(upbeat music) (logo crystals tingle) >> Hi, everybody, welcome back to FalCon22, I'm Dave Vellante and you're watching theCube's continuous coverage, this is day two. We live in an API economy, but APIs, you know, they're sometimes vulnerable, Michael Nicosia is here, he's the Chief Operating Officer and co-founder of Salt Security, API Security Specialist, Michael, welcome to theCUBE, thanks for coming on. >> Thank you so much, Dave, glad to be here. >> You're very welcome. Why did you and your co-founder, is it Roy? >> Yeah. >> Why did you guys start Salt Security? >> So really easy, I mean, as you mentioned, the proliferation of APIs constantly is growing on a year to year basis. So in 2015, when he and I met, we had this idea that it was going to continue to grow and APIs were going to be critical to every organization from an innovation perspective, from a safety perspective and we thought that current tools out there couldn't protect against the new threat vector that we thought was going to happen. And, you know, you fast forward to 2022 and here we are, it's the largest growing threat vector from an API perspective because APIs are just growing like crazy. >> Right. Well, let's talk about the news, CrowdStrike made an investment in your company. >> Michael: Yes. >> Congratulations. >> Michael: Thank you. >> Tell us about that, why it's important, and to have a strategic partner like that. >> Yeah, so first of all, we're super thrilled about the partnership, I mean, it's amazing. And not only the partnership, the strategic investment for us just signifies the importance of our two companies in terms of what we want to do in the field together or in the market together. So the strategic investment is amazing, the partnership is even more amazing just because it's kind of like, you know, the first in its class from an API security perspective, we've got partners from the cloud providers and then the only other partnerships really have is with API Management vendors. So this is unique in that it goes outside the security ecosystem to provide this partnership and the nice thing about it is it's exclusive, excuse me, and it just continues to validate the leadership where we have an API security, as well as obviously a leadership that CrowdStrike has. >> Exclusive in the sense that CrowdStrike's not going to invest in another API competitor and you're not going to take investment from an endpoint- >> Michael: Exactly. >> Or something like that. >> Endpoint or, you know, really cloud workload situation. >> Anything within that vastly expanding portfolio. >> Michael: Exactly. >> So pretty much anybody. >> Michael: Exactly. >> Except network security, from what I saw in the keynote yesterday, that's sort of on the table, for now. So, okay, so why should customers care about this? What's the benefit to them? >> Yeah, so if you think about, the security profile of organizations and where they seem to have potential risk, threat vectors, you know, endpoint, you know, Cloud obviously API becomes a bigger, threat vector as well. So I think the partnership just solidifies the fact that we want to create a better security profile for organizations and we want to make it safe for them to innovate and continue to do what they do. So I think that's the importance and when you put the two together it just creates a larger value proposition, more stickiness from end point to cloud, to APIs. >> So we have a partner, theCUBE, and in New York city and it's called ETR and they do quarterly surveys of CISOs, CIOs, IT buyers, about 12 to 1500 a quarter. And so I was chatting with those guys last week, they knew we were going to be at CrowdStrike and so they ran some data for all the API security vendors and you guys were, you know they had like the Gartner Magic Quadrant but it's not, you know, vision and execution, it's spending momentum and like presence in their survey, it's like market share, mind share. >> Sure. >> You guys were up and to the right, like, way, way, way ahead, I presume that's why you got the attention of CrowdStrike. I found their data set to be incredibly good, that's how we found CrowdStrike years ago, like, "Wow, who's this company?" >> Yeah. >> You know, companies like CrowdStrike, Okta, Zscaler, Snowflake Off The Charts, but you guys were really noticeable. Talk about the spending momentum you're seeing with customers, where's that coming from? >> Yeah, I mean look, for us it's a continuing growing market, it's accelerating and we're still in the, you know, early stages of the market, which is amazing. But if you think about what organizations do, they innovate, right, they innovate through, you know, software, through applications or APIs. So if you think about, you know, how do they continue to innovate safely? They need a solution, like Salt Security to protect from any bad actors that could potentially create any breaches, vulnerabilities. So I think that that's why CISOs in particular are super excited about talking to us, making sure that they have all of their bases covered especially when it comes to applications that they have within their organization, which continues to grow. >> And not to not to be a methodology geek, but the methodology they use is to essentially say, is a customer spending more or less, they subtract the lesses from the mores and that's what you're left with. And one of the lesses is churn, and if you have high churn, you're spending momentum, >> you know- >> Micheal: Yeah. >> In their methodology goes into the tank. So you have obviously admitted you have very low churn is that what you're saying in the field? >> Micheal: Absolutely. >> Why is that? >> Yeah, I mean, again, I think it's, it goes back to the value that we bring to customers. I think, you know, our solution works, we're the only AI/ML-based solution with deep context so we can really take a closer granular look at the APIs, model those APIs, create a baseline and really protect against them. So I mean, our solution works and it works really well and I think we provide value in that, you know, CISOs don't have to worry about any bad actors trying to infiltrate their applications 'cause they know that Salt Security is there protecting them. >> I know you're not the tech guy but you're the founder, co-founder of a technology company so you got to be conversant in the tech, 'cause this is the way it is in our business, so tell us about the tech, what's so cool about it? What's the differentiation? >> Yeah, I guess, and I mentioned that it's really AI/ML based, you know, we leverage big data and it's really the context associated to that, which means that, you know, we can get into granular details of really baselining the API itself. And what we do really well is, because these are unique attacks and these attacks could be days, weeks, months and we're the only vendor that, that can really correlate across that timeline because of the context-based big data that we leverage to be able to, you know, spot these potential bad actors that we look for. >> And all this happens in the cloud or? >> Absolutely, it's all... >> You have a server in your office? >> No, no, it's all it's a hundred percent SaaS-based, Cloud-based solution, I think that's one of the reasons why the partnership with CrowdStrike is so amazing as well. >> Talk a little bit more about the synergies between CrowdStrike and Salt Security. >> Tons of synergies, I mean, if you think about from, you know, from the part of being a little fluffy culture, the two companies have similar cultures, we go after similar you know, first Cloud, innovative companies. If you think about kind of the technology that CrowdStrike has put forth, revolutionized the endpoint security, and now moving into the Cloud, you know, leveraging AI and ML, we're doing the exact same thing so I think there's a lot of synergies associated with that. And again, the final point that I'll make is that you know, we think together the, you know, better together story is, resonates just because if you think about all of the areas that you know have potential breaches, these threats, we kind of cover 'em all with the partnership. >> When I talk to a founding, you know, co-founder, who's a go to market pro, I like to ask them how did you know when to scale? I mean, you got to have product market fit, I see so many companies failing because they try to go to market before they have, they try to scale go to market before they have product market, but how did you do it? How did you know when to scale? >> You know, it's tricky, and you got to look at a couple of, you know, factors, you got to look at the market, you got to look at, you know, how much potential opportunity exists and you really need to look at, the momentum that is being established. You know, when you talk to CISOs, kind of, you know, talking to them about projects and how, how they prioritize projects and where API security fits, you know, once it begins to be the top three and you start that momentum and obviously you bringing in the revenue. I think that those are signs that we see, that we say, "Okay, we need to double down on making sure we've got coverage across the world in order for us to support demand." >> And you were the first sales rep, right? >> Michael: Yeah. >> Okay. >> Roy and I, I was the first AE, here was the first SE. >> Okay, but your early go-to market pros are probably different than what you're bringing in today, you didn't have, you know, a lot of BDRs at the time, but you guys were hands on consultants- >> Absolutely. >> Like sort of process consultants, sales folks, right? And then you codify that when you're ready to scale and now you're, is that kind of a, what you're doing? >> Absolutely, I mean, you nailed it, I mean, it's in the early stages, it's validating that there's a problem that exists in the market and how important is that problem, you know, to CISOs. So when we first started we met probably about 50 CISOs where we just had that conversation, not about sales, it was more about, "Hey we just want to talk to you about a problem we think exists in the market, love to get your reaction on that problem and then obviously how you're solving that problem and how much of a priority is that problem," How important is it to you? And then once you have those discussions then you can really find those individuals, early adopters if you will, that are ready to buy and then it kind of proliferates from there. >> And then you have a CRO , I presume, right? So what was that like finding him or her, is a really important first sales hire. >> Super important, yeah. >> How did you go about that? How long did it take? >> Yeah so it took about six to eight months and you know it's really tough because, you know, we look at cultural fit, above everything else. So it's not, that, "Can they do the job?" it's culturally, do they fit in? And you know, how much can that individual scale the organization? So there's a lot of factors associated, there's a lot of individuals associated to, you know with the interview process. So that's how we looked at it and obviously we wanted somebody that had experience in a company our size, was able to scale it and so on. The one tricky thing is, and I'll tell you this, is, you know, for Roy and I, you kind of have to let go a little bit, that was really tough, so knowing that you need to do that is something that- >> A little bit of founderitis? >> Micheal: Yeah. >> Dave: It's hard, right? >> Micheal: It's hard. >> Dave: Yeah, it's your baby. >> It's like, whaat? >> I get it, Michael, thanks so much for coming to theCUBE, congratulations on the news- >> Thank you Dave. >> The investment and good luck. >> Awesome, thank you so much, appreciate it. >> You're really welcome. All right, keep it right there, we'll be back right after this short break. Dave Vellante for theCUBE at FalCon22, CrowdStrike's big user event, we'll be right back. (cheerful bouncy music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE and ETR, this is "Breaking Analysis" with Dave Vellante. >> If it weren't for Pat Gelsinger, Intel's future would be a disaster. Even with his clear vision, fantastic leadership, deep technical and business acumen, and amazing positivity, the company's future is in serious jeopardy. It's the same story we've been telling for years. Volume is king in the semiconductor industry, and Intel no longer is the volume leader. Despite Intel's efforts to change that dynamic With several recent moves, including making another go at its Foundry business, the company is years away from reversing its lagging position relative to today's leading foundries and design shops. Intel's best chance to survive as a leader in our view, will come from a combination of a massive market, continued supply constraints, government money, and luck, perhaps in the form of a deal with apple in the midterm. Hello, and welcome to this week's "Wikibon CUBE Insights, Powered by ETR." In this "Breaking Analysis," we'll update you on our latest assessment of Intel's competitive position and unpack nuggets from the company's February investor conference. Let's go back in history a bit and review what we said in the early 2010s. If you've followed this program, you know that our David Floyer sounded the alarm for Intel as far back as 2012, the year after PC volumes peaked. Yes, they've ticked up a bit in the past couple of years but they pale in comparison to the volumes that the ARM ecosystem is producing. The world has changed from people entering data into machines, and now it's machines that are driving all the data. Data volumes in Web 1.0 were largely driven by keystrokes and clicks. Web 3.0 is going to be driven by machines entering data into sensors, cameras. Other edge devices are going to drive enormous data volumes and processing power to boot. Every windmill, every factory device, every consumer device, every car, will require processing at the edge to run AI, facial recognition, inference, and data intensive workloads. And the volume of this space compared to PCs and even the iPhone itself is about to be dwarfed with an explosion of devices. Intel is not well positioned for this new world in our view. Intel has to catch up on the process, Intel has to catch up on architecture, Intel has to play catch up on security, Intel has to play catch up on volume. The ARM ecosystem has cumulatively shipped 200 billion chips to date, and is shipping 10x Intel's wafer volume. Intel has to have an architecture that accommodates much more diversity. And while it's working on that, it's years behind. All that said, Pat Gelsinger is doing everything he can and more to close the gap. Here's a partial list of the moves that Pat is making. A year ago, he announced IDM 2.0, a new integrated device manufacturing strategy that opened up its world to partners for manufacturing and other innovation. Intel has restructured, reorganized, and many executives have boomeranged back in, many previous Intel execs. They understand the business and have a deep passion to help the company regain its prominence. As part of the IDM 2.0 announcement, Intel created, recreated if you will, a Foundry division and recently acquired Tower Semiconductor an Israeli firm, that is going to help it in that mission. It's opening up partnerships with alternative processor manufacturers and designers. And the company has announced major investments in CAPEX to build out Foundry capacity. Intel is going to spin out Mobileye, a company it had acquired for 15 billion in 2017. Or does it try and get a $50 billion valuation? Mobileye is about $1.4 billion in revenue, and is likely going to be worth more around 25 to 30 billion, we'll see. But Intel is going to maybe get $10 billion in cash from that, that spin out that IPO and it can use that to fund more FABS and more equipment. Intel is leveraging its 19,000 software engineers to move up the stack and sell more subscriptions and high margin software. He got to sell what he got. And finally Pat is playing politics beautifully. Announcing for example, FAB investments in Ohio, which he dubbed Silicon Heartland. Brilliant! Again, there's no doubt that Pat is moving fast and doing the right things. Here's Pat at his investor event in a T-shirt that says, "torrid, bringing back the torrid pace and discipline that Intel is used to." And on the right is Pat at the State of the Union address, looking sharp in shirt and tie and suit. And he has said, "a bet on Intel is a hedge against geopolitical instability in the world." That's just so good. To that statement, he showed this chart at his investor meeting. Basically it shows that whereas semiconductor manufacturing capacity has gone from 80% of the world's volume to 20%, he wants to get it back to 50% by 2030, and reset supply chains in a market that has become important as oil. Again, just brilliant positioning and pushing all the right hot buttons. And here's a slide underscoring that commitment, showing manufacturing facilities around the world with new capacity coming online in the next few years in Ohio and the EU. Mentioning the CHIPS Act in his presentation in The US and Europe as part of a public private partnership, no doubt, he's going to need all the help he can get. Now, we couldn't resist the chart on the left here shows wafer starts and transistor capacity growth. For Intel, overtime speaks to its volume aspirations. But we couldn't help notice that the shape of the curve is somewhat misleading because it shows a two-year (mumbles) and then widens the aperture to three years to make the curve look steeper. Fun with numbers. Okay, maybe a little nitpick, but these are some of the telling nuggets we pulled from the investor day, and they're important. Another nitpick is in our view, wafers would be a better measure of volume than transistors. It's like a company saying we shipped 20% more exabytes or MIPS this year than last year. Of course you did, and your revenue shrank. Anyway, Pat went through a detailed analysis of the various Intel businesses and promised mid to high double digit growth by 2026, half of which will come from Intel's traditional PC they center in network edge businesses and the rest from advanced graphics HPC, Mobileye and Foundry. Okay, that sounds pretty good. But it has to be taken into context that the balance of the semiconductor industry, yeah, this would be a pretty competitive growth rate, in our view, especially for a 70 plus billion dollar company. So kudos to Pat for sticking his neck out on this one. But again, the promise is several years away, at least four years away. Now we want to focus on Foundry because that's the only way Intel is going to get back into the volume game and the volume necessary for the company to compete. Pat built this slide showing the baby blue for today's Foundry business just under a billion dollars and adding in another $1.5 billion for Tower Semiconductor, the Israeli firm that it just acquired. So a few billion dollars in the near term future for the Foundry business. And then by 2026, this really fuzzy blue bar. Now remember, TSM is the new volume leader, and is a $50 billion company growing. So there's definitely a market there that it can go after. And adding in ARM processors to the mix, and, you know, opening up and partnering with the ecosystems out there can only help volume if Intel can win that business, which you know, it should be able to, given the likelihood of long term supply constraints. But we remain skeptical. This is another chart Pat showed, which makes the case that Foundry and IDM 2.0 will allow expensive assets to have a longer useful life. Okay, that's cool. It will also solve the cumulative output problem highlighted in the bottom right. We've talked at length about Wright's Law. That is, for every cumulative doubling of units manufactured, cost will fall by a constant percentage. You know, let's say around 15% in semiconductor world, which is vitally important to accommodate next generation chips, which are always more expensive at the start of the cycle. So you need that 15% cost buffer to jump curves and make any money. So let's unpack this a bit. You know, does this chart at the bottom right address our Wright's Law concerns, i.e. that Intel can't take advantage of Wright's Law because it can't double cumulative output fast enough? Now note the decline in wafer starts and then the slight uptick, and then the flattening. It's hard to tell what years we're talking about here. Intel is not going to share the sausage making because it's probably not pretty, But you can see on the bottom left, the flattening of the cumulative output curve in IDM 1.0 otherwise known as the death spiral. Okay, back to the power of Wright's Law. Now, assume for a second that wafer density doesn't grow. It does, but just work with us for a second. Let's say you produce 50 million units per year, just making a number up. That gets you cumulative output to $100 million in, sorry, 100 million units in the second year to take you two years to get to that 100 million. So in other words, it takes two years to lower your manufacturing cost by, let's say, roughly 15%. Now, assuming you can get wafer volumes to be flat, which that chart showed, with good yields, you're at 150 now in year three, 200 in year four, 250 in year five, 300 in year six, now, that's four years before you can take advantage of Wright's Law. You keep going at that flat wafer start, and that simplifying assumption we made at the start and 50 million units a year, and well, you get to the point. You get the point, it's now eight years before you can get the Wright's Law to kick in, and you know, by then you're cooked. But now you can grow the density of transistors on a chip, right? Yes, of course. So let's come back to Moore's Law. The graphic on the left says that all the growth is in the new stuff. Totally agree with that. Huge term that Pat presented. Now he also said that until we exhaust the periodic table of elements, Moore's Law is alive and well, and Intel is the steward of Moore's Law. Okay, that's cool. The chart on the right shows Intel going from 100 billion transistors today to a trillion by 2030. Hold that thought. So Intel is assuming that we'll keep up with Moore's Law, meaning a doubling of transistors every let's say two years, and I believe it. So bring that back to Wright's Law, in the previous chart, it means with IDM 2.0, Intel can get back to enjoying the benefits of Wright's Law every two years, let's say, versus IDM 1.0 where they were failing to keep up. Okay, so Intel is saved, yeah? Well, let's bring into this discussion one of our favorite examples, Apple's M1 ARM-based chip. The M1 Ultra is a new architecture. And you can see the stats here, 114 billion transistors on a five nanometer process and all the other stats. The M1 Ultra has two chips. They're bonded together. And Apple put an interposer between the two chips. An interposer is a pathway that allows electrical signals to pass through it onto another chip. It's a super fast connection. You can see 2.5 terabytes per second. But the brilliance is the two chips act as a single chip. So you don't have to change the software at all. The way Intel's architecture works is it takes two different chips on a substrate, and then each has its own memory. The memory is not shared. Apple shares the memory for the CPU, the NPU, the GPU. All of it is shared, meaning it needs no change in software unlike Intel. Now Intel is working on a new architecture, but Apple and others are way ahead. Now let's make this really straightforward. The original Apple M1 had 16 billion transistors per chip. And you could see in that diagram, the recently launched M1 Ultra has $114 billion per chip. Now if you take into account the size of the chips, which are increasing, and the increase in the number of transistors per chip, that transistor density, that's a factor of around 6x growth in transistor density per chip in 18 months. Remember Intel, assuming the results in the two previous charts that we showed, assuming they were achievable, is running at 2x every two years, versus 6x for the competition. And AMD and Nvidia are close to that as well because they can take advantage of TSM's learning curve. So in the previous chart with Moore's Law, alive and well, Intel gets to a trillion transistors by 2030. The Apple ARM and Nvidia ecosystems will arrive at that point years ahead of Intel. That means lower costs and significantly better competitive advantage. Okay, so where does that leave Intel? The story is really not resonating with investors and hasn't for a while. On February 18th, the day after its investor meeting, the stock was off. It's rebound a little bit but investors are, you know, they're probably prudent to wait unless they have really a long term view. And you can see Intel's performance relative to some of the major competitors. You know, Pat talked about five nodes in for years. He made a big deal out of that, and he shared proof points with Alder Lake and Meteor Lake and other nodes, but Intel just delayed granite rapids last month that pushed it out from 2023 to 2024. And it told investors that we're going to have to boost spending to turn this ship around, which is absolutely the case. And that delay in chips I feel like the first disappointment won't be the last. But as we've said many times, it's very difficult, actually, it's impossible to quickly catch up in semiconductors, and Intel will never catch up without volume. So we'll leave you by iterating our scenario that could save Intel, and that's if its Foundry business can eventually win back Apple to supercharge its volume story. It's going to be tough to wrestle that business away from TSM especially as TSM is setting up shop in Arizona, with US manufacturing that's going to placate The US government. But look, maybe the government cuts a deal with Apple, says, hey, maybe we'll back off with the DOJ and FTC and as part of the CHIPS Act, you'll have to throw some business at Intel. Would that be enough when combined with other Foundry opportunities Intel could theoretically produce? Maybe. But from this vantage point, it's very unlikely Intel will gain back its true number one leadership position. If it were really paranoid back when David Floyer sounded the alarm 10 years ago, yeah, that might have made a pretty big difference. But honestly, the best we can hope for is Intel's strategy and execution allows it to get competitive volumes by the end of the decade, and this national treasure survives to fight for its leadership position in the 2030s. Because it would take a miracle for that to happen in the 2020s. Okay, that's it for today. Thanks to David Floyer for his contributions to this research. Always a pleasure working with David. Stephanie Chan helps me do much of the background research for "Breaking Analysis," and works with our CUBE editorial team. Kristen Martin and Cheryl Knight to get the word out. And thanks to SiliconANGLE's editor in chief Rob Hof, who comes up with a lot of the great titles that we have for "Breaking Analysis" and gets the word out to the SiliconANGLE audience. Thanks, guys. Great teamwork. Remember, these episodes are all available as podcast wherever you listen. Just search "Breaking Analysis Podcast." You'll want to check out ETR's website @etr.ai. We also publish a full report every week on wikibon.com and siliconangle.com. You could always get in touch with me on email, david.vellante@siliconangle.com or DM me @dvellante, and comment on my LinkedIn posts. This is Dave Vellante for "theCUBE Insights, Powered by ETR." Have a great week. Stay safe, be well, and we'll see you next time. (upbeat music)

