What's Up with Tech?
Tech Transformation with Evan Kirstel: A podcast exploring the latest trends and innovations in the tech industry, and how businesses can leverage them for growth, diving into the world of B2B, discussing strategies, trends, and sharing insights from industry leaders!
With over three decades in telecom and IT, I've mastered the art of transforming social media into a dynamic platform for audience engagement, community building, and establishing thought leadership. My approach isn't about personal brand promotion but about delivering educational and informative content to cultivate a sustainable, long-term business presence. I am the leading content creator in areas like Enterprise AI, UCaaS, CPaaS, CCaaS, Cloud, Telecom, 5G and more!
What's Up with Tech?
Telecom Transformation: Automation, SASE Innovation, and a Future-Driven Ecosystem
Interested in being a guest? Email us at admin@evankirstel.com
Join us as we sit down with the CTO of MEF, to explore the forefront of telecommunications innovation. Pascal shares his vast experience and sheds light on how MEF is revolutionizing the industry with automation, virtualization, and seamless cloud integration. We delve into the collaborative efforts between service providers, vendors, and enterprises to develop groundbreaking standards and frameworks, addressing key industry challenges like machine-to-machine communication and on-demand connectivity. Pascal articulates MEF's mission to cultivate an efficient and cohesive telecom ecosystem, benefiting all involved.
In another riveting segment, we tackle the critical landscape of Secure Access Service Edge (SASE) technology and its transformative impact on modern cybersecurity. Discover how SASE is enhancing security by transitioning functions from on-premises to the cloud, providing real-time threat management through edge-deployed scrubbing centers. We introduce MEF's blueprint aimed at standardizing and enhancing security services via APIs, automation, and certifications. Additionally, we discuss MEF's forward-thinking operational strategy, including the launch of smart contracts as a service and the global federation initiative. This episode promises a deep dive into the future of telecommunications and cybersecurity, offering insights that are not to be missed.
More at https://linktr.ee/EvanKirstel
Hey everybody, Fascinating chat today with METH, an amazing community focused on what's next in networking and network as a service. Pascal, how are you?
Speaker 2:Good Evan, Good good, Doing really well. How are you?
Speaker 1:I'm well. Thank you so much for being here. You're the CTO of METH, an amazing community around an industry I've spent 30 plus years in, so I have lots of questions about the amazing work you and the members are doing, but maybe introductions are in order. First Introduce yourself, if you would, and who is MAPH for folks who may not be familiar.
Speaker 2:Absolutely. Thank you, evan. So I'm Pascal Menezes. I'm the CTO of Mef about eight years ago. I was also the co-founder of Mef in 2001, but left shortly after. So I have a huge background, like yourself, in telecom and really excited about the new times of telecommunications and what we're doing and all this softwareization and virtualizations and clouds. So really, really fun time. Now.
Speaker 2:Mef itself is an organization global. We have about 200 plus members, mainly source providers, 130 plus source providers worldwide, and then the rest are all vendors, gsis and automation. You know networking vendors and so on, and together we come together to build on a foundational layer about what the next generation of telecoms should be and not have to reinvent themselves. So examples of automation how do you plug in to each other and make that automation work across the ecosystem? How do we define that connectivity to turn it up really fast? We call it on-demand connectivity. How do you add all this overlay technology? You know privatization of the VPNs, which is really SD-WAN with application performance guarantees. How do you put in cybersecurity into this whole area? Sase has become the big thing. And then, finally, multi-cloud you know hybrid and multi-clouds. How do you connect all kinds of clouds? That's going to be very, very significant and important.
Speaker 1:Well, fantastic topics. And how do you engage and support the community to drive innovative thinking and collaboration in this space? What role do you see yourself playing?
