 Live from New Orleans, Louisiana at theCUBE. Covering .NEXT Conference 2018 brought to you by Nutanix. Welcome back, I'm Stu Miniman here at theCUBE in New Orleans, the Nutanix .NEXT conference. Joining me is Keith Townsend. Going wall to wall with interviews for two days and going to dig into some really geeky techy stuff. Micro segmentation, like, happy to welcome to the program two first time guests. Harjot Gill, who is the senior director of product and engineering at Nutanix, and Rajiv Marani, who's the CTO of Cloud Platform. Thank you both for joining us. Thanks for having us. All right, so Rajiv, you've been with Nutanix for a bit, so we're going to get Harjot first. So we'd be four acquisitions that Nutanix has made in the software space in the last year or so. One of them was NETZL. So bring us back, you were, N.R., the CEO of the NETZL group. Tell us kind of why of the company, size of the team, things like that, and then we'll get into it. That's good, yeah. So previously, as I was co-founder and CEO of NETZL, which I don't know whether you noticed, it listened spelled backwards, and essentially it was like microservices analytics platform. And the core technology of NETZL was designed at University of Pennsylvania in a research group. That's where most of my team came from. It's a really small team. We're like just 10 odd engineers who took on this like very interesting challenge in the industry as microservices were taking off. Applications were like ported to modern platforms like Kubernetes. We saw an opportunity to take like a network-centric approach in doing performance analysis and liability analysis. And the product that we built is very interesting. It can be thought of as like Google Maps for your cloud applications. Just like Splunk in the past was Google search for data center. So we came up with this concept where you can like visualize different abstractions and different virtualization layers of your application delivery. And that was a product. All right, Rajiv, we've been talking about the really expansion of services that you're offering, security and networking, obviously a big space. So first of all, not a Stanford team that you brought in, but University of Pennsylvania. Explain a little bit for us, justification how NETZL fits in with the Nutanix portfolio. Yeah, the NETZL technology is unique in many different ways. And we actually see a lot of different applications for it. The core product that they have today, the way they do performance monitoring by staying just on the network, not installing any host agents, it's pretty unusual. It's something that we really liked about the technology. The fact that they can do this at layer seven can actually look at application data, do deep packet inspection at line speed. It's even more impressive. And they really built out the scale out architecture based on Harjot's research work. We looked at that and we said, hey look, this can be used for performance monitoring, it can be used for application discovery, it can be used for security operations. There's just so many different directions we can take this in. And it's a great team that's built it with a relatively small number of people. We want these guys to be working with us, not as a separate company. And it moved pretty quickly. The acquisition happened quite quickly. We talked a little bit this morning about how we're going to use it for micro segmentation, but there's many other use cases that we see coming down the bike. So Harjot, let's talk a little bit about the enterprise applicability. You know, when you guys looked at it, you mainly looked at containers and the challenges of micro, I'm sorry, not of multi-services and basically 12 factor applications. Yeah. How is that applicable to the typical enterprise which 90% of their applications are modern lifts? Same capability, what capabilities are you bringing to bear for traditional applications? Yeah, it's pretty applicable everywhere because network is a very stable source of truth. Like what remains constant in the legacy as well as in the newer world is your TCP IP stack. And it's a very stable source of truth to tap into. So one of the value proposition that Nexiel had with one of our very like the early enterprise customers that we signed up was helping them migrate from this monolithic architectures to microservices. And their existing tools on the market, if you look at APM tools or even the logging tools were inadequate when taking on this journey. And you can think of Nexiel as a very pervasive solution. I mean, the analogy that I usually give people is like drones versus troops on the ground where Nexiel can quickly set up, provide like a breadth of coverage in any environment whether it's like legacy or microservices you're covered. And then once you find issues in your environment be it security issues or performance issues, you can systematically drill in, either add more instrumentation, tracing, or add policies with micro segmentation. That was the whole idea. So there was a gap in the market for this kind of a tool. So let's talk about integration into Nutanix. One of the, what I'm calling first principles or Nutanix is push button one click easy. Yes. What does the Nexiel application look like in a Nutanix environment to the Nutanix administrator? So let's take the micro segmentation example again, right? So today, if you were to micro segment an existing application, it's pretty hard to know where to begin. Sunil described it as a hairy problem, but we know he likes hair. But what Nexiel does