About this transcript: This is a full AI-generated transcript of Re-thinking the AI Data Center with Simplified Ops and Security at Every Layer from Cisco, published June 25, 2026. The transcript contains 9,173 words with timestamps and was generated using Whisper AI.
"Hey, everyone. I'm Tom Gillis. I'm the General Manager for Infrastructure and Security here at Cisco. And we're going to have a conversation. We're going to talk about some of the significant changes that AI is driving, both in terms of how we build products and then also how you use those..."
[00:00:00] Tom Gillis: Hey, everyone. I'm Tom Gillis. I'm the General Manager for Infrastructure and Security here at Cisco. And we're going to have a conversation. We're going to talk about some of the significant changes that AI is driving, both in terms of how we build products and then also how you use those products. And those changes are significant. But I do want to make sure that it's a conversation, a two-way street. So I'm going to start by asking you a question. I want you to be honest, okay? If you're here for the ice cream, just wave your stick. Show the stick. There we go. That's truth. I knew it. I knew it. Well, the ice cream is free. The talk, of course, is also free. So, yeah, it's a period of change unlike anything I've ever seen. And I'm going to preface it by saying this. Not all the changes are good, right? And I'm going to get into what that means. But AI is causing a whole bunch of headaches. And it's going to create what I call the summer of turbulence, which is a nice way of saying, I have another term, the summer of something. But we're going to be busy patching and reacting and cleaning up the mess that AI is causing. When we get through the summer of turbulence, I think we're going to emerge to a better place. And we can make fundamental changes in how we build products, but more importantly, how you use those products. They're going to make infrastructure way, way easier to use. Okay? So, the root of a lot of this is tied up in Project Glasswing. I think everybody knows what that is. But if you don't, Anthropic, in my opinion, has been very responsible in how they've introduced their new model. The model is called Mythos. And they built this program called Glasswing, where they gave early access to the Mythos models to a handful of critical infrastructure providers. We're one of them. So, we've had the Mythos models for a couple months. And with the model we got was unchained. It didn't have any guardrails. And so, we would run these models models against our code base. And we had some pretty startling results. Now, here's the difference that I described. This is, you know, maybe not technically, precisely accurate. But we've all, anyone who's doing software development, so we all, anyone doing software development would have had experience with AI coding tools for a couple of years now. Right? So, that's not really new. But what I was observing is, for new projects, we would see a 20x increase in productivity, like a surge in output. Because the models could understand a small code base, 300,000 lines of code, for example. But when you apply those previous generation models to a complex product like a Cisco catalyst switch or a firewall, you're talking about 30, 50 million lines of code that have been developed over a decade. And the previous models couldn't comprehend the whole thing. And that's what's changed. So, these new models, and it's not just the mythos models. We have the latest open AI models. And I think there will be others that have the ability to understand the entirety of that code base. And what's interesting for me as a observer, this is the first time that AI has been able to discover insights that a human hasn't. Our best engineers have been looking at these code bases and looking for these vulnerabilities. Because AI can understand all of the intricacies of these interdependencies, it can see these patterns of, oh, if I twiddle this and change that and move this and tweak that and do that, I create a buffer overflow. And so, it's finding these vulnerabilities that are a step function over anything we've experienced before. So, this is a good news, bad news situation. I'm going to start with all the bad news. Then we'll get to the good news, okay? So, the bad news is this is coming at us and it's coming at us fast. And the typical playbook, the operating model that we've all been working on together for decades about how we build infrastructure, deliver infrastructure, how you test, qualify and deploy that infrastructure, that's about to change. So, the old model, we find a vulnerability, we go create a patch, we give the patch to you, you test the patch. A couple months later, we deploy it, right? Think about log4j. How long did that take to do all those upgrades? That was one vulnerability. But now, one of the other interesting observations from the mythos and glass-winging experience is that these models not only discover the vulnerabilities, but they automate the exploitation of vulnerabilities. Now, the model providers are trying to put guardrails in there to limit the ability of a bad guy to get their hands on these things and automate the exploitation, but we have to make the assumption that the adversaries have this capability. And unfortunately, I think that's a good assumption. So, attackers are going to have the ability to find these vulnerabilities. The other little nuance I want to point out here is that the model does not need access to source code. They can achieve these results on black box testing, which is pretty amazing. Like, they can just poke at a running switch or a router and they're going to do that tweaking and twiddling and fiddling and biddling and find their way in in an automated fashion. And so, we're not talking about one vulnerability, right? And this is the other thing I want to point out. This is not a Cisco problem. This is a software problem. Every product in your infrastructure, I don't mean to get everyone worked up here, but these are just facts. Every product in your infrastructure that has software is going to have these amount of vulnerabilities. And every vendor that makes that is going to come to you in the next 90 days and say, here's an emergency security update. You must upgrade immediately. So, we've never experienced anything like this before. It's like log4j times 1000, right? So, the old operating model of patch, qualify, test, you know, sort of, and then roll out, that model has to change. Unfortunately, at Cisco, we're on our toes here, not on our heels. So, we've been thinking about this going back to the days of Volt Typhoon and Salt Typhoon. You know what that is, right? Those were attacks on our infrastructure and that was some serious business. And so, that started some thinking where we said, you know