>> Announcer: LIVE from San Francisco, it's theCUBE, covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to San Francisco everybody, this is Dave Vellante with David Floyer, and this is theCUBE, the leader in live tech coverage, we go out to the events, we Extract the Signal from the Noise, this is Pure Accelerate 2017. This is the second year of Pure Accelerate. Last year was a little north of here at, right outside AT&T Park. Pure, it's pretty funny, Pure chose this venue, it's like this old, rusted out, steel warehouse, where they used to make battleships, and they're going to tear this down after the show, so of course the metaphor is spinning rust, old legacy systems that Pure is essentially replacing, this is like a swan song, goodbye to the old days, welcome in the new. So very clever marketing by Pure. I mean they did a great job setting up this rusty old building-- >> It's bad. Nice, it's a nice building. >> Hopefully it doesn't fall down on our heads and, so, but let's get to the event. The messaging was very strong here. I mean, they pull no punches. >> You know, legacy, slow, expensive, not agile, we're fast and simple, come with us. Of course the narrative from the big guys is, "Oh Pure, they're small, they're losing money, "you know, they're in a little niche." But you see this company as I said earlier when Matt Kixmoeller was on. They've hit escape velocity. >> Absolutely. >> They're not going out of business-- >> Nope. Okay, there's a lot of companies you see them-- >> And they're making a profit. >> Yeah, you read their financials and you say ah oh, this company's in deep you know what. No, they're not making a profit yet, Pure. >> They are projecting to make a profit in the next six months. >> But they basically got you know, 500 and what, twenty-five million dollars in the balance sheet, their negative-free cash flow gets them through by my calculation, in the next nine or 10 years, because they have zero debt. They could easily take out debt if they wanted to, growing at 30% a year. They'll do a billion dollars this year, 2.4 billion dollar market cap. They didn't have a big brain drain six months after the IPO, which was really important, it was like, you know business as usual. They've maintained the core management team. I know Jonathan Martin's you know, moving on, but they're bringing in Todd Forsythe to run marketing. A very seasoned marketing executive so, you know, things are really pretty interesting. The fact is, we haven't seen a billion dollar storage company that's independent since NetApp, there's only one left, NetApp. EMC is now Dell EMC. 3PAR never made it even close to a billion outside of HPE. Isilon couldn't make it, Compellent couldn't make it, Data Domain you know, couldn't make it as a billion dollar company. None of those guys could ever reach that level of escape velocity, that it appears that Pure and Nutanix are both on. Your thoughts David Floyer. >> I couldn't agree more. They have made their whole mantra, simplicity. They've really brought in the same sort of simplicity as Nutanix is doing. Those are the companies that seem to have been really making it, because the fundamental value proposition to their customers is, "You don't need to put in lots of people "to manage this, it'll manage itself." And I think that's, they've stuck to that, and they are been very successful with that simple message. Obviously taking a flash product, and replacing old rusts with it is, makes it much simpler, they're starting off from a very good starting point. But they've extended that right the way up to a whole lot of Cloud services with Pure. They've extended it in the whole philosophy of how they put data services together. I'm very impressed with that. It reminds me of Ashley, the early days of-- >> Of NetApp. >> No, of NetApp and also of the 3PAR. >> Oh, yeah, yeah, absolutely, simplicity, great storage services, Tier 1. When I say NetApp, I'm thinking, you know, simplicity in storage services as well. But you know, this is the joke that I been making all week is that you talk to a practitioner you say, "What's your storage strategy?" Oh, I buy EMC for block, I buy NetApp for file. At Pure it's sort of, not only challenging that convention, but they're trying to move the market to the big data, and analytics, and they also have a unique perspective on converge and hyper-converge. They count a deep position hyper-converge that's you know, okay for certain use cases, not really scalable, not really applicable to a lot of the things we're doing. You know, Nutanix could, might even reach a billion dollars before Pure, so it's going to be interesting. >> Well, I think they have a second strategy there, which is to be an OEM supplier. Their work with Cisco for example. They're an OEM supplier there. They are bending to the requirements of being an OEM supplier, and I think that's their way into the hyper-converge market is working with certain vendors, certain areas, providing the storage in the way that that integrator wants, and acting in that way, and I think that's a smart strategy. I think that's the way that they're going to survive in the traditional market. But what's, to me, interesting anyway, is that they are really starting to break out into different markets, into the AI market, into flash for big data, into that type of market, and with a very interesting approach, which is, you can't afford to take all the data from the edge to the center, so you need us, and you need to process that data using us, because it's in real time these days. You need that speed, and then you want to minimize the amount of data that you move up the stack to the center. I think it's a very interesting strategy. >> So their competing against, you know, a lot of massive companies I mean, and they're competing with this notion of simplicity, some speed and innovation in these new areas. I mean look at, compare this with you know, EMC's portfolio, now Dell, EMC's portfolio. It's never been more complicated right? But, they got one of everything. They've got a massive distribution channel. They can solve a lot of problems. HPE, a little bit more focused, then Dell EMC. Really going hard after the edge. So they bring some interesting competition there. >> And they bring their service side, which is-- >> As does Dell. So they got servers right? Which is something that Pure has to partner on. And then IBM it's like you know, they kind of still got their toe in infrastructure, but you know they're, Ginni Rometty's heart is not in it you know? But they, they have it, they can make money at it, and you know, they're making the software to find but... And then you get a lot of little guys kind of bubbling. Well, Nimble got taken out, SimpliVity, which of course was converged, hyper-converged. A lot of sort of new emerging guys, you got, you know guys like Datrium out there, Iguazio. Infinidat is another one, much, much smaller, growing pretty rapidly. You know, what are your thoughts, can any of these guys become a billion-dollar company, I mean we've talked for years David about... Remember we wrote a piece? Can EMC remain independent? Well, the answer was no, right? Can Pure remain independent in your view? >> I don't believe it could do it, it was, as just purely storage, except by taking the OEM route. But I think if they go after it as a data company, as a information company, information processing company, and focus on the software that's required to do that, along with the processes, I think they can, yes. I think there's room for somebody-- >> Well, you heard what Kix said. Matt Kixmoeller said, "We might have to take storage "out of the name." >> Out of the name, that's right. >> Maybe, right? >> Yes, I think they will, yeah. >> So they're playing in a big (mumbles), and the (mumbles) enormous, so let's talk about some of the stuff we've been working on. The True Private Cloud report is hot. I think it's very relevant here. On-Prem customers want to substantially mimic the Public Cloud. Not just virtualization, management, orchestration, simplified provisioning, a business model that provides elasticity, including pricing elasticity. HPE actually had some interesting commentary there, on their On-Demand Pricing. Not just the rental model, so they're doing some interesting things, I think you'll see others follow suit there. I find Pure to be very Cloud-like in that regard, in terms of Evergreen, I mean they essentially have a Sass subscription model for their appliance. >> And they're going after the stacked vendors as well, in this OEM mode. >> Yeah, they call it four to one thousand Cloud vendors, so you're True Private Cloud Report, what was significant about that was, to me anyway, was a hundred and fifty billion dollars approximately, is going to exit the market in terms of IT labor that's doing today, non-differentiated lifting of patching, provisioning, server provisioning, (mumbles) provisioning, storage management, performance management, tuning, all the stuff that adds no value to the business, it just keeps the lights on. That's going to go away, and it's going to shift into Public Cloud, and what we call True Private Cloud. Now True Private Cloud is going, in our view, to be larger than infrastructures that serve us in the Public Cloud, not as large as Sass, and it's the fastest growing part of the market today, from a smaller base. >> And also will deal with the edge. It will go down to the edge. >> So punctuate down, so also down to the edge so, what's driving that True Private Cloud market? >> What's driving it is (mumbles), to a large extent, because you need stuff to be low latency, and you need therefore, Private Clouds on the edge, in the center. Data has a high degree of gravity, it's difficult to move out. So you want to move the application to where that data is. So if data starts in the Cloud, it should keep stay in the Cloud, if it starts in the edge, you want to keep it there and let it die, most of it die there, and if it starts in headquarters again, no point in moving it just for the sake of moving it. So where possible, Private Cloud is going to be the better way of dealing with data at the edge, and data in headquarters, which is a lot of data. >> Okay, so a lot of announcements here today, NVMe, and NVMe Fabric you know, pushing hard, into file and object, which really they're the only ones with all-flash doing that. I think again, I think others will follow suit, once they have, start having some success there. What are some of the things that you are working on with the Wikibon Team these days? >> Well, the next thing we're doing is the update of the, well two things. We're doing a piece on what we call Unigrid, which is this new NVMe of a fabric architecture, which we think is going to be very, very important to all enterprise computing. The ability to merge the traditional state applications, applications of record with the large AI, and other big data applications. >> Relevations, what we've talking about here. >> Very relevant indeed, and that's the architecture that we believe will bring that together. And then after that we're doing our service end, and converged infrastructure report and the how, showing how the two of those are merging. >> Great, that's a report that's always been, been very highly anticipated. I think this is our third or fourth doing that right? >> Fourth year. >> Right, fourth year so great looking forward to that. Well David, thanks very much for co-hosting with me-- >> Your very welcome. >> And it's been a pleasure working with you. Okay that's it, we're one day here at Pure Accelerate. Tomorrow we're at Hortonworks, DataWorks Summit, we were there today actually as well, and Cloud Foundry Summit. Of course we're also at the AWS Public Sector, John Furrier is down there. So yeah, theCUBE is crazy busy. Next week we're in Munich at, IBM has an event, the Data Summit, and then the week after that we're at Nutanix dot next. There's a lot going on theCUBE, check out SiliconANGLE.tv, to find out where we're going to be next. Go to Wiki.com for all the research, and SiliconANGLE.com for all the news, thanks you guys, great job, thanks to Pure, we're out, this is theCUBE. See you next time. (retro music)

>> Announcer: Live from San Francisco, it's theCUBE. Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pure Accelerate. We're here at Pier 70 in San Francisco, and this is theCUBE, the leader in live tech coverage. I'm Dave Vellante with my co-host David Floyer. Matt Kixmoeller is here, he's the Vice President of Product and Solutions at Pure Storage. Kix, welcome to theCUBE. >> Thanks for having me. My first time on theCUBe, I'm honored. >> That's awesome, well, we're honored to have you. Got to have a nickname on theCUBE. We had Dietz on earlier, Stu had to leave. You can call me V, if you want. You really don't have a nickname; we call him Floyer. (laughter) >> All right. >> So anyway, great job today on stage. You got a really engaged audience. You guys have a lot of fun. The orange shoes are cool. How do you feel? >> I feel great. You know, as we said today, this is the biggest year we've ever had in innovation at Pure, and it was fun to really take the focus back to software this release. You know, we spent the last year bringing out our next-gen cloud era all flash platforms, between FlashBlade and FlashArrayX, and this was an opportunity to really flex our muscles around software, flex our muscles around IoT and AI and that as well. So, it was a fun set of releases. >> Well, it's been interesting to sort of watch you guys and watch your product strategy evolve. And of course, coincident to that is your TAM expands. All right, so it started in the sort of you know, lower end of the spectrum, and then it went into the 20s and now it's in the 30s, and I was saying to David it used to be, well I buy EMC for block and I buy NetApp for file, and you guys are challenging that convention. >> Matt: Yeah. >> Maybe talk a little bit about your strategy and how your penetrating now new markets. >> Yeah, we think about our market opportunity in three buckets. So first off, we go after the top 500 cloud providers, and we see one of our biggest segments is really cloud providers and we see them increasingly not really looking at legacy options for storage. You know, they want a modern storage fabric, and part of why we're so excited in particular about the work we've done around NVMe is we feel like it helps us go after some of the more server DAS-centric workloads of the past, or of the next gen workloads, and we can talk a little bit more about that. A second key area that we're focusing on is really going after next generation data-driven applications, and AI, ML, all these areas are really driving amazing storage growth. It's even, I think, surprised us how quickly it's come up, and you had folks on theCUBE earlier today talking about FlashBlade, but one of the threads that units a lot of the next gen applications is they're designed to be scale-out and they're designed to really need a lot of parallelism from storage. And so what we're doing with FlashBlade is really designing a storage platform that's kind of parallel from the start, and can deliver that massive concurrency that you just can't get from a lot of legacy providers. And then yeah, I think the third thing we're obviously excited about is going in and ripping out the spinning rust of the past. We've made a lot of innuendos at this conference and how we're in this classic rusting building and maybe it's a nice metaphor for some of that-- >> Tear it down! (laughs) >> But yeah. But we are we're helping liberate the rest of the world, and I think one of the things that we're excited about today was to announce Purity Active Cluster. That's been that top of the reliability hill feature when people want metroclustered applications, active-active in two data centers, that's about as reliable as it gets, and that was a feature that we didn't have in FlashArray until now, and so we're excited to have that final area to go in and help liberate. >> Yeah, so it's not just the disk spinning rust replacement, it's, you talked this morning about SRDF, I remember well in the early 1990s when SRDF came out, it was game changing and it obviously has driven a lot of revenue for EMC, now Dell EMC, it helped a lot of customers, but there's no question it was the mother of all complexity and cost. So talk a little bit more about how you guys are going to approach that problem. >> Yeah, I mean, I think if you look at a lot of what we announced today, there continues to be a thread of simplicity throughout everything. You know, it's fun, I was employee number six up here, I've been in on the adventure from day one, right, and we always had a fundamental belief in simplicity. But as we started to shift products and started to get customer feedback, there was like this lightning rod within our team all throughout engineering where people really understood the power of simplicity. And it went from a belief to a religion, I would almost say. And we've just always tried to do that with new feature we come out with, and this felt like an area where there was such a vacuum of simplicity that there was a huge opportunity to rethink things. And so, with this feature it's totally built in, it's totally integrated, you could easily just stretch a volume across now two sites. And one of the problems we went to go solve was the third site mediator problem where you always need a third site witness in a stretch cluster to determine if there is a failure, who's the surviving side that you want to have actually process the application IO. And so we're delivering that as a service, as a SaaS service from our Pure One infrastructure, so it's just one more way that we take one more step and one more pain of the infrastructure away. >> So I'd like to drill in a little bit on the NVMe side of this. >> Matt: All right. >> We've done some research on the architecture which we think is coming up, which we're calling unigrip because it allows this very even access to data at very low latencies across there. And really, we'll start in our view, a different sort of applications, really very very different where you can combine legacy state applications with the AI applications and other things like that. How are you going to bring that to market? Who are you selling that to? >> Yeah, I mean, we're super excited about this transition, NVMe and we're trying to take a real leadership role here. And so much of it reminds us actually of the early days of Pure. When we started Pure, flash was expensive, it was exotic, you had a bunch of people trying to make it this 1% technology, and our whole idea was look, let's not make it a Ferrari, let's democratize it for all and we think everybody deserves flash. And we did a bunch of work to try to mainstream it. And we're trying to take a very similar approach with NVMe, where a lot of the early folks who approached NVMe built very specialized appliances, did exotic things. And our view is it should be mainstream. All flash arrays should be built on NVMe. And the real advantage is something you hinted at. It's just massively parallel. And so here you have flash, this inherently parallel medium on its own and we're talking through it through these legacy SCSI protocols that have been around forever. NVMe is a huge opportunity to open that up. But we had an initial insight, I believe, where when we approached this we didn't just say look, we should get an NVMe SSD. We realized that that whole architecture has to be optimized from software to hardware, and so we forgoed or forwent the SSD form factor. We built our own direct flash module, and the real magic of how we've approached this is not only shipping a device that's massively parallel, but building a bunch of software within Purity that knows how to take advantage of that, and brings all the flash management up to the software tier, so we can kind of take advantage of it end to end. And so, these are things we just don't see our competitors in the market doing right now. Maybe one more comment on your parallelism. I mean, I think you're right in that if you look at a wide range of next generation web-scale applications, whether they be more classic NoSQL databases on through analytics, on through to AI and ML. AI and ML are kind of maybe the most extreme examples, but they're all far more parallel scale out applications than we were used to before. And so they thrive in environments where you have storage that can marry that model. And what we're finding in particular in the AI world is that we're not up against other storage vendors. I mean, the alternative really is to go get a bunch of white-box DAS and build your own storage layer and maybe use some open source stuff, but that's cumbersome and that has all the issues that everyone's aware of, right? So we believe that as a commercialized product we have something pretty unique to offer these markets and it's been exciting to see it even push us. One of the things I think we surprised people with today was making FlashBlade 5x bigger. You know, we announced it last year, people thought it was pretty big and pretty fast to begin with, but it was these use cases and the early adopters that pushed us to make it larger. We saw people in the early adopter phase of FlashBlade buy in and deploy at much bigger scale than we were expecting. We were kind of used to our experience with FlashArray where people sort of started small, they got to use the technology, then they kind of grew. But I guess you don't do big data on a small scale. (Laughter) So people dived in. >> So I want to ask you about this whole big data, because it's probably the first time we've even used that term today. It's amazing how fast that came and went, even though big data's now mainstream. But, and you said, you made the point, Matt, that not a lot of storage competitors are going after that. Well, you'd think big data, storage, they would fit. But I think a lot of the competitors realized well, there's not a lot of money to be made there. And now it's just hitting its best stride. Here's my question. If you look at Hortonworks and Cloudera in particular, you're starting to see the cloud guys, Amazon with its data pipeline, certainly Google and Microsoft, are picking up a lot of action in the cloud with a full as-is service of the data pipeline. What do you see, and it's affecting some of the on-prem activity, what are you seeing with regard to cloud versus on-prem, and how does that affect your business? >> Yeah, I think you're right in the sense that if you looked at how you could have deployed big data technologies before, I think that there are basically two ways to do it. People that did it in the cloud, or they did it on-prem with white-box DAS, and they've got servers and put disks inside. So much of the first generation of big data was basically driven on Hadoop, which fairly low-cost and fairly focused at streaming workloads where you had this, frankly not much performance profile or need for performance on disk, and so what we found in the early days was, hey if you tried to put flash underneath it, didn't help that much. >> Dave: Didn't do much for it, right. But the thing that's changing now is people want to move away from those slow batch queries to much more interactive analysis, much more real time, and so Hadoop's given way to Spark, and so that's changed that discussion quite a bit. Back to the discussion though, around on-prem versus the cloud, I think this is an area where as people get more and more invested in their data, they're understanding it's a key control point. And so if I get all my data into one cloud provider, it's pretty hard to get it out of there. This is core to my business. Do I want that level of lock-in? Also, can I do better with my own dedicated solutions? And what we've found is that when we can bring FlashBlade to bear these big data workloads, we can outperform what people can do in the cloud handily, at a lower cost. And so there's a proclivity to want to own your own destiny, own your own infrastructure, and the ability for us to deliver a higher performance for a lower cost in the cloud we think is a pretty good connection. >> And of course, complexity is hurt, it isn't hurt, I mean, the market's growing very nicely, but it's actually hurt a lot of the practitioners' ability to absorb technology. I suppose Pure and its insane focus on simplicity helps a little bit, as does Spark, sort of simplify the whole Hadoop thing, but you've still got, you need a lot of smart people to make this stuff work. So it's going to be interesting to see, but what I'm hearing from you is you don't have a lot of storage competitors going hard after this. And so the guys that have done really well with Hadoop that have on-prem infrastructure you would think would be picking this up quite rapidly. Well, and look, we're having discussions with all of the Hadoop providers as well, because if we can help them deliver a higher customer satisfaction and a better outcome, it's upside for them as well. They don't want to be storage companies. >> Well, they need help, I mean the irony is that Cloudera is in the cloud era, and the cloud is eating away at its base, so they need somebody who's going to help them simplify, I mean, they're a software company, help us simplify the on-prem infrastructure. >> One of the things you said earlier that I think has been an additional learning for us, and FlashBlade as well, when we went into the FlashBlade experience, we kind of expected that people would buy and all they would care about is performance. And so we asked ourselves, well how much does this user base really care about simplicity? We found the total opposite to be true. Most of who we're selling FlashBlade to are not IT folk. They're data scientists, they're engineers, they're creatives, they're a line of business people. And they want nothing to do with managing infrastructure. And so the simplicity, oftentimes we're replacing what would have been racks and racks of disk that they didn't want to deal with to begin with. And so the simplicity value prop, shockingly, is actually more important, we're finding, for FlashBlade even than FlashArray. >> Makes a lot of, we have a saying in theCUBE that data is the new development kit. 'Cause it's like you say, it's data engineers, it's data science, even application developers are starting with the data, and so, and complexity has choked that whole industry, and so that's excellent. Okay, are you? >> Oh yeah, I was going to ask. One of the things you were saying very clearly here is that the drive of getting data up to the cloud to do this AI, or up to anywhere to do the processing, to create the models, is going to have to be ameliorated by reduction of that data. By reduction, I mean turning that data into informational tags or whatever it is as it's going up the line, very close to where the data is. >> Dave: I call it the needles in the hay stack. >> Yeah, extract the needles very early on. So can you talk a little bit more about what your vision is there, how are you going to do that, who are you partnering with to do that? >> Yeah, so I think that you hit on a very important problem, and I think everybody is starting to finally internalize how much faster devices and machines can generate data than humans. (Laughter) And so we're used to this human era of cognition of data creation, but this asymptote is happening. And, you know, I think it's becoming quite obvious that basically machines have the potential to generate data much faster than it can be stored, used, and especially sent back to the cloud. And so you need some level of local processing to analyze it, to send back more, you know, kind of per that metadata. The other challenge is that many of the use cases that people want to use at the edge are latency sensitive, and so you can't take the time to think about it, send it all back, think about it, send it back again-- >> Dave: Ogle it. >> And do some realtime control thing, right? My favorite anecdote that proves this is some of Amazon's infrastructure, where they build out dedicated data centers within their distribution facilities because they need to be able to realtime analyze the video feeds of everything that's going on, make decisions, right? And so if they can't send all the data to their cloud, they have to build they're own data center-- >> Dave: Nobody can! >> Inside there. (laughter) And so it's just indicative of a broader solution there, right? You'll see a demo that we're going to be doing tomorrow where we're doing a great coprocessing app where we're kind of collecting a bunch of data here at the show, analyzing it, and then sending part of it up to the cloud and partnering with Google to analyze it there, and showcasing an example use case of this. And so we think it's an area that's going to be important. Part of that also brings us to what we've done with our Purity run. So one of the things we've announced today was opening up our Purity platform to third party code, to developers. And we see a number of use cases for this. Many of our cloud customers have asked for this, where they want to kind of tie the storage more directly into their application, but the other use case we see is the edge. Where, if we can deploy a local Pure device on your oil rig, in your plane, in your factory, whatever, and have that processing capability happen there, and then to have that summarize the data and be able to send it back, that provides more of an all-in-one solution for that. And so, you know, we don't have dedicated products in this space yet, but this is our way of opening up the platform to be able to see how people develop on that how how they can start taking advantage of that. >> Okay so, we got to wrap, but you were telling us you were employee number six-- >> Matt: Yep! >> So that's quite a ride. I mean, so many companies just don't get to reach escape velocity, to use that term. You guys did. What's next for you, where do you want to take this thing? >> Yeah, I think we're all extraordinarily excited here at Pure. I mean, so much of this first generation of Pure's growth has been reshaping the existing storage environment. And, you know, we feel like we're through that mission. Yes, okay, only 20% or so of enterprise storage is flash, but the writing's on the wall, we're delivering the products. That is momentum now, right? >> Dave: Right. >> And so so much of our next generation of innovation is going after these new data-driven use cases, helping cloud providers, just going after what's next. And that opens up a much broader definition of what you can be as a data company. You know, we kind of stopped referring to ourselves as a storage company, we're going to have to get storage out of the name at some point, but you know, going after the broader problems around data is a much more exciting mission that we think powers the next decade, so, lots to do. >> Great, right, Kix, thanks very much for coming to theCUBE. >> Matt: Thank you guys! >> It's great to have you. >> Floyer: Thank you. >> Matt: Appreciate it. All right, keep right there, buddy, we'll be back to wrap up right after this short break. This is theCUBE, we're live from Pure Accelerate 2017. Right back. (upbeat electronic melody)