is it takes all the data that's gathering from the network. It gives you all this visibility into how every part of your application is interacting with each other. And you can group it in different ways. So it's not just about VMs talking to VMs. If you have a microservices based application, that's actually a very little value. You really want, which services are talking to which services or even more which service tiers are talking to which service tiers. But gathering all that data, we can actually fully automate the creation of micro segmentation policies for existing applications. So today, what we saw was more of a manual thing. We had set it up previously. It's just that we haven't had enough time to do integration yet. We expect that to become completely automated. Similarly with the remediation stuff, the troubleshooting stuff, we have it integrated in the Nexiel technology with the machine learning things that we have been working on. Once we do that, we can expect a lot more automated insights into your applications, integrated with our alert system, integrated with our metrics and SAP systems. So a lot of work to do, but a lot of potential for this technology, I think. So yeah, so it actually does solve this chicken and egg problem, as Rajiv said, with actually making micro segmentation operational by first discovering these ground field apps and then suggesting policies, right? And all the goodness of Nexiel will be brought onto products like Prism where out of the box, Nexiel can provide visibility and metrics for workloads such as VDI and all the packaged applications and all the MongoDBs and all the stuff that is hosted on top of Nutanix platform and selling it to the same IT ops audience here. Harjot, the space you're playing in is really changing so, so fast. Yes, it is. Talk about micro segmentation and containers and serverless and the like. What at its core will allow your product to be able to stay up with the pace of change? So the core of the product, as I mentioned, I mean, it's network-based. So one of the things you get with that is it's a very stable source of truth. So your languages keep evolving. So if you look at this mind-boggling introduction of open source technologies into enterprise environments which you don't control what languages they are written in and your developers are picking up the latest and greatest tools. So in that world, the core of the technology which is network-based still works the same and that allows us to be really future proof of this thing here. Languages and frameworks change. The network protocols are much more stable. Yeah, to some people's chagrin, the protocols don't change. So let's talk a little bit about products and overlap of products. One of the, I think, confusing points, or it can be confusing, is where Netsil fits in when it comes to calm and overall to Xi. Where's the interaction and overlap or what's the relative? Yeah, so you can think of every workload in the cloud as a OODA loop, observe, orient, decide, and act. Now what calm helps the customer is to act faster. Whereas Netsil comes in and provides the observe and the orient piece. So it's all part of the same workflow. If you're an IT ops person, you need tools to observe and help orient so you can decide faster. And tools like calm and Kubernetes and Fuchsia with one click and with just a few clicks you can make massive changes to your cloud infrastructure. But without observability, you're just flying blind. That's where Netsil comes in. So that's why Rajiv said, as Rajiv said, like it's going to enhance a lot of areas within Nutanix and possibly like even continue selling as a multi-cloud monitoring solution. This is, we'll do brownfield import for micro segmentation. You can imagine that it would be a great, great product for calm as well. Being able to do brownfield import of applications and making them into calm blueprints. Rajiv, you've had some pent up demand from customers for the micro segmentation piece, but give us a little bit. You said there's other applications. What should we be expecting to see from Netsil and the product line? So at CTO, I can talk future. So let me tell you about some stuff on the timeline. One great area for us to explore is around security operations. Since Netsil's already in the network, looking at all traffic, it can easily establish a baseline of which VMs, which containers normally talk to each other, what kind of requests they make. And it's doing this at layer seven, so it can even go and look into what kind of API endpoints are normally called. And once it's baselineed this, detecting variations, detecting violations is going to be relatively simple. So we can alert on security violations, unusual behavior, services making calls to services that shouldn't be making calls to all that kind of stuff. So that's one area for us to explore. We talked about Calm. So Calm can benefit greatly by being able to import brownfield applications into the Calm umbrella, making blueprints out of them. There's integrations with Prism Pro, which will enable the kind of metrics that Netsil is collecting and integrating it to what Prism Pro already does, putting it into one single framework, adding it to capacity planning, adding it to all the Prism Pro features that we have. So there's a lot of stuff we can do. So that's an awful lot of data. Where is this stored and what's the engine behind it? That's a great question actually. Netsil not only innovated in this unique way of collecting, we also innovated a lot in time series databases. So the