(upbeat funk jazz music) >> Hello, and welcome to theCUBE Studios in Palo Alto, California for another CUBE Conversation, where we go in depth with thought leaders driving innovation across tech industry. I'm your host, Peter Burris. What does every CIO want to do? They want to support the business as it evolves and transforms, using data as that catalyst for better customer experience, improved operations, and more profitable options. But to do that we have to come up with a way of improving the underlying infrastructure that makes all this possible. We can't have a situation where we introduce more complex applications in response to richer business needs and have that translated into non-scalable underlying technology. CIOs in 2020 and beyond have to increasingly push their suppliers to make things simpler. And that's true in all domains, but perhaps especially storage, where the explosion of data is driving so many of these changes. So what does it mean to say that storage can be made more simple? Well to have that conversation we're going to be speaking with Eric Herzog, CMO and VP of Global Channels at IBM Storage, about, quite frankly, an announcement that IBM's doing to specifically address that question, making storage simpler. Eric, thanks very much for coming back to theCUBE. >> Great, thank you. We love to be here. >> All right, I know you got an announcement to talk about, but give us the update. What's going on with IBM Storage? >> Well, I think the big thing is, clients have told us, storage is too complex. We have a multitude of different platforms, an entry product, a mid-range product, a high-end product, then we have to traverse to the cloud. Why can't we get a simple, easy to use, but very robust feature set? So at IBM Storage with this FlashSystem announcement, we have a family that traverses entry, mid-range, enterprise and automatically can go out to a hybrid multicloud environment, all driven across a common platform, common API, common software, our award-winning Spectrum Virtualize, and innovative technologies around, whether it be cyber-resiliency, performance, incredible performance, ease of use, easier and easier to use. For example, we can do AI-based automated tiering from one flash array to another, or from storage class memory to flash. Innovation, at the same time driving better value out of the storage but not charging a lot of extra money for these features. In fact, our FlashSystems announcement, the platforms, depending on the configuration, can be as much as 50% lower than our previous generation. Now that's delivering value, but at the same time we added enhanced features, for example, the capability of even better container support than we already had in our older platform. Or our new FlashCore Modules that can deliver performance in a cluster of up to 17.2 million IOPS, up from our previous performance of 15. Yet, as I said before, delivering that enterprise value and those enterprise data services, in this case I think you said, depending on the config, up to as much as 50% less expensive than some of our previous generation products. >> So let me unpack that a little bit. So, historically, when you look at, or even today, when you look at how storage product lines are set up, they're typically set up for one footprint for the low end, one or more footprints in the mid-range, and then one or more footprints at the high-end. And those are differentiated by the characteristics of the technologies being employed, the function and services that are being offered, and the prices and financial arrangements that are part of it. Are you talking about, essentially, a common product line that is differentiated only by the configuration needs of the volume and workloads? >> Exactly. The FlashSystem traverses entry, mid-range, enterprise, and can automatically get you out to a hybrid multicloud environment, same APIs, same software, same management infrastructure. Our Storage Insights product, which is a could-based storage manager and predictive analytics, works on the entry product, at no charge, mid-range product at no charge, the enterprise product at no charge, and we've even added, in that solution, support for non-IBM platforms, again. So, delivering more value across a standard platform with a common API, a common software. Remember, today's storage is growing exponentially. Are the enterprise customers getting exponentially more storage admins? No. In fact, many of the big enterprises, after the downturn of '08 and '09 had to cut back on storage resources. They haven't hired back to how many storage resources they had in 2007 or '8. They've gotten back to full IT, but a lot of those guys are DevOps people or other functions, so, the storage admins and the IT infrastructure admins have to manage extra petabytes, extra exabytes depending on the type of company. So one platform that can do that and traverse out to the cloud automatically, gives you that innovation and that value. In fact, two of our competitors, just as example, do the same thing, have four platforms. Two other have three. We can do it with one. Simple platform, common API, common storage management, common interface, incredible performance, cyber-resiliency, but all built in something that's a common data management infrastructure with common data software, yet continuing to innovate as we've done with this release of the FlashSystem family. >> OK, so talk about the things that, common API, common software, also, I presume, common, the core module, that FlashCore Module that you have, common across the family as well? >> Almost all the family. At the very entry space we still do use interstandard SSDs but we can get as low as a street price for all-flash config of $16,000 for an all-flash array. Two, three years ago that would've been unheard of. And, by the way, it had six lines of availability, same software interface and API as a system that could go up to millions of dollars at the way high end, right? And anything in between. So common ease of use, common management, simple to manage, simple to deploy, simple to use, but not simple in the value proposition. Reduce the TCO, reduce the ROI, reduce the operational manpower, they're overtaxed as it is. So by making this across the portfolio with the FlashSystem and go out to the hybrid multicloud but bringing in all this high technology such as our FlashCore Modules and, as I said, at a reduced price to the previous generation. What more could you ask for? >> OK, so you've got some promises that you made in 2019 that you're also actually realizing. One of my favorite ones, something I think is pretty important, is storage class memory. Talk about how some of those 2019 promises are being realized in this announcement. >> So what we did is, when we announced our first FlashSystem family in 2018 using our new NVMe FlashCore Modules, we had an older FlashSystem family for several years that used, you know, the standard SaaS interface. But our first NVMe product was announced in the summer of 2018. At that time we said, all the way back then, that in early '20 we would be start shipping storage class memory. Now, by the way, those FlashSystems NVMe products that we announced back then, actually can still use storage class memory, so, we're protecting the investment of our installed base. Again, innovation with value on the installed base. >> A very IBM thing to do. >> Yes, we want to take care of the installed base, we also want to have new modern technologies, like storage class memory, like improved performance and capacity in our FlashCore Modules where we take off the shelf Flash and create our own modules. Seven year media warranty, up to 17.2 million IOPS, 17 mites of latency, which is 30% better than our next nearest competitor. By the way, we can create a 17 million IOP config in only eight rack U. One of our competitors gets close, 15 million, but it takes them 40 rack U. Again, operational manpower, 40 rack U's harder to manage, simplicity of deployment, it's harder to deploy all that in 40 rack U, we can do it in eight. >> And pricing. >> Yes. And we've even brought out now, a preconfigured rack. So what we call the FlashSystem 9200R built into the rack with a switching infrastructure, with the storage you need, IBM services will deploy it for you, that's part of the deal, and you can create big solutions that can scale dramatically. >> Now R stands for hybrid? >> Rack. >> Rack. Well talk to me about some of the hybrid packaging that you're bringing out for hybrid cloud. >> Sure, so, from a hybrid cloud perspective, our Spectrum Virtualize software, which sits on-prem, entry, mid-range and at the upper end, can traverse to a cloud called Spectrum Virtualize for Cloud. Now, one of the keys things of Spectrum Virtualize, both on-prem and our cloud version, is it supports not only IBM arrays, but through a storage virtualisation technology, over 450 arrays from multi-vendors, and in short our competition. So we can take our arrays, and automatically go out to the cloud. We can do a lot of things. Cloud air gapping, to help with malware and ransonware protection, DR, snapshots and replicas. Not only can the new FlashSystem family do that, to Spectrum Virtualize on-prem and then out, but Spectrum Virtualize coming on our FlashSystem portfolio can actually virtualize non-IBM arrays and give them the same enterprise functionality and in this case, hybrid cloud technology, not only for us, but for our competitors products as well. One user interface. Now talk about simple. Our own products, again one family, entry, mid-range and enterprise traversing the cloud. And by the way, for those of you who are heterogeneous, we can deliver those enterprise class services, including going out to a hybrid multi-cloud configuration, for our competitors products as well. One user interface, one throat to choke, one support infrastructure with our Storage Insights platform, so it's a great way to make things easier, cut the CAPEX and OPEX, but not cut the innovation. We believe in value and innovation, but in an easy deploy methodology, so that you're not overly complex. And that is killing people, the complexity of their solutions. >> All right. So there's a couple of things about cloud, as we move forward, that are going to be especially interesting. One of them is going to be containers. Everybody's talking about, and IBM's been talking about, you've been talking about this, we've talked about this a number of times, about how containers and storage and data are going to come together. How do you see this announcement supporting those emerging and evolving need for container-based applications in the enterprise. >> So, first of all, it's often tied to hybrid multi-cloudness. Many of the hybrid cloud configurations are configured on a container based environment. We support Red Hat OpenShift. We support Kubernetes environments. We can provide on these systems at no charge, persistent storage for those configurations. We also, although it does require a backup package, Spectrum Protect, the capability of backing up that persistent storage in an OpenShift or Kubernetes environment. So really it's critical. Part of our simplicity is this FlashSystem platform with this technology, can support bare metal workloads, virtualised workloads, VMware, HyperV, KVM, OVM, and now container workloads. And we do see, for the next coming years, think about bare metal. Bare metal is as old as I am. That's pretty old. Well we got tons of customers still got bare metal applications, but everyone's also gone virtualized. So it's not, are we going to have one? It's you're going to have all three. So with the FlashSystems family, and what we have with Spectrum Virtualized software, what we have with our container support, we need with bare metal support, incredible performance, whatever you need, VMware integration, HyperV integration, everything you need for a virtualized environment, and for a container environment, we have everything too. And we do think the, especially the mid to big accounts, are going to try run all three, at least for the next couple of years. This gives you a platform that can do that, at the entry point, up to the high end, and then out to a hybrid multi-cloud environment. >> With that common software and APIs across. Now, every year that you and I have talked, you've been especially passionate about the need for turning the crank, and evolving and improving the nature of automation, which is another one of the absolute necessities, as we start thinking about cloud. How is this announcement helping to take that next step, turn the crank in automation? >> So a couple of things. One is our support now for Ansible, so offering that Ansible support, integrates into the container management frameworks. Second thing is, we have a ton of AI-type specific based technology built into the FlashSystem platform. First is our cloud based storage and management predictive analytics package, Storage Insights. The base version comes for free across our whole portfolio, whether it be entry, mid-range or high-end, across the whole FlashSystems family. It gives you predictive analytics. If you really do have a support problem, it eases the support issues. For example, instead of me saying, "Peter send me those log files." Guess what? We can see the log files. And we can do it right there while you're on the phone. You've got a problem? Let's make it easier for you to get it solved. So Storage Insights across AI based, predictive analytics, performance, configuration issues, all predicatively done, so AI based. Secondly, we've integrated AI in to our Spectrum Virtualize product. So as exemplar, easier to your technology, can allow you to tier data from storage class memory to Flash, as an example, and guess what it does? It automatically knows based on usage patterns, where the data should go. Should it be on the storage class memory? Should it be on Flash core modules? And in fact, we can create a configuration, we have Flash core modules and introduce standard SSDs, which are both Flash, but our Flash core modules are substantially faster, much better latency, like I said, 30% better than the next nearest competition, up to 17.2 million IOPS. The next closest is 15. And in fact, it's interesting, one of our competitors has used storage class memory as a read cache. It dramatically helps them. But they go from 250 publicly stated mites of latency, to 125. With this product, the FlashSystem, anything that uses our Flash core modules, our FlashSystems semi 200, our FlashSystem 9200 product, and the 9200-R product. We can do 70 mites of latency, so almost twice as fast, without using storage class memory. So think what that storage class memory will offer. So we can create hybrid configurations, with StorageClass and Flash, you could have our Flash core modules, and introduce standard SSDs if you want, but it's all AI based. So we have AI based in our Storage Insights, predictive analytics, management and support infrastructure. And we have predictive analytics in things like our Easy Tier. So not only do we think storage is a critical foundation for the AI application workload and use case, which it is, but you need to imbue your storage, which we've done across FlashSystems, including what we've done with our cloud edition, because Spectrum Virtualize has a cloud edition, and an on-prem edition, seamless transparency, but AI in across that entire platform, using Spectrum Virtualize. >> All right, so let me summarize. We've got an absolute requirement from enterprise, to make storage simpler, which requires simple product families with more commonality, where that commonality delivers great value, and at the same time the option to innovate, where that innovation's going to create value. We have a lot simpler set of interfaces and technologies, as you said they're common, but they are more focused on the hybrid cloud, the multi-cloud world, that we're working in right now, that brings more automation and more high-quality storage services to bear wherever you are in the enterprise. So I've got to ask you one more question. I'm a storage administrator, or a person who is administering data, inside the infrastructure. I used to think of doing things this way, what is the one or two things that I'm going to do differently as a consequence of this kind of an announcement? >> So I think the first one, it's going to reduce your operational expenses and your operational man power, because you have a common API, a common software platform, a common foundation for data management and data movement, it's not going to be as complex for you to pull your storage configurations. Second thing, you don't have to make as many choices between high-end workloads, mid-range workloads, and entry workloads. Six lines across the board. Enterprise class data services across the board. So when you think simple, don't think simple as simplistic, low-end. This is a simple to use, simple deploy, simple to manage product, with extensive innovation and a price that's- >> So simple to secure? >> And simple to secure. Data rest encryption across the portfolio. And in fact those that use our FlashCore Modules, no performance hit on encryption, and no performance hit on data compression. So it can help you shrink the actual amount you need to buy from us, which sounds sort of crazy, that a storage company would do that, but with our data reduction technologies, compression being one of them, there's no performance hits, you can compress compressable workloads, and now, anything with a FlashCore Module, which by the way, happens to be FIPS 140-2 certified, there's no excuse not to encrypt, because encryption, as you know, has had a performance hit in the past. Now, our 7200, our 5100 FlashSystem, and our FlashSystem 9200 and 9200R, there's no performance on encrypting, so it gives you that extra resiliency, that you need in a storage world, and you don't get a non-compression, which helps you shrink how much you end up buying from IBM. So that's the type of innovation we deliver, in a simple to use, easy to deploy, easy to manage but incredible innovative value, brought into a very innovative solution, across the board, not just let's innovate at the high end or you know what I mean? Trying to make that innovation spread, which, by the way, makes it easier for the storage guy. >> Well, look, in a world, even inside a single enterprise, you're going to have branch offices, you're going to have local this, the edge, you can't let the bad guys in on a lesser platform that then can hit data on a higher end platform. So the days of presuming that there's this great differentiation in the tier are slowly coming to an end as everything becomes increasingly integrated. >> Well as you've pointed out many times, data is the asset. Not the most valuable one. It is the asset of today's digital enterprise and it doesn't matter whether you're a global Fortune 500, or you're a (mumble). Everybody is a digital enterprise these days, big, medium or small. So cyber resiliency is important, cutting costs is important, being able to modernize and optimize your infrastructure, simply and easily. The small guys don't have a storage guy, and a network guy and a server guy, they have the IT guy. And even the big guys, who used to have hundreds of storage admins in some cases, don't have hundreds any more. They've got a lot of IT people, but they cut back so these storage admins and infrastructure admins in these global enterprise, they're managing 10, 20 times the amount of storage they managed even two or three years ago. So, simple, across the board, and of course hyper multicloud is critical to these configurations. >> Eric, it's a great annoucement, congratulations to IBM to actually delivering on what your promises are. Once again, great to have you on theCUBE. >> Great, thank you very much Peter. >> And thanks to you, again, for participating in this CUBE conversation, I'm Peter Burris, see you next time. (upbeat, jazz music)

from our studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hello and welcome to the cube studios in Palo Alto California for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris Michael Siegel is the product manager or area vice-president strategic alliances and net scout systems Michael we are sitting here in the cube studios in Palo Alto in November of 2019 reinvent 2009 teens right around the corner net scout and AWS are looking to do some interesting things once you give us an update of what's happening yeah just a very brief introduction of what net Scout actually does so net scout assures service performance and security for the largest enterprises and service provider in the world we do it through something we refer to as visibility without borders by providing actionable intelligence necessary to very quickly identify the root cause of either performance on security issues so with that net Scout partnering very closely with AWS we are an advanced technology partner which is the highest tier for ice fees of partnership this enables us to partner with AWS on a wide range of activities including technology alignment with roadmap and participating in different launch activities of new functionality from AWS it enables us to have go-to-market activities together focusing on key campaigns that are relevant for both AWS and net Scout and it enables us also to collaborate on sales initiatives so with this wide range of activities what we can offer is a win-win-win situation for our customers for AWS and for net scout so from customers perspective beyond the fact that net Scout offering is available in AWS marketplace now this visibility without borders that I mentioned helps our customers to navigate through their digital transformation journey and migrate to AWS more effectively from AWS perspective the wienies their resources are now consumed by the largest enterprises in the world so it accelerates the consumption of compute storage networking database resources in AWS and fournette scout this is strategically important because now net Scout becoming a strategic partner to our large enterprise customers as they navigate their digital transformation journey so that's why it's really important for us to collaborate very very efficiently with AWS it's important to our customers and it's important to AWS Michael Siegel net Scout systems thanks very much for being on the tube thank you for having me and once again we'd like to thank you for joining us for another cube conversation until next time

