Watch the Juniper Networks and Dell Technologies podcast to learn how your organization can meet Zero Trust requirements by establishing and managing user access to critical data centers and IT infrastructures. Learn about Juniper’s Apstra solution to establish a holistic approach to Zero Trust networking.
Anthony Jimenez
Welcome back to care cast the podcast from Carahsoft, the trusted government IT solutions provider subscribe to get the latest technology updates in the public sector. I'm Anthony Jimenez, your host from the Carahsoft production team. On behalf of Juniper Networks, Dell Technologies and Carahsoft, we would like to welcome you to today's podcast focused on data center security. Greg Bensimon. Data Center architect David Ullman, Enterprise Solutions Architect, Scott Robohn. Consulting CTO, will discuss the intricacies of establishing and managing boundaries within data centers, and IT infrastructures in the era of Zero Trust.
Scott Robohn
Welcome everyone. This afternoon. We're glad you're here with us. We're here today to talk about what Zero Trust is doing to impact IT infrastructure, especially in data centers. We use the term Zero Trust fairly loosely, but there are underlying mechanisms that product providers and solution providers like Dell and like Juniper, use to enforce Zero Trust architectures. And Greg, Dave and I are gonna have some interesting conversation on that front today. Let's introduce our panel today. Dave, can you go first, please?
David Alman
Absolutely. My name is David Alman. I am a Enterprise Architect at Dell under the federal group, and under which the strategic programs group specifically. So what we do is we augment BD and capture from a technical perspective, I cross over all of the Dell portfolios as a company, but also all of our OEM partners, all of our strategic partners and support Dell federal from a global perspective. Great.
Greg Bensimon
Thanks, Dave. And Greg, yeah, I'm Greg Bensimon. I'm with Juniper Networks. I am a data center architect, out of the cloud ready data center business unit at Juniper, usually attached to the US federal government, I was a federal SOC with a Juniper for a number of years before I took this role. My job is really one right now of being an overlay and supporting the account teams working through sales motion, but also helping with design and making sure that what we present to customers really is the best solution for their needs. Over the course of years, I've done lots of things. I've been experts at everything in Juniper at one time or another, the last decade or so has been data center. But I've got background in in Wan and security and just about everything that you present or touch.
Scott Robohn
Great. Good to hear how you both fit in here. And you know, it's been a real pleasure working with you both and getting ready for this. Let me start out with some framing thoughts on Zero Trust and its impact on the data center. You know, on one hand, I'll make a statement that might be a little controversial. Zero Trust isn't strictly Zero Trust, there is a chain of building blocks that go into any system in it and networking and data center infrastructure, where we are trusting elements and certain mechanisms, you know, here on Juniper equipment and on Dell equipment and the software that runs on their systems. And we view them as trusted we accept them as trusted. So when it says Zero Trust is a helpful simplification, that makes a specific point. You know, we used to talk about perimeter security, and be very comfortable with as long as I can control the edges of my network and the edges of my infrastructure, I'm going to be just fine. And that's not adequate anymore. That's a concept that's, that's gone by the wayside. So we need to do some things differently to accommodate this critical change and, and be ready and secure infrastructure. All that being said, today, we want to discuss the specific impacts in the data center. And those contracts that are used to establish boundaries that support Zero Trust. We'll talk a little bit about how Dell and Juniper specifically support mechanisms and work together to provide holistic solutions here. As we were preparing for this discussion, it also became clear that we can't ignore the topic of artificial intelligence and how that's impacting datacenter infrastructure and growth. It's a critical emerging topic. We'll see how the conversation goes today. We'll get into it as much as we can. If we focus on the topic of Zero Trust first, Dave, and Greg and I have all seen this as an issue and all the systems and customers we engage with. So let's dig in here first. Generally speaking, gentlemen, what are your thoughts on Zero Trust? Greg will give you the floor first on this.