in the beginning there were mainframes a highly centralized secure command and control environment open systems brought a spate of innovation innovations that were powered by machines servers storage arrays networks that had to be configured deployed and managed by specialists virtualization that made that simpler but it was still a machine centric world the cloud devops and importantly containers created an inflection point in the industry where no longer do developers have to do a handoff to an infrastructure guru to deploy and often reconfigure systems which could cause other problems containers essentially codified the infrastructure to the point where developers could now be responsible for the full stack with consistency that allows stretching if you will of applications between on-prem to the cloud across clouds and out to the edge kubernetes in particular has enabled organizations to host applications and containers with automation so you can now deploy as many instances of your application as required and communicate between different services used by those applications in a consistent manner manner what this does is enables rolling updates security patches in a run anywhere environment that is changing how organizations build and manage their applications hello and welcome to this cube conversation and preview to kubecon cloud nativecon north america 2021 i'm pleased to welcome my friend and guest stu miniman director of market insights for cloud platforms at red hat stu man great to see you so good to see you dave thanks for having me you're very welcome so you heard my little spiel up front a little narrative what are the big trends that you're seeing that you're watching that you think people should know about they're important yeah well well dave i'm so glad you started out talking about the application because dave i mean you know my background your background very much too is started in infrastructure and for so long we talked about well let's dig different increments that we talk about the infrastructure but there was that huge divide between the people that run the infrastructure and the people that build and own the applications and when agile and devops came out we talked about not throwing things over the wall but when we look at containers and kubernetes really what it is is an application to build our application to modernize our application to run our application as you said they they have to be more that that right once go anywhere has been something we've wanted for a while and from a developer viewpoint i haven't wanted to think about the infrastructure so we want to enable that we want developers to be able to do their thing what we've done at red hat is try to have that consistency in every environment because kubernetes is only a single a very thin layer there's lots that needs to be done on top of that but one of the biggest trends is from an application standpoint the same thing that we've seen in other environments dave when you say okay well what apps did you have well you know it's great to say i have the cool micro service new stuff but what about older applications what about modernizing things can i lift things over can i have a broader spectrum of applications and yes that's where we are with kubernetes we don't just have stateless applications that are you know written in this new modern way we have a broad spectrum and there's another word that i really keyed off of in your intro talking about automation dave if you talk about scale and you talk about automation that's what container was built for if you look at what you know the the predecessor kubernetes was borg at google and if you think about just building things at scale and building things for with automation at their core that's what we've done and that's where this ecosystem is building towards so not saying everybody needs to be google but when you start talking about ai applications when you start talking about different ways to really have automation built into your environment this is where containers and kubernetes really shines because you know that's where we've really gone beyond human scale dave and we've gone to that machine scale so we need to make sure not just to remove humans to remove errors but to be able to have that agility and flexibility and scale which is what offers in this space so all the cool kids of course they want to develop in the cloud but i feel like for every app that's developed in the cloud there's like 10 on prem that are screaming to be modernized and we have a we have a chart on this but so what kind of applications are you seeing going in to containers and kubernetes yeah so so two two charts here for the survey we actually did for kubecon europe leading up to it the one on the left talks about the data is it stateless applications is it stateful applications well what do you know dave it's a mix of both of those right you'll remember dave in the virtualization days it took us about a decade to solve those storage and networking things how do we make sure that things really run at the virtual machine layer how do we have things like moving all over the place and still not break the connection that we had there that was a lot of hard work that we as an industry did well you know here we are six seven years into kubernetes we've solved a lot of those same issues so storage and networking work much better today in kubernetes environments than it did in the early days it started out oh stateless applications but if you look at the data on the second side what kind of applications are there the answer dave is yes you want your cool new modern databases absolutely ai and ml absolutely uh you know through kind of your isv you know more traditional applications the the answer is yes so customers are doing a whole lot of it when i'm meeting with customers one of the first questions we always have dave we've worked on silo busting for for many decades in this industry but if you talk to the infrastructure team and you ask them well what apps are you putting on there if they don't have a good answer the first thing we do is hey you really need to get the developers in the room you really need to understand this because if you stand up a platform just because kubernetes is cool and it's great it helps you build your resume you're not going to have success down the road you want to make sure they're involved up front understand what the requirements so you know kubernetes uh that one of the joke is you know containers and kubernetes add some magic and you know yippee you win it's like well there's a little bit more to that uh to actually have it work you mentioned it took decade plus to actually you know kind of work it out in the virtualization days i mean you remember the api you know stuff and we have the scars from their revenues right exactly but it's interesting when i look at this chart that you know because like you said it started off it's kind of stateless database yes all kinds of applications but database is number one and so you've got a lot of stateful applications enterprise apps security sensitive i mean everything's security sensitive today but hyper security sensitive so do you feel like that time frame relative to you know two decades ago is going to be compressed yes it seems like it's compressing quite rapidly absolutely the cncf always puts out a survey around the event as to where adoption is it's a little bit of a self-selecting for the community but containers and kubernetes broad adoption we've really not only crossed the chasm we're into the you know solid majority of of adoption here and yeah the the databases i mean dave you've covered things like the postgres uh world uh companies like crunchy data uh and some of these modern databases are really built for this type of environment and as you said they shouldn't have to think as much about okay i'm in a cloud or i'm in a different cloud this containerized platform that for applications can live in a lot of different places and that goes to kind of what we're seeing changing in the in the infrastructure world uh over the last couple years i'm glad to mention that a database i was interviewing josh uh at the postgres event and he was explaining to me how far kubernetes has actually come and and how much you know more trustworthy it is today still still some gaps but much different than even two or three years ago yeah i guess one of the highlights interesting at the kubecon europe uh there was the general availability of both the pipelines project and the get ops project it was it's argo cd is the project for for get ops and when that went ga for red hat we actually have that built into openshift at ga and not only was it ready to go we actually had a few customers that were ready to say hey we're using this and we're using the production so we had xa insurance one of the largest payers in the globe and the largest bank in turkey uh were two of the ones that we had saying hey we're using this for the audience if you're not familiar with git ops it's everything we use github as the repository of records so that this is kind of if you think about the old days we had the gold cd or the gold server well we do that for our entire stack that whole infrastructure's code that we've been talking about so many years but it will manage that for us so i patch it at the github level and it will enforce what i have in my environment so if somebody oh wait let me make a change no it's constantly validating things at github so it keeps it rather regimented so we've had uh as i mentioned a couple of customers we've seen a lot of interest in the public sector space because of course dave they're very concerned around security and patching and access and we want to keep that least access necessary so if we can keep that at the github level that's one of the things that will help your environment it really ties into the whole kind of git ops ai ops modern environment so it really ties all of it together as to kind of the the culture of the application and the infrastructure so your files your config files your policies same api same console that is how you get the scale yeah absolutely it's we we don't want the people to have to manage that as much you can let them focus on where they're going to add value to the business so let's talk about cloud cloud the definition of cloud is changing the cloud is expanding it's going on-prem there's hybrid connections to to a cloud or multiple clouds across clouds now as seems to be becoming more real we could talk about that and then maybe eventually out to the edge they're all real in their own right but how much is actually being connected together is something that i'm interested in but what are you seeing there what role is kubernetes playing yeah so first you talked about where applications live the latest data i've seen from kind of the the industry watchers is what are we dave 20 25 of applications are in the cloud that means there's a lot still in the data center if i look at open shift customers yes do we have a lot of them in the data center but then they are also using the public cloud so we have deep partnerships with amazon and azure to do public services in the cloud and our value is we give consistency across all of those environments so are using data center yes most customers still have data center do you have one or more clouds absolutely you know i used to love the andy jassy line um you know multi-cloud doesn't mean that you spread evenly across all the clouds most customers i talk to they have a primary provider that they partner with but things change over time we've seen plenty of customers go two or three years in and say well i have a strategic initiative sometimes they make an acquisition and they'll do another cloud or you know there's lots of factors why i might be doing more than one cloud there's certain industries where basically you have to have relationships with multiple vendors or there's there's regulations that you need to be concerned about so the answer is yes what we've been talking about more than a decade at red hat is open hybrid cloud and what does that mean today you might have not have planned it out but you're hybrid today and what are you going to be in the next decade you're going to be even more hybrid so edge if we talk about it everyone is talking about one of the biggest trends here is how does kubernetes go out to the edge even more that consistency message that i talked about where does openshift live openshift lives anywhere that red hat enterprise linux lives so rel am i going to have linux out of these small environments without a lot of resources what else are you going to have other than linux that's going to be the foundation of what you have so if i can have management and consistency that push out to all of those environments and we've been building out a portfolio something that you'll see us talking about more at kubecon in la is single node openshift so this is a really small footprint openshift but still have the consistency to work across all these environments and we've had different footprints basically to be able to do edge and remote offices whether you're talking from a service provider out to a full customer premise data center but there's there's a lot going on in the edge space we actually have we already have a public use case with verizon who's doing some of the ai use cases i'm sure you can picture with verizon being such a large telco the touch points that they have not only at the service provider but to their customer environments and openshift is the platform for enabling that innovation i mean if i had a big application portfolio on-prem you know legacy company with you know 100-year history obviously i'm going to be doing some stuff in the cloud i would be building some kind of abstraction layer that would could obviously modernize my on-premise state i would want to i would probably start with amazon i'd want to take advantage of aws cloud native tooling but i would absolutely be doing the same thing in azure and google and i would want to build my own cloud right and and and service my customers or or my company have people log into that cloud hide the underlying complexity of the technology and just simplify everything up level it and build a stack around that and probably build it on on openshift why not and of course kubernetes but there are alternatives there's there's eks anywhere for example which presumably is a competitor what do you how is that impacting the marketplace yeah so so dave as you said everybody is kind of extending beyond where they live so microsoft azure has their arc offering google has anthos and amazon was the last one i mean dave you'll remember this when we talked about hybrid and multi-cloud for a bunch of years it was like amazon doesn't talk about hybrid or multi-cloud and you know back when i sat on the analyst side i was like well you can't talk about hybrid and multi-cloud without talking about amazon so they've now uh eks anywhere something they announced back at re invent it just went generally available recently and so they have a distribution of kubernetes that you can use on your own so you could have completely disconnected in your data center running only on vmware is the only way that they support it today and they have in beta there's something called an eks connector so if you want it to be managed from the cloud and have someone more of that consistency they have the way to do that they've had eks which is their kubernetes service in amazon for a bunch of years but as a friend of the program corey quinn says there's actually 17 different ways to run containers in amazon today that's supported by amazon and you laugh at it but you know dave it's it's no different you know remember the storage world okay how many different storage products did emc have do you know how many compute and storage products amazon have they have a lot growing so one of those offerings that they have natively in the console is red hat openshift service for aws so is eksd a competitor well if you're an amazon customer and you want everything amazon and you want to use their environment in a hybrid environment yes you can do that part of the strategy for amazon is outpost we've got on our roadmap to be able to support openshift on outposts so you know we look at our our positioning is we are much more than kubernetes if you talk about the stack of tooling that we build on top of it we've done a real lot to make sure that developers have the tooling that they need from an amazon environment it's just the kubernetes piece it's a in the cloud it's a managed control plane in your own data center it's here's a kubernetes distribution good luck with it if you want monitoring and observability if you want more security if you want all these other pieces you need to build them on top of that as opposed to openshift gives you a full application development platform you know forrester wave we were you know far and away the top and to the right on on that uh spectrum with the leading position for both developers and operators so you know great to see amazon you know i i i hate to say they're like validating something that we do but look everybody's going to do it's true this is true i know that's the marketing line but and and i hate to do the the marketing line but um it's you will you see everyone rolls out their pieces and you say what is the game that they are playing it's amazon wants you to consume as much of their services as you can from a red hat standpoint it's well everywhere that rel can go we can go so openshift can live a lot of places we are going to give you the best experience in your data center in amazon in azure in google in your hosted in the edge we're going to work in all of those environments and we've got years of experience with thousands of production employments like in the data center eks anywhere sitting on top of vsphere as far as i know we have at red hat the most production kubernetes deployments on vmware are openshift actually at vmworld i'll be talking about i'm i'm on a panel talking about openshift on vsphere with vmware so long deep partnership that we've had there no one can speak to the breadth and depth of uh what we've done there uh what's the little line amazon always says there's no compression algorithm for experience well i like it okay but that's why i like your edge strategy because i've said many times the edge is going to be won by developers it's not going to be won by taking a you know x86 box throwing it over the fence and saying okay we got edge and i think you know that's tongue-in-cheek i think that the traditional enterprise hardware vendors are understanding that but they're not in a great position with developers you know maybe cisco a little bit with devnet but generally speaking you know vmware obviously uh it always has been struggling the edge is you know the challenge with the edge is you always have to look through it as to what your perspective is so we have a long and deep relationship with a lot of the telecommunications providers uh people will disparage openstack some but that's actually the solutions that we've sold the most into are network function virtualization for the telco and a lot of them have followed what they worked with us on openstack and continued that into openshift and verizon being one of those proof points you've seen my etr data and i tell you openstack keeps popping up and when you dig into it it's oh that's telco there may not be maybe there's not a region there and it's telcos developing their own cloud essentially and you know they're monetizing it so let's talk about um a cncf the ecosystem uh it's we have another slide on this if you guys wouldn't mind bringing it up i mean it's a complicated matter right you got here's the picture i mean it's like you can't read it because there's just so many people that wants to stop this from becoming you know kind of openstack too yeah that's a great question so chris wright our cto i thought really boiled it down really well one of the big problems with openstack is we were building a complete stack so when they said oh there's all these projects it's like okay well we're going to create a big tent and under that big tent you have to have all of these pieces and they all need to work together and while they were modular projects i needed to have that full stack validated and managing and maintaining that was a nightmare what is the cncf landscape it is you know what doesn't hundred more projects that are independent of what they had so yes kubernetes is the one that gets the most attention but takes something like service mesh service mesh has been around for a few years it's hot we're still early on the adoption trend service mesh works with kubernetes but it isn't limited to kubernetes it's one of those venn diagram it works with it but you can also work with my virtual environment it works in other places and that's true of a lot of these projects often they are complementary to kubernetes but i can adopt them standalone so the challenge is it is that paradox of choice when you go out there there are some people that want to go to the grocery store and buy all of their various pieces and put it all together well other people will come to us and say hey i just want my developers to get working i don't want them to spend all their time fighting over what they had and at red hat we say great we're going to have an opinionated platform and if you come down later and say oh there's a piece of it i don't want to use or i have some other tool i can have its batters are included they're optional and they're swappable so that's what's nice in this developer environment so you know we also work with you know companies like hashicorp a lot of our customers use vault for their secrets uh you know git lab is is another pure var in this industry that have a lot of developer tools they're not a kubernetes provider they usually sit higher up in the stack than we do so there's a lot of players there's a lot of room for activity and innovation yes we've seen a cambrian explosion of projects there and there has been some consolidation that's part of the job of the cncf is in the observability world they took uh i can't remember there were two projects that were kind of similar and they got them in a room and got them to agree to put them into a single project and put those together so we do see some consolidation over time but there's still room for a lot of growth standards are good but so is optionality i think is your point there so the event is october 11th to the 15th it's actually an in-person event you're planning on being there so i i am it's it's hybrid i know a lot of people will be online the other thing i'd point out there are a lot of day zero events so these are really awesome there's a git ops day there's security day there's so many different pieces i'll actually be for the day zero i'll be emceeing the openshift commons where we get a bunch of end users to just tell their stories projects they're working on deployments that they have have some good partner ecosystem discussion there it's usually a lot of fun we hope a bunch of people come to those in purses and then you know the day itself uh the the three days of the show itself are always hopping and lots of learning to be done uh whether you're there in person or online fantastic so i'm glad you pointed out it is a hybrid event that's kind of the nature of these things these days and i think we'll be for for some time i think potentially indefinitely i think people are realizing hey you know what as much of a pain in the neck as virtual events are we can reach a lot more people and it's a good on-demand experience so have at it stu thanks so much for for coming into the cube studios we miss you glad to see you're thriving and uh good luck at the show and uh we'll see you around the block thanks dave i know i'll be seeing john on the cube there too absolutely okay thanks for watching everybody this is dave vellante we'll see you next time you

