SPEAKER_00: 0:01

Welcome to Uplink, where we explore the world of digital infrastructure, uncovering the technology fueling AI and cloud innovation with the leaders in making it happen. I'm your host, Michael Reid, and my guest today is Martin Bozhart, CEO at Anapea. Martin shares his journey from pioneering SD-WAN in the early 2000s to building Skyon a next generation internet architecture. That's right. We explore how this technology is protecting critical infrastructure and redefining what's possible for the internet. Let's dive in. Alright, well, welcome to another session, another podcast for Uplink. And today I'm joined by the CEO of Anapea, Martin Bosshart. And uh it's uh it's a real pleasure to have you here on the show. Now we're in Paris at the moment, you're based in Zurich, uh, so thanks for popping in. And then I think you're off in a few minutes, you've got to get to London. So we'll try and smash this one through. Um we've got our big event on tonight. But before we kick off, I just wanted to uh just rewind, not about your current role, but actually just re-rewind back to 2000 when the world was caving in uh and tech was collapsing. You joined a company at that point in time as the co-founder and CEO. And from what we can uh tell, you invented SD-WAN back in the day. And so this is uh a really fascinating story that I'd just love to just unpack and then then head into what you're doing right now with some of the cool stuff you're building.

SPEAKER_01: 1:30

Yeah, thank you. No, obviously that was a crazy time when the dot-com uh sort of industry collapsed, right? Yeah. It wasn't me that uh invented SD WAN, it was a whole team, obviously. But we were we were we were running uh VPNs at that time. We called it just VPNs uh in a yeah, in 2001. 2001. So it was very, very, very early. Yes, I'm trying to remember.

SPEAKER_00: 1:50

Did we have Venom what a VPN is then?

SPEAKER_01: 1:54

I don't know. Yeah, and then you know, industry started to use these networks to to globalize their value chains. Yeah. And uh it was a very, very successful, great, great time to build those.

SPEAKER_00: 2:04

And the company was open systems. And you ran that for twenty-seven yeah, yeah, almost twenty years. Yeah. So what were you doing back then? And then that that was interesting because I was I was actually at Cisco when the VIPTeller acquisition occurred. That was sort of the the the tail end of all the SD-WAN taking over from M MPLS and so this massive change with telcos globally. But you were there right at the start, sort of building that up.

SPEAKER_01: 2:32

Right. And and you know, uh obviously at the beginning it was not so clear whether you can really use internet for for for for for corporate traffic. And and we were we were focusing on operation of that. So we we we bought all these products and stitched it together to a service. And and then uh, as you mentioned, Vibteller, these were really products then coming into that market, giving companies also certain opportunity to operate that by themselves.

SPEAKER_00: 2:57

And the difference was from that business was probably more along the lines of something like a Cato Networks today, I suppose, versus a VIPTellery function. I guess. Right.

SPEAKER_01: 3:08

I think I guess Kato in a way uh took took basically what we did as a blueprint, I would say. Okay. But uh did it uh uh in in a very very exciting uh large-scale way. But but the idea of running uh an SD WAN as a service that that's and it makes a lot of sense because it's not so easy to run an SD WAN actually.

SPEAKER_00: 3:29

And so open systems you ran for 20 years, I think uh got spun out or sold off into private equity?

SPEAKER_01: 3:35

Yeah, we sold it into private equity and then they scaled it we we scaled it a lot and it it became became a large uh uh SD-Ven operator with more than 180 countries. Oh wow. And you know, we we we're learning a lot about uh how internet works great and where also are where the where the limits of uh of of internet is, and that also brought us then to the research community. And uh already in 2015 we learned about the science technology, which is basically an upgraded version of of today's BGP uh protocol running the internet.

SPEAKER_00: 4:09

Let's unpack that. Um I mean science, so SCION, secure internet architecture, right. Sort of came together. I think you were saying, was it a Princeton professor or something like that?