>> Announcer: Live from San Francisco, it's the CUBE covering Pure Accelerate 2017. (upbeat music) Brought to you by Pure Storage. (sparse percussion fading) >> Welcome back to San Francisco. We're at Pier 70, and this is Pure Accelerate. And this is the CUBE, the leader in live tech coverage. I'm Dave Vellante with my co-host David Floyer. First segment of the day. Welcome! >> Thank you. >> Dave: Todd Graham is here. He's the Vice President of IT Infrastructure at ScanSource, Inc. >> Thank you. >> Dave: Axel Streichardt, who's the Director of Business Applications Solutions at Pure Storage. Gentlemen, welcome to the CUBE. >> Thank you. >> Thanks. >> Okay, so let's get right into it. Well, if we start with ScanSource, what does ScanSource do? Set up the interview with just a little background. >> Sure, so we are an international technology distribution company. We have been around since 1994, public since 1994. Today we're in the US, North, we're in Europe, Latin America, and we are quickly growing to 45 to 47 locations around the globe. We focus, very vertically focused, on technology such as telecommunications. Recently we bought a telecommunications services master agency, so we can deal with service and connectivity. Point of sale and barcode is our original business unit. And we do Voice over IP phone systems, videoconferencing, and those types of technologies today. >> You said you started in '94 and you been public since '94. So you started with an IPO? (panelists laughing) >> It was very early. That's correct. (panelists laughing) >> Wow, that's amazing. I'd love, I got to talk to you afterwards. (panelists laughing) >> That's right. That's right. >> That's like Bitcoin or something. Okay, and then maybe we could set up to the segment here. Axel, I saw you speaking here earlier to an audience. >> Axel: Right. >> Maybe describe the discussion that we're going to have here about cloud. >> We, of course, focusing a lot on the different flavors of cloud and the different deployment models that SAP customers are considering today, right? So it could be on premise. Do you want to do it in a hybrid cloud? Do you want it in a public cloud? And we see that, initially, a lot of customers were thinking and considering public cloud as the solution for SAP workloads. And it is interesting that, in recent months, we actually see that from this initial, let's say, movement we see a lot of customers actually reconsidering and coming back, right? And they're seeing that the economics, the flexibility, the agility that they were thinking about when moving certain SAP workloads to the cloud is actually not really the reality. And the reality caught up with them. And they see that the value that they get from Pure Storage actually to run SAP workloads on Pure Storage make way more sense from an economical and also from an agility perspective, right? And we also see that IDC and some other analysts, even SAP themselves, they are actually saying that probably 60%-70% of all SAP workloads will stay on premise. They will not go into a public cloud or cloud deployment. >> Okay, so, Todd. So tell us about, so you're a ERP customer, SAP customer. You decide to move into the cloud. Maybe tell us about that journey. You moved in, and the pendulum swung back. So add some color to. >> Yeah, we were migrating away from our legacy ERP environment and moving to SAP. It was a greenfield opportunity, so we felt like it was the right time to move into the cloud. We looked very heavily at our internal expertise from an applications standpoint as well as an infrastructure standpoint and felt that this would be the right opportunity to move to that infrastructure as a service, application as a service model. And then we could take time to take our center of excellence team around SAP and do knowledge transfer between the cloud organization, the managed organization, and use it as a ramp for us to educate ourselves more around SAP. Some of the other driving factors were simply. Why do we want to go to the cloud? The elasticity, the ease of deployment, the things that we firmly believed at the time were the right decision. And we felt like it could be done quicker by moving to the cloud to do that. >> Okay, so you moved to the cloud, and then it wasn't the experience that you thought it would be. It was >> Todd: Correct. >> Axel mentioned a bunch of factors. The agility wasn't there. The cost wasn't there. Maybe add some color to that as well. >> Yeah, absolutely, we felt like, with the growth of our company through acquisitions, that speed of deployment was going to be key in the future. And we quickly learned that that was not necessarily the case. Everything became request-driven, SLA-driven, versus actually worrying about what was happening within our application itself. And so we just became another customer that was submitting tickets, if you will, in that environment. Stability and performance, we saw some real impacts to the environment that were actually end-user-affecting, which really began to force us to look for some different solutions. >> Okay. So, David, you just participated in a study. We call it the True Private Cloud. >> David: Right. >> So what was happening was it was a lot of cloud washing going on. >> Right. >> And with Private Cloud, we said, "Well, you know, essentially what people want is "to be able to substantially mimic "the public cloud on private." So they can get back that control and address some of the problems. >> That's right. >> So maybe pick it up from there and talk a little bit about. >> Sure, so yes, this, this is reports that we've done on the amount of spend that'll go to hyper-converged types of products and bring it back in-house and offer the same sort of facilities to the end users as you get from a public cloud but in a private cloud itself. So is that how you've done it? Did you take a package, or how did you go, how did you take your work from the public cloud back into the private cloud? >> So part of that was, we did the initial cost analysis of where we were at. And that was one of the main drivers behind, we really can do this in-house ourselves. That's when we began looking at partners that could help us. It was a perfect time that it had set up within our refresh strategy around our traditional storage and compute environment for us to really look at what the cost factors were. Could we improve the performance and the stability of that environment and improve that service to our end users? And so those are the decisions that we made, right? And then we said, "It's time for us to bring that back in." We can have control. And one of the biggest things, and it was really more than control, it was that we understood our environment. And that was the biggest thing that we saw a challenge with, was trying to convey the importance of what was happening within our deployment of SAP to the managed services provider. >> So what led you to the Pure decision? Like David said, you got some kind of converged infrastructure, whatever, the metaphor for mimicking public cloud. What led you to Pure? And we could talk about what the solution was. >> Yeah, one of the things was just the simplicity of Pure. At first, when we heard the story, we weren't sure we really believed it. We were like, "This is, this is entirely too simple." The evergreen model was very intriguing to us at the time, because we had been in that traditional storage and compute environment where, every three years, we had a massive project and do a forklift upgrade with choose any of the providers. And it was, is what we were doing. We were looking to set ourselves up for SAP HANA in the future. We wanted to build an infrastructure that would allow us to get there. And in all of the due diligence that we did, Pure came out on top with that, with a lot of the story around their compression and dedupe capabilities. Performance around IO was just extremely compelling at the time. >> So you got to love this story. >> Absolutely. >> I mean, you hear this a lot from customers? Is this a unique situation maybe? >> Yeah, we see this a lot from customers. Actually by moving SAP workloads, mission-critical workloads, now to Pure Storage. And what really, it's not just about the evergreen and the simplicity, right? What also resonates very well with customers today is our story around the data platform, right? So that's not about storage anymore. It's really about providing a foundation for certain SAP workloads, and you can seamlessly go from, let's say, typical Oracle SAP deployment, and you can start with HANA deployments. Actually, by using our solution, you can actually reducing the cost by up to 75%, right? So these are all compelling reasons, and this all without any configuration changes or any setups that you need specifically for SAP workloads, right? It is so simple that you can run various SAP workloads on the same platform. And to move this, actually, to another angle is, What if in the future you want to do analytics, big data, internet of thing? Again, it's the same platform, it's the same foundation that you can run all these various SAP workloads on. And I think this is a very compelling story. >> And it's interesting for us. It's not just SAP workloads that are running in that environment. >> Oh, really? >> We're, it's, it's a mixed environment, so we're running everything else on top of that FlashStack today. >> Dave: Well, you've done a lot of work. >> Axel: Sure, yes. >> Well, I've got one other question I'd like to ask you about landscapes. See, you're a big international set of companies that you are servicing. So from a landscape point of view, did you want to centralize that onto one landscape or multiple landscapes? And I would have thought that's an area as well where using Flash was a great advantage that you could actually. >> It is centralized today. And then as we grow, we are giving consideration to, Will we have multiple instances across the globe. But today it is centralized and will be so probably for the next 24 months. >> But what you described earlier, Todd, was this horizontal infrastructure layer that could support mixed workloads. But there's got to be some kind of software, something in the middle that supports that as well. Did you have to write something to >> Orchestrate >> To support that >> Was it, yeah, some kind of orchestration or management, stack. >> No, today it was all, everything that we're doing today is within the Pure UI or within Wmware and UCS Manager today. >> Dave: Okay, well that'll get you pretty far. >> Yeah, yeah. Yeah. >> So where do you, what do you take away from this in terms of where this market's going? You talked about analysts generally say that most SAP workload's going to stay on prem. I think we would generally agree with that. >> Yes. Yeah. >> It's going to be a long slog before they're ready for the cloud. At least the core, mission-critical stuff, right? Okay, so that says there's real pressure on IT organizations to mimic substantially that public cloud experience. Are we there today? With a lot more work to be done? I'd like both of your inputs on that. >> Right, and that's the beauty of it. We're actually providing it, at Pure, the various flavors of cloud. So if customers want to actually go from physical to virtual, we are supporting this, because you can actually run your virtual SAP workloads seamlessly on our storage array. At the same time, if you're already then moving to the next level and you want to have a private cloud environment, right? So we have all the components and capabilities actually built into our product that you can do things like self-service, right? You can have chargeback. You can have all the deployment, right? So all of these features that actually make up a private cloud environment, so we have them in our mix already, right? So we more or less have everything ready for customers today. And if they want to actually go to a hybrid cloud, that's why I'm saying. 30%, maybe, to 40% of SAP workloads might go into a cloud, into a public cloud or a hybrid cloud environment. And we're actually also providing this hybrid cloud capability that you can move workloads seamlessly to an Azure, to an AWS, or to Google Cloud. So we just heard this morning we have this capability to move certain workloads seamlessly from on premise, from on premise Pure, onto AWS, for instance. So we have all the ingredients, so throughout this entire journey that the customer wants to go through, that they can actually move along with this one data platform, and that makes it. >> So, Todd, how do you decide now, knowing what you know, what goes where, what to put in the public cloud, what to put on prem, what's eventually going to be hybrid? >> Well, and we have adopted a strategy of Cloud First, which means, Will the workload or will the application fit in that as-a-service model? Does it necessarily mean that we're going to put everything there? We still believe that most mission-critical, anything around the RP, will most likely remain in-house. And one of the main differences that we saw was the availability in uptime that the Pure system gives us around what we could see that the manu-services providers could provide. And downtime is really not tolerated, and it's one of those things that we need. And when it's down, we've got to have things back up, and we need the availability to our end users. And as we expand across the globe, we're becoming more of a 7 by, maybe today we're a 6 by 20. We're not fully 7-by-24 shop yet. But we're getting to that, and so we're looking at the infrastructure that will help us achieve that goal. >> So you're looking at cloud as an operating model more so than a destination. Is that right? >> Todd: That's correct. That's correct. >> And of course, there's the destination aspect of it, which is a function of, what, performance and cost, and. What do you look at? What are the determinants there? >> Yeah, so performance is obviously key for us. Cost is always an important factor, but it's probably number 3 or 4 on the list, right? Availability, uptime, and performance are our key. And if we can get those, we can get the support and the availability that we need, then maybe it makes sense, right? If it's a web application, if it's something that's very straightforward, again, one of the biggest reasons that we go back to bringing it in-house is we truly understood the environment and how things fit together. Whereas in that manu-services environment, it was very difficult to do that. >> And what about security? We haven't talked much about security today. But where does that fit in in your cloud decision? >> David: Especially internationally, the different rules in different countries, for example. >> Yeah, internationally, it's a challenge with all of the data privacy laws and the things that are country-specific, and we're learning a lot of that in Latin America as well (David chuckling) as we begin to move into those markets. But security is absolutely top of mine. We will work with those cloud services providers, but we've talked to a lot of folks along the AWS and the Azure route. And we're comfortable with where the security around the cloud is going. We're talking to a lot of new cloud security brokers to understand what they can bring to the table as well. And it's not just an IT discussion. It's a legal discussion, right >> Right. >> We're having those legal teams come back to us and say, "Well, what does this mean?" Right? Where is the data going to live? And is it going to fit within our retention models and all of the things that we have in place today? >> Alright, good. Okay, we got to leave it there. But Axel, I'll give you the last word. >> The last word? Pure Accelerate. Give me the bumper sticker. >> So we are really excited to have, actually, a confirmation from a customer side to see that the strategy and the direction that we're going here at Pure is exactly on par with what customers are actually demanding and what they want when it comes to SAP or mission-critical workloads. So I'm really glad that we're hearing this now from a customer and get the confirmation from a customer. So I'm just really super duper excited to have Todd here with us to hear from, directly from a customer. >> Excellent. Alright, Cloud First. The CUBE, we hope you're first, we're first on your playlist. Gentlemen, thank you very much for coming on the CUBE. >> Thank you. Thank you. >> I appreciate it. Alright, keep it right there, buddy. We'll be back with our next guest right after this short break. (upbeat percussion music)

>> Narrator: Live from San Francisco, it's theCUBE, covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pier 70 in San Francisco, everybody. This is theCUBE, the leader in live tech coverage, and we're here covering Pure Accelerate 2017. Andy Vandeveld is here. He's the Vice President of Strategic Alliances at Veeam, and Rajiev Rajavasireddy. I'm going to do that again, Rajavasireddy. >> Awesome. >> Did I get it? >> Love it. >> VP of Solutions at Pure. I thought I had it, Rajiev. >> You were so close. >> Alright, next time. I hope you come back so I can get it right. Anyway, welcome to theCUBE. Andy, good to see you again. I tweeted out today, I was joking, Veeam is like theCUBE. They're everywhere. You guys have been having great fun, hosting parties. Of course you're here now. We heard you up on the main stage today. So, let's start with the partnership. What are you guys doing with Veeam? >> So, we get a lot of requests from the field to partner more closely with Veeam. So, we have a lot of common customers. If you look at basically where we come from and where Veeam comes from, both of us have virtualization as a common thread. And the traditional backup software had to come into virtualization after the fact, so retro (mumbles) virtualization, whereas if you look at where Veeam started with virtualization, if you look at Pure it's a similar history, right? So, we came during the virtualization phase where people were trying to 100% virtualized data centers. So, both of us have this affinity for simplicity, virtualization centric, and efficiency and performance. Obviously, Pure is all about performance. So, there is a lot of natural synergies between Veeam and what Pure does. >> And we talk about this all the time, backup. For years, this has been a bolt on. It's been an afterthought. It's been one size fits all. I've written a lot about some of the challenges with backup. Now, talk about the announcement that you're making. Snapshots are not backups, right? >> Rajiev: That's right. >> But, they could be a critical enabler. So talk about the announcement and exactly what you guys are doing. >> Yeah, so as Rajiev was saying, we hear a lot from customers and a lot from partners about the customers wanting native snapshot integration with Pure Storage. So, that's what we announced today. We're in the lab. We're working through development right now. We provided the APIs to Pure, and our target is to get full snapshot integration out in GA sometime shortly after our Version 10 hits the market. >> Okay, and this is starting with block, and then eventually is files in the road map. >> So basically, as Andy was mentioning, we have the SDK. We have to sign the non disclosures, usual non disclosures with each other, and we have Veeam's SDK. So, our engineering is working on it, and we're planning to get this out, snapshot based integration with Veeam. And we're also in parallel working on solutions for FlashBlade along with Veeam as well. >> Okay, so I want to definitely talk about solutions, because that's important, and that's obviously your title. What about, what are the real use cases that you guys are seeing that you're going after? Let's start there and then we'll get into solutions. >> Rajiev: You want to take or do you want me to take? >> Andy: Yeah, go ahead. >> Sure. So obviously, the no brainer, virtual server, virtual desktops, Veeam is very strong. Pure has a ton of that in their customer base, and those are basically low hanging fruit for both of us. >> Alright. Others that you feel like will emerge over time? >> Pretty much. I mean if you really think about it, even databases-- >> Host: Right, I was going to say-- >> It runs well, but they run in VMs, and so we do those backups as well. So, there's a lot of databases that are on Pure, as well. >> Are you doing much, does Veeam do much in Oracle? Is that a big market for you or not so much yet, or is it emerging? >> Oracle Database is certainly a backup source for us, but in terms of applications I think we look at more of how do we facilitate the movement of those virtual machines and the backing up and the availability of those virtual machines from the storage perspective. So, we'll move into the application layer as we go along, and as we make more and more of our push into the enterprise, but I think right now it's focused on how do we take the virtual machines and the files in the storage environments and orchestrate those across the various environments that customers are finding themselves in, whether it's on premise, whether it's in the cloud, some combination of the both of them. >> Well, that's fundamental to the strategy, kind of like snoop, multi cloud. (Rajiev laughs) >> Good reference. >> Rajiev let's talk about... Inside joke. We won't bore our audience. Maybe we'll tweet out a picture, show you what we mean. Anyway Rajiev, let's talk about solutions. What are solutions to you and Pure, and what specific solutions are you working on? >> So basically, if you look at our portfolio of offerings, we have FlashArray, which is a block based array, which is (mumbles) and fiber channel as protocols. Then we have FlashBlade, which we did earlier this year, and FlashBlade is targeting next gen applications, so a very large customer is using us for artificial intelligence and machine learning. We are targeting applications like IoT, big data analytics. So, all the cool stuff, the next gen workloads, that's where FlashBlade is targeted. We're doing file and object. So just today we GAd our S3 implementation on FlashBlade, and we have NFS support, and we also have native, not native, but SMB support with FlashBlade. So, that's targeting the next gen workload, the file and object workloads, sorry, FlashBlade is, and FlashArray is targeting the block workloads. And then we have a partnership with Cisco. It's a jointly branded converged infrastructure we call FlashStack. So, these are all the portfolios that we have. And as you can tell, the solutions on the FlashArray side are mostly, if you will, virtual servers, virtual desktops, databases, Oracle, SQL, and of that nature, and they're already talking about the FlashBlade application. FlashStack can incorporate FlashArray as well as FlashBlade. >> Okay, and then in talking to some of the Veeam customers over the last several weeks, many of them lacked, before they found you guys, a disaster recovery strategy, and they sort of got one by default. Does that fit in terms of what you guys are doing together? Do you find that similar in the Pure customer base? Wondering if you could talk about DR for a moment. >> Yeah, DR is definitely a strong solution and value proposition that we can bring together. Customers need that. As we move more and more into the enterprise, that becomes so mission critical for that enterprise class of customers. Not only do they want the availability, but in the event of some disaster they want to have that ability to recover. I think doing the native snapshot integration gives us an even stronger solution to take into the DR market, whether it's DR on premise, DR as a service with service providers, whatever that mix is, it really does give us that more robust solution, and I think that's in addition to the other value propositions and other use cases that Rajiev talked about. That is a big one. >> Rajiev, maybe you can talk about the nature of the partnership. We talked about there's some engineering integration going on. What about the go to market? What's going on in the channel? >> So basically, again, there's a lot of synergies there. So, we have a direct sales force, and so does Veeam, but we are 100% go through the channel, and so does Veeam. And it turns out a lot of our channel partners are also Veeam's channel partners, and there is scope for us to do incentive programs and so on and so forth. So, there's a lot of synergy right there. Combine that with Cisco and the FlashStack, both of us have Cisco as a partner, and it turns out Cisco's channel partners are pretty much near 100% overlap with ourselves. And I'll let Andy speak for Veeam, but I suspect there's a lot of the same partners that also sell Veeam. >> Yeah, I think that's another aspect of the relationship that really when we started looking at what's the next integration that we're going to do, this was an important one for us, and we'll soon go to market. It just seemed so aligned, and it was aligned with not just between ourselves, but with that common partner in Cisco and the reseller communities around all of our businesses. So, that was a real point of interest for us in deciding to do this integration. Not only were you hearing it from customers, but the infrastructure, the ecosystem, of partners was something that we just readily take advantage of. >> Well, it's no secret that you guys both compete with Dell EMC, and obviously a merger of that size has to have an effect on the channel. How have you specifically been able to take advantage of that, or have you been, and has it been substantial? >> Of course, right? Anytime you have mergers of that size there's some level of uncertainty in the channel market. Customers don't deal with uncertainty well. When you combine two big companies that have a lot of overlapping products, there's always that, and so we've definitely made the A out of that. >> So, you've specifically picked up channel partners that say like, "Hey, I really want to give you guys a look," that might not have before? >> So basically, that is part of what we've done. The other part is also the existing channel, I mean there are some channel partners who sell both portfolios. A lot of channel partners have multiple portfolios. >> And so what's that? A mix, a share shift, a mix in the... >> Rajiev: It's a combination I would say. >> Okay, how about you guys? >> Yeah, I would say the same thing. Eventually they're going to figure it out and they're going to get it right. Everybody should expect that. But in the meantime there has been some disruption, and I think partners are looking around and saying, "Where am I going to make my money? "Are the assets in that portfolio "of those two merged companies going to even still exist?" And as that all starts to get, it works its way out, there's a gap in time, and I think that we've been able to fill that gap from a data protection standpoint. Pure has been able to fill that from a storage standpoint. And we're taking advantage of this opening that we've got. >> And it's interesting, I want to talk more about the channel, in the context of solutions, Rajiev, because if you look at the channel and the way it's evolving, you've got the box sellers. We love them. That's probably where most of the business still is even today. But, that business is declining, and we know that. Those channel partners, they had great businesses. They still do. They've got boats and mansions and whatever else, but that business is in decline. The margins are under pressure. And then you've got the solution folks, and this is where I want to get your feedback. Solutions used to be defined as SAP, Oracle, VMware. Now you're talking about these emerging solutions around data, analytics, IoT, machine learning, a whole new set of solutions players, and then of course there's the cloud, the cloud service providers, and ISVs. It seems like the channel is in flux in a big way. So, to the extent that a company like EMC, and maybe we saw this somewhat with IBM as well when they sold off x86 and BNT, to the extent that their channel is in any kind of uncertainty, how do you see the channels shaping and emerging, and how are you taking advantage of... First of all, is what I described accurate, and how are you guys taking advantage of it? >> Absolutely. You know, there's also another trend that you didn't talk about. I mean cloud. It's the elephant in the room. The cloud is here, and people want to look at what they want to do with the cloud when we talk about customers. It is a challenge as well as an opportunity for channel partners, right? So basically, if you look at, for example, what we're doing with FlashStack and with Veeam, we are still providing infrastructure, and infrastructure by itself is not a solution. If you look at what the IT folks are dealing with is their developers. So, you can go to the cloud, and you can actually go ahead, the developers can go ahead and provision themselves VMs and everything else very quickly. They don't even know what infrastructure is running underneath it. Now, the challenge for the IT folks is to see how they can provide a similar experience to their user base, and a lot of the times it could be developers. So, it's incumbent on us, and Veeam, and everybody else to provide an infrastructure that also ties in. When you say solutions, there's tiers of solutions. You need to have automation orchestration. They're solutions. You need to have management solutions that still provide infrastructure, and then you have applications that run on top of that infrastructure. So, the channel partners have a lot of scope to actually add services. And if you really think about channel folks, I mean the good ones, they always want to make money on services, not on pushing boxes, like you called earlier. >> Host: That's where they get their margin. >> And it's a great opportunity for them. >> Margins, stickiness, loyalty, I mean all that stuff. And the fact that the definition of a solution is evolving is an opportunity for those players who can move really fast. >> And we see our channel partners trying to do a good job in that space right now and evolving there. >> Both of you, when you look at that mix that I talked about, I said 70% are sort of box sellers. Well, you guys don't sell boxes, but you know what I mean. Is your mix weighted more toward solutions in your companies? >> Yeah, I would say we kind of measure it more on on-prem versus cloud, or some sort of subscription managed service environment. But, we definitely see the higher growth coming from those non on-prem environments. And I think that's a place where the more advanced resellers are spinning up services. And we're following that trend. We're seeing that trend right before our eyes. >> And yesterday we had our global partner forum here, and Hatfield, our COO, was on stage, and he basically highlighted what we call the scarcity model. We don't sign up thousands of channel partners. We sign up a few channel partners who will add real value, and we make sure that they're doing just as well as we're doing. So, if you look at Pure, right, we have about, I think the official number is north of 3,300 or so customers, but our revenue is very high relative to that. So, we are selling to enterprise customers who need... You add a lot of value. You have to sell solutions. You just can't sell a box and be done with it. >> Yeah, I think that's a really important point. Alright gents, we got to leave it there. Thanks very much for coming to theCUBE. Good to see you guys. >> Yeah. >> Thank you. >> Thank you. >> Alright, keep it right there, everybody. We'll be back with our next guest right after this short break. This is theCUBE; we're live from Pier 70 in San Francisco at Pure Accelerate. We'll be right back. (techno music)

