanced load balancer, with our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and zero trust built into everything you do. And that's, that's what we're working on and pushing that further and further. >>Tom Gill, senior vices president head of the networking at VMware. Thanks for coming up for you. Appreciate >>It. Yes. Thanks for having guys >>Always getting the security data. That's killer data and security of the two ops that get the most conversations around dev ops and cloud native. This is the queue bringing you all the action here in San Francisco for VMware. Explore 2022. I'm John furrier with Dave, Alan. Thanks for watching.

>>mm Welcome back to the huge covered cubes coverage of VM world 2021. The virtual edition tom gillis is back on the cube. He's in S. V. P at VM ware and the GM of network and advanced security at the company. Tom. Always a pleasure to see you. Thanks for coming on. >>Hey, thanks for having me. It's always a pleasure to be back here on the cube. I really enjoyed it. We've we've been, we've known each other for I don't want to count how many years but more than a few. Uh it's always an interesting conversation. >>We've had a lot of face to face interactions a couple years in a row were virtual. We'll be back together at some point. I'm >>calling. Yeah. Yeah. I'm actually on the road with customers. So it's starting to happen. >>Yeah, us too. We did uh we did public sector summit in D. C. This week. I'm heading out to Vegas next week for a show. So it is, it is starting to happen. So just a matter of time hey, >>when I start >>with with your your scope of responsibilities? Network and advanced security, you're kind of putting those two areas together. Very important. It makes sense synergistically. But how are you guys thinking about that? Maybe you could add some color. >>Yeah, sure thing. Um So network in advance security means all things security of Myanmar. So it's carbon black with our endpoint product, NsX in the data center. It's our tons of service mesh for cloud native applications to all the security stuff that goes into our anywhere workspace. Um and you know, I think you you probably get the message here dave at the end where there's three big waves that we're trying to ride. You know, multi cloud computing platform, which is our hallmark, is what we're known for running out across every cloud. It's the cloud native applications, building tools for new modern apps. And then really kind of the future of both networking and compute is being defined by this anywhere workspace. Our mission is to put security and connectivity into all of that. That makes it work. That makes it work well at scale. And so it made sense to put all that under one roof. Uh, I'm the guy and that's what we're doing. >>Yeah, you talk about that anywhere workspace, which, You know, it was always kind of a great vision and then it was somewhat aspirational, but then it became not only reality, but a mandate over the past 15, 18 months and that has that ripples through two implications on networking, even getting flatter and the security implications. So, all those things are coming together >>there really are. You know, I think we can't under estimate the profound impact that covid and the kind of work from home has had on our lives on society were still turning through what those implications are, but in networking it's cause for a fundamental rethink and for 20 years I've been doing networking and for 20 years we had this notion of a demarcation point networks defined as something that it was a DMZ, right? And, and on one side of that, TMZ was a dirty, untrusted internet, who would scary the other side is the clean, blissful corporate network where you know, only butterflies and unicorns exist and you know, wherever you were in the world, your traffic would be back hauled through that dems so that it could be scrubbed. And if you ever used tools like we're using now zoom, you know, you realize that that experience of back hauling traffic through traditional VPN is pretty simple. And so, so across the industry, enterprises are saying, you know what, there's got to be a different way instead of moving by traffic to the security services. What if I turn that upside down, That's what we're doing a VM ware, which we're taking those security services that we live in the DFc. We're doing what VM ware does well, which is defined them as software and then running them in hundreds of points of presence around the world. Hundreds. And so we effectively moved the security close to the users wherever the users are instead of the other way around. And that's the way we think we'll be building networks in a post pandemic world. >>Yeah. And that talks to the trend of this hyper decentralized system that's basically everywhere now, you know, even even out to the edge. And so, so you now have this, you know, zero trust used to be a buzzword and, and again, it's become this, this mandate. You guys actually did some, I think it was you who did some really interesting research post the solar winds hack on. Talking about things like island hopping and explaining how malware was getting in self forming and some of the insidious ways in which the, the adversaries and, and that is a function of a lot of things. The adversaries are obviously highly capable. Uh, they're motivated because it's lucrative and, and, and they keep upping the game on the good guys if you will. >>Yeah, it's nuts. But, and so so think about the impact that ransomware has had. Uh, and also to your point about the anywhere workspace. I'm right now in boston, I could, you know, tomorrow I'm going to be in texas and the day after that I'll be in san Francisco. So I'm popping all over the place, you know, we're back meeting customer's going wherever they want us to be. But wherever I am, I'm able to connect and, and my traffic needs to be protected. Now in boston it was a ransomware attack against the ferry. We're not talking about a bank or like a sophisticated, you know, sort of organization, it's a ferry that moves people from Cape Cod to an island across the water and it disrupted that ferry for days. So so at VM ware, we're measuring all the inner workings of what's happening in the data center and we collect more than eight trillion with a T eight trillion events per week and that allows us to be able to identify these anomalies like ransomware. And so just in the last 90 days we've stopped more than a million ransomware attacks. 1.1 million ransomware attacks that we stopped within six seconds, More than a million ransomware attacks in the last 90 days. To give you a sense of the magnitude of this problem it's everywhere. And you you reference Zero Trust. Zero Trust is a concept, it's a philosophy, is not a product by Zero Trust. You implement a Zero Trust model which says in a deep perimeter Rised world in a world where people like tom or hopscotch on all over the place and Dave's in boston and you know, I could be in san Francisco, we have to make the assumption that somehow some way, you know, our machine or a user has been compromised. And so you wrap each little piece of the infrastructure, each little piece of the application, you wrap it a protective armor to assume that everything around it is hostile and that's how we stop somewhere. That's how we can keep your infrastructure safe. And this is something you have and where does very uniquely because of the intrinsic attributes of our platform, our virtualization platform and our multi cloud platform. >>Yeah. You talk about the ferry anybody who's ever taken the ferry to Nantucket knows it's a pretty low tech operation and when that ferry goes down, it's one thing, it's, it's whether you can kind of understand that but people's lives get ruined, their vacations get ruined, they can't get off the island. Commerce comes to a grinding halt. It's extremely, extremely expensive really. >>For days, >>for days it was >>Like it wasn't a 20 minute outage. You know, it was like a fairy is not running for a couple things like that. That is a huge, huge, very high impact thing. And the fact that it was so pedestrian, like they don't have billions of dollars in the bank and you know, sort of super secret defense technologies, it's a ferry, you know, right, come on rental cars everywhere. So everywhere >>talk about your software approach two networking and security a little bit more. How that changes the experience for organizations generally, and developers specifically. >>So in a multi cloud world you can't always count on having physical infrastructure that you can touch. And in fact, do you really want to touch that stuff. And so our idea is that if you think about infrastructure, its job is to support the needs of the application. And so for example, in Kubernetes, we have the ability for developers say, look, here's my cool new application and this peace talks to this peace talks to this piece and nothing else. And so we can implement those types of controls using what we call a service smash, which allows us to, to make those connections smooth and seamless across clouds. Some of it could run on amazon, some of them could be running in a private cloud infrastructure. Some of them could be running in the traditional VM and in fact many complication applications do just that. So we can facilitate that communication back and forth and we have the ability to look for stuff that you just never happened because when you understand how an application is supposed to work, it allows you to spot, hey, wait a minute. That's not right. That's that, that's that, that don't like someone trying to manipulate the ferry system rather than somebody trying to board the ferry and get off. And I think, you know, there's a really interesting observation here, which is when you, when you, if you can see the inner workings of an application, like it looks for example, let's think about a mortgage payment application filed, a mortgage payment application and the Attackers has stolen a credential. They're going to get in. It's really hard to figure out a friend from foe. But once they get into mortgage payment application, I'm not going to pay my mortgage right? They do crazy anomalous things like wildly anomalous things. If you can see them, you can stop them and we have the unique ability to see them because we put the telemetry, the observation into our virtualization platform that runs on every cloud that runs wherever the user is. Right and pulling all that together into a central issue. That's something I think the N word to do uniquely and this is why we're having such success insecurity. >>I wonder if you could talk a little bit more about securing containers. You just sort of reference that but containers are moving target just a few short years ago, containers are ephemeral. You weren't you weren't gonna be running you know, your mission critical or business critical postgres in containers. But now that's changed. You're getting state. But so that's a moving target. How are you thinking about handling? You know, those kind of changes And what about the architecture allows you to be kind of future proof if you will. Sorry to use that >>word? No, no, it's a good question. So you've articulated right. So if you think about a traditional application, we used to always talk about three tiered web app, there's a web server is app server and the database a little more complicated than that. But you can usually go in and you could touch those three tiers. This box is the web tier. This box step here. This big box, is that it. And so security controls were built around this idea that you could you could wrap that relatively easily. We talk about a container based application And all these microservices. It's not three tiers anymore. It's 300 tears or maybe 3000 tears. Bitty little things, these little services that turn up and turn down and they all have a piece and so our view is that the A P is the new endpoint, the ap is where the action happens and not just the ap that faces the internet but all the inner workings, all the internal apps. And so because we put that application together, because we help the developers create those apaches, we have a unique understanding of how those apps are used and we're just introducing the ability to provide visibility around how are these epi is being used and then we can do anomaly detection and we are seeing a whole new set of attacks that are using legitimate apiece. They're not appease that are that are that are broken or malformed but the Attackers are finding ways to extract data from an API that maybe they shouldn't remember some of the facebook stuff where they had these Attackers were profiling users and there's no limit to how they could profile users and they were just expecting huge amounts of data that's an ap breach. These are the kind of problems that we can solve for our customers with these built in Tan Xue uh service mesh and api security controls >>you think about all these trends we're talking about and I want to ask you about how it's affected go to market because kind of the old days you had box sellers, they, you know, they would integrate VM ware or whatever. They you might have a specialist that was really good at ST for instance, S. A. P. And they were good partners. So that kind of value add developers have become a new channel for you and I wonder how you think about that, how they're now influencing their go to market. >>Yeah, that's that's a clear trend in the industry are absolutely right on, we call it moving left, right. So it's getting earlier and earlier in the development process. And so one of the things that renouncing at the show here is that the tons of community edition that makes it super easy for developers without putting down a credit card or making a big expensive commitment. They can start using these tools and get productive right away. And so so on top of that we build security controls that understand the total life cycle. So as the developers writing code, we're checking that code to make sure is this compliant doesn't have any known vulnerabilities. This is gonna break something. If you if you put it out there and then when you go to hit commit and say, all right, I'm ready to go, we've already done the homework to make sure the code is clean, we'll put it in the right place. So placing it into production in a way that is wrapped with the security that it needs the guardrails are in place and now we have this this X ray vision, this ability to look at the inner workings and understand the Ap is what's happening inside the application and identify anomalies. And lastly, once the thing is up and running we actually have the ability to measure we called posture and make sure that it doesn't drift from its intended configuration. All of this is done across every cloud. So this is, this is how we think we have a kind of new and very holistic approach to securing collaborative applications. >>Tom I want to ask you about telco transformation, I mean N F V kind of just barely scratched the surface in my view and now we're seeing with the edge and five G and the cloud there's some oh ransom. Really interesting opportunities going on in in telco say what you want about telcos? Yeah, there, you know the connectivity and Okay, fine. But one thing you say about the telco networks as they work, you know, and it actually did a great job during the pandemic. They had to pivot to landlines and and so when it comes to reliability and rock solid nous, those guys kinda kinda get it but they've got to be more flexible. So you see those two worlds colliding what's going on in in telco and and where does VM ware play? >>Yeah, sure thing. A huge amount of emphasis on telco, we've won some very large telco deals. Five G is not just a faster version of four G. 5G is a new take on what an edge network can do. It has the ability to run extremely high performance network connections and the ability to control the performance. So this idea of what's called network slicing, so you can guarantee a certain amount of latency or a certain amount of bandwidth. So combine that with this explosion of IOT devices. We're going to have an infinite number of devices. Every device you can imagine has a computer in it and it's spitting off giant amounts of data. We keep coming up with new and interesting ways to analyze that data to do things like, you know, control the self driving car to do things like create a customized retail experience to do things like help guide research for an oil company on the oil platform. Okay. These are all examples of edge computing. Now, the infrastructure that you need to protect those workloads is what we're defining and software. And putting it everywhere, Not just in the traditional data center where you might be in 1020 locations, we're talking about hundreds going into thousands of locations. And this is what the industry is calling sassy or secure access services. Edge. So where's your firewall? Your web proxy the controls that you need to protect those apps, where do they live? They're gonna live in the telco infrastructure And that stuff all runs on X 86 servers. So if you put in the data center services into this distributed architecture and you've got tons and tons of data that's being produced produced locally. Why would you want to remove the compute there and we think you can and will and this is this is why VM ware with our telco partners is uniquely suited to build the groundwork for this edge computing infrastructure. And I think edge computing is going to be the next big wave. So we went from private clouds to public clouds and public cloud was built on, you know, the scale out fault tolerant model as we move to edge computing, edge computing is going to be around applications that need huge amounts of data, very low latency and they're highly distributed. So they're going to run not in 10 or 20 locations but in 1000 more. And we can do all of this with our tons of kubernetes with our virtual networking infrastructure and our anywhere workspace and the secure access services, Edge, the pops that we're building and I think VM ware is probably one of the few if any companies that have all of these pieces that we can put together to make the Edge actually work. >>Yeah, exciting times and and all that data ai influencing at the edge of new processor models and you guys are thinking about all that stuff tom we got to leave it there. Thanks so much for coming back in the queue. Great conversation. >>Always a pleasure. Thanks very much. David, Take care >>Alright you to keep it right there, everybody. This is Dave Volonte. For the Cubes coverage of VM World 2021. The virtual edition will be right back.

