 Live from San Francisco, celebrating 10 years of high-tech coverage, it's theCUBE. Covering VMworld 2019. Brought to you by VMware and its ecosystem partners. Welcome back, everyone. It's theCUBE's live coverage at VMworld 2019. I'm Trevor, Dave Vellante. Dave, 10 years doing theCUBE at VMworld. What a transformation. A lot of the technology's coming back into the center of all the action. SDWIN is one of them. We've got two great guests, two entrepreneurs, the co-founders of Vellocloud, Sanjay Wupal, who's the VP and GM of Vellocloud Business Unit, part of VMware. VMware bought them December, 2017. Steve Wu, senior director of Vellocloud Business Unit, also co-founded. You guys both strong and networking entrepreneurs. Congratulations, thanks for two years ago. Okay, so we were reminiscing about 10 years ago, 2010, when we first started doing theCUBE to now, but more than ever, SDWIN, over just some of the past 24 months, 36 months, a lot's changing as cloud has become more obvious. Certainly in public cloud, no debate, but when you start talking about cloud 2.0, enterprise requirements are much unique and different than just being born in the cloud, at least like the startups are. So whole different challenges. This is a connectivity, it's a networking challenge. Networking and security are the two biggest, hottest areas right now in tech. As cloud scale, the enterprise comes in. What's the vision, Sanjay? So what's going on here is, as you were rightly pointing out, cloud is changing. It's no longer people just want to get from private to public. It's a multi-cloud world and it's a hybrid cloud world. Now that's talking at it from the compute standpoint, but other services are also moving to the cloud. Security services are moving to the cloud. So when you look at it from that standpoint, our customers want to get from the clients, which could be a user, it could be a thing, it could be a machine, all the way to the container, which has the application. So we're looking at SDWIN as being that fabric that connects from the client to the cloud, to the container. And as you're rightly pointing out, networking and security is the hot area right now. So how does security and networking impact this client to cloud to container world is where SDWIN is headed today? And Pat Gelsinger, who just came fresh off the keynote, he'll be on tomorrow. I'm going to ask him this question directly, but we've always been saying public cloud is such a great resource. I mean, who doesn't want all that massive compute, massive storage if you can use it. But when you start getting into hybrid, right? I said the data center's an edge. And he's talking about a thin edge and a big edge and a thick edge. So when you're a networking packet, when you're networking, it's just you move stuff around. You're an edge in your center, your core. These are networking concepts. It's not new. I mean, this is not new. Yes, this is not new. I think the concept of the edge as he was pointing out, there's different edges everywhere and you have to really look at it from as you're crossing the boundary, how do you get the packets from point A to point B, making sure that the performance is assured. So you get the application layer performance, but yet not increasing your attack surface from a security standpoint. And so the facilities that Steve and myself and other folks at VeloCloud have constructed is really reducing the attack surface by segmentation, but making sure that the conversation from the client to the cloud to the container has that assured performance, particularly for real-time applications, which are actually not easy to get right because the underlying transport may not actually help in any great way. So John, you said it's not really new for you networking guys. It's really not. At the same time, Pat talked about choice versus complexity, so it's a much more complex world. So you've had to sort of change the way in which you approach from a technology standpoint, I presume. The roadmap has probably shifted. Maybe you could talk about that a little bit. So the discussion about moving to the cloud has been about the compute, but then you have to also actually look at the network, right? There are forecasts that 30 to 50% of the enterprise traffic is going to go to the cloud. But the network in the past was built for applications going to the on-premise data center, so what we've had is inequality where you had a full enterprise-grade network going to the enterprise data center, but actually your cloud access was a second grade citizen that Sanjo was saying, I still want performance, I still want security, and then in fact, as people actually expand to the cloud but actually put more and more workloads in the cloud, you're starting to realize, gee, where's my automation? Where's my scaling? So that still has to be done at the branch of the remote science that need the access to the cloud and then need this automated, secure, high-performing access to all the cloud workloads, especially even as you now move to multi-cloud, right, so you went from on-premise, a little bit in the hybrid private cloud, now many more instances and now multi-cloud because more and more complex, and that's where Cloud Delivered SDN really addresses