(upbeat music) >> Announcer: Live from Madrid, Spain, it's theCUBE. Covering HPE Discover Madrid 2017. Brought to you by Hewlett Packard Enterprise. >> Hi everybody, welcome to Madrid, Spain. My name is Dave Vellante, and this is theCUBE, the leader in live tech coverage. We're here, this is day one of HPE Discover Madrid, the European version of the event that we cover in the summer, in the spring, in Las Vegas. I'm here with my cohost, Peter Burris, and Bob Moore is here, he's the director of server software and product security at HPE, and he's joined by good friend Patrick Osborne, who runs product marketing and management for the storage group at HPE. Gents, welcome to theCUBE. >> Good to be here, Dave, Peter. >> Yeah, very happy to be here. >> Dave: Always good to see you Did you bring your sax? >> Not this time, my friend. (laughing) >> We had a lot of fun. Where were we in New Orleans last year? >> Oh yeah, it was great. >> And you're an awesome sax player, we love it, big fan, and you're a bass player, we got more sax, more horns over there. So, I digress. >> Patrick: You need a CUBE band (laughing) >> We need a CUBE band. >> Bob, we talked this spring in Las Vegas, you guys made a big deal about the silicon-level security, you made some innovations there. Give us the update on why, again, that's so important, and how that's been received by customers. >> Yeah, well I think, answer the second part of the question first, it's really resonating pretty well with customers. Honestly, as we get to them, and we describe the level of cryptography we have, down right into the hardware, the firmware, down into our silicon, those customers that are concerned with security, and frankly, all customers are now, really does resonate with them pretty well. And the reason that it's important is because tying all of that security down into a bedrock foundation provides that ability to then leverage in or pull in other objects like storage and provide that security without any increase in latency but also the access and the shared access, being able to do that across multiple platforms, do it securely, and have that sharing capability like we all need to have to keep our IT infrastructure running. So it's really critically important, still, to this day, HPE is the only server manufacturer that's able to do that down into the silicon level that we're talking about here. So we're quite proud about that. And it's allowed us to claim the world's most secure industry standard servers and now, of course, today we're branching out with other technologies across our storage platform and including those into our security strategy. >> So, how does it, Patrick, relate to what you guys are doing on the storage side? >> Yeah, so I think it's a really good complementary solution and the fact that we can provide the silicon root of trust on the infrastructure level, and then on the storage side, we provide some similar capabilities at the infrastructure level, with encryption and other techniques that we have, and then, we assist customers in being able to, in a number of different cases, being able to take, for example, snapshots in backup, move those offsite, or even into the cloud, encrypt those, so you have essentially a silicon-rooted trust on the infrastructure side for your operating system and your firmware. And then you have essentially a golden image at a point in time of your data, which is a pretty valuable asset. So combine those two, we're able to help customers with a pretty aggressive RTO, and RPO, to be able to recover, if they'd been breached, or when they get breached, essentially. So we have some great examples here today in the show, of some customers that have used combinations of things like, the Gen10 servers, 3PAR, and StoreOnce, to achieve that level of recovery, in, not days, in, basically in hours, or even faster. And then we have some other technologies where you can set up a media break, essentially send all that data out to the cloud, and completely have a self-contained, encrypted copy of your data to recover from. So we're providing a number of different solutions, all the way up and down the stack for customers to be able to help to recover very quickly. >> So obviously security's been in the news lately, the huge Equifax breach, you go back to the spring, WannaCry, and ransomware, >> Patrick: Yep. >> So let's talk about ransomware specifically. How do you guys help a customer sort of address that. What's the, there's no silver bullet. You hear talk about air gaps, you guys are talking about >> Patrick: Right. >> silicon-level security, What's the prescription for customers? >> Well, I'm glad you asked that, because ransomware really is on every customer's mind these days. And it is, because it's gone up, ransomware is so lucrative and profitable, it's gone up by 15 full, 15 times in the last two years, to the point where it's cost companies five billion dollars in 2017, and by 2019, a company will be infected by ransomware every 14 seconds, so it's just really huge. And not only, and we don't encourage paying the ransom, but the ransom, if you paid it, would be expensive, but the downtime that you experience in recovering can be really expensive for companies as well. So this ability to recover from ransomware, or ransomware neutralizer, which is what we're talking about and announcing here today, is really new and a revolutionary way to recover in a systematic, orderly fashion, starting with the firmware that we talked about, that's anchored down in the silicon, so we recover that firmware, in case that ransomware malware virus has migrated. Because the hackers are getting so incredibly ingenious these days, that that malware can hide inside the firmware