>> Narrator: From around the globe, it's theCUBE! With digital coverage of Dell Technologies World Digital Experience. Brought to you by Dell Technologies. >> Hey, welcome back, everybody. Jeffrey here with theCUBE coming to you from our Palo Altos studios with continuing coverage of the Dell Technology World 2020, The Digital Experience. We've been covering this for over 10 years. It's virtual this year, but still have a lot of great content, a lot of great announcements, and a lot of technology that's being released and talked about. So we're excited. We're going to dig a little deep with our next two guests. First of all we have Paul Perez. He is the SVP and CTO of infrastructure solutions group for Dell technologies. Paul's great to see you. Where are you coming in from today? >> Austin, Texas. >> Austin Texas Awesome. And joining him returning to theCUBE on many times, Kit Colbert. He is the Vice President and CTO of VMware cloud for VMware Kit great to see you as well. Where are you joining us from? >> Yeah, thanks for having me again. I'm here in San Francisco. >> Awesome. So let's jump into it and talk about project Monterrey. You know, it's funny I was at Intel back in the day and all of our passwords used to go out and they became like the product names. It's funny how these little internal project names get a life of their own and this is a big one. And, you know, we had Pat Gelsinger on a few weeks back at VM-ware talking about how significant this is and kind of this evolution within the VMware cloud development. And, you know, it's kind of past Kubernetes and past Tanzu and past project Pacific and now we're into project Monterey. So first off, let's start with Kit, give us kind of the basic overview of what is project Monterey. >> Yep. Yeah, well, you're absolutely right. What we did last year, we announced project Pacific, which was really a fundamental rethinking of VMware cloud foundation with Kubernetes built in right. Kubernetes is still a core to core part of the architecture and the idea there was really to better support modern applications to enable developers and IT operations to come together to work collaboratively toward modernizing a company's application fleet. And as you look at companies starting to be successful, they're starting to run these modern applications. What you found is that the hardware architecture itself needed to evolve, needed to update, to support all the new requirements brought on by these modern apps. And so when you're looking at project Monterey, it's exactly that it's a rethinking of the VMware cloud foundation, underlying hardware architecture. And so you think about a project model or excuse me, product Pacific is really kind of the top half if you will, Kubernetes consumption experiences great for applications. Project Monterey comes along as the second step in that journey, really being the bottom half, fundamentally rethinking the hardware architecture and leveraging SmartNic technology to do that. >> It's pretty interesting, Paul, you know, there's a great shift in this whole move from, you know, infrastructure driving applications to applications driving infrastructure. And then we're seeing, you know, obviously the big move with big data. And again, I think as Pat talked about in his interview with NVIDIA being at the right time, at the right place with the right technology and this, you know, kind of groundswell of GPU, now DPU, you know, helping to move those workloads beyond just kind of where the CPU used to do all the work, this is even, you know, kind of taking it another level you guys are the hardware guys and the solutions guys, as you look at this kind of continuing evolution, both of workloads as well as their infrastructure, how does this fit in? >> Yeah, well, how all this fit it in is modern applications and modern workloads, require a modern infrastructure, right? And a Kit was talking about the infrastructure overlay. That VMware is awesome at that all being, I was coming at this from the emerging data centric workloads, and some of the implications for that, including Phillip and diversity has ever been used for computing. The need to this faculty could be able to combine maybe resources together, as opposed to trying to shoehorn something into a mechanical chassis. And, and if you do segregate, you have to be able to compose on demand. And when you start comparing those, we realized that we were humping it up on our conversion trajectory and we started to team up and partner. >> So it's interesting because part of the composable philosophy, if you will, is to, you know, just to break the components of compute store and networking down to a small pieces as possible, and then you can assemble the right amount when you need it to attack a particular problem. But when you're talking about it's a whole different level of, of bringing the right hardware to bear for the solution. When you talk about SmartNics and you talk about GPS in DPS data processing units, you're now starting to offload and even FPG is that some of these other things offload a lot of work from the core CPU to some of these more appropriate devices that said, how do people make sure that the right application ends up on the right infrastructure? This is that I'm, if it's appropriate using more of a, of a Monterey based solution versus more of a traditional one, depending on the workload, how is that going to get all kind of sorted out and, and routed within the actual cloud infrastructure itself? That was probably back to you a Kit? >> Yeah, sure. So I think it's important to understand kind of what a smart NIC is and how it works in order to answer that question, because what we're really doing is to kind of jump right to it. I guess it's, you know, giving an API into the infrastructure and this is how we're able to do all the things that you just mentioned, but what does a SmartNic? Well, SmartNic is essentially a NIC with a general purpose CPU on it, really a whole CPU complex, in fact, kind of a whole system on server right there on that, on that Nic. And so what that enables is a bunch of great things. So first of all, to your point, we can do a lot of offload. We can actually run ESX. >> SXI on that. Nic, we can take a lot of the functionality that we were doing before on the main server CPU, things like network virtualization, storage, virtualization, security functionality, we can move that all off on the Nic. And it makes a lot of sense because really what we're doing when we're doing all those things is really looking at different sort of IO data paths. You know, as, as the network traffic comes through looking at doing automatic load balancing firewall and for security, delivering storage, perhaps remotely. And so the NIC is actually a perfect place to place all of these functionalities, right? You can not only move it off the core server CPU, but you can get a lot better performance cause you're now right there on the data path. So I think that's the first really key point is that you can get that offload, but then once you have all of that functionality there, then you can start doing some really amazing things. And this ability to expose additional virtual devices onto the PCI bus, this is another great capability of a SmartNic. So when you plug it in physically into the motherboard, it's a Nic, right. You can see that. And when it starts up, it looks like a Nic to the motherboard, to the system, but then via software, you can have it expose additional devices. It could look like a storage controller, or it could look like an FPGA look really any sort of device. And you can do that. Not only for the local machine where it's plugged in, but potentially remote machines as well with the right sorts of interconnects. So what this creates is a whole new sort of cluster architecture. And that's why we're really so excited about it because you got all these great benefits in terms of offload performance improvement, security improvement, but then you get this great ability to get very dynamic, just aggregation. And composability. >> So Kit, how much of it is the routing of the workload to the right place, right? That's got the right amount of say, it's a super data intensive once a lot of GPU versus actually better executing the operation. Once it gets to the place where it's going to run. >> Yeah. It's a bit of a combination actually. So the powerful thing about it is that in a traditional world, where are you want an application? You know, the server that you run it, that app can really only use the local devices there. Yes, there is some newer stuff like NVMe over fabric where