>> Announcer: Live from San Francisco it's The Cube covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pier 70 in San Francisco everybody. This is The Cube, the leader in live tech coverage. I'm Dave Vellante with my cohost Stu Miniman. Ray Smith is here. He is the Assistant Director for Technology at the Mississippi Community College Board. Ray, thanks for coming to The Cube, it's good to see you. >> Glad to be here. >> We were having a good conversation off camera. Tell us a little bit about the college board. >> Well, Mississippi Community College Board is... We are the board that coordinates with the 15 community colleges in the state of Mississippi. Part of our job is to make sure that enrollment figures are taken care of. We look at budgets, we work with the legislature, and more importantly we work with the community colleges in helping to develop good outcomes for our students. >> Okay, so it's obviously a public institution, public funded, you've got a responsibility to report to the public. Do you also have responsibility for, well what services do you have responsibility for? You said enrollment, but.. >> I am, for instance, I'm responsible for a statewide network. The community colleges are a little different than some entities in that we have a shared network. In which all 15 community colleges they are connected back to the board office. We act as the ISP for the colleges. The colleges submit data to us. We also have in place a longitudinal data system in the state of Mississippi in which we collect information and we report that information up the line for our longitudinal data. But more importantly what we do is that we count students and we pay based upon enrollment. >> Community colleges play such a critical role today in education. Which we all know, anybody who has kids know how expensive it is to educate. And the colleges are way more open these days about accepting community college student transfers, allowing students to take summer classes at community colleges. My son, for instance, goes to GW, he's taking some math classes at community college. It really helps address the cost. It helps people who aren't ready to go to college. Talk a little bit about the mission and the role that your college plays. >> Our system, or the board office, what we do again is that we coordinate each community college as a separate entity amongst themselves, governed by a local board. But from the state level, we administer the payment based upon students. And one of the things that we do is we're heavily involved in the workforce. That's a real big issue in our system right now. To train more people for the jobs that we're trying to bring in to Mississippi. In addition to that, we have strong academics in which our students take two year academic courses that transfer to our universities. But more than anything our purpose is to try to make a better Mississippi, in providing our services, education and training to the people of Mississippi. >> You're a feeder system, in essence. It's a fast turnover, it's a two year cycle. So your job of enrollment has a lot of pressure on it. Now what kind of pressure does that put on the technology infrastructure. >> Well, a couple of things. Number one, community colleges are education based institutions but at the same time, people come there because of the lifestyle. Because coming out of high school, a lot of students aren't quite ready for the big universities. So, they come to the community colleges looking for a lot of the things that they have at home. Internet, fast internet, for instance, and also the ability to.. (laughs) that's the big one, and also the ability to have online classes where they don't have to come on campus or so forth. But our students want everything that the major universities have and they want everything they're used to as home as well as within coming out of K-12. >> Okay, so, let's get into the relationship with Pure Accelerate, let's talk about it. What led you to them? Talk about your journey, give us the before and after. >> Well, first of all, I have a real small staff at our agency, and we have a lot of big things to do. >> Dave: What's small? >> Small, three people including myself. >> Oh wow, for 15 colleges? >> 15 colleges for a statewide network, etc, etc. What we were looking for was a system that would allow us to bring all of our technical resources into a smaller unit. We looked at the converge systems of some other competitors to Pure early on. And what we were really wanting to see and what we needed help with was more of a technical infrastructure more than anything. But what we found, it was way too complex. And it actually required all of the additional services that you received in terms of technical support. When we moved to Pure, we looked at the Pure Storage, and one of the main reasons we did that was our current system was coming up for renewal. The renewal itself was triple what it was the year before. >> Dave: The maintenance renewal? >> The maintenance renewal. And it was the traditional forklift. We weren't ready to forklift. So looking at Pure, what we were looking for was number one, simplicity, we were looking for more speed, we were looking for all of those things that would make life easier for us. What we ended up getting was a situation where we were able to purchase the Pure array for the cost of maintenance of what we were looking at before. >> Dave: Wow. >> The cost of mainenance. We got the Pure array with three year maintenance on it. So it was a no brainer from our standpoint. >> And let me just put a point on that. When you say simplicity a lot of people what they say, "Oh well, give you more time to work, "but you're going to pay for it more upfront." But you're saying from a capital expense standpoint this was now a savings for you compared to keeping your old gear. >> Understand this, the Pure array is the first piece of technology equipment that I've ever purchased that would not be classified as an expense. It's an investment, simple as that. Because what we purchased, we will not have to throw it out when we upgrade. We simply, as we saw today in the presentation, we upgrade our software, we get same pieces and parts in place. It is, it's an investment. >> Can you walk us through that a little bit? Because you've got the full converged infrastructure solution. Were you using Cisco before or was that something you added? >> I was using Cisco from a UCS standpoint. But I was using another manufacturer's storage. We actually, we moved to the flat stack on our first conversion we kept our UCS, but we removed the storage and our converted it all to a flat stack. Then we subsequently purchased an additional flat stack. But what it has bought us is exactly what you mentioned earlier. We now have time to do things as opposed to just being a technology person. >> Ray, one thing when you talk about upgrades. You've got your computer, your storage, and your network. Storage sounds like you can upgrade it and move there, with converge you can upgrade it. Your network, too? Because network tends to be install it and don't breathe on it because I don't want to mess it up. So, does the full solution get upgraded or how do you manage it? Do you manage it as a stack or as the individual components? >> We manage our stack itself. Now from the infrastructure standpoint of what we do with internet service, that's handled with another piece of equipment. But we were able to number one, shut down two full racks of storage equipment down to four U, roughly. And it's changed our whole costing structure inside of our data center. The data center is much cooler. And of course, the whole support piece of it is just unbelievable. There's no one coming in to replace blades every other week. >> I was going to say, too. It had to have an IT labor impact. So what would you have done? You've got a small staff. It's yourself plus three individuals, correct? >> Ray: That's correct. >> What would you have done if you didn't get there? Would you just have to work more nights and weekends? >> That's what we would have done. We would have continued to do that. >> Dave: And you were doing that? >> That's what we were doing. >> Is it fair to say you got a lot of your nights and weekends back? >> Absolutely. >> So, presumably, people are more productive during the day. They're happier because they have more time with their families. >> Absolutely, and access to our data is a lot quicker than it was before. >> So, working less, you get more done. >> Correct. >> That's a good do more with less story, right? Because usually do more with less means you figure out how to work nights and weekends. I mean you remember that cycle of 20, ten, 15 years of hell after the dot come burst. It was like do more with less, do more with less, do more with less. And all it meant was more hours for IT people. I guess we hit the breaking point, and now technology's got us into this problem. Is technology finally getting us out of this problem? >> From our standpoint, it is solved. At least 50% of man hours that we have been using just to keep our systems up and running. Now I work it all from one pane of glass or from my cell phone. >> And here's the thing. What value did that really provide, that extra nights and weekends, to the organization? I guess the value was, if it didn't get done, IT would fail, was the value. But it wasn't incremental value, right? >> Well, what we've been able to do is move more into the job responsibilities that are actually there more along with the technical side. >> Dave: So the strategic stuff? >> Absolutely, I have a developer now that can spend his whole time developing as opposed to responding to some error message on a hard drive or whatever. >> I'll make a prediction. I think it was, it might have been Greenspan, but he said during the 80's, we all went to PC's, they said you see the productivity numbers aren't up ticking. But we're spending all of this money on technology, but you don't see it in the productivity numbers. And of course in the 90's we had this productivity boom. You're kind of seeing some flatness in productivity, but the stories that we get like this, I think we're going to have another boom. Do you feel that way as a technology practitioner? >> Absolutely. Even myself, I deal more with the infrastructure so far as our servers and so forth. I have time to do a whole bunch of things. We're redesigning, for instance, our websites. We're doing a lot of other things now that honestly we didn't have time to do. >> And I think that's a big factor in the flash. It's not just speed. >> Yeah, and Dave, it's something we've been talking about for years, some of the MIT guys. As automation and tools and platforms are actually going to free us up to do more. Stories like your developer wasn't developing and now they are. So, yeah, what are you seeing that's going to enable you to do even more? Is there anything you're asking for from the community that, either some announcements you've seen this week or other things you're looking for? >> Believe it or not, the announcement that I just heard today about the active active scenario, that's it. I have two data centers. >> The multi site replication? >> Absolutely. >> You used to work at EMC in the heyday and they referenced it today. SRDF was kind of the gold standard, expensive, complicated... >> Stu: In 1994 >> Dave: But it changed the business. What I heard, and maybe you alpha geeks can help me, but what I heard is that we're going to dramatically simplify that whole process. So, that's what you heard, but add some color to that. What does that mean for you? >> What that means for me is now my two sites will operate as one. And that I actually have a real active active configuration that I'm not afraid if something goes down that the other one's not going to be there. I don't have to go through the process of rebuilding on the other side because it's all automatic. There are a number of things that were said that if you understood what we have gone through in the past couple of years in working, trying to get together an active active environment, it was just like the creation of fire, as far as I'm concerned. >> It's something we've had in storage forever. The reason we over provision and get such low utilization is because if I have a failure or something goes wrong. If something's a little slow, I have trouble. If I go down, I'm out of a job. >> The traditional vendors weren't able to solve this problem for you. I mean they've been trying for a while, right? But you didn't see anything from those guys. >> If you attempted to do that using hardware base, using software base, it's more than just a notion. I have reasonable assurances, based on what I've seen with Pure that it is going to be as straightforward and as simple as they have described. >> That's great. Alright, Ray, give you the last word. Pure Accelerate, where you here last year? >> Ray: I was not here last year. >> So this is your first year? >> This is my first year, and it's great, it's wonderful. >> Are there things you are seeing that are interesting to you? >> Absolutely, everything, everything. >> Why do you come to these shows? >> Well, number one, I come to learn something new. I like to hear about the announcements number one. And I like to be able to have the opportunity to meet some of the people who actually building, designing, writing the source code for this stuff. It's amazing. >> I got to ask you a personal question. You shared with me you like to funkify, you're a bass player, do you play in a band? >> My band is getting back together for kind of a short reunion here. We have some roots that go back to hip-hop. And it'll be interesting to see Snoop tomorrow night. >> That's awesome, fantastic. Well, Ray, thank you so much for coming to The Cube. >> Appreciate it, appreciate it. >> Alright, keep right there and we'll be back with our next guest. Right after this short break, this is The Cube, we're live from Pure Accelerate 2017 in San Francisco. We'll be right back. (exciting music)

>> Announcer: Live from San Francisco, it's theCUBE. Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pier 70 in San Francisco everybody. I'm Dave Vellante with my co-host Stu Miniman and this is theCube. We go out to the events. We extract the signal from the noise. A lot going on here at Pure Accelerate 2017. Siva Sivakumar is here as the Senior Director of Data Center Solutions at Cisco, and Mayur Dewaikar is the Product Management Lead for Converge at Pure Storage. Gentlemen, welcome to theCUBE. >> Thank you. >> Glad to be here. We've heard a lot this morning about Converge, the Cisco partnership. We just had a couple customers on that are doing FlashStack. So Siva, let's start with you. Thoughts on Accelerate? >> This is probably the coolest event I've been in many years. >> Different venue, right? >> The ambience, the venue, and the fact that Warriors won last night, it's just joy, it's awesome today. >> Dave: Oh, you want to talk hoops for a little bit? You know, we can do that if you guys. We're Patriots fans so we know. We're not just winning fans. Two out of the last three, it's good. It's good to be a winner, isn't it. >> Yep, absolutely. >> Well, Mayur, give us your thoughts on Converge. You guys are talking about Converge a lot today in FlashStack. We just heard from some customers. Talk about the strategy. What are you guys trying to accomplish there. >> Yeah, so we launched the FlashStack program about three years ago and what we were starting to see in the industry was that there was a very clear preference from customers to buy full stack solutions. So we thought that was an opportunity for us to take our storage business and move it into an adjacent market, which was Converge. And we thought we had really addressed a lot of the storage pain points that people were seeing with the existing Converge solution so with our flash performance and the simplicity that Pure brings to the table, we thought we had an opportunity really to team up with Cisco and build a solution that can be sufficiently differentiated and something that people would really love to try out. >> Mayur, I wonder if you could help clarify something. A lot of times people hear converge and they think coming together. When I think about the solutions that both Cisco, UCS, and Pure, there's lots of software and it's really a distributed-type scalable architecture so how am I both converged and scalable? >> So what we're basically doing is we are trying to, we're bringing best of breed solutions together, right. So I think there's a lot of synergy between the way UCS is architectured and Pure is architectured. So we're both stateless architectures on the compute side and the storage side and what we're doing as part of the Pure Storage for or FlashStack Converge program is that we're really doing these things together with a unified management platform, which really brings everything together. So it really simplifies the deployment, it simplifies the day-to-day management of the entire stack, which is really what people are looking for. >> Yeah, so Siva, we've heard a lot today about Converge, we heard some comments about hyper-converge. What's the difference between converged and hyper-converged? >> I think if you look at the evolution in the industry, these are big ships or the big ways customers want to consume. The genesis of all the work around convergence, if you will, that started it all was the customer started to realize, "I have bigger problems to solve from an IT perspective. "I would rather not solve infrastructure "problems all by myself. "I want the vendors to solve this. "I want the vendors to give me an experience "that is far more turnkey so I invest my time "and resource on higher artifacts" that are more in a business critical from their perspective. That truly allowed us to look into convergence as a strategy and bring together certain use cases and value propositions that is very critical to IT. High availability, scalability, multi-side deployment, which are all critical for an IT to solve. We solve it first ourself as a joint architecture. We validate that and then we provide blueprints that both our customers can choose in and our partners can choose. We had a very big channel partner community. Lot of our partners leverage the work we do to deliver great value to our customers. While Convergence was heavily centered around heavy-based storages that the market was absorbing, the evolution of storage to include more in the software-defined work, created another set of categories that allows customers to say, you know what, my interest is much more on the simplification and start small and those types of models, it propped a new industry at a new paradigm in the industry. From our perspective, there's a huge value in convergence. It's a 7 billion dollar business and IDC thinks it continues to grow. And we absolutely believe we have a purpose built on a ground-up platform that was built for Flash, that's the Pure Storage architecture, is truly here and truly is a big part of our strategy-building dive. And of course, as more use cases are coming to the compute side, we are here to embrace technologies like hyper-convergence because that's obviously something that's great for a software vendor to embrace as well. >> So from your standpoint, I think of you guys as software heavy, software led, but you're not participating in the so-called hyper-converge. Is that because you don't want to own that part of the stack, you'd rather partner for it. What's your point of view there? >> Yeah, so I think from our standpoint, we believe that there is basically use cases both for hyper-converge and converge infrastructure, right. We believe that with the program we have at Cisco, we can basically provide a very good, a very compelling solution of FlashStack. And Cisco already has a solution in hyperflex that addresses the hyper-converge use case and we really see both of these co-existing in a lot of customer environments that are use cases where NCI absolutely shines and then there are use cases where we believe FlashStack is really the right solution. >> But it's interesting you haven't sort of chased that trend, you're more focused on your areas and you're doing very well with it. Is that fundamental to the strategy or is it just sort of you guys are focused elsewhere. >> Yeah, so I think for us, for Pure Storage, I think we are looking at the Converged market really as there is a lot of existing business there that can be had. Which is really tied to legacy storage platforms coming up for refresh as part of the Converged infrastructure deployments people already have. So that in itself is a fairly large opportunity for us and we believe that with the messaging we have, which is you can consolidate a lot of your workloads on FlashStack. I think the platform that FlashStack is providing is really very well-suited for the use cases that Pure Storage has traditionally played in. Which is really the enterprise workloads, in my opinion. >> Is it fair to say that Convergence 1 data, and of course Cisco was heavily involved in Convergence 1.0, you kind of arguably created it along with some partners, but is it fair to say it was just too complex for a lot of customers? And are you trying to take that to the next level? Can you add some color to that? >> Yeah, I can answer that. I think Convergence 1.0 was truly about idea operational simplification. Because they truly wanted to consume these best-of-breed technologies without having to deal with so much of technology consumption itself but as a system-level consumption. But apparently what happened in the industry is obviously the evolution of cloud. Cloud brought a completely different paradigm of how you consume an infrastructure in itself. I mean, email is an infrastructure now because you buy from a cloud winner, you get your VM in an email. So that's a very different way of consumption model which created additionally requirements for more simplification. The turnkey experiences and things like that led to another category. But if you look at FlashStack, what we are doing is we are bringing this simplification model into FlashStack as well. We recognize, while building the best-of-breed is a great idea, and great market for itself, simplification is never lost. People love that as well. So we're looking at bringing together as close to a single pane of glass as possible with such strong technology play to deliver some of the simplification in this model as well. So you're truly trying to bridge the gap and offering something that customers really want to see. >> Yeah, simplification's definitely a big piece of that wave of both converged and hyper-converged. When I think back, when we launched all of these solutions, it was, okay, that Day Zero, I should be able to speed that up and the Day One, the stuff afterwards, we should be able to make that easier. How are you measuring that these days? Any customers you can speak to as to how they dramatically shift that, kind of keeping the lights on versus really being able to focus on the business. >> Yeah, so I think if you really look at a Converged stack, there is three distinct pieces in it, right. So there's compute, storage, networking. And I think Cisco did a phenomenal job with the UCS and UCS manager platforms in helping really put a cookie cutter approach on deploying compute. So if you look at what was remaining, networking was always kind of the low-hanging fruit. Storage was very complex. So with Pure coming in to the picture, we have really simplified the overall deployment and management of storage. So we were talking from days down to a few hours to get storage going and get the entire FlashStack infrastructure going as a result. And then what we're doing is, we're using a lot of existing tools that exist in the ecosystem. So great example of that is UCS Director which is being used very prominently by customers to deploy their entire data centers. We are integrating with that and in addition to that, we're also integrating with a lot of hypervisor level tools like Recenter or hyper v-level tools. And the benefit is that customers are getting to use the tools that they're already used to with the simplicity of UCS and Pure to really simplify the overall deployment and also management of the entire stack. >> So really, the problem you're solving is one of IT labor intensity, right. IT labor is too much IT labor, it's too non-differentiated, it's too expensive. Is that fair? >> Well, yeah. So fundamentally what we are solving is providing you a platform. A platform and an experience that IT wants, IT desires, but that also is optimized so that it can easily provide a platform experience but then the workload and the diversification you see in the market and the one side is an article database. You don't touch for four years kind of a thing. On the other hand, you have a container which you use for two seconds. So you really have a complete range of use cases. Each demand something different from a platform. Our strategy and our goal is to provide a single cohesive platform that uniformly works across all of these use cases from an IT operations and management standpoint. You realize the challenge is quite complex but the solution is a huge value for our customers and that's really our journey in solving this problem. >> Can you share any, what should we expect to see from a kind of joint-engineering deployment going forward. We heard in the keynote this morning, said some really you know, the cloud native, AI, ML type deployments. We're talking less about virtualization, more about containers and microservices. Where should we look to Cisco and Pure in the future? >> So, I think there's an interesting demo on the floor. It really talks about something that's cutting edge. NVMe over Fabric, so the next big innovation from Pure is NVMe, all NVMe, right. That is, obviously, no performance goals there. It's absolutely a screaming box. We have a Cisco adaptor technology that can deliver high performance, low-latency iO transport on top of a fabric, on top of an Ethernet fabric to talk ENVme from the host. Just the power of how much you can do iO subsystem from a compute perspective onto the network and talking to the storage and the ability to bring a superclass performance on a storage perspective is absolutely a next generation cutting edge and vendors like this coming together truly solves the industry's next big problem. Who better to solve a fabric, network, bandwidth issue than Cisco? Partnering with best-of-breed from the storage. Then that's one, just sort of a technology and architectural play if you will. But on a use-case workload type of scenarios, we've done a lot of the traditional use cases quite a bit in the databases and the VDIs of the world. But we are now looking at the next generation of use cases. Containers, microservices. How do I make the docker environment integrate seamlessly with the FlashStack? Now, this is already different, this is a very different paradigm. How do I enable FlashStack to be very simple to consume kubernetes. Because these are use cases where the developer who is much more focused on clouds does not really think there is an infrastructure underneath. He doesn't even care about it. So we need to give him that experience so that it's a seamless way of deploying and managing these DevOps environments as well. So that's the next wave of work we are doing is to provide that agility factor coming out of the FlashStack. and if conditional architecture is being built for this, it obviously helps. >> And you see NVMe over Fabric as kind of one of those foundational aspects, right. >> That'll be another architectural cog in the same context of what we are trying to do. >> Are you, with FlashStack, able to preserve that same experience for customers? The Evergreen experience, the never have to migrate your day, I mean all that wonderful stuff. Does that translate into the partnership? >> We are. So, we are taking a lot of the same goodness we have with the storage platform and we're extending that into FlashStack. So we have, very similar to Pure, you can almost non-disruptively upgrade pretty much everything in the UCS stack and we have special programs now with Cisco to which we can provide people the option to also get new gear every couple of years. Very similar to the Evergreen Storage Program we have through Pure Storage. >> So is it fair to say, well, first of all, is that unique to Pure or is that something that Cisco sort of has innovated on? >> It's, from a storage perspective, Pure, I think truly created the easy button for storage which is nonexistent. It's one of the hardest problems to solve. >> But what about the other pieces? >> And Cisco obviously pioneered the fabric-based stateless compute, which is still a standard in the industry of how to do the easy button for compute is truly what we brought to the table that really revolutionized the industry. I absolutely think that's where the architecture individually are building technology that are great. When you combine that and jointly engineer the solution and provide the turnkey value for the customer then the absolute value is manifested in a very big way. And I think that's our journey. We are hear, obviously we are hearing a lot of great customers coming in but the more customers we hear, the more we learn. >> But you've substantially sort of recreated that experience to a great degree. >> Siva: Absolutely, absolutely. >> I think that's a huge differentiator for Pure. You don't hear a lot of other companies talking about it and when you talk to your customers, they always point to that. You know, the migrations are just such a painful, horrible experience. >> Yep. >> So, good stuff. Alright, we have to leave it there, gents. Thanks very much for coming on theCUBE. Really appreciate it. >> Mayur: Thank you. >> Pleasure, thank you. >> Alright, take care. Keep it right there, buddy. We'll be back with our next guest. This is theCUBE, we're live from Pure Accelerate 2017. Be right back.