and will go everywhere, the tentacles will go everywhere, but we start the recovery with a firmware so you've got that firm foundation, routing out any remnants of the malware. And then on top of that, new today, we're announcing the fact that we can then recover the server settings that take days, sometimes weeks to set up initially, and that'll be recovered and restored automatically. Then we restore the operating system through an ISO site, along with the applications and then finally, we bring the data back, as Patrick was mentioning, we do that relatively quickly. We're demonstrating that here this week at Discover Madrid. And it really does allow customers to avoid having to pay the ransom, we want them to be able to recover, do it quickly and easily, without paying the ransom, and that's what we help. >> But you mention the word "trust," which is one of the most increasingly important words in the tech industry. We're in Madrid, GDPR is going to start moving in into a force in the first quarter of next year. >> Bob: May 2018. >> So, second quarter. And it's going to create some fair amount of attention, not just here in Europe, but on a global basis. I was talking to an expert who suggested that if the Equifax breach had occurred in Europe, under GDPR, it would not have been just embarrassment, it would have been about 60, 70 billion dollars worth of funds. >> Bob: Right. >> So we're talking not just about nice things to have, we're talking about, over the course of the next five years, you have to have this level of capability inside your infrastructure, or you will be out of business. >> I think it's true, absolutely. The GDPR, the penalties associated are so severe with that, up to 20 million dollars, or four percent of the annual revenue of the parent company, so it can just be massively impactful, financially impactful, hurtful to the companies. We're talking today, and this week, about GDPR, and how we help companies get ready for that, and you mention the Equifax breach, actually, we have, with our HP Gen9 and Gen10 solutions server networking and storage, applied the NIST 800-53 controls to that, and if they had applied those and used our solution, we believe that, after having looked at the Equifax breach, that would not have happened, had they followed the security controls that are in NIST. There's a lot of articles published about how NIST can help companies get ready for the GDPR in Europe, and so we've got the NIST controls, we went through all the time, energy, and funding to create the NIST security controls that will help a hundred percent of those applied to the ISO certification, ISO 27000-1, 27000-2, which then lends itself to being GDPR compliant. So, not only do we help customers through this great new technology that we have in the silicon-rooted trust, and that's helpful in getting ready for the GDPR, but also these NIST controls. >> But it's also that it's also that the well the conversations that we're having with CIOs is that GDPR, even though it's centered here in Europe, is likely to have an effect on global behavior. And so, one of the things that they're looking for is, they're looking for greater commonality in the base infrastructure about how it handles security, so that they can have greater commonality in how their people do things, so they can be better at targeting where the problem is, when the problem happens, and how to remediate the problem. Talk a little bit about how more commonality in the infrastructure, especially when you talk about storage, which is increasingly the value proposition, is how you share data is going to liberate resources elsewhere in the business to do new and better things faster. >> I think for, from the HPE perspective, you're not going to solve GDPR with any specific point product. Right? And that's not, it's not really our message to the market, that, you implement this and you're going to go satisfy those requirements. It's definitely part of a solution, but what we've been trying to do is, you see, we've got the silicon root of trust on the server side, and a number of security features, and we're talking about how we integrate that with the storage. We're starting to bring together more of a vertically oriented stack, that includes all those pieces and they work together. So instead of having a security or commonality layer at the server layer, at the networking layer, at the storage layer, thinking about it as a service that's more vertically oriented through the stack, where you're able to take a look at all aspects of the networking, what's going on with the firmware and the operating system and all the way down to essentially your secure and most important data. >> Peter: Securing the data >> Exactly. >> And not the device. >> Exactly. Exactly. And so for us, you see it in themes for for 3PAR, for SimpliVity on the hyperconverged area, and all the converged systems on the compute side, we're really providing integrated security and integrated data protection that is inherently secure with encyryption and a host of other techniques. So really, we're trying to provide it from the application level on down through the infrastructure, a set of capabilities within the products that work together to provide a little bit more of a secure infrastructure. >> One of the things we talked to Bill Philbin about on theCUBE recently was, and Patrick, I'm sure you've heard this, maybe you too as well, Bob, but boo-boos happen now, today, really fast. So they replicate very quickly. So how do you deal with fast boo-boo replication and sort of rolling back to the point where you can trust that data? >> There's a couple techniques and innovations that we brought within the storage realm, in terms of