Today's leading minds talk Cloud with host David Linthicum
Steve Mullaney brings 30 years of marketing, product management, and engineering experience in network infrastructure and security to Aviatrix. Most recently, Steve was the CEO of Nicira Inc., a network virtualization and software-defined networking company, from 2009 until it was acquired in 2012 by VMware for $1.26 billion. Nicira invented the concept of offering software-based services running on top of networking hardware. Mullaney became the senior vice president and general manager of VMware’s Networking and Security business unit following Nicira’s acquisition.
Prior to Nicira, he served as vice president, marketing, and interim CEO for Palo Alto Networks. During his tenure, Mullaney oversaw the company’s invention of the next-generation firewall market category, which helped cement Palo Alto Networks’ reputation as a thought leader and cybersecurity innovator.
Steve also held executive positions at Blue Coat, Force10, Cisco, Growth Networks, ShoreTel, Bay Networks and SynOptics, and began his career as a design engineer at GTE Government Systems. Steve holds a BSEE from University of Rhode Island.
David Linthicum: Hey, guys. Welcome to the GigaOm Voices in Cloud podcast. This is the one place where you will hear from industry thought leaders providing no-nonsense advice on how to succeed with cloud computing, IoT, edge computing, and cognitive computing. I’m David Linthicum, best-selling author, speaker, executive, and B-list geek. Joining me is my special guest, Steve – how do you pronounce your last name, Mullaney?
Steve Mullaney: Mullaney, you got it.
There you go. Awesome. We didn’t do that in the preshow. I always think that sounds too formal. Give us the Steve Mullaney story. How did you [get to] where you are today? I would also love to know how you became CEO. I’ve been CEO a couple of times. It’s always an interesting story how that happens.
I moved out to Silicon Valley in 1985 from Rhode Island. I wanted to go to Silicon Valley. I thought I’d go for a couple years. That was 35 years or so ago. Obviously, I never left.
I went to SynOptics in 1988 as an engineer. I worked on actually, before 10Base2, if you can believe that, LattisNet-U2P it was called. I was an engineer, and I stayed there for ten years through the Wellfleet/SynOptics merger or destruction, whatever you want to call it. Then I did a bunch of startups.
I had become VP of marketing in a bunch of different startups. Then I went to Palo Alto Networks. I was employee number 25 there. I was the first VP of Marketing. Then I became interim CEO. That’s kind of how I became CEO.
They made a change at the CEO position, and the board put me in as an interim. I was interim CEO for six months, and I absolutely loved it. I was always a VP of Marketing that always ran the business. I was not the marcomm [marketing-communications] type looking at colors. I was the guy who my background was engineering product management, marketing. I knew product. I knew the markets.
I always focused on driving the business. I just loved being the CEO, even though it was interim. I said you know what? I’ve been VP of Marketing for a dozen years. I said now is the time to be CEO, but I wasn’t going to be the CEO of some crappy little company that a lot of times the boards give you, which as a first-time CEO they give you what I call that ‘naked in the woods, cold, lost, and eating themselves’ [assignment]. They said you’re probably going to die, but that’s a risk we’re willing to take. Here you go.
I said “screw that.” I wanted to go early. Where do the early companies come from? They come from Stanford: Sun, Cisco, VMware, etc. Every company comes from there. That’s where I connected with Martin Casado, who had started Nicira. That’s what I was looking for was literally nine PhDs and a dog and a big idea.
I decided to leave Palo Alto, which everyone thought I was absolutely nuts [to do] because the company was just taking off, to go to this company that nobody even understood: ‘network virtualization.’ This was ten years ago. What are you doing? I just said this is the way the world is going. I see it. This is happening. Why not us?
We ended up getting bought by VMware for $1.3 billion a few years later. I stayed at VMware for a couple of years. Now NSX is almost a $2 billion run rate at VMware. It completely saved the company. It was a fantastic thing.
Then five years ago I basically semi-retired. I just went on boards and said “That’s it. I’m done.” Nine months ago the world changed, and all these things we’ve been talking about, cloud for the last twelve years for big enterprises where all the money has always been and always will be, big enterprise IT, they now nine months ago on a Tuesday, just like what happened on client-server, they all decided they’re going to move to cloud. I was on the board of Aviatrix, and they were looking for a new CEO to take them to new levels of where they wanted to get to.