>>from around the globe. It's the Cube with digital coverage of VM World 20 >>20 brought to you by VM Ware and its ecosystem partners. Hello and welcome back to the cubes. Virtual coverage of VM World 2020 Virtual. Is the Cube virtual not there in person this year because of CO of it? I'm John for your host of the Cube. Got David wants to meet him in all the Cube folks covering, of course, with VM Ware and VM World 2022. Great guest here to talk about the future of the workforce solutions and the impact of network security and partnerships. Tom Gala, senior vice president general manager of networking and security business unit at VM Ware and put it, Men OSHA. Who's the VP of business development and corporate development at Z Scaler. Two great companies all doing extremely well as customers are dealing with Cove it And the reality is this market and putting plans in place for coming out with a growth strategy. Gentlemen, thank you for joining me today. >>Yeah, John, thanks for having us. >>Thanks for having us, >>Tom. I want to start with you. Actually, the partnership with the scaler is the discussion of this topic. But you guys do have some hard news around the future of workforce solutions. What's the hard news and has that relate to all this? >>Yeah, we sure do, John. So you know, networks were built in a very different time. Networks were built when work was a place that you came. Now, work is the thing that you do. Oftentimes you do from your living room or your den. As I am on DSO, it really calls into question some of the fundamental principles of how we build a deploy networks. In the old model, we would set up something like a branch office and we would back haul traffic using a dedicated circuit like an mpls circuit back, haul it to one of a handful of locations that we called the DMZ or Demilitarized and those locations where you would stitch together a security ensemble made out of dedicated hardware appliances, firewalls, Web proxies, I PS systems and the like And that model service? Well, Azan industry for many decades, three. I'd say 30 years. Um, all of a sudden, the whole notion of the workplace has changed and changed dramatically We're all living through that and experiencing it firsthand. And so the original model of back hauling traffic to some point in, you know, precipitating New Jersey so that you can run it through some magic black box because the model doesn't apply anymore. And so at the end, where we have a new vision for how we can take the security, the reliability, the performance that you get when you're on the corporate network and extended into people's homes. And this is in line with what industries air calling, sassy or secure access services edge. And so the news that we're announcing is we have a complete, sassy solution that involves zero trust access. It involves firewall I. D. S I. P s capability, Advanced security services and then importantly ah, very strong partnership with the scaler on. We can walk through how that works, but it's really driven by this new shape of the workplace. >>Put it, Talk about the partnership with VM where we've been following see scaler for a long time. What a great success story. Great technology team. Great business model growth in your marketplace. Congratulations on your success as you guys continue to grow the world has spun in this disruption kind of world we're in now. You guys are well poised for that. Talk about your partnership with VM Ware. >>Thanks, John. And thank you, Tom, for that quick overview. You know, just to play out this idea we started over it over a decade ago. The basic idea was you know, the users, uh, pretty much everywhere, and the applications are moving to the cloud. And so back to Tom's comment. You know, we had these networks where you were back hauling. Maybe I'll just give a very simple analogy the CIA off Nestle, you know, when he first deployed, uh, Z skater, you know, and and realized a tremendous amount of cost savings that a security. But then, more importantly, the employees off Nestle actually started blogging that the Internet had gotten faster. And when the CEO came to ah customer advisory board meeting, he made a very simple analogy. Imagine having to get out to the Internet through four major international airports worldwide. All right, so you couldn't drink directly traverse from point A to point B. But you have to transit through these four. It would be very inefficient it would really slow you down. And more often than not, you'll be complaining that was the old network architectural. And what we have chosen to do here from a security standpoint at sea Scaler, is make that security closer to the end user. Now we pride ourselves from a security standpoint, and we certainly need networking to also adapt to that. And that's where we have found our partnership with VM Ware, to be particularly strategic. We started partnering with VM were actually prior to them, acquiring Vettel Cloud, which is the software defined when, uh, networking provider, uh, just primarily because they were a cloud based networking player. And this idea off locally breaking out to the Internet Getting out to the end destination as quickly as possible is something that they did quite seamlessly. And so we started this journey, this partnership with them a few years ago and today at VM. Well, we're enhancing that, expanding the partnership not only from a product standpoint, but then, more importantly, we're leaning in from a sales go to market customer support standpoint. >>You know, that's a great point. What? I've been saying this in the queue for a while with the joke was, um the When is the new Land E? I mean, we used to have the old days, remember? Oh, campus connecting networks drive to the airport as you mentioned, the great analogy there, by the way, has to be better. People are working at home. You got technically a land un security, you know, working at home. People are realizing this. These core services have to change. It's not just connect to the Internet the old way. It's everywhere. It's networking everywhere. This is the reality of the kinds of Internet things that used to go on where it's kind of cool and secure. You know, you've got a perimeter. Everything was working. Great. Put it. You mentioned it. Why drive to the airport? Four airports with world. That's a great analogy, Tom. This points to the future. Ready concept, access anywhere. Services that are needed for the security and, more importantly, the user experience. I don't want to slow down to go faster. I wanna I wanna I wanna make it. I wanna make a good experience happen. What's your thought? >>Yeah, well, I mean, I think we're all living through this new world where we're working from home, and sometimes the user experience is less than perfect. In fact, on this broadcast you may see stuttering and break up of the video, and you know, that's that's a problem that I think needs to be solved. It's a problem that we're able to solve with virtualization. So the idea behind virtualization by putting a layer of software on top of a physical asset, you could make it easier to manage that asset. You could make that asset more efficient. We certainly did that with servers. It was really obvious. Now we're doing it to the network itself. So what this means is we have some customers. We have one customer that is in the health care industry, like during the height of the crisis, all of their doctors and researchers had to work from home, and yet they needed to use video communication tools like we're doing here. And they needed a consistently good and user experience. And so we were able to ship these customers more than 8000 boxes over the course of two weeks into people's homes. So think of a little tiny device about the size of a set top box shows up in your house and all of a sudden your zoom or your WebEx sessions just work, no more stuttering. And we're breaking up because we're able to manage the network and virtualized prioritized traffic and deliver consistently good and user experience. So managing the quality of services, a foundational capability, and we have a unique ways to do that with virtualization that I think never existed before the second step is I wanna make sure not only that it's a good user experience, but my security. All of those controls that used to live in black boxes that those replied, This is where our partnership with the scaler is so important. So the scaler has the same philosophy that we do of like, let's put this stuff in many points of presence around the world. I think you know you're in like, 100 or so points of presence, so we weren't 150. And so whatever an end user is, you just find that nearest point of presence, connect and make the shortest route possible to deliver good quality and user experience and also consistent world class security. It's zero. It's >>interesting. First of all. We'll sign up for the Cube Virtual. We need that video late challenges. But we're you know what? We shouldn't have to be video engineers to manage the packets on the round trip. This software, I mean, you know, Web Zoom, they build their entire application to manage these kinds of intellectual property challenges. So that >>brings the >>complexity of applications. So, you know, people are gonna have all these new complexities. And how do you integrate it all? >>Yeah, you know, obviously, Zoom and WebEx companies are, you know, this is court or what they do. The challenges they gotta control both ends of the wire, and and so so with with our network virtualization, we actually control the wire itself, right? We can make the wire behave in a way we can prioritize traffic so that your zoom goes ahead of Xbox Live or Netflix do things like traffic shaping, which are techniques that are actually well understood, but difficult to deploy in a physical world. In a virtual world, we could employ these techniques constantly adapting and changing to make sure that engineer experience is smooth and easy on. That's really pretty impactful. >>Put it. What's your reaction all of this because you know I'm a customer, you know? You know, I'm like, What's in it for me, guys? Integration with the scale of VM Ware. What's in it for me? Because I got now multi clouds in the horizon. I'm dealing with multiple clouds today. I got complexity and applications themselves, and I want to create the nirvana that you laid out, which is access anywhere. High speed eso I might not have the expertise in house. What do I do? What's in it for me? Take me through the value proposition. >>Absolutely. So you know, Tom touched on it. You know the idea of bringing security as close to the end user as possible. If you step back for a minute and you start to think about security usually security and user experience off a contradictory Usually if you add more security, you lose use of experience and vice versa. That's sort of what Ziese killers start to go solve. And so, you know, over a decade ago, you know, when we started to build the architectures, it was built with a few core principles in mind, right? The idea of being completely distributed today we're in over 200 points of presence worldwide. That gives us a pretty good footprint to be as close to the end user. We absolutely could not compromise own security. So this idea that if you have a finite appliance, maybe the appliance has a, you know, a limited amount of CPU or horsepower And so I will tweet the security s so that I could get more performance, not the case with how we ran about, you know, offering security. All security services run all the time. Right? So without any compromise to the end user, and then finally, you know, when it comes to the actual security itself architectures based on something called a proxy. And usually again, if you start to think about a proxy and security was, uh people don't think in a very favorable manner, they usually think it slows things down. It adds Leighton, see, it breaks applications. And again I go back to, you know, the foundational elements of the skater. When we started this journey, it was with this idea that we're gonna build this proxy from the ground up. Very high performance. Mike was second, like late and see something that you would not see in the market anywhere with this partnership. Now, right? Seamless integration between VM Wednesay skater You are now able to set up these tunnels instantly automatically, so go back to Tom's. Example. 8000 set top boxes like devices sent out to this healthcare institution. Right? You can automatically set up tunnels such that the traffic is pointing to Z scale. There's feel over capabilities, so any and all of that has been instrumented in in software. The end customers sets that up. You know can automate that templates all across those 8000 devices. You now have security at the same time with user experience. A passed away to go adapt to business needs agility, you know, being able to keep up and lower your costs because you're substantially reducing the Mpls footprint. So there's a whole bunch of disparate, uh, you know, advantages that an enterprise gets. But the biggest one off amongst them, in my mind, is just being able to address the business needs. I mean, how Maney CEO is today with Colvin are starting to realize my network is not adapting to this new normal right, and so that's sort of where this partnership between VM Ware and Z scaler comes in. It's very timely. >>Everyone's like they want more about their network, and that's like, you know, everyone's banging on the table. Great. Great point there. Thanks for taking that great explanation. I wanna just follow up with you if you if you don't mind, compare that what you just said in terms of the value of Z scaler with this partnership versus the old way, because you what you just laid out was, you know, dynamic provisioning, setting up connections, having software, automate things, compare what it was like before because, remember, I mean, people have been around the industry. No, the pain in the butt that it's been and human error Compare what the old way it was like And now with this experience, can just just >>really And I let Tom talk about, you know, things on the network side. You know, where you might have had a large behemoth like a Cisco box where you try to tweak some policy and the entire box would fall over or something along those lines from a security standpoint. Usually when you had a a box, you know, You know, folks would call it a youth name box that God about box with, You know, as much security as you could push into a finite amount of appliance unified threat management function. Usually what would end up happening the old way was, you know, you would, you would you would have some basic security capabilities. Maybe it was. It's a traditional DMC that Thoma alluded to. You know, there's a firewall, there's an I. P s. There's some Web proxy capabilities and and that that was the that was the journey that a customer had, you know, So they would replicate this box and all those various locations. Or in the case of Nestle, before the scaler, they had those Dems es in four locations around the world, right? And the moment security, security keeps changing, right, the threat landscape keeps adopting. I mean, today, within disease killer cloud, we provide over 125,000 updates everyday, right? That's how dynamic security is. And so because the threat keeps changing, usually one of the things that vendors will try and do is add more security to that existing appliance. Right? So you're trying to make sure that a customer bottom appliance on, they need to make sure that they recoup the full investment. Let's add a little more security to it. Let's add a little more security to it so that I can keep up with the latest threats. Well, the problem with that is, when you have a finite amount of horsepower within the appliance, the performance starts to drop. And so usually that was the trade off that enterprises were making. With the security now being in the cloud right, And this idea that you're in the way, you sort of have infinite compute. Uh, you are now decoupling security from those those branch devices that Tom just alluded to. I mean, that 8000 boxes, right? One of the key points of a sassy framework that Tom alluded to is a very lightweight branch. And that's the piece That's the North Star that I think both VM Ware and Czyz killer have had right that that that low end not not lowering but of a thin branch and let the heavy lifting whether it's on the US side from the networking standpoint, whether it's security, um, you know, as it related to Z skater. Let that heavy lifting be done in the cloud. >>Yeah, and of course, there's a lot of lot of moving parts, so it's It's might be lower in lightweight, but it's more functionality. That's what the cloud Because I get that point, by the way, that anyone in the D M Z knows that as you add more stuff in there, get more, you know, cooks in the kitchen. Nothing good comes from that. Um, Tom, I'm gonna get your thoughts for the your audience out there and your customers and your prospects. What does the Z scale of partnership mean for them? >>Well, like I said, it zone opportunity to think differently about how we build a deploy enterprise networks. This a dramatic change. Most of us have been familiar with the old model where you had a spoon. It was referring to those big heavy boxes, the VPN concentrators and at the same time, most of us have been employees of those companies on. We've had the, you know, sort of less than stellar experience of turning the VPN on, and all of a sudden interest in Internet go slow. That's that's not what we want Thio achieve, and so so having the ability to use a distributed architectures. It's being forced upon us. Everyone is distributed where they like. They like it or not, Right? And so having a distributed architecture where I can put security and quality of service network controls closer to the end user is really, really critical. And I think just as puny was saying they started with this idea of of pushing security closely on user. We started with fellow Cloud with the idea of virtual izing the network in lots of physical places. So retail locations. So you've got thousands of stores around the world. You need to deliver video and audio services into those stores with a very high quality. So we were designed to have a very light, uh, entry point, and a light interviewing can just be pure software. It could be a small box three advantage of a small boxes. It's so turnkey it's designed that totally unskilled operator can use this retail people. A store manager gets a little box in the mail. You plug it in, you know, snap to Internet cables into it, and it just works again, Put it referred to this. This is part of our value. Proposition is, you plug this thing in a zone and used all you know is the Internet just got faster. You don't have to configure proxy settings. What's my I p range? Like that stuff's? Yeah, exactly. Well, and this is so many of us are feeling it now when you have, you know, sub optimal network connections. So being able to deliver a quality and user experience, >>you know, Cove, it accelerated a lot of a lot of opportunities. Also exposes the scabs and and, you know, things that been laying around and some suboptimal projects. I mean, and everyone's gonna be doubling down on things that are working and probably, you know, putting on the back burner or killing projects that don't make sense. So, um, this is a great opportunity, and I think forces things right in you guys. Wheelhouse is so I appreciate taking the time for the last minute that we have left Tom and putting. If you don't mind, I'd love to get your thoughts real quick on what's next after cloud. Obviously, cloud brings up all these benefits you're talking about. Um, what do you guys see is what's next after cloud Tom will start with you. >>I think that the you know, the range of services that will deliver in this format is not at all limited to traditional DMC services. So thank ap. I gateways. Think about core infrastructure offerings like DNS. Pretty much everything that we used in the network can actually now be delivered as a service in software more efficiently, Um, then standing up boxes and and racking, stacking yourselves. And so our view is that that cove, it has killed the appliance once and for all. And that's broadly. That's not just at the at the edge. That's in the core of the data center, things like load balancers. They're all moving to software with scale out scale out infrastructure software running on X 86 on DE. So I think that change of that magnitude will still take a while to roll out. But it's happening, >>Cove. It killed appliance. That's the headline right there. Love that. Put it after cloud. What's next? >>Well, you know, I'll say this job very similar to what Tom just mentioned. I think we're in the early innings, you know, when we would talk to our customers about transforming the network and adapting to this new normal. You know, we had some early adopters, but there was still a fair number of people that was skeptical and that loved their appliances. Covert has changed a lot of that. And so we have seen, in general acceleration of the business. The market is moving in our direction, and we feel that with this partnership you have to market leaders coming together. Right? VM ware on the networking side on the cloud networking side on the data center z scaler as it relates to cloud security user base security. This idea that we are a zero trust exchange that allows users to connect your applications to the Internet in a safe manner and at scale. That's the beauty off. You know, this'll, uh, partnership that we have brought together. And we are hopeful that customers will embrace it with confidence. And I'm mindful that we're in the early innings. >>Great points, gentlemen. Awesome stuff, great insights. And I think the cloud native integration shows that people in the ecosystem is evolving to be cloud native toe have these kinds of integrations these value points physical virtualization. Tom. Great point. I mean, we're not in face to face, but we're here. Virtually the The Cube is gonna be virtual. It's suffered to find operations. The world has changed. I think everyone is now seeing it. Thanks for the insight. And congratulations, Tom. On the news putting. Thank congratulations on the partnership with VM. Where sounds like it's great for customers looking forward to digging in. Thanks for your time. Appreciate it. Okay. That's the cube coverage here. We're in Palo Alto, California. We're in the Bay Area, but this is the emerald virtual. We're not in person, but we're virtual. I'm showing for your host for coverage of the emerald 2020. Thanks for watching.

