April 30, 2025 • 36 mins
This week, we revisit our most-watched episode in our podcast, diving into SD-WAN. What is SDWAN and Advanced Networking? With special guest Josh Haselhorst, Sales Engineer at Telarus.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Welcome to the podcast designed to fuel your success in selling
technology solutions. I'm your host, Josh Lopresto,
SVP of Sales Engineering at Solaris, and this is Next Level
Biztech. Hey everybody, welcome back.
I'm your host, Josh Lopresto, SVP of Sales Engineering at
Solaris, and this is the Next Level Biztech podcast.
(00:21):
This week we're talking about advanced networking, we're
talking about SD Wan and everything in between.
And we have the pleasure of being joined by the one, the
great, the only, Josh Hazelhorst, world renowned SD
Wan networking architect. Mr. Hazelhorst, welcome on.
What a what a introduction. Man, I'm famous.
Thank you, Sir. Happy to be here.
(00:43):
Love it so so I want to I want to hear about you first.
I want to get everybody you knoweverybody knows you are you are
covering the Southwest, but you're also really a very strong
subject matter expert for SD Wannetworking and security.
But let's get let's let's dial it back to just you.
How did you start in this technology?
(01:04):
Have you always been in this path?
Did you do something dramatically different and then
just, you know, this sucked you in one day or where did you
start? Yeah, great question.
I mean, when I started in tech, I was just a sales Rep.
I didn't even, I didn't know anything about tech.
I was actually in the boat business for a long time,
selling offshore race boats, warlocks and zombies and
(01:24):
cigarettes and stuff like that as a as a young man.
And that was fun. But you know, you just didn't
make a heck of a lot of money, right.
So, you know, I got a job at IBM.
This was in the, I would say mid90s or whatever.
And IBM had just launched, launched this thing called
ThinkPad University. So they had this program to
where university students from like Ohio State, Florida State
or whatever, as they enroll, they get a brand new ThinkPad as
(01:45):
that, that's part of their deal,right?
So that was my, that was my first job in, in tech.
And I realized real quick, I hated technology.
Literally hated. I was working for this reseller
of this, this ThinkPad thing andthey'd be the guys running
around with the chicken suit andthe sales wheel and throwing
candy and I'm like, this is, this is just too hokey for me,
man. I, I, I hate that.
(02:08):
So I got out of there, probably within, I don't know, maybe a
year or two and started with a, a bar that was a distributor, A
distributor at the time called Avnet and started an inside
sales smiling and dialing, you know, George Costanza one by a
computer. No one by a computer.
No. And so I did that for a while
and then just moved up and we got onto the Cisco side of the
house and became, you know, Cisco certified in the, in the,
(02:31):
in the advanced wireless. And they called managers and all
that other jazz. And then Avnet sold their, their
Cisco practice to another company called K Length.
Well, Kalyn's didn't need all ofus from Avnet.
They were already one of the biggest, you know, Cisco
reseller integrators on the planet.
So we all pretty much got whacked that day and then just
started hopping from bars to integrators.
(02:53):
But every time I went to a different bar, a different
integrator, I would go to a different discipline.
So I started in that Cisco worldand I went to another bar and,
and started building a, a storage practice for EMC.
So we started building, you know, backup recovery, archive
solutions and monster, you know,$1,000,000 Sims for giant data
centers and stuff like that. And then this horrible idea of
(03:15):
cloud compute came about. Well, there I go, right.
Nobody's buying $1,000,000, you know, SANS anymore.
They're just going to do it on aas a service model for a couple
of pennies a gig, stuff like that.
I actually got out of that. I said that's it, I'm done.
And in between I got a whole bunch of Cisco certs, a whole
bunch of EMC certs. So now I know storage, compute,
network, stuff like that. But I'm like tech, I'm done,
(03:37):
man. This after probably 10, maybe 15
years of doing it and opened up my own construction company,
bought trucks and trailers, marketed myself out to a bunch
of real estate agents. That's when all the foreclosures
were going like crazy. Well, how do you sell a
foreclosed home? You got to clean out all the
garbage, right? And I thought I'm going to buy
trucks and trailers. I'm going to hire a bunch of
people. We're just going to go clean out
(03:58):
garbage and make homes conveyable.
And it started with doing a couple homes a week and to doing
203040 I'm a week throughout theentire state.
I had like a crew of 20 throughout the entire state.
We were, oh, I don't know, we were probably netting 304
hundred KA year just cleaning out homes so real estate agents
could sell them. And then Bank of America
(04:18):
Countrywide, who had my contractwith us, sold to a company
called Safeguard out of Ohio or sold my contract to a company
called Safeguard out of Ohio. And that was it.
Light switch just turned off. And I thought, oh, my, my wife
is in tech at the time too, and I thought I got to get a job.
The only thing I know is tech. Well, CRUD started filling out
resumes, Got a first, first job opportunity I got was for a
(04:41):
cloud voice company. No, no, no, not cloud voice,
right, Except for on Francisco World and now we're talking
about. So then I started doing that and
then got into that, started doing my own deployment, got,
you know, getting certified, getting engineering certs, all
that other jazz. And then I realized back then
from a data warehousing world, there were technologies inside
(05:02):
data storage world like data deduplication, like software
defined, you know, networking inside that data warehousing
world, from database to data, Coca-Cola to color, stuff like
that. And then we started doing this
cloud voice thing. And I thought, why can't I do?
Why are people doing the same thing in this in this voice
thing? I always complain and I'm not
going to, I'm never going to go hosted voice, right?
(05:25):
Because reliability and Internetand all that.
I'm just going to get PR airlineSIP trunks.
So the whole reason people wouldn't go to cloud was because
of reliability, redundancy, security mechanisms, right.
So the thought was, guys, why aren't why aren't we doing this?
Why aren't we partnering up withcompanies that'll do things
like, you know, application, youknow, controls and link
(05:46):
aggregation and load balancing. And you know, in a data world,
we have load balancers, but thatwas for storage, server, server,
all this. Why can't we do this for voice?
So we started bringing in other companies like Dialo Cloud, for
example, to fix voice problems. What the problem was, we
wouldn't talk about building a reliable network, building a way
(06:07):
to reroute around Internet anomalies.
We would sell the voice. Here's your 15 seats, your 20
seats, your hundred seats. And then when you called in at
about the 100th time complainingabout how horrible this thing
is, once you start talking, started talking about lawyers,
about contract termination, thenwe would say, hey, why don't you
plug this box in and it just magically fixes this voice
(06:28):
issue. And I started hitting myself in
the head going, guys, why don't we do that first?
And then when we roll out our application, we never have a
problem. So now our customer service
that's taken the I hate you calls every single day goes away
because we fixed their network 1st and then layered on the
application, right. So I did that for several years
(06:51):
and then I left the UCAS market and went to an SD Wan
manufacturer. OK, how does this stuff really
work? How can this stuff really get
built? How do we start taking these
technologies and start bringing in other technologies into the
same solutions? So when we started looking at
things like how do I implement afirewall into SD Wan, right?
How do I implement advanced threat hunting into SD Wan?
(07:11):
How do I do, how do I collapse environments?
So an IT admin doesn't have 13 appliances and 15 pieces of
software they have to manage. Isn't there a way I can just
have like 1 box and one piece ofsoftware that can manage my
entire organization and now I don't have to have 11 product
managers to support 19 differentcountermeasures.
(07:32):
So that's kind of where it started going.
And then you know, I got to go get certified and every firewall
on the planet, every safety man on the planet.
How does everyone from Ariaka toZen layer do it right?
What are the insurance and outs?What can they do?
What can't they do? And more importantly, then are
there still holes, right? Are there holes in security or
in the holes the way specific applications work around SD Wan?
(07:52):
And if there are holes, is that yet another product or is that
now just a product dev that needs to now integrate into
their existing SD Wan platform? And and these things have turned
into now past and my world rightplatform as a service that what
do you want? Do you want it to be sassy?
Do you want it to be Casby? Do you just want it to, you
know, do bandwidth consolidate? What do you want?
(08:13):
Let's talk about that. Let's let's talk about what it
is now. I love the journey.
I love the wild story and this industry always seems to suck
everybody back in whether we like it or not.
I know. So.
So let's talk, let's set the stage a little bit.
I mean, I, I think for anybody that doesn't understand this,
there's a lot of layers, right? There's SD Wan with security,
(08:34):
there's SD Wan without security.There's SD Wan from my
aggregator, there's SD Wan by itself.
