Tim: 0:14

Hey everybody and welcome to our new monthly news on the Cable's Clouds podcast. We're now doing this once a month, and so we'll look back over the whole of the past 30-ish days. When we do this, I'll be your, you know I'm Tim, obviously you know me, and with me is the other guy who hopefully, by this point, you know as well, chris, and we're just going to roll right into the news. Okay, so one of our top stories, so Palo Alto, and this happened. Actually, this happened about 10 days ago, 11 days ago now, palo Alto announced an agreement to buy CyberArk. So CyberArk I'll be honest with you, I didn't know CyberArk very well, but CyberArk is a identity services cybersecurity vendor. So CyberArk does machine. It's just focused on identity, whether it be machine identity, workload, or rather people, whatnot. It's a technology that Palo realizes is valuable and also that has kind of a gap in its portfolio for, and, of course, identity is kind of becoming king here, especially in cloud and whatnot. So Powell's making a good move. They're buying CyberArk and they're going to yeah, so they're going to roll it into their product here.

Tim: 1:35

Let me take a look at the actual. So I'm trying to find the piece I was looking for in the actual press release. So specifically it says delivering identity security for agentic AI. That's one of the biggest reasons they picked it up. So this is interesting. I think this is going to be a huge thing identity for agents moving forward, not just for Palo, obviously, but like any cybersecurity company is going to have to deal with how do we identify agents? And it says let's see. Try to find the actual number here yeah, an equity value of 25 billion for cyber arc and shareholders will receive 45 in cash and 2000 2.2005 shares of palo alto network's common stock for each cyberArk share. So actually it's not a cheap acquisition either. So, according to Palo, this accelerates the platform strategy which we just talked about, making it easier, just filling a gap in Palo's disrupting the legacy, what they're calling the legacy IAM market, so identity access management market.

Tim: 2:44

Again, this cyber arc is very much focused on workload and machine identities as well as user identity, and I think we can all agree that you know, kind of the zero trust model of ages past was very focused on user identity. So this is basically just filling in a gap that I think everybody can agree exists. And then it specifically calls out that it secures agentic AI, providing some type of identity for agents that are out there working on behalf of organizations. Yeah, how much else to add there? It's a pretty interesting acquisition. I am very interested to see how Palo pulls it in. I think that's always been the struggle with anybody, any vendor that buys another product. What does the integration look like? So I think that's going to really decide whether or not this is successful. Anything to add there?

Chris: 3:35

No, I mean kind of, like you said, my experience in the past with CyberArk has been relatively good. They do have a strong solution, specifically within privileged access management. You know kind of the following that kind of zero trust model where you know you are only given elevated privileges if certain criteria is met. So I think they've done a great job there. It is odd well, not odd, but it is, you know, kind of unique or interesting to hear that they're doing this acquisition of you know this isn't nothing. This is 20 plus billion dollars for the purpose of integrating identity for agentic AI. So they're kind of hedging their bets on that. So there's this whole concept of bringing an identity kind of vertical under Palo's portfolio, but also the addition of potentially a new product that's going to come out of this as well, mainly focused on agentic AI.

Chris: 4:35

I don't think CyberRock has a specific product for that just now. I could be incorrect. I haven't studied their portfolio as of late, but you know, I know Palo kind of has know Palo has all their solutions divided into these key areas. So they have Strata, which is over their network security portfolio, which is their firewalls, and more hardware-based stuff, and then I believe there's Cortex, which is focused on SOC-type stuff like the XDR and SOAR-type platforms, and then there's Prisma, which is kind of used for their remote access SASE type solution as well.

Chris: 5:12

So I don't know if this is going to be a complete new kind of vertical that gets put into their solution portfolio. I imagine it would and you know there's, like you said, like integration is going to be key because, when it comes to identity, integration has pretty much been the dominant path forward, right, like typically when you you know a lot of cybersecurity vendors out there just integrate with an identity provider, whether it be Okta or you know, adopted by the masses in that way, or what's going to change in that paradigm, right? So I don't know. It'll be interesting. I'm very interested to see where this goes, yeah.

Tim: 6:08

I think identity yeah, I know CyberArk basically right now CyberArk by itself is a identity provider, vendor, whatever you call it Like that's their thing. But I think, if Palo is going to make this successful, identity is ubiquitous, right. Identity is going to cross all their different domains or however they're organizing it right, Like identity is king and it's going to cross all of it. So if they don't, if they try to spin it and just kind of make a new domain or, like you know, kind of shelve it on its own little silo, I think it's a huge loss and I think they know that. So I think they're probably going to try to roll that into the rest of their product. So, yeah, excellent.

