Session Information:

Doing more with less... how Intent Based Networking will fundamentally transform your Enterprise network

• What Intent Based Networking actually is (methodology) and why it matters (the coming paradigm shift)

• Understanding of why IBN verification and assurance are CRITICAL to the future of networking

• How IBN solutions like Forward Enterprise will be necessary in the post CV-19 world (expected to do more with less)

• Why Forward Enterprise should be your standard for achieving Operational Excellence

• Why having a Digital Twin will help you accelerate your business transformation.

Session Transcript:

Come for it, and networks for our first session. There. Josh Approach will talk to us about doing more with less, how intent based networking will fundamentally transform your enterprise network. So Josh, I'm going to ask you to turn on your camera, I'm gonna say a few words here to Josh. Josh is the regional sales director of the for the south-east region. Josh has a strong business and technical background. He's a Cisco Network Specialists and has stablish sea level relationships within jira one SB and enterprise community. He joined Ford Networks in 20 20 and he's gonna share the journey with us. Josh, wonderful to have you with us. Look forward to your presentation.

Wonderful, Thank you so much for introduction, Joe said. Good morning from Atlanta, everybody. This is Josh, folks with Forward Networks.

So folks like to start off a little bit about, as Julia had mentioned, you know, how is intent based networking? You're going to fundamentally transform the way you manage your enterprise network. So what I'd like to do today is give you a bit of an introduction to our company. Explain it is, what do we know, what is that we do? And more so, kinda define what intent based networking is because like like most definitions, you know, when you look at the acronyms of, IBM are kind of meaningless unless you put some context around that. So let's get underway. And first thing I'd like to do is give you a little bit of an introduction to our company. So forward Networks has been around for about 6.5 years. We've now been in market, in production environments for the last 3.5 years.

And our company was actually founded by four PHD computer science grads from Stanford University. So we think they're kind of smart during their time at Stanford. A lot of the body of work that they did was in the software defined networking space and they work underneath the tutelage of Mick McKeown and for those of you who are familiar, mccune is kinda considered the father of SDN. Additionally, during their time at Stanford, they did a lot of work with another gentleman named .... And Martin was actually one of the co-founders of a company called ..., which later became NSX, AKA v.m-ware.

And so, as I mentioned, we've been in the market now for about 3.5 years. And since coming to market, we round out our leadership team, a good bit with an added members of leadership from the marketing side, to go to market side, as well as our product line management and our development side. So, to date, were see serious funded company, we've raised approximately $70 million. Some of our major investments come from the folks at Andreessen Threshold, formerly ..., for those of you who are familiar along with a capital and one of our premier investors, some of you may know, is Goldman Sachs. So, I'd like to make a little bit of an emphasis on Goldman Sachs. They're a pretty interesting the case for us, so Goldman Sachs was actually a customer or forward networks for approximately a year.

Currently, they have, over a little bit over 15,000 core network devices under the management of our software platform, which is known as Forward Enterprise. And so, over the year that Goldman ended up putting, in their entire global network, underneath, our Care for intent based networking, around, that same time, they came to us and said, yeah, you know what? We really like what you're doing. We're trying to accomplish something you've managed to succeed in doing. And, in fact, we want to be a part of your success, so, Goldman Sachs actually did see serious funding for us and invested their own 35 million into forward networks. Because they are indicated they wanted to be a part of our success. So just a little bit of a background on us, and let's go ahead and get into a little bit of how we're seeing the world, particularly the enterprise networks, and why. we think intent based Networking is going to be a fundamental paradigm shift for large weight, a lot of enterprises and managing their works.

So as we look at the current state of network operations, today, is become vastly complex, right? We would even argue that it's outside of the scope of any single person, or a group of person within your organization, you're having to contend with dozens of vendors, Cisco, Juniper F, five Palo Alto, just to name a few. You're having to deal with thousands of different devices, right? The implementation of those devices, the configuration of those devices. And, as I mentioned before, when I talked about Goldman Sachs and our global network, the approximate 15,000 core network devices they have in our youth are a platform that really consists of switches, routers, firewalls, and load balancers.