integrating that whole experience, so our big thing is, on the storage side, has been how can you provide an experience from all-flash on-prem out to the cloud, from a data perspective, and have all that integrated so we've got a number of things that we've actually announced here at Discover, in terms of 3PAR, all-flash, and Nimble, being able to federate that primary storage, with your secondary storage, on-prem, and then being able to have that experience go off-prem, into the cloud, so you do have a media break and a number of things. I think, from a solution perspective, integrating with some of our top-tier partners on the availability side, like Deem, for example, it gives you that really holistic application-level view, in the context of virtualization, it's something that helps do the very rich cataloging experience, and pieces. >> So I wonder if we could talk about a topic that's been discussed in our communities, which is the biggest threat within cyber is the weaponization of social media. You've sort of seen it with fake news, and Facebook, and I wonder if you guys are having similar conversations with customers and even ransomware. You look at WannaCry, it was sort of state-sponsored, and actually not a lot of money went back >> Patrick: Right. >> To the perpetrators, maybe it was a distraction to get other credentials. And you're seeing different signatures of Russians, very sophisticated hackers, they target pawns and make 'em feel like kings, and then grab their credentials, and then go in and get critical data. So when you think about things like the weaponization of social media, how can you guys help, sort of, detect what's going on, anomalous behavior, and address that? You've got silicon level >> Right. >> You've got the storage component. Do analytics come into play? Is there a whole house picture that you can help customers >> Yeah, I think that's the next level. It's almost an iterative process as soon as we've developed a protection, or the ability to detect a cybersecurity breach, is then the hackers try to outdo that, and so we're continually leapfrogging, and I think the next step is probably with machine learning. We're starting to actually deploy some of that at HPE, that artificial intelligence, and we have some of that now with our storage, our Nimble storage, as well as our Aruba Networking with the technologies that Aruba has with IntroSpect, can now look at the communication inside of a network and determine if there's nefarious behavior, and watch the behavior analytics, as well as the signatures that are going on inside the network, and actually, then communicates with ClearPass, and can proactively take some charge of that and rule out that user that's potentially a bad actor before any damage is really done. Same way on, with the storage side, >> Patrick: Yep. >> With the InfoSight that has great, in fact, so great of AI intelligence, that we're actually sharing as we look at ransomware viruses, they're looking at the signatures that those leave, and the trails that ransomware leaves behind, so that the storage systems can actually proactively route that out with machine learning and artificial intelligence. That's where we're headed with HPE. >> But it's, it's not only, it's not only finding ways to fix the boo-boos, it's acknowledging or recognizing that the boo-boos occurred. So how is this new capability facilitating, or increasing the speed with which problems are recognized? >> I think one of the important points that Bob made is that we are, we're announcing this week, on the storage side, some concepts around AI for the data center, and specifically, around our predictive analytics with InfoSight, and applying that from Nimble to the 3PAR systems, and then setting out a vision that is going to basically enable us to use that AI at the infrastructure layer, across other areas within the portfolio. Servers, networking, and for, at the speed at which this is moving, you can't solve this at the human level, right? So for us, to be able to whitelist and blacklist customers, based on our learning across a very large install base, if you think about the amount of compute nodes and the amount of storage that we sell as a infrastructure company, you can learn and be enabled to proactively help customers avoid those situations, that's something we're actually implementing today. >> And let me follow up with that, because it's a great lead-in or tie-back to GDPR that we were discussing. >> Yep. >> Because there's reporting requirements within 72 hours, right, >> Yep. >> That GDPR says that you've got to report that you had a breach, and how do you report that if you're not certain? Well, with our silicon-rooted trust and the Gen10 servers, we actually are monitoring all that server essential firmware every 24 hours. Now some of our competitors monitor, or check the firmware, one time when you boot up the server, and never again until you, maybe reboot the server, right? But we're doing, at HPE, that check every 24 hours, and that's an automated process. And so, you ask, how can be detected? Well, we can detect that, because you'll get an alert, coming back to the user of the server, that there's been a breach, and that can be reported. >> We got to go. I'm glad you mentioned automation, because that's a big factor, >> Bob: Yeah. >> Using false positives, because people just don't have time, they're drinking from the fire hose. Bob, Patrick, thanks very much for coming to theCUBE. >> Great, thanks so much for having us. >> Dave: Enjoy the week. >> Thank you so much, we appreciate it. >> All right, keep it right there everybody, we'll be back with our next guest. This is theCUBE. We're live, from HPE Discover in Madrid. We'll be right back. (upbeat music)

