 Live from Santa Clara, in the heart of Silicon Valley, it's theCUBE, covering Juniper Nextwork 2016. Brought to you by Juniper. Now, here are your hosts, John Furrier and Stu Miniman. Hey, welcome back everyone. We are here live in Silicon Valley for Juniper Network's annual customer event, NextWorks 2016. It's theCUBE, I'm John Furrier. Stu Miniman, our next guest, Jonathan Davis and executive vice president and general manager of Juniper Development and innovation, welcome back to theCUBE. Good to see you. It's absolutely great to be back. We have one of the stars on the stage here and you had the sexy presentation about electronic cars and all the features because the innovation is pointing towards a new future. That's reality, we're seeing it every day. I mean, Google's got a new phone, they announced big today. This is the new world, the consumer and more digital. Absolutely. What is this digital cohesion? Share the vision. Well, digital cohesion, it's really about how all of the various disparate elements that we see today are going to come together and enable us to have new experiences that we can't think of today. And I had shared the kind of funny story where when I was growing up, I got the opportunity to help build a Heathcut computer which I thought was life altering at the time and you get to play word games like you're in a cave. Okay, look down, there's nothing down, is there a hole? There's no hole, there's word games. And now my kids get augmented reality and my three-year-old puts on those augmented reality goggles and she just starts walking around looking up and down and getting an experience where she's learning about dinosaurs and she's learning about what's happening in Africa. And it's an immersive experience. That to me is truly exciting. That to me is what, and it's so natural to them. It's new, but it's natural to us. It's a whole digital culture, this non-linear kind of education to self-driving cars. I mean, it's a software-driven world, but again, back to the applications from rich media and VR to just basic mobile apps. So that's the future. So now you guys also announced more kind of, back to reality, to the customers you have is the security problems, the networks that they have and they're enabling all this future innovation. They want to make sure it's secure, operationally solid, enabling some goodness on the software side, but ultimately security is a big deal. Security is the deal. That is the biggest impediment to move into the cloud, whether that be private or public. You know, when I go talk to customers and they talk about, I have unlimited budget, but when I go and I add a new appliance or a new device, I don't really feel more secure because they realize what they're doing is just increasing the load of incoming logs and messages into their security operation center. So how are we supposed to help them fundamentally just look at the problem statement differently? Not only do they feel less secure, although they might look like they're doing something they're actually hurting themselves, but also how do I correlate all these things together and make sure that my high availability of the actual able to get my users out connected to their applications is important as well. And so what we wanted to do is kind of rethink that and make sure that you had an open way of not just ripping these things out of your infrastructure because that's probably not going to make you better either, but the ability to tie them together so you can have an open policy for detection, as well as a new way of looking at enforcement, moving away from, I'll just call it the legacy world of standalone firewalls. And so there's another dynamic that we've been kind of teasing out of this interviews today and other events is there's a new notion of sharing. It's very interesting. It's almost like the data governance world like don't share compliance reasons, all kinds of regulations, and you get a slap on the wrist and it's fine. But now the consequences of security are so grave. I mean, you can go out of business. So the consequences between some sort of compliance requirement and actual near death experience for a business to go out of business is creating security teams to talk to each other and share data. Yeah. This is a big trend that we see emerging. What's your thoughts on that? Is it real? Is it an organic phenomenon? Is it you guys seeing it being operationalized and how does that fit into your detection in the world? Yeah, so you've got indicators of compromise and what you want to make sure that you're able to do is share those IOCs with other vendors. You want to make sure that at the enterprise location they have the ability to get the latest indicators of compromise so they can make the right business decision whether that's funneling that in through Sky ETP or putting that into their own SIM. Large enterprises actually go and get their own network, their own security feeds that they want to then go and massage and apply. What we were talking about earlier, step one in the kill chain is you want to block the malware from getting onto the device. If you actually make it past that point you want to make sure that you're blocking any command and control traffic from going out and having the host go and beacon out you want to stop that from happening. And with what we're able to do with software defined secure networks is we can do both. We can stop the malware from getting onto your device and you can actually stop the beaconing from getting out but if you've moved beyond that if you're now kind of in the stage three or stage four of the kill chain this is where we start to work with partners so they can do behavior analytics, understand what's happening. The malware has attached to a host, it's hiding, waiting to attack kind of thing. It's hiding, it's actually going through and trying to move east-west throughout their infrastructure and you need behavior analytics to actually go and detect that. This is where we go and we partner with companies to make sure that we understand what's happening. And then we can go and still enforce policy not just at the firewall but actually deep into the network. So there is a social sharing going on. You're seeing