 Live from Gillette Stadium in Foxboro, Massachusetts, extracting the signal from the noise, it's theCUBE, covering VTUG's New England Winter Warmer 2016. Now your host, Stu Miniman. Hi, welcome back to theCUBE. I'm Stu Miniman with Wikibon, and this is the VTUG, the Virtualization Technology User Group here 2016. It's the 10th year of the show, third year that we've had theCUBE here. Happy to have on the program a first time guest, Scott Martin, who's the Systems Engineering Manager in SBU, which means the networking group is kind of at the core of that, and security is part of that business unit. Scott, welcome to the program. Oh, thanks for having us, Stu. All right, so you gave one of the keynotes this morning, talking about VMware NSX, some of the big changes before we kind of get into some of the technology. Tell us a little bit about your background, what brought you to VMware and the VTUG. Yeah, great. So I probably saw the better part of 20 plus years working for a multitude of different network and security vendors. In fact, my last role was working for the office of the CTO of a pretty predominant hardware vendor, where essentially it was tasked with trying to figure out how do you make hardware relevant in a software-defined world. Hence, I had this aha moment, if you will, and came on board here with Nice Arrow. Yeah, so how does hardware stay relevant in a software-defined world? You know, if you're putting more and more intelligence and you're abstracting that layer of hardware, I think hardware becomes more or less irrelevant, right? Look at me wrong, there's some great technologies to maximize and manage hardware-based infrastructure, but true software-defined networking in its nature is software-based, right? Yeah, it's interesting. I mean, I think back, you know, I studied mechanical engineering as an undergrad, and it's a software world, so I've tried writing that article a few times as to the role of hardware in a software-defined world, and a lot of times it's, you know, integration matters a lot. You know, reliability matters a lot. Hardware is the platform that everything sits under. It's not like the cloud doesn't have hardware. It's not like your network and software-defined world doesn't have hardware, but there are shifts, and especially as the application and the software layer can control a lot more. I get away, what I say is there's the difference between kind of the old enterprise mindset, which was let's harden everything, let's have triple redundancy, let's, you know, build reliance into the hardware when the software can take out of that. We can have, you know, failures are okay a little bit more if I've planned and managed and done that, so that's my take. I mean, hardware is still, you know, majorly important and a big piece of what we have. I just don't, you know, go out and buy anything standing in the corner, but, you know, software is driving the world, definitely. Yeah, fully agree. I couldn't agree more, actually. So Scott, tell us a little bit about, you know, the keynote, you know, what are you talking about and how does that resonate with kind of the community here at this user group? Sure, so for, been a member of the VTUG now for a number of years, probably like five or six years now overall, and so the keynote we gave this morning was actually about helping customers understand the practicality of actually rolling out NSX within their environments, right? I think there's this myth out there that essentially to run NSX, you essentially have to rip and replace your existing infrastructure, it's just not true, right? A number of our customers that actually deployed NSX simply for micro segmentation, or they may start off with micro segmentation from there moving on to extending the reach, right? Going beyond traditional IP boundaries or even limitations within the context of their data centers. And then the other thing is around application continuity, right? So with this year with the release of vSphere 6, we changed a number of things, right? Prior to vSphere 6.0, with ESX 5.5 and below, round trip latency was tied to about five to 10 seconds around trip latency 4V motion. Now we've extended that to 150 milliseconds, now we're talking the ability to potentially span across very large geographical regions, or potentially across the country as well too if you have a decent fiber footprint. So now we couple that with our NSX 6.2 release, and now we can actually reach much further, right? So NSX 6.2 now gives us the capability of tying it to up to eight vCenters overall. So Scott, you're in the field, you're working with a lot of customers. I guess one of the challenges I've had with kind of the SDN wave in general is a lot of it, if you're not a networking person, it sounds like, oh, the networking guys have a problem, they've got all these protocols that they can't sort out and they're putting something else in there to help them fix a networking issue. Talk to us about kind of the business challenges, how this isn't just a networking issue, but what it means for the business from that standpoint. Right, I think the reason why we've gotten so much trash over the past couple of years has been right along that line is that we're actually fixing business use cases, right? So customer problems. So I'll give you a couple of examples, right? Within the context of a data center, segmentation to begin with, right? We've seen over the past two years or so, that it's not a traditional attack vectors, if you will, it's not folks coming in from the internet, it's folks coming in from secondary, tertiary, portal, gaining access to the data center. Our data centers are highly interconnected. Next thing we know, that hack has breached the whole entire data center. So we have to be more conscious about reducing that attack vector overall, right? And within a sector that granularity is as small and that risk profile is essentially as small as an individual virtual machine. And we take that as step forward. So microsegmentation is probably one of the more predominant use cases, but it's not