Tim: 0:01

Welcome to the Cables to Clouds podcast, your one-stop shop for all things hybrid and multi-cloud networking. Now here are your hosts Tim, chris and A**.

Chris: 0:14

Hello, hello, hello. We are back again with another installment of the fortnightly Cables to Clouds news podcast, where Tim and I take you through a you know, a handful of articles that have come out in the last two weeks that we thought were relatively interesting and related to the industry, et cetera. Right, so joining me, as I just mentioned, is Tim McConaughey at Carpe DMVPN on Blue Sky. Is that right? Yeah, that's right. I'm still. You've had, you've had the same handle for so long.

Tim: 0:43

I can't believe you switched like you might, yeah, you know one gold bizcom has to be out there you know, I'm sure it's not mine, though if it's out there it's not mine.

Chris: 0:52

Well, that's what I'm saying. Just buy it, you should buy it.

Tim: 0:55

You'll find the poor side that has it and buy it from well, I did that, I so I'm.

Chris: 1:00

I, my name is chris miles at pgp main on blue sky, blue Sky, so I did buy that, just to keep consistent. So we're starting a petition today to get Tim to go out and spend the $10, or whatever it is to buy JuanGilbezcom.

Tim: 1:16

This is when I find out that it's actually a super famous name in.

Chris: 1:21

Latin America or something Someone's been doing squatting on it for like 10 years, just waiting for you.

Tim: 1:25

Yeah, or they've got like a really popular website and they won't part with it for less than a million dollars or something Probably.

Chris: 1:33

That's fine, we'll crowdfund it. We'll get it to you, man, we'll make sure you get it All right. So let's hop into the news for the last two weeks here. So we have a few articles to cover today. First one up is from SDX Central. The title of this is Broadcom Bounces VMware Operating Concerns.

Chris: 1:53

So this is an article kind of detailing how Broadcom has navigated the last year or so since the deal has closed for them to acquire VMware and I will say there's some relatively surprising points made in here specifically around them maintaining VMware customer loyalty. They are the earnings reports have come out that they're looking pretty well. Broadcom mentioned. You know there was a 196% increase from what Broadcom generated in the division of software infrastructure business. But to be fair, they didn't have anything really compelling prior to having VMware. So that makes sense. But the kind of customer retention was quite surprising to me, just because we've heard horror stories over the last, you know, six to eight months about customers getting the renewals and then being like 10 X more expensive and um. You know Broadcom is also called a bit of the um, the portfolio, a bit where it's like down to like three products right and there's no mixing and matching, there's no variation. It's like you buy one of the three things and that's what you get, like there's no, there's no piecemeal uh operations anymore. Um, which you know in my mind, um, I was initially thinking you know that means like probably vendors like Nutanix are going to be able to run away with just you know business for customers trying to get off of VMware. But in here there's also um, some details about um from the Nutanix CEO, rajiv Ramaswamy I think is how you say his name saying that the market is still continuing to be dynamic and it sounds like Broadcom is being relatively more competitive in some of these deals, especially with the bigger players, which I thought was quite surprising.

Chris: 3:45

You don't really hear much about Broadcom being competitive from a commercial standpoint and that they kind of just you know the market is kind of unchanged for them. They still have the same value proposition, they're still having the same conversations and, to be honest, what I pull from that is I wonder if customers and I've had this conversation a little bit with clients that I've talked to is I wonder if there's more of a focus on modernization of the applications rather than migrating the virtualization stack, and that could be something like moving to something more cloud native or moving to Kubernetes? Something to answer the answer that question. I mean, not everything's going to fit into something like Kubernetes or is going to fit into running it onto on a you know EC2 instance or something like that. But that seems to be what I see. Customers, at least at least at this point, they're considering it Right.

Chris: 4:45

I think the VMware piece it's a big comfort piece for a lot of people. People want VMware because they've worked with it for 10, 15 years. At this point they know it. There's plenty of VCDXs out there that know it like the back of their hand. So I mean, that's that seems to be what I've been seeing in this article. This article kind of leads me to believe that that's. That's what is top of mind for a lot of these organizations. But I don't know how. About you, tim? What's your, what's your inkling here?