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum World 2019 brought to you by the M wear and its ecosystem partners. >> Welcome back. I'm Stew Minuteman here with John Troyer. We're have three days, Walter Wall coverage here at VM World 2019 with lobbying Mosconi North and happy to welcome to the program. To my right is Tom Burns, who is the senior vice president general manager of networking and Solutions at Delhi Emcee and sitting to his right. Another Tom. We have Tom Gillis, who's the S V p and general manager of networking of Security inside VM wear. So I'm super excited. Go back to my roots of networking. Tom and Tom thanks so much for joining us. >> Thanks for having us. Thanks for All >> right. So, you know, Tom, you and I have talked for years now about you know, it was not just s t n, but you know, the changes in the environment. Of course, you know, networking and compute, you know, smashing together and where the role of software in this whole environment has changed. So, you know, let's start, you know, there's some news. Let's get that cover the hard news first. VM Where has the networking pieces? Dell has some software networking pieces also, and there's some more co mingling of those. So maybe walk us through that. >> Absolutely. I think the story this week is about the collaboration that's happening between Tom's team and my team in kind of innovating and disrupting in the traditional networking world. You know, Tom Sad NSX around micro segmentation network virtualization lot going on with analytics and capability to really see what's going on. The network from Cord Out EJ to cloud the acquisition of RV, which is outstanding. Other things that are going on in Vienna, where deli emcee disrupting around the segregation of hardware and software, giving customers that capability to run the nasty need for the connective ity they need, depending upon where the network is sitting. So this week we got two announcements. One is we've got worldwide shipment of the Delhi M CST Land solutions powered by being more great, you know better than none. Software combined with better than none. Hardware coming from del you see, on a global basis worldwide, you know, secure supply chain plus professional service worldwide is a parameter there, right? >> And Tom, maybe bring us in. You know, we'd watch Fellow Cloud before the acquisition esti weigh on. You know, there's a lot of solutions that fit in a couple of different markets. It's not a homogeneous market there. Maybe give us just kind of the camp point from Avella Clubs. Esty Esty. >> Wind is a white Hart market on because it has the classic combination a better, faster, cheaper. It delivers a better end user experience. It is so easy to deploy this and it saves money, NPLs, circuits and back hauling traffic those that was, ah, 19 nineties idea. It was a good idea back then, but it's time for a different approach. >> And just when I've talked to some customers and talk to them about their multi cloud environment, SD Wind, one of those enabling technologies that you know they will bring up to a mad allowed them to actually do that. >> It was it was the movement really >> office 3 65 and sass applications that drove the best human revolution and that back hauling all this traffic to headquarters and then going out to office for 65 when a user might be in, You know, Des Moines, that doesn't make any sense. And so so with us, the win we intelligently route the traffic where it needs to go delivers a better end user experience, and it saves a bunch of money. It's not hard to imagine that cheap broadband links are on order of magnitude lower than these dedicated mpls circuits. And the interesting math is that you could take two or three low cost links and deliver a better experience than with a single dedicated circuit. >> I'm kind of interested in the balance between hardware and software, right? The family trees of networking and compute kind of were different because if they had specialized needs in silicon, so where are we now? It's 2019. Where are we now? With with line speeds and X 86 then the hardware story. >> I think it'll let Tom join the discussion around speeds and feeds is not dead, but it should be dying to get a quick right. You know, it's around virtual network functions and everything really moving to the software layer. Sitting on top of commoditized X 86 based you know, hardware and the combination of these two factors help our customers a lot more with flexibility, agility, time to deploy, return on investment, all these types of things. But I mean, that's my view is a recurring theme you're gonna hear. Is that in networking? And think you're alluding to this You needed these dedicated kind of magical black boxes that had custom hardware in order to do some pretty basic processing. Whether it be switching, routing, advanced security, you had to run things like, you know, hardware. Regular expression, matching et cetera was about three years ago that Intel introduced a technology called D P D. K, which is an acceleration that allowed VM wear to deliver in software on a single CPU. You know, we could push traffic at line rates, and so so or, you know, faster than one rates. And so that was sort of like there wasn't the champagne didn't go off in the, you know, the bald in drop in Times Square. But it's a really important milestone because all of a sudden it doesn't make any sense to build these dedicated black boxes with custom hardware. Now, general purpose hardware, when you have a global supply chain and logistics partner like Dell, coupled with distributed software, can not only replace these network functions, but we can do things completely differently. And that's really you know, we're just beginning this journey because it's only recently that we've been able to do that. But I think you're gonna see a lot more that in the future. >> So we talked about SD win. Uh, there was a second announcement >> that goes back into the court. You know, the creation of a fabric inside of the data center is still a bit difficult. I mean, I've heard quotes saying It's something like 120 lines of cli, you know, per switch. So let's say 4 to 6 Leafs pitches, switches and two spine switches could take days to set up a fabric. What we've announced is the smart Fabric Director, which is a joint collaboration and development between Veum Wear and Delhi emcee that creates this capability to tightly integrate NSX envy Center into the deli emcee power switch, family of data center switches, really eliminating several cases and in fact, setting up that same fabric in less than two minutes. And we're really happy about not just the initial release. But Tom and I have a lot of plans for this particular product and in the road map for, you know, quarters and years to come about really simplifying again, the network automating it. And then, really, our version of intent based networking is the networking operating the way you configured it, you know, when you set it up and I think not just not just on day one, but two, you know and a N and you know you hit the nail on the head. Networking has changed, is no longer about speeds and feeds. It's about availability and simplicity. And so, you know, Del and GM, where I think are uniquely positions to deliver a level of automation where this stuff just works, right? I don't need to go and configure these magic boxes individually. I want to just right, you know, a line of code where my infrastructure is built into the C I. C. D pipeline. And then when I deploy workload, it just works. I don't need an army of people to go figure that out right, and and I think that's the power of what we're working together to unleash. >> So when something technology comes up like like SD win. Sometimes there's a lot of confusion in the marketplace. Vendors going out one size fits all. This will do everything Course. Where are we in the development of SD win and what is the solution? Who should be looking at taking a look at the solution now? >> SD win market, as I said, is growing depend on whose estimate you look at between 50 and 100% a year. And the reason is better, faster, cheaper. Right? So everyone has figured out, you know, like maybe it's timeto think differently about about architecture and save some money. Eso we just announced it on the PM or side, an important milestone. We have more than 13,000 network virtualization customers that includes our data center as well as yesterday, and we don't report them separately. But 13,000 is, you know, that's almost double where it was a year ago. So significant customer growth we also announced were deployed together with our partner from Del 130,000 branches around the world. So by many metrics, I think of'em, where is the number one vendor in this space to your point it is a crowded, noisy space. Everybody's throwing their hat in the Rangel. >> We do it too. >> But I think the thing that is driving the adoption and the sales of our product is that when you put this thing in, it fundamentally changes the experience for the end user. There's not a lot of networking products that do that. Like I meet customers like this thing is magic. You plug it in and all this and streaming just works, you know, like Google hangouts or Web X is like they just work and they worked seamlessly all the time that there's something there that I think it's still unique to the PM or product, and I think it's gonna continue to drive sales in the future. So I think the other strong differentiation when it comes to Del Technologies bm where in Delhi emcee combined is we have this vision around the cloud. You know, EJ core cloud and you know this hybrid multi cloud approach. And obviously SD Ram plays a critical part as one of the stepping stones as relates toe, you know, creating the environment for this multi cloud environment. So, you know, fantastic market opportunity huge growth. As Tom said, markets probably doubling in size each year. I don't know what the damn numbers are. I hate to quote, but you know, we really feel is, though now having this product in this capability inside a deli emcee, again combining our two assets, it could be the next VX rail. We're really good way. Believe the esteem and it's gonna be a gigantic market. And I think that what's interesting about our partnership is that we can reach different segments of the market in a V M, where we tend to focus on the very high end, large enterprise customers. Technically very sophisticated, delicate, rich customers we don't even know we don't even talk to, And a product is simple enough that it works in all segments. We win the very, very biggest, and we win these. You know, smaller accounts where the simplicity of a one quick deployment really really matters. >> Tom. One of the things that excited me a year ago at this show was the networking vision for a multi cloud world reminded to be of nice syrup. React. You know, when we look at networking today, most remote network admin a lot of the network they need to manage. They don't touch the gear. They don't know where it lives, but they're still responsible. Keep it up and running. And if something goes wrong, it's there. It is the update as to where we stand with that where your >> customers are asking the question, right? So our mantra is infrastructure is code, and so no one should ever have to log in with switch. No one should have to look into a Q. And you know, we should have to be like trying to move packets from here. They're just It's very, very difficult. I'm not really feasible. And so So as networking becomes software and those general purpose processors I talk about are giving us the ability to to think about not just a configuration of the network but the operation of the network in ways that were never before possible. So, for example, we announce that the show today with our monitoring product ve realise network in sight. We call it Bernie, not always such clever with the names that were really good at writing code, Vernon gives us the ability to measure application response time from the data center all the way out to the edge. So a single pane of glass we can show you. Oh, here's where it's broken whether it's in the network, whether it's in the server, whether it's the database, that's that's not responding. And we do this all without agents, right? So it's like when the infrastructure gets smart enough to be able to provide that inside, it changes the way the customer operates on. That translates into real savings and real adoption. And that's what's driving all of this momentum, right? That 7 500 to more than 13,000 customers, something has to be behind that. I think it's It's the simplicity of automation. >> CLI has come up a couple times here, and so that's kind of a dirty word. Maybe even these days, it kind of depends on who you're talking with, I think Veum Way. Rendell both spent a lot of time and effort educating the networking engineering market and also educating the kind of data center you know, the rest of the data center crew about, you know, about each other's worlds. Where again, where are we at now? It sounds like with director on with the innocent. The NSX whole stack? Yes. Uh, the role is changing of a network engineer. But again, where are we in that? In that evolution? >> I think you know, we're early on, but it's moving quite rapidly. I think the traditional network in engineer and networking admin is gonna need to evolve. You know more to this, Dev Ops. How do I bring applications? How do I manage the infrastructure? More like a platform. I mean, Tom and I truly believe that the difference between cute and network infrastructure is really going to start to dissolve over time. And why shouldn't it? I mean, based upon what's happening with the commoditization and speeds of the CPU versus the MP use coming from Mersin silicon, it's really beginning to blur. So I think, you >> know, we're in the early >> stages. I mean, certainly from a deli, see perspective. We still, at times, you know, have those discussions and challenges with traditional networking people. But let's face it, they have a tough job. When something's not working, the network administrator usually gets blamed, And so I think it's a journey, uh, and things such as the del Technology Cloud Open networking, NSX, and now SD when it will continue to drive that. And I think we're going to see a rapid change in networking over the next 12 18 to 24 months. I talked to a number of customers that has said, You know, this journey that Tom was talking about is this is a challenge because the skill set is different. My developers need to learn software, and so what? We're working with the M where is trying t o make that software easier and easier to use it actually approach like English language. So latest versions of NSX have these very simple, declarative AP eyes that you can say, Oh, server A talk to server be but not server see, Click Don Deploy. And now, in our partnership with L, we can take that Paulson push it right down into the metal, right down into the silicon. And so so. Simplification and automation are the name of the game, but it is definitely a fundamental change in the skill set necessary to do Networking. Networking is becoming more like software as opposed to, you know, speeds and feeds and packet sniffers and more the old traditional approaches. >> Tom, I don't want to give you the final word as to Ah, you know what people should be taken away from Dell in and Veum wear in the networking space. Well, >> I think across deli emcee and in being work, there's a great amount of collaboration, whether it's the Del Technology Cloud with of'em were really taking the leadership from from that perspective with this multi hybrid cloud. But in the area of networking, you know, Trudeau. Five years ago, when we announced the desegregation of hardware and software, I am in this to disrupt a networking business and to make networking very different tomorrow and in the future than it has been in the past for our customers around. He's deployment, automation and management, and I think that's a shared vision with Tom and his team and the rest of BM, where >> Tom Gillis, Tom Burns, thank you so much faster. Having eight, we'll be back with more coverage here from VM 2019 for John Troyer on stew. Minutemen as always. Thanks for watching the Cube

>> Live from Las Vegas it's theCUBE, covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Hey welcome back everyone, we're here live in Las Vegas, for AWS re:Invent 2018. Our sixth year covering, I'm John Furrier with Dave Vellante. Dave, it's been a wild ride, a lot going on, changing formations over the years, cloud is kickin' butt. >> Innovation, growth. >> Partnership with VMware's paying dividends. The ecosystem's evolving, startups are having opportunities. C-Chains is here. Tom Gillis, Senior Vice President and General Manager Networking and Security Business Unit at VMware is our next guest. Great to have you Tom, thanks for comin' on. >> Thanks gentlemen for havin' me. Yeah, it's good to be here. >> I'm glad you're on, because one of the things I'm always excited about is networking. If Stu Miniman were here, he'd be all over this conversation as well. It's hard, it's been part of the holy trinity of infrastructure, network, compute, storage, is never going away, but it's changing. There's new abstraction layers, there's new opportunities, you're now living and breathing and working on with VMWare, and they just, ways to make networking better. How's it going, what's the update, what's going on in networking, this Outpost deal is really interesting. You bring in worlds together, in a consistency-- >> You hit the nail on the head, right. We're bringing the worlds together. And I think, one of the things we're seeing, is that, in the enterprise, enterprise IT is looking at an increasingly heterogeneous data center environment. In in the next 12 months, you're going to have data center, where one rack is running EC2, and your data center, one rack is running vSphere, in your data center, another workload is running on Amazon, another one is running out of the Edge, so tying this all together creates some challenges, and this is a problem I think VMWare is uniquely suited to solve, networking is the fabric that connects all these disparate islands, and lets them talk to each other, lets them talk to each other in an orderly way, right? So, networking is about connectivity. It's also about policy enforcement, those are the two things we focus on with the intersects team at VMWare. >> And I'll say, as the landscape changes around how cloud impacts it, no perimeter, but networking still has to move packets from A to B, storage goes from now to then, so things are moving around. So networking is constant, straightforward and consistent, you got to move packets around. >> Yes, this is an important thing that I think people get confused on, is, when they understand, they look at the numbers that we're posting in networking, it's all software networking, right? We don't move packets from A to B. We do the policy administration. So, something has to move the packets from A to B. Cisco's switches, Arista's switches, there's a lot of really good networking hardware out there that's not going to go away any time soon. But I always say, use the right tool for the right job, so, a product like Cisco ACI is a fabric manager for a switch. And NSX is a policy layer, right. It's a software networking layer, and something we learned from the public cloud is that, you can automate network deployment using this software networking approach. How many networking people does it take to deploy a workload on AWS? >> Zero. >> Zero! You push a button and it goes. So we're giving you that same capability on-prem, within a stack, so it's automation that allows you to automatically spin up and deploy a network, and a policy to go with that network that makes sense. >> How does that impact the largest networking vendor on the planet, Cisco? How does that scenario, and how do you guys work together? Is it conflicting, is it together? >> As you pointed out, the electrons have to move from A to B and Cisco is really, really good at doing that, actually moving electrons, doing it cost effectively, efficiently, at scale, hard problem to do. So we work very closely with Cisco to make sure that, NSX and, you know, Cisco's products, are interoperable, that they work together, they solve different problems. The problem that we solve with NSX is the policy piece of it, web server can talk to app server, can talk to database. That's a very simple policy, but when you try to express that in IP addresses, that could be 5,000 firewall rules, and in NSX that's one rule, it's English language. So it's that simplicity of software networking, allows us to enforce policy, in a increasingly heterogeneous environment. >> Okay, so let's talk about Outpost a little bit. You're got two versions, if you will. You've got VMWare Cloud on AWS Outpost, and then your piece, which is the cloud foundation for EC2 on Outpost, so that's low-latency, it's consistent networking, talk about that piece of it, drill down, and some of the challenges that you had to solve. >> So, as you pointed out, we think Outpost is an industry-defining announcement, because it's really blurring the line between private and public cloud. And VMWare and Amazon have partnered very deeply to continue to make this just feel like one thing. And the piece of the puzzle that we bring to the table is infrastructure, so policy management, that connectivity, the web server talks to app server, who gets to talk to who, security policies, data management and protection policies, these are things that customers expect from us. It's very easy for us to deliver that in a VMWare, vSphere environment. I think you talked to my colleague Mark Lohmeyer, about VMC that's going to run on Outpost, that's a VMWare environment running on Amazon hardware. We also are introducing services that are going to provide VMWare capability in a native EC2 environment running on Outpost, that's what we call VMWare Cloud Foundation, or VCF for short. >> That's a particular instance of Outpost, there's also the Amazon version, how do you guys doing under the covers? Explain how it works from a VMWare standpoint on the premised piece? Talk about under the covers. >> As you pointed out, the trick is to get all these disparate hybrid, you know, clouds, these different kind of islands the capacity to talk to each other. And so we've worked very closely with Amazon team to take NSX networking, embed it into Outpost so it can talk seamlessly to enterprise networks of all shapes and sizes. That's a deep, important part of the relationship. And in addition to that, we're putting the VCF capability into EC2 to extend consistent policy enforcement, either in a vSphere environment, private thing that you're managing, the hybrid thing that maybe VMWare is managing, or that Amazon's managing, in any scenario we're going to give you one set of policy, one set of enforcement across all of this with VMWare Cloud Foundation, as well as the VMC on AWS. >> The software engineering and engineering in general for the data center, where there's hardware, software, the generations of developers have all had the same kind of language, just changes tone. Put a wrapper around it! Container, VMs, but now all the same principles. You want to make something smarter and better like an old mission critical work load, you put a wrapper around it, you kind of put software around it, and you can still run that and have new modern ways to add value to it, connector, whether it's a Micro service or an API, is a trend, the heterogeneous environment you just described, EC2 rack over here, isn't this kind of like a container for the data center? In a way? >> My view on this, and I think Amazon is really pioneering this front, the data center is becoming an appliance. When you think about it, like, every enterprise is buildin their own data center with their own pieces parts, that's nuts! It'd be like, every company building their own furniture. Yeah, you could do it, but like, really? Wouldn't you just rather buy this desk from a furniture maker? And so, Amazon has built an incredibly efficient, incredibly powerful, call it an appliance, this hardware infrastructure, that works, and it works at scale, and it's easy to use, and you can get it in two days, it ships with Amazon Prime, that is super compelling. And I think a huge amount of customers are going to look for that simplicity, that easy of use, what's necessary, you pointed this out, is an abstraction, software abstractions, that's what VMWare does. We create software abstractions to simplify the administration of all the bits and bytes, all the electrons that are flowing from A to B. We make that stuff easier to manage, with virtualization technology, that is an abstraction. >> Operational-wise, I think it is the very key point too. How do you get it to run? (chuckles) Operating the networks, operating the data center, operating systems that feed developers value and giving developers a programmable infrastructure, that's the vision of a software-defined data center. >> So, you talkin about, data centers as an appliance, I always thought Larry Ellison had it right. You develop all these appliances, like the iPhone, for enterprise, the problem was just Oracle, very narrow set of use-cases. I feel like, in a way, that I felt when the Warriors got K.D. Right? That's what Outpost to me, is like, it's almost like an unfair advantage-- >> Game over! >> It changing the game, here, so I, look, VMWare is a software company, you love anybody who will run your software on their hardware. >> But Even Duran is a great analogy. >> But you got to think, that the guys who been playing in this, you know, on-prem cloud market, are going to say, "Whoa, what do we do now? How do we respond," how do you think that affects some of your other partners? >> I think the magic of what Amazon is doing, is it's simplicity from A to Z, meaning, I have a work load, I need to deploy it, I push a button, two days later, this rack of hardware shows up at my data center, you plug it in, it talks to the cloud, it hooks itself, like, that's awesome, right? >> Patches itself, I don't have to worry about it. >> The thing they got to remember, is that data center is a means to an end, not an end in itself, right? What is a data center supposed to, it's powering software that powers the business, and companies are spending too much time building the machinery to power the software to power the business, and they want to focus on the software that's powering the business. >> Software is the world. >> Too much head count, involved in-- >> It's just a lot of work, a lot of energy, a lot of bandwidth, a lot of attention, a lot of arguing, a lot of debate. >> Move that head count into high-value activities. >> Exactly. >> That is really, I think, the key point. And again, it became its own cottage industry, for the wrong reason! >> Yeah, I feel like, working with Amazon, we can simplify how you build, deploy a data center. There's an unsung hero in this equation, that is Intel. Intel is just making these processors faster, stronger, and so, we see less and less need for highly-specialized general, specialized servers, we can go with a more generalized compute infrastructure that can cover a wider array of workloads, including networking. We're using Intel processors, and we're running 40 gigs of enterprise-grade networking-- >> I got to say Tom, that's a great to point out Intel, I was reading the news on my phone, just in between breaks here, the news articles, "Oh, Intel's new competition with ARM," what they don't understand is, this is a massively expanding addressable market. So it's not a winner-take-all, Intel doesn't have to get every deal. 'Cause there's specialism at the silicon-level now, to power these software abstractions. >> To your point too, a decade ago Paul Muret said, "We're going to run any workload, "any application, anywhere in the world, on VMWare," and a lot of people laughed. And said, "You're not going to move some of the SAP stuff, or Oracle stuff," it all went, I mean, except for very, very few. And that's to your point, it's a general purpose system now, that can pretty much do any mainstream commercial app. >> So with the power of an abstraction layer, now we can optimize, and I think we're still learning the details of what exactly Amazon's done to optimize, but we all know, it's powerful, right? And now, you can get that in Outpost. >> They've got some street cred! >> Yes, they've got some street cred, yes. >> Tom, great insight, thanks for coming on theCube. >> Gentlemen, thank you for having me, this is good-- >> Great stuff, Senior Vice President, Senior Executive at VMWare, breaking down the relationship with Amazon, it's like the Golden State Warriors getting Kevin Duran, they run the table, if they had Lebron, that'd be like, best analogy. We'll be back with more live coverage here at theCube cover of AWS Reinvented after this short break. Stay with us. (punchy electronic music)