SPEAKER_01: 4:19

It started in Carnegie Mellon and Princeton. Uh Professor Peric really kicked it off. I mean it was mainly his his research field to to understand how can interdomain protocols become secure as closed networks. And that was then the the whole idea of uh building a scalable route-based protocol. Uh and and that then uh came to Zurich, so he he got a chair there, and uh the the whole research became really big, I would say, in 2013, 14, 15.

SPEAKER_00: 4:52

Trevor Burrus, Jr. If we look at it, the Internet and and maybe just touch on the protocol that runs the internet is BGP. Right. And BGP has been around what since it's from the eighties.

SPEAKER_01: 5:03

And I mean it's bigger than the steam engine, if you think, right? I mean it really it really changed our planet. Trevor Burrus, Jr. 100%.

SPEAKER_00: 5:11

And I I I think you know we're still built on this.

SPEAKER_01: 5:15

Like the entire internet operates off this popular. And BGP is just, I think, one of the greatest invention of mankind. It's just amazing. It's undervalued.

SPEAKER_00: 5:27

People are not aware how good BGP is. Most people don't even know that there is BGP protocol. Basically, without BGP, there is no Internet. There is no Internet.

SPEAKER_01: 5:34

There is I mean, basically, yeah. Trevor Burrus, Jr.: Border Gateway Protocol. Right. Border Gateway Protocol, that was the stroke of genius in mankind, right? Yeah.

SPEAKER_00: 5:44

I mean it's underrated. And we're bringing it to the surface here on the Uplink podcast. Now one of the challenges with with BGP, and and we see this a lot, you see a lot of BGP hacking, so like BGP routes that get sort of stolen or into like you you publish a BGP route into the network, and so you can sort of take Google's um internet. You can also get a lot of these DDoS sort of issues that occur. So I guess the the scion becomes uh this I guess it's a protocol in effect, or is it it's pretty much uh uh uh if you want uh an upgraded or a different version of BGP, it's like solving some of the security vulnerabilities, some of the challenges, but also giving you low latency speed, a whole heap of things that you were supposed to do.

SPEAKER_01: 6:32

Right. You know, your BGP connects every dot with every dot at all times. And that's the superpower of BGP. The magic, yeah. And at the same time, that superpower starts to become a super threat because uh we see a lot of IoT devices connected to the internet which are compromised. So you're you're facing more and more toxic players attacking you. And uh BGP is not really designed to fight that.

SPEAKER_00: 6:58

So BGP is a just to get everything connected to everything.

SPEAKER_01: 7:01

The challenge is And it's amazing how it scales. Yes. It's really powerful.

SPEAKER_00: 7:05

Yeah.

SPEAKER_01: 7:06

But at the same time, it starts to eat itself. I mean, attacks become more and more cheap and defense becomes more and more expensive. So that's a very unfortunate trend.

SPEAKER_00: 7:15

Yes. But there's entire industries. I mean you look at Cloudflare's and Fastleys and Akamaize, just you know, they they are protecting against DDoS attacks or BGP hacking, all these different pieces that they're trying to solve for.

SPEAKER_01: 7:28

And at the same time, it's it gets harder for them as well to protect. Yeah. Because obviously the attacks also become more sophisticated. The whole AI really helps now to really run very sophisticated attacks. Now in the sign world, you have full control over the route. So in BGP, you have no control where your data is traveling, and that's exactly the main attack vector you can run against those BGP networks. Now in sign, you can you can control where your data is traveling, and most important, you can use several routes at the same time. That makes it extremely resilient and very, very uh performant.

SPEAKER_00: 8:04

That's very different. That's very different. And that's kind of going back to that world you were trying to solve back in the ST-WAN era. Exactly. You could lag maybe one or two links, but then you'd have a what a minute failover or seven minute, whatever it is.