Chris: 6:49

All right. Next up we have an announcement from AWS that they've launched a new service. So this came out, I believe, from the time of recording, just maybe like five or six days ago. So they've launched something called the Amazon Elastic VMware Service. So you know, there's a lot of existing VMware customers out there. We've talked about on the show quite a bit that they're feeling the squeeze from Broadcom, etc. Quite a bit that they're feeling the squeeze from Broadcom, etc.

Chris: 7:19

In the midst of that there's been some kind of back and forth around what the VMware support is on AWS. Right, there's been kind of these more concrete solutions stood up in, like Google and Azure, and there has been some back and forth with AWS about that. So it looks like they've launched a new service to kind of fold into that with this Elastic VMware service. So it allows you to bring your own VMware Cloud Foundation license and run it on AWS without having to replatform or refactor any of the existing applications that you want to do there. So you know you kind of. So if you look at the idea here is that there's essentially bare metal instances running under the hood on AWS that you're able to run your VMware stack on top of which is pretty common across the other cloud providers as well, although it's really funny to see all these products come out and their whole idea is like oh, you don't have to refactor, you don't have to replatform any of your applications, when they're talking about shifting out of the data center.

Chris: 8:28

Hasn't the move to cloud always been about replatforming and refactoring for optimizations? This doesn't feel like a long term solution to me, for for any of those customers, unless you're trying to just figure out an interim solution to get away from Broadcom or you know, you're you, maybe, maybe you're you know an IC and you're just, you know, satisfying your CEO's desire to move to cloud when you know it's going to come right back eventually. But it's like I don't know, um, satisfying your CEO's desire to move to cloud when you know it's going to come right back eventually. Um, but it's like I don't know it's. It's weird to have everything else have this messaging.

Chris: 9:01

And then, when it comes to the VMware stack, it's like, oh, that's exactly the same, you don't have to change anything. Um, it'll run exactly how it is when, uh, and then when you look at the pricing, maybe that explains why it runs exactly as it is. But yeah, I don't know, interesting announcement, but, like I said, kind of brings them up to par with what's in the existing Azure and GCP environments as well. So not surprising, I believe right now it's only running in certain regions, so US East One, a couple regions in Europe and Asia Pacific and Tokyo as well. So I imagine we'll see more announcement coming in from that. But what about you, tim, anything to add?

Tim: 9:42

Yeah, there's not much to say here. I mean, I think VMware, cloud Foundations, pretty much, is the same. It's really just like here's Amazon owning the service instead of VMware owning the service, basically, but you can even use your VCF licensing for this. It's definitely a stop gap for people that want to move away from Broadcom but can't, for whatever reason, or won't move away from VMware. So that's that's. Yeah, I think this this is a temporary. I mean, there's a lot of money, there's a lot of money to be made in a temporary measure. Still, like, they know, they know their customers right. They know that the customers don't want to replatform that, or they can't or they won't or whatever. That is Right. There's money to be made in legacy and there will be probably forever money to be made in legacy, if we're being honest. And so AWS is just like yeah, okay, you want to keep running like this, I mean, we'll take your money. That's fine, please, by all means. So, yeah, not much else to say there. It's literally just a money grab and that's fine. And people that want to keep running VMware or just find that it costs less money to pay tons of money to keep running VMware over replatforming Because replatforming and refactoring is extremely expensive Like extremely expensive Millions and millions of dollars over replatforming Because replatforming and refactoring is extremely expensive. Like extremely expensive Millions and millions of dollars. To replatform and refactor, no question, right? Also, just the time, the time and opportunity costs is often what really hurts people, right? They'd rather just start from scratch than try to replatform or refactor. So, yeah, I mean, it's literally just kicking can down the road and paying money to do so. So, yeah, all right.

Tim: 11:19

So next we have one from Network. We have an article from Network World which is kind of an opinion piece. There's a little bit of a no kidding aspect to it. But SD-WAN reality check why enterprise rip and replace isn't happening. So the article basically points out that you know, hey, uh, sd-wan is ubiquitous now, like everybody's got pretty much most enterprises you know, have adopted some kind of SD-WAN whatever, whatever vendor that looks like, whatever uh deployment that looks like they're using it. Um, but there's still lots of uh enterprises out there that that won't rip the whole thing out and replace it with SD-WAN.

Tim: 11:57

I'll be honest with you. I read this article and I scratched my head a little bit because it was like you know the number of enterprises that will do a full rip and replace is still very low. And I'm thinking, well, yeah, like anybody who knows network infrastructure should be able to understand that right, like I've never met an enterprise that was like. You know, what would make this whole thing even better is if we just changed it all all at once. You know, it's never happened. So it's kind of a weird article.

