 Live from the Mandalay Bay Convention Center in Las Vegas. It's theCUBE, covering VMworld 2016. Brought to you by VMware and its ecosystem sponsors. Okay, welcome back everyone. We are live here in Las Vegas, the Mandalay Bay Convention Center, and we're in the hang space at VMworld 2016. This is theCUBE SiliconANGLES flagship program. We go out to the events and extract the signal from the noise. I'm John Furrier. My co-host John Troyer with Tech Recording. Our next guest is Rajiv Ramaswani, EVP and General Manager of Networking and Security at VMware. Welcome back to theCUBE. Good to see you. Thank you, John. Glad to be here. Congratulations on a great keynote. A lot of meat on the bone today. It was really, yesterday was kind of the directional vector that Pat Gelsinger laid out. Today was all steak. Absolutely. Prime rib, that great meat on the bone. Content rich. So NSX is fundamentally a big part of, that's your business. Give us the update on what's going on with NSX. Where is it today? How has it changed? A lot of people see this as strategic to their business. Certainly with security in other areas. It's starting to kind of have its tentacles in not only in VMware, but outside of VMware. Give us the update. What's changed? So as we talked about it at the keynote, right? So today, there's a real product market fit. Customers are solving real problems with NSX. So the first problem they solve is a security issue, right? Protecting traffic inside of the data center. Very fine-grained policing that they just cannot get any other way, okay? That's about 40% of the use cases, deployments. Then, the second thing that we talked about was automation. So you can automate everything with your software-defined data center, right? But if you don't automate the networking piece of it, that holds you back. So you can create VMs very quickly with server virtualization and STDC stack. But then, you know, if you have to go to the physical network and get them to go change firewall rules and load balancing rules, it's going to take you weeks or months to make changes. All of that stuff gets automated with network virtualization. So many large customers have deployed entire or fully automated data centers using network virtualization, right? To automate everything. That's about 40% of the use cases. The rest have to do with application continuity, disaster recovery, running active-active data centers, doing backups, doing DR. So VMware, mostly environment, you guys also have a non-VMware approach. Again, can you just take a minute to talk about which clouds are you going to be supporting? Because this, as Pat Gelsinger said, NSX is going to be a big part of the cross-cloud architecture. That's right. So the vision for NSX is that it's going to be everywhere, right? Where all applications are running and in whatever form applications are running, we will manage and secure and automate, okay? So, today we already have a product that runs on non-VMware hypervisors, running on KVM. That's in the market. You can go buy it today, okay? We will extend that to work on Amazon, right? So it will be our first public- You will have on Amazon web services, you'll support that. That's right. Public cloud instantiation native will be on Amazon web services. We will extend to other public clouds over time as well. So you will be able to get an NSX instance running on AWS, using which you can secure if you're an enterprise customer, you can secure any VMs that you run on in Amazon. Hey, what I love about this story is, right, we started the conversation several years ago talking with NYSERA, talking about what, SDN, software to find out working that. Now, these days, you're using more network virtualization. That's right. And we're talking security and automation, continuity, things like that. Yes. The whole different set of use cases that are much, I mean, SDN, I don't know, John, it's a little dry, it can be a little dry. Some baggage too with it. I mean, it's undefined. It's kind of like, it's kind of hyped up a bit. Yeah. I mean, it has been hyped up. One of the things that I'm most fascinated about is the security story. Can you talk a little more about microsegmentation and encryption and how people are starting to structure inside the applications inside their data center? Yes. And that is the way it's all about protecting the applications. And today, the way most customers engineer their data centers is they do perimeter security. So they put firewalls around and they protect the North-South traffic coming in and out. Once you're inside, it's wide open. And you know what? The majority of traffic is inside your data center. 