 Live, from Barcelona, Spain, it's theCUBE. Covering Cisco Live Europe. Brought to you by Cisco and its ecosystem partners. Okay, welcome back everyone. We're live here in Barcelona, Spain, theCUBE's coverage of Cisco Live Europe 2019. I'm John Furrier, Stu Miniman, and Dave Vellante, all here this week, getting all the action. Our next guest is Ron Sturbins, who's the marketing manager of Stealth Watch Cloud, formerly as part of the acquisition and original team of Observable Networks. Small startup that was bought by Cisco in 2017. Now you're in the big company. Key part of the portfolio on security and cloud. Welcome to theCUBE again. Good to see you. Thank you, John. So what's going on in Europe? What are the big trends? Obviously here in Barcelona, it's Emir, Europe, Middle East, Africa, and Russia. Yep. A lot of compliance, a lot of regulated industries across the board. Yep. A lot of security concerns, privacy concerns. Securities at the center of the value version of Cisco's network approach. Yep. Well, last, you know, as of last year, we were down in the front of this, of the event. And I would say the traffic was pretty good. Now we're in the back. We're seeing a lot more interest. We're seeing actual customers come up. Subscribers to our product and service. They have been with you now for a year. What's new? So it's nice to see that, that we didn't have right after the acquisition, which was where we were last year. So in Europe, what are some of the trends and what's resonating with customers? Kubernetes. You know, you guys were out at KubeCon. For us, that was a great show. A lot of interest in Kubernetes. And we're seeing the same thing here in the base, as well as the Cisco solution for it. And the DevNet zone, which we're in, has all these classrooms. I got to say, right next to us is Classroom One. The Kubernetes session yesterday was overflowing into our set. Yeah. I wonder if we could expand a little bit. What's exciting people about Kubernetes? Do you have any guidance as to, you know, who they're using? Because I think back a year ago, a lot of the customers they talked to, they were like building their own. And you know, it's like, Kubernetes the hard way, as opposed to today, you know, Cisco's got solution. You've got deep partnership with AWS, with Google and the like, so yeah. We're seeing it all across the board. A lot of folks using Amazon to do it. We would always see customers, Google was a natural for it. We are actually having customers come up to say, we're using the Cisco platform for it. So, you know, for us, it's the whole breadth. What's also nice about it is we really simplify the deployment for Kubernetes. So it doesn't matter whether any of those environments are going to be used from a security perspective, real easy to inject it into the Kubernetes environments, expand and contract, and feed the security solution that we offer. So again, what's also really nice is the multi-cloud, right, so whether it's Kubernetes, a little bit of AWS on the web servers, a little bit of the on-prem, any of the other Cisco kind of compute platforms, all of that data is coming in. I wonder if just when you look at security, you know, it felt like a few years ago we got over the hump of the public cloud can be secure. One of the challenges I have is if I'm in a multi-cloud environment, security's different in every one of those. So I've got different skill sets, I have to match this. How are you helping customers? How are they sorting through that? Yeah, and then the other part of it is they're used to what they would see on-prem in a physical network. So by doing what we do into the cloud allows a customer to have that traditional security perspective across all those environments of things that they're used to. So if you look at it from the automation and simplicity, that's a great value prop. The other one that's a really interesting value prop is I don't want to have to normalize for every data feed an element that comes out of those clouds. So by for us doing it across all of our portfolio, when a feed changes with AWS, we're normalizing and bring it in as a security perspective for the customer. So you basically outsourced a lot of the easy or hard lift of modifying those particular feeds into our solution or service. Talk about the cloud center service that you guys have as a suite now. You have a variety of mentioned portfolio, certainly securities in there, the StealthWatch cloud. You mentioned Kubernetes, you can't look without containers being part of that. Got the Cisco Container Service on Google and AWS. How do you guys fit into that? What's the key StealthWatch cloud value proposition? Yeah, so there is a reference architecture that Cisco has put out where we look at ACI anywhere. We look at the container platform, security on the top of it. We're able to integrate in other solutions. We're seeing a lot more interest in the SD-WAN part of the house being able to again, simplify the security for all of those infrastructures back. So that's a really nice reference architecture to go into an environment and try to leverage the whole portfolio for simplicity, broader breadth and depth. What are some of the conversations you're having with customers around multi-cloud? Do they come in and say, okay, give me some of that StealthWatch cloud or how do I architect it in? How does it fit in? What are some of those customer conversations? What do they look like? Well, the first one is simplicity. How difficult is