what, the problem here, the reason why they're attacking the infrastructure itself is because people don't upgrade that often. Right? I have this sort of running tally where I talk to customers like, what's the longest running piece of Cisco equipment you have in production in your environment? What do you think the answer is? What do you think the switch is? If that switch was a kid, the kid would be, it'd have its driver's license, right? It'd be drinking beer for sure. Whether it's legal or not is unclear, right? It'd be going to college, it'd be thinking about grad school, right? It'd be voting. So, that operating model has to change. I mean, that's one of the things you love about Cisco is we, it's amazing that we could build a product that could run for 15 years without a reboot reliably. It's longer than my dog has been alive. These switches can run. We're going to continue to build products with that quality, but we got to think about managing them differently. And a compensating control is a critical, critical tool here because it allows us to apply small little changes to a system that's in production without stopping, modifying, or rebooting the system. And so, the way we implement these compensating controls is called Live Protect. This is a software feature that is built into Cisco equipment. It's done in software. We already released this in the Nexus operating system last December. So, it's been in the market for a while. We have more than a thousand customers that have downloaded Live Protect software, and then the shields, which are the the compensating controls that we can place on these systems. We only produce those when we have a vulnerability that we know we need to release. So, expect to see from us a piece or an announcement. Hey, here's a vulnerability, a patch to fix the vulnerability, and then a shield that is intended to be applied very, very rapidly, or possibly even in an automated fashion, onto the running switch. Now, this is so important. If you remember one thing from this session, here's what I want you to remember. The ice cream was free. If you remember two things from this session, Live Protect is not a patch. It does not obviate the need to patch. Live Protect is meant to be a finger in the dike. It's an emergency protection that we put in place to bridge you between upgrades. Okay? And so, this is a huge step forward though, because it's going to allow us to start to bring the cloud operating principles into infrastructure. When you go to the cloud, you're running a Kubernetes workload, you make lots of little changes, and so the upgrades aren't as gut-wrenching. Remember the days when upgrading an iPhone was scary and hard? Remember that you had that stupid connector you had to plug in and you connect to iTunes? Like, why iTunes? You know, you plug it in iTunes, my photo is talking on the iTunes, and I just sit and watch, and I'm like, is it done? Is it not done? Is it my phone's not responding? I think that was good, you know? So, upgrades were hard. I didn't upgrade that often. When's the last time you upgraded your iPhone? What version are you running? I don't even know. I pick it up in the morning, it just works, because you trust the upgrade. Okay? So, it's our job as your vendor, we're going to continue to innovate, and we're going to bring you tools that are going to allow it to be easier and easier to do these upgrades. Tools like Live Protect are a bridge between upgrades, but expect the upgrades are not going to, for once a year, we're going to start to move to closer to quarterly updates, right? Much more frequent updates to the infrastructure, because we have to. This mythos glass wing thing, all these frontier models, this is not one and done. That's the other observation. They keep finding new stuff at order of magnitude more than we've seen before. So, this new operating model is the silver lining in all this, because when we get through this summer of turbulence, and we've adopted these cloud operating principles, the upgrades are going to be smooth and easy. I would love it if we get together in Vegas, let's say two years from now, and we go out for beers and be like, oh my god, remember when upgrading the switch was a nightmare? Remember we had to do it over Christmas Eve, you know, when everyone else is, you know, home with their kids and we're managing the upgrades, and it's all just kind of happening automagically. That is within the realm of possibilities. It's non-trivial. We'll build the tech to make it happen. We need you all to work with us to make this a reality. All right, so we're on that journey. Let's actually show you a demonstration of Live Protect on a live system. So, Merle, please come on up and join. For those that, I know, the crowd goes crazy. Merle. Thank you. Merle runs the Nexus product line and is a networking consummate professional.
[00:10:50] Speaker 2: Thank you, Tom. And he's going to show us how this stuff really works. Yeah, so let's see how Live Protect works in reality. As you would imagine and expect, everything starts from cloud control, and you can see the various consoles there, particularly that we'll be focusing on is the Nexus dashboard one. Okay, I want to pick on one thing
[00:11:08] Tom Gillis: from this cloud control. What's the value in cloud control, in my opinion, in this post mythos reaction world? You got to start by answering the question, what do I got? Where are these systems? Where are they running? Cloud control is going to give you that answer. It's going to give you an inventory of all your Cisco kit. What is the status in the various systems? Then we can drill down on a particular system and start to think about where the hot spots are.
[00:11:31] Speaker 2: That's right. And if you see in this particular picture landscape that you see here, you've got the Miami campus and the New York campus. And what we're going to show here right now is zoom into that Miami campus. And if you see the Miami data center fabric, essentially you have a spine leaf design and you've got a whole bunch of red there. What that basically is saying is they've got a bunch of vulnerabilities identified. And with this vulnerabilities, essentially now you have the ability that these advisories need to be patched. And that's what you've been talking about with Live Protect. Now we actually have an infrastructure that allows us to solve for this. Yeah. And if you look at this, in this particular case, you've got three vulnerabilities right there. And I just want to point out one more thing about the Live Protect. We have two modes of operation. Yes, this is important. Monitor mode. Yes. And then the Enforce Protect mode. Right. And essentially, both of those modes are supported on the Nexus portfolio today. And it's going to be supported across the entire Cisco portfolio. Yes.
