 Live from San Diego, California, it's theCUBE. Covering Cisco Live US 2019. Brought to you by Cisco and its ecosystem partners. Welcome back, here in the San Diego Convention Center, I'm Stu Miniman, my co-host Dave Vellante, and you're watching theCUBE, the leader in worldwide tech coverage and at Cisco Live 2019. Happy to welcome back to the program one of our CUBE alums, Russ Currie, who is the Vice President of Enterprise Strategy at NetScout. Russ, great to see you. Thanks for joining us. Great to see you guys too, Russ. Thanks for having me. All right, we always say, we got a bunch of Massachusetts guys that had to fly all the way across the country to talk to each other. Really, what the heck, huh? So, a couple hours for the bee's tip-off. Everybody's excited, but a lot of excitement here in the DevNet zone specifically, and Cisco Live, overall, 28,000 in attendance. You've been doing a lot of customer meetings. Give us a little insight, what's been your takeaway from the show so far? Yeah, I think there's a real lot of energy towards the multi-cloud, cloud deployments in general, security, the whole introduction of umbrella has got a lot of conversation started. It's amazing the amount of companies that you see out there talking about just visibility in general, and us being one of them as well. So, it's been a lot of fun. Good show this year. Yeah, Russ, I've been looking for this conversation. We heard from Chuck Robbins in the keynote. He said, the network sees a lot of things, and Cisco says they're going to give customers that visibility. Of course, that ties in a lot to what NetScout did. Give us your thoughts on multi-cloud. How's Cisco doing in the space, and how does NetScout fit into that whole picture? Well, I think one of the things as Chuck talks about that, it's the cloud is the one thing, or the network is the one thing that's common for all the devices, right? I have, if I go into a different cloud, I have one set of performance metrics I might be able to gather. If I look at it with a device or an operating system, it's all different. But all the communications on the network, TCPIP is common, and it really provides that thread that you're able to provide that level of visibility. So it really becomes one of those things that the network is a unique place to gain perspective on both the performance and the security that we're delivering to our customers. So can you just summarize the problem that NetScout solves for our audience? Sure. I think that primarily it's one of these situations where I've been my on-prem environments, it was pretty easy, I had access to everything, I could see what was going on quite readily. I started to introduce visualization and now traffic started to move much more east-west and became a problem for folks. I think Cisco recently said 85% of the traffic they're seeing on the network is east-west traffic, right? And then we moved to the cloud and it's even more obfuscated. I can't see anything in new ways of network traffic there, typically. Though the cloud vendors are starting to address that. But really being able to gain that level of visibility so you can understand exactly what's happening, just gaining that perspective. So let's explain that. I'm going to stay with the east-west north sub-metaphore. Why is it easier to get visibility in a column than it is a row? I think because in a column, everything's floating north and south. So you've got everything right there and usually you have a place where you can look into it. But when you're flat, it starts to become really different. You're looking at devices talking to another devices that don't necessarily have to traverse any part of the network. It can stay within a hypervisor, for example. So providing solutions that allow you to gain visibility into that environment is really important. And the protocols that we use there change a bit. So traditional tools don't necessarily fit well. So what's the general solution to solving that problem? And then I want to understand the NetScout secret sauce. Let's start sort of high level. How does the industry solve that problem? So the industry has been trying to solve that problem mostly by looking at the goodwill of third parties, looking at things like NetFlow or log events and aggregating that and normalizing it. You've had solution sets that looked at network traffic, but it becomes very difficult for a lot of folks to make use of that network traffic. And what we've done is really provided the ability to look into that network traffic and gather it from really anywhere that's deployed, whether it's public cloud, private cloud, our solution set, that's our secret sauce, our solution set can go anywhere. So add some color to that in terms of you're able to inspect deeper through what? Just magic software or you got a probe that you send in? So well actually we have a device, it's called ISNG, and in the virtual world we use something that we call B-Stream. In the physical world we have something that we call Infinistream NG. And that leverages the technology that we've developed called ASI, which is adaptive service intelligence. And what it allows us to do is watch all that traffic and build metadata in real time so we can surface key indicators of performance and security events, get that information up into a collection mechanism that doesn't have to normalize that data, it just looks at it as is. We build it into a service context, services context that allows users to see across that multi-cloud environment in a single pane of glass. Okay, so Russ, one of the biggest challenges for customers is that they're changing these environments, it's what happens to their applications. Applications used to be rather self-contained, even with the VM they might've moved some, but now we're talking about microservices architecture, multi-cloud environments, there's a lot going on there. What's the impact on that for your world? Right, that's been exactly it, right? A three-tier application was kind of pretty straightforward even though at the point we started introducing them we thought that was really tough stuff. Now what we're doing, as you say, is doing microservices architectures and I might take my presentation layer and put out in the cloud, in the public cloud in particular so I'm closer to the end user and delivering better high performance capabilities to them, lower latency and the like and then I take my application server and then I split that up all over the place and I might put some in public cloud, I might put some in private cloud and maintain some of it in the legacy. So all that interconnection, all that interdependency is really, really hard to get your hands around and that complexity, we looked at an ESG study that said 94% of the 600 respondents said that the networks are as complex or more complex than they have been two years ago. Yeah, that's not surprising unfortunately to hear that but when we talk to customers out there it used to be the network is something you set it up, you turned all your knobs and then said don't breathe on this thing because I've got