Caption: Galeal Zino – Network industry visionary and Founder & CEO, NetFoundry

Thought Leader Perspectives
~ Software is the Key to Secure Cloud-Native Networks ~
NetReporter interviews Galeal Zino

According to NetFoundry we’re entering a new era of networking and business, an age of software defined everything, highly distributed applications and faster-paced innovation. The downside is greater complexity and ever-increasing security threats.

If business creates the necessity for massively distributed computing power, the cloud creates the opportunity. But, argues Galeal Zino, founder and chief executive officer of NetFoundry, today’s networking paradigms, made for a world of cables, switches and centralised data, no longer work.

NetReporter caught up with Galeal to find out more about his vision of the future network.

(NetReporter) Perhaps we can start with your reflections on where we are and where we’re going as we emerge from an extraordinary period for the planet and look forward to a new decade.

(Galeal) It was certainly a difficult 2020. As great as the magnitude of change has been, the business imperatives actually stay the same. The top imperatives are what they’ve always been – serve customers with excellence and continually innovate. Going forward, the most significant change to that imperative is now we need to do it at speed; now our customers, our partners, businesses around the globe, they need excellence and innovation like they always have but at unprecedented speeds.

(NetReporter) So are we just talking about the accelerated changes we’ve seen in the past 12 months or something more profound?

(Galeal) I would go even further back than 12 months. Certainly, with Covid-19 it has been accelerating as you’re implying. But if we go back, the whole software eats world concept has really started to happen. We are now in the software world. Only ten years ago, maybe fifteen, most businesses were using software. Now most businesses are software. That’s a huge difference.

(NetReporter) In the twentieth century Sun Microsystems said “the network is the computer”. Do we need a new slogan for the twenty-first century – perhaps “the network is the business”.

(Galeal) That’s exactly it. The distributed compute vision in which you can use compute everywhere – from an end point let’s say on your phone, to an edge, to the cloud – it’s really all about continuous distributed compute and, yes, I believe we’re getting closer and that’s why the velocity is going to be at levels that we simply haven’t seen.

(NetReporter) Simplicity is a term that features strongly in NetFoundry’s pitch to customers. But when we talk about the cloud we’re in a world of jargon and complexity. How do we reconcile the two?

(Galeal) Cloud to me is simply a means to an end, not an end in itself. If we think about the end-goal, what the user really wants is to enable distributed compute at scale with agility and cost efficiencies. So cloud is a means to that end. As a user the cloud gives me the compute infrastructure that I need. It virtualises it, gives it to me as abstracted, programmable software.

Today that paradigm primarily exists in classic cloud – hyperscale data centres. Increasingly though we’re doing it everywhere. The compute is actually becoming distributed, for example with edge. So now we have all these different terms flying around based on where the location is for those compute resources, so you get all these different types of cloud. I would keep it as a means to an end rather than talking about where all this compute is occurring.

(NetReporter) Tell us a bit about the NetFoundry term of choice. What exactly do you mean by cloud-native networking and why does it matter?

(Galeal) Fundamentally the cloud virtualises compute and storage infrastructure into programmable software – awesome. Cloud native networking builds upon that and actually does the same virtual trick. We virtualise and abstract networking infrastructure into programmable software. That’s important because when you combine those two and you have virtualised compute/storage infrastructure and you have virtualised networking infrastructure and they’re both programmable software; now the whole stack is there. That’s how we build on cloud and why cloud-native networking itself is so important to the industry.

(NetReporter) It’s a simplistic point but perhaps worth making that the way we think of cloud, as a single entity, can obscure the role of the network and networking. But we don’t just connect to the cloud and it’s job done, do we? What about the world of complexity inside and between clouds?

(Galeal) When the whole stack is programmable software including the compute, as edge and the technology curve in general continues to accelerate, the compute becomes more distributed. Today it’s fairly centralised in classic hyperscale data centres. Tomorrow it’s exceptionally distributed and therefore the network that connects that distribute becomes important. At that point we believe it has to become cloud-native because how else is the network going to keep up with software at scale other than to be programmable software at scale.

(NetReporter) You’ve talked about a world where for customers the network is no longer all about cables and switches, but software. Does that mean it’s also inevitable that we change how we pay for networks?

(Galeal) It’s about flexibility. Businesses want to focus on their core product and their customers, so as-a-service gives them that type of flexibility. In our case we provide two options. Customers and partners can consume our platform as a turnkey service – NaaS or network as a service – built on top of the NetFoundry platform, or customers can take our open source APIs/SDKs and they can use that as their mechanism. We believe that flexibility allows businesses to make the choice that makes the most sense for them. Given that cloud-native networking is terribly new, NaaS has had tremendous uptake – like serverless to draw a rough analogy – but increasingly we’re seeing a number of customers using our open source software directly.

