Steve Herrod is a pioneer in cloud computing and virtualization. He’s probably best known as the former Senior Vice President of Research and Development at VMware, the fast-growing virtualization software company. During his 11-year tenure, he helped guide the VMware technology strategy as the company grew from a startup into a 3,000-person engineering organization with $4 billion in annual revenue. Prior to that, he worked at Transmeta, a Linux software specialist.
Currently, Herrod is a partner at the venture capital (VC) firm General Catalyst, where he looks at investments in cloud computing infrastructure and applications. Recently (actually it was about two month ago, but it took me forever to transcribe), I interviewed Herrod on the phone, asking him about new trends in virtualization and investing trends.
This was an interesting conversation that was wide-ranging across many broad technology trends, including cloud computing, mobile, security, and data-center virtualization. Below, I have flip-flopped the interview around, starting with the concept of the “New IT,” in which Herrod describes the many new challenges of the IT manager.
Rayno Report: You are saying the Chief Technology Officer (CTO) these days has three major things to consider. What are they?
Herrod: The CTO has three things they focus on. The first one is choosing where today and tomorrow’s application will run. Should I run it virtualized in the private cloud or take it to Amazon? Go to PAAS (Platform as a Service)? Is this something I can run in Docker? That’s a core decision.
The second one is how do I track, protect and mange those things. Now how do I ensure I have the right security for things running in PAAS and public cloud?
The third is how do I embrace mobile across all of these technologies? It was originally a story around BYOD (Bring Your Own Device). Now it’s shifting into the question of how a company fully embraces mobile not just for customers but for inside the company. This is driving the future of enterprise IT.
I have spent a lot of time looking at companies making the shift from being Web companies to mobile-first. Even companies like Intuit have made the shift. Originally, it was a web app. Then they outsourced mobile design. Then they have a team that focuses on mobile. It also changes the infrastructure.
Rayno Report: Explain how.
Herrod: Every internal application can be so much better if I have a mobile app. The first thing I find out is that the first time I write a mobile application, it might be the first time we are accessing company data. It could be the first time you create an API for this data. I’m finding that mobile applications can spur the creation of an API for the first time.
Rayno Report: And you have pointed out this has security implications.
Herrod: It used to be the good guys were inside the company, the bad guys were outside. In the mobile world, the good guys are outside the company more than not.
Enterprise has gone for ups and down, but all of these things at the same time are causing lots of confusion.
Rayno Report: What about Open Source?
Herrod: I get asked about it every day. I see it from the startup angle so much. You don’t find a company that’s not using a ton of open source. I’ve been asking a lot of companies how high a priority is it and why. Do you want escrow control? Is it about pricing? I have been looking at the different business models.
Rayno Report: But for a technology company based on open source, it’s challenging to find a business model, right?
Herrod: There are basically four business models that can emerge: 1) The “Red Hat” model: Helping to “tame the chaos” with support for versioning 2) Support and custom feature work 3) Sell a closed-source add-on; and 4) Offer it as a service. That accelerates it and lowers the cost.
Rayno Report: This technology called Docker is hot these days. What does Docker mean?
Herrod: People think it’s just arrived, but I’ve been watching it for 10 years. It’s exciting to watch.
The core form of containers have been in Linux for a while. Docker is building on operating-system level virtualization. You’re talking to an operating system. That has pros and cons to it. On the pro side, it takes a very application-centric view of the world, you are skipping a lot of the layers and you need it to be lighter weight. On the flip side, it’s very independent on Linux, and it needs to be a certain type of Linux to take advantage of the system.
Docker is interesting as a technology for packaging up applications. It’s also interesting as a community. It has the opportunity to be the standard way for applications to be delivered. There a lot of startups rallying around this.
With Docker, there is a repository for components. It allows developers to grab components. True portability — it can be deployed on your laptop, servers, or Google’s Cloud. There is and opportunity for Docker to become a standard.
Rayno Report: How would you invest in the Docker?
There are a number of startups. Docker, the company itself, is a startup that is dealing with how to package applications. It is very well funded and its last valuation was over $400M.
This a great way to run stateless applications. I would be looking at tools that provide management of docker, but other applications as well. I like evolutionary solutions.
[Our investment] Illumio is thinking about how do you deal with security in this world, whether it’s virtual machines or Docker.
Rayno Report: Recently we’ve been covering the Software Defined Networking (SDN) market very closely. Are you involved in networking and SDN?
Herrod: I am not directly involved in SDN. I’m a little more bearish on how quickly SDN will be rolling out. I like security companies that are working on problems that are out there.
Rayno Report: What’s your biggest concern?
Herrod: How long it takes to roll out. With the Nicira acquisition (by VMware), concepts in the space take a long time to roll out. Because the network touches so many different features, it takes a while longer.
Another area that I have been thinking about, inside the data center, is looking at all the switching and firewalls that can go from East to West. That’s causing a really big rethink of how things are working in the data center.
Rayno Report: Explain this.
Herrod: If you have a virtualized data center, the network is the piece of the puzzle that is causing the most restrictions on how you can move data. You can think of the data center as a giant pool of resources, and this is true, unless you have to choose which subnet to be on. Using Network Functions Virtualization (NFV), you can make that a valuable tool by moving applications around.
As we are watching all these security issues, in the old days, they were outside the perimeter. Now they are inside the data center. So, they are looking SDN approaches. There is a lot around security because of the harder technical challenges
Rayno Report: Tell us about Cisco’s strategy to get into SDN.
Herrod: That’s a good question. They are playing to their strength — administrators and hardware with quality of Service (Qos). They are making the right evolutionary move. There will be a clash between and a software-centric view. But it will take many years.
Rayno Report: What are the pros and cons of each?
Herrod: With the software-only angle, that pitches network control. The reason for the Nicira acquisition is that it works on OpenStack. It also works on a pure VMware stack. That is a preferred choice if you are a VM administrator. If you take a more network-centric view, ACI works well when core hardware capabilities are the key skill.
Rayno Report: What are the areas most prime for NFV?
Herrod: Traffic management, firewalls. Those are the biggest. You can look at about just any appliance placed on the edge of the network. An appliance at the edge has to be ready for traffic coming through it. The idea that you push that down into the network allows you to be much more right-sized.
Most networks have the question of: Where should my application reside? Service provider or local? NFV that can be more portable.