>> Announcer: Live from San Fransisco It's theCUBE Covering PURE Accelerate 2017. Brought to you by PURESTORAGE. >> Welcome back to PURE Accelerate. This is theCUBE, the leader in live tech coverage. I'm Dave Vellante with my co-host Stu Miniman. This is PURE Accelerate. We're here at Pier 70. Brian McDaniel is here he's an infrastructure architect at the Baylor College of Medicine, not to be confused with Baylor University in Waco Texas, anymore. Brian Welcome to theCUBE. >> Thanks for having me appreciate it. >> You're very welcome. Tell us about the Baylor College of Medicine. >> So, Baylor College of Medicine is a, first and foremost, a teaching facility but also the leader in research and development for healthcare in the Texas Medical Center in Houston Texas. We currently employ roughly 1,500 physicians and so they occupy a multitude of institutions, not only at Baylor but other facilities and hospitals in and around the Texas Medical Center. >> So, it's kind of' healthcare morning here Stu. We've been talking about electronic medical records, meaningful use, the Affordable Care Act, potential changes there, HIPAA, saving lives. These are big issues. >> We're not at the HIMSS Conference Dave? >> We should be at HIMMS. So these are big issues for any organization in healthcare. It's just exacerbates the challenges on IT. So, I wonder if you can talk about some of the drivers in your business, compliance, and in new tech and maybe share with us some of the things that you're seeing. >> Absolutely so first and foremost, we are an Epic system shop. That's our EMR. So, from a enterprise and clinical operation, that is our number one mission critical application. It provides your electronic medical records to our staff, regardless of where they're physically located at. So that alone is a demanding type of solution if you will, the mobility aspect of it. Delivering that in a fast manner and a repeatable manner is upmost important to our physicians because they're actually seeing patients and getting to your records and being able to add notes and collaborate with other institutions if necessary. So, time to market is very important and accessibility is also up there. >> Right so, you mentioned that collaboration and part of that collaboration is so much data now, being able to harness that data and share it. Data explodes everywhere but in healthcare, there's so much data to the extent we start instrumenting things. What are you guys doing with all that data? >> Right now, it lives within the clinical application, right in Epic, but as you pointed out that is where the value is. that is where your crown jewels so to speak are at. That data is now being looked at as a possible access point outside of the clinical operation. So, it's environment is going to be even more important going forward, when you look to branch out into some of the basic sides in more of a research, to gain access to that clinical data. That historically has been problematic for the research to be done accessing that information. >> So, in the corporate we like to think of, from an IT perspective, you got to run the business, you got to grow the business, you got to transform the business. It's a little different in healthcare. You kind of got to comply. A lot of your time is spent on compliance and regulation changes and keeping up with that. And then there's got to be a fair amount that's at least attempting to do transformation and in kind of keeping up with the innovations. Maybe you could talk about that a little bit. >> Absolutely, particularly on the innovation side, we work closely with out partners at Epic and we work to decide roadmaps and how that fits into the Baylor world. Case in point, a year ago we were set to go to the new version of Epic, which was 2015. And Epic is nice enough to lay out requirements for you and say, here's what your system needs to meet in order to comply with Epic standards. So, they give you a seal of approval, so to speak. And there's monetary implications for not meeting those requirements. So it's actually dollars and cents. It's not just , we want you to meet this. If you do then there's advantages to meeting it. So, they provided that to us and went though the normal testing phases and evaluations of our current platform, both from compute and storage. And honestly we struggled to meet their requirements with our legacy systems. So the team was challenged to say well, what can we do to meet this? We have our historical infrastructures, so if we're going to deviate from that, let's really deviate and look at what's available to the market. So, Flash comes to mind immediately. So, there's a multitude of vendors that make Flash storage products. So we started meeting with all of 'em, doing our fact finding and our data gathering, meeting with all of 'em. First and foremost, they have to be Epic certified. That eliminated a couple of contenders right off the bat. Right? You're not certified. >> I would expect some of the startups especially. >> It did. Some of the smaller, Flash vendors, for example, one of 'em came in and we said, well, what do you do with Epic? And they said what's Epic. And you kind of scratch your head and say thank you. >> Thank you for playing. >> Here's the door. So, it eliminates people but then when we meet with PURE, and we talked to them and we meet 'em and you get to really know that the family and the culture that they bring with the technology. Yes it's got to be fast but Flash is going to be fast. What else can you do? And that's where you start learning about how it was born on Flash, how it was native to Flash and so you get added benefits to the infrastructure by looking at that type of technology, which ultimately led us there, where we're at running Epic on our Flash arrays. >> And Brian, you're using the Flash stack configuration of converge infrastructure. It sounds like it was PURE that lead you that way as opposed to Cisco? Could you maybe walk us through that? >> That's very interesting, so we're a UCS shop. We were before PURE. So when PURE came in, the fact that they had a validated design with the Flash stack infrastructure, made it all that more easier to implement the PURE solution because it just is modular enough to fit in with our current infrastructure. That made it very appealing that we didn't have to change or alter much. We just looked at the validated design that says, here's your reference architecture, how it applies to the Flash stack. You already have UCS. We love it, we're a big fan. And here's how to implement it. And it made the time to market, to get production work loads on it, very quick. >> And the CVD that you got from Cisco, that's Cisco plus PURE but was it healthcare Epic specific or was that the PURE had some knowledge for that that they pulled in? >> So, that was one of the value adds that we feel PURE brought was the Epic experience. And whether that's scripting, the backups, and if you're familiar with Epic, the environmental refreshes that they have to do. There's seven Epic environments. And they all have to refresh off of each other and play off of each other so, >> So you have a window that you have to hit right. >> And you do right? And historically that window's been quite large. And now, not so much which makes everybody happy. >> Hey, that's what weekends are for. >> Absolutely, yeah, our DBAs attest to that right? So, we would like to think we've made their world and life a little bit more enjoyable 'cause those weekends now, they're not having to babysit the Epic refreshes. Back to the point of Epic experience, that was instrumental in the decision makings from a support with the PURESTORAGE help desk, awareness of what it takes to run Epic on PURE, and then going forward knowing that there's a partnership behind Epic and PURE and certainly Baylor College of Medicine as we continue to look at the next versions of Epic, whether that's 2018 and on to 2020, whatever that decision is, we know that we have a solid foundation now to grow. >> And Brian I'm curious, you've been a Cisco shop for a while, Cisco has lots of partnerships as well as, they've got a hyper-converged offering that they sell themselves. What was your experience working with Cisco and do they just let you choose and you said, I want PURE and they're like, great? Do you know? What was that like? >> To your point, there's validated designs for many customers and Cisco is kind of at the hub of that, that core with the compute and memory of the blade systems, the UCS. They liked the fact that we went with PURE 'cause it does me a validated design. And they have others with other vendors. The challenge there is how do they really integrate with each other from tools to possibly automation down the road, and how do they truly integrate with each other. 'Cause we did bring in some of the other validated design architecture organizations and I think we did our due diligence and looked at 'em to see how they differentiate between each other. And ultimately, we wanted something that was new and different approach to storage. It wasn't just layering your legacy OS on a bunch of Flash drives and call it good. Something that was natively born to take advantage of that technology. And that's what ultimately led us to PURE. >> Well, PURE has a point of view on the so called hyper-converged space. You heard Scott Dietzen talking this morning. What's your perspective on hyper-convergence? >> Hyper-converge is one of those buzz words that I think gets thrown out of there kind of off the cuff if you will. But people hear it and get excited about it. But what type of workloads are you looking to take advantage of it? Is it truly hyper-converged or is it just something that you can say you're doing because it sounds cool? I think to some degree, people are led astray on the buzzwords of the technology where they get down to say, what's going to take advantage of it? What kind of application are you putting on it? If your application, in our case, can be written by a grad student 20 years ago that a lab is still using, it does it make sense to put it on hyper-converged? No, because it can't take advantage of the architecture or the design. So, in a lot of ways, we're waiting and seeing. And the reason we didn't go to a hyper-converged platform is a, Epic support and b, we were already changing enough to stay comfortable with the environment and knowing that come Monday morning, doctors will be seeing patients and we're already changing enough, that was another layer that we chose not to change. We went with a standard UCS configuration that everyone was already happy with. That made a significant difference from an operational perspective. >> Essentially, your processes are tightly tied to Epic and the workflow associated with that. So from an infrastructure perspective, it sounds like you just don't want it to be in the way. >> We don't. The last thing we want in infrastructure getting in the way. And quite frankly, it was in the way. Whether that was meeting latency requirements or IOPS requirements from the Cache database or the Clarity database within the Epic system, or if was just all of are just taking a little bit longer than they expect. We don't want to be that bottleneck, if you will, we want them to be able to see patients faster, run reports faster, gain access to that valuable data in a much faster way to enable them to go about their business and not have to worry about infrastructure. >> Brian, PURE said that they had, I believe it's like 25 new announcements made this morning, a lot of software features. Curious, is there anything that jumped out at you, that you've been waiting for and anything still on your to do list that you're hoping for PURE or PURE and it's extended ecosystem to deliver for you? >> Great question, so at the top of that list is the replication of the arrays, whether that's in an offsite data center or a colo and how that applies to an Epic environment that has to go through this flux of refreshes, and from a disaster or business continuity standpoint, we're actively pursuing that, and how that's going to fit with Baylor. So, we're very excited to see what our current investment, free of charge by the way, once you do the upgrade to 5.0, is to take advantage of those features, with replication being one of 'em. >> And then, I thought I heard today, Third Sight is a service. Right? So you don't have to install your own infrastructure. So, I'm not sure exactly what that's all about. I got to peel the onion on that one. >> To be determined right? When we look at things like that, particularly with Epic, we have to be careful because that is the HIPAA, PHI, that's your records, yours and mine, medical records right? You just don't want that, if I told you it's going to be hosted in a public cloud. Wait a minute. Where? No it's not. We don't want to be on the 10 o'clock news right? However, there's things like SAP HANA and other enterprise applications that we certainly could look at leveraging that technology. >> Excellent, we listen, thank you very much Brian for coming on theCUBE. We appreciate your perspectives and sort of educating us a little bit on your business and your industry anyway. And have a great rest of the show. >> Yeah, thank you very much. Appreciate it. >> You're welcome. Alright keep it right there everybody. This is theCUBE. We're back live right after this short break from PURE Accelerate 2017. Be right back.

>> Voiceover: Live, from San Francisco. It's theCUBE. Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to San Francisco, everybody. We're at Pier 70, one of the oldest piers in San Francisco which is not long for this place. It's going to be torn down after Pure Accelerate. I'm Dave Vellante and this is Stu Miniman, my co-host. This is theCUBE, the leader in live tech coverage. Kent Petzold this year is the enterprise storage manager at Intermountain Healthcare and Vic Nagjee is back. He's the CTO of Healthcare for Pure Storage. Gents, welcome to theCUBE. Good to have you. >> Kent: Thanks for having us. >> Dave: You're welcome. So Kent, let's start with you because we talked with Vic a little bit already but tell us a little bit about Intermountain and your role. >> So, Intermountain is the biggest healthcare provider in Utah. We've got 22 hospitals, 185 clinics. My role there is, I manage the storage team. We've got eight petabytes of usable storage that we manage. Do lots and lots of backups. You know, all things data protection is under my purview as well. >> Now, have you always been a healthcare you know, practitioner, or is this relatively new for you? >> I've been at Intermountain for 24 years. >> Okay, so that's enough... To qualify you as knowing a little bit about healthcare, and so, my question is, relative to sort of other industries what's unique about healthcare? I mean, obviously it's highly regulated. You've got serious privacy, but you're dealing with, you know, many businesses are dealing with dollars and cents. You deal with a lot of budget, but you also deal with lives. Talk about some of the differences of healthcare and the particular stresses that puts on I.T. >> One of the big things is just doing updates of your technology. Because we deal with people's lives we have to be careful about when we do updates. You know, we've got to be cognizant of you know, "Is the emergency room full?" things like that, so it puts an extra challenge on us for when we need to take systems down to do updates. >> So that means, yeah because updates means downtime. >> Yeah, in the past, yes. >> That's not the case with Pure? Tell us about that, Vic. >> Kent: (laughing) >> Okay, so. Maybe, actually tell us about that a little bit. So, if you guys make a big deal out of it, last segment I turned it into dollars and cents because, on average, a migration, a RAID migration is a minimum of $50,000, minimum. In healthcare, it could be lives. >> Yeah, I mean in healthcare it's definitely lives but it's also a little bit more expensive because this is specialty data. So, the minimum you're looking at is about $1,000 per gigabyte. >> Dave: Per gigabyte? >> Per gigabyte transitioned over. Depending on the kind of application you're dealing with. In this particular case, you know it's more than just the expenses like you mentioned. It's interruption of care, interruption of service, which is not acceptable. So, the technology that we have and the architecture that we have allows us to go in to healthcare organizations such as Intermountain and say "You know what? You can have an environment that's "going to get better with time, because we're going to be able "to come in and not only upgrade your software, "we're also going to be able to come in "and upgrade your hardware and keep you on the tock cycle "every three years, update your controllers, "and so on and so forth with zero downtime." And what we're seeing is this big shift in the healthcare industry where, you know, Kent can relate to this. Typically we have these updates all teed up and lined up for three o'clock in the morning on some obscure weekend day, right, where if something goes sideways the number of experts you can reach are very very low and now we're seeing a switch with this kind of technology to actually have people say "You know what, two o'clock in the afternoon on Tuesday? "I'm there. I'm doing it." >> Okay, so Kent. Take us through sort of your journey here. Sort of give us the before and after of Pure, what problem you're trying to solve, and how you solve that problem. >> So, we started down that with our insurance arm Select Health. We were getting calls pretty much every week. Sometimes two and three times a week for slow issues, and, you know, we're looking through logs. We're doing our monitoring and stuff and it was continuing and my architect was spending hours and hours every week >> Dave: Fun. >> trying to research this. So, we started looking at flash vendors. Pure was one of the only ones that came in, gave us the documentation we wanted, was able to answer the questions we had about our environment. It was a sybase database. AIX with some kind of weird settings, and we started testing it. We liked what we saw. We moved along, finally put it into production. They haven't called us about slows since we put it into production over there years ago. >> This is three years ago? >> Kent: Yeah. >> So it was really a performance issue you were having with your traditional apps, and you said you dropped in Pure Flash array and the problems just disappeared. >> Yeah, we haven't had any calls about slows since then. >> Dave: And if you had to sort of increase your capacity of the Pure system. >> We'd increase the capacity. In fact, because our three years was up we just did a head swap on them and added a little more capacity, and that went flawless. No outage for the business, and they were very happy about that. >> So as long-time storage practitioner... what's the difference in terms of... What difference does it make to you when you bring in a system like this? >> Some of the older systems to like do the head swap and get the new controller is weeks and weeks of planning and making sure you understand what's on their, what needs to move, what can take down times, what can't. I mean, there's a lot of planning that goes into that when you know there's going to be a disruption. So, with systems like Pure, we don't have to do as much planning. We still do a little bit so that we know what we're getting ourselves into and what's going to be at risk, but it's a lot less. There's no... >> So, Kent, how are you tracked by the business? What are kind of, do you have any measurements or KPI's that they look to you. We talked about uptime before, but, you know, how're you tracked, and how's that changed in say the last few years? >> It's changed quite a bit, cause we're not having to track, especially in our tier one apps that are on Pure we're not having to track the performance as much. So we're able to re-look at what our KPI's are, and come up with ones that are meaningful for us. And really, with the simplicity of it, it kind of helps us to become more of a trusted advisor to our business and be able to help them solve their problems instead of continually pulling knobs and fighting fires. >> Vik, I'm curious. How do you help the storage administrator today? I remember, Pure used to have streaming on its website. Certain data points from customers. What are you seeing today? What's helping them shift what they're working on, get more done with what they're doing? >> Kent: Yeah, absolutely. And just to come back to that and echo the point here Kent just made, essentially we're seeing the successful organizations in healthcare and possibly other verticals too, but I live and breath healthcare, right. So, healthcare. I.T. organizations that are able to make the transition to a trusted advisor, to a partner to the business are really making those leaps ahead. In terms of better patient care outcomes and also cost mitigation. Now, in terms of what we offer, right. So, it's the simplicity that's at the heart of everything. Once you set it up and you basically it's like Ron Popeil used to say. "You set it and forget it." Right? You have that experience. And then, it's not so much about having practitioners say "There's black magic going on "and we're going to just trust it." We have to build a transparency in there, and we have to demonstrate that at a glance, single pane there's answers to all of the questions and more that they might have. The telemetry that we're getting off of these systems allows us to do things with machine learning and AI and a lot of business intelligence the backend to be able to say "Hey, over eighty-some percent of all "of our problem tickets that are ever opened "are opened by Pure on behalf of our customers." And say "Hey, you have something that's demonstrating "a characteristic that is similar to what we've seen "across the world, somewhere else, "and you might run into a problem, "so let's just go resolve it." >> So, Kent, one of the things we've been poking at and they talked about in the key note this morning is how do you get more value out of your data? We talked about in an earlier segment with Vik. How do you look at your data? How are you sharing with other organizations or leveraging data internally better? >> Kent: Umm... >> Or are you? >> We've got quite a bit of data, and we're starting to go down the genomics road, and with that data we've got some good opportunities to be able to make some good advancements in healthcare and how different diseases are treated. So, we're kind of excited about that, and that's one of the areas my team's been really helping out, and being a trusted advisor to our genomics group. To get them set up with the things they need. >> You guys are talking on stage today about how backup and data protection is changing. It used to be kind of disk to disk to disk, and then sort of flash to disk to tape. Well, tape is still somewhere in there. You know, whatever, maybe it's the fourth level. You guys are talking flash to flash to cloud. We were talking off camera, Kent. You said "We're kind of looking at where to put "the right cloud workloads." Is backup one of those? >> Backup is possibly one of those. We talked a lot about how we off-site. Right now we still use a lot of tape. One of our key things that we think about when we're thinking about cloud and like off-siting stuff so we want to make sure we put it somewhere that, if we have a disaster, we can spin it up in that place. We're not trying to bring it back and bring it somewhere that is impossible during a disaster. So, we want to put it somewhere, and we want to be able to use it there and not just have it sit there and say "Yeah, we've got data protection. "It's right there, but we can't use it." >> Dave: Yeah, yeah. Can't recover. But, I mean, tape is still pretty prevalent in healthcare, right? It's a compliance issue,right? >> Vik: Very much so. >> I mean, your auditors aren't going to let you just throw away tape, right? >> Vik: Yes and no. I think it's just more of the "It's worked for so many years." Now, the problem that we run into is with the things, and we touched a little bit on this in the last segment. We talked about security, right? And sort of, in terms of insurance and protection against any of these threats that are malware et cetera, that are coming up, is getting more and more important for folks like Kent to prove to the business that "Hey, we're not only backing this data up "but we're restoring it. "We can restore it, and it's good." And we know how long this takes. So, all your iTell stuff comes into play. You have your SLO's. It's all back on. Try doing that with tape. Try doing that with tape that's been archived off-site. >> Dave: No, you can't. (laughing) >> And so this is why healthcare's actually moving in the direction of saying "You know what, let's just forget about that. "Let's just try to find different, better, faster "cheaper media if we can actually apply all of "the principals from today to do that." >> So you might still have tape, but you just never use it. Or you pray you never use it, just to have it there just in case. It's like that fire extinguisher in your barn that you don't know if it works or not but you have it there. >> Vik: It's there. It's good. It looks good, right? (laughing) >> Okay, and so, if you think about the experience that you've had with Pure. I told you I was going to put you on the spot, so are there things that you would do differently if you had to do it over again? Advice for your peers? Things that are on Pure's to-do list that you'd like them to do that'd make your life easier? >> I mean, yeah there's things that are on their to-do list. I mean, and I think they're announcing some of those today so that's probably pretty good. We want to do more with replication. Obviously, as a data protection, you need that. We'd like the price point of the M's to go down a little bit because there's kind of this misnomer about tier one storage and "Do I put my dev on tier one." Well, there's huge opportunities with cloning and things like that, and some of the partners that Pure has that we can actually bring up dev environments and not use as much storage as what we're using today. >> So that's a data sharing capability that you can give access to current data to your devs and not have to spin up multiple copies and separate infrastructure. And the use case that we talked about before was an enterprise data warehouse, right that you were trying to speed up. How about this, you heard from Scott Dietzen this morning the big push on analytics. Is that something, certainly your industry is pushing it. Is your organization there yet? Have you dipped your toe into the big data lake yet? >> Yeah. We've been doing analytics for a long time in one way or another. It's just, we're just getting more and more pressured to have the data available so they can continue to do that. >> Dave: Are you throwing Pure at that problem or is that... >> We hope to. Over time. We keep adding to our environment. >> Alright, Vik, we'll give you the last word. >> Pure and healthcare. What's the bumper sticker? >> Yeah, before you give me the last word I mean I think Kent's underselling what Intermountain's been doing in terms of analytics >> Yeah, add some color to it. >> over time, right? So, basically, they have been one of the pioneers in terms of really understanding drawing value from data. >> Really? >> Yes. It's been over time. It's been very much so of "I have this old data. I want to go run analytics on it. "Then I want to do some BI on it." And now we're getting to the real-time near real-time insight on data that really matters. And for that, we're hopeful that we're going to have an opportunity to actually participate and help build out those sorts of frameworks. And Intermountain's one of the organizations that's lead the way. A lot of the other organizations sort of following in the same footsteps. And, you know, right at the end, all I have to say is all of the benefits that we've talked about and we've talked about... We talked about across verticals and just horizontally in general that the Evergreen model brings to bare from Pure. I think they're really heightened, in terms of healthcare. So we talked about uptime. We talked about six ninths of uptime across our arrays And we're counting planned maintenance as part of your runtime. We're not saying exclude those, right? Very important. No data migrations. Super important. >> Dave: Downtime is downtime. >> Downtime is downtime. Exactly, thank you. Data migrations are super risky. Not only are they expensive, but they're risky. If you talk to any CMIO or CNIO and you say "Hey, how do you feel about your data being "picked up from here, put over there." See their reaction. >> Dave: It hurts. >> And they're expensive. And then the simplicity aspect of it. The simplicity is sort of at the function of the heart of everything. Its power is through simplicity, really is what it is. Giving him and his team and his organization time back to be able to go back and say to the business "How can we make your life better? "How can we make patient care better, "and how can we improve on resources?" >> Okay, good. Actually, Kent, we're going to give you the last word. Pure Accelerate 2017. Good event. What are you learning? Anything exciting? >> Kent: It's been a great event so far. Love the announcements. I just love being in this type of environment, because there's such a vibe here of wanting to help people do things and it's really great to be in a place like this. >> Dave: Yeah, it's fun too. We've got Snoop and... Snoop with the multi-cloud. That's an inside joke everyone. >> Vik: Multi-cloud. Are you sticking around? Are you sticking around for that tomorrow? >> Yeah, I'll be around. (laughing) Alright, good , we'll leave it there. Thanks you guys. We really appreciate you coming on. Okay, keep right there. This is theCube. We're live from Pure Accelerate 2017 in San Francisco. We'll be right back. (techno music)