you can remote certain types of storage capabilities, but there's no real general purpose solution to that. Yet that generally speaking, that application is limited to the local hardware devices. Well, the great part about what we're doing with Monterey and with the SmartNic technology is that we can now dynamically remote or expose remote devices from other hosts. And so wherever that application runs matters a little bit less now, in a sense that we can give it the right sorts of hardware it needs in order to operate. You know, if you have, let's say a few machines with a FPGA is normally if you have needed that a Fiji had to run locally, but now can actually run remotely and you can better balance out things like compute requirements versus, you know, specialized Accella Requirements. And so I think what we're looking at is, especially in the context of VMware cloud foundation, is bringing that all together. We can look through the scheduling, figure out what the best host for it to let run on based on all these considerations. And that's it, we are missing, let's say a physical device that needs, well, we can remote that and sort of a deal at that, a missing gap there. >> Right, right. That's great. Paul, I want to go back to you. You just talked about, you know, kind of coming at this problem from a data centric point of view, and you're running infrastructure and you're the poor guy that's got to catch all the ASAM Todd i the giant exponential curves up into the right on the data flow and the data quantity. How is that impacting the way you think about infrastructure and designing infrastructure and changing infrastructure and kind of future proofing infrastructure when, you know, just around the corners, 5g and IOT and, Oh, you ain't seen nothing yet in terms of the data flow. >> Yeah. So I come at this from two angles. One that we talked about briefly is the evolution of the workloads themselves. The other angle, which is just as important is the operating model that customers are wanting to evolve to. And in that context, we thought a lot about how cloud, if an operating model, not necessarily a destination, right? So what I, and when way we laid out, what Kit was talking about is that in data center computing, you have operational control and data plane. Where did data plane run from the optimized solution? GPU's, PGA's, offload engines? And the control plane can run on stuff like it could be safe and are then I'm thinking about SmartNic is back codes have arm boards, so you can implement some data plane and some control plane, and they can also be the gateway. Cause, you know, you've talked about composability, what has been done up until now is early for sprint, right? We're carving out software defined infrastructure out of predefined hardware blocks. What we're talking about is making, you know, a GPUs residents in our fabric consistent memory residence of a fabric NVME over fabric and being able to tile computing topologies on demand to realize and applications intent. And we call that intent based computer. >> Right. Well, just, and to follow up on that too, as the, you know, cloud is an attitude or as an operating model or whatever you want to say, you know, not necessarily a place or a thing has changed. I mean, how has that had to get you to shift your infrastructure approach? Cause you've got to support, you know, old school, good old data centers. We've got, you know, some stuff running on public clouds. And then now you've got hybrid clouds and you have multi clouds, right. So we know, you know, you're out in the field that people have workloads running all over the place. So, but they got to control it and they've got compliance issues and they got a whole bunch of other stuff. So from your point of view, as you see the desire for more flexibility, the desire for more infrastructure centric support for the workloads that I want to buy and the increasing amount of those that are more data centric, as we move to hopefully more data driven decisions, how's it changed your strategy. And what does it mean to partner and have a real nice formal relationship with the folks over at VMR or excuse me, VMware? >> Well, I think that regardless of how big a company is, it's always prudent. As I say, when I approached my job, right, architecture is about balance and efficiency and it's about reducing contention. And we like to leverage industry R and D, especially in cases where one plus one equals two, right? In the case of, project Monterey for example, one of the collaboration areas is in improving the security model and being able to provide more air gap isolation, especially when you consider that enterprise wants to behave as service providers is concerned or to their companies. And therefore this is important. And because of that, I think that there's a lot of things that we can do between VMware and Dell lending hardware, and for example, assets like NSX and a different way that will give customers higher scalability and performance and more control, you know, beyond VMware and Dell EMC i think that we're partnering with obviously the SmartNic vendors, cause they're smart interprets and the gateway to those that are clean. They're not really analysis, but also companies that are innovating in data center computing, for example, NVIDIA. >> Right. Right. >> And I think that what we're seeing is while, you know, ambivalent has done an awesome job of targeting their capability, AIML type of workloads, what we realized this applications today depend on platform services, right. And up until recently, those platform services have been debases messaging PI active directory, moving forward. I think that within five years, most applications will depend on some form of AIML service. So I can see an opportunity to go mainstream with this >> Right. Right. Well, it's great. You bring up in NVIDIA and I'm just going to quote one of Pat's lines from, from his interview. And he talked about Jensen from NVIDIA actually telling Pat, Hey Pat, I think you're thinking too small. I love it. You know, let's do the entire AI landscape together and make AI and enterprise class workloads from being more in TANZU, you know, first class citizens. So I, I love the fact, you know, Pat's been around a long time industry veteran, but still, kind of accepted the challenge from Jensen to really elevate AI and machine learning via GPS to first class citizen status. And the other piece, obviously this coming up is ed. So I, you know, it's a nice shot of a, of adrenaline and Kit I wonder if you can share your thoughts on that, you know, in kind of saying, Hey, let's take it up a notch, a significant notch by leveraging a whole another class of compute power within these solutions. >> Yeah. So, I mean, I'll, I'll go real quick. I mean, I, it's funny cause like not many people really ever challenged Pat to say he doesn't think big enough, cause usually he's always blown us away with what he wants to do next, but I think it's, I think it's a, you know, it's good though. It's good to keep us on our toes and push us a bit. Right. All of us within the industry. And so I think a couple of things you have to go back to your previous point around this is like cloud as a model. I think that's exactly what we're doing is trying to bring cloud as a model, even on prem. And it's a lot of these kinds of core hardware architecture capabilities that we do enable the biggest one in my mind, just being enabling an API into the hardware. So the applications can get what they need. And going back to Paul's point, this notion of these AI and ML services, you know, they have to be rooted in the hardware, right? We know that in order for them to be performing for them to run, to support what our customers want to do, we need to have that deeply integrated into the hardware all the way up. But that also becomes a software problem. Once we got the hardware solved, once we get that architecture locked in, how can we as easy as possible, as seamlessly as possible, deliver all those great capabilities, software capabilities. And so, you know, you look at what we've done with the NVIDIA partnership, things around the NVIDIA GPU cloud, and really bringing that to bear. And so then you start having this, this really great full stack integration all the way from the hardware, very powerful hardware architecture that, you know, again, driven by API, the infrastructure software on top of that. And then all these great AI tools, tool chains, capabilities with things like the NVIDIA NGC. So that's really, I think where the vision's going. And we got a lot of the basic parts there, but