it just where I want. Today it can't be like that. We know that it's very dynamic, it has to change. The message from Cisco has been we need to simplify things and obviously everybody wants that but how do you make sure you ensure that application performance and security without having the poor admins have to constantly be getting tickets and dealing with things? I think our solution really provides that common framework for visibility and that's really what I think is really important. When you're starting to infer based upon different data sets it becomes very difficult to put your finger on a problem and identify that's really a problem and IT is trying to blend the organization looks at this concept of the versatile list and trying to make sure that people are more capable in addressing problems in kind of a multi-dimensional role that they have now in particular network and security the organizations that are trying to come together they rely on different data sets and that's where it kind of falls apart. If you have a common data set you're going to have a better perspective. Okay, okay. I was just, from that application standpoint how much of this is just giving notifications and visibility into it versus is it giving recommendations or even taking actions along those lines? Yeah, I think it has to give you recommendations and it has to give you pinpoints. You really, you've got to be able to say here's the problem this is what you need to do to fix it, right? I think what often when I'm talking to folks I say it's about getting the right information to the right person at the right time to do the right thing and if you're able to do that you're going to be much more effective. Yeah, so okay. So you've got this early warning system essentially or hopefully not a tulip but that's what IT practitioners want. Tell me something, tell me, give me a gap and tell me the action to take before something goes wrong, ideally. And so you can do that you can give them visibility on it kind of pinpoint it and do you see the day Russ where you can use machine intelligence to as Stu was suggesting start to maybe suggest remedial action or even take remedial action. Oh, absolutely. I mean, there are some things that you can really do and do quite well. Blocking for security events for example is a primary one. We've always had the IDS in place and in the early days a lot of folks who were cautious because they didn't want to have a negative impact on the business. But when we take a look at exfiltration and blocking outbound connections if you know the bad actors and you know the bad addresses you can stop that before it gets out of your network. So people aren't going to have that exfiltration of your information. All right, so Russ you've been meeting with a bunch of customers here at the show. What's top of mind for them? And have some of the conversations I've been having this week? You know, security has been climbing that list for many years now but in your world what are some of the top issues? Yeah, like security definitely there's no question. I think it's one of those environments where you can almost never have enough and they're always hungry for more and more and better and more accurate solutions. I think I saw something recently that was the top 125 security solutions. It's like top 125, really? You know, so. Boil it down. 125. Exactly. And I think IDC's taxonomy has 73 subcategories to the security. So security is, you know, more than a $500 word. You know, it might be a $5,000 word. It's crazy. And same with cloud, right? Because it's not like, in fact, I was talking to someone recently and it's where the cloud village go. It's not a cloud village anymore. This is everything we're doing is the cloud. So it's a change in mindset. So it's interesting. Yeah, it's a cloud universe. So what's next for NetScout? You know, give us a little roadmap. What can observers expect coming from you guys? More significant push into security in particular. One of the things we see is that our data set really has the ability to be leveraged for both security and performance workflows. We're integrating the products that we bought with the Arbor acquisition. We bought Arbor networks and they have a highly curated threat intelligence feed that we're going to bring in and add to our infinite screens and have the ability to detect problems deep inside the network. You know, it's one of these things. The bad actors kind of live off the land. They get in there and they move their way around slowly and methodically and dribble information out. Well, the only way to catch that is by continually monitoring the network. So having that perspective, so continuing to grow that out and provide, again, more of that AIML approach to understanding and be more predictive when we see things and be able to surface that type of information. Yes, the security, already used to be hacktivists and now it's become high crime, even nation states. And the job of a security technology company is to raise the cost, lower the value right to the hacker, to the infiltrator so that they go somewhere else. Make it really expensive for them to either get through, but maybe what they do get through, make it really hard for them to take stuff out. And that's really what you're doing. It was like you made sure to lock the front door not because it stopped them, but maybe I'll go somewhere else, but it's a little bit harder. Not going to differ, you want to prevent them. And you want to minimize your risk, right? So if you're able to minimize your risk, both from performance and security problems, it's really all about understanding what you've got, what your assets are, protecting them. And then when someone's trying to look at them, stopping it from happening. Okay, last question I have for you, Ross, is being in this Cisco ecosystem out there, we're watching Cisco go through its transformation, become more and more software company. Now four years into the Chuck Robbins era, so how's that going, and what's it mean to partner with Cisco today? It's going really well, and I think that we adopted a lot of what, or adopted a lot of what Cisco has done as well, and really transformed Netsco from what was primarily a hardware-first company into a software-first company. I was in a conference once and we were talking about software eating the world, right? But ultimately it's hardware that's doing the chewing, right? So I think it's one of those balancing acts. It's Cisco still is selling a ton of hardware, but it's a software solution sense that they deploy on their hardware that makes it happen. And it's similar for us, we're building out software solutions that really address the issues that people have building out these complex environments. All right, Russ Curie, congratulations on all the progress there and look forward to keeping up with how Netscape's moving forward in this multi-cloud world. Thank you. All right, we'll be back with lots more coverage here from Cisco Live, San Diego, for Dave Vellante. I'm Stu Miniman, Lisa Martin's also here. Thanks as always for watching theCUBE.