Partner Channel Connections: Unlocking the Cloudscape
Presented by: VB Malik, Robert DeWeese
Originally aired on November 7, 2023 @ 4:30 AM - 5:30 AM EST
Unlocking the Cloudscape: Navigating Multi-Cloud Journeys, Scaling Networks as a Service, and Cultivating Transformational Mindsets - Partner Channel Connections Episode 2 with Robert DeWeese, Kyndryl
English
Transcript (Beta)
Hey, everyone. This is VB Malik, your partner solutions architect here at Cloudflare.
Welcome to another yet amazing episode that we are going to record with our partners, Kindle.
We did our first episode with Kindle and this is our next iteration of talking to Kindle about how we are transforming Cloudflare's and Kindle's relationship to bring more and more innovative solutions for our customers.
In this episode, I have the privilege of speaking with Rob DeWeese. He is the director of cloud networking at Kindle.
I have been talking to Rob for quite some time.
He is absolutely a wonderful individual who has been working in the industry, networking space, security industry for quite some time.
He also is the chief architect working with primarily the largest customer base that Kindle supports on a day-to-day.
We are going to talk about some of his unique perspectives on the architectural field of play that he does for the customers.
Our relationship between Cloudflare and Kindle is something that we have gone out and talked to the customers and Rob has been very instrumental in regards to talking about these unique new value propositions that we are bringing for our customers.
Without further ado, I don't want to just keep on talking about, I want to make sure that Rob comes in and you all have this amazing privilege of understanding many of these solutions from Rob itself.
With that, let's bring on Rob and talk more about it.
I hope to do more of these episodes in further with various partners, various GSIs that we often work with at Cloudflare.
If you are interested, just drop a note over here as well that we want to work in regards to having a partner over here.
If you want to come and speak to us as well in one of these episodes, feel free to do that.
Would love to have you on our show. With that, let's bring on Rob.
Thank you. Bye-bye. Awesome.
Hey, Rob. Thanks for coming to the show. How are you doing? Pretty good. It's nice and sunny here today.
Can't complain. Summer's coming to an end, but it's been great.
Awesome. Awesome. Rob, I know we wanted to talk about our collaboration and how Kindrel and Cloudflare has been working in this space from last year or so.
Before we do that, I know a lot of people within our Cloudflare and Kindrel world might know you now, but just for our audience out there, for our customers, maybe do a quick introduction on where you stand today here at Kindrel and what's your charter overall?
Yeah. My name's Robert DeWeese. I am the Director of Cloud Networking at Kindrel, the largest BSI in the world.
I'm also the Chief Architect responsible for our global business delivery support of cloud networking solutions.
What I consider cloud networking really, I combine it into a few different towers.
Tower one is what I'd call the hyperscaler land, L-A-N-D, anything and everything that's in the hyperscaler, any and all features.
Tower two, I'd consider a hyperscaler WAN, how we connect in, whether it's the Internet, ZTNA client, VPN, MPLS, hard connectivity.
Then the other towers basically encompass SAS flows and routing control and logging mechanisms and security.
That's really what cloud networking is to me and how I break it down.
Awesome. Yeah. I guess we all have lived and breathed through the traditional way of we have done networking from so long and how cloud networking has reached to that point where everything has gone into a lot more hyperscaler world and how often we see our customers connect to various different applications out there.
Networking is such a huge starting point in that journey for many of our customers.
We often see that networking becomes that bottleneck in many of those regards because traditionally, many of our customers have consumed these applications sitting in their own data centers and stuff.
But now as things have much more progress into these different data islands that the customers have, whether that be in a colo provider out there or whether that be in a SAS application that they're consuming, how does Kindle take a look at the multitude of these complexities that many of our customers are going through?
Because that journey often we see is not specific to one single cloud provider.
It often lands and breeds into various different other cloud providers that customers consume.
Yeah. The journey has really changed and it has been a journey. Seven years ago when I joined IBM as the lead cloud architect, not network, I came from a hyperscaler background, both AWS and Azure.
And about seven years ago, there's still heavy monolithic changes, heavy lifts and shifts.
Not that those don't occur now, but they're a lot rarer.
So back then it was about educating and helping people understand what cloud is.
And a lot of times clients, you know, treated cloud initially as an HADR strategy.
Okay. And they adopted certain features and technologies that have replacements now in hyperscaler.
And nowadays the Internet has changed a lot.
And with most of the big migrations gone, it's really about re-platforming, up -platforming and skill set, upskilling people to take advantages of new hyperscaler features, simplifying the network.
You can't have the cloud without the network. You can't have any service run without the network.
So generally when we approach clients, it's network first. We have to build up the network.
And with our client base being mostly Fortune 100 companies, it's also about integrating the legacy technologies with the new and helping clients really identify an adoption roadmap for taking on new features and technologies.
Most clients, every client I deal with, they're not Greenfield, right?
They're just not. If you're a small, medium-sized business, it's so much easier.
But, you know, dealing with legacy technology, integrating it to new, making sure it works and then helping the clients have an adoption roadmap for not just dealing with performance and security, but cost savings, knowing that when people join a hyperscaler, multi-cloud or multiple SaaS, they generally sign a two, three-year contract that gives them, say, a 20, 30% discount for consumable services.