Tim: 5:16

Yeah, I think, for all the the talk that enterprises have put out about how, like, they're not going to get taken to the cleaner, they're going to find another option. Um, they're hitting the fact that it's not actually that simple to it's, I mean and and of course broadcom knows this that it's not actually that simple to migrate away from vmware. Uh, you know, if you've built your entire infrastructure on vmware you pretty much and you're going to migrate away from it, you have two options, right, you're gonna you're to disaggregate it and move it to the cloud in some format, or you're going to do like microservices or like Kubernetes, like you were mentioning, right, like, take it completely out of that environment where it's not virtualized servers anymore. But what you're probably not going to do, a lot of enterprises are looking at this and saying you know, what we're not going to do is just go like for like, make a lateral move with such a huge investment that's going to be required to do that movement, you know.

Tim: 6:10

So I think what we're actually seeing is something I didn't think of when it first started. I thought the same as you, that, hey, nutanix and Proxmox are going to be able to eat Broadcom's lunch. But I don't think it's so much that I mean now, of course, the article has mentioned that Broadcom is making is being flexible and competitive for their largest customers, but that's still. I mean, their largest customers are still probably like five or six customers, right, like it's not that many customers, probably. So what probably is really happening is that people are stuck for the moment and they're either eating it or, you know, they're finding a way to get away from this kind of virtualized environment completely like accelerating movement to kubernetes or microservices or the cloud or whatever. And I think maybe that's why I think nutanix and proxmox will pick up extra people, like I mean, the article actually mentions that they had like 600 and something extra new customers last year.

Tim: 7:03

Uh, nutanix, which 600 customers it puts you in perspective of? I don't even know, is that a lot? I don't know, right, like I'm not sure what that means. But you know they are definitely going to pick up a lot of the small, the table scraps, if you will, that Broadcom doesn't give a shit about. But a lot of the big customers that can afford to do something else are going to do something else else out. So, but a lot of the big customers that can afford to do something else are going to do something else else, like they're going to, like, you know, kubernetes or cloud or something. That's not a lateral move. To spend that much money to go to a lateral move and lock themselves into another vendor no.

Chris: 7:33

Yeah, I think that's a great point, it's yeah, I think like I said, it's level of comfort right. I wonder if, just with that, I would like to see the numbers on how many of these customers are probably renewing at 12-month deals versus three-year deals.

Tim: 7:49

For sure.

Chris: 7:50

Maybe they're doing renewal just to buy their time and figure out what to do over the next 12 months. They're kind of eat the loss initially and then maybe do something later. So yeah, I'd be curious to see what that number is.

Tim: 8:03

Yeah, I'm right with you. I think that's exactly what people are doing. Is there probably renewing, unless they 100% know that Broadcom is cutting them a sweetheart deal? Then maybe they'll take the three-year sweetheart deal or something. Because, hey, why wouldn't you right, if you're getting a sweetheart deal, why wouldn't you take it and give yourself time? But, yeah, majority of customers that are not getting the the sweetheart deal from broadcom are doing exactly what you said, just the paying out the nose, but the bare minimum that they can get away with, just to to buy themselves time and and we'll see, maybe a focus on movement this year. I guess we'll see. Yep, yeah, probably All right.

Tim: 8:38

So, speaking of that, so I have an article here from CIO Dive, from built. Based on some feedback from Accenture and Accenture, of course, being one of the largest, you know, it services, infrastructure, value added retailers out there. They've basically made some based on what their clients are asking them for in 2025. They've made some kind of predictions about what the tech landscape and what's going to be important to enterprises as we for in 2025. They've made some kind of predictions about what the tech landscape and what's going to be important to enterprises as we move into 2025. What's interesting is I think anybody probably could have expected this.

Tim: 9:12

So we've been in pretty dire straits here for about a year and a half. Right, the economy and everything, at least in the US, worldwide, really, a lot of enterprises have basically had no money to spend, but at the same time, we have generative AI and all this new you know tech and plus, of course, tech debt. You know all that tech debt just carried over while nobody was spending money, and so now enterprises are faced with this kind of, you know, silly and charybdis thing of, hey, we don't want to spend money, but, like, we have to modernize our infrastructure to keep our business relevant. So, what Accenture?

Tim: 9:49

What this article is basically saying is that Accenture is being tasked by most of their clients with, like, hey, you know, we need you to help us save money, but at the same time, we need you to help us modernize for, you know, generative AI or whatever the modern, whatever to help us modernize for generative AI or whatever the modern broadly the quote-unquote modernization umbrella. And so they think that 2025 is going to be all about this kind of incremental modernization effort, this very tight, very, very controlled modernization. You won't have the pocketbook open, but there will be money being spent. It's been too long since anybody spent, you know, since companies are spending money on their IT and they're going to have to just to keep up with the pace of technology and what's out there and what their competitors are doing. So I'm curious to see that being the case. Are you I mean you talk to more customers than I do, are you? Are you seeing this out?