>> Announcer: Live from San Francisco, It's The Cube. Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pier 70 in San Francisco, everybody. This is The Cube, the leader in live tech coverage. I'm Dave Vellante with Stu Miniman. Scott Dietzen is here, the CEO of Pure Storage, hot off the keynote. Scott, great to see you. >> Great to be back on The Cube. >> So I love the nickname. I grew up in a town where everybody had a nickname. We got Dietz, we got Hat, we got Danzig, we got Kicks, I dunno. You can call me V. He's, I guess, just S-tu. >> V works. >> I mean, that's it, you know. So, again, great show here, I love the venue. How'd you guys pick this place? >> So I can't say I was involved in the choice and this place has a really illustrious history. I mean, it goes back to the 1800's. And actually they manufactured steel here during World War II. I think they were turning out two battleships a week. But another piece of history that maybe isn't as nice is this is the last time this venue's going to be used. So it is scheduled to be brought down to make way for new condos I guess. So we really wanted to celebrate the venue and its history. It's just a great industrial feel to it. >> And they're tearing down a bunch, the new Warriors facility is going to be in Dogpatch, right? >> Yes, and so, yeah, we can't feel too bad about it because we are indeed celebrating the Warriors success. >> You needed a bigger house for all those trophies. (Scott laughs) >> I think they're poised to have a really good run. But I think Cleveland's going to be there contending with them for the next several years to come and it's really exciting. >> Well, hopefully my Celtics will get there in the next four or five years with some draft picks. So, I want to talk about sort of the ascendancy of Pure. When we first met you, you had a pretty simple message. It was like, look, we think we can deliver way better performance for lower cost. I mean, boom. It wasn't the same cost. I remember you were very forced. I said, "About the same, right?" You said, "No, no, lower. "We have the best data reduction technology "in the business." I remember talking to you at Oracle OpenWorld about that. >> Yep. >> And that's fundamentally what happened. And you attacked the legacy and stall base. And you won that game. But you're not resting on that, you've got to take it now to a next level. Talk about that next level. Well, talk about where you came from and then the next level of data and beyond just sort of public cloud. >> You guys have talked about this too, right. If you look at the curb of Moore's law. I mean, mechanical disk doesn't follow Moore's law. And so the cost reduction curbs, we did the math and we said, look, we're going to be able to drive down the cost of storage. We're going to be able to drive up the density and power cooling space. Simplicititly you can dramatically reduce the cost of storage. But Flash is going to help us, right? You know, we've gotten to the point where Flash is, you know, even with a tighter component market, it's cheaper to buy raw than fast disks. And way cheaper to deploy. World Bank talked about saving millions of dollars by deploying Pure Storage and getting a 5x performance boost at the same time. So if we can help customers pay for their storage both in terms of cost savings as well as new business value, that's a great outcome. >> Wikibon's been on the right side of that prediction since early on. >> That's very true, I've used your data. >> We're very aggressive about that. But the thing that excited us most was the second thing you said. Which was the business impact, the business value. So I want to come back a little bit and get a history. It used to be I would buy EMC for block and NetApp for file. You're sort of attacking that premise. Talk about that. >> Well, so we started in the performance end of the storage market, which is dominated by block. Because we knew that one was going to be the first to shift to all Flash. And we've already seen that play out. I mean, even the legacy vendors and their install base are inclined to use Flash. Cause it's actually cheaper than 15k disk to put in. That tech is about to hit a wall because as SSD's get bigger. You know, we've grown SSD's almost 400 fold since Pure got started. But we haven't changed the pipe, right? So if you make a vessel 400 times larger but you have the same pipe going in and out of it you're losing a lot of access to data. This is this new sea change to new protocols where we're shedding all of the disk. And I think the second big change is we're bringing the same wave to big data. Right, so we've been playing in the block market now we're playing in the file and object market. Because big data workloads, especially those that require deep learning, you just need massively parallel storage. And you're never going to be able to get that with, you know, 20-plus year old storage designs. >> So, Scott, when you talk to your customers, especially when you're talking to C-suite, how does storage fit into that discussion? I loved in the keynote, there's a lot of discussion of, you know, next generation applications. Everything from the, you know, buzzwords of the AI and ML type pieces out there. But, you know, what are the big challenges that your customer's facing? And how much is it a storage discussion? How much is it kind of a digital transformation? >> Yeah, I think we see all of it. We'll talk to customers that find that they can't innovate quickly, right? And they want to get so much more value from their data. One of the studies we cited in the keynote today was 80% of companies think they can make 20% more on the top line if they can just get insights out of their current data. I mean, that's a staggering statistic. 20% top line for every company if they could just get more out of their data. We want to make that possible. Their constrained with very expensive legacy technologies. That they simply can't give them the access to the data. They don't have the performance to mind those insights. And the infrastructure is so cumbersome, they just can't evolve and move their business forward. And so providing that recipe, you know, giving customers the ability to get dramatically more value out of their data and do it for lower cost is working. >> Yeah, and it's been interesting to watch kind of the data center to the cloud, and now cloud to the edge. And you've got solutions that are spanning across them. How do you see that maturing in really the vision to expand where Pure fits in the discussion. >> So, you know, from early on we targeted the cloud market. Because we knew that this is where the future lies, right? Even traditional enterprises still want all the benefits of the cloud inside of their own icy environments. >> And when you say cloud, you're meaning SaaS providers, service providers, as well as, you know? >> Yeah. We talk about the model that the big three are using. But, you know, this is very popular in many other clouds. The world is not moving to three data centers. Companies like Apple and Facebook are very committed to their own data center investment. And we seek to be a supplier to that consumer internet. The softwares of service and infrastructures service of providers. Because that's where the data center's going. But, you know, what we've seen recently with the proliferation of internet of things in sensor data is customers are just growing these huge data footprints that are just too big to move across public networks. So we talked about, in the keynote, in three years only one, out of every 20 bites that's generated, can fit on the internet that year. >> 2.5 out of 50, I think was the number. >> 2.5 out of 50 zettabytes. 50 zettabytes will be produced that year but only 2.5 is going to be transferred across the internet for the entire year. So we've got to get better as an industry at helping customers capture that data where it's generated, right? We call that edge. Sometimes it'll be on the devices, or it'll be in data centers that are close to the edge. And they've got to mine insights from it right there. >> Dave: Absolutely. >> One of the exciting demos we're showing here is actually AI co-processing with the public cloud. So we've got an edge data center that we're running deep learning in. But then we're selecting particular data sets through the deep learning to transfer it up to the public cloud for more machine learning. >> Those key nuggets, the needles maybe you transfer. Cause otherwise it's too expensive to transfer all the data. >> You can't transfer all of it. So if it's a self-driving car, you know, if I'm just routinely driving along, no big deal, you keep the data. But if I slam on the breaks because a dog's in the crosswalk that's the thing you want to do the training on. >> That can't be an asynchronous operation, right? So, okay, you're already getting the hook, I can't believe it, he just got here. (Scott laughs) Cube is a comfortable place but we got to throw some hard questions at you. So >> Please. >> Stu asked me the other day, or, actually, today, "Who's going to reach a billion dollars first?" And you don't have to predict, you can leave that to us. "Nutanix or Pure?" Okay, so talk about HCI. You made some comments up on stage about hyper-converged. Said that, you know, it's good for its own specific use cases. What's your point of view on that? >> So first of all, Nutanix has built a great business. >> Dave: Awesome, yeah, sure. >> We're absolutely fans. I will say, in the markets, those two new markets that we're playing in, in the cloud market and in the next gen applications and deep learning, we don't see hyper-converged infrastructure. We do see hyper-converged in business and enterprises. But it's usually the smaller scale deployments. The reason is, at scale, you don't want to collocate applications, data, and storage all in a single tier. It limits the ability to easily scale independently. You know, if you need more capacity you need more application compute versus data compute. You want to be able to flex those independently. Which is why all the big clouds and enterprise data centers run converged rather than hyper-converged. But the change that's coming is fast networks are changing this even more. So what I believes going to turn hyper-converged inside out is it's now more efficient to access remote storage than it is the same storage on your local chassis. And that's because we're offloading compute to the server net cards on there. So these new protocols NVMe over fabrics are actually making the network finally really the computer. There's no longer a chassis that's even meaningful. >> Big fan of that infrastructure and NVMe over fabric. Okay, next tough question is the narrative, from the big guy, EMC in particular, Pure is small, they're losing money. And your return narrative is tell EMC they're large, they're slow, they're outdated and confused. Okay, we love that, you know, it gets a little juices flowing. But here's my question. A lot of customers are large and slow and outdated and confused. So how do you get that fat middle to move faster and become a tailwind for you guys? >> So I think it's happening. I mean, customers just want technology to be made easily. I mean, one of the disrupters that's really helped is the AWS user experience, right? AWS has reset the bar for IT everywhere because people are like, why am I paying for consultants to visit my data center and take care of this mainframe or client server error technology that used to be so expensive. You know, consultants coming along with it. And permanently staying with it was okay. That's not okay, right? The world needs to move to self-driving infrastructure and they need radically better performance if they're going to use these new techniques. And so I think the key motivation is customers need to get more value from their data and they need to drive down costs. And we're in the sweet spot of being able to provide it. And these 20-plus year old designs can't. There's no way. >> So it's inevitable is really what I'm taking away from that. And you've got a lead that you can sustain in your view. >> You know, it's been very interesting to watch our competitors talk about the new FlashArray//X. With all NVMe and the new FlashBlade. They've said these are science projects that won't be real for three years. And, yet, we've won one of the biggest AI platforms in the world. You know, 25% or more of our business is coming from cloud customers. So, you know, from where we sit, things are going exactly as we'd hoped. >> Love it, we're talking about the edge, you're pushing the envelope at the edge. Alright, Scott, we'll give you the last word. I know you're super busy, but give us the wrap up. The bumper sticker on Accelerate 2017. >> Oh, it's such a phenomenal group coming together to talk about innovation. We've already shipped the hardware form factors this year, with our new FlashArray and the new FlashBlade. But the thing that I'm so excited about is we've got more than two years of software innovation teed up that we've been very quite about. So when you can bring two years of innovation and pack it into six months like we have this year, it makes things really exciting. >> Well congratulations on getting to this point. We're really excited about the future. Scott Dietz Dietzen, thanks for coming on The Cube. Great to see you again. >> Thank you, always good to be on the cube. >> Alright, keep it right there, buddy. We'll be back with our next guest. This is Pure Accelerate, live from San Fancisco. We'll be right back. (soft electronic music)

(music) >> Announcer: Live, from San Francisco, it's The Cube. Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome back to Pure Accelerate 2017. We're here at Pure70 in San Francisco. I'm Dave Vallente with my co-host Stu Miniman. We're switching things up a little bit. Scott Dietzen is still on stage wrapping up the Keynotes. We're about a half hour late. Buses were running late today, so we're going to adjust a little bit. Vik Nagjee is here. He's the CTO of healthcare for Pure Storage and he's with Sathya Sankaran, who is with Catalogic. Gents, welcome to The Cube. >> Thank you. >> Dave: Good to see you. >> Thank you for having us. >> So Vik, let's start with you. Healthcare, your title, interesting. I don't think I've, well, very rarely do you see a storage company, especially one that's slightly under a billion dollars, with healthcare in somebody's title. What's that all about? You guys obviously, strategy and healthcare and lifesciences, data driven industry, you guys are all about the data these days, but how'd you come to this and tell us about what's going on in the healthcare world. >> Absolutely, you're absolutely correct. Coming from healthcare IT over several years it's been slow comings in terms of infrastrucure companies in and of themselves saying, "Hey, let's get really serious about healthcare as a vertical," and bringing in people who are subject matter experts and have done healthcare for a very long period of time. I think the realization was an inflection point in terms of saying, "We've actually as an industry spent so much money on digitizing healthcare that we've actually gotten to a point where we need to start seeing some returns on that." The way to accomplish that is by putting data to work, right? So there's this wonderful hashtag on Twitter, if you go check it out, hashtag put data to work. And I love it. Basically, it's about saying, "We have all this data. It's growing." As soon as you try to fit a curve to it, the curve changes because it's kind of growing unbounded. The beauty is we want it to, because in that data lies better patient care and outcomes and in that data, once you actually understand and start to harness it, lies better financial success for the organization. That's what we're about here at Pure. >> Okay, and from Catalogic's perspective, Sathya, what's your angle here? What's the partnership all about? What do you guys bring to the table? >> Talking about data, snapshots are like gym memberships, right? You put data to work. Snapshots are like, everybody has access to one but very few actually use that, right? So we want to put the data to work. We want to put your copies to work and snapshots are the best way to take a copy of your production dataset and spin it up for PC environments, training environments, release, testing, development. All of these work can actually be done outside through snapshots of datasets that are sitting on Pure Storage. >> But, just to be clear, you guys are the catalog for the snapshots. It's your snapshots actually, right? >> Absolutely, and that's one key differentiator here in terms of the partnership that we have. It's all within the same data plane. All of he data is absolutely captured, stored, snapshoted and managed through Pure, right? Catalogic provides to us a very, very great catalog integration to say, "Okay, how do I actually deal with this data and what do I do with it?" And plus some more that we'll talk about here in a second. >> Okay, let's come back to the healthcare, if we can for a second Stu. >> Stu: Yeah. >> Because the healthcare, it's all about electronic medical records, meaningful use, HIPA compliance, you know, on and on and on. A lot of really not fun stuff but really important things, Obamacare, etc. Are we, sort of, primarily focused there, Vik, or are we starting to see this notion of data value coming to healthcare? >> Absolutely, we're starting to see notion of data value coming to healthcare. The way that I like to describe it is that over the past 30 something years, we have built an amazing library, or repository, for healthcare data. This is data that we're just putting in, right? When you go back to the hospital, or the doctor, they pull the data back out, they look at it for a few seconds, and they come and see you for a 15 minute visit, right? You've been waiting for 2 and a half hours at this point, right, so not great patient experience. We're trying to change that as well. >> Surfing the web. >> Vik: Right, right. >> See what's wrong with it (laughing). >> Exactly, right? But what we're finding now is that there lies so much meaning in data in terms of actionable intelligence, not only to provide you better care and to take care of you, but to also treat populations and say, "Okay let's, as a general population, make people healthier." Yes, we're learning from sensors in cars. We're learning from the internet of things all over the place and data, just in general, is central now to healthcare. Everybody has taken data now and finally put it on the pedestal that it deserves to be on and they're understanding that data matters in healthcare. All data matters. >> Sathya, I wonder if you could bring us inside some of these customers. I remember when object storage first rolled out. It was like healthcare, oh great. We're going to have metadata. We're going to be able to use this. It felt like it was, "Oh, well, we check the box on compliance and put some stuff places," but we hadn't really been transforming the way data got used for healthcare. What are you seeing in your customer base? Any stories you can tell us? >> A couple of things to point out is all of these have electronic health card systems, right? They actually sit on a lot of different databases. There's SQL, there's Oracle. There's also an intersystem cache database. Epic is one of the largest EHR environments and it runs on intersystems cache. What we've done at this point is to kind of treat the cache database as a first-grade citizen. You know Oracle and SQL have always been treated that way by all the other data management companies. We are elevating cache database, which is a huge player in the healthcare market and delivering options to snapshots of applications as well, not just on premise, but also allow the first lady to go into the cloud. You just saw Dietzen announce that you can actually now do snapshots and offload them to cloud as well. With us, you have the ability to orchestrate those snapshots and clear up consistent snapshots and have them hold on premise and on cloud as well. So we act as the orchestration layer for all these snapshots and application Pure already provides. Some people may use clips today, but owning Pure is like owning a family-owned car and having four bald tires with strips. We add the ability to actually create and manage all your datasets. As it changes, we keep up with it and run those orchestration for you. >> I'd like to add on thing there actually, and Sathya hit one some really great points. From the business standpoint, what we're seeing, what I'm personally seeing as an evolution over time, is that given the fact that everybody realizes that data's important, right? What they're doing is bringing data back in to centralize control within these IT organizations at healthcare organizations. Typically, it's very siloed and departmental. It's coming back in, so the CIO is really getting a purview over, and their arms around, all of the data. Now, this brings up additional challenges, right? You have X number of copies for your environments. You're copy data management is very important in healthcare. As we're growing the data and it's just going crazy, we can't also have multiple copies and just keep going crazy, right? There used to be a time, and I can speak personally about Epic, because I used to work at Epic for many years, right? At Epic, there used to be a time where we would basically come up with configuration in terms of trying to figure out how much storage you need for, not just for capacity, but for performance purposes. We'd end up with some ungodly number of copies, right, just to make sure you actually had your environments and also the performance. With data reduction technology, especially what we have at Pure here from a data reduction standpoint for digital application and compression along with the copy data management pieces, you're able to say, "Okay, I can bring some semblance to this entire house, right?" The last part is, in terms of security, right, cyber security, with all rants aware and everything else that's going on, you really want to have, in healthcare, peace of mind to say that not only do you have air gapped copies that you can actually bring back that are relevant, but you've gone through on a regular basis and proven organically that you can do this and you can do this within your SLAs and your SLOs. >> It also seems important to me that you can share many more copies, virtual copies, of data out of a single flash instance-- >> Absolutely. >> Yup, yup. >> And then catalogic obviously helps you manage that. Can you guys talk about the specific solution that you're sort of developing or partnering with others, database partners or whomever, for healthcare? >> Yeah, so I can start out and then you can take it from there, right Sathya? I think the way that we looked at this was to say, "Okay, what's the day in a life, right? What's the day in a life of storage and system administrators at these large healthcare organizations that actually touch data, be they snapshots, or backups, or clones, or integrity checks, or restoration tests, or what have you, right? Also, understanding the environment strategy that folks like Epic, and Allstrips, and Metattack, and Sherner, and whoever else used, right? Basically saying, "Okay, how can we take all of these things and apply a standard common framework to build the automation and orchestration and cataloging associated with it, plus the auditing associated with it, and provide that as a all in framework for our healthcare organizations to take advantage of, minimizing a significant amount of human intervention and interaction, which as we know, has issues. We run into these problems all the time. You hear from customers horror stories once a month across the country somewhere the other customer has an administrator who, with great intentions, has actually gone the wrong way and restored a snapshot of production from yesterday back on production instead of-- >> Whoops happens really fast. >> Whoops happens, right? >> And fast (laughing). >> That's all we can say, right, whoops. That's sort of our goal in terms of saying, "How can we actually take the burden away so that they can keep the main thing, the main thing. Focus on innovations and focus on partnering with your organization to help them accomplish their goals. So, Sathya? >> Yeah, and the other piece to it, we talked about ransomware. In healthcare space, what happened in Europe and UK was a huge thing. A lot of the other solutions that deliver copy data management use an appliance storage, right, so they want to actually move all your data set onto an appliance and want it off of there. What we deliver is basically in place copy data management. Basically the data sits on your storage, sits on the first-grade storage that you bought and using, and with the ability to drive back to a snapshot point in time, we can actually immediately come up and run. So this is, again, going back to the formula one analogy, right, you could run a spare tire, which is what all the appliances deliver. You have a problem, you could run a spare tire for a while, but at some point, you have to take a downtime and go back to it. With us, it's a formula one pit stop. You have a ready copy that is perfectly good, available for you to replace any time you get it down. We deliver the control and the orchestration layer and we give you the ability to go back to your old production state at any point and fairly quickly, and we allow you to exercise your data by creating testing environments for your developers. We met the systems team yesterday at Accelerate. They told us some of their UK customers are creating 40 copies of non-production datasets from their production datasets for their app dev purposes. >> I'd like to add on one thing there, it's very interesting about the InterSystems piece. I also worked at InterSystems for several years and have a really great relationship with them. One of the applications that they have is something that we're working on very closely with them, is InterSystems HealthShare, right? The unique challenge around HealthShare is that you have an environment that has multiple database instances that are loosely affiliated, but they still have logical consistency across them. The Holy Grail there, or the key there, is in terms of being able to provide copy data management and application consistency across these instances. That's kind of the work that we're doing together. >> Yeah, and at that point, the storage becomes your common compute layer, to some extent, right? Because if you want to take a snapshot across 40 different systems that are all in different volumes and storage, the only way you can take an app consistent snapshot is to take a consistency group, or PR calls it production groups. We have to be able to define that and take snapshots from the storage layer. >> That fundamentally changing the data access paradigm, really. Gentlemen, thanks so much for coming to The Cube and sharing your story in healthcare and best of luck. Really appreciate it. >> Vik: Thank you. >> Sathya: Thank you. >> You're welcome. >> Vik: Thanks, Dave. >> Sathya: Thank, too. >> All right, keep right there, everybody. We'll be back with our next guest right after this short break. This is Pure Accelerate. This is The Cube. (music)