SPEAKER_01: 8:18

You always had to decide what traffic do you shoot to the left leg and what should you shoot to the right leg. It it's not really load balancing in what you can do in science. But if you bring it down to performance, science brings you all that performance uh capabilities you usually find in in closed networks.

SPEAKER_00: 8:36

So you're leveraging the internet like a closed network. Right. You can't be seen because so you can't attack it from a BGP, so it will or at least the the hackers can't see it.

SPEAKER_01: 8:47

That's then the other uh uh amazing uh attribute of Science that you decide who gets your routing information. So you can decide I want to give the entire world my routing information. That's basically what we have in the internet. Yes. Uh today's interest. But in an SDUN space, for example, it doesn't make sense that everybody knows the routing information of all those, right? So you only want to share your routing information. Uh let's say you have a hundred participants, those a hundred participants want to share their routing information among them. Okay. But no one else should really uh be capable to route to that.

SPEAKER_00: 9:23

So you're building a private network across the internet, which you can extend beyond just your premises. You could include partners and so forth and it's interesting. Exactly. You were saying before that the you can get some insane speed or improvements in a thousand was the number that I think you gave me before. Uh which is a small number in terms of improving the speed. Sure.

SPEAKER_01: 9:46

No, there are there are tests where you can uh run through a megabit network, uh terabit traffic. Wow. Or a gigabit network, uh you can run terabit. Because you can bundle routes. You know, in in in the in the BGP world, usually every connection has one route that's provided by BGP.

SPEAKER_00: 10:06

One point. It's from here, and there's your own. Exactly. And then you have one route. And it can change, but only after a certain period of time and so forth, yes.

SPEAKER_01: 10:14

And in sign you can use a hundred routes at the same time. So you can bundle those. Okay. And that obviously gives you new capabilities in terms of performance, but also, and that's almost more important, uh, tremendous capabilities in uh in in terms of uh resiliency. So if you have a failover in the sign world, it's usually this happens in milliseconds. Which is yeah, amazing. Nothing compared to on the application layer, you don't feel failovers anymore. So all these capabilities really are, we believe, uh what the internet needs because the internet obviously became the most relevant, most important network there is. Yeah. And it was never designed to be that. And now suddenly with Science and the Internet really can be uh absolutely perfect for critical infrastructure, like in the utility space, financial services space.

SPEAKER_00: 11:10

And you're in Zurich, so I think uh there's some pretty critical uh financial services uh that that uh you're in the right space to solve this.

SPEAKER_01: 11:18

Yeah, right. I mean it's great you're mentioning this. I mean Zurich lives from the financial services sector, right? And obviously, and secure and uh no, I think, and and that's that's also these are fair attributes that that the industry was really building on. And the financial services sector in particular is more and more using and dependent on the internet. And that was also the reason why the Swiss National Bank decided in 2015 already to test this infrastructure for the for the financial service sector. Trevor Burrus, Jr. Okay. So ten years ago.

SPEAKER_00: 11:50

Yeah. Yeah. So it's been around.

SPEAKER_01: 11:52

We we always say like Science is probably the m the best tested network uh technology there is. And I think for a reason, because it was meant to use existing internet infrastructure for hyper-critical applications. Yeah. Today we are running the Interbank clearing system of the Swiss financial services sector on that new internet.

SPEAKER_00: 12:15

They're actually using internet links that you turn into a private link in effect using using Scion. And you still encrypt across the top as well.

SPEAKER_01: 12:23

Yes, because Scion runs on layer three. So basically it is it is really a routing protocol. It is not an encryption uh stack. So uh and once you have uh robust routing on the sign internet, you still want to encrypt your content.

SPEAKER_00: 12:39

Yes, okay.

SPEAKER_01: 12:40

But then I really believe uh you use encryption for it was meant to, to encrypt content and not uh to sort of make solve the routing.

SPEAKER_00: 12:51

Yeah, yeah, solve the issue of the internet itself. Yes, yeah. Yeah, okay. And so uh when you build out the on your side, what are you building? You you need you build routers, actually. We to solve for this. And where do they sit? What do they look like?