obviously a lot more work to do going forward. >> I would say that, you know, initially we had dream, we wanted this journey to happen very fast and initially we're baiting infrastructure services. So there's no contention with applications, customer full workload applications, and also in enabling how productive it is to get the data over time, have to have sufficient control over a wide area. there's an opportunity to do something like that to make sure that you think about the probation from bare metal vms (conversation fading) environments are way more dynamic and more spreadable. Right. And they expect hardware. It could be as dynamic and compostable to suit their needs. And I think that's where we're headed. >> Right. So let me, so let me throw a monkey wrench in, in terms of security, right? So now this thing is much more flexible. It's much more software defined. How is that changing the way you think about security and basic security and throughout the stack go to you first, Paul. >> Yeah. Yeah. So like it's actually enables a lot of really powerful things. So first of all, from an architecture and implementation standpoint, you have to understand that we're really running two copies of VXI on each physical server. Now we've got the one running on the X86 side, just like normal, and now we've got one running on the SmartNIC as well. And so, as I mentioned before, we can move a lot of that networking security, et cetera, capabilities off to the SmartNic. And so what does this going toward as what we call a zero trust security architecture, this notion of having really defense in depth at many different layers and many different areas while obviously the hypervisor and the virtualization layer provides a really strong level of security. even when we were doing it completely on the X86 side, now that we're running on a SmartNic that's additional defense in depth because the X86 ESX doesn't really know it doesn't have direct access to the ESX. I run it on the SmartNic So the ESXI running on the SmartNic, it can be this kind of more well defended position. Moreover, now that we're running the security functionality is directly on the data path. In the SmartNic. We can do a lot more with that. We can run a lot deeper analysis, can talk about AI and ML, bring a lot of those capabilities to bear here to actually improve the security profile. And so finally I'd say this notion of kind of distributed security as well, that you don't, that's what I want to have these individual points on the physical network, but I actually distribute the security policies and enforcement to everywhere where a server's running, I everywhere where a SmartNic is, and that's what we can do here. And so it really takes a lot of what we've been doing with things like NSX, but now connects it much more deeply into hardware, allowing for better performance and security. >> A common attack method is to intercept the boot of the server physical server. And, you know, I'm actually very proud of our team because the us national security agency recently published a white paper on best practices for secure group. And they take our implementation across and secure boot as the reference standard. >> Right? Moving forward, imagine an environment that even if you gain control of the server, that doesn't allow you to change bios or update it. So we're moving the root of trust to be in that air gap, domain that Kit talked about. And that gives us a way more capability for zero across the operations. Right. >> Right, right. Paul, I got to ask you, I had Sam bird on the other day, your peer who runs the P the PC group. >> I'm telling you, he is not a peer He's a little bit higher up. >> Higher than you. Okay. Well, I just promoted you so that's okay. But, but it's really interesting. Cause we were talking about, it was literally like 10 years ago, the death of the PC article that came out when, when Apple introduced the tablet and, you know, he's talked about what phenomenal devices that PCs continue to be and evolve. And then it's just funny how, now that dovetails with this whole edge conversation, when people don't necessarily think of a PC as a piece of the edge, but it is a great piece of the edge. So from an infrastructure point of view, you know, to have that kind of presence within the PCs and kind of potentially that intelligence and again, this kind of whole another layer of interaction with the users and an opportunity to define how they work with applications and prioritize applications. I just wonder if you can share how nice it is to have that kind of in your back pocket to know that you've got a whole another, you know, kind of layer of visibility and connection with the users beyond just simply the infrastructure. >> So I actually, within the company we've developed within a framework that we call four edge multicloud, right. Core data centers and enterprise edge IOP, and then off premise. it is a multicloud world. And, and within that framework, we consider our client solutions group products to be part of the yes. And we see a lot of benefit. I'll give an example about a healthcare company that wants to develop real time analytics, regardless of whether it's on a laptop or maybe move into a backend data center, right? Whether it's at a hospital clinic or a patient's home, it gives us a broader innovation surface and a little sooner to get actually the, a lot of people may not appreciate that the most important function within Centene, I considered to be the experienced design thing. So being able to design user flows and customer experience looked at all of use is a variable. >> That's great. That's great. So we're running out of time. I want to give you each the last word you both been in this business for a long time. This is brand new stuff, right? Container aren't new, Kubernetes is still relatively new and exciting. And project Pacific was relatively new and now project Monterrey, but you guys are, you know, you're, multi-decade veterans in this thing. as you look forward, what does this moment represent compared to some of the other shifts that we've seen in IT? You know, generally, but you know, kind of consumption of compute and you know, kind of this application centric world that just continues to grow. I mean, as a software is eating everything, we know it, you guys live it every day. What is, where are we now? And you know, what do you see? Maybe I don't want to go too far out, but the next couple of years within the Monterey framework. And then if you have something else, generally you can add as well. Paul, why don't we start with you? >> Well, I think on a personal level, ingenuity aside I have a long string of very successful endeavor in my career when I came back couple years ago, one of the things that I told Jeff, our vice chairman is a big canvas and I intend to paint my masterpiece and I think, you know, Monterey and what we're doing in support of Monterey is also part of that. I think that you will see, you will see our initial approach focus on, on coordinator. I can tell you that you know how to express it. And we know also how to express even in a multicloud world. So I'm very excited and I know that I'm going to be busy for the next few years. (giggling) >> A Kit to you. >> Yeah. So, you know, it's funny you talk to people about SmartNic and especially those folks that have been around for awhile. And what you hear is like, Hey, you know, people were talking about SmartNic 10 years ago, 20 years ago, that sort of thing. Then they kind of died off. So what's different now. And I think the big difference now is a few things, you know, first of all, it's the core technology of sworn and has dramatically improved. We now have a powerful software infrastructure layer that can take advantage of it. And, you know, finally, you know, applications have a really strong need for it, again, with all the things we've talked about, the need for offload. So I think there's some real sort of fundamental shifts that have happened over the past. Let's say decade that have driven the need for this. And so this is something that I believe strongly as here to last, you know, both ourselves at VMware, as well as Dell are making a huge bet on this, but not only that, and not only is it good for customers, it's actually good for all the operators as well. So whether this is part of VCF that we deliver to customers for them to operate themselves, just like they always have, or if it's part of our own cloud solutions, things like being more caught on Dell, this is going to be a core part about how we deliver our cloud services and infrastructure going forward. So we really do believe this is kind of a foundational transition that's taking place. And as we talked about, there is a ton of additional innovation that's going to come out of it. So I'm really, really excited for the next few years, because I think we're just at the start of a very long and very exciting journey. >> Awesome. Well, thank you both for spending some time with us and sharing the story and congratulations. I'm sure a whole bunch of work for, from a whole bunch of people in, into getting to getting where you are now. And, and as you said, Paul, the work is barely just begun. So thanks again. All right. He's Paul's He's Kit. I'm Jeff. You're watching the cubes, continuing coverage of Dell tech world 2020, that digital experience. Thanks for watching. We'll see you next time. (Upbeat music)