(upbeat music) >> Narrator: From our studios, in the heart of Silicon Valley, Palo Alto, California. This is a CUBE Conversation. >> Hello and welcome to theCUBE studios, in Palo Alto California, for another CUBE Conversation, where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. Anybody that's read any Wikibon research or been a part of any conversation with anybody here at SiliconANGLE, knows we're big believers in the notion of digital business, and digital business transformation. Simply put, the difference between a business and a digital business is the role that data plays in a digital business. Digital businesses use data to change their value propositions, better manage and get greater visibility and utilization out of their assets, and ultimately drive new types of customer experience. That places an enormous burden on the technologies, the digital technologies that have historically been associated with IT, but now are becoming more deeply embedded within the business. And that digital business transformation is catalyzing a whole derivative set of other transformations. Including for example, technology, data centers, security, et cetera. It's a big topic, and to start to parse it and make some sense of it, we're joined by two great guests today- Michael Segal is the area vice-president of strategic alliances at NETSCOUT Systems, and Eric Smith is the senior product line manager of NETSCOUT Systems. Gentlemen, welcome to theCUBE. >> Pleasure to be here, Peter. >> Okay, so, Michael let's get going on. Give us a quick update on NETSCOUT Systems. >> Yeah, so maybe just a quick introduction of what NETSCOUT actually does. So, NETSCOUT assures service performance and security for the largest enterprises and service providers in the world. And the way we accomplish it is through what we refer to as offering visibility without borders. Now, this visibility without borders provides actionable intelligence that enables, very quickly and efficiently to enterprises and service providers, ensure their service performance and security, understand, discover problems, root cause, and solution. So it overall reduces their mean time to repair, and it's being used to assure that digital transformation and other transformation initiatives are executed effectively by the IT organization. >> All right, so let's jump in to this notion of transformation. Now, I know that you and I have spent, on a couple different occasions, talked about the idea of digital business transformation. What does digital business transformation mean to NETSCOUT, and some of the other derivative transformations that are associated with it? >> Right, so as you described very very concisely in your introduction, the business transformation is about enabling the business through digital services and data to differentiate itself from competition very very effectively. Now, one of the aspects of this digital transformation is that now more than ever before, the CIOs are taking a very active role in this transformation because obviously, information technology is responsible for digital services and processing and analyzing data. So with that in mind, the CIOs now need to support the business aspects of agility, right? So if your business agility involves introducing new services very quickly and efficiently, the IT organization needs to support that, and at the same time, they also need to assure that the employee productivity and end user experience is maintained at the highest levels possible. So this is exactly where NETSCOUT comes in, and we support the IT organization by providing this visibility without borders, to assure that employee productivity and end user experience is maintained and any issues are resolved very quickly and efficiently. >> Especially customer experience, and that's increasingly the most important, end users that any digital business has to deal with. At this point in time Eric, I want to bring you in to the conversation. When we talk about this notion of greater visibility, greater security, over digital assets, and the role that the CIO is playing, that also suggests that there is a new class of roles for architects, for people who have historically been associated more with running the networks, running the systems, how is their role changing, and how is that part of the whole concept of data centered transformation? >> Right, so, the guys that have typically been in what you might consider network operations types of roles, their roles are evolving as well, as the entire organization does. So as Michael mentioned beforehand, no longer is the digital business wholly and solely confined to an IT department that is working just with their employees. They're now part of the business. They're not just the cost center anymore, they're actually an asset to the business. And they are supporting lines of business. So the folks that have traditionally had these roles have just maintained the network, maintained the applications, are having to become experts in other aspects. So as certain applications disaggregate, or potentially move out partially into the cloud, they kind of become cloud architects as well, whether it's a public cloud or a private cloud, they have to understand those relationships and they have to understand what happens when you spread your network out beyond your traditional data center core. >> So let's build on that, because that suggests that the ultimate solution for how we move forward has to accommodate greater visibility, end-to-end, across resources, not only that we have traditionally controlled, and therefore could decide how much visibility we had, if the tooling was right, but also resources that are outside of our direct purview. How does that work as we think about building this end to end visibility to improve the overall productivity and capability, as you said, the productivity and end user experience, of the systems we're deploying? >> Yeah, so maybe we can start with the end in mind, and what I mean by that is what you just described as end user productivity and user experience, so how do we measure it, right? So in order to measure it, what we need to look is the visibility at the service level. And what I mean by visibility at the service level is actually looking, not just at once specific component that is associated with the servers such as application, it's one component, however application is running on a network, you have service enablers, for example to authenticate, to do accounting, to do DNS resolution, so you need to look at all of these components of a service and be able to effectively provide visibility across all of them. Now, the other aspect of this visibility, as you mentioned, end-to-end, which is an excellent observation as well, because you're looking at the data center, which is still very strategic assets, your crown jewels are still going to be in the data center, some of the data will remain there, but now you are expanding to the edge, maybe colos, maybe microdata centers in the colos, then you move workloads, migrate them to public clouds, it can be IaaS, you have more SaaS providers that provide you with different services. So this aspect of end-to-end really evolves into geographically dispersed, very complex and highly scalable architecture. >> Yeah, we like to say that the cloud is not an architecture, not a strategy, for centralizing resources. Rather, it's a strategy for greater distributing resources, allowing data to be where it needs to be to perform the function, or where it gets captured, allowing the service to be able to go to the data, to be able to perform the work that needs to be conducted from a digital business standpoint. That suggests that even though a customer, let's call it the end user, and the end user experience, may get a richer set of capabilities, but the way by which that work is being performed gets increasingly complex, and partly, it sounds like, that it's complexity that has to be administered and monitored so that you don't increase the time required to understand the nature of a problem, understand the nature of the fix. Have I got that right? >> You got it absolutely right, and I would add to this that the complexity that you described is being further magnified by the fact that you lose control to some extent, as you mentioned before, right? >> Or because, let's put it this way, it becomes a contracting challenge as opposed to a command and control challenge. Now the CIO can't tell Mike, "Go fix it", the CIO has to get on the phone with a public cloud provider and say, our service level says, and that's a different type of interaction. >> Right, and usually the service provider would say, the problem is not on my side, it's on your side, so the traditional finger pointing in war rooms now, is being expanded across multiple service providers, and you need to be able to very effectively and quickly identify this is the root cause, this is why it's your fault, service provider, it's not our fault, please go and fix it. >> So let's dig into that if we can, Eric, this notion of having greater visibility so that you are in a better position to actually identify the characteristics of the problem, and where the responsibilities lie. How is that working? >> So, in the past, or when the digital transformation started it's initial rise, it wasn't. And what was happening is, as you both have alluded to a moment ago, I can no longer call Mike and Suzie downstairs, and say you know, voicemail is not working, things are just, not working. Well, you can go sic them on it and they go fix it. What's happening now is that data is leaving your data center, it may be going through something like a colo, which is aggregating the data, and then sending it on to your partner, that is providing these services. So what you have to have is a way to regain that visibility into those last mile segments, if you will, so that as you work with your partners, whether it's the colo or the in-software provider, that you can say look, I can see things from here, I can see things to there, and here's where it goes south, and this is the problem, help me fix it. And so, as you said a moment ago, you cannot let your mean time to resolution expand simply because you're engaging in these digital transformation activities. You need to remain at least as good as you did before, and hopefully better. >> Well, you have to be better, because your business is becoming more dependent on your digital business capabilities, increasingly it's becoming your business. So let me again dig a little more deeper technically into that. A lot of companies are attempting to essentially provide a summary view of that data, that's moving around a network, moving across these different centers and locations, edge, colo, et cetera, what is the right way to do it? What constitutes real truth when we talk about how these systems are going to work? >> So NETSCOUT believes, and I think most people wouldn't argue with us, that when you can actually see the packet data that goes across the network, you know what elements are talking to which ones, and you can see that, and you can build metrics, and you can build views upon that, that is very high fidelity data, and you absolutely know what's going on. We like to call it the single source of truth. So as things come from the deep part of the data center, whether it's a virtualized server farm, all the way through this core of the network, and your service enablers like Michael mentioned, all the through the colos, and out into an IAS or SaaS type of environment, if you're seeing what's actually being on the wire, and who's talking to whom, you know what's going on, and you can quickly triage and identify what the problem is so that you can solve it. >> Now is that something that increasingly architects or administrators are exploiting as they use these new classes of tools to gain that visibility into how the different services are working together? And also, is that becoming a feature of how SLAs and contracts are being written, so that we can short circuit the finger pointing with our service providers? >> Yeah, so there's kind of like you said, two parts that, the first is I think, a lot of the traditional IT operations folks, as you mentioned earlier, are learning new roles, so to some degree, it is new for them, and I don't know that everybody has started to make use of those tools yet, but that's part of what our story is to them, is that we can provide those tools for you, so that you can continue to isolate and solve these problems. And I'm sorry, what was the second part of your question? >> Well, the second part is, how does that translate into contracting? Does that knowledge about where things actually work inform a contracting process to reduce the amount of finger pointing, which by the way, is a major transaction cost and a major barrier to getting things done quickly. >> Absolutely, and so you since you have this high fidelity data at every step of the way, and you can see what's happening, you can prove to your partners where the problem lies. If I find it on my side of it, okay, no harm no foul, I'll go fix it and move on with my life. But with that data, with that high fidelity data, and being able to see all the transactions and all the applications, and all the communications that happens end-to-end, through the network between me and my partner, I can show them that they are outside of their SLA. And to your point, it should shorten the time between the finger pointing, because I have good data that says, this is the problem. You can't dispute that. And so, they're much more inclined to work with you in a hopefully, very good way, to fix the problem. >> So that brings us back to the CIO. And I want to close with you on this, Michael. That's got to make a CIO happier, who is today facing a lot of business change, and is trying to provide a lot, you said agility, I'll use the word an increasing array of business and strategy options based on digital technology. Ensuring that they have greater certainty in the nature of the services, the provider of the services, and in the service levels of the services, has got to be an essential feature of their decision making toolkit as they provide business with different ranges of options, right? >> Absolutely correct. In fact, the high fidelity data is so critical in order to accomplish this, right, so in order for the CIO to be able to demonstrate to the CEO and other key executives that his objectives are met, the KPIs for that are along the lines of your efficiency, your service delivery capabilities, and being able to monitor everything in real time. So, the high fidelity data, I just want to elaborate a little bit more on what it means, because that's the difference between having these key performance indicators that are relevant for the CIO, and relevant also for other key stakeholders, and having something that is best guess, and maybe it's going to help. So high fidelity data, the way that NETSCOUT defines it, has several components. First of all, because it's based on traffic, or packet data, or wire data, it means that we continuously monitor the data, continuously analyze it, and it's the single source of truth because there's consistency in terms of what data is being exchanged. So the more visibility you get into the data that's being exchanged between different workloads, the more intelligence you can glean from it. The other aspect is that it's really, we mentioned, the service level, and if you think of packet data, it's all layers two through seven, so you have the data link layer, you have the network, you have the transport, you have the session, you have application, you can holistically identify any application, and provide you with error codes and in context, say you know the log and latency and error codes give you the overall picture. So this all together constitutes very high fidelity data. And at the end of the day, if the CIO wants to accelerate the digital transformation with confidence, this is the kind of high fidelity data that you need in order to assure that your key performance indicators, as CIO, are being maintained. >> This is the as is truth. >> Exactly. >> All right, Michael Segal, Eric Smith, I want to thank you both for being on theCUBE. >> Thank you for having me. >> Thank you very much Peter, for having us. >> And thanks for joining us for another CUBE Conversation. I'm Peter Burris, see you next time. (upbeat music)

[Music] hi I'm Peter Burris and welcome to another Cube conversation where we go in depth of thought leaders from around the industry to bring you the best ideas and insights about how to improve your business with technology one of the many things that CIOs and business leaders have to think about is how are they going to execute digital transformations what will be the priorities we all know the relationship between digital transformation and the use of data differently but different technologies assert themselves a different way and very important different relationships especially with cloud vendors assert themselves in different ways and that's one of the many challenges that CIOs have to deal with today serve the business better attend to those relationships and drive the company forward to achieve its ultimate outcomes and objectives so to have that conversation today we've got a great guest Thor Wallace is the senior vice president and CIO at Netscape door welcome to the cube thank you so tell us a little bit about what the CIO at netskope does sure so let me start by telling you a little bit about net sky so net Scout is a network monitoring and a service assurance company as the CIO I'm obviously responsible for providing the tools and the environment for running the company I'm also heavily involved in for example understanding and the applications and the business direction that we're taking we're also working on improving our customer relationships and experiences for example we have a customer portal that were sort of re-evaluating and sort of improving and we're also obviously trying to drive user productivity worldwide we have very briefly about 33 locations worldwide we're corner here and outside of Boston and have large offices both in Texas and California so you're a traditional supplier of technology services it's trying to make a transition to this new world and as part of that and that's got itself is going through digital transformation so that it can better support its customers digital transformations I got that right exactly so let me tell you a little bit about sort of what we're trying to achieve what some of the Y's are and sort of show where we are at this moment yeah so we're you know we as a company are being challenged by the same sort of environment that everyone else else is being a challenge with which is to be able to move as quickly as we can and provide as much of an impact of our customers as possible so so how I've read that sort of mandate in that remit is to really focus on improving our customer experience as I said you know working with a new sort of new platform and we re platforming and refactoring our application our customer service application but also really focusing on how best to improve user productivity so those are the areas that we've been focusing on direct driving IT productivity is important to me so that's a fairly substantial argument for moving operations to the cloud and we're also part of that is transforming sort of a hardware based environment to a much more of a virtualized and software based environment so that includes cloud that includes virtualization which we've obviously have taken a lot of ground on and for example what we've already done is virtualized all of our operations in the data center over the years we've also moved a lot of workloads to cloud were you know cloud agnostic but you know we have a fairly large environment it was salesforce.com we use office 365 which are obviously major applications on the cloud so we have a workload that's quite mixed for today we can we maintain on Prem data centers we have enough large engineering footprint as well so we will kind of live in all of the worlds so we live obviously on Purim we have cloud and one of the things that I think we've learned over the years is that in order to continue the journey of cloud we need to really worry about a couple things one is we want to make sure that we are we keep our operations in in an excellent place so and I can talk more about that in a few minutes and as I said we we want to continue to maintain our ability to execute and really what I call velocity to be able to add value and so cloud actually presents some of those opportunities for us but it also obviously makes things quite complicated in that we have multiple environments we have to make sure that people still get the services and the applications they need to do their job and provide those you know in a in a very productive way in a cost-effective way so that we can maintain that as an IT organization so you've got salesforce.com you've got office 365 you've got some other objectives movies some other applications up into the cloud each of those applications though has been historically associated with a general purpose network that you get to control so that you can give different quality of service to different classes workload or applications how is that changing and what pressures is that putting on your network as you move to more cloud based operations well I think that's a huge challenge for us and I think frankly for for most people I think you have to rethink how your network is designed fundamentally from the ground up and if you think about networks in the past you know in mainly an on-prem world you basically had a backhaul a lot of traffic in our in our case 33 locations worldwide a lot of back hauling of of services and and transactions back to wherever that application exists so for example historically we've had office excuse me in the Microsoft mail system or exchange on Prem we have you know other services that are on print for example Oracle and our ERP system etc and the challenge was to move all that traffic back to basically our core data center and as you move to the cloud you have an opportunity to actually real to rethink that so we've been in the process of doing over the last say year has been to redesign our network from the ground up and moving away from sort of the central monolithic network to more of a cloud slash edge base network so with that we've also moved from hardware basically a fairly heavy investment at hardware in each of the offices for example and we're now or we've actually in the process very far along in the process of converting all that hardware into a software-defined network that allows us to do some things that we have never been able to do operationally for example we can make deployments sort of from one central location worldwide both for security and patching etc and so what we've also done is we've moved as I said we have a lot of our workloads already in the cloud and we continue to put more on the cloud one of the things that's become important is we've got to maintain and create actually a low latency environment so for example ultimately putting our you know unified communication systems and technologies and the cloud to me where is me without having a low latency environment and a low latency network so that we can actually provide dial tone well worldwide and without worrying about performance so what we've what we've already done is we've transitioned from the centralized network into an edge based Network we've actually happened now a partner that we now are putting in services into a local presence idea have worldwide into firm into three locations for equinox and with that comes the software based network and allows us to move traffic directly to the edge and therefore once we're at the edge we can go very quickly a sort of backbone speeds into whatever cloud service we need whether it's as your AWS or Salesforce or any other provider office 365 we can get that sort of speed and low latency that is created a new environment for us at which is now virtual software base gives us a tremendous amount of flexibility moving what I consider fairly heavy and significant workloads that remain on Prem it gives us the option of moving that to the cloud so and with that one of the key things that comes with that is holding making sure that we can hold our accountable are our vendors very accountable for performance so for example if we experience an issue with office 365 performance whether it's in Pune or Westford or wherever it is we want to be able to make sure that we have the information and the data that says to Microsoft in this case hey you know we're actually the performance isn't great from wherever wherever those users are wherever that office is so we want to provide them information and to basically prove that our network or our insert internal capabilities and network are performing very well but may be that there's an issue with something