that problem. So Steve, lay out the architecture, so let's just all role play for a second here. I'm a CISO, CIO, I'm progressive on my hands and all the top things, certainly security's the number one concern I have. Building my own stack, I love the cloud, I don't want to make it a second-class citizen, I really want to re-architect this. What's the playbook? What do I do? What's your recommendation? All right, so the playbook is the, and this is advice from the cloud compute center as well, right, go direct to the cloud, don't backhaul it through the enterprise data center and introduce latency, so you now need internet breakout at more locations, not just the central data center, but I still need the security, so how do I have cloud security for traffic going straight to the cloud versus going back to the east-west to the data center? So really the advantage that the SD1 solution has, it's actually a hybrid that has a footprint on-premise but also has a cloud footprint, all right, so Sanjay and I and VelaCloud, we have this big network of cloud gateways, so you have the footprint on-prem and in the cloud to have distributed security. So Sanjay, talk about the, back to your original bumper sticker. Client cloud containers, so I see that security piece. Is how important is the container piece become and what is that role of the container in the future? Is it going to be a wrapper for legacy apps? Is it going to be primary for new apps? Because Kubernetes is clearly orchestrating a bunch of containers and other services, so the role of the container is certainly super valuable. How does that impact some of the efficiencies that's needed for networking and to ensure security? Yeah, great question. You know, the networking folks and networking was always relegated to being the underlay or the plumbing. Now what's becoming important is that the applications are making their intent aware to the network and the intent is becoming aware. As the intent becomes aware, we networking people know what to do in the SD-WAN layer which then shields all the intricacies of what needs to get done in the underlay. So to put it in very simple terms, the container is what really drives the need and what we are doing is we are building the outcome to satisfy that need. Now containers are critical because as Pat was saying, all of the new digital applications are going to be built with containers in mind. So the reason we call it Client to Cloud to Containers because the containers can literally be anywhere. You know, we're talking about them being in the private cloud and in the public cloud. They could be right next to where the client is because of the edge cloud. They could be in the telco network which is the telco cloud. So between these four clouds, you literally have a network of these containers and the underlying infrastructure that we are doing is to provide that SD-WAN layer that will get the containers to talk to one another as well as to talk to the clients that are getting access to those applications. You know, sometimes it takes a history lesson to kind of figure out the future. I was talking with Steve Herrod and I want to get your reaction to the comment he made to me when we were talking about, you know, the impact of VMware back in the old days, you know, virtualization. Virtualization kind of came out as an application and it became, you know, what it did and the server world just, you know, changed the game. But one key thing that we talked about, he mentioned was it says, the key was that virtualization allowed for massive efficiencies, not just on price and consolidation of servers and efficiency on price, but it enabled more efficiencies and performance without any code changes to the application. So the question is, is that, okay, containers, I buy 100% when you agree, since stock are in early days now with the Kubernetes, containers are going to be a game changer. How, what's that dynamic that's going to come next? Is there a, is there a view from your perspective on that step up function of value without a lot of application rewrites or network changes? I mean, I just try to figure out how that fits together. Yeah, let me track this first and then maybe Steve can comment as well. So, you know, the first thing is that SD-WAN, you know, just like server virtualization did, we're doing what server virtualization was for the network. So you don't require any changes to your underlay, meaning that you don't require changes to your broadband, you don't require changes to your LTE and even 5G as well as the MPLS network. So you don't have to twiddle with those bits. We manage it all in the overlay. This is exactly similar to what VMs did when it came to server virtualization. Now, when containers come in, because we get the visibility of what the container wants, we can both in real time, as well as a prior, I figure out how the network should be configured. And that is a game changer because a container could be right next to you, it could be in the cloud, far edge, thin edge. It's really, it's not just a destination. It's literally everywhere. And that underlying fabric, you know, if the underlying fabric of the network doesn't work, your digital transformation project for containers is not