>>From the cube studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is a cute conversation. Hi, welcome back. I'm Stu middleman. And this is a cube conversation digging in with, talking about what they're doing to help people. Yeah. Really bringing some of the networking ideals to cloud native environment, both know in the cloud, in the data centers program, Krishna penny. He is the vice president of software. Thanks so much for joining us. Thank you so much for talking to me. Alright, so, so Krishna the pin Sandow team, uh, you know, very well known in the industry three, uh, you innovation. Yeah. Especially in the networking world. Give us a little bit about your background specifically, uh, how long you've been part of this team and, uh, you know, but, uh, you know, you and the team, you know? Yeah. >>And Sando. Yup. Um, so, uh, I'm VP of software in Sandow, um, before Penn Sarno, before founding concern, though, I worked in a few startups in CME networks, uh, newer systems and Greenfield networks, all those three startups have been acquired by Cisco. Um, um, my recent role before this, uh, uh, this, this company was a, it was VP of engineering and Cisco, uh, I was responsible for a product called ACA, which is course flagship SDN tonic. Mmm. So I mean, when, why did we find a phone, uh, Ben Sandoz? So when we were looking at the industry, uh, the last, uh, a few years, right? The few trends that are becoming clear. So obviously we have a lot of enterprise background. We were watching, you know, ECA being deployed in the enterprise data centers. One sore point for customers from operational point of view was installing service devices, network appliances, or storage appliances. >>So not only the operational complexity that this device is bringing, it's also, they don't give you the performance and bandwidth, uh, and PPS that you expect, but traffic, especially from East West. So that was one that was one major issue. And also, if you look at where the intelligence is going, has been, this has been the trend it's been going to the edge. The reason for that is the motors or switches or the devices in the middle. They cannot handle the scale. Yeah. I mean, the bandwidths are growing. The scale is growing. The stateful stuff is going in the network and the switches and the appliances not able to handle it. So you need something at the edge close to the application that can handle, uh, uh, this kind of, uh, services and bandwidth. And the third thing is obviously, you know, x86, okay. Even a few years back, you know, every two years, you know, you're getting more transistors. >>I mean, obviously the most lined it. And, uh, we know we know how that, that part is going. So the it's cycles are more valuable and we don't want to use them for this network services Mmm. Including SDN or firewalls or load balancer. So NBME, mutualization so looking at all these trends in the industry, you know, we thought there is a good, uh, good opportunity to do a domain specific processor for IO and build products around it. I mean, that's how we started Ben signed off. Yeah. So, so Krishna, it's always fascinating to watch. If you look at startups, they are often yeah. Okay. The time that they're in and the technologies that are available, you know, sometimes their ideas that, you know, cakes a few times and, you know, maturation of the technology and other times, you know, I'll hear teams and they're like, Oh, well we did this. >>And then, Oh, wow. There was this new innovation came out that I wish I had add that when I did this last time. So we do, a generation. Oh, wow. Talking about, you know, distributed architectures or, you know, well, over a decade spent a long time now, uh, in many ways I feel edge computing is just, you know, the latest discussion of this, but when it comes to, and you know, you've got software, uh, under, under your purview, um, what are some of the things that are available for that might not have been, you know, in your toolkit, you know, five years ago. Yeah. So the growth of open source software has been very helpful for us because we baked scale-out microservices. This controller, like the last time I don't, when we were building that, you know, we had to build our own consensus algorithm. >>We had to build our own dishwasher database for metrics and humans and logs. So right now, uh, we, I mean, we have, because of open source thing, we leverage CD elastic influx in all this open source technologies that you hear, uh, uh, since we want to leverage the Kubernetes ecosystem. No, that helped us a lot at the same time, if you think about it. Right. But even the software, which is not open source, close source thing, I'm maturing. Um, I mean, if you talk about SDN, you know, seven APS bank, it was like, you know, the end versions of doing off SDN, but now the industry standard is an ADPN, um, which is one of the core pieces of what we do we do as Dean solution with DVA. Um, so, you know, it's more of, you know, the industry's coming to a place where, you know, these are the standards and this is open source software that you could leverage and quickly innovate compared to building all of this from scratch, which will be a big effort for us stocked up, uh, to succeed and build it in time for your customer success. >>Yeah. And Krishna, I, you know, you talk about open forum, not only in the software, the hardware standards. Okay. Think about things, the open compute or the proliferation of, you know, GPS and, uh, everything along that, how was that impact? I did. So, I mean, it's a good thing you're talking about. For example, we were, we are looking in the future and OCP card, but I do know it's a good thing that SEP card goes into a HP server. It goes into a Dell software. Um, so pretty much, you know, we, we want to, I mean, see our goal is to enable this platform, uh, that what we built in, you know, all the use cases that customer could think of. Right. So in that way, hardware, standardization is a good thing for the industry. Um, and then same thing, if you go in how we program the AC, you know, we at about standards of this people, programming, it's an industry consortium led by a few people. >>Um, we want to make sure that, you know, we follow the standards for the customer who's coming in, uh, who wants to program it., it's good to have a standards based thing rather than doing something completely proprietary at the same time you're enabling innovations. And then those innovations here to push it back to the open source. That's what we trying to do with before. Yeah. Excellent. I've had some, some real good conversations about before. Um, and, and the way, uh, and Tondo is, is leveraging that, that may be a little bit differently. You know, you talk about standards and open source, oftentimes it's like, well, is there a differentiator there, there are certain parts of the ecosystem that you say, well, kind of been commodified. Mmm. Obviously you're taking a lot of different technologies, putting them together, uh, help, help share the uniqueness. Okay. And Tondo what differentiates, what you're doing from what was available in the market or that I couldn't just cobbled together, uh, you know, a bunch of open source hardware and software together. >>Yeah. I mean, if you look at a technologist, I think the networking that both of us are very familiar with that. If you want to build an SDN solution, or you can take a, well yes. Or you can use exhibit six and, you know, take some much in Silicon and cobble it together. But the problem is you will not get the performance and bandwidth that you're looking for. Okay. So let's say, you know, uh, if you want a high PPS solution or you want a high CPS solution, because the number of connections are going for your IOT use case or Fiji use case, right. If