Cloudflare Strategic Partners Panel Episode 1: Megaport
Presented by: Steven Pack, Tom Paseka, Matt Simpson, Misha Cetrone
Originally aired on March 11, 2021 @ 12:30 AM - 1:00 AM EST
Steven, Tom, Matt and Misha go deep on Cloudflare / Megaport partnership and Megaport's view on the direction of the industry.
English
Transcript (Beta)
Hello everybody. Welcome to Cloudflare TV. This episode is Cloudflare Strategic Partners Panel Episode 1, where we interview Megaport.
So I'm joined here today by Misha Cetrone.
Misha, say hello. Hey guys. Steve said Misha Cetrone. I look after our technical alignment here at Megaport for all of our cloud service providers globally.
So super excited to be a part of this episode. Cool. Thank you Misha.
And my name's Steve Pack. I'm the solution engineer for the strategic partnerships team at Cloudflare and this sort of Cloudflare interconnect partner program is my baby.
And so I'm very excited to bring it to y'all and to chat with Misha about it.
And so let's get into doing that. Misha, you introduced yourself, but it'd be great if you could introduce Megaport to the Cloudflare TV audience.
Yeah, absolutely. So I'll take a step back and hit rewind and tell you a little bit about how we got to where we are today and for anybody that's new to Megaport.
So we were founded back in 2013. We've been around the blog for a decade and surprisingly our relationship with Cloudflare almost has been the entire time since we were founded.
So we started building out our own network, purpose built in Asia Pacific, moved into North America as well as Europe.
And it was really to solve the need for on-demand interconnection, which at the time was very, very new to the industry.
And when I speak to industry, I'm talking about telecommunications, kind of flipping the traditional way of private line access on its head, where if I'm a business and depending if I'm wearing the IT hat, or if I'm an architect or a CIO or CTO, and I'm thinking about what I want to do with my IT and my spend for operations, I'm considering the infrastructure that's in the data center where I may have a physical co-location presence and what services I have that I can get access to, to run my business for today and tomorrow.
And so what we've tried to do is solve for the availability to strip away unnecessary lead times as a pain point, and then remove the traditional approach to just a single service where you can get access to one to many different types of things over a single network platform.
And then on top of that, having that flexibility and control to use it as you need to over one single network.
And so we took this network and we put it into hundreds of different data centers over the years.
And so now you can reach us within 23 countries, 700 enabled locations and get access to a lot of these household names as it relates to public clouds here on the far right on the screen.
And we're so excited to add Cloudflare into the mix. They've been predominantly with us on what we call our Internet exchanges.
And that's been for a good bit of larger network service providers, Internet service providers, and content data networks.
They've been established to kind of share traffic and commingle under one community.
And that's perfectly great for service providers, but now bringing and moving into small to mid and large scale enterprises, the means to be able to access all these new security as a service features with Cloudflare on our network is such a great new opportunity for us.
So super excited about that, Steve.
Totally. So like looking at this diagram, I know this is one way that like Megaport sort of describes itself because there's a lot, you know, obviously you just covered a lot there and there's a lot to take in.
So, you know, you said we've partnered for a while, right?
And that was in the Internet exchange sort of area.
So, you know, that's, you know, like our networks exchanging traffic, right?
Like that, you know, a lot of traffic passes through Cloudflare, a lot passes through Megaport, a lot passes through other CDNs.
And so, you know, for those, you know, folks out there sort of new to Internet exchanges, like there's a lot of times where networks will interconnect in these places because there's no point having a third party, right?
We both have equipment sitting there in the same place and, you know, might as well connect.
And, you know, we've peered, as you said, with Megaport for a long time, but this is different, right?
Like here, like this is a different type of partnership where we're actually not just interested in, you know, networks exchanging traffic for performance or for, you know, cost reasons, but like it's more of an access thing.
So like how would you contrast those two things?
Yeah, definitely. So, you know, if we could step back thinking about if you're a business and you have equipment in a facility and you're trying to get to a destination such as Cloudflare, you now have the means to be able to do that with these new enabled ports.
And that is separate from Internet service providers or content data networks or ISPs who would be traditionally using our same network, but then peering and participating over this thing called an IX, these Internet exchanges.
Okay. And so when I look at this diagram, right, and I actually have another version of this slide that instead of, say, having a customer data center connecting to Megaport and then, you know, this connection on the right connecting to all the clouds, the other version of this is like lots of lines, right?