So, in addition to the dozens of vendors and multitudes of devices, you've got dozens and dozens of different rules, different operating systems, different firmware, and fundamentally, what we just tried to illustrate is that the management of these large heterogeneous and, in some cases, hybrid networks for those of you who need a little definition about the hybrid side, you may have either physical network functions, basically, a purpose built box as a load balancer. You may have a virtual network function, and some of these things may reside in your data center, or in your branch locations, and some of them actually reside and workloads in the cloud. So, as we looked at the culmination of how networks, if exponentially gotten more complex are for founders. Went out on the mission. Is saint Guys, there's got to be a better way to enable these Enterprise networks, The function and the ability to manage this properly, and, you know a lot more efficiently than what's been done in the past.

So, the kind of further illustrate that a little bit, this is the world that your network engineers and operations live in, they live in the CLI world, right? And so most times, when people are working through either pushing new applications out into your network, different services, kind of your Layer seven folks, right? Or the folks who work in your front lines and your network operations centers are working. Or, god forbid, you experience an outage or subpart of disruption, of your service. This is the world that they basically live in, it's the CLI world, the Command line interface, right? And so, when we look at how people are having to effectively operate these networks, we felt that there was a better way to do that. But first, a couple of things you really need to know to be efficient, and running your networks. And so effectively to operate your network, you really don't know what you have in your network, right? What devices that have, sitting out there, right? then?

You need to know how it's connected, right?

And ultimately, if you know those two things, you want to know, where is all my traffic going, right? And so if we think if you get those three things pretty tight, you also want to know whether or not is it working as I intended it, Is it working properly? And then, as you collect all those things together and you start looking at your change windows, right?

When you're doing upgrades or migrations of workloads, again, pushing new applications into your bar, you need to know, what does it do I need to change. And when I make these changes, MI causing any harm to my network, or am I exposing any type of security vulnerability? Alright, so somebody has changed windows that a lot of folks do. There are very complex in nature. Some of them are short and risks.

Some of them were very arduous and cereal in nature, and so as folks are working through this, and we start looking at the size and scope of these networks, where we're sitting back and trying to illustrate the folks at, guys, this is just pay too complex. So how do we help solve for that some of that complexity?

Well, I'm going to talk about here in just a little bit, but I'm gonna give you an example when we talk about the exponential growth that networks I've experienced, and why are there so inherently complex now. one of the examples you gave is an example of a Fortune 500 company that will work in which is actually one of the three largest banks here in North America. Their logo colors are red and blue. So I'll let somebody, you guys figure out who that might be. But today they have approximately almost 13,000 core network devices. Remember, core network devices are those switches, routers, firewalls, and load balancers.

So, when we tell people, you know, you've got 13,000 co-ordinate with devices in this massive network. How many lines of code and configuration are you guys having to deal with on a day-to-day basis?

It's a staggering number.

It's almost 3.3 billion, with a B lines of code, And this is configuration information, and state information. And so, when you look at this heterogeneous hybrid network and you look at the massive amount of information that your network engineers and operators are expected to manage, their doing this, while managing hundreds of change Windows Week, they're doing it while they're managing over 500 different model and firmware combinations. And, again, this is specific to this particular financial customer that the phone network serves.

And so, as, as we go and explore in a variety of intent based networking, the network issues basically are still the same, but down, you're dealing with this greater level of complexity. And so, what we figured out for networks is that a fundamentally, different approach is needed.

And this is kind of why we believe intent based networking, and particularly verification insurance, is going to be critical to the future of networking, because we believe, if we do this right, there's some business value went, right? And the three pillars of business value, that we tend to see is that we give, we give enterprise an opera is the ability to reduce cost, right? Reduce the cost of an OpEx perspective.

We also have the ability to increase agility, right? So now, instead of, when you start looking at putting out new applications or services to your, to your end users, or your, or your B2B partners, right, there's a lot of things that typically have to happen to ensure the posture of the readiness of your network is suitable for putting that service. So, we actually get the ability for folks to increase the agility, right there means. Or go to market. We actually shorten that time.

Then, the third thing we do, is we derisk operations. If you know exactly how your network is configured. If you know exactly how a physician and postured, you're going to be able to de risk your operations. Because now, fundamentally, as you go through your change windows, you're gonna know that as you make these different changes in configurations, or as you roll out these new services, you're going to do that with a lot more confidence than wondering if maybe my segment of network 6 or 7 hops away is going to be able to carry that traffic. And my customers, whether they're on one side of the world, or they're located here in the United States. But they're also going to be able to access that data and information as seamlessly as somebody who might be in Singapore and London, or Sydney.