the sole use case. And in fact, I think a lot of our customers are actually pushing us towards new and interesting use cases that we even haven't even thought of for that matter. Yeah, so I guess right, so security, who's one of those kind of tip of the spear use cases, one that I heard a lot of, we did a bunch of interviews at VMworld last year, and that seems to be a great use case there. You mentioned some other applications, anything you can point to? I guess, there are many users that said what I'd love in the networking space is to have what I have in general, which is I can just choose applications, regardless of hardware, kind of from a northbound standpoint at applications as need be. Is that coming to reality yet? Oh, absolutely. In fact, we have a number of customers that are actually leveraging, not only the context of being able to stand up everything an application stack needs from the layer two components, the routing functionality, the layer three routing OSPF or BGP, the stateful firewall services or layer four through seven services for load balancing. So everything an application stack actually requires can essentially be instantiated within a multi-machine blueprint and then put up to a self-service catalog. A number of customers are actually rolling out multi-tenant environments right along that line and they have been doing so now for a number of years. And that was the other thing is that, we look back at 2015, I think we've actually crossed the chasm. What I mean by crossing the chasm was that we've actually seen an asexical mainstream. So we've seen deployments in not only traditional very large IT organizations, but financial industries, healthcare industries, even smaller commercial opportunities as well too. Banking, healthcare has been another great vertical as well too. So we're seeing the adoption rate and it's not tied to a specific customer size either. We've seen very small customer organizations adopt NSX and very large ones as well too. Scott, can you quantify for me because your small might not be kind of small that they're there. What is kind of that entry level that you say below this? Maybe it might not be something that you want. I guess, isn't it a good fit for you guys today? Right, that's a great question. And I can only speak from my customer base here in New England. I'll give you a great example. I have a relatively small financial service provider. And essentially what they do is they provide financial services for banks. So they check the processing, credit card processing and the like. And they also provide IT as a service for those same banks that they provide services for as well too. And throughout this whole entire organization, we're talking about a rather small IT organization that comprises less than five folks total. So we're talking networking, security, infrastructure and automation and across five individuals. So they're a really small team and they were actually one of the earlier adopters because they saw the need to be able to abstain, skate and build out a true multi-tenant environment without having that complexity of having very large teams to support that environment. So that's probably on the smaller side. Yeah, but once again, they're really acting as a service provider. So there's the use case that says they might be smaller but they have the value for the services there as opposed to, if I was just kind of a standard mid-range company and I might have five IT guys but the network's not as critical to my business. Might be a little bit tougher sell. I guess, do you guys see this? What about the service providers there? Are you working with them? We are working with service providers as well too. But for the most part, I think given the fact that we're so well entrenched in the enterprise space, that's probably where we're spending most of our time right now. In fact, we've seen such a rapid growth of customers that we've actually started to verticalize. So now we actually have a team that specializes in the healthcare space and that's actually the team I'm heading out. We have another team that's completely specialized on the commercial space and our traditional enterprise and select customers as well. Yeah, so when I think back to one of the first VMworlds, Martín Casado got up on stage after the, like I think it was a year after the acquisition and they tried to make the case that the virtualization admins actually managed networking because they have all of their V switches and VNICs and the like. And the average virtualization admin was like, I got a networking team. I got a guy that handles that. I don't want to know it. I don't want to touch it. You know, where are we with kind of the roles and is the typical virtualization or cloud person? You know, how much are they touching the networking? How much does this cross boundaries? And that's a great question, right? And this is a question that our customers often ask of us as they're exploring in a sex overall. And I think what we've seen is this massive shift within the industry overall, right? Networking folks are starting to learn about cloud. Cloud folks are starting to learn about the networking context, security context and like, and we're starting to see tiger teams across organizations, right? Because essentially if you're going to essentially try to enable your business and your IT infrastructure to move at the speed of business, you have to enable those teams, right? Those days of having silos of excellence, they're kind of, they're no longer silos, right? They're becoming more or less tiger teams overall. Yeah, one of the other keynotes this morning talked about AWS VPC. If you look at public cloud, you know, the network is really one of the first points that you put in, customers understand their VPNs, they understand how they can kind of create private resources in the public cloud. How does VMware and the NSX solution tie into public cloud deployment? That's a great scenario, right? So if you look at the underpinnings behind VMware's VCloud Air, for instance, or EMC's Hybrid Cloud, the