 Hello, I'm John Furrier with theCUBE. We are here with exciting news around the next evolution in switching. Sonia Jean-Donnie, co-founder and Chief Business Officer of Pensando and David Hughes, Chief Product and Technology Officer of Ruba HPE. Welcome back. We just heard from Antonio Neary and John Chambers about the HPE Ruba partnership with Pensando and the new switching platform. Tell me more about the exciting news you're announcing. Yeah, I'm really excited today to be introducing the CX-10,000 Distributed Services Switch. It's a brand new class of switch. We are bringing together the best of a Ruba's switching technology, adding to our CX portfolio, combining with Pensando's technology, the ace technology embedded in the platform. The problem we're solving is that in the traditional data center, all of those services like firewalling and load balancing are provided by centralized appliances. And while that might be okay for North-South traffic, traffic that's going in and out of the data center, it's not scalable and it's not cost-effective to apply to every service and every port, to every flow traversing that data center. As we all know, with microservices, more and more of the traffic is east-west, over 70% today and growing. And so what we're doing here with the CX-10,000 is giving enterprises a way to take the smart NIC technology that's been proven out by hyperscalers and introduce it into their data centers in a very cost-effective and easy to deploy way. We're embedding that capability in the top of RAC switch so that we can apply firewall services, load balancing services to every port, to every flow, delivering 100 times the scale in terms of ACLs, 10 times of performance in terms of encryption at a third of the cost of those traditional network architectures. So it's a super exciting time. Love the speed, love the energy there. But I got to ask, what makes this a new category of switch? Well, if you take a look at the journey we have been on, as we have evolved our data centers and the applications have evolved for our customers and the world is now a bold new world of multi-cloud. The architectures in the data center which are leaf spine architectures have become the new norm. Software-defined networking is pervasively deployed by our customers. But as this journey began, five or seven or even about 10 years ago and has culminated into a much more mature set of building blocks, we have taken the problem from one space of automating networks in the data center to then introducing lots and lots of expensive appliances to bring about security, for example, or the stateful services whether it's load balancing or whether it's encryption and visibility and telemetry types of services. Now the customers had to trombone all their traffic in and out of these appliances, driving up the cost and the complexity. And when time comes to troubleshoot these environments it's extremely complex because you're trying to rationalize fabrics coming from one place, appliances coming from four or five different vendors, maintaining all the software elements that need to be kept track of. And as more and more customers want to aspire towards the zero trust security model, we need to start to embrace a lot of the principles that have been implemented by the hyperscalers and the cloud vendors, which is doing away with the appliances, doing away with agent technology on servers, but instead to bring that technology for East West into play as well as to ensure that if there are bad actors that are landing inside of the data centers that they do not have the ability to create attack surfaces with complete lateral movement today that is possible. If you look at 70% of all the attacks that have been happening here in the past few years it's as a result of having a attack surface which is pretty large in the data centers. And that gets further complicated when you move towards a multi-cloud environment where the perimeter of the data center is now moving into the edge, whether that edge is where the fleet resides for our customers or whether that edge happens to be a co-location edge where you're building your on-ramp and off-ramps. So I think the compelling event essentially is driven by the whole notion of distribution of services and having them available from a security and from a services point of view and these are stateful services as close to the workloads as you possibly can get them. Sony and Dave, you guys really hit on some key points there. Cloud native, microservices, east-west, north-south, no perimeter, I mean edge. These are topics that we would talk about kind of individually over the years. It's happening now, all at the same time. This is causing a lot of complexities and then the security challenges you just laid out are everywhere. This brings up a big conversation around solving this. How does this new architecture, this solution, solves the complexity and the security challenges in the data center? If you look at the use cases that our customers are talking about, the first, the initial use case really is to bring about security and stateful security for east-west traffic right into their fabric of their data centers. So having the ability to deliver that while eliminating the complex appliances only to do the job which they do very well which is north-south protection of services. That also allows us the ability then to start to deliver visibility and telemetry at the same time