the sharing as a practice. Right, so from a business perspective I would say vendor to vendor and private sector to private sector. Is it a don't ask, don't tell policy or is there actually formal sharing agreements going on? Because it's certainly, we're seeing it. We're definitely seeing it. I would say that we are in the mode of private clubs right now and so the goal would be to get to a point where it's significantly more open. And there's certainly lots of conversations about the best way to go and do that. And just like if you think about all these different private clubs, you know, private clubs are by nature exclusionary. And so you want to get to a point where you don't have to be, there's no reason to be exclusionary in this. This is about the greater good and stopping bad actors from actually causing some pretty significant damage in our infrastructure. Some vetting is required, but I can see that, yeah. Jonathan, the keynotes this morning there was discussion of some of those barriers and historically security's been one of those big ones. It says, you know, oh, innovation sounds great, but you know, cloud, oh, do I trust it? You know, IOT, oh gosh, I hear it's completely insecure. You know, how do we make sure that security is, you know, not only not a barrier but actually something that we can help us to drive forward for innovation. Well, I think it's one of those areas where, in being a company that is focused on secure networks, you can't have a network without it being secure. And one of my customers told me a story that has stuck with me, and he says, Jonathan, how come I have to give you two piles of money? You know, and I don't understand because I give you a big pile of money to enable everything to talk to everything. And then I have to give you another pile of money so nothing can talk to anything. And it's just confusing to me. Why can't we solve this problem holistically and look at it as a universal problem? Let's make sure that when we're providing connectivity, we're doing it for those folks that are trusted. And for the folks that aren't trusted or they've become untrusted, let's make sure that we're automatically enforcing policy. And it's a really simple story, but it's so true and it makes you think of, have we been thinking about the problem in the wrong way this entire time? And how do we make sure that we're actually going out and solving the customer's problem and not just trying to sell more product? So instead of blacklisting someone, you basically block everybody until they're vetted to come through, that seems to be a new approach. Is this something that is resonating? I mean, I wouldn't be able to block in everybody. It's not a good, I wait for a network connectivity person to keep their job. But you certainly want to make sure you understand the state of the network. You make sure that people are trusted. And if there is malware that you automate the response to it. And that's when you start thinking about IoT. There's six plus billion people on the planet. And when you think about the connectivity of the people, that's a pretty daunting problem. But when you think about IoT, and now you're looking at exponential numbers and the billions. And hopefully humans can make good decisions. We don't always do. Sometimes people click on things they're not supposed to click on. Machines inherently are maybe perhaps not even as intelligent as that. So you need to make sure that you're able to. And the volume and velocity is off the charts too. Off the charts. And so you need to make sure that you consider devices that are going to have a battery that's replaced every five years. Do things that have a full IP stack. They're going to sit in the back of a police car. So there's not one size fits all to the IoT domain either. But what you do know is that it requires great management and automation when you respond to the types of threats that are out there. And there's different kinds of IoT. You've got, you know, industrial. You've got office. You've got people. I mean all kinds of different categories. Now developing. You need dynamic policy based stuff which is kind of in your wheelhouse. I mean, but where's the innovation? I mean, stepping back and looking down at the industry right now. Obviously security's there. Where's your innovation strategy main focus right now? In terms of an inside universe. You look at the whole world from packets on the network moving around. Now we're hiding around in there. All that secure stuff too. Enabling this new immersive experience that you just want. What's your innovation strategy? We really look at things in order of the different domains in which we play. Because you can't just say it's all about plastics. Right? It doesn't really work. You know, we need to be able to go out and say, look in the data center, we see some fundamental transformations of moving to private cloud and public cloud and the transformation that had happened there from a security perspective and just the scale perspective when you look at some of the larger cloud providers. And then moving over to a software defined world. This is where we really have been working with our own contrail and open contrail based solution. If you look at what's happening out at the branch, I think there's a thing about enterprise connectivity in general. This has been an era where a single company has had greater than 80% market share for 20 years. And so the status quo has remained in place for a very long time. When you look at what customers want, customers want the ability to more dynamically deploy services and take all this technology that they have in the data center. Why can't I apply that to my branch connectivity? Why do I have to have only one application on the appliance that's sitting out there? Why can't I choose to have riverbed wind optimization today? And if I decided in a year, I want to go and deploy silverpleak wind optimization, that I can do that in 10 minutes instead of having to go and deploy. So that's those are the areas. And the core, again, SDN technologies with North Star. And then we're also looking at the merging of packet plus optical because we know that there's a fundamental amount of optimization that's going to be