>> Announcer: Live from San Francisco, it's theCUBE! Covering Pure Accelerate 2017. Brought to you by Pure Storage. >> Welcome to Pier 70 in San Francisco, everybody. I'm Dave Vellante with my cohost Stu Miniman, and this is Pure Accelerate 2017. Pure Storage in 2009 started a big wave of flash migrations, and the company's strategy was to specifically go after the large EMC Install base of older Symmetrix, mainframe class storage, and even to a certain extent VNX and Clariion, if anyone remembers those terms, the Install base. Pure's ascendancy was really a function of shifting from spinning disk to flash. Fast forward seven, eight, nine years later, and Pure is talking about big data and AI and machine learning and IoT, and is really trying to completely transform not only the storage industry but itself as a leading player. The last time an independent storage company hit a billion dollars is about 20 years ago, a company called NetApp. Pure is trying to be the next to be a billion dollar company. Stu Miniman, lot of action goin' on here, used to be back in the day, I bought EMC for block, NetApp for file. Pure is trying to change that. >> Yeah, and Dave, you know storage, we've talked about it when Dell bought EMC. What did that mean to the whole storage industry? I wrote an article when it happened and said it's the end of the storage industry as we know it. When I came in here, it was like, oh, we're going to be talking about storage. You mentioned NetApp; I was at a NetApp event last week, and they said, "Storing is boring." It's really about the data, it's about the new applications. I really liked in the keynote they were talking about new use cases, new applications, how do they fit into that multi-cloud world, really interesting to hear Scott Dietzen, who we've known since this company was in stealth, laying out where the company is. They've got over 33 hundred customers, lot of SaaS applications, they're talking a lot about the machine learning and the AI pieces that are in here, but at the end of the day, I mean Dave, this is their primary business is a storage array replaces, as you said, the traditional EMC boxes that used to be sold. So how much of this is still kind of an update on what the legacy is doing, how much are they ready for the future? I'm excited to dig in with some real customers here. Pure has a good movement, good customer base, I've always had some good smart people with good tech, the Puritans as they call them, all wearing orange here. So, a cool venue and excited to dig in. >> Well, it's one of the fastest-growing companies in the storage business and in the IT business, and the way that Pure has gotten there isn't, you know, in its early days it never really talked much about so-called software-defined, it just did it. One of the problems that Pure attacks is the problem of migration. David Floyer and Wikibon have written extensively about the cost of migration, the pain of migration. It was almost just assumed, well you know, if I'm buying storage I'm going to have to migrate, and I'm going to spend 50, a hundred, sometimes many hundreds of thousands of dollars migrating my workloads from older arrays to newer arrays. Pure Storage has this Evergreen concept, where through the use of software and software-defined technologies, it's able to upgrade new customers quote-unquote seamlessly, there's that overused word again, but it's able to deliver essentially storage as a service even though you're putting an appliance on their site. So it's a radically different model. They've announced some things today, for instance like three site data replication, which is very very complicated. Trying to simplify that, so a lot of really novel ideas. Again I come back to their ascendancy. It was really based, Stu, upon attacking the slow, expensive spinning disk using its data reduction technology to create parity between the cost of spinning disk and the cost of flash, something David Floyer predicted back in 2009 would happen by 2014 for the high-spin speed. Now with FlashBlade, which is essentially the file-based system that Pure has, they're going after that same mantra with higher-capacity spinning disks, really going after the NetApp base. >> Yeah, and Dave, you mentioned that Pure could be the most recent billion dollar storage company. The company that might actually beat them to that is Nutanix. Now of course, Nutanix sells more than just storage. They're hyper-converged infrastructure, which means the compute that they're also selling, that's being used there, so it's not quite apples to apples, but the last quoter Nutanix had, about 10 million dollars more in revenue than Pure did; they also had IPOed. In that hyperconverge trend, one of the things that I saw early on on that, Dave, was attacking that migration cost. Hyperconverge, like what Pure does, a software layer, you create a pool of architectures, I can add in nodes, I can change configurations, I can update without the traditional way that we used to do it in storage, which was buy that box, take months to get it in there, load it up, transfer it over, retest it, you know all of those things that really kept your time-to-value on storage down, and that's something that Pure and all the hyper-converged players have been attacking, that kind of legacy mindset that we had in storage for so long. >> Yeah, and of course Pure's approach to converged is in partnership with Cisco and presumably others, I'm not actually sure about that, but Cisco's the main partner there with FlashStack, that's their converge play. They kind of do a knock on hyper-converged, kind of de-positioning it as sort of low-end, sort of contained, within small remote offices, whereas they're positioning FlashStack as the scalable internet infrastructure. Pure does very well with SaaS companies, they do, they're increasingly doing better with Fortune 500, they've still got a long way to go there. About 80% of their business is U.S., so there's a lot of upside internationally. We're talking about a company that'll be a billion dollars in their fiscal 2018, which is fundamentally the year we're in now, they've got about a 2.4 billion dollar market cap, they're growing at about 30% a year. And very interestingly, they had mid-60% gross margins at one point last year, they had like 69.6% gross margin, which is unheard of, you know, we haven't really seen this since back in the heydays of NetApp and EMC. The question is, is that sustainable? And of course the big question that we have today, and we're going to talk to Scott Dietzen, nickname Dietz, lot of nicknames here at Pure Storage, about is the concept of a large independent storage company. That concept is going away, it's like extinct except for one company really, NetApp is the only billion-dollar storage company left. It's been 20-plus years, maybe even 25 years since that's occurred. What are your thoughts on that, Stu? You know, I wrote a piece maybe eight years ago, Can EMC Remain Independent, recognizing that most of EMC's value was coming from Vmware and of course EMC could not remain independent. Do you think a company like Pure can unseat the leaders of Dell, EMC, HPE, IBM, and remain an independent storage company? >> Well, one of the things I always look at is what is, where are they going to hit their plateau? They're reaching towards billion dollars and they do continue to grow. I think that Pure still has plenty of headroom, but how long does it take them, Dave, to get to three or five billion dollars? The reason I throw out that number is that's probably how much storage Amazon's doing today. You know, look at Amazon, it's a 15 billion dollar company, somewhere between 15 and 30% of Amazon's business, and nobody in the storage business talks about that because it just ties to my applications. So I want to follow the applications, follow the data. It's good to hear that Pure is getting in with a lot of SaaS providers. From Wikibon data, 2/3 of the public cloud data, I'm sorry, of the public cloud revenue, is SaaS providers, so absolutely here come these like Pure, SolidFire sold, before when they were an independent company, sold to lots of service providers as well as SaaS providers. Kaminario, a Massachusetts-based flash company, sells to I believe it's about half of their business, is selling to the SaaS providers because these are companies that look at, okay I need to own how I scale my environment, own those economics, and need to grow that. And just one more piece on that economics, Dave. Look at that kind of multi- or hybrid cloud world. I bristle a little bit when I hear Scott Dietzen kind of almost say, public cloud, it's in the corner. about 20% of the use cases fit in that environment, yeah we'll do snaps to Amazon, we'll do some other things. But you don't put the public cloud in the corner and just say, oh, 20% of the market's there. 'Cause that's today, and it is still growing 50, 75, 100% depending on which public cloud you're talking about. We think that there's still plenty of upside, and when does that become a headwind that will slow the growth of what Pure's doing? You see a lot of the other software storage companies out there say how do they become software? When we were at the Veeam show, Dave, how did, they really were, we're going to live in Azure. We're going to partner with AWS, and they don't really care. Pure very much, their growth, their revenue, and their margins today are all built that they're going to be selling gear with that, yes they have the Purity 1 software and they have some cloud plays, but very much seems to be saying that public cloud's not the direction. I'm sure Scott will probably give us a little more nuance there, but you know, that legacy change to new distributed architectures has been a tailwind for Pure, and when will cloud be something that will push against their growth? >> Well, we're going to ask Scott Dietzen about that, and you're right on, I mean public cloud clearly is growing, I mean it's growing like crazy, particularly the SaaS component of that. Now of course, that can be a tailwind for Pure because they do sell to SaaS companies. They even, Scott even had a slide up there today showing Google, Uber, Facebook, AWS. Did you infer like I did that they were implying that they were selling to those companies, or? >> No, no no, I saw because in the last quarterly report they talked about basically the number four through a thousand. >> Dave: Four to a thousand. >> Dave: Right. >> So they're not selling to the top three, that they're clear on. >> So, okay, so the top three would be Amazon, Google, and Microsoft-- >> Right. >> But then there's Facebook, and Uber, possibly they could sell to those companies, Spotify is a SaaS company, so that SaaS part of the market is growing like crazy. Now the other point is, Wikibon released a study. We've been talking about it for the last couple of weeks in theCUBE around the true private cloud market forecast. True private cloud is an on-prem infrastructure that substantially mimics the public cloud at a much lower cost. We came up with this notion of true private cloud because there was so much cloudwashing going on, which really was virtualization. Now, the true private cloud is growing actually faster than any other cloud segment, now from a smaller base, granted. But we see about a 230 billion dollar TAM over the next 10 years evolving. Now, the most important part of this, and Scott Dietzen touched upon this in the morning, as did Hat, using some nicknames again, that companies are really focused on lowering their IT labor costs, and we see 150 billion dollars, approximately, of IT labor moving out of nondifferentiated heavy lifting, into what we sometimes call vendor R&D. In the form of cloud, or on-prem products, appliances, and other software frameworks that can automate and eliminate this low-value provisioning and patching and LUN management. So, Stu, you were very much involved in that true private cloud report, that market's exploding. I mean, to me, it's all about TAM expansion for Pure. They're a billion dollar company, roughly, they're participating in a 30 or 40 billion dollar market, so they have a long way to go. >> Yeah, absolutely. Because really, Dave, it's about the application. It is not a winner-takes-all environment. When you look at multicloud, it's what applications, and even we start teasing apart pieces of my applications and where they live. So, I look at, there was a nice logo slide that Pure put up, and you say okay, Hulu is a customer. Well, is Pure helping with their CDN? I really doubt it. You know, you look at Workday. Workday, up on stage at Amazon Reinvent talking about how they partnered with Amazon. So what applications is Pure winning, which ones are their customers using the public cloud for, and how does all of that sort out? Absolutely, true private cloud is really that reinvention of the data center, that flipping, if you will, of I mean Dave, you probably know better than me, that saying that IT spends 80 or 90 percent of their budget on keeping the lights on. How do we flip that so we can spend money on innovating, driving the business forward, stop spending on one of our favorite terms, undifferentiated heavy lifting and move to innovate and drive the business, and have IT serving those applications and serving the things that help me differentiate from the competition and move faster. Because, absolutely I'm sure something we'll hear this show, is it's that agility and that speed is what companies need, and Pure with their six nines of availability and that if you buy it today you're future-proof, if you will, is going to help customers say that they can have a platform that they buy today and know it's going to serve them well in the future. >> Well, Mark Benioff I think was the first that I heard said it, or it might've been Peter Burns, I can't remember, but basically there're going to be many more SaaS companies coming out of non-tech companies than tech companies. That to me, Stu, is a big, big tailwind for a company like Pure who's software first, software-defined, knows how to sell to SaaS companies. The other thing is, Pure's the latest company. They didn't say this but they certainly, one could infer it, the latest company to basically say tape is dead. So it used to be offsite backup the tape, now they're talking the flash to flash to cloud as the long-term retention. So a lot of really interesting things going on here. The venue is actually quite amazing, it's at Pier 70, this place is going to get torn down right after this show, it's a place that used to be an old steel mill that used to make battleships here, about two battleships a year during World War II. >> Yeah, the new Warriors facility is going to be here in Dogpatch soon, and I know everybody's super excited about that. >> Yeah, well, yeah, a lot of purple hats here, a lot of excited Warriors fans. >> All right, we'll be back, we've got day-to-day all day, wall-to-wall coverage of Pure Accelerate, #PureAccelerate. This is theCUBE, I'm Dave Vellante with Stu Miniman, we'll be right back with Scott Dietzen right after this short break. (upbeat electronic chords)

>> Commentator: Live from Las Vegas, Nevada. It's theCUBE. Covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to theCUBE. We are live at Fortinet Accelerate 2017 in Las Vegas. We've got a great day so far talking to a lot of Fortinet folks, some of their technology alliances partners. And up next we've got Eric Kohl from Ingram Micro. Eric is the Vice President of Advanced Solutions and Eric's going to have a chit chat with myself, Lisa Martin and my co-host, Peter Burris. Eric, first and foremost, welcome to theCUBE. >> Thank you. >> Your first time on. Eric, you are an Ingram Micro veteran. >> Just a little bit. >> Just a little bit. You have previously been their Vice President of Network and Security Business Unit responsible for leadership, for strategy, and channel sales working with solutions, our networking SP's. Tell us about Ingram Micro. What is the role that Ingram Micro plays bolstering Fortinet's channel? >> Sure, yeah, I've been at Ingram for 18 years, it's kind of hard to believe. Our role is really to help kind of shorten the sale cycle for Fortinet partners. So we want to help our partners to become more highly trusted and more profitable security advisors. So I lead our, I'll all it our security practice because I think security is at the tipping point now, so where I used to be networking to security, my portfolio is primarily security and most of the networking guys are leaving the security as well. We play an integral role in really helping to make it easy to do business with our vendor partners. >> Lisa: Fantastic. One of the things that has been a topic that we have heard from the general session today and throughout a number of our guests is you mentioned really networking, but also networking in security really being no longer separate conversations. And the opportunities proliferation to mobile and IOT devices is really creating a talent impact. A talent shortage. How is Ingram Micro helping to maybe mitigate some of the challenges that companies are facing with respect to how to do deal with these daily attacks? >> Eric: Yeah, there's a couple key challenges. It's complexity. It's not just the complexity of some of the technology solutions that are supposed to help us in protecting our data. But when you think about DYOD and the internet of things, there's already a connected device for every human on this planet. And that's a security, that's like a CISO's nightmare is how to protect all of these things. So that's a huge challenge. And then to be able to have the resources to manage the solutions that are complex in themselves, that's a big challenge. And it's not just for the end users themselves, there's thousands and thousands of IT security integrators with varying degrees of competency. We're serving all of them. And even some of these guys are struggling with the complexity. I think one of the other things that we constantly hear from partners is SMB's and mid market companies are under attack like never before. They don't make the headlines like Yahoo or some of the things that are going on in the political world. These small companies are under attack and if they get attacked, they don't make the news, they just go out of business. >> Lisa: Right. >> So that's a huge challenge. >> So demand's going up, significantly. >> This is a great spot to be in. I go to conferences like these and a new breach hits the wire and we're high fiving. It's good for our industry. >> Peter: But that the same time, as demand goes up and the capacity to serve that demand increasingly has to move into technology because of some of these labor shortfalls, it means there's a whole bunch of reconfiguring of where are values created, who's creating value, how they're creating value. How is Ingram Micro finding itself mediating what partners want, what the industry has to offer, and ultimately what the customers of your partners are trying to serve. How are you finding your business evolving? >> Eric: We have transformed more into a services company than ever before. If you think about IT distribution, it used to be about getting a box from point A to point B. That was so far in the past. And for us it's around how do we help augment and provide services kind of what I would say throughout the security sales cycle so that we can help these trusted advisors? Or even if they're not a highly competent security advisor, how do we help them look like they are so they can serve and protect our clients better than anybody. >> Lisa: Actually, you brought up a good point there. Can we ask you about the security sale cycle? You mention you're an 18 year veteran at Ingram Micro. How have you seen the security sale cycle evolve as security itself has evolved and we have this daily expanding threat surface? What's that sales cycle like now? >> Eric: Like I said, many, many, many years ago it was all about moving the products or helping with some financial services but toady Ingram plays a pivotal role throughout that sales cycle. So for us, it kind of starts with training and education. Helping our partners to make sure that they understand the benefits of going to get certified for Fortinet Technologies. Or the benefits of getting your technical accreditation so you can move up into the partner stack and better serve your clients. It's also around helping our partners understand a position like security awareness trainings as an example. You can have the best technology in the world but if you still don't understand what today's threats are, you're a risk. The second area would be around what I would call pre-sales professional services such as assessment work. So the cyber threat assessment program that Fortinet has. So we're authorized to go and help our partners do that. We've done it in conjunction with partners. We have partners on the phone all the time, we'll set them on a demo, we'll help them get that CTAP done. And once that thing is in, it's closing a sale. So you can really drive demand. You have a better understanding of what's going on in the network. And that's all before we've even delivered a product, right? So then you kind of get into the core of what I would call channel enablement and operations. Which is, look yes we have to help our partners get the technology, but it's also around, we're serving more Fortinet resellers than any other company in any country from a distribution standpoint. I'm really proud of that. But they're all varying degrees of competency and so we have to act as though we're their Fortinet channel account manager. And so we love doing that type of work. The next part of that sale cycle would be around how do we finance that? So there's a multitude of financial services offerings. Or leading with Fortinet's MSSP program to help close an opportunity in the invariable financial models. And then it's around implementation. A lot of partners may find an opportunity and they can't get to Las Cruces, New Mexico. Well they can tap into our network and we'll help them find a provider that can do that implementation service. And then wrapping it up with remote monitoring and management or managed services of those things. And now, Fortinet plays a role in many of those categories. So we would lead with those solutions to make sure that a security advisor is really taking advantage of offerings throughout the sale cycle. Whether Fortinet offers them or whether we're working with a third party provider. >> So you mentioned that you are the largest distributor working with Fortinet Technologies. You also mentioned something earlier too that's interesting and that is, kind of leading into differentiation. You talked about Fortinet being able to go from the antiphrase down to the SMB and the fact that what we're hearing so much media about enterprise attacks that's what gets attention. >> Right. >> Talk to us about the differentiation that Ingram Micro is getting as a result of partnering in such a focused way with a Fortinet that is able to get into and help those small, medium businesses not go out of business. >> Right. And Fortinet's in a great spot because they've been serving from the SMB to the mid markets and the enterprise. And to your point, yes, the Sony's and the Yahoo's they make all the headlines. Companies like 80stees.com that got attacked and almost when out of business they don't make the news. And so we play an integral role because we're serving thousands of resellers that actually are working with those small companies. So we have to help them understand the technology, understand the new like there's announcements today. You know, we have to help get that message out to the Fortinet channel and really help augment their channel efforts with that. >> As think out over the next couple of years given that it is the movement from a product to a service orientation in many respects requires that much more data. The visibility that makes you that much more intimately tied to your partners, what will be the role as a business person, what will be the role of data, data security, more secure networks to you as business person? >> As a business person this is just going to keep accelerating. The demand for information isn't going to slow down. The demand over the networks, it's just going to keep expanding as quickly as are the devices in our hands. It's one human has a device or one device for every human on the planet today that's going to double or triple in the next few years. That demand for data and data protection is going to go right along with it. >> Lisa: One last question for you, Eric. One of the things that was interesting today was a lot of the predictions that we were learning from Fortinet. We had Derek Manky on the program and he did a blog, his team did, leads Fortiguard Labs about really six predominant evolutions and challenges and it was quite striking. I'm curious your perspective as we're seeing this threat surface expand. One of the things that he was talking about was the need to bridge the gap between public sector and private sector and what Fortinet is doing there to facilitate things where they don't have jurisdiction that maybe a police organization would need to be involved in. As we look at Fortinet going in that direction in helping to bridge the gap there and share knowledge and threat intelligence across public and private sector and to your point earlier helping the SMB market which doesn't get that visibility. Last question, what are you most excited about? Fortinet's just starting their fiscal year 17. What excites you most as a distributor for this year of opportunities? >> I would say it's a couple things. They had an exciting announcement today around their intent based and that's really exciting. To be able to drive simplicity and to management and being able to understand what's going on. Our partners and ultimately the clients, they don't want point products. There's a lot of security vendors that are offering point products. These customers want business outcomes and they want simplicity. It's really easy to be a cyber criminal today. Ransomware's a service. You can go out and start flooding emails out and then all the sudden you rent the malware and you'll get paid if you can infect somebody and they have to go pay for it. Protecting against that has to be as simple as it is to be a cyber criminal. I think that it's exciting with what they're doing there. In terms of this event, and Derek is a great leader in security. He was out at our big event in November so I was catching up with folks like him. I love these events to come and check in with our partners and we've been a Fortinet distributor, this will be our 10 year anniversary and we're also a customer. It's exciting for me to come in and see our friends and familiar faces and catch up with everybody and see what's new. We're really excited about the future with Fortinet. In those 10 years, we've been above market growth every year. Don't tell my boss, he assigns quotas. But they've been a great partner for us. >> It sounds like from what we've heard today from yourself and from your partners at Fortinet, this year presents a tremendous amount of opporunity and challenge. We wish you continued success, Eric. Thank you so much for your time on theCUBE. >> Thank you very much. >> We thank you for watching theCUBE as well. And I'll thank you on behalf of my esteemed colleague, Peter Burris. But, don't go away, we'll be right back.