Greg Bensimon
Thanks, Scott. I think the thing we need to remember about Zero Trust is that it takes a pointedly endpoints centric view of the network. The principles are generally sound, I think, particularly for environments where you don't own the entire infrastructure, pure public cloud or hybrid cloud, the ideas about how we protect data confidentiality and integrity, both at rest and in transport, how we authorize and control access to resources, applications, data, that's all critically important. And I like that we're driving those requirements out of the network and into the endpoints themselves. And that's important from a security envelope perspective, of course. But also from a performance and scale perspective, if you think about something like encryption traditionally has been a computationally expensive, computationally expensive operation. So by moving to a model where every endpoint is responsible for securing the data for transport, we naturally scale the capacity of the system as we add endpoints. And the same goes for anti X technologies, right, the more of it that we can do on the endpoints themselves, the easier it is to scale a network. But the reality is also I'm an infrastructure guy. And we need to remember that infrastructure matters, I need to trust the devices in the middle of the network and between the client and the application endpoints. Because if I can't, or if I don't, then I have no chance of providing any service level guarantees. You know, We frequently talk about things like Zero Trust and defense in depth in broader terms as a hotel model, right, we can check people in and out of the front desk, only a few people have access to my room, and then only I have the code to the safe in my room. But the reality is that nobody's going to stay at a hotel where the power drops out for hours at a time. And the water out of the tap is brown and foul smelling. We need to remember that the quality of the experience matters. And because the quality of the experience matters than the infrastructure matters. And that means that my trust in the infrastructure matters. So how does that trust manifest? It means that I need to know how my infrastructure is built. What's my inventory of devices? How are they connected to each other? What's the current state of that infrastructure? What's up? And what's down? Where am I experiencing congestion loss or other quality issues? Have I applied proper hardening to individual devices in the network as a whole? And most important, I think, have I accidentally left something open that shouldn't be open? If I'm going to answer those questions accurately and confidently, then I need a reliable source of truth. And the source of truth needs to be accurate on any day, not just on deployment day. So to keep it in sync, I need to instrument the network in such a way that I can quickly identify when the network has drifted from its intended operational state. And then we need to be able to react in real time, whether that means reverting the network due to unintended changes, or updating the source of truth, because the demands on the network have changed, I have to be able to respond either way as appropriate. So Zero Trust is primarily about securing an endpoint and securing the data. It doesn't directly address your ability to operate. If you plan to provide any guarantees regarding the network's ability to carry traffic and to support the demands of your applications, then you really need to trust the network as well.
Scott Robohn
Yeah, totally relate to that perspective. And regarding source of truth. You know, just as an aside, I'm coming out of an event focused on network automation, where source of truth is hotly debated. And there is a view of having a single source of truth to be really good thing. But I think that consensus is becoming it's not achievable.
Greg Bensimon
You're going to have sources of truth. And you have to make sure that each one is going to, you know, is in sync, right? So that as you're automating over the top, right, that you're interacting with the appropriate source of truth for the from the appropriate domain. And you can only hope that those are in sync, you have to hope those are in sync. Right.
