(upbeat music) >> Hello everyone, welcome back to theCUBE's coverage of splunk.com 2021 virtual. We're here live in the Splunk studios. We're all here gettin all the action, all the stories. Garth Fort, senior vice president, Chief Product Officer at Splunk is here with me. CUBE alumni. Great to see you. Last time I saw you, we were at AWS now here at Splunk. Congratulations on the new role. >> Thank you. Great to see you again. >> Great keynote and great team. Congratulations. >> Thank you. Thank you. It's a lot of fun. >> So let's get into the keynote a little bit on the product. You're the Chief Product Officer. We interviewed Shawn Bice, who's also working with you as well. He's your boss. Talk about the, the next level, cause you're seeing some new enhancements. Let's get to the news first. Talk about the new enhancements. >> Yeah, this was actually a really fun keynote for me. So I think there was a lot of great stuff that came out of the rest of it. But I had the honor to actually showcase a lot of the product innovation, you know, since we did .conf last year, we've actually closed four different acquisitions. We shipped 43 major releases and we've done hundreds of small enhancements, like we're shipping code in the cloud every six weeks and we're shipping new versions twice a year for our Splunk Enterprise customers. And so this was kind of like if you've seen that movie Sophie's Choice, you know, where you have to pick one of your children, like this was a really hard, hard thing to pick. Cause we only had about 25 minutes, but we did like four demos that I think landed really well. The first was what we call ingest actions and you know, there's customers that are using, they start small with gigabytes and they go to terabytes and up to petabytes of data per day. And so they wanted tools that allow them to kind of modify filter and then route data to different sort of parts of their infrastructure. So that was the first demo. We did another demo on our, our visual playbook editor for SOAR, which has improved quite a bit. You know, a lot of the analysts that are in the, in the, in the SOC trying to figure out how to automate responses and reduce sort of time to resolution, like they're not Python experts. And so having a visual playbook editor that lets them drag and drop and sort of with a few simple gestures create complex playbooks was pretty cool. We showed some new capabilities in our APM tool. Last year, we announced we acquired a company called Plumbr, which has expertise in basically like code level analysis and, and we're calling it "Always On" profiling. So we, we did that demo and gosh, we did one more, four, but four total demos. I think, you know, people were really happy to see, you know, the thing that we really tried to do was ground all of our sort of like tech talk and stuff that was like real and today, like this is not some futuristic vision. I mean, Shawn did lay out some, some great visions, visionary kind of pillars. But, what we showed in the keynote was I it's all shipping code. >> I mean, there's plenty of head room in this market when it comes to data as value and data in motion, all these things. But we were talking before you came on camera earlier in the morning about actually how good Splunk product and broad and deep the product portfolio as well. >> Garth: Yeah. >> I mean, it's, I mean, it's not a utility and a tooling, it's a platform with tools and utilities. >> Garth: Yeah >> It's a fully blown out platform. >> Yeah. Yeah. It is a platform and, and, you know, it's, it's one that's quite interesting. I've had the pleasure to meet a couple of big customers and it's kind of amazing, like what they do with Splunk. Like I was meeting with a large telco on the east coast and you know, they actually, for their set top boxes, they actually have to figure out in real time, which ads to display and the only tool they could find to process 15 million events in real time, to decide what ad to display, was Splunk. So that was, that was like really cool to hear. Like we never set out to be like an ad tech kind of platform and yet we're the only tool that operates at that level of scale and that kind of data. >> You know, it's funny, Doug Merritt mentioned this in my interview with him earlier today about, you know, and he wasn't shy about it, which was great. He was like, we're an enabling platform. We don't have to be experts in all these vertical industries >> Garth: Yep >> because AI takes care of that. That's where the machine learning >> Garth: Yeah >> and the applications get built. So others are trying to build fully vertically integrated stacks into these verticals when in reality they don't have to, if they don't want it. >> Yeah, and Splunk's kind of, it's quite interesting when you look across our top 100 customers, you know, Doug talks about like the, you know, 92 of the fortune 100 are kind of using Splunk today, but the diversity across industries and, you know, we have government agencies, we have, you know, you name the retail or the vertical, you know, we've got really big customers, they're using Splunk. And the other thing that I kind of, I was excited about, we announced the last demo I forgot was TruSTAR integration with Enterprise Security. That's pretty cool. We're calling that Splunk Threat Intelligence. And so That was really fun and we only acquired, we closed the acquisition to TruSTAR in May, but the good news is they've been a partner with us like for 18 months before we actually bought em. And so they'd already done a lot of the work to integrate. And so they had a running start in that regard, But other, one other one that was kind of a, it was a small thing. I didn't get to demo it, but we talked about the, the content pack for application performance monitoring. And so, you know, in some ways we compete in the APM level, but in many ways there's a ton of great APM vendors out there that customers are using. But what they wanted us to do was like, hey, if I'm using APM for that one app, I still want to get data out of that and into Splunk because Splunk ends up being like the core repository for observability, security, IT ops, Dev Sec Ops, et cetera. It's kind of like where the truth, the operational truth of how your systems works, lives in Splunk. >> It's so funny. The Splunk business model has actually been replicated. They call it data lake, whatever you want to call it. People are bringing up all these different metaphors. But at the end of the day, if you guys can create a value proposition where you can have data just be, you know, stored and dumped and dumped into whatever they call it stored in a way >> Garth: We call it ingest >> Ingested, ingested. >> Garth: Not dumped. >> Data dump. >> Garth: It's ingested. >> Well, I mean, well you given me a plan, but you don't have to do a lot of work to store just, okay, we can only get to it later, >> Garth: Yep. >> But let the machines take over >> Garth: Yep. >> With the machine learning. I totally get that. Now, as a pro, as a product leader, I have to ask you your, your mindset around optimization. What do you optimize for? Because a lot of times these use cases are emerging. They just pop out of nowhere. It's a net new use case that you want to operationalize. So balancing the headroom >> Yep. >> Or not to foreclose those new opportunities for customers. How are customers deciding what's important to them? How do you, because you're trying to read the tea leaves for the future >> Garth: A little bit, yeah. >> and then go, okay, what do our customers need, but you don't want to foreclose anything. How do you think about product strategy around that? >> There's a ton of opportunity to interact with customers. We have this thing called the Customer Advisory Board. We run, I think, four of them and we run a monthly. And so we got an opportunity to kind of get that anecdotal data and the direct contact. We also have a portal called ideas.splunk.com where customers can come tell us what they want us to build next. And we look at that every month, you know, and there's no way that we could ever build everything that they're asking us to, but we look at that monthly and we use it in sort of our sprint planning to decide where we're going to prioritize engineering resources. And it's just, it's kind of like customers say the darndest things, right? Sometimes they ask us for stuff and we never imagined building it in a million years, >> John: Yeah. >> Like that use case around ads on the set top box, but it's, it's kind of a fun place to be like, we, we just, before this event, we kind of laid out internally what, you know, Shawn and I kind of put together this doc, actually Shawn wrote the bulk of it, but it was about sort of what do we think? Where, where can we take Splunk to the next three to five years? And we talked about these, we referred to them as waves of innovation. Cause you know, like when you think about waves, there's multiple waves that are heading towards the beach >> John: Yeah. >> in parallel, right? It's not like a series of phases that are going to be serialized. It's about making a set of investments. that'll kind of land over time. And, and the first wave is really about, you know, what I would say is sort of, you know, really delivering on the promise of Splunk and some of that's around integration, single sign-on things about like making all of the Splunk Splunk products work together more easily. We've talked a lot in the Q and a about like edge and hybrid. And that's really where our customers are. If you watch the Koby Avital's sort of customer keynote, you know, Walmart by necessity, given their geographic breadth and the customers they serve has to have their own infrastructure. They use Google, they use Azure and they have this abstraction layer that Koby's team has built on top. And they use Splunk to manage kind of, operate basically all of their infrastructure across those three clouds. So that's the hybrid edge scenario. We were thinking a lot about, you mentioned data lakes. You know, if you go back to 2002, when Splunk was founded, you know, the thing we were trying to do is help people make sense of log files. But now if you talk to customers that are moving to cloud, everybody's building a data lake and there's like billions of objects flowing into millions of these S3 buckets all over the place. And we're kind of trying to think about, hey, is there an opportunity for us to point our indexing and analytics capability against structured and unstructured data and those data lakes. So that that'll be something we're going to >> Yeah. >> at least start prototyping pretty soon. And then lastly, machine learning, you know, I'd say, you know, to use a baseball metaphor, like in terms of like how we apply machine learning, we're like in the bottom of the second inning, >> Yeah. >> you know, we've been doing it for a number of years, but there's so much more. >> There's so, I mean, machine learning is only as good as the data you put into the machine learning. >> Exactly, exactly. >> And so if you have, if you have gap in the data, the machine learning is going to have gaps in it. >> Yeah. And we have, we announced a feature today called auto detect. And I won't go into the gory details, but effectively what it does is it runs a real-time analytics job over whatever metrics you want to look at and you can do what I would consider more statistics versus machine learning. You can say, hey, if in a 10 minute period, like, you know, we see more errors than we see on average over the last week, throw an alert so I can go investigate and take a look. Imagine if you didn't have to figure out what the right thresholds were, if we could just watch those metrics for you and automatically understand the seasonality, the timing, is it a weekly thing? Is it a monthly thing? And then like tell you like use machine learning to do the anomaly detection, but do it in a way that's more intelligent than just the static threshold. >> Yeah. >> And so I think you'll see things like auto detect, which we announced this week will evolve to take advantage of machine learning kind of under the covers, if you will. >> Yeah. It was interesting with cloud scale and the data velocity, automations become super important. >> Oh yeah. >> You don't have a lot of new disciplines emerge, like explainable AI is hot right now. So you got, the puck is coming. You can see where the puck is going. >> Yeah >> And that is automation at the app edge or the application layer where the data has got to be free-flowing or addressable. >> Garth: Yeah. >> This is something that is being talked about. And we talked about data divide with, with Chris earlier about the policy side of things. And now data is part of everything. It's part of the apps. >> Garth: Yeah. >> It's not just stored stuff. So it's always in flight. It should be addressable. This is what people want. What do you think about all of that? >> No, I think it's great. I actually just can I, I'll quote from Steve Schmidt in, in sort of the keynote, he said, look like security at the end of the day is a human problem, but it kind of manifests itself through data. And so being able to understand what's happening in the data will tell you, like, is there a bad actor, like wreaking havoc inside of my systems? And like, you can use that, the data trail if you will, of the bad actor to chase them down and sort of isolate em. >> The digital footprints, if you will, looking at a trail. >> Yeah. >> All right, what's the coolest thing that you like right now, when you look at the treasure trove of, of a value, as you look at it, and this is a range of value, Splunk, Splunk has had customers come in with, with the early product, but they keep the customers and they always do new things and they operationalize it >> Garth: Yep. >> and another new thing comes, they operationalize it. What's the next new thing that's coming, that's the next big thing. >> Dude that is like asking me which one of my daughters do I love the most, like that is so unfair. (laughing) I'm not going to answer that one. Next question please. >> Okay. All right. Okay. What's your goals for the next year or two? >> Yeah, so I just kind of finished roughly my first 100 days and it's been great to, you know, I had a whole plan, 30, 60, 90, and I had a bunch of stuff I wanted to do. Like I'm really hoping, sort of, we get past this current kind of COVID scare and we get to back to normal. Cause I'm really looking forward to getting back on the road and sort of meeting with customers, you know, you can meet over Zoom and that's great, but what I've learned over time, you know, I used to go, I'd fly to Wichita, Kansas and actually go sit down with the operators like at their desk and watch how they use my tools. And that actually teaches you. Like you, you come up with things when you see, you know, your product in the hands of your customer, that you don't get from like a CAB meeting or from a Zoom call, you know? >> John: Yeah, yeah. >> And so being able to visit customers where they live, where they work and kind of like understand what we can do to make their lives better. Like that's going to, I'm actually really excited to gettin back to travel. >> If you could give advice to CTO, CISO, or CIO or a practitioner out there who are, who is who's sitting at their virtual desk or their physical desk thinking, okay, the pandemic, were coming through the pandemic. I want to come out with a growth strategy, with a plan that's going to be expansive, not restrictive. The pandemic has shown what's what works, what doesn't work. >> Garth: Sure. >> So it's going to be some projects that might not get renewed, but there's doubling down on, certainly with cloud scale. What would advice would you give that person when they start thinking about, okay, I got to get my architecture right. >> Yeah. >> I got to get my playbooks in place. I got to get my people aligned. >> Yeah >> What's what do you see as a best practice for kind of the mindset to actual implementation of data, managing the data? >> Yeah, and again, I'm, I'm, this is not an original Garth thought. It actually came from one of our customers. You know, the, I think we all, like you think back to March and April of 2020 as this thing was really getting real. Everybody moved as fast as they could to either scale up or scale scaled on operations. If you were in travel and hospitality, you know, that was, you know, you had to figure how to scale down quickly and like what you could shut down safely. If you were like in the food delivery business, you had to figure out how you could scale up, like Chipotle hit two, what is it? $2 billion run rate on delivery last year. And so people scrambled as fast as they could to sort of adapt to this new world. And I think we're all coming to the realization that as we sort of exit and get back to some sense of new normal, there's a lot of what we're doing today that's going to persist. Like, I think we're going to have like flexible rules. I don't think everybody's going to want to come back into the office. And so I think, I think the thing to do is you think about returning to whatever this new normal looks like is like, what did we learn that was good. And like the pandemic had a silver lining for folks in many ways. And it sucked for a lot. I'm not saying it was a good thing, but you know, there were things that we did to adapt that I think actually made like the workplace, like stronger and better. And, and sort of. >> It showed that data's important, internet is important. Didn't break, the internet didn't break. >> Garth: Correct. >> Zoom was amazing. And the teleconferencing with other tools. >> But that's kind of, just to sort of like, what did you learn over the last 18 months that you're going to take for it into the next 18 