>> Narrator: Live from Las Vegas, Nevada, it's the Cube, covering accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to the cube, we are live in Las Vegas at Fortinet Accelerate 2017. I'm you host , Lisa Martin, joined by my cohost, Peter Burris, and we're really excited about or next guest. We are talking next with Derek Manky. Derek, you are-- first of all, welcome to the cube. >> Thank you very much, I'm excited to be here. >> You have a really important role in Fortinet, you are the Global Security Strategist. >> Correct, yes. >> You have a... Established yourself as a thought leader with over 15 year of cyber security expertise, and your goal is to make a positive impact towards the global war on cyber-crime, that's a big goal. >> That's a very, very big goal, but it's a big hairy goal, but it's... Critically important, I believe, I firmly believe this over my whole career, and I'm starting to see some good traction with the efforts that we're doing too. >> And it's becoming more, and more, critical every day as breaches, and hacks, are a daily occurrence, you're also the leader of FortiGuard Labs, you've got a team of over 200, tell our viewers that can't be here today, what is FortiGuard Labs, what are you doing to leverage threat intelligence to help Fortinet's customers. >> Sure, so we're trying to manage complexity, cause that's always the enemy of security, and we're trying to make it simple across the board, so we're managing security for all of our customers, 300 000 customers plus. That's a big deal, so we had to invest a lot into that in terms of how we can do that to make it simple to the end users. So what FortiGuard Labs is, is it's services we deliver to the end user, protection services across the spectrum, our whole product portfolio. So we have world-class expertise as a security vendor, 200 plus people on the team, experts in each domain. We have researchers, and experts, looking at things like industrial attacks, mobile problems, malicious websites, ripping apart, what we call reverse engineering, malware samples to find out digital fingerprints of who's creating these attacks, so we can work also in partnerships with that too. At the end of the day, we have the humans working on that, but we've also invested a ton into artificial intelligence, and machine learning, we have to comb through over 50 billion attacks in a day, and so the machines are also helping us to create a lot of this automated protection, that's all driven by our patents, by our world-class development teams, that gets down to the end user, so that they don't have to invest as much into their own security operations centers, cause that's a big OpEx, expansions to the expenditure, so we're helping to alleviate that issue, especially with this, as everybody knows, today, the big gap in cyber security, professionals, so that helps to alleviate that issue too. >> You said 50 billion attacks a day. >> That's correct sir, yes. Potential attacks. >> Oh, potential attacks. Clearly that means that increasing percentages of the total body of attacks are no longer coming from humans, they're coming from other things, >> Derek: Absolutely. >> And how's that playing out? >> It's a fascinating landscape right now. With every legitimate model, there's an illegitimate model to follow, especially with cyber crime, and what we see in the digital underground, dark web, all these sorts of things, you rewind back to the 90s, your opportunistic hacker was just trying to plot, plot, plot, a message bar on a Windows 95, or Windows 98 system at the time. Nowadays, of course, the attack surface has grown tremendously. You look back to DARPA, back in 1989, it had 60 000 system connected on the Internet, now we have IPv6, 20 plus billions connected devices, everything is a target now, especially with the Internet of Things. Smart televisions-- >> Peter: And a potential threat. >> Exactly, and a weapon. >> Exactly, and so to capitalize on that, what we're seeing now is cyber criminals developing automated systems of their own, to infect these systems, to report back to them, so they're doing a lot of that heavy work, to the heavy lifting, using their own machines to infect, and their own algorithms to infect these systems, and then from there, it'll escalate back up to them to further capitalize, and leverage those attacks. On any given minute, we're seeing between 500 000 to 700 000 hacking attempts across, and this is our own infrastructure, so we're leading in terms of firewalls in units shipped so we're able to get a good grasp on intelligence out there, what's happening, and in any given minute, well over 500 000 hacking attempts on systems worldwide. >> So every hour, 30 million. >> Derek: Yeah that's some quick math. >> Yeah, I'm amazing at multiplication. I almost got it wrong though, I have to say. 30 million hacks an hour. >> Yeah, and so our job is to identify that, we don't want to block things we shouldn't be, so there has to be a very big emphasis on quality of intelligence as well, we've done a lot with our machines to validate attacks, to be able to protect against those attacks, and not, especially when it comes to these attacks like intrusion prevention, that attack surface now, we got to be able to not just look at attacks on PCs now, so that's why that number keeps ticking up. >> Lisa: Right, proliferation of mobile, IoT. >> Derek: It's directly related, absolutely. >> So, this is clearly something that eyeballs are not going to solve. >> Not alone, so I'm very, very big advocate saying that we cannot win this war alone, just relying even on the brightest minds on the world, but we can also not just rely a hundred percent on machines to control, it's just like autonomous vehicles. You look at Tesla, and these other vehicles, and Google, what they're doing, it's a trust exercise again, you can never pass a hundred percent control to that automation. Rather you can get up to that 99 percent tile with automation, but you still need those bright minds looking at it. So to answer your questions, eyeballs alone, no, but the approach we've taken is to scale up, distribute, and use machines to identify it, to try to find that needle in a haystack, and then, escalate that to our bright minds, when we need to take a look at the big attacks that matter, and solve some more of the complex issues. >> Speaking of bright minds, you and your team, recently published an incredible blog on 2017 predictions. Wow, that's on the Fortinet blog? >> Derek: Yeah, that's correct >> We can find that? Really incredibly thorough, eye-opening, and there were six predictions, take us through maybe the top three. We talked about the proliferation of devices, the attack surface getting larger, more and more things becoming potential threats, what are the top three, maybe biggest threats that you were seeing, and is there any industry, in particular, that pops up as one of the prime targets? >> Absolutely. I'll get into some buckets on this, I think first, and foremost, what is primary now in what we're seeing is, what we're calling, autonomous malware, so this is the notion of, basically what we're just talking about to your question on what's driving this data, what's driving all these attack points. First of all, the Internet's been seeded with, what I call, ticking time bombs right now, we have 20 plus, whatever the number's going to be, all of these billions of devices that are connected, that are inherently, in my professional opinion, insecure. A lot of these devices are not following proper security development life cycles. >> Lisa: Is there accountability to begin with? >> No, not at this point. >> Right. >> Right. And that's something that DHS, and NIST, just released some guidelines on, at the end of last year, and I think we're going to see a lot of activity on accountability for that, but that has to be taken care of. Unfortunately right now, it's been seeded, this attack surfaces there, so we already have all these open avenues of attack, and that's why I call it a ticking time bomb, because it's been seeded, and now these are ripe for attack, and we're seeing attackers capitalize on this, so what we're seeing is the first indications of autonomous malware, malware that is capable of mapping out these vulnerable points. The machine's doing this, and the machine's attacking the other machines, so it's not just the eyeballs then, and the cyber criminals doing this. We saw last year, unprecedented DDoS attacks, this is directly related to Mirai BotNet. We had gone from a 600 gig to terabit plus DDoS attacks, that was unheard of before. They are leveraging all of these different IoT devices as a horsepower to attack these systems in a massive distributed denial-of-service attack. The interesting part about Mirai is that it's also using open-source intelligence as well, so this is something that humans, like a black hat attacker, would typically have to do, they would have to get reports back from one of their systems, and say, "okay, now I've found all these vulnerable systems, I'm going to attack all these systems.", but they're the glue, so they're now removing themselves as the glue, and making this completely automated, where a BotNet like Mirai is able to use Shodan, as an example, it's an open-source database, and say, "here are a whole bunch of vulnerable systems, I'm going to go attack it, and so that's to my point of view, that's the first indication of the smart-malware, because malware has always been guided by humans. But now, I think, we're starting to see a lot of, more of that intelligent attack, the offense, the intelligent offense being baked in to these pieces of malware. So I think it's going to open this whole new breed of attacks and malware, and obviously, we're in a whole new arms race when it comes to that. How can we get ahead of the bad guys, and so this is obviously what Fortinet instituting on the autonomous defense, our Security Fabric, and Fabric-ready approach, that's all about, beating them to the punch on that, having our machines, the defensive machines talk to each other, combine world-class intelligence like FortiGuard so that it can defend against those attacks, it's a though task, but I really firmly believe that this year is a year that we have the advantage, we can have the advantage as white hats to get one leg up on the black hat attackers. As I said, for 15 years at FortiGuard Labs, we have invested a ton into our AI machine, learning intelligence, so we're experts on the automation, I don't believe the black hat attackers are experts on automation. So I think for that reason, we have a really good opportunity this year, because you always hear about the black hats, another data breach, and all these things happening, they're always had the advantage, and I think, we can really turn the tables this year. >> You have some great experience working, not just in the private sector, but in the public sector as well, you've done work with NATO, with Interpol, with SERT, what is your perspective on public sector, and private sector, working together, is that essential to win this war on cyber crime? >> Absolutely, we need everybody at the table, we cannot win it, as one single vendor alone, a good example of that is, we're starting to do across the board, this is something, I firmly believe in, it's really near and dear to my heart, I've worked on it for the course of, well over six years now, and we have a lot of the existing partnerships, across organizations, so other security vendors, and experts, Cyber Threat Alliance is an excellent example, we're a founding member of that, and these are competitors, but security vendors getting together to level the playing field on intelligence, we can still really remain competitive on the solutions, and how we implement that intelligence, but at least-- it's like a Venn diagram, you look at that attack surface out there, you want to try to share all that information, so that you can deliver that to security controls, and protect against it. So, the Cyber Threat Alliance is a good example, but that's private sector. If you look at National Computer Emergency Response, law enforcement, we have made great inroads into that working with the likes of Computer Emergency Response, to give them intel. If we find bad stuff happening somewhere, we're not law enforcement, we can't go take the server down, and disrupt campaign, we can't arrest, or prosecute people, but they can, but they don't have all that expertise, and intelligence that we do, all the data points, so this is, you're starting to see a lot of this string up, and we're doing a lot of leadership in this area, and I think, it's absolutely essential. President Obama last year mentioned it, the Cyber Threat Alliance, and the public-private sector, needing to work together in one of his speeches at Stanford, and I believe it's the only way we can win this. You have to go up to the head of the snake too, if we just are always on the defense, and we're always just trying to disrupt cyber criminals, it's a slap on the wrist for them, they're going to go set up shop somewhere else. We need to be able to actually go and prosecute these guys, and we had a really good case last year, we took down, working with Interpol, and the EFCC, a 62 million dollar crime ring in the US. They went, and prosecuted the kingpin of this operation, out of Nigeria. It's an unprecedented random example, but we need to do more of that, but it's a good example of a healthy working public-private sector relationship >> What an incredible experience that you have, what you have achieved with FortiGuard Labs, what excites you most, going forward, we're just at the beginning of 2017, with what's been announced here, the partnerships that you guys have formed, what excites you most about this year, and maybe... Some of the key steps you want to take against cyber crime as Fortinet. >> Sure, so I think we want to, so Cyber Threat Alliance is a very big machine, there's a lot of exciting things happening, so that's going to be a really good initiative, that's going to carry forward momentum this year. What excites me most? Well, it's not always a good thing I guess, but if you look at all the bad news that's out there, like I said, I think it's just going to be, there's so much fuel, that's being thrown on the fire when it comes to attacks right now. Like I said, these time bombs that have been planted out there. We're going to see the year of IoT attacks for sure, a new version of Marai has already come out, they're starting to sell this, commercialize this, and it's even more advanced in terms of intelligence than the previous one, so that sort of stuff. It depends on your definition of the word, excites, of course, but these are the things that we have opportunity, and again I think going back to my first point, the white hats having, for the first time in my point of view, a leg up on the black hats, that opportunity, that really excites me. When we look at what's happening, moving forward in 2017, healthcare, I think, is going to be a very big thing in terms of attack targets, so we're going to be focused on that, in terms of attacks on, not just healthcare records, which are more valuable than financial records as an example, but medical devices, again the IoT play in healthcare, that's a big deal, we're starting to already see attacks on that. Smart cities as well, you look forward to the next three years, building management systems, a lot of people talk about SCADA industrial control, this is definitely a big attack target to a certain... Attack surface, obviously, power plants, electrical grids, but building management systems, and these automated systems that are being put in, even smart vehicles, and smart homes is another big target that's unfolding over the next year. >> Hard to air gap a home, and certainly not a city. >> Absolutely, yeah, and again it goes back to the point that a lot of these devices being installed in those homes are inherently, insecure. So that's a big focus for us, and that's a big thing FortiGuard is doing, is looking at what those attacks are, so we can defend against that at the network layer, that we can work with all of our business partners that are here at Accelerate this year, to deliver those solutions, and protect against it. >> Wow, it sounds like, and I think Peter would agree, your passion for what you do is very evident, as those bad actors are out there, and as the technologies on the baton are getting more advanced, and intelligent, as you say, it's great to hear what you, and your team are doing to help defend against that on the enterprise side, and one day on the consumer side as well. So Derek Manky, Global Security Strategist for Fortinet, thank you so much cube and sharing your expertise with us. >> It's my pleasure, any time, thank you very much. >> Well, on behalf of my cohost, Peter Burris, I'm Lisa Martin, you've been watching the Cube, and stick around, we'll be right back. (electronic music)

>> Announcer: Live, from Las Vegas, Nevada, it's theCUBE, covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to theCUBE, I'm Lisa Martin joined by Peter Burris. We have been in Vegas all day at Accelerate 2017. What an exciting, buzz-filled day that we've had, Peter. I feel like we've learned, I've learned a lot myself, but also just that the passion and the opportunity for helping companies become more secure, as security is evolving, is really palpable. >> Well, yeah, I totally agree with you, Lisa. In fact, if there's one kind of overarching theme of what we heard and what we experienced, it's this is one of the first conferences, security conferences, that I've been to, where we spent more time talking about business opportunity, business outcome, the role that security is going to play in facilitating business change. And we spent a lot less time talking about security speed, security feeds, geeking out about underlying security technologies. And I think that portends a pretty significant seismic shift in how people regard security. We'll still always have to be very focused and understand those underlying technologies in the speeds and feeds, but increasingly, the business conversation is creeping into, and in fact, starting to dominate how we regard security. It's past become reviewed in a digital world, it has to become viewed as a strategic business asset, and not just as the thing you do to make sure your devices don't get stolen or appropriated. >> Right, and that context was set from the beginning with the keynotes this morning. The CEO Ken Xie, a lot of folks that we talked to today, said he normally gets quite technical in keynotes, and today kept things really at a business level. >> And we heard that many people thought it was the best keynote they've seen him give in a long time. >> That's right, that's a great point. >> And one of his key messages was that at the end of the day, digital business is not about some new observations on channels or new observations on products. It really is about how you use data to differentiate, differentially create sustained customers. My words, not his, but it's very, very much in line. The difference between any business and digital business is how you use your data. And we heard that over and over and over today, and how security, technologies, and practices, and capabilities have to evolve to focus more on what businesses want to do with data. That is where, certainly Fortinet, sees the market going, and they're trying to steer their customers so that they can take advantages of those opportunities. >> Right, and that's a great point that you made. Their CFO, who we had on the program as well, Drew Del Matto, talked about in his keynote, that it's critical for a company to be able to have digital trust. We talk about trust in lots of different contexts, but what does trust mean to a business? >> As you said, he's the CFO. It's interesting, CFO is typically focused on things like is the ownership getting a return on the capital that they've invested in this company? It was very, to me anyway, refreshing to hear a CFO expressly state data is becoming an increasing feature of the capital stock of the company. And we have to take explicit steps to start to protect it and secure it, because in fact, it's through security that data is turned into an asset. If you don't secure your data, it's everywhere. It's easily copied, it flies around. Data and security-- at least data asset, the concept of data asset, and security, are inextricably bound because it is through security that you create the asset notion of data. The thing that generates value. Because if you don't, it's everywhere. It's easy to copy. I thought he did a wonderful job of starting to tie together the idea of data in business in a very straightforward, tactical, CFO approach. It was a good conversation about where business people are starting to think about how this is going to evolve. >> He also talked about the role of the CSO, and there was a panel during the general session of three CSOs from different industries. That's an interesting evolution as security has evolved from perimeter only to web, to cloud, to-- Now, where we need to be as Ken Xie talked about, we're at this third generation. It's about fabric. He talked about that, and the importance of that, and the capabilities. But it's also interesting to hear security's now a conversation in the boardroom. This is not something that is simply owned by a CIO or CSO, that that role has to facilitate a company becoming a digital army in order to create value from that data. A lot of folks said today, too, that mindset of "If I can't see it, I can't protect it." >> Yeah, we heard that this morning from the CFO, we also heard it from George, the CSO of Azure, Microsoft Azure. We heard the relationship, the evolving role of the CSO, or the Chief Security Officer multiple times today. Security's hard. This is not easy stuff. We can bring a lot of automation, and we can bring a lot of technology to bear on making it easier and simplifying it. And we heard a lot about how that's happening. But this is a hard, hard thing to do, for a lot of reasons. But it's one that must be done, especially in a digital world. And the role, or the impact on the CSO role, is profound. You're not going to have everybody in the organization-- They all have a stake in it, but they're all not going to perform security routines, necessarily. Yet, it's too big, as we heard from George, for one person. We have to start increasingly thinking about security as a strategic business capability that may be championed by the CSO, but is going to be undertaking in a lot of different places. One of the things that the Microsoft gentleman, George-- >> Lisa: George Moore. >> George Moore bought up, was the idea that increasingly, if you do security right, you can secure things at a relatively technical level and present them as services so that other parts of the business can start to consume them, and they become part of their security architecture. And it goes into their products, or it goes into their services, or it goes into how they engage customers. >> Facilitating scale. >> Or whatever else it might be, logistics. I think that that is a very powerful way of thinking about how security's going to work through a fabric, being able to present a hierarchy of security capabilities that go all the way out to your customers and actually allow you to engage your customers at a security conversation level. Which is, we also heard that talked about a little bit today. The role, the brand value of trust, but we still don't have an answer for how that's going to play out. >> If we look at some of the other things that were talked about in Ken's keynote, hyperconnectivity. From the proliferation of mobile and IoT, which IoT devices, there's 20 billion that are predicted to be connected by 2020, which is just a few years away. As that sounds, well it doesn't sound, it is increasing the threat surface, and we are also hearing from some of the folks that were on the program today, Derek Manky being one of them, who wrote a great blog just published recently on Fortinet talking about the major trends that are being seen and the challenges there. I think we're also seeing that companies like Fortinet and their suite of technology alliance partners like Microsoft, like Nazomi, going all the way out to the endpoints and back, that these companies are coming together to collaborate, to start mitigating the risks that are increasingly there with the threat surface being larger. I think there was a lot more positivity than I honestly anticipated. When you hear of all these attacks that it's daily, and that's such a common thing. The collaboration of the technology and the integration is exciting to hear where these companies are going to be able to limit damage. >> And to put one more number on it, the 20 billion devices, but it's what those devices are doing. Again, George Moore from Microsoft Azure talked about I think he said, it was 800 billion events that they're dealing with a day. And in 2017, Microsoft Azure is going to cross a threshold of dealing with one trillion events a day that they have to worry about from a security standpoint. If you think about that industry wide, Microsoft Azure's big, but there are others. We're talking today, probably somewhere, I just estimated, he said, "Yeah, that sounds about right," about five trillion, five trillion events a day that businesses have to worry about in aggregate from a security standpoint. And that number is just going to keep growing exponentially. In a year's time, he talked about three, four, five x. So we're talking about hundreds of trillions of events. >> Staggering numbers. >> Within the next decade or so. There is virtually no way that human beings are set up to deal with those kinds of numbers. It's going to require great technology-- >> Automation. >> That provides great automation. That nonetheless, works with humans so that the discretion that human beings bring, the smarts, and the collaboration that human beings bring to bear. The value that they create stays there. We're going to see more productivity coming out of these incredibly smart people that are doing security, because the tooling's going to improve and make it possible. And if it doesn't happen, then that's going to put a significant break on how fast a lot of this digital business evolution takes place. >> Another point that was quite prevalent among our conversations today, was that there isn't, with the exception maybe of healthcare, it's quite an agnostic problem that enterprises are facing in terms of security threats. When we talked to Derek, he mentioned healthcare being one because that information is so pervasive. It's very personal and private. But something that kind of surprised me, I almost thought we might see or hear about a hierarchy, maybe healthcare, financial services. But really, what everyone talked about today, was that the security threats are really pervasive across all industries. All the way, even to industrial control systems and HVAC systems. Which shows you the breadth of the challenge ahead. But to your point, and some of the points that some of our guests made, it's going to be a combination of the humans and the machines coming together to combat these challenges. >> Well I think what we're seeing is that there's a high degree of data specialization within a lot of industries based on different terms, different tactics, different risk profiles, et cetera. But that many of the algorithms necessary to understand exceptions or deal with anomalies, or one of those other things, are applicable across a lot of different industries. What we are likely to see over the next few years is we're still likely to see some of that specialization by industry, by data. Nonetheless, become featured in the output, but the algorithms are going to be commonly applied. They'll get better and better and better. There's still likely to be some degree of specialization if only because the data itself is somewhat specialized, but the other thing that we heard is that it's pretty clear that the bad guys want to get access. Well, let's put it this way, not all data is of equal value. And the bad guys want to get access to the data that is especially valuable to them. A lot of that data is in healthcare systems. To bring these common algorithms that specialize data to secure the especially challenging problems associated with healthcare is a real, real big issue for a lot of businesses today. Not just healthcare businesses, but people who are buying insurance for their employees, et cetera. >> Exactly, it becomes a pervasive problem. You were mentioning today that this was very much a business conversation versus speeds and fees. We did hear about a couple of technologies moving forward that are going to be key to driving security forward. Analytics, data science, in fact-- We also talked about kind of the difference between security fabric which Fortinet rolled out last year, and a platform and how businesses are kind of mobilized around that, and the differences there. Control versus spreading that out. One of the things that Forinet did about, I think it was in June of last year, was they acquired AccelOps. Bringing in monitoring, bringing in realtime analytics. A lot of our guests talked about the essentialness of that realtime capability to discover, detect, remediate, and clear things up. From a 2017 perspective, besides analytics and data science, what are some of the other things you see here as essential technologies to facilitate where the security evolution trajectory is going? >> I think in many respects, it comes back to some of the things we just talked about. That as digital business increasingly-- Let's step back. The way we define, at Wikibon SiliconANGLE, what digital business is, what differentiates your digital business from any other kind of business is data. It's how you use your data to create and sustain customers. That's a pretty big world. There's a lot of-- You know, most of us operate in the analog world. There's some very interesting ways of turning that analog information into digital information. There's voice, there's photographs, there's a lot of other-- We talked a little bit about industrial internetive things. There's an enormous set of investments being made today to turn the analog world that all of us operate in, and the processes that we normally think about, into digital representations that then can be turned into models for action, models for insight, new software systems that can then have an impact on how the business actually operates. And I think that, if we think the notion of analytics and data science, and by the way, security's one of those places where that set of disciplines have really, really matured through fraud detection and other types of things. But I think what we're going to look at, is as new types of data are created by different classes of business or different classes of industry, or different roles and responsibilities, that that data, too, will have to be made secure. What we're going to see, is as the world figures out new ways of using data to create new types of value, that the security industry is going to have to be moving in lockstep so that security doesn't once again become the function that says no to everything, but rather the function that says, "Yeah, we can do that." We can go from idea to execution really fast, because we know how to make that data secure. >> Well, Peter, it's been such a pleasure, an honor, co-hosting with you today. Thank you so much for sharing the desk with me. >> Absolutely, Lisa. >> Look forward to doing it some other time. And we want to thank you so much for joining us on theCUBE today as well. I want to also point you to some of the upcoming events. Go to SiliconANGLE.tv. Next week, we've got the VTUG Winter Warmer going on. You'll also be able to see that on the website. Women and Data Science with yours truly in early February. And then the Spark Summit in February, Feb 7-9 in Boston. Again, that's SiliconANGLE.tv. For my co-host Peter Burris, I'm Lisa Martin. Thanks so much for watching, and we'll see ya next time. (techno music)