and performance that on their size so without this sort of fact-based information it's really hard to have those discussions with vendors so one of the things I think is important for everyone to consider when you move more to a cloud is you've got to have the ability to troubleshoot and and make sure that you can actually maintain a very complicated environment so one of the things we have done is we and we continue to do is use our own products actually to give greater visibility that we've ever had before in this new sort of multi this multi sort of cloud multi Prem environment so so which is a very powerful thing for us and a team that is using this technology is sort of seeing visibility things that they've never really been able to see before so that's been quite exciting but I think that's sort of frankly table stakes moving forward into you know deeper more cloud or sort of sort of workload independent model that we're seeking well so one of the government building this because I have conversations like this all the time and I don't think people realize the degree to which some of these changes are really going to change the way that they actually get worked on when there's a problem you have control of the network and the application and the endpoints if there is an issue you can turn to someone who works for you and say here's the deal fix this so I'll find somebody else that can fix it so you have an employment-based almost model of coercion you can get people to do what you want to do but when you move into the cloud you find yourself having to use a contracting approach to actually get crucial things done and problems crop up either way it doesn't matter if you own it all or somebody else owns at all you're going to encounter problems and so you have to accelerate and diminish the amount of back-and-forth haggling that goes on and as you said the best way to do that is to have fact-based evidence-based visibility into what's actually happening so that you can pinpoint and avoid the back-and-forth about whose issue it really is exactly I mean there's so much you know is at the end of the day IT is still responsible for user productivity so whether somebody's having you know an application issue in terms of availability or frankly if it's not performing up to what it should be you're still accountable as an organization and regardless of where the workloads are it could be as you point out you know back in the day you could always go to your data center and do a lot of investigation and really do a lot of troubleshooting within the four walls today you just don't have that visit you don't have that luxury call it and so it's a whole new world and you know we all are relying increasingly on vendors which reads a contracting star which is you know presents an issue and you know sort of having these conversations with a vendor or contractor regardless of your relationship with them you're still again you're on the hook or for doing this so you've got to have some facts you've got to have some story you have to show in terms of hey you know we're good on this side you know the issue really is on you and we've actually had situations whether it was performance issues or service interruptions or bugs from different vendors where they've impacted our you know the net Scout organization and without you know deep understanding of what's going on you really don't have anywhere to go you you really have to have this sort of greater visibility and this is one of the things that you know is a is a is a lesson learned from at least from the journey that we're taking and so I think that's part of the story of the cloud and sort of migration and virtualization story is you really have to have this newfound visibility so I think that's been you know really important for us so I'm gonna I'm gonna see if I can't generalize that a little bit because I think it's great point as you go into a network redesign to support go to operations excellent operations in a cloud you have to also go into a sourcing and information redesign so that you can be assured that you're getting the information you need to sustain the degree of control or approximate the control that you had before otherwise you've got great technology but no way to deal with problems when they arise right exactly and you know as I said we've seen this movie and Minoo without having what we have I think we would have struggle as an organization actually to resolve the issue and that's not good for the company because you know IT part of the minute the mandate and their the remit for us is to make sure that people are as productive as it can be and so not having the ability to provide that environment is actually a huge problem for I think a lot of people and one of the ways we are working with it is to you know have that sort of visibility it also means upgrading the team skills which we've done a lot of work on so you take folks that were in IT that you know may have had a certain set of skills sort of in the on-prem environment call it those skills are quite different in in that in the sort of cloud or the mix exposure environment so I think upskilling you know having more information better information is really as part of the story that we're learning and that part of it at the end of the day it's not about upgrading the network it's about upgrading the network capability exactly yeah and you can't do that if especially the new world if you don't upgrade your ability to get information about how the whole thing is working together exactly all right Thor Wallis senior vice president and CIO at net Scout thanks very much for being on the queue thank you and once again I want to thank you participating in today's conversation until next time

(funk music) (funk music) (funk music) (funk music) >> Hello and welcome to theCUBE studios in Palo Alto, California for another CUBE conversation where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. Every enterprise is responding to the opportunities of cloud with significant changes in people, process, how they think about technology, how they're going to align technology overall with their business and with their business strategies. Now those changes are affecting virtually every aspect of business but especially every aspect of technology. Especially security. So what does it mean to envision a world in which significant new classes of services are being provided through cloud mechanisms and modes, but you retain and in fact, even enhance the quality of security that your enterprise can utilize. To have that conversation, we're joined today by a great guest, Amit Sinha is president and CTO at Zscaler. Amit, welcome back to theCUBE. >> Thank you Peter, it's a pleasure to be here. >> So before we get into it, what's new at Zscaler? >> Well, at Zscaler our mission is to make the internet and cloud a secure place for businesses and as I engage with our global 2000 customers and prospects, they are going through some of the digital transformation challenges that you just alluded to. Specifically for security, what is happening is that they had a lot of applications that were sitting in a data center or in their headquarters and that center of gravity is now moving to the cloud. They probably adopt their Office 365, and Box, and Salesforce, and these applications have moved out. Now in addition, the users are everywhere. They're accessing those services, not just from offices but also from their mobile devices and home. So if your users have left the building, and your applications are no longer sitting in your data center, that begs that question: Where should the security stack be? You know, it cannot be your legacy security appliances that sat in your DMZ and your IT closets. So that's the challenge that we see out there, and Zscaler is helping these large global organizations transform their security and network for a more mobile and a cloud-first world. >> Distributed world? So let me make sure I got this right. So basically, cause I think I totally agree with you >> Right. >> Just to test it, that many regarded the cloud as a centralization strategy. >> Correct. >> What we really see happening, is we're seeing enterprises more distribute their data, more distribute their processing, but they have not updated how they think about security so the presumption is, "yeah we're going to put more processing data out closer to the action but we're going to backhaul a whole bunch back to our security model," and what I hear you saying is no, you need to push those security services out to where the data is, out to where the process, out to where the user is. Have I got that right? >> You have nailed it, right. Think of it this way, if I'm a large global 2000 organization, I might have thousands of branches. All of those branches, traditionally, have used a hub-and-spoke network model. I might have a branch here in Palo Alto but my headquarters is in New York. So now I have an MPLS circuit connecting this branch to New York. If my Exchange server and applications and SAP systems are all there, then that hub-and-spoke model made sense. I am in this office >> Right. >> I connect to those applications and all my security stack is also there. But fast forward to today, all of those applications are moving and they're not just in one cloud. You know, you might have adopted Salesforce.com for CRM, you might have adopted Workday, you might have adopted Office 365. So these are SaaS services. Now if I'm sitting here in Palo Alto, and if I have to access my email, it makes absolutely no sense for me to VPN back to New York only to exit to the internet right there. What users want is a fast, nimble user experience without security coming in the way. What organizations want is no compromise in their security stack. So what you really need is a security stack that follows the user wherever they are. >> And the data. >> And the data, so my data...you know Microsoft has a front-door service here in Redwood City and if if you are a user here and trying to access that, I should be able to go straight with my entire security stack right next to it. That's what Gartner is calling SASE these days. >> Well, let's get into that in a second. It almost sounds as though what you're suggesting is that the enterprise needs to look at security as a SaaS service itself. >> 100 percent. If your users are everywhere and if your applications are in the cloud, your security better be delivered as a consistent "as-a-service," right next to where the users are and hopefully co-located in the same data center as where the applications are present so the only way to have a pervasive security model is to have it delivered in the cloud, which is what Zscaler has been doing from day one. >> Now, a little spoiler alert for everybody, Zscaler's been talking about this for 10-plus years. >> Right. >> So where are we today in the market place starting to recognize and acknowledge this transformation in the basic security architecture and platform that we're going through? >> I'm very excited to see that the market is really adopting what Zscaler has been talking about for over a decade. In fact, recently, Gartner released a paper titled "SASE," it stands for Secure Access Service Edge and there are, I believe, four principal tenets of SASE. The first one, of course, is that compute and security services have to be right at the edge. And we talked about that. It makes sense. >> For where the service is being delivered. >> You can't backhaul traffic to your data center or you can't backhaul traffic to Google's central data center somewhere. You need to have compute capabilities with things like SSL Interception and all the security services running right at the edge, connecting users to applications in the shortest path, right? So that's sort of principle number one of SASE. The second principle that Gartner talks about, which again you know, has been fundamental to Zscaler's DNA, is to keep your devices and your branch offices light. Don't shove too much complexity from a security perspective on the user devices and your branches. Keep it simple. >> Or the people running those user devices >> Absolutely >> in the branches >> Yeah, so you know, keep your branch offices like a light router, that forwards traffic to the cloud, where the heavy-lifting is done. >> Right. >> The third principle they talk about is to deliver modern security, you need to have a proxy-based architecture and essentially what a proxy architecture allows you to do is to look at content, right? Gone are the days where you could just say, stop a website called "evil.com" and allow a website "good.com," right? It's not like that anymore. You have to look at content, you know. You might get malware from a Google Drive link. You can't block Google now, right? So looking at SSL-encrypted content is needed and firewalls just can't do it. You have to have a proxy architecture that can decrypt SSL connections, look at content, provide malware services, provide policy-based access control services, et cetera and that's kind of the third principle. And finally what Gartner talks about is SASE has to be cloud-native, it has to be, sort of, born and bred in the cloud, a true multitenant, cloud-first architecture. You can't take, sort of, legacy security appliances and shove it in third-party infrastructure like AWS and GCP and deliver a cloud service and the example I use often is, just because you had a great blu-ray player or a DVD player in your home theater, you can't take 100,000 of these and shove it into AWS and become a Netflix. You really need to build that service from the ground up. You know, in a multitenant fashion and that's what we have done for security as a service through the cloud. >> So we are now, the market seems to be kind of converging on some of the principles that Zscaler's been talking about for quite some time. >> Right. >> When we think about 2020, how do you anticipate enterprises are going to respond as a consequence of this convergence in acknowledging that the value proposition and the need are starting to come together? >> Absolutely, I think we see the momentum picking up in the market, we have lots of conversations with CIO's who are going through this digital transformation journey, you know transformation is hard. There's immune response in big organizations >> Sure. >> To change. Not much has changed from a security and network architecture perspective in the last two decades. But we're seeing more and more of that. In fact, over 400 of global 2000 organizations are 100 percent deployed on Zscaler. And so that momentum is picking up and we see a lot of traction with other prospects who are beginning to see the light, as we say it. >> Well as you start to imagine the relationship between security and data, between security and data, one of the things that I find interesting is many respects to cloud, especially as it becomes more distributed, is becoming better acknowledged almost as a network of services. >> Right. >> As opposed to AWS as a data center here and that makes it a cloud data center. >> Right. >> It really is this network of services, which can happen from a lot of different places, big cloud service providers, your own enterprise, partners providing services to you. How does the relationship between Zscaler and kind of an openness >> Hm-mm. >> Going to come together? Hm-mm. >> So that you can provide services from a foreign enterprise to the enterprise's partners, customers, and others that the enterprise needs to work with. >> That's a great question, Peter and I think one of the most important things I tell our customers and prospects is that if you look at a cloud-delivered security architecture, it better embrace some of the SASE principles. One of the first things we did when we built the Zscaler platform was to distribute it across 150 data centers. And why did we do that? We did that because when a user is going to destinations, they need to be able to access any destination. The destination could be on Azure, could be on AWS, could be Salesforce, so by definition, it has to be carrier-neutral, it has to be cloud-neutral. I can't build a service that is designed for all internet traffic in a GCP or AWS, right. So how did we do that? We went and looked at one of the world's best co-location facilities that provide maximum connectivity options in any given region. So in North America, we might be in an Equinix facility and we might use tier one ISPs like GTT and Zayo that provide excellent connectivity to our customers and the destinations they want to visit. When you go to China, there's no GCP there, right so we work with China Unicom and China Telecom. When we are in India, we might work with an Airtel or a Sify, when we are in Australia, we might be working with Telstra. So we work with, you know, world class tier one ISPs in best data centers that provide maximum connectivity options. We invested heavily in internet exchange connectivity. Why? Because once you come to Zscaler, you've solved the physics problem by building the data center close to you, the next thing is, you want quickly go to your application. You don't want security to be in the way >> Right. >> Of application access. So with internet exchange connectivity, we are peered in a settlement-free way or BGP with Microsoft, with Akamai, with Apple, with Yahoo, right. So we can quickly get you to the content while delivering the full security stack, right? So we had to really take no shortcuts, back to your point of the world is very diverse and you cannot operate in a walled garden of one provider anymore and if you really build a cloud platform that is embracing some of the SASE principles we talked about, you have to do it the hard way. By building this one data center at a time. >> Well, you don't want your servicers to fall down because you didn't put the partnerships in place >and hardend them Correct. >> As much as you've hardened some of the other traffic. So as we think about kind of, where this goes, what do you envision Zscaler's, kind of big customer story is going to be in 2020 and beyond? Obviously, the service is going to be everywhere, change the way you think about security, but how, for example, is the relationship between the definition of the edge and the definition of the secure service going to co-evolve? Are people going to think about the edge differently as they start to think more in terms of a secure edge or where the data resides and the secure data, what do you think? >> Let's start off with five years and go back, right? >> We're going forward. >> Work our way back. Well, five years from now, hopefully everyone is on a 5G phone, you know, with blazing-fast internet connections, on devices that you love, your applications are everywhere, so now think of it from an IT perspective. You know, my span of control is becoming thinner and thinner, right? my users are on devices that I barely control. My network is the internet that I really don't control. My applications have moved to the cloud or either hosted in third-party infrastructure or run as a SaaS application, which I really don't control. Now, in this world, how do I provide security? How do I provide user experience? Imagine if you are the CIO and your job is to make all of this work, where will you start, right? So those are some of the big problems that we are helping our customers with. So this-- >> Let me as you a question 'cause here's where I was going with the question. I would start with, if I can't control all these things, I'm going to apply my notion of security >> Hm-mm. >> And say I am going to control that which is within >> Right. >> my security boundaries, not at a perimeter level, not at a device level, but at a service level. >> Absolutely and that's really the crux of the Zscaler platform service. We build this Zero Trust architecture. Our goal is to allow users to quickly come to Zscaler and Zscaler becomes the policy engine that is securely connecting them to all the cloud services that they want to go to. Now in addition, we also allow the same users to connect to internal applications that might have required a traditional VPN. Now think of it this way, Peter. When you connect to Google today, do you VPN to Google's network? To access Gmail? No. Why should you have to VPN to access an internal application? I mean, you get a link on your mobile phone, you click on it and it didn't work because it required a separate form of network access. So with Zscaler Internet Access and Zscaler Private Access, we are delivering a beautiful service that works across 150 data centers. Users connect to the service and the service becomes a policy engine that is securely connecting you to the destinations that you want. Now, in addition, you asked about what's going to happen in a couple of years. The same service can be extended for partners. I'm a business, I have hundreds of partners who want to connect to me. Why should I allow legacy VPN access or private circuits that expose me? I don't even know who's on the other end of the line, right? They come onto my network and you hear about the Target breaches because some HVAC contract that had unrestricted access, you hear about the Airbus breach because another contract that had access. So how do we build a true Zero Trust cloud platform that is securely allowing users, whether it's your employees, to connect to named applications that they should, or your partners that need access to certain applications, without putting them on the network. We're decoupling application access from network access. And there's one final important linchpin in this whole thing. Remember we talked about how powerless organizations >> Right. >> feel in this distributed model? Now imagine, your job is to also ensure that people are having a good user experience. How will you do that, right? What Zscaler is trying to do now is, we've been very successful in providing the secure and policy-based connectivity and our customers are asking us, hey, you're sitting in between all of this, you have visibility into what's happening on the user's device. Clearly you're sitting in the middle in the cloud and you see what's happening on the left-hand side, what's happening on the right-hand side. You know, you have the cloud effect, you can see there's a problem going on with Microsoft's network in the China region, right? Correlate all of that information and give me proactive intelligence around user experience and that's what we launched recently at Zenith Live. We call it Zscaler Digital Experience, >> Hmm. >> So overall the goal of the platform is to securely connect users and entities to named applications with Zero Trust principles. We never want security and user experience to be orthogonal requirements that has traditionally been the case. And we want to provide great user experience and visibility to our customers who've started adopting this platform. >> That's a great story. It's a great story. So, once again, I want to thank you very much for coming in and that's Amit Sinha, who is the president and CTO at Zscaler, focusing a lot on the R&D types of things that Zscaler's doing. Thanks again for being on theCUBE. >> It's my pleasure, Peter. Always enjoy talking to you. >> And thanks for joining us for another CUBE conversation. I'm Peter Burris, see you next time. (funk music) (funk music)

