(upbeat music) >> Announcer: TheCUBE presents Ignite '22 brought to you by Palo Alto Networks. >> Welcome back to Las Vegas guys and girls. Lisa Martin here with Dave Vellante. This is day one of the cube's two day coverage of Palo Alto Networks Ignite at the MGM Grand. Dave, we've been having some great conversations today, we have a great two day lineup execs from Palo Alto, it's partner network, customers, et cetera. Going to be talking about infrastructure as code. We talk about that a lot, how Palo is partnering with its partner ecosystem to really help customers deliver security across the organization. >> We do a predictions post every year. Hopefully you can hear me. So we do this predictions post every year. I've done it for a number of years, and I want to say it was either 2018 or 2019, we predicted that HashiCorp was one of these companies to watch. And then last August, on August 9th, we had supercloud event in Palo Alto. We had David McJannet in, who is the CEO of HashiCorp. And we really see Hashi as a key player in terms of affecting multicloud consistency. Sometimes we call it supercloud, you building on top of the hyperscale cloud. So super excited to have HashiCorp on. >> Really an important conversation. We've got an alumni back with us. Asvin Ramesh is here the senior director of Alliances at HashiCorp. Welcome back. >> Yeah, thank you. Good to be back. >> Great to have you. Talk to us a little bit about what's going on at HashiCorp, your relationship with Palo Alto Networks, and what's in it for customers. >> Yeah, no, no, great question. So, Palo Alto has been a fantastic partner of ours for many years now. We started way back in 2018, 2019 focusing on the basics, putting integrations in place that customers can be using together. And so it's been a great journey. Both are very synergistic. Palo Alto is focused on multicloud, so are we, we focus on cloud infrastructure automation, and ensuring that customers are able to bring in agility, reliability, security, and be able to deliver to their business. And then Palo Alto brings in great security components to that multicloud story. So it's a great story altogether. >> Some of the challenges that organizations have been facing. Palo Alto just released a survey, I think this morning if I can find it here what's next in cyber organizations facing massive headwinds ransomware becoming a household word, business email compromise being a challenge. But also in the last couple of years the massive shift to multi-club or organizations are living an operating need to do so securely. It's no longer nice to have anymore. It's absolutely table stakes for survival, and being able to thrive and grow for any business. >> Yeah, no, I think it's almost a sort of rethinking of how you would build your infrastructure up. So the more times you do it right the better you are built to scale. That's been one of the bedrocks of how we've been working with Palo Alto, which is rethinking how should IT be building their infrastructure in a multicloud world. And I think the market timing is right for both of us in terms of the progress that we've been able to make. >> So, I mean Terraform has really become sort of a key ingredient to the cloud operating model, especially across clouds. Kind of describe how partners, and customers are are implementing that cross-cloud capability. What's that journey look like? What's the level of maturity today? >> Yeah, great question, Dave. So we sort of see customers in three buckets. The first bucket is when customers are in the initial phases of their cloud journey. So they have disparate teams in their business units try out clouds themselves. Typically there is some event that occurs either some sort of a security scare or a a cloud cost event that triggers a rethinking of how they should be thinking about this in a scalable way. So that leads to where the cloud operating model which is a framework that HashiCorp has. And we use that successfully with customers to talk them through how they should be thinking about their process, about how they should be standardizing how people operate, and then the products they should be including, but then you come to that stage, and you start to think about a centralized platform team that is putting in golden workflows, that is putting in as a service mindset for their business units thinking through policies at a corporate level. And then that is a second stage. And then, but this is also in some customers more around public clouds. But then the third stage that we see is when they start embracing their private cloud or the on-prem data center, and have the same principles address across both public clouds, and the on-prem data center, and then Terraform scale for any infrastructure. So, once you start to put these practices in place not just from a technology standpoint, but from a process, and product standpoint, you're easily able to scale with that central platform organization. >> So, it's all about that consistency across your estate irrespective of whether it's on-prem in AWS, Azure, Google, the Edge, maybe. I mean, that's starting, right? >> Asvin: Yes. >> And so when you talk about the... Break it down a little bit process and product, where do you and Palo Alto sort of partner and add value? What's that experience like? >> Yeah, so, I think as I mentioned earlier the bedrock is having ways in which customers are able to use our products together, right? And then being able to evangelize the usage of that product. So one example I'll give you is with Prisma Cloud, and Terraform Cloud to your point about Terraform earlier. So customers can be using Prisma Cloud with Terraform Cloud in a way that you can get security context telemetry during an infrastructure run, and then use policies that you have in Prisma Cloud to be able to get or run or to implement or run or make sure essentially it is adhering to your security policy or any other audits that you want to create or any other cost that you want to be able to control. >> Where are your customer conversations these days? We know that security is a board level conversation. Interestingly, in that same survey that Palo Alto released this morning that I mentioned they found that there's a big lack of alignment between the board and the C-suite staff, the executive suite in terms of security. Where are your conversations, and how are you maybe facilitating that alignment that needs to be there? Because security it's not a nice to have. >> Yeah, I think in our experience, the alignment is there. I think especially with the macro environment it's more about where where do you allocate those resources. I think those are conversations that we're just starting to see happen, but I think it's the natural progression of how the environment is moving, and maybe another quarter or two, I think we'll see greater alignment there. >> So, and I saw