David Alman
I think there's also the validation of those sources of truth. Right. So not one thing, you don't have the fox watching the henhouse. And I think that's the kind of endpoint of the Zero Trust model. I mean, it taking a step back from it, I think that we've all been doing some sort of Zero Trust aspect of security for a long time. You've got complied to connect that's been around forever. Privileged Access Management has been around a back are back. These aren't new things. But they are core tenants of that, what over 150 controls that need to be validated to be Zero Trust compliant? And I think that when you back off of that for just a second and say, okay, well, I have been doing it. But what's the difference of what I've been doing versus what's considered Zero Trust today? I think that there's a gap that needs to be filled, and something that needs to be talked about, which is how am I being measured? What am I being measured against? The same way that you've been doing security for forever? Everybody has, right to some extent, but to be to be accredited, and to be security minded are two different things. And I think when you look at the measurement of how you're assessing somebody's compliance with those, with those with those things, that's where you start to get what have I been doing, versus what's considered Zero Trust had been doing an injustice to Dell, if I didn't bring up you know, Dell created, project four, zero was brought up at Dell Technologies world, it's the path forward for how Dell wants to deliver Zero Trust in Greenfield brownfield cloud and so on. You know, that aside, I'm not I'm not here to do a pitch plus, this is the this is me sharing my personal opinion and my personal views, but anybody that wants to go out there can See, it's not it's not hidden. But I think if I were to, if I were looking at what it is that my cohorts here, have positioned or wanted to dig into with Zero Trust, specifically, I understand that you've been going forward with security for a long time. The question is, how can we deliver something that's compliant in a way that gives you something to base off of and then build off of, because again, I think, right to your point, that foundation of I have to know where my equipment is, I have to know that I've got a solid foundation to build off of, it's that foundation that I think was the beginnings of where some of the ideas came from on hey, let's do this. You know, everybody has supply chain, management, checkboxes that they that they go through, I think that the thing that Dell does with their secure supply chain specifically, I know a lot of our partners, I know Juniper has supply chain, strings, and supply chain checks, as well along with others, not to leave anybody else out. But the thing that I've seen Dell do previously was really invest heavily in secure supply chain and ensuring that we knew where our products were coming from, so that when we loaded, our data centers up in our operating systems up and our, you know, started layering our partner ecosystem on top of our hardware, that it really gave us an ability to see kind of where that foundation was solid and how we could build off of it.
Scott Robohn
Yeah, that's a critical topic, right? Not just the hardware supply chain, but the software supply chain, and where things like open-source impact where code is coming from, you're right, much more to dive in on that front. Given that debut made the comment, you don't want to just plug your company's products. It's okay. Right. It's, it's, you know, we're all here above board that, you know, we have certain perspective, you're very, very customer centric, you know, both you and Greg and your solution architect, consulting SDE roles. Let's talk a little bit about the role of the vendor in Zero Trust and move into how do you do that together across vendor lines, and EO Who asked you to go first on this one.
David Alman
Appreciate it, I, I definitely think the vendor role is changing. Previous to coming to Dell, I was always customer facing at customer side, Dell is actually the first and only vendor I've ever worked for. And my role here is a little unique, I don't actually I don't sell something, I sell ideas, I sew solutions. So using partners and my partner ecosystem to deliver a complete and holistic set of products that are integrated, that actually fill a need are certainly teas of your key tenants in my role, I definitely try to provide value, I feel like me coming into a conversation if I'm not adding some sort of value to it, where you've got parts and pieces, but I'm putting them together in a specific way that helps build more whether it's limiting technical debt, or adding some sort of unforeseen addition to somebody's requirement that they didn't know that they needed. But they really needed being able to show that in either savings or operational savings are just some way making things better than I feel like haven't really done my job. And, you know, then I question whether or not I even added any value to begin with?
Scott Robohn
Well, one of the things that you've mentioned in the past, Dave, is you know, that the whole being larger than the sum of the parts in terms of multivendor operation? I don't know if you want to tease out any further.
David Alman
No, I appreciate it. Yeah, no, I definitely feel like vendors should be doing what vendors do. I am not a system integrator; I don't do the same thing as I used to do when I was a system integrator. But I also from a system integrator perspective, if I'm going to be adding value, I need to make sure that my partners, the people who are priming all of these contracts, they can actually focus their resources on what they need to be doing versus something that really a vendor should be doing. And I feel like the partner ecosystem, and really, you know, a vendor working with another vendor, or two vendors are the panacea, three vendors. But being able to work together to provide that piece that's missing in between and the connective tissue that really bonds, you know, two products or three products are, again, four products together, that you're talking about pieces and parts that traditionally, you know, old school would have needed an integrator to manually code and now, in my opinion, I think vendors have built enough automation and enough API language together to be able to do that with one another. And it should be it's supportive, there's no need to not be we should all strive to be 80% utilized. 90% and even.