If we, if we, we know that some of those things are the options,
right? And then we, like you said, we
start to get into the new stuff,the Casby and Sassy and things
like that. We can get to that a little bit
at the end of kind of where thisis all going.
I think it ties into there. Let's just, let's just level set
(08:56):
on what would you say this does?What does this technology, why
is it there? What does it do and why is it
better than what somebody might have from a legacy perspective
to kind of bring back to some ofthe points you brought up?
Yeah, yeah. And when I go around the country
and I talk about the partners, integrators, manufacturers I
work with a lot of the product that I've seen and stuff like
(09:17):
that. Very, very common questions,
right? What's the next evolution and
what SD Wan does? First of all, let's level set
this. SD Wan is not a product.
There's not a box, there's not ablinky light.
It is not a spinning disk. SD Wan is a risk management,
risk tolerance idea. It is a theoretical idea of what
(09:40):
what applications do I run in myenvironment that are my crown
jewels, What do I make money doing?
I have to understand the customers use case.
How do I make money now based onhow I make money, how do I
protect that application and howdo you need it protected, right.
So when we talk about over the top SD Wans versus Savvies
(10:00):
versus Cavies versus Pavs, it's really not about oh, do I need a
full stack, you know, Fortinet, Cato, Cisco, whatever.
It's really about that use case of, OK, let's look at operations
and logistics and risk management first.
What applications do you have Mr. Customer, that cannot risk a
(10:21):
failover fail back event? Is that desktop as a service?
Is it workspace as a service? Is it your containers in AWS as
your GCP? Is it?
What is it that needs requires based on risk management?
Risk tolerance? 100% application up time 0
failures. Do you have any of those
applications in your organization Mr. Customer?
(10:42):
Yes no. If the answer is no, I literally
have nothing. We don't run on computers, we
run on, you know, post its and and and sheets and then maybe
they're not a fit for SD Wan. But again, going back to the SD
Wan in a product, right? SD Wan is 3 things.
It is management. Meaning I can open one GUI
(11:02):
interface and I can manage single locations or multiple
locations and multiple technologies in the same admin
user interface. Visibility is a second pillar.
Can I see analytics of my Internet circuits, my top
talkers, my top users, my top applications, my latency, my
(11:24):
packet loss, my jitter, my crosstalk?
Can I see what connected IPS I have, right?
Do I have visibility into my entire organization?
Right. So when we talk about SD Wan, I
guess in a like AITSM world or anetwork management world to say
SolarWinds, things like that, would would those actually
qualify as SD Wan if they hit one of those pillars?
(11:44):
Well, yeah, I can manage everybody in a single interface,
right? Then yeah, those would qualify.
And then the third biggest component is automation.
If something happens, and if that happens and Internet one
dies and goes over to Internet 2, do I have to manually do
anything? Do I have to push a reset
button? Do I have to go into a software
(12:04):
portal and click anything? Do I have to manually do
anything for it to go from Internet one to Internet 2 or
Internet 2 to inter 11? Or does it do it automatically
for me? If it does it automatically for
me, guess what? Any one of those pillars or any
combination of those pillars of management, visibility and
automation qualify as SD Wan. So then you got manufacturers
out there and Gartner out there and all that go going, oh, I'm
(12:25):
Cradle Point, I'm SD Wan. I'm Microtick, I'm SD Wan.
I'm Pep Link, I'm SD Wan. Well, if you're failing over and
failing back automatically, thenyeah, you qualify.
Doesn't mean you're going to keep applications in 100% off
time situations because now that's the risk management, risk
tolerance conversation around applications.
But there's a ton of things thatqualify as SD Wan.
Some guys say, oh, there's 40 SDWan platforms out there.
(12:47):
No, there's 75. And it's because what qualifies
as SD Wan depends on what the customer needs to protect and
how comes back. So it comes back to a business
conversation. I, I see that's the, that's The
funny thing about this, right? I mean, this is, this podcast is
meant to be a little bit of technical exposure to how some
of these different vendors and things like that work.
(13:07):
But there has been a common thread.
It really just comes down to what problem are you trying to
solve? To your point, you know what,
what applications are your crownjewels?
Are they resilient? Can you afford them to have
downtime and just stop and listen?
And I, I, I think it's fascinating.
I think people are surprised when we come in from a technical
acumen and we're just asking business questions because
(13:28):
that's really all it comes down to, right?
Yeah, and when I teach partners right, you know I wouldn't say
sales one O 1. I would maybe say sales like 2O2
is hey, I want to start, you know, understanding SD Wan so I
can sell SD one of my customer. How do I sell SD Wan Josh don't
do not sell SD Wan SD Wan sells itself SD Wan is the hook to all
(13:48):
these other cloud services that you want to sell You want to
sell cloud migrations from on Prem to AWS Google tier points
like central Rackspace. How are you going to do that
migration? How are you going to connect to
it? How are you going to connect to
it securely? Well, now it's an SD Wan
conversation. How do you need those
applications for format Hey now it's an SD Wan conversation
right? Oh, I need, and I get this all
the time. I just had one this morning is
(14:10):
Hey, I want to get into that forme and I do, I do UCAS, TCAS and
and Internet Sweet. You get people calling you up.
They I need a a secondary Internet connection.
Cool. Let's do like everybody else
does and sell them whatever's onthat near net and just sell them
that $136 broadband circuit. Right, We're done.
No, how do you want that circuitto behave?
What applications cannot tolerate failover and fail back?
(14:35):
I didn't sell them SD Wan. What I sold them is you're going
to have two Internet connections.
Why not use two Internet connections?
Why buy another connection that you're going to use four, 5% of
the time? Why not use it all the time and
have your critical applications dictate which connection is
correct in real time? Why don't we do that?
I install SD Wan, I sold. How do you want your Internet to
(14:57):
behave, which happens to be SD Wan, But then it gets way, way
deeper though, right is if I'm talking to the telecom and the
and the Internet guy at at the company, that is an over the top
SD Wan solution, bandwidth conditioning tools, right?
Stuff like that. OK, great.
I'm link out gate and I'm alwaysup.
Sweet, wonderful. Well, what are your firewalls?
(15:17):
Maybe your existing firewalls can already do this.
Maybe it can already do this with just a upgrade of an OS.
You know, maybe they can't do itat all and we need an over the
top. And more importantly than that,
who is managing these firewalls?So now we get into this whole
cybersecurity conversation of I really want to start selling
cybersecurity, but I don't know how well I'm not selling
cybersecurity. I sold you a secondary Internet
(15:38):
circuit, right? I asked you how they wanted to
behave. Turned into an FD Wan
conversation. What applications are you
running? Turned into AI.
Want to go buy a hosted voice? Oh, OK, well now I can sell them
hosted voice. I can sell them the Internet, I
can sell them the FD Wan. Now what are your firewalls?
Who's managing them? Who's due when?
How often do you're looking at your firewall logs?
Are you doing advanced anomaly detection?
(15:58):
Are you doing vulnerability scans, pen testing, all this
other stuff? Are you ingesting those logs
into a analyzer, a SEM into a security operations?
And then it's Oh my God, no, Josh, I don't have security
operations teams. I'm not doing advanced threat
hunting. I just bought a off the shelf
firewall that's at a tip of compliant.
Sweet. How deep in cyber maturity do
(16:19):
you guys want to get? Do you want to start building
formalized frameworks? Do you want to start doing
defense in depth, everything from endpoint security awareness
training to end protection all the way into data loss
prevention and really start getting cyber mature?
Or did you outsource an MSFP that's already doing that?
Because now that starts dictating which SD Wan platforms
(16:40):
now that we already determined from the telco and Internet guy
that SD Wan is in need. Well, now it's a which one,
right? Which tech is going to be
correct for your organization? Because if I've already out,
Josh, have I already outsourced all cybersecurity to whoever?
Am I going to go in and talk about the Catos and the Florida
Nets and the verses of the world?
No, I'm not even talking to thatguy.
(17:01):
He don't even know what I'm saying, right.
So now I'm just talking to the telco and Internet guy.
So it's really going to depend on their, their risk, I guess
platform and and their logisticsand operation of who can support
what and where are the holes in gaps because a lot of times we
can kill a lot of birds with onestone.
And you know, I, I, I want to make sure too, that everything
(17:23):
that anybody hears is that this is the value of being a
tilarious partner, right? They get to ride side by side
with you, helping them with their customers in these
discovery calls because this, this technology is complex, but
it doesn't have to be. So, you know, small plug for the
Solaris engineering team, right?That's what we're here to do.