capable when these things stop being ships in the night. When they start actually being aware of each other, we know that significant innovation is possible. Tomathon, I wonder if you can connect the dots for us from last year. We spent a lot of time talking with you and everybody else about kind of disaggregation. And obviously software message kind of keeps through but I didn't hear kind of proof points or anything to kind of follow up from last year. So I was wondering if you could bring us up to date. We're absolutely still continuing down the disaggregation path. When we looked at what we talked about last year with our cloud CPE solution, which is about disaggregating applications, you can call them VNFs now onto that NFX250 platform. What we've seen is that two of the top four global managed service providers have selected Juniper to be their solution in that space. And the next third of the fourth biggest managed service provider actually has us in trials. So we feel like the message and the story and the products that we've been building to innovate and break this 20 year problem that the industry has had, a single vendor dominating is well on its way. So we feel good about that. The customers that we talked to from enterprise perspective are very excited about that but we're continuing at pace. But at these networks shows people want to know what the new stuff is. And we certainly have continued to be in the innovation minds and continue to innovate on other paths as well. Yeah, and wanted to go back. You were talking about kind of the packet and optical and merging those together. Can you unpack that a little bit? What led to that? Optical's been around for quite a while now. Why is Juniper jumping in now? Well, it's two things. One, this has been our strategy for several years. And so we went earlier this year and acquired a company called BTI Systems. And there's a couple of reasons for that. One is we wanted to be able to simply add more horsepower to this transformation. And we knew that going and having a company join Juniper that is a leader, not only in the optical space but in making it simple and easy to go and manage. If you go talk to BTI customers and you ask them, what's one of the primary reasons that you got selected? Are you selected BTI to go do this? The response would be, I didn't want to have to go hire 30 people to build out my own optical infrastructure. And with the management system that BTI had, I was able to do that with just a couple of people. That's a great story. So we want to add simplicity to the optical experience. That's one thing. But if you go back 10 years and you look at the cost of moving a bit from point A to point B, two thirds of the cost was packet and one third of the cost was optical. If you look today at where we are, it is actually flipped. Two thirds of cost of moving a bit from A to B is now optical. And one third of the cost is packet. So we feel like we've done a pretty good job of driving down the cost of economics of moving a bit 10 years ago to where we are today. And we believe that we can help drive that same transformation in the optical space. And we believe that we can do that but actually helping to drive simplicity and interoperability. Because right now, if you were to take one of the top vendors of optical and you'd go pick another top vendor in optical and you try to plug them into each other, most of the time they won't work together. And we think that's just a fallacy. That's just the wrong way to think about the problem. Yeah. Great points there. Speaking of kind of ecosystem, we've been looking at kind of the SDSN that you've laid out here. And by the way, how's Juniper? Did Juniper come up with that term? We did. We did actually one of our marketing people. This was, we had this strategy a couple of years ago. We were building towards that strategy and then about a year ago, one of the marketing folks like, you know what this really is? This is really software defined secure networks. And we all kind of universally said, that's the perfect noun. So can you speak to the ecosystem built around there because you know, it's not something Juniper can do on their own. Absolutely. So I think one great example of it and there are several, one example of that would be accompanied by the name of Etivo. And they have been in the market for about a year and a half, two years now. And where they have looked at the problem is further along in that kill chain where they realized that one of the ways of getting people who are already inside your infrastructure is to simply put out a honeypot. Putting out honeypots can be kind of thought of as legacy technology, but if you're able to go and- Now with virtualization potentially. Right, if you go and look exactly, if you go and look at it from a new lens, how can I make it easy to deploy? How can I make it look like there are significantly new kinds of assets and deploy it in less than an hour? And we have this- Or minutes, I mean, if you can show a fresh set of fake resources to it in malware, that's a beautiful thing. If you do that- You can out brute force the- So we have a very simple bar when people that we want to partner with make claims and we say, look, we're a pretty good size enterprise. Come in, install in our network, and let's see how good it really is. And if it's simple to install, fast to install, and if it actually does something- Yeah, but that's a hard problem. I just want to ask you a specific question on this because I think this is a nuance that's worth highlighting. To do these new kinds of honeypots, AKA show some fake resources and have trap variables for viruses and attackers to hit, active directory, all kinds of research. You need data around the events. So you can't have a small set of data because the bad guys are smart enough to know all the moves. They've seen the moves. They know the honeypot strategies. So it has to look like it's been untampered or fresh data. So you guys have to have a full spectrum of event data. Is that, am I getting that right? And is that the right nuance? So this is where we don't have to be the experts at everything, right? So we know that we've focused on the first two steps of the kill chain. And for