Greg Bensimon
I'm gonna take cynical approach there. I'm not sure that we develop API's it with the interest of integrators or even customers as much as we have just being able to improve our own operational capabilities and speed. But I think that brings up a good point, actually, a couple of good points I want to dive into, you know, one, I think it was actually borne out by what we saw in the poll there, you wonder why people are sort of slow to say that they've gone to full Zero Trust, it's not really practical that to expect folks to be able to just rip and replace an entire infrastructure, the strategy really has to be one of evolution. And I think that's exactly what bears out in that poll is people are evolving towards a Zero Trust framework, you need to cap existing investments and technologies introduced new ways of doing things at the same time that you're doing all of that, really, it has become so complex in the last decade, that there's no single vendor that's going to provide you a nice Box with a bow on a Pio complete solution anymore. This all leads to a place where you're absolutely going to have to be heterogeneous as you modernize. And if you're going to be heterogeneous, then you can't speak, you know, one vendor language, you have to speak something else, some language at a at a higher level abstracted away from the devices themselves, as much as we talk about benefits of automation in terms of doing things faster, or maybe even just bounding problems, being able to use automation as a mechanism for expressing some ideas, some intent, and then having that intent converted into something that those individual vendor platforms understand is a critical, you know, end goal of what we do and why we automate.
Scott Robohn
Yeah, I think I might be getting a little ahead of ourselves here. But one of you in prep made the comment that made system design and product selection decisions based on information that we have, at a certain point. And we get new information over time. Right. And so automation is one way that can help us adjust to those changes. The threat landscape in security in particular is amazing to me, because there are always bad actors trying to do bad things, new ways. So if you like new problems to solve, welcome to the world of security and Zero Trust. I think we'll probably hit that more later. But all good comments, and that someone also made the comment about diversity with multiple suppliers and solution components in an ecosystem really allows an ecosystem to be more robust. And we can use the natural world as that analogy and transport those thoughts directly here.
David Alman
Interesting, you brought that up, I'm really glad that you did. Personally, and this is just my again, my own feeling. I feel like having that multivendor capability to be able to pull is why I kind of I really thrive on my partners and their ability to kind of fill in gaps, because again, the customer knows what their requirements are, or at least some framework, but transitioning from that to salient characteristics. It becomes a paint by number exercise on building what it is that they're actually looking for. And while there are products that offer some overlap there, I feel like there's not one thing to rule them all. This isn't the Thunderdome it's not to go in one leave. Right? One thing, I do feel like the ideas and the concepts of being able to work together and balance each other's supply chain and balance each other's capabilities, and offer a more in-depth pool to choose from really offers value, as long as again, back to the capability. We've got to utilize the systems. It's not good enough to be 20% utilized, but they're paying 100% of the cost. I just I find that that's not a viable path forward from a customer perspective.
Scott Robohn
Yeah, agreed. Let's move on to some of the biggest challenges that each of you have seen in implementing Zero Trust. And I'm not always a fan of superlatives, because it's can be hard to narrow it down to one hardest problem, or one biggest challenge. I'm going to ask you anyway, Greg, what's the biggest challenge from your perspective for implementing Zero Trust,
Greg Bensimon
I think not so much implementing but just understanding this is always going to be a moving target, there is no day we're going to plant the flag and say Zero Trust done. Congratulations. You know, for anybody that's operating a network and monitoring security network, you know that we're constantly watching how threat actors try to make inroads against us, we'll adjust our security posture to address those threats. And then the threat actors are going to adjust their tactics to address our changes. So this is always going to be a game of cat and mouse. And while we're playing that game of cat and mouse at the same time, the network demands are changing as well, right? Are we thick client or thin client this year? What's our breakdown of private cloud versus you know, public infrastructure as a service and software as a service? And what's that going to look like next year or five years from now? So there's really no end state. There's a process and the goal for this process, I think, is to be agile enough that we can fight the right battles today, and not always be fighting the last war.