Speaker 2:So it's a really interesting question because most standards organizations can work a vacuum, in my opinion, and don't really bring into account the key stakeholders. What we've done, I think, a little differently since I've come on board is we have a top-down view about you know the executives, like myself, but we've got a board of directors, our chief product officers, ctos of major telecom tier one providers worldwide. We have a technology advisory board of the key stakeholders and owners of their business, both in cybersecurity and automation, and now you know system integrations. And then we also have brought in the Enterprise Leadership Council, so 12 top multinationals now have joined in. Then we've also added in a CEO advisory board that really comes in and talks about what the CEOs they're thinking about as tier one providers and vendors, what they think about their business models and so on.
Speaker 2:And we also have these regional councils that, for example, latam Council. We're starting one in Southeast Asia. We're talking about what's geographically, what their concerns are. So together we come together and we talk about what we're trying to do, what are the concerns and challenges of the industry, and then together we take that and we put that into actual projects and implement that into actual standards. Where it becomes automation, apis comes out of it and SDKs, or we have actual standards that then drive certification and then the members benefit from all of that. And it's all geared towards the strategic initiatives about how do we make everybody in the telecom industry win grow bigger, better, faster, bolder and that's kind of our goal is to make everybody win.
Speaker 1:Fantastic and describe some of the frameworks. You called out a couple there and you know how do you see those helping with. You know challenges, obstacles for the industry. What are some of the more recent initiatives that are top of mind to you in the community?
Speaker 2:Yeah, so it's actually a very good question. You know, we're seeing this world of machines come in and I know many people don't like it, but machines are becoming very, very important in the world of technology, especially in services and telecom, to be exact. And what we're seeing is that machine-to-machine communication has now become extremely important to be able to turn up any service at a cloud-like speed. If you're used to telecommunication in the old world, it used to take three months, six months to turn up anything, and that's kind of old world thinking. The new world, what cloud has taught us is that I can go into a portal, click on something and instantly it turns up. And that's the experience everybody all the enterprise, you know, it pros and the business owners want is that experience.
Speaker 2:So what we've done at Neff is we provide this huge automation framework in place which has open APIs, and these APIs have two really major, significant areas. One is well, three to begin with automation. One is in APIs. We have business APIs, so APIs, where the enterprise can go in to a provider and ask for a quote for a certain address, get a price quote for a service. Do they like it? They can order the service. Then, upon that ordering of the service it might have to be.
Speaker 2:That service is located in many parts of the world that they don't really own. For example, if you take a service provider in North America and let's say you have a big enterprise saying I want to connect to all my sites and the clouds all over the world at these geographies that one service provider does not have the connectivity to do that, underlay connectivity all over the world. So they have to work with all their ecosystem partners to do that and to coordinate all these sites. To turn up and create this virtual private layer to an hour, for example, so that would normally take six months and getting price quotes and salespeople involved. All that is going away to basically either APIs or a portal that that enterprise customer comes into and says I want these sites, I want these services, I want these speeds, I want this availability and blah, blah, blah. And then out pops out the quote and they like it. They just click order and out goes the order to all of these partners to then turn up their loops and test it and then make sure it's working right and then monitoring it to make sure it's performing right handling faults. So these are all the operational aspects of apis and then finally, if there's a fault, there's a trouble ticket between all the providers have to go, and that's automation also, and then finally they have to build and settle across the ecosystem.
Speaker 2:So that is, if you can imagine, a massive amount, amount of automation, and the APIs have to be highly interoperable across all of these enterprises and also these, especially these ecosystem partners which are providers. So if you think about that, what we've really done is glued in this massive automation plane across the global ecosystem that everybody can plug into for turning up their loops today. But you're seeing tomorrow where they want to be able to access data centers to put their compute in there for example, providers for putting edge compute in across the world that they don't normally have. Or they might want to connect to a certain cloud, a certain type of SaaS cloud, and they want to do that also, and that SaaS cloud might have regions that they don't really have connectivity to. So all of this connectivity or application assurance or the cybersecurity is also big, adding cybersecurity into it.