some data that said I guess it was a study you guys did 90% of customer say multicloud is working for them. That surprised me 'cause you hear all this negativity around multicloud, I've been kind of negative about multicloud to be honest. Like that's a symptom of MNA, and a or multi-vendor. But how do you interpret that? When they say multicloud is working? How so? >> Yeah, I think the maturity of customers are varied as I mentioned through the stages, right? So, there are customers who even in the initial phases of their journey where they have different business units using different clouds, and from a C standpoint that might still look like multicloud, right? Though the way we think about it is you should be really in stage two, and stage three to real leverage the real power of multicloud. But I think it's that initial hump that you need to go through, and being able to get oriented towards it, have the right set of skillsets, the thought process, the product, the process in place. And once you have that then you'll start reaping the benefits over a period of time, especially when some other environments events happen, and you're able to easily adjust to that because you're leveraging this multicloud environment, and you have a clear policy of where you'll use which cloud. >> So I interpreted that data as, okay, multicloud is working from the standpoint of we are multicloud, okay? So, and our business is working, but when I talk to customers, they want more to your point, they want that consistent experience. And so it's been by, to use somebody else's term, by default. Chuck Whitten I think came up with that term versus by design. And now I think they have an objective of, okay, let's make multicloud work even better. Maybe I can say that. And so what does that experience look like? That means a common experience all the way through my stack, my infrastructure stack, which is that's going to be interesting to see how that goes down 'cause you got three separate clouds, and are doing their own APIs. But certainly from a security standpoint, the PaaS layer, even as I go up the stack, how do you see that outcome, and say the next two to five years? >> Yeah, so, we go back to our customers, and they're very successful ones who've used the cloud operating model. And for us the cloud operating model for us includes four layers. So on the infrastructure layer, we have Terraform and Packer, on the security layer we have Vault and Boundary, on the networking layer we have Consul, and then on applications we have Nomad and Waypoint. But then you really look at, from a people process, and product standpoint, for people it's how do you standardize the workflows that they're able to use, right? So if you have a central platform team in place that is looking at common use cases that multiple business units are using. and then creates a golden workflow, for example, right? For these various business units to be able to use or creates what we call a system of record for cloud adoption it helps multiple business units then latch onto this work that this central platform team is doing. And they need to have a product mindset, right? So not like a project that you just start and end with. You have this continuous improvement mindset within that platform team. And they build these processes, they build these golden workflows, they build these policies in place, and then they offer that as a service to the business units to be able to use. So that increases the adoption of multicloud. And also more importantly, you can then allow that multicloud usage to be governed in the way that aligns with your overall corporate objectives. And obviously in self-interest, you'd use Terraform or Vault because you can then use it across multiple clouds. >> Well, let's say I buy into that. Okay, great. So I want that common experience 'cause so when you talk about infrastructure, take us through an example. So when I hear infrastructure, I say, okay if I'm using an S3 bucket over here an Azure blob over there, they got different APIs, they got different primitives. I want you to abstract that away. Is that what you do? >> Yeah, so I think we've seen different use cases being used across different clouds too. So I don't think it's sort of as simple as, hey, should I use this or that? It is ensuring that the common tool that you use to be able to leverage safer provisioning, right? Is Terraform. So the central team is then trained in not only just usage of Terraform open source, but their Terraform cloud, which is our managed service, and Terraform enterprise which is the self-managed, but on-prem product, it's them being qualified to be able to build these consistent workflows using whatever tool that they have or whatever skew that they have from Terraform. And then applying business logic on top of that to your point about, hey, we'd like to use AWS for these kind of workloads. We'd like to use GCP, for example, on data or use Microsoft Azure for some other type of- >> Collaboration >> Right? But the common tooling, right? Remains around the usage of Terraform, and they've trained their teams there's a standard workflow, there's standard process around it. >> Asvin, I was looking at that survey the HashiCorp state of cloud strategy survey, and it talked about skill shortages as being the number one barrier to multicloud. We talk about the cyber skills gap all the time. It's huge. It's obviously a huge issue. I saw some numbers just the other day that there's 26 million developers but there's less than 3 million cybersecurity professionals. How does HashiCorp and Palo Alto Networks, how do you help customers address that skills gap so that they that they can leverage multicloud as a driver of the business? >> Yeah, another great question. So I think I'd say in two or three different ways. One is be able to provide greater documentation for our customers to be able to self use the product so that with the existing people, for example, you build out a known example, right? You're trying to achieve this goal here is how you use our products together. And so they'll be able to self-service, right? So that's one. Second is obviously both of us have great services partners, so we are always working with these services partners to get their teams trained and scaled up around these skill gaps. And I think I'd say the third which is where we see a lot of adoption is around usage of the managed services that we have. If you take Palo Alto's example in this Palo Alto will speak better to it, but they have SOC services, right? That you can consume. So, they're performing that service for you. Similarly, on our side we have a HashiCorp Cloud Platform, HCP, where you can consume Vault as a service, you can consume Consul as a service. Terraform cloud is a managed service, so you don't need as many people to be able to run that service. And we abstract all the