One going from the customer data center to AWS, one to Salesforce, one to Cloudflare, one to Google.
And, you know, each one of those would have to be like a minimum of a gig, like you'd be paying like on-ramp costs, all of those.
Whereas in this one, it's like one connection from the customer to Megaport and then you have all the connections to those cloud providers.
Yeah.
And which was, you know, before I got into this space, that was new to me as well.
But, you know, I think that that's, we'll probably, you know, circle back to this a little as well.
But the thing that strikes me too, when I see this mission is, you know, like SDN is such a buzzword, right, in the industry.
And it's like, you know, you look up SDN or look up like SDN providers and you can read endless things about WAN optimization and like this and that.
And like the actual use cases aren't super obvious.
Like I think when you come at it from a real definition point of view, and even read an interesting one the other day, which made a good example, which was, okay, like before software -defined networks, the only way to extend a network was to lay cable, right?
Like that's what a network is. Like you'll plug in devices.
As soon as you even have the concept of a VLAN, right, that's a software-defined network.
You've got like hardware devices plugged in. And if you're going to segment them in some way, and you're using software rather than cabling to do that, like in a way we've had software-defined networks forever.
But like, I feel like, you know, now there's so many applications of it that you really have to sort of define what you're talking about.
And this to me is the sort of, sort of more ultimate, you know, embodiment of SDN, right?
Like where, you know, once you're plugged in, you can literally say, hey, I want a new connection to Cloudflare in this location at this speed, like go.
Yeah, totally. I think, I mean, you nailed it.
I think you can step back and go. A single VLAN, fundamentally a logical VLAN on a box, on a switch, is essentially doing that type of technology.
And now we've been able to move that in programming through web portals and having front-end user interface.
So taking away the complication and making it super simple for a business to go, oh, I can plug in a VLAN number and specify that depending on the department or what type of service I'm trying to use it for, what kind of workload.
And I can load that into a portal. And then I can spin that up to a destination of my choice, like on the far right.
And this is a handful of the different locations.
And move that data, move that traffic to anywhere on this entire global footprint on this network.
So I look at that and that is super disruptive.
And I think that the technology around software-defined networking and some of the latest and greatest next-gen network hardware, you know, service providers such as Megaport and even Cloudflare are looking at that and going, how do we stay nimble and find opportunities to make this super easy for the end user, right?
To where they don't have to own all of this hardware and they can be more on these cloud consumption -based models.
And I think that's where we're at today and the future state of where the industry and the market's going is alleviating the pain for a business to have to buy and manage and license out all this gear and let them focus on what they do really well, run their operations for their company.
I'm going to ask you about that. I want to dig in there because that's the catchphrase that's always, OpEx versus CapEx, right?
Now, I think it's easy to conceptualize the way you just said, right?
Like you're either buying boxes and you own it and you depreciate it or you rent the service in some way.
But why is that better? Why is it fundamentally an innovation to do this sort of OpEx over CapEx model?
Yeah, I think the first knee-jerk reaction to me on that is and why that's an innovation is choice.
It's not saying that one size fits all. It's basically saying you're giving a business the choice to go hybrid.
Maybe they have some kind of private cloud or homegrown app within some infrastructure that now needs to leverage some latest and greatest services that are hosted in a public cloud or to mitigate certain things that are public facing over the Internet that Cloudflare can then inject that traffic and look at.
And so I think that being able to choose is where we're at in the multi-cloud services.
And I mean, there's dozens of different analysts that are out predicting new quarterly and yearly annual reports on these trends and they all have an uptick to it.
Yeah. Do you know, and this is like, so I'm not an expert in this.
Do you know, like from an accounting and reporting point of view, like why OpEx over CapEx is such a benefit to large organizations?
Well, I also think it's going to, I mean, it's hard to just say it's got to be, it's this one way you've got to think about what is the workload, what is the application, right?
And I'll break that down in a couple of buckets.
It's an easier conversation to have when you're doing development and tests, right?
So when you're thinking about those kinds of workloads, it doesn't make sense to a lot of businesses to build that on hardware that they got to own and manage and pay for, right?
And that's an easier conversation to have.
And then when they're ready to put that into production, they can decide on how much of that application, that workload is either going to be, whether they want to consider it on premise or in a co-located environment, or in a public cloud or running in tandem.
