 Live from Washington D.C., it's theCUBE, covering .NEXT Conference, brought to you by Nutanix. Welcome back to Nutanix.NEXT everybody, this is Dave Vellante with Stu Miniman, and this is theCUBE, the leader in live tech coverage. We go out to the events, we extract the signal from the noise, Alan Cohen is here, he's the chief commercial officer of Hot Startup, Illumio, Alan, friend of theCUBE, great to see you again. Always happy to be here, if wherever you guys are, I'm going to show up. Not to be in Silicon Valley for a change. Right, real world, gotta tell it to John Furrier, that things happen outside of Palo Alto. So the timing of this interview is perfect, because we just had Steven Hadley on, who's sort of a public policy expert, we're talking about basically how industry should really lead with this whole new era of cyber, and he was talking about that if we let government do it, they're probably going to mess it up. So it's guys like yourselves and others in our industry that really have to lead. But before we do that, give us the update on Illumio, you just guys did another big raise, you guys are smoking hot, growing like crazy, what's the update? So I mean, so since we spoke to you guys last, that yeah, we did have a little funding round, it was led by JP Morgan Chase, you might have heard of them, they have credit cards and branches and things like that. Actually they're also a customer of Illumio's, which is a really big deal, they are advanced. So we're growing very rapidly, a lot of geographic expansion, a lot of technology expansion, and I think actually in today and this morning, Sunil and the technology roadmap talked about microsegmentation, the ability to create really smaller and smaller or watertight compartments around your data, down even to the workload or the process level is just going to be a way that people are going to have to be able to do their computing. And so as you look at the journey now from data center or enterprise cloud into public cloud, this approach to security that we're building is a key component allowing people to take advantage of cloud architectures. So that's also really led to our growth. So I mean, I think it's fair to say, you guys are really the pioneer of this concept of microsegmentation. Others have sort of hopped on board. Well, I got to give VMware credit, they actually did bring it up first. They were first, to commercialize it. Yeah, they commercialized it in their environment. I would say Illumio is the first company through software to commercialize it in all environments. In a cloud, in a box, with a fox, in a house, with a mouse, bare metal, virtual machines, containers, Amazon, Azure, Oracle, across all of those environments simultaneously. And I think we were talking earlier this morning about the idea of multi-cloud, right? So you're going to pick your cloud based on where the workload and the application should live so your security has to move with that. And that's really what we've focused on. Right, okay, so VMware's there, you know Cisco's in there as well. Sort of duking it out. Well, so where do you, how do you feel about your competitive position? Let me talk about that a little bit. Well, we feel good that our competitors have finally kind of woken up and started to amplify our message about this. You know, at the end of the day, you have to make a decision whether your goal of building security is to drive the sale of your infrastructure or is to make, you know, your customers' environments more secure wherever they run. So in their own environments, they're adding, they're clearly adding value. But at the end of the day, they're dependent on maintaining server licenses or upgrading your switches. That's not a really good motivation for how to make your security decision. You should make your security decision based on what you're trying to do, not what infrastructure you're in. Okay, so now what about the traditional security guys? Are they catching up? Are they hopping on board? Do they just think this is a niche that's not worth it? Or they just missed the boat? Well, you know, with the, I am being respectful and aggressive at the same time. I think most of the firewall vendors have been primarily focused on the perimeter. And then they've looked at APT technologies, things like FireEye have done, and they've made a lot of their investments there. So they have not been as focused. Now to also be fair, in the heart of the data center, in the public cloud, you don't see firewall technology, right? So people said I have this hard, crunchy exterior, I protect the perimeter of my environment, and I assume once I protect the perimeter, the inside is safe. So their traditional model didn't lend itself to that kind of introspection and focus on the interior. What's happened in the last couple of years though, and you had Hadley on, is that the focus of cyber has shifted to the interior, right? So Target, Sony, OPM, all the big breaches started with basically vulnerabilities on the inside that have then kind of spread and then exfiltrated outside of the organization. So we started focusing on the inside out, not the outside in. I mean, I think ultimately the large security vendors and parameters, they're partners of ours because you're going to wind up working both sides of the equation. I mean, it's just even an air gap doesn't protect you. You don't want an air gap. Actually, you know, we have a partnership with F5. We actually talked about it with theCUBE a couple of years ago, because you think about the concept of something like a load balancer, it sits between tiers of applications. You don't want that to be a black box. So basically the world is moving into the zero trust models of trust nothing. And you know, it's like, it's kind of like running it like in a mod. It's like the Sopranos. You got to make sure everybody does the collections and everybody's got to check in every day. Everything's got to be part of the security fabric. Alan, so bringing it back to the Nutanix discussion, we had to kneel on earlier. In the keynote this morning, I saw broad ecosystem, love our partners saw Illumio, huge logo, isn't it great? They got it, man. They finally figured it out. Unleashed the crack in up there. And I asked Neil, how do you balance the, we're going to have a broad ecosystem, but seems a lot of the energies be putting into AHV. And one of the examples he brought up is like, oh, well, if you use AHV, you get micro segmentation for free included in there. What are you seeing? How does Nutanix fit into micro segmentation? Yeah, look, I mean, I saw the slides too, right? So if you remember how he defined it, if I have 10 workloads and I want to segment them off, I will put it in what I call micro segmentation. And that to me is like a network, virtual network segment, but he said you don't have to use an STN overlay. And that is not any different than what a security group does in Amazon or Azure. And I assume Google has its own version of that. When you go into that a couple of levels deeper, that's where Illumio lives. So we live inside public cloud security groups today and across them and to non-environment. So you got to remember, a lot of people are