complexity associated with that by ourselves, right? So I'd say these are the three ways that we address it. >> So Zero Trust across big buzzword. We heard this in this morning keynotes, AWS is always saying, well, we'll talk about it too, but, okay, customers are starting to talk about Zero Trust. You talk to CISOs, they're like, yes, we're adopting this mentality of unless you're trusted, we don't trust you. So, okay, cool. So you think about the cloud you've got the shared responsibility model, and then you've got the application developers are being asked to do more, secure the code. You got the CISO now has to deal with not only the shared responsibility model, but shared responsibility models across clouds, and got to bring his or her security ethos to the app dev team, and then you got to audit kind of making sure they're like the last line of defense. So my question is when you think about code security and Zero Trust in that new environment the problem with a lot of the clouds is they don't make the CISOs life any easier. So I got to believe that your objective with Palo Alto is to actually make the organization's lives easier. So, how do you deal with all that complexity in specifically in a Zero Trust multicloud environment? >> Yeah, so I'll give you a specific example. So, on code to cloud security which is one of Palo Alto's sort of key focus area is that Prisma Cloud and Terraform Cloud example that I gave, right? Where you'd be able to use what we call run tasks essentially, web hook integrations to be able to get a run or provide some telemetry back to Prisma Cloud for customers to be able to make a decision. On the Zero Trust side, we partner both on the Prisma Cloud side, and the Cortex XSOAR side around our products of Vault and and Consul. So what Vault does is it allows you to control secrets, it allows you to store secrets. So a Prisma Cloud or a Cortex customer can be using secrets from Vault familiarly for that particular transaction or workflow itself, right? Rather than, and so it's based on identity, and not on the basis of just the secret sort of lying around. Same thing with console helps you with discovery, and management of services. So, Cortex and you can automate, a lot of this work can get automated using the product that I talked about from Zero Trust. I think the key thing for Zero Trust in our view is it is a end destination, right? So it'll take certain time, depends on the enterprise, depends on where things are. It's a question of specifically focusing on value that Palo Alto and HashiCorp's products bring to solve specific use cases within that Zero Trust bucket, and solve one problem at a time rather than try to say that, hey, only Palo Alto, and only HashiCorp or whatever will solve everything in Zero Trust, right? Because that is not going to be- >> And to your point, it's never going to end, right? I mean you're talk about Cortex bringing a lot of automation. You guys bring a lot of automation now Palo Alto just bought Cider Security. Now we're getting into supply chain. I mean it going to hit it at the edge and IoT, the people don't want another IoT stove pipe. >> Lisa: No. >> Right? They want that to be part of the whole picture. So, you're never done. >> Yeah, no, but it is this continuous journey, right? And again, different companies are different parts of that journey, and then you go and rinse and repeat, you maybe acquire another company, and then they have a different maturity, so you get them on board on this. And so we see this as a multi-generational shift as Dave like to call it. And we're happy to be in the middle of it with Palo Alto Networks. >> It's definitely a multi-generational shift. Asvin, it's been great having you back on theCUBE. Thank you for giving us the update on what Hashi and Palo Alto are doing, the value in it for customers, the cloud operating model. And we should mention that HashiCorp yesterday just won a Technology Partner of the Year award. Congratulations. Yes. >> We're very, very thrilled with the recognition from Palo Alto Networks for the Technology Partner of the Year. >> Congrats. >> Thank you Keep up the great partnership. Thank you so much. We appreciate your insights. >> Thank you so much. >> For our guest, and for Dave Vellante, I'm Lisa Martin, live in Las Vegas. You watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

(bright music) >> "Supermetafragilisticexpialadotious." What's in a name? In an homage to the inimitable Charles Fitzgerald, we've chosen this title for today's session because of all the buzz surrounding "supercloud," a term that we introduced last year to signify a major architectural trend and shift that's occurring in the technology industry. Since that time, we've published numerous videos and articles on the topic, and on August 9th, kicked off "Supercloud22," an open industry event designed to advance the supercloud conversation, gathering input from more than 30 experienced technologists and business leaders in "The Cube" and broader technology community. We're talking about individuals like Benoit Dageville, Kit Colbert, Ali Ghodsi, Mohit Aron, David McJannet, and dozens of other experts. And today, we're pleased to welcome David Linthicum, who's a Chief Strategy Officer of Cloud Services at Deloitte Consulting. David is a technology visionary, a technical CTO. He's an author and a frequently sought after keynote speaker at high profile conferences like "VMware Explore" next week. David Linthicum, welcome back to "The Cube." Good to see you again. >> Oh, it's great to be here. Thanks for the invitation. Thanks for having me. >> Yeah, you're very welcome. Okay, so this topic of supercloud, what you call metacloud, has created a lot of interest. VMware calls it cross-cloud services, Snowflake calls it their data cloud, there's a lot of different names, but recently, you published a piece in "InfoWorld" where you said the following. "I really don't care what we call it, "and I really don't care if I put "my own buzzword into the mix. "However, this does not change the fact "that metacloud is perhaps the most important "architectural evolution occurring right now, "and we need to get this right out of the gate. "If we do that, who cares what it's named?" So very cool. And you also mentioned in a recent article that you don't like to put out new terms out in the wild without defining them. So what is a metacloud, or what we call supercloud? What's your definition? >> Yeah, and again, I don't care what people call it. The reality is it's the ability to have a layer of cross-cloud services. It sits above existing public cloud providers. So the idea here is that instead of building different security systems, different governance systems, different operational systems in each specific cloud provider, using whatever native features they provide, we're trying to do that in a cross-cloud way. So in other