>> Jeff: Hello, everybody, and thank you for joining us today for the virtual Vertica BDC 2020. Today's breakout session is entitled "A Deep Dive "into the Vertica Mangement Console Enhancements and Roadmap." I'm Jeff Healey of Vertica Marketing. I'll be your host for this breakout session. Joining me are Bhavik Gandhi and Natalia Stavisky from Vertica engineering. But before we begin, I encourage you to submit questions or comments during the virtual session. You don't have to wait, just type your question or comment in the question box below the slides and click submit. There will be a Q and A session at the end of the presentation. We'll answer as many questions as we're able to during that time. Any questions we don't address, we'll do our best to answer them offline. Alternatively visit Vertica Forums at forum.vertica.com. Post your question there after the session. Our engineering team is planning to join the forums to keep the conversation going well after the event. Also, a reminder that you can maximize the screen by clicking the double arrow button in the lower right corner of the slides. And yes, this virtual session is being recorded and will be available to you on demand this week. We'll send you a notification as soon as it's ready. Now let's get started. Over to you, Bhavik. >> Bhavik: All right. So hello, and welcome, everybody doing this presentation of "Deep Dive into the Vertica Management Console Enhancements and Roadmap." Myself, Bhavik, and my team member, Natalia Stavisky, will go over a few useful announcements on Vertica Management Console, discussing a few real scenarios. All right. So today we will go forward with the brief introduction about the Management Console, then we will discuss the benefits of using Management Console by going over a couple of user scenarios for the query taking too long to run and receiving email alerts from Management Console. Then we will go over a few MC features for what we call Eon Mode databases, like provisioning and reviving the Eon Mode databases from MC, managing the subcluster and understanding the Depot. Then we will go over some of the future announcements on MC that we are planning. All right, so let's get started. All right. So, do you want to know about how to provision a new Vertica cluster from MC? How to analyze and understand a database workload by monitoring the queries on the database? How do you balance the resource pools and use alerts and thresholds on MC? So, the Management Console is basically our answer and we'll talk about its capabilities and new announcements in this presentation. So just to give a brief overview of the Management Console, who uses Management Console, it's generally used by IT administrators and DB admins. Management Console can be used to monitor both Eon Mode and Enterprise Mode databases. Why to use Management Console? You can use Management Console for provisioning Vertica databases and cluster. You can manage the already existing Vertica databases and cluster you have, and you can use various tools on Management Console like query execution, Database Designer, Workload Analyzer, and set up alerts and thresholds to get notified by some of your activities on the MC. So let's go over a few benefits of using Management Console. Okay. So using Management Console, you can view and optimize resource pool usage. Management Console helps you to identify some critical conditions on your Vertica cluster. Additionally, you can set up various thresholds thresholds in MC and get other data if those thresholds are triggered on the database. So now let's dig into the couple of scenarios. So for the first scenario, we will discuss about queries taking too long and using workload analyzer to possibly help to solve the problem. In the second scenario, we will go over alert email that you received from your Management Console and analyzing the problem and taking required actions to solve the problem. So let's go over the scenario where queries are taking too long to run. So in this example, we have this one query that we are running using the query execution on MC. And for some reason we notice that it's taking about 14.8 seconds seconds to execute this query, which is higher than the expected run time of the query. The query that we are running happens to be the query used by MC during the extended monitoring. Notice that the table name and the schema name which is ds_requests_issued, and, is the schema used for extended monitoring. Now in 10.0 MC we have redesigned the Workload Analyzer and Recommendations feature to show the recommendations and allow you to execute those recommendations. In our example, we have taken the table name and figured the tuning descriptions to see if there are any tuning recommendations related to this table. As we see over here, there are three tuning recommendations available for that table. So now in 10.0 MC, you can select those recommendations and then run them. So let's run the recommendations. All right. So once recommendations are run successfully, you can go and see all the processed recommendations that you have run previously. Over here we see that there are three recommendations that we had selected earlier have successfully processed. Now we take the same query and run it on the query execution on MC and hey, it's running really faster and we see that it takes only 0.3 seconds to run the query and, which is about like 98% decrease in original runtime of the query. So in this example we saw that using a Workload Analyzer tool on MC you can possibly triage and solve issue for your queries which are taking to long to execute. All right. So now let's go over another user scenario where DB admin's received some alert email messages from MC and would like to understand and analyze the problem. So to know more about what's going on on the database and proactively react to the problems, DB admins using the Management Console can create set of thresholds and get alerted about the conditions on the database if the threshold values is reached and then respond to the problem thereafter. Now as a DB admin, I see some email message notifications from MC and upon checking the emails, I see that there are a couple of email alerts received from MC on my email. So one of the messages that I received was for Query Resource Rejections greater than 5, pool, midpool7. And then around the same time, I received another email from the MC for the Failed Queries greater than 5, and in this case I see there are 80 failed queries. So now let's go on the MC and investigate the problem. So before going into the deep investigation about failures, let's review the threshold settings on MC. So as we see, we have set up the thresholds under the database settings page for failed queries in the last 10 minutes greater than 5 and MC should send an email to the individual if the threshold is triggered. And also we have a threshold set up for queries and resource rejections in the last five minutes for midpool7 set to greater than 5. There are various other thresholds on this page that you can set if you desire to. Now let's go and triage those email alerts about the failed queries and resource rejections that we had received. To analyze the failed queries, let's take a look at the query statistics page on the database Overview page on MC. Let's take a look at the Resource Pools graph and especially for the failed queries for each resource pools. And over to the right under the failed query section, I see about like, in the last 24 hours, there are about 6,000 failed queries for midpool7. And now I switch to view to see the statistics for each user and on this page I see for User MaryLee on the right hand side there are a high number of failed queries in last 24 hours. And to know more about the failed queries for this user, I can click on the graph for this user and get the reasons behind it. So let's click on the graph and see what's going on. And so clicking on this graph, it takes me to the failed queries view on the Query Monitoring page for database, on Database activities tab. And over here, I see there are a high number of failed queries for this user, MaryLee, with the reasons stated as, exceeding high limit. To drill down more and to know more reasons behind it, I can click on the plus icon on the left hand side for each failed queries to get the failure reason for each node on the database. So let's do that. And clicking the plus icon, I see for the two nodes that are listed, over here it says there are insufficient resources like memory and file handles for midpool7. Now let's go and analyze the midpool7 configurations and activities on it. So to do so, I will go over to the Resource Pool Monitoring view and select midpool7. I see the resource allocations for this resource pool is very low. For example, the max memory is just 1MB and the max concurrency is set to 0. Hmm, that's very odd configuration for this resource pool. Also in the bottom right graph for the resource rejections for midpool7, the graph shows very high values for resource rejection. All right. So since we saw some odd configurations and odd resource allocations for midpool7, I would like to see when this resource, when the settings were changed on the resource pools. So to do this, I can preview the audit logs on, are available on the Management Console. So I can go onto the Vertica Audit Logs and see the logs for the resource pool. So I just (mumbles) for the logs and figuring the logs for midpool7. I see on February 17th, the memory and other attributes for midpool7 were modified. So now let's analyze the resource activity for midpool7 around the time when the configurations were changed. So in our case we are using extended monitoring on MC for this database, so we can go back in time and see the statistics over the larger time range for midpool7. So viewing the activities for midpool7 around February 17th, around the time when these configurations were changed, we see a decrease in resource pool usage. Also, on the bottom right, we see the resource rejections for this midpool7 have an increase, linear increase, after the configurations were changed. I can select a point on the graph to get the more details about the resource rejections. Now to analyze the effects of the modifications on midpool7. Let's go over to the Query Monitoring page. All right, I will adjust the time range around the time when the configurations were changed for midpool7 and completed activities queries for user MaryLee. And I see there are no completed queries for this user. Now I'm taking a look at the Failed Queries tab and adjusting the time range around the time when the configurations were changed. I can do so because we are using extended monitoring. So again, adjusting the time, I can see there are high number of failed queries for this user. There about about like 10,000 failed queries for this user after the configurations were changed on this resource pool. So now let's go and modify the settings since we know after the configurations were changed, this user was not able to run the queries. So you can change the resource pool settings of using Management Console's database settings page and under the Resource Pools tab. So selecting the midpool7, I see the same odd configurations for this resource pool that we saw earlier. So now let's go and modify it, the settings. So I will increase the max memory and modify the settings for midpool7 so that it has adequate resources to run the queries for the user. Hit apply on the right hand top to see the settings. Now let's do the validation after we change the resource pool attributes. So let's go over to the same query monitoring page and see if MaryLee user is able to run the queries for midpool7. We see that now, after the configuration, after the change, after we changed the configuration for midpool7, the user can run the queries successfully and the count for Completed Queries has increased after we modified the settings for this midpool7 resource pool. And also viewing the resource pool monitoring page, we can validate that after the new configurations for midpool7 has been applied and also the resource pool usage after the configuration change has increased. And also on the bottom right graph, we can see that the resource rejections for midpool7 has decreased over the time after we modified the settings. And since we are using extended monitoring for this database, I can see that the trend in data for these resource pools, the before and after effects of modifying the settings. So initially when the settings were changed, there were high resource rejections and after we again modified the settings, the resource rejections went down. Right. So now let's go work with the provisioning and reviving the Eon Mode Vertica database cluster using the Management Console on different platform. So Management Console supports provisioning and reviving of Eon Mode databases on various cloud environments like AWS, the Google Cloud Platform, and Pure Storage. So for Google, for provisioning the Vertica Management Console on Google Cloud Platform you can use launch a template. Or on AWS environment you can use the cloud formation templates available for different OS's. Once you have provisioned Vertica Management Console, you can provision the Vertica cluster and databases from MC itself. So you can provision a Vertica cluster, you can select the Create new database button available on the homepage. This will open up the wizard to create a new database and cluster. In this example, we are using we are using the Google Cloud Platform. So the wizard will ask me for varius authentication parameters for the Google Cloud Platform. And if you're on AWS, it'll ask you for the authentication parameters for the AWS environment. And going forward on the Wizard, it'll ask me to select the instance Type. I will select for the new Vertica cluster. And also provide the communal location url for my Eon Mode database and all the other preferences related to the new cluster. Once I have selected all the preferences for my new cluster I can preview the settings and I can hit, if I am, I can hit Create if all looks okay. So if I hit Create, this will create a new, MC will create a new GCP instances because we are on the GCP environment in this example. It will create a cluster on this instance, it'll create a Vertica Eon Mode Database on this cluster. And it will, additionally, you can load the test data on it if you like to. Now let's go over and revive the existing Eon Mode database from the communal location. So you can do it the same using the Management Console by selecting the Revive Eon Mode database button on the homepage. This will again open up the wizard for reviving the Eon Mode database. Again, in this example, since we are using GCP Platform, it will ask me for the Google Cloud storage authentication attributes. And for reviving, it will ask me for the communal location so I can enter the Google Storage bucket and my folder and it will discover all the Eon Mode databases located under this folder. And I can select one of the databases that I would like to revive. And it will ask me for other Vertica preferences and for this video, for this database reviving. And once I enter all the preferences and review all the preferences I can hit Revive the database button on the Wizard. So after I hit Revive database it will create the GCP instances. The number of GCP instances that I created would be seen as the number of hosts on the original Vertica cluster. It will install the Vertica cluster on this data, on this instances and it will revive the database and it will start the database. And after starting the database, it will be imported on the MC so you can start monitoring on it. So in this example, we saw you can provision and revive the Vertica database on the GCP Platform. Additionally, you can use AWS environment to provision and revive. So now since we have the Eon Mode database on MC, Natalia will go over some Eon Mode features on MC like managing subcluster and Depot activity monitoring. Over to you, Natalia. >> Natalia: Okay, thank you. Hello, my name is Natalia Stavisky. I am also a member of Vertica Management Console Team. And I will talk today about the work I did to allow users to manage subclusters using the Management Console, and also the work I did to help users understand what's going on in their Depot in the Vertica Eon Mode database. So let's look at the picture of the subclusters. On the Manage page of Vertica Management Console, you can see here is a page that has blue tabs, and the tab that's active is Subclusters. You can see that there are two subclusters are available in this database. And for each of the subclusters, you can see subcluster properties, whether this is the primary subcluster or secondary. In this case, primary is the default subcluster. It's indicated by a star. You can see what nodes belong to each subcluster. You can see the node state and node statistics. You can also easily add a new subcluster. And we're quickly going to do this. So once you click on the button, you'll launch the wizard that'll take you through the steps. You'll enter the name of the subcluster, indicate whether this is secondary or primary subcluster. I should mention that Vertica recommends having only one primary subcluster. But we have both options here available. You will enter the number of nodes for your subcluster. And once the subcluster has been created, you can manage the subcluster. What other options for managing subcluster we have here? You can scale up an existing subcluster and that's a similar approach, you launch the wizard and (mumbles) nodes. You want to add to your existing subcluster. You can scale down a subcluster. And MC validates requirements for maintaining minimal number of nodes to prevent database shutdown. So if you can not remove any nodes from a subcluster, this option will not be available. You can stop a subcluster. And depending on whether this is a primary subcluster or secondary subcluster, this option may be available or not available. Like in this picture, we can see that for the default subcluster this option is not available. And this is because shutting down the default subcluster will cause the database to shut down as well. You can terminate a subcluster. And again, the MC warns you not to terminate the primary subcluster and validates requirements for maintaining minimal number of nodes to prevent database shutdown. So now we are going to talk a little more about how the MC helps you to understand what's going on in your Depot. So Depot is one of the core of Eon Mode database. And what are the frequently asked questions about the Depot? Is the Depot size sufficient? Are a subset of users putting a high load on the database? What tables are fetched and evicted repeatedly, we call it "re-fetched," in Depot? So here in the Depot Activity Monitoring page, we now have four tabs that allow you to answer those questions. And we'll go a little more in detail through each of them, but I'll just mention what they are for now. At a Glance shows you basic Depot configuration and also shows you query executing. Depot Efficiency, we'll talk more about that and other tabs. Depot Content, that shows you what tables are currently in your Depot. And Depot Pinning allows you to see what pinning policies have been created and to create new pinning policies. Now let's go through a scenario. Monitoring performance of workloads on one subcluster. As you know, Eon Mode database allows you to have multiple subclusters and we'll explore how this feature is useful and how we can use the Management Console to make decisions regarding whether you would like to have multiple subclusters. So here we have, in my setup, a single subcluster called default_subcluster. It has two users that are running queries that are accessing tables, mostly in schema public. So the query started executing and we can see that after fetching tables from Communal, which is the red line, the rest of the time the queries are executing in Depot. The green line is indicating queries running in Depot. The all nodes Depot is about 88% full, a steady flow, and the depot size seems to be sufficient for query executions from Depot only. That's the good case scenario. Now at around 17 :15, user Sherry got an urgent request to generate a report. And at, she started running her queries. We can see that picture is quite different now. The tables Sherry is querying are in a different schema and are much larger. Now we can see multiple lines in different colors. We can see a bunch of fetches and evictions which are indicated by blue and purple bars, and a lot of queries are now spilling into Communal. This is the red and orange lines. Orange line is an indicator of a query running partially in Depot and partially getting fetched from Communal. And the red line is data fetched from Communal storage. Let's click on the, one of the lines. Each data point, each point on the line, it'll take you to the Query Details page where you can see more about what's going on. So this is the page that shows us what queries have been run in this particular time interval which is on top of this page in orange color. So that's about one minute time interval and now we can see user Sherry among the users that are running queries. Sherry's queries involve large tables and are running against a different schema. We can see the clickstream schema in the name of the, in part of the query request. So what is happening, there is not enough Depot space for both the schema that's already in use and the one Sherry needs. As a result, evictions and fetches have started occurring. What other questions we can ask ourself to help us understand what's going on? So how about, what tables are most frequently re-fetched? So for that, we will go to the Depot Efficiency page and look at the middle, the middle chart here. We can see the larger version of this chart if we expand it. So now we have 10 tables listed that are most frequently being re-fetched. We can see that there is a clickstream schema and there are other schemas so all of those tables are being used in the queries, fetched, and then there is not enough space in the Depot, they getting evicted and they get re-fetched again. So what can be done to enable all queries to run in Depot? Option one can be increase the Depot size. So we can do this by running the following queries, which (mumbles) which nodes and storage location and the new Depot size. And I should mention that we can run this query from the Management Console from the query execution page. So this would have helped us to increase the Depot size. What other options do we have, for example, when increasing Depot size is not an option? We can also provision a second subcluster to isolate workloads like Sherry's. So we are going to do this now and we will provision a second subcluster using the Manage page. Here we're creating subcluster for Sherry or for workloads like hers. And we're going to create a (mumbles). So Sherry's subcluster has been created. We can see it here, added to the list of the subclusters. It's a secondary subcluster. Sherry has been instructed to use the new SherrySubcluster for her work. Now let's see what happened. We'll go again at Depot Activity page and we'll look at the At a Glance tab. We can see that around >> 18: 07, Sherry switched to running her queries on SherrySubcluster. On top of this page, you can see subcluster selected. So we currently have two subclusters and I'm looking, what happened to SherrySubcluster once it has been provisioned? So Sherry started using it and the lines after initial fetching from Depot, which was from Communal, which was the red line, after that, all Sherry's queries fit in Depot, which is indicated by green line. Also the Depot is pretty full on those nodes, about 90% full. But the queries are processed efficiently, there is no spilling into Communal. So that's a good case scenario. Let's now go back and take a look at the original subcluster, default subcluster. So on the left portion of the chart we can see multiple lines, that was activity before Sherry switched to her own designated subcluster. At around 18:07, after Sherry switched from the subcluster to using her designated subcluster, there is no, she is no longer using the subcluster, she is not putting a load in it. So the lines after that are turning a green color, which means the queries that are still running in default subcluster are all running in Depot. We can also see that Depot fetches and evictions bars, those purple and blue bars, are no longer showing significant numbers. Also we can check the second chart that shows Communal Storage Access. And we can see that the bars have also dropped, so there is no significant access for Communal Storage. So this problem has been solved. Each of the subclusters are serving queries from Depot and that's our most efficient scenario. Let's also look at the other tabs that we have for Depot monitoring. Let's look at Depot Efficiency tab. It has six charts and I'll go through each one of them quickly. Files Reads by Location gives an indicator of where the majority of query execution took place in Depot or in Communal. Top 10 Re-Fetches into Depot, and imagine the charts earlier in our user case, it shows tables that are most frequently fetched and evicted and then fetched again. These are good candidates to get pinned if increasing Depot size is not an option. Note that both of these charts have an option to select time interval using calendar widget. So you can get the information about the activity that happened during that time interval. Depot Pinning shows what portion of your Depot is pinned, both by byte count and by table count. And the three tables at the bottom show Depot structure. How long tables stay in Depot, we would like tables to be fetched in Depot and stay there for a long time, how often they are accessed, again, the tables in Depot, we would like to see them accessed frequently, and what the size range of tables in Depot. Depot Content. This tab allows us to search for tables that are currently in Depot and also to see stats like table size in Depot. How often tables are accessed and when were they last accessed. And the same information that's available for tables in Depot is also available on projections and partition levels for those tables. Depot Pinning. This tab allows users to see what policies are currently existing and so you can do this by clicking on the first little button and click search. This'll show you all existing policies that are already created. The second option allows you to search for a table and create a policy. You can also use the action column to modify existing policies or delete them. And the third option provides details about most frequently re-fetched tables, including fetch count, total access count, and number of re-fetched bytes. So all this information can help to make decisions regarding pinning specific tables. So that's about it about the Depot. And I should mention that the server team also has a very good presentation on the, webinar, on the Eon Mode database Depot management and subcluster management. that strongly recommend it to attend or download the slide presentation. Let's talk quickly about the Management Console Roadmap, what we are planning to do in the future. So we are going to continue focusing on subcluster management, there is still a lot of things we can do here. Promoting/demoting subclusters. Load balancing across subclusters, scheduling subcluster actions, support for large cluster mode. We'll continue working on Workload Analyzer enhancement recommendation, on backup and restore from the MC. Building custom thresholds, and Eon on HDFS support. Okay, so we are ready now to take any questions you may have now. Thank you.

