>> Live from Orlando, Florida. It's theCUBE. Covering Microsoft Ignite. Brought to you by Cohesity, and theCUBE's ecosystem partners. >> Welcome back everyone to theCUBE's live coverage of Microsoft Ignite here in Orlando, Florida. I'm your host, Rebecca Knight along with my cohost Stu Miniman. We're joined by Joachim Hammer, he is the Principal Product Manager at Microsoft. Thanks so much for coming on the show. >> Sure, you're welcome. Happy to be here. >> So there's been a lot of news and announcements with Azure SQL, can you sort of walk our viewers through a little bit about what's happened here at Ignite this week? >> Oh sure thing, so first of all I think it's a great time to be a customer of Azure SQL Database. We have a lot of innovations, and the latest one that we're really proud of, and we're just announced GA is SQL Managed Instance. So our family of database offers had so far a single database and then a pool of databases where you could do resource sharing. What was missing was this one ability for enterprise customers to migrate their workloads into Azure and take advantage of Azure without having to do any rewriting or refactoring and Managed Instance does exactly this. It's a way for enterprise customers to take their workloads, migrate them, it has all the features that they are used to from sequel server on-prem including all the security, which is of course as you can imagine always a concern in the cloud where you need to have the same or better security that customers are used to from on-prem, and with Managed Instance we have the security isolation, we have private IPV nets, we have all the intelligent protection that we have in Azure so it's a real package. And so this is a big deal for us, and the general purpose went GA yesterday actually, so I heard. >> Security's really interesting 'cause of course database is at the core of so many customer's businesses. You've been in this industry for a while, what do you see from customers as to the drivers and the differences of going to public cloud deployments versus really owning their database in-house and are security meeting the needs of what customers need now? >> Yeah sure, so, you're right, security is probably the most important topic or one of the most important topics that comes up when you discuss the cloud. And what customers want is they want a trust, they want this trust relationship that we do the right thing and doing the right thing means we have all the compliances, we adhere to all the privacy standards, but then we also offer them state of the art security so that they can rely on Microsoft on Azure for the next however many years they want to use the cloud to develop customer leading-edge security. And we do this for example with our encryption technology with Always Encrypted. This is one of those technologies that helps you protect your database against attacks by encrypting sensitive data and the data remains encrypted even though we process queries against it. So we protect against third-party attacks on the database, so Always Encrypted is one of those technologies that may not be for everybody today but customers get the sense that yes, Microsoft is thinking ahead, they're developing this security offering, and I can trust them that they continue to do this, keep my data safe and secure. >> Trust is so fundamental to this whole entire enterprise. How do you build trust with your customers, I mean you have the reputation, but how do you really go about getting your customers to say "Okay, I'm going to board your train?" >> That's a good question, Rebecca. I think as I said it starts with the portfolio of compliance requirements that we have and that we provide for Azure's SQL Database and all the other Azure services as well. But it also goes beyond that, it goes, for example, we have this right to audit capability in Azure where a company can come to us and says we want to look behind the scenes, we want to see what auditors see so that we can really believe that you are doing all the things you're saying. You're updating your virus protection, you're patching and you have all the right administrative workflows. So this is one way for us to say our doors are open if you want to come and see what we do, then you can come and peek behind the scenes so to speak. And then the other, the third part is by developing features like we do that help customers, first of all make it easy to secure the database, and help them understand vulnerabilities, and help them understand the configurations of their database and then implement the security strategy that they feel comfortable with and then letting them move that strategy into the cloud and implement it, and I think that's what we do in Azure, and that's why we've had so much success so far. >> Earlier this week we interviewed one of your peers, talked about Cosmos DB. >> Okay. >> There's a certain type of scale we talk about there. Scale means different things to different sized customers. What does scale mean in your space? >> Yeah so you're right, scale can mean a lot of different things, and actually thank you for bringing this up so we have another announcement that we made on namely Hyper-Scale architecture. So far in Azure SQL DB, we were pretty much constrained in terms of space by the underlying hardware, how much storage comes on these VMs, and thanks to our re-architectured hardware, sorry software, we now have the ability to scale way beyond four terabytes which is the current scale of Azure SQL DB. So we can go to 64 terabytes, 100 terabytes. And we can, not only does that free up, free us from the limitations, but it also keeps it simple for customers. So customers don't have to go and build a complicated scale out architecture to take advantage of this. They can just turn a knob in a portal, and then we give them as much horsepower as they need to include in the storage. And