years? You know what I mean? Cause there was a lot of good and I think people were creative and they figured out like how to adapt super quickly and take the best of the pandemic and turn it into like a better place to work. >> Hybrid, hybrid events, hybrid workforce, hybrid workflows. What's what's your vision on Splunk as a tier one enterprise? Because a lot of the news that I'm seeing that's, that's the tell sign to me in terms of this next growth wave is big SI deals, Accenture and others are yours working with and you still got the other Partnerverse going. You have the ecosystems emerging. >> Garth: Yep. >> That's a good, that means your product's enabling people to make money. >> Garth: Yeah. Yeah, yeah, yeah. >> And that's a good thing. >> Yeah, BlueVoyant was a great example in the keynote yesterday and they, you know, they've really, they've kind of figured out how, you know, most of their customers, they serve customers in heavily regulated industries kind of, and you know, those customers actually want their data in a Splunk tenant that they own and control and they want to have that secure boundary around that. But BlueVoyant's figured out how they can come in and say, hey, I'm going to take care of the heavy lifting of the day-to-day operations, the monitoring of that environment with the security. So, so BlueVoyant has done a great job sort of pivoting and figuring out how they can add value to customers and do, you know, because they they're managing not just one Splunk instance, but they're managing 100s of Splunk cloud instances. And so they've got best practices and automation that they can play across their entire client base. And I think you're going to see a lot more of that. And, and Teresa's just, Teresa is just, she loves Partners, absolutely loves Partners. And that was just obvious. You could, you could hear it in her voice. You could see it in her body language, you know, when she talked about Partnerverse. So I think you'll see us start to really get a lot more serious. Cause as big as Splunk is like our pro serve and support teams are not going to scale for the next 10,000, 100,000 Splunk customers. And we really need to like really think about how we use Partners. >> There's a real growth wave. And I, and I love the multiples wave in parallel because I think that's what everyone's consensus on. So I have to ask you as a final question, what's your takeaway? Obviously, there's been a virtual studio here where all the Splunk executives and, and, and customers and partners are here. TheCUBE's here doing all the presentations, live by the way. It was awesome. What would you say the takeaway is for this .conf, for the people watching and consuming all the content online? A lot of asynchronous consumption would be happening. >> Sure. >> What's your takeaway from this year's Splunk .conf? >> You know, I, it's hard cause you know, you get so close to it and we've rehearsed this thing so many times, you know, the feedback that I got and if you look at Twitter and you look at my Slack and everything else, like this felt like a conf that was like kind of like a really genuine, almost like a Splunk two dot O. But it's sort of true to the roots of what Splunk was true to the product reality. I mean, you know, I was really careful with my team and to avoid any whiff of vaporware, like what were, what we wanted to show was like, look, this is Splunk, we're acquiring companies, you know, 43 major releases, you know, 100s of small ones. Like we're continuing to innovate on your behalf as fast as we can. And hopefully this is the last virtual conf. But even when we go back, like there was so much good about the way we did this this week, that, you know, when we, when we broke yesterday on the keynote and we were sitting around with the crew and it kind of looking at that stage and everything, we were like, wow, there is a lot of this that we want to bring to an in-person event as well. Cause so for those that want to travel and come sit in the room with us, we're super excited to do that as soon as we can. But, but then, you know, there may be 25, 50, 100,000 that don't want to travel, but can access us via this virtual event. >> It's like a time. It's a moment in time that becomes a timeless moment. That could be, >> Wow, did you make that up right now? >> that could be an NFT. >> Yeah >> We can make a global cryptocurrency. Garth, great to see you. Of course I made it up right then. So, great to see you. >> Air bump, air bump? Okay, good. >> Okay. Garth Fort, senior vice president, Chief Product Officer. In theCUBE here, we're live on site at Splunk Studio for the .conf virtual event. I'm John Furrier. Thanks for watching. >> All right. Thank you guys. (upbeat music)

>> Narrator: From around the globe, it's the CUBE with digital coverage of IBM Think 2021, brought to you by IBM. >> Welcome back to IBM Think 2021, the virtual edition. This is the CUBEs, continuous, deep dive coverage of the people, processes and technologies that are really changing our world. Right now, we're going to talk about modernization and what's beyond with Jamie Thomas, general manager, strategy and development, IBM Enterprise Security. Jamie, always a pleasure. Great to see you again. Thanks for coming on. >> It's great to see you, Dave. And thanks for having me on the CUBE is always a pleasure. >> Yeah, it is our pleasure. And listen, we've been hearing a lot about IBM is focused on hybrid cloud, Arvind Krishna says we must win the architectural battle for hybrid cloud. I love that. We've been hearing a lot about AI. And I wonder if you could talk about IBM Systems and how it plays into that strategy? >> Sure, well, it's a great time to have this discussion Dave. As you all know, IBM Systems Technology is used widely around the world, by many, many 1000s of clients in the context of our IBM System Z, our power systems and storage. And what we have seen is really an uptake of monetization around those workloads, if you will, driven by hybrid cloud, the hybrid cloud agenda, as well as an uptake of Red Hat OpenShift, as a vehicle for this modernization. So it's pretty exciting stuff, what we see as many clients taking advantage of OpenShift on Linux, to really modernize these environments, and then stay close, if you will, to that systems of record database and the transactions associated with it. So they're seeing a definite performance advantage to taking advantage of OpenShift. And it's really fascinating to see the things that they're doing. So if you look at financial services, for instance, there's a lot of focus on risk analytics. So things like fraud, anti money laundering, mortgage risk, types of applications being done in this context, when you look at our retail industry clients, you see also a lot of customer centricity solutions, if you will, being deployed on OpenShift. And once again, having Linux close to those traditional LPARs of AIX, I-Series, or in the context of z/OS. So those are some of the things we see happening. And it's quite real. >> Now, you didn't mention power, but I want to come back and ask you about power. Because a few weeks ago, we were prompted to dig in a little bit with the when Arvind was on with Pat Kessinger at Intel and talking about the relationship you guys have. And so we dug in a little bit, we thought originally, we said, oh, it's about quantum. But we dug in. And we realized that the POWER10 is actually the best out there and the highest performance in terms of disaggregating memory. And we see that as a future architecture for systems and actually really quite excited about it about the potential that brings not only to build beyond system on a chip and system on a package, but to start doing interesting things at the Edge. You know, what do you what's going on with power? >> Well, of course, when I talked about OpenShift, we're doing OpenShift on power Linux, as well as Z Linux, but you're exactly right in the context for a POWER10 processor. We couldn't be more we're so excited about this processor. First of all, it's our first delivery with our partner Samsung with a seven nanometer form factor. The processor itself has only 18 billion transistors. So it's got a few transistors there. But one of the cool inventions, if you will, that we have created is this expansive memory region as part of this design point, which we call memory inception, it gives us the ability to reach memory across servers, up to two petabytes of memory. Aside from that, this processor has generational improvements and core and thread performance, improved energy efficiency. And all of this, Dave is going to give us a lot of opportunity with new workloads, particularly around artificial intelligence and inferencing around artificial intelligence. I mean, that's going to be that's another critical innovation that we see here in this POWER10 processor. >> Yeah, processor performance is just exploding. We're blowing away the historical norms. I think many people don't realize that. Let's talk about some of the key announcements that you've made in quantum last time we spoke on the qubit for last year, I think we did a deeper dive on quantum. You've made some announcements around hardware and software roadmaps. Give us the update on quantum please. >> Well, there is so much that has happened since we last spoke on the quantum landscape. And the key thing that we focused on in the last six months is really an articulation of our roadmaps, so the roadmap around hardware, the roadmap around software, and we've also done quite a bit of ecosystem development. So in terms of the roadmap around hardware, we put ourselves out there we've said we were going to get to over 1000 qubit machine and in 2023, so that's our milestone. And we've got a number of steps we've outlined along that way, of course, we have to make progress, frankly, every six months in terms of innovating around the processor, the electronics and the fridge associated with these machines. So lots of exciting innovation across the board. We've also published a software roadmap, where we're articulating how we improve a circuit execution speeds. So we hope, our plan to show shortly a 100 times improvement in circuit execution speeds. And as we go forward in the future, we're modifying our Qiskit programming model to not only allow a easily easy use by all types of developers, but to improve the fidelity of the entire machine, if you will. So all of our innovations go hand in hand, our hardware roadmap, our software roadmap, are all very critical in driving the technical outcomes that we think are so important for quantum to become a reality. We've deployed, I would say, in our quantum cloud over, you know, over 20 machines over time, we never quite identify the precise number because frankly, as we put up a new generation machine, we often retire when it's older. So we're constantly updating them out there, and every machine that comes on online, and that cloud, in fact, represents a sea change and hardware and a sea change in software. So they're all the latest and greatest that our clients can have access to. >> That's key, the developer angle you got redshift running on quantum yet? >> Okay, I mean, that's a really good question, you know, as part of that software roadmap in terms of the evolution and the speed of that circuit execution is really this interesting marriage between classical processing and quantum processing and bring those closer together. And in the context of our classical operations that are interfacing with that quantum processor, we're taking advantage of OpenShift, running on that classical machine to achieve that. And once again, if, as you can imagine, that'll give us a lot of flexibility in terms of where that classical machine resides and how we continue the evolution the great marriage, I think that's going to that will exist that does exist and will exist between classical computing and quantum computing. >> I'm glad I asked it was kind of tongue in cheek. But that's a key thread to the ecosystem, which is critical to obviously, you know, such a new technology. How are you thinking about the ecosystem evolution? >> Well, the ecosystem here for quantum is infinitely important. We started day one, on this journey with free access to our systems for that reason, because we wanted to create easy entry for anyone that really wanted to participate in this quantum journey. And I can tell you, it really fascinates everyone, from high school students, to college students, to those that are PhDs. But during this journey, we have reached over 300,000 unique users, we have now over 500,000 unique downloads of our Qiskit programming model. But to really achieve that is his back plane by this ongoing educational thrust that we have. So we've created an open source textbook, around Qiskit that allows organizations around the world to take advantage of it from a curriculum perspective. We have over 200 organizations that are using our open source textbook. Last year, when we realized we couldn't do our in person programming camps, which were so exciting around the world, you can imagine doing an in person programming camp and South Africa and Asia and all those things we did in 2019. Well, we had just like you all, we had to go completely virtual, right. And we thought that we would have a few 100 people sign up for our summer school, we had over 4000 people sign up for our summer school. And so one of the things we had to do is really pedal fast to be able to support that many students in this summer school that kind of grew out of our proportions. The neat thing was once again, seeing all the kids and students around the world taking advantage of this and learning about quantum computing. And then I guess that the end of last year, Dave, to really top this off, we did something really fundamentally important. And we set up a quantum center for historically black colleges and universities, with Howard University being the anchor of this quantum center. And we're serving 23 HBCUs now, to be able to reach a new set of students, if you will, with STEM technologies, and most importantly, with quantum. And I find, you know, the neat thing about quantum is is very interdisciplinary. So we have quantum physicist, we have electrical engineers, we have engineers on the team, we have computer scientists, we have people with biology and chemistry and financial services backgrounds. So I'm pretty excited about the reach that we have with quantum into HBCUs and even beyond right I think we can do some we can have some phenomenal results and help a lot of people on this journey to quantum and you know, obviously help ourselves but help these students as well. >> What do you see in people do with quantum and maybe some of the use cases. I mean you mentioned there's sort of a connection to traditional workloads, but obviously some new territory what's exciting out there? >> Well, there's been a really a number of use cases that I think are top of mind right now. So one of the most interesting to me has been one that showed us a few months ago that we talked about in the press actually a few months ago, which is with Exxon Mobil. And they really started looking at logistics in the context of Maritime shipping, using quantum. And if you think of logistics, logistics are really, really complicated. Logistics in the face of a pandemic are even more complicated and logistics when things like the Suez Canal shuts down, are even more complicated. So think about, you know, when the Suez Canal shut down, it's kind of like the equivalent of several major airports around the world shutting down and then you have to reroute all the traffic, and that traffic and maritime shipping is has to be very precise, has to be planned the stops are plan, the routes are plan. And the interest that ExxonMobil has had in this journey is not just more effective logistics, but how do they get natural gas shipped around the world more effectively, because their goal is to bring energy to organizations into countries while reducing CO2 emissions. So they have a very grand vision that they're trying to accomplish. And this logistics operation is just one of many, then we can think of logistics, though being a being applicable to anyone that has a supply chain. So to other shipping organizations, not just Maritime shipping. And a lot of the optimization logic that we're learning from that set of work also applies to financial services. So if we look at optimization, around portfolio pricing, and everything, a lot of the similar characteristics will also go be applicable to the financial services industry. So that's one big example. And I guess our latest partnership that we announced with some fanfare, about two weeks ago, was with the Cleveland Clinic, and we're doing a special discovery acceleration activity with the Cleveland Clinic, which starts prominently with artificial intelligence, looking at chemistry and genomics, and improve speed around machine learning for all of the the critical healthcare operations that the Cleveland Clinic has embarked on but as part of that journey, they like many clients are evolving from artificial intelligence, and then learning how they can apply quantum as an accelerator in the future. And so they also indicated that they will buy the first commercial on premise quantum computer for their operations and place that in Ohio, in the the the years to come. So it's a pretty exciting relationship. These relationships show the power of the combination, once again, of classical computing, using that intelligently to solve very difficult problems. And then taking advantage of quantum for what it can uniquely do in a lot of these use cases. >> That's great description, because it is a strong connection to things that we do today. It's just going to do them better, but