[music] Parag Thakore: I would say encourage security buyers and security people to also start thinking about performance characteristics and optimization and whether that infrastructure can deliver that for them or not. And they don't need to be experts, it's a very simple question in terms of, "Hey, can I get this high-performance connectivity from this Cloud security that I'm purchasing or that security vendor that I'm looking for?" So I think ease of operations and that high-performance connectivity is something that security should also look at as a criteria when they look at security platforms.
[music] Producer1: Hello and welcome to Security Visionaries. You just heard from today's guest, Parag Thakore, SVP of Borderless WAN at Netskope. As the evolution of business models continues, CIOs need to start thinking about converging the responsibilities of networking and security teams and simplifying the end user journey. Netskope is doing just that by collaborating with SD-WAN leaders to deliver fast, secure, and cost-effective access for branch and remote users. Before we dive into Parag's interview, here's a brief word from our sponsor.
Producer2: The Security Visionaries Podcast is powered by the team at Netskope. At Netskope, we are redefining Cloud, data and network security with a platform that provides optimized access and zero trust security for people, devices, and data anywhere they go. To learn more about how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.
Producer1: Without further ado, please enjoy Episode 21 of Security Visionaries with Parag Thakore, SVP of Borderless WAN at Netskope and your host, Mike Anderson.
Mike Anderson: Welcome to today's episode of the Security Visionaries Podcast. I'm your host, Mike Anderson. I'm the Chief Digital & Information Officer here at Netskope. Today I'm excited to be joined by one of my peers here, Parag Thakore. Parag, how are you doing today?
Parag Thakore: I'm doing great. Thank you Mike and thanks for inviting me.
Mike Anderson: Yeah, absolutely. Obviously, you joined us almost a year ago from our acquisition of Infiot and you now serve as our senior vice president of our borderless SD-WAN group. Tell us a little bit about your journey and then your journey into Netskope and a little about your background in the networking and security space.
Parag Thakore: Sure, Mike. So my background actually in networking goes back in the Cisco days where there were service providers that I would deal with who would use MPLS networks. And actually, if you look at the MPLS trend, it started more from voice, VOIP. So when data networks and voice networks were converging together, that's where the MPLS market was created and I was a part of that journey creating the ISR Gen 1, ISR Gen 2, which were like branch office routers. And until 2009-2010, MPLS was exploding, which is where everyone was buying MPLS for many-to-many connectivity needs.
Parag Thakore: And suddenly, at that point there was a inflection point where if you look at Cisco, they were acquiring a lot of voice and video endpoint companies and that demands very high video, very high bandwidth for voice and video to run on that. So if you look at our video call, each video stream would be 10 megs and MPLS link would be one and a half megs and it would cost $400 a month. So that's where we started thinking from more of like, "How do we help customers so that it can be more cost-effective for them to run these networks?" Because you can't upgrade your MPLS bandwidth to that extent because that was gonna be really expensive.
Parag Thakore: So I left Cisco at that point and I became the VP of products and also the founding member of a company called VeloCloud Networks, which is one of the market-leading software-defined WAN companies. The word SD-WAN didn't exist. We created that market. Right now it's a pretty big market, people know about it. So from there, what SD-WAN gave is this whole commodity bandwidth, commodity broadband links, and you could run your networks over it rather than MPLS and it gave you that reliability over Internet links and easily manage your branch offices.
Parag Thakore: What it didn't give you and which is where we started Infiot was more about this many-to-many connectivity because what we saw was the enterprise perimeter was expanding. In fact, I remember a conversation where I was presenting SD-WAN and the customer said, "Man, I didn't understand a single word of SD-WAN." And to look into the problem, we said, "Okay." You go out to their factory floor and they point to this big machine and they say, "That's my new branch and inside the branch I have sensors." Or if you look at all of us working from home today, those are extensions of your branch offices or you look at the multicloud environment. So what we noticed is SD-WAN was not designed for this many-to-many world and that's where we got out after the acquisition. VeloCloud got acquired by VMWare. Right after the acquisition we got out and started Infiot and then from there on, Infiot got acquired by Netskope as of last year.