So, again, as we kind of go through this, one of the things that we do it, forward networks, as we strive to improve what we consider to be operational abstraction, right? Because as I've mentioned before, this is essentially the world at your network engineers. And operators are living in the CLI. And, again, this comes with a multitude of vendors, a multitude of different configurations and implementation of these devices. You have a wildly heterogeneous network. And I've been almost bet that regardless of, of your business, a lot of you pretty much have a lot of the same vendors and same network, core network devices in your network.

So, what we do is, we actually take this information and we, we normalize it, we give a single way of looking at this, where, it doesn't necessarily require a 10 year c.c.i.e. veteran or ... veteran, and, so we're gonna explain that a little bit more, but let's, let's talk a little bit about what intent based Networking meetings.

So when we talk about intent based networking, we're talking about what exactly is it that you created your network to do?

Because we would argue that the two most important things to your business number one, are your people. Right, whether it's the people that work for you or the people who consume your services. Right. So. Your customers. But. the second most important thing to your business has to be your network. In fact, it is the lifeblood, especially now as We're experiencing an unprecedented global pandemic. Right, your network, So, In the digital fabric, that are, effectively, the web that is holding society together.

So, we kind of look at that is the essential digital fabric, Right? And so, when we start talking about the intent of your network, I guarantee you, most of you have firewalls, load balancers of switches or routers. But the way you designed your network, that way you've implemented your network is going to determine exactly what is intended to do. So, for instance, one of our other, one of our other customers. May have heard of them, PayPal. So we We actually provide the intent based networking platform for, for all of PayPal's network they've got close to about 7000 quarter devices, right? And so we intend to PayPal's network, right, obviously, is to, is to allow payment transactions in different ways to exchange funds and and services. Right, so So we can't, we get to, is, do I have the necessary posture of my network and how do I verify, how do I know that site, A to site B? Is connected properly?

and allowing them the proper traffic to ingress and egress through my network, Right? But maybe you're a retail store, right, And you've got multiple chains across the world, or in a particular country, right.

You want to ensure that your payment systems, that you're retail transaction systems, that you have adequate redundancy, that you've got adequate bandwidth, that you're essentially position to take on any of all your services, or maybe your tent is, I have a have a production environment but then I have visitors that come into my environment and also leverage my network. And so how do I ensure that I'm protecting myself as visitors that come into my network and utilize certain resources that mountain employees would exist?

So, again, when we started talking about intent based networking, I'd like to add a little bit more clarity to that, because, fundamentally, there's two different types of approaches right now in the market. And I would like to stress that intent based networking is more methodology, not so much a standard. But, again, it's, it's, it's, it's a philosophy. It's, it's a new fundamental approach to managing these wildly hybrid heterogeneous networks. So, if you look at the left side of the diagram here, you have something that is called intent driven network configuration. Now, one thing I'd like to emphasize about intent based network configuration is that this is typically something that has done an environment that's primarily greenfield.

And realistically, it only represents a very, very small segment of the market, right? So these types of designs that require intent based network configuration are very, very specific, and more often than not they're required to be homogenous. So you're you're really kind of looked at a vendor lock situation.

And so, because that tends to be a little bit more or any subject, lots of ways, a significant smaller segment of the market, we decided to go to the other side of the paradigm, which is the intent based network verification and assurance. So, this is where we decided to participate. Because within work verification and assurance, this really addresses what's also called brownfield environments, right? And Brownfield apartments, or basically, any network. As I mentioned before, hybrid, it can be a combination of your network residing on prem, or you could have also, some other components of that city in the cloud. Whether it's Microsoft, Azure, GCP, Google, or AWS.

And so, we decided to participate in this space because the majority of networks today, right, are heterogeneous. And they have a multitude of the vendors, the different firmware as we mentioned before, different operating systems. And so we felt that the biggest impact would be done here on the network and verification and assurance side.