>> Announcer: Live from Las Vegas, Nevada it's theCube. Covering, Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin, and Peter Buress. (tech music) >> Lisa: Hi, welcome back to theCube. We are Silicon Angle's Flagship Program, where we go out to the events and extract the signal to the noise, bringing it directly to you. Today, we are in beautiful Las Vegas with Fortinet. It's their Accelerate 2017 Event. I'm your host, Lisa Martin, joined by my cohost, Peter Buress. And we're very excited to be joined by a Technology Alliance Partner, Nozomi Networks, Edgard Capdevielle. You are the CEO? >> Yes, that's right. >> And, welcome to theCube. >> Thank you, happy to be here. >> So, a couple of great things that Nozomi announced, just a couple of months ago, one was, they just secured fantastic $7.5 million in Series A Funding. And the second thing they announced was you, as the new CEO, so congratulations on your new post. >> Thank you very much, thank you. >> So, Nozomi is focused on the Industrial Control Systems Industry. What was it about this particular opportunity, that attracted you to want to lead Nozomi? >> Yeah, great question. Two things mainly. One, is the team. The two founders are truly rock stars, they have a great background in Cyber Security, and how do we apply Artificial Intelligence to Industrial Cyber Security. And two was, I had been working with the founders for a little bit, and I saw, with my own eyes, how the customers adopted the technology, how easy it was to deploy in an industrial setting, which tends to have a lot of friction. Not a lot of equipment gets into those networks. And the ease of proof of concepts, I saw it with my own eyes. And the frictionless interactions, made me join. >> So Nozomi was started in 2013, you're already monitoring over 50,000 industrial installations. >> That's right. >> Some of the themes that we've talked about, at the event today, so far, with Fortinet's senior leaders, is the evolution of security, where they're positioning, really at this third generation of that. As we're seeing that, and we're seeing that in order for businesses to digitalize successfully, they have to have trust in that data. What is Nozomi seeing, in terms of your industrial customers? What are some of the biggest concerns that they have, regarding security? And how are you working with Fortinet, to help mitigate or limit damage from cyber attacks? >> A lot of our customers in our space, are going through what's called IT/OT Conversions. OT networks, have traditionally been serial, point to point, run over two step para copper and they've recently adopted ethernet. When you adopt ethernet, you have a gravitational force, which is to connect. So these OT networks used to be air gaps, segregated, and now they're being converged with IT technology, under sometimes, IT operation. And therefore, they start suffering the traditional IT attacks. Those traditional IT attacks, are particularly harmful when it comes to industrial, critical infrastructure. And they require special technology that understands those protocols, to be able to detect anomalies, and white list or black list, certain activities. >> Give some example, of an IOT network. So, what is, you say critical infrastructure, gives us some examples, what are we talking about? >> IOT's a very broad term. We focus very specifically on industrial IOT. >> Or, industrial IOT. >> Industrial IOT, could be a network that controls a refining, so the refining process in a refinery. It could be electrical distribution, any form of electrical generation, oil and gas, upstream or downstream. Manufacturing, everything that moves in manufacturing, is controlled by an industrial control networks. Pharma, in the same subsegment, if you will. Some transportation, we're based in San Francisco, so our barge system is controlled with industrial control systems. >> So, we're talking about, as you say critical infrastructure, we're talking about things that, where getting control of some element of that critical infrastructure, >> Correct. >> Especially in the process manufacturing businesses, can have enormously harmful effects? >> Correct. >> On not only business, but an entire community? >> The disruption that it can cause is tremendous. From lights out in a city, to harm to people, in a transportation case, oil and gas case. Environmental damage, leakage. The damage can be tremendous. And that's basically, one of the huge differences between IT and OT. In IT, if your network blinks, your email may be two seconds late, my print job may need to be resent. In OT, you may not be able to turn off that valve, or stop this process from happening, or receive an alarm in time. >> Right, so like, I live in Palo Alto. Not too from me is, some of the big refineries up in Richmond, California. And not too long ago, they had an OT outage, and it led to nearly a billion dollars worth of damage, to that plant, and to the local environment. >> Correct. >> So this is real serious stuff. >> So with a product like Nozomi, you can detect anomalies. Anomalies come in three flavors. One could be equipment damage, malfunction. The other one could be human error, which is very very common. And the other one could be cyber. Any one of those could be an anomaly, and if it tries to throw the process into a critical state, we would detect that, and that's where ... >> Talking about cyber, from a cyber attack perspective, what is it about industrial control systems that makes them such a target? >> Yeah. It is that they had been used to be isolated networks, just like I said. When IT and OT converges, are taking networks that used to be serial security was not really a concern, in industrial control networks, you don't really have identity, you don't have authentication. You're just starting to have encryption. Basically, if you drop a command in the network, that command will get executed. So, it's about the vulnerability of those. >> Vulnerability, maybe it's an easy target? And then from a proliferation perspective, we mentioned the evolution of security. But, the evolution of cyber attacks, the threat surface is increasing. What is the potential, give us some examples, some real world examples, of the proliferation that a cyber attack, >> That is a great question. >> And an industrial control system, can have on a retailer or a bank, energy company? >> The industry was put in the map in 2010, with Stuxnet. Stuxnet was the first attack, everybody talked about Stuxnet for a while. And it was very hard to create a market out of that, because it was done really by a nation's state, and it was done like once. Since then, 2010, 2013 and now 'til today, attacks have increased in frequency dramatically, and in use cases. Not only are nation states attacking each other, like in the case now of the Ukraine, but now you have traditional security use cases, your malicious insider, you're compromised insiders, doing industrial cyber attacks. In 2015, the Department of Homeland Security reported 295, industrial cyber attacks, in our nation's critical infrastructure. And those are not mandated, they don't have a reporting mandate, so those are voluntary reports. >> Wow. >> So that number, could be two or three times as big. If you think about it, from 2010, we've gone from once a year, to 2015 once per day. So, it's happening. It's happening all the time. And it's increasing not only in frequency, but in sophistication. >> So, it's 295 reported. But there's a bunch of unreported, >> Correct. >> That we know about, and then there's a bunch that we don't know about? >> Correct. >> So, you're talking about potentially thousands of efforts? And you're trying with Fortinet and others, to bring technology, as well as, a set of best practices and thought leadership, for how to mitigate those problems? >> That's right. With Fortinet, we have a very comprehensive solution. We basically combine Fortinet's sophistication or robustness from a cyber security platform, with Nozomi's industrial knowledge. Really, we provide anomaly detection, we detect, like I said, any sort of anomaly, when it comes to error, cyber, or malfunction. And we feed it to Fortinet. Fortinet can be our enforcement arm if you will, to stop, quarantine, block, cyber attacks. >> So, Nozomi's building models, based on your expertise of how industrial IOT works, >> That's right. >> And you're deploying those models with clients, but integrating the back into the Fortinet sandbox, and other types of places. So, when problems are identified, it immediately gets published, communicated to Fortinet, and then all Fortinet customers get visibility into some of those problems? >> We connect with Fortinet in two ways. One, is we have 40 SIM, so we alert everybody. We become part of the information, security information environment. But we also used Nozomi Fortigates, to block, to become active in the network. Our product is 100% passive. We have to be passive to be friendly deployed in industrial networks. But, for the level of attack or the level or risk is very high, you can actually configure Fortinet to receive a command from Fortinet, and from Nozomi, and actually block or quarantine a particular contaminated node, or something like that. Does that make sense? >> Oh, totally. Makes 100%, because as you said, so you let Fortinet do the active work, of actually saying yes or no, something can or cannot happen, based on the output of your models? >> That's right. Yep. >> So, when you think about IOT, or industrial IOT, there's an enormous amount of investment being made of turning all these analog feeds, into digital signals, that then can be modeled. Tell us a little bit about how your customers are altering their perspective on, what analog information needs to be captured, so that your models can get smarter and smarter, and better and better at predicting and anticipating and stopping problems. >> When it comes to industrial models, you need to pretty much capture all the data. So, we size the deployment of our product based on the number of nodes or PLC's that exist in an industrial network. We have designed our product to scale, so the more information or the more number of nodes, the better our models are going to be, and our products will scale to build those models. But, capturing all the data is required. Not only capturing, but parsing all the data, and extracting the insides and the correlations between all the data, is a requirement for us to have the accuracy in anomaly detection that we have. >> What is the customer looking at in terms of going along that, that seems like an arduous task, a journey. What does, and you don't have to give us a customer name, but what does that journey look like, working together with Nozomi, and Fortinet, to facilitate that transformation, from analog to digital, if all the information is critical? >> That transformation is happening already. A lot of these industrial networks are already working on top of ethernet, a standard DCPIP. The way the journey works for us, is we provide, as soon as we show up, an immediate amount of visibility. These networks don't have the same tool sets from a visibility and asset management perspective that IT networks have. So, the first value add is visibility. We capture an incredible amount of information. And the first and best way to deploy it initially, is with, let me look at my network, understand how many PLC's do I have, how the segmentation should be properly done. And then, during all this time, our model building is happening, we're learning about the physical process and about the network. After we've done with the learning our system, determines that now it's ready to enforce, or detect anomalies, and we become at that point, active in anomaly detection. At that point, the customer may connect us with Fortinet, and we may be able to enforce quarantine activities, or blocking activities, if the problem requires it. >> Is there any one particular, use case that sticks out in your mind, as a considerable attack, that Nozomi has helped to stop? >> We obviously can't name any one in particular, but when it comes to defending yourself against cyber criminals, we have defended companies against malicious insiders. Sometimes, an employee didn't like how something may have happened, with them or with somebody else, and that person leaves the company, but nobody removed their industrial credentials. And they decide to do something harmful, and it's very hard. Industrial malicious insider activity, is extremely hard to pinpoint, extremely hard to troubleshoot. Industrial issues in general, are very hard to troubleshoot. So, one of the things that Nozomi adds a lot of value is, is allowing troubleshooting from the keyboard, without eliminating trucks and excel sheets, you quickly can pinpoint a problem, and stop the bad things before they happen. >> One more quick question for you. With the announcements that Fortinet has made today, regarding, you mentioned some of the products, what are you looking forward to most in 2017, in terms of being able to take it to the next level with your customers? To help them, help themselves? >> Listen, the solution works amazingly well. We have to tell more people about it. I think the critical infrastructure has not had the attention in prior years, and I think this year's going to be a year where, ICS security is going to be, and Fortinet of course, is very aware of this, is going to be a lot more relevant for a lot more people. The number of attacks, and the you know, the attacks surface that will never be, it's all playing so that, this year's going to be a big year. >> Yeah, I think we were talking, before we started, that the U.S. Department of Homeland Security, has just identified the U.S. Election System, as a critical infrastructure. >> That's right. >> So maybe it's going to take more visible things, that have global implications, to really help move this forward. >> I think the one point I would make when it comes to government, government has been great, if you make an analogy, this is an analogy that I have on the top of my head, if you look at cars in the automotive industry, seat belts and airbags have saved a lot of lives. We don't have that in industrial cyber security. And we need the government to tell us, what are the seat belts? And what are the minimum set of requirements that are electrical, infrastructures should be able to sustain? And that way, it makes the job easier for a lot of us, because nobody can tell you today, how much security to invest, and what's the mix of security solutions that you should have. And therefore, in the places where you don't have a lot of investment, you don't have none. And you become very vulnerable. Today, if you want to ship a car, and you want your car to be driven on the road, it has to have airbags, and it has to have seat belts, and that makes it a minimum bar for proper operation, if you will. >> But the proper, the way it typically works, is government is going to turn to folks like yourself, to help advise and deliver visibility, into what should be the appropriate statements about regulation, and what needs to be in place. So, it's going to be interesting because you and companies like you, will in fact be able to generate much of the data, that will lead to hopefully, less ambiguous types of regulations. >> Yes, that's right. That's right. I agree 100%. >> Wow, it's an exciting prospect. Edgard Capdevielle, thank you so much. CEO of Nozomi Networks, it's been a pleasure to have you on the program today. >> Thank you. >> On behalf of my cohost Peter Buress, Peter, thank you. We thank you for watching theCube, but stick around, we've got some more up, so stay tuned. (tech music)

>> Narrator: Live form Las Vegas, Nevada, it's the Cube, covering Accelerate 2017, brought to you by Fortinet. Now here are your hosts, Lisa Martin and Peter Burris. >> Welcome back to the Cube, we are live in Las Vegas, at Fortinet's Accelerate 2017 event. A really exciting busy day that I have had with my cohost, Peter Burris, I'm Lisa Martin, we are very excited to be joined by Zeus Kerravala next, of ZK research. Welcome to the cube. >> Thanks Lisa, it's a-- >> We're happy to have you here. >> Yeah, it's great to be here. >> And we, as I've mentioned, Peter and I have been talking with a lot of great folks all day, from Fortinet, from Technology Alliance Partners. The buzz is here, obviously, the security as an industry of the market, there is tremendous change going on there, breaches are happening daily with, from big brands that we're all very aware of as consumers to the small mom 'n pop. So, Zeus, you founded ZK Research, you said a little over five years ago... >> Zeus: That's correct. But you've been in the industry as an analyst for quite a long time, and you actually were in IT as well as CIO. >> Yeah, I was. I was, I played a number of different roles, I started off as an engineer, I held a role as a CIO for a while, I worked for Avar, and then I got tired of doing that, and I became an industry analyst, and I've been doing that about 15 years now >> Excellent, so one of the things that we'd love to ask you about is, during the keynote this morning, the CEO of the Fortinet, Ken Xie, talked about this big impact that hyperconnectivity is having in general, this proliferation of mobile devices, of IoT devices, that are really causing a lot of challenges for security, but also talked about, that there will be tremendous growth in the security market, what's your take on where the security market is going? >> Yeah, I really liked Ken's keynote, in fact, Ken typically delivers very technical keynotes, and that's worked well for him, cause customers tend to love him, and this one is a little higher level, and I really like that, and Ken's right, we're moving into a world, where everything is connected, literally everything, our cars, our pets, the things we wear, the things in our home, everything in our business, and that has some profound implications for business. Alright, first of all, security is becoming a, an asymmetric problem for security professionals, what I mean by that is, it used to be you had one way into the network, and you had to protect it, and the bad guys had to come through that way. Now, security professionals have to protect tens, hundreds, thousands of new entry points, created from all these connections, to the Cloud, to IoT devices, but the bad guys still only have to find one way in, and once they're in, we assume that environment is secure, and they can meander around, and the bad guys can figure out what to steal. And so, I think, one of the points that was underscored in Ken's keynote is the fact that security is changing, it's evolving from something that was focused at the perimeter. >> Lisa: Right. >> To something that needs to be focused more internal. In fact, my research shows that 90 percent of security spend is still focused at the perimeter, and only 20 percent of the breaches occur there. So, you can see customers are misaligned with how they're spending they're money, and I thought a lot of the messages from Ken's keynote were, I think, well received by the audience, because it's something they need to hear. >> Yeah, he talked about the security evolution, which I also thought was quite interesting. I saw a graphic the other day that showed, by decades, security evolution, you talked about perimeter in the 1990s, it was focused on perimeter, obviously still important, but not the only thing, you talked about, there's a lot of ways in now. Then going onto Web 2.0, web security, then Cloud security in the 2010s, and now getting to this, what Ken described as the third generation of a Fabric needing automation, needing resilient energy, talked about kind of internal, so that I thought that was a really interesting way of looking at that, but also very interesting that you're saying almost that 80, 20 rule, with your clients, how are you helping them, to sort of switch that from a spend, and really show, even in some ways maybe, how the technology that they would employ from a security perspective can actually bring revenue opportunities. >> Yeah, well, I think they have to rely more on the technology, and automation, typically security has been deployed, box by box, device by device, at specific points in the network using manual processes, and frankly, that's kind of slow, right. And security already has a bit of a bad rap, that it slows the business down, users tend to turn things off in their computers, because it slows them down, and in this digital era, and I was glad Ken talked about digital transformation, because in the digital era, the new currency of business is speed. Companies need to move with unprecedented speed. Those, that can do that, will be able to stay in market leadership, and those that can't, will fall behind, and frankly, over the last five years, we've seen a bunch of big name vendors, brands that we all knew, go away, right, because they couldn't keep up. Now, when you think about what companies are trying to do in order to be a digital enterprise, you need to be agile, but you're only as agile as your least agile IT component, and today, that's the network. So, if I've got this fully automated IT stack, and I've got containers popping up, and new applications being deployed, and I'm accessing things from the Cloud, but my engineers have to run around with security appliances, and deploy them, all that does is slow the business down, and so, I think the concept of the Security Fabric is to ensure that you have the right services in the right places that you can turn on, and now, security becomes a business enabler, and not an inhibitor, so in some ways, we're flipping the model around where security, like I said, has been viewed as something that's held the company back, but it's now something that can allow us to differentiate ourselves, because we'll have the trust from the customers that we have the right security in the right places. >> I want to follow up on a point you made about the 90 percent of the investment at perimeter, and 20 percent. There might be another way of thinking about it, and I'm going to test this with you, is that it takes that 90 percent of security investment is what it takes to ensure that no more than 20 percent of the attacks occur at the perimeter, so does that mean that we need to reallocate that 100 percent sources, where that 100 percent is going to grow 3x, because it's still going to require that 90 percent to keep the perimeter secure. >> Yeah, I think it's a bit of both, but I do think, we will see the spend of security go up, because we have to secure more things. Like if you look at some of the big breaches that we've seen, in fact, almost all of them occurred from inside the network. So bad guys are smart, the hackers are clearly they're some of the most brilliant minds out there, that's why they're able to do what they do, and they know that the perimeter security today is so well-built that the amount of effort it takes to break through it is very, very high, so you're right, that amount of spend is required to keep all those threats out. >> Peter: But it's not the only answer. >> It's not the only answer. >> So we're going to need to continue to invest in an in-point, and perimeter, but as you were saying, we also have to invest in data, and have a balanced approach to the whole thing, which we adjust to this notion of Fabric. >> Yeah, and I think the automation capabilities of the Fabric can really help of certainly, because I don't want people watching this to think, "oh, my God, my security budget is going to be like triple what I had.", because frankly the people cost associated with security from my research are almost about 60 percent of the cost. I mean the equipment itself isn't all that much, right. So if I can invest more in the right technology, and I can automate a lot of the things I can do today, now I can reallocate those people cost somewhere else. So, in fact, I may wind up spending the same amount from an overall perspective, or maybe a little bit less, but I'll be far more secure, because I have the right technology in the right places. >> So where are those people going to go? >> I hear all the time, an I think this is one of the things that has held automation back from IT people that they're scared to death of automation, because they think their jobs are at stake, but if you look... All the way back to the mainframe, we've always had this transition, right, where we did things, and then new technology came in, and new skills are needed to do new things, and I think if you look at IT today, there's a crying need for data scientists, for analytic skills, I mean security itself Is less about point products, and more about data gathering, and data analytics, and there's very few of those professionals out there, so if I'm a professional, security professional today, I want to automate those traditional tasks because I need to invest in myself to make sure that my skillset is current today, and also a decade from now, and I think a lot of that's going to come in the area of data sciences. >> Yeah, and as you said, a lot of those skills in doing the models of security, and this Fabric notion are transferable to other domains. >> Oh, absolutely, because if you don't want to stay a security professional, but most security people like security, that's why they're doing it. But I do think there will always be need for skills in the next thing, the key for the security professionals is don't get stuck in the old world, you know, embrace this new world, embrace automation because it's going to free up their time to do things that are more strategic to the company, which is going to allow them to be more valuable as well. >> You touched on the Fabric term a minute ago, and that's one of the things that Fortinet announced last year was the Security Fabric approach. Can you talk to us about Fabric versus Platform, what are your thoughts there, and how are they different? >> Yeah, I think, first of all, the Fabric, and Platform, are both roughly trying to solve the same problem that... Too many vendors doesn't make you more secure, in fact, my research shows that on average, companies have 32 vendors, different security vendors, which you can't build any kind of strategy around that. So the concept of either, a Fabric, or a Platform, is that I can reduce the number of vendors, I can simplify my architecture, and I get more intelligence across the entirety of the Platform, or the Fabric. Now the difference though, is I think the Fabric, think of what a Fabric is, it's a big cloth where any point is connected to any point, and so the security intelligence is spread across that Fabric, and I can drop new components in, or take em out, and things will continue to work. So, it allows me, that if I put a new IoT device in, I can push security capabilities there, if I started using a new cloud service, I can push security capabilities there. A Platform to me, is more dependent on a centralized point of control, and I can attach things to that point of control, but if I take that point of control out, none of the things works, and so I think, the Fabric almost democratizes security capabilities across the infrastructure, because it's more dynamic, and more distributed, and we're clearly living in a world where dynamism, and distribution, are the norm, and so the security architecture needs to follow that. >> Paradoxically, doesn't that centralized security platform the become the biggest security risk in the company? >> Zeus: Yeah, well, if you breach that, you can get anywhere. >> Get anywhere. >> Zeus: Right, right. And so I think the Security Fabric is the right way to think about it, you're not trying to beef off one particular area here, you're trying to make a set of security services available across your entire infrastructure. >> Is that, that kind of, a key advice that you give to your clients that are looking for, this now requires a new approach, new architecture, is that kind of the key advice that you offer to them? >> Yeah, well that's the biggest conversation I have with security professionals today, is they don't really know where to go from here, they've invested all this money in all these tools, and the environment has gotten increasingly more complicated, right. So, they're falling behind. It's very, very slow, and it's not working. The average number of days to find a breach is a hundred days, think of what can happen in a hundred days, that's over a quarter. And so, there's a great desire to be able to find breaches faster, but also first simplify the architecture, and that's always my advice is, you can't move forward, until you take a step back, and simplify, right. And the concepts, I think of the Fabric, are really aligned with that, it's simplification, automation, and it removes a tremendous amount of the human burden from security operations, which frankly I think is holding things back. >> What are some of the things that you're most excited about? You were in the keynote this morning, we chatted about that, we talked about some of the things that were discussed there with the evolution of security, the third generation, you mentioned speed as currency, and actually kind jogged my memory about something that you were talking about with respect to data, and also that was brought up this morning as the data value, if it is not valuable to a business, you know, that business has-- >> Well one of the things we talked about this morning specifically was that security used to be the department of no, as you said earlier, and companies that can collapse the time between an idea, and execution, in a world where, at least in the digital world, where digital security is so essential, are going to provide an enormous net new set of value propositions to their customers, and I'm sure you've seen that. >> Yeah, well, no doesn't work anymore because of shadow IT, if you say no to a line of business, they're just going to go find a different way to do it, and that can have incredibly... That can be incredibly risky, because now IT has no control, in fact... Some of the interesting data points from my research is that 50 percent of companies, don't know what devices are attached to their network, and I think 96 percent of companies have IT services that have been procured not through IT, directly by the line of business, so it's become the norm, and I think, if you look across the entirety of the world today, from business processes through IT strategy, right, data and analytics has become the key differentiator, to be able to take the data, analyze it, and then be able to create some new insights. Now from a line of business perspective, their trying to understand the way you like to shop, the sports teams you like, the things you like to buy, and push more relevant content to you. From a security perspective, it's being able to find those breaches faster, and then, being able to cut that number down from 100 days to frankly, we've got to get to minutes, and I thought some of the more exciting things they showed in the keynote were the ability to take the data, and then show it visually, because I've always said you can't secure what you can't see, right, and if you're blind to what's going on in the network, you'll never ever, ever be able to truly secure it, and so I think we're-- Fortinet is entering an era now, where they're actually harnessing the power of all the date they have, but they're focused more on the UI in the new FortiOS 5.6, a big part of that is the new user interface to be able to display the data in a way that's understandable by the people using the tools. >> So that's a great point that you can't secure what you can't see. >> Zeus: You cannot secure what you can't see, yeah. >> Well, Derek Manky, was actually talking earlier, who's the global security strategist here at Fortinet, I'm sure you know Derek. >> Zeus: Yeah. >> Was actually talking about one of the things he's excited about, and want to get your take on this point, is that he thinks 2017 may be the year that the white hats get the upper hand. >> Well hopefully, I do think-- >> Peter: Because of this notion of automation, and-- >> Yeah, you know, I talked about the asymmetric problems to security where the bad guys need to find one way in, I think data, and visualization can reverse that, because once they're in the network, the bad guys need to stay hidden, and the good guys, right, the internal security department, only needs to find one instance of anomalous traffic, or something that could indicate a breach to be able to start the process of remediation, and so you're right, I think in some ways, 2017, well maybe a little, maybe next year, but hopefully, this year, the white hats start to, they'll at least gain ground this year, and I think that we'll start to see that assymetry problem flipped. >> Precisely, because you only need one instance of a bad action. >> correct, correct. And a lot of that, a lot of these bad actions come from users specifically being targeted, and sometimes, security, no matter how much training they do, you just don't know, you get an email from somebody, you click on it, somebody sends you a file, I've talked to HR people that have gotten resumes emailed to them that have viruses in them, and they don't know, but once that action starts, the data, and visualization tools can help identify those very, very quickly, and the important part about that is the faster you find it, the smaller the blast radius. So if I find it in five seconds, maybe only that HR person's computer is affected, but if it takes me a hundred days, now the whole department, or maybe a whole building has been impacted, so containing that blast radius, I think, is something that security professionals need to focus on. >> Now is a blast radius typically a function of time, or is it also a function of proximity to other business activities, or both? >> I think it's primarily a function of time, and I think it's exponential. So the longer the time goes exponentially, the greater the damage. >> Well gentlemen, tremendous conversation, there's a tremendous amount of opportunity, I think is what we've heard today, thank you very much, Zeus, for sharing your insight, your research with us. Let's hope that 2017 is the year, the white hats get the upper hand. >> Yeah, I think it's a really exciting time for security professionals, and first time in a long time, they have the opportunity to fight back, in a battle that they've been losing ground in for really the better part of a decade. >> Well Zeus, thank you so much for joining us. >> Zeus: Thank you. >> On behalf of my colleague, Peter Burris, thank you for watching, stay tuned, we'll be right back to wrap up the day. (electronic music)