Speaker 2:All of this automation has to happen at cloud-like speeds across the planet and all this ecosystem has to plug in play together and that means tremendous interoperability, and that's really what we've been doing at MAP, since I've been here for eight years, coming from a software background, and we have a massive adoption of 160-plus providers somewhere on that journey that are going to make me a plug-in. So we're really, really excited about what we've done there. And then every provider you know I'm talking about that inter-provider, that ecosystem connecting but every provider also has to have their own automation inside their own network. So that's another massive undertaking every provider has to think about how do I automate inside my network? So we've collaborated with TM Forum on how to do that and that was just announced in June, and so we've got this whole ecosystem fully automated, end to end and within each other's provider's network. So that's really powerful and that's kind of what we've been doing.
Speaker 1:Oh, fantastic work. And network as a service is a fascinating new way of delivering connectivity and networking. Radically different approach. You recently introduced a NAS industry blueprint. What were some of the insights from that?
Speaker 2:a very good question, evan. It's actually ironic because NAS network and service was really being around for a decade plus, coming from the point of, hey, let's connect on-demand our sites together through automation and site-to-site, site-to-data center, and then what we've been seeing is all this new technology emerge with SDN, software-defined networks and virtualization and automation, and then all of a sudden we started seeing network as a service change from this connectivity model to now. You know how do I deliver modern networks to the enterprises and that's what MIF's taken on. So we've said it's not just about the connectivity, the underlay, which where we you know, brought in the carry Ethernet market and grew it to $80 billion worldwide. It's not about just that connectivity that makes the business network. It's now adding in the application assurance above that. So SD-WAN technology, software-defined wide area network technology, came in about a decade ago. That's become very, very widespread and ubiquitous and that overlay technology sits under the underlays and they provide application insurance guarantees so applications perform right, which was always a big concern for many business owners where they have very mission critical applications how well those applications perform. So that was two things that are coming together and all of a sudden now cybersecurity has become top of mind.
Speaker 2:In fact, we just released our cybersecurity report, just a month ago, or a few weeks ago actually and it talks about the state of where cybercrime is and what cybersecurity is trying to do. And we talk about cybercrime is projected to be $15 trillion by 2025. Now, whether it's accurate or not, globally it's a pretty large number. And then we're talking about, well, what do we do to address this? And we're only spending 200 billion worldwide to try to address a $15 trillion economy that's full of criminals. So really, at this point, how do we handle this?
Speaker 2:So the industry has come up with this cloud-based security technology called SASE Secure Access Edge and the idea is you move security functions from within your sites and your data centers and your buildings. You still have them there, but you move them into the cloud and so everything, every packet, every transaction, goes through this scrubbing center. So it's very latency sensitive. It has to be deployed at the edges where the enterprises are connecting to the pops of the providers, and these SASE clouds then becomes a scrubbing center that everything goes through and checks for all kinds of malware, for exploits, evasions, threats and even connecting to the internet. It checks to make sure that the URLs are not somewhere, some dark net or someplace like that. So really, at the end of the day, all of this coming together, cybersecurity added on to this overlay of application performance, to then adding in the transports to take and to deliver all the packets end-to-end, becomes really a daunting task. And now add to that the destinations are not data centers, they're clouds, they're clouds of all types.
Speaker 2:They're hyperscaler clouds or infrastructure as a service or SaaS services. There are many companies that move themselves to a cloud offering, so you want to connect to all those different SaaS offerings. We're seeing AI clouds come into now. Very AI application-centric clouds are emerging, so you want to connect to those AI clouds and they are seeing the edges too, or some regions, because there's also a sense of the latency.
Speaker 2:So the complexity of what I just talked about is kind of mind-numbing and so now enterprises have to deal with like this is what I want and then providers have to deliver on all of this, and they have to deliver it as a service, and as a service means that commercial models are very different than contractual models. So I'd love to go into that if you want to hear more, but it is so challenging. So at MEF, we've packaged all of this in a blueprint that allows providers, vendors, cloud providers, service providers to all use the blueprint like open source as a baseline, to go implement all the APIs, the automations, the certifications which I haven't talked about even and then go ahead and then build their own differentiation on top. And that's really what we see as NAS is what we're delivered as a blueprint and how this all comes together.