So, a lot of folks say, Josh, you know, this sounds really interesting and really cool. How real is it? And more importantly, how do you guys actually do this? Because what we've attempted to do is something that's been needed in the, in the market for quite some time. I myself, actually, was a former network operations manager for a large Tier one enterprise. I've also done that for Tier one Service providers. And I can tell you, if something like this existed about 15 years ago, I probably would have some more hair list. So, let's talk about this a little bit. So, the platform that, that we have provided to the marketplace, is called, Forward Enterprise. And, again, the three pillars of this, in the business value that we try to extend to work to our customers is, again, the ability to reduce your costs, right? To increase or agility, right?

So, your digital transformation objectives, right, and then the other one is de risking your operations. Because, again, nobody likes to, nobody likes to shoulder outages. And certainly, nobody likes to end up in the, in the funding papers, explaining why are they were down or why people weren't able to process the payment transactions or access different services.

So, let's go back a little bit, to what we mentioned before about the challenge to be more effective in your network operations. And so we discussed some of the five things that are really needed, right? Knowing what you have, how it's connected, where is all my traffic going?

When you get all the story, again, isn't stuff working as I intended to? And if it is, wonderful, now, how do I determine what I need to change? So, one of the things that we did as a part of our platform is we developed a set of tools, right?

Network engineer, if you look at, think about a day in the life of your most basic Network engineer, operator, right? Again, they're living in these worlds of the COI. So how can we help them be more effective and more efficient?

So one of the things that we do is we've created a wonderful tool called Search. So imagine if you had the ability in this wildly, heterogeneous hybrid network to go in and perform a Google, like search on a network. Say you wanted to look and say, I want to ensure that I'm posture correctly across all of my firewalls and data of mitigate any potential security vulnerability. That may exist. Well, you actually have the ability now to go in and query those firewalls. And you can check to ensure that your gold standard has been applied. And it doesn't matter what the vendor that firewall is. Again, whether it's Checkpoint. Whether it's Sysco. Whether it's S five. So again, we found that this is a very, very powerful tool for a lab network engineers and operators, to quickly identify the posture of your network, and to ensure that your gold standards have been implemented correctly. And that there isn't any violations.

Another feature that people using this searches, you know, from time to time, vendors will come out, and they'll say, Hey, we discovered a security vulnerability. And for those of you have this particular network device, running this firmware and this operating system, you need to do a scrub up your network. And you need to ensure the latest and greatest passion has been applied. So we also give you the ability to quickly search your network to determine what's your exposure to that, What is your liability to that? And, again, we're agnostic to the vendor, so it really doesn't matter to us which vendor it is, it has those security announcements or vulnerabilities, we give you the ability to locate those quickly, and to ensure that your network read maintains good security posture.

So, one of the other tools that we provide within this platform is verify, right? And going back to again, verify. Now, I'm able to search my network, verify that everything is working as expected. And how do I have the ability to continuously validate that? My network is postured correctly, right, again, going back to security and configuration sanity, making sure that your best practices have been implemented. And somebody hasn't fat fingered something on a keyboard somewhere when you're working in. And CLI because absolutely Never happens.

It actually happens a lot more than people probably want to admit. But again, we felt that this was also a very powerful tool that we give folks the ability to go back in and ensure that not only can they search or network, they know what's there. But now we can continuously validate to ensure that I have and expose myself to any vulnerability.

And then the third program, or it's just a third application that we built, also was predict.

And, again, one of the things that we talked to a lot of our enterprise customers about, is, I'm about to make a significant change to my network, I'm about to roll out this new service that's going to give our customers a much better experience. But, how do I know that when I implement this change, that is kind of work not waned in the segment of the network I'm working in, but it's gonna be accessible to anybody who's trying to reach that application. And so what we do is we actually give you the ability to simulate some of the effects of the proposed changes, so that when you go in and you push those services, are those applications, or you migrate those workloads, you can do so with full confidence.

And so now, folks tend to asked me, well, you know, Josh, this is really awesome. How do you guys actually do that?

So, I'm gonna talk to you a little bit about our platform, which is Forward Enterprise.

So as mentioned before, really, the purpose of intent based networking and particularly intent based networking verification and assurance is, it does require a fundamental new approach to network engineering network operations.