ladies and gentlemen this is your captain speaking we will soon be taking off on our way to altitude please keep your seatbelts fastened and remain in your seats we will be experiencing turbulence until we are above the clouds ladies and gentlemen we are now cruising at altitude sit back and enjoy the ride [Music] altitude is a community of thought leaders and pioneers cloud architects and enlightened network engineers who have individually and are now collectively leading their own IT teams and the industry on a path to lift cloud networking above the clouds empowering Enterprise IT to architect design and control their own cloud network regardless of the turbulent clouds beneath them it's time to gain altitude ladies and gentlemen Steve Mulaney president and CEO of aviatrix the leader of multi cloud networking [Music] [Applause] all right good morning everybody here in Santa Clara as well as to the what millions of people watching the livestream worldwide welcome to altitude 2020 all right so we've got a fantastic event today really excited about the speakers that we have today and the experts that we have and really excited to get started so one of the things I wanted to just share was this is not a one-time event it's not a one-time thing that we're gonna do sorry for the aviation analogy but you know sherry way aviatrix means female pilot so everything we do as an aviation theme this is a take-off for a movement this isn't an event this is a take-off of a movement a multi-cloud networking movement and community that we're inviting all of you to become part of and-and-and why we're doing that is we want to enable enterprises to rise above the clouds so to speak and build their network architecture regardless of which public cloud they're using whether it's one or more of these public clouds so the good news for today there's lots of good news but this is one good news is we don't have any powerpoint presentations no marketing speak we know that marketing people have their own language we're not using any of that in those sales pitches right so instead what are we doing we're going to have expert panels we've got Simone Rashard Gartner here we've got 10 different network architects cloud architects real practitioners they're going to share their best practices and there are real-world experiences on their journey to the multi cloud so before we start and everybody know what today is in the u.s. it's Super Tuesday I'm not gonna get political but Super Tuesday there was a bigger Super Tuesday that happened 18 months ago and maybe eight six employees know what I'm talking about 18 months ago on a Tuesday every enterprise said I'm gonna go to the cloud and so what that was was the Cambrian explosion for cloud for the price so Frank kibrit you know what a Cambrian explosion is he had to look it up on Google 500 million years ago what happened there was an explosion of life where it went from very simple single-cell organisms to very complex multi-celled organisms guess what happened 18 months ago on a Tuesday I don't really know why but every enterprise like I said all woke up that day and said now I'm really gonna go to cloud and that Cambrian explosion of cloud went meant that I'm moving from very simple single cloud single use case simple environment to a very complex multi cloud complex use case environment and what we're here today is we're gonna go and dress that and how do you handle those those those complexities and when you look at what's happening with customers right now this is a business transformation right people like to talk about transitions this is a transformation and it's actually not just the technology transformation it's a business transformation it started from the CEO and the boards of enterprise customers where they said I have an existential threat to the survival of my company if you look at every industry who they're worried about is not the other 30 year old enterprise what they're worried about is the three year old enterprise that's leveraging cloud that's leveraging AI and that's where they fear that they're going to actually get wiped out right and so because of this existential threat this is CEO lead this is board led this is not technology led it is mandated in the organization's we are going to digitally transform our enterprise because of this existential threat and the movement to cloud is going to enable us to go do that and so IT is now put back in charge if you think back just a few years ago in cloud it was led by DevOps it was led by the applications and it was like I said before their Cambrian explosion is very simple now with this Cambrian explosion and enterprises getting very serious and mission critical they care about visibility they care about control they care about compliance conformance everything governance IT is in charge and and and that's why we're here today to discuss that so what we're going to do today is much of things but we're gonna validate this journey with customers do they see the same thing we're gonna validate the requirements for multi-cloud because honestly I've never met an enterprise that is not going to be multi-cloud many are one cloud today but they all say I need to architect my network for multiple clouds because that's just what the network is there to support the applications and the applications will run and whatever cloud it runs best in and you have to be prepared for that the second thing is is is architecture again with the IT in charge you architecture matters whether it's your career whether it's how you build your house it doesn't matter horrible architecture your life is horrible forever good architecture your life is pretty good so we're gonna talk about architecture and how the most fundamental and critical part of that architecture and that basic infrastructure is the network if you don't get that right nothing works right way more important and compute way more important than storm dense storage network is the foundational element of your infrastructure then we're going to talk about day 2 operations what does that mean well day 1 is one day of your life that's who you wire things up they do and beyond I tell everyone in networking and IT it's every day of your life and if you don't get that right your life is bad forever and so things like operations visibility security things like that how do I get my operations team to be able to handle this in an automated way because it's not just about configuring it in the cloud it's actually about how do I operationalize it and that's a huge benefit that we bring as aviatrix and then the last thing we're going to talk and it's the last panel we have I always say you can't forget about the humans right so all this technology all these things that we're doing it's always enabled by the humans at the end of the day if the humans fight it it won't get deployed and we have a massive skills gap in cloud and we also have a massive skill shortage you have everyone in the world trying to hire cloud network architects right there's just not enough of them going around so at aviatrix as leaders knew we're gonna help address that issue and try to create more people we created a program and we call the ACE program again an aviation theme it stands for aviatrix certified engineer very similar to what Cisco did with CC IES where Cisco taught you about IP networking a little bit of Cisco we're doing the same thing we're gonna teach network architects about multi-cloud networking and architecture and yeah you'll get a little bit of aviatrix training in there but this is the missing element for people's careers and also within their organization so we're gonna we're gonna go talk about that so great great event great show when try to keep it moving I'd next want to introduce my my host he's the best in the business you guys have probably seen him multiple million times he's the co CEO and co-founder of Tube John Fourier okay awesome great great speech they're awesome I totally agree with everything you said about the explosion happening and I'm excited here at the heart of Silicon Valley to have this event it's a special digital event with the cube and aviatrix where we live streaming to millions of people as you said maybe not a million maybe not really take this program to the world this is a little special for me because multi-cloud is the hottest wave and cloud and cloud native networking is fast becoming the key engine of the innovation so we got an hour and a half of action-packed programming we have a customer panel two customer panels before that Gartner is going to come on talk about the industry we have a global system integrators we talk about how they're advising and building these networks and cloud native networking and then finally the Aces the aviatrix certified engineer is gonna talk more about their certifications and the expertise needed so let's jump right in and let's ask someone rashard to come on stage from Gartner we'll check it all up [Applause] [Music] okay so kicking things off certain started gartner the industry experts on cloud really kind of more to your background talk about your background before you got the gardener yeah before because gardener was a chief network architect of a fortune five companies with thousands of sites over the world and I've been doing everything and IT from a C programmer in the 90 to a security architect to a network engineer to finally becoming a network analyst so you rode the wave now you're covering at the marketplace with hybrid cloud and now moving quickly to multi cloud is really I was talking about cloud natives been discussed but the networking piece is super important how do you see that evolving well the way we see Enterprise adapt in cloud first thing you do about networking the initial phases they either go in a very ad hoc way is usually led by non non IT like a shadow whitey or application people or some kind of DevOps team and it's it just goes as it's completely unplanned decreed VP sees left and right with a different account and they create mesh to manage them and their direct connect or Express route to any of them so that's what that's a first approach and on the other side again it within our first approach you see what I call the lift and shift way we see like Enterprise IT trying to basically replicate what they have in a data center in the cloud so they spend a lot of time planning doing Direct Connect putting Cisco routers and f5 and Citrix and any checkpoint Palo Alto divides the data that are sent removing that to that cloud and I ask you the aha moments gonna come up a lot of our panels is where people realize that it's a multi cloud world I mean they either inherit clouds certainly they're using public cloud and on-premises is now more relevant than ever when's that aha moment that you're seeing where people go well I got to get my act together and get on this well the first but even before multi-cloud so these two approach the first one like the adduct way doesn't scale at some point idea has to save them because they don't think about the two they don't think about operations they have a bunch of VPC and multiple clouds the other way that if you do the left and shift wake they cannot take any advantages of the cloud they lose elasticity auto-scaling pay by the drink these feature of agility features so they both realize okay neither of these ways are good so I have to optimize that so I have to have a mix of what I call the cloud native services within each cloud so they start adapting like other AWS constructor is your construct or Google construct then that's I would I call the up optimal phase but even that they they realize after that they are very different all these approaches different the cloud are different identities is completely difficult to manage across clouds I mean for example AWS has accounts there's subscription and in adarand GCP their projects it's a real mess so they realize well I can't really like concentrate used the cloud the cloud product and every cloud that doesn't work so I have I'm doing multi cloud I like to abstract all of that I still wanna manage the cloud from an API to interview I don't necessarily want to bring my incumbent data center products but I have to do that in a more API driven cloud they're not they're not scaling piece and you were mentioning that's because there's too many different clouds yes that's the piece there so what are they doing whether they really building different development teams as its software what's the solution well this the solution is to start architecting the cloud that's the third phase I call that the multi cloud architect phase where they have to think about abstraction that works across cloud fact even across one cloud it might not scale as well if you start having like 10,000 security group in AWS that doesn't scale you have to manage that if you have multiple VPC it doesn't scale you need a third party identity provider so it barely scales within one cloud if you go multiple cloud it gets worse and worse see way in here what's your thoughts I thought we said this wasn't gonna be a sales pitch for aviatrix you just said exactly what we do so anyway I'm just a joke what do you see in terms of where people are in that multi cloud a lot of people you know everyone I talked to started in one cloud right but then they look and they say okay but I'm now gonna move to adjourn I'm gonna move do you see a similar thing well yes they are moving but they're not there's not a lot of application that use a tree cloud at once they move one app in deserve one app in individuals one get happened Google that's what we see so far okay yeah I mean one of the mistakes that people think is they think multi-cloud no one is ever gonna go multi-cloud for arbitrage they're not gonna go and say well today I might go into Azure because I got a better rate of my instance that's never do you agree with that's never going to happen what I've seen with enterprise is I'm gonna put the workload in the app the app decides where it runs best that may be a sure maybe Google and for different reasons and they're gonna stick there and they're not gonna move let me ask you infrastructure has to be able to support from a networking team be able to do that do you agree with that yes I agree and one thing is also very important is connecting to that cloud is kind of the easiest thing so though while I run Network part of the cloud connectivity to the cloud is kind of simple I agree IPSec VP and I reckon Express that's a simple part what's difficult and even a provisioning part is easy you can use terraform and create v pieces and v nets across which we cloud provider right what's difficult is the day-to-day operations so it's what to find a to operations what is that what does that actually mean this is the day-to-day operations after it you know the natural let's add an app let's add a server let's troubleshoot a problem so what so your life something changes how would he do so what's the big concerns I want to just get back to this cloud native networking because everyone kind of knows with cloud native apps are that's been a hot trend what is cloud native networking how do you how do you guys define that because that seems to be the oddest part of the multi-cloud wave that's coming as cloud native networking well there's no you know official garner definition but I can create one on another spot it's do it I just want to leverage the cloud construct and a cloud epi I don't want to have to install like like for example the first version was let's put a virtual router that doesn't even understand and then the cloud environment right if I have if I have to install a virtual machine it has to be cloud aware it has to understand the security group if it's a router it has to be programmable to the cloud API and and understand the cloud environment you know one things I hear a lot from either see Saussure CIOs or CXOs in general is this idea of I'm definitely on going API so it's been an API economy so API is key on that point but then they say okay I need to essentially have the right relationship with my suppliers aka clouds you call it above the clouds so the question is what do i do from an architecture standpoint do I just hire more developers and have different teams because you mentioned that's a scale point how do you solve this this problem of okay I got AWS I got GCP or Azure or whatever do I just have different teams or just expose api's where is that optimization where's the focus well I take what you need from an android point of view is a way a control plane across the three clouds and be able to use the api of the cloud to build networks but also to troubleshoot them and do they to operation so you need a view across a three cloud that takes care of routing connectivity that's you know that's the aviatrix plug of you right there so so how do you see so again your Gartner you you you you see the industry you've been a network architect how do you see this this plane out what are the what are the legacy incumbent client-server on-prem networking people gonna do well these versus people like aviatrix well how do you see that plane out well obviously all the incumbent like Arista cisco juniper NSX right they want to basically do the lift and ship or they want to bring and you know VM I want to bring in a section that cloud they call that NSX everywhere and cisco monks bring you star in the cloud recall that each guy anywhere right so everyone what and and then there's cloud vision for my red star and contrail is in the cloud so they just want to bring the management plain in the cloud but it's still based most of them it's still based on putting a VM them in controlling them right you you extend your management console to the cloud that's not truly cloud native right cloud native you almost have to build it from scratch we like to call that cloud naive clown that close one letter yeah so that was a big con surgeon i reinvent take the tea out of cloud native its cloud naive i went super viral you guys got t-shirts now i know you love it but yeah but that really ultimately is kind of a double-edged sword you got to be you can be naive on the on the architecture side and rolling out but also suppliers are can be naive so how would you define who's naive and who's not well in fact they're evolving as well so for example in cisco you it's a little bit more native than other ones because they're really ACI in the cloud you call you you really like configure api so the cloud and nsx is going that way and so is Arista but they're incumbent they have their own tools it's difficult for them they're moving slowly so it's much easier to start from scratch Avenue like and you know and network happiness started a few years ago there's only really two aviatrix was the first one they've been there for at least three or four years and there's other ones like Al Kyra for example that just started now that doing more connectivity but they want to create an overlay network across the cloud and start doing policies and trying abstracting all the clouds within one platform so I gotta ask you I interviewed an executive at VMware Sanjay Pune and he said to me at RSA last week oh the only b2 networking vendors left Cisco and VMware what's your respect what's your response to that obviously I mean when you have these waves as new brands that emerge like AV X and others though I think there'll be a lot of startups coming out of the woodwork how do you respond to that comment well there's still a data center there's still like a lot of action on campus and there's the one but from the cloud provisioning and clown networking in general I mean they're behind I think you know in fact you don't even need them to start to it you can if you're small enough you can just keep if you're in AWS you can user it with us construct they have to insert themselves I mean they're running behind they're all certainly incumbents I love the term Andy Jesse's that Amazon Web Services uses old guard new guard to talk about the industry what does the new guard have to do the new and new brands that emerge in is it be more DevOps oriented neck Nets a cops is that net ops is the programmability these are some of the key discussions we've been having what's your view on how you see this program their most important part is they have to make the network's simple for the dev teams and from you cannot have that you cannot make a phone call and get it via line in two weeks anymore so if you move to that cloud you have to make the cloud construct as simple enough so that for example a dev team could say okay I'm going to create this VP see but this VP see automatically being your associate to your account you cannot go out on the internet you have to go to the transit VP C so there's a lot of action in terms of the I am part and you have to put the control around them too so to make it as simple as possible you guys both I mean you're the COC aviatrix but also you guys a lot of experience going back to networking going back to I call the OSI mace which for us old folks know that means but you guys know this means I want to ask you the question as you look at the future of networking here a couple of objectives oh the cloud guys they got networking we're all set with them how do you respond to the fact that networking is changing and the cloud guys have their own networking what some of the pain points that's going on premises and these enterprises so are they good with the clouds what needs what are the key things that's going on in networking that makes it more than just the cloud networking what's your take on well I as I said earlier that once you you could easily provision in the cloud you can easily connect to that cloud is when you start troubleshooting application in the cloud and try to scale so this that's where the problem occurs see what you're taking on it and you'll hear from the from the customers that that we have on stage and I think what happens is all the cloud the clouds by definition designed to the 80/20 rule which means they'll design 80% of the basic functionality and they'll lead the 20% extra functionality that of course every enterprise needs they'll leave that to ISVs like aviatrix because why because they have to make money they have a service and they can't have huge instances for functionality that not everybody needs so they have to design to the common and that's they all do it right they have to and then the extra the problem is that can be an explosion that I talked about with enterprises that's holy that's what they need that they're the ones who need that extra 20% so that's that's what I see is is there's always gonna be that extra functionality the in in an automated and simple way that you talked about but yet powerful with up with the visibility and control that they expect of on prep that that's that kind of combination that yin and the yang that people like us are providing some I want to ask you were gonna ask some of the cloud architect customer panels it's the same question this pioneers doing some work here and there's also the laggards who come in behind the early adopters what's gonna be the tipping point what are some of those conversations that the cloud architects are having out there or what's the signs that they need to be on this multi cloud or cloud native networking trend what are some the signals that are going on in their environment what are some of the threshold or things that are going on that there can pay attention to well well once they have application and multiple cloud and they have they get wake up at 2:00 in the morning to troubleshoot them they don't know it's important so I think that's the that's where the robber will hit the road but as I said it's easier to prove it it's okay it's 80s it's easy user transit gateway put a few V pcs and you're done and use create some presents like equinox and do Direct Connect and Express route with Azure that looks simple is the operations that's when they'll realize okay now I need to understand our car networking works I also need a tool that give me visibility and control not button tell me that I need to understand the basic underneath it as well what are some of the day in the life scenarios that you envision happening with multi cloud because you think about what's happening it kind of has that same vibe of interoperability choice multi-vendor because you have multi clouds essentially multi vendor these are kind of old paradigms that we've lived through the client-server and internet working wave what are some of those scenarios of success and that might be possible it would be possible with multi cloud and cloud native networking well I think once you have good enough visibility to satisfy your customers you know not only like to keep the service running an application running but to be able to provision fast enough I think that's what you want to achieve small final question advice for folks watching on the live stream if they're sitting there as a cloud architect or a CXO what's your advice to them right now in this market because honestly public check hybrid cloud they're working on that that gets on-premise is done now multi-class right behind it what's your advice the first thing they should do is really try to understand cloud networking for each of their cloud providers and then understand the limitation and is what their cloud service provider offers