[00:12:32] Tom Gillis: I want to say what he just said. Live Protect is being rolled out throughout the portfolio. It's available on Nexus today. And Live Protect has the ability to test it in monitor mode and then flip it into enforcement mode. Okay. The reason we put that in is we want to earn your trust. Exactly. We're not just going to bribe and get your trust with free ice cream. We're going to earn your trust. Right. And that's what this is intended to do. Once we've gained that trust, the design intention is you just let these things go. You just let them go on the switches, production switches, but you'll have the confidence to know this thing's not going to break anything.
[00:13:06] Speaker 2: And then the key thing here is now when you actually implement this, and you've made all those greens out there that you see, you've implemented the Live Protect with the vulnerability on the infrastructure. What you also get is a key point here. You've done the compensatory controls and the mitigation without actually upgrading your network. Without rebooting the system. Without rebooting the
[00:13:30] Tom Gillis: system at all. And we have live customers, production customers, that are putting this in. And the design intent here is that you can't see the difference. Absolutely. Imperceptible performance impact. Obviously, there's some, right? But it should be so negligible that you don't even really notice. And
[00:13:46] Speaker 2: basically, customers are telling us, and we have the live example today, that they're looking for proactive, continuous engagement on this particular paradigm and journey that you're talking about. Yes. Yeah. With that, thank you. Thank you so much. Okay. Really, thanks so much, my friend.
[00:14:02] Tom Gillis: All right. Okay. Where's my friends from Gartner? They're hiding in the back somewhere. So we were talking about this earlier. Here's an outcome I don't want. What I don't want is you say, "Oh, cool. Live Protect. Throw a bunch of shields on there. We're good. We'll update next year." Right? That's not the design intent here. We need to -- Live Protect is not a patch. Okay? A smart attacker can find ways around, and we're only going to give you shields for the really scary critical vulnerabilities. There's a long list of other vulnerabilities that a smart attacker can string together and create a lot of havoc for you. Okay? So Live Protect is the bridge that's going to get us from one patch to another, one upgrade to another. Okay? So let's talk more about what we can do with these AI tools. Again, this is the silver lining. What we can do with these AI tools to fundamentally change the networking products in the infrastructure that's powering all this AI stuff to really be ready for this next wave. And so for that, I'd like to invite Kevin Wollenweber up to the stage. Kevin? How you doing? Thank you. All right, Kevin, you spend a lot of time working with the top of top of market customers. A little bit. Yeah, yeah. The largest AI deployments in the world, and they're staggering scale. Share with us some insights on deploying network infrastructure for AI
[00:15:26] Speaker 3: you know, at training scale. Well, I think the first thing is AI is, it's a networking geek's dream. Yes. Right? If you think about it, we're able to connect the biggest and fastest computers in the world. Yes. So this is your network. I know all of you are deploying networks. It looks just like this. The beauty of AI is when you start to add AI applications, you build a bunch more networks.
[00:15:45] Tom Gillis: Yeah. Right? You have to connect the GPUs. Let's delineate. The language we use is we talk about a front-end network, which is like a data center network that you know today. But when a GPU is talked into another GPU, we call that a back-end network. And they're totally different, right? They work
[00:15:59] Speaker 3: different. They're different characteristics. You need, in some cases, different switches or different characteristics of switches to provide the right performance. And the beauty is we have them all.
[00:16:07] Tom Gillis: Yeah. And you know, Kevin, one of the things, we're getting to this with the slides, the switches that we build for these back-end networks are insanely fast. Who's running 800 gigabits per second per port in their fabrics in their data center today? Nope. Okay. He's a sales guy. Like that doesn't count. But you will, right? Yeah. And you look at the size of these switches. I mean,
[00:16:30] Speaker 3: a single switch is as big as the largest core backbone router we ever built a decade ago. And now customers are deploying hundreds or thousands in one RU. Yeah. And it's because these GPUs, they're driving, you know, 800 gigs of capacity into the network today. And that's going to go to 1.6, and go to 3.2, and who knows what after that. So if you learn three things, one, ice cream is free,
[00:16:51] Tom Gillis: two, life protects not a patch. The third is AI apps are network bound.
[00:16:54] Speaker 3: Yep. Right? And how many times do you deploy one GPU? Right. Right. Exactly. All right. Yeah. So as we see more and more of these GPUs being deployed, the increase in bandwidth and the increase in bandwidth need of the GPUs is driving an insane amount of potential for upgrades in the networking space. And you know, for that, we love it. So 1.6 terabits,
[00:17:14] Tom Gillis: 3.2 terabits. We're taping out these chips. We're working on them now. They're going to be coming to you. This sounds insane. It's so fast. It's so powerful. But the focus of our partnership with NVIDIA is to make this stuff digestible so you can deploy AI workloads in your data center without buying your
[00:17:30] Speaker 3: own nuclear power plant, right? Well, the networks you were talking about that we've been deploying in today, when we talk about the $9 billion of AI infrastructure, that's really with hyperscalers and model builders. But AI is coming to a data center near you. You're going to start deploying infrastructure for AI workloads. And, you know, that's what we're here to try to make simple. So one of the things you
[00:17:49] Tom Gillis: heard G2 and Chuck talking about this morning on the keynote is that one of the things that makes Cisco special is that we build our own silicon, our own optics, our own systems, our own OS, the whole package. And I think one of the best examples of what you can do when you control the whole stack is dealing with both an AI network and a traditional network with the same set of equipment.