We're here to help you figure these things out, figure out
(17:44):
where your customers are at, figure out where they're going,
figure out what their pitfalls are going to be and talk about
pitfalls that, you know, we can I, I think hopefully help them
avoid. So I, you know, I think you laid
down some good things about how a partner can be, can be asking
these questions and not, not make it about a specific
technology, make it about a business.
And, and you did start to alludeto some of the trends and I want
(18:05):
to jump into trends here. I want to go trends and then I
want to get into a detailed example.
So from a, from a trends perspective, you know, if I
flashback, I remember we starteddoing this years ago, the idea
of putting a box managed as a service in a customer's
environment that they didn't totally know what it did.
No way get that box out of here.I ain't doing that.
I manage all my own gear. I got all these pieces and I and
(18:29):
I got I can adequately staff andI got no problems with that.
It's great. Fast forward to where we're at
now, massive employment shortagethat keeps getting worse and
worse. The the great resignation, all
the stuff coming off the back ofCOVID, blah, blah, blah.
What are some trends that that that you're seeing these days
that you didn't see a couple years ago that maybe partners
(18:50):
should look out for? Yeah, no, great question.
And go back to that COVID specific, right, as we had, you
know, office workers, you know, coming into the office on the
cute farm doing their jobs. I got my on Prem firewalls.
I got my security team, you know, we're beautiful,
everything's cool. We might need some other
countermeasures and stuff like that.
But then then I sent everybody home.
Well, how am I going to securelyconnect those guys when I sent
(19:13):
everybody to go work from home? Oh, well, I got VPN licenses on
my firewalls. OK, how many concurrents can you
actually handle? What's the capacity?
Well, when I bought my firewall,I bought 25 concurrent VPN
licenses and then I sent 150 people home.
Well, that's cool because only 25 at a time can actually do
work, right? So what did I do?
I'm going to get more concurrentVPN licenses, but every box has
(19:35):
a Max capacity. So then uh oh, I guess I have to
get a bigger firewall that supports more VPN licenses or I
go buy another appliance called the VPN Concentrator or I go buy
another appliance called the security Mode Access appliance,
Right. And then it was, OK, well,
nobody's here who's going to rack and stack those appliances.
(19:56):
How am I still going to get these guys into their network
resources working from home, This was a absolute nightmare.
And even if I did get AVPN concentrator or secure mode
access appliance, that the, the configuration of that and in
getting those tunnels, this is, this is weeks and weeks.
And I got remote workers sittingat home, can't do any work.
And, and that was the problem, right?
(20:17):
So. FD Wan platforms, some FD Wan
platforms solved for that when it came in as a, hey, why don't
we just go ahead and decommission those old
firewalls, drop a gateway in there.
Now my gateway is doing local FDWan, It's doing all of my
advanced security algorithms andit's doing VPN as a service from
a service provider on my backbone.
(20:37):
And now that VPN congestion is no longer shoved in your wiring
closet or your, your Internet, right?
But it just made it clean and quick, right?
And these things could be deployed in like seconds and
then all of a sudden it was waita minute, I got everybody
sitting at home. Yeah, I got them, you know,
secure remote access. And that's all cool.
But their home Internet is garbage.
I mean, they're complaining all the time.
(20:59):
Their voice quality is horrible.I had one that was a an
animatronics company that went home and started doing, you
know, animations and running these trackball technologies.
They need to be real time and super fast on this residential
broadband and going. This is horrible.
Well, yeah, it's horrible because kids are in Google
Classroom. Mom's working from home too.
You got one stick of residentialInternet.
(21:20):
I got to have a way to carve again my business critical
application and get everybody else out of my way, even in a
single residential world. So now resident home SD Wan was
created. Now I just put a little
appliance in there. I plug in my little deal and and
boom, you know, I'm, I'm up and running and I'm actually
(21:41):
steering my application around anomalies in real time.
I didn't have to do a bunch of stuff.
I just had to plug in this box that would do it for me, right?
So that's kind of how that evolution worked.
Cut to today, we're starting to talk about the hybrid right is
OK, I'm going to come. I got remote workers, but some
of them are going to come in, some are going to come out, some
maybe these guys are going to work here Mondays and Tuesdays
(22:02):
and then Thursdays and Fridays are going to be home and a
different shift is going to come.
And that's cool. It's is it, but I, I can't have
multiple different mechanisms tosecure these guys and give them
connections. So now how do I do this?
And now we're thinking of platforms and we're rolling out
platforms like Sassy and Cassidyplatforms and ZT and a platforms
and stuff like that to where when you're outside of my office
(22:23):
environment, I'm going to grab your machine and I'm going to
send you through scrubbing centers.
I'm going to sandbox and quarantine your device.
If I see malicious code, I'm going to do kill codes on that
malicious code. And then and only then allow you
into the network resources that only you are allowed in to do
your specific job. You don't even know there's
other stuff in here, only you'reallowed somewhere, right?
(22:43):
But then there was a problem with that too.
Is OK now you allowed me into myAzure container to do my
specific job and you gave me AVPN.
So my front door's open. Your front door's open.
You gave me a secure connection.Where am I allowed to go once I
get into your front door? Your bedroom, your bathroom,
your basement, your crawl space,your I'm allowed to go anywhere,
right? It's I can go anywhere now So
(23:05):
you need to be able to segment me into no Hazel horse.
You're allowed in the second cabinet drawer of the kitchen.
You don't even know there's other rooms in this house that's
Z TNA0 trust access. But zero trust access also has a
different animal called Zero Trust Network, which means
access is simply that I'm allowed in the third kitchen
(23:27):
drawer. But what happens if I'm in the
kitchen drawer and I go to Facebook marketplace and pick up
some malicious code in flight? Do I have the capacity to now
infecting that container? Yeah.
Well, what if I was on a backbone provider and that
backbone provider was had me in a scrubbing center that was
staring at me in real time, scrubbing malicious code in real
time. That way, if I do go to Facebook
(23:49):
marketplace and pick up malicious code, I can't infect
that container. That's not zero trust access,
right? That's zero trust network.
Architecture and marketing companies are selling ZTNA all
over the place. You see it in Google and
LinkedIn or whatever, but it's back to that use case.
Mr. Customer, what do you mean by zero trust access?
Because zero trust network couldbe I'm going to do AZ scaler.
(24:11):
I'm going to do Apollo Prisma, I'm going to do a checkpoint
Harmony. Sweet, I have no local SD Wan
controls, right? That is that is an option.
Sorry. Am I going to be talking about
ZTNA and stuff like that? If you already have the Cisco
umbrellas and whatever of the world, no, but I need to know
that from from the customer is what tools have you already
invested in. We don't want people spending
(24:32):
money unless they need to. If they've already invested in a
technology, we need to be able to utilize that technology but
make it more simplified and moreelegant.
That's what we're doing. So fair, fair to say, if I sum
that up, we've gone from the, the far reaches of no, I'm going
to manage this box myself. All my employees are in one
(24:53):
location to where we are. You know, the, the gradual
growth of remote work, call it COVID or not COVID, you know,
after all of that, still the definite prominence in remote
work and mix in all of the social media and all of the
thankfully realization of needs for granular security over the
(25:14):
last couple years because of howgood some of the bad guys have
gotten to where now we've gottenand can get very, very, very
granular on the security and thecontrols within that.
And it is all it all gets collapsed.
So good, awesome sum with some of that.
So it's as we get into the last question here, I would love to
(25:36):
have everybody understand because like we said in the
beginning, right, we're, we're here to help run side by side
with our partners, talk to the customers, figure out what
they're trying to accomplish and, and put that into a
solution that then is a fit. So I would love to walk through
from your perspective, walk us through real quick an example
that you got brought into. What what were you told the
(25:57):
situation was? What did it look like as you
kind of got deeper into the, youknow, into the customer's
environment? And then what did you ultimately
end up replacing with Adam, kindof what was the value in that
story? Yeah, great question.
And I do AI do a ton of these just so you know.
So it's it's hard to pick one out.
So I'm just going to pick out mymost recent one because I'm old
and I and I have a short memory.But in this instance, we were
(26:19):
brought in by by the telecom guy.
Hey, look, I want to go you cowsand I want to go cloud contact
center. But I need these applications on
100% off time. I can't do failover fail back
that I'm doing on my Palo Alto firewalls.
I have to have 100% off time. So I need SD Wan and in this
case they were an international,they were an international
company. So I need an international SD
(26:41):
Wan. They also have locations in
mainland China. They were also doing distributed
file shares all over the globe. So my guys in mainland China
needed access and resources to LA and, and Hong Kong and
Bangalore and Singapore and Ireland and all this other
stuff, right? So we brought in a, a backbone
provider that could get us outside of mainland China.