Chris: 10:38

there. Yeah, it's like this is a. We were talking about this before we hit record today, but I think this is kind of like a trickle down thing, like, uh, like this is, you're only going to re-architect infrastructure for AI if your developmental force or your, your, your, your primary income revenue source is is switching to an AI kind of uh workflow in some capacity, whether that's modernizing your apps, whether that's changing how your company operates, what have you? So I'm starting to see some of it Like people. I feel like a lot of the infrastructure. People are kind of like oh, we're doing this thing, so I have to do this. There's there's not so much they're not, they're not completely tapped into the business side as to what the motivators are. So, but I mean, I definitely am seeing some of this, so it makes sense.

Chris: 11:24

One thing I thought was interesting in like in this article, one of the comments from the CEO, julie Sweet, was that our clients are focused on reinvention, which means large scale transformation. We do not currently see an improvement in overall spending by our clients, specifically or particularly on smaller deals. So what? I'm not sure exactly what she means by that. Does that mean that there's still an improvement on overall spending. So I mean, like the spending is still going to be just as high and it's going to be a lot more smaller, smaller deals. For that I was, I didn't really get that.

Tim: 12:00

Yeah, yeah. I think that what they're saying is basically, or what this particular quote means, is that they're trying to do more with less, like you know, meaning spending money, yes, but spending money specifically to try to, you know, get more out of it. I see, okay, yeah, yeah.

Chris: 12:22

Yeah, major extraction, um from every deal, I guess is what they want. But yeah, yeah, I mean it makes sense. Like I said, I'm definitely seeing some of the uh the movement in this space as well. Surprisingly, apparently, ai adoption in australia is is quite high, um, or uh, one of the one of the leaders.

Chris: 12:39

I don't know australia, like loves being like, oh, we're, you know, we're one of the biggest in of the leaders. I don't know Australia, like loves being like, oh, we're, you know, we're one of the biggest in this. Uh, you want, you always take it with a grain of salt, like I wonder what? I had a grand scale, how, uh, how uh, true it actually is. But uh, supposedly we are, um, we are kind of leading the charge in in that way, um, with with a few other players, but, yeah, yeah, definitely, seeing them my day to day, all right, Um. So next up, um is an article from tech crunch. So, uh, google CEO Sundar Pichai how do you say his last name? Yeah, I think I think that's right. Actually, let me start over. I don't want to, I don't want to mispronounce the Google CEO's name Pichai, something like that. Yeah, okay.

Chris: 13:24

So next up, we have an article from TechCrunch with Google CEO Sundar Pichai saying that it has been basically told to the employees of Google that 2025 will be a critical year for the company, and the biggest focus being Gemini, which is, as we all know, this is their primary large language model in the AI space, which I don't know where it ranks in the hierarchy of adoption, but I imagine it's probably similar to the way that Google Cloud is favoring in adoption, where it's probably similar to the way that Google Cloud is favoring an adoption where it's probably in, you know, top five, but definitely not number one, not number two type thing. So, like I said, I mean this relatively short article just kind of mentioning the focus on Gemini and making it more available to consumers in some capacity which, like I'll be honest with you, I don't think I've ever used Gemini. Oh no, we did, we did use Gemini, it's, but that it was like relatively forgetful, uh like uh.

Chris: 14:31

I, I, I don't, um, or sorry, I should say, relatively forgettable Um, I don't quite use remember using it much at all, but um, yeah, I mean, you know. He says it's a critical year for the company. It feels like every, every that's every year so it's. I don't. I don't know if this how this will actually play out. Who knows, maybe they'll kill it in 2025. I could definitely see that happening, but yeah, I don't know. What do you think too?

Tim: 14:56

Yeah. So what I think is interesting is that in this article, he specifically mentioning that we will make Gemini more available to consumers. And I'm thinking to myself was it not available to consumers? Like, was there? Were they hiding it all behind the curtain in 2024 and just nobody noticed because they weren't using it? Like you know, I don't know I mean.

Chris: 15:16

I assume that means integration with products.

Tim: 15:19

Yeah, I assume. Yeah, Maybe they're well, but they're not like. I don't feel like Google is like the products, like you know, like not like AWS, where they just have like a thousand freaking services and then they cross, pollinate all their stuff together, right. I don't feel like Google really does that. So I'm curious what they mean by making it available to consumers.