words, we're pushing out data integration, security, all these other things that we have to take care of as part of deploying a particular cloud provider. And in a multicloud scenario, we're building those in and between the clouds. And so we've been tracking this for about five years. We understood that multicloud is not necessarily about the particular public cloud providers, it's about things that you build in and between the clouds. >> Got it, okay. So I want to come back to that, to the definition, but I want to tie us to the so-called multicloud. You guys did a survey recently. We've said that multicloud was mostly a symptom of multi-vendor, Shadow Cloud, M&A, and only recently has become a strategic imperative. Now, Deloitte published a survey recently entitled "Closing the Cloud Strategy, Technology, Innovation Gap," and I'd like to explore that a little bit. And so in that survey, you showed data. What I liked about it is you went beyond what we all know, right? The old, "Our research shows that on average, "X number of clouds are used at an individual company." I mean, you had that too, but you really went deeper. You identified why companies are using multiple clouds, and you developed different categories of practitioners across 500 survey respondents. But the reasons were very clear for "why multicloud," as this becomes more strategic. Service choice scale, negotiating leverage, improved business resiliency, minimizing lock-in, interoperability of data, et cetera. So my question to you, David, is what's the problem supercloud or metacloud solves, and what's different from multicloud? >> That's a great question. The reality is that if we're... Well, supercloud or metacloud, whatever, is really something that exists above a multicloud, but I kind of view them as the same thing. It's an architectural pattern. We can name it anything. But the reality is that if we're moving to these multicloud environments, we're doing so to leverage best of breed things. In other words, best of breed technology to provide the innovators within the company to take the business to the next level, and we determine that in the survey. And so if we're looking at what a multicloud provides, it's the ability to provide different choices of different services or piece parts that allows us to build anything that we need to do. And so what we found in the survey and what we found in just practice in dealing with our clients is that ultimately, the value of cloud computing is going to be the innovation aspects. In other words, the ability to take the company to the next level from being more innovative and more disruptive in the marketplace that they're in. And the only way to do that, instead of basically leveraging the services of a particular walled garden of a single public cloud provider, is to cast a wider net and get out and leverage all kinds of services to make these happen. So if you think about that, that's basically how multicloud has evolved. In other words, it wasn't planned. They didn't say, "We're going to go do a multicloud." It was different developers and innovators in the company that went off and leveraged these cloud services, sometimes with the consent of IT leadership, sometimes not. And now we have these multitudes of different services that we're leveraging. And so many of these enterprises are going from 1000 to, say, 3000 services under management. That creates a complexity problem. We have a problem of heterogeneity, different platforms, different tools, different services, different AI technology, database technology, things like that. So the metacloud, or the supercloud, or whatever you want to call it, is the ability to deal with that complexity on the complexity's terms. And so instead of building all these various things that we have to do individually in each of the cloud providers, we're trying to do so within a cross-cloud service layer. We're trying to create this layer of technology, which removes us from dealing with the complexity of the underlying multicloud services and makes it manageable. Because right now, I think we're getting to a point of complexity we just can't operate it at the budgetary limits that we are right now. We can't keep the number of skills around, the number of operators around, to keep these things going. We're going to have to get creative in terms of how we manage these things, how we manage a multicloud. And that's where the supercloud, metacloud, whatever they want to call it, comes that. >> Yeah, and as John Furrier likes to say, in IT, we tend to solve complexity with more complexity, and that's not what we're talking about here. We're talking about simplifying, and you talked about the abstraction layer, and then it sounds like I'm inferring more. There's value that's added on top of that. And then you also said the hyperscalers are in a walled garden. So I've been asked, why aren't the hyperscalers superclouds? And I've said, essentially, they want to put your data into their cloud and keep it there. Now, that doesn't mean they won't eventually get into that. We've seen examples a little bit, Outposts, Anthos, Azure Arc, but the hyperscalers really aren't building superclouds or metaclouds, at least today, are they? >> No, they're not. And I always have the predictions for every major cloud conference that this is the conference that the hyperscaler is going to figure out some sort of a multicloud across-cloud strategy. In other words, building services that are able to operate across clouds. That really has never happened. It has happened in dribs and drabs, and you just mentioned a few examples of that, but the ability to own the space, to understand that we're not going to be the center of the universe in how people are going to leverage it, is going to be multiple things, including legacy systems and other cloud providers, and even industry clouds that are emerging these days, and SaaS providers, and all these things. So we're going to assist you in dealing with complexity, and we're going to provide the core services of being there. That hasn't happened yet. And they may be worried about conflicting their market, and the messaging is a bit different, even actively pushing back on the concept of multicloud, but the reality is the market's going to take them there. So in other words, if enough of their customers are asking for this and asking that they take the lead in building these cross-cloud technologies, even if they're participating in the stack and not being the stack, it's too compelling of a market that it's not going to drag a lot of the existing public cloud providers there. >> Well, it's going to be interesting to see how that plays out, David, because I never say never when it comes to a company like AWS, and we've seen how fast they move. And at the same time, they don't want to be commoditized. There's the layer underneath all this infrastructure, and