Scott Robohn
Yeah, couldn't agree more. Dave, what about you?
David Alman
That's well said, I definitely I love the fact that single points of verification are called out in the Zero Trust world. I think that's great. I also it's that those years of development and accreditation and all chord security and you know, the principles that are behind Zero Trust that we've all been doing, you know, accreditation is to me, beyond the budget, the budget is going to limit people regardless, THAT'S IT departments that don't have enough money to keep up, they're always working, you know, scraping together what they can to do what they can, and mitigate risk as best they can, within that constraint. But I think from a federal perspective, anyway, looking at the accreditation process, and how long it takes to get something accredited, that by the time you submit, and go through the cycles, and get it accredited, it's already yesterday's solution for today's problem. And to your point, Greg, I think that being able to pivot off of that, and stay as agile as possible, because these threats are not slowing down. And if they're not slowing down, and you're solving for today's threat, and you're coming in tomorrow, you've already missed the boat, you're not helping as much as you are putting up a facade of, hey, look at all these things, I'm doing great. But I don't know that necessarily solves a problem, because tomorrow is going to be a different problem. And the day after, that is going to be a different problem. And if you're not flexible enough to keep up with it, you're continually Greg, you know, the last thing you said, you're gonna lose not only the war, you're losing every single battle you go up to now, I really think that you're, you've got to figure out better ways not just to implement it, but to operate, and that the operationalization of these things needs to be taken into account when you're talking about lifecycle. I think, you know, I don't know, when one of us had said this, or if we've said it now. But the idea that somehow we're moving forward, but not really I digress.
Greg Bensimon
If it takes 35 approvals to patch a software vulnerability, then you've already lost, right?
David Alman
It hurts.
Greg Bensimon
That's not really a technical problem.
David Alman
Absolutely. No, absolutely. And it's one of those, it just it hurts the soul, because you can put together the best technically capable system in the world that isn't being utilized, because it's taking so long to update taking so long to implement. So.
Scott Robohn
You know, this, this all begs the question. So what can I do within organizational constraints and procedure and approval constraints, to use new systems that can learn and adapt very quickly? Right, there's some cross purposes here. And if we think particularly about automation, and AI as kind of an automation on steroids, you know, how do we how do we make the best use of tools like that, in a security environment that requires very stringent checks and certifications along the way.
Greg Bensimon
You sort of need to pick your battles, you know, one of the ways that you do that is you have to start with the mindset where I'm going to push the envelope, I'm going to go out and try to break things and see where they break and try to figure out how to recover from that. Now, that might not be that I'm doing it here where I keep the crown jewels, but I pick my opportunities, I pick my places where I think the risk is sufficiently low, that I can go out and try something new and see how it works. And if it works, great. Let's figure out how to get it into the organization as quickly as we can. If it doesn't, we figure out why it doesn't. And we figure out how to pivot free now. But I really do think that even for enterprise IT, there's got to be some desire and appetite and demand for having that sort of an attitude going in and getting support to do those sorts of small projects on a small scale.
David Alman
Couldn't agree more. I think that the idea, I think people sometimes get scared of what the repercussions might be for a bad decision. And I think that, you know, people in general, especially in decision making places need to always remember like, this is a new day, there's new information, it doesn't mean that the information yesterday was bad, and oh, look at the failures. It's the Hey, in my opinion, anyway, look at the successes, look at the fact that I'm able to take in this new information, change my direction, very quickly. If there's a place in which I can test this out and vet it, I need to do an AOA, I need to get things ready to go I need what do I need to be successful today? Because the information I'm going to get tomorrow, it's going to change again. But at the core, there should be probably a thread that's through those altogether.
Scott Robohn
For sure. And on this point, Greg, as we talk about, okay, where do I Where can I bring in new tools and new mechanisms within this environment? And you had some interesting points on Well, we have systems that leverage AI today, and we have systems that absolutely do not, some are appropriate for different use cases. Can you speak to that a little bit?