underpinnings behind that are NSX overall. So we can maintain the same security and networking context, whether we're talking about on-prem or off-prem as well too. And even at VMworld this year, we actually talked and Guido did a talk and actually did a demonstration of how we actually can apply security context in AWS workloads as well too. So, and this has been the number one question that our customers have asked as far as, how do we move our workloads to the cloud? How do we actually secure those workloads? How do we know that those workloads are secure and maintain my compliance, regulatory compliance as well? Yeah, so maybe talk a little bit about, you know, what heterogeneous environment you go through. I know you support more than just VMware as the hypervisor, but maybe you can kind of give us a little bit of support on the low. Right, so the whole foundation around NSX first and foremost start off with NYSERA, right? And NYSERA with Martin Casada, as you well know, spent the majority of his time on the open stack endeavor, right? So OVS and, you know, OVSDB as well too. So our first platform was actually multi hypervisor platform. And now we've actually released our NSXV, which is essentially the NSX platform optimized for vSphere as well too. So that will continue to evolve as we continue to grow out our market overall, right? So we're not just essentially solely focused on one specific setting, one specific area. Now I think you'll see more to come on that in the very near future. Okay, maybe can you share some customer stories? You know, what kind of, you know, brings you in the door? What problems are they solving? You know, what are some of the top case cases? So actually this morning, one of the use cases I talked about within my keynote was one of my customers based at Health, right? And we were actually tasked or challenged by the CIO of the organization. Essentially, their goals when they went about to build their infrastructure 2.0 infrastructure was that they wanted to have the ability to have any application exist anywhere and be available at any time. And to build it out, so I had done active-active type deployment scenarios, data center deployments in the past, in hardware, right? And it takes a level of complexity behind that as well too. You have to have shared storage volumes, you have to have, you know, layer two stretch it in between the infrastructure as well too, latency is a factor. What was nice about this infrastructure is we were essentially able to leverage NSX to provide all the networking context, all the routing functionality, and essentially leverage vSAN now as a shared storage component. So now an application could essentially exist across any of the three data centers in that environment. And then by using simple fault tolerance and fault domains, right? Any assets we created in data center A automatically had an HA pair in data center B. Anything we created in data center B had an HA pair ready to go in data center C and so on and so forth. So you can think about the ability now, it didn't matter where workload was spent up, where workload egressed or ingress from, you had that full capability, right? So you can think of it instead of doing traditional DR, just having pure application continuity. So beginning of the conversation, we talked a little bit about hardware. So there are any limitations that we need to worry about, you know, what environments can you go into? I know when the solution first came out, you know, one of the larger hardware providers out there, you know, caused some noise as to what would or wouldn't be supported. Where do we stand? You know, what environment should go in? What does a customer's network need to look like to support NSX? So obviously if you have a network infrastructure that's highly oversubscribed and very old and legacy in nature, that's going to be very difficult to actually abstain from, you know, multitude of workloads on top of that. So what we're seeing now is this pretty much started off with the hyperscale data centers, right? With the folks like Google and what we saw with AWS and the like too, is essentially start building other data centers in the spying leaf architecture. And that's pretty much what we're starting to see a lot of customers adopt as well too, because you essentially have the capability of having full cross functional or cross sectional bandwidth and your latency profile is guaranteed more or less because it's two switch ops across any environment overall. And now we're starting to see that resonate even further. Right, so as I mentioned before, we're completely decoupled from the underlying hardware. That doesn't mean we don't work well with hardware platforms that have been optimized for NSX overall. You know, whether we're talking about a Cisco-based infrastructure and a Rista-based infrastructure, Cisco, Juniper, it really doesn't matter, right? As long as the network infrastructure is built correctly and is highly resilient, then you have the great, you know, pinnings for an interlay. And then we can ride on top of that with our overlay technology. Okay, so Scott, you said you've been coming to this event for a number of years. Give us a flavor as to, you know, why you keep coming back, the interaction with the users and the value of the user groups. Yeah, I love this, because this is a great user community and it's New England, right? New Englanders are always known to be very self-reliant to begin with. So it's a great exchange of ideas that we see over and over again, right? So during the course of a conversation, you may find out how one person specifically solves a problem in their environment. They're willing to share that, right? So it's a great, great avenue to share resources as well as, you know, technical successes. All right, well, Scott Martin with the VMware NSB, you really appreciate you joining us. Thank you, Steve. Thanks for sharing with, you know, the people at this event and with our community. We'll be back with more coverage here from the VTUG. This is theCUBE. Thanks for watching.