they got this ecosystem that's adding all this tremendous value. But I want to ask you, what are the essential elements of supercloud, coming back to the definition, if you will, and what's different about metacloud, as you call it, from plain old SaaS or PaaS? What are the key elements there? >> Well, the key elements would be holistic management of all of the IT infrastructure. So even though it's sitting above a multicloud, I view metacloud, supercloud as the ability to also manage your existing legacy systems, your existing security stack, your existing network operations, basically everything that exists under the purview of IT. If you think about it, we're moving our infrastructure into the clouds, and we're probably going to hit a saturation point of about 70%. And really, if the supercloud, metacloud, which is going to be expensive to build for most of the enterprises, it needs to support these things holistically. So it needs to have all the services, that is going to be shareable across the different providers, and also existing legacy systems, and also edge computing, and IoT, and all these very diverse systems that we're building there right now. So if complexity is a core challenge to operate these things at scale and the ability to secure these things at scale, we have to have commonality in terms of security architecture and technology, commonality in terms of our directory services, commonality in terms of network operations, commonality in term of cloud operations, commonality in terms of FinOps. All these things should exist in some holistic cross-cloud layer that sits above all this complexity. And you pointed out something very profound. In other words, that is going to mean that we're hiding a lot of the existing cloud providers in terms of their interfaces and dashboards and things like that that we're dealing with today, their APIs. But the reality is that if we're able to manage these things at scale, the public cloud providers are going to benefit greatly from that. They're going to sell more services because people are going to find they're able to leverage them easier. And so in other words, if we're removing the complexity wall, which many in the industry are calling it right now, then suddenly we're moving from, say, the 25 to 30% migrated in the cloud, which most enterprises are today, to 50, 60, 70%. And we're able to do this at scale, and we're doing it at scale because we're providing some architectural optimization through the supercloud, metacloud layer. >> Okay, thanks for that. David, I just want to tap your CTO brain for a minute. At "Supercloud22," we came up with these three deployment models. Kit Colbert put forth the idea that one model would be your control planes running in one cloud, let's say AWS, but it interacts with and can manage and deploy on other clouds, the Kubernetes Cluster Management System. The second one, Mohit Aron from Cohesity laid out, where you instantiate the stack on different clouds and different cloud regions, and then you create a layer, a common interface across those. And then Snowflake was the third deployment model where it's a single global instance, it's one instantiation, and basically building out their own cloud across these regions. Help us parse through that. Do those seem like reasonable deployment models to you? Do you have any thoughts on that? >> Yeah, I mean, that's a distributed computing trick we've been doing, which is, in essence, an agent of the supercloud that's carrying out some of the cloud native functions on that particular cloud, but is, in essence, a slave to the metacloud, or the supercloud, whatever, that's able to run across the various cloud providers. In other words, when it wants to access a service, it may not go directly to that service. It goes directly to the control plane, and that control plane is responsible... Very much like Kubernetes and Docker works, that control plane is responsible for reaching out and leveraging those native services. I think that that's thinking that's a step in the right direction. I think these things unto themselves, at least initially, are going to be a very complex array of technology. Even though we're trying to remove complexity, the supercloud unto itself, in terms of the ability to build this thing that's able to operate at scale across-cloud, is going to be a collection of many different technologies that are interfacing with the public cloud providers in different ways. And so we can start putting these meta architectures together, and I certainly have written and spoke about this for years, but initially, this is going to be something that may escape the detail or the holistic nature of these meta architectures that people are floating around right now. >> Yeah, so I want to stay on this, because anytime I get a CTO brain, I like to... I'm not an engineer, but I've been around a long time, so I know a lot of buzzwords and have absorbed a lot over the years, but so you take those, the second two models, the Mohit instantiate on each cloud and each cloud region versus the Snowflake approach. I asked Benoit Dageville, "Does that mean if I'm in "an AWS east region and I want to do a query on Azure West, "I can do that without moving data?" And he said, "Yes and no." And the answer was really, "No, we actually take a subset of that data," so there's the latency problem. From those deployment model standpoints, what are the trade-offs that you see in terms of instantiating the stack on each individual cloud versus that single instance? Is there a benefit of the single instance for governance and security and simplicity, but a trade-off on latency, or am I overthinking this? >> Yeah, you hit it on the nose. The reality is that the trade-off is going to be latency and performance. If we get wiggy with the distributed nature, like the distributed data example you just provided, we have to basically separate the queries and communicate with the databases on each instance, and then reassemble the result set that goes back to the people who are recording it. And so we can do caching systems and things like that. But the reality is, if it's distributed system, we're going to have latency and bandwidth issues that are going to be limiting us. And also security issues, because if we're removing lots of information over the open internet, or even private circuits, that those are going to be attack vectors that hackers can leverage. You have to keep that in mind. We're trying to reduce those attack vectors. So it would be, in many instances, and I think we have to think about this, that we're going to keep the data in the same physical region for just that. So in other words, it's going to provide the best performance and also the most simplistic access to dealing with security. And so we're not, in essence, thinking about where the data's going, how it's moving across things, things