going to work either. So, you know, there's a key building block over there. So if I get this right, you're saying is that because you have that underlay visibility without any changes by making efficiencies there, you then can be understanding what the container wants to do. So you're bringing intelligence to the container and vice versa? Yes, so the containers, you know, tells us what do they need to run. I mean, the application tells us which is built with containers. And what we do is we dynamically measure how the network is performing and we adapt to what the container wants. We call this outcome driven. We know what the outcome is and we adapt the networking to deliver that outcome. So I want to ask you guys, Pat talked today about, you know, 8% better improvement relative to bare metal, but it's really about the entire system, the entire network. And I'm curious as to sort of how you guys are evolving. John and I talk about cloud 2.0, how you're evolving to support that because it's really about application performance in total, what the user sees, not what I can measure in some on-prem data center. I'm not saying Pat was doing that, but my guess is to juice the numbers for the keynote, they probably did do that. So how is your infrastructure and architecture evolving to sort of support application performance across the network? So to add to what Sandro is saying in terms of not just being aware of the requirements of the containers and optimizing and have the visibility, but actually leverage the container and virtual machine technology in the SD-WAN platform itself. So in terms of solving the network problem, it's not just about us virtualizing the network resources and then choosing the best path across the network to the applications, but actually hosting some applications that deserve to be moved out to the edge to help solve the performance problem as well. A good example is IoT where you just have a lot of data, a lot of real-time data that needs real-time control response instead of necessarily going over the most sufficient path to an existing cloud data center on-premise, perhaps do some of the analytics actually in the SD-WAN network edge and we can do that with containers. Tell me about the real-time aspect because I think that's a key point. We mentioned that Sanjay earlier because I remember, not to date myself, but I remember back in the days when policy was a revolution, oh my God, we can do policy-based stuff, provision, all this stuff. I mean, that was a static network. Everything was provisioned, buttoned up nicely. You're not dealing with a static network when you're dealing with services. So you're moving up the stack, we're talking containers now at the application level assuming you have the fabric down here. There's going to be a lot of stuff being turned on, turned off, things provisioning, unprovisioning. So a lot of dynamic nature going on. So if I see this right, policy is keys that enable some intelligence. It's got to have an impact on the real-time. So talk about what real-time means, the challenges, is it just a transactional issue? Is it latency? And is that where the container of magic happens? Just unpack that a little bit. Yeah, so there's really four classes of real-time applications that we see. Voice, Video, VDI, and IoT. Now there's of course other applications that are built from these building blocks or these types of applications, sub-applications. Now each of these has a latency requirement, but it also has a requirement in terms of dynamism. So as you know, video can change dramatically from one moment to the other, variable-betrayed video. Voice doesn't change as dramatically, but has very stringent requirements in terms of when that packet should show up. So when we look at these, and you put them on a best effort network that only says that they're going to get the packet from point A to point B, these real-time applications may not work. So what we have constructed is an overlay that supports real-time applications even on best effort networks. And this is actually a fairly significant shift in the industry. Like if you look at running, all of us have done a voice call on broadband and you hear these artifacts and rubber banding and you can't hear the other person, right? But with VeloCloud, we're able to provide guarantees running on best effort networks. I think that is a game changer. That is going to be a game changer also as the applications get much more dynamic. I mean you bring in containers, one of the issues is where should that application run? That can be decided in real-time. VMware invented this whole V-motion idea. Well, how about V-motioning the container and how are you going to V-motion it and how are you going to decide where that container should be? So all of this is really what a networking infrastructure can provide for you in real-time. And you've got this overlay and without performance degradation or dramatic performance degradation, right? So what's the secret sauce behind that? So the secret sauce solution is something we call dynamic multi-path optimization. So just like virtualization was done for the data center, our first continuously monitor the resources performance capacity of the different underlay