Speaker 1:Fantastic approach. You mentioned certification. How does that work? What are some of the benefits for both the service provider and the enterprise customers who might be leveraging it?
Speaker 2:Yeah, evan, you know the funny thing about certification. We see it in everywhere. I just bought some monitors and there's, I think, a standard for mounting onto my displays and my mounts, for my multi-head displays, and I'm like there's a certification standard for that. There's a certification standard for power. I get a power plug, you know, to plug into my computer. Certifications are the norm everywhere and for some reason, you know, we don't look at cybersecurity. I mean certifications being very important, especially in cybersecurity. So we've done certification for our carrier and it's widely deployed, adopted. Everybody takes their standards. They get certified to make sure the service works right. We've deployed it. We're now finally doing that for SD-WAN certification. We did the version one. Now we're version two of that SD-WAN certification. We just launched our beta for cybersecurity.
Speaker 2:For SASE certification, I got to tell you this is the first in the world that actually tests for how well threats are being managed by these services. Yeah, and there's nothing like it. So in the past what's happened was people were buying these cybersecurity services from vendors or from service providers and they had no idea how they've been protected from threats, and so they would either test themselves or hire a company to check it and do penetration testing and so on. And what we realized? Well, this is craziness. We are standardizing the cybersecurity of SASE and SD-WAN and we should be checking the point of how well applications behave in the way of WAN impairments, for example, for SD-WAN, how well does applications classify? Because every application is encrypted using TLS or HBS and so you can't use just a normal port lookup, udp, tc port lookup. You have to use heuristics and classifiers are very sophisticated to find the application in it, because that's important. If you don't know the application, you can't know the policies to apply.
Speaker 2:Then you look at threats there's exploits, evasions, malwares there's a million malwares. You know database you have to look at. There's thousands and thousands of exploits and invasions. You have to look at, you have to test against that, all these products. Then you have to test against that, all these products.
Speaker 2:Then you think about cybersecurity was in the enterprise. So they had this appliance where they put firewalls and their IDS, ips and all the various security functions, but they were single tenant so they could handle performance only for that tenant. But you move all of that into the cloud. All of a sudden that cloud is a multi-tenant model. So how well does the security functions now perform in a cloud-native environment. That's multi-tenant. That is a whole other beast.
Speaker 2:So when they port all their code, you know does it work right? Does it still protect right, does it perform right? And then you have now zero trust. What are the policies? Authentication, authorization policies Do they work right?
Speaker 2:So you could see this complexity we're talking about and why cybercrime and the exploits have really been taken off, because it's so complex that no one really knows this. And so we're testing for all of this to make sure the vendors got it right, the providers got it right, and we deliver this certification not on a pass fail, but basically on, like what we did with bonds and Moody bonds rating. You know a triple a, you are highly, highly secure from exploits, evasions, malware, blah, blah, blah all down all our testing criterias and if you got you know a double a or b or c, you need to go, go, try to get to triple a. So our, our certification is a year-long subscription that really promotes everybody to try to get to AAA and if they don't get it, come back, retest, fix the problems and basically try for that AAA. So that's what we're trying to do and that is really the first of its kind, and it's highlighted in that security report we released as how we're going to try to solve this cybercrime of $15 trillion.
Speaker 1:Wow, incredible mission. Congratulations on that. Describe how the organization, your members, work on a sort of month-to-month basis. I assume you have virtual meetings, you have in-person meetings. You're doing a lot of information sharing. What does that look like for the members?
Speaker 2:Yeah, very interesting question because we're talking about a global membership. And so how do you participate? It's really really challenging sometimes. So we do meet four times a year, physically, person to person, every project I'm the CTO I've been overlooking about 60 plus projects are active, plus member Since 2001,. We have tons of standards that's already, you know, adopted. There's hundreds of the standards and 60 new projects of all the things I've talked about. And so we have teams all over the world of members, contractors, vendors, all working together to, you know, deliver on this kind of baseline technology, so no one has to reinvent it from scratch. So we do that, like I said, four times a year. We have weekly calls on every project that's led by. Normally, you know, we call it editor, co-editor or a lead of that project, and they bring their teams that want to participate together. We also have our yearly event called our global nas event, global network as a service event. We had the first one last year, uh, and we're doing this one in Dallas this year. That'll be the last week of October in Dallas, and there you bring in a ton of thought leadership that talks about where's the industry going, and you know, for example, we were talking about what AI is happening with inference and transformers and, obviously, general AI. How would that play into services, into the telco environments where cybersecurity will be? How do we do automation? We'll have an automation conference also on day one.