then it's going to open up a whole new set of opportunities. Everybody wants to know, when, you know, it's all over the place. Because some people say, oh, not for decades, other people say I think it's going to be sooner than you think. What are you guys saying about timeframe? >> We're certainly determined to make it sooner than later. Our roadmaps if you note go through 2023. And we think the 2023 is going to will be a pivotal year for us in terms of delivery around those roadmaps. But it's these kind of use cases and this intense working with these clients, 'cause when they work with us, they're giving us feedback on everything that we've done, how does this programming model really help me solve these problems? What do we need to do differently? In the case of Exxon Mobil, they've given us a lot of really great feedback on how we can better fine tune all elements of the system to improve that system. It's really allowed us to chart a course for how we think about the programming model in particular in the context of users. Just last week, in fact, we announced some new machine learning applications, which these applications are really to allow artificial intelligence users and programmers to get take advantage of quantum without being a quantum physicist or expert, right. So it's really an encapsulation of a composable elements so that they can start to use, using an interface allows them to access through PyTorch into the quantum computer, take advantage of some of the things we're doing around neural networks and things like that, once again, without having to be experts in quantum. So I think those are the kind of things we're learning how to do better, fundamentally through this co-creation and development with our quantum network. And our quantum network now is over 140 unique organizations and those are commercial, academic, national laboratories and startups that we're working with. >> The picture started become more clear, we're seeing emerging AI applications, a lot of work today in AI is in modeling. Over time, it's going to shift toward inference and real time and practical applications. Everybody talks about Moore's law being dead. Well, in fact, the yes, I guess, technically speaking, but the premise or the outcome of Moore's law is actually accelerating, we're seeing processor performance, quadrupling every two years now, when you include the GPU along with the CPU, the DSPs, the accelerators. And so that's going to take us through this decade, and then then quantum is going to power us, you know, well beyond who can even predict that. It's a very, very exciting time. Jamie, I always love talking to you. Thank you so much for coming back on the CUBE. >> Well, I appreciate the time. And I think you're exactly right, Dave, you know, we talked about POWER10, just for a few minutes there. But one of the things we've done in POWER10, as well as we've embedded AI into every core that processor, so you reduce that latency, we've got a 10 to 20 times improvement over the last generation in terms of artificial intelligence, you think about the evolution of a classical machine like that state of the art, and then combine that with quantum and what we can do in the future, I think is a really exciting time to be in computing. And I really appreciate your time today to have this dialogue with you. >> Yeah, it's always fun and it's of national importance as well. Jamie Thomas, thanks so much. This is Dave Vellante with the CUBE keep it right there our continuous coverage of IBM Think 2021 will be right back. (gentle music) (bright music)

(bright music) >> Narrator: From around the globe, it's the CUBE with digital coverage of IBM Think 2021, brought to you by IBM. >> Welcome back to IBM Think 2021, the virtual edition. This is the CUBEs, continuous, deep dive coverage of the people, processes and technologies that are really changing our world. Right now, we're going to talk about modernization and what's beyond with Jamie Thomas, general manager, strategy and development, IBM Enterprise Security. Jamie, always a pleasure. Great to see you again. Thanks for coming on. >> It's great to see you, Dave. And thanks for having me on the CUBE is always a pleasure. >> Yeah, it is our pleasure. And listen, we've been hearing a lot about IBM is focused on hybrid cloud, Arvind Krishna says we must win the architectural battle for hybrid cloud. I love that. We've been hearing a lot about AI. And I wonder if you could talk about IBM Systems and how it plays into that strategy? >> Sure, well, it's a great time to have this discussion Dave. As you all know, IBM Systems Technology is used widely around the world, by many, many 1000s of clients in the context of our IBM System Z, our power systems and storage. And what we have seen is really an uptake of monetization around those workloads, if you will, driven by hybrid cloud, the hybrid cloud agenda, as well as an uptake of Red Hat OpenShift, as a vehicle for this modernization. So it's pretty exciting stuff, what we see as many clients taking advantage of OpenShift on Linux, to really modernize these environments, and then stay close, if you will, to that systems of record database and the transactions associated with it. So they're seeing a definite performance advantage to taking advantage of OpenShift. And it's really fascinating to see the things that they're doing. So if you look at financial services, for instance, there's a lot of focus on risk analytics. So things like fraud, anti money laundering, mortgage risk, types of applications being done in this context, when you look at our retail industry clients, you see also a lot of customer centricity solutions, if you will, being deployed on OpenShift. And once again, having Linux close to those traditional LPARs of AIX, I-Series, or in the context of z/OS. So those are some of the things we see happening. And it's quite real. >> Now, you didn't mention power, but I want to come back and ask you about power. Because a few weeks ago, we were prompted to dig in a little bit with the when Arvind was on with Pat Kessinger at Intel and talking about the relationship you guys have. And so we dug in a little bit, we thought originally, we said, oh, it's about quantum. But we dug in. And we realized that the POWER10 is actually the best out there and the highest performance in terms of disaggregating memory. And we see that as a future architecture for systems and actually really quite excited about it about the potential that brings not only to build beyond system on a chip and system on a package, but to start doing interesting things at the Edge. You know, what do you what's going on with power? >> Well, of course, when I talked about OpenShift, we're doing OpenShift on power Linux, as well as Z Linux, but you're exactly right in the context for a POWER10 processor. We couldn't be more we're so excited about this processor. First of all, it's our first delivery with our partner Samsung with a seven nanometer form factor. The processor itself has only 18 billion transistors. So it's got a few transistors there. But one of the cool inventions, if you will, that we have created is this expansive memory region as part of this design point, which we call memory inception, it gives us the ability to reach memory across servers, up to two petabytes of memory. Aside from that, this processor has generational improvements and core and thread performance, improved energy efficiency. And all of this, Dave is going to give us a lot of opportunity with new workloads, particularly around artificial intelligence and inferencing around artificial intelligence. I mean, that's going to be that's another critical innovation that we see here in this POWER10 processor. >> Yeah, processor performance is just exploding. We're blowing away the historical norms. I think many people don't realize that. Let's talk about some of the key announcements that you've made in quantum last time we spoke on the qubit for last year, I think we did a deeper dive on quantum. You've made some announcements around hardware and software roadmaps. Give us the update on quantum please. >> Well, there is so much that has happened since we last spoke on the quantum landscape. And the key thing that we focused on in the last six months is really an articulation of our roadmaps, so the roadmap around hardware, the roadmap around software, and we've also done quite a bit of ecosystem development. So in terms of the roadmap around hardware, we put ourselves out there we've said we were going to get to over 1000 qubit machine and in 2023, so that's our milestone. And we've got a number of steps we've outlined along that way, of course, we have to make progress, frankly, every six months in terms of innovating around the processor, the electronics and the fridge associated with these machines. So lots of exciting innovation across the board. We've also published a software roadmap, where we're articulating how we improve a circuit execution speeds. So we hope, our plan to show shortly a 100 times improvement in circuit execution speeds. And as we go forward in the future, we're modifying our Qiskit programming model to not only allow a easily easy use by all types of developers, but to improve the fidelity of the entire machine, if you will. So all of our innovations go hand in hand, our hardware roadmap, our software roadmap, are all very critical in driving the technical outcomes that we think are so important for quantum to become a reality. We've deployed, I would say, in our quantum cloud over, you know, over 20 machines over time, we never quite identify the precise number because frankly, as we put up a new generation machine, we often retire when it's older. So we're constantly updating them out there, and every machine that comes on online, and that cloud, in fact, represents a sea change and hardware and a sea change in software. So they're all the latest and greatest that our clients can have access to. >> That's key, the developer angle you got redshift running on quantum yet? >> Okay, I mean, that's a really good question, you know, as part of that software roadmap in terms of the evolution and the speed of that circuit execution is really this interesting marriage between classical processing and quantum processing and bring those closer together. And in the context of our classical operations that are interfacing with that quantum processor, we're taking advantage of OpenShift, running on that classical machine to achieve that. And once again, if, as you can imagine, that'll give us a lot of flexibility in terms of where that classical machine resides and how we continue the evolution the great marriage, I think that's going to that will exist that does exist and will exist between classical computing and quantum computing. >> I'm glad I asked it was kind of tongue in cheek. But that's a key thread to the ecosystem, which is critical to obviously, you know, such a new technology. How are you thinking about the ecosystem evolution? >> Well, the ecosystem here for quantum is infinitely important. We started day one, on this journey with free access to our systems for that reason, because we wanted to create easy entry for anyone that really wanted to participate in this quantum journey. And I can tell you, it really fascinates everyone, from high school students, to college students, to those that are PhDs. But during this journey, we have reached over 300,000 unique users, we have now over 500,000 unique downloads of our Qiskit programming model. But to really achieve that is his back plane by this ongoing educational thrust that we have. So we've created an open source textbook, around Qiskit that allows organizations around the world to take advantage of it from a curriculum perspective. We have over 200 organizations that are using our open source textbook. Last year, when we realized we couldn't do our in person programming camps, which were so exciting around the world, you can imagine doing an in person programming camp and South Africa and Asia and all those things we did in 2019. Well, we had just like you all, we had to go completely virtual, right. And we thought that we would have a few 100 people sign up for our summer school, we had over 4000 people sign up for our summer school. And so one of the things we had to do is really pedal fast to be able to support that many students in this summer school that kind of grew out of our proportions. The neat thing was once again, seeing all the kids and students around the world taking advantage of this and learning about quantum computing. And then I guess that the end of last year, Dave, to really top this off, we did something really fundamentally important. And we set up a quantum center for historically black colleges and universities, with Howard University being the anchor of this quantum center. And we're serving 23 HBCUs now, to be able to reach a new set of students, if you will, with STEM technologies, and most importantly, with quantum. And I find, you know, the neat thing about quantum is is very interdisciplinary. So we have quantum physicist, we have electrical engineers, we have engineers on the team, we have computer scientists, we have people with biology and chemistry and financial services backgrounds. So I'm pretty excited about the reach that we have with quantum into HBCUs and even beyond right I think we can do some we can have some phenomenal results and help a lot of people on this journey to quantum and you know, obviously help ourselves but help these students as well. >> What do you see in people do with quantum and maybe some of the use cases. I mean you mentioned there's sort of a connection to traditional workloads, but obviously some new territory what's exciting out there? >> Well, there's been a really a number of use cases that I think are top of mind right now. So one of the most interesting to me has been one that showed us a few months ago that we talked about in the press actually a few months ago, which is with Exxon Mobil. And they really started looking at logistics in the context of Maritime shipping, using quantum. And if you think of logistics, logistics are really, really complicated. Logistics in the face of a pandemic are even more complicated and logistics when things like the Suez Canal shuts down, are even more complicated. So think about, you know, when the Suez Canal shut down, it's kind of like the equivalent of several major airports around the world shutting down and then you have to reroute all the traffic, and that traffic and maritime shipping is has to be very precise, has to be planned the stops are plan, the routes are plan. And the interest that ExxonMobil has had in this journey is not just more effective logistics, but how do they get natural gas shipped around the world more effectively, because their goal is to bring energy to organizations into countries while reducing CO2 emissions. So they have a very grand vision that they're trying to accomplish. And this logistics operation is just one of many, then we can think of logistics, though being a being applicable to anyone that has a supply chain. So to other shipping organizations, not just Maritime shipping. And a lot of the optimization logic that we're learning from that set of work also applies to financial services. So if we look at optimization, around portfolio pricing, and everything, a lot of the similar characteristics will also go be applicable to the financial services industry. So that's one big example. And I guess our latest partnership that we announced with some fanfare, about two weeks ago, was with the Cleveland Clinic, and we're doing a special discovery acceleration activity with the Cleveland Clinic, which starts prominently with artificial intelligence, looking at chemistry and genomics, and improve speed around machine learning for all of the the critical healthcare operations that the Cleveland Clinic has embarked on but as part of that journey, they like many clients are evolving from artificial intelligence, and then learning how they can apply quantum as an accelerator in the future. And so they also indicated that they will buy the first commercial on premise quantum computer for their operations and place that in Ohio, in the the the years to come. So it's a pretty exciting relationship. These relationships show the power of the combination, once again, of classical computing, using that intelligently to solve very difficult problems. And then taking advantage of quantum for what it can uniquely do in a lot of these use cases. >> That's great description, because it is a strong connection to things that we do today. It's just going to do them better, but then it's going to open up a whole new set of opportunities. Everybody wants to know, when, you know, it's all over the place. Because some people say, oh, not for decades, other people say I think it's going to be sooner than you think. What are you guys saying about timeframe? >> We're certainly determined to make it sooner than later. Our roadmaps if you note go through 2023. And we think the 2023 is going to will be a pivotal year for us in terms of delivery around those roadmaps. But it's these kind of use cases and this intense working with these clients, 'cause when they work with us, they're giving us feedback on everything that we've done, how does this programming model really help me solve these problems? What do we need to do differently? In the case of Exxon Mobil, they've given us a lot of really great feedback on how we can better fine tune all elements of the system to improve that system. It's really allowed us to chart a course for how we think about the programming model in particular in the context of users. Just last week, in fact, we announced some new machine learning applications, which these applications are really to allow artificial intelligence users and programmers to get take advantage of quantum without being a quantum physicist or expert, right. So it's really an encapsulation of a composable elements so that they can start to use, using an interface allows them to access through PyTorch into the quantum computer, take advantage of some of the things we're doing around neural networks and things like that, once again, without having to be experts in quantum. So I think those are the kind of things we're learning how to do better, fundamentally through this co-creation and development with our quantum network. And our quantum network now is over 140 unique organizations and those are commercial, academic, national laboratories and startups that we're working with. >> The picture started become more clear, we're seeing emerging AI applications, a lot of work today in AI is in modeling. Over time, it's going to shift toward inference and real time and practical applications. Everybody talks about Moore's law being dead. Well, in fact, the yes, I guess, technically speaking, but the premise or the outcome of Moore's law is actually accelerating, we're seeing processor performance, quadrupling every two years now, when you include the GPU along with the CPU, the DSPs, the accelerators. And so that's going to take us through this decade, and then then quantum is going to power us, you know, well beyond who can even predict that. It's a very, very exciting time. Jamie, I always love talking to you. Thank you so much for coming back on the CUBE. >> Well, I appreciate the time. And I think you're exactly right, Dave, you know, we talked about POWER10, just for a few minutes there. But one of the things we've done in POWER10, as well as we've embedded AI into every core that processor, so you reduce that latency, we've got a 10 to 20 times improvement over the last generation in terms of artificial intelligence, you think about the evolution of a classical machine like that state of the art, and then combine that with quantum and what we can do in the future, I think is a really exciting time to be in computing. And I really appreciate your time today to have this dialogue with you. >> Yeah, it's always fun and it's of national importance as well. Jamie Thomas, thanks so much. This is Dave Vellante with the CUBE keep it right there our continuous coverage of IBM Think 2021 will be right back. (gentle music) (bright music)

