 Hey guys, good morning and welcome back to theCUBE. Lisa Martin here with John Furrier. This is theCUBE's third day of wall-to-wall coverage of VMware Explorer. We're very pleased to welcome one of our alumni back to the program. Chris Wolf joins us, Chief Research and Innovation Officer at VMware. Chris, welcome back to theCUBE. Yeah, thanks, Lisa. It's always a pleasure. This has been a great event. The keynote was standing room only on Tuesday morning. We've had great conversations with VMware's ecosystem and VMware, of course. What are some of the hot things going on from an R&D perspective? Yeah, there's a lot. I mean, we have about four or five different priorities. And this is looking at sovereign clouds and multi-cloud, edge computing, modern applications and data services. We're doing quite a bit of work in machine learning as well as in security. So we're a relatively large organization, but at the same time, we really look to pick our bets. So when we're doing something in ML or security, then we want to make sure that it's high quality and it's differentiated and adds value for VMware, our partners and our customers. Where are our customers in the mix in terms of being influential in the roadmap? Very, very much in the mix. What we like to do is in early stage R&D, we want to have five to 10 customers as design partners. And that really helps. And in addition to that, as we get closer to go to market, we look to align up between one and three of our SI partners as well to really help us. In a large company, sometimes your organic innovations can get lost in the shuffle. And when we have passionate SI's that are like, yes, we want to take this forward with you together, that's just awesome. And it also helps us to understand at a very early stage, what are the integration requirements? So we're not just thinking about the core product itself, but how would it play in the ecosystem? Equally important. We had Kit Colbert on CTO. Great work he's doing with the white paper on cross-cloud. Obviously vSphere, big release, a lot of other stuff. Dave Vellante had mentioned that in the analyst session, you had a lot of good stuff you were talking about that's coming around the corner, that's shipping, coming out of the oven. And a big theme this year is multi-cloud, cloud native, the relationship, what's one's the head bleed dog? No one, you kind of get a feel for multi-clouds kind of out front right now, but now cloud native's got the most history. What's coming out of the oven right now in terms of hitting the market, that's not yet in the numbers in terms of sales. Like there's some key cloud native stuff coming out. Where's the action? Can you share what you shared at the analyst meeting? Yeah, so at the analyst meeting what I was going through was a number of our new innovation projects. And these are things that are typically close to being product or service at VMware, somewhere in the year out time frame. Some of these are just a few months out. So let me just go through some of them. I'll start with project Kesik. So Kesik is super exciting because when you think about Edge, what we're hearing from customers is the notion of a single platform, a single piece of hardware that can run their cloud services, their containers, their VMs, their network and security functions. Doing all of this on one platform gives them the flexibility that as changes happen, it's a software update. They don't have to buy another piece of hardware. But if we step back, what's the management experience you want, right? Simple, GitOps oriented, simple life cycle and configuration management, very low touch, I don't need technical skills to deploy these types of devices. So this is where Kesik comes in. So what Kesik is doing is exposing a Kubernetes API above the ESXi hypervisor and taking a complete GitOps style of management. So imagine now when you need to do an update for infrastructure, you're logging into GitHub, you're editing a YAML file and pushing the update. We're doing the same thing for the applications that reside, I can do all of this through GitHub. So this is very, I would say, even internally disruptive to VMware, but super exciting for our customers and partners that we've shared this with. What else is happening? What else on the cloud native side? Tanzu, Monterey, those a lot of areas. There's so much. So if we look at Project Monterey, I had a presentation with Nvidia yesterday, we're really talking through this. And what I'm seeing now is there's a couple of really interesting inflection points with DPUs. The first thing is the performance that you're getting and the number of cores that you can save on an x86 host is actually providing a very strong business case now to bring DPUs into the servers and into the data center. So that's one, so now you have a positive ROI. Number two, you start to decouple core services now from the x86 host itself. So think about a distributed firewall that I can run on a PCI adapter now that's decoupled physically from the server and it really allows me to scale out East West security in a way that I could not do before. So again, I think that's really exciting and that's where we're seeing a lot of buzz from customers as well. That DPU, which got a lot of buzz by the way, Lisa, I remember you had trouble interviews on this. I had to, the Dell folks too, the X-Rail's taking advantage of it. The performance is, I see the performance angle on that and DPUs are hot. Can you talk about that security East West thing? Because Tom Gillis was on yesterday, talking