Mike Anderson: That's great. It's been a... And it's an amazing journey. I heard that a lot of the, what we see as the software-defined WAN companies out there today have roots back to that same Cisco team you were on years ago before even founding VeloCloud. So a lot of good talent in that team for sure.
Mike Anderson: So probing in a little bit more, I know we, when we looked at the market obviously from a Netskope standpoint, we've been looking at SASE and for the longest time we were delivering one side of the equation, which was the Cloud security stack and then obviously, as you were looking at the SD-WAN business or the borderless SD-WAN business, that many-to-many, it made a nice coupling to bring together as companies look at the whole "What does a single vendor SASE market look like as we go forward in the future?"
Mike Anderson: So you've been here almost a year now. So talk to me a little bit about your current role at Netskope and what are some of the things that you're really focused on? What are some of the big things you feel like now with this merge of security service edge and SD-WAN, if you think about the SASE architecture, what are the cool things you're working on maybe in that context of that many-to-many you just brought up?
Parag Thakore: Yeah, so I'm the senior vice president for the borderless SD-WAN group, also including SASE where one of our theme is to deliver the same level of consistent performance and secure connectivity everywhere. Whether Parag or Mike as a user is in our office or we are in a cafe or we are in a home office, no matter where we are, now as a single company, we are able to deliver that high-performance and secure connectivity for all these use cases. So really building that platform play wherein ease of use is super critical because you're now dealing with the network team and the security team together and how do you bring these things together so that it's very simple, it's agile, it's cost-effective so it brings your cost down. But more importantly, if you think from a use case perspective, it's all the way from office to the cafe to your home or your multicloud environment and delivering that performance and secure connectivity for all these use cases.
Mike Anderson: That's great. You know I geek out. We've had so many conversations. I geek out on all the technology that you brought to the table to combine with what we have here at Netskope. A lot of our listeners may be going, "Okay, I thought our theme this year was security as a team sport." And I think that you hit the nail in the head when you talked about this really starts to converge the networking and security capabilities in a platform approach. What's your take on the whole notion of security as a team sport?
Parag Thakore: Yeah, I think absolutely. So there's a bit of interesting history there. If you look back in 2010-2013, when we started this SD-WAN journey, at the same time, if you look at it, Netskope and few other vendors were on that Cloud security journey doing the SSE stack. Now back then, one of the notion of SD-WAN in 2010s was, "Okay, I'll give you a direct Internet breakout from every single branch." Now in that process, I was party to that problem, by the way, where I said, "You know what, we will give you good enough security in every single branch." And good enough security is never good enough. We all know that.
Parag Thakore: And with time it has been proven that if you distribute security down to every single branch office, probably it's much more harder to manage because one, it is super distributed and it's very complex from manageability perspective and on the other spectrum, people were backhauling their traffic just for security needs. There were two solutions in the market: Either backhaul and you have performance issues or you bring good enough security down to the branch office, which again has certain challenges for the network vendors. Right now you need to manage distributed security. That's where I think this whole notion of SASE and SSE sweetly splits in because with time it's been proven that Cloud security and SASE in particular is the right way to build your network and security together and these teams have to come along and they have to partner together to build this right framework and architecture.
Mike Anderson: 100%. I've seen this playing out a lot too 'cause you start thinking about, particularly SD-WAN, if you don't have the right partnership between network and security, you could even bypass the security controls that your security team is invested in to complete that whole SASE story. You could have SD-WAN connecting wide open to the Internet and traffic's not even riding over your security service edge, that Cloud edge for security so that it requires close coordination. So what advice would you have for networking teams that you've worked with in the past as they think about security? I know you talked about it becomes heavy at the edge but what advice would you have? Any tips you could offer?
Parag Thakore: Yeah, you need to look at, sit down with your security peers and come down with set of requirements that you want to dive from network security. You have to sit down as a group and decide what you want, what the priorities are and come up with that right architectural framework.
Mike Anderson: 100%. It's funny, I joked, I made a prediction on a previous podcast that we were gonna have a new job title emerge 'cause I've seen 80% of organizations that still reports into the CIO even though they may also obviously, sit on committees on the board. At the same time though, I've seen CIOs converging their infrastructure team and their security team back together, which is funny 'cause it's almost like a re-convergence 'cause that if you look at where the security budget originally came from 20 years ago, security originally sat as part of the networking group. And so the prediction was we're gonna have a title called Chief Information and Security Officer and we're basically, you've got both of those but we'll see if that plays out.