(NetReporter) So does as-a-service consumption of networking, storage, compute power and so on do anything to improve the value proposition for customers?

(Galeal) At the end of the day, yes. The software licensing and the on-prem software created a lot of friction, dependencies, complexities that created cost and time that weren’t being focused on the customer and on innovation. It’s difficult to manage servers in your DMZ, in your private data centre, and when you can have others do that at different scales then it simply frees up that time and that capital for you to invest in your customers and your innovation.

(NetReporter) You’ve talked about how even in the cloud we’re still in a relatively centralised world. As we start to see the roll-out of more distributed capability aren’t we also in a space where security has never been more difficult?

(Galeal) Absolutely. There are two vectors here and both are critical. Number one, security has never been more difficult – that in itself is a challenge. Number two, the other vector here, security has never been more important to businesses. The world today is connected software. I’m pretty confident that you can take that sentence – security has never been more difficult and more important – lock it away in a box, take it out ten years from now and it will probably still be true.

This is not a point in time discussion, this is the challenge for the foreseeable future. We need to recognise that. We need to recognise that this is not a time to try to build a better mousetrap, this is not a time to band-aid, this isn’t even a time for clever engineering solutions. This is a time to re-imagine the solution to fit that type of challenge.

In our opinion, it’s actually eliminating the concept of the network providing the security. That concept doesn’t fit where the world is going. We believe – and others believe – that zero trust is the heart of that new approach. And not just zero trust networking but zero trust all the way from layer one through layer seven [of the protocol stack], zero trust as the organising principle for security.

(NetReporter) Let’s talk a little more about what you mean about zero-trust. As you’ve said, this is not a job you do in the network. It’s not about putting police checks on the road or a guard on the door. It’s security throughout, right?

(Galeal) The simplest way to describe it is secure by design. This is a concept we’ve used in other areas of cyber-security for some time and it makes a lot of sense. Unfortunately in networking, the security approach has been to trust the network, to fortify the network, to make the network trustable, to make the network secure. Zero trust purely and simply says the opposite. It says we need secure by design applied all the way from layer one to layer seven, which by definition means you can’t trust any of those layers by themselves. You need actual identity authentication and authorisation.

(NetReporter) Will we look back at the early years of the 21st century and laugh at how primitive our security solutions were?

(Galeal) Network security is a bit behind. Now there’s been a lot of clever network engineering to try to compensate for some inherent deficiencies, including deficiencies in the Internet itself, certain protocols, etcetera, and we’ve been able to get away with that. We’ve used clever engineering to keep our software secure, but the world is changing: it’s going to the distributed compute at speed model that we talked about earlier. In that model you have to have a zero-trust, ultimately ML [machine learning] and AI [artificial intelligence] powered programmable software approach. That is going to be quite a sophisticated solution and it might make today’s solutions look a bit rudimentary, but the reality is they were designed to solve different problems.

(NetReporter) So we need to start by getting the network up to speed with the security challenges you’ve described – the speed of change, enormously distributed systems – but what customers would like to hear is that one day this will be solved. Is security winnable, Galeal, or does the threat curve always follow the technology curve?

(Galeal) The security threats only continue to increase mainly because velocity continues to increase, distribution continues to increase, sophistication of the bad actors and the technology and tools that they have continues to increase. So when we talk about eliminating threats, some of that frankly is vendor-speak. Go look at an SD-WAN or firewall vendor website from a few years ago. Back then they would have said my technology is going to end your security problems. You look at the same websites now and they have a completely different solution, they talk about cloud-native and zero-trust networking aligned to SASE principles – lots of terminology – and that change has only taken a few years.

In five, six or seven years from now are those same websites going to be talking about a different solution? Of course they are, because the challenges are going to continue to change and the threats are going to continue to increase.

(NetReporter) So to wrap up this conversation, looking at the immediate horizon, the next year or two, what do you see as the big opportunities and challenges for NetFoundry, your customers and the wider industry?

(Galeal) For all of us it’s about excellence and innovation with speed and scale. Security is both an opportunity and a challenge. It’s an opportunity to reinvent the way we attack the problem – with zero-trust, SASE and so on. It’s the same for cloud-native networking. Just like cloud compute it comes with many challenges, but when you combine cloud compute and cloud networking, then you have the type of technology that enables this world that you alluded to earlier, which goes all the way back to Sun Microsystems, and gives you the basis for distributed, continuous compute. It may be difficult to overrate the levels of innovation we’ll see once we have that kind of distributed compute world.

Interview conducted by Julian Patterson, podcast host and writer at NetReporter

Call for Papers

  • About You

  • About Your Paper Submission