blog

Podcast Transcript: Decipher’s CEO, Chris Holmes, featured on CapitalGeek podcast

Security gets you in the room, but analytics keeps you there.

Grey Matter CEO Chris Holmes recently sat down with Josh Stephens, CTO, Elsewhere Partners for a very interesting and enlightening episode of Josh’s capital GEEK podcast. The pair covered a number of topics including the forces behind the creation of the company, what it takes to secure data networking in today’s cloud environment, the importance of service mesh-derived analytics and his vision for the future Grey Matter universal mesh platform and its role in the continuing evolution of hybrid mesh network infrastructure.

capitalGEEK discusses the lessons learned from seasoned industry product and engineering, operations and finance, and sales and marketing professionals.

We’ve provided a lightly edited version of the transcript of the podcast below. However, if you’d prefer to listen to it in its entirety, please click here.

Josh Stephens:

Hello, everyone and welcome to today’s show. On this episode of capital GEEK we speak with Chris Holmes, CEO and founder at Grey Matter. Gray Matter builds a hybrid mesh solution to secure and operationalize today’s very complex networks. Today should be a very exciting show. Let’s get started.

Chris, good morning and welcome to the podcast.

Chris Holmes:

Thanks for having me, Josh. Looking forward to this.

Josh Stephens:

It’s a weird time, huh? We’re all working from home and dealing with the coronavirus scare and I read this morning it’s only 99 days until the next presidential election.

Chris Holmes:

Yeah, yeah, I haven’t even had enough time to soak any of that stuff in with all the craziness going on with COVID and trying to handle 60 plus people and think about what the right moves are. It’s crazy.

Josh Stephens:

It’s a difficult time to run a business. I think that it’s one of those times where things are very unpredictable and that’s what makes running a business really hard. When you can’t invest in trajectories and patterns that you’re used to that you can rely on. I think we have to start with this episode with a little bit of background because what Gray Matter does, what your company does. While it’s something that you and I understand because we have a deep background in this technology I think for most people it’s a little bit mind-boggling. Before we deep dive on the technology and what the company does: Why did you decide to head down this solution path?

Chris Holmes:

I’m glad you asked! My brother and I, my CTO, worked at a company named Decipher. They’re a pretty well known little company in Norfolk, Virginia that created trading card games and managed fan club stores. They managed the Star Wars Fan Club, they managed the Lord of the Rings Fan Club, they managed Star Trek Online. We were thrust into an environment where we had to take these traditional trading cards with the fan clubs (this was at the time when magazines were still being published and printed and sent out to fans) and augment them with online capabilities, online forums, online stores — all before Amazon ruled the universe. They [Decipher] had their own warehouse because they also managed their own pick, pack, ship procedures. It was full of Star Trek figures and Lord of the Rings cards and How to Host a Murder games. Our job was to connect all that stuff. Make it all work seamlessly. The trading card games… I was actually doing an all hands yesterday and somebody laughed when I said, “We built this.” They were like, “Really?” They had a national tournament system and they [Decipher] would give out prizes. People would go to these little game stores and you’d see the kids playing the trading card games. Well they would be ranked in a national system that they got scored and then prizes would be sent out. Those prizes might be discounts to buy other stuff in online stores, etc. They were using File System Pro to manage their backend systems. We ripped all that out and put in an entire ERP system where we connected their warehouse and their pick, pack, ship procedures with all of the shippers to their financials, to an online front store system that was automatically created to a tournament system.

So as time has passed… I mean hell, this was early ’90s, I guess, late ’90s. .net was still in beta…

Josh Stephens:

…Yeah, late ’90s where most of this was. Visual Basic…

Chris Holmes:

Yeah, I mean, it was late ’90s, early 2000s and it was all cool tech. As the tech has matured, we became known for building out this ERP model for a lot of different business cases. We recently did it with the federal government. The cloud hasn’t changed the fact that you still need to do enterprise resource planning. It actually makes it more complicated because you’ve got existing investments similar to this, you’ve got more choice. You’ve got multi-cloud, you’ve got investments that are wrapped up in what some people call “legacy.” I like to refer to it as “brownfield.” Many of those are critical systems. You’ve got to make a choice on how you’re going to continue to offer more solutions to your customers. That’s a lot. We built Grey Matter to connect all of that together because that’s what we knew how to do. We know how to connect all these disparate things together to create an enterprise resource plan that’s most effective for the business, customer, bottom line, and top line, really.

