So, we've given you a few options, as you can tell here; application roll manager, network insight, we've got several videos that on the internet, we got a couple of white paper, some customer sessions, HOLs, we've got a few things from VM World, where we highlight how you can use a log ingsight to do a lot of this as well. So, let's kind of transition from our first use case of micro-segmentation planning and now let's talk about overlay and underlay visibility. Now, when we get into this use case, we're actually get into some fun and interesting discussions. There's not really anything in the platform that will help you from an underlay perspective. We're not going to tell you what the physical switch configuration was, obviously, you can see uplinks between the overlay and the underlay but more importantly, what we've done with network insight is we've taken really the configuration data. So, we're actually going to go out to the physical networking devices, we're going to add or we're going to go gather data from CLI, SSH, APIs and really build out a map of how these workloads are communicating. What I mean by a map, and I'll actually do it, I'll draw it in just a second, but we're going to be able to tell you L2, L3, L4 and if you're using one our service insertion partners from an L7 perspective, we can actually show you how these two VMs are communicating, what their physical uplink is obviously, this V Amazon and ESXi host. Then, it communicates with each of the n points, we're going to cross the overlay, we're going across the underlay, and we're really going to provide that full visibility to VX land functionality and how I'm maneuver, or how this flow, is an example, would maneuver the network both from an NSX perspective, from a software defined perspective, and then from the physical underlay. So, let me do a quick drawing here of maybe what it would look like. So, I'm going to go ahead and leave this specific VM to VM communication, by the way, this use case also applies to VM to physical VM to Internet, and so on, we'll just give you the purview as much as we have. So, if I was to expand this very simple drawing and say that over here, I have a VM and we will actually then tell you it's sitting on any ESXi host, we will give you the vNIC as an example, I'll draw this simple vNIC that is associated with that ESXi host. Maybe that vNIC is a part of a VDS, as an example. More importantly, if I've deployed micro segmentation at the vNIC level, I'm actually going to be able to tell you the firewall rules. So, here are the firewall rules that are applicable for this workload. So, you would obviously add them in here and I'll just say firewall, and then VDS. Though pretty simple, eventually, this VDS is going to connect to the physical network and maybe I have a switching routing device here. So, I'll just say physical switch and maybe you have a router in here as well, I'll just say physical switch, physical router, and then I go to another VDS that's associated with an ESXi host and ultimately, another VM. And basically, what we've done is we're showing you each of the steps from an overlay and underlay visibility perspective. Now, this is a very simplified drawing of of what the UI would actually look like and honestly, I can't do justice to some of the beautiful things that they've done to it to display this but the key is I can show you the distributed firewall rules that were applied. Maybe I'm offloading from an L7 perspective, I can actually show you the checkpoint in Palo Alto firewalls that are associated with that particular workload. I can show you not only the virtual distributed switch but I'm going to show you the NSX's portions, as I mentioned, the dfw, the NSX's switch, routing, edge firewalls. I mean, every aspects, whether it's in kernel, on the host, or whether it's the edge firewalls themselves. All of this is going to be displayed from an overlay and underlay network perspective. The key is, not only show you this visually, but maybe we're actually going to tell you, "Hey, what was the MTU setting on the VM itself from a vNIC perspective, all the way back to the physical network in which it's associated with?" The beauty with network insight in this specific use case is it's really about giving you a clear picture of what your environment is looking like, what it's doing, how it's changed, and there's a lot of other aspects that fall into this. Another thing to look at when you're here, is because we have a time machine notion within network insight, is you can actually go back in time and look at what this configuration look like two weeks ago, 30 days ago, did something change? Was there a network? I've even had customers who've been very syload, and the network team says, "Yes. You can use NSX but what we need is some additional visibility." So they use network insight to actually help them with some physical networking, troubleshooting, and associations there. And I think, that's kind of the key with network inside is we're not just focused on the virtual aspects. We actually go out, and I'll write it here, we go out to those physical devices physical routing and switching devices with an API, SSH, CLI and when we allow you to aggregate that data and ultimately have an audit and compliance view of that data. So, that specific use case for overlay underlay visibility really is only applicable to network insight. So let me write a few things that our customers appreciate about this overlay and underlay visibility. The first thing that we often hear from our customers is it provides audit capabilities, so there's an audit function. I have a time machine notion in network insight within log insight obviously have all of the logs I can do searches, I can truly understand what is changed from a topology perspective with the network insight maybe in log inside, I can figure out who made the change, and then it provides an audit function. Some say it's also compliance, audit and compliance, maybe you want to lump those two together. What I see from a compliance perspective is, has there been a significant shift in the policy? What has changed? And all of a sudden, somebody maliciously within the organization or even maliciously outside the organization, depending on the use case, did somebody gain access to the environment, maybe from one of the flows? And ultimately, then we would see, "Okay, well we had a flow from this VM to this VM. " or it never occurred before today but all of a sudden we see it, all of this is associated from a network insight perspective, from a compliance detail with log insight. I mean, obviously, we can talk compliance with log insight, several of the dashboard, several of the widgets, are really built to help you from a, do I have blind wide-open, do I have VMs and have a distributed firewall associated with it deployed but there's an allow all any rule at the bottom. Those are the types of things that we really try to focus on when we're looking at it from an audit and compliance perspective. And then, last but not least, and this is a key use case especially, personally, is I'm all about change. What has change? I mentioned a little while ago but the key is with change. Our environments are so agile, they are making changes on a daily basis. Things are moving back and forth, automation solutions are building up, spinning up, spinning down, deleting. Ultimately, we have automation solution, maybe years and be realized automation to make firewall rule changes or to move a workload, all of those changes across the micro-segmentation use case, across the visibility use case, are all tracked and change between both network insight in log insight.