like that. So the challenge is going to be is when you're dealing with a supercloud or metacloud is, when do you make those decisions? And I think, in many instances, even though we're leveraging multiple databases across multiple regions and multiple public cloud providers, and that's the idea of it, we're still going to localize the data for performance reasons. I mean, I just wrote a blog in "InfoWorld" a couple of months ago and talked about, people who are trying to distribute data across different public cloud providers for different reasons, distribute an application development system, things like that, you can do it. With enough time and money, you can do anything. I think the challenge is going to be operating that thing, and also providing a viable business return based on the application. And so why it may look like a good science experiment, and it's cool unto itself as an architect, the reality is the more pragmatic approach is going to be a leavitt in a single region on a single cloud. >> Very interesting. The other reason I like to talk to companies like Deloitte and experienced people like you is 'cause I can get... You're agnostic, right? I mean, you're technology agnostic, vendor agnostic. So I want to come back with another question, which is, how do you deal with what I call the lowest common denominator problem? What I mean by that is if one cloud has, let's say, a superior service... Let's take an example of Nitro and Graviton. AWS seems to be ahead on that, but let's say some other cloud isn't quite quite there yet, and you're building a supercloud or a metacloud. How do you rationalize that? Does it have to be like a caravan in the army where you slow down so all the slowest trucks can keep up, or are the ways to adjudicate that that are advantageous to hide that deficiency? >> Yeah, and that's a great thing about leveraging a supercloud or a metacloud is we're putting that management in a single layer. So as far as a user or even a developer on those systems, they shouldn't worry about the performance that may come back, because we're dealing with the... You hit the nail on the head with that one. The slowest component is the one that dictates performance. And so we have to have some sort of a performance management layer. We're also making dynamic decisions to move data, to move processing, from one server to the other to try to minimize the amount of latency that's coming from a single component. So the great thing about that is we're putting that volatility into a single domain, and it's making architectural decisions in terms of where something will run and where it's getting its data from, things are stored, things like that, based on the performance feedback that's coming back from the various cloud services that are under management. And so if you're running across clouds, it becomes even more interesting, because ultimately, you're going to make some architectural choices on the fly in terms of where that stuff runs based on the active dynamic performance that that public cloud provider is providing. So in other words, we may find that it automatically shut down a database service, say MySQL, on one cloud instance, and moved it to a MySQL instance on another public cloud provider because there was some sort of a performance issue that it couldn't work around. And by the way, it does so dynamically. Away from you making that decision, it's making that decision on your behalf. Again, this is a matter of abstraction, removing complexity, and dealing with complexity through abstraction and automation, and this is... That would be an example of fixing something with automation, self-healing. >> When you meet with some of the public cloud providers and they talk about on-prem private cloud, the general narrative from the hyperscalers is, "Well, that's not a cloud." Should on-prem be inclusive of supercloud, metacloud? >> Absolutely, I mean, and they're selling private cloud instances with the edge cloud that they're selling. The reality is that we're going to have to keep a certain amount of our infrastructure, including private clouds, on premise. It's something that's shrinking as a market share, and it's going to be tougher and tougher to justify as the public cloud providers become better and better at what they do, but we certainly have edge clouds now, and hyperscalers have examples of that where they run a instance of their public cloud infrastructure on premise on physical hardware and software. And the reality is, too, we have data centers and we have systems that just won't go away for another 20 or 30 years. They're just too sticky. They're uneconomically viable to move into the cloud. That's the core thing. It's not that we can't do it. The fact of the matter is we shouldn't do it, because there's not going to be an economic... There's not going to be an economic incentive of making that happen. So if we're going to create this meta layer or this infrastructure which is going to run across clouds, and everybody agrees on, that's what the supercloud is, we have to include the on-premise systems, including private clouds, including legacy systems. And by the way, include the rising number of IoT systems that are out there, and edge-based systems out there. So we're managing it using the same infrastructure into cloud services. So they have metadata systems and they have specialized services, and service finance and retail and things like doing risk analytics. So it gets them further down that path, but not necessarily giving them a SaaS application where they're forced into all of the business processes. We're giving you piece parts. So we'll give you 1000 different parts that are related to the finance industry. You can assemble anything you need, but the thing is, it's not going to be like building it from scratch. We're going to give you risk analytics, we're giving you the financial analytics, all these things that you can leverage within your applications how you want to leverage them. We'll maintain them. So in other words, you don't have to maintain 'em just like a cloud service. And suddenly, we can build applications in a couple of weeks that used to take a couple of months, in some cases, a couple of years. So that seems to be a large take of it moving forward. So get it up in the supercloud. Those become just other services that are under managed... That are under management on the supercloud, the metacloud. So we're able to take those services, abstract them, assemble them, use them in different applications. And the ability to manage where those services are originated versus where they're consumed is going to be managed by the supercloud layer, which, you're dealing with the governance, the service governance, the security systems, the directory systems, identity access management, things like that. They're going to get you further along down the pike, and that