Josh Stephens:

When I think about what Gray Matter does, it fulfills the promise of what a virtual private cloud could have been that technology not been invented within the silo of a single public cloud provider. Because if I understand correctly, the focus for the company and the technology is to create a hybrid mesh, but this virtual private cloud…this logical connection of disparate resources from within multiple different public clouds and multiple private clouds, data centers, even within disparate V-LANs within one data center, right, make it all appear as together and local. Then to do that in a Zero Trust way thats entirely secure. I think that’s another example of the term that I think that even fairly technical leaders like myself may struggle with: the Zero Trust model. Maybe you could take a moment and give us a quick cursory overview of how you approach Zero Trust.

Chris Holmes:

I will. But before I do that, I do want to go back to something you said that sparked something that I’ve been pretty passionately researching, talking, and writing about recently: the conundrum of large vendors taking terms like virtual private cloud and turning them into unfortunate marketing spin. We’re seeing the same thing with “hybrid.” Lots of people are saying, “Our solution’s hybrid, our solution’s hybrid,” but hybrid actually doesn’t mean “I buy a rack of your stuff and put it next to the other 25 racks that I already have in my enterprise.” That’s just an extension of their stack, it’s not agnostic. I still have all the work that I have to do to take the 25 racks that are running my brownfield and connect them to the hybrid environment that you just gave me. You need a virtual network that can cross all those boundaries, which is what Grey Matter allows. On the Zero Trust side, it’s a buzzword. Point blank. Quite simply, we view Zero Trust as explicit security rules — explicit security across every edge on your network, whether inside or outside. It can be cumbersome when you do it, but it is really, really explicit.

Josh Stephens:

Well, it’s better than it used to be. I can remember back in the ’90s and even in the early 2000s, building Zero Trust networks by hand, right? So you’re going to your firewalls and routers, you’re denying all. You’re very explicitly letting in node-to-node routes and connections. I remember this well because a buddy of mine sort of taught me a lesson in hazing through this technology. At the time if you had an access list or a firewall rule in today’s nomenclature, they could be hundreds of lines long or even thousands. For a while, if you typoed one line, you had to kill the whole list and start over. In one of my first jobs out of the military we were designing and deploying Sprint’s first cell phone network. Part of that process was typing in these 30-page router configurations to these routers. I did that job for about three weeks before the other guys finally patted me on the back and said, “Hey Josh, you know you can copy and paste this stuff, right?” So for three weeks my fingers were just smoking. I was typing as fast as I could type, all day long every day. I had no idea I could just copy and paste that straight from the engineering doc, which I had written to start with! That was one of those great hazing moments for me back in INS where my buddies were just giving me a hard time. It’s come a long way. In the old days you had to really think this stuff through and kind of be lucky as well as good to make it work. But through technology like Grey Matter, it’s more UI driven. It’s presented in a logical way and when you have technology like your product that is tailor- built specifically for this purpose, I think it becomes a lot easier to accomplish what you set out to do.

Chris Holmes:

Well the other thing about it is when you look at stuff in the space as it exists today, not just Grey Matter… but Grey Matter does do things to make it easier… it’s decentralized and if I make a change to this or if I make a change to that I could impact hundreds of nodes. The security and the explicit security rules have really been pushed down to those edge services. I’m not just talking about IOT devices. I’m talking about the granular level of the API itself, or even if you go into the API at the function, at the server call, whether it’s a serverless call or not. You’re setting rules explicitly at that level so you can actually do things, and experiment, and lock things down at a level where you’re not going to potentially take offline hundreds of cell towers, or hundreds of routers, or hundreds of perimeter firewall rules. The other thing that we’re finding: as you start to put these things into production enterprises, the new tech is better. No doubt about it. But the old way is really prevalent everywhere. I do a lot of work with the military and the federal defense customer set…largest enterprise on the planet. It’s easy for somebody to say, “We’ll just use containers and this is all going to magically go away.” But no enterprise is like that. Not the largest one on the planet, or any of these larger companies. Those rules that you just talked about doing, the router rules, the firewall rules, those still exist. A lot of the people that put those in place are gone. They’ve moved on and the issues haven’t been documented. It’s really hard to uncover those things. One of the things we’re finding with the mesh technology itself is, because you’re at it at a granular level and a decentralized mode, you can actually start to surface those things. You can say, “Well we should port these rules from this layer-two firewall or this layer -one and -two device on the network into the mesh itself and it’ll be documented. We’ve got a nice UI on top of it. We’ve got AI anomaly detection throughout that can alert if it changes,” et cetera, et cetera, et cetera. There are things that you can absolutely do now. That’s where the simplicity is going to come in.

Josh Stephens:

It sounds like hybrid mesh — and Grey Matter specifically — is really a big network problem, right?

It sounds like the kind of thing that you would decide to invest in when you have complex, large networks that allow/afford you the opportunity to invest like this and think more strategically about Zero Trust and access to data.

Chris Holmes:

It’s true. But it’s not just for the big guys. We’re a small company and we’re running everything through our own Grey Matter service mesh. That’s afforded me a couple of other things: insight into whether I should be paying for Fresh Desk? Are people using it to the extent that they should? Has it been locked down? How do we manage access to the binaries where our customers come in and download Nexus? We have that all running behind the network, that “private cloud networking mesh.” We can see everything. So it’s not just for the bigs. It is very helpful for the bigs as they are migrating their pathway. But for the smalls, just starting, it is insight. It’s a better way to manage your strategic roadmap as you grow. We talked a little bit about what we just did with COVID API Hub. There was a small group of four individuals that put up an open-source API for COVID. It’s great. It’s the novel COVID. Their URL is disease.sh. It’s just a group of kids that wanted to do something good for the public. So they built this API. They had it running on three honking Linux servers in a closet that cost them a good chunk of change to run. When they started, they had no idea what was going to happen. Well that thing blew up. It turned into the number one API used by Israel and a few other countries in Europe. It’s used as their go-to for COVID data, much like the United States went to the Johns Hopkins University platform. We set up an API hub, we set up a Grey Matter public service instance that acts as an API gateway and also service mesh. We wrapped their API. We reached out to them and they said, “Oh my God, this is great,” because they were going to spend a number of dollars on an APM management suite. They had no idea where all this traffic was coming from. They had no idea what their resource usage was, other than looking at the actual Linux box logs. They certainly weren’t thinking about security. We said, “We’ll host this for you and we’ll give you what you’re asking for. By putting it behind the mesh we can do all of those things for you.” It’s been a really good relationship.

Josh Stephens:

So in addition to enhanced security and reachability, I think the analytics are a part of the solution that are sort of understated. When I think about modern technologies versus traditional infrastructure types, most people get hung up on the… whether or not it’s secure…whether or not it’s easy or harder to use, or more expensive. I think we get hung up in that conversation. But I think the real differentiator is the analytics. I think that for any data-based modern platform where you have the ability to integrate AI and ML layers into your products… without those analytics you’re shooting in the dark.