Greg Bensimon
Yeah, so Yeah. So that was I think we were talking at that point about sort of what the role of AI ml was going to be. The reality is, we're still very early in that lifecycle. And honestly, I'm very curious about where the delineation of AI ml systems versus model based systems is actually going to shake out. No doubt. AML is an amazing technology, you see that every day, you know, with tools just even on the internet, like chat, GPT and stable to fusion, but then that wonder comes at a significant cost in terms of power and even human interaction, right? I mean, there, there are reasons that the truly remarkable AI tools run in the cloud. And why earlier generation ml tools look so disappointing. In comparison, the compute power required to simulate that intelligence is significant. I mean, even just, I'm working with a couple of agencies right now, that are looking at building out their own training networks to advance their missions. And they've just been floored by the cost of power space and cooling a 15 to 20 kilowatt rack doesn't get you very much. One of the nice things about working at Juniper, right is I've seen, I've seen both, I see AI ml solutions like mist, and I've seen smaller, more compact solutions, like apstra, which absolutely takes a model-based approach. So if you're not familiar with that apstra does, we're basically taking a small set of well-known system designs for datacenter, we're encoding that in graph database. And then using that graph as a digital model of the physical network we're going to build, so we instrument the physical network deploy. And then we can use the telemetry that we get from the physical network and compare that against the model to make sure they're in sync. And if they drift out of sync, then we have a very concise way to trace back where the problem is and what actions we should be taking on that side. The beauty of it is that it's a much more compact system, it's something that you can run on your own hardware in your own data center, you know, right alongside your vCenter instance, very different from what you would get out of mist and Marvis in the campus management space. So we have these two, you know, totally awesome tools completely different in their approaches to solving the problem for how you manage complex networks at scale. But you've really got to consider and understand what why you pick each one right? AI ML is great for environments where the environment itself is not really well defined, right. And it could be because the systems just to at regular thing, you know, campus and land designs often end up bending to issues like geography and where we have the physical plant much more so than a data center does, you know where it could just be that there are too many variables to even define all the degrees of interaction inside the system graph is great where the system is well understood, where you've got, you know, a small number of relationships or an easy to define number of relationships and interactions. But even here, we experiment we've got pots right now to see how we could take the marvelous conversational front end to mist and roll that into Astro. Instead of asking, Why does the Wi Fi suck today, you can ask why does the datacenter suck today and get useful insight out of that conversation could be things like applying AI ml analysis to traffic flows to better understand congestions points in the network or being able to predict optics and other hardware failures before they happen. And where does this all go? This goes back to like, what I would do as an enterprise IT person, you've got to look, you've got to think right what kind of things could be cool to try. And then I've got to look for opportunities where I can actually bear those out, not just in my lab, but in some part of my network. And this because of being a risk analysis as well, right? Find the opportunities to deploy these things at small scale, in a controlled environment, where you are interacting with real world, not just simulated traffic in your lab, because that's the only way you're ever going to understand whether these things bear out or not. But don't shy from that, that sort of learning is critical to the success of an enterprise IT organization. We have to try those things.