(27:03):
They've got agreements with, youknow, the Chinese government
that allows them to do SD Wan and kind of do a work around
around that great firewall worldbrought in the air appliances
which just do local link aggregation, all this other
stuff. We're going to stack it onto the
Palo Alto fires. We're not even going to do
security yet, but this is how it's morphed and This is why it
gets gets real fun, right? It's so now we do this, we're
(27:23):
going to do private layer 2 backbone, get rid of all their
MPLS. We're going to do local SD win
for link aggregation and application control.
So now go buy your UCAS. Go buy your UCAS.
It's going to be perfect, right?They were doing cloud services
through multi cloud, so and and they weren't doing, I think
their European location at Verizon MPLS, their US locations
(27:43):
at AT&T MPLS, which is fine, right?
And then they had megaport to give them direct connects into
all of the hyperscalers. So we do the local SD win.
Then we give them that layer 2 backbone.
And then it was a epiphany. But wait a minute.
Now that I'm on these guys localor their layer 2 backbone with
their sixty pops throughout the globe and they all are in all of
(28:05):
these data centers, can't I justuse their layer 2 to get me
directly into Azure, Google, AWS, to your point on this.
Oh yes, you can. So I can get rid of Megaport
when that contract comes up, right?
Yeah, go ahead. OK, I can go ahead and get rid
of my Cisco routers because I don't need those anymore because
now I'm doing real SD Wan, right.
So I got rid of Cisco routers. I got rid of Megaport, right?
(28:26):
Got rid of my MPLS when that's coming up and that was $40,000 a
month. So I got rid of MPLS, got rid of
my direct connect and got rid ofmy right, my local regular fire,
my router, right. And then as we're doing this
deployment, then then we finallyget to the cyber security team.
Originally we were blocked out of that.
I got a team that does Cybersec and we want to talk about it for
(28:47):
Big Palo shop. We love Palo.
I love Palo too. Big Palo shop, we love Palo.
And then I got to know that, well, we've got, you know, 60-70
locations around here with Apollo firewall at each
location. I got two guys managing those
Palos. I don't have a security
operation center. I'm not doing Sam, I'm not doing
MDRXDR. But I love Powell and I love
those local firewalls except forthey're kind of becoming a
headache to manage those local firewalls.
(29:09):
Hey, Mr. SD Wan player, can you help me with this?
And it was a well, you know, yougot an on Prem firewall.
What if you did this, Mr. Customer?
What if you ingested the Paulo firewall software into the
appliance that's doing SD Wan and now I can decommission the
on Prem Palos, but I've got the Palo perimeter security inside
(29:33):
my SD Wan appliance. And then what did I do?
Oh, look at this. I got NextGen firewall that
replaced my on Prem firewall. I got SD Wan that replaced my
routers. I got direct connects that
replaced my mega port. I got late private layer 2 that
replaced my MPLS. And the original conversation I
think in the first 2-5 minutes or 510 conversations was oh,
(29:55):
this is going to be so expensive.
And it was like wait a minute, it can be if you eat the entire
elephant day one. But if you look at everything
you're spending on all these other best of breed products, if
we collapse them, we just had a giant cost containment modeling
on accident. So I think our current
originally they were spending close to $200,000 a month on all
(30:19):
of their best to be free products.
And I think we're now at 60 grand a month.
So we saved them what $140,000 amonth by collapsing their
environment. Not only do we collapse our
environment, but really the sameproduct they're already using.
But now I've got simplistics andelegance too, because I'm not
logging into a router, I'm not logging into a firewall, I'm not
logging into that, I'm not logging.
(30:40):
So now a network admin has one orchestrator, but telecom is
using the same orchestrator as my security guy that's using
this thing as my connectivity guy, that it's all there.
Simple and elegant. Oh my God, how easy to just get.
Just just get. And that's where SD Wan is gone
back to. It's not a product, it's a
platform based on a use case. That's what it is.
(31:01):
Love it. Beautiful stuff, good detail.
It's funny when we stumble into saving people money, there's
value there unbeknownst to us. And even funnier though, even
better though, is when the partner brings us to the table
of the I need another circuit and we ask why, You know what's
a firewall? And we ask why when we the
engineers come in and help thosepartners.
(31:23):
We could have just sold this guysome SD wansom connectivity and
walk because that's what he asked for.
Yeah. Then we would have been what,
8-9, ten grand a month, maybe inthat that example, but by
helping them collect their environment and build elegance
and simplicity based on risk management.
I mean, we just, we, we tripled that MRC for the for the for the
partner. I wouldn't say on accident
(31:44):
because I'm always thinking thisis our engineering team, But for
the partner, it was a, Oh my God, I, I did not know that this
was even possibility, right? And and and I love the detail
that you go into, right, that kind of shows behind the scenes
how we got there because that's that's the point as we get to
kind of some of the final thoughts on this.
The point is, whether you've sold contact center before or
(32:04):
you've sold network before or you've sold mobility before,
whatever our our goal with this is to help you get deeper into a
new discipline that you may not be in right and and understand
how we do it and understand someof those resources that are
behind us. I love the glimpse that you give
with that. Awesome.
So final thoughts, future looking, if if you look out
(32:26):
right, we've, we've painted, I think you've done a really good
job of a, a picture of graduallyhow this model has changed.
But your, your humble opinion ofwhat's next, right?
Is it, is it Casby? Is it sassy?
Is it the collapsing of tools like what?
What are the next 24 to 36 months look like?
Yeah, so your gardeners in your Forester, your analysts out
(32:48):
there are still saying, you know, you know, I even hear him
today, right? Best of breed is dead.
We're gonna collapse into singleenvironments and platforms as a
service. That's not true.
That's not true because we stillhave the Fortune 5000 out there
that has divisions of divisions of divisions of.
I got a security division that'sgonna do this.
I got a telecom division that's gonna do that.
I got a voice division that's gonna do that.
(33:09):
And they don't talk to each other.
They don't want the same platform, the same operation,
the same management mechanisms, right?
They're separate and that's OK. And that's where these best of
breed products come in that we have and we can bolt on and do
all that other stuff. I call IT service training.
That's fine. If the guys that are, I don't
have a team of 60 guys in engineering, I did and I had 19
(33:31):
different cybersecurity platforms and 16 different
pieces of software and I had 20 guys run in my shop and now I've
got 4 IT admins. Jobs are not to run around with
their hair on fire with band aids fixing people's broken
mouse pads. It used to be their jobs are now
making me money. You Mr. IT guy from the CTO all
(33:55):
the way to the desktop support guy.
Your job is no longer to fix a keyboard.
Your job is to go figure out ways to make the organization
money. Make me elegant, Make me
simplified. Figure out used to be, oh, just
go save me money. No, no, no, no.
Saving money is a byproduct of simplicity and elegance.
So now all the way to the guy inthe telecom closet, right?
(34:16):
He's got to start figuring out where's my value to the
organization? It's not in the patch panel.
It's got to be in the next evolution of technology.
What's the next software? What's the next application
that's going to make me money? What's the next way to do better
customer service? Should I do, you know, chat box
and and AI and what I need to figure this out?
How can I figure this out if I'min the attic pulling CAT5 cable?
(34:41):
So now I need to take my IT guysthat, you know, I hired from
Dubai or ITT tech or whatever, and now I've got to give them
strategic visionary ideas on making me more money.
Now the enterprise guys still have the guys, you know, covered
enough fastest, you know, and under desk pulling tables and
fixing desktops that that's going to happen for quite some
(35:02):
time now. So Forrester, Gardner, I'm sorry
if you're listening, that debrisis not that.
However, for those guys that have collapsed their staff and
their talent pool, they've got to, they've got to start
thinking. I wouldn't even say out the
outside of the box. I would just think, start
thinking about how do I make my job easier and make my company
more money. That's the game.
(35:22):
It's not tech anymore, it's money.
Beautiful stuff. I think anybody that listens to
this gets an honorary doctorate in something.
We went to school today. This is great stuff Josh
Hazelhorst, I appreciate you so much for being on the show my
friend. Love.
It Sir, thank you for letting mecome in and man I love teaching.
(35:42):
I got a passion for this stuff so call me anytime.
Awesome. All right, everybody, that wraps
us up for today. I'm your host, Josh Lopresto,
SVP of Sales Engineering here atPolaris.
And this wraps us up for advanced networking TuneIn next
week. Till next time.