Chris Holmes:

I started this as a bootstrap company and we are still bootstrapped. I have been learning all kinds of lessons as we’ve been in business. One of the things that hit me pretty hard about a year and a half ago was “what’s the number one thing that’s going to have somebody start the conversation?” It’s always security. It’s always, “What do you for my cyber perspective? What do you do for my security perspective?” At least with companies that we’ve talked to, it is the “get in the door” question. We have a really strong story there. We’ve been building a very strong story on network segmentation, microservice segmentation, app segmentation, all that good stuff. But what keeps you in the door is analytics. The conversation usually goes “We buy off on the security. You definitely can help us, especially in a multi-cloud hybrid environment.” But what keeps you in the game is the value add analytics that you get from the platform after it’s in place. The insight that a line manager has gotten that he’s never had before. The insight that an architect or an IT manager gets that he’s never had before. Not without having to go to N number of reports, or N number of APM tools. It’s out-of-the-box. We ride the network. We don’t have to do any kind of instrumentation to collect this information. We just have it. When we first implemented Grey Matter in our first customer’s data, we dropped a lot of this information on the floor because they weren’t using it for the analysis. They weren’t looking at it from an operations intelligence perspective. That’s changed.

Josh Stephens:

I think that’s interesting. Whether you’re talking about hybrid mesh solutions for security and access, or you’re talking about business process automation using a BPM tool. We had Brian Reale from Process Maker on a couple weeks ago. A lot of times technical teams will be tempted to try to either build from scratch or to compile together several different open source tools into a solution. You can do that. I would never want to try to talk people out of that.

You learn a ton when you have time to do that and it’s a great process and it’s a great model. But once you begin to lean on something like this for real business outcomes… we can talk about capabilities and ease of use and features of the core functionality… the real difference between what you guys are doing and what someone can do on their own? You’re able to take what you learn from all of your customers around what makes good analytics and summarize that and coalesce that into a best practice solution. That’s something you just can’t do on your own. When I think about enterprises, and in some cases large organizations that have dozens of people working on this type of technology, that is the place where they always fall short: reporting and analytics. Because I just don’t think you can get there with the perspective that you have as one user, as one company. I think it requires broad access and that’s the real advantage that you guys have.

Chris Holmes:

I like to think we have a number of advantages but that is a huge one. My PR guy and I coined this term, “The cost of free.” There is definitely a cost of free. Lots of people will walk in and say, “We’re just going to use open source. It’s not going to cost us any money.” We think it costs more money over time. You’re going to have to groom your staff. You’re going to have to have your staff become experts in not just one open source capability but probably several, just to get the functionality that the business needs out of anything. You’re going to have to piecemeal together a bigger solution that you’re grooming expertise in. It’s going to be hard to retain that talent for the enterprise. All of that is at the expense of the talent that you have in your enterprise doing what matters most for your business: keeping your customers. That’s why solutions like Grey Matter and other vendor products exist. It’s easy to turn that button on. Buy it and gain that expertise through the subscription and continue to get the output that you need from that layer of your technology and beyond it. In our space, the amount of telemetry that gets collected on the network, at layer three, four, seven… the amount of content that flows through East, West, North, South traffic… the sheer amount of rules in an explicit security model…you can’t possibly just have a dashboard that shows you, “Hey, here’s the state.” You have to go beyond that. You have to get to the active and passive collaboration with a DevOps engineer who’s sitting in a NOC or SOC saying, “This is an event I care about. This is an event I don’t care about.” You have to have an AI enabling brain inside that network that says, “This is what we think you ought to be paying attention to. This is where your resources are going. But at the same time your business told us, ‘This isn’t really a number one critical factor for it’.” These reward systems from an AI perspective are going to be increasingly critical in a mesh… in a hybrid environment… in a multi-cloud environment. That’s absolutely what we’re focused on. A human being can’t possibly look at all of this information. There’s not enough hours in a day for a human to make any decisions at that point.

Josh Stephens:

When I was at Solar Winds we hired a guy who became a good friend of mine, he’s a senior executive now, Denny LeCompte. When it came to some of these things, he would ask if it was, “Free like a puppy or free like a beer?” Right? Because that’s a great metaphor. For open-source software and even without open source, just what the “cost of free” can really be. It can be extreme and I would argue that oftentimes, cheap is as bad as free in terms of what it really costs you. You’re having to augment and combine multiple tools to get the same functionality you would have gotten through one vendor.