So it's really going to depend on the use case, but there's suites of different services that are now either native or proprietary in public clouds, or the licensing is moving into public clouds where we're deprecating it anyways.
ERP suites, different types of licensing or SAP and so on.
So in that example, it's like if I'm building some service and I know that I'm going to host it privately and I'm going to need like five boxes, although being Cloudflare, we're trying to displace all of those boxes, but say you're going to have five boxes and you're like, okay, I know that's what I'm going to need for my production workload and I'm going to use that at full capacity.
So that capital expenditure is going to be well utilized.
But if I need a test environment as well, and I'm not prepared to use my production hardware, if I'm going to go buy all those five boxes, I might only put like 1% of workload through them.
So that's truly wasted capital in the truest sense of the word. And so that part, you might say, all right, well, let me convert that to an OPEX model and get the same services virtually, only provision what I need.
And then like, so in that case, in the test case, it might make sense in the production sense, it might not.
And that's why you're talking about choice, right? Yeah. And another flavor just throughout there, there's lots of use cases, but as soon as you start thinking about business continuity in DR, disaster recovery, you want to pay for all that upfront, or do you want to have a backup plan or stay flexible enough that, you know, I don't think any of us could predict this pandemic.
So having the means to be able to scale for remote workforce, I mean, we can peel this back some in different ways, but I definitely stay on topic.
But that is driven by having the choice and that flexibility is also having environments that you can get access to very quickly that are more on a consumption based OPEX driven model than forking up all this money upfront.
And I think that is the beauty of cloud and as a service and allowing a business to thrive and stay competitive and innovate for sure.
Okay, cool. That's, I think that's helpful. Like the sort of specifics I think are what helps understand these things.
Okay. Did you want to say anything about this slide here?
Yeah. Yeah. I'll touch on this pretty quickly. So this just shows everyone high level, you not only can tap into Cloudflare within a specific Metro, but let's say that you're an organization that is in more than one region, more one market.
You may be in multiple countries. The beauty of having a global reach that is a private network that has all the folks, all the access to these major destinations allows you to pick and choose ones that are closest to you.
So, if I'm a business, I can think about, well, if I can meet Megaport at one of these 700 enabled locations as one example, then I'm not so concerned about being in the same building as Cloudflare if they're within the same Metro market to me in that proximity.
And then if I need to get- Let me clarify that. Let me clarify that.
So customers can connect directly to Cloudflare without being in the same data center, as long as they're in the same Metro over the Megaport network.
Yeah, absolutely. That's just one example. So that data center independence of having to be in the same building, once you're on Megaport by connecting to us in a facility, you then have the hooks, the access to spin up virtual connections, all private to any of the Cloudflare destinations that we have on our network.
And we're starting out with 14 around the globe.
And it's the same fashion with any of our public clouds.
So we find that pretty special and a great story to be able to pick and choose based off of where you need to get access into the edge with Cloudflare, for example.
And it's probably worth noting those initial, those locations you referred to, that's what we, together, before we partnered, and we'll talk about the partnership in a moment, but that's where we identified most customer demand was that we knew about today.
But for anyone who's watching, who's desperate to connect to us in a metro that's not in the initial launch locations, we should talk.
Yeah, we should talk. We'd love to know where everyone wants to connect from, what markets.
Yeah. Cool. Okay. So that's a really good intro to Megaport and a little bit of software -defined networking and how this industry network, what do you call it, network as a service or network?
Yeah, we're fundamentally, that's exactly what we are.
We're a network as a service. Everything that you can spin up and connect to, you can use for as little, as long as you want, and you can right size capacity.
It's all private. It doesn't touch the public Internet.
And I think if there's any motivation around being concerned with security, which is a big driver for Cloudflare, then this is going to be very complimentary to that.
And the other core driver to this above and beyond physical is if a business moves into a public cloud from a data center, or they just so happen to be born in a public cloud, they can spin up layer three router appliances on our private network.
And so they don't even have to think about owning and managing hardware licenses.
They can go from, let's say an Amazon and privately connect into Cloudflare, which is a whole another amazing use case.
So that's all we do.
We're just networking activity and providing it to you in a way that's pretty disruptive and new for you to be able to use it for today and tomorrow.
Yeah. We might come back to the megaport cloud router is what you're referring to there.
Cool.
So we talked about that we were already partnering in terms of Google appearing, and then we launched this new partnership.
So it's probably helpful to get some context about why.
