Aviatrix Blog 
Aviatrix took to the snowy mountains of Salt Lake City for KubeCon 2024, November 12-15! The week was full of great conversations, insights from tech leaders, demos of our latest features and offerings, and Legos (we raffled off a Harry Potter Lego set from our booth).
We dive into some highlights more deeply below, but at a glance:
- Aviatrix CTO & SVP of Engineering Anirban Sengupta stepped into the spotlight, and was interviewed by SiliconANGLE’s theCUBE and quoted in analyst Scott Raynovich’s article on stopping patent trolls.
- Our CEO Doug Merritt recorded a podcast with Beth Pariseau from TechTarget that dug into GenAI and multicloud security — two hot topics from this year’s KubeCon.
Read on for the themes, tidbits, and takeaways you don’t want to miss!
Anirban Sengupta’s Interview with SiliconANGLE’s theCUBE
Anirban Sengupta, Aviatrix’s Chief Technology Officer and Senior Vice President of Engineering, sat down with hosts Savannah Peterson and Rob Strechay to talk about Kubernetes and the rise of multicloud networking. Anirban reminded everyone that it has been just 18 years since AWS was released and how quickly the public cloud and hybrid cloud space has evolved.
Anirban described the shift most organizations have gone through – from a single cloud strategy to a primary cloud strategy – and how many are realizing that a multicloud strategy, which enables companies to select the “best of breed” services and specializations of multiple clouds, has become increasingly popular.
“Huge enterprise companies . . . are really looking at a Cloud 2.0 strategy which is 100% multicloud,” he said.
According to Anirban, companies turn to multicloud solutions for help with three main areas:
- Kubernetes is “IP-hungry,” so IP exhaustion is key
- Network security and egress security for customers who may have thousands of “island VPCs” with overlapping IP addresses
- High-bandwidth secure connectivity between their clusters
Aviatrix can help in these areas with its controller-based solution for Kubernetes cross-cloud deployments, including customers who have more than a thousand “island VPCs” with overlapping IP addresses. With Aviatrix, customers can use intent-based networking and security policies to connect all these overlapping IP address clusters through a NAT gateway. Then, the intent-based policy attaches to all the API servers and gets all Kubernetes resources. The policy updates dynamically because Kubernetes is a dynamic environment that frequently grows, shrinks, and creates new replicas.
Rob asked how an organization with thousands of distributed VPCs should get started. Anirban advised a few first steps:
- “Every organization should embrace multicloud” as the best way to get ahead and help developers and churn out the best software and services.
- “Networking and security should be top of mind”; without connectivity and security, you can’t have a multicloud strategy.
- Think of “pure play” and cloud-agnostic solutions as much as possible so customers are not locked into a particular cloud. They should look at the best-of-breed solutions across all clouds, which would give them operational consistency and leverage.
Aviatrix Platform-as-a-Service
Savannah and Rob also asked Anirban about Aviatrix’s recent announcement, the launch of the Aviatrix PaaS offering. Anirban described some of the benefits of this solution for customers:
- A rapid time to value, less than 10 minutes, to onboard VPCs and get the value of Aviatrix’s comprehensive visibility, NAT gateways, and robust security
- Removing the daily toil of operations from customers with a world-class, networking-oriented SLA team who takes care of all upgrades, Day 2 operations, troubleshooting, and performance, ensuring operational excellence and right-sizing devices
- Providing the best TCO (Total Cost of Ownership) overall
“Making things easy is hard,” Rob joked. Aviatrix PaaS makes networking easy for customers by removing the labor of manual upgrades, maintenance, and troubleshooting.
Finally, Anirban agreed to “spill the beans” on what he hopes to be able to say at KubeCon 2025. He hopes to talk about true multicloud networking and security: how can Aviatrix provide that at scale? Aviatrix’s multicloud controller integrates with the Kubernetes ecosystem to provide true cross-cloud networking that adapts to Kubernetes clusters. Today, Anirban said, you can increase Kubernetes clusters, either by number of nodes, pods, or replicas, in seconds. But can you increase your bandwidth in seconds? What about providing consistent security in seconds? Those are the questions Aviatrix hopes to solve in the next 3-6 months.
See Anirban’s recent blog post, “Three Reasons to Use Multicloud Kubernetes Networking to Secure and Scale Clusters,” to learn more about how a multicloud solution benefits Kubernetes deployments.