enough or you need to look to a third party but you don't look at a third party to start to it especially an incumbent one so it's tempting to say on and I have a bunch of f5 experts nothing against f5 I'm going to bring my five in the cloud when you can use a needle be that automatically understand ease ease and auto-scaling and so on and you understand that's much simpler but sometimes you need you have five because you have requirements you have like AI rules and that kind of stuff that you use for years you cannot do it's okay I have requirement and that net I'm going to use legacy stuff and then you have to start thinking okay what about visibility control about the tree cloud but before you do that you have to understand the limitation of the existing cloud providers so first try to be as native as possible until things don't work after that you can start taking multi-cloud great insight somewhat thank you for coming someone in charge with Gardner thanks for sharing thank you appreciate it [Applause] informatica is known as the leading enterprise cloud data management company we are known for being the top in our industry in at least five different products over the last few years especially we've been transforming into a cloud model which allows us to work better with the trends of our customers in order to see agile and effective in a business you need to make sure that your products and your offerings are just as relevant in all these different clouds than what you're used to and what you're comfortable with one of the most difficult challenges we've always had is that because we're a data company we're talking about data that a customer owns some of that data may be in the cloud some of that data may be on Prem some of them data may be actually in their data center in another region or even another country and having that data connect back to our systems that are located in the cloud has always been a challenge when we first started our engagement with aviatrix we only had one plan that was Amazon it wasn't till later that a jerk came up and all of a sudden we found hey the solution we already had in place for aviatrix already working in Amazon and now works in Missouri as well before we knew it GCP came up but it really wasn't a big deal for us because we already had the same solution in Amazon and integer now just working in GCP by having a multi cloud approach we have access to all three of them but more commonly it's not just one it's actually integrations between multiple we have some data and ensure that we want to integrate with Amazon we have some data in GCP that we want to bring over to a data Lake assure one of the nice things about aviatrix is that it gives a very simple interface that my staff can understand and use and manage literally hundreds of VPNs around the world and while talking to and working with our customers who are literally around the world now that we've been using aviatrix for a couple years we're actually finding that even problems that we didn't realize we had were actually solved even before we came across the problem and it just worked cloud companies as a whole are based on reputation we need to be able to protect our reputation and part of that reputation is being able to protect our customers and being able to protect more importantly our customers data aviatrix has been helpful for us in that we only have one system that can manage this whole huge system in a simple easy direct model aviatrix is directly responsible for helping us secure and manage our customers not only across the world but across multiple clouds users don't have to be VPN or networking experts in order to be able to use the system all the members on my team can manage it all the members regardless of their experience can do different levels of it one of the unexpected two advantages of aviatrix is that I don't have to sell it to my management the fact that we're not in the news at three o'clock in the morning or that we don't have to get calls in the middle of the night no news is good news especially in networking things that used to take weeks to build are done in hours I think the most important thing about a matrix is it provides me consistency aviatrix gives me a consistent model that I can use across multiple regions multiple clouds multiple customers okay welcome back to altitude 2020 for the folks on the livestream I'm John for Steve Mulaney with CEO of aviatrix for our first of two customer panels on cloud with cloud network architects we got Bobby Willoughby they gone Luis Castillo of National Instruments and David should Nick with fact set guys welcome to the stage for this digital event come on up [Music] hey good to see you thank you okay okay customer panelist is my favorite part we get to hear the real scoop we got the gardener giving us the industry overview certainly multi clouds very relevant and cloud native networking is the hot trend with the live stream out there and the digital event so guys let's get into it the journey is you guys are pioneering this journey of multi cloud and cloud native networking and it's soon gonna be a lot more coming so I want to get into the journey what's it been like is it real you got a lot of scar tissue and what are some of the learnings yeah absolutely so multi cloud is whether or not we we accepted as a network engineers is a is a reality like Steve said about two years ago companies really decided to to just to just bite the bullet and and and move there whether or not whether or not we we accept that fact we need to now create a consistent architecture across across multiple clouds and that that is challenging without orchestration layers as you start managing different different tool sets in different languages across different clouds so that's it's really important that to start thinking about that guys on the other panelists here there's different phases of this journey some come at it from a networking perspective some come in from a problem troubleshooting what's what's your experiences yeah so from a networking perspective it's been incredibly exciting it's kind of a once-in-a-generation 'el opportunity to look at how you're building out your network you can start to embrace things like infrastructure as code that maybe your peers on the systems teams have been doing for years but it just never really worked on pram so it's really it's really exciting to look at all the opportunities that we have and then all the interesting challenges that come up that you that you get to tackle an effect said you guys are mostly AWS right yep right now though we are looking at multiple clouds we have production workloads running in multiple clouds today but a lot of the initial work has been with Amazon and you've seen it from a networking perspective that's where you guys are coming at it from yep yeah we evolved more from a customer requirement perspective started out primarily as AWS but as the customer needed more resources to measure like HPC you know as your ad things like that even recently Google at Google Analytics our journey has evolved into mortal multi-cloud environment Steve weigh in on the architecture because this has been the big conversation I want you to lead this second yeah so I mean I think you guys agree the journey you know it seems like the journey started a couple years ago got real serious the need for multi-cloud whether you're there today of course it's gonna be there in the future so that's really important I think the next thing is just architecture I'd love to hear what you you know had some comments about architecture matters it all starts I mean every Enterprise that I talk to maybe talk about architecture and the importance of architecture maybe Bobby it's a particular perspective we sorted a journey five years ago Wow okay and we're just now starting our fourth evolution of our network architect and we'll call it networking security net sec yep adverse adjusters network and that fourth generation or architectures be based primarily upon Palo Alto Networks an aviatrix a matrix doing the orchestration piece of it but that journey came because of the need for simplicity okay I need for multi-cloud orchestration without us having to go and do reprogramming efforts across every cloud as it comes along right I guess the other question I also had around architectures also Louis maybe just talk about I know we've talked a little bit about you know scripting right and some of your thoughts on that yeah absolutely so so for us we started we started creating the network constructs with cloud formation and we've we've stuck with that for the most part what's interesting about that is today on premise we have a lot of a lot of automation around around how we provision networks but cloud formation has become a little bit like the new manual for us so we're now having issues with having to to automate that component and making it consistent with our on-premise architecture making it consistent with Azure architecture and Google cloud so it's really interesting to see to see companies now bring that layer of abstraction that SD when brought to the to the wine side now it's going up into into the into the cloud networking architecture so on the fourth generation of you mentioned you're in the fourth gen architecture what do you guys what have you learned is there any lessons scar tissue what to avoid what worked what was some of the there was a path that's probably the biggest list and there is when you think you finally figured it out you have it right Amazon will change something as you change something you know transit gateways a game changer so in listening to the business requirements is probably the biggest thing we need to do up front but I think from a simplicity perspective like I said we don't want to do things four times we want to do things one time we won't be able to write to an API which aviatrix has and have them do the orchestration for us so that we don't have to do it four times how important is architecture in the progression is it you guys get thrown in the deep end to solve these problems or you guys zooming out and looking at it it's a I mean how are you guys looking at the architecture I mean you can't get off the ground if you don't have the network there so all of those there we've gone through similar evolutions we're on our fourth or fifth evolution I think about what we started off with Amazon without a direct connect gate without a transit Gateway without a lot of the things that are available today kind of the 80/20 that Steve was talking about just because it wasn't there doesn't mean we didn't need it so we needed to figure out a way to do it we couldn't say oh you need to come back to the network team in a year and maybe Amazon will have a solution for it right you need to do it now and in evolve later and maybe optimize or change the way you're doing things in the future but don't sit around and wait you can I'd love to have you guys each individually answer this question for the live stream because it comes up a lot a lot of cloud architects out in the community what should they be thinking about the folks that are coming into this proactively and/or realizing the business benefits are there what advice would you guys give them an architecture what should be they be thinking about and what are some guiding principles you could share so I would start with looking at an architecture model that that can that can spread and and give consistency they're different to different cloud vendors that you will absolutely have to support cloud vendors tend to want to pull you into using their native toolset and that's good if only it was realistic to talk about only one cloud but because it doesn't it's it's it's super important to talk about and have a conversation with the business and with your technology teams about a consistent model so that's the David yeah talking as earlier about day two operations so how do I design how do I do my day one work so that I'm not you know spending eighty percent of my time troubleshooting or managing my network because I'm doing that then I'm missing out on ways that I can make improvements or embrace new technologies so it's really important early on to figure out how do I make this as low maintenance as possible so that I can focus on the things that the team really should be focusing on Bobby your advice the architect I don't know what else I can do that simplicity of operations is key alright so the holistic view of day to operation you mentioned let's can jump in day one is your your your getting stuff set up day two is your life after all right this is kinda what you're getting at David so what does that look like what are you envisioning as you look at that 20 mile stair out post multi-cloud world what are some of the things that you want in a day to operations yeah infrastructure is code is really important to us so how do we how do we design it so that we can fit start making network changes and fitting them into like a release pipeline and start looking at it like that rather than somebody logging into a router CLI and troubleshooting things on in an ad hoc nature so moving more towards the DevOps model is anything on that day - yeah I would love to add something so in terms of day 2 operations you can you can either sort of ignore the day 2 operations for a little while where you get well you get your feet wet or you can start approaching it from the beginning the fact is that the the cloud native tools don't have a lot of maturity in that space and when you run into an issue you're gonna end up having a bad day going through millions and millions of logs just to try to understand what's going on so that's something that that the industry just now is beginning to realize it's it's such a such a big gap I think that's key because for us we're moving to more of an event-driven or operations in the past monitoring got the job done it's impossible to modern monitor something there's nothing there when the event happens all right so the event-driven application and then detect is important yeah I think garden was all about the cloud native wave coming into networking that's gonna be a serious thing I want to get you guys perspectives I know you have different views of how you come into the journey and how you're executing and I always say the beauties in the eye of the beholder and that kind of applies how the networks laid out so Bobby you guys do a lot of high-performance encryption both on AWS and Azure that's kind of a unique thing for you how are you seeing that impact with multi cloud yeah and that's a new requirement for us to where we we have an intern crypt and they they ever get the question should I encryption and I'll encrypt the answer is always yes you should encrypt when you can encrypt for our perspective we we need to migrate a bunch of data from our data centers we have some huge data centers and then getting that data to the cloud is the timely experiencing some cases so we have been mandated that we have to encrypt everything leaving the data center so we're looking at using the aviatrix insane mode appliances to be able to encrypt you know 10 20 gigabits of data as it moves to the cloud itself David you're using terraform you got fire Ned you've got a lot of complexity in your network what do you guys look at the future for yours environment yeah so something exciting that or yeah now is fire net so for our security team they obviously have a lot of a lot of knowledge base around Palo Alto and with our commitments to our clients you know it's it's it's not very easy to shift your security model to a specific cloud vendor right so there's a lot of stuck to compliance of things like that where being able to take some of what you've you know you've worked on for years on Bram and put it in the cloud and have the same type of assurance that things are gonna work and be secure in the same way that they are on prem helps make that journey into the cloud a lot easier and Louis you guys got scripting and get a lot of things going on what's your what's your unique angle on this yeah no absolutely so full disclosure I'm not a not not an aviatrix customer yet it's ok we want to hear the truth that's good Ellis what are you thinking about what's on your mind no really when you when you talk about implementing the tool like this it's really just really important to talk about automation and focus on on value so when you talk about things like and things like so yeah encrypting tunnels and encrypting the paths and those things are it should it should should be second nature really when you when you look at building those backends and managing them with your team it becomes really painful so tools like aviatrix that that add a lot of automation it's out of out of sight out of mind you can focus on the value and you don't have to focus on so I gotta ask you guys I see AV traces here they're they're a supplier to the sector but you guys are customers everyone's pitching you stuff people are not gonna buy my stuff how do you guys have that conversation with the suppliers like the cloud vendors and other folks what's the what's it like where API all the way you got to support this what are some of the what are some of your requirements how do you talk to and evaluate people that walk in and want to knock on your door and pitch you something what's the conversation like um it's definitely it's definitely API driven we we definitely look at the at that the API structure of the vendors provide before we select anything that that is always first in mind and also what a problem are we really trying to solve usually people try to sell or try to give us something that isn't really valuable like implementing a solution on the on the on the cloud isn't really it doesn't really add a lot of value that's where we go David what's your conversation like with suppliers you have a certain new way to do things as as becomes more agile and essentially the networking become more dynamic what are some of the conversation is with the either incumbents or new new vendors that you're having what it what do you require yeah so ease of use is definitely definitely high up there we've had some vendors come in and say you know hey you know when you go to set this up we're gonna want to send somebody on site and they're gonna sit with you for your day to configure it and that's kind of a red flag what wait a minute you know do we really if one of my really talented engineers can't figure it out on his own what's going on there and why is that so you know having having some ease-of-use and the team being comfortable with it and understanding it is really important Bobby how about you I mean the old days was do a bake-off and you know the winner takes all I mean is it like that anymore what's the Volvic bake-off last year first you win so but that's different now because now when you you get the product you can install the product in AWS energy or have it up and running a matter of minutes and so the key is is they can you be operational you know within hours or days instead of weeks but but do we also have the flexibility to customize it to meet your needs could you want to be you won't be put into a box with the other customers we have needs that surpass their cut their needs yeah I almost see the challenge that you guys are living where you've got the cloud immediate value to make an roll-up any solutions but then you have might have other needs so you've got to be careful not to buy into stuff that's not shipping so you're trying to be proactive at the same time deal with what you got I mean how do you guys see that evolving because multi-cloud to me is definitely relevant but it's not yet clear how to implement across how do you guys look at this baked versus you know future solutions coming how do you balance that so again so right now we we're we're taking the the ad hoc approach and and experimenting with the different concepts of cloud and really leveraging the the native constructs of each cloud but but there's a there's a breaking point for sure you don't you don't get to scale this I like like Simone said and you have to focus on being able to deliver a developer they're their sandbox or their play area for the for the things that they're trying to build quickly and the only way to do that is with the with with some sort of consistent orchestration layer that allows you to so you've got a lot more stuff to be coming pretty quickly IDEs area I do expect things to start to start maturing quite quite quickly this year and you guys see similar trend new stuff coming fast yeah part of the biggest challenge we've got now is being able to segment within the network being able to provide segmentation between production on production workloads even businesses because we support many businesses worldwide and and isolation between those is a key criteria there so the ability to identify and quickly isolate those workloads is key so the CIOs that are watching or that are saying hey take that he'll do multi cloud and then you know the bottoms up organization think pause you're kind of like off a little bit it's not how it works I mean what is the reality in terms of implementing you know and as fast as possible because the business benefits are clear but it's not always clear in the technology how to move that fast yeah what are some of the barriers one of the blockers what are the enabler I think the reality is is that you may not think you're multi-cloud but your business is right so I think the biggest barriers there is understanding what the requirements are and how best to meet those requirements in a secure manner because you need to make sure that things are working from a latency perspective that things work the way they did and get out of the mind shift that you know it was a cheery application in the data center it doesn't have to be a Tier three application in the cloud so lift and shift is is not the way to go scale is a big part of what I see is the competitive advantage to allow these clouds and used to be proprietary network stacks in the old days and then open systems came that was a good thing but as clouds become bigger there's kind of an inherent lock in there with the scale how do you guys keep the choice open how're you guys thinking about interoperability what are some of the conversations and you guys are having around those key concepts well when we look at when we look at the moment from a networking perspective it it's really key for you to just enable enable all the all the clouds to be to be able to communicate between them developers will will find a way to use the cloud that best suits their their business team and and like like you said it's whether whether you're in denial or not of the multi cloud fact that your company is in already that's it becomes really important for you to move quickly yeah and a lot of it also hinges on how well is the provider embracing what that specific cloud is doing so are they are they swimming with Amazon or sure and just helping facilitate things they're doing the you know the heavy lifting API work for you or they swimming upstream and they're trying to hack it all together in a messy way and so that helps you you know stay out of the lock-in because they're you know if they're doing if they're using Amazon native tools to help you get where you need to be it's not like Amazon's gonna release something in the future that completely you know makes you have designed yourself into a corner so the closer they're more cloud native they are the more the easier it is to to deploy but you also need to be aligned in such a way that you can take advantage of those cloud native technologies will it make sense tgw is a game-changer in terms of cost and performance right so to completely ignore that would be wrong but you know if you needed to have encryption you know teach Adobe's not encrypted so you need to have some type of a gateway to do the VPN encryption you know so the aviatrix tool give you the beauty of both worlds you can use tgw with a gateway Wow real quick in the last minute we have I want to just get a quick feedback from you guys I hear a lot of people say to me hey the I picked the best cloud for the workload you got and then figure out multi cloud behind the scenes so that seems to be do you guys agree with that I mean is it do I go Mull one cloud across the whole company or this workload works great on AWS that work was great on this from a cloud standpoint do you agree with that premise and then wit is multi clouds did you mall together yeah from from an application perspective it it can be per workload but it can also be an economical decision certain enterprise contracts will will pull you in one direction that add value but the the network problem is still the same doesn't go away yeah yeah I mean you don't want to be trying to fit a square into a round hall right so if it works better on that cloud provider then it's our job to make sure that that service is there and people can use it agree you just need to stay ahead of the game make sure that the network infrastructure is there secure is available and is multi cloud capable yeah I'm at the end of the day you guys just validating that it's the networking game now how cloud storage compute check networking is where the action is awesome thanks for your insights guys appreciate you coming on the panel appreciate