90% of your traffic is inside the data center. All of an attack happens from the inside. The attacker has full lateral movement, no controls. You really cannot protect that with traditional firewalls. There's just way too much traffic. You just can't help in everything over to a firewall, send it back. Just won't scale. The only way it can be deployed is you have to stop that right at the hypervisor. That's what microsegmentation allows you to do. Very fine-grained policing. Right at the VM, you can do a set of rules and you can block, you can allow, you can permit. So it's fairly unique. This is really the only way you can actually secure applications in a good manner, right? In a scalable manner. So that, in a nutshell, is what microsegmentation does. And the automation side of it, can you talk about that? Because one of the things that's impressive, it's always been in a VM, whereas DNA is a simplify complex things. Can I have this automated so that it just doesn't on the fly? Is that where the policy aspect is going? That's right. So if you look at microsegmentation itself, we're trying to simplify that as much as possible, right? Because when we first came out with it, it was an enforcement point, right? And so you can enforce it. Now the question is, what do you enforce? How do you plan that? How do you create the policies? And for us, we've been working on that now quite a bit. And you saw a preview of that here, right? Which is, you put NSX into your network. It automatically looks at everything that's going on and it comes up and says, hey, based on what I'm seeing, I recommend this set of rules. You can decide to either adopt those rules or modify them and then push button, click, get it enforced. Do you think with everything that VMware is building, we can get to a place where the virtualization team understands the networking and as well as the networking team understands virtualization? Is that the future we're headed towards? I think the borders are absolutely blurring, right? And we're trying to simplify things. We're trying to automate everything, right? So the virtualization team doesn't really need to become a network expert, right? And similarly vice versa, right? So you saw how in the demo today, we talked about how we can do the lifecycle, right? That doesn't take like serious networking expertise to go get that deployed, right? You can deploy that fairly easily. So that's what we're trying to do. We're trying to simplify and automate the deployments. Can you talk a little bit more about the cross cloud? Because that seems like definitely a theme of the show in general. We are in a world of multiple clouds. How can, how are people using cross cloud capabilities today? So that is really the future vision of VMware, right? I mean, the entire company is going around that and NSX is sort of the underpinning of cross cloud. And you start looking at use cases. I mean, there's multiple use cases, right? So the first use case might be that you have a bunch of developers who would like to develop apps natively on Amazon and they'd like to go out there and, you know, they run VMs on Amazon and go up and do it. And the IT guys would like to figure out how can they monitor what's going on? How do they secure it? How do they audit it? How do they make sure they maintain security posture across those and compliance? With NSX and cross cloud, you can do exactly that, right? You can apply consistent security policies both for on-prem and off-prem workloads. First thing you can do is you can discover what workloads are, right? Who's running what, where, right? Once you discover it, then you can start securing it. You can start automating it. You can do all the things you're doing on-prem. Do that off-prem set of workloads. So that's the first use case. Then, of course, there's a migration scenario, right? So you may want to migrate some workloads from on-prem to off-prem. And again, they may be going from a VM-ware environment to a non-VM-ware environment and we're working to make that happen. And then over time, workloads from one cloud to another cloud. I don't think this is going to be very dynamic just given the complexity of it, right? But you could decide, right? You don't want to be necessarily locked to a single cloud. And you want to have the flexibility to go from, say, an Amazon to an Azure. Or even bring workloads back on-prem. Which, by the way, we've seen as well. We've seen customers move workloads back also from the public cloud on to on-prem as well. So in all of those cases, right? NSX becomes a critical underpinning. With all this blurring of the silos and automation, does that end up changing the buying center and the channel? Do we all have to learn new skills there? Yeah, so I think there's a degree of, you know, we've seen this already happening at large companies, right? So they put cloud teams in place. They're trying to cut across this gap between a server team, a virtual admin team, and a networking team, and a storage team. It's all coming together. Think about it, right? What is VMware Cloud Foundation? It's got compute, it's got storage, it's got the network, it's got everything together. And so I think our customers, you know, who are deploying it more and more, we're seeing cloud teams that are adopting and deploying the entire cloud infrastructure and cutting across these boundaries. I want to get your perspective from the customer angle on here as I finish off the segment. And I'm going to read a tweet that was mentioned by a quote from a customer that was retweeted by VMware NSX to handle. You can't deny the value of NSX from an operational perspective, says Arslan from Shutterfly. So that's obviously an operational thing. Can you just, what are the customers like? I mean, what's the numbers? Can