going to have Nutanix workloads, but then they're going to have workloads sitting in Azure and they're not going to have anything to do with each other for a while from a software point of view. So Illumio is really that bridge. So I mean, I think it's actually a fairly synergistic kind of relationship to do that. So actually for me, that recognition and that communication of micro segmentation into their base is really good. So I mean, you're always going to have a little bit of overlap. I mean, they're smart. They really build great software. So it sounds like you're saying the definitions of micro segmentation are a little bit complimentary and you're also going to help with that heterogeneous mess that everybody has and give them consistent security. Right. We don't find micro segmentation that way. I might want to say, I want a micro segment off one workload where I want to segment processes or I'm going to have a Kubernetes application running someplace and then I'm going to have the core database someplace. How do I move across that? So it's granularity and flexibility of the use case that you provide. Yeah, we have this thing we call the wheel of cheese from the segmentation. So there's like rough segmentation and there's micro and then there's nano. So over time, people are going to basically close the gates tighter and tighter. So, because the challenge in cyber is lateral spread. Like you guys, you do, you know, you have these fast high speed networks. So if I compromise one server, one workload, today it flies through the environment. So you actually have to keep closing those doors from a security point of view. So I mean, I think it was a great first move for them. And I mean, we like it. It works really well. We work with other vendors, cloud vendors today that do some form of segmentation. So I know we're super tight on time. Everybody wants to talk security and just schedule us back. John Furrier is watching. No surprise. All right, hey John. So when he has to give up the mic, there's always crowd chat. So he's got a question in crowd chat for you. Ask Allen about the economics of the cyber security business models with all this stuff going on with cyber war and ransomware. So, you know, here's some stats. You guys are great animals. You focus on this. So cyber security is about a hundred billion dollar business, somewhere between 80 and a hundred, depending on who's counting on that. Think about that in the scheme of overall IT. How much is IT? Three trillion dollars, right? So a hundred billion dollars is a fairly small segment. Now I would be disingenuous as a vendor, but I'll go for it. I would say people are highly under-invested in security relative as soon as he's laughing his head off, right? Well, you know, you have, I mean, you have, you have families, you have health insurance. Allen, it's not a big enough pie for you, come on. No, it's not. I think the pie should be like five times bigger. I mean- You don't want to make that comparison with health insurance. You have health insurance. You have life insurance. You have insurance on your car. You have insurance on your home. You guys are high net worth individuals. You probably have policies so you don't get sued. You probably spend 10% of your total income on forms of insurance. Things that protect you and your family. So you're saying it should be triple the spend. Why are you only spending 12, 3% of your IT given the criticality of the data that's sitting in those environments. Okay, so we know we only pay for insurance when we need it. In marketing, the joke's always, I waste half of my money. I just don't know which half. How much are we wasting in security versus- I mean, I think if you're buying infrastructure-based models, you're spending, you're building, you're wasting a lot. Elumio is a consumption-based model based on how much you use. So I mean, we look more like, it's a per operating system instance that you pay a yearly license for. So I think we're closer to the Amazon consumption model for security and we've led with that four years ago when we started the company. So I think if security became more like you pay as you go and less pay for just having it, just as we talked about the different models for infrastructure, where I own it, where I rent it, and where I pay as I go, I think you will get better spent. I mean, we effectively sell security the way Uber sells or Lyft sells car. When you need to pay for it, use it, you pay for it. And so there's probably a whole lot of efficiency that could be there, but I'd argue it's underinvestment. Well, the other dimension of that is inside out versus outside in. I mean, building more moats. We know still more money is spent on data. Well, here's the stats. So the vast bulk of data center security, so the perimeter firewall market is about a $10 billion market. Only about Cisco just had their announcement this week about their cloud index. 17% of the traffic, net traffic goes in and out of the data center and about 80% of it's inside and a little bit of it goes to the colo, right? So you are putting all your investment on 17% of your traffic. That's like buying all those cable channels. You watch the cooking channel, you're paying for it. You're watching rugged outdoor fishermen channel. You're paying for it. So I think you're going to have to, just like you're making your infrastructure investments or moving to paying for what you use, your security investments have to go the same way. So why would you put all your money only guarding 17% of your network traffic? Okay, we're out of time, but so last question. What are you guys going to do? What are you doing with this big bag of money that you just got? Where are you directing it? What's the strategy? Well, I think we're probably going to have to hire the cube to come to like a Lumio world. Fantastic, let's do that. Yeah, we're totally going to do that, but... Really, what's the show? Lumio world is, you guys? Well, there's going to be an Lumio world. When we launch it, you guys are going to be there. Fantastic, we'd love to be there. So there's no doubt, you heard that you have it writing, right? You have it on video, like testimony. Even better. I can't even say I didn't tweet it if you'll have a record on it. We can shame you into it. Totally shame me into it. I think you're going to see a lot of geographic expansion of the company. We're about to expand down under and other places. We've been mostly North American and parts of Europe, and a lot of investment going into the channel, strategic partnerships, and I mean, a lot like Nutanix. I mean, our company's half R&D. We're going to invest just as heavily a year from now. We'll still be half R&D even with growth because we have a lot of platform to build, and we're building a platform that's going to be around for decades. So there's still a lot of engineering to do too. Alan, we love having you on. You're plugged in. Great Silicon Valley friend. Really appreciate you coming back. Thank you, appreciate you having me today. You're welcome, all right. Keep it right there, everybody. We're back with our next guest after this short break. This is theCUBE, we're live from NextConf. Be right back.