The Convergence Imperative: Why Security Must Live Inside the Network - Six Five On The Road

Exploding device diversity, expanding attack surfaces, and always-on connectivity are creating new stakes for unified networking and security.

‍

From HPE Discover 2025, hosts David Nicholson, and Will Townsend are joined by Hewlett Packard Enterprise's David Hughes, SVP & GM, SASE & Security, HPE Networking, for a conversation on how HPE’s integrated security philosophy and Zero Trust Network Access (ZTNA) approach are driving the convergence of networking and security. They cover how organizations can secure users, devices, and workloads everywhere by integrating security directly into the network, leveraging HPE’s Secure Access Service Edge (SASE) solutions and their Zero-Trust strategy.

‍

Key Takeaways Include:

‍

🔹Drivers of Change: Increasing threat complexity, IoT expansion, and the growing diversity of connected devices require a shift in how security and networks interact.

‍

🔹Built-In Security: HPE eliminates the unsustainable bolt-on approach by embedding security across campus, branch, data center, and routing functions.

‍

🔹Zero-Trust Strategy: HPE's Zero Trust approach reframes security so the network actively participates in policy enforcement and user protection, reducing the need for layered firewalls.

‍

🔹Customer Benefits: Integrated network security streamlines management, addresses scalability challenges, and improves the posture for protecting users, apps, and data.

‍

Learn more at HPE.

‍

Watch the full video at sixfivemedia.com, and be sure to subscribe to our YouTube channel, so you never miss an episode.

‍

Or listen to the audio here:

‍

Disclaimer: Six Five On The Road is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.

‍

David Nicholson:

Welcome to HPE Discover Barcelona 2025. I'm Dave Nicholson. This is my co-host, Will Townsend. And we have a very special guest to talk about all things networking and security today from HPE, Mr. David Hughes. David, welcome. Hey, great to be here with you guys. It's good to have you. Let's start this out with this idea of the convergence of security and networking. Where do those things come together in your mind? And why is that an important thing to look at?

‍

David Hughes:

I think for the last few decades, people often think of these two things separately. You have a networking team that's responsible for connecting everything to everything, judged by uptime, performance, and so on. Then you have a security team whose job is to protect those users and workloads and data. Traditionally, that's done by restricting access. take any connectivity that the networking guys have built and then restrict it with bolt-on solutions or overlay solutions. And I think we've got to a point where people are seeing that it's really complex. And if you think about the problem conjointly, you can make it much simpler and have the networking team and the security team working together and on the same page.

‍

Will Townsend:

Yeah, you know, and I really like the fact that, David, the team is leaning into taking the network and making that an enforcement point as well. And with the acquisition of Juniper, you're bringing the best of Aruba AIOps together with Juniper Mist AIOps. Can you speak to how that integration is going and what some of the value that customers can expect from that?

‍

David Hughes:

Yeah, a couple of thoughts in there to unpack. First one's the idea of the network as an enforcement point. So one of the ideas is that you can kind of align the security team and networking team. If the security team is kind of defining policy at a high level, what does our organization expect and what do we want to enable per user role and for different classes of device? And then the network can actually be an enforcement point. So you don't need to bring things out to the cloud or to a data center firewall to implement policy. That policy can be done right at the edge of the nexus point or a switch. or a WAN gateway. So that's kind of the first idea. So as you heard Rami talk about, we're cross-pollinating between the two platforms. But I think what's in common there is the idea of AI native operations and being able to drive things by experience. What's the user's experience and making sure we're meeting that experience, identifying when we're not and remediating that. So when you think about that user, when they're having trouble accessing an app, they're angry, and they don't really care why. And it could be a network problem, or in some cases it could be a security problem. Maybe there's a misconfigured security policy that's blocking them. And so we want to get that user back on track as quickly as possible. And so what we need to be able to do is AIOps that spans networking and security. If you're looking at it just from a network point of view, or just from a security point of view, that poor user can kind of fall in the gap in between and have a poor experience. So, this is another one of the reasons why we see networking and security coming together, so we can kind of provide this holistic end-to-end AI ops, end-to-end experience assurance.

‍

Will Townsend:

Yeah, and I also really like what the company's doing with OpsRamp from an observability standpoint. And then Rami also spoke about blending Apstra with OpsRamp to drive, you know, better network assurance and that sort of thing. Any further thoughts on the combination of Apstra and OpsRamp?

‍

David Hughes:

You know, OpsRamp's really key to this idea of multi-domain and multi-vendor visibility. So it's a bit the same when you look at AIOps at the next level. You really want AIOps that spans across domains and across vendors because to the extent you're focusing on just one part of the system, there's only so much you can do with AI. The bigger picture you've got, the more things you can correlate. And so OpsRamp gives us all of that observability that lets us correlate across domains. Now, Apstra provides a great framework for kind of intent-based configuration of the data center, so you can do workload-based segmentation, and giving that visibility to OpsRamp, lets OpsRamp do a better job of AIOps.

‍

David Nicholson:

So people have been trying to solve these sorts of problems for a while by bringing in various tools and trying to integrate them together, kind of a bolt-on approach. How important is it to have these things integrated? You've talked a little bit about this, but how important is it to have these things be truly integrated as time goes by?