Thanks everybody. Next Level Biztech has been a
production of Polaris Studio 19.Please visit telaris.com For
(36:04):
more information.
Welcome to the podcast designed to fuel your success in selling
technology solutions. I'm your host, Josh Lopresto,
SVP of Sales Engineering at Solaris, and this is Next Level
Biztech. Hey everybody, welcome back.
I'm your host, Josh Lopresto, SVP of Sales Engineering at
Solaris, and this is the Next Level Biztech podcast.
(00:21):
This week we're talking about advanced networking, we're
talking about SD Wan and everything in between.
And we have the pleasure of being joined by the one, the
great, the only, Josh Hazelhorst, world renowned SD
Wan networking architect. Mr. Hazelhorst, welcome on.
What a what a introduction. Man, I'm famous.
Thank you, Sir. Happy to be here.
(00:43):
Love it so so I want to I want to hear about you first.
I want to get everybody you knoweverybody knows you are you are
covering the Southwest, but you're also really a very strong
subject matter expert for SD Wannetworking and security.
But let's get let's let's dial it back to just you.
How did you start in this technology?
(01:04):
Have you always been in this path?
Did you do something dramatically different and then
just, you know, this sucked you in one day or where did you
start? Yeah, great question.
I mean, when I started in tech, I was just a sales Rep.
I didn't even, I didn't know anything about tech.
I was actually in the boat business for a long time,
selling offshore race boats, warlocks and zombies and
(01:24):
cigarettes and stuff like that as a as a young man.
And that was fun. But you know, you just didn't
make a heck of a lot of money, right.
So, you know, I got a job at IBM.
This was in the, I would say mid90s or whatever.
And IBM had just launched, launched this thing called
ThinkPad University. So they had this program to
where university students from like Ohio State, Florida State
or whatever, as they enroll, they get a brand new ThinkPad as
(01:45):
that, that's part of their deal,right?
So that was my, that was my first job in, in tech.
And I realized real quick, I hated technology.
Literally hated. I was working for this reseller
of this, this ThinkPad thing andthey'd be the guys running
around with the chicken suit andthe sales wheel and throwing
candy and I'm like, this is, this is just too hokey for me,
man. I, I, I hate that.
(02:08):
So I got out of there, probably within, I don't know, maybe a
year or two and started with a, a bar that was a distributor, A
distributor at the time called Avnet and started an inside
sales smiling and dialing, you know, George Costanza one by a
computer. No one by a computer.
No. And so I did that for a while
and then just moved up and we got onto the Cisco side of the
house and became, you know, Cisco certified in the, in the,
(02:31):
in the advanced wireless. And they called managers and all
that other jazz. And then Avnet sold their, their
Cisco practice to another company called K Length.
Well, Kalyn's didn't need all ofus from Avnet.
They were already one of the biggest, you know, Cisco
reseller integrators on the planet.
So we all pretty much got whacked that day and then just
started hopping from bars to integrators.
(02:53):
But every time I went to a different bar, a different
integrator, I would go to a different discipline.
So I started in that Cisco worldand I went to another bar and,
and started building a, a storage practice for EMC.
So we started building, you know, backup recovery, archive
solutions and monster, you know,$1,000,000 Sims for giant data
centers and stuff like that. And then this horrible idea of
(03:15):
cloud compute came about. Well, there I go, right.
Nobody's buying $1,000,000, you know, SANS anymore.
They're just going to do it on aas a service model for a couple
of pennies a gig, stuff like that.
I actually got out of that. I said that's it, I'm done.
And in between I got a whole bunch of Cisco certs, a whole
bunch of EMC certs. So now I know storage, compute,
network, stuff like that. But I'm like tech, I'm done,
(03:37):
man. This after probably 10, maybe 15
years of doing it and opened up my own construction company,
bought trucks and trailers, marketed myself out to a bunch
of real estate agents. That's when all the foreclosures
were going like crazy. Well, how do you sell a
foreclosed home? You got to clean out all the
garbage, right? And I thought I'm going to buy
trucks and trailers. I'm going to hire a bunch of
people. We're just going to go clean out
(03:58):
garbage and make homes conveyable.
And it started with doing a couple homes a week and to doing
203040 I'm a week throughout theentire state.
I had like a crew of 20 throughout the entire state.
We were, oh, I don't know, we were probably netting 304
hundred KA year just cleaning out homes so real estate agents
could sell them. And then Bank of America
(04:18):
Countrywide, who had my contractwith us, sold to a company
called Safeguard out of Ohio or sold my contract to a company
called Safeguard out of Ohio. And that was it.
Light switch just turned off. And I thought, oh, my, my wife
is in tech at the time too, and I thought I got to get a job.
The only thing I know is tech. Well, CRUD started filling out
resumes, Got a first, first job opportunity I got was for a
(04:41):
cloud voice company. No, no, no, not cloud voice,
right, Except for on Francisco World and now we're talking
about. So then I started doing that and
then got into that, started doing my own deployment, got,
you know, getting certified, getting engineering certs, all
that other jazz. And then I realized back then
from a data warehousing world, there were technologies inside
(05:02):
data storage world like data deduplication, like software
defined, you know, networking inside that data warehousing
world, from database to data, Coca-Cola to color, stuff like
that. And then we started doing this
cloud voice thing. And I thought, why can't I do?
Why are people doing the same thing in this in this voice
thing? I always complain and I'm not
going to, I'm never going to go hosted voice, right?
(05:25):
Because reliability and Internetand all that.
I'm just going to get PR airlineSIP trunks.
So the whole reason people wouldn't go to cloud was because
of reliability, redundancy, security mechanisms, right.
So the thought was, guys, why aren't why aren't we doing this?
Why aren't we partnering up withcompanies that'll do things
like, you know, application, youknow, controls and link
(05:46):
aggregation and load balancing. And you know, in a data world,
we have load balancers, but thatwas for storage, server, server,
all this. Why can't we do this for voice?
So we started bringing in other companies like Dialo Cloud, for
example, to fix voice problems. What the problem was, we
wouldn't talk about building a reliable network, building a way
(06:07):
to reroute around Internet anomalies.
We would sell the voice. Here's your 15 seats, your 20
seats, your hundred seats. And then when you called in at
about the 100th time complainingabout how horrible this thing
is, once you start talking, started talking about lawyers,
about contract termination, thenwe would say, hey, why don't you
plug this box in and it just magically fixes this voice
(06:28):
issue. And I started hitting myself in
the head going, guys, why don't we do that first?
And then when we roll out our application, we never have a
problem. So now our customer service
that's taken the I hate you calls every single day goes away
because we fixed their network 1st and then layered on the
application, right. So I did that for several years
(06:51):
and then I left the UCAS market and went to an SD Wan
manufacturer. OK, how does this stuff really
work? How can this stuff really get
built? How do we start taking these
technologies and start bringing in other technologies into the
same solutions? So when we started looking at
things like how do I implement afirewall into SD Wan, right?
How do I implement advanced threat hunting into SD Wan?
(07:11):
How do I do, how do I collapse environments?
So an IT admin doesn't have 13 appliances and 15 pieces of
software they have to manage. Isn't there a way I can just
have like 1 box and one piece ofsoftware that can manage my
entire organization and now I don't have to have 11 product
managers to support 19 differentcountermeasures.
(07:32):
So that's kind of where it started going.
And then you know, I got to go get certified and every firewall
on the planet, every safety man on the planet.
How does everyone from Ariaka toZen layer do it right?
What are the insurance and outs?What can they do?
What can't they do? And more importantly, then are
there still holes, right? Are there holes in security or
in the holes the way specific applications work around SD Wan?
(07:52):
And if there are holes, is that yet another product or is that
now just a product dev that needs to now integrate into
their existing SD Wan platform? And and these things have turned
into now past and my world rightplatform as a service that what
do you want? Do you want it to be sassy?
Do you want it to be Casby? Do you just want it to, you
know, do bandwidth consolidate? What do you want?
(08:13):
Let's talk about that. Let's let's talk about what it
is now. I love the journey.
I love the wild story and this industry always seems to suck
everybody back in whether we like it or not.
I know. So.
So let's talk, let's set the stage a little bit.
I mean, I, I think for anybody that doesn't understand this,
there's a lot of layers, right? There's SD Wan with security,
(08:34):
there's SD Wan without security.There's SD Wan from my
aggregator, there's SD Wan by itself.
If we, if we, we know that some of those things are the options,
right? And then we, like you said, we
start to get into the new stuff,the Casby and Sassy and things
like that. We can get to that a little bit
at the end of kind of where thisis all going.