>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies, creating technologies that drive human progress. (bright upbeat music plays) >> Welcome back to Barcelona, everybody. You're watching theCUBE's coverage of MWC '23, my name is Dave Vellante. Just left a meeting with the CEO of Cisco, Chuck Robbins, to meet with Jeetu Patel, who's our Executive Vice President and General Manager of security and collaboration at Cisco. Good to see you. >> You never leave a meeting with Chuck Robbins to meet with Jeetu Patel. >> Well, I did. >> That's a bad idea. >> Walked right out. I said, hey, I got an interview to do, right? So, and I'm excited about this. Thanks so much for coming on. >> Thank you for having me. It's a pleasure. >> So, I mean you run such an important part of the business. I mean, obviously the collaboration business but also security. So many changes going on in the security market. Maybe we could start there. I mean, there hasn't been a ton of security talk here Jeetu, because I think it's almost assumed. It was 45 minutes into the keynote yesterday before anybody even mentioned security. >> Huh. >> Right? And so, but it's the most important topic in the enterprise IT world. And obviously is important here. So why is it you think that it's not the first topic that people mention. >> You know, it's a complicated subject area and it's intimidating. And actually that's one of the things that the industry screwed up on. Where we need to simplify security so it actually gets to be relatable for every person on the planet. But, if you think about what's happening in security, it's not just important for business it's critical infrastructure that if you had a breach, you know lives are cost now. Because hospitals could go down, your water supply could go down, your electricity could go down. And so it's one of these things that we have to take pretty seriously. And, it's 51% of all breaches happen because of negligence, not because of malicious intent. >> It's that low. Interesting. I always- >> Someone else told me the same thing, that they though it'd be higher, yeah. >> I always say bad user behavior is going to trump good security every time. >> Every single time. >> You can't beat it. But, you know, it's funny- >> Jeetu: Every single time. >> Back, the earlier part of last decade, you could see that security was becoming a board level issue. It became, it was on the agenda every quarter. And, I remember doing some research at the time, and I asked, I was interviewing Robert Gates, former Defense Secretary, and I asked him, yeah, but we're getting attacked but don't we have the best offense? Can't we have the best technology? He said, yeah but we have so much critical infrastructure the risks to United States are higher. So we have to be careful about how we use security as an offensive weapon, you know? And now you're seeing the future of war involves security and what's going on in Ukraine. It's a whole different ballgame. >> It is, and the scales always tip towards the adversary, not towards the defender, because you have to be right every single time. They have to be right once. >> Yeah. And, to the other point, about bad user behavior. It's going now beyond the board level, to it's everybody's responsibility. >> That's right. >> And everybody's sort of aware of it, everybody's been hacked. And, that's where it being such a complicated topic is problematic. >> It is, and it's actually, what got us this far will not get us to where we need to get to if we don't simplify security radically. You know? The experience has to be almost invisible. And what used to be the case was sophistication had to get to a certain level, for efficacy to go up. But now, that sophistication has turned to complexity. And there's an inverse relationship between complexity and efficacy. So the simpler you make security, the more effective it gets. And so I'll give you an example. We have this great kind of innovation we've done around passwordless, right? Everyone hates passwords. You shouldn't have passwords in 2023. But, when you get to passwordless security, not only do you reduce a whole lot of friction for the user, you actually make the system safer. And that's what you need to do, is you have to make it simpler while making it more effective. And, I think that's what the future is going to hold. >> Yeah, and CISOs tell me that they're, you know zero trust before the pandemic was like, yeah, yeah zero trust. And now it's like a mandate. >> Yeah. >> Every CISO you talk to says, yes we're implementing a zero trust architecture. And a big part of that is that, if they can confirm zero trust, they can get to market a lot faster with revenue generating or critical projects. And many projects as we know are being pushed back, >> Yeah. >> you know? 'Cause of the macro. But, projects that drive revenue and value they want to accelerate, and a zero trust confirmation allows people to rubber stamp it and go faster. >> And the whole concept of zero trust is least privileged access, right? But what we want to make sure that we get to is continuous assessment of least privileged access, not just a one time at login. >> Dave: 'Cause things change so frequently. >> So, for example, if you happen to be someone that's logged into the system and now you start doing some anomalous behavior that doesn't sound like Dave, we want to be able to intercept, not just do it at the time that you're authenticating Dave to come in. >> So you guys got a good business. I mentioned the macro before. >> Yeah. >> The big theme is consolidating redundant vendors. So a company with a portfolio like Cisco's obviously has an advantage there. You know, you guys had great earnings. Palo Alto is another company that can consolidate. Tom Gillis, great pickup. Guy's amazing, you know? >> Love Tom. >> Great respect. Just had a little webinar session with him, where he was geeking out with the analyst and so- >> Yeah, yeah. >> Learned a lot there. Now you guys have some news, at the event event with Mercedes? >> We do. >> Take us through that, and I want to get your take on hybrid work and what's happening there. But what's going on with Mercedes? >> Yeah so look, it all actually stems from the hybrid work story, which is the future is going to be hybrid, people are going to work in mixed mode. Sometimes you'll be in the office, sometimes at home, sometimes somewhere in the middle. One of the places that people are working more and more from is their cars. And connected cars are getting to be a reality. And in fact, cars sometimes become an extension of your home office. And many a times I have found myself in a parking lot, because I didn't have enough time to get home and I was in a parking lot taking a conference call. And so we've made that section easier, because we have now partnered with Mercedes. And they aren't the first partner, but they're a very important partner where we are going to have Webex available, through the connected car, natively in Mercedes. >> Ah, okay. So I could take a call, I can do it all the time. I find good service, pull over, got to take the meeting. >> Yeah. >> I don't want to be driving. I got to concentrate. >> That's right. >> You know, or sometimes, I'll have the picture on and it's not good. >> That's right. >> Okay, so it'll be through the console, and all through the internet? >> It'll be through the console. And many people ask me like, how's safety going to work over that? Because you don't want to do video calls while you're driving. Exactly right. So when you're driving, the video automatically turns off. And you'll have audio going on, just like a conference call. But the moment you stop and put it in park, you can have video turned on. >> Now, of course the whole hybrid work trend, we, seems like a long time ago but it doesn't, you know? And it's really changed the security dynamic as well, didn't it? >> It has, it has. >> I mean, immediately you had to go protect new endpoints. And those changes, I felt at the time, were permanent. And I think it's still the case, but there's an equilibrium now happening. People as they come back to the office, you see a number of companies are mandating back to work. Maybe the central offices, or the headquarters, were underfunded. So what's going on out there in terms of that balance? >> Well firstly, there's no unanimous consensus on the way that the future is going to be, except that it's going to be hybrid. And the reason I say that is some companies mandate two days a week, some companies mandate five days a week, some companies don't mandate at all. Some companies are completely remote. But whatever way you go, you want to make sure that regardless of where you're working from, people can have an inclusive experience. You know? And, when they have that experience, you want to be able to work from a managed device or an unmanaged device, from a corporate network or from a Starbucks, from on the road or stationary. And whenever you do any of those things, we want to make sure that security is always handled, and you don't have to worry about that. And so the way that we say it is the company that created the VPN, which is Cisco, is the one that's going to kill it. Because what we'll do is we'll make it simple enough so that you don't, you as a user, never have to worry about what connection you're going to use to dial in to what app. You will have one, seamless way to dial into any application, public application, private application, or directly to the internet. >> Yeah, I got a love, hate with my VPN. I mean, it's protecting me, but it's in the way a lot. >> It's going to be simple as ever. >> Do you have kids? >> I do, I have a 12 year old daughter. >> Okay, so not quite high school age yet. She will be shortly. >> No, but she's already, I'm not looking forward to high school days, because she has a very, very strong sense of debate and she wins 90% of the arguments. >> So when my kids were that age, I've got four kids, but the local high school banned Wikipedia, they can't use Wikipedia for research. Many colleges, I presume high schools as well, they're banning Chat GPT, can't use it. Now at the same time, I saw recently on Medium a Wharton school professor said he's mandating Chat GPT to teach his students how to prompt in progressively more sophisticated prompts, because the future is interacting with machines. You know, they say in five years we're all going to be interacting in some way, shape, or form with AI. Maybe we already are. What's the intersection between AI and security? >> So a couple very, very consequential things. So firstly on Chat GPT, the next generation skill is going to be to learn how to go out and have the right questions to ask, which is the prompt revolution that we see going on right now. But if you think about what's happening in security, and there's a few areas which are, firstly 3,500 hundred vendors in this space. On average, most companies have 50 to 70 vendors in security. Not a single vendor owns more than 10% of the market. You take out a couple vendors, no one owns more than 5%. Highly fractured market. That's a problem. Because it's untenable for companies to go out and manage 70 policy engines. And going out and making sure that there's no contention. So as you move forward, one of the things that Chat GPT will be really good for is it's fundamentally going to change user experiences, for how software gets built. Because rather than it being point and click, it's going to be I'm going to provide an instruction and it's going to tell me what to do in natural language. Imagine Dave, when you joined a company if someone said, hey give Dave all the permissions that he needs as a direct report to Chuck. And instantly you would get all of the permissions. And it would actually show up in a screen that says, do you approve? And if you hit approve, you're done. The interfaces of the future will get more natural language kind of dominated. The other area that you'll see is the sophistication of attacks and the surface area of attacks is increasing quite exponentially. And we no longer can handle this with human scale. You have to handle it in machine scale. So detecting breaches, making sure that you can effectively and quickly respond in real time to the breaches, and remediate those breaches, is all going to happen through AI and machine learning. >> So, I agree. I mean, just like Amazon turned the data center into an API, I think we're now going to be interfacing with technology through human language. >> That's right. >> I mean I think it's a really interesting point you're making. Now, from a security standpoint as well, I mean, the state of the art today in my email is be careful, this person's outside your organization. I'm like, yeah I know. So it's a good warning sign, but it's really not automated in any way. So two part question. One is, can AI help? You know, with the phishing, obviously it can, but the bad guys have AI too. >> Yeah. >> And they're probably going to be smarter than I am about using it. >> Yeah, and by the way, Talos is our kind of threat detection and response >> Yes. >> kind of engine. And, they had a great kind of piece that came out recently where they talked about this, where Chat GPT, there is going to be more sophistication of the folks that are the bad actors, the adversaries in using Chat GPT to have more sophisticated phishing attacks. But today it's not something that is fundamentally something that we can't handle just yet. But you still need to do the basic hygiene. That's more important. Over time, what you will see is attacks will get more bespoke. And in order, they'll get more sophisticated. And, you will need to have better mechanisms to know that this was actually not a human being writing that to you, but it was actually a machine pretending to be a human being writing something to you. And that you'll have to be more clever about it. >> Oh interesting. >> And so, you will see attacks get more bespoke and we'll have to get smarter and smarter about it. >> The other thing I wanted to ask you before we close is you're right on. I mean you take the top security vendors and they got a single digit market share. And it's like it's untenable for organizations, just far too many tools. We have a partner at ETR, they do quarterly survey research and one of the things they do is survey emerging technology companies. And when we look at in the security sector just the number of emerging technology companies that are focused on cybersecurity is as many as there are out there already. And so, there's got to be consolidation. Maybe that's through M & A. I mean, what do you think happens? Are company's going to go out of business? There's going to be a lot of M & A? You've seen a lot of companies go private. You know, the big PE companies are sucking up all these security companies and may be ready to spit 'em out and go back public. How do you see the landscape? You guys are obviously an inquisitive company. What are your thoughts on that? >> I think there will be a little bit of everything. But the biggest change that you'll see is a shift that's going to happen with an integrated platform, rather than point solution vendors. So what's going to happen is the market's going to consolidate towards very few, less than a half a dozen, integrated platforms. We believe Cisco is going to be one. Microsoft will be one. There'll be others over there. But these, this platform will essentially be able to provide a unified kind of policy engine across a multitude of different services to protect multiple different entities within the organization. And, what we found is that platform will also be something that'll provide, through APIs, the ability for third parties to be able to get their technology incorporated in, and their telemetry ingested. So we certainly intend to do that. We don't believe, we are not arrogant enough to think that every single new innovation will be built by us. When there's someone else who has built that, we want to make sure that we can ingest that telemetry as well, because the real enemy is not the competitor. The real enemy is the adversary. And we all have to get together, so that we can keep humanity safe. >> Do you think there's been enough collaboration in the industry? I mean- >> Jeetu: Not nearly enough. >> We've seen companies, security companies try to monetize private data before, instead of maybe sharing it with competitors. And so I think the industry can do better there. >> Well I think the industry can do better. And we have this concept called the security poverty line. And the security poverty line is the companies that fall below the security poverty line don't have either the influence or the resources or the know how to keep themselves safe. And when they go unsafe, everyone else that communicates with them also gets that exposure. So it is in our collective interest for all of us to make sure that we come together. And, even if Palo Alto might be a competitor of ours, we want to make sure that we invite them to say, let's make sure that we can actually exchange telemetry between our companies. And we'll continue to do that with as many companies that are out there, because actually that's better for the market, that's better for the world. >> The enemy of the enemy is my friend, kind of thing. >> That's right. >> Now, as it relates to, because you're right. I mean I, I see companies coming up, oh, we do IOT security. I'm like, okay, but what about cloud security? Do you that too? Oh no, that's somebody else. But, so that's another stove pipe. >> That's a huge, huge advantage of coming with someone like Cisco. Because we actually have the entire spectrum, and the broadest portfolio in the industry of anyone else. From the user, to the device, to the network, to the applications, we provide the entire end-to-end story for security, which then has the least amount of cracks that you can actually go out and penetrate through. The biggest challenges that happen in security is you've got way too many policy engines with way too much contention between the policies from these different systems. And eventually there's a collision course. Whereas with us, you've actually got a broad portfolio that operates as one platform. >> We were talking about the cloud guys earlier. You mentioned Microsoft. They're obviously a big competitor in the security space. >> Jeetu: But also a great partner. >> So that's right. To my opinion, the cloud has been awesome as a first line of defense if you will. But the shared responsibility model it's different for each cloud, right? So, do you feel that those guys are working together or will work together to actually improve? 'Cause I don't see that yet. >> Yeah so if you think about, this is where we feel like we have a structural advantage in this, because what does a company like Cisco become in the future? I think as the world goes multicloud and hybrid cloud, what'll end up happening is there needs to be a way, today all the CSPs provide everything from storage to computer network, to security, in their own stack. If we can abstract networking and security above them, so that we can acquire and steer any and all traffic with our service providers and steer it to any of those CSPs, and make sure that the security policy transcends those clouds, you would actually be able to have the public cloud economics without the public cloud lock-in. >> That's what we call super cloud Jeetu. It's securing the super cloud. >> Yeah. >> Hey, thanks so much for coming to theCUBE. >> Thank you for having me. >> Really appreciate you coming on our editorial program. >> Such a pleasure. >> All right, great to see you again. >> Cheers. >> All right, keep it right there. Dave Vellante with David Nicholson and Lisa Martin. We'll be back, right after this short break from MWC '23 live, in the Fira, in Barcelona. (bright music resumes) (music fades out)