Maybe we back up a moment. I’ll try to cover some of this when I record the intro. It occurs to me that there are probably people out there that are listening to us that have absolutely no idea what we’re talking about because we sort of started with a base set of knowledge. So, in your words, tell us why someone would go about deploying this type of solution and what it does? Obviously, this is an evolution of what VPNs used to be used for, so we can start there. Maybe you could demystify that for us a little bit.

Chris Holmes:

We’re all about creating the mesh network connecting all of your assets, brownfield, greenfield. The answer in the industry has been this concept of a service mesh. A service mesh has a few pieces to it. It’s got a control plane, which is your command and control for all of the things that are running on your network inside the mesh…what the mesh is aware about. It’s got a data plane, which from a service mesh perspective is usually in a form of a proxy that gets pushed out to all of these code level environments taking care of things like wiring up MTLS so the developer doesn’t have to. A developer won’t have to try to figure out how to secure his application behind key cloak with oAuth and OID. The proxy can handle that for them. A developer can potentially have a TCP service that gets transformed into an HTTP service. Things the old ESB used to do, but on a much more micro scale and not with all of the bells and whistles that made USBs become bottlenecks and middleware. It really is the future of that kind of functionality. The developer doesn’t have to worry about auditing because there’s no reason for him to write special instrumentation code. A developer can use open source tools like Jaeger or Zipkin for tracing and seeing things. Just trying to take some of those generic kind of things that developers have to deal with when they’re writing new services regardless of their language and extracting the networking pieces, extracting the cumbersome pieces that developers shouldn’t have to worry about, the plumbing, into that data plane for the command and control to manage. That way the developer can actually focus on the business logic that he wants to build.

Josh Stephens:

In a large enterprise, there’s an overhead with running the service mesh in terms of people that operate it. But it sounds like what you’re saying is that it’s a net negative overhead. At the end of the day, it saves you time because, while you have the administration load of maintaining the service mesh, you have a much simpler role for all of your developers and DevOps and so you gain that time back

Chris Holmes:

Right. I was going to say in our customer experiences it actually translates into a fairly high net positive. Imagine if a developer for every service that they were writing was also going to package their own firewall, their own web prop, their own NGINX proxy or a flask or whatever they’re going to do, and their own auditing capability and their own white list, blacklist, ACL kind of logic. Imagine every single service that was put on the net today had that embedded inside of it. The enterprise would never know what’s on their network. They would never be able to manage it. They would have to go back to that particular developer who developed all that in case any rules ever changed. You don’t want a developer to do that and quite frankly, most developers don’t want to deal with that. A DevOps engineer, as you’re moving up the stack, certainly doesn’t want that because now you’re handing off an individual stack for every single service or application that you’re writing in your developer chain. The DevOps guy’s going to be told, “You have to manage and maintain it. You’re going to have to figure out how to deploy it and make it scale and keep it operational.” The IT architect and the IT manager’s are going to hate it because they’re not going to be able to answer any questions that the C-level, the CIOs and the CTOs are going ask. “Where’s my cost? Why is this going up? Why is it rising? Why does this keep failing? Why does this keep falling over every time we’ve got 25 users sitting in?” etc. That all goes away. There’s definitely a net positive. The service mesh pulls those things out of those codebases. For us, we’re really focused on the administration and keeping it as dead simple as possible out of the box. That was our 1.0 focus. We’ve achieved a good portion of that. We’re always looking to make it more simple for developers. We’re building an add-on into the S-code so that developers can literally just spit out Envoy proxy configurations without really doing too much. But for us, the next stage is all the stuff we talk about with the analytics, the Zero Trust factor, the explicit security, surfacing now that it’s all in those data planes.