I looked and said this is a thousand-foot wave that is ten times bigger than the last wave of mainframe to client-server. I said “I’ve got to go do this.” I’m back in the game as CEO of Aviatrix. That’s kind of long, but that gives you the 35-year history of me.
What does Aviatrix do?
We provide networking and security services for the multi-cloud enterprise. We embrace and extend the constructs of the best underlay the world has ever delivered of the hyperscalers: AWS, Azure, Google, Alibaba, Oracle. All the public cloud infrastructure when you think about it, that’s where networking and security infrastructure is going. It’s going into the public cloud. I need to be able to provide a common set of networking and security services that abstract the way the low-level constructs that those clouds provide. That’s what Aviatrix does.
Got it. What are the key products you guys sell in the marketplace?
Honestly, it’s not products, it’s services. That’s the key thing. In the old world in the client-server world, you sold a box. Here’s my box. It has these ports. These are the features, and you get what you get. We’ve taken more of an Amazon-type model where it’s services.
We’re releasing new features and new services every four to six weeks. Call it software eating the world. Call it software defined. It doesn’t matter what you call it. Basically the velocity that you get when you’re software services that are riding on top of this amazing underlay called the public cloud infrastructure, the velocity at which you can deliver networking and security services is just unbelievable.
You guys are selling services, but your services are a product.
Absolutely. What you would imagine: it’s networking, it’s security, it’s operational services. I need to connect users. They need to be VPN and I need to connect sites into the cloud. I need to interwork VPCs. I need to provide egress filtering out to the internet.
I need to provide security functionality, security groups, micro segmentation, being able to divide things up, who can go where, policy based. I’ve got to be able to do this not just within multiple regions within AWS, but also across VNets in Azure and VPCs in Google. I want to be able to do this in a common, single dashboard. I want someone to provide this orchestration and delivery of these services. That’s what we do.
Let’s talk about the orchestration. I just got done with a huge report I did for GigaOm in terms of multi-cloud complexity and how we’re dealing with different layers of being on top of it. We’re getting into abstraction and automation and the ability to solve issues that way.
How do you guys play into that? What would the reason be that a Global 2000 enterprise CIO would want to pick up the phone and call you guys if he’s moving to two or three public clouds as basically his in-state solution?
The migration and journey that people make – this started literally – I’m talking big enterprise, not early adopters, not the crazy thing that people don’t understand. They think just because AWS is a $30 billion run rate that we’ve crossed a chasm. We have. We just crossed it six months ago. That’s what’s so nuts about this.
I’m talking about IT now, not a DevOps guy, not a cloud ops guy. I’m talking about old IT, the guy that’s been in the industry for 30 years. This is the enterprise computing. It’s now moving into the cloud, even when you’re just in AWS. AWS’ mantra for the last 12 years has been “Go build.” It’s worked wonderfully for them.
For the last 12 years anyone going into the cloud is all about being a builder. It’s about DevOps. It’s about cloud ops. It’s not regular IT. It’s more about ‘I’m building an app. I need to spin this thing up quickly, and boom, I go.’
That mantra of ‘go build’ does not work for the IT team. They go what? Go build? Here’s a screwdriver. Here’s some power tools. They’re like “I’m going to cut my hand off. I need to move into a house that’s fully furnished. I’m not building anything. Somebody has got to build it for me.” Even within AWS, the constructs that AWS gives you are too low level. Also, when you get into the complexities of networking, you very quickly realize it’s architected for the many.
When you’re a big enterprise, you can’t take the low level [service on a promise that] “It’s good for everyone.” I’m United Airlines. It’s not good for me. I have these special needs. When you start peeling the onion back you realize there’s a lot of holes and rough edges and gaps in even what Amazon will deliver. I need to smooth those edges, and I need somebody to orchestrate and manage and provide the operational tools for me even within multiple regions within Amazon.
Then when you get into Azure and Google, customers say maybe I can even figure some things out with Amazon, but the constructs and the tools that Azure and Google have are completely different. Now I’ve got to go learn that language? That’s never going to happen. I want somebody to abstract that away from me because I have not met one enterprise yet who says they’re not going to be in multiple clouds.