>> from our studios in the heart of Silicon Valley, Palo Alto, California It is a cute conversation >> lover on Welcome to this cube conversation here in Palo Alto, California. The Cube Studio. I'm John for the co host of the Cube Weird Sylvan shop. Who's the head of solution Architecture and open systems securing Esti win of right of other cloud to point out like capabilities. Very successful. 20 plus years. Operation Civil was the one of the first folks are coming over to the US to expand their operation from Europe into New York. Now here in Silicon Valley. Welcome to the Cube conversation. Thank you. So instituting trivia. You were part of the original team of three to move to the U. S. From Switzerland. You guys had phenomenal success in Europe. You've come to the U. S. Having phenomenal success in the US Now you moving west out here to California on that team, you're opening things up at the market. >> It's been a chance, Mikey. Things can presented themselves step by step, and I jumped on the trains and it's been a good right. >> Awesome. You guys have had great success. We interviewed your CEO a variety of your top people. One of the things that's interesting story is that you guys have been around for a long time. Been there, done that, riding this next next wave of digital transformation. What we call a cloud two point. Oh, but really is about enterprise. Full cloud scale, securing it. You have a lot of organic growth with customers, great word of mouth. So that's not a lot of big marketing budgets, riel. Real success there. You guys now are in the US doing the same thing here. What's been the key to success for open systems wide such good customers? Why the success formula is it you guys are on the right wave. What is it? The product? All the above. What's the What's the secret formula? >> So multiple things I say. And we started as a privately owned company like broad banks to, um, to the Internet email into one back in the nineties. And, um, yeah, we started to grow organically, as he said were by mouth, and Indiana is we put heavy focus on operations, so we wanted to make our customers happy and successful, and, um, yeah, that's how we got there like it was slow organic growth. But we always kind of kept the core and we tried to be unconventional, tried to do things differently than others do. And that's what brought us to where we are today and now capabilities Being here in the Valley, um, opens up a lot of more doors. >> It's got a nice office and we would see I saw the video so props for that. Congratulations. But the real to me, the meat on the bone and story is, is that and I've been really ranting on this whole SD win is changing. SD Win used to be around for a long, long time. It's been known industries known market. It's got a total addressable market, but really, what has really talks to is the the cloud. The cloud is a wide area network. Why do we never used to be locked down? He had the old way permitted based security. Now everything is a wide area. That multi cloud in hybrid club. This is essentially networking. It's a networking paradigms. It's not lately rocket science technically, but the cloud 2.0 shift is about, you know, data. It's about applications, different architectures you have everything kind of coming together, which creates a security problem, an opportunity for new people to come in. That's what you guys? One of them. This is the big wave. What? It explain the new s t win with, you know, the old way and the new way. What is the what? What should people know about the new S D win marketplace? >> Yeah. So let me start. Where do Owen has come from and how digital transformation has impacted that. So typically corporate wider networks were centered around the Clear Data Center where all applications were hosted, storage and everything and all traffic was back holding to the data center. Typically, one single provider that Broady, Mpls links on dhe. It was all good. You had a central location where you could manage it. You had always ability security stack was there. So you had full control. Now new requirements from natural transformation broad as users are on the road, they're on their phones ipads on the in, restaurants in ah, hotels, Starbucks. Wherever we have applications moved to the cloud. So their access directly You wanna have or be as close as possible Unify Communications. I OT It's all things deposed. Different requirements now in the network and the traditional architecture didn't were wasn't able to respond to that. It's just that the links they were filled up. You couldn't invest enough thio blow up your Nampula slings to handle the band with You lost visibility because users were under road. You lost control, and that's where new architectures had to be found. That's where Ston step them and say, Hey, look now we're not centered around the headquarter anymore were sent around where the applications are, your scent around, where the data is, and we need to find means to connected a data as quickly as possible. And so you can use the Internet. Internet has become a commodity. It's become more performance more stable, so we can leverage that we can route traffic according to our policies. We can include the cloud, and that's where Ston actually benefits from the clown. As much as the club benefits from SD went because they go hand in hand and that's also what we really drive to say, Hey, look, now the cloud can be directly brought into your network, no matter where, where data and where applications. >> Yeah, and this is the thing. You know, Although you've been critical of S t when I still see it as the path of the future because it's networking. And the end of the day networking is networking. You moving packets from point A to point B and you're moving somebody story you moving from point A to store the point C. It's hard. And you brought this up about Mpls. It's hard to, like rip and replace You can't just do a wholesale change on the network has the networks are running businesses. So this is where the trick is, in my opinion. So I want to get your thoughts on how companies were dealing with this because, I mean, if you want to move, change something in the network, it takes a huge task. How did you guys discover this new opportunity? How did you implement it? What was the and how should customers think about not disrupting their operations at the same time bringing in the new capabilities of this SD win two point? Oh, >> yeah, that's it's a perfect sweet spot, because in the end is, um, nobody starts at a green field. If you could start with a green field. It's easy. You just take on the new technology and you're happy. But, um, customers that we look up large enterprises, they have a brownfield. They haven't existing that work. They have business critical applications running 24 7 And if you look at what options large enterprises have to implement and manage a nasty when is typically three approaches, they either do it themselves, meaning they need a major investment in on boarding people having the talent validating technology and making the project work already. Look at a conventional managers provider. In the end, that is just the same as doing yourself. It's just done by somebody else, and you have the the challenge that those providers typically, um, have a lot of portfolio that they manage. And they do not have enough expertise in Nasty Wen. And so you just end up with the same problems and a lot of service, Janey. So even then you do not get the expertise that you need. >> I think what's interesting about what you guys have done? I want to get your reaction to this is that the manage service piece of it makes it easier to get in without a lot of tinkering with existing infrastructure. Exact. And that's been one of that tail winds for you guys and success wise. Talk about that dynamic of why they managed service is a good approach because you put your toe in the water, so to speak, and you can kind of get involved, get as much as you need to go and go further. Talk about that dynamic and why that's important. >> Yeah, technology Jane is very quickly. So you need people that are able to manage that and open systems as a pure play provider. We build purposely build our platform for us, he went. So we integrated feature sets. We we know how to monitor it, how to configure it, how to manage it. Lifecycle management, technology, risk technology management. All this is purposely purposely built into it, so we strongly believe that to be successful, you need people that are experts in what they do to help you so that you and your I t people can focus in enabling the business. And that's kind of our sweet spot where we don't say we have experts. Our experts operating the network for you as a customer and therefore our experts are your experts. And that's kind of where we believe that a manage service on the right way ends up in Yeah, the best customer. >> And I think the human capital pieces interesting people can level up faster when you when you're not just deploying here. Here's the software load. It is the collaborations important. They're good. They're all right. While you're on this topic, I want to get your thoughts. Since you're an expert, we've been really evaluating this cloud 2.0, for lack of a better description. Cloud 2.0, implying that the cloud 1.0 was Amazon miss on The success of Amazon Web service is really shows Dev Ops in Action Agility The Lean startup Although all that stuff we read reading about for the past 10 plus years great compute storage at scale, amazing use of data like you, said Greenfield. Why not use the cloud? Great. Now all the talk about hybrid cloud even going back to 2013 We were of'em world at that time start 10th year their hybrid cloud was just introduced. Now it's mainstream now multi cloud is around the corner. This teases out cloud 2.0, Enterprise Cloud Enterprise Scale Enterprise Security Cloud Security monitoring 2.0, is observe ability. Got Cooper All these new things air coming on. This is the new clout to point out what is your definition of cloud two point? Oh, if you had to describe it to a customer or a friend, >> it is really ah, some of hybrid cloud or multi cloud, as you want to name it, because in the end, probably nobody can say I just select one cloud, and that's going to make me successful because in the end, cloud is it's not everywhere, as we kind of used to believe in the beginning, but in the end, it's somebody else's computer in a somebody else's data center. So the cloud is you selectively pick the location where you want to for your cloud instances and asked if Cloud Service providers opened up more locations that are closer to your users in the or data you actually can leverage more possibilities. So what we see emerging now is that while for a long time everything has moved to the cloud, the cloud is again coming back to us at the sietch. So a lot of compute stuff is done close to where data is generated. Um, it's where the users are. I mean, Data's generated with with us. Yeah, phones and touch and feel and vision and everything. So we can leverage these technologies to really compute closer to the data. But everything controlled out of central cloud instances. >> So this brings up a good point. You essentially kind of agreeing with cloud one detto being moved to the cloud. But now you mentioned something that's really interesting around cloud to point out, which is moving having cloud, certainly public clouds. Great. But now moving technology to the edge edge being a data center edge being, you know, industrial I ot other things wind farms, whatever users running around remotely you mentioned. So the edges now becomes a critical component of this cloud. Two point. Oh, okay. So I gotta ask the question, How does the networking and what's the complexity? And I'm just imagining massive complexity from this. What are some of the complexities and challenges and opportunities will arise out of this new dynamic of club two point. Oh, >> So the traditional approaches does just don't work anymore. So we need new ways to not only on the networking side, but obviously also the security side. So we need to make sure that not on Lee the network follows in the footsteps of the business of what it needs. But actually, the network can drive business innovation and that the network is ready to handle those new leaps and technologies. And that's what we see is kind of being able to tightly integrate whatever pops up, being able to quickly connect to a sass provider, quickly integrate a new cloud location into your network and have the strong security posture there. Directly integrated is what you need because if you always have to think about weight, if I add this, it's gonna break something else, and I have to. To change is here. Then you lose all the speed that your business needs. >> I mean, the ripple effect of it's like throwing a stone in the lake and seeing the ripple effect with cloud to point. You mentioned a few of them. Network and Security won't get to that in a second, but doesn't change every aspect of computing categories. Backup monitoring. I mean all the sectors that were traditional siloed on premise that moves with the cloud are now being disrupted again for the third time. Yeah, you agree with that? >> It's true. And I mean your club 0.1 point. Oh, you say a lot of things will be seen his lift and shift and that still works like there is a lot of work loads where it's not worth it to re factor everything. But then, for your core applications, the business where the business makes money, you want a leverage, the latest instead of technologies to really drive, drive your business there. >> I got to get your take on this because you're the head of architecture solutions at Open Systems. Um, is a marketing tagline that I saw that you guys promote, which I live. I want to get your thoughts on. It says, Stop treating your network like a network little marketing. I love it, but it's kind of like stop trying your network like a network implying that the networks changing may be inadequate. Antiquated needs to modernize. I'm kind of feeling the vibe there on that. What do you mean by that? Slow Stop treating your network like a network. What's what's the purpose >> behind that? But yeah, in the end, it to be a little flaw provoking. But I mean, even est even in its pure forms, where you have a softer controller that steers your traffic along different path. Already. For me, as an engineer, I'm gonna lose my mind because I want to know where routing is going. I want deterministic. Lee defined my policy, so I always have things under control. But now it's a softer agent that takes care. Furred takes care of it for me so that already I lose control in favor off. Yeah, more capabilities. And I think that's cloud just kind of accelerate. >> So you guys really put security kind of in between the network and application? Is that the way you're thinking about it? It used to be Network was at the bottom. You built the application, had security. Now you're thinking differently. Explain that the the architectural thinking around this because this is a modern approach you guys were taking, and I want to get this on the record. Applications have serving users and machines network delivers packets, and then you're saying security's wrapping up between them explain. >> So when we go back again to the