>> Announcer: Live from Las Vegas it's theCUBE. Covering HPE Discover 2017 Brought to you by Hewlett-Packard Enterprise. >> Okay welcome back everyone, we're here live in Las Vegas it's theCUBE's exclusive coverage of HPE Discover 2017. HP Enterprises premier show, it's theCube on our third day I'm John Furrier, my co-host Dave Vallante. And our next guest Bob Moore returning back, Director of Server Software Private Security, he's got the hottest product, he's here on the show. We're going to go do a deeper dive. And Jason Shropshire SVP, CTO of InfusionPoints. Welcome back welcome to theCUBE. >> John, thank you Dave. You're the talk of the town here on the show with the simple messaging that is clean and tight. But outside of that, from a product stand point is really some of the security stuff you guys are doing in the Silicon. >> Bob: It is. >> In the server with Gen 10, pretty game changing, we've been curious, we want more information. >> Bob: Yeah. >> John: Give us some more update, what's the update? >> Glad to do that we're really proud of the announcement of course it's a big bold announcement this week. Claiming ourselves the world's most secure industry standard server. So that's big, that's huge, that's based on this new revolutionary security technology that we've been developing frankly over the past couple of years. So it's been two or three years in the making. A lot of hard work, we actually started to look at what type of security trends were happening, and what we might have to do to protect the servers. And we've come up with a game changing capability here. And it's one thing for us to say it internally at HPE, but we are so certain that we are in a great security position that we went external and found a security firm outside, that independently could look at it and do some compare, contrast testing with a competitive unit, so. >> So let's drill into that, actually I had some other questions on the industry in terms of what is going on at the chip level. Always on security is kind of a theme we've heard in the past from some of your competitors, but lets get into some of the competitive analysis. What do you guys see in the benchmarks. Jason, what do you guys discussing , because at the end of the day, claims are one thing. No offense to HP, you're kind of biased of course. We have folks on from the marketing team as well. Where's the proof in the pudding? >> Oh yeah, well one thing that we know for sure is that threat is real, right, with firmware. And it was great for us to analyze HP's new technology. We had on the bench two different beta units. >> John: You guys are the ones who did the benchmark. >> Jason: Yes the analysis. >> Independent. >> Independent yeah, FusionPoints is a cyber security firm independent from HP, they approached us to do the testing. >> John: Okay. >> We have head analysts that do this sort of thing all the time for our customers. >> So take us through what happened. >> Yeah so they procured for us three competitor servers. Sent them to our shop. We set them on a bench, all side by side. From what I can tell, no one's ever really done a test like that, you know, within the server industry. It was very exciting. There's been a lot of benchmarking done and performance, things like that. But from a black hat stand point, to actually look at the hardware, that hardware level testing, we couldn't find any examples of anyone doing it. I thought that alone was just evidence that HP was very serious about security and they knew what they had. So. >> John: You guys getting your answer, because you know the malware, and all the ransomware going on. People are going through elaborate lengths. >> Jason: Absolutely. >> Business model, organized teams, this is a really orchestrated security market now, with the black hat guys out there, really hacking away at every angle. >> Yeah well, you know we saw evidence that firmware issues and exploits are here to stay. The Vault7 release that happened recently showed us that there are exploit kits. Intel security released within a day a tool to let you do firmware validation. But to do that you have to take your server offline and build a gold image of what that firmware should look like. And then compare like a week later if you think you might have had a breech. You have to take your server down and compare it against that gold image. And who has the time to do that? But what we found in analyzing the Gen 10 server is HP has built this in, where this can be done in real time, while the server is running. No performance hit, no down time. It really is a revolutionary game changer I think for firmware security. >> So Bob, can you explain what IP you developed in Silicon that Intel, where do they leave off and you pick up? >> Sure, sure because Intel has some great security technology. And we actually support a lot of Intel technology. Their TXT, their Trusted Execution Technology as part of our Gen 10 servers. But what we've done at HPE is we've really taken it multiple steps further than that and we've developed. Because we're in a position where we develop our own custom HPE iLo-silicon chip, we're able to anchor what we actually do, imbed the cryptographic algorithms into that, and we anchor all the server's essential firmware. Right, think of it as anchoring it down into the bedrock. So there's really no way you can get in and breach that. And even if you did, instead of taking it offline like Jason was talking about here. We have the ability to not only provide that protection, but we would detect any type of malware or virus that gets in. And then frankly, we can recover that, almost immediately within a few minutes. In fact we're demonstrating that here during