about that's a killer advantage for the security side. Can you touch on that real quick? Yeah, 100%. So what I can now do is take a firewall and run it isolated from the x86 host that it's trying to protect. So it's right next to the host. I can get line rate speeds in terms of analytics and processing of my network and security traffic. So that's also huge. So I'm running line rate on the host and I'm able to run one of these firewall instances on every host in my data center. You cannot do that. You can never afford it with physical appliances. So to me, this is an inflection point because this is the start of network and security functions moving off of hardware appliances and onto DPUs. And if you're the ecosystem vendors, this is how they're going to be able to scale some of their services and offerings into the public cloud. So a lot of good stuff happening within the VMware, kind of the hardware, low level atoms and the bits as well as the software. The other thing I want to get your thoughts on relative to the next question that takes to the next level is the super cloud world we're living in is about cloud native developers, which is DevOps. Dev, security ops and data ops are now big parts of the challenges that the people are raining in, the chaos that's being rained in. How does VMware look at the relationship to the cloud providers? We heard cloud universal. We got the cloud, if you believe in the multi-cloud which you guys are saying people are agreeing with, then you got to have good, tight, coupled relationships with the cloud services. 100%. You can be decoupled but highly cohesive but you got to connect in via APIs. What's the vision for the VMware customers who want to connect, say AWS for instance? Is that seamless? What makes that happen? What's that roadmap look like for taking that VMware on-premises hybrid and making it like turbocharging it to be like public cloud hybrid together? Yeah, I think there's some lessons that can be learned here. An analogy I've been using lately is look at the early days of virtualization when VMware had vCenter. What was happening was you saw the enterprise management vendors try to do this overlay above virtualization management and say we can manage all hypervisors. At the end of the day, these multi-hypervisor managers, no one bought them because they can do 20% of the functionality of a tool from VMware or Microsoft. And that's the lesson that we have to take to multi-cloud. We don't have to overlay every functionality. There's really good capabilities that the cloud providers are offering through their own tooling and APIs, right? But if you step back, you say well what do I want to centralize? I want to have a centralized secure software supply chain and I can get that through VMware Tanzu and where we're going with Kubernetes. When you're going with native cloud services, you might say you know what? I want to have a central view of visibility for compliance. So that's what we're doing with secure state or a central view of cost management and we're doing that with cloud health. So you can have some brokering in governance but then you also have to look from a surgical perspective as to what are the things that I really need to centralize versus what do I not need to centralize? One of the themes that we heard on the keynote on Tuesday was the different phases and that a lot of customers are still in the cloud chaos phase. We talked a lot about that the last couple of days with VMware, with its partner ecosystem but the goal of getting to CloudSmart. How does the R&D organization, how are you helping customers really navigate that journey from the chaos that they're in, maybe they've inherited a multi-cloud environment to getting to CloudSmart and what does CloudSmart mean from your perspective? CloudSmart from my perspective means pragmatism. It means really thinking about what should I do here first, right? I don't want to just go somewhere because I can, right? I want to be really mindful of the steps I'm going to take. So one example of this is I met with a customer this morning and we were talking about using our VRealize network insight tool because what that allows them to do is get a map of all of their application dependencies at your data center and they can learn like, well, I can move this to the cloud or maybe I can't move this because it has all these other dependencies and it would be really difficult. So that's one example. It also means really thinking through issues around data sovereignty. What do I want to hold on to? A customer I just met with yesterday, they were talking about how valuable their data is and their services that they want to use the ASAS in the cloud, but then there's also services which is their core research. They want to make sure that they can maintain that in their data centers and maintain full control because they see researchers will leave and now all of a sudden that intellectual property has actually gone with the person and they need to have a better accountability there. You know, one of the things that we discovered at our SuperCloud event was that we couldn't really kind of put too much structure on other than our vision that it's not just SAS on the cloud and it's not just multi-cloud. It's a new kind of application end state or reality that if you believe in digital transformation then technology is everywhere. And like IT in the old days it powered the back office and then terminals and PCs and whatnot. Wasn't powering the boardroom, obviously, or any other business. But if it happens like