Speaker 2:There's a lot we do so as membership, our goal is to bring all our members together to really go through this. Now, in the past, sdos rely on their members to do the work. We flipped it a little bit. We are now hiring. We hire contractors to do all of that grunt, detailed, minutiae work which our members don't have time for because they have their regular job. But our members act as subject matter experts and business owners. They tell us what's important to them. They tell us what the product roadmap, what they're looking at, where their challenges are. They're looking at our work and saying let me review it and give you my thoughts as a subject matter expert.
Speaker 2:So we're moving more and more to our membership becoming an ecosystem of thought leadership. Memberships are giving subject matter expertise and then we're hiring the contractors and the developers to do the work. And you know me doing startups. That's my natural way, how I think, and it's really allowing us to move at massive speeds that no other standards organization can do, and that's why you look at our work I just described. You're going, wow, that's like boiling the ocean. The answer is most of it's not wafer bear, it's actual production, great stuff really delivered into the market already. So over eight years we've done all of this and we continue to push forward.
Speaker 1:Well, it's very exciting. It must be very gratifying fun to have such a unique position and perspective on the industry. What are you excited about the next, you know, couple of months through summer into the busy fall season. What's on your mind professionally, personally?
Speaker 2:Well, personally, I'm going to enjoy the summer here. I live in Seattle, so I'm going to take a little time off and enjoy the time to thrive yeah.
Speaker 2:Nothing like Seattle. You know it's called Emerald City for a reason. It's beautiful. But I have planning towards the end I'll be in Batik. It's a big conference in Bali which will have all these Asian operators there. We'll be talking about all that's going on, southeast Asia, because every you know every continent has their own flavor of what's going on. So and where they are in the maturity cycle of all of this evolution to this next generation of codification.
Speaker 2:But what I'm really excited about is we're bringing in smart contracts as a service. We're going to federate every thing called federation. That's going to be launching. That will be the implementation of all our work that says plug in, join in together, build this big global federation that everybody can participate in, whether you want to have just connectivity or you want to do SASE clouds, or you want to get to AI clouds. All of that's going to come in and that all means takes all our work plugging really powerful over the next couple of years, and that's kind of what we're thriving to and we're getting all our members to plug in and to connect together and to really create this ecosystem, this global ecosystem that has all that automation, cybersecurity, connectivity, clouds and the access to, finally, ai clouds all over, including edges. So I think you know you can hear it from me I'm super passionate because I really love what I do and after 40 years you'd think I'd be kind of bored of it, but it never stops for me.
Speaker 1:It's the most exciting time in this industry, for sure. Well, congratulations on all the success and it's really excellent work. It's really a much needed role you're playing. Thanks, pascal.
Speaker 2:Well, thank you, evan. You know you, being a big expert in this industry for so long, I know you can appreciate the things we're trying to do, and we do have massive goals and these are massive aspirations. But again, eight years ago, I was daunting. Eight years later, I'm the CTO and I'm thinking, wow, look at what we've done. You know you look backwards, you go oh, my God, I cannot believe all the things we've done. It's just incredible, and again, not thanks to everybody our membership, our leadership, our contractors, our staff everybody's participated in this, so it's been a really inclusive model that has really made this work, and so I'm so grateful to be part of this journey.
Speaker 1:Absolutely Well, onwards and upwards, and have a great summer. Thanks everyone for watching. Reach out to MEF, mefnet, great website. Lots of amazing resources there as well. Take care, pascal. Thanks everyone.