Going back to something we were talking about earlier with the proxies and the NGINX configs and the firewall rules. We could use the data plane to detect when somebody changes an explicit Zero Trust security rule. We’d be able to service that right away to a NOC or SOC, saying, “Hey, this proxy that is running on your mesh was allowed to speak to these five things and somebody just changed it so it now can speak to everything.” That’s not an easy thing to do today. Today, somebody can go into their enterprise and makes an NGINX configuration change like “This is allowed to receive and give traffic to and from the following nodes,” the developer can just go change that and DevOps guy puts that out on your system. Next thing you know, it’s deployed and you’re dealing with data leaks and everybody’s going to be scratching their heads saying, “What just happened? We have all these monitoring capabilities in place.” Those monitoring capabilities are not paying attention to that kind of thing. They’re paying attention to traffic. They’re paying attention to where that traffic is coming from. “Where’s all my ingress and egress coming from and going,” is what they’re paying attention to. They’re paying attention to “are there anomalies where the packets may look a little bit out of band” and if they are, let’s deal with it. They’re looking for all that stuff. They’re not actually working on the business itself. They’re not actually saying, “This resource is running away and it’s costing you X number of dollars. This resource was allowed to talk to these five things and now it’s allowed to talk to everything. This resource was handing out this kind of data. Your business told us that that kind of data can’t go to that location or be shared with that service.” Those things are all within the realm of possibility and that’s what we’re focused on with Grey Matter.

Josh Stephens:

So is there, this might be a horrible analogy but, in some ways if I’m a developer working in an AWS only environment. Sort of native, all cloud in a very small, contained area… it sounds like Grey Matter can provide that same kind of ease of use and conformity across multi-cloud, including on-prem, and make it seem as easy as just working in one single public cloud ecosystem. A well developed and mature one.

Chris Holmes:

I wouldn’t say all of the above. But yes, that is the goal. The goal is to take some things like CloudWatch and their audit capability and make that available to anything that you’re running on your network, regardless of where it’s hosted, or where it’s riding. We’ve got a lot of customers who have assets in a Google Cloud and Amazon Cloud and an Azure Cloud. They all do a really nice job of what’s going on in their cloud environments. But it gets a little bit squirrely when you get down to the application level. There’s chargebacks and it’s a little fuzzy on how deep you want to build into their particular SDK. But they all do a really nice job on their own stacks of all their monitoring. I call it, I like to call it “actionized monitoring” because it’s not just monitoring, it’s taking action based on that monitoring, which is really what matters. We can normalize that entire thing across all three of those clouds and your on-prem Cloud. You get all of that without having to wire yourself to a particular cloud vendor. We love Amazon and their Managed Services. We use Amazon’s Managed Services for many, many things. But, and I can’t imagine we’re different, we’ve got assets running on EC2s, we’ve got assets running on EKS, and we’ve got some assets that are playing in ECS, their container service. Because Amazon, it’s a full-up cloud platform. It’s got a lot of choice and developers like to experiment. All the time.

Josh Stephens:

That’s an understatement.

Chris Holmes:

The enterprise doesn’t either understand that experimentation or doesn’t understand the return on investment of that experimentation. ECS may actually be cheaper than running EKS and they usually don’t find out that it was even happening until something bad happens, which is unfortunate. You can put a Grey Matter mesh in place in an all Amazon environment and you can actually surface a lot of those insights. The developers and really the IT department doesn’t need to hide anymore. The IT department can say, “Look here were your requirements, line manager. We tried to use this capability because, when we sat down and did our analysis, this set of databases, this container management system, it met our needs faster in the time to market and it was going to scale better. Here’s the actual reports.” So there’s a lot of value by just bridging those things together from one VPC to another VPC to another VPC. We have customers doing that today, as well. It’s not just multi-cloud or hybrid. It’s even inside single clouds.

Josh Stephens:

Chris, as a technologist, when you think about the type of specialist that might want to learn more about this, that might want to go to your website and watch your videos and deep dive on this, are the people you work with day to day, hands on the keyboard- type people? Are these DevOps people? Are they security specialists? Network engineers? Where do you see those specialty areas?

