 Live from San Diego, California, it's theCUBE. Covering Cisco Live US 2019. Brought to you by Cisco and its ecosystem partners. Welcome back to San Diego, everybody. You're watching theCUBE, the leader in live tech coverage. My name is Dave Vellante and I'm here with my co-host, Stu Miniman, day one of our wall-to-wall coverage of Cisco Live 2019. Behind us is the DevNet Zone, a lot of action here, a lot of the CCIE folks learning how to code infrastructure, a big trend in the business. G Rittenhouse is here, he's the senior vice president and general manager of the security business group at Cisco. G, thanks for coming to theCUBE. It's my pleasure, thank you for inviting me. So we've been talking on theCUBE a lot about Cisco coming at it, multi-cloud, for example, from a position of strength. Try to convince your customers that your networks are higher performance, more cost effective, and very importantly, more secure. Of course. And I mean, everybody always wants more performance. They want lower cost. Security, in many ways, has begun to trump those other two attributes. They've become table stakes. Security as well, but security is really number one now. Talk about that, talk about the major trends that you're seeing. Well, of course, security now is top of mind for everyone, board level conversations, executive level conversations all the time. I think what ends up happening is, in the past, we would think about it as network performance, cost, et cetera. Security as a tangent kind of side conversation. Now, of course, it's built into everything that we do in the conversations that we have. Equally around performance, but also around simplicity. Because security tends to be a little bit hard and lots of process and how do you go through it with compliance regulations. We're also focusing a lot of effort on making it simple. Okay, so the big trend you obviously hear is people talk about, well, you used to put all the money in the perimeter, harden the perimeter. Now you can't dig a moat anymore. The queen leaves her castle. Yeah. It's a whole new paradigm. Yeah. So customers are realizing that. It's a board level topic now. How is Cisco responding to that trend specifically? Well, quite frankly, what we're doing is taking that old perimeter and moving that perimeter to the appropriate spots. Could be your branch now doing direct internet access. We'll move the perimeter to the branch. Could be your users, your mobile workforce. We'll move the perimeter to surround those users. And of course, those applications that are sitting in the data center, now as they move to and from the public cloud, we put segmentation, micro-segmentation, and follow them as well. So those perimeters are breaking down from one giant moat with the queen. Now we have lots and lots of little ones. So it's like the cubes do. You can bring it anyway. Exactly. Everywhere, built it in. So, you know, we know it's a multi-cloud world for customers today. One of the important pieces to help pull together the multi-cloud is the SD-WAN piece, which Cisco has a few different solutions in that space. An area I was hoping you could explain is that security piece of SD-WAN, because people think of it as, oh, it's kind of like the old WAN opt or some of these other things, but security is such an important piece of that, you know, ever-growing landscape. So, you know, it's funny because people are adopting SD-WAN for simplicity as well as lower cost. And the last thing we want to force people to do is to have to bolt on various security solutions. Then all of a sudden, you know, the next day your network operations is complex again. So, what we did last year was we took part of the security portfolio and built it directly into our on-premises SD-WAN appliances so that you could take that SD-WAN, deploy it, and security is built in. That is a huge, huge market opportunity. And of course, since we also have a secure cloud platform, we're moving that same feature functionality into the cloud. So, whether our customers want to secure their SD-WAN with technologies on-prem or in the cloud, Cisco has both ends covered. Well, and it ties into the whole DevOps mentality, and of course, it's appropriate here in the DevNet zone. But, G, I want to ask you, how have organizations, how have their security regimes, or how are they evolving? How are they changing? It used to be, okay, sec ops, it's your problem. IT guys, it's your problem. And we know that doesn't work. It's a team effort. But talk about the organizational evolution that you're seeing. Well, not only, so the organizational effort, we're seeing a lot of the technology merge. And from an organization perspective, whether it sits under a CIO or a CISO, that's a separate conversation. But from a technology perspective, they're getting heavily, heavily integrated. And that is now forcing network people to actually think about policy, segmentation, security, much more than they were in the past. And conversely, security people, starting to think about mobile devices and networking and things like that. So we're seeing this big blur across the organization, both from an operational perspective, as well as processes and workflows. What about the role of data and analytics in terms of how it informs you, how that's evolving, machine intelligence coming into play? How's Cisco exploiting that? And what's it going to mean for your customers? Well, as the industry leader in terms of security, we consume massive amounts of data. For example, we block six billion events per day. That's more than Google queries, right? We do 185 billion DNS queries. That's 5% of the global internet traffic. Of course, we as humans can't calculate what's the good and the bad. So we rely heavily on machine learning, artificial intelligence and whatnot. We have the largest non-government threat research group in the industry, and that's what they do day after day, looking for those needles in a haystack, these threats in the sea of normal. And you can't do that with alerts, right? I mean, just no way. You've got to have automation. So in this world of cloud, so talk a little bit about the automation principles that you guys are designing into your products. Well, security is one of these fields where not only do we have to calculate the alerts, but we operate in the environment of false positives. You could turn on, like, we're going to protect you and block everything, but then all of a sudden, a lot of things that appear as threats actually weren't threats. Those are false positives. So our goal is to protect the enterprise and get zero false positive, go all the way to the edge. And the way we do that, of course, is not only to automate and say, these are all your events, but we have to rank stack them in terms of importance. There's only a certain amount of time in the day. So you want to go to the most important, most critical event, automate that, then go next to next. So we automate, but also rank stack in the presence of false positive. And do you see the day or maybe you're starting to get there already where the machine actually acts as an agent for you. And certainly, I'm sure it plugs holes and things like that, but actually takes it one step further and makes decisions about what to go after. So in many cases, yes. And particularly real time around files and things like that. In other cases, no, because there's a workflow there that says I'm actually not going to deploy those firewall rules until I test them and evaluate them and whatnot. So everything from real time into probably a way for sure. But you need a human in that decision to take on that. You do in the end. Yes, yes. So in an ever changing threat landscape, but how do you make sure you keep up? Cisco's made a number of acquisitions. How do you make it a seamless security environment for them despite all of these various threats and attacks? So welcome to my day jobs, Stu. Yeah. So essentially we've done two things. We've taken all of these assets and we do accumulate and acquire the market leaders in these space. And the first thing that we do is integrate the backend. Though all those events I was telling you about, they're coming from all of these technologies. So we bring them all back so that we can focus on the efficacy. That is a big step, but that's what we do first. Then the second step, once that's done, is to integrate the front end so that the user, the customer can sit there and go, oh, I'm tracking an event. It came in through our email. It came in through a firewall, came through our endpoint and unified the front end experience. But the first thing we do is always on the back. So you get a lot of pressure from customers, obviously, because you are the network. So you get a lot of pressure from them, but are you in a position now to actually lead the transformation with your customers? I mean, the whole paradigm shift, the mind shift. And what are you doing along those lines? So we are absolutely leading our customers. We're leading it in secure direct internet access and SD-WAN. The other thing that we've been investing heavily is in zero trust. So instead of just allowing everyone on the network and follow the threats, we acquired Duo last year, the leader in MFA and zero trust. And now we're integrating that into the network so that we can also establish trust, but then block and verify. Great, gee, I know you got to jump. So thanks so much for your time. It's my pleasure, guys. Thank you so much for coming. You're welcome, great to have you. All right, keep it right there. Everybody will be back with our next guest right after this short break. Dave Vellante, Stu Miniman, Lisa Martin is also here. You're watching theCUBE from Cisco Live, San Diego. Right back.