that, digital transformation, the company is the app. The app is the company. So you're all digital. So that means the operating expenses has to drive an income statement and the capex handled by the cloud provides a lot of goodness. So I think everyone's kind of realized that AWS and the hyperscalers are providing great capex gifts. They do all the work and you only pay when you've made your success. So that's a great business model. Absolutely. And then combine that with open source which is now growing so fast, going next level. The software industry is open source. That's not even a debate. Well, in some circles maybe, like telco. Cloud's got the capex. The new operating model is this cloud layer that's going to transform the company's finally in 100%. Okay, that's SuperCloud. If that's the case, does it really matter who provides the electricity or the power? It's the coders that are in charge. It's the developers that have to make the calls because if the application is the core, the developers are not only the front lines, they are the company. This is really kind of where the sea changes. So if we believe that, I'm sure you agree with that generally. Yeah, of course. Okay, so then what's the VMware customer roadmap here? So to me, that's the big story here at the show is that we're at this point in time where VMware customers have to go there. 100%. What's that path? What is the path for the VMware customer to go from here to there? And what's this order of operations? Or is there a roadmap? Can you share your thoughts on that? Yeah, I think part of it is with these disruptive technologies, you have to start small. Whether it's in your data center or in the cloud, you have to build the own institutional knowledge of your team members in the organization. It's much easier than trying to attract outside talent. At least for many of our customers. So I think that's important. The other part of this with the developer in control, like in my organization, I want my innovators to innovate. Any other noise around them, I don't want them to have to worry about it. And it's the same thing with our customers. So if your developers are building the technologies that is really differentiating your company, then things like security and cryptography shouldn't have to be things they worry about. So we've been doing a lot of work. Like one of the projects we announced this week was around being able to decouple cryptography from the applications themselves. And we can expose that through a proxy, through service mesh. And that's really exciting because now IT ops can make these changes, or SecOps teams can make these changes without having to impact the application. So that's really key is focusing the developers on innovation and then really being mindful about how you can build the right automation around everything else. And certainly open source is key to all of that. So then if that's happening, which I'm not going to debate that, then in essence, what's really going on here is that the companies are decomposing their entire businesses down to levels that are manageable, completely different than the way they did them 20, 30 years ago. Absolutely, you could take a modular approach to how you're solving business problems. And we do the same thing with technology where there might be a ML algorithms that we've developed that we're exposing as a SaaS service, but then all of the interconnects around that service are open source and very flexible so that the businesses and the customers and the VMware partners can decide what's the right way to build a puzzle for a given problem. We were talking on day one, I was riffing with an executives, it was Ragu and Vittorio. And the concept around cross cloud was if you get to this nirvana state, which is that people want to get to this composability mode, you're not coding, you're composing. Because coding is kind of happening open source, it's not the old classic. Write some code and write that app. It's more orchestrate, compose an orchestrate. Do you put your thoughts on that? Yeah, yeah, yeah, I agree. And it's, I would add one more part to it too, which is scope. You know, I think sometimes we see projects fail because the initial scope is just too big. You know, what is the problem that you need to solve? Scope it properly and then continuously calibrate. So even like our customers have to listen to their customers. And we have to be thinking about our customers' customers because that's really how we innovate because then we can really be mindful of a holistic solution for them. You know, Lisa, when we had a super cloud event, you know, one of the panels was called the Innovator's Dilemma with a question mark. And of course, everyone kinds of quotes that book Innovator's Dilemma. But one of the panelists, Chris Hoef, Beaker on Twitter, said, let's change the name from the Innovator's Dilemma to the Integrator's Dilemma. And we all kind of got a chuckle. We all kind of paused and said, hey, that's actually a good point. If you're now in a cloud and you're seeing some of the ecosystem floor vendors out there talking this game too, they're all kind of fitting in, snapping in, almost like modular, like you said. So this is a Lego game now, it feels like, it feels like, you know, let's compose, let's orchestrate, let's integrate. Now, integration's API driven. So now you're seeing a lot more about API security in the news. We've been covering, Lisa, I've probably interviewed six companies in the past, you know, six months that are doing API security. Who would have