that we're delivering stateful security firewall and micro-segmentation services because what I cannot see, I cannot secure. So those two elements are initial use cases out of the box for our customers as we deliver this platform to them. And then as more and more use cases that are becoming evident to us through customer interactions come into play. For example, the co-location edge that I would like David to walk you through a bit more in terms of how we have solved for that use case. Yeah, so for the COLO use case, I think we're moving from a world where people talk about data centers to now talking about centers of data. And those centers of data, yes they can be in a core private data center. They could be in the cloud, but more and more they're going to be distributed around the edge in co-location environments. And what we need to be able to do is extend those services that were provided in the data center to be provided in those COLOs at the edge. And again, we wanna do that without having to deploy a whole rack of appliances that maybe cost more than the computer itself. And so with the CX-10000, we can have that as a top of rack switch for that COLO and from that switch deploy all of the encryption and firewalling services that that COLO requires. And what's important is that we're doing it with the same policy framework under the same management system across the whole enterprise in the data center as well as in these co-location environments and out into the cloud. So you guys mentioned visibility, if you mind a quick follow-up on this question because you mentioned visibility, you can't see it, you can't protect it. But also there's a lot of workloads that people are trying to automate. These are two factors. Can you guys just double down on that? I want to just get that out there because I think this becomes a big thing. I think policy, having the ability to have an intent-based policy that is a foundational technology building block that we have brought together is a very important element. And then when you map it back to tools that Aruba is extending support for, including this platform, become very valuable. So David, why don't you walk us through that? Yeah, I think one of the advantages that we bring is that this is an extension of the Aruba CX switching portfolio. So yeah, it's a cloud-native microservices, very modern switch architecture. And we have a comprehensive management platform, the Aruba Fabric Controller. And so what we are doing is making sure that everything fits together nicely, that we're delivering a complete solution to our customers. But one important thing to mention here is that we are thinking about how customers can do this step by step. So we're not requiring them to rebuild their entire data center. They can do this one rack at a time. We can work with their existing spine and deploy one leaf at a time in a very measured way. And so we think it's a great way for enterprises to be able to consume this modern distributed platform. That's a great segue to the next question. I mean, I totally see this as you guys are talking about the cloud-native trend, driving a cloud operational model to every edge. So the data center is just another edge. It's a center of data, love that line. So I have to kind of ask the operational side of the question, how would an enterprise customers manage all this? Take us through the nuts and bolts of deploying and managing if it's become a customer. That's a very good question. If you take a look at the customer's deployment models and let's take the example of they want to now bring in this technology and build a pod, a highly secure pod with it for East-West and to make sure that they're protecting 100% of that East-West traffic. I think that leveraging all the building blocks that we have innovated between us and Aruba, we want to make sure that the ecosystem that the customer has built, they want whether they have built it with companies like Splunk and ServiceNow or Guardico, that they want integration points will be made available to them. If you take a look at, take a step back and say for these environments, as you aspire to go towards zero trust security, the issues of inserting security appliances into networked flows and having the ability to map it to the knowledge of applications and their dependencies for policy becomes an important function to tackle. So once you accept that, okay, I have stateful security functions built into this type of rack device available for my applications and all workloads, whether they're container workloads, bare metal workloads, virtualized workloads. And I have complete visibility into those workloads without compromising on connectivity. And I can control through enforcement of policy where I need it, because now security is part of the fabric. It's not a bolt-on. Then comes the job of integration with an ecosystem. So whether you're looking at seam and sew companies where we are delivering in close collaboration with Splunk, a Pensando app for Splunk, there's also going to be the availability of an elastic module, a plugin module. Then turn attention towards more automation and DevOps. Ansible playbooks for the CX-10K will be made available day one so that where you do not have the ability to deploy the AFC, you can use your existing Ansible toolkit and we are making those playbooks available to our customers. Day one integration with application discovery, mapping companies