traditional model Central Data Center, you had a security stack full rack of appliances that the care of your security was easy to manage. Now, if you wanna go ask you when connect every brand side to the Internet, you cannot replicate such an infrastructure to every branch. Location just doesn't skill. So what do you do? Why do you say I cannot benefit of this where I use new methods? And that's where we say we integrate security directly into our networking stack. So to be able to not rely on the service training but have everything compiled into one platform and be able to leverage that data is passing through our network. You've eyes. But then why not apply the same security functions that we used to do in our headquarter directly at the edge and therefore every branch benefits of the same security posture that I typically were traditionally only had in my data center? >> You guys so but also weighing as a strategic infrastructure critical infrastructure opponent. I would agree with that. That's obvious, but as we get into hybrid cloud and multi cloud infrastructures of service support. Seamless integration is critical. This has become a topic, will certainly be talking about for the rest of the year Of'em world and reinvented other conferences like Marcel that night as well. This is the big challenge for customers. Do I invest in Azure A. W as Google in another cloud? Who knows how many clouds coming be another cloud potentially around the corner? I don't want to fork my development team. I want to do one of the great different code bases. This has become kind of like the challenge. How do you see this playing out? Because again, the applications want to run on the best cloud possible. I'm a big believer in that. I think that the cloud should dictate the AP should dictate which cloud runs. That's why I'm a believer in the single cloud for the workload, not a single cloud for all workloads. So your thoughts, >> I think, from an application point of view. As you say, the application guys have to determine more cloud is best for them, I think from a networking point of view, as a network architect, we need to we can't work against this but enable them and be able to find ways that the network can seamlessly connect to whatever cloud the business wants to use. And there's plenty of opportunity to do that today and to integrate or partner with other providers that actually have partnered with dozens of cloud providers. And as we now can architect, we have solutions to directly bring you as a customer within milliseconds, to each cloud, premise is a huge advantage. It takes a few clicks in a portal. You have a new clouds instance up and running, and now you're connected. And the good thing is, we have different ways to do that. Either. We spin up our virtual instance virtual esti one appliance in cloud environments so we can leverage the Internet to go. They're still all secured, all encrypted, ordering me again. Use different cloud connect interconnections to access the clouds. Depending on the business requirements, >> you guys have been very successful. A lot of comfort from financial service is the U. N. With NGOs, variety of industries. So I want to get your thoughts on this. I've been we've been covering the Department of Defense is joining and Chet I joint and the presentation of defense initiative where the debate was soul single purpose Cloud. Now the reality is and we've covered this on silicon angle that D O D is going multi cloud as an organization because they're gonna have Microsoft Cloud for collaboration and other contracts. They're gonna win $8,000,000,000. So that a Friday cloud opportunities, but for the particular workload for the military, they have unique requirements. Their workload has chosen one cloud. That was the controversy. Want to get your thoughts on this? Should the workloads dictate the cloud? And is that okay? And certainly multi cloud is preferred Narada instances. But is it okay to have a single cloud for a workload? >> Yeah, again, from if the business is okay with that, that's fine from our side of you. We see a lot of lot of business that have global presence, so they're spread across the globe. So for them, it's beneficial to done distribute workloads again across different regions, and it could still be the same provider, but across different regions. And then already, question is How do you now we're out traffic between those workloads? Do we? Do you love right? Your esteem and infrastructure or do you actually use, for example, the backbone that the cloud provider provides you in case of Microsoft? They guarantee you the traffic between regions stay in their backbone. So gifts, asshole, new opportunities to leverage large providers. Backbone. >> And this is an interesting nuance point because multi cloud doesn't have to be. That's workload. Spreading the workload across three different clouds. It's this workload works on saving Amazon. This workload works on Azure. This workload works on another cloud that's multi cloud from a reality standpoint today, so that implies that most every country will be multi cloud for sure. But workloads might have a single cloud for either the routing and the transit security with the data stored. And that's okay, too. >> Yeah, yeah, and keep in mind, Cloud is not only infrastructure or platform is the service. It's also software as a service. So as soon as we have sales forests, work day office 3 65 dropbox or box, then we are multiplied. >> So basically the clouds are fighting it out by the applications that they support and the infrastructure behind. Exactly. All right, well, what's next for you? You're on the road. You guys doing a lot of customer activity. What's the coolest thing that you're seeing in the customer base from open system standpoint that you like to share with the audience? >> Um, so again, it's just cool to see that customers realized that there's plenty of opportunities. And just to see how we go through that evolution with our customers, were they initially or little concerned? But then eventually we see that actually, the network change drives new business project and customers air happy that they launched or collaborate with us. That's what that's what makes me happy and makes me and a continuing down that path >> and securing it is a key. Yeah, he wins in this market Having security? >> Absolutely. Yeah, Sylvia saying mind and not wake up at 2 a.m. Full sweat, because here >> we'll manage. Service is a preferred for my people like to consume and procure product in So congratulations and congressional on your Silicon Valley office looking for chatting more. I'm John for here in the keep studios for cute conversation. Thanks for watching

>> Live from Las Vegas, it's theCUBE, covering AWS re:Invent 2018, brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> And welcome back here to Las Vegas. We're in the Sands expo, we're in Hall D. If you happen to be at the show or dropping in just to watch, come on by and say hi to us. Love to see you here on theCUBE, as we continue our coverage, day two. And along with Justin Warren, I'm John Walls. And now we're joined by a couple of gents from HUB International, Seth Morrell, who's the vice president of enterprise, architecture and design. Seth, good morning to you. >> Good morning. >> And Jeremy Embalabala, who is the director of security architecture and engineering, also at HUB International. Good morning, Jeremy. >> Good morning. >> Seth, by the way, playing hurt, broken finger with a snowblower in Chicago on Monday. >> On Monday. >> Yeah, good luck though with the winter. >> Yeah, yeah, yeah, it started off well. >> Sorry to see that, but thanks for coming regardless. >> No problem. >> All right, tell us about HUB International a little bit, about primary mission and then the two of you, what you're doing for them primarily. >> Right, right, so HUB International is an insurance brokerage. Personal, commercial, we do employee benefits, retirement as well. We're based in the US in Chicago, operate in US and Canada. 500 plus locations, 12,000 employees. >> Okay, and then primary responsibilities between the two of you? >> Well, I'm the director of security architecture. I'm responsible for all things technical with regards to security, both on the architecture side, engineering and operations. >> All right, so yesterday we were talking about this early, you did a session, you're big Splunk guys, right? So let's talk about what you're doing with that, how that's working for you in general, if you would. >> Yeah, yeah, go ahead. >> Yeah, the reason Splunk Enterprise Security, the on-premise version we actually, people always ask me, are you using Splunk Cloud or Splunk On Prem? And I always joke, well we're using Splunk On Prem in the cloud in AWS. But for us, we're really focused on Splunk as a SIEM, to enable our security operations center to provide insights into our environment and help us detect and understand threats that are going on in the environment. So we have a manage partner that runs our security operations center for us. They also manage our Splunk environment. It helps us keep an eye on both our AWS environment that we have, our Azure environment, and our on-premise data center as well. >> A few people have sort of gotten wary of the idea of a SIEM. People have tried to use SIEMs and they haven't been very successful and they go, "Oh SIEM's a bit of a dirty word." But it sounds like SIEM's actually working for you really well. >> Yeah, I really view a SIEM as a cornerstone of security program. Specifically if you have a mature security operation center, it's really hard to operate that without a SIEM. SIEMs are tricky, they're tricky to implement, they're generally very costly and they require a lot of tuning, a lot of love, care, and feeding in order to be effective. Quite frankly, if you don't get that right, it can actually be detrimental to your security program. But if you put the proper care and feeding into a SIEM, it will be very beneficial to your organization. >> Okay, so what's some of the things that you've been able to do now that you've got Splunk in there and it's helping you manage the security? Because I saw some statistics earlier this morning, where security is basically the second biggest, most popular term here at AWS and at re:Invent. It's clearly front of mind for a lot of enterprises. So what is it that Splunk in helping you to achieve that you wouldn't have been able to go otherwise? >> The biggest thing for us is the aggregation of all of our logs, our data sources in AWS, data sources on prem, our Windows file servers, our network traffic flow data, all of that's aggregated into Splunk. And that allows us to do some correlation with third-party threat intelligence feeds. Take indicators of compromise that are streamed, that are observed out there in the real world, and apply those to data that we're seeing on our actual data sources in our environment. It allows us to detect threats that we wouldn't have been able to detect otherwise. >> Right, how does that translate through to what you're actually doing as a business? I mean, this is a very sort of technology-centric thing, but you're an insurance agent. So how does this investment in security translate into the business value? >> One, it just gives us visibility into the environment, and we can proactively identify potential threats and remediate them before they actually cause an impact to the business. Without these tools and without these capabilities, it'd be a much riskier endeavor. And so it's helped us throughout, and we've been good partners with Splunk, they're been good partners with us. And coupled with all the other things that we're doing in the security space and in the cloud space, we're able to build a nice secure environment for our customers and ourselves. >> We're also a very highly regulated industry, so we have regulations that we have to comply with for security. And our customers also care about security very, very deeply. So it allows us to be able to protect our customers' data and really assure our customers that their data is safe with us, whether that data is hosted on-prem or it's in the cloud. >> What about that battle? There's often a battle between private enterprise and regulation, just in general, right? It's making sure the policy makers understand capabilities and real threats as opposed to maybe perceptions or whatever. What do you see in terms of the federal regulatory environment and what you deal with in a Balkanized system where you're dealing with 50 states and Canada. So you've got your hands full, I assume. >> So at HUB, we view security and compliance a little differently. Instead of trying to build security programs and achieve compliance by abiding by all the regulations, we do the right thing from a security perspective. We make the right investments. We put the right controls into our environment. When those new regulations come out for provincial law in Canada or different states or GDPR in Europe, that we'll be 95% of the way there, by just building the right controls into our environment at a foundational level. Then we have to just spend our efforts just kind of aligning ourselves with the other 5% that vary from regulation to regulation. >> Was that a shift in management philosophy at all? Because quite often or maybe in the past, it's like, I'm only going to do something. I'm not saying HUB, but in general, when I have to. As opposed to you appear to be preemptive. Right, you're doing things because you should. So there's a different mindset there, right? >> It sounds like a much more strategic view of security rather than a tactical reactive kind of security. How long has that been the philosophy at HUB? >> So we really built out our a security program starting the beginning of last year. There's all new leadership that came in, Seth came in, myself came in, all new leadership across the organization. And that's really where that mindset came from. And the need and recognition to make an investment in security. We view security as a driver of business, not just a cost center. It's a way we can add to the bottom line and be able to generate revenue for the business by being able to show our customers that we really care about their data, and we're going to do our best to take of them. So with that mindset, we can actually help market, and use that as a marketing tool to be able to help drive business. >> So what are some of the things that you've seen here at the show that you're thinking about, well actually that will support my strategy? Some of the more longer term things. Is there anything that's sort of stuck out to you as sort of going, ooh, that's something that we should actually take back? >> Yeah, well, there's some tactical announcements that are very important to us. The announcement of Windows File Server support. File Server support is big deal for us. We're a heavy File Server organization. And having that native within AWS is very interesting. There's been some other announcements with SFTP. Other items that we're going to be trying to take advantage of in a fairly quick fashion. And we're excited about that. We've been on our journey to cloud since essentially the summer of 2017 through now. And we're kind of ready for the next steps, the next set of capabilities. And so, a conference like this and all these announcements, we're excited to take a look at the menu and start picking out what we want to eat. >> It's a great buffet. >> Yeah, yeah. >> In a city that's famous for it. >> That's true, that's true. >> All you can eat. >> Yeah. >> All right, so let's talk about the journey then. You said 2017, so it's been a year, year plus into that. And you're excited about what's coming, but what do you need? So I know you got this great buffet that you're looking at, but maybe you don't want the pork. Maybe you want the turkey. What do you need, what do you want the most, you think, to service your clients? >> Right, so, we spent most of our migration just essentially moving what we had over to the cloud. And so, what our next steps are, let's really understand our workloads, let's be smarter about how we're running them, let's take advantage of the appropriate technology, the menu items that are out there, per work load, just to be smarter. We're going to be spending much more time this year looking at more automation, orchestration, and basically maturing our cloud capabilities so that we're ready for the next big thing. And as we acquire another company or there's a new business need, we're working to be more proactive and being able to anticipate those needs with building a platform that we can really extend and build upon. >> I'm sorry, go ahead. >> I have a question on the choosing of workloads then. So are you going to be moving everything to the cloud? Or do you think that there'll be some things that will actually remain on-prem or is it going to be a hybrid cloud? >> Our goal is to go from a data center to a network closet. >> Right. >> So we have moved almost all of our application workloads out of our data center right now. We have a large VDI environment we're looking to move as well. Once that's done, we'll be down to our phone system and a couple other legacy applications that we're trying to determine what we actually want to do with strategically. >> Right, okay. That's a pretty common sort of story. There's a lot of people who are moving as much as they possibly can, and then there's a few little bits that just sort of sit there that you need to decide, do we rewrite this, do we actually need this at all, maybe we just turn it off. >> Right. >> Yeah. >> Are there any capabilities specific to your industry that you need or that you'd like to have refined? Something that would allow you to do your job, specifically in the insurance space, that would be unique to you? Anything floating out there that you say, if we had that, that'll fine-tune this to a better degree or a greater degree? >> So for us, it's all about flexibility. We grow very, very rapidly through our mergers and acquisitions. We bought 52 companies last year and we're on pace to do almost 70 companies this year. So for us, the cloud really enables us to be able to absorb those organizations that we acquire, bring them in much, much faster. Part of the story of our cloud migration, we were able to move the integration time for mergers and acquisitions from six months down to under 90 days. Because we're now able to move those workloads in much, much quicker with the clouds. For us that's really a key capability. >> Well you guys are used to writing checks, dinner's on them tonight, right? >> Definitely. >> Seth, Jeremy, thanks for being with us. >> Thank you. >> Glad to be here. >> We appreciate the time. Good luck with the winter, I think you might need it. >> Yeah, yeah, exactly. >> All right, we'll be back with more from AWS re:Invent. You're watching theCUBE from Las Vegas. (snappy techno music)