you, uh, to get that with an open source thing, without any assist, uh, from a domain specific processor, your performance will be low. So that is the, I mean, that's once an enterprise in the cloud use case state, as you know, you're trying to pack as many BMCs containers in one set of word, because, you know, you get charged. >>I mean, the customer, uh, the other customers make money based on that. Right? So you want to offload all of those things into a domain specific processor that what we've built, which we call the TSC, which will, um, which we'll, you know, do all the services at pretty much no cost to accept a six. I mean, it's to six, you'll be using zero cycles, a photo doing, you know, features like security groups or VPCs, or VPN, uh, or encryption or storage virtualization. Right. That's where that value comes in. I mean, if you count the TCO model using bunch of x86 codes or in a bunch of arm or AMD codes compared to what we do. Mmm. A TCO model works out great for our customers. I mean, that's why, you know, there's so much interest in a product. Excellent. I'm proud of you. Glad you brought up customers, Christina. >>One of the challenges I have seen over the years with networking is it tends to be, you know, a completely separate language that we speak there, you know, a lot of acronyms and protocols and, uh, you know, not necessarily passable to people outside of the silo of networking. I think back then, you know, SDN, uh, you know, people on the outside would be like, that stands for still does nothing, right? Like networking, uh, you know, mumbo jumbo there for people outside of networking. You know what I think about, you know, if I was going to the C suite of an enterprise customer, um, they don't necessarily care about those networking protocols. They care about the, you know, the business results and the product Liberty. How, how do you help explain what pen Sandow does to those that aren't, you know, steeped in the network, because the way I look at it, right? >>What is customer looking? But yeah, you're writing who doesn't need, what in cap you use customer is looking for is operational simplicity. And then he wants looking for security. They, it, you know, and if you look at it sometimes, you know, both like in orthogonal, if you make it very highly secure, but you make it like and does an operational procedure before you deploy a workload that doesn't work for the customer because in operational complexity increases tremendously. Right? So it, we are coming in, um, is that we want to simplify this for the customer. You know, this is a very simple way to deploy policies. There's a simple way to deploy your networking infrastructure. And in the way we do it is we don't care what your physical network is, uh, in some sense, right? So because we are close to the server, that's a very good advantage. >>We have, we have played the policies before, even the packet leaves the center, right? So in that way, he knows his fully secure environment and we, and you don't want to manage each one individually, we have this, okay, Rockwell PSM, which manages, you know, all this service from a central place. And it's easy to operationalize a fabric, whether you talk about upgrades or you talk about, you know, uh, deploying new services, it's all driven with rest API, and you can have a GUI, so you can do it a single place. And that's where, you know, a customer's value is rather than talking about, as you're talking about end caps or, you know, exactly the route to port. That is not the main thing that, I mean, they wake up every day, they wake up. Have you been thinking about it or do I have a security risk? >>And then how easy for me is to deploy new, uh, in a new services or bring up new data center. Right. Okay. Krishna, you're also spanning with your product, a few different worlds out. Yeah. You know, traditionally yeah. About, you know, an enterprise data center versus a hyperscale public cloud and ed sites, hi comes to mind very different skillset for management, you know, different types of okay. Appointments there. Mmm. You know, I understand right. You were going to, you know, play in all of those environments. So talk a little bit about that, please. How you do that and, you know, you know, where you sit in, in that overall discussion. Yes. So, I mean, a number one rule inside a company is we are driven by customers and obviously not customer success is our success. So, but given said that, right. What we try to do is that we try to build a platform that is kind of, you know, programmable obviously starting from, you know, before that we talked about earlier, but it's also from a software point of view, it's kind of plugable right. >>So when we build a software, for example, at cloud customers, and they use BSC, they use the same set of age KPI's or GSP CRS, TPS that DSC provides their controller. But when we ship the same, uh, platform, what enterprise customers, we built our own controller and we use the same DC APS. So the way we are trying to do is things is fully leverage yeah. In what we do for enterprise customers and cloud customers. Mmm. We don't try to reinvent the wheel. Uh, obviously at the same time, if you look at the highest level constructs from a network perspective, right. Uh, audience, for his perspective, what are you trying to do? You're trying to provide connectivity, but you're trying to avoid isolation and you're trying to provide security. Uh, so all these constructs we encapsulated in APA is a, which, you know, uh, in some, I, some, some mostly like cloud, like APS and those APIs are, are used, but cloud customers and enterprise customers, and the software is built in a way of it. >>Any layer is, can be removed on any layer. It can be hard, right? Because it's not interested. We don't want to be multiple different offers for different customers. Right. Then we will not scale. So the idea when we started the software architecture, is that how we make it pluggable and how will you make the program will that customer says, I don't want this piece of it. You can put them third party piece on it and still integrate, uh, at a, at a common layer with using. Yeah. Yeah. Well, you know, Krishna, you know, I have a little bit of appreciation where some of the hard work, what your team has been doing, you know, a couple of years in stealth, but, you know, really accelerating from, uh, you know, the announcement coming out of stealth, uh, at the end of 2019. Yeah. Just about half a year, your GA with a major OEM of HPE, definitely a lot of work that needs to be done. >>It brings us to, you know, what, what are you most proud about from the work that your team's doing? Uh, you know, we don't need to hear any, you know, major horror stories, but, you know, there always are some of them, you know, not holes or challenges that, uh, you know, often get hidden yeah. Behind the curtain. Okay. I mean, personally, I'm most proud of the team that we've made. Um, so, uh, you know, obviously, you know, uh, our executors have it good track record of disrupting the market multiple times, but I'm most proud of the team because the team is not just worried about that., uh, that, uh, even delegate is senior technologist and they're great leaders, but they're also worried about the customer problem, right? So it's always about, you know, getting the right mix, awfully not execution combined with technology is when you succeed, that is what I'm most proud of. >>You know, we have a team with, and Cletus running all these projects independently, um, and then releasing almost we have at least every week, if you look at all our customers, right. And then, you know, being a small company doing that is a, Hmm, it's pretty challenging in a way. But we did, we came up with methodologists where we fully believe in automation, everything is automated. And whenever we release software, we run through the full set of automation. So then we are confident that customer is getting good quality code. Uh, it's not like, you know, we cooked up something and that they should be ready and they need to upgrade to the software. That's I think that's the key part. If you want to succeed in this day and age, uh, developing the features at the velocity that you would want to develop and still support all these customers at the same time. >>Okay. Well, congratulations on that, Christian. All right. Final question. I have for you give us a little bit of guidance going forward, you know, often when we see a company out and we, you know, to try to say, Oh, well, this is what company does. You've got a very flexible architecture, lot of