backend of Netsil is powered by a database called Apache Druid, which is an OLAP time series database. So it can ingest at scale and you can run complex queries in sub-second latency at scale. So it can summarize billions of data points at sub-second latencies. And the third thing that Netsil innovated is in the visualizations. You're talking about like visualizing this complex data that is coming from this modern fast-moving environments. That's another area where Netsil innovated with this maps interface to summarize and build easy to understand visualizations on your complex infrastructure. Now I'm scared that my head would explode, but I would love to get you guys on with Satium and talk through what additional data and when it comes to IoT, machine learning, what additional insights. Quick question. Are you guys working with Satium at all at this point? We've started like, understand the lay of the land. So we're like still getting introduced to a lot of teams. As you guys notice, Nutanix is now growing very rapidly. There's so many areas to like learn about. And we are primarily working with the micro-segmentation team right now. But going forward, you will see Netsil's goodness being brought into other areas at Nutanix. Yeah, Rajiv, one question I have from a software standpoint in general. Where does AI fit into what you're doing with Zion, Khaum, and the others? So for all of them, we're using machine learning fairly extensively today to even do basic things like capacity planning, the what-if modeling that we've been doing. But to go beyond machine learning, if you actually invest in building an AI platform, I feel we can do a lot more in terms of root cause analysis, remediation, troubleshooting of applications, finding performance bottlenecks automatically, essentially really making that invisible infrastructure, mainstream come true. You're closed, you're not quite there yet. Yeah, and it's really about like getting quality data without friction. So you have like AI is now being commoditized in the industry, like all the algorithms are now like mainstream. So the biggest challenge has always been how do you go and capture the data at low friction? That's what Netsil brings on board. Yeah, I'm super excited for the micro-segmentation. Let's talk about what have customers, what has been the customer reaction to Netsil and just the new capability? We see a lot of excitement. It's micro-segmentation's barely been out what a couple of months at this point and already have fairly large customers deploying it out there and a lot of demand for proof of concepts and so on at this point. It was very clear to us from the beginning that when people were looking at other SDN solutions, the number one use case they were using it in the enterprise was for micro-segmentation. So we took that, we made it as simple as we could. True Nutanix fashion, we said okay, let's make micro-segmentation as one click as we can. And it's been gratifying I think to see the initial reaction. In fact, some of the initial feedback we've gotten has been along the lines of this is almost too simple. So one of the challenges that we've had in the enterprise is hyper-cloud. We look at an EC2 instance and you have an internal database and the two communicate that EC2 is ephemeral. We don't know how to handle that. Does NetSeal address that challenge at all? It does, in fact it's been designed for even a faster moving world of containers. I'll give you an example of Kubernetes, I mean similar example. So NetSeal installs as a demon set on Kubernetes. It's pure infrastructure insertion. You're like independently inserting without developers. And as soon as it is installed, it's not just looking at packets. It's also like tapping into Docker socket for metadata. So as soon as containers go up and down, new VMs brought up, it actually pulls the metadata. The container IDs, the service IDs, Kubernetes, pod names, whatnot. And then met is that to the metrics that we are collecting. So that in the UI as you saw in the demo today, you're not slicing and dicing by IP addresses. You're slicing and dicing by the service tags. So your VMs can come and go, containers can come and go. But we are looking at the behavior of this group of cattle. You know the cattle versus pets analogy. The whole idea in the new world is to like create these services as the new pets. And your cattle are familiar. And the whole idea is that NetSeal can discover microservices, discover the boundary of microservices by looking at layer seven behavior. And by smartly grouping things based on the behavior. So we know exactly what a MySQL database and different installations of MySQL look like to be based on the behavior and the query behavior and group them together. So enforcement, is that at the pod level or is that at the container level? So on the enforcement side, NetSeal is mostly on the visibility. So on the micro segmentation side, there is a- Today micro segmentation is for VMs. As we build out our next version of container services, we are looking into building a micro segmentation for Kubernetes as well. And that will be at the pod level. All right. Keith, I'm looking forward to the CTO advisor podcast, digging a little bit more on micro segmentation. Maybe Rajiv and Harjada can stop by sometime. But thank you gentlemen so much for coming. Congratulations on the update. Looking forward to hearing more. Keith and I have a little bit more here left of day one of Nutanix.next 2018. I'm Stu Miniman, Keith Townsend. Thank you for watching theCUBE. Thanks guys.