Mike Anderson: You brought up a really good point. As I think about it, oftentimes our teams end up getting organized not necessarily by capabilities but organized by tools that we own versus those capabilities. And obviously, as we know, the only constant in life is change, and so what's happening is that those capabilities are converging and the tools are converging at the same time and we have to make sure that as the capabilities and the tools converge, we also think about how those teams converge to drive more efficiency in the organization. So the operating models have to change inside our companies as well.
Parag Thakore: And I think Mike, that is where you brought up like, "What's the exciting work we are doing?" That exact convergence is what we are working on because network guys care about high-performance connectivity, security guys care about airtight security. How about we give you both? And how about we give you both not just for one use case but we give it to you for all use cases? And you get all these people on the table and say you can get this one single converged architecture, which is Cloud-native, Cloud-ready for your Cloud apps, for your on-prem apps and across the board and do it for both sides.
Mike Anderson: 100%. I think a lot of times too we get into, you talked about originally you had to educate the market on what SD-WAN was, right? And I know we've gone through that as well 'cause Security Service Edge is a new term in the last two years that the market's had to absorb as well. It always goes back to if I'm a business leader or a CIO, I need to be able to have secure Internet connectivity in the most efficient cost-effective way possible, right? And that is really what SD-WAN brings me and now I can add in the most cost-efficient and secure way possible to get traffic from any device to any device. So I think that becomes a very good message that can be taken out of the market as we think about what does SASE deliver and also SASE in the context, obviously, of what we do here at Netskope.
Mike Anderson: When you look at those functions and responsibilities, obviously, as we see convergence, you start to have Wi-Fi in these devices, you start to have, what would be considered traditional LAN capabilities. How do you think companies should think about that from an operating model standpoint? How should that play in?
Parag Thakore: Yeah, I think you need flexibility from an operating model perspective. The old school models from a business model perspective doesn't fly. You see people wanna deliver services at subscription. People, do they have flexibility on per user pricing? Some people do a bandwidth-based pricing. So I think it is all converging, it's all coming together, but that flexibility and agility is critical from that perspective.
Mike Anderson: We talked about the advice you'd give to people on the networking team. What advice would you give to CIOs and then the, obviously, the security leaders that report to them, the CISOs or even CISOs that report outside the CIO. What advice would you give to them around how they can help as they think about these evolving operating models and changing and converging of capabilities?
Parag Thakore: Yeah, if you look at it like you're chatting with some of the well-known analysts and from a CIO perspective, they need to make SASE a priority. And as they make SASE a priority, it forces down things down underneath because if you're looking for a better simplified network and if you're looking for something that is secure and gives you that high-performance connectivity, SASE has to be one of the top priorities, which it is by the way, when in fact, one of the analysts did a recent survey where SASE was top three technologies across the board, across CIOs and we're talking about not just network security, we're talking about across the board.
Parag Thakore: So we are seeing that and as CIOs make that SASE priority, they make sure that "Hey... Yeah, we could be dual vendor" because not everything is gonna change overnight. So it's gonna be crawl, walk, run phase where initially you are going to have dual vendor strategy and as you simplify things and go into that single vendor side of things, things will start to converge. So how do you reorganize your teams, how do you assign budgets to the right teams so that that decision becomes more simplified? So have that owner and to your point, have that one person own the decision and there is this new title that is emerging. I think that is critical because when that happens, there is somebody who is accountable for that project and he needs to make sure that both sides are driven equally to make that project successful.
Mike Anderson: 100%. And I think one of the things that always comes up, it's like a lot of people when we pivoted to this work-from-home model, a lot of people that had SD-WAN projects, there was a number of people that deprioritized them. There were some that prioritized them higher. I always told people like, "Look, when you go back into your office, if you don't have SD-WAN, all that video traffic that's running on Teams today is now gonna be hair pinned over your network and those circuits are gonna get overloaded." And I guarantee you, the first day someone goes back in the office, you're gonna hear people complaining about "Why is my Microsoft Teams or my Zoom call worse in the office than it is at home?" And it's definitely changed.