other steps of the kill chain, we can go get experts. I mean, literally, if you go- But you have all the network data, potentially, Dave. We do have all the network data. So we have worked hard over the last three years to make sure that you can actually get high-speed data off of our system, starting with the MX, moving to the QFX and into the SRX so that when you want that high-speed telemetry data, you don't have to go pull for it, right? So real-time, you can send those, quote, event data, and just oversimplify it to another part of the kill chain, if you will. To vendors who are focusing on a different part of the kill chain, absolutely. And they use that data in their context. They can use that data, right? So it spends upon every company takes a different view of how they can block the kill chain. Some people want to see all the data. They want to see literally all the packets. They want to go and do massive packet capturing, and they want to go and do deep, deep, deep analysis. Other people want to see logs. What are the session data? Who's talking to whom? And they want to do behavioral analysis based upon that. Everybody's got a different view of it. It's the difference on the technique. And if it's deception, then they have to have some sort of cool data there, or if it's pattern recognition, they need big data analytics. So it's using the data, ultimately, is... Think about it this way. If you go back to 2013, there was about $800 million put into a number of companies start-ups around the security space. Meant venture capital or investment. Exactly. Last year, 3.3 billion. So there continues to be more and more and more investment in these areas. Well, we were reporting on theCUBE a couple weeks ago that we interviewed someone from a consultancy firm. 1.4 million jobs open today for cyber. Yes. That's not including data science. Not surprised. That's just pure cyber, down and dirty cyber. Not even data science. Absolutely. Huge number. Well, if there's a war going on, we want to make sure you've got intelligent soldiers that are able to fight the war. Jonathan, give us your view of what's coming next. As we look to 2017, what's your view on things changing in the industry and maybe give us a little leg as to what we might expect to see from Juniper? Well, I think from a broad industry perspective, you're going to continue to see the hyperscale cloud providers continue to grow at phenomenal rates. That is a juggernaut that I don't see any chance for that to slow down. I think we're also going to see net new entrants into that space or relatively new entrants really starting to get a foothold in that space. Into the hyperscale space? Into the hyperscale space. It's going to be, it's only people with really deep pockets are going to do it. The guys that are spending, you know, $10 billion to build out new data centers, things like that, there's a high wall to entry. There is a huge barrier to entry, but they also realize that there is going to be a few winners globally in this particular space. And if you don't get started now, the likelihood of your ability to catch up a year or two or three from now is going to be near zero. So it's really important that people get in and people with deep pockets who realize that it's critical to the future of their own company being around in 10, 20 or more years. Final question, just NFV, big push. That's a big bet. What about NFV that's happened that people don't understand? Is it the DevOps for networking? Is it a new way? Is it just the people that don't get it are the ones that stuck on their old 20-year path? What's NFV? Why is it important? Why have you guys been in the ranch on this? You know, I see Toco Cloud and network functions virtualization as the future. What I think we've gone through a nice arc where people initially were thinking, oh, it's simply about taking my existing services and virtualizing them. And we went and spent a lot of time explaining that it's not as simple because most of those applications are stateful in nature. And what you really want to think about is how you can have more of a hyperscale-based approach to applications where we're actually able to go in and either keep them stateless, right? Or at least move into a place where state is not distributed throughout the entire application. So people got over that particular hump. We're now moving into the space where people are trying to figure out, well, if I've moved from seven VMs, I've moved from a monolithic box to seven VMs, okay, I can do that. How do I move from seven VMs to 160 microservices all in a scale of fashion to make sure that all of those microservices are doing what they're supposed to be doing at every point? And if they're not, how do I automatically detect that, reset them, or spin up a new one? So we're- No human involvement, complete automation. Humans cannot be involved, right? Humans cannot be involved in this process, otherwise you are automatically going to fail. Great point. I got a question, last final question for you too. What's the coolest thing happening in the Juniper Open Labs? And the Juniper Open Labs, you know, I would have to say the partnership between other industry players, our customers and partners, and universities to set up these hackathons where there are people coming from different countries to, and the problems change, but to see what they're able to come up with over a 48, 72 hour worth of time, it just fills you with energy and great hope for all these new young thinkers that are going to come up with solutions to problems that we've been struggling with for a long time. So that to me is the exciting things that happen Open Lab is really this collaboration between universities, other industry partners and ourselves. The new talent's going to set the tone for the next generation of networks. You can't help but be excited. Jonathan Davis, Executive Vice President, General Manager of Juniper Development and Innovation. It's great to see you again. Thanks for sharing your insight and data on theCUBE here. I'm John Furrier, Stu Miniman, live here at Silicon Valley at Juniper NextWorks User Conference, right back with more live coverage after this short break. I remember when I had such a fantastic...