They’re not going to be in multiple clouds because they’re going to arbitrage the clouds and they’re going to move the workload; BS. They’re not moving the workloads. That’s never going to happen. Why it’s multiple is because they go “I’ve got some stuff in Azure because I’m using Office 365 and I’ve got credits and it’s good for AI. I’ve got AWS because that’s where my DevOps guy started, and that’s where the app guys went. Then I’ve got Google for this. I’ve got Oracle because I’ve got some old apps that use Oracle databases.”
They put the apps where it just seems to make sense. Before you know it, you’ve got three or four clouds. There’s no way they want to handle all the abstractions and low level details across all of those.
That’s where you guys come in: the ability to remove us from having to deal with complexity, if I’m thinking as a CIO?
It’s all about creating simplicity. You know networking, just lots of respect for Cisco as a company and what they were able to do in the old client-server computing model. They dominated. It took them 12 years to dominate, but they dominated. Everybody knows that.
Their business philosophy was to create complexity and then be the only one to solve it. I don’t know if that was their stated philosophy, but they certainly didn’t try to get around that. It benefited them. If I make it really complex, we’re the only ones who are smart enough to actually be able to get a handle on it. You need to go with us end to end.
I think in the cloud model what we’re doing is actually trying to create simplicity. Networking is complex. Security is complex. Creating simplicity is the way to go as opposed to managing the complexity. That’s what we try to do. That tends to be the cloud model in general. If I can hide a lot of that complexity and create simplicity, it’s going to allow people to focus on other aspects of the job they need to work on.
You’re preaching to the choir. In fact, we developed a new TLA (or three letter acronym): cloud complexity management, the ability to create security abstractions and automation and orchestration. That kind of removes us from some of the native features that are out there. That’s related to the report I just released on GigaOm, looking at that as some sort of key enabling technology for people to get right in order for them to kind of get by what I call the ‘chapter two’ or second generation of cloud based systems. Most of these things are going to be become so complex, we have so much operational complexity that we’ve just been able to get the ROI back from the systems we’re migrating and in many cases, we’re going to be at a negative value. We don’t pay attention to this currently.
When do you get engaged? This is always a key thing for me. You’ve got enterprises that are going to move to the cloud and move some stuff to the cloud. We just moved stuff to the cloud. Now we’re going to move more systems to the cloud. Now we’re going to move all our systems to the cloud. What part do you typically get engaged with the enterprises? Not when you should be engaged, but when you’re actually being called in.
It’s changed. I would say before the big event, which literally was like – I don’t know if you remember the 1992 timeframe. Think back to when we were going from mainframe to client-server. (I was there.) It was treated as a toy. It was for print sharing and work groups. It was not real computing. PCs, give me a break. Servers, are you kidding me? That’s not mission critical ‘five nines’ (99.999%). . That’s IBM S&A. They were ridiculed.
Then there was a turning point in 1992 or somewhere around that time where all of a sudden IP was the only protocol that mattered. It was just overnight and all of a sudden every enterprise said they’re going to a PC client-server architecture.
It built the whole industry. We effectively from infrastructure have architected around it for the last 30 years. I saw that same thing happen nine months ago. Before nine months ago, it was very different. It was very much “Hey, I’m a DevOps guy. I’ve got this app I’ve gotta spin up.” It was very tactical and non strategic.
Post nine months ago, we’re just getting inundated with enterprise. The way enterprises move, they move like a herd. There are 100 million buffalo all running this way now. They wait. Jeffrey Moore is crossing the chasm. When it happens, look out. They’re all moving.
What’s happening now is they all go – it’s just like if you were going to build a city. Now we’re going to go build a city. What would you do? You would put in basic infrastructure first. Guess what? Networking and security is basic infrastructure.
Before the enterprises even put their apps and their users in, I’ve got to build out. I’ve got to get power, electricity, gas, roads. I’ve got to get basic infrastructure. Networking and security is basic infrastructure. I’ve got to lay all that out before I start bringing the people into the city, if you want to architect it correctly.
What I’ve noticed is: it’s all about architecture. Every IT guy knows poor architecture means your life is horrible forever. Great architecture, your life is pretty good. They’re architecting their infrastructure now. That’s why we get brought in very early.