[00:18:11] Speaker 3: Same OS, same controller, same operations and management, and just we're trying to make it simple for you to bring these AI workloads into the data centers you've been deploying for decades.
[00:18:19] Tom Gillis: So a Nexus switch can run either in front-end mode, where it's doing the networking that you know today, or if it's doing GP to GP communication, it's back-end mode, and that's programmability that we use in Silicon One. But it's the same Nexus OS, the same management, the same hardware.
[00:18:34] Speaker 3: We can do different things with load balancing to handle elephant flows and stuff that may make more sense in a training network. We might want a different set of characteristics when we build out an inference network or something else, and we could do that with that same programmable piece of hardware.
[00:18:46] Tom Gillis: So let's think about the back-end networking dynamics. Describe the scale-up, scale-out.
[00:18:51] Speaker 3: Yeah, so we talked about back-end. You have to connect a ton of GPUs together. We call that the scale-up network that's usually done within a rack, but you're going to start connecting multiple racks together, and you're going to need to connect racks to storage, and that's what we call scale-out. So that G300 chip, I don't, everybody has chips but me, by the way, and I'm the one that builds them and sells them.
[00:19:10] Tom Gillis: But that chip's so big, you're not just sticking it in your pocket.
[00:19:12] Speaker 3: Yeah, so the thing G2 has, I mean, that's a 100 terabit ASIC. You can build a couple RU, depending on liquid cooling, air cooling, 100 terabit device, and you'll put tons of those in a rack, and you'll use those then to scale out across racks as well.
[00:19:26] Tom Gillis: And we can still air-cool that thing.
[00:19:27] Speaker 3: Yeah, we can still air-cool for at least a little bit longer. A little bit longer. You'll see a lot more liquid cooling in that space soon. But then, as we start to build out these massive data centers, you can have tens of thousands, maybe 100,000 GPUs in a data center, and then you have to start thinking about how these are going to connect across data centers. And so we built a completely different set of silicon that we call P200. It allows us to do scale across, but when you're going across fiber, you now have to connect this with optical and optics technologies, and we have that too.
[00:19:53] Tom Gillis: Yeah. I've been a computer science person since way back in the '80s, and I went to school in Boston, and there was a company called Thinking Machines, I remember Danny Hillis, and they were building these kind of symmetric multiprocessors, and I thought, "That's so badass. It's so cool." What? 40 years later, it's happening. AI applications, but we have customers that are actually building one application that's so big, it spans multiple data centers.
[00:20:15] Speaker 3: Yeah, think about it. Like every computer problem you've ever solved, these things are going to start to scale up to the point where we get outside the bounds of the sheet metal that we can build, and so we have to start thinking about compute and storage and networking and optics as a large system, and that's the beauty of having all these components, is we can put them together in ways that we couldn't put them together three or four years ago and enable some of these things to happen.
[00:20:36] Tom Gillis: And if you're watching Cisco stock, you'll notice it's been surging, and a large part of it is because these large-scale infrastructure providers are looking for that integration that we're able to deliver with routed optical networks, and it creates an enormous amount of efficiency.
[00:20:50] Speaker 3: Exactly. So you think about the number of players that can bring silicon and optics and build systems, a layer of software, bring in security. It's a small number, and that's really what we're here to do.
[00:20:59] Tom Gillis: Yeah. You know, I know I'm dating myself, but back when I was a hardware engineer, I had a Mac SE30. Remember the SE30? It was this kind of cool little box, and everything about that box was good. The silicon, the operating system, like the little display, even like the cables that you plugged in and out. It was just really thoughtfully put together. It's kind of the perfect analogy of what we're talking about.
[00:21:20] Speaker 3: Exactly, and that's that full-stack offer that we're trying to build.
[00:21:22] Tom Gillis: Yeah, yeah. So it's exciting. Kevin, thanks so much.
[00:21:24] Speaker 3: All right. Thank you, Tom.