Chris: 15:37

I would think, yeah, consumers, I don't see those things. I don't know how much that overlaps with like G Suite and things like that yeah, maybe. I mean obviously integrating Gemini in Gmail, seems like a doable thing yeah. I'm a big Gmail user. I never log into the web interface, so I don't know if there's already Gemini integration there today.

Tim: 15:58

I have no idea.

Chris: 16:00

We should probably have a look after we get done recording. But like yeah, I don today, I have no idea. Um, we should probably have a look after we get done recording. But yeah, like, yeah, I don't know. I mean yeah, but also I don't use g suite, so I mean, but like, like we were talking about this earlier like they're kind of at the same level as meta, like they have so much fucking data about people.

Tim: 16:13

Yeah, like they should? This seems like it should be easy, um, but it's not, and maybe it's the the type of data they have that isn't useful for what they're trying to monetize. Like large language model, right, like it's you know all this data about people, their spending habits, like that's all geared towards ad, and maybe this is it. Like meta and Google have the kind of data that you want if you're going to serve ads to someone, right, but how useful is that as a large language model?

Chris: 16:42

Like I don't know, right, like I mean I'm gonna start going to to chat gpt and say show me the best ad exactly you know everything about me.

Tim: 16:51

Tell me, tell me something I want to buy, right, yeah, but yeah, that's that's. I think I wonder if it's that really, at the end of the day, that like because it can't be money.

Tim: 17:00

We're talking about Google and Meta right, it can't be money, it's got to be the type of data that they have on hand to train with. It must be just different, but I don't know. So interesting article, pretty short, like you said. I am curious, very, very curious, what Google means by focusing on Gemini, like if they just mean improving the quality, cool. I mean, if you throw enough money at a large language model, it'll always get better, I'm sure. So I guess we'll see. Yeah, we shall see. Okay.

Tim: 17:34

The last one we have is from Reuters. This is a kind of a follow-up to something that broke all the way back in, I think, october, and it's been kind of just new details that has been coming out about it steadily since ninth unnamed telecom provider to the list of providers that were hacked by the Chinese-backed Salt Typhoon hacker group. I guess what do they call them? State-sponsored hacking? Is this a name that they use for cyber espionage group or whatever? So this is interesting because that's nine telecoms in the US, including the major ones. Verizon was, I think, who they originally broke. The story originally broke back in October talking about Verizon, and then AT&T was very quickly added. This is also why the FBI came out and said start using end-to-end encryption for messaging applications.

Tim: 18:36

I just read an article yesterday or the day before about how iPhone users and iPhone and Android users shouldn't send text messages to each other because it's unencrypted. It's encrypted on their network, but like when you switch, basically. So this is kind of the whole point of of Salt Typhoon is that by gaining access to the telecom networks, they essentially become a giant man in the middle. Right, telecoms are a man in the middle. That's what they are, right. So, you know, a hacker group that has access to it has access to essentially anything on the wire. You know, this article mentions, for example, that they could, you know, do text messages and record phone calls and do geolocation on all the users of the telecom. Pretty scary stuff all by itself. But again, these are like level one networks, tier one providers, so everybody goes through them. There's no, it's like think of the US as a giant switch or something. This would be the core switch. The telecom providers are like core switches. Yeah right, so everything goes through there.

Tim: 19:38

And the whole end-to-end encryption thing is the story. Like you know, with end-to-end encryption, whether it be network layer or application layer, whatever it is, that is proof against this type of attack, because a man-in-the-middle attack can't, you know, do much against full end-to-end encryption. Right, there's no wire to tap that you're going to get unencrypted data. So that's why they suggested encrypting all your data. That's why technologies like MACSEC are being called into question for being point-to-point encryption rather than full end-to-end encryption. Things like that, like all sorts of encryption technologies have have proven less than effective against this type of attack, because it's a man in the middle attack. So, yeah, anything, I mean you've, you've looked at the article. Anything that extra to add there?

Chris: 20:31

Yeah, it's. I think the reason, like you said, this is something that broke back in like October or something there. I think the reason we're covering it now is, like, I'll be honest, Like I remember, when this came out back in October, um, there was still a large delay in actually getting any concrete information about it.

Chris: 20:48

Um, like, when I heard the back this back in October, like oh, like, uh, this, you know this, this espionage um company from China has broken MACSEC and I was like MACSEC is a relatively modern technology. I'd be surprised if they broke the algorithms and all that and did whatever that is. I think it just kind of leads to the drawback of MACSEC. Macsec is a secure protocol but it is hop-by-hop encryption, Like MaxSec is a secure protocol but it is hop-by-hop encryption.