different types of solutions, what kind of markets or services might we be looking at a firm, uh, you know, download down the road a little ways. So I think we have a long journey. So we have a platform right now. We already, uh, I mean, we have a very baby, we are shipping. Mmm Mmm. The platforms are really shipping in a storage provider. Uh, we are integrating with the premier clouds, public clouds and, you know, enterprise market, you know, we already deployed a distributed firewall. Some of the customers divert is weird firewall. >>So, you know, uh, so if you take this platform, it can be extendable to add in all the services that you see in data centers on clubs, right. But primarily we are driven from a customer perspective and customer priority point of view. Mmm. So BMW will go is even try to add more ed services. We'll try to add more storage features. Mmm. And then we, we are also this initial interest in service provider market. What we can do for Fiji and IOT, uh, because we have the flexible platform. We have the, see, you know, how to apply this platform, this new application, that's where it probably will go into church. All right. Well, Krishna not a penny vice president of software with Ben Tondo. Thank you so much for joining us. Thank you, sir. It was great talking to you. All right. Be sure to check out the cube.net. You can find lots of interviews from Penn Sundo I'm Stu Miniman and thank you. We're watching the cute.

>> Live from Boston, Massachusetts, it's The Cube, covering AWS re:Inforce 2019. Brought to you by Amazon web services and its ecosystem partners. >> Hey, welcome back everyone. It's The Cube's live coverage here in Boston, Massachusetts for AWS re:Inforce. This is Amazon web services' inaugural security conference around Cloud security. I'm John Furrier. My host Dave Vellante. We've got special guest, we've got another CSO, Dan Meacham, VP of Security and Operations at Legendary Entertainment. Great to see you. Thanks for coming on The Cube. >> Oh, thank you. It's a very pleasure to be here. >> We had some fun time watching the Red Socks game the other night. It was the best night to watch baseball. They did win. >> Was it ever. >> Always good to go to Fenway Park, but we were talking when we were socializing, watching the Red Socks game at Fenway Park about your experience. You've seen a lot of waves of technology you've been involved in. >> Yes, yes. >> Gettin' dirty with your hands and gettin' coding and then, but now running VP of Security, you've seen a lot of stuff. >> Oh. >> You've seen the good, bad, and the ugly. (laughing) >> Yeah, fun business. >> It is. >> You guys did Hangover, right? >> Yes. >> Dark Knight. >> Yes. >> Some really cool videos. >> Good stuff there, yeah. And it's just amazing cause, you know, how much technology has changed over the years and starting back out in the mid-eighties and early nineties. Sometimes I'm just like, oh, if I could only go back to the IPXSX days and just get rid of botnets and things like that. (laughing) That'd be so much easier. Right? >> The big conversation we're having here, obviously, is Amazon's Security Conference. What's your take on it? Again, security's not new, but their trying to bring this vibe of shared responsibility. Makes sense because they've got half of the security equation, but you're seeing a lot of people really focusing on security. What's your take of, so far, as an attendee? >> Well, as we look and, cause I like to go to these different things. One, first to thank everybody for coming because it's a huge investment of time and money to be at these different shows, but I go to every single booth to kind of take a look to see where they are cause sometimes when we look at some of the different technology, they may have this idea of what they want the company to be and they're maybe only a couple years old, but we may see it as a totally different application and like to take those ideas and innovate them and steer them in another direction that kind of best suits our needs. But a lot of times you see a lot of replay of the same things over and over again. A lot of folks just kind of miss some of the general ideas. And, um, this particular floor that we have, there's some interesting components that are out there. There's a lot of folks that are all about configuration management and auto correction of misconfigured environments and things like that. Which is good, but I think when we look at the shared responsibility model and so forth, there's some components that a lot of folks don't really understand they really have to embrace in their environment. They think, oh it's just a configuration management, it's just a particular checklist or some other things that may fix something, but we really got to talk about the roots of some of the other things because if it's not in your data center and it's out somewhere else, doesn't mean you transfer the liability. You still have the ownership, there's still some practice you got to focus on. >> Take us through the Cloud journey with Legendary. You put some exchange service out there. Continue. >> Yes, and so as we started bringing these other different SaaS models because we didn't want to have the risk of if something went down we lost everything, but as we did that and started embracing Shadow IT, because if this worked for this particular department, we realized that there wasn't necessarily a applicable way to manage all of those environments simultaneous. What we mean after the standpoint, like we mentioned before, the MFA for each of these different components of the Cloud applications. So that naturally led us into something like single sign-on that we can work with that. But as we started looking at the single sign-on and the device management, it wasn't so much that I can't trust you devices, it's how do I trust your device? And so that's when we created this idea of a user-centric security architecture. So it's not necessarily a zero trust, it's more of a, how can I build a trust around you? So, if your phone trusts you based off of iometrics, let me create a whole world around that, that trust circle and build some pieces there. >> Okay, so, let me just interrupt and make sure we understand this. So, you decided to go Cloud-First. You had some stuff in colo and then said, okay, we need to really rethink how we secure our operations, right? So, you came up with kind of a new approach. >> Correct. >> Cloud approach. >> Absolutely. And it's Cloud and so by doing that then, trying to focus in on how we can build that trust, but also better manage the applications because, say for example, if I have a collaboration tool where all my files are, I may want to have some sort of protection on data loss prevention. Well, that Cloud application may have its own piece that I can orchestrate with, but then so does this one that's over here and this one over here and so now I've got to manage multiple policies in multiple locations, so as we were going down that piece, we had to say, how do we lasso the security around all these applications? And so, in that particular piece, we went ahead and we look forward at where is the technology is, so early on, all we had were very advanced sims where if I get reporting on user activity or anomalies, then I had limited actions and activities, which is fine, but then the CASB world ended up changing. Before, they were talking about Shallow IT, now they actually do policy enforcement, so then that allowed us to then create a lasso around our Cloud applications and say, I want to have a data loss prevention policy that says if you download 5,000 files within one minute, take this action. So, before, in our sim, we would get alert and there were some things we could do and some things we couldn't, but now in the CASB I can now take that as a piece. >> So more refined >> Exactly. >> in policy. Now, did you guys write that code? Did you build it out? Did you use Cloud? >> We work with a partner on help developing all this. >> So, when you think about where the CASBs were five years ago or so, it was all about, can we find Shadow IT? Can we find where social security numbers are? Not necessarily can I manage the environment. So, if you were take a step back to back in the old days when you had disparate in network architecture equipment, right? And you wanted to manage all your switches and firewalls, you had to do console on each and every one. Over time as it progressed, we now had players out there that can give you a single console that can get in and manage the entire network infrastructure, even if it's disparate systems. This is kind