 From Orlando, Florida, it's theCUBE. Covering Cisco Live 2018. Brought to you by Cisco, NetApp, and theCUBE's ecosystem partners. Hey, welcome back everyone. It's theCUBE live here in Orlando, Florida for Cisco Live 2018. I'm John Furrier with theCUBE. My co-host, Stu Miniman. It's our third day of three days of wall-to-wall. Coverage is a big story here. It's a transformation. The power of the network has become in computables. It's a great, great story. Our next guest, as you wish to hell, is the vice president of product, AVI Networks. Welcome back to theCUBE. Great to see you. Thank you, John. Thanks for having me, John, and Stuart. It's a pleasure being here again. So we were just talking before camera came on about Istio, because Stu wants to go there right away. We're going to hold off on that, but service mesh is suitably going to be a great thing with Kubernetes and containers. But the story here is the changing nature and power of the network. Susie, we who came on with DevNet was talking about the success of DevNet has been a combination of great timing, of open source hitting the network, but making the network programmable, opening up new innovations. This is a really big thing. I want to get your reaction to this, because you're tied into this trend big time. What does that mean for people that are watching this? They're trying to grok the new way. What is this intent-based network? What's this programmable network? Is it the iPhone kind of moment? We're for networks where new apps are coming that we've never seen before? Or is it something different? What's your take? That's such a great example, John. Just a fundamental transformation that iPhone had on how we think about telephony in general, we're at that sort of a moment in the network. And the reason for that, frankly, is how we deploy applications, how we design applications, and where we deploy applications has fundamentally changed. 20 years ago, you had one choice to deploy an application, and it was that server right over there in your data center. And today, you can do it as a container, a bare metal server, a virtual machine on-prem, or one of hundreds of data centers, public cloud data centers all over the world. And then, architecturally, everything is moving from these monoliths to microservices, or much more tiny and more manageable components. And what that does to the network is fundamentally different from what's been going on in the network for the past couple of decades. It elevates the position of the network from just connectivity to something that is fundamental to how these services talk to each other. Unlike 100 things that live inside a box and talk to each other, now you have 100 things on the network talking to each other. So think about what that does to you from an availability strategy perspective, from a security strategy perspective, from a surface area of security, from a monitoring perspective. I mean, the reason why you see, I mean, walk the show floor here. So much innovation in the network, and the reason for that is, instead of an enterprise running 1,000 applications, within the next few years, each enterprise is going to be running 100,000 applications. And their budget is not going up 100 times. So you need innovation, you need automation, and that's where this intent-based movement comes in. So new opportunities are going to be created, new wealth creation, more innovation. What do you guys do? Take a minute to explain why you guys are here and with your company, what are you contributing? What's your role in the ecosystem? What's your product differentiation? What's the story? Yeah, great. So we play in the application services space. If you think about the network, traditionally, people have thought about it as connectivity, which is layer two, layer three, and then network services, or the services that the network offers to an application that's load balancing, its application security, SSL offload, its web application firewall, and so on. So services that are tied to the application, that's really what our company is about. So we have a fabric-based platform, software-only. The fabric can be instantiated on bare-metal appliances or containers or virtual machines. It's all centrally managed, and it's intent-based, which means it's policy-driven. So you go to a single place, you say, please, I need load balancing capabilities for this application. I need SSL, and I need to turn on my web application firewall. And no matter where the application is, in Azure, in AWS, or on-prem, or a mainframe, the fabric is able to instantiate that service automatically in front without the operator having to worry about, where is it? What do I need to do? Do I have enough capacity? None of that. Yeah, Guru, in Chuck Robin's keynote on Monday, he talked about kind of the old way. Yes. It was kind of bespoke. It was silos. It was like, well, you know, we had the wiring guys over here doing the physical, layer two, layer three, four for sevens over there. Today, software up and down the stack changes a lot. Maybe talk a little bit about that dynamic as to how applications, intent-based networking, really is having, the application doesn't just use, but is heavily involved with the network. So here's the single biggest thing that's driving this change. Applications used to be secondary for IT in some sense, certainly infrastructure teams, and infrastructure was primal. And I had my ADCs and load balancers here, and my routers, and my switches, and so on. And this is my infrastructure. Now let's figure out how to fit the application on my infrastructure. And that world is gone. That's the old way. You can't hug your load