So a lot of our projects now are, hey, those discounts have ended and my cloud bill just shot up a dramatic amount.
And I need to bring on this new SaaS.
I need to integrate this new partner and things have become really sticky.
And a lot of classic network designs followed their way into the cloud during the first few waves of migrations.
I feel like we're really in the third wave of cloud migrations now, which is like the replatforming and optimizing.
And this is, you know, the landscape now to me is untangling the complexities, flattening out, integrating in a way that makes the cloud networking modular.
So we can plug and play any technology, allow a customer to integrate a partner, trader, user, you know, whatever, bring their applications or their services as close to the client, which is why I think Cloudflare is the ultimate solution in 2023 right now to enable that vision.
It is the glue that can tie everything together and simplify everything.
Yeah, I mean, that's what I think brought me to Cloudflare as well with the investment that it has done with the backbone that it has in the last 12 plus years.
And that is something of an asset many companies don't have.
And I often see that as customers, you know, try to build upon their businesses, they don't want to spend too much on that infrastructure cost.
They want to leverage of the largest of these providers like Cloudflare and many other hyperscalers as well, because often their business demands something else, something else to make sure that they can often, you know, you know, offload a lot of these costs to these providers.
And that's where many of these migrations are not that easy.
And especially like you were talking about the brownfield migrations, right? That's where the biggest challenge is, because if I'm building today a new startup out there, things are, you know, at my disposal all the time.
You know, I can go and start spinning up new microservices in AWS and Azure and, you know, networking is a, you know, click of a button with new load balancer that I want to spin up and so on and so forth.
But what if I have thousands of these load balancers sitting in different parts of the corders and all, which are doing tremendous number of other application, you know, maneuvering of traffic, how do I take that and, you know, make it into an automated next generation flow where many of these websites cannot have a single downtime, right?
And that's where, you know, we need this kind of a mindset on how do we do that and we can set up for the next decade ahead.
So, yeah, very interesting. Yeah, it's an interesting time.
It really is like the third wave of cloud and cloud networking. Yeah, it's gotten more complicated and also we've never had a greater chance, I feel like, in networking to simplify everything because, you know, I walk into a lot of clients' environments right now, it's like, you know, some service grew in this way, some service grew in that way over 10, 15, 20, 30 years, you know, literally, and it's all tied together through complex VPNs or through, you know, just convoluted, discontiguous systems to make it all work and it prevents their ability to bring on new features and technology.
It locks them into hard contracts with, you know, ISPs, with hyperscalers, with colos, with Red Hat, you know, I have design principles that when I go into a client's environment and I've got this new offering called Fields of Playout, it's basically a cloud networking assessment where I go in and say, hey, here's the four towers of cloud networking, here's my 12 design principles, I'm going to look at your environment and I'm going to measure everything that I see against my design principles and give you an output, a deliverable that gives you a high level and low level diagram on how I would like to see it.
Changes that I think have low, medium, and high impact related to cost, performance, security, and complexity.
The complexity enables the speed to execution, which is what is typically crippling to most clients to run at the speed they need to, you know, mostly dealing with Fortune 100 clients, again, it's, they tend to be crippled by their ability to change, to bring on new services, enable a new application, bring on new traders, partners, whatever.
And this is really the third wave of cloud is having the ability to untangle key pieces and modularize the network, which if we look at like what I consider tower one, hyperscaler land, and tower two, WAN, how we connect in, whether it's Colo, ZTNA client, your ZTNA client, your ability to tie in at, you know, through VPN, GRE, over the Internet, those use cases where we can say, hey, let's disrupt this 3000 site SD WAN refresh, because every seven years, whether it's Juniper, Cisco, or NetPalo, whatever, your devices become end of life, end of support.
Okay. So what that means is people are stuck in this death spiral of, they have to refresh this hardware, it comes with monthly licensing fees and whatnot.
And the same thing goes with the ISPs and your MPLS contracts.
You know, it's, you need that flexibility. Okay. Cloudflares, magic WAN, magic transit, magic firewall, your CPE device enables a lot of the use cases that I have for both site to site connectivity and tying in SaaS applications and remote access with ZTNA that allows me to basically create a band across the middle that I can connect to any hyperscaler, any Colo, any of my sites, or my traders or partners in a multi-tenancy environment.
Okay. The multi -tenancy is key.
And that's one of the biggest differentiators you have is there are NAS providers out there that claim to be multi-tenancy, but, you know, we did our own because we use Cloudflare internally here at Kindrel for our 1,200 plus clients to manage and support them.
We went through a lot of testing to prove that absolutely we can keep things separate.
Absolutely we can go from 16 engineers supporting this in a 24 seven environment down to eight, and we could reduce it even further because we modularized and templatized it.
And we had to tie in a lot over 178 data centers.
We had to tie into IBM Cloud, AWS, Azure, and then allow all these different clients with all their different security requirements, their ability to connect in if they want to through Azure, they want to connect in through your backbone, through the Colo, whatever.
Part of my design principles that I train up our architects, our sales, and our support staff on is the technology that runs everything needs to work regardless of geography, regardless of circuit type, you know, allow the customers to connect in however they want to consume services.
So whether it's both internal to, you know, Kindrel or for the clients that we're designing and implementing new changes to their environment, those principles should always apply.