of what we're seeing right now within the Cloud, where on the cusp of it, some of then are doing really good and some of them still have a lot of things to catch up to do, but we're totally stoked about how this is working in this particular space. >> So, talk about, like, um, where you are now and the landscape that you see in front of you. Obviously, you have services. I know you. We met through McAfee, you have other, some fenders. You have a lot of people knocking on your doors, telling you stuff. You want to be efficient with your team. >> Yes. >> You want to leverage the Cloud. >> Yes. >> As you look at the landscape and a future scape as well, what're you thinking about? What's on your mind? What's your priorities? How're you going to navigate that? What're some of the things that's driving you? >> (sighing) It's a cornucopia of stuff that's out there. (laughing) Depending on how you want to look at it. And you can specialize in any particular division, but the biggest things that we really want to focus on is we have to protect out data, we have to protect our devices, and we have to protect our users. And so that's kind of that mindset that we're really focused on on how we integrate. The biggest challenges that we have right now is not so much the capability of the technology, because that is continually to evolve and it's going to keep changing. The different challenges that we have when we look in some of these different spaces is the accountability and the incorporation and cooperation because a incident's going to happen. How are you going to engage in that particular incident and how are you going to take action? Just because we put something in the Cloud doesn't mean it was a set and forget kind of thing. Because if it was in my data center, then I know I have to put perimeter around it, I know I got to do back-ups, I know I got to do patch management, but if I put it in the Cloud, I don't have to worry about it. That is not the case. So, what we're finding a lot is, some of these different vendors are trying to couch that as, hey we'll take care of that for you, but in fact, reality is is you got to stay on top of it. >> Yeah. And then you got to make sure all the same security practices are in there. So, the question I have for you is: what's the security view of the Cloud versus on premise (muttering) the data's in the perimeter, okay that's kind of an older concept, but as your thinking about security in Cloud, Cloud security versus on premise, what's the difference? What's the distinction? What's the nuances? >> Well, if we go old-school versus new-school, old-school would say, I can protect every thing that's on prem. That's not necessarily the case that we see today because you have all this smart technology that's actually coming in and is eliminating your perimeter. I mean, back in the day you could say, hey, look, we're not going to allow any connections, inbound or outbound, to only outside the United States cause we're just a U.S.-based company. Well, that's a great focus, but now when you have mobile devices and smart technology, that's not what's happening. So, in my view, there's a lot of different things that you may actually be more secure in the Cloud than you are with things that are on prem based off of the architectural design and the different components that you can put in there. So, if you think about it, if I were to get a CryptoLocker in house, my recovery time objective, recovery point objective is really what was my last back-up. Where if I look at it in the Cloud perspective, it's where was my last snapshot? (stuttering) I may have some compliance competes on there that records the revision of a file up to 40 times or 120 times, so if I hit that CryptoLocker, I have a really high probability of being able to roll back in the Cloud faster than I could if I lost something that was in prem. So, idly, there's a lot more advantages in going with the Cloud than on prem, but again, we are a Cloud-First company. >> Is bad user behavior still your biggest challenge? >> Is it ever! I get just some crazy, stupid things that just happen. >> The Cloud doesn't change that, right? >> No! (laughing) No, you can't change that with technology, but a lot of it has to be with education and awareness. And so we do have a lot of very restrictive policies in our workforce today, but we talk to our users about this, so they understand. And so when we have things that are being blocked for a particular reason, the users know to call us to understand what had happened and in many cases it's, you know, they clicked on a link and it was trying to do a binary that found inside of a picture file of all things on a web browser. Or they decided that they wanted to have the latest Shareware file to move mass files and then only find out that they downloaded it from an inappropriate site that had binaries in it that were bad and you coach them to say, no this is a trusted source, this is the repository where we want you to get these files. But my favorite though is, again, being Cloud-First, there's no reason to VPN into our offices for anything because everything is out there and how we coordinate, right? But we do have VPN set up for when we travel to different countries with regards to, as a media company, you have to stream a lot of different things and, so, if we're trying to pitch different pieces that we may have on another streaming video-on-demand service, some of those services and some of those programmings may not be accessible into other countries or regions of the world. So, doing that allows us to share that. So, then, a lot of times, what we find is we have offices and users that're in different parts of the world that will download a free VPN. (laughing) Because they want to to be able to get to certain types of content. >> Sounds good. >> And then when you're looking at that VPN and that connection, you're realizing that that VPN that they got for free is actually be routed through a country that is not necessarily friendly to the way we do business. They're like, okay, so you're pushing all of our data through that, but we have to work through that, there's still coaching. But fortunately enough, by being Cloud-First, and being how things are architected, we see all that activity, where if was all in prem, we wouldn't necessarily know that that's what they were doing, but because of how the user-centric piece is set-up, we have full visibility and we can do some coaching. >> And that's the biggest issue you've got. Bigtime, yes? Visibility. >> What's a good day for a security practitioner? >> (laughing) A good day for a security practitioner. Well, you know, it's still having people grumpy at you because if they're grumpy at you, then you know you're doing you job, right? Because if everybody loves the security guy, then somebody's slipping something somewhere and it's like, hey, wait a minute, are you really supposed to be doing that? No, not necessarily. A good day is when your users come forward and say, hey, this invoice came in and we know that this isn't out invoice, we want to make sure we have it flagged. And then we can collaborate and work with other studios and say, hey, we're seeing this type of vector of attack. So, a good day is really having our users really be a champion of the security and then sharing that security in a community perspective with the other users inside and also communicating back with IT. So, that's the kind of culture we want to have within out organization. Because we're not necessarily trying to be big brother, we want to make it be able to run fast because if it's not easy to do business with us, then you're not going to do business with us. >> And you guys have a lot of suppliers here at the re:Inforce conference. Obviously, Amazon, Cloud. What other companies you working with? That're here. >> That're here today? Well, CrowdStrike is a excellent partner and a lot of things. We'll have to talk on that a little bit. McAfee, with their MVISION, which was originally sky-high, has just been phenomenal in our security architecture as we've gone through some of the other pieces. We do have Alert Logic and also Splunk. They're here as well, so some great folks. >> McAfee, that was the sky-high acquisition. >> That is correct and now it's MVISION. >> And that's the Cloud group within McAfee. What do they do that you like? >> They brought forth the Cloud access security broker, the CASB product, and one of the things that has just been fascinating and phenomenal in working with them is when we were in evaluation mode a couple of years ago and were using the product, we're