 Welcome back to theCUBE's coverage of VMworld 2021, the virtual edition. Tom Gillis is back on theCUBE. He's an SVP at VMware in the GM of Network and Advanced Security at the company. Tom, always a pleasure to see you. Thanks for coming on. Hey, thanks for having me. It's always a pleasure to be back here on theCUBE. I really enjoy it. We've known each other for, I don't want to count how many years, but more than a few. And it's always an interesting conversation. Yeah, we've had a lot of face-to-face interactions a couple of years in a row now, where virtual, we'll be back together at some point. I'm confident. Yeah, I'm actually on the road with customers. So it's starting to happen. Yeah, us too. We did public sector summit in DC this week. I'm heading out to Vegas next week for a show. So it is starting to happen. So just a matter of time. Hey, wanna start with your scope of responsibilities, network and advanced security. You're kind of putting those two areas together. Very important. It makes sense synergistically, but how are you guys thinking about that? Maybe you could add some color. Yeah, sure thing. So network and advanced security means all things security at VMware. So it's carbon black with our endpoint product. It's NSX in the data center. It's our tons of service mesh for cloud native applications. It's all the security stuff that goes into our anywhere workspace. And I think you probably get the message here, Dave, that at VMware, there's three big waves that we're trying to ride. Multi-cloud computing platform, which is our hallmark is what we're known for, running that across every cloud. It's the cloud native applications, building tools for new modern apps. And then really kind of the future of both networking and compute is being defined by this anywhere workspace. And our mission is to put security and connectivity into all of that, that makes it work and makes it work well at scale. And so it made sense to put all that under one roof on the guy and that's what we're doing. Yeah, you talk about that anywhere workspace, which was always kind of a great vision. And then it was somewhat aspirational, but then it became not only a reality, but a mandate over the past 15, 18 months. And that has that ripples through to implications on networking, even getting flatter and the security implications. So all those things are coming together. There really are. I think we can't underestimate the profound impact that COVID and the kind of work from home has had on our lives, on society. Like we're still churning through what those implications are. But in networking, it's cause for a fundamental rethink. And for 20 years, I've been doing networking. And for 20 years, we had this notion of a demarcation point and networks defined as something that there was a DMZ, right? And on one side of that DMZ was a dirty, untrusted internet. Ooh, it's scary. The other side is the clean, blissful corporate network where only butterflies and unicorns exist. And wherever you were in the world, your traffic would be backhauled through that DMZ so that it could be scrubbed. And if you ever used tools like we're using now, Zoom, you realize that that experience of backhauling traffic through a traditional VPN is pretty suboptimal. And so across the industry, enterprises are saying, you know what, this got to be a different way, right? Instead of moving my traffic to the security services, what if I turn that upside down? That's what we're doing at VMware, which we're taking those security services that live in the DMZ, we're doing what VMware does well, which is define them as software and then running them in hundreds of points of presence around the world, hundreds. And so we effectively move the security close to the users, wherever the users are, instead of the other way around. And that's the way we think we'll be building networks in a post-pandemic world. Yeah, and that talks to the trend of this hyper-decentralized system that's basically everywhere. Now, you know, even out to the edge. And so you now have this, you know, zero trust used to be a buzzword. And again, it's become this mandate. You guys actually did some, I think it was you who did some really interesting research post the SolarWinds hack on, and kind of talking about things like island hopping and explaining how malware was getting in, self-forming and some of the insidious ways in which the adversaries, and that is a function of a lot of things. The adversaries are obviously highly capable. They're motivated because it's lucrative and they keep upping the game on the good guys, if you will. Yeah, it's nuts. And so think about the impact that ransomware has had, you know? And also to your point about the NAO workspace, I'm right now in Boston, I could, you know, tomorrow I'm going to be in Texas and the day after that I'll be in San Francisco. So I'm popping all over the place, you know, we're back meeting customers, going wherever they want us to be. But wherever I am, I'm able to connect and my traffic needs to be protected. Now in Boston, it was a ransomware attack against a ferry. We're not talking about a bank or like a sophisticated, you know, sort of organization, it's a ferry that moves people from Cape Cod to an island, you know, across the water. And it disrupted that ferry for days. So at VMware, we're measuring all the inner workings of what's happening in the data center. And we collect more than eight trillion with a T, eight trillion events per week. And that allows us to be able to identify these anomalies, like ransomware. And so just in the last 90 days, we've stopped more than a million ransomware attacks, 1.1 million ransomware attacks that we stopped within six seconds. And more than a million ransomware attacks in the last 90 days, to give you a sense of the magnitude of this problem. It's everywhere. And you, you, you reference zero trust. Zero trust is a concept. It's a philosophy. It's not a product, you know, buy zero