Mike Anderson: If we think about the pandemic, we had this, it accelerated people moving to more digital capabilities where those were things they built themselves in public Cloud or they went to SaaS applications. We saw this explosion in digital media, digital engagement, video rich capabilities, and then we also saw obviously hybrid work, which I believe the latest stat we've seen is roughly about 70% of companies expect to maintain a hybrid work policy going forward for how they drive work. How has that changed your view? Maybe how did that influence as you were building Infiot and then now what you're doing at Netskope, how did that impact how SD-WAN had been originally thought of? What problems does it help me solve now in this new hybrid world and these new workloads and things running in public Cloud and the video piece, all those things that we just described?
Parag Thakore: Yeah. So Mike, if you look at it, there are two fundamental challenges. One is what I call as a architectural challenge and the second is what I call as a functionality level challenge. If you take the first one, which is an architectural challenge, you are spot on. What I tell people is you cannot patch your way to a better network or better security. It was like a hodgepodge. When COVID happened, people started working from home, the IT team was scrambling, they did what they could do and put things together. Just throw more resources, throw more servers, you just throw things at the problem. But was that the right way to design that to begin with?
Parag Thakore: And if you look back, I think what you mentioned is absolutely right wherein you go to a branch office and you get SD-WAN and when you go home, SD-WAN vendors were selling appliances for home users, at the same time there was ZTNA client, at the same time there was an SSE client, at the same time you had multiple agents sitting on your laptop doing things and you have a box at your home to give you that high-performance connectivity. So if you think from a multi-product perspective, these are too many products. So from Netskope perspective, what we have done something which is really good from a platform perspective, firstly, it's one software, one platform, one policy, one architecture, wherein the person could be at home sitting on a laptop with an endpoint agent, there is one agent that runs on your laptop, which gives you both endpoint SD-WAN and it gives you this SSE functionality and ZTNA functionality all coming in from a single agent.
Parag Thakore: So that way you don't have this multiple point products, you don't have to carry hardware with you wherever you go. You can get this SD-WAN functionality running on your laptop as a full-blown software. Plus you have the same experience in the branch office because as the same user goes into a branch office, you don't want, again, a fragmented experience. So if you look at this example that you just brought up, wherein a Zoom user, you can say, "Hey, this is a high-priority application in branch." But the minute you go home and you are using your traditional VPN client, you cannot say Zoom or Office 365 or RingCentral is high priority. So how do you converge these architectures so that again, for home user, it is the best solution that you have from a software agent perspective, and then when you go into a branch, you still have a branch device do the things for you?
Parag Thakore: And the same thing applies, by the way, in multicloud, we saw a slew of vendors appear just for multicloud connectivity, for app-to-app connectivity, and then there are other vendors who were just doing wireless WAN. So how do you build this one software, one policy, one architecture so that that software can be running in your branch office from very small to multi gig as an endpoint on your laptop or it could be a wireless WAN for your cellular or it could be in your multicloud environment? And that's key. And then on top of it, you layer all of these connectivity services with security. So that's key for success from a SASE perspective.
Mike Anderson: Parag, those are great insights. When we think about architecture, one of the things we think about, especially in security is complexity is the enemy of security. And so when we have different architectures for every way someone works, it not only creates complexity for our teams, complexity in our tech stack, but it creates more troubleshooting problems for our users that are working from home. And so, definitely, the ability to simplify the architecture and as my favorite quote "Simplicity is the ultimate sophistication" it allows them to get that scale and it allows people to work the same way regardless wherever they work and it takes a lot of the... Eases the complexity for my teams that have to support those users that are really just trying to get their work done from wherever they're working from.
Mike Anderson: One of the really interesting use cases and I know you've got some other use cases you could share but one of the ones that resonated to me because we feel it here at Netskope is we have support agents working from home, and some of those support agents may be living by themselves, they may be living with roommates, they may be living with family members, they may have kids in the house that are streaming or working from home as well, and so as we think about that, we wanna make sure that when our support agents are supporting our customers, we wanna make sure they have a quality voice experience when they're providing support. We don't wanna have disruption in that. And so talk to me a little bit about that use case and how we address that problem and how SASE in general, in this new context we look at, helps solve that problem.