Right. So as we talked about before, you know, you've got this. Why are we heterogeneous network infrastructure? Right? You've got a combination of devices that sit on prem. You got some that sit out in the public cloud. We support AWS, along with Microsoft Azure. GCP is coming towards the latter part of this year, But so now you have all of these different devices, different operating systems, different firmware.

So what we end up doing is we go into your network and we create a mathematical network model, what we call a digital twin.

And this digital twin is a 100% accurate, precise mathematical model of your entire network.

Now, one of the things I would like to pay special close attention to is that little combinator indicates header space analysis. This is very important. I'm gonna talk about that here in just a second.

So we basically, we go in and we collect all the information. We collect all the state and configure information of your core network devices, again, your firewalls, your load balancers, your switches, routers. And so how do we collect this information? Well, we actually get that information from you.

So, one thing I want to emphasize is that forward Enterprise is an API first driven architecture, right? We're able to actually consume your device information. It can be done via API through your CMB or one other way. We are.

SSH. We can SSH into your network via attack X or jump server or directly into the device itself.

Now, one thing I'd also like to emphasize is that we should actually in the data plane, so we're in the do no harm space right, where we don't actually push configuration changes. We essentially collect all that config and State Information bubbles, Core Network devices. And as you recall from the previous slide. one of our large banking customers. They handed over 13,000 core network devices. That's where that 3.3, almost three point three billion lines of code comes from that. Is all the config and state information of Oliver co-ordinate with devices. And so then when you take all of that information, we culminate data into a core mathematics medical network model. And then here's the thing that we'd like to give people. I apologize for that.

We would like to give folks the ability to verify where their data is going. Remember, we go back to, what's the most effective way to manage your notebook? You've got to know what you have, house connected and where your traffic goes. Well, one of the key features within our Forward Enterprise network is that header space analysis that I mentioned previously.

And so what that does is we now have the ability to not only give you this Digital twin of your entire network, but now we can tell you where every data packet on every device on every port can possibly go.

That's right. Every possible path that data can traverse your network.

So what does that actually look like?

Well, when we talk about the problems that we tried to solve, folks, you understand, this is a very, very heavy lift, right? We're trying to solve the ability for everybody to understand what their behavior is, right? We also want to give everybody the ability to do this at scale, because scale is very important.

Today, were hmm. Right around the amount of 50,000 core network device instance. We're able to do that on a single VM. And again, we do this we can either have we can have this platform that resides on your pram. Some people require that as part of their security or we can also hosted in the cloud, is the science, but, again, the ability to scale, to be able to analyze all these different heterogeneous network devices, right? A single, and then actually provide instant access to all of your network behavior. And this goes back to the the applications that we built, the search, the verified it predict, what have I got? how are these change, is going to affect my network across these multitude of devices, and how I verify that everything that I'm doing is keeping my networking. It's correct posture.

All right, so how are we doing? Where are we at today?

So, we have a very wide and deep matrix of support for multiple operating systems. Device features, vendor types, All right, we have the ability to essentially process all this information, if it's something that you put on prem, you can do that on a generic caught servers, about 10 grand. It's pretty cheap. But then one of the things I want to talk about, that header space analysis, I just wanted to give you a little bit of a perspective on that.

So, if I go back to one of our other customers I mentioned before, which is PayPal, They've got almost 7000 core network devices when we went into the path analysis, the combinations that come back, it's astounding.

It's, it's, it's an exponential number. It's 10 to the 27th power. So, what we're talking about as a combination of every ingress, egress path on your network, and what, what is 10 to the 27th power look like.

Fundamentally, it's about 10 billion times the number of grains of sand on every beach on this planet.

So, do you have to ask yourself, how is it that my engineering and my operations folks are able to keep up with this? How are they able to quickly isolate faults, or changes in my networks that either may be causing the degradation service or may be impeding my ability to put out different services or applications? So, this is why we incorporated the header space analysis, and, by the way, the header space analysis functionality was actually the master thesis of one of our co-founders. You can find it on the web. It's only about 152 page dissertation. So I would encourage you to read it at your leisure.

But one of the things that we also thought was really important for this other side and the the ability to do the search verifying for did is we actually provide a really intuitive gooey doesn't require a whole lot of training and maintenance as bad as easy as using an application on your phone.