I think it ties into there. Let's just, let's just level set
(08:56):
on what would you say this does?What does this technology, why
is it there? What does it do and why is it
better than what somebody might have from a legacy perspective
to kind of bring back to some ofthe points you brought up?
Yeah, yeah. And when I go around the country
and I talk about the partners, integrators, manufacturers I
work with a lot of the product that I've seen and stuff like
(09:17):
that. Very, very common questions,
right? What's the next evolution and
what SD Wan does? First of all, let's level set
this. SD Wan is not a product.
There's not a box, there's not ablinky light.
It is not a spinning disk. SD Wan is a risk management,
risk tolerance idea. It is a theoretical idea of what
(09:40):
what applications do I run in myenvironment that are my crown
jewels, What do I make money doing?
I have to understand the customers use case.
How do I make money now based onhow I make money, how do I
protect that application and howdo you need it protected, right.
So when we talk about over the top SD Wans versus Savvies
(10:00):
versus Cavies versus Pavs, it's really not about oh, do I need a
full stack, you know, Fortinet, Cato, Cisco, whatever.
It's really about that use case of, OK, let's look at operations
and logistics and risk management first.
What applications do you have Mr. Customer, that cannot risk a
(10:21):
failover fail back event? Is that desktop as a service?
Is it workspace as a service? Is it your containers in AWS as
your GCP? Is it?
What is it that needs requires based on risk management?
Risk tolerance? 100% application up time 0
failures. Do you have any of those
applications in your organization Mr. Customer?
(10:42):
Yes no. If the answer is no, I literally
have nothing. We don't run on computers, we
run on, you know, post its and and and sheets and then maybe
they're not a fit for SD Wan. But again, going back to the SD
Wan in a product, right? SD Wan is 3 things.
It is management. Meaning I can open one GUI
(11:02):
interface and I can manage single locations or multiple
locations and multiple technologies in the same admin
user interface. Visibility is a second pillar.
Can I see analytics of my Internet circuits, my top
talkers, my top users, my top applications, my latency, my
(11:24):
packet loss, my jitter, my crosstalk?
Can I see what connected IPS I have, right?
Do I have visibility into my entire organization?
Right. So when we talk about SD Wan, I
guess in a like AITSM world or anetwork management world to say
SolarWinds, things like that, would would those actually
qualify as SD Wan if they hit one of those pillars?
(11:44):
Well, yeah, I can manage everybody in a single interface,
right? Then yeah, those would qualify.
And then the third biggest component is automation.
If something happens, and if that happens and Internet one
dies and goes over to Internet 2, do I have to manually do
anything? Do I have to push a reset
button? Do I have to go into a software
(12:04):
portal and click anything? Do I have to manually do
anything for it to go from Internet one to Internet 2 or
Internet 2 to inter 11? Or does it do it automatically
for me? If it does it automatically for
me, guess what? Any one of those pillars or any
combination of those pillars of management, visibility and
automation qualify as SD Wan. So then you got manufacturers
out there and Gartner out there and all that go going, oh, I'm
(12:25):
Cradle Point, I'm SD Wan. I'm Microtick, I'm SD Wan.
I'm Pep Link, I'm SD Wan. Well, if you're failing over and
failing back automatically, thenyeah, you qualify.
Doesn't mean you're going to keep applications in 100% off
time situations because now that's the risk management, risk
tolerance conversation around applications.
But there's a ton of things thatqualify as SD Wan.
Some guys say, oh, there's 40 SDWan platforms out there.
(12:47):
No, there's 75. And it's because what qualifies
as SD Wan depends on what the customer needs to protect and
how comes back. So it comes back to a business
conversation. I, I see that's the, that's The
funny thing about this, right? I mean, this is, this podcast is
meant to be a little bit of technical exposure to how some
of these different vendors and things like that work.
(13:07):
But there has been a common thread.
It really just comes down to what problem are you trying to
solve? To your point, you know what,
what applications are your crownjewels?
Are they resilient? Can you afford them to have
downtime and just stop and listen?
And I, I, I think it's fascinating.
I think people are surprised when we come in from a technical
acumen and we're just asking business questions because
(13:28):
that's really all it comes down to, right?
Yeah, and when I teach partners right, you know I wouldn't say
sales one O 1. I would maybe say sales like 2O2
is hey, I want to start, you know, understanding SD Wan so I
can sell SD one of my customer. How do I sell SD Wan Josh don't
do not sell SD Wan SD Wan sells itself SD Wan is the hook to all
(13:48):
these other cloud services that you want to sell You want to
sell cloud migrations from on Prem to AWS Google tier points
like central Rackspace. How are you going to do that
migration? How are you going to connect to
it? How are you going to connect to
it securely? Well, now it's an SD Wan
conversation. How do you need those
applications for format Hey now it's an SD Wan conversation
right? Oh, I need, and I get this all
the time. I just had one this morning is
(14:10):
Hey, I want to get into that forme and I do, I do UCAS, TCAS and
and Internet Sweet. You get people calling you up.
They I need a a secondary Internet connection.
Cool. Let's do like everybody else
does and sell them whatever's onthat near net and just sell them
that $136 broadband circuit. Right, We're done.
No, how do you want that circuitto behave?
What applications cannot tolerate failover and fail back?
(14:35):
I didn't sell them SD Wan. What I sold them is you're going
to have two Internet connections.
Why not use two Internet connections?
Why buy another connection that you're going to use four, 5% of
the time? Why not use it all the time and
have your critical applications dictate which connection is
correct in real time? Why don't we do that?
I install SD Wan, I sold. How do you want your Internet to
(14:57):
behave, which happens to be SD Wan, But then it gets way, way
deeper though, right is if I'm talking to the telecom and the
and the Internet guy at at the company, that is an over the top
SD Wan solution, bandwidth conditioning tools, right?
Stuff like that. OK, great.
I'm link out gate and I'm alwaysup.
Sweet, wonderful. Well, what are your firewalls?
(15:17):
Maybe your existing firewalls can already do this.
Maybe it can already do this with just a upgrade of an OS.
You know, maybe they can't do itat all and we need an over the
top. And more importantly than that,
who is managing these firewalls?So now we get into this whole
cybersecurity conversation of I really want to start selling
cybersecurity, but I don't know how well I'm not selling
cybersecurity. I sold you a secondary Internet
(15:38):
circuit, right? I asked you how they wanted to
behave. Turned into an FD Wan
conversation. What applications are you
running? Turned into AI.
Want to go buy a hosted voice? Oh, OK, well now I can sell them
hosted voice. I can sell them the Internet, I
can sell them the FD Wan. Now what are your firewalls?
Who's managing them? Who's due when?
How often do you're looking at your firewall logs?
Are you doing advanced anomaly detection?
(15:58):
Are you doing vulnerability scans, pen testing, all this
other stuff? Are you ingesting those logs
into a analyzer, a SEM into a security operations?
And then it's Oh my God, no, Josh, I don't have security
operations teams. I'm not doing advanced threat
hunting. I just bought a off the shelf
firewall that's at a tip of compliant.
Sweet. How deep in cyber maturity do
(16:19):
you guys want to get? Do you want to start building
formalized frameworks? Do you want to start doing
defense in depth, everything from endpoint security awareness
training to end protection all the way into data loss
prevention and really start getting cyber mature?
Or did you outsource an MSFP that's already doing that?
Because now that starts dictating which SD Wan platforms
(16:40):
now that we already determined from the telco and Internet guy
that SD Wan is in need. Well, now it's a which one,
right? Which tech is going to be
correct for your organization? Because if I've already out,
Josh, have I already outsourced all cybersecurity to whoever?
Am I going to go in and talk about the Catos and the Florida
Nets and the verses of the world?
No, I'm not even talking to thatguy.
(17:01):
He don't even know what I'm saying, right.
So now I'm just talking to the telco and Internet guy.
So it's really going to depend on their, their risk, I guess
platform and and their logisticsand operation of who can support
what and where are the holes in gaps because a lot of times we
can kill a lot of birds with onestone.
And you know, I, I, I want to make sure too, that everything
(17:23):
that anybody hears is that this is the value of being a
tilarious partner, right? They get to ride side by side
with you, helping them with their customers in these
discovery calls because this, this technology is complex, but
it doesn't have to be. So, you know, small plug for the
Solaris engineering team, right?That's what we're here to do.
We're here to help you figure these things out, figure out
(17:44):
where your customers are at, figure out where they're going,
figure out what their pitfalls are going to be and talk about
pitfalls that, you know, we can I, I think hopefully help them
avoid. So I, you know, I think you laid
down some good things about how a partner can be, can be asking
these questions and not, not make it about a specific
technology, make it about a business.