SPEAKER_01: 13:07

On Apaya is a software a software company, and we we build an entire carrier grade router suite to operate sign technology. Yes. And we This is unique.

SPEAKER_00: 13:19

I mean uh if it's a protocol.

SPEAKER_01: 13:22

Yeah, the protocol the protocol is open source. Yeah, it's it's a published stack, there is a book. You can I mean it's also uh there is the sign association pushing the standard forward. Yes. But there was no commercial uh router producer so far, so we really uh started with that.

SPEAKER_00: 13:38

And it's a software router?

SPEAKER_01: 13:40

It's a software router, isn't it?

SPEAKER_00: 13:41

So you can spin that up on compute stacks and any existing infrastructure. MVE, which we'll talk about in a bit, where you we you know we're gonna look at pushing that to all of our pops globally as well.

SPEAKER_01: 13:52

So yeah, that's exactly. You know, we were using uh a sign basically in the Swiss market, proving it. Currently we we run 2.5 million transactions with a value of about 400 billion a day on that new internet. So it's really important. A day, right. There is a lot of a lot of money cleared between I think there are about 300 banks clearing clearing that. And then there is a a healthcare network where about 30,000 doctors are using the network every day. So it is very well tested, robust in in that ecosystem. Uh and uh obviously now we are very, very happy to work with Megaport also to bring this technology on a global scale because it's absolutely tested and ready to do that.

SPEAKER_00: 14:37

Yeah, you've tested it in probably one of the most secure places on the planet.

SPEAKER_01: 14:40

Yeah, you can. You can't find it.

SPEAKER_00: 14:45

And now it's time. So you've proven it.

SPEAKER_01: 14:47

Yeah, because you know if you if you wanna if you wanna use this technology for critical infrastructure, it's really important that you have to track record that it really works.

SPEAKER_00: 14:55

So uh the you were chatting before we had a chance to catch up, but one of the good examples that you gave was utilities as a great great example where what's changing in the world, and if you look at even around this room, everything's getting connected. And so what you had before was this ability to control what was on your platform, private networks, everything's privately connected, an MPLS backbone or whatever it used to be, and now all of a sudden what you've got is okay, fine, we've got all these locations connected, but separate to that, every single solar panel, every single meter that's on a on a customer's premises is now connecting back. Each one of them is a vulnerability, each one of them has a connection now across the internet. There's no way you can run a private connection to each one of those. So like the scale of this is like huge. Now on your side, you don't need to build at the edge. You're you're building centrally, and so you build these big fat monster routers, I guess, inside inside the ISPs or inside the router.

SPEAKER_01: 15:49

They'll place pretty much where where the BGP routers are, where where where networks pair with each other, you place a sign router. You can also segment your net your network and uh put a couple of more sign core routers in. Yes. But yeah, it's it's it's it really gives an alternative uh protocol that allows to create isolation domains for this critical stuff. And as as you say, you know, the the grid, the the power grid was absolutely isolated, let's say maybe 10 years ago. Even a gap, like in uh there was no way you could attack uh uh uh uh a grid. And now suddenly you have solar farms, you have you have heat pumps, or you have uh car charging stations, and everything is controlled through through the app, right? So so these loads and power producers, they they are they are becoming a big threat for grid stability. Yeah. And it makes sense to to bring those on a on a sign internet where you have the same capabilities from a user perspective, but you you can isolate um those those those uh services from the rest of the internet.

SPEAKER_00: 17:00

But I think it was it in Spain most recently we've had some um challenges with the grids.

SPEAKER_01: 17:04

Right. And I mean obviously nobody knows if somebody knows more, but we we talk to these people because we are we are we are running we are running uh critical critical networks. Uh and and it really looks like it is very hard to understand what really happened. Yeah. Because uh it could be an uh that it was an attack, we believe not, but but it's hard to know. Yeah. Fact is these grids become more vulnerable and it it makes a lot of sense to to to not expose them to the internet.