Okay. And that's part of my network assessment, the fields of play is just kind of showing them the ways.
Now, most clients, they don't, they're not ready to adopt every feature and technology recommendation.
In fact, then so many RFPs where it's like, we try and change the world.
And what I've learned with clients is they want the easiest button to the path of the easiest path to what they need to get to without disruption.
So it's really hard to get a client that's, you know, got a bunch of legacy technologies to adopt a total, like say Cloudflare solution.
Okay. But Cloudflare solution also enables them to say, Hey, 30% of my sites are up for SD -WAN refresh in the next year and a half.
Let's just order a CPE from you guys. We can set up as a secondary network, or we can just use our existing VPN capable device or connect in through remote access.
As we go to an Internet facing model and allows them to adopt this technology and tie it all together and simplify the administration, enable speed execution without CapEx expenditure.
If you don't even have to replace the equipment.
Okay. So that is a huge game changer.
Clients are more willing to adopt these game changing technologies. If there isn't a huge CapEx expenditure up front.
Interesting. Interesting. I, you know, this is not the first time I know for many of our audience, they might be listening for the first time I've heard from you about these, you know, field of play that you now do is that field of play you mentioned or yeah.
Right. And I remember in my past gig, past life as well, I did many of these, you know, engagements where we often go in as consultants, you know, and have our own, you know, magic truth formula where we have these, you know, things, but I wanted to understand from you as you work in different industries, whether that be in healthcare vertical, financial verticals, have you seen many of these fields of play or your, you know, architectural frameworks that you have built, you know, applied differently to different industries, or is that something very generalized?
And how do customers, you know, do any of your customers resist any of that in regards to, no, this is how in our industry it works or something around that?
Well, I do have a reference architecture that I'm using.
Okay. I'm we rebranded it yesterday as kindle modular network KMN.
Okay. And almost every client I've showed this to over the last six months, they love the idea.
For industry focus, there are some differences, healthcare in particular, and yeah, healthcare is one that there's still greenfield deployments out there because regulations that have fallen only two years ago.
Okay. So we're still seeing massive migrations from the healthcare sector.
So that opens up a lot of opportunity to leap and bypass a lot of problems and adopt newer technology.
It's kind of a sweet spot in cloud migration space right now.
Yeah. Okay. But then you've got company, you've got industry verticals like retail and manufacturing, where their prerogative is lowest costs and PCI compliance mostly.
So it's just segmentation and chucking out expensive circuits and SD-WAN and making it not necessarily asset light, but their lowest costs, their businesses are always going to be lowest costs.
When you're looking at the financial and insurance company, the FinServ and the stocks, that's where I've been finding the most successes in the global insurance and banking industry.
We won three deals in the last month in that space for cloud networking.
It's fricking awesome. Okay. They have the money and the willingness to adopt new features at a better pace.
They're conservative, but there's also the classic tie-ins to mainframe and legacy data centers.
But then you've got these companies that have to have global reach to Colombia or to Indonesia and from say the US or Canada or Europe.
And that's where the Cloudflare magic WAN is a major component of these solutions.
And it's kind of what I've been calling the front door of the Internet to a private network.
I feel like Cloudflare is what I'm considering the front door to all services.
It's the glue, it's the enabler that lets you into wherever the resources need to be gathered from, whether it's needs to connect, land your SaaS and the Cloudflare backbone, your hyperscaler, your colo, your data center, all your sites, you tie it all in, CTNA, whatever.
And it gives you access to one flat backbone that you can control in a multi-tenancy environment in a secure manner.
So if you look at like the global insurance and banking industry, absolutely bang on use case for Cloudflare.
Okay. For the magic WAN, magic transit, for the CTNA, it's absolutely perfect because you've got to bring in securely and connect to different trading institutions.
You've got to connect to branch bank locations, offices and whatnot in a very secure manner.
That is such a sweet spot for the Cloudflare solution. If you look at other industry verticals, I guess it depends.
The DoD space, I don't think it's really opened up to the NAS, nor will it be.
Although we are working on an RFP for the DoD space in Israel of all places.
So haven't had much success there, but that's a sticky wicket because it's not just heavily regulated, it's very complicated.
So different use cases generally, I think the use cases of site to site, cloud connectivity, centralizing firewalls, helping people escape the death spiral of hardware, software, refresh cycles, and then bringing the SaaS connectivity maybe out of landing in AWS or Azure or GCP and putting in your backbone where it's lower cost by, so we don't have to hairpin traffic, saves a client two, three times on their networking traffic just for an application like SAP and it gets it more secure and brings it closer to the end consumer.
That's a sweet spot. That's a really sweet spot.
And that really applies those use cases pretty much regardless of industry vertical, whether it's retail, manufacturing, FinServ, et cetera.
Your guys' products map over to most every industry vertical.
I think even SLED, like state, local, like education.
I haven't done a SLED deal in about a year and a half, but there was one I bid on for, it was the state of Wisconsin and it just wasn't developed enough at the time with you guys or this other product F5XC that I was looking into, but it was to connect all the libraries and public schools together and give them a backbone.
Now, it was an incumbent vendor that wrote the RFP, so like an AT&T or Verizon.
