One Way Tickets

Alan Cohen
4 min readMar 1, 2021


In tech, we undergo tectonic shifts at frequent intervals. At each stage, there are large groups of late arrivals, even naysayers, death-gripping the status quo. Market leaders — and careers — are, in juxtaposition, built on identifying and building on the shifts, ignoring the skeptics, and moving with passion and focus. Effectively, buying a one-way ticket to the market upheaval. For the past few decades, they included:

Each transition creates enormous architecture and financial shifts: it mints new winners and losers. This is an important point. While legacy technologies last for decades for good reasons — there are still mainframes processing financial transactions — they fade in both relevance and overall wallet-share. It’s important to cast a cold eye on the past during a transition.

Hybrids: Not for Cars or Networks and Security

In 2008, I was the VP of Enterprise at Cisco (I ran marketing and solutions for $25B of products hundreds of millions of people used every day), and my teams were constantly in my ear for the company to more fully embrace the cloud. The internal executive dialogue at the time, though, though was skeptical, centered on the security gaps of “infrastructure as a service” and its potential for cost reduction (not agility). “There are no mission-critical workloads there” went the defensive missive. The strategy we, like many IT giants too, was hedged, focused on hybrid cloud.

Over a decade ago, Elon Musk compared hybrid car architectures (joint battery and fossil fuel drivetrains) to amphibians: “during the transition of the ocean to land, there were many dual breathers. Today, not so much.” , the term hybrid cloud arose to mark the journey from the data center to the cloud. Today it is an anachronism. Cloud is not a place, it is an approach, one based on massive, interconnected computing power, APIs linking distributed applications, and the transference of equities that make all of this perform, securely beyond the confines of a company-owned enterprise data center.

The largest greenfield players such as Amazon Web Service and Salesforce were cloud-first; they had no legacy to protect. Fast followers such as Microsoft got there through Azure and Office365, a wholesale shift in focus, resources, and employee rewards for a traditional enterprise player.

The shift to the cloud is sucking value out of enterprise infrastructure stacks faster than Redditors on WallStreetBets crushing short sellers. In the cloud world, the newest shift is in networks and network security. To make this happen, there are emerging players effectively delivering the enterprise network — quaintly what we called the LAN in the 1990s — across clouds, SaaS applications, and, yes, enterprise data centers.

In the networking space, three leading new actors are:

· Aviatrix: cloud enterprise networking

· Kentik: network observability

· Illumio: security.

Each of these players is multi-cloud by architecture and cloud-native by intent. They are true citizens of the cloud world, with have no infrastructure dependencies. Yet they recognize and support the principal attributes of enterprise networks and network security. You still want the “ilities”:

· Reliability,

· Visibility,

· Security.

A quick thought on each:

Aviatrix is the market pioneer in a new category, the multi-cloud transit gateway, an initial foray into a fuller set of network offerings. Just as Nicira earlier decoupled the control plane and data plane for data center networks, using virtualization as an on-ramp to the cloud, Aviatrix decouples the networking transport and service architectures for multi-cloud deployments. This reduces the friction between the network and DevOps teams managing the transition from multi-cloud into a consolidated, modern architecture. The multi-cloud network can be managed like a LAN. If you are multi-cloud, and your network is not using something like Aviatrix, it is stitched together by human middleware.

Kentik is the leader in network observability in multi-cloud environments for the most demanding SaaS companies, enterprises, and service providers in the world. Through collecting trillions of data points every day across the Internet, they offer unparalleled insights into network traffic and routing as well as synthetic testing to understand how applications perform, supporting critical support for digital experience management and capabilities to deal with DDOS attacks. To wit, if you are on a Zoom session today, one of the reasons its working is because the video conferencing juggernaut relies on Kentik.

Illumio is the leader in microsegmentation, a security approach that shrinks the attack surface for any lateral movement across a network, any network. Its intuitive policy model and range of enforcement approaches provide the strongest underpinnings of a Zero Trust architecture, a must-have security approach in the dynamic and distributed nature of multi-cloud architectures. Wherever your application runs, Illumio can help protect it.

As the market adopts multi-cloud, more than ever, you need visibility and control from the network. That is where these three companies shine. Even the largest data center owners are rapidly moving much of their compute workload into cloud players. They are buying one-way tickets.

What Aviatrix, Kentik, and Illumio share are they work in the largest, globally distributed environments. The three uncouple the infrastructure (hardware) from the value of the software. And they provide comprehensive controls, performance, and visibility for the largest players in the cloud, whether they are enterprise applications running in the cloud or SaaS players, themselves.

[*] “The internet is just a fad” … Newsweek, Feb. 26, 1995

[†] Literal quote from the CTO of one of the largest cellphone makers



Alan Cohen

Partner at DCVC (Data Collective)