Chris Holmes:

All of the above. That’s a two-pronged question for me. We’ve been running in production at this point for two years in some of the largest enterprises. That two years has granted us lots of different use cases that have come through the pipe from, “Can we deploy a portion of the mesh on a one-use server or a laptop and connect it to the broader mesh so that we can do all the command and control stuff in a decentralized environment?” I don’t mean decentralized from a “We’ve got a lot of data planes running,” I mean from a people process. People deploy, they want to be able to talk through satcoms or hardwire and they’ve got to be able to communicate. All of that has to happen. All the way to, we run in data centers and we talk to the security people, this is where the value add comes in. For the security people, it’s less about the explicit shared rules because it’s easier. It’s more about the data that they can get from that. They have the same business missions that everybody else has. Their job in an enterprise is, “I don’t want to end up on the news because of a leak.” They have to run data science activities to find out what content’s going where? Are they allowed to see it? “I didn’t even know these people were able to access that database.” Those are the kinds of rules or data that we can give to them. We talk to the DevOps engineers and the developers. Honestly, we focused less on the developers and DevOps when we first came out of the funnel. Everybody around us, all the open-source projects, they are all focused on the DevOps guys and the developers, and that’s fair. We, as a company, decided that our mission was business enterprise. Business enterprise and the value that we can bring to all of the business enterprise. We focused on the security people, we focused on the line managers, we focused on the architects and the managers and what they would need out of something like this. Now that we’ve reached that level of maturity with Grey Matter, we are going back and saying, “Okay so we’ve been running for two plus years in prod, people are very happy. How can we make this even easier for developers and DevOps engineers?” Because if you’re looking at the spectrum of things, especially when you’re trying to sell software. From a small startup you really do have to focus on who your end users are. We chose to focus on the folks that tend to make decisions and spend the money. The developers and the DevOps engineers are high influencers, but they can also sustain the most pain because it’s their job to understand how to use a wrench or how to use a hammer or how to use a saw. Now we’re going back and saying, “Hey, thanks for sticking with us. We’re going to make your lives a hell of a lot easier. We’re going to give you template engines, we’re going to give you one-button deployment.” In fact, we spent a lot of time and effort on tooling this year. One button terraform, rip it down, put it back up. If you’re deploying into Kubernetes here’s our helm installs.

Chris Holmes:

We’re looking at raw CRDs in the future. But Grey Matter and the service mesh space itself, and this is one of the differences that we took, we did not tie ourselves to Kubernetes. I think that that came out loud and clear earlier. It is an environment. It is not the environment. And this mesh network layer, it is something that should be available to multiple deployment environments, not just if you have a container that you’re deploying into a Kubernetes environment.

Josh Stephens:

That seems to defeat the whole spirit of what you’re trying to do. It’s interesting. I’ve spoken to more and more companies lately that have begun to question the long term business sense of heavy public cloud investments. I’m beginning to see more and more companies hybridize their own deployments. Not just in terms of using multiple public cloud providers but they’re starting to ask themselves, “For long term storage, would I be better off to do that locally versus S3?”

One of the complexities of those decisions is that if you don’t have some sort of a high-end service mesh before you start, it really limits your opportunities and the way that you can think about it. What I hope happens is that this space matures to a point that organizations can really start to make hybrid compute storage environments in a way that hasn’t been done before. Where you might abstract components. You might decide whether to run specific microservices on your own infrastructure and own hardware versus something in the public cloud. With the right service mesh you can make that seamless. You can all be secure, you can move it around.

I think that more than pays for what they’re going to invest to get the service mesh done. Now you’re saving money. You’re saving time. You’re more secure. You have the analytics. Yes, there’s a little bit of a startup time to get it up and running, but once you’ve done it, the freedom that it provides to you is really unmatched. I think that’s the thing people need to understand. This is not the type of technology that constrains your choices. It’s a type of technology that opens up your choices. And really gives you the flexibility and the optionality to say, “Okay well we’re going to be more creative. We’re going to choose the best, most secure, most cost-effective solutions without respect to where it comes from.” It’ll allow things to move that way and that’s something I don’t think has happened yet. I think this is an evolution in cloud computing that is quite probably being accelerated because of coronavirus. We’re all remote and suddenly all of our networks grew exponentially in terms of numbers of nodes and sites by the number of employees you had and how many places they worked from. I think that maybe we’re seeing this rapid acceleration of not just what the product can do but new and innovative ways to take advantage of it. That’s something I’m very excited about seeing.