[00:21:30] Tom Gillis: Okay. I want to show you some other examples of the power of the platform, like the magical things, the problems that we can solve by integrating these pieces together. One of the problems that we can solve is if you think about Kubernetes networking, it's all built into the platform layer. Okay? So a Kubernetes pod can have lots of little containers that are talking to each other. Then you have the network fabric, and it also has insight, but the two are almost completely separate. So if you're a network administrator and you're looking at a Kubernetes cluster, you know what you see? A blob, an IP address, right? Just one thing. By integrating the isovalent Cilium container network interface into this Nexus fabric, all of a sudden, the blob comes to life. It's like going from black and white to technicolor. And so we can see, oh, this Kubernetes cluster is actually lots of little services. And let's say you want to deploy a policy like a PCI. If that application spans both containers and VMs, you now have a single place to implement policy that can run across VMs, containers. That policy can extend across a private cloud, across a public cloud. That's the level of insight and integration that we can create with this platform effect. Let me give you another example of this. So as you start to think about VMware and VMs, I spent five years working at VMware. I think everyone knows what's going on at VMware, right? So many customers are saying, huh, what's life like after VMware? Well, as you think about your migration, many customers are saying Kubernetes is the orchestrator that is going to define the data center of the future. But I've got 10,000, 20,000, 50,000 VMs, and those aren't going anywhere. Right? And so the process of migrating those VMs into Kubernetes, Kubernetes is very capable of running a VM. But the hard part there is the networking. Okay, so what VMware did really, really well, and my team worked on for years, was making it so that a VM could come up in vSphere and it could talk to all of its buddies, all of its peers, without any knowledge of the physical infrastructure underneath. So now I want to move that VM out of vSphere one at a time. I want to take one VM and I want to move it into Kubernetes. It needs the ability to reach back and talk to its peers. And this is capability that we unlock with that isovalent networking stack. And so we have the ability to allow a VM to come up and convert in a Kubernetes environment without changing the IP address on the VM and allow it to smoothly talk back to all of its peers back in the vSphere environment. So this is another example of the platform effect that allows your nexus infrastructure to be the backplane that can manage tomorrow's workloads, like GPUs and AI infrastructure, today's workloads, which I'll argue are all container based, and also yesterday's workloads, which are all VMs. One set of infrastructure across all of that, one set of tools to manage it. Now, more and more customers are looking for a full stack solution in the data center. And again, this is something that sets Cisco apart. We also have compute. And we've recently refreshed the product line. We've done a ton of work with our partner NVIDIA to deliver a GPU enabled systems. We have smaller systems for inferencing. We have big, large systems for training. And one of the more exciting ones is we have a box that's specifically tuned for edge inferencing. So you can put this box out and you can you can populate the individual sleds as your needs change over time. And when we talk about this full stack, we realize that it's not just Cisco software, right? So we've got all the necessary partnerships to deliver a fully working solution, right, pulled together in what we call AI pods. So an AI pod is a combination of hardware and software where we take all of this complexity of AI networking and integrate the security and deliver that as a full solution that comes by the rack. And a great place to start here is to think about what application would you run with an AI pod? We have AI pods that are tuned for Splunk. So we've done all the sizing and the pre-calculation to make this easy to use, as well as for AI defense. The other piece of news we have at the show is we're bringing a higher level of automations. We're bringing that cloud experience into the data center with stack automation powered by QALY. So stack automation gives you templates that allow you to say, I want to do an AI pod. I want to do, you know, an inferencing cluster. And you literally just click on the template and it'll do all the hard work of lining up the right drivers, provision the metal, bring the system up, create that cloud experience, a single click that allows you to deploy. Now, as we start thinking about this integrated solution and we start deploying more application services, the model is going to be a critical part of all of that. And so a capability that we have that has gotten a lot of attention is the ability to prove the security of the model itself. And that's what we call AI defense. AI defense will red team the models and make sure that if it's a new model that just came out, that there's no unwelcome surprises included in the model. It'll do all the supply chain and verify the integrity of the AI components in your software. And we just announced with the show here, the ability to provide the same security controls for agents that are running. So true integration of security into the network infrastructure. Now, as we think about the security in your data center, the foundation is really, really important. So we have physical trust anchors in the hardware, secure boots, signed images. We've had that for a long time. We've recently announced that all of our new products by the end of this calendar year will be post-quantum safe. So we've updated all the crypto algorithms. And of course, we have integrated capabilities like DDoS. So all that is in our foundation. Building on top of that foundation, firewalls are so integrated into the network, in this post-methos world, segmentation is going to become really, really important. And here's why. When I talk about thousands of vulnerabilities, it is not reasonable to plug all these holes. We're going to give you the best possible tools to help you go around and chase them as rapidly as possible. But you have to assume attackers are going to get in. That's a zero trust principle, but it matters more than ever. And so assuming an attacker gets in, the imperative for us together is to limit the blast radius. And a great way we do that is with a distributed firewall. So having the ability to put firewalls everywhere, that's what the hybrid mesh firewall is. And one of the unique tools that we have that is now ready, and we're actually going to be showing it live on the system stage, on the main stage tomorrow, is a smart switch. So a smart switch is like a single device that has two personalities. It's got a networking personality where you want to carefully manage any changes to that network operating system we talked about. Security personality is almost the opposite. You want to change that thing all the time. And so a smart switch has security processing with a DPU and network processing, and they meet in the box. And so the net effect of this is it makes it super easy to put a stateful layer four firewall kind of everywhere. And this is going to be really, really important in that post-methos world where we need to put more and more boundaries in place to limit the blast radius for the inevitable problem that is going to arise. So to talk a little bit more about the experience of dealing with smart switches and LiveProtect and Isovalent, I'm going to invite both Dan and Davin to come up on stage.
[00:29:11] Speaker 4: Davin, good to see my friend. Dan? Dan, why don't you introduce yourself and then Davin? Sure. First, hey folks, my name is Dan Wellent. I was the CEO and co-founder of a company called Isovalent. So we're the company behind eBPF, Cilium, Tetragon, a lot of the technologies Tom's been talking about today. So Isovalent really started out and focused on networking and network security for Kubernetes environments. But now post acquisition, we're really focused on bringing those same capabilities everywhere in the Cisco portfolio. So Davin, I wanted you to first have a chance to quickly introduce yourself, talk a little bit about your background and your role at ServiceNow.