comes back as real value. If I'm able to build something in two weeks that used to take me two months, and I'm able to give my creators in the organization the ability to move faster, that's a real advantage. And suddenly, we are going to be valued by our digital footprint, our ability to do things in a creative and innovative way. And so organizations are able to move that fast, leveraging cloud computing for what it should be leveraged, as a true force multiplier for the business. They're going to win the game. They're going to get the most value. They're going to be around in 20 years, the others won't. >> David Linthicum, always love talking. You have a dangerous combination of business and technology expertise. Let's tease. "VMware Explore" next week, you're giving a keynote, if they're going to be there. Which day are you? >> Tuesday. Tuesday, 11 o'clock. >> All right, that's a big day. Tuesday, 11 o'clock. And David, please do stop by "The Cube." We're in Moscone West. Love to get you on and continue this conversation. I got 100 more questions for you. Really appreciate your time. >> I always love talking to people at "The Cube." Thank you very much. >> All right, and thanks for watching our ongoing coverage of "Supercloud22" on "The Cube," your leader in enterprise tech and emerging tech coverage. (bright music)

>> From theCUBE studios in Palo Alto in Boston bringing you data driven insights from theCUBE and ETR. This is breaking analysis with Dave Vellante. >> The term Supercloud is somewhat new, but the concepts behind it have been bubbling for years, early last decade when NIST put forth a definition of cloud computing it said services had to be accessible over a public network essentially cutting the on-prem crowd out of the cloud conversation. Now a guy named Chuck Hollis, who was a field CTO at EMC at the time and a prolific blogger objected to that criterion and laid out his vision for what he termed a private cloud. Now, in that post, he showed a workload running both on premises and in a public cloud sharing the underlying resources in an automated and seamless manner. What later became known more broadly as hybrid cloud that vision as we now know, really never materialized, and we were left with multi-cloud sets of largely incompatible and disconnected cloud services running in separate silos. The point is what Hollis laid out, IE the ability to abstract underlying infrastructure complexity and run workloads across multiple heterogeneous estates with an identical experience is what super cloud is all about. Hello and welcome to this week's Wikibon cube insights powered by ETR and this breaking analysis. We share what we hope to learn from super cloud 22 next week, next Tuesday at 9:00 AM Pacific. The community is gathering for Supercloud 22 an inclusive pilot symposium hosted by theCUBE and made possible by VMware and other founding partners. It's a one day single track event with more than 25 speakers digging into the architectural, the technical, structural and business aspects of Supercloud. This is a hybrid event with a live program in the morning running out of our Palo Alto studio and pre-recorded content in the afternoon featuring industry leaders, technologists, analysts and investors up and down the technology stack. Now, as I said up front the seeds of super cloud were sewn early last decade. After the very first reinvent we published our Amazon gorilla post, that scene in the upper right corner here. And we talked about how to differentiate from Amazon and form ecosystems around industries and data and how the cloud would change IT permanently. And then up in the upper left we put up a post on the old Wikibon Wiki. Yeah, it used to be a Wiki. Check out my hair by the way way no gray, that's how long ago this was. And we talked about in that post how to compete in the Amazon economy. And we showed a graph of how IT economics were changing. And cloud services had marginal economics that looked more like software than hardware at scale. And this would reset, we said opportunities for both technology sellers and buyers for the next 20 years. And this came into sharper focus in the ensuing years culminating in a milestone post by Greylock's Jerry Chen called Castles in the Cloud. It was an inspiration and catalyst for us using the term Supercloud in John Furrier's post prior to reinvent 2021. So we started to flesh out this idea of Supercloud where companies of all types build services on top of hyperscale infrastructure and across multiple clouds, going beyond multicloud 1.0, if you will, which was really a symptom, as we said, many times of multi-vendor at least that's what we argued. And despite its fuzzy definition, it resonated with people because they knew something was brewing, Keith Townsend the CTO advisor, even though he frankly, wasn't a big fan of the buzzy nature of the term Supercloud posted this awesome Blackboard on Twitter take a listen to how he framed it. Please play the clip. >> Is VMware the right company to make the super cloud work, term that Wikibon came up with to describe the taking of discreet services. So it says RDS from AWS, cloud compute engines from GCP and authentication from Azure to build SaaS applications or enterprise applications that connect back to your data center, is VMware's cross cloud vision 'cause it is just a vision today, the right approach. Or should you be looking towards companies like HashiCorp to provide this overall capability that we all agree, or maybe you don't that we need in an enterprise comment below your thoughts. >> So I really like that Keith has deep practitioner knowledge and lays out a couple of options. I especially like the examples he uses of cloud services. He recognizes the need for cross cloud services and he notes this capability is aspirational today. Remember this was eight or nine months ago and he brings HashiCorp into the conversation as they're one of the speakers at Supercloud 22 and he asks the community, what they think, the thing is we're trying to really test out this concept and people like Keith are instrumental as collaborators. Now I'm sure you're not surprised to hear that mot everyone is on board with the Supercloud meme, in particular Charles Fitzgerald has been a wonderful collaborator just by his hilarious criticisms of the concept. After a couple of super cloud posts, Charles put up his second rendition of "Supercloudifragilisticexpialidoucious". I mean, it's just beautiful, but to boot, he put up this picture of Baghdad Bob asking us to just stop, Bob's real name is Mohamed Said al-Sahaf. He was the minister of propaganda for Sadam Husein during the 2003 invasion of Iraq. And he made these outrageous claims of, you know US troops running in fear and putting down their arms and so forth. So anyway, Charles laid out several frankly very helpful critiques of Supercloud which has led us to really advance