And, and you did start to alludeto some of the trends and I want
(18:05):
to jump into trends here. I want to go trends and then I
want to get into a detailed example.
So from a, from a trends perspective, you know, if I
flashback, I remember we starteddoing this years ago, the idea
of putting a box managed as a service in a customer's
environment that they didn't totally know what it did.
No way get that box out of here.I ain't doing that.
I manage all my own gear. I got all these pieces and I and
(18:29):
I got I can adequately staff andI got no problems with that.
It's great. Fast forward to where we're at
now, massive employment shortagethat keeps getting worse and
worse. The the great resignation, all
the stuff coming off the back ofCOVID, blah, blah, blah.
What are some trends that that that you're seeing these days
that you didn't see a couple years ago that maybe partners
(18:50):
should look out for? Yeah, no, great question.
And go back to that COVID specific, right, as we had, you
know, office workers, you know, coming into the office on the
cute farm doing their jobs. I got my on Prem firewalls.
I got my security team, you know, we're beautiful,
everything's cool. We might need some other
countermeasures and stuff like that.
But then then I sent everybody home.
Well, how am I going to securelyconnect those guys when I sent
(19:13):
everybody to go work from home? Oh, well, I got VPN licenses on
my firewalls. OK, how many concurrents can you
actually handle? What's the capacity?
Well, when I bought my firewall,I bought 25 concurrent VPN
licenses and then I sent 150 people home.
Well, that's cool because only 25 at a time can actually do
work, right? So what did I do?
I'm going to get more concurrentVPN licenses, but every box has
(19:35):
a Max capacity. So then uh oh, I guess I have to
get a bigger firewall that supports more VPN licenses or I
go buy another appliance called the VPN Concentrator or I go buy
another appliance called the security Mode Access appliance,
Right. And then it was, OK, well,
nobody's here who's going to rack and stack those appliances.
(19:56):
How am I still going to get these guys into their network
resources working from home, This was a absolute nightmare.
And even if I did get AVPN concentrator or secure mode
access appliance, that the, the configuration of that and in
getting those tunnels, this is, this is weeks and weeks.
And I got remote workers sittingat home, can't do any work.
And, and that was the problem, right?
(20:17):
So. FD Wan platforms, some FD Wan
platforms solved for that when it came in as a, hey, why don't
we just go ahead and decommission those old
firewalls, drop a gateway in there.
Now my gateway is doing local FDWan, It's doing all of my
advanced security algorithms andit's doing VPN as a service from
a service provider on my backbone.
(20:37):
And now that VPN congestion is no longer shoved in your wiring
closet or your, your Internet, right?
But it just made it clean and quick, right?
And these things could be deployed in like seconds and
then all of a sudden it was waita minute, I got everybody
sitting at home. Yeah, I got them, you know,
secure remote access. And that's all cool.
But their home Internet is garbage.
I mean, they're complaining all the time.
(20:59):
Their voice quality is horrible.I had one that was a an
animatronics company that went home and started doing, you
know, animations and running these trackball technologies.
They need to be real time and super fast on this residential
broadband and going. This is horrible.
Well, yeah, it's horrible because kids are in Google
Classroom. Mom's working from home too.
You got one stick of residentialInternet.
(21:20):
I got to have a way to carve again my business critical
application and get everybody else out of my way, even in a
single residential world. So now resident home SD Wan was
created. Now I just put a little
appliance in there. I plug in my little deal and and
boom, you know, I'm, I'm up and running and I'm actually
(21:41):
steering my application around anomalies in real time.
I didn't have to do a bunch of stuff.
I just had to plug in this box that would do it for me, right?
So that's kind of how that evolution worked.
Cut to today, we're starting to talk about the hybrid right is
OK, I'm going to come. I got remote workers, but some
of them are going to come in, some are going to come out, some
maybe these guys are going to work here Mondays and Tuesdays
(22:02):
and then Thursdays and Fridays are going to be home and a
different shift is going to come.
And that's cool. It's is it, but I, I can't have
multiple different mechanisms tosecure these guys and give them
connections. So now how do I do this?
And now we're thinking of platforms and we're rolling out
platforms like Sassy and Cassidyplatforms and ZT and a platforms
and stuff like that to where when you're outside of my office
(22:23):
environment, I'm going to grab your machine and I'm going to
send you through scrubbing centers.
I'm going to sandbox and quarantine your device.
If I see malicious code, I'm going to do kill codes on that
malicious code. And then and only then allow you
into the network resources that only you are allowed in to do
your specific job. You don't even know there's
other stuff in here, only you'reallowed somewhere, right?
(22:43):
But then there was a problem with that too.
Is OK now you allowed me into myAzure container to do my
specific job and you gave me AVPN.
So my front door's open. Your front door's open.
You gave me a secure connection.Where am I allowed to go once I
get into your front door? Your bedroom, your bathroom,
your basement, your crawl space,your I'm allowed to go anywhere,
right? It's I can go anywhere now So
(23:05):
you need to be able to segment me into no Hazel horse.
You're allowed in the second cabinet drawer of the kitchen.
You don't even know there's other rooms in this house that's
Z TNA0 trust access. But zero trust access also has a
different animal called Zero Trust Network, which means
access is simply that I'm allowed in the third kitchen
(23:27):
drawer. But what happens if I'm in the
kitchen drawer and I go to Facebook marketplace and pick up
some malicious code in flight? Do I have the capacity to now
infecting that container? Yeah.
Well, what if I was on a backbone provider and that
backbone provider was had me in a scrubbing center that was
staring at me in real time, scrubbing malicious code in real
time. That way, if I do go to Facebook
(23:49):
marketplace and pick up malicious code, I can't infect
that container. That's not zero trust access,
right? That's zero trust network.
Architecture and marketing companies are selling ZTNA all
over the place. You see it in Google and
LinkedIn or whatever, but it's back to that use case.
Mr. Customer, what do you mean by zero trust access?
Because zero trust network couldbe I'm going to do AZ scaler.
(24:11):
I'm going to do Apollo Prisma, I'm going to do a checkpoint
Harmony. Sweet, I have no local SD Wan
controls, right? That is that is an option.
Sorry. Am I going to be talking about
ZTNA and stuff like that? If you already have the Cisco
umbrellas and whatever of the world, no, but I need to know
that from from the customer is what tools have you already
invested in. We don't want people spending
(24:32):
money unless they need to. If they've already invested in a
technology, we need to be able to utilize that technology but
make it more simplified and moreelegant.
That's what we're doing. So fair, fair to say, if I sum
that up, we've gone from the, the far reaches of no, I'm going
to manage this box myself. All my employees are in one
(24:53):
location to where we are. You know, the, the gradual
growth of remote work, call it COVID or not COVID, you know,
after all of that, still the definite prominence in remote
work and mix in all of the social media and all of the
thankfully realization of needs for granular security over the
(25:14):
last couple years because of howgood some of the bad guys have
gotten to where now we've gottenand can get very, very, very
granular on the security and thecontrols within that.
And it is all it all gets collapsed.
So good, awesome sum with some of that.
So it's as we get into the last question here, I would love to
(25:36):
have everybody understand because like we said in the
beginning, right, we're, we're here to help run side by side
with our partners, talk to the customers, figure out what
they're trying to accomplish and, and put that into a
solution that then is a fit. So I would love to walk through
from your perspective, walk us through real quick an example
that you got brought into. What what were you told the
(25:57):
situation was? What did it look like as you
kind of got deeper into the, youknow, into the customer's
environment? And then what did you ultimately
end up replacing with Adam, kindof what was the value in that
story? Yeah, great question.
And I do AI do a ton of these just so you know.
So it's it's hard to pick one out.
So I'm just going to pick out mymost recent one because I'm old
and I and I have a short memory.But in this instance, we were
(26:19):
brought in by by the telecom guy.
Hey, look, I want to go you cowsand I want to go cloud contact
center. But I need these applications on
100% off time. I can't do failover fail back
that I'm doing on my Palo Alto firewalls.
I have to have 100% off time. So I need SD Wan and in this
case they were an international,they were an international
company. So I need an international SD
(26:41):
Wan. They also have locations in
mainland China. They were also doing distributed
file shares all over the globe. So my guys in mainland China
needed access and resources to LA and, and Hong Kong and
Bangalore and Singapore and Ireland and all this other
stuff, right? So we brought in a, a backbone
provider that could get us outside of mainland China.