Tim: 12:27

It goes over some other stuff. It talks about how they're building, you know, putting AI, more AI features into SD-WAN Although the list of features that they mentioned as becoming AI enabled also has me scratching my head a little bit Things like self-healing and path optimization and, you know, failover, automatic failover. Then I'm like scratching my head because I'm thinking these you know, when I worked at Cisco almost three and a half four years ago, this already happened, like we didn't. That was already baked into Viptela, for example. When we've acquired Viptela, there was no AI involved at that point. So, yeah, I don't know, I do think AI can make these things better, like kind of like the assurance angle, if you will, from Cisco has wireless and wired assurance. It's that kind of angle. I think that definitely, it can only be good to use data to predict future data. But yeah, that still remains to be seen. Kind of a little bit of an odd article, actually. I think that's why I wanted to bring it up.

Chris: 13:34

Yeah, I think this kind of speaks to kind of the generic term that AI really is right. Like you said, this idea of self-healing, this idea of classifying traffic and doing dynamic path selection and optimization has always been kind of baked into SD-WAN Well, not always, but it definitely has in the last, you know, probably four or five years, but it was never kind of marketed to the general public as AI, as an AI-based feature, when, at the end of the day I mean when you break it down there probably is some type of AI or ML that's being put into place to kind of classify what applications are what and force that on the box. I don't know if any of this is really happening on box per se, the AI capabilities of it, or if that's done from some central point and then basically pushed down to be enforced at that level, um, which makes sense. So I don't, I don't know if, like this article, like you said, it's interesting because it kind of totes it as like oh, it actually fell short of being able to do this and I was like I don't, I don't know if this was ever marketed as an ai type thing.

Chris: 14:48

Like I think ai has come into the purview and kind of changed our, our idea of what some of these things should be. You know like path selection and and and um, self-healing I guess, so to say, but like if anyone knows network protocols and how you can monitor this stuff, like it's all standards based stuff down once you get down to it. Right, there's only, there's only ways, there's only so many ways to skin this cat. And, like you said, you know about calling out it being surprising that not everything is getting ripped and replaced. I think we can all on, like you know, within 30 seconds we can sit and think of probably two to three scenarios where SD-WAN isn't going to solve a specific problem at a specific site. Right, it's not the end-all, be-all solution that fixes everything.

Tim: 15:34

So it really it's a bit of a head scratcher. Yeah or panacea. Is it panacea or panacea?

Chris: 15:40

Panacea, panacea, right yeah.

Tim: 15:42

Yeah, okay.

Chris: 15:44

Okay, next up, we have an article here, I believe from STX Central, about Wizz exposes zombie hosts on its own host, which is Google.

Chris: 15:56

So, as we all know, I thought this one was quite interesting. So, as we all know, you know, google is in the process of acquiring Wizz for several billion dollars and there apparently has been something discovered by Wizz on several pages that were deployed using Google Sites where, basically, these zombie hosts were set up, which is basically a an exploit called SoCo 404. Obviously, the websites have a kind of default 404 error page that needs to be stored somewhere, and if someone goes to the wrong page on a website, the 404 not found will be displayed to them. But apparently this exploit involves those HTML pages including malicious code for the purpose of mining cryptocurrency and churning CPU capacity for the purpose of that as well. So it was funny that Wiz actually was being brought in and discovered all of this stuff, and Google has since taken it down. But, you know, I just want to call this out because it's nice to see Google making use of its new product, I guess, but I just thought this one was kind of funny.

Tim: 17:16

Yeah, it's um, I mean, at least you know whiz is doing its job. This is, this is interesting, right, because it's like they're. They're sites that are made with google sites, and so I think the 404 site was probably intended to be like automatic or like not just kind of a placeholder, right, and so yeah somehow they were able to exploit this in a way where they could replace the code on these 404 pages with.

Tim: 17:42

You know, hey, when your browser renders this, this 404 page, it triggers some kind of malware, download or injection or something. I don't know. It's not, it's not clear from the, from the article, but uh, my guess is that it would have to. You know, essentially try to automatically download something and then and then run it on your computer.

Chris: 18:00

It's weird because I think, like if I imagine I've never used Google sites, but I imagine that you use some type of kind of builder, um, that you can use to to to write like a website. Exactly so. I imagine that the 404 is just something you can automatically like, like I click a box and be like oh, here's my 404 page, or something like.

Chris: 18:18

It seems like this would have been injected by google like, not by the user, like almost like a uh almost like a supply chain type attack you know what I mean, like it would have been in by the vendor, that's that's doing that for you, unless there's like a marketplace where maybe someone could just say like, oh, give me the, uh, give me this, this layout, and it includes this 404 page or what have you. So it's kind of like I don't think they really touch on exactly how this got in there, but it is, um, it is quite strange and it makes me wonder how that happened yeah, yeah, an exploit using misconfigured cloud services to plant crypto mining malware.