trust. You implement a zero trust model, which says in a de-perimeterized world, in a world where people like Tom are hopscotch on all over the place, and Dave's in Boston, and, you know, I could be at San Francisco, we have to make the assumption that somehow, some way, you know, our machine or a user has been compromised. And so you wrap each little piece of the infrastructure, each little piece of the application, you wrap it a protective armor to assume that, you know, everything around it is hostile. And that's how we stop running somewhere. That's how we can keep your infrastructure safe. And this is something that VMware does very uniquely because of the intrinsic attributes of our platform, our virtualization platform, and our multi-cloud platform. Yeah, you talk about the ferry. Anybody who's ever taken the ferry to Nantucket knows it's a pretty low-tech operation. And when that ferry goes down, if it's one thing it's weather, you can kind of understand that, but people's lives get ruined, their vacations get ruined, they can't get off the island. Commerce comes to a grinding halt. It's extremely, extremely expensive, really. For days. For days. It wasn't like it wasn't a 20-minute outage. You know, it was like, oh, ferry's not running for a couple of days. Like that is a huge, huge, very high-impact bang. And the fact that it was so pedestrian, like they don't have billions of dollars in the bank and, you know, sort of, you know, super secret defense technologies. It's a ferry, you know. Right, right. Come on, ransomware is everywhere. So talk about your software approach to networking and security a little bit more. How that changes the experience for organizations, generally, and developers, specifically. Yeah, so in a multi-cloud world, you can't always count on having physical infrastructure that you can touch. And in fact, do you really want to touch that stuff? And so our idea is that if you think about infrastructure, its job is to support the needs of the application. And so, for example, in Kubernetes, we have the ability for developers to say, look, here's my cool new application. And this piece talks to this piece talks to this piece and nothing else. And so we can implement those types of controls using what we call a service mesh, which allows us to make those connections smooth and seamless across clouds. Some of it could run on Amazon. Some of it could be running in a private cloud infrastructure. Some of it could be running in a traditional VM. And in fact, you know, many complicated applications do just that. So we can facilitate that communication back and forth. And we have the ability to look for stuff that you just never happen. Because when you understand how an application is supposed to work, it allows you to spot, hey, wait a minute, that's not right. That looks like someone trying to manipulate the ferry system rather than somebody trying to board the ferry and get on. And I think, you know, there's a really interesting observation here, which is when you, if you could see the inner workings of an application, like Dave looks for example, let's think about a mortgage payment application. If I had a mortgage payment application and an attacker has stolen a credential and they're going to get in, it's really hard to figure out, friend from file. But once they get into a mortgage payment application, they're not going to pay my mortgage, right? They do crazy anomalous things, like wildly anomalous things. If you can see them, you can stop them. And we have the unique ability to see them because we put the telemetry, the observation into our virtualization platform that runs on every cloud, that runs wherever the user is, right? And pulling all that together into a centralized view. That's something I think VMware can do uniquely. And this is why we're having such success in security. I wonder if you could talk a little bit more about securing containers. You just sort of referenced that, but containers are a moving target. Just a few short years ago, containers were ephemeral. You weren't going to be running, you know, your mission critical or business critical postgres in, you know, in containers, but now that's changed. You're getting state. But so that's a moving target. How are you thinking about handling, you know, those kind of changes? And what about the architecture allows you to be kind of future proof, if you will. Sorry to use that word. Yeah. No, no, no, it's a good question. So you've articulated it right. So if you think about a traditional application, we used to always talk about three tiered web app. There's the web server, there's the app server, and then the database. That's a little more complicated than that, but you could usually go in and you could touch those three tiers. This box is the web tier, this box is the app tier, this big box is the database. And so security controls were built around this idea that you could wrap that relatively easily. We talk about a container-based application and all these microservices. It's not three tiers anymore. It's 300 tiers or maybe 3000 tiers. It's these bitty little things, these little services that turn up and turn down, and they all have APIs. And so our view is that the API is the new endpoint. The API is where the action happens. And not just the API that faces the internet, but all the inner workings, all the internal APIs. And so because we put that application together, because we help the developers create those APIs, we have a unique understanding of how those APIs are used. And we're just introducing the ability to provide visibility around how are these APIs being used? And then we can do anomaly detection. And we are seeing a whole new set of attacks that are using legitimate APIs. They're not APIs that are broken or malformed, but their attackers are finding ways to extract data from an API that maybe they shouldn't have. Do you remember some of the Facebook stuff where they had these attackers were profiling