Ahuja’s departure from Cisco was announced in March, but he didn’t actually leave until the end of July. After that, he did some fun things, traveling with his family to Europe and Croatia, and working on his yard. But he also circulated around Silicon Valley, talking to lots of engineers. And he ended up finding a new gig at Versa Networks.
How did you find your way to Versa Networks?
Ahuja: Since leaving Cisco, I spent a lot of time analyzing what I wanted to do next. I looked at many spaces and different size companies. But I’m a networking guy. I built networks; configuring routers and switches and building MPLS networks. My passion and focus on networking brought me here because I think there’s a huge shift that’s occurring, particularly in wide area networking. I think we’re still in the early stages, and the relationships I have with service providers will certainly help Versa. I think it’s a perfect combination.
What do you like about SD-WAN?
Ahuja: First, every company today is talking about digitization and Internet of Things (IoT), and they’re moving faster toward that. The move to cloud and a lot of applications is becoming key to businesses everywhere. What does that mean in terms of the enterprise WAN? I found a need, which was unmet. And that need is really at the intersection of networking, WAN, and security. Nobody’s infused WAN with security in a cloud-native way.
Why is it important to integrate security into SD-WAN?
Ahuja: So you’ve got multiple tenants in every location, and you need to apply different security policies for every one of these tenants. With today’s model, you buy network elements and you buy security elements. And you kind of do a stack of those depending on how many tenants you have. You end up with a sprawl of appliances inside a telecom closet, which is very difficult to manage and maintain. And operational expenses are high. And anytime you want to make a change, change-management becomes quite complex too.
I started to think about how to solve that problem in a different way. I talked to venture capitalists in the Valley, and they introduced me to Versa. I spent time with Kumar and Apurva [the Mehta brothers who founded Versa], and I found that things they were doing already were way down the path of what I was thinking. They have fused WAN and security together with this cloud-native model. That is unmatched in the industry today. It’s a multi-tenant, cloud-native, software-only type solution.
What else about Versa attracted you?
Ahuja: This is a solid team with an amazing track record. They were brought into Juniper to build the MX960 many years ago, and that’s actually a work-horse of Juniper’s numbers today. They have tremendous traction with the customer base I know well, which is service providers. Having done that in the frame relay days, and the ATM [Asynchronous Transfer Mode] days, and the MPLS days, this is something I know how to do. I haven’t seen this amount of excitement among enterprises and service providers since the days of MPLS and Internet. Eighty percent of service providers are touted as deploying SD-WAN services by the end of next year. The managed networking and managed security market is going to be over 80 billion in 2020.
But aren’t service providers kind of shooting themselves in the foot, convincing enterprises to drop MPLS lines? What are your thoughts about the business model for SD-WAN?
Ahuja: I don’t think anyone is excited about losing revenues. But they want to make sure they can offer customers the right solutions with the right price points to meet their business needs. What they’re trying to do in my view is say, ‘Hey mister customer, if you have two MPLS circuits today from two different vendors, I’ll sell you an MPLS circuit and broadband Internet on my network. Then I’ll also be able to do managed services for you, using SD-WAN. And by the way, I’ll sell you managed security as well.’
It’s the addition of new services, especially security that’s exciting for service providers?
Ahuja: Absolutely. They are looking to add on additional services. Because if you look at the traditional managed CPE devices, the attach rate on services and security is not that high. But every enterprise is looking to have a managed security offer. They want the service providers to do it. Security is not that simple. You’ve got different boxes doing different things. It’s really complex. We’ve got a pre-packaged integrated way for them to offer next-gen firewall, or UTM, or statefull firewall, or other things right in the same package. So the key is making it easy for them to sell the service and making it more profitable for them, and also doing it all in software.
Besides saving money on MPLS, what are some of the biggest selling points for SD-WAN?
Ahuja: Customers want to accommodate a shift to public cloud. They’re seeing increases in traffic at their sites. There’s a need for more bandwidth. They want to spend the same and get a lot more for their money; not necessarily cut their costs but get more for their dollar. They want self-care and self-provisioning. But the biggest thing they want is application intelligence to drive policies. For example, if I have an MPLS circuit, and I have a broadband circuit, I want some applications to still use MPLS, but other applications to use the Internet access. And by the way, if I’m heading to the public cloud, I might as well go directly to the broadband Internet connection right at my branch. They want that flexibility to make those policies.
They also want agility. One enterprise customer said a while back, just the sheer number of configuration changes for firewalls takes up a lot of their maintenance windows because they have to do it in off-hours. To do that with one button can save tons of operational expenses, as well as get it done faster.
Some service providers, Versa’s customer CenturyLink for example, have indicated they’re happy to be able to expand their footprint out of region with SD-WAN. What are your thoughts about that?
Ahuja: When I was a service provider and I wanted to offer ATM, or frame relay, or MPLS service, I’d have to get an access circuit from a local carrier or build my own access circuit. That was an expensive proposition. Out of market where I don’t have any access, has been a very difficult proposition. With this they can go out of market where they can get broadband Internet. This is an overlay solution that works across any connection they can get – off-net. That is really easy and simple for them and much lower cost. They can go global if they want.