The issue with the imperative model is, what happens if the controller fails? If the controller fails, your devices are going to fall apart. The analogy we use is an air traffic controller. The air traffic controller says where planes go, and yet pilots fly the planes. So even if an air controller were to fail, the pilot would still be able to navigate the plane safely.
NW: How do you decide how much intelligence to distribute where?
SJ: We are not the ones to say what intelligence should be in a load balancer or application delivery controller. We leave that to the experts in those markets. We just have to make sure the models we are putting forth have the ability to deliver the services at scale in a secure and highly automated manner.
NW: Let's turn to the competition you're seeing from VMware. How would you classify the differences between ACI and NSX?
SJ: We have taken a holistic approach, thinking about the requirements not just for the network and its automation, but also the requirements of the applications. And where I think we have a clear advantage is we provide real time telemetry and visibility with a common operation model for your physical networks and your virtual networks, whereas in the case of NSX they require gateways, they require shim layers on third-party switches, they require separate operational silos for the physical world and the virtual world.
The minute you start to impose this level of complexity you're going to increase OpEx because the customer will need to operationalize a physical network and a virtual network separately and will have to manage the gateways that span the physical and the virtual.
Another area where we have a unique approach is a single pane of glass for third-party Layer 4-7 service vendors and automation and ecosystem integration, whereas NSX would require multiple consoles for third-party Layer 4-7 services automation because they themselves sell security services and compete with their ecosystem.
And last but not least, we have a far more superior total cost of ownership. We do not have a per virtual machine tax ranging from $10 per virtual machine per month to upwards of $15 or $20 per virtual machine per month. That, I think, is going to be a very expensive proposition for customers who are getting called upon to do that.
NW: Many people say the network overlay approach VMware advocates is easier to get going. Doesn't that give them a market opportunity, while your migration will take longer?
SJ: I believe that NSX's software overlay approach is going to be adding another layer of complexity without solving the holistic problem of how the customers will be able to more rapidly and cost-effectively deploy applications. It's easier said than done trying to overlay a network on top of an existing physical network. The operational challenges and complexity is far greater than meets the eye. And if this approach is such a big window of opportunity, then why hasn't NSX achieved any customer traction with seven years of existence? Where are the large production-worthy deployments of NSX? I haven't seen any.
Sign up for CIO Asia eNewsletters.