HPE Aruba President Melkote On The Value Of A Multi-Vendor, API-First Approach And The Endgame For Cisco-Style Vendor Lock-In

HPE Aruba President Keerti Melkote speaks with CRN about the launch of HPE Aruba's NetInsight analytics solution, the acquisition of Cape Networks, and its planned midyear push into the SD-WAN market.

API First, Lock-In Last

A new machine learning-based network analytics offering, an acquisition, and an entrance into the red-hot market for software-defined WAN solutions: HPE Aruba President Keerti Melkote is aggressively pushing the company into an API-first strategy that he says provides more value to customers and partners, and deals a well-placed blow to Cisco's approach to the new era of networking.

Sponsored post

Melkote highlighted the launch of HPE Aruba's NetInsight analytics offering, the acquisition of Cape Networks, and its planned midyear push into the SD-WAN market during the company's Atmosphere conference in Las Vegas this week.

The moves are part of a strategy to help the company and its partners capitalize on the market's move toward software-based infrastructures as customers seek to quickly monitor and manage an increasingly mobile workforce. HPE Aruba's API-first, multi-vendor approach to network architecture allows customers to meet those needs in mixed, best-of-breed environments rather than being locked into proprietary solutions from traditional players like Cisco, Melkote said.

And while the old and the new will likely co-exist for the foreseeable future, customers are clearly demanding a flexible, secure and efficient software solution, and partners need to double down on meeting those demands to make the most of the huge opportunity in front of them, Melkote said.

What follows is an edited excerpt of Melkote's conversation with CRN.

What drove you to get into the SD-WAN market?

If you look at our customers, a lot of them are in the branch office space – retail stores, hotels – and increasingly what's happening is the world we see is getting very, very distributed. It used to be all my applications run in the data center connected over private network to my branch offices and that's my world. As the applications have moved out of the data center and into the cloud, applications have become distributed. Users are no longer sitting in one place, they're moving around. As the world gets more and more distributed, the network that connects the two is also getting more hybrid. The private line model doesn't work. You're using every opportunity. You're mobile one day using a cellular network, you'll be on Wi-Fi on another day, and the branch office itself is connecting to the cloud. It's not just going over the private WAN, it's going over a public broadband connection.

What's driving that shift among customers?

We see enterprise, which used to be this closed thing, open up. It's not happening because of SD-WAN, it's happening because of mobility and cloud and IoT. The bigger problem is how do you rein in this world and provide enterprise customers some control and visibility into what is actually happening and how they manage the enterprise in the distributed world. Today we offer wired and wireless infrastructures to our customers and security software that goes on top of it. What they're saying is, 'I already have most of my enterprise managed outside of the data center through you, so give me the same capabilities on the WAN side. Instead of having to do something bespoke for the WAN piece, make it a part of your architecture.' That's the ask coming from customers, which is what we're responding to.

How will HPE Aruba's SD-WAN fit into its existing portfolio?

We already have ClearPass for doing data segmentation on the network. We're going to use ClearPass to extend that segmentation on the WAN. We see the WAN as being part of the network. There's the LAN and the WAN and segmentation and security has to apply across the whole piece. Our security and management will layer on top of that. We're going to use our APs as edge devices because they can connect directly over broadband. We can reuse our controllers as WAN devices because they can connect over broadband. That's why it's a feature set for us. It's a natural extension and for customers it's easy because they don't have to deploy something new. They just leverage what they already have, and they're buying a new license to turn on that feature set.

What's the best way for partners to play in the SD-WAN space with Aruba?

For partners, it's a continuation of the story. They're already selling Aruba software and Aruba services wrapped into a solution. They can expand their story to their customers and say they can cover not only the LAN now, but the WAN as well in one integrated, cohesive architecture for the future. It's a very natural extension both for Aruba and our partners.

Is your partner base on the right track, or do more of them need to get on the bus?

I think more of them need to get on the bus, honestly. I see the demand outstripping supply right now. The world is moving very fast, and customers are struggling to keep up with the pace of change, and what their businesses are giving them as a requirement. They're being forced to transform internally. If you don't transform, then you're not moving fast enough, which means your job is at risk. At the business level, it's very objective. At the business level, if I fail, then I'm out of business and nobody has a job. Now, I need to figure out how to get with the program, which means I need my IT staff to give me what I need, and in time. There's a huge opportunity for partners to step in and fill the gap.

All of this points to the continued breakdown of vendor lock-in, but Cisco seems to be finding success with its intent-based networking products. How does that play in the market?

Every vendor likes to say they're doing great. I like to say the same thing. You really have to talk to customers and find out what they're asking for, and they hate vendor lock-in. It used to be used as an excuse to say we can deliver an assured solution for you that works end to end, but the reality is [customers] have figured out you don't need to be locked in to have an assured solution. You can actually integrate with APIs and have something very cool, taking best-of-breed. The cloud world is already there. You can mix and match. APIs rule right now. You're very focused, you're delivering value on a certain service. You mix and match and you create value out of it. You can't deny that. That moment has occurred and it's going to pervade everything. It's going to pervade everything customers do. We're going to take an API-first approach. Every product category that we participate in better be best-of-breed and stand on its own two legs and give customers the opportunity to integrate with whatever else they might have.