[00:29:48] Speaker 5: Yeah, so I'm Davin Kamaras. I'm the Group Vice President of Cloud Infrastructure Engineering. So I lead all the networking data center and physical hardware teams at ServiceNow. I'm a networking geek at my core. I've been going to Cisco, you know, Cisco Live since it was networkers. I'm also the product of Cisco Networking Academy. So for anyone that's ever done it, I was CCNA at 16 in high school. So great opportunities, you know, all around Cisco. So you know how to break our stuff? Oh yeah. Oh yeah.
[00:30:15] Speaker 4: Well, my real first question was, have you ever gotten ice cream at a Cisco Live session?
[00:30:19] Speaker 5: Oh yeah. I've been bribed numerous times to come to it.
[00:30:22] Speaker 4: Well, either way, I hope they saved one for you because you haven't gotten it yet. But more seriously, I want to kind of, I think there'll be a lot of things we can touch on today. I always love talking with Davin because there's so many ways in which their view of the world and our vision for the world are just super well aligned. I want to start out though, talking about where we first kind of met, which was using isovalent in your Kubernetes environment. Yeah. So can you talk a bit about Kubernetes and how it's critical to your infrastructure
[00:30:45] Speaker 5: strategy at ServiceNow? Yeah, for sure. So ServiceNow is both, is a hybrid deployment. So we are deployed both in physical data centers and across three hyperscaler environments too. Almost all of our new workloads are Kubernetes based. And so we're using, our CNI is isovalent now that switched over. But all of our new critical workloads, everything like that's running within those environments. Getting consistency in those environments is our big challenge though. It's again, we run across four different types of environment, types of environments where we build that.
[00:31:14] Speaker 4: Yeah. And so that value proposition of kind of consistent networking and security regardless of what the workloads are running on-prem, cloud provider A, cloud provider B, that's really kind of the very core value proposition of isovalent. Yeah. And it's got to be like everybody's problem, right? That's not unique to ServiceNow. And so again, one other way I know that we're touching on that same problem is consistent observability. Right. And Tom kind of already hinted at some of those superpowers for observability that come with eBPF. Can you talk about some of the ways you're
[00:31:41] Speaker 5: looking at that in your environment? Yeah, for sure. So I mean, we're all used to network observability. We have packet captures. We have packet tapping. We have firewall logs and everything like that. What we're looking for is a lot more in-depth logging and notifications. So specifically not just on the network side, but also on the application side, on the executable side, and actually gluing that all together. Workloads in Kubernetes more and more, the IP, the port, the where it's come from is becoming irrelevant to us from our logging and our data. So we're looking at how can we get more data around what exact executable is being able to talk on the network or what exact pattern is happening for X customer or Y customer. And using that both in isovalent within Kubernetes, but then also in other environments too, is what's critical for us. Yeah. And so that ability for eBPF
[00:32:25] Speaker 4: to see very deep into what's happening in the workload, runtime stuff like processes, what's happening on the network, stitch it all together with the identity of who's doing that. What application is it in your environment? That's really critical. And I think kind of one of the next areas where our minds really, you know, jive together was say, hey, those are problems in Kubernetes, but not all of your infrastructure is Kubernetes. Yeah. And kind of the power of eBPF is it runs in the Linux kernel. So it's not limited to Kubernetes. We can bring it to all types of workloads. Yeah, that's exactly it. It's, I mean, if we look at our
[00:32:55] Speaker 5: Kubernetes workloads right now, we're maybe 10, 15% of our total workloads in is in Kate's today. A lot of the rest of our workloads, either on physical iron or on VMs. So what we're looking for is to extend that border of Kubernetes and how we're using isovalent onto that other equipment too, because again, the days of IP import based security and controls is different. I want, I want that Kubernetes goodness and isovalent goodness, but I want it on physical hardware and VMs on across our
[00:33:21] Speaker 4: whole network. And one other way that we're taking isovalent and eBPF and going beyond Kubernetes is Live Protect, which Tom talked about. And I think, you know, this is something that clicked with you very quickly when we talked about it. So can you talk about kind of why Live Protect is
[00:33:35] Speaker 5: important? So some of my members of my teams here, they can vent to the fact that we spend in an inordinate amount of time patching hardware all year long. Again, we run across, we're over 30 data centers worldwide. We're a large infrastructure that we operate today. Patching takes a lot of time. Also, when we're looking at the vulnerabilities that are coming out today, some of the ones that just got released recently, it's not, hey, look, we have like what we said before, you have 20 days, 30 days before people start, you're seeing activity on these vulnerabilities right away. So we're looking for ways of being able to mitigate this immediately. So we're live, live with Live Protect on two of our, one of our largest data centers here right now and running right now for exactly that, to be able to mitigate quickly, to be able to get that fire off that edge and be able to then patch. And you know, and again, we're an operation that has full automation for patching. It still takes us a long time to do code
[00:34:21] Tom Gillis: upgrades. But I want to reiterate something you just said. So you're in production, and we give you a shield, and you deploy it. What happens? Nothing. Nothing. Yeah. Right? Get that? That's the whole point here, is we have the ability to put these pinpoint controls in place, and it doesn't
[00:34:35] Speaker 4: disrupt your system. Yep. And I like nothing in the security world. Nothing is everything, I think, is the table. Exactly. Yeah. So the last thing I wanted to touch on is the smart switch, which Tom, and I know you've been a great development partner giving us feedback as we're building the smart switch and working through use cases. You know, can you talk a bit about kind of how you see, if we already can do network segmentation in the agent, what's the value of the smart switch in your environment?