>>Hey guys. Good morning. And welcome back to the cube. Lisa Martin here with John furrier. This is the Cube's third day of Wal Dal coverage of VMware Explorer. We're very pleased to welcome one of our alumni back to the program. Chris Wolf joins us chief research and innovation officer at VMware. Chris, welcome back to the >>Cube. Yeah. Thanks Lisa. It's always a pleasure. >>This has been a great event. We, we, the key note was standing room only on Tuesday morning. We've had great conversations with VMware's ecosystem and VMware of course, what are some of the, the hot things going on from an R and D perspective? >>Yeah, there's, there's a lot. I mean, we're, we have about four or five different priorities. And these look at this is looking at sovereign clouds and multi-cloud edge computing, modern applications and data services. We're doing quite a bit of work in machine learning as well as insecurity. So we're, we're relatively large organization, but at the same time, we really look to pick our bets. So when we're doing something in ML or security, then we wanna make sure that it's high quality and it's differentiated and adds value for VMware, our partners and our customers. >>Where are our customers in the mix in terms of being influential in the roadmap? >>Very, very much in the mix. What we, what we like to do is in early stage R and D, we want to have five to 10 customers as design partners. And that really helps. And in addition to that, as we get closer to go to market, we look to a lineup between one and three of our SI partners as well, to really help us, you know, in a large company, sometimes your organic innovations can get lost in the shuffle. Yeah. And when we have passionate SI that are like, yes, we want to take this forward with you together. That's just awesome. And it also helps us to understand at a very early stage, what are the integration requirements? So we're not just thinking about the, the core product itself, but how would it play in the ecosystem equally important? >>We had hit Culbert on CTO, great work. He's dealing with the white paper and cross cloud, obviously vSphere, big release, lot of this stuff. Dave ante had mentioned that in the analyst session, you had a lot of good stuff you were talking about. That's coming around the corner. That's shipping coming outta the oven and a big theme this year is multi-cloud cloud native. The relationship what's one's ahead. Bleed dog. No one, you kinda get a feel for multi-cloud. It's kind of out front right now, but now cloud native's got the most history what's coming out of the oven right now in terms of hitting the market. That's not yet in this, in the, in the, in the numbers, in terms of sales, like there's, there's some key cloud native stuff coming out. Where's the action. Can you share what you've shared at the analyst meeting? >>Yeah. So at the analyst meeting, what I was going through was a number of our new innovation projects or projects. And, and these are things that are typically close to being product or service at VMware, you know, somewhere in the year out timeframe. Some, some of these are just a few months out. So let me just go through some of them, I'll start with project keek. So keek is super exciting because when you think about edge, what we're hearing from customers is the, the notion of a single platform, a single piece of hardware that can run their cloud services, their containers, their VMs, their network, and security functions. Doing all of this on one platform, gives them the flexibility that as changes happen, it's a software update. They don't have to buy another piece of hardware, but if we step back, what's the management experience you want, right? >>Simple get ops oriented, simple life cycle and configuration management, very low touch. I don't need technical skills to deploy these types of devices. So this is where keek comes in. So what keek is doing is exposing a Kubernetes API above the ESXi hypervisor and taking a complete, get op style of management. So imagine now, when you need to do an update for infrastructure, you're logging into GitHub, you're editing a YAML file and pushing the update. We're doing the same thing for the applications that reside. I can do all of this through GitHub. So this is very, I would say, even internally disruptive to VMware, but super exciting for our customers and partners that we've shared this with. >>What else is happening? What else on the cloud native side Tansu Monterey those lot areas. >>Oh, there's so much. So if we look at project Monterey, I had a presentation within Invidia yesterday. We're really talking through this. And what I'm seeing now is there's a couple of really interesting inflection points with DPU. The first thing is the performance that you're getting and the number of cores that you can save on an X 86 host is actually providing a very strong business case now to bring DPU into the servers, into the data center. So that's one. So now you have a positive ROI. Number two, you start to decouple core services now from the X 86 host itself. So think about a distributed firewall that I can run on a PCI adapter. Now that's DEC coupled, physically from the server, and it really allows me to scale out east west security in a way that I could not do before. So again, I think that's really exciting and that's where we're seeing a lot of buzz from customers. >>So that DPU, which got a lot of buzz, by the way, Lisa, I never, you had trouble interviews on this. I had to the Dell folks too, V X RS taking the advantage of it, the performances, I see the performance angle on that and deep user hot. Can you talk about that security east west thing? Cuz Tom Gillis was on yesterday talking about that's a killer advantage for the security side. Can you touch on that real >>Quick? Yeah. A hundred percent. So what I can now do is take a, a firewall and run it isolated from the X 86 host that it's trying to protect. So it's right next to the host. I can get line rate speeds in terms of analytics and processing of my network and security traffic. So that's also huge. So I'm running line rate on the host and I'm able to run one of these firewall instances on every host in my data center, you cannot do that. You can never afford it with physical appliances. So to me, this is an inflection point because this is the start of network and security functions moving off of hardware appliances and onto DPU. And if you're the ecosystem vendors, this is how they're going to be able to scale some of their services and offerings into the public >>Cloud. So a lot of good stuff happening within the VMware kind of the hardware, low level atoms and the bits as well as the software. The other thing I wanna get your thoughts on relative to the next question is that takes to the next level is the super cloud world we're living in is about cloud native developers, which is DevOps dev security ops and data ops are now big parts of the, the challenges that the people are reigning in the chaos that that's being reigned in. How does VMware look at the relationship to the cloud providers? Cause we heard cloud universal. We had the cloud. If you believe in multi-cloud, which you guys are saying, people are agreeing with, then you gotta have good tight couple coupled relationships with the cloud services, >>A hundred percent. >>We can be decoupled, but highly cohesive, but you gotta connect in via APIs. What's the vision for the VMware customers who want to connect say AWS, for instance, is that seamless? What makes that happen? What's that roadmap look like for taking that VMware on premises hybrid and making it like turbo charging it to be like public cloud hybrid together? >>Yeah, I think there's some lessons that can be learned here. You know, an analogy I've been using lately is look at the early days of virtualization when VMware had vCenter, right? What was happening was you saw the enterprise management vendors try to do this overlay above virtualization management and say, we can manage all hypervisors. And at the end of the day, these multi hypervisor managers, no one bought 'em because they can do 20% of the functionality of a tool from VMware or Microsoft. And that's the lesson that we have to take to multi-cloud. We don't have to overlay every functionality. There's really good capabilities that the cloud providers are offering through their own tooling and APIs. Right? But you, you, if you step back, you say, well, what do I wanna centralize? I wanna have a centralized, secure software supply chain and I can get that through VMware tan zoo and, and where we're going with Kubernetes. When you're going with native cloud services, you might say, you know what, I wanna have a central view of, of visibility for compliance. So that's what we're doing with secure state or a central view of cost management. And we're doing that with cloud health. So you can have some brokering and governance, but then you also have to look from a surgical perspective as to what are the things that I really need to centralize versus what do I not need to centralize? >>One of the themes that we heard on the keynote on Tuesday was the, the different phases and that a lot of customers are still in the cloud chaos phase. We talked a lot about that in the last couple days with VMware, with its partner ecosystem. And, but the goal of getting to cloud smart, how does the R and D organization, how do, how are you helping customers really navigate that journey from the chaos that they're in, maybe they've inherited multi-cloud environment to getting to cloud smart. And what does cloud smart mean from your perspective >>Cloud? Smartt from my perspective means pragmatism. It means really thinking about what should I do here first, right? I don't want to just go somewhere because I can, right. I want to be really mindful of the steps I'm going to take. So one ex one example of this is I've met with a customer this morning and we were talking about using our vRealize network insight tool, because what that allows 'em to do is get a map of all of their application dependencies in their data center. And they can learn like, well, I can move this to the cloud or maybe I can't move this cuz it has all these other dependencies and it would be really difficult. So that's that's one example. It also means really thinking through issues around data sovereignty, you know, what do I wanna hold onto a customer? I just met with yesterday. They were talking about how valuable their data is and their services that they want to use via SA in the cloud. But then there's also services, which is their core research. They wanna make sure that they can maintain that in their data centers and maintain full control because they see researchers will leave. And now all of a sudden, so that intellectual property has actually gone with the person and they need to, they need to have, you know, better accountability there. >>Yeah. One of the things about that we discovered at our super cloud event was is that, you know, we kind didn't really kind of put too much structure on other than our, our vision. It's, it's not just SaaS on cloud and it's not just, multi-cloud, it's a new kind of application end state or reality that if you believe in digital transformation, then technology is everywhere. And like it in the old days, it powered the back office and then terminals and PCs and whatnot, wasn't powering the boardroom obviously or other business. But if, if it happens like that digital transformation, the company is the app, the app is the company. So you're all digital. So that means the operating expenses has to drive an income statement and the CapEx handled by the cloud provides a lot of goodness. So I think everyone's gonna realize that AWS and the hyperscalers are providing great CapEx gifts. They do all the work and you only pay when you've made your success. So that's a great business model. >>Absolutely >>That's and then combine that with open source, which is now growing so fast, going next level, the software industry's open source. That's not even a debate Mo in some circles, maybe like telco, cloud's got the CapEx. The new operating model is this cloud layer. That's going to transform the companies finally in a hundred percent. Okay. That's super cloud. If that's the case, does it really matter who provides the electricity or the power? It's the coders that are in charge. It's the developers that have to make the calls because if the application is the core, the developers are, are not only the front lines, they are the company. This is really kind of where the sea change is. So if, if we believe that, I'm sure you, you agree with that generally? >>Yeah, of >>Course. Okay. So then what's the VMware customer roadmap here. So to me, that's the big story here at the show is that we're at this point in time where the VMware customers are, have to go there >>A hundred percent, >>What's that path. What is the path for the VMware customer to go from here to there? And what's this order of operations or is there a roadmap? Can, can you share your thoughts on >>That? Yeah, I think part of it is, is with these disruptive technologies, you have to start small, you know, whether it's in your data center, into cloud, you have to build the own institutional knowledge of your team members in the organization. It's much easier than trying to attract outside talent, for least for many of our customers. So I think that's important. The other part of this when with the developer and control, like in my organization, I want my innovators to innovate any other noise around them. I don't want them to have to worry about it. And it's the same thing with our customers. So if your developers are building the technologies that is really differentiating your company, then things like security and cryptography shouldn't have to be things they worry about. So we've been doing a lot of work. Like one of the projects we announced this week was around being able to decouple cryptography from the applications themselves. And we can expose that through a proxy through service mesh. And that's really exciting because now it ops can make these changes. Our SecOps teams can make these changes without having to impact the application. So that's really key is focusing the developers on innovation and then really being mindful about how you can build the right automation around everything else. And certainly open source is key to all >>That. So that's so, so then if you, if that's happening, which I'm, I'm not gonna debate that then in essence, what's really going on here is that the companies are decomposing their entire businesses down to levels that are manageable completely different than the way they did them 20, 30 years ago. >>Absolutely. You, you, you could take a modular approach to how you're solving business problems. And we do the same thing with technology, where there might be a ML algorithms that we've developed that we're exposing as SA service, but then all of the interconnects around that service are open source and very flexible so that the businesses and the customers and the VMware partners can decide what's the right way to build a puzzle for a given problem. >>We were talking on day one, I was riffing with an executives. It was Ragu and Victoria. And the concept around cross cloud was if you get to this Nirvana state, which is we, people want to get to this or composability mode, you're not coding, you're composing cuz coding's kinda happening open source and not the old classic, write some code and write that app. It's more orchestrate, compose and orchestrate. Do you, what's your thoughts on >>That? Yeah, yeah. Yeah. I, I agree. And it's it's I would add one more part to it too, which is scope. You know, I think sometimes we see projects fail because the, the initial scope is just too big. You know, what is the problem that you need to solve, scope it properly and then continuously calibrate. So even like our customers have to listen to their customers and we have to be thinking about our customers' customers, right? Because that's really how we innovate because then we can really be mindful of a holistic solution for them. >>You know, Lisa, when we had a super cloud event, you know, one of the panels was called the innovators dilemma with a question mark. And of course everyone kinds of quotes that book innovators dilemma, but one of the panelists, Chris ho beaker on Twitter said, let's change the name from the innovator's dilemma to the integrator's dilemma. And we all kind of got chuckled. We all kind of paused and said, Hey, that's actually a good point. Yeah. If you're now in a cloud and you're seeing some of the ecosystem floor vendors out there talking in this game too, they're all kind of fitting in snapping in almost like modular, like you said, so this is a Lego game. Now it feels like, it feels like, you know, let's compose, let's orchestrate, let's integrate. Now I integrations API driven. Now you're seeing a lot more about API security in the news and we've been covering at least I've probably interviewed six companies in the past, you know, six months that are doing API security, who would've thought API, that's the link, frankly, with the web. Now that's now a target area for hackers. >>Oh. And that's such an innovation area for VMware, John. Okay. >>There it is. So, I mean, this is, again, this means the connected tissue is being attacked yet. We need it to grow. No one's debating that is wrong, but it's under siege. >>Yes. Yes. So something else we introduced this week was a project. We called project Trinidad. And the way, the way you can think about it is a lot of the anomaly detection software today is looking at point based anomalies. Like this API header looks funny where we, where we've gone further is we can look at full sequence based anomalies so we can learn the sequences of transactions at an application takes and really understand what is expected behavior within those API calls within the headers, within the payloads. And we can model legitimate application behavior based on what those expectations are. So like a, like a common sequence might be doing an e-commerce checkout, right? There's lots of operations that happen logging into the site, searching, finding a product, going through the cart. Right. All of those things. Right. So if something's out of sequence, like all of a sudden somebody's just trying to do a checkout, but they haven't actually added to the cart. Right. This just seems odd. Right. So we can start to, and that's a simplistic example, but we're able now to use our algorithms to model legitimate application behavior through the entire sequence of how applications behave and then we can start to trap on anomalies. That's very differentiating IP and, and we think it's gonna be really important for the industry. Yeah. >>Because a lot of the hacks, sometimes on the API side, even as a example, are not necessarily on the API, it's the business logic in them. That's what you're getting at here. Yes. The APIs are hard. Oh our APIs are secure. Right. Well, yeah, but you're not actually securing the business logic internally. That's what you're getting at. If I read >>That right. Or exactly. Exactly. Yeah. Yeah. And it, it's the thing it's right. It's great that you can, you can look at a header, but what's the payload, right? What is what's, what's the actual data flow, right. That's associated with the call and that's what we want to really hone in on. And that's just a, it's, it's a, it's a far different level of sophistication in being able to understand east west vulnerabilities, you know, log for JX voice and these kind of things. So we have some real, it's interesting technology >>There. Security conversations now are not about security there about defense ability because security's a state of time, your secure here, you're not secure or someone might be in the network or in the app, but can you defend yourself from, and in >>That's it, you know, our, our, our malware software, right. That we're building to prevent and respond has to be more dynamic than the threats we face. Right. And this is why machine learning is so essential in, in these types of applications. >>Let me ask you a question. So just now zooming out riffing here since day, three's our conversational day where we debate and just riff more like a podcast style. If you had to do a super cloud or build a NextGen cloud multi-cloud with abstraction layer, that's, you know, all singing and dancing and open everyone's happy hardware below it's working ISAs and then apps are killed. Can ass what's in that. What does it look like to you if you had to architect the, the ultimate super cloud enabler, that something that would disrupt the next 10 years, what would it look like and how does, and assuming, and trying to do where everybody wins go, you have 10 seconds. No, >>Yeah, yeah. So the, you know, first of all, there has to be open source at all of the intersections. I think that's really important. And, and this is, this goes from networking constructs to our database, as a service layers, you know, everything in between, you know, the, the, the participants should be able to win on merit there. The other part of super cloud though, that hasn't happened that I probably is the most important area of innovation is going to be decoupled control planes. We have a number of organizations building sovereign cloud initiatives. They wanna have flexibility in where their services physically run. And you're not going to have that with a limited number of control planes that live in very specific public cloud data centers. So that's an area, give >>An example of what a, a, a, a narrowly defined control plane is. >>Yeah, sure. So my database as a service layer, so the, the, the actual portal that the customer is going into to provision databases, right. Rep managed replication, et cetera. Right. I should be able to run that in a colo. I should be able to run that somewhere in region that is guaranteed, that I'm going to have data stay physically in region. You know, we still have some of these challenges in networking in terms of being able to constrain traffic flows and be able to predict and audit them within a particular region as well. >>It's interesting. You bring up region again, more complexity. You know, you got catalogs here, catalogs different. I mean, this is where the chaos really comes down. I mean, it's, it's advancing, but it's advancing the state of functionality, but making it hella complex, I mean, come on. Don't you think it's like pretty amazingly hard to reign in that? Well, or is it maybe you guys making it easier? I just think I just, my mind just went, oh my God, I gotta, I gotta provision to that region, but then it's gotta be the same over there. And >>When you go back to modular architecture constructs, it gets far easier. This has been really key for how VMware is even building our own clouds internally is so that we have a, a shared services platform for the different apps and services that we're building, so that you do have that modularized approach. Like I said, the, the examples of innovation projects I've shared have been really driven by the fact that, you know, what, I don't know how customers are gonna consume it, and I don't have to know. And if you have the right modular architecture, the right APIs around it, you don't have to limit a particular project or technology's future at the time you build >>It. Okay. So your super would have multiple control planes that you can move, manage with that within one place. I get that. What about the data control plane? That seems to be something that used to be the land grab in, in conversations from vendors. But that seems to be much more of a customer side, cuz if I'm a customer, I want my control plane data plane to be, you know, mine. Like I don't want to have anyone cuz data's gotta move around, gotta be secure. >>Oh exactly. >>And that's gonna be complicated. How does, how do you see the data planes emerging? >>Yeah. Yeah. We, we see an opportunity really around having a, a centralized view that can give me consistent indexing and consistent awareness of data, no matter where it resides. And then being able to have that level of integration now between my data services and my applications, because you're right, you know, right now we have data in different places, but we could have a future where data's more perpetually in motion. You know, we're already looking at time sensitive fabrics where we're expecting microservices to sometimes run in different cell towers depending on the SLA that they need to achieve. So then you have data parts that's going to follow, right? That may not always be in the same cloud data center. So there's, this is enormously complicated, not just in terms of meeting application SLAs, but auditing and security. Right. That makes it even further. So having these types of data layers that can give me a consistent purview of data, regardless of where it is, allow me to manage and life cycle data globally, that's going to be super important, I believe going forward. >>Yeah. Awesome. Well, my one last question, Lisa, gonna get a question in here. It's hard. Went for her. I'm getting all the, all the questions in, sorry, Lisa that's okay. What's your favorite, most exciting thing that you think's going on right now that people should pay attention to of all the things you're looking at, the most important thing that that's happening and maybe something that's super important that people aren't talking about or it could be the same thing. So the, the most important thing that you think that's happening in the industry for cloud next today and, and maybe something that you think people should look at and pay more attention to. >>Okay. Yeah, those are good questions. And that's hard to answer because there's, there's probably so much happening. I I've been on here before I've talked about edge. I still think that's really important. I think the value of edge soft of edge velocity being defined by software updates, I think is quite powerful. And that's, that's what we're building towards. And I would say the industry is as well. If you look at AWS and Azure, when they're packaging a service to go out to the edge it's package as a container. So it's already quite flexible and being able to think about how can I have a single platform that can give me all of this flexibility, I think is really, really essential. We're building these capabilities into cars. We have a version of our Velo cloud edge device. That's able to run on a ruggedized hardware in a police car today. We're piloting that with a customer. So there is a shift happening where you can have a core platform that can now allow you to layer on applications that you're not thinking about in the future. So I think that's probably obvious. A lot of people are like, yeah. Okay. Yes. Let's talk about edge, big deal. >>Oh it's, it's, it's big. Yes. It's >>Exploding, but >>It's complicated too. It's not easy. It's not obvious. Right. And it's merging >>There's new things coming every day. Yeah. Yeah. And related to that though, there is this kind of tension that's existing between machine learning and privacy and that's really important. So an area of investment that I don't think enough people are paying attention to today is federated machine learning. There's really good projects in open source that are having tangible impact on, in a lot of industries in VMware. We are, we're investing in a, in a couple of those projects, namely fate in the Linux foundation and open FFL. And in these use cases like the security product I mentioned to you that is looking at analyzing API sequence API call sequences. We architected that originally so that it can run in public cloud, but we're also leveraging now federated machine learning so that we can ensure that those API calls and metadata associated with that is staying on premises for the customers to ensure privacy. So I think those intersections are really important. Federated learning, I think is a, an area not getting enough attention. All right. All >>Right, Chris, thanks so much for coming on. Unfortunately we are out of time. I know you guys could keep going. Yeah. Good stuff. But thank you for sharing. What's going on in R and D the customer impact the outcomes that you're enabling customers to achieve. We appreciate your >>Insights. We're just getting started >>In, in early innings, right? Yeah. Awesome. Good stuff for guest and John furrier. I'm Lisa Martin. You're watching the cube live from VMware Explorer, 2022. Our next guest joins us momentarily. >>Okay.