resources. And then in real-time, recognizing the business priority of the different applications instantly put the workload or in this case the network when traffic on the right resource and actually have the flexibility to move it as conditions change, as capacity changes. And further than that, if you can't, if you can't stare around the problems that we may see in the network we can actually remediate the actual traffic streams and since we're on both ends we can have a lot of optimization tricks to actually make sure that real-time application data applications work perfectly. So that's a data analysis and a math problem that you solved? So we use that, we use that for real-time optimization and then the other benefit is we have this huge, in the cloud of course huge data lake of information that we continue to share more and more with the users so they can see the overlay so that the entire underlay environment of the WAN where it's going in the different hybrid cloud and also the overlay performance and it's going to be huge value in that in terms of solving network problems. Are the telcos bottleneck to the future or is 5G going to solve all that? Telcos are a partner and more than 50% of our business is done with the telco. So it's us working with the telco and then going eventually to the enterprise. And they're moving at the speed that you want them to move? I mean, they're saddled with pressures on cost and network function virtualization and it's a complicated problem. Right, as you heard Pat say in the morning the telcos are going through a dramatic change because they're shifting away from those custom proprietary hardware infrastructure into a completely software-driven world, right? And so the telco is a critical partner. They are virtualizing their own network. They are virtualizing the core of the network using VMware and other technologies and as they're doing that they're virtualizing what goes out to the enterprise customer. And the network virtualization piece, of course, is built on STVAN. One thing I wanted to add to what Steve said is that we collect almost 10 billion flow records a day from across all of our 150,000 sites and this is a treasure trove of information. It is this information that allows us to develop the next generation algorithms. We're the only ones who have that much information that is collected. It's rich information. It's about how the network performs, how the applications are, where it is going, what the application workloads are. And using this we generate the next generation algorithms that will optimize the networks and make them more secure. And this is the benefit of SAS, the beautiful thing about having a SAS platform. Easy to stand up. The data becomes a really critical aspect for making the network smarter to your point and this is all these data points. It's an operating system to me. It's a highly distributed network operating system. Guys, thanks for coming on, great insight. Final question to end the segment. As two co-founders and entrepreneurs, when you started VeloCloud knowing what's going on today, explain in your entrepreneurial mind where this is going because this isn't your, as they say, grandfather's SD-WAN market anymore. It's really turning into, quite frankly, next generation networking, next generation software. You mentioned this network operating system. It's one big distributed network and all these new things are happening. What's the vision? Is this what you thought it would be when you guys started? Well, you know, the amazing thing is many startups usually go through a pivot, right? They start off with one thing and maybe more than one pivot. In fact, I think it was a couple of years ago that we just for Grins looked at the first few slides that Steve had made when we had got started for our seed investor, where we actually had absolutely nothing. And it was actually, it's very true, the graphics were very, very poor, but other than that, the idea of moving to the cloud and using the cloud as the network, even at that time we said the cloud is the network, that has not changed. And so the enduring vision here is that regardless of where you are, you know, you're on laptops right now, clients, could be sensors, actuators, all of this is going to go through a network cloud. And that network cloud is going to be responsible for getting you to any final destination, whether it's your nearby container or whether it's running in some public cloud. And so the vision is, you know, trust the network. It's going to make sure that it'll figure out whether you should be on Wi-Fi or Bluetooth or LTE or 5G or whatever have you. You just say, this application's important to me. The network is going to take care of the rest of it. Well, you guys are certainly, music to ours, we love network effects. Everything network effects is not just, you know, the way we, media is today, but also technology. The network is all interconnected, it's instrumented. You can get the data. There's no blind spots that you can instrument it. You can automate it. You guys are pioneers. Thanks for coming on, CUBE, appreciate it. Thank you. CUBE Coverage here, 10 years covering VMworld. I'm Javarad Devilatte. Back with more live coverage after this short break.