(funky music) >> Hello and welcome to theCUBE Studios in Palo Alto, California for another CUBE conversation, where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host Peter Burris. Well, as I sit here in our CUBE studios, 2020's fast approaching, and every year as we turn the corner on a new year, we bring in some of our leading thought leaders to ask them what they see the coming year holding in the particular technology domain in which they work. And this one is no different. We've got a great CUBE guest, a frequent CUBE guest, Eric Herzog, the CMO and VP of Global Channels, IBM Storage, and Eric's here to talk about storage in 2020. Eric? >> Peter, thank you. Love being here at theCUBE. Great solutions. You guys do a great job on educating everyone in the marketplace. >> Well, thanks very much. But let's start really quickly, quick update on IBM Storage. >> Well, been a very good year for us. Lots of innovation. We've brought out a new Storwize family in the entry space. Brought out some great solutions for big data and AI solutions with our Elastic Storage System 3000. Support for backup in container environments. We've had persistent storage for containers, but now we can back it up with our award-winning Spectrum Protect and Protect Plus. We've got a great set of solutions for the hybrid multicloud world for big data and AI and the things you need to get cyber resiliency across your enterprise in your storage estate. >> All right, so let's talk about how folks are going to apply those technologies. You've heard me say this a lot. The difference between business and digital business is the role that data plays in a digital business. So let's start with data and work our way down into some of the trends. >> Okay. >> How are, in your conversations with customers, 'cause you talk to a lot of customers, is that notion of data as an asset starting to take hold? >> Most of our clients, whether it be big, medium, or small, and it doesn't matter where they are in the world, realize that data is their most valuable asset. Their customer database, their product databases, what they do for service and support. It doesn't matter what the industry is. Retail, manufacturing. Obviously we support a number of other IT players in the industry that leverage IBM technologies across the board, but they really know that data is the thing that they need to grow, they need to nurture, and they always need to make sure that data's protected or they could be out of business. >> All right, so let's now, starting with that point, in the tech industry, storage has always kind of been the thing you did after you did your server, after you did your network. But there's evidence that as data starts taking more center stage, more enterprises are starting to think more about the data services they need, and that points more directly to storage hardware, storage software. Let's start with that notion of the ascension of storage within the enterprise. >> So with data as their most valuable asset, what that means is storage is the critical foundation. As you know, if the storage makes a mistake, that data's gone. >> Right. >> If you have a malware or ransomware attack, guess what? Storage can help you recover. In fact, we even got some technology in our Spectrum Protect product that can detect anomalous activity and help the backup admin or the storage admins realize they're having a ransomware or malware attack, and then they could take the right corrective action. So storage is that foundation across all their applications, workloads, and use cases that optimizes it, and with data as the end result of those applications, workloads, and use cases, if the storage has a problem, the data has a problem. >> So let's talk about what you see as in that foundation some of the storage services we're going to be talking most about in 2020. >> Eric: So I think one of the big things is-- >> Oh, I'm sorry, data services that we're going to be talking most about in 2020. >> So I think one of the big things is the critical nature of the storage to help protect their data. People when they think of cyber security and resiliency think about keeping the bad guy out, and since it's not an issue of if, it's when, chasing the bad guy down. But I've talked to CIOs and other executives. Sometimes they get the bad guy right away. Other times it takes them weeks. So if you don't have storage with the right cyber resiliency, whether that be data at rest encryption, encrypting data when you send it out transparently to your hybrid multicloud environment, whether malware and ransomware detection, things like air gap, whether it be air gap to tape or air gap to cloud. If you don't think about that as part of your overall security strategy, you're going to leave yourself vulnerable, and that data could be compromised and stolen. So I can almost say that in 2020, we're going to talk more about how the relationship between security and data and storage is going to evolve, almost to the point where we're actually going to start thinking about how security can be, it becomes almost a feature or an attribute of a storage or a data object. Have I got that right? >> Yeah, I mean, think of it as storage infused with cyber resiliency so that when it does happen, the storage helps you be protected until you get the bad guy and track him down. And until you do, you want that storage to resist all attacks. You need that storage to be encrypted so they can't steal it. So that's a thing, when you look at an overarching security strategy, yes, you want to keep the bad guy out. Yes, you want to track the bad guy down. But when they get in, you'd better make sure that what's there is bolted to the wall. You know, it's the jewelry in the floor safe underneath the carpet. They don't even know it's there. So those are the types of things you need to rely on, and your storage can do almost all of that for you once the bad guy's there till you get him. >> So the second thing I want to talk about along this vein is we've talked about the difference between hardware and software, software-defined storage, but still it ends up looking like a silo for most of the players out there. And I've talked to a number of CIOs who say, you know, buying a lot of these software-defined storage systems is just like buying not a piece of hardware, but a piece of software as a separate thing to manage. At what point in time do you think we're going to start talking about a set of technologies that are capable of spanning multiple vendors and delivering a more broad, generalized, but nonetheless high function, highly secure storage infrastructure that brings with it software-defined, cloud-like capabilities. >> So what we see is the capability of A, transparently traversing from on-prem to your hybrid multicloud seamlessly. They can't, it can't be hard to do. It's got to happen very easily. The cloud is a target, and by the way, most mid-size enterprise and up don't use one cloud, they use many, so you've got to be able to traverse those many, move data back and forth transparently. Second thing we see coming this year is taking the overcomplexity of multiple storage platforms coupled with hybrid cloud and merging them across. So you could have an entry system, mid-range system, a high-end system, traversing the cloud with a single API, a single data management platform, performance and price points that vary depending on your application workload and use case. Obviously you use entry storage for certain things, high-end storage for other things. But if you could have one way to manage all that data, and by the way, for certain solutions, we've got this with one of our products called Spectrum Virtualize. We support enterprise-class data service including moving the data out to cloud not only on IBM storage, but over 450 other arrays which are not IBM-logoed. Now, that's taking that seamlessness of entry, mid-range, on-prem enterprise, traversing it to the cloud, doing it not only for IBM storage, but doing it for our competitors, quite honestly. >> Now, once you have that flexibility, now it introduces a lot of conversations about how to match workloads to the right data technologies. How do you see workloads evolving, some of these data-first workloads, AI, ML, and how is that going to drive storage decisions in the next year, year and a half, do you think? >> Well, again, as we talked about already, storage is that critical foundation for all of your data needs. So depending on the data need, you've got multiple price points that we've talked about traversing out to the cloud. The second thing we see is there's different parameters that you can leverage. For example, AI, big data, and analytic workloads are very dependent on bandwidth. So if you can take a scalable infrastructure that scales to exabytes of capacity, can scale to terabytes per second of bandwidth, then that means across a giant global namespace, for example, we've got with our Spectrum Scale solutions and our Elastic Storage System 3000 the capability of racking and stacking two rack U at a time, growing the capacity seamlessly, growing the performance seamlessly, providing that high-performance bandwidth you need for AI, analytic, and big data workloads. And by the way, guess what, you could traverse it out to the cloud when you need to archive it. So looking at AI as a major force in the coming, not just next year, but in the coming years to go, it's here to stay, and the characteristics that IBM sees that we've had in our Spectrum Scale products, we've had for years that have really come out of the supercomputing and the high-performance computing space, those are the similar characteristics to AI workloads, machine workloads, to the big data workloads and analytics. So we've got the right solution. In fact, the two largest supercomputers on this planet have almost an exabyte of IBM storage focused on AI, analytics, and big data. So that's what we see traversing everywhere. And by the way, we also see these AI workloads moving from just the big enterprise guys down into small shops, as well. So that's another trend you're going to see. The easier you make that storage foundation underneath your AI workloads, the more easy it is for the big company, the mid-size company, the small company all to get into AI and get the value. The small companies have to compete with the big guys, so they need something, too, and we can provide that starting with a little simple two rack U unit and scaling up into exabyte-class capabilities. >> So all these new workloads and the simplicity of how you can apply them nonetheless is still driving questions about how the storage hierarchies evolved. Now, this notion of the storage hierarchy's been around for, what, 40, 50 years, or something like that. >> Eric: Right. >> You know, tape and this and, but there's some new entrants here and there are some reasons why some of the old entrants are still going to be around. So I want to talk about two. How do you see tape evolving? Is that, is there still need for that? Let's start there. >> So we see tape as actually very valuable. We've had a real strong uptick the last couple years in tape consumption, and not just in the enterprise accounts. In fact, several of the largest cloud providers use IBM tape solutions. So when you need to provide incredible amounts of data, you need to provide primary, secondary, and I'd say archive workloads, and you're looking at petabytes and petabytes and petabytes and exabytes and exabytes and exabytes and zetabytes and zetabytes, you've got to have a low-cost platform, and tape provides still by far the lowest cost platform. So tape is here to stay as one of those key media choices to help you keep your costs down yet easily go out to the cloud or easily pull data back. >> So tape still is a reasonable, in fact, a necessary entrant in that overall storage hierarchy. One of the new ones that we're starting to hear more about is storage-class memory, the idea of filling in that performance gap between external devices and memory itself so that we can have a persistent store that can service all the new kinds of parallelism that we're introducing into these systems. How do you see storage-class memory playing out in the next couple years? >> Well, we already publicly announced in 2019 that in 2020, in the first half, we'd be shipping storage-class memory. It would not only working some coming systems that we're going to be announcing in the first half of the year, but they would also work on some of our older products such as the FlashSystem 9100 family, the Storwize V7000 gen three will be able to use storage-class memory, as well. So it is a way to also leverage AI-based tiering. So in the old days, flash would tier to disk. You've created a hybrid array. With storage-class memory, it'll be a different type of hybrid array in the future, storage-class memory actually tiering to flash. Now, obviously the storage-class memory is incredibly fast and flash is incredibly fast compared to disk, but it's all relative. In the old days, a hybrid array was faster than an all hard drive array, and that was flash and disk. Now you're going to see hybrid arrays that'll be storage-class memory and with our easy tier function, which is part of our Spectrum Virtualize software, we use AI-based tiering to automatically move the data back and forth when it's hot and when it's cool. Now, obviously flash is still fast, but if flash is that secondary medium in a configuration like that, it's going to be incredibly fast, but it's still going to be lower cost. The other thing in the early years that storage-class memory will be an expensive option from all vendors. It will, of course, over time get cheap, just the way flash did. >> Sure. >> Flash was way more expensive than hard drives. Over time it, you know, now it's basically the same price as what were the old 15,000 RPM hard drives, which have basically gone away. Storage-class over several years will do that, of course, as well, and by the way, it's very traditional in storage, as you, and I've been around so long and I've worked at hard drive companies in the old days. I remember when the fast hard drive was a 5400 RPM drive, then a 7200 RPM drive, then a 10,000 RPM drive. And if you think about it in the hard drive world, there was almost always two to three different spin speeds at different price points. You can do the same thing now with storage-class memory as your fastest tier, and now a still incredibly fast tier with flash. So it'll allow you to do that. And that will grow over time. It's going to be slow to start, but it'll continue to grow. We're there at IBM already publicly announcing. We'll have products in the first half of 2020 that will support storage-class memory. >> All right, so let's hit flash, because there's always been this concern about are we going to have enough flash capacity? You know, is enough going to, enough product going to come online, but also this notion that, you know, since everybody's getting flash from the same place, the flash, there's not going to be a lot of innovation. There's not going to be a lot of differentiation in the flash drives. Now, how do you see that playing out? Is there still room for innovation on the actual drive itself or the actual module itself? >> So when you look at flash, that's what IBM has funded on. We have focused on taking raw flash and creating our own flash modules. Yes, we can use industry standard solid state disks if you want to, but our flash core modules, which have been out since our FlashSystem product line, which is many years old. We just announced a new set in 2018 in the middle of the year that delivered in a four-node cluster up to 15 million IOPS with under 100 microseconds of latency by creating our own custom flash. At the same time when we launched that product, the FlashSystem 9100, we were able to launch it with NVME technology built right in. So we were one of the first players to ship NVME in a storage subsystem. By the way, we're end-to-end, so you can go fiber channel of fabric, InfiniBand over fabric, or ethernet over fabric to NVME all the way on the back side at the media level. But not only do we get that performance and that latency, we've also been able to put up to two petabytes in only two rack U. Two petabytes in two rack U. So incredibly rack density. So those are the things you can do by innovating in a flash environment. So flash can continue to have innovation, and in fact, you should watch for some of the things we're going to be announcing in the first half of 2020 around our flash core modules and our FlashSystem technology. >> Well, I look forward to that conversation. But before you go here, I got one more question for you. >> Sure. >> Look, I've known you for a long time. You spend as much time with customers as anybody in this world. Every CIO I talk to says, "I want to talk to the guy who brings me "or the gal who brings me the great idea." You know, "I want those new ideas." When Eric Herzog walks into their office, what's the good idea that you're bringing them, especially as it pertains to storage for the next year? >> So, actually, it's really a couple things. One, it's all about hybrid and multicloud. You need to seamlessly move data back and forth. It's got to be easy to do. Entry platform, mid-range, high-end, out to the cloud, back and forth, and you don't want to spend a lot of time doing it and you want it to be fully automated. >> So storage doesn't create any barriers. >> Storage is that foundation that goes on and off-prem and it supports multiple cloud vendors. >> Got it. >> Second thing is what we already talked about, which is because data is your most valuable asset, if you don't have cyber-resiliency on the storage side, you are leaving yourself exposed. Clearly big data and AI, and the other thing that's been a hot topic, which is related, by the way, to hybrid multiclouds, is the rise of the container space. For primary, for secondary, how do you integrate with Red Hat? What do you do to support containers in a Kubernetes environment? That's a critical thing. And we see the world in 2020 being trifold. You're still going to have applications that are bare metal, right on the server. You're going to have tons of applications that are virtualized, VMware, Hyper-V, KVM, OVM, all the virtualization layers. But you're going to start seeing the rise of the container admin. Containers are not just going to be the purview of the devops guy. We have customers that talk about doing 10,000, 20,000, 30,000 containers, just like they did when they first started going into the VM worlds, and now that they're going to do that, you're going to see customers that have bare metal, virtual machines, and containers, and guess what? They may start having to have container admins that focus on the administration of containers because when you start doing 30, 40, 50,000, you can't have the devops guy manage that 'cause you're deploying it all over the place. So we see containers. This is the year that containers starts to go really big-time. And we're there already with our Red Hat support, what we do in Kubernetes environments. We provide primary storage support for persistency containers, and we also, by the way, have the capability of backing that up. So we see containers really taking off in how it relates to your storage environment, which, by the way, often ties to how you configure hybrid multicloud configs. >> Excellent. Eric Herzog, CMO and vice president of partner strategies for IBM Storage. Once again, thanks for being on theCUBE. >> Thank you. >> And thanks for joining us for another CUBE conversation. I'm Peter Burris. See you next time. (funky music)

(upbeat music) >> Hello and welcome to the Cube Studios in Palo Alto California, for another Cube conversation. Where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host Peter Burris. Every Enterprise is saddled with the challenge of how to get more value out of their data. While at the same time trying to find new ways of associating value with product or value with service and to work with the different technology suppliers to create an optimal relationship for how they can move their business forward within a data-driven world. It's a tall order but 2020 is going to feature an enormous amount of progress and how enterprises think about how to handle the people, process and technology of improving their overall stance towards getting value out of their data. So to have that conversation today, we're joined by a Guy Churchward, who's the CEO of Datera. Guy welcome back to the cube. >> Thank You Peter, I appreciate it. >> So before we go any further give us a quick update what's going on with Datera? >> We're doing pretty well. I mean this year's we're just going to close it off. So we're in Q4 right at the end of it. You mentioned data-driven, you know I mean that was obviously one of my key excitements, years ago we kind of moved from a hardware resiliency or Hardware-driven to software resiliency, Software defined and I do think that we've hit that data-defined, data-driven infrastructure right now. I've been in the CEO role now just about a year. I've been on the board since August of a year and change ago and part of it is we had a little bit of an impedance mismatch of message, technology and basically I go to market. So the team quite brilliantly produced this data services platform to do data driven architectures. >> Mmmh. >> But customers don't wake up every morning and go, I need to go buy a data-driven, how do I buy one? And so when I came in I realized that you know what they had was an exceptional solution but the market isn't ready yet for that thought process, and what they were really buying still was SDS, software defined storage. >> So it almost in a connect way. so I'm going to buy an SDS and connect it to something and get a little bit of flexibility over here but still worry about the lock in every where else. >> Yeah, exactly and in fact even on the SDS side. What they weren't looking for is bring your own server storage. What they were looking for was automation and they were looking to basically break out and have more data mobility and data freedom. And so that was good and then the second one was our technology really sells directly to enterprises, directly to large scale organizations and it's very difficult as a start-up, small company to basically be able to punch straight into a global account, you know. Because they'll sit back and say, well you know would you trust your family jewels to a company that's got 40 employees in Silicon Valley. >> Right. >> And so what you really have is this and get the message right and then make sure you have to flow through to the customer credibility right and we were fortunate to land a very strategic relationship with HP. And so that was our focus point. Right. So we basically got on board with HP, got into their complete program, started selling very closely to them of which their sales team has been marvelous and then we're just finishing that that year. The good news is and you know I'll give you a spoiler I care about Billings, you know I mean we actually move from an appliance business to a software business exclusively, and so we basically sell term agreement. So if you think about it from a bookings perspective, that's important but basically how much you bill out is more important. From a Billings perspective I think we're going to run roughly 350% up year-over-year. >> Ooh. >> Yeah which is kind of good. Right I mean in other words it was a bit of a pat on the back that seems very happy with that and then even from new account acquisitions if I count the amount of accounts that we bought in this year and to date, entirely since 2013 we've only had one customer churn, so all the customers are coming with us but if I count this year, if I look at 16 17 and 18 we've actually bought more customers on board in 19 than all three pulled together. So we're actually finishing a very very strong year. >> Congratulations. Now if we think about going into 2020 you're closing this quarter, but every startup has to have a notion of what's going to happen next and what role you're going to play. And what happens next. So if I