this to do? How broad can I put it in a solution? And will it really do what you're forecasting or saying it will, right? With this thing called endpoint modeling or entity modeling. What we also encourage is a free trial. So we allow customers to use the full service across all of those platforms, go as broad as they want during that trial period and we prove out the value problem. In other words, you're able to see these devices in your real time, devices that you're normal and familiar with, the ability again to expand and contract in Kubernetes and see those, whether you put an Apache server on a node and that's the way it performs and you expand out and get six of those, they will perform exactly the same way and the expectation is that they will. But what we do in the demos in the booth is show the customer how easy it is to do that and then encourage them to do it with their own environment in a trial. And that's where we solidify the customer into a sale. To the ongoing subscriber. So Ron, it's been interesting to watch. We've got a lot of background in history with Cisco. Your solution, you're in the AWS marketplace, a Bayou software in the Google marketplace. It's not, you know, boxes and that model. Talk about how it's been coming into Cisco now and kind of the go to market, how that, you know, we're watching a lot of Cisco change to go more towards where you were pre-acquisition even. So how's that dynamic changing? Well, yeah, so we went from a team of 14, I think we're up to 21, 22 now. And then we've got the other partnership by brothers and sisters of 70,000 people. So it is one, influencing that product plus all the partners and then getting them to encourage them to sell. The ability to sell on Cisco GPL. The also the ability to transact and Cisco's really supportive of wherever the customer wants to be. Whether that's AWS, Azure, AWS marketplace, very easy to do a transaction there. And at the same time, you know, that we don't lose any of the internal compensation for Cisco employees or Cisco sailors. So that's really nice. And it's simple for a customer. As you move from being a startup, which is nimble, you guys are small, you're in the front lines, you come into Cisco. What was your impression about how Cisco's portfolio was coming together? And where is it now almost one year later coming up on your one year? Yeah, I think you can see that in the floor space here when you look at cloud. So the first year that we were here, we were included in that whole piece. Probably lighter traffic. This year we're seeing a lot more people with the interest in cloud. I think next year you will see more Cisco sellers, partners, buyers in that space asking about what's coming next. I mean, we're getting MSPs this year to say, hey, look, we're trying to do a Kubernetes practice. Is there a way that we can attach a security perspective to that? In a multi-tenancy, servicing our customers, being able to do their remediation. And we are, and I don't think that's a conversation we had last year. Ron, take a minute to explain simply the story for multi-cloud for Cisco from a security perspective. What's your, how would you describe to someone the multi-cloud story from Cisco? What is it? But take a minute to explain that. Yeah, and the multi-cloud story for Cisco for security is the ability to see kind of and leverage, intelligence, actionable insight across any one of those platforms, right? Normalize it, bring it in, show me the interaction. Whether that customer is sitting on a Cisco network or this customer is sitting at the endpoint outside of a web server on AWS. What can I see across that? What are my expectations of that interaction? Suzy, we was on yesterday, she's the champion of DevNet, this whole DevNet zone where we're located. Lot of energy, a lot of developers. Cisco's app dynamics, which brings that app perspective as the network becomes programmable. And you see the rise of Kubernetes, great indicator that you mentioned that earlier. How should customers think about programmability with the security paradigm that's put forth from Cisco today? What's the guiding principles? What are some of the strategies they should take? What's your view on that? Intelligence and interoperability. So whether we're looking at like an ICE integration or encrypted threat analytics or any of the other services that Cisco puts together, bringing all that intelligence back in and putting it into usable fashion. Simplicity of integrating the products and suites, services. Yeah, service providers you mentioned before, they're used to programmability. What I've seen over the last few years is they're embracing the multicloud message before. Five years ago it was, oh my God, that's the enemy. I need to fight against them. Now they're directly connecting into a lot of these public clouds. They're figuring out what of their services they keep versus offering services to the customer and pass them through. And it seems like a great opportunity for you to help them expand, especially their security footprint across those environments. It definitely is. The ability for a customer to say, hey, what is my real value add in this versus the pipe and the mechanics from behind the scene? So for us, we focus on what we do really well. We allow our partners. Look, if you're going to do remediation, if you're going to do deployments into the web front end or new applications, if you're going to look at portability across cube environments, whatever the