(gentle music) >> Hello, everyone welcome to "theCUBE's" live coverage here in San Francisco, California for VMware Explore not VMworld, it's VMware Explore. I'm John Furrier, your host of "theCUBE" with Dave Vellante. We're here with two sets. 12th year, Dave, covering VMworld, now VMware Explore, what a journey? I had a little reminiscing from Paul Maritz in 2010, who predicted the future but the timing was off. Raghu predicting the future, but is his timing right with multi-cloud or super-cloud? We're going to get into it. We got three days of wall to wall CUBE coverage, two sets. All the top execs from VMware coming on, including the CEO Raghu himself, Vittorio, Kit Colbert, the whole kit and caboodle of the executive group to talk about the future of VMware, where it's going, and of course the appearance of Hock Tan here from Broadcom, Dave, made an appearance. Michael Dell was also in presence. I get the vibe that there's something going on with Broadcom and VMware beyond just the acquisition. So a lot of people are curious. This event again is notable and historic from the sense of it's VMware Explore not VMworld, so they changed the name, and Broadcom's intent, and they're going to be buying VMworld. Dave, the keynote was anticipated by all, how it was going to go down, what was going to be said. Raghu set the table, I got a ton of notes, I know you do. What's your take? >> Well, you have to start with the Broadcom acquisition. You're right, Hock Tan was in the audience, he stood up, he got a little clap. >> Golf clap. >> He's paying $60 billion for VMware, he better be able to be recognized. And he was here yesterday with Michael Dell at the executive sessions. And their purpose I'm sure, they didn't let us in, but I'm sure the purpose was to make sure that customers were calm, they were comfortable with the direction. Of course, the narrative coming out of VMware is that, hey, they're investigating, they're going deep into our portfolio, and they like what they see, it's going to be all good, it's not going to be like the CA acquisition and de-levering and all that stuff. I still stand by what I wrote in my breaking analysis back in May. The fact is, Broadcom has promised $8.5 billion in EBITDA within three years. That's the only way they get there, is to cut, so that's going to happen. But the interesting dynamic in the market, I don't know if you've noticed this, VMware stock is trading at a 20% discount to what Broadcom is paying for it. So there's a big amount of fluff, if you want to do some arbitration. And I think it's due to the fact that it's a stock and a cash deal, it's a combination deal, and it's not going to close for a year. So there's maybe some skepticism around that. But that was an interesting dynamic. The keynote we'll get into it, but it's all around multi-cloud and what we call super-cloud. >> I have my conspiracy theories on Broadcom, actually they make chips. Looking at all the waves right now in the technology industry, silicon is hot, anyone who's doing custom silicon and putting software on the chip, making purpose built vertical applications is seeing performance gains in cloud and in these applications. So one, I'm really excited by the dots connecting there. But also the VMware story, Dave, is pretty interesting in the sense that timing's everything, the Broadcom acquisition, EBITDA focus might drive behavior. But notable for VMware, is Raghu has been on this vision for years. I remember in 2016 when I interviewed him with Andy Jassy, who was then the CEO of AWS, they had moved everything to Amazon Web Services. And that was the beginning of the vision of multi-cloud and cloud-native. VMware invested a ton, and so we're seeing some fruit come off the tree. If you will, bearing some fruit from that VMware investment in cloud-native across the board which was their bet prior to Broadcom buying them out. So the question is, does Broadcom harvest that, continue that nurturing of that "plantation of goodness" that could come out of that VMware? And again, it's probability, it's not guaranteed. Commentary on Twitter is pretty heavy on, can they win the Devs? Can the new Ops bringing around the front? So, VMware's and Broadcom in a tough position, they bought more than they thought in my opinion. And I think a lot of people are saying, does Broadcom recognize the strategic value of what's coming out of the oven, so to speak, or what's blowing off the tree from VMware? And is it real? That is the number one question. I talk to people in the hallway, that's what they're saying. They want to know what's going to happen with what's around the corner, that's on top of mind of everybody. >> It's a really important question because VMware's future is multi-cloud management, what we call super-cloud. And without Tanzu, and I speculated that Tanzu was probably going to be under the microscope and potentially on the chopping block because they spend a lot of money marketing it, but they're probably not today getting a lot of returns. But without Tanzu, without a cross-cloud PaaS we sometimes call a super PaaS. their strategy doesn't work, it basically fails. And I think what a lot of people are missing, and I saw you chime in on Twitter, is can they win the Devs? Can they win the Devs? This is table stakes. If you don't have a cross-cloud PaaS, and it's really about not necessarily just the Devs, it's about the ops, right? Because now it's about security. Yes, shift left, but shield right. But the DevOps team, the Ops team needs consistency. It's like Adrian Cockcroft says, the Devs, they love to get married, the Ops, they got to clean up after the divorce. And so they need standard- >> You're implying that they'll use any tool for the job and not really worry about lock in. And I think today on the keynote, Deshaun was up there who submitted a comment, "You kids have it easy these days." Implying us old guys, when we coded, you had to do everything yourself. Kelsey Hightower mentioned her support pack desktop edition. The old days when had to build everything by hand, now it's all automated, all goodness. But in all seriousness, the focus there was DevOps has won, DevOps is what the developers are doing. The developers are in the clear right now, as far as I'm concerned. They're sitting on the beach right now, sunglasses on, sun shining, everything's shift left, CI/CD pipeline, cloud-native goodness. If you're a dev, things are much rosier than an Ops person. So DevOps is developer, security and DataOps, is where the action is. So it's not so much IT operations as it is security and data leveling up to the velocity demand of developers and also ease of use. So self-service in the motion of coding, in the pipelining, that's what the developers have to have. And if people don't build that experience from the upside, the new ops is not going to enable the develop, it won't be adopted in my opinion. >> You mentioned Paul Maritz before, his whole thing was any workload, any cloud, the software mainframe, they're talking about any Kubernetes, any cloud. And we got to go through some of the announcements real quick here. VMware Aria is the new multi-cloud management platform. That is the fundamental strategy for going cross-cloud or what we call super-cloud. The vSphere and vSAN 8 are big deals. And as relates to compute with vSphere, they're really pushing that whole DPU. You might remember Project Monterey. Well, Project Monterey is essentially like AWS Nitro, it's the future of computing architecture seven years after AWS introduced it. So AWS has a huge lead here. But it's critical that a company like VMware is able to offer that capability with XPU optionality, GPU, CPU, Arm based, Pensando capabilities, eventually NPUs, other capabilities to bring in and support new workloads, new data driven workloads. So the lot of talk about the whole DPU thing. As I mentioned, Tanzu new version of Tanzu, they talked about edge. They're basically bringing VMware to the edge with an eventual consistency model. >> Hold on, the vSphere thing, just to jump in there real quick. I always thought that that'd be higher up in the keynote. Clearly in the keynote, they flexed their cloud-native positioning, they had to address the Broadcom thing, talk about modern applications. So it felt like they were selling the dream on the front end. And they buried the lead in my opinion, which is vSphere 8. They don't do a lot of vSphere 8 announcements. If you look at the history of VMworld, every few years they got a new release. This was packed with a lot of goodness. And I thought they'd buried that in the keynote. >> I don't know, Raghu mentioned it. Yeah, they had a lot to cover. And then the other thing was they announced support for Red Hat OpenShift. So everybody's like, "Ooh, wow." And then Tanzu for all the Kubernetes versions from the cloud guys. So a lot of announcements, you got to always give VMware props. It's not like they stopped engineering, they have a great engineering culture. And so it's nice to see Project Monterey in particular, go from R&D to actual product. And so we like to see that. >> Even towards the end, now that we're doing the keynote review, Raghu said, "As proud as we are," this is when they started talking about the sustainability, implying they're real proud engineering, and that's a good call out there. I think that's what were trying to get across to Hock Tan, who was sitting in the front row. But Dave, in terms of keynote, my analysis is clear. Raghu was nervous, you can tell. But he's a product guy, he even said that on stage. He set the table at the beginning, I thought really well with modern applications. He had to address the name change, and I thought that was interesting. He actually said, "We built a community with VMworld, but now with multi-cloud, we're going to recall it Explore." Not sure I agree with that. I think VMworld community is still vibrant, and that's why they're here. So I thought that was nice, the way he balance that out, the messaging is good, the graphics and the branding of Explore is world class, I think it's phenomenal. I'm not a big fan of the name change, but I never go well with change there. Hock Tan didn't speak, he did stand up and wave. >> There's no way he's going to get up to speak. >> He didn't speak. So I thought that was interesting front end, so they got that right out of the way. And absolutely you saying last night. And then they got into this digitally smart concept, which I thought was on point. Did not like the great replatforming message. I'm not a big fan of that because it reminded me of the great resignation. And I think there's going to be a lot of memes on that. So not a big fan of the great replatforming. I did like the Cloud Universal pitch. But this whole multi-cloud pitch seems to me, and I want to get your thoughts on this, is that that's what it reminded me of, Paul Maritz. So when Raghu is clearly betting the ranch on multi-cloud, the question is timing. Paul Maritz in 2010 here at VMworld Moscone, he laid out the vision, he was right. But timing was off, the top of the stack didn't materialize. But at the end of the day, ended up being the right architecture. Is VMware too early with multi-cloud, Dave? And that's the question, that's the question on the table. >> Well, so a couple things. So Maritz, the one mistake Maritz made was he really tried to go into apps, remember? So now at least I think Raghu, the current VMware thinking is, we're going to enable apps to be developed. And that is the right thinking. Are they too early or too late with multi-cloud? I think technically it just wasn't feasible, the customers weren't ready for it. VMware moves at the speed of the CIO we like to say. So I think the timing is actually really good because the technical capabilities are now there. You've got to have across-cloud paths, which Tanzu is about. And I think Tanzu was too immature before. They've got the pieces on the DPU side. And the other thing about the timing is now with Broadcom acquiring VMware, the whole non Dell ecosystem has got to be a lot happier. NetApp, guys like that, Cisco. >> Why is that? >> Because Dell, their thumb on the scale, they had the thing rigged, Dell was first in line for everything. When EMC owned VMware, that was the case. But they were required about it, Dell made no concessions. And they just came out and said, "We are going to be VMware first, we are the preferred partner, we do more business with anybody." They really drove a truck through that. And I think it caused a lot of the ecosystem to pull back, like HPE and others to say, "Okay, we're going to find some alternatives here." Now they can really lean in. It's like when HP broken two, that really changed the ecosystem posture with HPE. This is like that, but times 10. >> What did you think about the ecosystem floor last night? When I did a walk of the floor, I thought it was very vibrant, it was not a ghost town at all. >> No, not at all, we saw Alibaba Cloud was there, we saw a lot of- >> AWS. >> Smaller companies >> Microsoft. >> And so I thought it was better than I thought it would be. There's probably what, 7,000 people here I would say? So well off from the 15,000 pre-COVID highs, but still very robust, it's a good crowd. People are excited to be back in person obviously. And I think the messaging was right, John. I think cross-cloud, multi-cloud, super-cloud, that is the future. Well, David Floid took a stab at it and said, "I think it's going to be $100 billion market by the end of the decade." >> Super-cloud is a thing for sure. And I think that came out in Aria announcement, which was basically a rebranding. It's not a new product, essentially it's a cobble together management platform. I thought the Cloud Universal notes here were interesting. The Cloud Universal is the commercial cloud smart component. Meaning they're trying to make that the frame, Dave, for the hyperscalers to come in to a de facto consortium movement. I feel like that's next here. If this Cloud Universal could become the super-cloud consortium, that might give them a better shot. The ecosystem is buzzing, attendance is strong. It's interesting a lot of people were speculating, will this be an event? I thought they did a great job and I thought they came through well with this. >> You were saying about consortium, because have to have the cloud guys in any consortium. But is any one cloud going to drive it? VMware could be- >> AWS >> Could be the driver. >> I'm thinking if I had to make a prediction, looking at what I just saw in the keynote, we'll see what the VMware execs say, If I had to make a guess, I think you're going to have customers, "Let's still double down on VMware stuff." They're going to settle into vSphere and networking compute and storage, the normal stuff that they've got, the software to find data center core as a cloud operational platform. And then you're going to see a lot more AWS migration. You might see that if Broadcom doesn't nurture the fruit coming off the tree, as we mentioned earlier, I think you might see people go more cloud-native. But I think VMware's prepared for that with the hybrid. So it's going to be very interesting to see. I think the winners coming out of this will be AWS, maybe a little bit of trickle into Azure, Alibaba mostly for the European, I mean the China side. But I don't see them playing. Google is a wild card, we'll see it from them. >> I think the other big thing about the timing, to your earlier point is, VMware used to go to market with very bespoke, We got vSAN, we got NSX, we got vSphere, and now they're trying to bring that together. And essentially remember, they used to go to market and say, "Okay, hey, your ELA is up, time to renew." And they're talking to the wrong people. So now they're going forth with the Azure service model, they're going to move to a subscription model. And I think the timing is right for that. I would've liked to see it a little bit before hand, maybe pre COVID would have been better timing. But I think technically, the time is right now for that. >> And I think looking at the acquisition, speculating on that, I think let's discuss how we see things, how they might move forward. Again, we'll ask the guests as much as best as we can and the best they could answer. But let's take this forward. Okay, based upon what I'm seeing here, if I'm Hock Tan in the audience, I'm saying to myself, "Okay, I got more here than I thought I was buying." Maybe I thought I was getting some great EBITDA. I wonder if his outlook changed on how he goes to market with the new VMware post acquisition. So that means in the around February timeframe, I would probably, if I was advising him to say, "Okay, let's keep it as is, let's not do the cut, cut, cut. Maybe trim a little bit here and there." But for the most part, he's got the solid customer base and he's going to have to keep the event. >> Here's the problem with that. They have a very high do-say ratio. They do what they say they're going to do. And as a result, they've promised 8.5 billion in EBITDA within three years out of VMware. And they return 50% of their free cash flow to investors. If they break that promise, their stock will get crushed. I don't think they're going to break that promise. So I think they're going to run. That's something I believe in their playbook that they're not going to change. Now, could they get there without massive cuts? I think it's going to be hard. Can they get there with price increases? Yes. And better efficiency, yes. But they don't have a lot of go to market synergies, John. Broadcom doesn't have a big sales force that they can say, "Okay, we're going to fire all the VMware sales force and you're going to go to market through our channel." Like Oracle would do with their big sales force or a Dell would do with an acquisition, they can't. And so I just don't see how they're going to around it. The only other thing I would say is, to me, I thought the application development piece, the Tanzu piece was very appropriate. And I think they got it. Whether or not they're going to succeed there, we can debate that. But I thought what was missing was there wasn't enough, in my opinion, on their security posture, their security strategy. I thought they gave it lip service with, "Oh yeah, we're going to shift left and dev security, et cetera." They did not go in depth. I think when you talk to someone like Tom Gillis, who really can go deep, I think talking about Barry and the lead, that was not, security is the number one issue of CIOs, CSO. >> Data and security >> At boards, it's number one. And data is the second thing. And those two stories in the keynote where quasi non-existent or/and weak. >> Again, the reason why I believe, and you're discussing it publicly at a high level, is super-cloud is real because it's not just SaaS on cloud, it's hybrid, it's DevOps, it's developer. And security and data operations are just absolutely now leveling up, and the edge is a complete wild card. We met a company last night, they're doing the edge cloud. The edge is going to open up all kinds of new use cases and challenges. And that's on the DataOps, data security side. DevOps, IT operations is already in the dev cycle. If companies aren't doing that, in my opinion, they're not really doing it right. So I think it'll shift to security and Ops and DataOps, that's going to be the action. In the cloud operational framework, that's super-cloud. To me, if I'm Hock Tan, I'm saying, "VMworld, VMware Explore, VMware has to be a core component of super-cloud of the future. Not multi-cloud just a state." I think multi-cloud will be a description of a state, of an architecture, and an outcome, but that's not super-cloud, that's not a functioning operating system, that's not a functioning business driven technology. So I think VMware has the opportunity. So I look at that and say, I got cheap options all the way up to the top of the stack. And super-cloud paths layer, as you describe, that I think is the way to go. >> When you think about how VMware got here, VMware was a $13 billion trailing 12 month revenue company. There aren't a lot of $13 billion software companies. And the way VMware got here, is through great software engineering. They identified problems that the customers had and they went and solved them. They did it with virtualization, they did it with private cloud, they figured out their public cloud strategy. So I think the question for Broadcom is going to be okay, how fast can we monetize that engineering? Can we turn that engineering R&D into dollars? And how fast can we do that? They have two choices in my opinion, keep innovating, which of course we hope that's the case, or act like a private equity firm and just squeeze as much cash out of VMware as possible. Which I don't think would be the right strategy because eventually that says, okay, what's going to happen to Broadcom? How are they going to continue to grow? Are they're going to have to just keep growing through acquisitions? So I think R&D is a really good spend when it's VMware. >> And I think as we wrap up our keynote analysis, one of the things that's going to come out of this as the conversation, no doubt in my mind will be, VMware isn't CA. And the question is, does Broadcom go off their playbook with VMware because of the fact that you look at the sponsorships for the show, we got a robust set of sponsorships for "theCUBE." With two sets, we're booked, fully loaded. Conversation's high, the floor is all about next level cloud operations. This is not a dying market, this is a growth wave coming. So the question, as super-cloud becomes that growth, and everyone's talking about super-cloud there. Some people who don't like the name, which is good, keep grace debate. But there's no doubt that that next wave is the super-cloud philosophy, the super-cloud mindset and architecture, and development environment. And we've documented that on supercloud.world if anyone's interested. But that wave is coming, and you can see it on the floor. Look at the sponsors, look at what people are talking about, Dave. This is not like Broadcom buying VMware and tucking it under and saying, "Okay, hope we can service the customer." There's a real market growth here story. So the question is, what do you do with that? >> Well, so you start with the base. VMware is a very good platform. The reason why they don't have a ton of competition and the reason why, okay, Nutanix can maybe trickle some away, but VMware is really good, it works, it's stable, it recovers from failures, it's got a super strong ecosystem. So you start by building there and then you identify the places where you can spend a dollar and make it 10. >> Well, I was very excited that when we had our super-cloud event, which was a virtual event as a test, we had great VMware support. And a lot of the catalog sessions up here, on Moscone West, where we're sitting, upstairs is all the sessions, they're crowded. And they overlay, Dave, with our narrative and the industry narrative. On the influencer side, you're starting to see the influencers meeting our editorial and pursuing a super-cloud with VMware and their ecosystem. Kind of agreeing super-cloud is real. And I think that is an important note because just last December, when we coined the term at Reinvent, I think it was Reinvent look what's happened. I want to get your thoughts and your reaction to why super-cloud has got so much traction, it's a great buzz with the name. But why is it that our super-cloud, the VMware, and the ecosystem are all aligning with this? Why do you think that's happening? Why do you think that the momentum is accelerating? >> The reason is that, as everybody knows, organizations have multiple clouds, it's a function of shadow Devs, M&A. And so they end up with all these different clouds, all these different projects, different primitives, different APIs, different tool sets. And they called it cloud chaos today. It's accurate, it is cloud chaos. So what's the problem with that? Well, that makes it harder to secure, it makes it harder to govern, it makes it harder to share data, it creates data silos. What's the answer? Well, if you can create a layer that's an abstraction layer that simplifies all that cross cloud data sharing and development and have a consistent set of APIs through a PaaS layer, we call it super PaaS and you are going to have a metadata intelligence that says, "Okay, I'm going to put this here or put that there. And I'm going to deal with latency, I'm going to optimize for whatever purpose, data sharing, or performance or whatever it is." You're going to solve a lot of problems. And you're going to make the CIO's life easier so that they can invest in their own business and their digital transformation and their digital strategy. So that's why people agree. They might not agree with the name, but they certainly agree with the concept of that abstraction layer. >> The name is certainly a better name than multi-cloud, multi-cloud sounds broken. But I think CIOs and CXOs, CISO, CSOs have to get buy-in from their teams. The organic dev relationship with Ops and SecOps and DataOps has to be symbiotic, not conflicting. And I love the chaos story because as Andy Grove, the legend at Intel once said, "Let chaos reign and then reign in the chaos." >> Chaos is cash. >> So in any innovation inflection point, chaos becomes the complexity, abstraction layers, and or innovation takes that complexity away. This is the formula for success. And I think VMware is right in the middle of it. And I think if I'm looking at VMware right now, I'm saying, hey, reign in that chaos right now and you win. So chaos is not a bad thing if you can reign it in, Dave. >> And that's what they've done. You think about what they did with virtualization, it was chaotic, it was wasteful. I think of what they did with private cloud. They said, "Hey IT guys, we're going to help you not get cloudified. We're going to cloudify your presence on-prem and not just throw everything into the cloud." They did a great job there. And now it's all about multi-cloud. >> Well, we're going to reign in the chaos, extract the signal from the noise. Super CUBE here at super-cloud event VMware Explore. Dave, great to kick it off again. Again, 12th year of CUBE coverage. It seems like a lifetime, Dave. Just yesterday we were 2010 >> Amazing, right. We've been in Moscone South, we've been in North, we've been in Las Vegas. Now we're here West, first time in west. >> Some of these developers were in elementary school when we started "theCUBE" here, I was just feeling old relics. Anyway, we're going to bring more action, three days of coverage, thecube.net, check it out. Join our community, join the conversation. As the influences are coming more onto the market, you're seeing a lot more conversations on Twitter, on LinkedIn, on the internet, check it out. Join the conversation. I'm John Furrier and Dave Vellante. We'll be back with more coverage here in San Francisco after this break. (gentle music)