Parag Thakore: Yeah. Mike, you remind me of a interesting story that I had with a customer where back in my previous life, I sold 25,000 hardware units to end customer for working from home to deliver high-performance connectivity for these contact center agents. And what we realized, after a year into the roll-out, I reached out to the customer and said, "Hey, how's the roll-out going?" And so said, "Terrible." I said, "Why?" He said that, "Every time a contact center agent leaves, these agents leave, we have to chase them down to return the units. We give them a $400 Dell laptop with Windows Microsoft operating system running on it and I have a $2000 SD-WAN device running where just to give them that performance and connectivity."
Parag Thakore: And that's where the light bulb triggered, how about I give you that same agent which gives you not just performance but also security for those agents? People want to monitor is the agent working full-time or is he watching Netflix? How productive are these agents working from home, how is the optimization or how is that voice and video, which what you brought up. And how is maybe even some sort of securities functions, control channel for these voice and video, and we have security for that.
Parag Thakore: So it's that high-performance secure connectivity for agents or it could be for employees as well and we see a big market around it. We are probably the only ones at Netskope who has this industry's first, what I call as SASE client, and reason I call it as industry's first SASE client is if you look at it, there are vendors who do SD-WAN appliances like I spoke, there are vendors who do SSE and SSE clients. When you look at SASE, the definition is built from SD-WAN and SSE, but nobody has SD-WAN and SSE 100% software running on the laptop. So from that perspective, we are the only ones and industry's first in fact, to have this SASE client running on your laptop, and it gives you that high-performance connectivity and security no matter where you go, including branch offices, as you come into a branch office, we realize that there are multiple users in a branch office, so you do need a device and we ship you a device for your branch office needs, for your multi-gig needs.
Mike Anderson: It's a great one, and the last thing you wanna do is have more assets you have to go recover back from your employees. I've seen a lot of even IT leaders basically saying, "I'm gonna buy a laptop for an employee," and then once its three-year useful life is up, they can keep that laptop, we'll give them a stipend and we'll go buy a new laptop and we'll do the same thing over again. And so it's interesting, so the last thing we'll do is just have more capital assets that we have to maintain or recover 'cause if they leave before that three years is up, they wanna recover the asset, obviously, and re-deploy it to another user in the organization.
Mike Anderson: When I think about the unified agent, some of the things that's been exciting is we've always looked at our security service edge as bringing contextual awareness to all the different transactions and decisions that I make for a user coming from our traditional, this SSE client. Now as you look at the SD-WAN and bring that together to bring a true SASE client, I know you've been doing some exciting work on taking that context down to the SD-WAN capabilities as well. Can you talk a little bit about that and how does that help the hybrid workforce?
Parag Thakore: Sure Mike. If you look at it, you cannot prioritize or secure what you cannot detect. That's the bottom line. And what we have seen in the past is if you look at SD-WAN vendors and when SD-WAN started back in 2013, there were less and less Cloud workloads back in 2010. The Cloud was still emerging. And if you look at most SD-WAN vendors today, they'll talk to you about, "Hey, we support a few thousand applications at best, 2000-3000 applications."
Parag Thakore: At Netskope we have a world-class Cloud discovery engine from an SSE perspective, as an example, and we support over 60,000 applications from a security perspective. Now we bring that same context down to the SD-WAN, we have that same zero trust engine that was built for SSE, we brought that down to SD-WAN, and it's not just about applications but it's also applications and application risks, user-user risks, device and device risk. So these are different elements which is much broader than what SD-WAN was designed for originally. And with that, what happens is now, if you look at it, you get much broader contextual awareness no matter where the user is, even if the user is in a branch, can I create in a large branch more of an identity-oriented policy? Can I look at the identity risk? Can I look at the device risk and quarantine the device?