I think it was us that initiated this conversation. And so I think it's helpful to understand the reasons.
And so for folks who haven't heard of Magic Transit, it's Cloudflare's distributed DDoS solution.
And it's an interesting one because we've been well known for a very long time for CDN and for DDoS protection.
But when we say DDoS protection, that always meant layer seven. That meant keeping websites, keeping HTTP sites online.
And over time, an interesting thing happened is that we had, actually, I'll bring up a slide here.
We famously have in the order of 200 cities around the world where we're present.
And of course, we have to protect ourselves.
We can't protect our customers infrastructure if we're not protecting ourselves.
And so we used to be in a situation where we had all of these smarts to protect our network at layer three to make sure that we would stay protected.
But then it was like a separate set of infrastructure and code and tools that would protect our customers' websites at layer seven.
And as often happens at Cloudflare, and this is one of the interesting things working here, it was basically a customer saying, hey, if you're protecting your own data centers, protect mine.
I also have IP space that I want to protect it.
I don't just want you to protect layer seven. And it was a light bulb went off in a product manager's head and the net team, the product team, the engineering team, the SRE team, all going.
And this was a bit over two years ago now. And that's how Magic Transit was born.
And so this is the basic architecture of Magic Transit, and it's helpful to understand it before you can understand why we wanted to partner with Megaport.
And so at the highest level, the way Magic Transit works is we take a customer's IP space and instead of them broadcasting it to the Internet over BGP and attracting the traffic, Cloudflare announces that.
And what that means is because we run this huge global anti-cast network, 200 cities, when an end user wants to connect to one of these resources that the customer is advertising, they hit their nearest Cloudflare pop.
And we can then apply all of our smarts and 10 years plus of stopping, recognizing, and mitigating attacks.
And we can do that on the edge, scrub the traffic. And another benefit of Cloudflare, anyone who hears us talk in these sort of forums probably heard this before, but every service runs in every one of those 200 cities.
So we scrub the data in close to the eyeball, and we don't backhaul it to some faraway destination and add lots of latency.
We do it right there, close to the eyeball, and then we send it to the customer, only the cleaned legitimate traffic.
And this is good. We signed up the first product, it started to grow, and as the product gained adoption, and as Cloudflare, just in our corporate journey, continued to go up and up market, which is a really big trend for us, anyone who saw the earnings call, large customers, which we define as over $100 ,000 a year spend, are our biggest area of growth.
And those customers have very different needs. And so all of a sudden, whilst this product, which was super successful and super innovative, it hit this brick wall where there were a number of customers who said, for you to deliver the traffic from your edge after it's cleaned, to me, that can't go over the public Internet.
That's either got to be a physical cross-connect. And that's initially what we went to.
We're like, okay, cool. We'll just make sure that we can interconnect physically in any of the data centers that we're co-located.
And of course, we weren't always co-located in the same data center.
And then it was like, okay, we'll order a connection from your local telco and meet us somewhere.
And that became another barrier.
And we started to hear things like, are you guys on Megaport?
It's like, huh, Megaport? We know Megaport. We already have a partnership with Megaport.
And so basically, we really wanted to give our customers as many options as possible to interconnect with us.
And whilst Magic Transit isn't the only use case, and we'll talk a little bit about the others, it was certainly one of the big ones where we were able to say, okay, you're already on the Megaport network.
Great. We'll connect into Megaport. And then you can just, in the way you described so well earlier, Michelle, go onto a dashboard, provision a connection, and no forms to your local telco and three-month lead times to get a connection to come up.
And that's really sort of the background that started the conversation.
I'll just give you, I'll just stop there for a second, Michelle, before I jump into the other use cases.
Yeah. No, I think that's a great way to position and just show the evolution of, I think everybody probably that's watching can attest to that.
I think we've seen a few times the response from hitting Cloudflare and making sure that it's legitimate traffic hitting some kind of web application.
But I think all that traffic that needs to head back to a specific enterprise, this makes sense, right?
These higher rated traffic flows, it needs to be consistently secure at leaving Cloudflare.
This is a great way to do it. And what better way to do it than already having that connectivity between our networks?
Yeah, that's a good point.
It was like we already sort of had that established relationship, which made things easier as well.
Yeah. Cool. So a couple of other, like I'll just point out, even though Magic Transit was fundamental to sort of driving the early partnership discussions, as I said, we became famous over 10 years as a CDN and we're one of the largest CDNs out there.