cost, benefit or ratio is, we let them focus on that and we take the back end processing, which is the back end processing of alerts, back end processing of what we call observations, simplicity of bringing on partners for MSPs and servicing them. Ron, I want to get your thoughts on a quote we heard on the cube yesterday from a practitioner. We're talking about multi-cloud and cloud in general as people move to SaaS models and cloud. They don't really own the equipment. Quote was, IT doesn't own the equipment but owns the outcome. So the operating models changing a little bit. Okay, by that makes sense to me. And the quote was, it moves from find and fix to get evidence and escalate. How to handle the data becomes the core issue. Security data is a super important part of it. Can you comment on your reaction to that quote? That quote, the positioning? Because certainly cloud is a rent versus buy. It's a class. You've still got the on premise. The security's dealing across the holistic environment where data and escalating sharing data, big part of it. What's your thoughts on the role of how to handle the data? Yeah, I think, well, if you look at security and look at SaaS, right? What is our role? Our role is to normalize that data and be responsive every time a change is made in a cloud platform. The other thing what's great about a SaaS service is upgrading, right? So upgrading is updates and everything else that comes at you from a security perspective. SaaS is best to handle that, right? Because we are looking at that. We're providing updates as well as changes to our platform almost daily. We publish that back to the customers and as a subscriber, you know, you don't renew if you're not happy. So it continually puts us on the forefront of saying, look, we've got to innovate. We've got to be responsive to the customer. We've got to be able to address any other kind of, and it isn't always just malware or something that goes wrong. It could also be malfunction. It could also be a leftover assets that are sitting in AWS environment or Lambda functions that go awry. So we have multiple ways of providing, you know, value to the customer on those infrastructures. A lot of moving parts. Dependencies could be, you could move the availability zone, have some dependencies across the network. A lot of things that play here. Right, and what's really good about StealthWatchCloud is from the back end of it, we're sitting out and addressing that. We're trying to put a human's a touch to what we would find in an alert and what would be important to a customer and how we drive that value. Yeah, so Ron, we know that security is always an ongoing journey. So there's no end to where you need to go. You mentioned Lambda functions, serverless something that your team's involved in or there are other areas that we should be looking for throughout 2019 for some of the maturation. I think there is, but I don't, as far as the roadmap goes, there's always integration, like integration with Meraki, integration with other Cisco products. And the same thing goes with any other, I had just finished a meeting with Google about what are their data elements can we get to enrich that security perspective from Google? That'll be the exact same thing with AWS functions. The team will look at all of those feeds, which ones are relative to things that we can provide from a security perspective or generate value to the customer and integrate those first. This highlights the operating model for Cisco as a company. You mentioned Google, Amazon. There's real integrations, real partnerships, deep, meaningful, technical relationships. Share some insight into how that's going. Well, there's a lot, there's always a lot for me to those platforms. So you do have to kind of pick and choose as to what you're going to address. I'm sure all of us on the team that are in the forefront of selling is saying, what about this? What about that? Can we incorporate it? It's a difficult, but I would also say what's really big here in Europe is Azure. Is Azure actually? Yes. That's a real big potential customer base to address as well. We're talking to the DNA-centered platform guys and they're like, the backlog's huge. And they just like, we're just going to work the backlog. To your point about SaaS, you knock these things down one at a time, you'll get just prioritized due to the classic product management. Well, Ron, thanks for coming on. I really appreciate the insight. Final minute, just give a plug for what's going on at StealthWatchCloud. What are some of the highlights? What are some of the things you guys are promoting? What's the good news share with us? I would say probably the best news is adding all the cloud platforms, being able to truly be a multi-cloud story. Integration with other Cisco products that are coming in the forefront that we'll be announcing at other events. Throughout, I think RSA, we've got some announcements coming out. So if you'll be there. And then the part that we keep hitting home is meeting with the sales teams, starting the trial and allowing us to kind of prove out the value of the product and service. Security portfolios expand, you get Tetration, SaaS coming around the corner, a lot of other interesting things happening in the Cisco world. Do well. A lot of great stuff. Hey, thanks for coming on. You bet. We're here inside the cube in Barcelona, Spain, for Cisco Live Europe. I'm Sean Horst, you've been with us for more day three coverage after this short break.