balancers anymore. That's, if you do that today, those days are, if not gone, they're almost nearing an end. And increasingly, the infrastructure is going to live for applications. The center of the world is my need as a business to roll out application quickly to understand how people are interacting with that application, to make changes to it in real time. And all of infrastructure is now wrapping itself around that notion. So intent-based networking, in our case, intent-based application services, is all about how can I, in an automated way, quickly deploy load balancing, application security for applications, no matter where they are, how can I monitor the applications in real time? That's really what the movement is about. That's a great point. I'd like to just add and get your thoughts on this, a react to another concept. To add to that is that you got all that happening. Yeah. Okay, that's because of the cloud and the great new tech. But then you factor in that the programming models are changing too. So the perfect storm is everything that you said, but now the expectation of the developer. API. With open source. Isn't it API? Has to be programmable. That's right. And it's like the classic, you know, let the infrastructure take care of its business, but no one's got to do all this manual work. And this is a huge dynamic. And I think the DevNet story this year at Cisco Live really puts an exclamation point on the fact that this has got traction. That's right. We kind of know we see open source, but from a networking world, it's a whole new, essentially green field opportunity. Yeah. Do you agree with that? Totally. I mean, you know, there's in most of our largest customers. And by the way, we didn't talk about us on the business side, but just to give you a quick flavor for what our customer base looks like, we primarily sell to global 2000 enterprise, three of the top five banks in the US are our customers. Two of the top five banks in Amir customers, 20% of the fortune 50 are our customers. We've replaced traditional, we replaced traditional load balancing solution and so on. And the primary reason, the number one reason is automation. And by automation, everybody talks about automation, but by automation, what our customers mean is infrastructure as API. Simple things. I want to capture all the packets going to that application. And I want to do that with a single REST API. I want to talk to an IP endpoint and say, here's the REST API, give me all the traffic. Can you do that in your network today? Our customers can. What's the alternative for them if they don't use APIs? Oh yeah. So you've got two choices. One, you walk into your data center, turn on a span port, take all that traffic, take it to some sort of a monitoring fabric, blah, blah, blah, three days later, if you're lucky you get traffic. Second approach, call AWS, tell them to turn on a span port and good luck with that. So, you know, increasingly you frankly don't have much of a choice. You need infrastructure to be as an API. Scale is also a tsunami of data coming in. So one time, time is a massive problem. That's never going to happen. People will give up. Number of events, number of alerts. There's the speed. I talk about the top three trends that are going on in our customer base. Speed, speed, and speed. Okay, you've got some great clients. Why are they going with you and how does someone engage with you guys? What do they do? They just call you up and saying, just bring in some software, do all your boxes. Is it software? How do I configure it? How do they onboard? How do you guys engage with your customers? Right, so why do they buy us? Three quick reasons. One, amazing automation fabric approach, central management. Two, amazing analytics. To your point about great events, we want to help our customers address this deluge of events and things that are happening in the data center and provide great insights. So that's all built into the product. And three, much more cost effective. I mean, these traditional solutions, believe it or not, they've been around for 20 years. They're not just traditional as in legacy, but they're also extremely expensive. Our competitors sell load balances at 84% gross margins. You know how many of my customers run their business at 84% gross margins? Zero. So how can you afford that, right? So those are three big reasons why they buy. How they get engaged with us is they typically have a public cloud project. They'll say, all right, like Adobe. They'll say, all right, we need to go to Azure, move the applications right away. But that's easy for the CIO to say in practice, that's a beast, right? So they need to get in there. They need to figure out how am I going to meet application SLAs on Azure? How am I going to do application availability or security or monitor these? And then they do a Google search or something like that connected with us. Two, we're a Cisco partner. Cisco resells us. And Cisco is everywhere. So when people approach their trusted vendor, like Cisco and say, Cisco, I've got this public cloud issue or network modernization issue. And load balancing is a consistent point in my neck. Like what do we do? And Cisco goes, oh, we've got a great partner. We resell their technology. I'd love to help you understand more. And then they pull us in and we close. Yeah, that's a great point, guru. One of the things we've been talking to a lot of customers, it's, how do I manage and deal with my network when I don't own a lot of the pieces of the network? And that's the story we've been hearing Cisco talking about multi-cloud. That's right. Up on stage, Chuck Robbins brought Diane Green out. Talked