thought API, that's the link with the web. Now that's now a target area for hackers. Oh, and that's such an innovation area for VMware, John. Okay, there it is. So I mean, this is again, this means the connected tissue is being attacked, yet we need it to grow. No one's debating that is wrong, but it's under siege. Yes, yes, so something else we introduced this week was a project we called Project Trinidad. And the way you can think about it is a lot of the anomaly detection software today is looking at point-based anomalies. Like this API header looks funny. Where we've gone further is we can look at full sequence-based anomalies. So we can learn the sequences of transactions that an application takes and really understand what is expected behavior within those API calls, within the headers, within the payloads. And we can model legitimate application behavior based on what those expectations are. So like a common sequence might be doing an e-commerce checkout, right? There's lots of operations that happen. Logging into the site, searching, finding a product, going through the cart, all of those things, right? So if something's out of sequence, like all of a sudden somebody's just trying to do a checkout, but they haven't actually added to the cart, right? This just seems odd, right? So we can start to, and that's a simplistic example, but we're able now to use our algorithms to model legitimate application behavior through the entire sequence of how applications behave, and then we can start to trap on anomalies. That's very differentiating IP and we think is going to be really important for the industry. Yeah, because a lot of the hacks sometimes on the API side, even as an example, are not necessarily on the API. It's the business logic in them. That's what you're getting at here. The APIs are hard. Oh, our APIs are secure. Well, yeah, but you're not actually securing the business logic internally. That's what you're getting at if I read that right. Exactly, exactly, yeah. Yeah, and it's the thing. It's great that you can look at a header, but what's the payload, right? What's the actual data flow, right? That's associated with the call, and that's what we want to really hone in on, and that's just a far different level of sophistication in being able to understand east-west vulnerabilities, log for JX boys and these kind of things. So we have some real, real big technology there. It's interesting that security countries now are not about security, they're about defensibility because security is a state of time. You're secure here, you're not secure, or someone might be in the network or in the app, but can you defend yourself from and in? That's it, you know, our malware software, right, that we're building to prevent and respond has to be more dynamic than the threats we face, and this is why machine learning is so essential in these types of applications. Let me ask you a question. So just now zooming out, just riffing here, since day three is our conversational day where we debate and just riff more like a podcast style. If you had to do a super cloud or build a next-gen cloud, multi-cloud with abstraction layer that's all singing and dancing and open, everyone's happy. Hardware below is working, IaaS, and then apps are killed, KNS. What's in that? What does it look like to you? If you had to architect the ultimate super cloud enabler, but that's something that would disrupt the next 10 years, what would it look like? And how does it, and assuming, and trying to do it where everybody wins, go, you have 10 seconds. No, but... Yeah, yeah, so the, you know, first of all, there has to be open source at all of the intersections. I think that's really important. And this goes from networking constructs to our database as a service layers, you know, everything in between. You know, the participants should be able to win on merit. The other part of super cloud though that hasn't happened, that I think is the most important area of innovation is going to be decoupled control planes. We have a number of organizations building sovereign cloud initiatives. They want to have flexibility in where their services physically run, and you're not going to have that with a limited number of control planes that live in very specific public cloud data centers. So that's an area of... An example of what a narrowly defined control plane is. Yeah, sure. So my database as a service layer. So the actual portal that the customer is going into to provision databases, right? Manage replication, et cetera. All right, I should be able to run that in a colo. I should be able to run that somewhere in region that is guaranteed that I'm going to have data stay physically in region. You know, we still have some of these challenges in networking in terms of being able to constrain traffic flows and be able to predict and audit them within a particular region as well. It's interesting you bring up region again, more complexity. You know, you got catalogs here, catalogs different. I mean, this is where the chaos really comes down. I mean, it's advancing, but it's advancing the state of functionality, but making it hella complex. I mean, come on, don't you think it's like pretty amazing the hard to rein in that? Or is it maybe you guys making it easier? I just think, I just, my mind just went, oh my God, I got a provision to that region, but then it's got to be the same over there. When you go back to modular architecture constructs, it gets far easier. This has been really key for how VMware is even building our own clouds internally, is