(bright upbeat music) >> Welcome back, everyone, to the "Supercloud 22." I'm John Furrier, host of "The Cube." This is the Cloud-erati panel, the distinguished experts who have been there from day one, watching the cloud grow, from building clouds, and all open source stuff as well. Just great stuff. Good friends of "The Cube," and great to introduce back on "The Cube," Adrian Cockcroft, formerly with Netflix, formerly AWS, retired, now commentating here in "The Cube," as well as other events. Great to see you back out there, Adrian. Lori MacVittie, Cloud Evangelist with F5, also wrote a great blog post on supercloud, as well as Dave Vellante as well, setting up the supercloud conversation, which we're going to get into, and Chris Hoff, who's the CTO and CSO of LastPass who's been building clouds, and we know him from "The Cube" before with security and cloud commentary. Welcome, all, back to "The Cube" and supercloud. >> Thanks, John. >> Hi. >> All right, Lori, we'll start with you to get things going. I want to try to sit back, as you guys are awesome experts, and involved from building, and in the trenches, on the front lines, and Adrian's coming out of retirement, but Lori, you wrote the post setting the table on supercloud. Let's start with you. What is supercloud? What is it evolving into? What is the north star, from your perspective? >> Well, I don't think there's a north star yet. I think that's one of the reasons I wrote it, because I had a clear picture of this in my mind, but over the past, I don't know, three, four years, I keep seeing, in research, my own and others', complexity, multi-cloud. "We can't manage it. They're all different. "We have trouble. What's going on? "We can't do anything right." And so digging into it, you start looking into, "Well, what do you mean by complexity?" Well, security. Migration, visibility, performance. The same old problems we've always had. And so, supercloud is a concept that is supposed to overlay all of the clouds and normalize it. That's really what we're talking about, is yet another abstraction layer that would provide some consistency that would allow you to do the same security and monitor things correctly. Cornell University actually put out a definition way back in 2016. And they said, "It's an architecture that enables migration "across different zones or providers," and I think that's important, "and provides interfaces to everything, "makes it consistent, and normalizes the network," basically brings it all together, but it also extends to private clouds. Sometimes we forget about that piece of it, and I think that's important in this, so that all your clouds look the same. So supercloud, big layer on top, makes everything wonderful. It's unicorns again. >> It's interesting. We had multiple perspectives. (mumbles) was like Snowflake, who built on top of AWS. Jerry Chan, who we heard from earlier today, Greylock Penn's "Castles in the Cloud" saying, "Hey, you can have a moat, "you can build an advantage and have differentiation," so startups are starting to build on clouds, that's the native cloud view, and then, of course, they get success and they go to all the other clouds 'cause they got customers in the ecosystem, but it seems that all the cloud players, Chris, you commented before we came on today, is that they're all fighting for the customer's workloads on their infrastructure. "Come bring your stuff over to here, "and we'll make it run better." And all your developers are going to be good. Is there a problem? I mean, or is this something else happening here? Is there a real problem? >> Well, I think the north star's over there, by the way, Lori. (laughing) >> Oh, there it is. >> Right there. The supercloud north star. So indeed I think there are opportunities. Whether you call them problems or not, John, I think is to be determined. Most companies have, especially if they're a large enterprise, whether or not they've got an investment in private cloud or not, have spent time really trying to optimize their engineering and workload placement on a single cloud. And that, regardless of your choice, as we take the big three, whether it's Amazon, Google, or Microsoft, each of them have their pros and cons for various types of workloads. And so you'll see a lot of folks optimizing for a particular cloud, and it takes a huge effort up and down the stack to just get a single cloud right. That doesn't take into consideration integrations with software as a service, instantiated, oftentimes, on top of infrastructure of the service that you need to supplement where the obstruction layer ends in infrastructure of the service. You've seen most IS players starting to now move up-chain, as we predicted years ago, to platform as a service, but platforms of various types. So I definitely see it as an opportunity. Previous employers have had multiple clouds, but they were very specifically optimized for the types of workloads, for example, in, let's say, AWS versus GCP, based on the need for different types and optimized compute platforms that each of those providers ran. We never, in that particular case, thought about necessarily running the same workloads across both clouds, because they had different pricing models, different security models, et cetera. And so the challenge is really coming down to the fact that, what is the cost benefit analysis of thinking about multi-cloud when you can potentially engineer the resiliency or redundancy, all the in-season "ilities" that you might need to factor into your deployments on a single cloud, if they are investing at the pace in which they are? So I think it's an opportunity, and it's one that continues to evolve, but this just reminds me, your comments remind me, of when we were talking about OpenStack versus AWS. "Oh, if there were only APIs that existed "that everybody could use," and you saw how that went. So I think that the challenge there is, what is the impetus for a singular cloud provider, any of the big three, deciding that they're going to abstract to a single abstraction layer and not be able to differentiate from the competitors? >> Yeah, and that differentiation's going to be big. I mean, assume that the clouds aren't going to stay still like AWS and just not stop innovating. We see the devs are doing great, Adrian, open source is bigger and better than ever, but now that's been commercialized into enterprise. It's an ops problem. So to Chris's point, the cost benefit analysis is interesting, because do companies have to spin up multiple operations teams, each with specialized training and tooling for the clouds that they're using, and does that open up a can of worms, or is that a good thing? I mean, can you design for this? I mean, is there an architecture or taxonomy that makes it work, or is it just the cart before the horse, the solution before the problem? >> Yeah, well, I think that if you look at any large vendor... Sorry, large customer, they've got a bit of everything already. If you're big enough, you've bought something from everybody at some point. So then you're trying to rationalize that, and trying to make it make sense. And I think there's two ways of looking at multi-cloud or supercloud, and one is that the... And practically, people go best of breed. They say, "Okay, I'm going to get my email "from Google or Microsoft. "I'm going to run my applications on AWS. "Maybe I'm going to do some AI machine learning on Google, "'cause those are the strengths of the platforms." So people tend to go where the strength is. So that's multi-cloud, 'cause you're using multiple clouds, and you still have to move data and make sure they're all working together. But then what Lori's talking about is trying to make them all look the same and trying to get all the security architectures to be the same and put this magical layer, this unicorn magical layer that, "Let's make them all look the same." And this is something that the CIOs have wanted for years, and they keep trying to buy it, and you can sell it, but the trouble is it's really hard to deliver. And I think, when I go back to some old friends of ours at Enstratius who had... And back in the early days of cloud, said, "Well, we'll just do an API that abstracts "all the cloud APIs into one layer." Enstratius ended up being sold to Dell a few years ago, and the problem they had was that... They didn't have any problem selling it. The problem they had was, a year later, when it came up for renewal, the developers all done end runs around it were ignoring it, and the CIOs weren't seeing usage. So you can sell it, but can you actually implement it and make it work well enough that it actually becomes part of your core architecture without, from an operations point of view, without having the developers going directly to their favorite APIs around them? And I'm not sure that you can really lock an organization down enough to get them onto a layer like that. So that's the way I see it. >> You just defined- >> You just defined shadow shadow IT. (laughing) That's pretty- (crosstalk) >> Shadow shadow IT, yeah. >> Yeah, shadow shadow it. >> Yeah. >> Yeah. >> I mean, this brings up the question, I mean, is there really a problem? I mean, I guess we'll just jump to it. What is supercloud? If you can have the magic outcome, what is it? Enstratius rendered in with automation? The security issues? Kubernetes is hot. What is the supercloud dream? I guess that's the question. >> I think it's got easier than it was five, 10 years ago. Kubernetes gives you a bunch of APIs that are common across lots of different areas, things like Snowflake or MongoDB Atlas. There are SaaS-based services, which are across multiple clouds from vendors that you've picked. So it's easier to build things which are more portable, but I still don't think it's easy to build this magic API that makes them all look the same. And I think that you're going to have leaky abstractions and security being... Getting the security right's going to be really much more complex than people think. >> What about specialty superclouds, Chris? What's your view on that? >> Yeah, I think what Adrian is alluding to, those leaky abstractions, are interesting, especially from the security perspective, 'cause I think what you see is if you were to happen to be able to thin slice across a set of specific types of workloads, there is a high probability given today that, at least on two of the three major clouds, you could get SaaS providers that sit on those same infrastructure of the service clouds for you, string them together, and have a service that technically is abstracted enough from the things you care about to work on one, two, or three, maybe not all of them, but most SaaS providers in the security space, or identity space, data space, for example, coexist on at least Microsoft and AWS, if not all three, with Google. And so you could technically abstract a service to the point that you let that level of abstract... Like Lori said, no computer science problem could not be... So, no computer science problem can't be solved with more layers of abstraction or misdirection... Or redirection. And in that particular case, if you happen to pick the right vendors that run on all three clouds, you could possibly get close. But then what that really talks about is then, if you built your seven-layer dip model, then you really have specialty superclouds spanning across infrastructure of the service clouds. One for your identity apps, one for data and data layers, to normalize that, one for security, but at what cost? Because you're going to be charged not for that service as a whole, but based on compute resources, based on how these vendors charge across each cloud. So again, that cost-benefit ratio might start being something that is rather imposing from a budgetary perspective. >> Lori, weigh in on this, because the enterprise people love to solve complexity with more complexity. Here, we need to go the other way. It's a commodity. So there has to be a better way. >> I think I'm hearing two fundamental assumptions. One, that a supercloud would force the existing big three to implement some sort of equal API. Don't agree with that. There's no business case for that. There's no reason that could compel them to do that. Otherwise, we would've convinced them to do that, what? 10, 15 years ago when we said we need to be interoperable. So it's not going to happen there. They don't have a good reason to do that. There's no business justification for that. The other presumption, I think, is that we would... That it's more about the services, the differentiated services, that are offered by all of these particular providers, as opposed to treating the core IaaS as the commodity it is. It's compute, it's some storage, it's some networking. Look at that piece. Now, pull those together by... And it's not OpenStack. That's not the answer, it wasn't the answer, it's not the answer now, but something that can actually pull those together and abstract it at a different layer. So cloud providers don't have to change, 'cause they're not going to change, but if someone else were to build that architecture to say, "all right, I'm going to treat all of this compute "so you can run your workloads," as Chris pointed out, "in the best place possible. "And we'll help you do that "by being able to provide those cost benefit analysis, "'What's the best performance, what are you doing,' "And then provide that as a layer." So I think that's really where supercloud is going, 'cause I think that's what a lot of the market actually wants in terms of where they want to run their workloads, because we're seeing that they want to run workloads at the edge, "a lot closer to me," which is yet another factor that we have to consider, and how are you going to be moving individual workloads around? That's the holy grail. Let's move individual workloads to where they're the best performance, the security, cost optimized, and then one layer up. >> Yeah, I think so- >> John Considine, who ultimately ran CloudSwitch, that sold to Verizon, as well as Tom Gillis, who built Bracket, are both rolling in their graves, 'cause what you just described was exactly that. (Lori laughing) Well, they're not even dead yet, so I can't say they're rolling in their graves. Sorry, Tom. Sorry, John. >> Well, how do hyperscalers keep their advantage with all this? I mean, to that point. >> Native services and managed services on top of it. Look how many flavors of managed Kubernetes you have. So you have a choice. Roll your own, or go with a managed service, and then differentiate based on the ability to take away and simplify some of that complexity. Doesn't mean it's more secure necessarily, but I do think we're seeing opportunities where those guys are fighting tooth and nail to keep you on a singular cloud, even though, to Lori's point, I agree, I don't think it's about standardized APIs, 'cause I think that's never going to happen. I do think, though, that SaaS-y supercloud model that we were talking about, layering SaaS that happens to span all the three infrastructure of the service are probably more in line with what Lori was talking about. But I do think that portability of workload is given to you today within lots of ways. But again, how much do you manage, and how much performance do you give up by running additional abstraction layers? And how much security do you give up by having to roll your own and manage that? Because the whole point was, in many cases... Cloud is using other people's computers, so in many cases, I want to manage as little of it as I possibly can. >> I like this whole SaaS angle, because if you had the old days, you're on Amazon Web Services, hey, if you build a SaaS application that runs on Amazon, you're all great, you're born in the cloud, just like that generations of startups. Great. Now when you have this super pass layer, as Dave Vellante was riffing on his analysis, and Lori, you were getting into this pass layer that's kind of like SaaS-y, what's the SaaS equation look like? Because that, to me, sounds like a supercloud version of saying, "I have a workload that runs on all the clouds equally." I just don't think that's ever going to happen. I agree with you, Chris, on that one. But I do see that you can have an abstraction that says, "Hey, I don't really want to get in the weeds. "I don't want to spend a lot of ops time on this. "I just want it to run effectively, and magic happens," or, as you said, some layer there. How does that work? How do you see this super pass layer, if anything, enabling a different SaaS game? >> I think you hit on it there. The last like 10 or so years, we've been all focused on developers and developer productivity, and it's all about the developer experience, and it's got to be good for them, 'cause they're the kings. And I think the next 10 years are going to be very focused on operations, because once you start scaling out, it's not about developers. They can deliver fast or slow, it doesn't matter, but if you can't scale it out, then you've got a real problem. So I think that's an important part of it, is really, what is the ops experience, and what is the best way to get those costs down? And this would serve that purpose if it was done right, which, we can argue about whether that's possible or not, but I don't have to implement it, so I can say it's possible. >> Well, are we going to be getting into infrastructure as code moves into "everything is code," security, data, (laughs) applications is code? I mean, "blank" is code, fill in the blank. (Lori laughing) >> Yeah, we're seeing more of that with things like CDK and Pulumi, where you are actually coding up using a real language rather than the death by YAML or whatever. How much YAML can you take? But actually having a real language so you're not trying to do things in parsing languages. So I think that's an interesting trend. You're getting some interesting templates, and I like what... I mean, the counterexample is that if you just go deep on one vendor, then maybe you can go faster and it is simpler. And one of my favorite vendor... Favorite customers right now that I've been talking to is Liberty Mutual. Went very deep and serverless first on AWS. They're just doing everything there, and they're using CDK Patterns to do it, and they're going extremely fast. There's a book coming out called "The Value Flywheel" by Dave Anderson, it's coming out in a few months, to just detail what they're doing, but that's the counterargument. If you could pick one vendor, you can go faster, you can get that vendor to do more for you, and maybe get a bigger discount so you're not splitting your discounts across vendors. So that's one aspect of it. But I think, fundamentally, you're going to find the CIOs and the ops people generally don't like sitting on one vendor. And if that single vendor is a horizontal platform that's trying to make all the clouds look the same, now you're locked into whatever that platform was. You've still got a platform there. There's still something. So I think that's always going to be something that the CIOs want, but the developers are always going to just pick whatever the best tool for building the thing is. And a analogy here is that the developers are dating and getting married, and then the operations people are running the family and getting divorced. And all the bad parts of that cycle are in the divorce end of it. You're trying to get out of a vendor, there's lawyers, it's just a big mess. >> Who's the lawyer in this example? (crosstalk) >> Well... (laughing) >> Great example. (crosstalk) >> That's why ops people don't like lock-in, because they're the ones trying to unlock. They aren't the ones doing the lock-in. They're the ones unlocking, when developers, if you separate the two, are the ones who are going, picking, having the fun part of it, going, trying a new thing. So they're chasing a shiny object, and then the ops people are trying to untangle themselves from the remains of that shiny object a few years later. So- >> Aren't we- >> One way of fixing that is to push it all together and make it more DevOps-y. >> Yeah, that's right. >> But that's trying to put all the responsibilities in one place, like more continuous improvement, but... >> Chris, what's your reaction to that? Because you're- >> No, that's exactly what I was going to bring up, yeah, John. And 'cause we keep saying "devs," "dev," and "ops" and I've heard somewhere you can glue those two things together. Heck, you could even include "sec" in the middle of it, and "DevSecOps." So what's interesting about what Adrian's saying though, too, is I think this has a lot to do with how you structure your engineering teams and how you think about development versus operations and security. So I'm building out a team now that very much makes use of, thanks to my brilliant VP of Engineering, a "Team Topologies" approach, which is a very streamlined and product oriented way of thinking about, for example, in engineering, if you think about team structures, you might have people that build the front end, build the middle tier, and the back end, and then you have a product that needs to make use of all three components in some form. So just from getting stuff done, their ability then has to tie to three different groups, versus building a team that's streamlined that ends up having front end, middleware, and backend folks that understand and share standards but are able to uncork the velocity that's required to do that. So if you think about that, and not just from an engineering development perspective, but then you couple in operations as a foundational layer that services them with embedded capabilities, we're putting engineers and operations teams embedded in those streamlined teams so that they can run at the velocity that they need to, they can do continuous integration, they can do continuous deployment. And then we added CS, which is continuously secure, continuous security. So instead of having giant, centralized teams, we're thinking there's a core team, for example, a foundational team, that services platform, makes sure all the trains are running on time, that we're doing what we need to do foundationally to make the environments fully dev and operator and security people functional. But then ultimately, we don't have these big, monolithic teams that get into turf wars. So, to Adrian's point about, the operators don't like to be paned in, well, they actually have a say, ultimately, in how they architect, deploy, manage, plan, build, and operate those systems. But at the same point in time, we're all looking at that problem across those teams and go... Like if one streamline team says, "I really want to go run on Azure, "because I like their services better," the reality is the foundational team has a larger vote versus opinion on whether or not, functionally, we can satisfy all of the requirements of the other team. Now, they may make a fantastic business case and we play rock, paper, scissors, and we do that. Right now, that hasn't really happened. We look at the balance of AWS, we are picking SaaS-y, supercloud vendors that will, by the way, happen to run on three platforms, if we so choose to expand there. So we have a similar interface, similar capability, similar processes, but we've made the choice at LastPass to go all in on AWS currently, with respect to how we deliver our products, for all the reasons we just talked about. But I do think that operations model and how you build your teams is extremely important. >> Yeah, and to that point- >> And has the- (crosstalk) >> The vendors themselves need optionality to the customer, what you're saying. So, "I'm going to go fast, "but I need to have that optionality." I guess the question I have for you guys is, what is today's trade-off? So if the decision point today is... First of all, I love the go-fast model on one cloud. I think that's my favorite when I look at all this, and then with the option, knowing that I'm going to have the option to go to multiple clouds. But everybody wants lock-in on the vendor side. Is that scale, is that data advantage? I mean, so the lock-in's a good question, and then also the trade-offs. What do people have to do today to go on a supercloud journey to have an ideal architecture and taxonomy, and what's the right trade-offs today? >> I think that the- Sorry, just put a comment and then let Lori get a word in, but there's a lot of... A lot of the market here is you're building a product, and that product is a SaaS product, and it needs to run somewhere. And the customers that you're going to... To get the full market, you need to go across multiple suppliers, most people doing AWS and Azure, and then with Google occasionally for some people. But that, I think, has become the pattern that most of the large SaaS platforms that you'd want to build out of, 'cause that's the fast way of getting something that's going to be stable at scale, it's got functionality, you'd have to go invest in building it and running it. Those platforms are just multi-cloud platforms, they're running across them. So Snowflake, for example, has to figure out how to make their stuff work on more than one cloud. I mean, they started on one, but they're going across clouds. And I think that that is just the way it's going to be, because you're not going to get a broad enough view into the market, because there isn't a single... AWS doesn't have 100% of the market. It's maybe a bit more than them, but Azure has got a pretty solid set of markets where it is strong, and it's market by market. So in some areas, different people in some places in the world, and different vertical markets, you'll find different preferences. And if you want to be across all of them