look back I I see the enterprise starting to assert themselves in the cloud businesses. That's having an effect on on everybody. But it really becomes concrete you know, the rubber really meets the road at the level of data. So as you start to grow you're talking more customers, as you talk to more customers and they expressed what they need out of this new cloud oriented world, what kinds of problems are they bringing to the table as far as you're concerned? >> Yeah, I mean they initially come to us so what I would say is every account that we've run we've replaced traditional arrays storage arrays and every account we've run, we've actually competed against SDS vendors and whether that's something like Dells, VxFlex or even vSAN, VMware's vSAN and which are probably the two most well-known ones. A lot of cases I mean we actually have 100% win rate against that in these competitive situations, but interestingly most customers now are putting dual source in place. So in fact the reason that we've ridden pretty quickly and we've run lots of deals, isn't because we're going in and saying VxFlex is failing or vSAN is failing, but they want something extra, they want automation, they want desegregation, they want scale >> They want second source. In many respects of sales is, it's succeeding but you have to push a little bit harder and that is ease most easily done by bringing in another platform with crucial functionality... >> Yeah >> ...and a second source. >> And I think you're on the money there Peter because if I look at second source in the traditional array business, no CIO worth their soul is a single source vendor so they they will have Dell and they'll have HP or they'll have HP and they'll have Pure, doesn't matter and and even on HCI you'll see the HCI vendors, Nutanix is doing very well, so is Dell. So therefore they'll have that from second source if its critical. So if an environment is critical they always have a second source and so even now when you look into software-defined, this market in 2019 was very much like the, let's get the second source in place. And that shows you where we are on the maturity curve because people is basically moving on this en mass. Now that's 2019 you're asking about 20, 21, 22 moving forward. The reason that the traditional arrays weren't working for them is whether it's flexibility or it's basically management costs or maintenance, but it's data freedom. It's what they're really looking for. You know, what is a data center? Is it on-premise, is it cloud? It's definitely cloud but the question is is it on-premise cloud? Is it hybrid cloud, is it public cloud? And then you mention edge. You know we actually find customers who are looking and are saying look, the most important thing for us is being data-driven and what data-driven basically articulates is we get data in, we analyze it, we make decisions on it and we win and lose against our competition as fast as we can be accurate on that data set. And a lot of the decisions are getting made at the edge. So a lot of people are looking at saying my data center is actually at the edge, it's not in the center in the cloud, right. >> Well in many respects, it's for the first time a data center actually is what it says it is, right. Because the data center used to be where the hardware was and now increasingly enterprises are realizing that the services and the capabilities have to be where the data is. >> Yeah. >> Where the data is being produced, where the data is being utilized and certainly where the data, where decisions are being made about what to keep what not to keep, how much of it etc, and that that does start to drive forward an increased recognition that at some point in time we are going to talk more about the services that these platforms, or these devices or these software-defined environments provide. Have I got that right? >> Yeah, yeah you have and even if you look at that, you know ... what the AI/ML, you know I mean if I if I kind of step back and I look at what a customer's trying to do which is to utilize as much data as possible, in a way that they have data freedom that allows them to make decisions and that's really where AI and machine learning comes in. Right you know everybody employs that. I recently bought a camera, shockingly inside the camera it's got ML functionality into it, it's got AI built into it, my new photo editing software on my iPad is actually an ML-based system. They don't do it because it's a buzz word, they do it because basically they can get a much higher level of accuracy and then use data for enrichment, right. And then in the ML track, the classic route was I'm going to create a data lake, right. So I got my data lake and I've got everything in it then I'm going to analyze off the back of it. But everybody was analyzing once it's in the data lake. And what they've realized is to compete, they actually have to analyze much quicker. >> Right. >> And that's at the edge, and that's in real-time and that string based. And so that's really where people are sort of saying I can't ... I'm not going to have any long pole in my technology tent. I'm not going to have anything slow me down, I have to beat my competition and as part of that they need complete fluidity on their data. So I don't care whether it's at the edge or it's in the center or in the cloud, I need instant access to it for enrichment purposes and to make fast and accurate decisions. So they don't want data silos. You know, so any product out there that basically says me me me me give me my data and therefore I'm going to encrypt in such a ways you can't read it and it's not available to anybody else. They are just trying to eradicate that. And and we've sort of moved. It's a weird way of putting it but we've moved from hardware-defined to software-defined and I think we've moved into this data-defined era. But at the same time, it's the most stupid thing for me to say, because we've never not been in a data-defined era. But it's the way in which people think with their architecture as they sign up a data center now or a cloud and they're not saying, hey so about the hardware, it's based on that or it's the software. It's always going to be about the data. The access to the data, however before you get excited. (laughs) The thing that I kind of look at I say so what has fundamentally changed? And it's the fact that we always used to have to make a decision. You know, I ran a security analytics business and when you do things like log management, it's about collecting as much as data so in other words accuracy beats speed. And then security event management is speed beats accuracy. Because you can't ask questions of the same data. But technology is caught up now. So we've actually moved from the do you want accuracy? Or do you want speed? It's like "or arena". So people were building architectures in this "or" world, you know. Do you want software-defined? If you want software-defined you can't have Enterprisilities. Why not? Well, if you want an enterprise application, I mean remember the age-old adage. You should never buy a version 1.0 of an app. >> Right. But what happens is they want they want this ... people are turning around saying I need an enterprise application, I want full data access to the back of it, I actually need it to be fluid, I need it Software-defined, I don't know where it's going to be based and I don't want to do forklift upgrades. I want and and and and and. Not or, so what we've actually moved to is a software-defined era you know, and a data-defined architecture in an "and arena". And where customers are truly winning and where they're going to beat their competition, is where they don't settle and say oh I remember back two years ago, this happened and therefore we should learn from that, and we shouldn't do that. They're actually just breaking through and saying I'm going to fire the application up I want it up and running within 30 days, I want it to be an enterprise application, I need it to be flexible, I needed to have a hype of scale and then I'm going to break it down and by the way I'm not going to pay contractually to an organization to build all that infrastructure. And that's really why soup to nuts, as we move forward not only they sort of building an infrastructure is data-defined infrastructure, they don't want lock-in. They want optionality and that means they want term licenses which is sure, they don't want these proprietary silos and they need data flexibility on the back of it. And those are the progressive customers, and by the way I've not had to convince a single customer to move to software-defined or data-defined. Every client knows they're going there, the question on the journey is, how fast they want to get. >> Right, when? >> Yeah. >> So if so look every single every single enterprise, every single business person takes a look at what are regarded as the most valuable assets and then they hire people to take care of those assets, to get value out of those assets, to maintain those assets, and when we move from a hardware world where the most valuable asset is hardware that leads to one organization, one set of processes, one set of activities. Move into a software world to get the same thing. But we agree with you, we think that we are moving to a world that is data first, where data is increasingly going to be the primary citizen and as a consequence we're seeing firms reinstitutionalize how work is done, redefine the type of people they have, alter their sourcing arrangements, I mean there's an enormous amount of change happening because data is now becoming the primary citizen. So how is Datera going to help accelerate that in 2020? >> Yeah I mean and again that's part of data access. And then also part of data scale. Back probably six seven eight years ago. EMC we were even I remember Steve Manley is a good buddy of mine, we went on stage and we talked about bringing sexy back to back up. We were trying to move away from backup admins just being backup admins to backup admins actually morphing their job into being AI/ML. You know, I remember a big client of mine, and it wasn't in the EMC days, it was before that were basically saying they have to educate their IT staff, they want to bring them up as they move forward. In other words, you can't ... what you don't want is you don't want your team, because it all comes down to people. You don't want them stuck in an area to say we can't innovate forward because we can't get you away from this product, right. So one of our customers at Datera is a SaaS vendor. And their challenge is they had traditional array business even though it was in a SaaS model, it was basically hardware in the background and they would buy instances and they found that their HR cost, their headcount cost was scaling, >> With the hardware. >> Exactly, and and they were looking at and going, what does that do to my business? It does one or two things, either one is it means that cost I mean do I bear that I don't make profitability and I can't drive my business or do I lay that on my customers and then the cost goes up and therefore I'm actually not a cloud scale. And I can't hire all the people I need to hire into it. So they really needed to move to a point of saying how do I get to hyper scale? How do I drive the automation that allows me to basically take staff and do what they need to do. And so our thing isn't removing staff, it's actually taking the work that you have and the people and put them in a way they really matter. So in other words if you think about the old days of I'm going to mess this up but, I talked to somebody recently about what IT stands for. And they said IT should stand for information technology, right. I mean that's really what it is. But, but you know for the last 20 years it stood for infrastructure technology? >> Yeah. >> And that's frustrating, because in essence we got way too many people managing a lot of crap. And what they really should be doing is focusing on what makes the business happen. >> Yeah. >> And for instance I like to run a business by money in and money out, everybody else does and then you look at it and you say well, how do I get more money coming in? By being smarter and quicker than somebody else. How do I do that? By data analytics. Where do I want to put my work? Well I want to put it into the ML/AI and I want more analysts to work on it. I want my IT staff to do that. Let's move them into that. I don't want them you know rooms and reams of people trying to make it you know manage arrays that don't function the way they should or... >> One more percent out of that array of productivity. >> Yeah, abnormally trying to scale HCI solutions to a hyper scale that actually is impossible for them to do it. >> Right. >> You know and and that was the thing that really what Mark, who was the founder of Datera and the team really did is they looked at it from a cloud perspective and said it's got to be easier than this. There must be a way of doing low lights-out automation on storage. And that's why I was saying when I took over, I kind of did the company an injustice by calling it an SDS Tier 1 vendor. But in reality that was what customers could assume. And we're basically a data services platform that allows them to scale and then if you hop forward you go how do you open up the platform? How do you become data movement? How do you handle multi-cloud? How do you make sure that they don't have this issue? And the policies that they put in place and the way in which they've innovated, it allows that open and flexible choice. So for me, one is you get the scale, two you don't have forklift upgrade three is you don't have human capital cost on every decision you make, and it actually fits in in a very fluid way. And so even though customers move to us and buy us as a second source for SDS, once they've got the power of this thing they realize actually now they've got a data service platform and they start then layering in other policies and other systems and what we've seen is then a good uptick of us being seen as a strategic part of their data movement infrastructure. >> You expand. >> Exactly. >> Guy Churchward, CEO of Datera, thanks again for being on the Cube. >> My pleasure. Thank you Peter. >> And thank you for joining us for another CUBEConversation. I'm Peter Burris, see you next time. (upbeat music)

>>From our studios in the heart of Silicon Valley. Palo Alto, California myth is a cute conversation. >>Hello and welcome to the cube studios in Palo Alto, California. For another cube conversation. We go in depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. It's a well known fact of life at this point in time. We're going to the cloud in some manner, way, shape or form. Every business that intends to undertake a digital transformation is going to find themselves in a situation where they are using cloud resources to build new classes of applications and accelerate their opportunities to create new markets that are more profitable. What folks haven't fully internalized yet though is what it means to govern those activities. What does it mean to use data that is in the cloud in a compliant and reliable way? What does it mean to allow rapid innovation while at the same time ensuring that our businesses are not compromised by new classes of risk, new classes of compliance issues as a result of making certain liberties, uh, with how we handle governance. So that's what we're going to talk about today and we've got a great conversation for you. Toby Knapp is a co founder and CTO of day two IQ and Charlie Betts is the principal analyst at Forrester. Toby. Charlie, welcome to the cube theater. All right, so Charlie, I'm going to start with you. I kind of outline the overall nature of the problem, but let's get it very specific. What is the problem that enterprises face today as they try to accelerate their use of technology in a way that doesn't compromise the risk and compliance concerns? >>Well, we are hearing the same story over and over again. Peter, uh, companies are starting on the cloud native journey and perhaps a dev ops journey. You know, there's some similarities there. You know, one leads to the other in many cases and they S they do a proof of concept and they do a pilot and they like the results. But both of those efforts had what from monopoly, we would call it a get out of jail free card. You know, they had a pass to bypass certain regulatory or governance or compliance controls. Now they want to scale it. They want to roll it out across the enterprise and you can't give every team a get out of jail free card. >>Well, let me dig into this because is it that the speed with which we're trying to create new things, is that the key issue? Is it that the new technologies like Coobernetti's lend themselves to new style that doesn't necessarily bring good governance along with it? What is, what are those factors that are driving this problem? >>I think the central factor, Peter, is the movement from stage gated governance to governance of continuous flow. We could unpack this in various ways, but really if you look at so many governance models and people ship them to us and we comb through them and it's getting, you know, doing a lot of out lately, what we see is over and over again, this idea that delivery pauses experts come in from their perspective with a checklist they go through, they check the delivery against the checklist, and then the Greenlight is given to move on. And this is how we've run digital systems for a long time now. But now we're moving towards continuous flow, continuous iteration, >>agile, agile, DevOps, >>dev ops, all the rest. And these methods are well suited to be supported by architectures like Coobernetti's. And there are certain things you can do with automation that are very beneficial in cloud native systems, but you're up against, you know, decades of policy that assume this older model is based on older guidance like ITIL and PIM, Bach and, and COBIT and all the rest. COBIT 2019 is still based on a plan build run model, >>which is not, is not necessarily a bad thing in the grand scheme of things, but it doesn't fit into a month long sprint. >>It doesn't fit. And more and more what we're seeing when I say stage Gates are going away, what we're seeing is that the life cycle becomes internalized to the team. You still plan, build, run. But it's not something that you can put controls >>on at the high level. And so the solution seems to be is that we need to be able to foster this kind of speedy acceleration that encourages the use of agile, uh, leads to a dev ops orientation. And somehow fold good solid governance practices right into the mix. What do you think the, let's take a look at 2025, what's it going to look like? And uh, even if we're not ready for it yet? >>Well, I think you were going to govern a lot more at the level of the outcome. You're going to govern what not how as much, but there are a lot of things that still are essential and just basic solid good practice such as not having 15 different ways or a hundred different ways to configure major pieces of infrastructure. You know, there's a, in the, some of the reports, uh, the state of DevOps report that came out, there was a, uh, a note in there or a finding in there that it was best to let the developers have a lot of choice. And I understand that developer autonomy is very important, but every time a development team chooses a new technology or a new way to configure an ex, an existing technology, that's an expansion of attack surface. And I'm very concerned about that, especially as we see things like Equifax with the, uh, the struts exploit, you know, we, we have to keep our environment secure, well patched up to date. And if you only have one or two ways that things are configured, that means your staff are more likely to do the right thing as opposed to, you know, infinite levels of variation, you know, on a hundred different ways of configuring. Coobernetti's >>well, presumably we don't want the infinite levels of variation to be revealed at the business level and not down at the infrastructure level. I think one of the things that folks mean or folks aren't intending or hope to be able to do with digital business you're alluding to this is creating a digital asset, a software based asset because ultimately it's going to be more integratable, but you lose the opportunity to integrate those things if you're increasing the transaction costs by introducing a plethora of discordant governance models. Is that what you're seeing as well, Toby? >>Absolutely. And I think, uh, you know, some aspects of cloud native that make this problem a lot bigger is actually, you know, cloud native encourages sort of a self service model for infrastructure. And also we're seeing our shift, um, off, uh, power and decision making towards developers, right? So you have developers introducing a lot of these new stacks, often in a very, you know, sort of bottoms up, um, organic way. So very quickly and enterprise finds themselves with, you know, 10, 15 different ways to provision infrastructure to provision communities, clusters. Um, and often, you know, the teams that are in charge of governance aren't even aware of these things, right? Yes. So, uh, I think it starts actually with that and you know, how can we find, uh, this balance of giving developers the flexibility they want, uh, you know, having them leverage the benefits of cloud native, but at the same time making the folks that are in charge of governance, uh, aware of what's going on in, in their enterprise, uh, making them aware of the different stacks that are provisioned. Uh, and then finding the right balance between that flexibility and enforcing governance. Uh, there's ways to do that. Um, you know, there what we see a lot is, is, uh, waste, uh, people building one stack on cloud provider, a different stack on cloud provider B, a third stack, you know, at the edge or in their data center. And so when it comes to patching, security issues, upgrading versions, you know, you, you're doing three, five times the, the amount of work. >>Well, let me ask you a question because we can see that the problem is this explosion in innovation at the digital level, uh, that is running into this, uh, the, the stricture of historical practices. And as a result, people are in running governance. What is it, I mean, if I think about this, it sounds to me like the developer tooling is getting better, faster than the governance tooling. Where are we in the marketplace in terms of thinking about technologies that can improve the productivity on the governance side so that we can bring governance models to the developers so they don't have to make decisions at that level? >>Right. I think where we are in the market is, um, so obviously cloud native and Kubernetes specifically has seen rapid adoption Indiana price, right? And I think, um, you know, the governance and tools are just now catching up. Right? Right. Um, so the typical journey we see is, uh, you know, folks try out Kubernetes, they try out cloud native technologies to have a very good first experience. It's easy. And so they kind of, uh, you know, forget some of the best practices that we've learned over the years for how to secure a production stack, how to make it upgradable, maintainable, how to govern workloads and versions, um, because they'll still, schools just simply didn't exist. Uh, so far we're now seeing these tools emerge. Um, and, and really it's the same approaches that have worked for us in the past for, for running these types of infrastructure. It's, um, you're having a central pane of class for visibility. What versions am I running? Uh, you know, first being aware of what's out there and then you'll centralizing management of