Anirban Sengupta with Scott Raynovich on Stopping Patent Trolls
In his article on stopping patent trolls, Scott Raynovich from Futuriom quoted Anirban Sengupta, pointing to his background as former senior director of Google Kubernetes Engine and Anthos.
Doug Merritt’s Podcast with TechTarget: GenAI and Multicloud Security
Doug Merritt, CEO of Aviatrix, met with Beth Pariseau from TechTarget to talk about how GenAI changes multicloud security and the entire networking equation. Doug summarized Aviatrix’s recent security enhancements in its latest release and its security differentiation as a product with a dataplane that lives within clouds and makes security “part and parcel” of networking instead of a separate component.
He described some of the latest Aviatrix enhancements, including:
- Cloud Perimeter Security — Doug explained how when it comes to securing their cloud perimeter, many organizations focus on ingress orientation, protecting data that comes into a network. They focus less on egress orientation, securing data that comes out of a network. A critical component of the killchain is securing that egress traffic to make it harder for bad actors to maintain a “roundtrip” connection after they’ve made a breach.
- High-performance encryption — As the hybrid landscape “continues to get more hybrid,” connecting datacenters and edge frameworks is important. Doug described Aviatrix’s software-based framework: high-performance encryption feature that allows encrypted connection between the edge and your cloud at line-rate without hardware.
Doug and Beth also discussed the skills gap, differing capabilities of SecOps and NetOps teams, and how AI and LLMs are changing the networking landscape. In addressing how Aviatrix is ensuring accuracy and quality in training LLMs and avoiding hallucinations, Doug stressed that “there is always a human in the middle” — always a person to explain where the data came from, what conclusions were drawn based on that data, and how to verify its accuracy.
Read the recap or listen to the full podcast.
Reflections from Aviatrix Attendees
Wesley Edwards, Director of Solutions Engineering
“The demos we showed at KubeCon were very well received by the conference attendees. Modeled after the capabilities noted in a blog by Aviatrix CTO Anirban Sengupta, the demos showed how Aviatrix operates at the network level to secure and segment multi-cluster deployments, overcome IP address overlap issues, and seamlessly connect clusters in hybrid cloud environments. Our integrations with Kubernetes to automatically discover namespaces, services, pods, etc., as well as detect changes, and apply policy based on those Kubernetes resources, resulted in an ‘aha’ moment for a lot of folks. All of these capabilities resonated well with the visitors at our booth, especially those responsible for building, maintaining, and securing their multi-cluster deployments.”
Shahzad Ali, VP of Solutions Architecture
“KubeCon was a great opportunity to connect with customers, demo the latest Aviatrix innovations, and learn how key decision-makers are approaching security in this space. Demos of Aviatrix capabilities such as Kubernetes Egress Security, IP address exhaustion, dynamic security policy enforcement for multicluster Kubernetes deployments, and Aviatrix Kubernetes SmartGroups were well-received.
Many attendees I talked to expressed frustrations around the fractured security model with last-generation firewalls. Customers showed great interest in Aviatrix’s unified policy model, which caters to the needs of monolithic and micro-services-based application requirements with one security framework. They like the fact that the Aviatrix model apply security policies at the cluster, pods, or namespace level, without using any Sidecar, Agent, or Proxies. As the head of the Aviatrix Certified Engineer (ACE) Program, I also noticed a lack of awareness and skill gap in understanding the limitations of “Kubernetes Service Mesh” as a security option.”
Listen to Shahzad’s podcast episode about the event.
Sandra Chrust, Senior Director of Account-Based Demand Generation
“This year’s KubeCon + CloudNativeCon North America 2024 in downtown Salt Lake City was a standout event for me. Held at the buzzing convention center, the energy throughout the expo hall was palpable, showcasing the incredible innovation and groundbreaking projects emerging in the cloud-native space. I was inspired by the openness and enthusiasm of attendees who were keen to explore how Aviatrix addresses critical challenges like IP exhaustion in Kubernetes environments.
The abundance of cost optimization vendors highlighted the industry’s focus on efficiency. Sharing Aviatrix’s flat-rate billing solution for NAT gateways, which saves 20–30% on egress costs, sparked engaging conversations about tackling real-world cloud networking and security hurdles.
Given that Aviatrix is 10 years old and our product is mature, I’m looking forward to the next 12 months to see how many more enterprises we can help improve their network security for the cloud and datacenter edge environments.”
Look forward to seeing everyone at KubeCon 2025!
Learn more about how Aviatrix simplifies Kubernetes adoption.