And so they wrote in a way where it's had to have circuit monitoring and these other things.
But if you look at the SLED space, I think there's a real good opportunity for a network as a service provider like Cloudflare to come and say, hey, all students, you can just come through the front door of Cloudflare and we'll connect you to the library resources, the private school Dropbox or whatever, control it in a tenancy environment, keep things really clean, the billing really clean, one number to call for support and services, whether that be Kindral or whoever.
I think that could be a huge growth area and one vertical that I haven't been chasing, but I'm starting to realize could be a sweet spot for both of us.
You couldn't have said this at a better time. I was listening to one of the new bill addendum, I think that came in last week, where we have Cloudflare being represented among many of the other hyperscalers at the state and local governments itself, how Cloudflare is basically providing a lot of these services.
Cloudflare does a lot of things, if somebody has been tracking Cloudflare for quite some time in regards to providing for many of these local agencies and things like that.
And I've often last seen is that we are now trying to get into a lot of these sled opportunities in regards to how we can make that effective.
And that's a little bit more in regards to not opportunistic, but looking at, we need to protect the students, because right now, if you look at the most of the education system, how vulnerable these are, from the security standpoint, and from how they want to connect to them, you have your kids, I have my kids go to local schools, and we know what's out there, right?
And that's something I think it's less of, you know, looking at from the commercial standpoint, looking, but also at the same time, we need to protect our kids who are going in this wild, wild world out there.
And, you know, having at disposal of many things that we often don't want them to get exposed to.
So yeah, so the identity before access and security services could really play into it.
In fact, I think I know what you're talking about.
I saw Michelle was speaking at the White House about like, kids education.
And yeah, I think that's a really good, really good. And yeah, I have three kids, you have two kids, right?
Important topic to a lot of us.
Yeah, yeah, absolutely. I wanted to ask you something, Kim, Rob, sorry, which is could be something a little bit controversial, I believe, or something that I often see on the on the Twitter land, or on LinkedIn, or something or the other keeps on popping up with regards to this mindset of what we have seen now, in the last decade or so this hyper indulgence into a lot of the hyperscalers, but then a lot of the largest incumbents we have seen have gone back to the data center world have gone back to the localization of how they're consuming a lot of these, the new age and day applications with regards to the cost constraints, either that they have and things like that.
Now, Kindle, which is now, as we know, the largest GSI has often been working with the latest and greatest of the startups, but also have been working with many of these players who have been established in 100 plus year of the industries that they are in, right?
Yeah.
So what is the mindset that Kindle is going in, right? Because we see that many of the customers often are never getting rid of the mainframes, they are still using the latest and greatest of the financial applications that they are building on the mainframes of the world, right?
And, and, you know, that is still happening in the Roberts, which are sitting on the data centers in their local facilities, and, you know, cranking out the numbers.
So how do you see that transition happening in the next in the next few years ahead?
I think if you look at networking as a whole, it seems to follow like a 12 to 18 year cycle where we go from data center to like, colo to back to like hosted data centers, it seems to be a float bounce in between clouds definitely going to dominate for another five years, there's definitely, you know, lots of reasons why people will bring things back on prem or expand into the colo out coming out of the cloud, regulatory reasons, cost reasons, those are almost always the top two, by the way, someone they've been having, say it's a healthcare company, they've been having an app run, you know, in the cloud for six, eight months, they got an audit and found out, hey, this piece of this can't run in the cloud.
So now they've got to read, they got to go rebuild it back on site.
But hey, they built an AMI image, which you can't convert to an, you know, an ISO to convert back to an image.
So now you got to rebuild this manually or a database type that's specific, which comes again, down to my design principles and my fields of play.
No core feature that should run your environment, not not just networking, compute storage, whatever.
Yeah, should be hyperscaler specific, you need the ability and these are my design principles.
So let's work from my own experience to pivot at any point, you need to be able to move a service, maybe you get a you can get a 30% discount on GCP and just migrate that over GCP from AWS.
Maybe you can use a worker node in Cloudflare, why not you get it, you get a better discount, you guys should be taking advantage of your locked in discounts and move things around.
But in order to do that, you know, or if you get hit by a regulation bug, or something's got to move back on prem or performance just sucks because it's a storage and no one wants to spend some 10 terabyte uploads every day to a database in the cloud on the consumption model, probably keep it on prem and a fixed cost.
So yeah, it's, it's an interesting time, I'm supportive of it, I'm supportive of growing in any which way the network will go organically, and it almost always boils down to cost, okay, regulation hits, it's going to be because it's a financial impact, you don't want to pay a $10,000 a day fine, you know, performance, well, we don't want to pay for that new circuit to make this performance better, the ROI for doing this is not as good, let's move it back on prem.
So lowest cost, okay, that's where Cloudflare in part of our KX solution, you know, how we run the internal network and tools and hosting environment for our 1200 clients, you know, we built this thing.
And this is my reference architecture, my Kindle modular network to route on cost, you know, Cloudflare is the front door of it.
There's also the hyperscaler backbones, there's private MPLS offerings, you know, understanding the predictable flows and how how to send them with the traffic patterns, having options to send them the cheapest path, as long as the performance and security is met, is really the future of things.