>> Narrator: Live from Washington D.C. it's theCUBE, covering .conf2017. Brought to you by Splunk. (techno music) >> Well welcome back here on theCUBE as we continue our coverage at .conf2017. Splunks get together here in the nation's capital, Washington D.C. We are live here on theCUBE along with Dave Vellante. I'm John Walls. Glad to have you with us here for two days of coverage. We're joined now by Team Dell EMC I guess you could say. Colin Gallagher, who's the Senior Director of VxRail Product Marketing. Colin, good to see you, sir. >> Likewise. >> And Cory Minton, many time Cuber. Colin, you're a Cuber, as well. Principle Engineer, Data Analytical Leader at Dell EMC, and BigDataBeard.com, right? >> Yes, sir. >> Alright, and just in case, you have a special session going on. They're going to be handing these out a little bit later. So, I'm going to let you know that I'm prepared >> Cory: I love that, that's perfect. >> With you and your many legions of fans, allow me to join the club. >> That's awesome. Well welcome, we're so glad to have you. You've got a big data beard. You don't have to have a beard to talk big data at Dell EMC, but it certainly is not frowned upon if you do. >> John: Alright, well this would be the only way I'd ever grow one. >> There you go. >> I can promise you that. >> Looks good on you. >> I like the color, though, too. Anyway, they'll be handing these out at the special session. That'll be a lot of fun. Fellows, big announcement last week where you've got a marriage of sorts with Splunk technology and what Dell EMC is offering on VxRail. Tell us a little bit about that. Ready Systems is how you're branding this new offer. >> So we announced our Ready Systems for Splunk. These are turnkey offerings of Dell EMC technology pre-certified and pre-validated with Splunk and pre-sized. So we give you the option to buy from us both your Splunk solution and the underlying infrastructure that's been certified and validated in a wide variety of flavors based on top of VxRail, based on top of VxRack, based on top of some of our other storage products, as well, that gives you a full turnkey implementation for Splunk. So as Splunk is moving from the land of the hoodies and the experimenters to more mainstream running the business, these are the solutions that IT professionals can trust from both brands that IT professionals (mumbles). >> So you're both a Splunk reseller and a seller of infrastructure, is that right? >> Indeed. So we actually, we joined Splunk in a partnership as a strategic alliance partner a little over a year ago. And that gave us the opportunity to act as a reseller for Splunk. And we've recently gone through a rationalization of their catalog, so we actually have now an expanded offering. So, customers have more choice with us in terms of the offers that we provide from Splunk. And then part of our alliance relationship is that not only are we a reseller, but because of our relationship they now commit engineering and resources to us to help validate our solutions. So we actually work hand in hand with their partner engineering team to make sure that the solutions that we're designing from an infrastructure perspective at least meet or exceed the hardware requirements that Splunk wants to see their platform run on top of. >> Dave: Okay, cool. So you're a data guy. >> Indeed. >> You've been watching the evolution of things like Hadoop. When I look at the way in which customers deal with Hadoop, you know, ingest, you know, clean or transform, analyze, etc., etc., operationalize, there seem to be a lot of parallels between what goes on in that big data world and then the Splunk world, although Splunk is a package, it seems to be an integrated system. What are the similarities? What are the differences? And, what are the requirements for infrastructure? >> I think that the ecosystems, like you said, it's open source versus a commercial platform with a specific objective. And if you look at Splunk's deployment and their development over the years they've really started going from what was really a Google search for log, as Doug talked about today in the kickoff, to really being a robust analytics platform. So I think there's a lot of parallels in terms of technology. We're still ... It's designed to do many of the same things, which is I need to ingest data into somewhere, I need to make sense of it. So, we index it or do some sort of curation process to where then I can ask questions of it. And whether you choose to go the open source route, which is a very popular route, or you choose to go a commercial platform like Splunk, it really depends on your underlying call it ethos, right? It's that fundamental buy versus build, right? For somebody to achieve some of the business outcomes of like deploying a security event and information management tool like Splunk can do, to do that in open source may require some development, some integration of disparate open source platforms. I think Splunk is really good about focusing specifically on the business outcome that they're trying to drive and speeding their customers' time to value with that specific outcome in mind, whereas I think the open source community, like the Hadoop community, I think it offers maybe some ability to do some things that Splunk maybe wouldn't be interested in, things like rich media analytics, things that aren't good for Splunk indexing. >> Are there unique attributes of a data rich workload that you've accommodated that's maybe different from a traditional enterprise workload, and what are those? >> Yeah, so at the end of the day any application is going to have specific bottlenecks, right? One of the basis of performance engineering is move the bottleneck, right? In enterprise applications we had this evolution of originally they were kind of deployed in a server, and then we saw virtualization and shared storage really come in vogue for a number of years. And that's true in these applications, these data rich applications, as well. I think what we're starting to see is that regardless of what the workload is, whether it's a traditional business application like Oracle, SAP, or Microsoft or it's a data application like Splunk, anytime it becomes critical to the operation of a business organizations have to start to do things that we've done to every enterprise IT app in the past, which is we align it to our strategy. Is it highly available? Is it redundant? Is it built on hardware that we can be confident in that's going to be up and running when we need it? So I think from a performance and an engineering perspective, we treat each workload special, right? So we look at what Splunk requirements are and we understand that their requirements may be slightly different than running SAP or Oracle, and that's why we build the bespoke systems like our Ready System for Splunk specifically, right? It's not a catch all that hey it works for everything. It is a specifically designed platform to run Splunk exceptionally well. >> So Colin, a lot of the data practitioners that I talk to at this show and other data oriented shows like, "Ah, infrastructure. "I don't care about infrastructure." Why should they care about infrastructure? Why does infrastructure matter, and what are the things that they should know? >> Infrastructure does matter. I mean infrastructure, if youre infrastructure isn't there, if your infrastructure isn't highly available, as Cory said, if it lets you down in the middle of something, your business is going to shut down, right? Any user can say, "Talk about what happened "the last time you had a data center event, "and how long were you offline, "and what did that really mean for your business? "What's the cost of downtime for you?" And everything we build at an application level and a software level really rests on an infrastructure foundation, right? Infrastructure is the foundation of your data center and the foundation of your IT, and so infrastructure does matter in the sense that, as Cory said, as you build mission critical platforms on it the infrastructure needs to be highly reliable, highly available, and trusted, and that's what we really focus on bringing. And as applications like Splunk evolve more into that mainstream world, they need to be built on that mission critical, reliable, managed infrastructure, right? It's one thing for infrastructure development, and this kind of happens in the history of IT, as well. It happened in client server back in the day. You know, new applications ... Even the web environment I remember a company was running, one of my clients was running a web server under their secretary's desk, and she was administering in half time. You would never have a large company doing that. >> They'd be back up (mumbles). Before you leave. >> As it becomes more important it becomes more central, but also it becomes more important to centrally manage those, right? I'm a 15 year storage veteran, for good or for worse, and what we really sell in storage is selling centralized management of that storage. That's the value that we bring from centralized infrastructure versus a bunch of servers that are sitting distributed around the environment under someone's desk is that centralized management, the ability to share the resources across them, the ability to take one down while the others keep running, shift that workload over and shift it back. And that's what we can do with our Ready Systems. We can bring that level of shared management, shared performance management, to the Splunk world. >> I'll tell you, one of the things that we talked about, we talked about in a number of sessions this week, is application owners, specifically the folks that are here at this conference, need to understand that when they decide to make changes at the application level, whether they like infrastructure or they think it's valuable or not, what they need to understand is that there are impacts, and that if you look at the exciting things that were announced today around Enterprise Security updates, right? Enterprise Security is an interesting app from Splunk, but if a customer goes from just having Splunk Enterprise to running Enterprise Security as a premium application, there's significant downstream impacts on infrastructure that if the application team doesn't account for they can basically put themselves in a corner from a performance and a capacity perspective that can cause serious problems and slow down the business outcome that they're trying to achieve because they didn't think about the infrastructure impacts. >> Well, and what they want really is they want infrastructure that they can code, right? And we talked about this at VMworld we were talking about off camera that cloud model, bringing that cloud model to your data as oppose to trying to force your business into the cloud. So what about Ready Systems mimics that cloud model? Is it a cloud like infrastructure? Wondering if you could talk-- >> Yeah, I think it's that cloud like experience. Because we know we're in a multi cloud world, right? Cloud is not a place, cloud is an operating model, right? And so I think that the Ready Systems specifically provides a couple of things that are that cloud like experience, which is simple ordering and configuration and consumption that is aligned to the application, right? So we actually align the sizing of the system to the license size and the expected experience that this one customer would have so they get that very curated bespoke system that's designed specifically for them, but in a very easy to consume fashion that's also validated by the software vendor, in this case Splunk, that they say, "These are known good configurations "that you will be successful with." So we give customers that comfort that, "Hey, this is a proven way "to deploy this application successfully, "and you don't have to go through "a significant architecture design concept "to get to that cloud like experience." Then you layer in the fact that what makes up the Ready System, which is it is a platform powered by, in the VxRail case powered by VMware, right, ESX and vSAN, which obviously if you look at any of the cloud providers everything is virtualized at the end of the day for the most part, or at least most of the environments are. And so we give, and VMware has been focused on that for years and years of giving that cloud like experience to their customers. >> You talk about, you mentioned selling, sort of reseller, you've got this partnership growing, you're a customer. So, you have all these hats, right, and connections with Splunk. What does that do for you you think just in general? What kind of value do you put on that having these multiple perspectives to how they operate whether it's in your environment or what you're doing for your customers using their insights? >> Yeah, I think at the end of the day we're here to make it simpler for customers. So if we do the work, and we invest the time and energy and resources in this partnership, and we go do the validation, we do the joint engineering, we do the joint certification, that's work that customers don't have to do, and that's value that we can deliver to them that whatever reason they buy Splunk for whatever workload or business outcome they're trying to achieve, we accelerate it. That's one of the biggest values, right? And then you look at who do they interact with in the field? Well, it's engineers from our awesome presales team from around the world that we've actually trained in Splunk. So we have now north of 25 folks that have Splunk SE certifications that are actually Dell EMC employees that are out working with Splunk customers to build platforms and achieve that value very, very quickly. And then them understanding that, "Oh, by the way, Dell EMC is also a user of Splunk, "a great customer of Splunk "and a number of interesting use cases "that we're actually replatforming now "and drinking our own Kool Aid so to say," that I think it just lends credibility to it. And that's a lot of the reason why we've made the investments in being part of this awesome show, but also in doing things like providing the applications. So we actually have four apps in Splunkbase that are available to monitor Dell EMC platforms using Splunk. So I think customers just get a wholistic experience that they've got a technology partner that wants to see them be successful deploying Splunk. >> I wonder if we could talk about stacks, because I've heard Chad Sack-edge talk about stack wars, tongue and cheek, but his point is that customers have to make bets. You've heard him talk about this. You've got the cloud stacks, whether it's Azure or AWS or Google. Obviously VMware has a prominent stack, maybe the most prominent stack. And there's still the open source, whether it's Hadoop or OpenStack. Should we be thinking about the Splunk stack? Is that emerging as a stack, or is it a combination of Splunk and these other? >> You know, we actually had that conversation today with some of the partner engineering team, and I don't know that I would today. I think Splunk continues to be, it's its own application in many cases. And I actually think that a lot of what Splunk is about is actually making sure that those stacks all work. So there was even announcements made today about a new app. So they have a new app for Pivotal Cloud Foundry, right? So if you think about stacks for application development, if you're going to hit push on a new application you're going to need to monitor it. Splunk is one of those things that persistent. The data is persistent. You want to keep large amounts of data for long periods of time so that you can build your models, understand what's really going on in the background, but then you need that real time reporting of, "Hey, if I hit push on a Cloud Foundry app "and all of a sudden I have an impact "to the service that's underlying it "because there's some microservice that gets broken, "if I don't have that monitoring platform "that can tell me that and correlate that event "and give me the guidance to not only alert against it "but actually go investigate it and act against it, "I'm in trouble." The stacks, I think many of them have their own monitoring capabilities, but I think Splunk has proven it that they are invested in being the monitoring and the data fabric that I think is wanting to help all the stacks be successful. So I don't necessarily put it in the stack. And I kind of don't put Hadoop in its own stack, either, because I think at the end of the day Hadoop needs a stack for deployment models. So you may see it go from a physical construct of being, a bit trying to be its own software that controls