these, of these stacks. Um, how do I, you know, lifecycle manage my, my Kubernetes clusters and all the related technologies. Those are the tools that are just now showing up in the market, >>but it's also got to be, I presume that, uh, a degree of, uh, presuming that the tooling itself does bring forward good governance practices into a modern world. If I got that right. >>Yeah, absolutely. I think this is one of the key things that the updated INO team, uh, the infrastructure and operations and our, our view is that these become platform teams. So we've maybe relieved the INO term behind we go with the platform teams. This is one thing that they should be doing is creating reference implementations. You know, the, you know, here's your hello world stack and it's perfectly compliant. Go solve your business problem and leave the undifferentiated heavy lifting to us. You know, and this is I think, uh, going should be a welcome message. Uh, assuming that the stack is providing all the services that the developer expects. >>Well it certainly suggests that there is a reasonable and rational separation of duties and function within a business. So the people that are close to the business of building the function that the business needs are out there doing it. Meanwhile, we've got infrastructure developers that are capable of building a platform that serves as multitude of purposes with the specificity required for each workload and in compliance with the overall organization. >>There's a key message that I want to reinforce with the audience as we think about the future of INO. I, we've been thinking a lot about it at Forester. What is the future of the traditional INO organization? If I say infrastructure that implies application and I'm talking about a stack that doesn't go away, you know, there will always be a stack, a layered architecture. What is being challenged is, when I say operations, that implies dev and I'm talking now about a life cycle. That's what's merging together. And so well, the life cycle becomes something that is held internally within your feature or component team and is no longer a suitable topic of governance. Absolutely. In terms of the layered infrastructure, this is where we, it's still a thing, you know, because yes, we will platform teams, component teams, feature teams facing the business or the end user. >>Well, it's all back to the idea that a resource is a reasonably well bound, but nonetheless with the appropriate separation, uh, of, of function that delivers some business outcome. And that's gonna include both infrastructure at a software level, an application at a software level. So look, we, you spent a lot of time talking to customers about these issues when they come back to you. Uh, where are you seeing successes most obviously and why? >>Yeah, so where we see successes is where, um, you know, organizations, um, figure out a way to give developers what they want, which is in the cloud native spaces. Every development team wants to own their own communities cluster. They want to, it is their sandbox. They want to install their own applications on there. They don't want to talk to different team when they install applications. So how can you give them that while at the same time enforcing the standards that you need to, right? How do you make sure those clusters follow a certain blueprint that have the right access control rules? Um, you know, sensitive information like, like credentials are distributed in the right way. The right versions of workloads are available. Organizations that figure out how to do that, uh, they are successful at this. So the government from a central place, they have um, you know, essential pane of glass. >>Um, you know, like our product commander where they essentially set up blueprints for teams. Um, each individual team can have their own cluster. It gets provisioned with this blueprint. And then from the central place I can say, all right, here is what my production clusters should look like. Right? Here are the secrets that should be available. Here are the access control rules that need to be set. And so you find the right balance that way, right? You can enforce your governance standards while at the same time giving developers their individual clusters that development their staging of production clusters. >>And here's the options and what is an edible option and what is not. Right. Yeah. So it seems to me as if I, I mentioned this earlier, if I think about digital business, it's the opportunity to not only turn process, we're increasingly digitized process, but the real promise also is to then find ways of bringing these things together, integrate the business in response to new opportunities or new, uh, competitive factors or regulatory factors, whatever else it might be, and literally reconfigure the business quickly. That has to be more difficult if we have a wide array of, of governance models and operational principles. Trolley is, you think about customer success, uh, what does it mean for the future to be able to foster innovation with governance so that the whole thing can come together when it needs to come together? >>Well, I think that we need to move to governing again, as I said earlier, governing >>what not. How uh, >>I believe that, uh, you know, teams should be, should be making certain promises and there's a whole idea of the theory that's out there. A guy named Mark Burgess who is, you know, well known in certain certain infrastructure as code circles. So what are the promises that the team makes within the larger construct of the team of teams and is that team being accountable to those promises? And I think this is the basis of some of the new operating models we're seeing like Holacracy and teal. I think we're in very early days of looking at this. But you know, yeah, you will be held accountable for you know, objectives and key results. But how you get there, you have more degrees of freedom and yet at an infrastructure level, this is also bounded by the fact that if this is a solved problem, if this is not interesting to the business, you shouldn't be burning brain power on solving it. You know, and maybe it was interesting, you know, a couple of years ago and there was a need to explore new technologies, but really the effort should be spent solving the customer's problems. Charlie Betts, principal analyst at Forrester, Toby not co founder and CTO of D to IQ. Thanks very much for being on the cube. Thank you. Thank you, Peter, and thank you for joining us for another cube conversation. Once again, I'm Peter Burris. See you next time..

>> Announcer: From our studios, in the heart of Silicon Valley, Palo Alto, California, this is a CUBE conversation. >> Hello, and welcome to theCUBE studios, in Palo Alto, California for another CUBE conversation where we go in depth with though leaders driving innovation across tech industry. I'm your host, Peter Burris. The whole concept of self service analytics has been with us decades in the tech industry. Sometimes its been successful, most times it hasn't been. But we're making great progress and have over the last few years as the technologies matures, as the software becomes more potent, but very importantly as the users of analytics become that much more familiar with what's possible and that much more wanting of what they could be doing. But this notion of self service analytics requires some new invention, some new innovation. What are they? How's that going to play out? Well, we're going to have a great conversation today with Stephanie McReynolds, she's Senior Vice President of Marketing, at Alation. Stephanie, thanks again for being on theCUBE. >> Thanks for inviting me, it's great to be back. >> So, tell us a little, give us an update on Alation. >> So as you know, Alation was one of the first companies to bring a data catalog to the market. And that market category has now been cemented and defined depending on the industry analyst you talk to. There could be 40 or 50 vendors now who are providing data catalogs to the market. So this has become one of the hot technologies to include in a modern analytics stacks. Particularly, we're seeing a lot of demand as companies move from on premise deployments into the cloud. Not only are they thinking about how do we migrate our systems, our infrastructure into the cloud but with data cataloging more importantly, how do we migrate our users to the cloud? How do we get self-service users to understand where to go to find data, how to understand it, how to trust it, what re-use can we do of it's existing assets so we're not just exploding the amount of processing we're doing in the cloud. So that's been very exciting, it's helped us grow our business. We've now seen four straight years of triple digit revenue growth which is amazing for a high growth company like us. >> Sure. >> We also have over 150 different organizations in production with a data catalog as part of their modern analytics stack. And many of those organizations are moving into the thousands of users. So eBay was probably our first customer to move into the, you know, over a thousand weekly logins they're now up to about 4,000 weekly logins through Alation. But now we have customers like Boeing and General Electric and Pfizer and we just closed a deal with US Air Force. So we're starting to see all sorts of different industries and all sorts of different users from the analytics specialist in your organization, like a data scientist or a data engineer, all the way out to maybe a product manager or someone who doesn't really think of them as an analytics expert using Alation either directly or sometimes through one of our partnerships with folks like Tableau or Microstrategy or Power BI. >> So, if we think about this notion of self- service analytics, Stephanie, and again it's Alation has been a leader in defining this overall category, we think in terms of an individual who has some need for data but is, most importantly, has questions they think data can answer and now they're out looking for data. Take us through that process. They need to know where the data is, they need to know what it is, they need to know how to use it, and they need to know what to do if they make a mistake. How is that, how are the data catalogs, like Alation, serving that, and what's new? >> Yeah, so as consumers, this world of data cataloging is very similar if you go back to the introduction of the internet. >> Sure. >> How did you find a webpage in the 90's? Pretty difficult, you had to know the exact URL to go to in most cases, to find a webpage. And then a Yahoo was introduced, and Yahoo did a whole bunch of manual curation of those pages so that you could search for a page and find it. >> So Yahoo was like a big catalog. >> It was like a big catalog, an inventory of what was out there. So the original data catalogs, you could argue, were what we would call from an technical perspective, a metadata repository. No business user wants to use a metadata repository but it created an inventory of what are all the data assets that we have in the organizations and what's the description of those data assets. The meta- data. So metadata repositories were kind of the original catalogs. The big breakthrough for data catalogs was: How do we become the Google of finding data in the organization? So rather than manually curating everything that's out there and providing an in- user inferant with an answer, how could we use machine learning and AI to look at patterns of usage- what people are clicking on, in terms of data assets- surface those as data recommendations to any end user whether they're an analytics specialist or they're just a self- service analytics user. And so that has been the real break through of this new category called data cataloging. And so most folks are accessing a data catalog through a search interface or maybe they're writing a SQL query and there's SQL recommendations that are being provided by the catalog-- >> Or using a tool that utilizes SQL >> Or using a tool that utilizes SQL, and for most people in a- most employees in a large enterprise when you get those thousands of users, they're using some other tool like Tableau or Microstrategy or, you know, a variety of different data visualization providers or data science tools to actually access that data. So a big part of our strategy at Alation has been, how do we surface this data recommendation engine in those third party products. And then if you think about it, once you're surfacing that information and providing some value to those end users, the next thing you want to do is make sure that they're using that data accurately. And that's a non- trivial problem to solve, because analytics and data is complicated. >> Right >> And metadata is extremely complicated-- >> And metadata is-- because often it's written in a language that's arcane and done to be precise from a data standpoint, that's not easily consumable or easily accessible by your average human being. >> Right, so a label, for example, on a table in a data base might be cust_seg_257, what does that mean? >> It means we can process it really quickly in the system. >> Yeah, but as-- >> But it's useless to a human being-- >> As a marketing manager, right? I'm like, hey, I want to do some customer segmentation analysis and I want to find out if people who live in California might behave differently if I provide them an offer than people that live in Massachusetts, it's not intuitive to say, oh yeah, that's in customer_seg_ so what data catalogs are doing is they're thinking about that marketing manager, they're thinking about that peer business user and helping make that translation between business terminology, "Hey I want to run some customer segmentation analysis for the West" with the technical, physical model, that underlies the data in that data base which is customer_seg_257 is the table you need to access to get the answer to that question. So as organizations start to adapt more self- service analytics, it's important that we're managing not just the data itself and this translation from technical metadata to business metadata, but there's another layer that's becoming even more important as organizations embrace self- service analytics. And that's how is this data actually being processed? What is the logic that is being used to traverse different data sets that end users now have access to. So if I take gender information in one table and I have information on income on another table, and I have some private information that identifies those two customers as the same in those two tables, in some use tables I can join that data, if I'm doing marketing campaigns, I likely can join that data. >> Sure. >> If I'm running a loan approval process here in the United States, I cannot join that data. >> That's a legal limitation, that's not a technical issue-- >> That's a legal, federal, government issue. Right? And so here's where there's a discussion, in folks that are knowledgeable about data and data management, there's a discussion of how do we govern this data? But I think by saying how we govern this data, we're kind of covering up what's actually going on, because you don't have govern that data so much as you have to govern the analysis. How is this joined, how are we combining these two data sets? If I just govern the data for accuracy, I might not know the usage scenario which is someone wants to combine these two things which makes it's illegal. Separately, it's fine, combined, it's illegal. So now we need to think about, how do we govern the analytics themselves, the logic that is being used. And that gets kind of complicated, right? For a marketing manager to understand the difference between those things on the surface is doesn't really make sense. It only makes sense when the context of that government regulation is shared and explained and in the course of your workflow and dragging and dropping in a Tableau report, you might not remember that, right? >> That's right, and the derivative output that you create that other people might then be able to use because it's back in the data catalog, doesn't explicitly note, often, that this data was generated as a combination of a join that might not be in compliance with any number of different rules. >> Right, so about a year and a half ago, we introduced a new feature in our data catalog called Trust Check. >> Yeah, I really like this. This is a really interesting thing. >> And that was meant to be a way where we could alert end users to these issues- hey, you're trying to run the same analytic and that's not allowed. We're going to give you a warning, we're not going to let you run that query, we're going to stop you in your place. So that was a way in the workflow of someone while they're typing a SQL statement or while they're dragging and dropping in Tableau to surface that up. Now, some of the vendors we work with, like Tableau, have doubled down on this concept of how do they integrate with an enterprise data catalog to make this even easier. So at Tableau conference last week, they introduced a new metadata API, they introduced a Tableau catalog, and the opportunity for these type of alerts to be pushed into the Tableau catalog as well as directly into reports and worksheets and dashboards that end users are using. >> Let me make sure I got this. So it means that you can put a lot of the compliance rules inside Alation and have a metadata API so that Alation effectively is governing the utilization of data inside the Tableau catalog. >> That's right. So think about the integration with Tableau is this communication mechanism to surface up these policies that are stored centrally in your data catalog. And so this is important, this notion of a central place of reference. We used to talk about data catalogs just as a central place of reference for where all your data assets lie in the organizations, and we have some automated ways to crawl those sources and create a centralized inventory. What we've added in our new release, which is coming out here shortly, is the ability to centralize all your policies in that catalog as well as the pointers to your data in that catalog. So you have a single source of reference for how this data needs to be governed, as well as a single source of reference for how this data is used in the organization. >> So does that mean, ultimately, that someone could try to do something, trust check and say, no you can't, but this new capability will say, and here's why or here's what you do. >> Exactly. >> A descriptive step that says let me explain why you can't do it. >> That's right. Let me not just stop your query and tell you no, let me give you the details as to why this query isn't a good query and what you might be able to do to modify that query should you still want to run it. And so all of that context is available for any end user to be able to become more aware of what is the system doing, and why is recommending. And on the flip side, in the world before we had something like Trust Check, the only opportunity for an IT Team to stop those queries was just to stop them without explanation or to try to publish manuals and ask people to run tests, like the DMV, so that they memorized all those rules of governance. >> Yeah, self- service, but if there's a problem you have to call us. >> That's right. That's right. So what we're trying to do is trying to make the work of those governance teams, those IT Teams, much easier by scaling them. Because we all know the volume of data that's being created, the volume of analysis that's being created is far greater than any individual can come up with, so we're trying to scale those precious data expert resources-- >> Digitize them-- >> Yeah, exactly. >> It's a digital transformation of how we acquire data necessary-- >> And then-- >> for data transformation. >> make it super transparent for the end user as to why they're being told yes or no so that we remove this friction that's existed between business and IT when trying to perform analytics. >> But I want to build a little bit on one of the things I thought I heard you say, and that is that the idea that this new feature, this new capability will actually prescribe an alternative, logical way for you to get your information that might be in compliance. Have I got that right? >> Yeah, that's right. Because what we also have in the catalog is a workflow that allows individuals called Stewards, analytics Stewards to be able to make recommendations and certifications. So if there's a policy that says though shall not use the data in this way, the Stewards can then say, but here's an alternative mechanism, here's an alternative method, and by the way, not only are we making this as a recommendation but this is certified for success. We know that our best analysts have already tried this out, or we know that this complies with government regulation. And so this is a more active way, then, for the two parties to collaborate together in a distributed way, that's asynchronous, and so it's easy for everyone no matter what hour of the day they're working or where they're globally located. And it helps progress analytics throughout the organization. >> Oh and more importantly, it increases the likelihood that someone who is told you now have self- service capability doesn't find themselves abandoning it the first time that somebody says no, because we've seen that over and over with a lot of these query tools, right? That somebody says, oh wow, look at this new capability until the screen, you know, metaphorically, goes dark. >> Right, until it becomes too complicated-- >> That's right-- >> and then you're like, oh I guess I wasn't really trained on this. >> And then they walk away. And it doesn't get adopted. >> Right. >> And this is a way, it's very human centered way to bring that self- service analyst into the system and be a full participant in how you generate value out of it. >> And help them along. So you know, the ultimate goal that we have as an organization, is help organizations become our customers, become data literate populations. And you can only become data literate if you get comfortable working with the date and it's not a black box to you. So the more transparency that we can create through our policy center, through documenting the data for end users, and making it more easy for them to access, the better. And so, in the next version of the Alation product, not only have we implemented features for analytic Stewards to use, to certify these different assets, to log their policies, to ensure that they can document those policies fully with examples and use cases, but we're also bringing to market a professional services offering from our own team that says look, given that we've now worked with about 20% of our installed base, and observed how they roll out Stewardship initiatives and how they assign Stewards and how they manage this process, and how they manage incentives, we've done a lot of thinking about what are some of the best practices for having a strong analytics Stewardship practice if you're a self- service analytics oriented organization. And so our professional services team is now available to help organizations roll out this type of initiative, make it successful, and have that be supported with product. So the psychological incentives of how you get one of these programs really healthy is important. >> Look, you guys have always been very focused on ensuring that your customers were able to adopt valued proposition, not just buy the valued proposition. >> Right. >> Stephanie McReynolds, Senior Vice President of Marketing Relation, once again, thanks for being on theCUBE. >> Thanks for having me. >> And thank you for joining us for another CUBE conversation. I'm Peter Burris. See you next time.