[00:34:59] Speaker 5: For sure. So again, I've said that a couple times, IP and port-based security is dying. It is a dying approach. If we're looking at defense in depth, I love that I can have defense within the container, on the VMs, on the physical infrastructure. I want more layers of that. So what I, you know, my dream for the smart switch is I want to replace our perimeter firewalls with them. I want to replace defense in depth for something that can understand the tagging and the smarts that come off of the surveillance stack, off the servers and off the containers also too. So it's in our lab right now, we're toying around with and dreaming up how can we best build our infrastructure with those defense layers. But yeah, the smart switch is a great tool to be able to use, you know, for those enforcement
[00:35:40] Speaker 4: points. And part of the value of the platform, right, is you've got Cisco cloud control, right, which will give you a single policy layer, right, that spans the agent and spans the smart switch, brings that all together. So, you know, whether we're talking about Kubernetes or traditional workloads, whether we're talking about network or agent, getting all that telemetry into Splunk, like that's
[00:35:59] Speaker 5: really the power of the platform. Yep. The Splunk glues it all together. All this being there, that's our analytics platform that we use for everything. So being able to bring it all into there, bring it into one view and one view that's across physical infrastructure, the Kubernetes environment, the network stack itself is a great view. Yeah. Awesome. Davin, I'll say this to you and your team,
[00:36:17] Tom Gillis: we couldn't build this stuff without folks like you that are willing to take chances and help us make this stuff a reality. So thank you so much for doing that. Appreciate it. Yeah, thank you for everything. So as we start to think about the positive implications of meet those and the open AI models, right, the things that we can do to help make our products really transformative, I want to take a step and just think about imagine a world if you could observe every little tiny detail of what's happening in your data center. Imagine you could look at every single transaction east-west and zoom down to that level. Look at every single process that is initiating a connection and every single process that's terminating the connection. We have that data. That data exists. We have the ability to see that stuff, but it's been a hundred, maybe a thousand times larger than it was possible to ingest until just recently. And so now all of a sudden with this AI tool sets, these, this level of detail becomes a reality. And the way that we think about this really comes at the intersection between Cisco and Splunk. And so in the old model, we would try to take log data, syslog, and throw it into one big giant data lake for analytics. And the problem with that is that's not free, right? So building this data lake gets bigger and bigger and bigger and ingestion is expensive. And so rather than having one monolithic data lake, imagine if we could distribute the system and break it up into local data repositories, data pawns, and you might start with two and four and eight and 10. So more and more of these local data repositories. And each one of these data repositories will index the data locally, and then we make that index available for Splunk globally. So it's going to give us that east-west visibility, allow us to see with that pinpoint accuracy. This process is talking to this process. We'll be able to see that without driving some gigantic ingestion that's just not scalable or economical. Now, two years ago at Cisco Live, we announced a program. We said, look, if you're using Cisco firewalls, we won't charge you for the ingestion. The ingestion is free. What's better than free ingestion? It's kind of like, what's better than free ice cream? What's better than, this analogy does not hold at all. What's better than free ingestion? No ingestion? What's better than free ice cream? No ice cream? That analogy doesn't quite work, but you get the idea. By federating the Splunk capability into the Cisco firewall log manager, we store those firewalls locally on just low-cost storage with S3 buckets or low-cost storage on-prem, and then Splunk can access it without having to ingest it. And so this is available for Cisco firewalls, but we're also putting it in other types of equipment. So we're putting it into the Nexus dashboard. We're putting it into isovalent. So having the ability to look at these individual traffic patterns in that fine-grained detail, this is going to be a transformative capability in terms of security. Remember, post-methos world, assuming you've been breached, we're going to be able to identify the lateral movement of an attack, but also operations. The application is running slow. We're going to be able to see in incredible detail why. Where's the problem? And in fact, we're building AI tools to make even that investigation easier. So you saw this morning in the keynote, we showed a lot of demos of Cisco cloud control. Pulls all of our products together, security, networking, infrastructure, all into one consolidated view. We've got common policies. We've got one single unified login. This is truly, where's my Gartner friends? Seamless. He was telling me, don't say that so much. A truly integrated view. Now, let's imagine there's a problem. Let's imagine that somewhere in the applications team, they notice, hey, the application is slow. Now, if you're on the network team and the app team calls you and says, the application is slow, what do you think the answer is? Well, call the compute guys, right? And if you're the compute guys and you get the call that, hey, the application is slow, whose problem is it? The network team, okay. So we solved this problem with automation. So the app team can say, hey, there's a problem with my response time, right? Response time has suddenly gone slow. The AI tools, the agents will go through, they'll analyze the problem, they'll understand telemetry, pull it together and say, I'm going to launch an investigation. Now, as part of this investigation, I think we need to bring in the network team and the compute team. And so AI Canvas is a multiplayer tool that allows all three parties, the app owner, the server team, the network team, to be looking at the same set of data. So we invite, and this is all working in the same interface, and it's what we call a generative UI. So we grab all this data from disparate different systems, pull it together and present it in a comprehensive view to all parties. This is an example of how we can use AI tools to make your day-to-day life dramatically easier. So upgrading the infrastructure, troubleshooting the infrastructure, powering these crazy AI applications, all of this is possible with the products that we're talking about today. Not like someday over the rainbow, but like everything we've showed here is either shipping now or in beta, and we'll be shipping by the end of this summer. So really exciting time. Now, last piece of the puzzle here is we need to think about the impact that this has for our service provider customers. And so I'm going to invite one more guest up here. Guru, come on up and let's talk about the impact of AI on service provider production. Yeah. I'll give you the clicker, my friend. Yep. Perfect.