Parag Thakore: People who are doing segmentation in SD-WAN base based on VLANs and IPs, and I say, "Hey, yeah, but we have hyper context segmentation." Wherein you don't have to do it based on VLANs and IPs, you don't even know what IoT devices are there in your branch environment, and we can scan all those devices and quarantine those devices as an example, or we can prioritize over 60,000 apps and Cloud apps, which no other vendor can do out there. So net-net of it for me is all the work that we are doing is around, "Hey, you really can't secure or prioritize what you can't discover and that includes users, applications, devices, and much broader than what SD-WAN was originally designed for."
Mike Anderson: Yeah, and I know you and I've talked about this, it's the adding also that capability in the future to do that prioritization also based on sanctioned or unsanctioned applications 'cause that way I check the one box and it forces collaboration amongst teams because people say, "Hey, for some reason every SaaS application seems to be running slow." Well, maybe you're not using sanctioned ones or we need to be partnering more on those. So it kind of forces some conversation because people naturally may have a worst experience with applications that are just brought in from the outside versus things where they've been vetted by security programs and IT leaders to make sure they're safe and secure. And so I think that brings some interesting opportunities as well.
Mike Anderson: So Parag, I wanna pivot and ask you another question. So when you think about SD-WAN, we talked about what's important for network teams, but what's important for security teams is they've to look at there's technology stacks and consolidation opportunities because consolidation has always been an opportunity for IT. How does this present an opportunity for some consolidation, which is now key for them as well?
Parag Thakore: Yeah, I think the security team to me, and I think it comes from security team and also for CIOs, they must bring Cloud network and security together. That's the bottom line. So Cloud has to come in, the network has to come in and security has to come in. So now when security team looks at it, how easy is it to integrate and operate the entire network? That's where it's a teamwork between the network and security teams because you cannot pick a security infrastructure in silos without thinking of how the network will tie into it because both go hand-in-hand together because end of the day, you don't want your network peers to have a real complex deployment from a integration perspective.
Parag Thakore: So I think that simplicity is what the security team should be thinking of, like at Netskope we tell security teams and network teams. We have this world-class new age infrastructure. That's a great example. We are in over 67 regions, probably very low latencies worldwide from a end user to our POP perspective. That's a great example wherein this whole Cloud on RAM both for security and for optimization reasons, whether it's you're optimizing voice or video or you're trying to secure your web and SaaS applications, you need to think about it all. And does that infrastructure give you both of the things that you need from that network and security perspective?
Parag Thakore: So I would say encourage security buyers and security people to also start thinking about performance characteristics and optimization and whether that infrastructure can deliver that for them or not. And they don't need to be experts at some very simple question in terms of, "Hey, can I get this high-performance connectivity from this Cloud security that I'm purchasing or that security vendor that I'm looking for?" So I think ease of operations and that high-performance connectivity is something that security should also look at as a criteria when they look at security platforms.
Mike Anderson: That's great advice 'cause when you think about this consolidation, you brought it up earlier, the traditional model for deploying security and networking on endpoints was another agent and another agent and another agent, and it becomes this agent fatigue for the IT teams because every time they upgrade their MacBook OS or every time they wanna deploy a new version of Windows or patch a machine, they gotta test all of those different applications on their devices and so this convergence is important because consolidation has always been there for traditional IT teams, they're always looking at consolidation. Security has been adding tools but now they're looking at consolidation as well. So this provides a great way to really drive that true consolidation across security and networking and get rid of that agent fatigue on the endpoint.
Mike Anderson: So I wanna go to another question. One of the things that we talk about often with where we've sat from a Netskope standpoint is around this concept of creating better digital citizens. So we want people to don't click on things they shouldn't click on, they don't bring in new apps that aren't approved, that they haven't been vetted for security, they partner together with their IT and security teams on digital transformation initiatives. How do you look at now with this convergence of that unified SASE and SD-WAN and bringing those principles down to the end point, how do you feel like that will help better promote that digital citizenship and how?
Parag Thakore: So that is absolutely critical, Mike, because if you think that's where most of the SSE, like what you brought up is for remote users working in remote sites and you could do that. And then now when the same person is walking into an office, you want that same digital security coming in with that thing, have that citizenship honored inside a branch office. So I think that's where the whole notion of this context-aware zero trust security also kicks in, wherein you wanna know who the user is, you wanna know the identity of the user, not just when the user is remote, but also when the user is on-site so that you can promote that digital citizenship, and as the user walks into a branch, am I walking in with a managed device or a unmanaged device or do I have these risky IoT end points that I should be doing a quarantine for?