thanks thank you [Applause] [Music] [Applause] okay welcome back on the live feed I'm John fritz T Blaney my co-host with aviatrix I'm with the cube for the special digital event our next customer panel got great another set of cloud network architects Justin Smith was aura Justin broadly with Ellie Mae and Amit Oh tree job with Cooper welcome to stage [Applause] all right thank you thank you oK you've got all the cliff notes from the last session welcome rinse and repeat yeah yeah we're going to go under the hood a little bit I think they nailed the what we've been reporting and we've been having this conversation around networking is where the action is because that's the end of the day you got a move a pack from A to B and you get workloads exchanging data so it's really killer so let's get started Amit what are you seeing as the journey of multi cloud as you go under the hood and say okay I got to implement this I have to engineer the network make it enabling make it programmable make it interoperable across clouds I mean that's like I mean almost sounds impossible to me what's your take yeah I mean it's it seems impossible but if you are running an organization which is running infrastructure as a cordon all right it is easily doable like you can use tools out there that's available today you can use third-party products that can do a better job but but put your architecture first don't wait architecture may not be perfect put the best architecture that's available today and be agile to ET rate and make improvements over the time we got to Justin's over here so I have to be careful when I point a question adjusting they both have to answer okay journeys what's the journey been like I mean is there phases we heard that from Gardner people come into multi cloud and cloud native networking from different perspectives what's your take on the journey Justin yeah I mean from Mars like - we started out very much focused on one cloud and as we started doing errands we started doing new products the market the need for multi cloud comes very apparent very quickly for us and so you know having an architecture that we can plug in play into and be able to add and change things as it changes is super important for what we're doing in the space just in your journey yes for us we were very ad hoc oriented and the idea is that we were reinventing all the time trying to move into these new things and coming up with great new ideas and so rather than it being some iterative approach with our deployments that became a number of different deployments and so we shifted that tour and the network has been a real enabler of this is that it there's one network and it touches whatever cloud we want it to touch and it touches the data centers that we need it to touch and it touches the customers that we need it to touch our job is to make sure that the services that are of and one of those locations are available in all of the locations so the idea is not that we need to come up with this new solution every time it's that we're just iterating on what we've already decided to do before we get the architecture section I want to ask you guys a question I'm a big fan of you know let the app developers have infrastructure as code so check but having the right cloud run that workload I'm a big fan of that if it works great but we just heard from the other panel you can't change the network so I want to get your thoughts what is cloud native networking and is that the engine really that's the enabler for this multi cloud trend but you guys taken we'll start with Amit what do you think about that yeah so you are gonna have workloads running in different clouds and the workloads would have affinity to one cloud over other but how you expose that it's matter of how you are going to build your networks how we are going to run security how we are going to do egress ingress out of it so it's the big problem how do you split says what's the solution what's the end the key pain points and problem statement I mean the key pain point for most companies is how do you take your traditional on-premise network and then blow that out to the cloud in a way that makes sense you know IP conflicts you have IP space you pub public eye peas and premise as well as in the cloud and how do you kind of make them a sense of all of that and I think that's where tools like aviatrix make a lot of sense in that space from our site it's it's really simple it's latency and bandwidth and availability these don't change whether we're talking about cloud or data center or even corporate IT networking so our job when when these all of these things are simplified into like s3 for instance and our developers want to use those we have to be able to deliver that and for a particular group or another group that wants to use just just GCP resources these aren't we have to support these requirements and these wants as opposed to saying hey that's not a good idea now our job is to enable them not to disable them do you think you guys think infrastructure as code which I love that I think it's that's the future it is we saw that with DevOps but I just start getting the networking is it getting down to the network portion where it's network as code because storage and compute working really well is seeing all kubernetes on ServiceMaster and network is code reality is it there is it still got work to do it's absolutely there I mean you mentioned net DevOps and it's it's very real I mean in Cooper we build our networks through terraform and on not only just out of fun build an API so that we can consistently build V nets and VPC all across in the same way we get to do it yeah and even security groups and then on top and aviatrix comes in we can peer the networks bridge bridge all the different regions through code same with you guys but yeah about this everything we deploy is done with automation and then we also run things like lambda on top to make changes in real time we don't make manual changes on our network in the data center funny enough it's still manual but the cloud has enabled us to move into this automation mindset and and all my guys that's what they focus on is bringing what now what they're doing in the cloud into the data center which is kind of opposite of what it should be that's full or what it used to be it's full DevOps then yes yeah I mean for us it was similar on premise still somewhat very manual although we're moving more Norton ninja and terraform concepts but everything in the production environment is colored confirmation terraform code and now coming into the datacenter same I just wanted to jump in on a Justin Smith one of the comment that you made because it's something that we always talk about a lot is that the center of gravity of architecture used to be an on-prem and now it's shifted in the cloud and once you have your strategic architecture what you--what do you do you push that everywhere so what you used to see at the beginning of cloud was pushing the architecture on prem into cloud now i want to pick up on what you said to you others agree that the center of architect of gravity is here i'm now pushing what i do in the cloud back into on Prem and wait and then so first that and then also in the journey where are you at from zero to a hundred of actually in the journey to cloud do you 50% there are you 10% yes I mean are you evacuating data centers next year I mean were you guys at yeah so there's there's two types of gravity that you typically are dealing with no migration first is data gravity and your data set and where that data lives and then the second is the network platform that interrupts all that together right in our case the data gravity sold mostly on Prem but our network is now extend out to the app tier that's going to be in cloud right eventually that data gravity will also move to cloud as we start getting more sophisticated but you know in our journey we're about halfway there about halfway through the process we're taking a handle of you know lift and shift and when did that start and we started about three years ago okay okay go by it's a very different story it started from a garage and one hundred percent on the clock it's a business spend management platform as a software-as-a-service one hundred percent on the cloud it was like ten years ago right yes yeah you guys are riding the wave love that architecture Justin I want to ask you Sora you guys mentioned DevOps I mean obviously we saw the huge observability wave which is essentially network management for the cloud in my opinion right yeah it's more dynamic but this is about visibility we heard from the last panel you don't know what's being turned on or turned off from a services standpoint at any given time how is all this playing out when you start getting into the DevOps down well this layer this is the big challenge for all of us as visibility when you talk transport within a cloud you know we very interestingly we have moved from having a backbone that we bought that we owned that would be data center connectivity we now I work for soar as a subscription billing company so we want to support the subscription mindset so rather than going and buying circuits and having to wait three months to install and then coming up with some way to get things connected and resiliency and redundancy I my backbone is in the cloud I use the cloud providers interconnections between regions to transport data across and and so if you do that with their native solutions you you do lose visibility there there are areas in that that you don't get which is why controlling you know controllers and having some type of management plane is a requirement for us to do what we're supposed to do and provide consistency while doing it a great conversation I loved when you said earlier latency bandwidth availability with your sim pop3 things guys SLA I mean you just do ping times are between clouds it's like you don't know what you're getting for round-trip times this becomes a huge kind of risk management black hole whatever you want to call blind spot how are you guys looking at the interconnects between clouds because you know I can see that working from you know ground to cloud I'm per cloud but when you start doing with multi clouds workloads I mean s LA's will be all over the map won't they just inherently but how do you guys view that yeah I think we talked about workload and we know that the workloads are going to be different in different clouds but they are going to be calling each other so it's very important to have that visibility that you can see how data is flowing at what latency and whatever ability is our is there and our authority needs to operate on that so it's so you use the software dashboard look at the times and look at the latency in the old days strong so on open so on you try to figure it out and then your days you have to figure out just what she reinsert that because you're in the middle of it yeah I mean I think the the key thing there is that we have to plan for that failure we have to plan for that latency in our applications that start thinking start tracking in your SLI something you start planning for and you loosely couple these services and a much more micro services approach so you actually can handle that kind of failure or that type of unknown latency and unfortunately the cloud has made us much better at handling exceptions a much better way you guys are all great examples of cloud native from day one and you guys had when did you have the tipping point moment or the Epiphany of saying a multi clouds real I can't ignore it I got to factor it into all my design design principles and and everything you're doing what's it was there a moment was it was it from day one no there were two reasons one was the business so in business there was some affinity to not be in one cloud or to be in one cloud and that drove from the business side so as a cloud architect our responsibility was to support that business and other is the technology some things are really running better in like if you are running dot Network load or you are going to run machine learning or AI so that you have you would have that reference of one cloud over other so it was the bill that we got from AWS I mean that's that's what drives a lot of these conversations is the financial viability of what you're building on top of it which is so we this failure domain idea which is which is fairly interesting is how do I solve or guarantee against a failure domain you have methodologies with you know back-end direct connects or interconnect with GCP all of these ideas are something that you have to take into account but that transport layer should not matter to whoever we're building this for our job is to deliver the frames in the packets what that flows across how you get there we want to make that seamless and so whether it's a public internet API call or it's a back-end connectivity through Direct Connect it doesn't matter it just has to meet a contract that you signed with your application folks yeah that's the availability piece just in your thoughts on anything any common uh so actually a multi clouds become something much more recent in the last six to eight months I'd say we always kind of had a very much an attitude of like moving to Amazon from our private cloud is hard enough why complicate it further but the realities of the business and as we start seeing you know improvements in Google and Asia and different technology spaces the need for multi cloud becomes much more important as well as our acquisition strategies I matured we're seeing that companies that used to be on premise that we typically acquire are now very much already on a cloud and if they're on a cloud I need to plug them into our ecosystem and so that's really change our multi cloud story in a big way I'd love to get your thoughts on the clouds versus the clouds because you know you compare them Amazon's got more features they're rich with features I see the bills are how could people using them but Google's got a great network Google's networks pretty damn good and then you got a sure what's the difference between the clouds who with they've evolved something whether they peak in certain areas better than others what what are the characteristics which makes one cloud better do they have a unique feature that makes as you're better than Google and vice versa what do you guys think about the different clouds yeah to my experience I think there is approaches different in many places Google has a different approach very DevOps friendly and you can run your workload like the your network and spend regions time I mean but our application ready to accept that MS one is evolving I mean I remember 10 years back Amazon's Network was a flat network we will be launching servers and 10.0.0.0 so the VP sees concept came out multi-account came out so they are evolving as you are at a late start but because they have a late start they saw the pattern and they they have some mature set up on the yeah I think they're all trying to say they're equal in their own ways I think they all have very specific design philosophies that allow them to be successful in different ways and you have to kind of keep that in mind as you architectural solution for example amazon has a very much a very regional affinity they don't like to go cross region in their architecture whereas Google is very much it's a global network we're gonna think about as a global solution I think Google also has advantages its third to market and so has seen what Asia did wrong it seemed with AWS did wrong and it's made those improvements and I think that's one of their big advantage at great scale to Justin thoughts on the cloud so yeah Amazon built from the system up and Google built from the network down so their ideas and approaches are from a global versus or regional I agree with you completely that that is the big number one thing but the if you look at it from the outset interestingly the inability or the ability for Amazon to limit layer 2 broadcasting and and what that really means from a VPC perspective changed all the routing protocols you can use all the things that we have built inside of a data center to provide resiliency and and and make things seamless to users all of that disappeared and so because we had to accept that at the VPC level now we have to accept it at the LAN level Google's done a better job of being able to overcome those things and provide those traditional Network facilities to us just great panel can go all day here's awesome so I heard we could we'll get to the cloud native naive questions so kind of think about what's not even what's cloud is that next but I got to ask you had a conversation with a friend he's like Wayne is the new land so if you think about what the land was at a datacenter when is the new link you could talking about the cloud impact so that means st when the old st way is kind of changing into the new land how do you guys look at that because if you think about it what lands were for inside a premises was all about networking high-speed but now when you take the win and make it essentially a land do you agree with that and how do you view this trend and is it good or bad or is it ugly and what's what you guys take on this yeah I think it's a it's a thing that you have to work with your application architect so if you are managing networks and if you are a sorry engineer you need to work with them to expose the unreliability that would bring in so the application has to hand a lot of this the difference in the latencies and and the reliability has to be worked through the application there Lanois same concept is that BS I think we've been talking about for a long time the erosion of the edge and so is this is just a continuation of that journey we've been on for the last several years as we get more and more cloud native and we start about API is the ability to lock my data in place and not be able to access it really goes away and so I think this is just continuation that thing I think it has challenges we start talking about weighing scale versus land scale the tooling doesn't work the same the scale of that tooling is much larger and the need to automation is much much higher in a way and than it was in a land that's where is what you're seeing so much infrastructure as code yeah yes so for me I'll go back again to this its bandwidth and its latency right that bet define those two land versus win but the other thing that's comes up more and more with cloud deployments is where is our security boundary and where can I extend this secure aware appliance or set of rules to to protect what's inside of it so for us we're able to deliver vr af-s or route forwarding tables for different segments wherever we're at in the world and so they're they're trusted to talk to each other but if they're gonna go to someplace that's outside of their their network then they have to cross a security boundary and where we enforce policy very heavily so for me there's it's not just land when it's it's how does environment get to environment more importantly that's a great point and security we haven't talked to yet but that's got to be baked in from the beginning this architecture thoughts on security are you guys are dealing with it yeah start from the base have apt to have security built in have TLS have encryption on the data I transit data at rest but as you bring the application to the cloud and they are going to go multi-cloud talking to over the Internet in some places well have apt web security I mean I mean our principles day Security's day zero every day and so we we always build it into our design build into our architecture into our applications it's encrypt everything it's TLS everywhere it's make sure that that data is secured at all times yeah one of the cool trends at RSA just as a side note was the data in use encryption piece which is a homomorphic stuff is interesting all right guys final question you know we heard on the earlier panel was also trending at reinvent we take the tea out of cloud native it spells cloud naive okay they got shirts now aviatrix kind of got this trend going what does that mean to be naive so if you're to your peers out there watching a live stream and also the suppliers that are trying to supply you guys with technology and services what's naive look like and what's native look like when is someone naive about implementing all this stuff so for me it's because we are in hundred-percent cloud for us it's main thing is ready for the change and you will you will find new building blocks coming in and the network design will evolve and change so don't be naive and think that it's static you wall with the change I think the big naivety that people have is that well I've been doing it this way for 20 years and been successful it's going to be successful in cloud the reality is that's not the case you have to think some of the stuff a little bit differently and you need to think about it early enough so that you can become cloud native and really enable your business on cloud yeah for me it's it's being open minded right the the our industry the network industry as a whole has been very much I am smarter than everybody else and we're gonna tell everybody how it's going to be done and we had we fell into a lull when it came to producing infrastructure and and and so embracing this idea that we can deploy a new solution or a new environment in minutes as opposed to hours or weeks or four months in some cases is really important and and so you know it's are you being closed-minded native being open minded exactly and and it took a for me it was that was a transformative kind of where I was looking to solve problems in a cloud way as opposed to looking to solve problems in this traditional old-school way all right I know we're out of time but I ask one more question so you guys so good it could be a quick answer what's the BS language when you the BS meter goes off when people talk to you about solutions what's the kind of jargon that you hear that's the BS meter going off what are people talking about that in your opinion you here you go that's total BS but what triggers use it so that I have two lines out of movies that are really I can if I say them without actually thinking them it's like 1.21 jigowatts are you out of your mind from Back to the Future right somebody's getting a bang and then and then Martin Mull and and Michael Keaton and mr. mom when he goes to 22 21 whatever it takes yeah those two right there if those go off in my mind somebody's talking to me I know they're full of baloney so a lot of speech would be a lot of speeds and feeds a lot of data did it instead of talking about what you're actually doing and solutioning for you're talking about well I does this this this and any time I start seeing the cloud vendor start benchmarking against each other it's your workload is your workload you need to benchmark yourself don't don't listen to the marketing on that that's that's all what triggers you and the bsp I think if somebody explains you and not simple they cannot explain you in simplicity then that's good all right guys thanks for the great insight great time how about a round of applause DX easy solutions integrating company than we service customers from all industry verticals and we're helping them to move to the digital world so as a solutions integrator we interface with many many customers that have many different types of needs and they're on their IT journey to modernize their applications into the cloud so we encounter many different scenarios many different reasons for those migrations all of them seeking to optimize their IT solutions to better enable their business we have our CPS organization it's cloud platform services we support AWS does your Google Alibaba corkle will help move those workloads to wherever it's most appropriate no one buys the house for the plumbing equally no one buys the solution for the networking but if the plumbing doesn't work no one likes the house and if this network doesn't work no one likes a solution so network is ubiquitous it is a key component of every solution we do the network connectivity is the lifeblood of any architecture without network connectivity nothing works properly planning and building a scalable robust network that's gonna be able to adapt with the application needs critical when encountering some network design and talking about speed the deployment aviatrix came up in discussion and we then further pursued an area DHT products have incorporated aviatrix is part of a new offering that we are in the process of developing that really enhances our ability to provide cloud connectivity for the Lyons cloud connectivity is a new line of networking services so we're getting into as our clients moving the hybrid cloud networking it is much different than our traditional based services and aviatrix provides a key component in that service before we found aviatrix we were using just native peering connections but there wasn't a way to visualize all those peering connections and with multiple accounts multiple contacts for security with a VA Church were able to visualize those different peering connections of security groups it helped a lot especially in areas of early deployment scenarios were quickly able to then take those deployment scenarios and turn them into scripts that we can then