(upbeat music) >> Announcer: From our studios in the heart of Silicon Valley, Palo Alto, California, This is a Cube Conversation. >> Hello and welcome to theCUBE studios in Palo Alto, California for another Cube Conversation. Where we go in depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. Michael Segal is the product manager, or Area Vice President of Strategic Alliances in NetScout Systems. Michael, we are sitting here in theCUBE studios in Palo Alto in November of 2019, re:Invent 2019 is right around the corner. NetScout and AWS are looking to do some interesting things. Why don't you give us an update of what's happening. >> Yeah, just very brief introduction of what NetScout actually does. So, NetScout assures service, performance and security for the largest enterprises and service providers in the world. We do it for something we refer to as visibility without borders by providing actionable intelligence necessary to very quickly identify the root cause of either performance or security issues. So with that, NetScout, partnering very closely with AWS. We are an advanced technology partner, which is the highest tier for ISVs of partnership. This enables us to partner with AWS on a wide range of activities including technology alignment with road map and participating in different launch activities of new functionality from AWS. It enables us to have go-to market activities together, focusing on key campaigns that are relevant for both AWS and NetScout. And it enables us also to collaborate on sales initiatives. So, with this wide range of activities, what we can offer is a win-win-win situation for our customers, for AWS, and for NetScout. So, from customers' perspective, beyond the fact that NetScout offering is available in AWS marketplace, now this visibility without borders that I mentioned, helps our customers to navigate through their digital transformation journey and migrate to AWS more effectively. From AWS perspective, the win is their resources are now consumed by the largest enterprises in the world, so it accelerates the consumption of compute, storage, networking, database resources in AWS. And for NetScout, this is strategically important because now NetScout becoming a strategic partner to our large enterprise customers as they navigate their digital transformation journey. So that's why it's really important for us to collaborate very, very efficiently with AWS. It's important to our customers, and it's important to AWS. >> And you're going to be at re:Invent. You're actually going to be speaking, as I understand. What are you going to be talking about? >> So we are going to be talking about best practices of migrating to AWS. NetScout also is a platinum sponsor for the re:Invent show. This demonstrates our commitment to AWS, and the fact that we want to collaborate and partner with them very, very efficiently. And beyond that also, NetScout partnered with AWS on the launch of what is referred to as Amazon VPC traffic mirroring. And, this functionality enables us to acquire traffic data and packet data very efficiently in AWS. And it's part of the technology aligns that we have with AWS and demonstrates how we utilize these technology aligns to extend NetScout visibility without borders to AWS cloud. >> There's no reason to make AWS cloud a border. >> Michael Segal: Exactly. >> Michael Segal, NetScout Systems. Thanks very much for being on theCUBE. >> Thank you for having me. >> And, once again we'd like to thank you for joining us for another Cube Conversation. Until next time. (upbeat music)

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hello and welcome to the cube studios in Palo Alto California for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris almost everybody's heard of the term black hat and white hat and it constitutes groups of individuals that are either attacking or defending security challenges it's been an arms race for the past 10 20 30 years as the world has become more digital and an arms race that many of us are concern that black hats appear to have the upper hand but there's new developments in technology and new classes of tooling that are actually racing to the aid of white hats and could very well upset that equilibrium in favor of the white hats to have that conversation about the Ascension of the white hats we're joined by Derek manky who's chief security insights and global threat alliances lead at Ford Annette dereck thanks for joining us for another cube conversation it's always a pleasure speaking yeah all right Derrick let's start what's going on afforda labs at four Dannette so 2019 we've seen a ton of development a lot pretty much on track with our predictions when we talked last year obviously a big increase in volume thanks offense of automation we're also seeing low volume attacks that are disrupting big business models I'm talking about targeted ransom attacks right you know criminals that are able to get into networks caused millions of dollars of damages thanks to critical revenue streams being out usually in the public sector we've seen a lot of this we've seen a rise in sophistication the adversary's are not slowing down AET s advanced evasion techniques are on the rise and so you know to do this and for the guard loves to be able to track this and map this we're not just relying on blogs anymore and you know 40 50 page white papers so we're actually looking at that playbooks now mapping the adversary's understanding their tools techniques procedures how they're operating why they're operating who are they hitting on and what what might be their next move so that's a big development on the intelligence sides here all right so I mentioned upfront this notion that the white hats may be ascending I'm implying a prediction here tell us a little bit about what we see on the horizon for that concept of the white hats ascending and specifically why is there reason to be optimistic yeah so as it's it's it's been gloomy for you for decades like he said and for many reasons right and I think those reasons there are no secrets I mean cyber criminals and black hats have always been able to move very you know with with agility right I'm sorry crime has no borders it's often a slap on the wrist that they get they can do a million things are on they don't care there's no ethics and quite frankly no no rules by right on the white hand side we've always had rules binding us we've had to we've had to take due care and we've had to move methodically which slows us down so a lot of that comes in place because of frameworks because of technology as well having to move um after it's in able to it with frameworks so specifically with you know making corrective action and things like that so those are the challenges that we face against but you know like thinking ahead to to 2020 particularly with the use of artificial intelligence everybody talks about AI you know it's it's impacted our daily lives but when it comes to cybersecurity on the white hat side um you know a proper AI and machine learning model it takes time you think it can take you years in fact in our case in our experience about four to five years before we can actually roll it out to production but the good news is that we have been investing and when I say we I'm just talking to the industry in general and wait we've been investing into this technology because quite frankly we've had to it takes a lot of data it takes a lot of smart minds a lot of investment a lot of processing power and that foundation has now been set over the last five years if we look at the blackcats it's not the case and why because they've been enjoying living off the land on a low-hanging truth path of least resistance because they've been able to so one of the things that's changing that equilibrium then is the availability of AI as you said it could take four or five years to get to a point we've actually got useful AI is it can have an impact I guess that means that we've been working on these things for four or five years what's the state of the art with AI as it pertains to security and are we seeing different phases of development start to emerge as we gain more experience with these technologies yeah absolutely and it's quite exciting right ai isn't this universal brain that's that's always good the world's problems that everyone thinks it might right it's very specific it relies on machine learning models each machine learning model is very specific to its task right I mean you know voice learning technology versus autonomous vehicle driving versus cybersecurity it's very different when it comes to the swimming purposes so so in essence the way I look at it you know there's three generations of AI we have generation 1 which was the past generation 2 which is a current where we are now and the generation 3 is where we're going so generation 1 was pretty simple right it was just a central processing lyrtle of machine learning model that'll take in data they'll correlate that data and then take action based off of it some simple inputs simple output right generation to where we're currently sitting is more advances looking at pattern recognition more advanced inputs are distributed models where we have the you know sensor is lying around networks I'm talking about even IOT devices security appliances and so forth but still report up to this centralized brain that's learning and acting on things but where things get really interesting moving forward in 2020 gets into this third generation where you have especially you know moving towards about computer sorry I'm computing where you have localized learning notes that are actually processing and learning so you can think of them as these mini brains instead of having this monolithic centralized brain you have individual learning modes individual brains doing their own machine learning that are actually connected to each other learning from each other speaking to each other it's a very powerful model we actually refer to this as federated machine learning in our industry so we've been first phase we simply use statistics to correlate events take action yeah now we're doing exceptions pattern recognition or exceptions and building patterns and in the future we're going to be able to further distribute at that so that increasingly the AI is going to work with other AI so that the aggregate this federated aggregate gets better I got that right yeah absolutely and what's the advantage of that a couple of things I'm it's very similar to the human immune system right I mean if you have you know if I were to cut my finger on my hand what's gonna happen well localized white blood cells get localized not nothing from a foreign entity or further away in my body are gonna come to the rescue and start healing right it's the same idea it's because it's interconnected within the nervous system it's the same idea of this federated machine learning right if security appliance is to detect a threat locally on-site its able to alert other security appliances so that they can actually take action on this and learn from that as well so connected machine learning models it means that that you know by properly implementing these these AI this federated AI machine learning models in an organization that that system is able to actually in an auto you may pick up what that threat is be able to act on that threat which means it's able to respond to these threats quicker shut them down to the point where it can be you know virtually instantaneous right before you know that the damage is done and bleeding starts happening so the common time safe common baseline is constantly getting better even as we're giving opportunities for local local managers to perform the work in response to local conditions so that takes us to the next notion of we've got this federated a la a I on the horizon how are people how is the role of people security professionals going to change what kind of recipes are they going to follow to ensure that they are working in a maximally productive way with these new capabilities these new federated capabilities especially as we think about the introduction of 5g and greater density of devices and faster speeds and lower latencies yeah so you know that the the the the world of cyber computer cyber security has always been incredibly complex so we're trying to simplify that and that's where again this this federated machine learning comes into place particularly with playbooks so you know if we look at 2019 and where we're going in 2020 we've put a lot of a lot of groundwork quite frankly into pioneering the work of playbooks right so when I say playbooks I'm talking about adversary's playbook knowing the offense knowing the tools techniques procedures the way that these cybercrime operations are moving right and the black hats are moving the more that we can understand that the more we can predict their next move and that centralized language right once you know that offense we can start to create automated Blue Team playbook so defensive play books that a human that that's a security technology can automatically integrate and respond to it but to getting back to your question we can actually create human readable sea cecil guides that can actually say look there's a threat here's why it's a problem here's here here are the gaps in your security that we've identified if you're some recommended course of action as my deity right so that's that's where the humans and the machines are really going to be worked working together and and quite frankly moving speed being able to do that a machine level but also being being able to simplify a complex landscape that is where we can actually gain traction right that this is part of that ascendancy of the white hat because because it's it's allowing us to move in a more agile nature it's an it's allowing us to gain ground against heat actors and quite frankly it allows us to start disrupting their business model right it's more resilient Network in the future this leads to the whole notion of self-healing networks as well that quite frankly just makes it a big pain it disrupts your business model it forces them to go back to the drawing board - well it also seems as though when we start talking about 5g that the speeds as I said the speeds the dentin see the reduced latency the the potential for a bad thing to propagate very quickly demands that we have a more consistent coherent response at both the Machine level but also at the people level we 5g into this conversation what's what will be the impact of 5g on how these playbooks and AI start to come together over the next few years yeah it's it's it's it's gonna be very impactful it's gonna take a couple of years and we're just at the dawn of 5g right now but if you think of 5g you're talking about a lot more volume essentially as we move to the future we're entering into the age of five G and edge computing and 5g and edge computing is gonna start eating the cloud in a sense that more of that processing power that was in the cloud is starting to shift now towards edge computing right this is that on-premises so it is gonna allow models like I was talking about federated machine learning models at first from the the white hats point of view which I again I think we are in the driver's seat and in a better you know more advantageous position here because we have more experience again like I said we've been doing this for years where the black hats quite frankly haven't yes they're toying with it but not to the same level at scale that we have but you know you know it's I'm always a realist this isn't a completely rosy picture I mean there it is optimistic that we are able to get this upper hand it has to be done right but if we think about the weaponization of 5g that's also very large problem right last year we're talking about sworn networks right the idea of sworn networks is a whole bunch of devices that can connect to each other share intelligence and then act to do something like a large-scale DDoS attack that's absolutely in the in the realm of possibility when it comes to the weaponization of 5g as well so one of the things I guess the last question I want to ask you is you noted that these play books incorporate the human element in ways that are uniquely human so having C so readable recipes for how people have to respond does that also elevate the conversation with the business and does allows us to do a better job of understanding risk pricing risk and appropriately investing to manage and assure the business against risk in the right way absolutely absolutely it does yeah yeah because the more you know about going back to the playbook some more you know about the office and their tools you know you the more you know about how much of a danger it is what sort of targets they're after right I mean if they're just going trying to look to to to collect a little bit of information on you know to do some reconnaissance that first phase attack might not cause a lot of damage but if this group is knowing to go in hit hard steal intellectual property shut down critical business streams to do s that in the past we know and we've seen has caused four or five million dollars from one you know from one breach that's a very good way to start classifying risk so yeah I mean it's all about really understanding the picture first on the offense and that's exactly what these automated playbook guides are going to be doing on the on the on the blue team and again not only from a CSE suite perspective certainly that on the human level but the nice thing about the play books is because we've done the research the threat hunting and understood this you know from a machine level it's also able to put a lot of those automated let's say day-to-day decisions making security operation center is so I'm talking about like sect DevOps much more efficient to so he's talking about more density at the edge amongst these devices I also want to bring back one last thought here and that is you said that historically some of the black hats have been able to act with a degree of impunity they haven't necessarily been hit hard there a lot of slapping on the wrist as I think you said talk about how the playbooks and AI is going to allow them to more appropriately share data with others that can help both now but also in some of the forensics and the the enforcement side namely the the legal and policing world how are we going to share the responsibility or how is that going to change over the next few years to incorporate some of the folks that actually can then turn a defense into a legal attack illumination this is what I call it right so again if we look at the current state we've made great strides great progress you know working with law enforcement so we've set up public private sector relationships we need to do that have security experts working with law enforcement law enforcement working on there and to train process prosecutors to understand cybercrime and so forth that foundation has been set but it's still slow-moving you know there's only a limited amount of playbooks right now it takes a lot of work to unearth and and and do to really move the needle what we need to do again like we're talking about is to integrate artificial intelligence with playbooks the more that we understand about groups the more that we do this threat illumination the more we have cover about them the more we know about them and by doing that we can start to form predictive models right basically I always say old habits die hard so you know if an attacker goes in hits a network and they're successful following a certain sequence of patterns they're likely going to follow that say that's that same sequence on their next victim or their next target so the more that we understand about that the more that we can forecast eight from a mitigation standpoint but the also by the same token the more correlation we're doing on these playbooks the more machine learning we're doing on this playbooks the more we were able to do attribution and attribution is the Holy Grail it's always been the toughest thing to do when it comes to research but by combining the framework that we're using with playbooks and AI machine learning it's a very very powerful recipe and that's that's what we need to get right and move forward in the right direction Derrick McKey ordinance chief of security insights and threat alliances thanks again for being on the cube it's a pleasure anytime happy to talk and I want to thank you for joining us for another cube conversation I'm Peter Burris see you next time [Music]