Parag Thakore: So I think that's where the next gen SD-WAN solution is going, truly have this context-aware zero trust software-defined WAN solution and bring it down and bring it down from both performance and security perspective, like both together I think that's what's going to promote this further.
Mike Anderson: That's definitely great advice and I look forward to that. I've been excited to deploy it internally as well 'cause I want all of our 2500 Netskope employees to be great digital citizens. You talked about next generation SD-WAN, I wanna bring us to the next segment of our podcast today, which is we call it back to the future, bring out your crystal ball. And do you think that the security and IT leaders, CIOs, CISOs will have hoped they'd invested earlier in this next generation SD-WAN, as you're calling this unified SASE, and why do you think that's the case?
Parag Thakore: Absolutely. If you think from operational simplicity, simplifying your network, not having these multiple point products and having to maintain it on an ongoing phases, it's a pain. When we talk to CIO then they talk to us about, "Hey, I have these multiple security stacks, and then I have these multiple networking stacks, just for app-to-app connectivity in multicloud or just for remote connectivity or just for high-performance connectivity and I'm shipping you an appliance." If you step back and if you look at where the solutions are today, even right now, it's completely fragmented.
Parag Thakore: So bringing in these things together, having that cloud-native architectures, not having what I call Gen 1 SD-WAN is fat solutions, fat SD-WAN. And you really wanna move to a thin SD-WAN solution, whether it's an agent or whether it's a software in your branch, it's this effect where I call as you wanna a move network to the Cloud, a good example is security has already moved to the Cloud and you wanna move compute closer to the user. So these lightweight applications that you want to deploy, I wanna deploy an XYZ application, almost like an app store on your iPhone, that's what's moving closer to the user but all these heavy duty network functions are moving more and more in the Cloud. So it's this phenomena of getting rid of fat SD-WAN like having this thin branch, thin SD-WAN solutions, I think if I was to bet, I think that's where the world is moving and this thin branch solution, where network is in the Cloud and compute clumps closer and closer to where the data source is.
Mike Anderson: So I think that's a great prediction. One of the ones that's been extremely relevant right now has been Generative AI and everyone's looking at that and how that plays in here. I've got these ideas in the future like you'll just ask like, "Why isn't my network working?" And it's gonna tell me like, "These are the things you need to do to troubleshoot your network." I don't need to call the help desk anymore. What do you see is gonna be the big thing that people beyond what we just talked about, how does that play in and what are people gonna wish they would have done around Generative AI and how does that play into the whole network security stack?
Parag Thakore: Yeah, if you look at AI-driven operations, which is where the world is also moving towards wherein I wanna know when a user complaints, can we tell the user upfront that you have too many apps open on your laptop and it's really not the network but your device that's an issue because the CPU on your device is really high or whether it's an issue with Wi-Fi in your house or whether the issue is really with the device or with your WAN, and then now, combining the network and security together, where is that exact issue? So by having that single vendor do it at all for you helps you in that framework and feedback because by having the network and security side, we know where the issues are, where the problem pain points are. So I think that is where you want to simplify things for end users because end of the day, end user is your customer and you wanna make sure that life is as simple as possible for these users from a connectivity perspective.
Mike Anderson: No, 100%. Well, this has been a great episode. One of the things that we always do at the end of every one of our shows is we go to what we call our quick hit segment. So I wanna ask you a few rapid fire questions so we can get to know you a little bit better 'cause I've really enjoyed the time here and our listeners have as well. So first question for you, what is the best leadership advice you've ever gotten?
Parag Thakore: I would say that's from my mom. So my mom is the leader for me and she was a servant leader, and she in fact, sold her house just to get me a plane ticket here to US so that I could study out here so we have seen all sorts of things. So she's been a servant leader and to me it's about assigning tasks and rolling up your sleeves and helping the team wherein you're assigning the task to the team but you're also really working for them, they are not working for you, and then you roll up your sleeves and get the work done and that to me is critical. And the other one is to learn fast and fail fast. It's absolutely okay to make mistakes but you need to be honest, humble and you need to be transparent to admit your mistakes and also forgive mistakes. So I think that to me is every decision that I have made in my personal life or my business life, it has been surrounded around being this more around this servant leadership.