like, hey, this is good, but we'd really like to use it in this capacity. Or we want to have these artifacts of this intelligence come out of the analytics and, I kid you not, two weeks later the developers would put it out there in the next update and release. And it was like for a couple of months. And we're like, they're letting us use this product for a set period of time, they're listening to what we're asking for, we haven't even bought it, but they're very forward-thinking, very aggressive and addressing the specific needs from the practitioner's view that they integrated into the product. It was no-brainer to move forward with them. And they continue to still do that with us today. >> So that's a good experience. I always like to ask practitioners, what're some things that vendors are doing that either drive your crazy or they shouldn't be doing? Talk to them and say, hey, don't do this or do this better. >> Well, when you look at your stop-doing and your start doing list and how do you work through that? What really needs to be happening is you need your vendor and your account manager to come out on-site once a quarter to visit with you, right? You're paying for a support on an annual basis, or however it is, but if I have this Cloud application and that application gets breached in some way, how do I escalate that? I know who my account manager is and I know the support line but there needs to be an understanding and an integration into my incidents response plan as when I pick up the phone, what' the number I dial? And then how do we engage quickly? Because now where we are today, if I were to have breach, a compromised system administrator account, even just for 20 minutes, you can lose a lot of data in 20 minutes. And you think about reputation, you think about privacy, you think about databases, credit cards, financials. It can be catastrophic in 20 minutes today with the high-speed rates we can move data. So, my challenge back to the vendors is once a quarter, come out and visit me, make sure that I have that one sheet about what that incident response integration is. Also, take a look at how you've implemented Am I still on track with the artchitecture? Am I using the product I bought from you effectively and efficiently? Or is there something new that I need to be more aware of? Because a lot of times what we see is somebody bought something, but they never leveraged the training, never leveraged the support. And they're only using 10% of the capability of the product and then they just get frustrated and then they spend money and go to the next product down the road, which is good for the honeymoon period, but then you run into the same process again. So, a lot of it really comes back to vendor management more so than it is about the technology and the relationship. >> My final question is: what tech are you excited about these days? Just in general in the industry. Obviously security, you've got the Cloud, you're Cloud-First, so you're on the cutting edge, you've got some good stuff going on. You've got a historical view. What's exciting you these days from a tech perspective? >> Well, over the last couple of years, there's been two different technologies that have really started to explode that I really am excited about. One was leveraging smart cameras and facial recognition and integrating physical stock with cyber security stock. So, if you think about from another perspective, Cameras, surveillance today is, you know, we rewind to see something happen, maybe I can mark something. So, if somebody jumped over a fence, I can see cause it crossed the line. Now the smart cameras over the last three or four or five years have been like, if I lost a child in a museum, I could click on child, it tells me where it is. Great. Take that great in piece and put it in with your cyber, so now if you show up on my set or you're at one of our studios, I want the camera to be able to look at your face, scrub social media and see if we can get a facial recognition to know who you are and then from that particular piece, say okay, has he been talking trash about our movies? Is he stalking one of our talent? From those different perspectives. And then, moreover, looking at the facial expression itself. Are you starstruck? Are you angry? Are you mad? So, then that way, I know instantly in a certain period of time what the risk is and so I can dispatch appropriately to have security there or just know that this person's just been wandering around because they're a fan and they want to know something. So, maybe one of those things where we can bring them a t-shirt and they'll move on onto their way and they're happy. Versus somebody that's going to show up with a weapon and we have some sort of catastrophic event. Now, the second technology that I'm really pretty excited about. Is when we can also talk a little about with the Five G technology. So, when everybody talk about FIJI, you're like, oh, hey, this is great. This is going to be faster, so why are we all stoked about things being super, super fast on cellular? That's the technical part. You got to look at the application or the faculty of things being faster. To put it into perspective, if you think about a few years ago when the first Apple TV came out, everybody was all excited that I could copy my movies on there and then watch it on my TV. Well, when internet and things got faster, that form factor went down to where it was just constantly streaming from iTunes. Same thing with the Google Chrome Cast or the Amazon Fire Stick. There's not a lot of meat to that, but it's a lot of streaming on how it works. And so when you think about the capability from that perspective, you're going to see technology change drastically. So, you're smartphone that holds a lot of data is actually probably going to be a lot smaller because it doesn't have to have all that weight to have all that stuff local because it's going to be real-time connection, but the fascinating thing about that, though, is with all that great opportunity also comes great risk. So, think about it, if we were to have a sphere and if we had a sphere and you had the diameter of that sphere was basically technology capability. As that diameter grows, the volume of the technology that leverages that grows, so all the new things that come in, he's building. But as that sphere continue to grow, what happens is the surface is your threat. Is your threat vector. As it continue to grow, that's going to continue to grow. (stuttering) There's a little but of exponential components, but there's also a lot of mathematical things on how those things relate and so with Five G, as we get these great technologies inside of our sphere, that threat scape on the outside is also going to grow. >> Moore's law in reverse, basically. >> Yeah. >> Surface area is just balloon to be huge. That just kills the perimeter argument right there. >> It does. >> Wow. And then we heard from Steve and Schmidt on the keynote. They said 90% of IOT data, thinking about cameras, is HTTP, plain text. >> Exactly. And it's like, what're you-- >> Oh, more good news! >> Yeah. (laughing) >> At least you'll always have a job. >> Well, you know, someday-- >> It's a good day in security. Encrypt everywhere, we don't have time to get into the encrypt everywhere, but quick comment on this notion of encrypting everything, what's your thoughts? Real quick. (sighing) >> All right, so. >> Good, bad, ugly? Good idea? Hard? >> Well, if we encrypt everything, then what does it really mean? What're we getting out? So, you remember when everybody was having email and you had, back in the day, you had your door mail, netscape navigator and so forth, and thought, oh, we need to have secure email. So then they created all these encryption things in the email, so then what happens? That's built into the applications, so the email's no longer really encrypted. >> Yeah. >> Right? So I think we're going to see some things like that happening as well. Encryption is great, but then it also impedes progress when it comes to forensics, so it's only good until you need it. >> Awesome. >> Dan, thanks so much here on the insights. Great to have you on The Cube, great to get your insights and commentary. >> Well, thank you guys, I really appreciate it. >> You're welcome. >> All right, let's expecting to steal is from noise, talking to practitioner CSOs here at re:Inforce. Great crowd, great attendee list. All investing in the new Cloud security paradigm, Cloud-First security's Cube's coverage. I'm John Furrier, Dave Vellante. Stay tuned for more after this short break. (upbeat music)