David Alman
Yeah, no, no, no, absolutely. So the stuff that I've been exposed to at least from internal, right, because there's internal and then there's external, I'm going to try to interweave within this amount of time. But the internal side, delt Dell has been doing a distributed analytics model for multiple years. And it's iteratively, changed names. It's changed design. Ultimately, it's still very similar. And it came out of healthcare. And it was looking at images of X rays to try and identify a cancer cells in, in lungs, you know, something very targeted, something very specific, but something else are very useful. And that changed. And then it you know, it morphed a little and then it morphed into health. And then it morphed a little over time. What Dell does have is an analytics anywhere model. And it's a distributed analytics, because, of course, analytics needs to happen with the data that's collected at the edge. And if you ship it back, then you have a data movement problem. And there's always a problem to solve to make sure that the outcome that you're looking for is actually solved by the solution that you're putting in place that is much more of an internal like how does in this case, how does Dell solve a problem with a product and you know, that was actually used for the Department of Health during COVID to try to identify where COVID outbreaks were coming in. And it had a very, very high success rate incredibly high. All of that is great using that same technology and incorporating and I think great to your point, identifying a problem. And then solving that problem with an AI based tool, you can get as creative as you want. Any image can be an image, any sensor can be a sensor, any, any series of sensors, you can have a large group of sensors and subset that as a sensor, I think that there's creative ways to implement. It's just on that cusp of being like, oh, what can we do with this, it's going to be, I don't know, we can do a lot with it. As time goes on. And things start really developing their mean people's expectations are growing so exponentially and what they're going to be able to do. And then I look at some of our partners who have already identified market space. Today, I was talking with someone who has a project that they're working at border patrol to do it use AI to interpret what someone is saying and have canned answers back that can give a pretty good indication on hey, something's wrong here. Or we've already done all of your question and answer, here's his document, or her document, they've already uploaded it, they did this, they did this, they're good. And to be able to identify those spaces, and really hone in on some of the value that you know, generative AI is going to bring is, I think it's the it's just the beginnings. I mean, there's so much cross correlation that can get done through an analytics platform, we're just scratching the surface, and it's always going to be Yeah, it's gonna be impressive to see where that goes where that where those things started linking.
Greg Bensimon
Even the language model stuff is interesting to me, I remember seeing a demo at this point about five years ago, where we used an Amazon Echo and Alexa device to interact with the junipers, Advanced Threat Protection back end and SRX, to be able to install firewall rules. And such, the idea sort of peeking my brain then and seeing what we're doing now with Marvis, because we always talk about the single pane of glass that's going to provide us, you know, this visibility to understand what's happening in our network completely. And I start to think that maybe the single pane of glass really isn't an actual pane of glass, maybe what we're actually going to end up with is some sort of a natural language model, where we can type or just speak and say, what's going on today, you know, is the network good? And, and be able to get feedback from that as to yes or no and have confidence in that.
Scott Robohn
I don't think that's a maybe I think that's a that's definitely going to be a manifestation. It's not one size fits, all right. And some people still might prefer the single pane of glass analogy, but that's only going to complement, you know, solutions that are already out there. Dave, I'm in 100% agreement with you on we're just scratching the surface, it's the iceberg is much more below the surface than the standard statistics within the case. And it's really interesting to me that, you know, not only has the emergence of cloud facilitated the development of AI, you know, we live in an environment now where we have abundant compute resource, relatively cheap. Whereas 1015 years ago, those large pools of compute were reserved to very high end organizations and companies at the same time, AI, whether it's for security applications, or anything else we've discussed here, is going to continue to fuel growth in the data center, impose new security challenges on the data center. I mean, you know, for anybody in the DC metro area, just go drive around in Loudoun County, and every short gray building with no windows. That's another data center. And of course, it's just loud and right. We need to try and land the plane here. So as we as we wrap up, again, let me remind our participants, if you have questions, now's the time to get them in there. I appreciate how, you know, maybe we're hitting all your questions as we go. But if you if you have any, please don't hesitate to pipe them in there are closing thought for the formal discussion here. And Greg, I'll ask you to go first, in a sentence or two, can you give us your thoughts on path forward for the Zero Trust and our AI topics?