So, again, when we start looking at the, the scope of the networks that people are trying to manage today, going back to the complexity of that, the multitude of devices multitude of operating systems, you know, the, the, the the nuance of you may have somebody who's very, very fluent in Cisco, but maybe not so strong enough fiber checkpoint or Palo Alto.

Or perhaps the gentleman who's responsible for a particular segment of your network is on vacation this week. And something comes up. And you need the assistance to verify either segment of the network or particular devices as you're going through your change windows.

Well, what we've done here at Forward Networks is we looked for a way to take the complex and essentially simplify it, for your network engineering network operations teams. So, as you go through which your digital transformation initiatives, you have absolute clarity and confidence. that your network posture is correct. You have the ability to verify it, with regards to pre or post change from change windows. And you also have the ability now to analyze it in fairly quick fashion, as to whether or not all the traffic is able to reach these different services and applications that I have out there. Because, especially for some of you from, from a financial perspective, right? Every every bit and packet counts.

So, I appreciate given the D over to you guys, hopefully, you found that fairly intuitive. one of the things that we do like to do is we invite folks to visit our website at WWW dot forward networks dot com. And we're also happy to provide you a demonstration of forward enterprise inaction. and then we also have the ability to share with you some of the Use Cases. And Customer Success stories. Again, as we've been employed today, as I mentioned before, to Goldman Sachs, one of the top three banking institutions here in the United States, PayPal, we have several different government entities, entities, along with the various Tier one service providers.

So that concludes my presentation on my introduction of Forward Networks and intent based Network Verification and Insurance. And I will be welcome to any questions that you may have. I'll do my best to answer them.

Very good, Josh, very good. Thank you for your presentation. And I had some questions coming in here as, as you're speaking, which you have a pretty technical components here at your short presentation there. And, it's good to know that people around the world are awake and paying attention. And asking this, this very specific questions. one of them is a bit broader, and it's more about the talk, a little bit about the business case for, for the, for this approach to networking and how, how are you validating the business cases for that? What are some of the matrix that you look at and how do you translate that into into dollars for the business case?

Excellent question! Excellent question. So, we, typically, tend to find a couple of re-occurring themes. Again, with our large Fortune 100, Fortune 100 companies with our enterprise or your service provider. one of which is what folks call MTR, or entity. And then, acronyms means meantime the resolution or meantime to innocence.

So, again, going back to part of the presentation where we indicated that, you know, most of your network engineering operations folks, when they are, when they are tasked with a trouble ticket, when their problem comes in, they're usually going right into the CLI. And they're having to check device, by device hop, by hop. And they're having to login and log out and actually manually, do a lot of keyboard punch in and swivel chair work to do that. And so, that usually takes a lot of time.

And so, what folks, when they come to us, and they say, Hey, how can you guys help us improve our mean time to repair or, in the case of meantime, to innocence. Let's say you've got a third party business partner that utilizes your network and they're having a problem. So, meantime, innocence is basically being able to say, Hey, guys, look, we, we check the posture of our network, we know that, our configuration in, our state, is correct. We can access and we can verify all ingress and egress a data. So, effectively, guys, it's not as you need to check your rent, so that's kinda kinda proving of the posture of your network. So that's what they referred to, as meantime to innocence. And when you start looking at that, a lot of folks keep their metrics like to keep the historical data as are working trouble tickets. And sometimes trouble tickets will take anywhere from 4 to 5 hours to be cleared out. Sometimes they go a little bit longer, depending on the complexity or severity of the condition.

And so, what folks have found with us is by having the ability to actually perform Google like searching their entire network to verify path analysis, that traffic is flowing in and out of my network properly, and I haven't cause an issue. We've actually seen a reduction, in the meantime, to repair and meantime, since, on average, by about 50%, and for some of our customers, 70%, some form of basic troubleshooting in isolation. There's been a huge savings from an OpEx perspective, and also man hours, But also, mitigation of SLAs, Right? So SLAs come typically with some pretty hefty liquidated damages depending on the severity or condition of the outage. And so, a lot of customers now have said, listen, if we have this, we went back into historical analysis of some of our trouble tickets.
34:00
And we found it now 7, 7, or eight times out of 10, had we had followed enterprise, have we had access to digital twin, have we know the exact posture of our network. We could have mitigated these in record time and actually avoid infractions of SLAs and the current liquidated damages. So, that's that's one of the things. The other thing that we find is, we start working with your layer seven folks in different companies, the ones who are pushing out, you know, these revenue generating applications and services. Oftentimes, these folks are having to go to network engineer, network operations. And say, hey, can you validate that this port is open and available on this firewall? Or do I have these ACLS correctly define because I'm about to turn this application loose? I want to make sure that that, why it works, and folks, all my customers can access.