SPEAKER_00: 17:36

Yeah. Okay. What are you guys looking to do? Well, for you, is it world domination, where you're at from a scale perspective? You've solved yeah, I mean you've got uh billions of transactions, trillions of transactions over a year coming through the platform today. Right. That's looking to scale? Where where's your head at?

SPEAKER_01: 17:53

Well, we we believe uh having to prove now that this technology works great for critical infrastructure in the Swiss market, that that makes it absolutely capable to uh to also uh uh uh give this technology to to a larger region. And uh first we believe Europe could could profit a lot, and then obviously the US could profit a lot from from this technology. But other other regions. It introduces uh digital sovereignty for organizations, digital sovereignty for countries, sovereign regions, sovereignty.

SPEAKER_00: 18:22

Yeah, so you have an ability to keep that's the other piece that that we probably didn't discuss, is you can control the paths and you can ensure that it doesn't leave, I guess, jurisdictions, for example.

SPEAKER_01: 18:34

Yeah.

SPEAKER_00: 18:34

So Which you cannot do with BGP. No. It's not possible.

SPEAKER_01: 18:38

No, it's it it was not designed to do that. No. So I I I think it's it's really about having having partners like MegaPort who can use the technology to to offer a much better uh network to the world. And I believe Yeah, we we I mean BGP ch BGP was bigger than the steam engine.

SPEAKER_00: 18:59

Yeah.

SPEAKER_01: 18:59

But let's say the combustion engine was also important. I would say sign maybe is the combustion engine of networking.

SPEAKER_00: 19:04

Or is it the electric engine?

SPEAKER_01: 19:05

Yeah. Exactly. So I I don't believe BGP, I mean BGP is is great and it will it will stay and it's it's all cool. But but for critical infrastructure, I think it's great if we can introduce this new technology on a global scale. And partners like Megapor can can use this technology to provide. It doesn't break BGP. No, no, no. No, it can it it coexists coexists perfectly along. And that's also very important. A long time people were believing we have to improve BGP or we have to replace BGP. That's not that's not real. Yeah, that's not gonna happen. But to have an alternative path, an alternative uh peering methodology to to interconnect large networks, that makes perfect sense. And that's what Cyan offers.

SPEAKER_00: 19:52

Well we've got six hundred different banking and finance customers in Megaport, and I get the chance to sort of have uh have conversations with the folks running these networks are pretty pretty large banks and pretty senior positions, and some of the the challenges they're getting from a security standpoint is quite astounding. And what I find interesting was you mentioned it before, but the attacks are getting far more sophisticated. Right. They sort of run a wave of different vectors, so they're like very organized, and then they start hitting, and the second you change, they they change, and so they've actually got a plan associated to it. Um we've seen them hit some pretty prominent banks, and the guys are responding. So they're like, you know, punching different high-speed connections across the Cloudflare or moving something here. They're actually sort of responding. When you ask them like why, what's the purpose of the attack? That's the weird part. Like, they don't even fully know why they're under attack. It's not in some instances, like if you get crypto locked, you know that they want some Bitcoin to give you your content back, and you're like, it's money, it's obvious. Some of these um uh instances are proving that they can hack it. So they're just saying, like, let me, you know, they're almost doing a resume. It's like a job proving that they can hack something like a bank, then to get some work or something. It's it's a bizarre, it's so hard to actually pinpoint like what what on earth is.

SPEAKER_01: 21:17

What exactly do you want to Well and a lot of it is fully automated. Yes.

SPEAKER_00: 21:21

Uh you know, we we've we we like as soon as it detects that something's been blocked, change to this path, right. Engage all these other PCs, they've got hacked somewhere and start punching DDoS route, whatever. Like it's exactly it's wild.