Greg Bensimon
What I would say is that we need to focus on agility. I think when it comes to agility, and responsiveness and speed and all those things we talk about, the biggest challenges really tend to be organizational, not technical. I think organizationally is where we set the ceiling, the technology, the hardware, the software, the automation that sort of determines how well we're going to achieve against that ceiling. Every organization is siloed. There are reasons why those silos exist. There's usually lots of inertia preventing you from moving all the bricks in those silos. way you want them. So just make sure you're building the bridges between the silos and that you've, you're cluing in the right people at the right time, and that they're all plugged into each other. I haven't sat on site with a customer for a number of years now. But when I was doing engineering in the national security space, and the engineer sat on the third floor of the building, and I would make it a point to get up from my chair, and go sit down with the configuration management people and go sit in the NOC, and even just go drop in on an installation meeting. So that I understood the challenges that other folks inside the building were having, when it came to delivering the network that we were delivering, I built good relationships that way, it helped me sort of understand what was going to be coming up my way before it came to me. And it also helped us understand each other and how we operate in that way, we were able to move through a lot, you know, in a lot of cases, what ended up happening was, you had this organizational structure through your through your division chief or your group chief, and there was a lot of negative inertia going that way. And if you could just poke a hole into the next organization say, hey, I need you guys to be ready for this on this day, then it bubbles up for both directions, and everybody's ready. So be the one that goes and breaks down the silos, take an interest in the other folks and the other operations around you. Because at the end of the day, you're all fulfilling the same mission. And you all want to make the CIO happy.
Scott Robohn
And to put that in terms of how vendors can cooperate in that mode to break down silos, you know, the parlance of the day is API's and integrations. And you might accuse me of using a really goofy analogy, but the API between the silos be well documented on how you can connect activities that are going on in different parts of the organization. Dave, I'm going to give you the last official word on this. What's your thought on this moving forward?
David Alman
Greg, hit on something that I was going to hit on. So I'm gonna, I'm gonna pivot to something else, I'm actually going to take away perspective and a Zero Trust perspective, I think, Greg, you said in our show, right, keeping in mind that you're doing things that are Zero Trust today, continuing down that road and having trusted advisors and to come in and really not agree with you, but to really discuss solutions at a rate that isn't just about a sale, or about a betterment to them, or how they get more of their product. And but really, quite frankly, how do we get lesson to do more. And I think when we start talking about value to the customer, especially because again, as my job is, I try to look at the customer's lens, because that's kind of my job, I really try to look at it through an operations person's lens. And I think Greg, you had said, as an engineer, you went to see how operations actually use the stuff that you were engineering and installing and designing to be used, I did as well, I found it very odd when people didn't, because the impacts of that have so much more not to use word impact in but impact, because it's not just the technical, you're talking about the operational staff that needs to run it, the headaches of getting something extra, credited don't need extra there, you need less unique, consolidated, but consolidated doesn't always mean single point. So you've got this multi-vendor approach, that all has to get as simplified as it can keep a multi-pronged approach on XY and Z, and still be able to be maintained systematically and succinctly. And I think that when you sit there and you start talking about how do we move forward with AI, we've got an operations problem that we need to approach Well, what if you were to use something that is using AI to help with offloading, not the work and minimizing people, but being able to refocus and reallocate your current staff to be able to do things that they were actually hired to do? Or that you really need them to do? Instead of, hey, go in there and find me a problem? Well, what if we had something that within a statistical range finds anomalies for you, and maybe they're good? Maybe they're bad, but you're talking about a statistical probability at that point. And when you put your threshold at, you know, over 80%, or over 70%, it's a probability that that thing is going on. And then now you can focus these resources in a way that completely shifts my whole operational paradigm. And I think that when you start to think about what the chances and what the what the ideas of what can bring, it's just it's changes afoot. And it's, you're either going to be doing it, or you're gonna be watching other people do it going, why didn't I do that?
Scott Robohn
No doubt. Well, look, we've covered a lot of ground and there's much more to be said. Let's bring this to a close for now. Thank you very much. Enjoy your day.
Anthony Jimenez
Thanks for listening and thank you to our guests go Greg Bensimon, David Alman and Scott Robohn. Don't forget to like, comment, and subscribe to care cast and be sure to listen to our other discussions. If you'd like more information on how Juniper or Dell can assist your organization, please visit www.carahsoft.com or email us at juniper@carahsoft.com or Dell quotes@carahsoft.com. Thanks again for listening and have a great day.