you share some data on deployments? Love letters you're getting, feedback, potentially critical analysis, what you got to do better? Can you share some color around the customer perspective? Yeah, I said some of that today. So 1,700 plus customers today and growing, that's a forex increase over the last 18 months. Continuing to grow 40% micro segmentation, 40% automation, 20% DR application continuity. What we find is many of these customers start out with one use case, okay? I will also say by the way right now about 30% of our business is repeat customers. So they buy it for one use case, they like it, then they expand, right? Other than expanding the same use case, they're scaling it across their entire data center. They're putting it to operate, they're operationalizing it. They're operationalizing it, right? And then the ones who started early with us are now on to use case two, use case three, et cetera. So for example, take micro segmentation. You'll start deploying it initially to protect the East West traffic in the data center. The next use case for it is to secure virtual desktop, right? So people coming in for VDI environments, it's a natural fit. We work together with Sanjay's team on that. So VDI users come in and you can protect them, right? Similarly, AirWatch and mobile, right? The users come in, mobile devices. Again, we can tie into the identity piece of it. We know who the user is, and therefore we can figure out what they get access to, right? So those are all add-on use cases beyond the initial reason why you deployed in effects. Share some color around just anecdotal comments you get from customers, things you've heard them say, or email you and tweet. What have you seen? Some things that surprised you. Yeah, so I've talked to a number of them, right? Let me just give you a few. So like Arslan said, what Arslan said, they actually moved back at Channel 5. They moved a bunch of workloads from Amazon on to their private clouds because they bought a bunch of companies and they were trying to consolidate everything. So they're a classic example of a customer that's doing multiple use cases, right? So he's talked about how it's critical for the operational thing because it automates everything for them. It secures his environment. I quoted Brandon, right? Brandon Han from West Bend Insurance. He's actually going to be with me on a panel very soon here. So for him, right? I mean he's an insurance company and they've got, you know, they're selling a promise, right? And if you look at, you know, I have to say, your people lose, you know, there's breaches and credit card information gets stolen. That happens quite a lot, you see. Yeah, all the time. But at the end of the day, that's only credit card information, okay? Imagine if your healthcare records gets stolen, right? I mean, they know everything about you, right? And so if you're an insurer, I mean, it's just much more sensitive and data breach just breaks the promise, right? I mean, the whole industry would be under threat. If they lose data. And so for them to say, you know, that was just such a critical business imperative. So they use micro segmentation to secure that environment, right? We have many large customers. I mean, you look at Citibank, they were here. So Citibank was a pretty early adopter for us, right? They went all in, they are using it for automation. And now they're going to cross cloud. And they have the same, even for a bank, large scale bank, they're starting to see and build extended to Amazon and other public cloud. So they're now sort of saying, okay, NSX, we need you to go with us. And they're pulling us into those Canada plans. Congratulations on all your success. A final question real quick. Areas that you hear from customers and or you know you need to work on to get better? Were you guys sharper than saw? All right now. Absolutely. So one of the things, in fact, we in response to reasonable recent feedback, we bought a company called Arkin. Okay, customers would tell us, hey, we like the enforcement piece of this, but you need to help us do two things. You need to help us do planning up front and assessment. And you need to figure out how we can monitor and troubleshoot once you've got stuff deployed. And Arkin did that perfectly. Okay, bunch of ex-VM guys. So we bought them and they fulfilled that piece, right? Both on the front end and on the back end. And not only that, they can actually manage and monitor both the virtual layer, but also the physical layer, right? Imagine, right, if we got a troubleshoot as environment, you want to be able to trace, do a path trace all the way from a VM through, you know, a physical fish through a physical firewall all the way back to a load balancer and then out into, you know, its destination. So that's what they can do and that completes the offering. So we're trying to make this easier to use, easier to deploy. Rajeev, I know you got to go to another session. Thank you so much for spending your valuable time with us on theCUBE. Great insight, thanks for sharing. Thank you, John. Thank you very much. Thank you, John. VMworld 2016 in the hang space, this is theCUBE. John Troyer, I'm John Furrier. Be right back. Great, thank you guys.