a lot about Kubernetes and Istio. We know Avi Networks. I believe I've seen your team at the KubeCon show. John was just at the Copenhagen show. I unfortunately missed that one. I'll be back at the Seattle show. Talk about what your team's doing with Kubernetes and Istio and how does Cisco fit into that discussion? Yes, we love that space. It's actually, I think at this point, after public cloud, after Azure and AWS in particular, and GCP as well. So after public cloud, it's our fastest growing part of our business today. And what we've been shipping for over two years now is an enterprise-class service mesh targeted at not just Kubernetes, but Kubernetes, OpenShift, Meso, so consistent when the beautiful thing is, our fabric is just a fabric. It can, the same fabric in one corner of the data center could be serving a traditional bare metal application and another corner of a data center is serving a containerized Kubernetes application. And what we do there is we provide both North-South load balancing capabilities as well as the East-West load balancing capabilities for that entire cluster. And to give you a sense for scale, our largest customers, we've got large banks and technology companies running us in production on Kubernetes. At the highest end, we've got customers running eight, 10 clusters of somewhere between 50 to 100 nodes each. So we're talking about 500 to 1,000 nodes running in both public cloud and on-prem of Kubernetes where we are providing the distributed load balancing capabilities. Well, that's great. So if you've been doing service mesh for two years, that's pre-STO, how does that relate to the STO project? Yes, it is. And in some sense, it's still pre-STO, right? Because I love STO on slides. But the year of STO is 2019 and maybe 2020. So it's going to take some time. We love it because here's what happens today. This is the problem for solution providers like us. What happens is we're forced to integrate with Kubernetes the Kubernetes master service. At some point, customers are like, all right, so you're integrated with Kubernetes and this person is integrating. There's other pieces of our integrated. What STO does is it very cleanly separates the network policy from Kubernetes to STO. So we have to then integrate only with STO and we are doing that integration right now. So from our perspective, these are northbound orchestration systems and policy systems. Once STO solidifies and I expect sometime next year, maybe middle next year, maybe late next year, it'll be ready for production and then you can continue to use us within. Yeah, Guru, I'm going to have to say, you're the hipster service mesh company then, right? You were doing it before it was cool. Yes, and then perhaps we can do something else. We love the STO as a total geek conversation but it's super important. I want to get your thoughts on this because I do agree, it's definitely got some work to do but it's the number one open source project within the CNCF. Yes. So clearly there's a ton of interest and a lot of the alpha geeks are going there. They see great value there. Containers, check. Containers are great. Kubernetes, check on a good path. STO is interesting because its service meshes is a concept that kind of ties networking with apps and then you guys are in the middle of this. What does that mean for the network engineer out there or for the company? Why should they pay attention to this service mesh concept or STO and the role of microservices? Clearly microservices make sense of your API and everything. You want to have more services developing. That's right. But what's going on under the hood? Why is STO getting so much attraction in your opinion? It's a very simple reason, John. So this was my world as a network engineer. I had a few of these applications. I would look at them, they're like my little puppy and I would configure my entire network to support these applications. The world of microservices and really this new world that we live in, I don't have one of these. I have a hundred of these per application. So I have a hundred thousand of these floating around. I can't do it without using policy. Policy is at the root of all this intent based networking, declarative policies. STO, declarative policies. Our platform, declarative policies. So the entire world of networking is moving away from let me go to one of my 50 switches and configure the CLI to let me define a set of 10 policies that we will then apply to a hundred thousand applications. Because frankly, there's only 10 different things I want to do. I don't want to configure a hundred thousand endpoints. I just want to do 10 things. That's something I can do as a human. And that's really what is the root of this. So it's really intent based networking sort of at different layers. So there's been conversation, we've been obviously talking about this in theCUBE since day one here about we believe the network engineer, the Cisco customer, if you will, or people getting all these certifications, they're going to have to be so much more powerful because there's been a conversation in other press and media around the death of the network engineer. They're the mainframe guy. Which iteration of that are we on? Because I hear that every five years. They've been alerted how to cozy, they don't lose their job. When it actually, the network is getting more and more powerful. So what you're talking about, we think connects and validates that the network engineer, the one doing cyber ops, data center, service provider, industrial IoT, CCNA, CCIEs, these guys are going to be a fish to water when they hear words like policy, dynamic provisioning. Automation, API. These