Mike Anderson: That's great. It sounds like your mom did a great job there and one of the best leaders I've ever worked for, has asked me in our one-on-one's, she would say how can I help and what should I be worried about? Which were two great questions. I love that advice you were given there, it's really that servant leadership mindset. So next question, we're pivoting off leadership advice, so if you could have one thing to eat, you could only eat one thing for the rest of your life, what would that be?
Parag Thakore: Oh man, I think it's gonna be street food in Bombay. So I go back to Mumbai and be on some street eating some fish or eating some chat, but it's definitely street food in Mumbai.
Mike Anderson: That's great. I got the opportunity to spend a little time in Mumbai in my last trip to India. I didn't get a chance to try the street food though, so you have to guide me to the right ones. The next one, what is your favorite song and what does it tell us about you?
Parag Thakore: Okay, I think that's gonna be "Don't worry, be happy." That's obviously, our favorite Bob Marley. So I think the song speaks for itself, wherein it's just relaxed, chill out in life. There will be troubles, you've seen ups and downs and just to take a step back and enjoy it.
Mike Anderson: That's great advice. I think it was such a good advice from Bob Marley that Bobby McFerrin also created his own version of it with "Don't worry, be happy" back in the '80s. Parag, it's been a pleasure having you on today's episode of the Security Visionaries Podcast. Is there any final comments you'd like to leave with our audience, some takeaways you'd like them to take away from our conversation?
Parag Thakore: I think number one takeaway, discussed and hammered a lot on this, which is you must bring your Cloud network and security together. SASE is happening, SASE is converging and it's very important to have a dialogue with your network architects, with your security team, make that happen even create that new role that converges these things together. But Cloud, network and security is coming together, that's happening faster than it seems and it's happening now so invest your time in that and look for that high-quality experience when you define requirements for end users, branches, multicloud, see how I can simplify my network and security while you are at it.
Mike Anderson: Well, that's definitely a great advice. Again, I really appreciate your time on this episode.
Parag Thakore: Thank you. Thanks, Mike.
Mike Anderson: I know I enjoyed the conversation today with Parag as he took us through the SASE and the borderless SD-WAN and his journey. Three key takeaways that I took from our conversation. The first one is we look at SASE, people should really accelerate their work in this area because there truly is an opportunity to drive simplification inside your organizations to get rid of that agent fatigue, to really converge in all those security and network capabilities. And that brings in the second piece I learned from this is really making sure that we bring our teams and help them work together in a better way. And that can be a cross-functional team or it can be everyone working underneath the same leader, but it's important that those teams are working together on this convergence and make sure you're revisiting your operating models at the same time to look for other ways to be efficient and again, free up talent, free up people to focus on building new capabilities for your organization.
Parag Thakore: And the last but not least, as I look into this is, if we invest in SASE and we do this the right way, it's gonna allow us to deliver better digital citizens, and it's gonna create a better, more consistent and secure employee experience for our people, whether they're working at home, a coffee shop or in a branch office.
Parag Thakore: So I hope you enjoyed today's podcast. I know we did. Lots of great information and I'm sure we'll have Parag on again in a future episode. And I wanna thank all of our listeners for tuning in to this episode of our Security Visionaries Podcast, and please tune into our future episodes, we have our entire library of all of our episodes available on netskope.com and all the different popular podcast platforms. I'm your host, Mike Anderson, the CIO and chief digital office at Netskope. Have a great day.
[music] Producer2: The Security Visionaries Podcast is powered by the team at Netskope. Fast and easy to use, the Netskope platform provides optimized access and zero trust security for people, devices and data anywhere they go, helping customers reduce risk, accelerate performance and get unrivaled visibility into any Cloud, web or private application activity. To learn more about how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.
Producer1: Thank you for listening to Security Visionaries. Please take a moment to rate and review the show and share it with someone you know who might enjoy it. Stay tuned for episodes releasing every other week and we'll see you in the next one.