What I’ve noticed is every single title of the people I’m talking to is all IT. It’s the guys I worked with 30 years ago at SynOptics. This is IT guys, and we are building out the infrastructure in this new area leveraging cloud. One of the things I think we pitched to you was the theme of “The data center is dead. Long live the data center.” The on prem data center is dead. It is over, done, put a fork in it.
That is an expense area for every enterprise. They are getting out of that, but long live the data center. They’re building out their infrastructure now. It just happens to be running on the public cloud infrastructure as opposed to their own private infrastructure. All the things they cared about, compliance, security, policy, operations, and all those things, they still care about.
Architecture matters. It’s just slightly different. That’s the change I see for us is we’re getting pulled in because we are basic infrastructure. We’re getting pulled in early, and it’s right now.
What do you think you guys are going to be working on in two years, the same problems you’re solving now, or is it going to be another set of issues that you guys are going to have to address?
I think in two years the game is going to be over in the sense that Aviatrix will be – right now there’s only one reason people aren’t using Aviatrix. They never heard about us. In two years everyone will have heard about us, and the game will be over. They will all be using us. That’s the thing also in cloud. It took Cisco 12 years to be dominant.
It’s going to take us two – because the speed at which things happen in the cloud is just like zero friction. I think the things that we’ll be working on – this is the next 20, 30 years, probably more – this is the last big wave of IT transformation that I will ever see in my lifetime. It’s not going to happen. I think what we’ll be working on, it never ends.
Look at Cisco in the last model. Did they ever stop working on things? No, they kept working on things for 30 years. We’ll have things we’ll work on for 30 years. I think going forward there will be a tremendous amount on the operational side: visibility, the manageability, debuggability. People say what happens if something goes wrong? Don’t worry about it. It won’t go wrong.
You can’t say that to an IT guy. He knows. Don’t worry about it. You don’t need to know what’s going on under here. No, I do because when it breaks, I’m going to get fired.
I need visibility tools. I need monitoring tools. I need all those kinds of things. I think because of where we sit as effectively the central global controller of your forwarding of your traffic, there’s a lot of insight that we can have that we can leverage into optimization for cost, optimization for security, optimization for performance, and so forth, as well as optimization for troubleshooting and things like that. I think that will be a long tail of features and functionality that we will be working on for a long time.
Where can we find more about Aviatrix on the web?
Aviatrix.com, of course, is probably a good place to start. That’s the other beautiful thing about what happens right now. When you think about client-server, okay, I’m interested. What do I need to do? I’ve got to call somebody. I’ve got to get a hold of the box. I’ve got to ship it out there. I’ve got to do a POC. It’s exhausting. It takes you years.
Guess what’s great about this? Get an account in AWS, which everybody has, and spin it up. Do your own POC. We’re getting hundreds of people doing this we don’t even contact. They come up and try it, and they put up a couple of use cases. Let me spin up some gateway. Before you know it, for $50 a month you can do a POC, and we’re not even involved. You can go to the web, but I would say more importantly, go to AWS Marketplace and spin it up and try it out. That’s what a lot of our customers do. Once you start doing that, then you’re like “my God. This is exactly what I need.”
You just start using it. What we notice is all of a sudden you’re spending $500 a month. Then all of a sudden it’s $1,000, then it’s $2,000, then it’s $5,000, then it’s $20,000. Where did this customer come from? I don’t know. Never heard of them. They did it all themselves. That’s the power of cloud.
I couldn’t have said it better myself, so go out there and give it a try. It’s pretty much almost free. You were able to access resources that were unheard of just a few years ago.
Please pick up a copy of my book, Cloud Computing and SOA Convergence available on Amazon and other places books are sold. Also make sure to follow me on Twitter @DavidLinthicum, as well as LinkedIn where I have several cloud computing courses on LinkedIn Learning. Steve, where can we find you on the web, your personal stuff?
I don’t really do a lot of stuff. I would just say on LinkedIn is probably the best way to connect with me.
Check out Steve and add him as a contact. I think it’s a good idea ultimately where his organization is heading. We should arm ourselves with as much technology understanding as we can as we’re preparing to go do battle with cloud complexity. So, until next time, best of luck in building your cloud computing solutions. We’ll talk to you guys really soon. Take care.