like Guardico, allowing them to discover who's talking to whom and push and enforce that policy through the CX-10K will allow for more automated deployments of those policies. And finally compliance, integration with vendors like Toofin for continuous security compliance monitoring becomes extremely important. As the screen depicts, a lot of visualization capabilities with companies like Elk which are in beta today and Ansible and Splunk and Elk will all be targeted at first customer shipment. So again, telemetry visibility with the integration of the ecosystem, it becomes a very powerful combination for the customers as they look to operationalize this for day one, day two, day three automation. That's awesome, Dave. I'd like to weigh in on this whole question of operations because you're hitting all the marks here that are relevant. Cloud-native microservices apps, explosion and data volume and velocity, hyperscale operational cloud operations, performance, price point, security, all in this one solution. This is big. It's not like you mentioned earlier, it's not a rip and replace, but you can roll it out. How do you see a customer best operationalizing this new product? I think the answer is a little bit different for each customer, but you were very careful at the beginning when you introduced this. It's an evolution of switching. It's not a revolution where we have to replace everything. And I think that's really exciting is that it builds on the foundational architecture of leaf and spine. And what we're able to do is let that customer introduce these new capabilities one leaf at a time. So maybe when they're upgrading from 10 gigs to 25 gigs, it's a great time for them to introduce this capability into their data center. And then depending on their application, maybe as Sony said, that they've got one particular application, a crown jewel application. And so they want to build out that in one rack and provide very, very robust East-West as well as North-South security around that application. But there's so many different ways that customers can deploy this technology. And what's really exciting is now as we're beginning to work with our customers learning about these new use cases and then feeding that back into our roadmap. And we all know as you get down lower in the network layer, security is distributed architecture. So everything is paramount like security. Super relevant, great conversation. I got to ask, what's next with this technology? Yeah, well, the teams, the two engineering teams are working together. And this is step one on a really exciting new path. I don't know, Sony, what would you say? I think there's a lot more to come here. This is just a starting point. We have an incredibly strong partnership and go-to-market partnership here with our Uber team. With this platform, it is just the beginning and it will lead our customers onto the multi-cloud journey. And last but not least, I would like to say that, in closing, there are seldom opportunities where you look at disrupting the way things are happening while fitting into customers' existing models. So this is, as I said, with everything being software-defined, you will continue to see as delivering at great velocity more and more software-defined services, whether it's encryption, load balancing, and other stateful services over time, making this technology easier to deploy by fitting into the existing ecosystem and continuing to provide them with the 100x the scale, 10x the performance, as well as the ability to do it at a third of the cost of what they would need to, if they had to build this today with disparate devices. Exciting news in the industry, you guys are the pros. You've seen all the waves of innovation over the years. I guess my final, final question would be, how would you summarize this point in time right now? This is pretty exciting. All of this is all happening at the same time. Customers are having opportunities to innovate. The pandemic has shown a lot of scale and the need for stability and security. This is a special moment. How would you guys weigh in on that? Yeah, you know, I think about it, every decade there's a change in how data centers are built. And so this is the change that's happening this decade, moving to a distributed services switch. You know, the other big mega trend that I see is this move, as I said, from data centers to centers of data and the opportunity for customers to use this technology as they move out to the edge to have distributed compute and colos. What do you think, Sony? I think I couldn't agree more. I think there are so many various technology transitions occurring now, the cloud being the biggest one, the explosion of data and the, you know, the customers making decisions of having a distributed model. And if indeed, two thirds, if not 75% of all data will be processed at the edge over the next few years. This architectures prime for the enterprise to go leverage their best practices of today while they can gradually move their architectures for the future, which is a multi-cloud future. Centers of data, large scale, cloud operations, automation, the speed of innovation has never seen this before. It's exciting time. Sony, thank you for coming on. And David, thanks for chatting about this exciting new announcement. Thank you very much. Thank you. This is the power of and HPE Aruba and Pensando's partnership. I'm John Furrier with theCUBE. Thanks for watching.