the definition and catalyze the community's thinking on the topic. Now, one of his issues and there are many is we said a prerequisite of super cloud was a super PaaS layer. Gartner's Lydia Leong chimed in saying there were many examples of successful PaaS vendors built on top of a hyperscaler some having the option to run in more than one cloud provider. But the key point we're trying to explore is the degree to which that PaaS layer is purpose built for a specific super cloud function. And not only runs in more than one cloud provider, Lydia but runs across multiple clouds simultaneously creating an identical developer experience irrespective of a state. Now, maybe that's what Lydia meant. It's hard to say from just a tweet and she's a sharp lady, so, and knows more about that market, that PaaS market, than I do. But to the former point at Supercloud 22, we have several examples. We're going to test. One is Oracle and Microsoft's recent announcement to run database services on OCI and Azure, making them appear as one rather than use an off the shelf platform. Oracle claims to have developed a capability for developers specifically built to ensure high performance low latency, and a common experience for developers across clouds. Another example we're going to test is Snowflake. I'll be interviewing Benoit Dageville co-founder of Snowflake to understand the degree to which Snowflake's recent announcement of an application development platform is perfect built, purpose built for the Snowflake data cloud. Is it just a plain old pass, big whoop as Lydia claims or is it something new and innovative, by the way we invited Charles Fitz to participate in Supercloud 22 and he decline saying in addition to a few other somewhat insulting things there's definitely interesting new stuff brewing that isn't traditional cloud or SaaS but branding at all super cloud doesn't help either. Well, indeed, we agree with part of that and we'll see if it helps advanced thinking and helps customers really plan for the future. And that's why Supercloud 22 has going to feature some of the best analysts in the business in The Great Supercloud Debate. In addition to Keith Townsend and Maribel Lopez of Lopez research and Sanjeev Mohan from former Gartner analyst and principal at SanjMo participated in this session. Now we don't want to mislead you. We don't want to imply that these analysts are hopping on the super cloud bandwagon but they're more than willing to go through the thought experiment and mental exercise. And, we had a great conversation that you don't want to miss. Maribel Lopez had what I thought was a really excellent way to think about this. She used TCP/IP as an historical example, listen to what she said. >> And Sanjeev Mohan has some excellent thoughts on the feasibility of an open versus de facto standard getting us to the vision of Supercloud, what's possible and what's likely now, again, I don't want to imply that these analysts are out banging the Supercloud drum. They're not necessarily doing that, but they do I think it's fair to say believe that something new is bubbling and whether it's called Supercloud or multicloud 2.0 or cross cloud services or whatever name you choose it's not multicloud of the 2010s and we chose Supercloud. So our goal here is to advance the discussion on what's next in cloud and Supercloud is meant to be a term to describe that future of cloud and specifically the cloud opportunities that can be built on top of hyperscale, compute, storage, networking machine learning, and other services at scale. And that is why we posted this piece on Answering the top 10 questions about Supercloud. Many of which were floated by Charles Fitzgerald and others in the community. Why does the industry need another term what's really new and different? And what is hype? What specific problems does Supercloud solve? What are the salient characteristics of Supercloud? What's different beyond multicloud? What is a super pass? Is it necessary to have a Supercloud? How will applications evolve on superclouds? What workloads will run? All these questions will be addressed in detail as a way to advance the discussion and help practitioners and business people understand what's real today. And what's possible with cloud in the near future. And one other question we'll address is who will build super clouds? And what new entrance we can expect. This is an ETR graphic that we showed in a previous episode of breaking analysis, and it lays out some of the companies we think are building super clouds or in a position to do so, by the way the Y axis shows net score or spending velocity and the X axis depicts presence in the ETR survey of more than 1200 respondents. But the key callouts to this slide in addition to some of the smaller firms that aren't yet showing up in the ETR data like Chaossearch and Starburst and Aviatrix and Clumio but the really interesting additions are industry players Walmart with Azure, Capital one and Goldman Sachs with AWS, Oracle, with Cerner. These we think are early examples, bubbling up of industry clouds that will eventually become super clouds. So we'll explore these and other trends to get the community's input on how this will all play out. These are the things we hope you'll take away from Supercloud 22. And we have an amazing lineup of experts to answer your question. Technologists like Kit Colbert, Adrian Cockcroft, Mariana Tessel, Chris Hoff, Will DeForest, Ali Ghodsi, Benoit Dageville, Muddu Sudhakar and many other tech athletes, investors like Jerry Chen and In Sik Rhee the analyst we featured earlier, Paula Hansen talking about go to market in a multi-cloud world Gee Rittenhouse talking about cloud security, David McJannet, Bhaskar Gorti of Platform9 and many, many more. And of course you, so please go to theCUBE.net and register for Supercloud 22, really lightweight reg. We're not doing this for lead gen. We're doing it for collaboration. If you sign in you can get the chat and ask questions in real time. So don't miss this inaugural event Supercloud 22 on August 9th at 9:00 AM Pacific. We'll see you there. Okay. That's it for today. Thanks for watching. Thank you to Alex Myerson who's on production and manages the podcast. Kristen Martin and Cheryl Knight. They help get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE. Does some really wonderful editing. Thank you to all. Remember these episodes are all available as podcasts wherever you listen, just search breaking analysis podcast. I publish each week on wikibon.com and Siliconangle.com. And you can email me at David.Vellantesiliconangle.com or DM me at Dvellante, comment on my LinkedIn post. Please do check out ETR.AI for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE insights powered by ETR. Thanks for watching. And we'll see you next week in Palo Alto at Supercloud 22 or next time on breaking analysis. (calm music)