‍

David Hughes:

Yeah. I think the definition of integration is shifting. A long time ago, people used to think that if you want things integrated, you need the same operating system running on every single device. Then they realized, well, maybe they don't need that. Maybe we need a common management framework. I think where we are today with the agentic AI is that the agentic AI lets you span across what are fundamentally different operating systems and different ways of doing things, but look at that as a cohesive whole. And so the idea of agentic AI and agentic AI ops is that you can really get that true end-to-end kind of integration without having to integrate at every single step in the stack. So I think that's one of the really exciting things. What you do need, though, is the observability, the multi-vendor, multi-domain observability. So that's why the OpsRamp piece is so important.

‍

David Nicholson:

How do you balance that at a company like HPE? You have CIOs and CTOs everywhere who are trying to figure out how to make money and save money with AI. They're being attracted by all of these shiny objects that are out there from all sorts of different vendors. You're coming in with holistic approaches. What do you do on the back end to figure out what the best of breed solutions are? How does that work in terms of buy versus build decisions from an HPE perspective?

‍

David Hughes:

I think especially in security, even in networking, but especially in security, there's just so many vendors. And I don't think any enterprise really wants to go with a hundred point solution. So there's definitely a drive towards consolidation and towards having one place to go to get a broad view. I don't think anybody is saying they can do all of IT, every single thing. But at HPE, we are trying to give our customers one place to go where they can get a really good view of what's going on across the infrastructure. network and compute, storage, on-prem, in the cloud. And that's really valuable. And I think when you look at being able to operate your network and be able to operate efficiently, you want to understand how all of those things are tying together. It doesn't preclude using some point solutions or being multi-vendor, but I think there is a definite impetus towards getting a more consolidated view and operating model.

‍

Will Townsend:

You know, David, as we wind our conversation up, I'm impressed with the ambition that the company has to take networking to integrate the best of Aruba, the best of Juniper, and do that across campus, branch, into the data center, now with Athenet and private 5G. I mean, it's a very expansive set of networking connectivity solutions supported by GreenLake as a service as well. But there have got to be challenges with that complexity, right? Just given the extent of the domains and the expanse of all that, have there been any lessons learned as you've been on this journey?

‍

David Hughes:

Well, I think one of the keys to what we're doing is this idea of build once, deploy twice. We've talked about that before. So yeah, rather than trying to take, first of all, we don't want to leave any customer behind. So we want to get good paths forward. That's fundamental, right? But then we don't really want to take something and spend all our time moving those capabilities to try to build the superset thing. I think it's much easier for us to innovate and cross-pollinate from the inside out rather than the outside in. And so really that idea of let's make sure that we've got innovation happening as we integrate and do this by working from the inside out. So let's make sure that as we come up with great technology, we're able to deploy it to all of our customer base. And so that's really one kind of fundamental, I don't know if it's a learning, a fundamental strategy that we have.

‍

David Nicholson:

So we've actually been engaged in a bit of an experiment here. Normally we refer to these segments as in the booth. This one is truly on the floor. And what we wanted to try to demonstrate with human beings was this intersection of networking and security, and sometimes the lack thereof, as we've actually had people wander between us and the camera system. So I just want, you know, this was all planned. We wanted to have a physical manifestation of about, because sometimes, you know, when I felt someone bumped my, my, you know, sometimes it's all sort of ethereal and esoteric and how do you, you know, we could show servers, networking switches. No, instead let's have intrusion come in and let's see how to deal with that. No zero trust here. It is 100% trust on the data center floor. My final question for you is, you know, what, what has sort of surprised you? Over the last couple of years in this space, is there anything that has kind of shifted to the left or to the right in some way that you would not have predicted going back a year or two ago? Anything you could think of?

‍

David Hughes:

I think for me, the biggest shift and the thing that maybe is most exciting is the agentic AI. And so I'd say when agentic AI came along, you could say it was a bit of a surprise. But for me, I was a little skeptical about how you use this when there's that fundamental problem of hallucination. But what's been really interesting is to see as context sizes have increased and as people have introduced the idea of agentic AI, the idea of specialized models, the way that these models can follow steps and then cross-check is making the technology much more applicable for automation versus just being a chatbot. And so the speed with which that transitions happen, I think, is quite a surprise.

‍

Will Townsend:

David, at Discover US, you and I talked about GreenLake Intelligence. Just as a final, final question, can you provide any sort of updates on customer adoption and success with what you're doing? Because Aruba's been leading the charge with GreenLake Intelligence.

‍

David Hughes:

Yeah, yeah. I think we've absolutely got that out there in the wild. One of the exciting things we've been showing at the show is we've taken that agentic AI and moved that into Mist as well. This is an example of how agentic AI lets you actually mix and match systems pretty effectively. Certainly, when it can be curated by a company like HPE, it's really an exciting technology.

‍

David Nicholson:

Yeah, it really is. Well, David Hughes, thank you so much for joining us here. Six Five in the booth, on the floor, in the mosh pit at HPE Discover Barcelona 2025. For Will Townsend, I'm Dave Nicholson. Stay tuned for more interesting content.

‍