Discover this week. >> Is there anyplace online where people can get information, people watching, probably curious. >> Bob: Sure >> You can just give them the URL. >> Yeah just naturally it's our HPE.com/security. And that where there we've got some white papers there and other things there. >> So you say you can recover universally instantaneously. >> Bob: Yes. >> And you do that by what, fencing certain resources or... >> Yeah well what we've done, is we verify as the server is running, we're doing a runtime for more validation. So we're checking that firmware, making sure it's free of any malware, viruses, or compromised code. Completely perfect in original shape, like when we ship it from the factory. And we're storing in another location inside the server, a secure copy of that. Think of it as log box, inside the server, where it can't be found unless we need it to go into recovery mode. Then we draw from that, we've checked it daily, we've stored it there, we know it's authentic, and we can pull that back into recover in case something does happen to the server. >> And then asynchronously reclaim that wasted resource, clean it up and bring it back online. >> We can, we can recover the server, the firmware, toward the end of the year, we'll be recovering the operating system as well. Also we've got a really holistic way to get that recovered. When we talk to customers, a real big concern, and sometimes it's called bricking a server, you've got a bricked server, something that just won't operate. And it's important because 60% of small businesses that suffer a security breach, go out of business within six months, so it can be huge that lack of cashflow for customers. It's that denial of service, that disruption of business. Well we prevent all that, because we can not only protect the server, but then recover from a breach. >> So the anatomy of that breach, can we go through a common use case? So malware gets in, it gets into the server, it's hiding, typically you don't know about it. And in this new scenario with your Gen 10. You'll be able to identify that. >> Bob: That's right. >> To protect it, okay. And if I understand, the business impact of the problem you're solving is, not only are you sort of automating that protection, but you're also eliminating, a lot of wasted time, and downtime, and accelerating the response. >> Yeah I think that's what Jason was talking about earlier. Normally, if you're server gets infected, you completely take it off line and then do a manual recovery. And customers still have the choice to do that, but in our case we can recover immediately within a few minutes if something happens and gets a breach. >> Those types of exploits are typically in the data plane as well. With firmware you can't even really detect that you've been hacked. So down in the firmware virus scanners, those things don't work. So if you have a BIOS exploit, that is on either the iLO, that would be on the BMC the baseboard management controller. And undetectable by the operating system. >> That's crazy because it's a clean haven for hackers. I mean they know how to get in there, once you're in there, you're in. >> I don't know if a lot of customers realize this but the first thing when you turn a server on, there first thing that comes on is the firmware. In our case it's the iLO firmware. Over a million lines of the firmware code run before the operating system even starts. So that can be a cess pool for a trojan horse. And the research shows a virus, somewhat analogous to a human virus, it can stay there, hibernate in there for months, maybe even a year or more until it springs forth and opens up the passwords or bricks your servers, or does some nefarious thing. >> A cesspool from the customer standpoint, from a hacker is like going to the beach. Pina Coladas, you're clean you're down there having fun. >> Well what's your stats? The average time to detect an intrusion is over 200 days. >> Bob: That's right yeah. >> So essentially, you're detecting it instantaneously. >> We can, we run that runtime firmware validation on a regular basis, can be run as much as everyday, and so you'll know almost immediately. Which is really great because of a lot of regulatory bodies want to know if a breach has occurred. So this gives customers the ability to know somethings happened to them. >> Jason I want to challenge the claim here, because first of all I love the bravado. Yeah, we're bad ass, we're number one. >> We know that. >> What is the, how did the leaderboard come out? What was the results? Did HP come out number one? >> Oh absolutely. >> What's the lead, what's the gap, talk about the gap between HP and other servers. Did they send you the best servers? What was the benchmark, I'm sure you did your due diligence, take us to more of the results. >> Sure, sure, so yeah again we were comparing all the servers side by side. A test that had never been done from what I'd seen. When we looked at by feature, by feature, and started analyzing things. We sort of broke down and we saw we really had two different angles that we were looking at. The penetration test as aspect. What we were looking for vulnerabilities in the firmware, at the physical layer, at the network layer. They passed that with flying colors. We found a few minor issues that they jumped on and resolved for us in a matter of hours or days. And then the other aspect was a feature by feature comparison that we looked at. We looked at the silicon retruss obviously and we saw what the others were doing there. At best the other guys were using firmware to validate firmware. The obvious issue with that is if the firmware is compromised it's not trustworthy. >> Spoof, yeah, yeah. >> It's in no position