Tim: 18:54

Pages 404 html pages hosted on websites built using google sites act as zombie hosts to the malware yeah, secretly containing encoded files that install the crypto miner.

Chris: 19:05

So like, yeah, like, how did that? Maybe, maybe google sites doesn't offer that. Maybe it's not something that is as seamless as that, but yeah, it's really.

Tim: 19:16

Or maybe these sites were exploited and then had this malware put after the site was exploited.

Chris: 19:22

They could just do whatever they want, right.

Tim: 19:23

Maybe they could just put it in there. Maybe it's not yeah, the article is not 100% clear on this, but it's an interesting use of Wiz to find this, so at least you know it works right.

Chris: 19:35

Yeah.

Tim: 19:38

Okay, and let's go ahead and finish off with something that actually just dropped today and will be old news by the time this posts. In two days Megaport has announced that the Megaport Cloud Router now supports IPsec tunnels. So this is a big one, because for the longest time, megaport Cloud Router and of course, megaport Cloud Router is their own self-hosted, like you know, marketplace uh item that, um, it uses uh sorry, I just got a notification that just bounced me out so it uses their marketplace, but it's, it's their kind of own hosted, uh, white label routing uh software, and so for the longest time they didn't support ipsec on this because it was kind of a, you know know, a minimal offering, if you will like, a, just a basic router that does BGP and GRE tunnels and stuff. It didn't, it just couldn't support IPsec, you know the crypto stuff.

Tim: 20:30

So apparently now it does, and so what this means, of course, is that now, anything you could have done with a cloud router in Megaport, you can now do with the Megaport cloud router so you can have, you know, end-to-end encryption through the Megaport fabric, connect your edge directly from you know, using IPSec. You wouldn't have to, you wouldn't have to connect to, you wouldn't have to host your own Cisco router or any other kind of router in Megaport and then connect your on-prem devices, whatever those might be, to that right. You could just directly connect to a Megaport cloud router. So I mean it's a huge, huge upgrade for Megaport and I know a lot of customers were looking for this kind of functionality and, yeah, just a huge win.

Tim: 21:14

The press release, the blog, rather goes on to point out other things like here's all the other things that MCR can do. For example, it says you know we can get up to 100 gigabytes, gigs gbps if you will of bandwidth on our MCR. Of course my expectation is that that is not encrypted at 100 gig, but you know, but yeah, just the ability that now they have they support IPsec and you can do it straight on the cloud router Just brings a huge amount of benefit to Megaport hosting.

Chris: 21:45

Yeah, agreed, I think you know, like you said, mcr or Megaport cloud router is.

Chris: 21:51

We commonly just see it deployed in capacity where you know, like you said, it's essentially a white labeled service that Megap Report offers to give you a routing construct within their fabric and you can use that for multi-cloud connectivity, hybrid connectivity, what have you? And now, with this addition of it running IPsec, you know, and also, I believe, every MCR that you deploy, it automatically gets or is able to have very competitively priced internet connectivity as well, right, compared to the cloud providers. So, if we're talking about remote headquarters or remote branch to cloud connectivity, now you can do this over the internet with IPsec, which is probably quite a beneficial thing for, like you said, some customers that are paying heaps of internet egress costs in the cloud for those exact same services. So I could see this being a pretty substantial thing for Megaport. Now, like you said, megaport is very open about this and you know, oftentimes when they launch a service, like when they launched the Megaport, basically when they launched MCR I remember it was commonly referred to as my first router.

Chris: 23:08

Like they very much talk about it. How, like, hey, this isn't going to have every bell and whistle, this doesn't have every nerd knob, it has very basic functionality and our focus is purely on simplicity. We want it to be so simple and so easy to deploy and I imagine this is going to fall right into that. And you know like, hey, if I'm going to build a connection, this is going to be an IPsec tunnel to remote site. It's probably going to, you know, support, the bare bones stuff, to make sure that this is simple and secure and for a lot of customers, that might be what they need. For customers that need more, they have another offering right. They have the Megaport, virtual Edge, where you can host your own platform as well.

Chris: 23:48

So I think it does add quite a bit to their portfolio. So I think this is a great move.

Tim: 23:54

Yeah, for sure, and I mean honestly, the way Megaport works is it's all point to point, so it fits perfectly with IPsec. The way you connect Megaport devices together, the fabric together, the endpoints, wherever you're hosted, it's all point to point connectivity through there. So it works perfectly with the idea of just encrypting it with IPsec. Basically, so, yeah, great move by Megaport, okay, and that, I think, wraps us up for this month. We'll be back next month with even more exciting news. Hopefully, nothing too exciting happens between now and then. But thanks for sticking with us and hanging out and enjoying the news and we'll see you next time. See you next time. See you guys.