are concepts they're used to. That's right. What's your thoughts on that? Because this is kind of a new emerging connect point that DevNet's kind of pointed with DevNet Create and DevNet Proper. What are your thoughts? I have tremendous empathy for our customer base. I used to be a customer on the other side a couple of decades ago. And there's this sort of fashionable in Silicon Valley to come up with new innovation and say, oh, all those people, they're going to be left behind and my technology is going to be awesome. I don't subscribe to that. The hunger I see in networking teams to continually add value is unparalleled today. The hunger I see for automation, for learning REST API, SDKs, Python, Ansible, interacting with DevNet is unparalleled. And in some sense, if that wasn't there, why would you have intent-based networking? Why would a vendor like Cisco, a vendor like AVI emerge? Why would we build these amazing things if there wasn't hunger for this? So I think the network is going to be extremely important and most of the networking teams today will make that transition. I'm not going to discount the fact that there will be some who will want to hug their load balancers for the next 10 years. And I have bad news for them. There was a time when you could ride it out for five or 10 years before the next tech showed up. Those days are gone, man. The new tech shows up today and then you're like, nah, not going to happen, not going to happen for about 12 or 18 months and then boom, everything just changes. So what's your advice to those network engineers out there, those folks doing, that are going to be the power players in this new configuration? What should they do? Engage. Engage, be the person in the organization that brings in a new technology never in my entire career, two decades now. Have I seen individuals in networking teams at banks, at technology companies, at retailers, at grocery store companies, at radiology centers? You know, go out there and ask questions. Is there a better load balancer? Is there a better switching solution? Is there a better XYZ? Is there a better way to monitor my apps? And then pull in that, play around with that, call the vendor. You know, traditionally, never used to happen. So I'm excited about it. Yeah, that's awesome. It's a great opportunity to be, the timing's perfect. All right, final question, actually two questions. What's up next for you guys at Avi Networks on the roadmap? What's coming next? And then you're taking the show. What's the vibe, what's it like for the folks who didn't make it to Orlando? What'd they miss? So our vision is double down on multi-cloud. It's so real, all of our customers, all, almost 100% are both on-prem and in AWS or Azure. And we're continuing to invest in making that easier through the introduction of several sort of initiatives on the platform, including SaaS, including increased investments in security. So that's on our vision side. Invest in our partnership with Cisco. As I said, Cisco is a reseller and now an investor in that last round of funding. So we're pretty excited about that. And they're excited about being close to a company that frankly is seeing the kind of traction we're seeing. So that's what we're doing over the next three to five years. Show floor, I got to say 80% of it sounds like, give me your data and I will provide you insights. And that's trivializing that a little bit, but I think it goes back to the point, John, you made earlier where things are moving so fast, so much is changing that there's just an increased excitement around technologies which help you automate, which helps you provide better insights, which helps you just manage this. And then final question, one more just popped in my head, I've got to get out there. Programmability, obviously we believe it's happening, APIs are happening, microservices are right around the corner, you guys are first generation, service mesh and production. What are some of those new apps we're going to see if the network programmable is first generation, like an iPhone was for telephony, what kinds of networking apps are we going to see in the new paradigm that DevNet's pioneering? So actually two kind of apps I'm already seeing in my customer list right now. The first one is cell service and provisioning apps. So as soon as the network becomes programmable, the first thing networking teams do, this is a little bit counter-intuitive. Remember the old word where networking teams were like, my network, don't touch it. The first thing they're doing now is they're saying, oh, it's programmable, let me build a sandbox for you quickly, you do it. Don't call me, don't call me, just do your thing. If you hit the bounds of the sandbox, then call me and we'll talk about it. So cell service, automation, provisioning is the first kind of applications I'm seeing emerging. And the second one is monitoring. You know, the age-old problem. I don't know what's going on. So people are building these amazing solutions. I mean, I thought people would be logging into our CLI or UI and getting insights? No, they're taking my data right now. I counted about 15 upstream solutions from Tetration, to Splunk, to other SIMs, Datadog, AppDynamics, Neuralic, they're exporting this wherever they can. And so those are the two classes, cell service, automation, and monitoring. And this all is underpinning value for state security monitoring, and scriptures right around the corner. Thanks for coming up here, Avi Networks. We feed products here inside theCUBE. Day three is theCUBE coverage here. I'm John Furrier with Stu Miniman at Cisco Live in Orlando. Stay with us. We'll be right back.