[00:41:50] Speaker 6: Thank you, Tom. And hello, everyone. So at this point in time, inferencing has surpassed training when it comes to compute and network traffic capacity, right? All these agents we've been talking about, this whole agentic economy, those agents need to talk to inferencing clouds and all of that happens over a distribution network. And service providers are the ones that provide the distribution network, right? In almost all cases, all of that traffic goes over a service provider's network if it's not staying on-prem. And so we believe that service providers have a massive opportunity in this whole ecosystem. And there are two main ways in which this opportunity manifests. One is connectivity, right? They have the ability and the opportunity to provide AI-ready connectivity to serve all of these agentic applications, whether they're consumer or enterprise. We're seeing it now. Data center traffic, it's surging, right? And Jitu presented some interesting stats in the morning as well. We are seeing agents create 450% more traffic than humans. Inferencing is growing 10x year over year. So this is happening now. But that's not all, because there's another opportunity for service providers, which is to lean in and leverage the assets that they already have, which is power, space, fiber, to actually offer these inferencing services themselves. And we're also seeing this happen. When we talk about NeoClouds, there's an explosion of NeoClouds. It's seemingly there's one every week. They are racing to fill this gap of providing inferencing cloud infrastructures. Service providers can absolutely compete in this market because they already have natural advantages with the assets that they already have. So those are the opportunities. What we are doing at Cisco to help them realize success from this opportunity is we've actually reimagined our entire portfolio. First infrastructure, brand new infrastructures, Cisco 8000 built on Cisco Silicon One for our service provider customers. And then we have implemented a whole bunch of new technologies and enhanced technologies like segment routing. You've refreshed almost the whole product line, right? The entire product line is brand new for service providers in the last two years. And it's complete now. It's available, shipping, technologies like segment routing, programmability assurance, all of the capabilities you need to connect and provide an AI-ready infrastructure. That's in place now. And the third important piece, you cannot operate an AI-scale network without AI-driven operations. So we have agentic operations also in our cross-work suite, which manages our service provider networks. And that's not all. We're also embedding a lot of security capabilities like LiveProtect. So as I said at the beginning of this, the
[00:44:24] Tom Gillis: the inspiration behind LiveProtect really came from service provider experience, right? So we built this thing to just to meet carrier grade use cases. And so we'll be embedding it into all Cisco products,
[00:44:35] Speaker 6: including our routers. All of our iOS XR, Cisco 8000 and existing products. Yes. And an important
[00:44:40] Tom Gillis: detail, I'm not sure if I made this clear, it's a software feature. It doesn't require a DPU or special versions of hardware. So it should work on most supported hardware configurations. There may be some corner cases, but especially in your world, stuff's going to work. The hardware's beefy enough to run all that software.
[00:44:56] Speaker 6: Exactly. It's a release upgrade. Yep. And then we leverage not just our infrastructure, but also everything we talked about earlier, the data center equipment that Kevin and Murli talked about, you alluded to it, all of the security. And we are able to bring these together in an architecture that our service provider customers can use to actually start offering things like sovereign cloud, sovereign AI factories, and so forth. So we've thought of not just the network, but how do we connect all of the assets we have in Cisco so that it becomes easy for our service provider customers to offer these kinds of services and monetize and grow those RPUs that have been stagnant for the longest time? Yeah. And then one last piece, I want to double click a little bit on this because this is so important. We have invested -- Cisco Crosswork is our suite for our service provider customers. What we have done is embedded an agentic platform in it. We have a number of agents we've released. You can go see them in the world of solutions in the secure global connectivity area. And this is now up and running. And the other thing we are doing is just as we have put together a reference architecture to connect all of our infrastructure together, we are now embedding Crosswork into Cisco Cloud Control so that you can get that multi-domain management through one single interface. And this is coming soon as well. So go check it out. It's exciting stuff. We are really proud about it and looking forward to working with you all and
[00:46:10] Tom Gillis: getting some feedback. Awesome. Guru, thanks so much. Always a pleasure hearing from you, my friend. Okay. One more important order of business. So we're giving away some Apple -- not only ice cream, we're giving away a few Apple watches. Okay? So here's how it works. Reach under your seat. If you find old chewing gum, don't eat it. Okay? But if you find the Willy Wonka golden ticket, pull it up and wave it. Now, if you're a Cisco employee and you find one of those tickets, that means it goes to me. So there's one there. Wave your ticket. I think there's a handful of them. There's another one over there. Okay? You've got the watch. Thank you all for coming. Enjoy your ice cream. Those that got the watches, have fun. Yeah. Thank you.
[00:47:06] Speaker ?: Thank you.