And nor you need to design network to be modular to enable that, which is, again, you guys are the glue, you're the front door that makes it ties it all together, because otherwise, it's, it's a huge hardware purchase.
It's a bunch of contracts with ISPs.
And, you know, licensing and other tools and management tools make that all happen, or it's just Cloudflare, click, I can add 500 sites a day, if I was really ambitious.
But, you know, in the time we've been on this podcast, I probably could have added like 1015 sites to your backbone by now and set up some security policies.
And like, that's extremely powerful. Because if you look at the classic way of doing it, say we have Palo Alto or Cisco SD-WAN box, it's like, I got to go log into the box, I got to register with the management box, go licensing portal.
Okay, now I've got to, you know, do 10 other things. I've got to turn on the IP routing license, oh, wrong serial number, blah, blah, you know, now I've got to configure VPN and the VPN alone might just take some time.
It's so easy with you guys, because it's GRE or IPsec with very flexible pre-shared keys and other, you know, policies for ISA camp one and two, like it just, it's the glue again, that can work across industry, vertical security.
So it doesn't really matter.
It's, or in the same amount of time, it could probably add 100 or 200, you know, workers to his ETA client.
You know, the speed execution really matters. And like, it's time is money.
Yeah, no, I completely agree with this. And especially with the day and age of how much networking has bogged down the lands of, you know, developers who have been, you know, shouting that networking is the innovator where they couldn't do that.
I think now it's the time where we empower many of those services from networking standpoint, and at least networking doesn't become the bottleneck, you know, that it has been for the longest time, at least now, these things are at our disposal.
And I think we live in a world where we do have many things that we can do that we often dreamt about, you know, in regards to, Ooh, I still have to go and, you know, go and manually do these things into these different boxes.
And, you know, wait another 15 days of change management criteria to get it done.
So some of that won't change, right? Sometimes like, you've just got to jump through the hoops.
But if you're, if you're working on the third wave of cloud, you know, you're doing yourselves and your clients, or your company a disservice, if you're not trying to clean up those inefficiencies, not just inefficiencies in the routing.
I've got. Yeah, I'll give a use case here.
It's slightly off topic, but it also kind of ties in here. Yeah, we got one of the top, I mean, top retailers in the US and Canada have been working with recently, and they've got hundreds of distribution centers.
And they connect to Azure, and Oracle, and they've got colos and whatnot.
I mean, absolutely huge retailer than many, many locations.
And they have an SD WAN setup, but they static routed everything.
And so they're always in a constant outage. I mean, constant, every day, it's hard to get ahold of the damn account team or help them out, like screaming, Hey, we need help.
I'm like, the only way to fix this is to convert to, you know, as a classic routing problems, service disabler, for sure.
It's like, you've got this classic asset heavy network that isn't even that is, it's not even routed properly.
That's, that's one of the biggest problems, you know, to transform it, we need to go dynamic, obviously, and tie all these sites together.
You know, using a magic WAN would be a killer use case. And, you know, we're working towards that.
And, you know, even, you know, this, this company, you know, in many ways is at the bleeding edges of technology.
And in many ways, they've got these classical, this classical architecture they tried to put in the cloud, you know, and it doesn't work.
It doesn't work. And it's costing them millions of dollars too.
And the problem is they will, you know, a fix is going to be like a $40 million fix in a couple of your engagement, because there's just no way to do anything but go in there and start cutting left and right, get the machete out and start hacking things away and rebuilding it.
So this is why my design principles for the fields of play or whatever, when I come in, I want to avoid that situation for my clients.
Okay, so here's your output of your assessment. Here's the recommendation.
Here's an adoption roadmap for when you can do it. So it's like you're not caught up in that situation where you're just pulling your hair out.
And the actual fix is more downtime than what you've already been experiencing and a lot more money.
Okay. Yeah.
Amazing. Rob, we absolutely love you with regards to everything that we do over here at Loudflare.
And especially the team that I work in, you know, and the and the work that my team is, you know, charter is for the next year ahead.
I think Kindle plays such a huge role in regards to how we are going to help many of the customers that we have often worked with in the past, maybe some new customers as well.
But the kind of the pains and challenges that Kindle understands in regards to how they can go and transform and help these customers in various, you know, usually not often asked, but, you know, something that they have taken always so granted, right.
And that's where I think we need help from your, you know, teams, your teams in regards to helping them in regards to building these modern day architectures, right.
So I just wanted to ask you, you know, before we wrap it up, I mean, this has been a fabulous episode.
I hope that, you know, many of our listeners who are listening to this, you know, get something out of this, hopefully, you know, in regards to many of the use cases that you have talked about or things like that.
You know, I want to touch upon something in regards to the shortage of many of the skill set of the employees that we are seeing, you know, as Cloud Flare, we have grown our company through many of the architectural constraints, but there is always the biggest trouble in regards to finding the right team, the right talent, you know, we have charge GTP at our disposal and things like that.
But there is still a human element that comes in.
I know Kindle is huge in regards to, you know, appreciating the right human talent.
And I wanted to understand you, what's your take on it?
You have been a leadership role now for quite some time, and that's something I believe that's near and dear to your heart.
I think if you could point any and all problems we have in cloud networking right now or in networking in general, whether it's your GSI, you're just an individual contributor, a company, your side of the fence or your product development and service offering, it's lack of talent.