in order for this to happen, we had to do a lot of work. So it doesn't just mean, we didn't just re-architect storage but we also have to make fail-over's faster. We have to continue to invest in online operations like online index rebuild and create to make those resumable, pause and resumable, so that with bigger and bigger databases, you can actually do all those activities that you used to do ya know, without getting in the way of your workloads. So lot of work, but we have Hyper-Scale now in Azure SQL DB and so I think this is another sort of something that customers will be really excited about. >> Sounds like that could have been a real pain point for a lot of DBA's out there, and I'm wondering, I'm sure, as a PM, you get lots of feedback from customers. What are the biggest challenges they're facing? What are some of the things they're excited about that Microsoft's helping them with these days? >> So you're right, this was a big pain point, because if you go to a big enterprise customer and say, hey bring your workload to Azure, and then they say oh yeah great, we've got this big telemetry database, what's your size limit? And you have to say four terabytes, that doesn't go too well. So that's one thing, we've removed that blocker thankfully. Other pain points I think we have by and large, I think the large pain points are we've removed, I think we have small ones where we're still working on making our deployments less painful for some customers. There's customers who are really, really sensitive to disconnects or latent variations in latency. And sometimes when we do deployments, worldwide deployments, we are impacting somebody's customer, so this is a pain point that we're currently working on. Security, as you said, is always a pain point, so this is something that will stay with us, and we just have to make sure that we're keeping up with the security demands from customers. And then, another pain point, or has been a pain point for customers, especially customers sequel server on-prem is the performance tuning. When you have to be a really, really good DBA to tune your workloads well, and so this is something that we are working on in Azure SQL DB with our intelligence performance tuning. This is a paint point that we are removing. We've removed a lot of it already. There's still, occasionally, there's still customers who complaining about performance and that's understood. And this is something that we're also trying to help them with, make it easier, give 'em insights into what their workload is doing, where are the weights, where are the slow queries, and then help them diffuse that. >> So thinking about these announcements and the changes that you've made to improve functionality and increase, not have size limits be such a road block, when you're thinking ahead to making the database more intelligent, what are some of the things you're most excited about that are still in progress right now, still in development, that we'll be talking about at next year's Ignite? >> Yeah, so personally for me on the security side, what's really exciting to me is the, so security's a very complicated topic, and not all of our customers are fully comfortable figuring out what is my security strategy and how do I implement it, and is my data really secure. So understanding threats, understanding all this technology, so I think one of the visions that gets me excited about the potential of the cloud, is that we can make security in the future hopefully as easy as we were able to make query processing with the invention of the relational model, where we made this leap from having to write code to access your data to basically a declarative SQL type language where you say this is what I want and I don't care how to database system returns it to me. If you translate that to security, what would be ideal the sort of the North Star, is to tell it to have customers in some sort of declarative policy based manner, say I have some data that I don't trust to the cloud please find the sensitive information here, and then protect it so that I'm meeting ISO or I'm meeting HIPPA requirements or that I'm meeting my internal ya know, every company has internal policies about how data needs to be secured and handled. And so if you could translate that into a declarative policy and then upload that to us, and we figure out behind the scenes these are the things we need, you need to turn on auditing, these are where the audit events have to go, and this is where the data has to be protected. But before all that, we actually identify all the sensitive data for you, we'll tag it and so forth. That to me has been a tremendous, sort of untapped potential of the cloud. That's where I think this intelligence could go potentially. >> Yeah, great. >> Who knows, maybe. >> (laughs) Well, we shall see at next year's Ignite. >> We are making handholds there. We have a classification engine that helps customers find sensitive data. We have a vulnerability assessment, a rules engine that allows you to basically test the configuration of your database against potential vulnerabilities, and we have threat detection. So we have a lot of the pieces, and I think the next step for us is to put these all together into something that can then be much more automated so that a customer doesn't have to think technology anymore. They can they business. They can think about the kinds of compliances they have to meet. They can think about, based on these compliances, this data can go this month, this data can go maybe next year, or ya know, in that kind of terms. So I think, that to me is exciting. >> Well Joachim, thank you so much for coming on theCUBE. It was a pleasure having you here. >> It was my pleasure too. Thank you. >> I'm Rebecca Knight for Stu Miniman, we'll have more from theCUBE's live coverage of Microsoft Ignite coming up in just a little bit. (upbeat music)