users? And there was no limit to how they could profile users and they were just expecting huge amounts of data. That's an API breach. And these are the kind of problems that we can solve for our customers with these built-in Tanzu service mesh and API security controls. You think about all these trends we're talking about, and I want to ask you about how it's affected go-to-market because kind of in the old days, you had box sellers, they would integrate VMware or whatever. You might have a specialist that was really good at say, for instance, SAP, and they were good partners, so they're kind of value add. Developers have become a new channel for you. And I wonder how you think about that, how they're now influencing the go-to-market. Yeah, that's a clear trend in the industry you're absolutely right on. And we call it moving left, right? So it's getting earlier and earlier in the development process. And so one of the things that we're announcing at the show here is that the Tanzu Community Edition that makes it super easy for developers without putting down a credit card or making a big expensive commitment, they can start using these tools and get productive right away. And so on top of that, we've built security controls that understand the total life cycle. So as a developer is writing code, we're checking that code to make sure, is this compliant? Does this have any known vulnerabilities? Is this gonna break something if you put it out there? And then when you go to hit commit and say, all right, I'm ready to go, we've already done the homework to make sure the code is clean. We'll put it in the right place. So placing it into production in a way that it's wrapped with the security that it needs, that the guardrails are in place. And now we have this X-ray vision, this ability to look at the inner workings and understand the APIs, what's happening inside the application and identify anomalies. And lastly, once this thing is up and running, we actually have the ability to measure, we call it posture, and make sure that it doesn't drift from its intended configuration. All of this is done across every cloud. So this is how we think we have a kind of new and very holistic approach to securing cloud native applications. Tom, I want to ask you about telco transformation. I mean, NFV kind of just barely scratched the surface in my view. Now we're seeing with the Edge and 5G and the cloud, there's some O-RAN, some really interesting opportunities going on in telco. Say what you want about telcos. Yeah, the connectivity and okay, fine. But one thing you say about the telco networks is they work, you know, and they actually did a great job during the pandemic. They had to pivot to landlines. And so when it comes to reliability and rock solidness, those guys kind of get it, but they've got to be more flexible. So you see those two worlds colliding. What's going on in telco and where does VMware play? Yeah, sure thing. A huge amount of emphasis on telco. We've won some very large telco deals. 5G is not just a faster version of 4G. 5G is a new take on what an Edge network can do. It has the ability to run extremely high performance network connections and the ability to control the performance. So this is an idea of what we call network slicing. So you can guarantee a certain amount of latency or a certain amount of bandwidth. So combine that with this explosion of IoT devices. We're going to have, you know, sort of infinite number of devices. Every device you can imagine has a computer in it. And it's spitting off giant amounts of data. We keep coming up with new and interesting ways to analyze that data, to do things like, you know, control a self-driving car, to do things like create a customized retail experience, to do things like help guide research for an oil company on the oil platform. Okay, these are all examples of Edge computing. Now, the infrastructure that you need to protect those workloads is what we're defining in software and putting it everywhere. Not just in the traditional data center, where you might be in 10, 20 locations. We're talking about hundreds going into thousands of locations. And this is what the industry is calling SASE, or Secure Access Services Edge. So where's your firewall, your web proxy, the controls that you need to protect those apps, where do they live? They're going to live in the telco infrastructure. And that stuff all runs on x86 servers. So if you're putting the data center services into this distributed architecture, and you've got tons and tons of data that's being produced locally, why wouldn't you want to move the compute there? And we think you can and will. And this is why VMware with our telco partners is uniquely suited to build the groundwork for this edge computing infrastructure. And I think edge computing is going to be the next big wave. So we went from private clouds to public clouds. And a public cloud was built on, the scale out fault tolerant model. As we move to edge computing, edge computing is going to be around applications that need huge amounts of data with very low latency and they're highly distributed. So they're going to run not in 10 or 20 locations, but in a thousand or more. And we can do all of this with our tons of Kubernetes, with our virtual networking infrastructure and our anywhere workspace and the secure access services edge, the pops that we're building. And I think VMware is probably one of the few, if any companies that have all of these pieces that we can put together to make the edge actually work. Yeah, exciting times and all that data, AI inferencing at the edge, new processor models, and you guys are thinking about all of that stuff. Tom, we got to leave it there. Thanks so much for coming back in theCUBE. Great conversation. Always a pleasure. Thanks very much, Dave. Take care. All right, you too. And keep it right there, everybody. This is Dave Vellante for theCUBE's coverage of VMworld 2021, the virtual edition. We'll be right back.