I was interviewing someone yesterday for an Azure position and he had certification.
I don't know how he got to me. It's for a contract role to support someone.
He had no practical experience. I spoke with AWS at their headquarters three months ago, same thing.
We got the cloud networking certification out.
We have been trying to get cloud networking big to our customers for the last year and a half.
We have all these new cloud networking products. We can't get people to take it serious.
Same thing has happened with Azure. When I'm in front of clients, it's education.
I think it's the number one problem going on right now.
There are the classic ways of doing things that have really locked in cost and will have more and more security breaches and problems moving forward, and there's the new way of doing things which require skill sets.
I've interviewed so many people in the past few months that have an Azure networking certification or GCP or whatnot with no practical experience.
Now, I'll take someone, I will absolutely hire someone that has a certification and labbed it up and showed the willingness to do what it took.
But if I find people that just have the certification, it's not like the latest SD-WAN X offering from Cisco.
This is just a fundamentally different way of doing things now.
It's a high paying field.
Earlier in this call, you mentioned Cobol mainframe. There's mainframe jobs out there paying 900K a year right now, guys, if you all want to learn how to do Cobol.
But outside of that, cloud networking is one of the highest paid fields.
There's a lack of talent and it's crippling everyone. I can't find enough people.
We have enough to support a client base, but I always need more.
I think Amazon, Microsoft also said the same thing. They're having trouble getting the messaging out.
The ROI, the financials, the future, it's all based around this.
We need people to pick up the staff, learn cloud networking and push the newer way of doing things or we're going to see more outages.
We're going to see lots of problems.
We're going to see locked in costs. We need talent to develop on its own and we develop talent internally.
We need you all to pick up the staff and learn.
There's a lot of money to be made. There's a lot of problems to be solved.
Please go out and learn cloud networking. Absolutely. Thanks, by the way, Rahul, for sharing a lot of these.
It's not like this thing is something that a lot of people don't know about, but I tell that there is no dearth of right now things that we need in the industry.
Security being one of them, networking is another one.
We often people say we are replaceable or with the things that are coming in this day and age, we don't need to do that.
I'm a big fan of Naval Ravikant and he's one of the- I'm a huge, oh my God.
I love Naval. Yeah. The way he says a lot of these things in the short span of the small deciphers of lines that he has, it's tremendously mind boggling in regards to what he can talk about.
He often talks about to gain that specific knowledge that somebody is going to go and replace you all the time.
Often I say to many of the people that it's not important to go with the newest and greatest and latest of the SD-WAN certifications, but there are certain core skillsets, the curiosity, the things that you really want to be there and learn those things, constantly improve upon yourselves.
These are such core skillsets I feel that in our industry that you need, especially networking.
Things are changing every two years, three years. Those are the things that somebody needs to imbibe themselves because if you are a person like that, it's not easy to replace you because you are always in the constant flux of making sure that you can do that.
I wanted to bring it up. Let's close this. Number one, the Naval Ravikant, they call it the Navalmanac, the book.
It's one of the rare books I've read like three times.
Oh my God. Huge fan. There's one quote by Naval that I really like.
Well, I like a lot of them, but if we can close out on this. Technology is not the only thing that moves the human race forward, but it's the only thing that ever has.
Without technology, we're just monkeys playing in the dirt.
Absolutely. Nobody can say better than him. This whole monkey mindset in regards to the distractions that we have, especially with the proliferation of the things that we do have, this is something that more and more people understand.
I think we'll be a better human race for the next 100 plus years or many generations that we're going to live.
Can't say better than that, but I think this is such a great segue into the culmination.
I'd love to have you, by the way, Rob. I know a lot of people within Kindle, within Cloudflare love to have you come and speak often about these topics because the way you bring the freshness to many of these concepts in a different way altogether, I think, relates to a lot of people.
I hope that I can have you maybe sometime again.
Our collaboration with Cloudflare and Kindle is in a way just starting out.
I think we are going to go and do many, many better ways and bring those technologies, the technologies that Naval talks about or anybody talks about, to many of our customers and change their lives in regards to how they can do things much better, more efficiently, more sanely, if that.
I appreciate the time, too.
I love working with you, too, Bibi. Awesome. Thanks, Rob. Love having you on this one, and I hope to talk to you soon.
Take care. Thank you. Bye. Around the world, there is nothing more integral to businesses and public sector agencies than an Internet that is secure, performant, and reliable.
Join the Cloudflare Partner Network and help us build a better Internet.
Birthday week.
Cloudflare birthday week. Birthday week. Happy birthday. Looking forward to all the announcements to come.
Thank you.
We're betting on the technology for the future, not the technology for the past.
So, having a broad network, having global companies now running at full enterprise scale gives us great comfort.
It's dead clear that no one is innovating in this space as fast as Cloudflare is.
With the help of Cloudflare, we were able to add an extra layer of network security controlled by Allianz, including WAF, DDoS.
Cloudflare uses CDN, and so allows us to keep costs under control and caching and improves speed.
Cloudflare has been an amazing partner in the privacy front. They've been willing to be extremely transparent about the data that they are collecting and why they're using it, and they've also been willing to throw those logs away.
I think one of our favorite features of Cloudflare has been the worker technology.