Chris Holmes:

I agree 100%. I don’t have a tremendous amount to add. I mean, done right … It’s funny, a couple weeks ago in one of our production environments somebody said, “Well I don’t really understand this data plane thing that you’re talking about. I’m not using it.” I stopped and said, “Actually, you are and let me show you what’s happening under the covers.” When I showed that person the reports that were being generated and the fact that he didn’t have to deal with rotational certificates on the network because it was automatically… dealing with those cert rotations and he was never going to get stuck in developer hell for, “Oh my God, my cert just expired.” Or the reverse, which we see a lot in enterprises…certs hang around for three-plus years because they don’t want to deal with them. All those things add up and the developer looked at me and he goes, “Oh my God. I didn’t realize this.” In this market, the best platforms are going to be the ones that fall into that category of “they don’t even know it’s there.”

I mean seriously, if I had to deal with my WiFi router every hour because of a problem, I’m going to throw my WiFi router out the window and go buy another one that I can just put under my shelf and only pay attention to if the light turns a different color. That’s this technology.

Josh Stephens:

No, it’s fascinating. I think that the largest impediment to growth that you guys have seen is that it’s a complicated story when you try to explain what it does and how it works. But it’s elegant in its simplicity in terms of the way it works and how seamless and completely invisible it is to most the people that are benefiting from it. This is I think one of the challenges that happens when you’re out ahead of the market. When you’re in a space very early and you’re waiting on the space to mature. You don’t have any help in the marketplace to help educate and bring up your potential consumers to a standard level of knowledge so that you can start … In a five-part discussion you can start at step three.

Josh Stephens:

In a sales call, right? The problem right now is that in every conversation you have to start at step one. We’re at the end of our time today and we’ve just now, I think, really gotten to the point that unless you’re a network engineer or a DevOps person or a security person, you probably have started to understand what we’re talking about. It’s a complex problem with a very elegant and easy to implement solution. So I just love the product, Chris.

Chris Holmes:

Thank you.

Josh Stephens:

I’ve been a fan for a long time and its been fun as an investor, or a potential investor, to watch you guys grow and to watch the problems in the space and listen to enterprises combat these issues and start to see the light bulbs come on. I hope to see this market mature in such a way that the best products and the best solutions rise to the top. All too often we find a good solution with great marketing rise to the top and so we’ll have to see. No offense to all my marketing friends out there. It’s something we all love to work on. But I think this is really a turning point in the industry and I do believe we’re seeing acceleration of how this works.

I want to ask one more question. We’re way over on time. Help me understand the relationship between service mesh and network automation platforms. Do they integrate or are they separate? How does that work?

Chris Holmes:

When we first started Decipher, we actually had a customer meeting in London and we talked a lot about NFV, network functional virtualization and SDN, the software-defined networking. General intent-based networking, network automation, and the service mesh really is the pointy tip of the spear. You have to have something like it in place on all of your environments if you’re really going to see value out of network intent-based automation. Otherwise, you’re going to have a really nice layer two, layer one management system where you’re probably going to have a little bit less rule-based routing. Then you’re also going to have a separate and distinct, really cool cyber AI operation that is looking at anomaly detections and making sure that your packets are good packets and not bad packets. Again, looking at different layers on the OSI stack. The service mesh can bridge all of those investments together. It becomes a feeder of data to those things. It also becomes a way to actionize your application stacks to your microservices that you’re building to bring your cross-cloud and on-prem stacks altogether. It really is that glue in the middle.

Josh Stephens:

Awesome. Well Chris, as I said we’re out of time. We’ll have you back on the show soon. That was fantastic. I’d love to check back in in a few months to see how things are going. Thank you so much for coming on.

Chris Holmes:

Yeah. Thanks, Josh. Thank you very much. I really enjoyed it.

Read Previous Post
Read Next Post