So, I can how can you validate that? My network is in a position to consume this application service, and, more importantly that, my customers are, and, in some cases, and this is an unfortunate reality. There tends to be a lot of what we call push and pray. Where I think my network is right from what I can tell the testing that I did my lab, which is a small microcosm of my network. And there's only so much you can validate, right? It's not like to production environment, but even with the best intent of taking these things into your lab environment.

Even though those all come out green and thumbs up, and it's go, everybody knows when you go into production environment, you always exposed corner cases. A network in production is under a different load, and what you would have in the lab.

So, by basically being able to validate how your network is, is, is postured through the Snapshot. So, we provide to our network through the mathematical model, through the header space analysis.

They can know definitively then as soon as I roll this new service application out, that it's going to work.

So, 10, those tend to be the two biggest things that people look to us for and then the third one is going back to doing more with less unfortunately, especially with covert. Right. We've all seen in the news, right, folks are getting furloughed, unfortunately, people are getting laid off.

But most people's networks aren't getting smaller, in fact, are probably getting more utilized now than ever. And so now, if I'm having a look at a reduction in my staff and in my head count, how do I continue to manage all of these massive networks. If I'm now expected to do with with the reduce staff, well, that's one technology comes. And that's where the technology comes to help you scale. So, we actually give folks the ability to do to do a lot more with less, by letting the technology, augment some of those other operations.

And some of those functionalities that people typically use from a swivel chair were perspective. There's a question for you and if it does and I'll do my best to readdress it. No, not very good. That's a, that's a very good. Other questions that has come up is how, how long does it take to, well, this may be a little complicated because you probably have different size of networks, different types of networks and complexity levels. But if you could paint a picture of maybe on a typical network, what does that process like? How long does it take to build the Digital Twin and to have an operational? Just just kind of, again, on a typical application, what does the process may look like and how long does it take?

Also, getting shorter, so we have some, We have some customers have been very, very rapidly, like I indicated before, with, Would fold enterprise, It's, It's software platform that can reside in the cloud, right? as a ... org, and reside on your Prime. There is a component that always resides on your Prime, and that is actually the collector. So our collector is what goes out and basically parses all the configuring state information. And if it's a very lightweight software package, you can actually even run it from your laptop. I can run it from a laptop, I'm on right now. So that typically resides on a Linux machine, You'd stand up a VM, and then we would, we would go into your network again, read only, right, do no harm, collecting all the, you know, doing show commands, print commands, and collecting all that. state and config information and then combining that. And then that information is fed up into Forward enterprise, which then does the the numbers crunching to build the mathematical model to digital Twins?

So, to give you an example, I probably the, probably one of the best ones I can give you would be, let's say, let's see, Let's use PayPal as one of ours, again, close to 7000 core network devices. They move pretty quickly for us getting a VM stood, putting the collector on the VM. It's fairly simple to do. You can do that and about a day. And then, we go, to start collecting, we start parsing. And often times, we've seen it go as fast as three days in PayPal's, since we did it in about a week. And then once you actually collect it, so we call those snapshots were going at state, that config, we build a digital twin. And the way we we, we tell folks, is we're going to give you a high fidelity, right, And ultra high def view of your network. And so we, we, we tell them, as you go in and you collect this information as we create this digital twin, your first snapshot is like about a 720 P. If we talk about high definition, you know, folks are familiar with high def TV. So the first one, you're getting about 77, 20 P, around the next snapshot, you're going to get about 10 ADP and the third snapshot with ultra high def.