Our origins can go down, and things will continue to operate perfectly. I think having that kind of a safety net, you know, provided by Cloudflare goes a long ways.
We were able to leverage Cloudflare to save about $250,000 within about a day.
The cost savings across the board is measurable, it's dramatic, and it's something that actually dwarfs the yearly cost of our service with Cloudflare.
It's really amazing to partner with a vendor who's not just providing a great enterprise service, but also helping to move forward the security on the Internet.
One of the things we didn't expect to happen is that the majority of traffic coming into our infrastructure would get faster response times, which is incredible.
Like, Zendesk just got 50% faster for all of these customers around the world because we migrated to Cloudflare.
We chose Cloudflare over other existing technology vendors so we could provide a single standard for our global footprint, ensuring world-class capabilities in bot management and web application firewall to protect our large public-facing digital presence.
We ended up building our own fleet of HAProxy servers, such that we could easily lose one and then it wouldn't have a massive effect.
But it was very hard to manage because we kept adding more and more machines as we grew.
With Cloudflare, we were able to just scrap all of that because Cloudflare now sits in front and does all the work for us.
Cloudflare helped us to improve the customer satisfaction.
It removed the friction with our customer engagement. It's very low maintenance and very cost effective and very easy to deploy and it improves the customer experiences big time.
Cloudflare is amazing. Cloudflare is such a relief. Cloudflare is very easy to use.
It's fast. Cloudflare really plays the first level of defense for us.
Cloudflare has given us peace of mind. They've got our backs. Cloudflare has been fantastic.
I would definitely recommend Cloudflare. Cloudflare is providing an incredible service to the world right now.
Cloudflare has helped save lives through Project Fairshot.
We will forever be grateful for your participation in getting the vaccine to those who need it most in an elegant, efficient, and ethical manner.
Thank you. Q2's customers love our ability to innovate quickly and deliver what was traditionally very static old-school banking applications into more modern technologies and integrations in the marketplace.
Our customers are banks, credit unions, and fintech clients.
We really focus on providing end-to-end solutions for the account holder throughout the course of their financial lives.
Our availability is super important to our customers here at Q2. Even one minute of downtime can have an economic impact, so we specifically chose Cloudflare for their Magic Transit solution because it offered a way for us to displace legacy vendors in the Layer 3 and Layer 4 space, but also extend Layer 7 services to some of our cloud-native products and more traditional infrastructure.
I think one of the things that separates Magic Transit from some of the legacy solutions that we had leveraged in the past is the ability to manage policy from a single place.
What I love about Cloudflare for Q2 is it allows us to get 10 times the coverage as we previously could with legacy technologies.
I think one of the many benefits of Cloudflare is just how quickly the solution allows us to scale and deliver solutions across multiple platforms.
My favorite thing about Cloudflare is that they keep development solutions and products.
They keep providing solutions.
They keep investing in technology. They keep making the Internet safe.
Security has always been looked at as a friction point, but I feel like with Cloudflare, it doesn't need to be.
You can deliver innovation quickly, but also have those innovative solutions be secure.
The About You fashion platform has become the number one fashion platform in Europe in the Generation Y and Z.
It has been tremendously successful because we have built the technology stack from a commerce perspective, then decided to also make it available to leading fashion brands such as Marco Polo, Tom Taylor, The Founded, and many others.
And that's how secure we are. What we see in the market is that the attack vectors are becoming increasingly more scaled, distributed, and complex as a whole.
We decided to bring on Cloudflare to ultimately have the best possible security tech stack in place to protect our brands and retailers.
We use the Cloudflare bot management, rate limiting, and WAF as an extra layer of protection for our customers by tackling the major cyber threats that we see in the market.
DDoS attacks, credential stuffing, and scalping bots.
What we see with a scalping bot here is that they're targeting high -end products and then buying them up within a few seconds.
That leaves the customer dissatisfied. They will turn away, purchase somewhere else the product, and thereby we have lost the customer.
Generally, before it could take maybe up to half an hour for a security engineer to handle DDoS attacks, now we are seeing that Cloudflare could help us to stop that in an automatic way.
Cloudflare helps us to bring the site performance to the best and ultimately, therefore, create even more revenue with our clients.
Cloudflare Access allows you to securely expose your internal applications and services, enforce user access policies, and log per-application activity all without a VPN.
This video will show you how to enable Cloudflare Access, configure an identity provider, build access policies, and enable Access App Launch.
Before enabling Access, you need to create an account and add a domain to Cloudflare.
If you have a Cloudflare account, sign in, navigate to the Access app, and then click Enable Access.
For this demo, Cloudflare Access is already enabled, so let's move on to the next step, configuring an identity provider.
Depending on your subscription plan, Access supports integration with all major identity providers, or IDPs, that support OIDC or SAML.
To configure an IDP, click the Add button in the Login Methods card, then select an identity provider.
For the purposes of this demo, we're going to choose Azure AD.
Follow the provider -specific setup instructions to retrieve the application ID and application secret along with the directory ID.
Toggle support groups to on if you want to give Cloudflare Access to read specific SAML attributes about the users in your tenant of Azure AD.
Enter the required fields, then click Save. If you'd like to test the configuration after saving, click the Test button.