so that we have a shared services platform for the different apps and services that we're building, so that you do have that modularized approach. Like I said, the examples of innovation projects I've shared have been really driven by the fact that, you know what, I don't know how customers are going to consume it and I don't have to know. And if you have the right modular architecture, the right APIs around it, you don't have to limit a particular project or technology's future at the time you build it. Okay, so you're super cloud, have multiple control planes that you can move, manage with that within one place. I get that. What about the data control plane? That seems to be something that used to be the land grab in conversations from vendors, but that seems to be much more of a customer side. Because if I'm a customer, I want my control plane, data plane to be mine. Like I don't want to have anyone, because data's got to move around, got to be secure. Oh, exactly. And that's going to be complicated. How do you see the data planes emerging? Yeah, yeah, we see an opportunity really around having a centralized view that can give me consistent indexing and consistent awareness of data, no matter where it resides. And then being able to have that level of integration now between my data services and my applications. Because you're right, you know, right now we have data in different places, but we could have a future where data's more perpetually in motion. You know, we're already looking at time sensitive fabrics where we're expecting microservices to sometimes run in different cell towers, depending on the SLA that they need to achieve. So then you have data parts that's going to follow, right? That may not always be in the same cloud data center. So there's, this is enormously complicated, not just in terms of meeting application SLAs, but auditing and security, right? That makes it even further. So having these types of data layers that can give me a consistent purview of data, regardless of where it is, allow me to manage and lifecycle data globally. That's going to be super important, I believe, going forward. Yeah, awesome. Well, my one last question, Lisa's going to get a question in here. It's a hard one for her. I'm getting all the questions in. Sorry, Lisa. That's okay. What's your favorite most exciting thing that you think's going on right now that people should pay attention to of all the things you're looking at? The most important thing that's happening and maybe something that's super important that people aren't talking about, or it could be the same thing. So the most important thing that you think that's happening in the industry for cloud next to end, and maybe something that you think people should look at and pay more attention to. Okay, yeah, those are good questions. And that's hard to answer because there's probably so much happening. I've been on here before. I've talked about edge. I still think that's really important. I think the value of edge velocity being defined by software updates, I think, is quite powerful. And that's what we're building towards. And I would say the industry is as well. If you look at AWS and Azure, when they're packaging a service to go out to the edge, it's packaged as a container. So it's already quite flexible. And being able to think about how can I have a single platform that can give me all of this flexibility, I think is really, really essential. We're building these capabilities into cars. We have a version of our VeloCloud edge device that's able to run on a ruggedized hardware in a police car today. We're piloting that with a customer. So there is a shift happening where you can have a core platform that can now allow you to layer on applications that you're not thinking about in the future. So I think that's probably obvious. A lot of people are like, yeah, okay, let's talk about edge, big deal. Oh, it's big. Yes. It's exploding. It's complicated too. It's not easy. It's not obvious. Right. And it's emerging. There's new things coming every day. Yeah, yeah. And related to that though, there is this kind of tension that's existing between machine learning and privacy. And that's really important. So an area of investment that I don't think enough people are paying attention to today is federated machine learning. There's really good projects in open source that are having a tangible impact in a lot of industries. In VMware, we're investing in a couple of those projects, namely FATE and the Linux Foundation and OpenFL. And in these use cases, like the security product I mentioned to you that is looking at analyzing API call sequences, we architected that originally so that it can run in the public cloud, but we're also leveraging now federated machine learning so that we can ensure that those API calls and the metadata associated with that is staying on-premises for the customers to ensure privacy. So I think those intersections are really important. Federated learning, I think, is an area not getting enough attention. All right. All right. Chris, thanks so much for coming on. Unfortunately, we're out of time. I know you guys could keep going. Yeah, good stuff. But thank you for sharing what's going on in R&D, the customer impact, the outcomes that you're enabling customers to achieve. We appreciate your insights. We're just getting started. Early innings, right? Yeah. Awesome. Good stuff. For our guest and John Furrier, I'm Lisa Martin. You're watching theCUBE live from VMware Explorer 2022. Our next guest joins us momentarily. Okay.