to validate and verify. >> It's like Wallstreet policing itself. >> Jason: Yeah, can't trust that, They have a revolutionary intrusion detection switch on the Gen 10, that actually detects. If the lid is lifted on the server, anywhere from when it leaves the factory to the garage of the installation point, server doesn't have to be plugged in like the other guys. >> So if it's just a physical casing breach, >> Jason: Exactly. >> What happens there, flags the firmware, makes a note, does it shut it down? What happens? >> It makes a note, it puts it in the log entry so you can tell if that server has been tampered with in transit. >> So the insider threat potential should go away with that. >> Right, physical access, you don't have to worry about that because we can verify that server gets to the customer in it's unique, original, authentic condition. Because even though the power is off that is going to register and auto log an alert if that chassis has been opened. >> So I can't go to the vault of the Bellagio, like they did in Ocean's Eleven and put my little, and break into the server and you know go in there. >> Bob: Exactly. >> Okay, now back to the results. So the other guys, did they all pass or what. >> Well we did find some issues that we're looking at and doing some further testing on. >> So we're going to be polite and respect the confidentiality you have the ethos of security as you know sharing data is a huge deal, and it's for the integrity of the customer that you have to think about so props for that. For not digging into it, we'll wait for an official report if it does come out. Alright, so I got to ask you a personal question Jason. As someone who is in the front lines. You know every time there's a new kind of way, whether it's Bitcoin and Block chaining, you see a slew of underbelly hacking that goes mainstream that people are victimized. In this case firmware is now exposed, well known. >> Jason: Yeah. >> What as a professional, what gets you excited, and what gets you alarmed if anything about this? What new revelations have you walked away with from this? >> Well it's just how pervasive this issue is. You know the internet of things has exploded the number of IP devices that are out there. Most of them have, firmware issues, almost all of them have firmware issues. And we've just now seen bot nets being created by these devices. Cameras, IP cameras and things like that, that become attack platforms. So I just want, one of the things that impressed me very much about HP's approach here is that they're being a good corporate citizen by making a platform that's going to be implemented in tens of thousands IP addresses. Those systems I think will be much more secure. Again it can't become an attack platform for other people, for attackers to abuse. >> So the surface area, so your point about IOT. We always talk about the surface area of attack vectors. And that vector can then be minimized at the server level, because that's like the first mile in. >> Right we come and really refer to that as the attack vector or the attack surface. And so we narrow that attack surface way down. >> Can you even subjectively giVe us a sense as to how much of the problem this approach addresses? I mean is it 1%, 10%, 50% of the attacks that are out there? >> I think the important thing here is moving, shifting the bar. I've likened this, what HP is doing here to what Bill Gates did 15 years ago with the Microsoft memo. I mean that really revolutionized operating systems security within Microsoft and I think it had a ripple effect out into the industry as well. So I think HP is really pushing the bar in the same way but for firmware, instead of the operating system level that was the paradigm 15 years ago. >> And I think you'll find on our website we put some of the studies actually, and it's over half, I think it's 52% of the firms that responded have had a breach or malware virus in their firmware. So over half of those, and 17% had a catastrophic issue with that, it really is more pervasive. We've seen a lot of news about the data plane level, where thefts are taking place at the application level of the operati6ng system. And we've got to pay attention to the firmware layer now because that's like I said, a million lines of code in there running. And it could be an area where a trojan horse can sit, and we essentailly narrow that attack surface. We're also delivering with the Gen 10, the highest, the strongest set of security ciphers available in the world today. And that's a commercial national security algorithms. We're the only ones to support in our server, so we're proud of that. >> Well Bob and Jason thanks so much for sharing the insite. It's super exciting and relevant area, in the sense that it's super important for businesses and we're going to keep tracking this because the Wikibond team just put out new research around true private cloud, showing the on prim, cloudlike environments will be 260 billion dollar market. That's new research, that's groundbreaking, but points to the fact that the on pram server situation is going to be growing actually. >> Jason: For sure. >> So this is, and with cloud there's no perimeter so here you go, firmwares, potential exposure you solved that problem with good innovation. Thanks so much for sharing. >> Thanks you guys. >> Thank you. >> The inside Jason and Bob here on theCUBE talking about security servers, attack vectors, no perimeter, it's a bad world out there. Make sure you keep it protected of course. This is CUBE bringing you all the action here at HPE Discover. We'll be right back with more live coverage after this short break. I'm John Furrier, Dave Vellan6te. Be right back after this short break, stay with us.