deploy repeatedly their solutions were designed to work with the cloud native capabilities first and where those cloud native capabilities fall short they then have solution sets that augment those capabilities I was pleasantly surprised number one with the aviatrix team as a whole and their level of engagement with us you know we weren't only buying the product we were buying a team that came on board to help us implement and solution that was really good to work together to learn both what aviatrix had to offer as well as enhancements that we had to bring that aviatrix was able to put into their product and meet our needs even better aviatrix was a joy to find because they really provided us the technology that we needed in order to provide multi cloud connectivity that really added to the functionality that you can't get from the basically providing services we're taking our customers on a journey to simplify and optimize their IT maybe Atrix certainly has made my job much easier okay welcome back to altitude 2020 for the digital event for the live feed welcome back I'm John Ford with the cube with Steve Mulaney CEO aviatrix for the next panel from global system integrators the folks who are building and working with folks on their journey to multi cloud and cloud native networking we've got a great panel George Buckman with dxc and Derek Monahan with wwt welcome to the stage [Applause] [Music] okay you guys are the ones out there advising building and getting down and dirty with multi cloud and cloud native network and we just heard from the customer panel you can see the diversity of where people come in to the journey of cloud it kind of depends upon where you are but the trends are all clear cloud native networking DevOps up and down the stack this has been the main engine what's your guys take of the disk Jerry to multi cloud what do you guys seeing yeah it's it's critical I mean we're seeing all of our enterprise customers enter into this they've been through the migrations of the easy stuff you know now they're trying to optimize and get more improvement so now the tough stuffs coming on right and you know they need their data processing near where their data is so that's driving them to a multi cloud environment okay we heard some of the edge stuff I mean you guys are exactly you've seen this movie before but now it's a whole new ballgame what's your take yeah so I'll give you a hint so our practice it's not called the cloud practice it's the multi cloud practice and so if that gives you a hint of how we approach things it's very consultative and so when we look at what the trends are let's look a little year ago about a year ago we're having conversations with customers let's build a data center in the cloud let's put some VP C's let's throw some firewalls with some DNS and other infrastructure out there and let's hope it works this isn't a science project so what we're trying to see is customers are starting to have more of a vision and we're helping with that consultative nature but it's totally based on the business and you got to start understanding how the lines of business are using the and then we evolved into the next journey which is a foundational approach to what are some of the problem statement customers are solving when they come to you what are the top things that are on their my house or the ease of use of Julie all that stuff but what specifically they digging into yeah so complexity I think when you look at a multi cloud approach in my view is network requirements are complex you know I think they are but I think the approach can be let's simplify that so one thing that we try to do this is how we talk to customers is let's just like you simplify an aviatrix simplifies the automation orchestration of cloud networking we're trying to simplify the design the planning implementation of infrastructure across multiple workloads across multiple platforms and so the way we do it is we sit down we look at not just use cases and not just the questions in common we tis anticipate we actually build out based on the business and function requirements we build out a strategy and then create a set of documents and guess what we actually build in the lab and that lab that we platform we built proves out this reference architecture actually works absolutely we implement similar concepts I mean we they're proven practices they work great so well George you mentioned that the hard part's now upon us are you referring to networking what is specifically were you getting at Terrance's the easy parts done now so for the enterprises themselves migrating their more critical apps or more difficult apps into the environments you know they've just we've just scratched the surface I believe on what enterprises are doing to move into the cloud to optimize their environments to take advantage of the scale and speed to deployment and to be able to better enable their businesses so they're just now really starting the - so do you get you guys see what I talked about them in terms of their Cambrian explosion I mean you're both monster system integrators with you know top fortune enterprise customers you know really rely on you for for guidance and consulting and so forth and boy they're networks is that something that you you've seen I mean does that resonate did you notice a year and a half ago and all of a sudden the importance of cloud for enterprise shoot up yeah I mean we're seeing it not okay in our internal environment as you know we're a huge company or as customers so we're experiencing that internal okay and every one of our other customers so I have another question oh but I don't know the answer to this and the lawyer never asks a question that you don't know the answer to but I'm gonna ask it anyway DX c + w WT massive system integrators why aviatrix yep so great question Steve so I think the way we approach things I think we have a similar vision a similar strategy how you approach things how we approach things that world by technology number one we want to simplify the complexity and so that's your number one priorities let's take the networking let's simplify it and I think part of the other point I'm making is we have we see this automation piece as not just an afterthought anymore if you look at what customers care about visibility and automation is probably the top three maybe the third on the list and I think that's where we see the value and I think the partnership that we're building and what I would I get excited about is not just putting yours in our lab and showing customers how it works is Co developing a solution with you figuring out hey how can we make this better right visibility's a huge thing jump in security alone network everything's around visibility what automation do you see happening in terms of progression order of operations if you will it's a low-hanging fruit what are people working on now what are what are some of the aspirational goals around when you start thinking about multi cloud and automation yep so I wanted to get back to answer that question I want to answer your question you know what led us there and why aviatrix you know in working some large internal IT projects and and looking at how we were gonna integrate those solutions you know we like to build everything with recipes where network is probably playing catch-up in the DevOps world but with a DevOps mindset looking to speed to deploy support all those things so when you start building your recipes you take a little of this a little of that and you mix it all together well when you look around you say wow look there's this big bag of a VHS let me plop that in that solves a big part of my problems that I have to speed to integrate speed to deploy and the operational views that I need to run this so that was 11 years about reference architectures yeah absolutely so you know they came with a full slate of reference textures already the out there and ready to go that fit our needs so it's very very easy for us to integrate those into our recipes what do you guys think about all the multi vendor interoperability conversations that have been going on choice has been a big part of multi-cloud in terms of you know customers want choice they didn't you know they'll put a workload in the cloud that works but this notion of choice and interoperability is become a big conversation it is and I think our approach and that's why we talk to customers is let's let's speed and be risk of that decision making process and how do we do that because the interoperability is key you're not just putting it's not just a single vendor we're talking you know many many vendors I mean think about the average number of cloud application as a customer uses a business and enterprise business today you know it's it's above 30 it's it's skyrocketing and so what we do and we look at it from an interoperability approach is how do things interoperate we test it out we validate it we build a reference architecture it says these are the critical design elements now let's build one with aviatrix and show how this works with aviatrix and I think the the important part there though is the automation piece that we add to it in visibility so I think the visibility is what's what I see lacking across the industry today and the cloud needed that's been a big topic okay in terms of aviatrix as you guys see them coming in they're one of the ones that are emerging and the new brands emerging but multi-cloud you still got the old guard incumbents with huge footprints how our customers dealing with that that kind of component and dealing with both of them yeah I mean where we have customers that are ingrained with a particular vendor and you know we have partnerships with many vendors so our objective is to provide the solution that meets that client and you they all want multi vendor they all want interoperability correct all right so I got to ask you guys a question while we were defining day two operations what does that mean I mean you guys are looking at the big business and technical components of architecture what does day to Operations mean what's the definition of that yeah so I think from our perspective my experience we you know day to operations whether it's it's not just the you know the orchestration piece and setting up and let it a lot of automate and have some you know change control you're looking at this from a data perspective how do I support this ongoing and make it easy to make changes as we evolve the the the cloud is very dynamic the the nature of how the fast is expanding the number of features is astonish trying to keep up to date with a number of just networking capabilities and services that are added so I think day to operation starts with a fundable understanding of you know building out supporting a customer's environments and making it the automation piece easy from from you know a distance I think yeah and you know taking that to the next level of being able to enable customers to have catalog items that they can pick and choose hey I need this network connectivity from this cloud location back to this on pram and being able to have that automated and provisioned just simply by ordering it for the folks watching out there guys take a minute to explain as you guys are in the trenches doing a lot of good work what are some of the engagement that you guys get into how does that progress what is that what's what happens do they call you up and say hey I need some multi-cloud or you're already in there I mean take us through why how someone can engage to use a global si to come in and make this thing happen what's looks like typical engagement look like yeah so from our perspective we typically have a series of workshops in a methodology that we kind of go along the journey number one we have a foundational approach and I don't mean foundation meaning the network foundation that's a very critical element we got a factor in security we've got a factor in automation so we think about foundation we do a workshop that starts with education a lot of times we'll go in and we'll just educate the customer what is VP she's sharing you know what is a private Lincoln or how does that impact your business we have customers I want to share services out in an ecosystem with other customers and partners well there's many ways to accomplish that so our goal is to you know understand those requirements and then build that strategy with them thoughts Georgia yeah I mean I'm one of the guys that's down in the weeds making things happen so I'm not the guy on the front line interfacing with the customers every day but we have a similar approach you know we have a consulting practice that will go out and and apply their practices to see what those and when do you parachute in yeah and when I then is I'm on the back end working with our offering development leads for the networking so we understand or seeing what customers are asking for and we're on the back end developing the solutions that integrate with our own offerings as well as enable other customers to just deploy quickly to beep their connectivity needs it so the patterns are similar right final question for you guys I want to ask you to paint a picture of what success looks like and you know the name customers didn't forget in reveal kind of who they are but what does success look like in multi-cloud as you paint a picture for the folks here and watching on the live stream it's someone says hey I want to be multi-cloud I got to have my operations agile I want full DevOps I want programmability security built in from day zero what does success look like yeah I think success looks like this so when you're building out a network the network is a harder thing to change than some other aspects of cloud so what we think is even if you're thinking about that second cloud which we have most of our customers are on to public clouds today they might be dabbling in that as you build that network foundation that architecture that takes in consideration where you're going and so once we start building that reference architecture out that shows this is how to sit from a multi cloud perspective not a single cloud and let's not forget our branches let's not forget our data centers let's not forget how all this connects together because that's how we define multi-cloud it's not just in the cloud it's on Prem and it's off from and so collectively I think the key is also is that we provide them an hld you got to start with a high level design that can be tweaked as you go through the journey but you got to give a solid structural foundation and that that networking which we think most customers think as not not the network engineers but as an afterthought we want to make that the most critical element before you start the journey Jorge from your seed how do you success look for you so you know it starts out on these journeys often start out people not even thinking about what is gonna happen what what their network needs are when they start their migration journey to the cloud so I want this success to me looks like them being able to end up not worrying about what's happening in the network when they move to the cloud good point guys great insight thanks for coming on share and pen I've got a round of applause the global system integrators Hey [Applause] [Music] okay welcome back from the live feed I'm chef for with the cube Steve Eleni CEO of aviatrix my co-host our next panel is the aviatrix certified engineers also known as aces this is the folks that are certified their engineering they're building these new solutions please welcome Toby Foster min from Attica Stacy linear from Teradata and Jennifer Reid with Victor Davis to the stage I was just gonna I was just gonna rip you guys see where's your jackets and Jen's got the jacket on okay good love the aviatrix aces pile of gear they're above the clouds towards a new heights that's right so guys aviatrix aces love the name I think it's great certified this is all about getting things engineered so there's a level of certification I want to get into that but first take us through the day in the life of an ace and just to point out Stacey's a squad leader so he's like a Squadron Leader Roger and leader yeah Squadron Leader so he's got a bunch of aces underneath him but share your perspective day-in-the-life Jennifer will start with you sure so I have actually a whole team that works for me both in the in the North America both in the US and in Mexico and so I'm eagerly working to get them certified as well so I can become a squad leader myself but it's important because one of the the critical gaps that we've found is people having the networking background because they're you graduate from college and you have a lot of computer science background you can program you've got Python but now working in packets they just don't get and so just taking them through all the processes that it's really necessary to understand when you're troubleshooting is really critical mm-hmm and because you're gonna get an issue where you need to figure out where exactly is that happening on the network you know is my my issue just in the VP C's and on the instance side is a security group or is it going on print and this is something actually embedded within Amazon itself I mean I should troubleshot an issue for about six months going back and forth with Amazon and it was the vgw VPN because they were auto-scaling on two sides and we ended up having to pull out the Cisco's and put in aviatrix so I could just say okay it's fixed and I actually actually helped the application teams get to that and get it solved yeah but I'm taking a lot of junior people and getting them through that certification process so they can understand and see the network the way I see the network I mean look I've been doing this for 25 years when I got out when I went in the Marine Corps that's what I did and coming out the network is still the network but people don't get the same training they get they got in the 90s it's just so easy just write some software they work takes care of itself yes he'll be we'll come back to that I want to come back to that problem solve with Amazon but Toby I think the only thing I have to add to that is that it's always the network fault as long as I've been in network have always been the network's fault sure and I'm even to this day you know it's still the network's fault and part of being a network guy is that you need to prove when it is and when it's not your fault and that means you need to know a little bit about a hundred different things to make that and now you've got a full stack DevOps you got to know a lot more times another hundred and these times are changing they see your squadron leader I get that right what is what is a squadron leader first can you describe what it is I think it probably just leading all the network components of it but are they from my perspective when to think about what you asked them was it's about no issues and no escalation soft my day is like that's a good outcome that's a good day it's a good day Jennifer you mentioned the Amazon thing this brings up a good point you know when you have these new waves come in you have a lot of new things newly use cases a lot of the finger-pointing it's that guys problem that girls problem so what is how do you solve that and how do you get the young guns up to speed is there training is that this is where the certification comes in those where the certification is really going to come in I know when we we got together at reinvent one of the the questions that that we had with Stephen the team was what what should our certification look like you know she would just be teaching about what aviatrix troubleshooting brings to bear but what should that be like and I think Toby and I were like no no no that's going a little too high we need to get really low because the the better someone can get at actually understanding what actually happening in the network and and where to actually troubleshoot the problem how to step back each of those processes because without that it's just a big black box and they don't know you know because everything is abstracted in Amazon Internet and Azure and Google is substracted and they have these virtual gateways they have VPNs that you just don't have the logs on it's you just don't know and so then what tools can you put in front of them of where they can look because there are full logs well as long as they turned on the flow logs when they built it you know and there's like each one of those little things that well if they'd had decided to do that when they built it it's there but if you can come in later to really supplement that with training to actual troubleshoot and do a packet capture here as it's going through then teaching them how to read that even yeah Toby we were talking before he came on up on stage about your career you've been networking all your time and then you know you're now mentoring a lot of younger people how is that going because the people who come in fresh they don't have all the old war stories they don't know you talk about you know that's dimmer fault I walk in Mayr feet in the snow when I was your age I mean it's so easy now right they say what's your take on how you train the young P so I've noticed two things one is that they are up to speed a lot faster in generalities of networking they can tell you what a network is in high school level now where I didn't learn that too midway through my career and they're learning it faster but they don't necessarily understand why it's that way or you know everybody thinks that it's always slash 24 for a subnet and they don't understand why you can break it down smaller why it's really necessary so the the ramp up speed is much faster for these guys that are coming in but they don't understand why and they need some of that background knowledge to see where it's coming from and why is it important and that's old guys that's where we thrive Jennifer you mentioned you you got in from the Marines health spa when you got into networking how what was it like then and compare it now most like we've heard earlier static versus dynamic don't be static cuz back then you just said the network you got a perimeter yeah no there was no such thing ya know so back in the day I mean I mean we had banyan vines for email and you know we had token ring and I had to set up token ring networks and figure out why that didn't work because how many of things were actually sharing it but then actually just cutting fiber and running fiber cables and dropping them over you know shelters to plug them in and oh crap they swung it too hard and shattered it now I gotta be great polished this thing and actually shoot like to see if it works I mean that was the network current five cat 5 cables to run an Ethernet you know and then from that just said network switches dumb switches like those were the most common ones you had then actually configuring routers and you know logging into a Cisco router and actually knowing how to configure that and it was funny because I had gone all the way up and was a software product manager for a while so I've gone all the way up the stack and then two and a half three years ago I came across to to work with entity group that became Victor Davis but we went to help one of our customers Avis and it was like okay so we need to fix the network okay I haven't done this in 20 years but all right let's get to it you know because it really fundamentally does not change it's still the network I mean I've had people tell me well you know when we go to containers we will not have to worry about the network and I'm like yeah you don't I do and then with this within the program abilities it really interesting so I think this brings up the certification what are some of the new things that people should be aware of that come in with the aviatrix ace certification what are some of the highlights can you guys share some of the some of the highlights around the certifications I think some of the importance is that it's it doesn't need to be vendor specific for network generality or basic networking knowledge and instead of learning how Cisco does something or how Palo Alto does something we need to understand how and why it works as a basic model and then understand how each vendor has gone about that problem and solved it in a general that's true in multi cloud as well you can't learn how cloud networking works without understanding how AWS integer and GCP are all slightly the same but slightly different and some things work and some things don't I think that's probably the number one take I think having a certification across clouds is really valuable because we heard the global si you help the business issues what does it mean to do that is it code is that networking is it configuration is that aviatrix what is the amine oxy aviatrix is a certification but what is it about the multi cloud that makes it multi networking and multi vendor and easy answer is yes so you got to be a general let's go to your hands and all you have to be it takes experience because it's every every cloud vendor has their own certification whether that's hops and [Music] advanced networking and advanced security or whatever it might be yeah they can take the test but they have no idea how to figure out what's wrong with that system and the same thing with any certification but it's