the underlying hardware, but I think you're seeing abstraction layers happen everywhere. They're containerizing Hadoop now. Virtualization of Hadoop is legit. Most of the big cloud providers talk about the decoupling of compute from storage in Hadoop for persistent and transient clusters. So I think the stacks will be interesting for application development, and applications like Splunk will be one of two things. They'll either consume one of those stacks for deployment or they'll be a standalone monitoring tool that makes us successful. >> So you don't see in the near term anyway Splunk becoming an application development platform the way that a lot of the-- >> Cory: They may have visions of it. That's not, yeah. >> They haven't laid that out there. It's something that we've been bounding around here. >> Yeah, I think it's interesting. Again, I think it goes back to .. Because the flexibility in what you can do with Splunk. I mean we've developed some of our own applications to help monitor Dell EMC storage platforms, and that's, it's interesting. But in terms of building what we'd I guess we'd consider like traditional seven factor app development, I don't know that it provides it. >> Yeah, well it's interesting because, I'm noodling here, Doug Merritt said, "Hey, we think we're going to be the next five billion, "10 billion, 20 billion dollar ecosystem slash company," and so you start to wonder, "Okay, how does that TAM grow to that point? That's one avenue that we considered. I want to talk about the anatomy of a transaction and how that's evolved. Colin, you mentioned Client Server, and you think about data rich applications going from sort of systems of record and the transactions associated with that. And while there were many going to Client Server and HTTP, and then now mobile apps really escalated that. And now with containers, with microservices, the amount of data and the complexity of transactions is greater and greater and greater. As a technologist, I wonder if you could sort of add some color to that. >> Yeah, I think as we kind of go down a path of application stacks are interesting, but at the end of the day we're still delivering a service, right? At the end of the day it's always about how do I deliver service, whether it's a business service, it's a mobile application, which is a service where I could get closer to my customer, I could transact business with them on a different model, I think all of it ... Because everything has gone digital, everything we do is digital, you're seeing more and more machines get created, there's more and more IP addressed devices out there on the planet that are creating data, and this machine generated data deluge that we're under right now it ain't slowing down, right? And so as we create these additional devices, somebody has got to make sense of this stuff. And if you listen to a lot of the analysts they talk about machine data is the most target rich in terms of business value, and it's their fastest growing. And it's now at a scale because we've now created so many devices that are creating their own logs, creating their own transactional data, right, there's just not that many tools that out of the box make it simple to collect the data, search the data, and derive value from it in the way that Splunk does. You can get to a lot of the things that Splunk can deliver from an outcome other ways with other platforms, but the simplicity and the ability to do it with a platform that out of the box does it and has a vibrant community of folks that will help you get there, it's a pretty big deal. So I think it's, you know, it's interesting. I don't know, like under the covers microservices are certainly interesting. They're still services. They're just smaller and packaged slightly differently and shared in a different way. >> And a lot more of them. >> Yeah, and scaled differently, right? And I totally get that, but at the end of the day we're still from a Splunk perspective and from a data perspective, we've still got to make sense of all of it. >> Right, well, I think the difference is just the amount of data. You talked about kind of new computing models, serverless sort of, stateless, IoT coming into play. It's just the data curve is reshaping. >> Well, it's not just the amount of data, it's the number of sources. The data is exploding, but also, as Cory mentioned, it's exploding because it's coming from so many places. Your refrigerator can generate data for you now, right? Every single ... Everything that generates Internet, anything doing anything now really has a microprocessor in it. I don't know if you guys saw my escape room at VMworld. There were 12 microprocessors running this escape room. So one of the things we played about doing was bring it here and trying to Splunk the escape room to actually see real time what the data was doing. And we weren't able to ship it back from Barcelona in time, but it would've been interesting to see, because you can see just the centers that are in that room real time and being able to correlate all that. And that's the value of Splunk is being able to pull that from those disparate sources altogether and give you those analytics. >> Yeah, it's funny you talk about an IoT use case. So we've got these... Our partner, who's a joint partner of both Dell EMC and Splunk, we actually have these Misfit devices that are activity trackers. And we're actually-- >> Misfit device? >> Misfit. Yeah, it's a brand. >> John: Love it. >> It's fitting, I think. But we have these devices that we gave away to a number of the attendees here, and we actually asked them if they're willing to participate. They can actually use the app on your phone to grab the data. And by simply going to a website they can allow us to pull the data from their device about their activity, about their sleep. And so we actually have in our booth and in Arrow's booth we're Splunking Conf and it's called How Happy is Conf? And so you can actually see Splunk running, and by the way, it's running in Arrow's lab. It's running on top of Dell EMC infrastructure designed for Splunk. You can actually see us Splunking how happy conf attendees are. And we're measuring happiness by their sleep. How much sleep-- >> John: Sleep quality and-- >> The exercise, the number of steps, right? So we have a little battle going between-- >> Is more sleep or less sleep happy? >> Are consumption behaviors also tracked on that? I just want to know. I'm curious. >> It's voluntary. You'd have to provide that. >> Alright, because that's another measure of happiness. >> It certainly is. But it's just a great use case where we talk about IoT and the number of sources of data that Splunk as a platform ... It's very, very simple to deploy that platform, have a web service that's able to pull that data from an API from a platform that's not ours, right, but bring that data into our environment, use Splunk to ingest and index that data, then actually create some interesting dashboards. It's a real world use case, right? Now, how much people really want to (mumbles) Splunk health devices we'll determine, but in the IoT context it's an absolute analog for what a lot of organizations are trying to do. >> Interesting, good stuff. Gentlemen, thanks for being with us. We appreciate that. Cory, it's probably not the real deal, but as close as I'm going to go. Good luck with your session. We appreciate the time to both of you, and you and your Misfit. Back with more here on theCUBE coming up in just a bit here in Washington D.C. (techno music)

>> Narrator: Live from Washington, D.C., it's the Cube covering .conf 2017 brought to you by Splunk. (electronic music) >> Welcome back to our nation's capitol. Here in Washington, D.C., the Cube which is Silicon Angle TV's flagship broadcast, broadcasting live today and tomorrow from D.C. here at .conf 2017, Splunk's annual get-together. Along with Dave Vellante, I'm John Walls. Now, we're joined by Chidi Alams who is the Head of IT and Security for Heartland Jiffy Lube. We all know Jiffy Lube for sure. Chidi, thanks for being with us. Good to see you. >> Of course, thanks for having me. >> Before I jump in, I was looking at your, kind of the portfolio of responsibilities earlier. Information security, application development, database development, reporting services, enterprise PM, blah, on and on and on. When do you sleep, Chidi? >> I don't. (laughing) That's the easy answer. The reality is I also have two young children at home, so between work and the family life, I'm up all the time. >> John: I imagine so. >> But I would have it no other way. >> Dave: How old are your kids? >> Three and two. >> Oh, you won't sleep for a decade. >> Right. >> I know. >> Wait til they start driving. >> That's what they tell me. >> Then it gets even better or worse, depends on how you look at it. >> That's how you learn how to sleep on airplanes. (laughing) >> Well, let's look at the big picture of security at Jiffy Lube. Your primary concerns these days, I assume, are very much laser-focused on security and what you're seeing. What are the kinds of things that keep you up at night? Other than kids these days? >> So, we're a very large retailer and brand recognition is something that we're very proud of, however, with that comes a considerable amount of risk. So the bad guys are also aware of Jiffy Lube. They understand that as a retailer, we have credit cards, we have very sensitive data. When I started with Jiffy Lube about two and a half years ago, I started a program to focus not only on keeping the bad guys out, right, that's essentially table stakes in any security program, but also implementing a discipline approach around insider threat. Frankly, that's where Splunk has proved to be a significant value for our organization because now we have visibility with respect to both of those risks. Additionally, we've spent a lot of time just taking more of a risk-based approach to security. Quite often what happens, technologists tend to focus on implementing technology and kind of filling gaps that way. The first thing that we did was assess organizational risk based on our most critical assets. Once we were able to determine asset X, in most cases a data asset, was really critical to the organization, credit card data, we were able to build a unified solution and program to ensure that we protect not only our brand, but our customers' data all the time. >> So, first of all I'll say, I love Jiffy Lube. I'm a customer. I go there all the time. It's so convenient, great service. Generally, very customer service oriented, but I see your challenge with all this distributed infrastructure and retail shops around. I would imagine there's somewhat of a transient, some turnover in employee base. >> Chidi: Yeah. >> The bad guys can target folks and say, "Hey, here's a few bucks. "Let me in." So how do you use data and analytics? I'm sure you have all kinds of screening and all kinds of corporate policies around that that's sort of one layer, but it's multi-dimensional. So how do you use technology and data to thwart that risk internally? >> Sure. So I think the key there is having a holistic program. That's a term that's thrown around a lot, so for me, that means a clear focus on people-processed technology. As I mentioned earlier, the tendency is to start with your comfort zone, so with us as technologists, it's technology, but the people aspect, I have found in my career, is always the largest variable that you have to account for. So disgruntled employees. In retail, regardless of how robust and how strong a culture you create, you're always going to have higher turnover than any industry, particularly in the field. Having very tight alignment with HR, Operations, other stakeholders to ensure that, look, when someone leaves, we track that effectively. That's all data-driven, by the way, so that we're able to track the lifecycle of an employee not only on the positive side when they enter the organization, but when they exit. If the exit is immediate, we have triggers and data-driven events that alert us to that so we can respond immediately. Then, I mentioned insider threat. It's not just employees out in the field. Globally, insider threat is probably the biggest blind spots for organizations. Again, the focus is on the outside, so when we look at things like data exfiltration which is a risk in any large organization where there's a lot of change and transformation, you have to have a good baseline of activity that's going on and understand what activity is truly normal versus activity that could be anomalous and an indicator of a bad actor within the enterprise. We have all that visibility and more now with Splunk. >> What is the role that Splunk plays? How has that journey evolved? I don't know if you've been there long enough, but pre-Splunk, post-Splunk, maybe you could describe that. >> Yeah, so pre-Splunk we were very, very reactive. Let me answer that by providing a little more context about how we're leveraging Splunk. So Splunk Enterprise Security is our centralized hub. Data across the enterprise comes to Splunk Enterprise Security. We have a team of SOC analysts that work around the clock to monitor events that, again, could be indicators of something bad happening. So with that infrastructure in place, we've gone from a very reactive situation where we had analysts and engineers going to disparate systems and having to manually triangulate and figure out, hey, is this an event? Is this something worthy of escalation? How do we handle this? Now, we have a platform not only in Splunk, but with some other solutions that gives us data, one, that's actionable. It's not hard to aggregate data, but to make that data meaningful and expose only what's legitimate from a triage and troubleshooting perspective. So those are some of the things we've done that Splunk has played a role in that. >> Okay. Talk about the regime for cybersecurity within your organization. It used to be, oh, it's an IT problem. In your organization, is it still an IT problem? Is the balance of the organization taking more responsibility? Is there a top-down initiative? I wonder if you could talk about how you guys approach that? >> That's a great question because it speaks to governance. One of the things that I did almost immediately when I started with Jiffy Lube was worked very closely with the senior leadership team to define what proper governance looks like because with governance, you've got accountability. So what happens all too often is security is just this thing that's kind of under-the-table. It's understood we've got some technology and some processes and policies in place, however, the question of accountability doesn't arise until there is a problem, especially in the case of a breach and most certainly when that breach leads to front-page exposure which was something I was very concerned about, again, Jiffy Lube being a very large retailer. Worked very closely with the senior leadership team to first of all, identify the priorities. We can't boil the ocean, there are a lot of gaps. There were a lot of gaps, but working as a team, we said, "Look, these are the priorities." Obviously, customer data, that's everything. That's our brand. We want to protect our customers, right. It's not just about keeping their vehicles running as long as possible. We want to be good stewards of their data. So with that, we implemented a very robust data-management strategy. We had regular meetings with business stakeholders and education also played a critical role. So taking technology and security out of the dark room of IT and bringing it to the senior leadership team and then, of course, being a member of that senior leadership team and speaking to these things in a way that my colleagues in Operations or Finance or Supply Chain could readily connect with. Then, translating that to risk that they can understand. >> So it's a shared responsibility? >> Absolutely. >> A big part of security. You talked before about keeping the bad guys out. That's table stakes. Big part of security, at least this day and age, seems to be response, how effectively the organization responds and, as you well know, it's got to be a team sport. It's kind of a bro mod, but the response mechanism, is it rehearsed? It is trained? Can you describe that? >> Both. I agree, response is critical, so you have to plan for everything. You have to be ready. Some of the things that we've done: one, we created a crisis management team, an incident response team. We have a very deliberate focus and a disciplined approach to disaster recovery and business continuity which is often left out of security conversations. Which is fascinating because the classic security triad is confidentiality, integrity, and availability. So the three have to be viewed in light of each other. With that, we not only created the appropriate incident response teams and processes within IT, but then created very clear links between other parts of the business. So if we have a security event or an availability event, how do we communicate that internally? Who is in charge? Who manages the incident? Who decides that we communicate with legal, HR? What is that ecosystem look like? All of that is actually clearly defined in our security policy and we rehearse it at least twice a year. >> You know, we just had Robert Herjavec on from the Herjavec Group just a few minutes ago. He brought up a point I thought pretty interesting. He says, "Security, obviously, is a huge concern." Obviously, it's his focus, but he said, "A problem is that the bad guys, the bad actors, "are extremely inventive and innovative "and keep coming up with new entry points, "new intrusion points." That's the big headache is they invent these really newfangled ways to thwart our systems that were unpredicted. So