And there are plenty of our CDN customers that want to not just protect their origin and lock it down, but ideally not even have it routable on the public Internet, right?
And so that's another benefit of connecting to Cloudflare with the CNI, the Cloudflare Network Interconnect, either physically or over Megaport.
We're able to sort of do private origin pools.
That'll be faster. That'll be more reliable. That'll be more secure. And that's another one.
And I'll just mention, I don't want to go too deep down this rabbit hole, but Cloudflare has a suite of products called Teams as well.
Like a lot of the things we've been discussing today are about protecting infrastructure, right?
Like applications, services, but increasingly, and particularly in the COVID world, we need to protect employees.
And our existing customers often come to us and say, okay, you protect our infrastructure.
Like how do you protect our employees?
And we have a number of products in that space. One of them is the secure web gateway where we're able to filter outgoing traffic.
And again, that's one that you still are calling your local telco to get a connection out to the Internet and then eventually to Cloudflare.
And that's another area where I think we're going to see a lot of demand for this where it's like, okay, like if I'm really wanting to secure this traffic, then ideally I don't want it going over the Internet.
And that's something where I think, you and I as solution engineers and solution architects will have some things to figure out there, Misha, on how to get all that to work.
Yeah. And especially with so many people working remote now, I can see that as being a massive benefit, especially tying them back into a head office or a data center.
Yeah. Yeah. Very much so. Yeah.
And on the content data network side too, you guys treat that very similar to the magic of transit where you're not having to ride your backbone to be able to scrub that, right?
You have scrubbers dispersed everywhere in your environment and the same thing with your content data network.
So people are going to be tapping into any kind of origin pools.
They're able to keep that and get that CDN data that's closer to them.
It doesn't have to ride across the entire network. Yeah. That's actually, yeah, I won't go into the depths of Cloudflare CDN, but there's a, yeah, there's actually a cool product there called the tiered caching where we can actually pull from the local, the closest Cloudflare pop instead of pulling from your origin if it's not stale and take some load off the origin, which for some of our largest CDN customers, if they purge a whole load of assets, you can imagine they're very thankful that we don't send the thundering herd of 200 Cloudflare pops to their origin service.
Yeah. Cool. So we've got about three minutes, so let's quickly check that.
So we've, we sort of, I think we wrapped this up.
We talked about magic transit. We talked about CDN. We talked about teams. Let's practically make sure folks know where to go.
So tell us like Misha, from a Megaport point of view, if you've got a Megaport customer, they want to know more about this or more about Cloudflare, what do they do?
Yeah, absolutely. If you're an existing Megaport customer, just reach out to your account team.
They will kind of profile and try to understand what services you're trying to get access to as it relates to the new network interconnects with Cloudflare.
And then we'll reach out to the interconnection team.
So that way we want to do that as a prerequisite to be able to get you a VXC and then those VXCs can get spun up in minutes.
The cool thing is, is we have a really great landing page now that's on that, that that bolded point that says go to megaport.com services, Cloudflare network interconnect.
Go there for more information. And then last but not least, if you're new, then you can absolutely go to megaport.com slash contact and just contact ourselves from right there and they'll get you paired with an account team and with an essay.
And then we can walk it through and guide you and say, where are you trying to connect from?
What exactly, what services you're trying to get access to within Cloudflare?
And then we'll engage the Cloudflare team. Cool. And yeah, similar for the Cloudflare point, if you're already a Cloudflare customer and you're interested in private network interconnects, contact your current account manager, your CSM or your solution engineer.
For new business, like similar to Megaport, there's just a contact us if you want to go that way.
But equally, there is a dedicated page and that you will get routed to folks who are a bit more on top of the sort of network interconnects.
We've got about 30 seconds, Misha.
So one thing I've noticed, some of the early queries we got were actually like, oh, I want to peer or I want to interconnect.
And it wasn't 100% sort of clear.
So I've been sending folks to the Cloudflare peering portal, which is a way to do that.
Is there a one line summary of how to direct peering versus interconnection?
Yeah. I would think if you're strictly looking for public peering, think about the large size of your network.
What are you trying to access?
Is it magic transit or is it more so that way you can participate with other participants such as Cloudflare on our Internet exchange?
And then Cloudflare is going to have their own recommendations for that.
Makes sense. All right. Let's wrap it up there.
Appreciate your time, Misha. Yeah, absolutely. Loved it.