with your data product, or whatever your SaaS product is, you're just going to have to figure this out. So in some sense, the supercloud story plays best with those SaaS providers like the Snowflakes of this world, I think. >> Lori? >> Yeah, I think the SaaS product... Identity, whatever, you're going to have specialized. SaaS, superclouds. We already see that emerging. Identity is becoming like this big SaaS play that crosses all clouds. It's not just for one. So you get an evolution going on where, yes, I mean, every vendor who provides some kind of specific functionality is going to have to build out and be multi-cloud, as it were. It's got to work equally across them. And the challenge, then, for them is to make it simple for both operators and, if required, dev. And maybe that's the other lesson moving forward. You can build something that is heaven for ops, but if the developers won't use it, well, then you're not going to get it adopted. But if you make it heaven for the developers, the ops team may not be able to keep it secure, keep everything. So maybe we have to start focusing on both, make it friendly for both, at least. Maybe it won't be the perfect experience, but gee, at least make it usable for both sides of the equation so that everyone can actually work in concert, like Chris was saying. A more comprehensive, cohesive approach to delivery and deployment. >> All right, well, wrapping up here, I want to just get one final comment from you guys, if you don't mind. What does supercloud look like in five years? What's the Nirvana, what's the steady state of supercloud in five to 10 years? Or say 10 years, make it easier. (crosstalk) Five to 10 years. Chris, we'll start with you. >> Wow. >> Supercloud, what's it look like? >> Geez. A magic pane, a single pane of glass. (laughs) >> Yeah, I think- >> Single glass of pain. >> Yeah, a single glass of pain. Thank you. You stole my line. Well, not mine, but that's the one I was going to use. Yeah, I think what is really fascinating is ultimately, to answer that question, I would reflect on market consolidation and market dynamics that happens even in the SaaS space. So we will see SaaS companies combining in focal areas to be able to leverage the positions, let's say, in the identity space that somebody has built to provide a set of compelling services that help abstract that identity problem or that security problem or that instrumentation and observability problem. So take your favorite vendors today. I think what we'll end up seeing is more consolidation in SaaS offerings that run on top of infrastructure of the service offerings to where a supercloud might look like something I described before. You have the combination of your favorite interoperable identity, observability, security, orchestration platforms run across them. They're sold as a stack, whether it be co-branded by an enterprise vendor that sells all of that and manages it for you or not. But I do think that... You talked about, I think you said, "Is this an innovator's dilemma?" No, I think it's an integrator's dilemma, as it has always ultimately been. As soon as you get from Genesis to Bespoke Build to product to then commoditization, the cycle starts anew. And I think we've gotten past commoditization, and we're looking at niche areas. So I see just the evolution, not necessarily a revolution, of what we're dealing with today as we see more consolidation in the marketplace. >> Lori, what's your take? Five years, 10 years, what does supercloud look like? >> Part of me wants to take the pie in the sky unicorn approach. "No, it will be beautiful. "One button, and things will happen," but I've seen this cycle many times before, and that's not going to happen. And I think Chris has got it pretty close to what I see already evolving. Those different kinds of super services, basically. And that's really what we're talking about. We call them SaaS, but they're... X is a service. Everything is a service, and it's really a supercloud that can run anywhere, but it presents a different interface, because, well, it's easier. And I think that's where we're going to go, and that's just going to get more refined. And yes, a lot of consolidation, especially on the observability side, but that's also starting to consume the security side, which is really interesting to watch. So that could be a little different supercloud coming on there that's really focused on specific types of security, at least, that we'll layer across, and then we'll just hook them all together. It's an API first world, and it seems like that's going to be our standard for the next while of how we integrate everything. So superclouds or APIs. >> Awesome. Adrian... Adrian, take us home. >> Yeah, sure. >> What's your- I think, and just picking up on Lori's point that these are web services, meaning that you can just call them from anywhere, they don't have to run everything in one place, they can stitch it together, and that's really meant... It's somewhat composable. So in practice, people are going to be composable. Can they compose their applications on multiple platforms? But I think the interesting thing here is what the vendors do, and what I'm seeing is vendors running software on other vendors. So you have Google building platforms that, then, they will support on AWS and Azure and vice versa. You've got AWS's distro of Kubernetes, which they now give you as a distro so you can run it on another platform. So I think that trend's going to continue, and it's going to be, possibly, you pick, say, an AWS or a Google software stack, but you don't run it all on AWS, you run it in multiple places. Yeah, and then the other thing is the third tier, second, third tier vendors, like, I mean, what's IBM doing? I think in five years time, IBM is going to be a SaaS vendor running on the other clouds. I mean, they're already halfway there. To be a bit more controversial, I guess it's always fun to... Like I don't work for a corporate entity now. No one tells me what I can say. >> Bring it on. >> How long can Google keep losing a billion dollars a quarter? They've either got to figure out how to make money out of this thing, or they'll end up basically being a software stack on another cloud platform as their, likely, actual way they can make money on it. Because you've got to... And maybe Oracle, is that a viable cloud platform that... You've got to get to some level of viability. And I think the second, third tier of vendors in five, 10 years are going to be running on the primary platform. And I think, just the other final thing that's really driving this right now. If you try and place an order right now for a piece of equipment for your data center, key pieces of equipment are a year out. It's like trying to buy a new fridge from like Sub-Zero or something like that. And it's like, it's a year. You got to wait for these things. Any high quality piece of equipment. So you go to deploy in your data center, and it's like, "I can't get stuff in my data center. "Like, the key pieces I need, I can't deploy a whole system. "We didn't get bits and pieces of it." So people are going to be cobbling together, or they're going, "No, this is going to cloud, because the cloud vendors "have a much stronger supply chain to just be able "to give you the system you need. "They've got the capacity." So I think we're going to see some pandemic and supply chain induced forced cloud migrations, just because you can't build stuff anymore outside the- >> We got to accelerate supercloud, 'cause they have the supply. They are the chain. >> That's super smart. That's the benefit of going last. So I'm going to scoop in real quick. I can't believe we can call this "Web3 Supercloud," because none of us said "Web3." Don't forget DAO. (crosstalk) (indistinct) You have blockchain, blockchain superclouds. I mean, there's some very interesting distributed computing stuff there, but we'll have to do- >> (crosstalk) We're going to call that the "Cubeverse." The "Cubeverse" is coming. >> Oh, the "Cubeverse." All right. >> We will be... >> That's very meta. >> In the metaverse, Cubeverse soon. >> "Stupor cloud," perhaps. But anyway, great points, Adrian and Lori. Loved it. >> Chris, great to see you. Adrian, Lori, thanks for coming on. We've known each other for a long time. You guys are part of the cloud-erati, the group that has been in there from day one, and watched it evolve, and you get the scar tissue to prove it, and the experience. So thank you so much for sharing your commentary. We'll roll this up and make it open to everybody as additional content. We'll call this the "outtakes," the longer version. But really appreciate your time, thank you. >> Thank you. >> Thanks so much. >> Okay, we'll be back with more "Supercloud 22" right after this. (bright upbeat music)

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum World 2019. Brought to you by VM Wear and its ecosystem partners. >> Welcome back. We're here. Of'em World 2019. You're watching the Cubans? Our 10th year of coverage at the event. I'm stupid. And my co host this afternoon is Justin Warren. And happy to welcome back to the program. Bob Ghaffari, who's the general manager of the Enterprise and Claude networking division at Intel. Bob, welcome back. Great. Great to be here. Thank you. S Oh, uh, you know, it's a dressing. And I think that last year I felt like every single show that I went to there was an Intel executive up on the stage. You know, there's a way we talked about. You know, the tic tac of the industry is something that drove things. So last year? Ah, lot going on. Um, haven't seen intel quite as much, but we know that means that, you know, you're you and your team aren't really busy. You know a lot of things going on here. VM worldwide. Give us the update since last we spoke. Well, you know, um >> So I think we have to just go back a little bit in terms of how until has been involved in terms of really driving. Just hold this whole network transformation. I want to say it started about a decade ago when we were really focused on trying to go Dr. You know, a lot of the capabilities on to more of a standard architecture, right? In the past, you know, people were encumbered by challenging architectures, you know, using, you know, proprietary kind of network processors. We were able to bring this together until architecture we open source dp decay, which is really this fast packet processing, you know, library that we basically enabled the industry on. And with that, there's basically been this. I want to say this revolution in terms of how networking has come together. And so what we've seen since last year is you know how NSX via Miranda sex itself has really grown up and be able to sort of get to these newer, interesting usage models. And so, for us, you know what really gets us excited is being really involved with enabling hybrid cloud multi cloud from a network perspective. And that's just what really gets me out of bed every day. Yeah, An s >> t n is, I think, gone from that early days where it was all a bit scary and new, and people weren't quite sure that they wanted to have that. Whereas now Stu is the thing, it's people are quite happy and comfortable to use it. It's it's now a very accepted way of doing networking. What have you noticed about that change where people have gone? Well, actually, it's accepted. Now, what is that enabling customers to do with S T. N. >> You know, um I mean, I think what you know S Dan really does. It gives you a lot of the enterprise customers and cloud customers, and a lot of other is really the flexibility to be able to do what you really need to do much better. And so if you can imagine the first stage, we had to go get a lot of the functions virtualized, right? So we did that over the last 10 years, getting the functions virtualized, getting him optimized and making sure that the performance is there as a virtual function. The next step here is really trying to make sure that you know you weaken enable customers to be able to do what they need to end their micro service's and feels. Or do this in a micro segmented kind of view. When and so um and also being in a scenario, we don't have to trombone the traffic, you know, off to be there, be it's inspected or, you know, our load balance and bringing that capability in a way, in a distributed fashion to where the workloads Neto happen. >> Yeah, who you mentioned micro segmentation there, And that's something which has been spoken about again for quite a while. What's the state of play with micro segmentation? Because it some customs have been trying to use it and found it a little bit tricky. And so they were seeing lots of vendors who come in and say We'll help you manage that. What's the state of play with Michael segmentation From your perspective, >> you know, I would say the way I would categorize it as micro segmentation has definitely become a very important usage model. In turn, how did really contain, you know, uh, policies within certain segments, right? So, one you know, you're able to sort of get to a better way of managing your environments. And you're also getting to a better way of containing any kind of threats. And so the fact that you can somehow, you know, segment off, um, you know, areas and FAA. And if you basically get some kind of, like attack or some kind of, you know, exploit, it's not gonna, you know, will go out of that segmented area to to some extent, that simplifies how you look at your environment, but you want to be able to do it in the fashion that you know, helps. Ultimately, the enterprises managed what they got on their environments. >> So, Bob, one of things that really struck me last year was the messaging that VM were had around networking specifically around multi cloud. It really hearken back to what I had heard from my syrup reacquisition on. Of course. Now, Veum, we're extending that with of'em or cloud in all of you know, aws the partnerships they are false, extended with azure, with Google in non premises with Delhi emcee and others. And a big piece of that message is we're gonna be able to have the same stack on on both sides. You could kind of explain. Where does Intel fit in there? How does Intel's networking multi cloud story dovetail with what we're hearing from VM? Where Right, So I >> think >> the first thing is that until has been very involved in terms of being into, um, any on Prem or public clouds, we get really involved there. What were you really trying to do on my team does is really focusing on the networking aspects. And so, for us is to not only make sure that if you're running something on prime, you get the best experience on from but also the consistency of having a lot of the key instruction sets and any cloud and be able to sort of, ah, you know, managed that ballistically, especially when you're looking at a hybrid cloud environment where you're basically trying to communicate between a certain cloud. It could be on Prem to another cloud that might be somewhere else. Having the consistent way of managing through encrypted tunnels and making sure you're getting the kind of performance that you need to be able to go address that I think these are the kind of things that we really focus on, and I think that for us, it's not only really bring this out and, um improving our instructions that architecture's so most recently What we did is, you know, we launched our second generations Aeon Scaleable processors that really came out in April, and so for us that really takes it to the next level. We get some really interesting new instruction, sets things like a V X 5 12 We get also other kind of, you know, you know more of, like inference, analytic inference capabilities with things like Deal Boost that really brings things together so you can be more effective and efficient in terms of how you look at your workloads and what you need to do with them, making sure they're secure but also giving you the insights that you need to be able to make that kind of decisions you want from a enterprise perspective >> steward. It always amuses me how much Intel is involved in all of his cloud stuff when it it would support. We don't care about hardware anymore. It's all terribly obstructed. And come >> on, Justin, there is no cloud. It's just someone tells his computer and there's a reasonable chance there's an Intel component or two Wednesday, right? >> Isn't Intel intelligence and the fact that Intel comes out and is continuing to talk to customers and coming to these kinds of events and showing that it's still relevant, and the technology that you're creating? Exactly how that ties into what's happening in cloud and in networking, I think is an amazing credit to what? To Intel's ability to adapt. >> You know, it's definitely been very exciting, and so not only have we really been focused on, how do we really expand our processor franchise really getting the key capabilities we need. So any time, anywhere you're doing any kind of computer, we want to make sure we're doing the best for our customers as possible. But in addition to that, what we've really done is we've been helped us around doubt our platform capabilities from a solution perspective to really bring out not only what has historically been a very strong franchise, pressed with her what we call our foundational nicks or network interface cards, but we've been eldest would expand that to be able to bring better capabilities no matter what you're trying to do. So let's say, for example, you know, um, you are a customer that wants to be able to do something unique, and you want to be able to sort of accelerate, you know, your own specific networking kind of functions or virtual switches. Well, we have the ability to do that. And so, with her intel, f p g. A and 3000 card as an example, you get that capability to be able to expand what you would traditionally do from a platform level perspective. >> I want to talk about the edge, but before we go there, there's a topic that's hot conversation here. But when I've been talking to Intel for a lot of years out container ization in general and kubernetes more specifically, you know, where does that fit into your group? I mentioned it just cause you know that the last time Intel Developer forum happened, a friend of mine gave a presentation working for intel, and, you know, just talking about how much was going on in that space on. Do you know, I made a comment back there this few years ago. You know, we just spent over a decade fixing all the networking and storage issues with virtualization. Aren't we going to have to do that again? And containers Asian? Of course, we know way are having toe solve some of those things again. So, you >> know, and for us, you know, as you guys probably know, until it's been really involved in one of the biggest things that you know sometimes it's kept as a secret is that we're probably one of the bigger, um, employers of software engineers. And so until was really, really involved. We have a lot of people that started off with, you know, open source of clinics and being involved there. And, of course, containers is sort of evolution to that. And for us really trying to be involved in making sure that we can sort of bring the capabilities that's needed from our instructions, said architecture is to be able to do containers kubernetes, and, you know, to do this efficient, efficiently and effectively is definitely key to what we want to get done. >> All right, so that was a setup. I I wanted for EJ computing because a lot of these we have different architectures we're gonna be doing when we're getting to the edge starting here. A little bit of that show that this show. But it's in overall piece of that multi cloud architecture that we're starting to build out. You know, where's your play? >> Well, so for us, I mean the way that we look at it as we think it starts all, obviously with the network. So when you are really trying to do things often times Dedge is the closest to word that data is being, you know, realized. And so for us making sure that, you know, we have the right kind of platform level capabilities that can take this data. And then you have to do something with this data. So there's a computer aspect to it, and then you have to be able to really ship it somewhere else, right? And so it's basically going to be to another cloud and might be to another micro server somewhere else. And so for us, what really sets the foundation is having a scale will set a platform sort of this thick, too thin kind of concept. That sort of says, depending on what you're trying to do, what you need to have something that could go the answer mold into that. And so for us, having a scaleable platform that can go from our Biggers eons down to an Adam processor is really important. And then also what we've been doing is working with the ecosystem to make sure that the network functions and software defined when and you know that we think sets a foundation to how you want to go and live in this multi cloud world. But starting off of the edge, you want to make sure that that is really effective, efficient. We can basically provide this in a very efficient capability because there's some areas where you know this. It's gonna be very price sensitive. So we think we have this awesome capability here with our Adam processors. In fact, yesterday was really interesting. We had Tom Burns and Tom Gillis basically get on the stage and talk about how Dell and VM we're collaborating on this. Um, and this basically revolves around platforms based on the Adam Process sitter, and that could scale up to our ze aan de processors and above that, so it depends on what you're trying to do, and we've been working with our partners to make sure that these functions that start off with networker optimized and you can do as much compute auras little computer as you want on that edge >> off the customers who were starting to use age because it's it's kind of you, but it's also kind of not. It's been around for a while. We just used to call it other things, like robots for the customers who were using engine the moment. What's what's the most surprising thing that you've seen them do with your technology? >> You know what is interesting is, you know, we sometimes get surprised by this ourselves and so one of the things that you know, some customers say, Well, you know, we really need low cost because all we really care about is just low level. You know, we we want to build the deploy this into a cafe, and we don't think you're gonna be all that the price spot because they automatically think that all intel does is Biggs eons, and we do a great job with that. But what is really interesting is that with their aunt in processors, we get to these very interesting, you know, solutions that are cost effective and yet gives you the scalability of what you might want to do. And so, for example, you know, we've seen customers that say, Yeah, you know, we want to start off with this, but you know, I'm networking, is it? But you know what? We have this plan, and this plan is like this. Maybe it's a 90 day plan or it could be up to a two year plan in terms of how they want to bring more capabilities at that branch and want to want to be able to do more. They want to be able to compute more. They want to make decisions more. They want to be able to give their customers at that place a much better experience that we think we have a really good position here with their platforms and giving you this mix and match capability, but easily built to scale up and do what our customers want. Great >> Bob, You know, when I think about this space in general, we haven't talked about five g yet, and you know, five g WiFi six, you know, expected to have a significant impact on networking. We're talking a little bit about you know edge. It's gonna play in that environment. Uh, what do you hear from Augusta Summers? How much is that involved with the activities you're working through? You know, >> it's definitely, really interesting. So, uh, five g is definitely getting a lot of hype. Were very, very involved. We've been working on this for a while until it's, uh, on the forefront of enabling five G, especially as it relates to network infrastructure, one of the key focus areas for us. And so the way that we sort of look at this on the edges that a lot of enterprises, some of them are gonna be leading, especially for cases where Leighton see is really important. You want to be able to make decisions, you know, really rather quickly. You want to be able to process it right there. Five g is gonna be one of these interesting technologies that starts, and we're already starting to see it enabled these new or used cases, and so we're definitely really excited about that. We're already starting to see this in stadium experience being enabled by five G what we're doing on the edge. There's experiences like that that we really get excited when we're part of, and we're really able to provide this model of enabling, you know, these new usage models. So for us, you know the connectivity aspects five g is important. Of course, you know, we're going to see a lot of work clothes used for G as basically predominant option. And, of course, the standard wired connective ity of I p m pl less and other things. >> I want to give you the final word. Obviously, Intel long partnership. As we know you know, current CEO Pack else under, you know, spent a good part of his, you know, early part of career at Intel. Give us the takeaway intel VM wear from VM 2019. You know, I mean, we've had a >> long partnership here between intel on VM, where we definitely value the partnership for us. It started off with virtual light servers a while back. Now we've been working on networking and so for us, the partnership has been incredible. You know, we continue to be able to work together. Of course. You know, we continue to see challenges as we go into hybrid cloud Malta Cloud. We are very excited to how in terms of how we can take this to the next level. And, you know, we're very happy to be be great partners with them. >> All right. Well, Bob Ghaffari, thank you for giving us the Intel networking update. We go up the stack down the stack, Multi cloud, all out the edge, coyote and all the applications for Justin Warren. I'm stupid. Men will be back for our continuing coverage of the emerald 2019. Thanks for watching the Cube.