how does that sit with you? You say you've got all of these policies in place, you've got every protocol aligned, and all-of-a-sudden the door opens a different way that you didn't expect. >> Yeah, one of my favorite topics that really speaks to the future and where I believe the industry is going. So traditionally, security has been very signature-based. In other words, we alert against known patterns of behavior that are understood to be malicious or bad. A growing trend is machine learning, artificial intelligence. In fact, at Jiffy Lube, we are experimenting with a concept that I refer to now as the security immune system. So leveraging machine data to proactively asses potential threats versus waiting for those threats to materialize and then kind of building that into our response going forward. I think a lot of that is still in the early phases, but I imagine that in the very near future that'll be a mandatory part of every security plan. We've got to go beyond two-dimensional signature-based to true AI, machine learning. Taking action, not just providing visibility via response and alerts, but taking action based on that data proactively in a way that might not include a human actor, at least initially. >> What's the organizational structure at your shop? Are you the de-facto CISO? >> Chidi: I am. >> And the CIO? >> Chidi: I am. I wear both hats. >> Yeah, so that's interesting. You know where I'm going with this. There's always the discussion about should you separate those roles. I can make a case for either way, that if you want the best security in IT, have the security experts managing that. The same time, people say, "Well, it's like the fox "watching the hen house and there's lack of transparency." I think I know where you fall on this, but how do you address the guys that say that function should be split? What's the advantage of keeping them together in your view? >> Yeah, so I think you have to marry best practice with the realities of a particular organization. That's the mistake that I think many make when they set about actually defining the appropriate org structure. There's no such thing as a copy and paste org structure. I actually believe, and I have no problem going on record with this, that the best practice does represent in reality a division between IT and security, particularly in larger organizations. Now, for us, that is more of a journey. What you do initially and your end-state are two different things, but the way you get there is incrementally. You don't go big bang out of the gate. Right now, they both roll up to me. Foreseeably, they will roll up to me, but that works best for the Jiffy Lube organization because of some interesting dynamics. The board of directors by the way, given the visibility of security, does have a say on that. Now that we're in transformation mode, they do want one person kind of overseeing the entire transformation of IT and security. Now, in the future, if we decide to split that up and I think we have to be at the right place as an organization to ensure that that transition is successful. >> I'm glad you brought up the board, Chidi, because to me, it's all about transparency. If the CIO can go to the board and say, "Hey, here's the deal. "We're going to get hacked, we have been hacked, "and here's what we're doing about it. "Here's our response routine," and in a transparent way has an open conversation with the board, that's different than historically. A lot of times CIOs would say, "Alright, we've got this covered," because failure meant fired. That's a mistake that a lot of boards made. Now, eventually, over time the board may decide, look, the job's too big to have one person which is kind of what you're ... But how do you feel about that? What's your sentiment on that transparency piece? How often do you meet with the board and what are the discussions like? >> Yeah, great topic. So, a few things. One, and you've hinted to this, it's very important for the CIO or the CISO to have board-level visibility, board-level access. I have that at Jiffy Lube. I've had to present to the board regarding the IT strategy. I think it's also important to be an effective communicator of risk. So when you're talking to the board, what I've done is I've highlighted two things and I believe this very strongly. As a security leader, you have to practice due care and due diligence. So due care represents doing your job within the scope of whatever your role is. Due diligence involves maintaining that over a period of time, including product evaluations. If you have due care and due diligence and you're able to demonstrate that, even if your environment is compromised, you have to have the enterprise including the board realize that as long as those two things are in place, then a security officer is doing his job. Now, what's fascinating is many breaches can be mapped back to a lack of due care and due diligence. That's why the security officer gets fired to be very blunt, but as long as you have those things and you articulate very clearly what that represents to the board and the senior leadership team, then I think you just focus on doing your job and continuing to communicate. >> John wanted to know if you had any Jiffy Lube coupons before we go. >> Yeah, 'cause in my car on the way home I thought I'd just jump in there. >> I'm all out, but I'll (laughs). >> You got one right down the street from the house. They probably know me all too well because I take the kids' cars there too. >> That's right. We'll hook you up, don't worry about it. >> We appreciate the time. >> Thank you. >> Thank you. A newly-converted Dallas Cowboys fan, by the way. >> That's right. Very proud. >> Perhaps here in Washington, we can work on that. >> We'll see about that. >> Alright, we'll see. Chidi, thanks for being with us. >> Thank you, appreciate it. >> Thank you very much. Chidi Alams from Heartland Jiffy Lube. Back with more here on the Cube in Washington, D.C. at .conf 2017 right after this. (electronic music)

>> Announcer: Live, from Washington, D.C, it's theCUBE. Covering .conf2017, brought to you by Splunk. >> Welcome to the District everybody, this is theCUBE, the leader in live tech coverage. My name is Dave Vellante, and I'm here with my co-host for the opening session of Splunk .conf2017, George Gilbert. This is theCUBE's seventh year of doing Splunk .conf. We have seen the evolution of this company from a pre-IPO startup into a 1.2 billion dollar growing, rapidly growing player in the big data sphere. Interestingly George, Splunk in its early days really never glommed on to the big data meme. They let others sort of, run with that. Meanwhile, Splunk was analyzing machine data, helping people solve, you know, operational problems, security problems, et cetera, growing very rapidly as a company. Getting a passionate user group together and a community together, expanding on that community. And now today, you see Splunk is at the heart of big data. As you wrote recently in one of your pieces, you need big data and big data techniques to analyze all this data. So give us your take; where are we at in this evolution of Splunk and the intersection of big data? >> Alright so, I guess the best way to frame it is, we had several years of talk, mainly from the open source big data community, which of course came out of the big tech companies, about how they were going to solve problems with essentially instrumenting the new era of applications. These are the web and mobile apps, and the big data repositories around them. And I'm going to walk through four sort of, categories. Like, define this class of apps very crisply, so we can say who fits where. >> Well let me just ask you, so we're seeing the expansion of Splunk from sort of a narrow log analysis platform, into one that is becoming really more of a platform for big data apps and big data application development and big data apps. >> Okay, let me give you the crisp answer, then. For years Hadoop said, we're the platform for big data apps. But the problem was, it was built by and for big tech companies. So it was a lot of complexity, it's something you and I have talked about for awhile. And that sort of choked its adoption beyond the very most sophisticated enterprises. Splunk started analyzing, you know, basically log data, machine data. But as that platform grew, they built it not so that they were sourcing really innovative pieces from all over the ecosystem, but so that the repository, the analytics, the user interface, the application development environment, were all built to cohere and to fit together. Which meant it was immensely easier for admins and developers to use. And if you look at their results, they're as you said, a 1.2 billion dollar company, and that's bigger than all the Hadoop vendors combined and they're growing just as fast. >> Okay so before we get into it George, I want to just sort of, set it up a little bit for our audience. So we're here in Washington D.C at the convention center; 7,000 plus attendees at this show. When we first started doing the original .conf shows, it was relatively, you know, it's still intimate but it was a much smaller show, so up to 7,000 people now. 65 countries represented here; Doug Merritt, the CEO, launched the keynote this morning. talked about people coming from 30 million miles if you aggregate; you know, Splunk's all about aggregating and analyzing all this data. If you analyze the distance that everybody traveled in aggregate, it was 30 million miles. So what's happening here, is this is the gathering, the annual gathering of the Splunk community, the conference is called .conf. And when you listen to Splunk, and when they talk about their transformation as a company, and their opportunity as a company, really going from security incident and event management, to an organization that's really starting to focus on bringing analytics and big data to the security business. So security is a huge opportunity for Splunk. It's something that they've always been pretty fundamental in and so George, part of Splunk's evolution as a platform, is to really, as you're pointing out, get more into either apps, or allowing the ecosystem to develop apps on top of their platform, right? >> Okay, so that's sort of a great segway to the question of, are they dessert topping or floor wax? Are they a platform or an app? >> The answer is yes. >> Yes. Now, what they're doing, they're taking a page out of Microsoft's playbook, and very few others have made the transition from platform to app; they started really as an app platform. But what's going on now, is they basically can take machine data about your applications and your infrastructure from wherever; across the cloud on PRIM, out at the Edge, and then they give you end-to-end visibility because you've got all that data. And they have some advanced visualization techniques; they make it now, in this release, much easier to monitor the performance metrics. But then what they're doing, when you do this end-to-end visibility, you have a greater burden on the admins to say, well when there's an alert, correlate this problem with this problem and try and figure out where it really came from. What they're starting to do, which is really significant, is build the apps on top which go deep. The apps, like Splunk User Behavior Analytics, Splunk Enterprise Security. What that means is, those apps come pre-trained to know how to read the customers' landscape, put a map together. And then also how to figure out, so when services are not acting quite right, what to investigate. So in other words, they come with an administrator knowledge baked in. >> So Splunk has all this data across its 15,000 customers; you know, billions and billions of data points, if not trillions. And they are able to infer from that data and identify the pattern, so that they can deliver essentially, prepackaged insights to customers >> Yes, you're actually putting your finger on two things that are important. First, like the applications, like user behavior analytics, which is basically for looking for bad actors and intrusion, and enterprise security, which is sort of a broader look. Those come so that they're trained to figure out your landscape and what's normal behavior. But they announced something else just this morning, which was sort of a proactive support where they take all the telemetry data from customers as they opt in, and they learn from that about what's normal and abnormal, and what's best practice and what is not. And so then they can push out proactive support. >> Okay, let's do a quick rundown. We don't have much time here, but let's talk about the cloud strategy. Splunk has a relationship with AWS. Where's Splunk in your view fit with the whole cloud, hybrid cloud, PlayOn, PRIM, in the public cloud? I know they've said publicly that 50% of their customers, or at least maybe it's their new business, is cloud only. And then the other 50% is either on PRIM, or cloud; either all on PRIM, or on PRIM and cloud, so some kind of mix. So where do they fit in the whole cloud, hybrid cloud mix? >> Okay, you also touch again on a couple key things. One is, where can they run so that customers can have the same development platform and admin experience wherever the customer data may be; whether it's on PRIM, on the Edge, or in multiple clouds? That is, they've addressed, because they're a self contained environment, So they can run on different platforms, different locations. But at the same time, when you're working with Splunk on PRIM, you're really in a very different ecosystem than when you're using it in the cloud. Because in the cloud, you might want to take advantage of special purpose machine learning tools, or special purpose analytic databases that have capabilities that are there -- >> Dave: AWS services, for example, yeah. >> Yes, that are there in the cloud. >> Is that a friction point for Splunk? Is that the point of ... You know, are there clear swim lanes, or does it start to get fuzzy? >> I would call it less a friction point, and more of a set of trade-offs that their customers will encounter that are different. >> Okay, like the integrated iPhone versus other third party; so, the tooling. >> And it's worth mentioning that, you know, to stay in that self-contained and compatible sort of platform sphere, this little biosphere wherever it may be, you lose out on the platform specific specialized services that might be on any particular platform. And the fact that you have that trade-off is goodness, as opposed to ... >> Okay, a couple other things. So we talked a little bit about the, and you and I as you say, talked about this forever, is admin and developer complexity. What's Splunk's recipe for simplifying that, and how does machine learning fit in? Okay, so on the issue of admin complexity and developer complexity, I'm going to pull up a cheat sheet here that I started pulling together. Probably the complexity is going to freak out our video support guys. But if you look at the typical open source analytic application and the pipeline that's underneath it, it's got an process phase, it's analyzing the data, it's running predictions, it's serving the data -- >> Dave: Sounds like the Hadoop pipeline. >> It is; whether it's Splunk or Hadoop, it's the same set of -- >> Dave: It's a big data workflow when you're dealing with large volumes, right? >> And whether you're dealing with Splunk or Hadoop, you have to deal with stuff like data governance, performance monitoring, scheduling, authentication authorization, resource -- >> Dave: All the enterprise level stuff that we've grown to understand and love. >> But, if in the open source ecosystem, each stage of the pipeline is a different product, and each of those admin steps is implemented differently because they're coming from different patchy projects, you've got what I call is, potentially a Frankenstein kind of product. You know, like its creator might love it, but -- >> Dave: Okay, so you're saying Splunk's strategy will be to integrate those and be in a simplified, almost like the cloud guys who would aspire to do -- >> Well, that's the other thing. See, Splunk had this wonderful thing on PRIM where they were really the only one who was unifying big data in the cloud; it hasn't happened yet. Like Amazon's answer to customers is, we take any and all comers, you can use our services, you can use others. But you will see over time, probably first by Azure and then later by Amazon -- >> Okay, so were out of time, but these are some of the things we're tracking. Watching spunks TAM expansion, the whole cloud, hybrid cloud strategy, simplifying big data complexity, where does machine learning fit in? Some of the things we didn't get into were breadth versus depth; Splunk is kind of doing both. Going deep with certain applications, but also horizontally across its platform. And then, of course, we haven't talked about IOT but we will this week. IOT and Edge processing, what's the right strategy there? We'll be unpacking that all week. Splunk is a fun crowd; I mean, you can see the t-shirts. The t-shirts are fantastic; Drop Your Breaches, The End of Meh-trix, taking the S-H out of IT. These are some of the t-shirts that you see, some of the slogans that you see around here. So Splunk, really fun company. The other thing that you note about this ecosystem, this audience, is when Splunk makes an announcement, you get genuine applause; you know laughter, applause, really, really passionate customer base. A lot of these conferences we come to, it's sort of golf claps; not here, it's really heartfelt. So George, great analysis. Thanks very much for helping us kick-off. Keep it right there, everybody; we'll be back with our next guest. It's theCUBE, we're live from the District, at Splunk .conf2017. (upbeat techno-music)