Cloudflare Access policies allow you to protect an entire website or resource by defining specific users or groups to deny, allow, or ignore.
For the purposes of this demo, we're going to create a policy to protect a generic internal resource, resourceonintra.net.
To set up your policy, click Create Access Policy.
Let's call this application InternalWiki.
As you can see here, policies can apply to an entire site, a specific path, apex domain, subdomain, or all subdomains using a wildcard policy.
Session duration determines the length of time an authenticated user can access your application without having to log in again.
This can range from 30 minutes to one month.
Let's choose 24 hours. For the purposes of this demo, let's call the policy Just Me.
You can choose to allow, deny, bypass, or choose non-identity. Non -identity policies enforce authentication flows that don't require an identity provider IDP login, such as service tokens.
You can choose to include users by an email address, emails ending in a certain domain, access groups, which are policies defined within the access app in the Cloudflare dashboard, IP ranges, so you can lock down a resource to a specific location or whitelist a location, or your existing Azure groups.
Large businesses with complex Azure groupings tend to choose this option.
For this demo, let's use an email address. After finalizing the policy parameters, click save.
To test this policy, let's open an incognito window and navigate to the resource, resource on intra.net.
Cloudflare has inserted a login screen that forces me to authenticate.
Let's choose Azure AD, log in with the Microsoft username and password, and click sign in.
After a successful authentication, I'm directed to the resource.
This process works well for an individual resource or application, but what if you have a large number of resources or applications?
That's where Access App Launch comes in handy.
Access App Launch serves as a single dashboard for your users to view and launch their allowed applications.
Our test domain already has Access App Launch enabled, but to enable this feature, click the Create App Launch Portal button, which usually shows here.
In the Edit Access App Launch dialog that appears, select a rule type from the include drop-down list.
You have the option to include the same types of users or groups that you do when creating policies.
You also have the option to exclude or require certain users or groups by clicking these buttons.
After configuring your rule, click Save.
After saving the policy, users can access the App Launch portal at the URL listed on the Access App Launch card.
If you or your users navigate to that portal and authenticate, you'll see every application that you or your user is allowed to view based on the Cloudflare access policies you've configured.
Now, you're ready to get started with Cloudflare Access.
In this demo, you've seen how to configure an identity provider, build access policies, and enable Access App Launch.
To learn more about how Cloudflare can help you protect your users and network, visit teams .Cloudflare.com backslash access.
My name is Sam Ray.
I'm a VP of Product here at Cloudflare. I joined Cloudflare in June of 2018.
In the last five years, I've had an opportunity to work on nearly a dozen different products, from our domain registrar to our access control product.
But today, I spend all of my time thinking about how can we use Cloudflare's network to help teams and enterprises really of any size keep their organization safe and connected.
My favorite part of my role, other than getting to work really closely with customers, is as a product manager and as part of the product team, we have the opportunity to work with teams and team members from across the entire organization, because our job really is asking ourselves, how can we work together as an entire Cloudflare team to help our customers solve more problems every day?
I'm Sam, and this is my life at Cloudflare.
Hi, we're Cloudflare.
We're building one of the world's largest global cloud networks to help make the Internet faster, more secure, and more reliable.
Meet our customer, FindLaw.
FindLaw is a Thomson Reuters company. They're a digital marketing agency for law firms.
Their primary goal is to provide cost-effective marketing solutions for their customers.
My name is Teresa Jurisch. I'm a lead security engineer at Thomson Reuters.
Hello, my name is Jesse Haraldson. I'm a senior architect for FindLaw, a Thomson Reuters business.
So, as the lead security engineer, I get to do anything and everything related to security, which is interesting.
FindLaw's primary challenge was to be able to maintain the scale and volume needed to onboard thousands of customers and their individual websites.
So, the major challenge that led us to using Cloudflare is Google was making some noises around emphasizing SSL sites.
They were going to modify the Chrome browser to mark sites that weren't SSL as non-secure.
We wanted to find a way to, at scale, move 8,500 sites to SSL reasonably quickly.
And doing that to scale up to speed with our operations, it needed to be something that was seamless.
It needed to be something that just happened.
We had tried a few different things previously and it was not going well.
And we tried out Cloudflare and it worked, just kind of out of the gate.
Like us, FindLaw cares about making security and performance a priority, not only for their customers, but for their customers' customers.
Faster web performance means having customers who actually continue to sites.
It means having customers who maintain and go with the sites.
65% of our customers are seeing faster network performance due to Argo, so that's an extremely important thing.
The performance, the accuracy, the speed of that site fronted by Cloudflare is super essential in getting that connection made.
I like the continued innovation and push that Cloudflare brings.
Cloudflare is amazing. Cloudflare is such a relief. With customers like Thomson Reuters, FindLaw, and over 10 million other domains that trust Cloudflare with their security and performance, we're making the Internet fast, secure, and reliable for everyone.
Cloudflare, helping build a better Internet.
Welcome to Birthday Week.
Birthday Week. Cloudflare's Birthday. Happy Anniversary. Happy Birthday Week.
Cloudflare's Birthday. Birthday Celebration. Birthday Week.
Cloudflare Birthday Week. Birthday Week. Happy Birthday. Looking forward to all the announcements to come.
Thank you.