really getting your hands in there and actually having to troubleshoot the problems you know actually work the problem you know and calm down it's going to be okay I mean because I don't know how many calls I've been on or even had aviatrix join me on it's like okay so everyone calm down let's figure out what's happening it's like we've looked at that screen three times looking at it again it's not going to solve that problem right but at the same time you know remaining calm but knowing that it really is I'm getting a packet from here to go over here it's not working so what could be the problem you know and actually stepping them through those scenarios but that's like you only get that by having to do it you know and seeing it and going through it and then I have a question so we you know I just see it we started this program maybe six months ago we're seeing a huge amount of interest I mean we're oversubscribed on all the training sessions we've got people flying from around the country even with coronavirus flying to go to Seattle to go to these events were oversubscribed a good is that watching leader would put there yeah something that you see in your organizations are you recommending that to people do you see I mean I'm just I would guess I'm surprised I'm not surprised but I'm really surprised by the demand if you would of this multi-cloud network certification because it really isn't anything like that is that something you guys can comment on or do you see the same things in your organization's I say from my side because we operate in the multi cloud environment so it really helps an official for us I think I would add that networking guys have always needed to use certifications to prove that they know what they know it's not good enough to say yeah I know IP addresses or I know how a network works and a couple little check marks or a little letters buying helps give you validity so even in our team we can say hey you know we're using these certifications to know that you know enough of the basics enough of the understandings that you have the tools necessary right so okay I guess my final question for you guys is why an eighth certification is relevant and then second part is share what the livestream folks who aren't yet a certified or might want to jump in to be AVH or certified engineers why is it important so why is it relevant and why shouldn't someone want to be an ace-certified I'm used to right engineer I think my views a little different I think certification comes from proving that you have the knowledge not proving that you get a certification to get no I mean they're backwards so when you've got the training and the understanding and the you use that to prove and you can like grow your certification list with it versus studying for a test to get a certification and have no understanding it okay so that who is the right person that look at this is saying I'm qualified is it a network engineer is it a DevOps person what's your view you know is it a certain you know I think cloud is really the answer it's the as we talked like the edge is getting eroded so is the network definition getting eroded we're getting more and more of some network some DevOps some security lots and lots of security because network is so involved in so many of them that's just the next progression I don't say I expend that to more automation engineers because we have those nails probably well I think that the training classes themselves are helpful especially the entry-level ones for people who may be quote-unquote cloud architects but I've never done anything and networking for them to understand why we need those things to really work whether or not they go through to eventually get a certification is something different but I really think fundamentally understanding how these things work it makes them a better architect makes some better application developer but even more so as you deploy more of your applications into the cloud really getting an understanding even from our people who've tradition down on prime networking they can understand how that's going to work in the cloud too well I know we got just under 30 seconds left but I want to get one more question than just one more for the folks watching that are you may be younger that don't have that networking training from your experiences each of you can answer why is it should they know about networking what's the benefit what's in it for them motivate them share some insights and why they should go a little bit deeper in networking Stacey we'll start with you we'll go down let's say it's probably fundamental right if you want to deliver solutions no we're going use the very top I would say if you fundamental of an operating system running on a machine how those machines talk together as a fundamental change is something that starts from the base and work your way up right well I think it's a challenge because you've come from top-down now you're gonna start looking from bottom up and you want those different systems to cross communicate and say you've built something and you're overlapping IP space not that that doesn't happen but how can I actually make that still operate without having to reappear e-platform it's like those challenges like those younger developers or sis engineers can really start to get their hands around and understand those complexities and bring that forward in their career they got to know the how the pipes are working you guys know what's going some plumbing that's right and they gotta know how it works I had a code it it's right awesome thank you guys for great insights ace certain ABS your certified engineers also known as aces give a round of applause thank you okay all right that concludes my portion thank you Steve thanks for have Don thank you very much that was fantastic everybody round of applause for John for you yeah so great event great event I'm not gonna take long we got we've got lunch outside for that for the people here just a couple of things just call to action right so we saw the aces you know for those of you out on the stream here become a certified right it's great for your career it's great for not knowledge is is fantastic it's not just an aviatrix thing it's gonna teach you about cloud networking multi-cloud networking with a little bit of aviatrix exactly what the Cisco CCIE program was for IP network that type of the thing that's number one second thing is is is is learn right so so there's a there's a link up there for the four to join the community again like I started this this is a community this is the kickoff to this community and it's a movement so go to what a v8 community aviatrix comm starting a community a multi cloud so you know get get trained learn I'd say the next thing is we're doing over a hundred seminars in across the United States and also starting into Europe soon will come out and will actually spend a couple hours and talk about architecture and talk about those beginning things for those of you on the you know on the livestream in here as well you know we're coming to a city near you go to one of those events it's a great way to network with other people that are in the industry as well as to start to learn and get on that multi-cloud journey and then I'd say the last thing is you know we haven't talked a lot about what aviatrix does here and that's intentional we want you you know leaving with wanting to know more and schedule get with us in schedule a multi our architecture workshop session so we we sit out with customers and we talk about where they're at in that journey and more importantly where they're going and define that end state architecture from networking compute storage everything and everything you heard today every panel kept talking about architecture talking about operations those are the types of things that we solve we help you define that canonical architecture that system architecture that's yours so for so many of our customers they have three by five plotted lucid charts architecture drawings and it's the customer name slash aviatrix arc network architecture and they put it on their whiteboard that's what what we and that's the most valuable thing they get from us so this becomes their twenty-year network architecture drawing that they don't do anything without talking to us and look at that architecture that's what we do in these multi hour workshop sessions with customers and that's super super powerful so if you're interested definitely call us and let's schedule that with our team so anyway I just want to thank everybody on the livestream thank everybody here hopefully it was it was very useful I think it was and joined the movement and for those of you here join us for lunch and thank you very much [Applause] [Music] you

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hello, everyone, and welcome to this week's Cube Insights, powered by ETR. Today is November 8, 2019 and I'd like to address one of the most important topics in the minds of a lot of executives. I'm talking about CEOs, CIOs, Chief Information Security Officers, Boards of Directors, governments and virtually every business around the world. And that's the topic of cyber security. The state of cyber security has changed really dramatically over the last 10 years. I mean, as a cyber security observer I've always been obsessed with Stuxnet, which the broader community discovered the same year that theCUBE started in 2010. It was that milestone that opened my eyes. Think about this. It's estimated that Stuxnet cost a million dollars to create. That's it. Compare that to an F-35 fighter jet. It costs about $85-$100 million to build one. And that's on top of many billions of dollars in R&D. So Stuxnet, I mean, it hit me like a ton of bricks. That the future of war was all about cyber, not about tanks. And the barriers to entry were very, very low. Here's my point. We've gone from an era where thwarting hacktivists was our biggest cyber challenge to one where we're now fighting nation states and highly skilled organized criminals. And of course, cyber crime and monetary theft is the number one objective behind most of these security breaches that we see in the press everyday. It's estimated that by 2021 cyber crime is going to cost society $6 trillion in theft, lost productivity, recovery costs. I mean, that's just a staggeringly large number. It's even hard to fathom. Now, the other C-change is how organizations have had to respond to the bad guys. It used to be pretty simple. I got a castle and the queen is inside. We need to protect her, so what do we do? We built a mote, put it around the perimeter. Now, think of the queen as data. Well, what's happened? The queen has cloned herself a zillion times. She's left the castle. She's gone up to the sky with the clouds. She's gone to the edge of the kingdom and beyond. She's also making visits to machines and the factories and hanging out with the commoners. She's totally exposed. Listen, by 2020, there's going to be hundreds of billions of IP addresses. These are going to be endpoints and phones, TVs, cameras, tablets, automobiles, factory machines, and all these represent opportunities for the bad guys to infiltrate. This explosion of endpoints that I'm talking about is created massive exposures, and we're seeing it manifest itself in the form of phishing, malware, and of course the weaponization of social media. You know, if you think that 2016 was nuts, wait 'til you see how the 2020 presidential election plays out. And of course, there's always the threat of ransomware. It's on everybody's minds these days. So I want to try to put some of this in context and share with you some insights that we've learned from the experts on theCUBE. And then let's drill into some of the ETR data and assess the state of security, the spending patterns. We're going to try to identify some of those companies with momentum and maybe some of those that are a little bit exposed. Let me start with the macro and the challenged faced by organization and that's complexity. Here's Robert Herjavec on theCUBE. Now, you know him from the Shark Tank, but he's also a security industry executive. Herjavec told me in 2017 at the Splunk.com Conference that he thought the industry was overly complex. Let's take a look and listen. >> I think that the industry continues to be extremely complicated. There's a lot of vendors. There's a lot of products. The average Fortune 500 company has 72 security products. There's a stat that RSA this year, that there's 1500 new security start-ups every year. Every single year. How are they going to survive? And which ones do you have to buy because they're critical and provide valuable insights? And which ones are going to be around for a year or two and you're never going to hear about again? So it's a extremely challenging complex environment. >> So it's that complexity that had led people like Pat Gelsinger to say security is a do-over, and that cyber security is broken. He told me this years ago on theCUBE. And this past VM World we talked to Pat Gelsinger and remember, VMware bought Carbon Black, which is an endpoint security specialist, for $2.1 billion. And he said that he's basically creating a cloud security division to be run by Patrick Morley, who is the Carbon Black CEO. Now, many have sort of questioned and been skeptical about VMware's entrance into the space. But here's a clip that Pat Gelsinger shared with us on theCUBE this past VM World. Let's listen and we'll come back and talk about it. >> And this move in security, I am just passionate about this, and as I've said to my team, if this is the last I do in my career is I want to change security. We just not are satisfying our customers. They shouldn't put more stuff on our platforms. >> National defense issues, huge problems. >> It's just terrible. And I said, if it kills me, right, I'm going to get this done. And they says, "It might kill you, Pat." >> So this brings forth an interesting dynamic in the industry today. Specifically, Steven Smith, the CISO of AWS, at this year's Reinforce, which is their security conference, Amazon's big cloud security conference, said that this narrative that security is broken, it's just not true, he said. It's destructive and it's counterproductive. His and AWS's perspective is that the state of cloud security is actually strong. Kind of reminded me of a heavily messaged State of the Union address by the President of the United States. At the same time, in many ways, AWS is doing security over. It's coming at it from the standpoint of a clean slate called cloud and infrastructure as a surface. Here's my take. The state of security in this union is not good. Every year we spend more, we lose more, and we feel less safe. So why does AWS, the security czar, see if differently? Well, Amazon uses this notion of a shared responsibility security model. In other words, they secure the S3 buckets, maybe the EC2 infrastructure, not maybe, the EC2 infrastructure. But it's up to the customer to make sure that she is enforcing the policies and configuring systems that adhere to the EDIX of the corporation. So I think the shared security model is a bit misunderstood by a lot of people. What do I mean by that? I think sometimes people feel like well, my data's in the cloud, and AWS has better security than I do. Here I go, I'm good. Well, AWS probably does have better security than you do. Here's the problem with that. You still have all these endpoints and databases and file servers that you're managing, and that you have to make sure comply with your security policies. Even if you're all on the cloud, ultimately, you are responsible for securing your data. Let's take a listen to Katie Jenkins, the CISO of Liberty Mutual, on this topic and we'll come back. >> Yeah, so the shared responsibility model is, I think that's an important speaking point to this whole ecosystem. At the end of the day, Liberty Mutual, our duty is to protect policyholder data. It doesn't matter if it's in the cloud, if it's in our data centers, we have that duty to protect. >> It's on you. >> All right, so there you have it from a leading security practitioner. The cloud is not a silver bullet. Bad user behavior is going to trump good security every time. So unfortunately the battle goes on. And here's where it gets tricky. Security practitioners are drowning in a sea of incidents. They have to prioritize and respond to, and as you heard Robert Herjavec say, the average large company has 75 security products installed. Now, we recently talked to another CISO, Brian Lozada, and asked him what's the number one challenge for security pros. Here's what he said. >> Lack of talent. I mean, we're starving for talent. Cyber security's the only field in the world with negative unemployment. We just don't have the actual bodies to actually fill the gaps that we have. And in that lack of talent CISOs are starving. We're looking for the right things or tools to actually patch these holes and we just don't have it. Again, we have to force the industry to patch all of those resource gaps with innovation and automation. I think CISOs really need to start asking for more automation and innovation within their programs. >> So bottom line is we can't keep throwing humans at the problem. Can't keep throwing tools at the problem. Automation is the only way in which we're going to be able to keep up. All right, so let's pivot and dig in to some of the ETR data. First, I want to share with you what ETR is saying overall, what their narrative looks like around spending. So in the overall security space, it's pretty interesting what ETR says, and it dovetails into some of the macro trends that I've just shared with you. Let's talk about CIOs and CISOs. ETR is right on when they tell me that these executives no longer have a blank check to spend on security. They realize they can't keep throwing tools and people at the problem. They don't have the bodies, and as we heard from Brian Lozada. And so what you're seeing is a slowdown in the growth, somewhat of a slowdown, in security spending. It's still a priority. But there's less redundancy. In other words, less experimentation with new vendors and less running systems in parallel with legacy products. So there's a slowdown adoption of new tools and more replacement of legacy stuff is what we're seeing. As a result, ETR has identified this bifurcation between those vendors that are very well positioned and those that are losing wallet share. Let me just mention a few that have the momentum, and we're going to dig into this data in more detail. Palo Alto Networks, CrowdStrike, Okta, which does identity management, Cisco, who's coming at the problem from its networking strength. Microsoft, which recently announced Sentinel for Azure. These are the players, and some of them that are best positioned, I'll mention some others, from the standpoint spending momentum in the ETR dataset. Now, here's a few of those that are losing momentum. Checkpoint, SonicWall, ArcSight, Dell EMC, which is RSA, is kind of mixed. We'll talk about that a little bit. IBM, Symantec, even FireEye is seeing somewhat higher citations of decreased spending in the ETR surveys and dataset. So there's a little bit of a cause for concern. Now, let's remember the methodology here. Every quarter ETR asks are you green, meaning adopting this vendor as new or spending more? Are you neutral, which is gray, are you spending the same? Or are you red, meaning that you're spending less or retiring? You subtract the red from the green and you get what's called a net score. The higher the net score, the better. So here's a chart that shows a ranking of security players and their net scores. The bars show survey data from October '18, July '19, and October '19. In here, you see strength from CrowdStrike, Okta, Twistlock, which was acquired by Palo Alto Networks. You see Elastic, Microsoft, Illumio, the core, Palo Alto Classic, Splunk looking strong, Cisco, Fortinet, Zscaler is starting to show somewhat slowing net score momentum. Look at Carbon Black. Carbon Black is showing a meaningful drop in net score. So VMware has some work to do. But generally, the companies to the left are showing spending momentum in the ETR dataset. And I'll show another view on net score in a moment. But I want to show a chart here that shows replacement spending and decreased spending citations. Notice the yellow. That's the ETR October '19 survey of spending intentions. And the bigger the yellow bar, the more negative. So Sagar, the director of research at ETR, pointed this out to me, that, look at this. There are about a dozen companies where 20%, a fifth of the customer base is decreasing spend or ripping them out heading into the year end. So you can see SonicWall, CA, ArcSight, Symantec, Carbon Black, again, a big negative jump. IBM, same thing. Dell EMC, which is RSA, slight uptick. That's a bit of a concern. So you can see this bifurcation that ETR has been talking about for awhile. Now, here's a really interesting kind of net score. What I'm showing here is the ETR data sorted by net score, again, higher is better, and shared N, which is the number of shared accounts in the survey, essentially the number of mentions in that October survey with 1,336 IT buyers responded. So how many of that 1,300 identified these companies? So essentially it's a proxy for the size of the install base. So showing up on both charts is really good. So look, CrowdStrike has a 62% net score with a 133 shared account. So a fairly sizable install base and a very high net score. Okta, similar. Palo Alto Networks and Splunk, both large, continue to show strength. They got net scores of 44% and 313 shared N. Fortinet shows up in both. Proofpoint. Look at Microsoft and Cisco. With 521 and 385 respectively on the right hand side. So big install bases with very solid net scores. Now look at the flip side. Go down to the bottom right to IBM. 132 shared accounts with a 14.4% net score. That's very low. Check Point similarly. Same with Symantec. Again, bifurcation that ETR has been citing. Really stark in this chart. All right, so I want to wrap. In some respects from a practitioner perspective, the sky erectus is falling. You got increased attack surface. You've got exploding number of IP addresses. You got data distributed all over the place, tool creep. You got sloppy user behavior, overwork security op staff, and a scarcity of skills. And oh, by the way, we're all turning into a digital business, which is all about data. So it's a very, very dangerous time for companies. And it's somewhat chaotic. Now, chaos, of course, can mean cash for cyber security companies and investors. This is still a very vibrant space. So just by the way of comparison and looking at some of the ETR data, check this out. What I'm showing is companies in two sectors, security and storage, which I've said in previous episodes of breaking analysis, storage, and especially traditional storage disk arrays are on the back burner spending wise for many, many shops. This chart shows the number of companies in the ETR dataset with a net score greater than a specific target. So look, security has seven companies with a 49% net score or higher. Storage has one. Security has 18 above 39%. Storage has five. Security has 31 companies in the ETR dataset with a net score higher than 30%. Storage only has nine. And I like to think of 30% as kind of that the point at which you want to be above that 30%. So as you can see, relatively speaking, security is an extremely vibrant space. But in many ways it is broken. Pat Gelsinger called it a do-over and is affecting a strategy to fix it. Personally, I don't think one company can solve this problem. Certainly not VMware, or even AWS, or even Microsoft. It's too complicated, it's moving too fast. It's so lucrative for the bad guys with very low barriers to entry, as I mentioned, and as the saying goes, the good guys have to win every single day. The bad guys, they only have to win once. And those are just impossible odds. So in my view, Brian Lozada, the CISO that we interviewed, nailed it. The focus really has to be on automation. You know, we can't just keep using brute force and throwing tools at the problem. Machine intelligence and analytics are definitely going to be part of the answer. But the reality is AI is still really complicated too. How do you operationalize AI? Talk to companies trying to do that. It's very, very tricky. Talk about lack of skills, that's one area that is a real challenge. So I predict the more things change the more you're going to see this industry remain a game of perpetual whack a mole. There's certainly going to be continued consolidation, and unquestionably M&A is going to be robust in this space. So I would expect to see continued storage in the trade press of breaches. And you're going to hear scare tactics by the vendor community that want to take advantage of the train wrecks. Now, I wish I had better news for practitioners. But frankly, this is great news for investors if they can follow the trends and find the right opportunities. This is Dave Vellante for Cube Insights powered by ETR. Connect with me at David.Vellante@siliconangle.com, or @dvellante on Twitter, or please comment on what you're seeing in the marketplace in my LinkedIn post. Thanks for watching. Thank you for watching this breaking analysis. We'll see you next time. (energetic music)