In that regard, Aruba must be in many environments where it's running on or with Cisco.

We very regularly get into situations where Aruba wireless is running on Cisco wired, or Aruba wired is supporting Cisco wireless, or third-party wireless. ClearPass, our security software, very regularly integrates with Cisco infrastructure. Airwave has always managed multi-vendor networking. It's sort of a commitment from the ground up to having that API-first, multi-vendor approach to the architecture, which I think is fundamentally different from how Cisco thinks about it. Their model tends to be 'How do I create a lock-in through a protocol that works end to end?' They were successful in the '90s with their approach, and they continue to play that card. I think they'll continue to play that game. I just believe that game is done.

What's your message to partners around that? Cisco partners make big margins, don't they?

That's not what partners tell me. What partners tell me is they don't make big margins because they're not differentiated. Cisco has a huge partner ecosystem and it's very difficult for them to differentiate from the partner next door. Both are selling Cisco. That's the result of being overdistributed. When you have the market share they do, you are going to be overdistributed. What vendor doesn't want to be in that position? The reality, though, for partners is that the only way they can have margins in their business is if they can take the best-of-breed and give customers the outcomes they want. Longer term, if you want a sustainable business, that's what the world is going to move toward.

Does that approach allow partners to more effectively specialize in areas where they're strong rather than spread themselves over a wide portfolio of solutions?

It can be focused. They can focus on security. They could be focused on a solution like a smart building, and bring a solution to the market. Whatever it is, if you're focused and you bring a solution to market, that certainly is a better recipe for better profits than saying I'll do whatever, or trying to do everything and just pushing boxes. I think the buyers are changing too. They're demanding more sophistication and more expertise from their partners.

It seems like buyers are much more focused on getting what they need from the gear rather than just getting the right gear.

You'll always have the volume business where the margins are thin. That's always going to be the case. Procurement will drive the purchasing, and it's about who gives a deeper discount on that particular day. That business model will continue, but the profit pools are moving to a higher plane.

Is the same true for the Cape Networks acquisition?

Correct. Cape is actually very aligned. The same customers are saying you're delivering the network on one side, connectivity and security for my edge. The complement to that is I want to understand the user side of things, and while the network gives me the network perspective, what are the users actually seeing? There's a whole market for service assurance, except today most of that market is focused on data center and the wired side, and the world is increasingly becoming wireless. Cape allows us to take a wireless approach to service assurance. We get the users' perspective of the critical applications that are needed at the edge. Are the applications available? Are they delivering the right level of performance? If not, then it gives you a forensic report on when did it misbehave so we can go back and correlate to what happened with machine learning on the network side and figure out if there was a problem in the network, or what we need to address.

Y ou say all of this presents IT folks with a huge career opportunity. How can channel partners take advantage of that opportunity as well?

For channel partners, to migrate from reselling boxes to integrating solutions for their customers is where the future really lies, and ideally offering their solutions as a service so it's a recurring revenue model. If you look at where the current demand is, it's all about using APIs to integrate and create automated workflows for customers. The skill set needed for that is knowledge of the APIs that are coming out and some rudimentary level of programming so you can hook up the right APIs with the right workflows and create value for the customer. That piece used to be the exclusive domain of the software engineer that sat inside a vendor like ours. Increasingly, we can only deliver products. We can't customize a product for a customer. That is the role of the partner. The more partners have technical staff that is knowledgeable about making these integrations happen, the more valuable they'll be. The cloud world has already moved in that direction. It's all about APIs. The same is going to be true for the edge, as well.

How do you see the NetInsight solution developing over time?

The main thing customers are asking for is to be more proactive with the care of their customers. The set-and-forget model doesn't work anymore. Change is really happening constantly in their environment. You leave something you set up for success a year ago and you expect it to continue to work without a lot of care and feeding, and that doesn't work anymore. Change is constant. There are new devices, new users, new technologies like SD-WAN coming all the time. You never know when there's a last straw that breaks the camel's back. We are in a reactive world. We wait for things to break, and we go fix them. We wait for end-of-life and we go refresh. With tools like NetInsight, we have an opportunity to be a lot more proactive, and it gives us the opportunity to care for the goods that we've sold.

What's the situation now?

Right now, we are blind. We sell the gear, it goes into a customer's network and it doesn't dial back. I have no idea, other than a periodic call from a sales guy or a channel partner asking a customer how he's doing. And the customer is doing great until he calls and says it's broken. This gives us an ability to collect data and be insightful about what we are seeing. Trends are going in the wrong way, let's go figure out what's happening and fix it before a problem actually occurs. We can stay on top of it before users complain.