(27:03):
They've got agreements with, youknow, the Chinese government
that allows them to do SD Wan and kind of do a work around
around that great firewall worldbrought in the air appliances
which just do local link aggregation, all this other
stuff. We're going to stack it onto the
Palo Alto fires. We're not even going to do
security yet, but this is how it's morphed and This is why it
gets gets real fun, right? It's so now we do this, we're
(27:23):
going to do private layer 2 backbone, get rid of all their
MPLS. We're going to do local SD win
for link aggregation and application control.
So now go buy your UCAS. Go buy your UCAS.
It's going to be perfect, right?They were doing cloud services
through multi cloud, so and and they weren't doing, I think
their European location at Verizon MPLS, their US locations
(27:43):
at AT&T MPLS, which is fine, right?
And then they had megaport to give them direct connects into
all of the hyperscalers. So we do the local SD win.
Then we give them that layer 2 backbone.
And then it was a epiphany. But wait a minute.
Now that I'm on these guys localor their layer 2 backbone with
their sixty pops throughout the globe and they all are in all of
(28:05):
these data centers, can't I justuse their layer 2 to get me
directly into Azure, Google, AWS, to your point on this.
Oh yes, you can. So I can get rid of Megaport
when that contract comes up, right?
Yeah, go ahead. OK, I can go ahead and get rid
of my Cisco routers because I don't need those anymore because
now I'm doing real SD Wan, right.
So I got rid of Cisco routers. I got rid of Megaport, right?
(28:26):
Got rid of my MPLS when that's coming up and that was $40,000 a
month. So I got rid of MPLS, got rid of
my direct connect and got rid ofmy right, my local regular fire,
my router, right. And then as we're doing this
deployment, then then we finallyget to the cyber security team.
Originally we were blocked out of that.
I got a team that does Cybersec and we want to talk about it for
(28:47):
Big Palo shop. We love Palo.
I love Palo too. Big Palo shop, we love Palo.
And then I got to know that, well, we've got, you know, 60-70
locations around here with Apollo firewall at each
location. I got two guys managing those
Palos. I don't have a security
operation center. I'm not doing Sam, I'm not doing
MDRXDR. But I love Powell and I love
those local firewalls except forthey're kind of becoming a
headache to manage those local firewalls.
(29:09):
Hey, Mr. SD Wan player, can you help me with this?
And it was a well, you know, yougot an on Prem firewall.
What if you did this, Mr. Customer?
What if you ingested the Paulo firewall software into the
appliance that's doing SD Wan and now I can decommission the
on Prem Palos, but I've got the Palo perimeter security inside
(29:33):
my SD Wan appliance. And then what did I do?
Oh, look at this. I got NextGen firewall that
replaced my on Prem firewall. I got SD Wan that replaced my
routers. I got direct connects that
replaced my mega port. I got late private layer 2 that
replaced my MPLS. And the original conversation I
think in the first 2-5 minutes or 510 conversations was oh,
(29:55):
this is going to be so expensive.
And it was like wait a minute, it can be if you eat the entire
elephant day one. But if you look at everything
you're spending on all these other best of breed products, if
we collapse them, we just had a giant cost containment modeling
on accident. So I think our current
originally they were spending close to $200,000 a month on all
(30:19):
of their best to be free products.
And I think we're now at 60 grand a month.
So we saved them what $140,000 amonth by collapsing their
environment. Not only do we collapse our
environment, but really the sameproduct they're already using.
But now I've got simplistics andelegance too, because I'm not
logging into a router, I'm not logging into a firewall, I'm not
logging into that, I'm not logging.
(30:40):
So now a network admin has one orchestrator, but telecom is
using the same orchestrator as my security guy that's using
this thing as my connectivity guy, that it's all there.
Simple and elegant. Oh my God, how easy to just get.
Just just get. And that's where SD Wan is gone
back to. It's not a product, it's a
platform based on a use case. That's what it is.
(31:01):
Love it. Beautiful stuff, good detail.
It's funny when we stumble into saving people money, there's
value there unbeknownst to us. And even funnier though, even
better though, is when the partner brings us to the table
of the I need another circuit and we ask why, You know what's
a firewall? And we ask why when we the
engineers come in and help thosepartners.
(31:23):
We could have just sold this guysome SD wansom connectivity and
walk because that's what he asked for.
Yeah. Then we would have been what,
8-9, ten grand a month, maybe inthat that example, but by
helping them collect their environment and build elegance
and simplicity based on risk management.
I mean, we just, we, we tripled that MRC for the for the for the
partner. I wouldn't say on accident
(31:44):
because I'm always thinking thisis our engineering team, But for
the partner, it was a, Oh my God, I, I did not know that this
was even possibility, right? And and and I love the detail
that you go into, right, that kind of shows behind the scenes
how we got there because that's that's the point as we get to
kind of some of the final thoughts on this.
The point is, whether you've sold contact center before or
(32:04):
you've sold network before or you've sold mobility before,
whatever our our goal with this is to help you get deeper into a
new discipline that you may not be in right and and understand
how we do it and understand someof those resources that are
behind us. I love the glimpse that you give
with that. Awesome.
So final thoughts, future looking, if if you look out
(32:26):
right, we've, we've painted, I think you've done a really good
job of a, a picture of graduallyhow this model has changed.
But your, your humble opinion ofwhat's next, right?
Is it, is it Casby? Is it sassy?
Is it the collapsing of tools like what?
What are the next 24 to 36 months look like?
Yeah, so your gardeners in your Forester, your analysts out
(32:48):
there are still saying, you know, you know, I even hear him
today, right? Best of breed is dead.
We're gonna collapse into singleenvironments and platforms as a
service. That's not true.
That's not true because we stillhave the Fortune 5000 out there
that has divisions of divisions of divisions of.
I got a security division that'sgonna do this.
I got a telecom division that's gonna do that.
I got a voice division that's gonna do that.
(33:09):
And they don't talk to each other.
They don't want the same platform, the same operation,
the same management mechanisms, right?
They're separate and that's OK. And that's where these best of
breed products come in that we have and we can bolt on and do
all that other stuff. I call IT service training.
That's fine. If the guys that are, I don't
have a team of 60 guys in engineering, I did and I had 19
(33:31):
different cybersecurity platforms and 16 different
pieces of software and I had 20 guys run in my shop and now I've
got 4 IT admins. Jobs are not to run around with
their hair on fire with band aids fixing people's broken
mouse pads. It used to be their jobs are now
making me money. You Mr. IT guy from the CTO all
(33:55):
the way to the desktop support guy.
Your job is no longer to fix a keyboard.
Your job is to go figure out ways to make the organization
money. Make me elegant, Make me
simplified. Figure out used to be, oh, just
go save me money. No, no, no, no.
Saving money is a byproduct of simplicity and elegance.
So now all the way to the guy inthe telecom closet, right?
(34:16):
He's got to start figuring out where's my value to the
organization? It's not in the patch panel.
It's got to be in the next evolution of technology.
What's the next software? What's the next application
that's going to make me money? What's the next way to do better
customer service? Should I do, you know, chat box
and and AI and what I need to figure this out?
How can I figure this out if I'min the attic pulling CAT5 cable?
(34:41):
So now I need to take my IT guysthat, you know, I hired from
Dubai or ITT tech or whatever, and now I've got to give them
strategic visionary ideas on making me more money.
Now the enterprise guys still have the guys, you know, covered
enough fastest, you know, and under desk pulling tables and
fixing desktops that that's going to happen for quite some
(35:02):
time now. So Forrester, Gardner, I'm sorry
if you're listening, that debrisis not that.
However, for those guys that have collapsed their staff and
their talent pool, they've got to, they've got to start
thinking. I wouldn't even say out the
outside of the box. I would just think, start
thinking about how do I make my job easier and make my company
more money. That's the game.
(35:22):
It's not tech anymore, it's money.
Beautiful stuff. I think anybody that listens to
this gets an honorary doctorate in something.
We went to school today. This is great stuff Josh
Hazelhorst, I appreciate you so much for being on the show my
friend. Love.
It Sir, thank you for letting mecome in and man I love teaching.
(35:42):
I got a passion for this stuff so call me anytime.
Awesome. All right, everybody, that wraps
us up for today. I'm your host, Josh Lopresto,
SVP of Sales Engineering here atPolaris.
And this wraps us up for advanced networking TuneIn next
week. Till next time.
Thanks everybody. Next Level Biztech has been a
production of Polaris Studio 19.Please visit telaris.com For
(36:04):
more information.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.