And what we do is we take all that information. And Digital Twining, and we curate that network for you. So it resembles maybe some of the Visio diagrams that a lot of people tend to work off of some of those logical diagrams. And we presented in a guru in such a way that it's very, very easy to consume, again, with our, with our friends at PayPal. That took us about a week to do. And then the really cool thing about the header space analysis, remember, I talked about that, 10 to the 27 power, you know, how many different combinations? Where it can all of my data possibly go from? This hot did that happen?

But we can do that aerospace analysis after we have curated work, on average, 10 to 27 power. It takes about 15 minutes.

It's, it's pretty powerful, and it's pretty powerful, the larger the network the initial time for, you know, we've got other networks right now. They're running over 20,000 core network device, those. The aerospace analysis on that, I'll take maybe about 30 minutes.

But again, as more snapshots are taken, the higher higher depth network becomes, and then you're done.

You're at state, Then you can use that as your single source of truth, and you don't necessarily have to worry about whether or not I've missed a network device, or maybe there's a port somewhere that I wasn't aware of that was operational. That's basically captured in a Digital Twin that we create.

Very good. And that we have time for one more question here, Josh, this one. This one comes from Tanya or Keys, and I'm Tanya says, first of all, he says, Great talk. Thank you.

And following up on the on the Digital Twin solution that you just talked about, he's cures that from a cybersecurity perspective, How do you prevent your digital twin solution from becoming a single point of vulnerability for the client? So can you talk a little bit about digital tween and vulnerabilities and cybersecurity?

Yeah, absolutely. So, so the thing I want folks to remember as we're talking about intent based Network, remember, we participate in network verification and assurance space, so we're not we're not actually having, we do not perform any type of configuration changes. We don't push down any, there's, there's several different devices and manufacturers out and network your data that do that. Typically, there's things like Network Orchestrators and you think about Juniper Contrail, CSO, or you think about Cisco NSO, or Blue Planet. So there's several different platforms out there that actually push configuration changes. What we effectively do, is, we create that high definition map, if you will, of your entire core network. And so, that information, again, can reside on. on prem, we do have some customers that, for their security, they, they require that, that, that, that information actually resides in the Prime.

But, even if somebody were to, let's just say, capture that information, which they can't, because all this is kept and it's encrypted up. You don't have the ability to really change anything, But I will tell you, it does have, it is, it is sensitive, right, and proprietary because now, you don't want somebody to know, maybe you have another competitor, right, another competitor who operates in the same vertical that you don't necessarily want them to know how you have your network configured, right? Did your network is actually working better or worse, performing more efficiently?

So that's really where that information seems pretty sensitive. But as far as the ability to inflict or cause any damage or harm to operators network, that does not exist. Again, we sit in the Data plane, So, we're only capturing the information of what the current state and configuration of your network is. But we're basically giving you the entire map, the entire scope of that, for you to have the ability to go in and validate that as of today, as of this snapshot, right? This second. I know that my customers data is going to flow. I'm not having any disruptions.

My firewalls are incorrectly. My ACLS are correctly. And if I make any changes to my network, I'm gonna have a reference, I'm gonna have a single source of truth, to go back to you and say, OK, I was working before something change lap like. What's the difference? Why am I now experiencing this problem? And instead of having to dial back in and do, let's see, a lot of work from top to hop. Now, they can go back and they can references. But, again, so, our tool here, for folks in these, in these heterogeneous net, which is hybrid networks.

Because the ability to know exactly what they've got, exactly, how it's connected and exactly what traffic goes, but as far as causing any ability to go in and manipulate, you know, GP routing tables or load balancing rules, none of that exist, all control.

And all of that, all that access still remains with the operator. We do not provide that.

Thank you. Josh, thank you very much for taking the time to be here with us, to share your expertise. I mean show us the depth of what's happening today in terms of optimizing that works and that's fantastic. Reveal. We appreciate you taking the time to share your expertise with us. Thank you very much!

Thanks for having me Josey, I really appreciate the time, and I wish everybody stay healthy and stay safe.

Thank you.

All right, ladies and gentlemen, this closest our segment of our first segment for today. Our next presenter comes directly from the UK and the doctor Arthur Preuss is is the Senior Business Architect for Digital Transformation at HSBC. And he's going to be talking to us about customer driven digital transformation. So I look forward to seeing everyone back at the top of the hour and the and the emerging into the digital transformation that HSBC will share with us. So, thank you. I will see you back soon.