Chris: 21:19

So encryption and decryption happens at layer two on every hop along the path, right. So if the thing in the middle gets compromised or anything along the path gets compromised, you have access to it because that is the device that is doing the encryption and decryption across each hop, right. So it's essentially a man in the middle, without having to actually inject yourself into the middle. You just gain control there. So, yeah, like you said, these are all Tier 1 telecoms that were falling victim to this and there's nine total that have been named and the top ones are Verizon, at, at&t, lumen, lumen is is that the century link?

Chris: 22:01

level three one oh oh, did they buy level three.

Tim: 22:04

Yeah, maybe they changed their name. What ages ago. I know it used to be centrally, but yeah.

Chris: 22:09

So I mean it's. Yeah, I mean like, like you said, this just kind of speaks to the drawback of, of max sec, which we, we have this conversation a lot in our day-to-day because we, you know, we work on a, a platform that that uses ipsec encryption over the top for for just the, the problems that this introduces. So, um, yeah, I mean it's it's disappointing, but you know, um, that's, that's the, that's the drawback with hop by hop encryption like there's uh, I don't know the way to spin it. That's just what it is.

Tim: 22:38

I mean and again to be clear like if you're using application layer encryption, macsec isn't doing anything, our IPSEC isn't doing like nothing. You know, application layer encryption is application layer encryption, right? It's app layer, meaning that's fully end-to-end as well. It's encrypted at the app on the one side and decrypted on the other side. So it's not like MacSec or IPsec or any of these are specifically good, bad or ugly. It just depends on the type of attack, which, again, the Salt Typhoon being one of the men in the middle. But again, all apps aren't encrypted. And even look at TLS. Tls just got updated because, you know, the encryption was getting aged there. So yeah, man, it's a cat and mouse game and it probably always will be.

Chris: 23:26

I mean I'm not going to sit here and say you should encrypt just for the sake of doing encryption, like doing it at L7, l3, l2. Like do I'm not saying do all of them? I'm not saying do all of them, but I mean having multiple locked doors on your data. I feel like that is a net positive thing as long as it doesn't introduce too much complexity, Too much complexity yeah.

Chris: 23:48

But yeah, I mean, if you're relying on one layer of encryption and it's at a certain piece of the stack, you've got to consider that that could be broken.

Tim: 23:57

I think in the long term Well, right, and again, it's not that MACSEC was broken or IPSEC or any of those. It's literally, in the case of specifically MACSEC, in this type of attack, like you said, the device that is owned is the same device that's doing the decryption and the encryption.

Chris: 24:14

This is a functional drawback of MACSEC. That's just how it is. It's not like it was, you know, unsecure or anything. It was the thing doing. The MacSec was unsecure.

Tim: 24:24

Yep, yep, and not much you could do about that. Besides, of course you know, keep your, rotate your passwords and do all the fun stuff to keep your stuff safe.

Chris: 24:32

Anyway, maybe all the passwords were Cisco123.

Tim: 24:35

Yeah, that's all they got in.

Chris: 24:37

Yeah, All right, and with that I think we'll go ahead and wrap up for this week. So thanks again. Remember we put all these articles into the show notes, so if you want to have a look at any of these and there's a few that we always throw in there that don't always get talked about on the show, so if you want to have a look at those, Please check out the news doc that's in the show notes. Once again, I'll plug this again. Tim and I have an AWS Certified Advanced Networking Specialty Exam Certification Guide from PACT. That's such a mouthful man.

Tim: 25:09

Yeah, it's like ANSC01. Nobody will know what it means.

Chris: 25:16

ANSC01, test from AWS. We are releasing a book with PACT on that particular exam. It's up for pre-order now. We will also put that in the show notes. It's between us and our good friend Steve McNutt. Friend of the show. Guest of the show. So please check it out. And with that I will let you go and we'll see you next week. Take care, bye.

Tim: 25:40

Hi everyone. It's Tim and this has been the Cables to Clouds podcast. Thanks for tuning in today. If you enjoyed our show, please subscribe to us in your favorite podcast catcher, as well as subscribe and turn on notifications for our YouTube channel to be notified of all our new episodes. Follow us on socials at Cables2Clouds. You can also visit our website for all the show notes at Cables2Cloudscom. Thanks again for listening and see you next time.