SPEAKER_01: 21:34

It's a very professional industry. Uh we we've seen um uh for example remote access for home home worker. That that became very very prominent to to attack because obviously if you can compromise such a device, you're right in in urine, right?

SPEAKER_00: 21:49

Yeah.

SPEAKER_01: 21:50

And and these devices are usually attacked like obviously we have scanning activities like 80,000 times a day or something. Uh that's that's pretty standard. And then we have maybe about a thousand code injection attempts and fingerprinting attacks a day on on such a device. The moment you have a vulnerability, a zero-day vulnerability, uh it it takes minutes. And then they're already because there are already catalogs available who has installed what and with what releases. Those fingerprinting attacks run daily. That's more creating the catalog, where can you enter the moment you have a vulnerability? Interesting.

SPEAKER_00: 22:28

So they're just cataloging where they can get to, they're not doing anything.

SPEAKER_01: 22:31

And then we had a zero day on a on a specific device on the 10th of January last year, on the 15th of January last year, there were already 1,700 compromised enterprise organizations. So imagine in five days, that's very professional. I mean, it's not an easy job to do that, right? Yeah. So it's obvious that the attacking side also becomes very, very professional and then dangerous.

SPEAKER_00: 22:58

What do you think about uh I mean totally random um quantum and sort of where that gets to? I mean, we've heard these interesting stories around you know, countries just downloading data, encrypted data, and storing it.

SPEAKER_01: 23:12

Yeah.

SPEAKER_00: 23:12

And then at some point when they can crack it using either some quantum or have you, then they have the information. So that's happening.

SPEAKER_01: 23:19

Yeah. It's astonishing to see how how quantum really can open up those keys. It's not like it's not like fast or it's like instant. Yeah. So uh but then obviously there are new new uh uh encryption uh algorithm where you you cannot open it. It's the counter counterintelligence, whatever it is. Yeah, yeah, yeah. Now now sign is using cryptography for for signing the path. This is uh ready for quantum proof, but that's not you know, the moment you uh a package travel the path, that information no longer is valid. No longer is is of value. So that's why we are we are not really concerned on the quantum attacks at this point, because what really is happening that you can download content, encrypted content, and then wait uh and and bring it to a facility where you have a quantum computer, but that's not uh an attack vector for a routing. Yeah, it's different. You would need to install a uh a quantum computer on a router.

SPEAKER_00: 24:25

That's very it's not storing the traffic as in it's just it's forwarding, uh it's yeah, passing through the traffic. Well, cool. Anything you wanted to share more broadly? Because I know I know I've got to get you out of here. Yeah, right.

SPEAKER_01: 24:36

I should have that's the problem about networking, it's global. So if you have to travel to to customers and partners, you're traveling global, right? That's right. That's true. You're off in London. Yeah. No, but it it's it's really exciting, and we are very excited about this partnership with Megaport. We we believe uh this can create a lot of value on a global scale. And uh it's great to talk to you and also to see how how you are bringing this industry forward and bringing innovation to the market. Very, very exciting. And I think uh if you look at what the world really changed, that the networks did change, obviously, AI is changing the world now, and if we can uh make this planet a better place with uh with technology, I think uh we should do it.

SPEAKER_00: 25:17

It's cool. I mean we've got something like a hundred, so we're in 930 pops around the world, but we've got a hundred physical uh compute stacks that we can deploy your platform instantly to 26 countries. So the scale that hopefully we can bring to you and to the platform is awesome, and the customers um you know we've already you've already proven it. So it's I think that's the customer base is literally global. So super exciting. Appreciate you coming. We're gonna get you on that train. And uh yeah, yeah, very cool. You're building it again. Why do you keep building these things?

SPEAKER_01: 25:48

We are who we are, right?

SPEAKER_00: 25:50

It's cool, man. Uh appreciate you coming in. Hey, thank you so much, Demis.

SPEAKER_01: 25:55

Really exciting to talk to you. And then uh yeah, let's let's keep pushing. Yeah.