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hello and welcome to the cube studios in Palo Alto California for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris almost everybody's heard of the term black hat and white hat and it constitutes groups of individuals that are either attacking or defending security challenges it's been an arms race for the past 10 20 30 years as the world has become more digital and an arms race that many of us are concern that black hats appear to have the upper hand but there's new developments in technology and new classes of tooling that are actually racing to the aid of white hats and could very well upset that equilibrium in favor of the white hats to have that conversation about the Ascension of the white hats we're joined by Derek manky who's chief security insights and global threat alliances lead at Ford Annette dereck thanks for joining us for another cube conversation it's always a pleasure speaking yeah all right Derrick let's start what's going on afforda labs at four Dannette so 2019 we've seen a ton of development a lot pretty much on track with our predictions when we talked last year obviously a big increase in volume thanks offense of automation we're also seeing low volume attacks that are disrupting big business models I'm talking about targeted ransom attacks right you know criminals that are able to get into networks caused millions of dollars of damages thanks to critical revenue streams being out usually in the public sector we've seen a lot of this we've seen a rise in sophistication the adversary's are not slowing down AET s advanced evasion techniques are on the rise and so you know to do this and for the guard loves to be able to track this and map this we're not just relying on blogs anymore and you know 40 50 page white papers so we're actually looking at that playbooks now mapping the adversary's understanding their tools techniques procedures how they're operating why they're operating who are they hitting on and what what might be their next move so that's a big development on the intelligence sides here all right so I mentioned upfront this notion that the white hats may be ascending I'm implying a prediction here tell us a little bit about what we see on the horizon for that concept of the white hats ascending and specifically why is there reason to be optimistic yeah so as it's it's it's been gloomy for you for decades like he said and for many reasons right and I think those reasons there are no secrets I mean cyber criminals and black hats have always been able to move very you know with with agility right I'm sorry crime has no borders it's often a slap on the wrist that they get they can do a million things are on they don't care there's no ethics and quite frankly no no rules by right on the white hand side we've always had rules binding us we've had to we've had to take due care and we've had to move methodically which slows us down so a lot of that comes in place because of frameworks because of technology as well having to move um after it's in able to it with frameworks so specifically with you know making corrective action and things like that so those are the challenges that we face against but you know like thinking ahead to to 2020 particularly with the use of artificial intelligence everybody talks about AI you know it's it's impacted our daily lives but when it comes to cybersecurity on the white hat side um you know a proper AI and machine learning model it takes time you think it can take you years in fact in our case in our experience about four to five years before we can actually roll it out to production but the good news is that we have been investing and when I say we I'm just talking to the industry in general and wait we've been investing into this technology because quite frankly we've had to it takes a lot of data it takes a lot of smart minds a lot of investment a lot of processing power and that foundation has now been set over the last five years if we look at the blackcats it's not the case and why because they've been enjoying living off the land on a low-hanging truth path of least resistance because they've been able to so one of the things that's changing that equilibrium then is the availability of AI as you said it could take four or five years to get to a point we've actually got useful AI is it can have an impact I guess that means that we've been working on these things for four or five years what's the state of the art with AI as it pertains to security and are we seeing different phases of development start to emerge as we gain more experience with these technologies yeah absolutely and it's quite exciting right ai isn't this universal brain that's that's always good the world's problems that everyone thinks it might right it's very specific it relies on machine learning models each machine learning model is very specific to its task right I mean you know voice learning technology versus autonomous vehicle driving versus cybersecurity it's very different when it comes to the swimming purposes so so in essence the way I look at it you know there's three generations of AI we have generation 1 which was the past generation 2 which is a current where we are now and the generation 3 is where we're going so generation 1 was pretty simple right it was just a central processing lyrtle of machine learning model that'll take in data they'll correlate that data and then take action based off of it some simple inputs simple output right generation to where we're currently sitting is more advances looking at pattern recognition more advanced inputs are distributed models where we have the you know sensor is lying around networks I'm talking about even IOT devices security appliances and so forth but still report up to this centralized brain that's learning and acting on things but where things get really interesting moving forward in 2020 gets into this third generation where you have especially you know moving towards about computer sorry I'm computing where you have localized learning notes that are actually processing and learning so you can think of them as these mini brains instead of having this monolithic centralized brain you have individual learning modes individual brains doing their own machine learning that are actually connected to each other learning from each other speaking to each other it's a very powerful model we actually refer to this as federated machine learning in our industry so we've been first phase we simply use statistics to correlate events take action yeah now we're doing exceptions pattern recognition or exceptions and building patterns and in the future we're going to be able to further distribute at that so that increasingly the AI is going to work with other AI so that the aggregate this federated aggregate gets better I got that right yeah absolutely and what's the advantage of that a couple of things I'm it's very similar to the human immune system right I mean if you have you know if I were to cut my finger on my hand what's gonna happen well localized white blood cells get localized not nothing from a foreign entity or further away in my body are gonna come to the rescue and start healing right it's the same idea it's because it's interconnected within the nervous system it's the same idea of this federated machine learning right if security appliance is to detect a threat locally on-site its able to alert other security appliances so that they can actually take action on this and learn from that as well so connected machine learning models it means that that you know by properly implementing these these AI this federated AI machine learning models in an organization that that system is able to actually in an auto you may pick up what that threat is be able to act on that threat which means it's able to respond to these threats quicker shut them down to the point where it can be you know virtually instantaneous right before you know that the damage is done and bleeding starts happening so the common time safe common baseline is constantly getting better even as we're giving opportunities for local local managers to perform the work in response to local conditions so that takes us to the next notion of we've got this federated a la a I on the horizon how are people how is the role of people security professionals going to change what kind of recipes are they going to follow to ensure that they are working in a maximally productive way with these new capabilities these new federated capabilities especially as we think about the introduction of 5g and greater density of devices and faster speeds and lower latencies yeah so you know that the the the the world of cyber computer cyber security has always been incredibly complex so we're trying to simplify that and that's where again this this federated machine learning comes into place particularly with playbooks so you know if we look at 2019 and where we're going in 2020 we've put a lot of a lot of groundwork quite frankly into pioneering the work of playbooks right so when I say playbooks I'm talking about adversary's playbook knowing the offense knowing the tools techniques procedures the way that these cybercrime operations are moving right and the black hats are moving the more that we can understand that the more we can predict their next move and that centralized language right once you know that offense we can start to create automated Blue Team playbook so defensive play books that a human that that's a security technology can automatically integrate and respond to it but to getting back to your question we can actually create human readable sea cecil guides that can actually say look there's a threat here's why it's a problem here's here here are the gaps in your security that we've identified if you're some recommended course of action as my deity right so that's that's where the humans and the machines are really going to be worked working together and and quite frankly moving speed being able to do that a machine level but also being being able to simplify a complex landscape that is where we can actually gain traction right that this is part of that ascendancy of the white hat because because it's it's allowing us to move in a more agile nature it's an it's allowing us to gain ground against heat actors and quite frankly it allows us to start disrupting their business model right it's more resilient Network in the future this leads to the whole notion of self-healing networks as well that quite frankly just makes it a big pain it disrupts your business model it forces them to go back to the drawing board - well it also seems as though when we start talking about 5g that the speeds as I said the speeds the dentin see the reduced latency the the potential for a bad thing to propagate very quickly demands that we have a more consistent coherent response at both the Machine level but also at the people level we 5g into this conversation what's what will be the impact of 5g on how these playbooks and AI start to come together over the next few years yeah it's it's it's it's gonna be very impactful it's gonna take a couple of years and we're just at the dawn of 5g right now but if you think of 5g you're talking about a lot more volume essentially as we move to the future we're entering into the age of five G and edge computing and 5g and edge computing is gonna start eating the cloud in a sense that more of that processing power that was in the cloud is starting to shift now towards edge computing right this is that on-premises so it is gonna allow models like I was talking about federated machine learning models at first from the the white hats point of view which I again I think we are in the driver's seat and in a better you know more advantageous position here because we have more experience again like I said we've been doing this for years where the black hats quite frankly haven't yes they're toying with it but not to the same level at scale that we have but you know you know it's I'm always a realist this isn't a completely rosy picture I mean there it is optimistic that we are able to get this upper hand it has to be done right but if we think about the weaponization of 5g that's also very large problem right last year we're talking about sworn networks right the idea of sworn networks is a whole bunch of devices that can connect to each other share intelligence and then act to do something like a large-scale DDoS attack that's absolutely in the in the realm of possibility when it comes to the weaponization of 5g as well so one of the things I guess the last question I want to ask you is you noted that these play books incorporate the human element in ways that are uniquely human so having C so readable recipes for how people have to respond does that also elevate the conversation with the business and does allows us to do a better job of understanding risk pricing risk and appropriately investing to manage and assure the business against risk in the right way absolutely absolutely it does yeah yeah because the more you know about going back to the playbook some more you know about the office and their tools you know you the more you know about how much of a danger it is what sort of targets they're after right I mean if they're just going trying to look to to to collect a little bit of information on you know to do some reconnaissance that first phase attack might not cause a lot of damage but if this group is knowing to go in hit hard steal intellectual property shut down critical business streams to do s that in the past we know and we've seen has caused four or five million dollars from one you know from one breach that's a very good way to start classifying risk so yeah I mean it's all about really understanding the picture first on the offense and that's exactly what these automated playbook guides are going to be doing on the on the on the blue team and again not only from a CSE suite perspective certainly that on the human level but the nice thing about the play books is because we've done the research the threat hunting and understood this you know from a machine level it's also able to put a lot of those automated let's say day-to-day decisions making security operation center is so I'm talking about like sect DevOps much more efficient to so he's talking about more density at the edge amongst these devices I also want to bring back one last thought here and that is you said that historically some of the black hats have been able to act with a degree of impunity they haven't necessarily been hit hard there a lot of slapping on the wrist as I think you said talk about how the playbooks and AI is going to allow them to more appropriately share data with others that can help both now but also in some of the forensics and the the enforcement side namely the the legal and policing world how are we going to share the responsibility or how is that going to change over the next few years to incorporate some of the folks that actually can then turn a defense into a legal attack illumination this is what I call it right so again if we look at the current state we've made great strides great progress you know working with law enforcement so we've set up public private sector relationships we need to do that have security experts working with law enforcement law enforcement working on there and to train process prosecutors to understand cybercrime and so forth that foundation has been set but it's still slow-moving you know there's only a limited amount of playbooks right now it takes a lot of work to unearth and and and do to really move the needle what we need to do again like we're talking about is to integrate artificial intelligence with playbooks the more that we understand about groups the more that we do this threat illumination the more we have cover about them the more we know about them and by doing that we can start to form predictive models right basically I always say old habits die hard so you know if an attacker goes in hits a network and they're successful following a certain sequence of patterns they're likely going to follow that say that's that same sequence on their next victim or their next target so the more that we understand about that the more that we can forecast eight from a mitigation standpoint but the also by the same token the more correlation we're doing on these playbooks the more machine learning we're doing on this playbooks the more we were able to do attribution and attribution is the Holy Grail it's always been the toughest thing to do when it comes to research but by combining the framework that we're using with playbooks and AI machine learning it's a very very powerful recipe and that's that's what we need to get right and move forward in the right direction Derrick McKey ordinance chief of security insights and threat alliances thanks again for being on the cube it's a pleasure anytime happy to talk and I want to thank you for joining us for another cube conversation I'm Peter Burris see you next time [Music]

(upbeat music) >> From our studios, in the heart of Silicon Valley, Palo Alto, California, this is a CUBE Conversation. >> Hello and welcome to the CUBE studio in Palo Alto, California for another CUBE Conversation. Where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. Every business wants Cloud, every business wants digital transformation, but the challenge is, what do you do with the data? How do you ensure that your data is set up so that you can take greater advantage of it, create more classes of business options in a digital world, while at the same time having the flexibility, the agility that you need from a storage and infrastructure standpoint to not constrain the business as it tries to move forward. It's a big topic that a lot of customers are facing. To have that conversation, we are joined by Matt Kixmoeller, who is the Vice President of Strategy at Pure Storage. Matt, welcome back to the CUBE. >> Thanks, Peter. >> So lets dispense with the necessaries. Update from Pure. >> It's a fun time at Pure, we just hit our tenth birthday, and we're fresh off the heels of our Accelerate Conference down in Austin, where we had a lot of good product news and talked a lot about what the next decade's going to be all about. >> So, one of the things you mentioned down in Austin was the notion of the modern data experience. I want to really highlight that notion of experience because that's kind of the intersection with the Cloud experience. So, talk a little bit about how the experience word in modern data and cloud is coming together. >> Absolutely, so ya know the Cloud has forever changed IT's expectation of how tech needs to work, and I think the most archaic layer in a lot of ways right now is storage, and so we've done a lot within our platform to modernize for Cloud, link to the Cloud, deliver an all flash experience, but more interesting perhaps is also just reacting to the changing nature of how customers want to use storage and procure storage. >> And that means that they don't want to buy in advance of their needs. >> I think the key thing is as a service on demand right? And, ya know it's interesting when you consider both the usage and consumption as well as the purchase pattern, right? Um, if you think about the usage and consumption, it's all about on demand and automation, and perhaps one of the best examples I can give you is the transformation around containers. Um, ya know, we see all of our call home data from our customers, and how they use the arrays obviously, and your typical array has just a handful of management operations per day, where someone changes something, provision, storage, you name it. If you look at our container environment, ya know we have a tool called PSO, Pure Service Orchestrator that orchestrates our storage as part of a container environment, and a PSO based array does thousands of these operations a day. And so, it's very obvious that if you're having to deal with the fluidity of the container Cloud, there's no way you're going to have a human admin sitting there, clicking yes, yes, yes, or doing anything like that type of provision storage. You have to plumb for automation from the beginning. >> So that's a great example of the experience necessarily must be different, where you can't use a manual approach of doing things, you have to use more of an automated approach, so as you start to consider these issues, how is that informing the evolution of the modern data experience at Pure? >> I think it's an automated first world, and you have to really prepare yourself for plumbing everything for automation for APIs, for orchestration, as opposed to thinking about processes manually. Um, we've also seen as a vendor, it's changed how people want to consume, and you know, the concepts of more Opex-based on-demand consumption are also coming to storage, and so, last year, we introduced, um, ya know one of the first models in the industry in this regard that we called, at the time, ES2, and we broadened that and launched it again this year at Accelerate, expanding it to the entire Pure Business, and called it Pure as a service. >> So, what we now have is we now have, at least, from Pure, the option to think about how I'm going to match my storage consumption with my storage spend, which is especially important in a world where, by some aspect, storage or data is growing in volumes, from a volume perspective, at 35, 40% per anum. You don't want to have to buy four years of data out because you're growing that fast, and use it today. So as you think about this, what does Pure do next with the marriage of the Cloud experience and the modern date experience? >> Well, I think a key thing, particularly around this consumption world, is to give people flexibility between On-Prem and Cloud. Ya know, we did a lot in the show to announce news around how we're linking our On-Prem offerings with the Cloud with our Cloud Block Store offering to allow workloads to move back and forth, but what if I own On-Prem storage and I want to use the Cloud. And so another thing we did as part of Pure as a service is allow for that subscription to go either direction. You might be a customer that subscribes to 100 terabytes of Pure On-Prem, and then tomorrow you get the edict that says lets move half that to the Cloud. No problem, you can move 50 terabytes to the Cloud and not pay us another dime. The next day, you want to move back. You can do that again as well, and so we've thought about how we can really evolve those procurement processes such that they are just as agile and just as flexible as a Cloud model. >> Matt Kixmoeller, Pure Storage, thanks again for being on the CUBE. >> Thank you, Peter. >> And thank you for joining us for another CUBE conversation. I'm Peter Burris. See you next time. (upbeat music)

(upbeat jazz music) [Woman] - From our Studios in the heart of Silicon Valley, Palo Alto, California, this is a CUBE conversation. >> Hello and welcome to theCUBE Studios in Palo Alto, California, for another CUBE conversation, where we go in depth with thought leaders driving innovation across tech industry. I'm your host Peter Burris. Almost everybody's heard of the term black-hat and white-hat. And it constitutes groups of individuals that are either attacking or defending security challenges. It's been an arms race for the past 10, 20, 30 years as the worlds become more digital. And an arms race that many of us are concerned that black-hats appear to have the upper hand. But there's new developments in technology and new classes of tooling that are actually racing to the aid of white-hats and could very well upset that equilibrium in favor of the white-hats. To have that conversation about the ascension of the white-hats, we're joined by Derek Manky, who's the Chief Security Insights & Global Threat Alliances lead at Fortinet. Derek, thanks for joining us for another CUBE conversation. >> It's always a pleasure speaking with you. [Peter] - All right. [Derek] - Happy to be here. >> Derek, let's start, what's going on at FortiLabs at Fortinet? >> So 2019, we've seen a ton of development, a lot pretty much on track with our predictions when we talked last year. Obviously a big increase in volume, thanks to offensive automation. We're also seeing low volume attacks that are disrupting big business models. I'm talking about targeted ransom attacks, right. But, you know, criminals that are able to get into networks, cause millions of dollars of damages thanks to critical revenue streams being held. Usually in the public sector we've seen a lot of this. We've seen a rise in sophistication's, the adversaries are not slowing down. AET's, the mass evasion techniques are on the rise. And so, you know, to do this on FortiGaurd Labs, to be able to track this and map this, we're not just relying on logs anymore and, you know, 40, 50 page white papers. So, we're actually looking at that playbooks now, mapping the adversaries, understanding their tools, techniques, procedures, how they're operating, why they're operating, who are they hitting and what might be their next moves. So that's a bit development on the intelligence side too. >> All right, so imagine a front this notion that the white-hats might be ascending. I'm implying a prediction here. Tell us a little bit about what we see on the horizon for that concept of the white-hats ascending and specifically, why is a reason to be optimistic? >> Yeah, so it's been gloomy for decades like you said. And for many reasons, right, and I think those reasons are no secrets. I mean, cyber criminals and black-hats have always been able to move very, you know, with agility right. Cyber crime has no borders. It's often a slap on the wrist that they get. They can do a million things wrong, they don't care, there's no ethics and quite frankly no rules binding them right. On the white-hand side, we've always had rules binding us, we've had to take due care and we've had to move methodically, which slows us down. So, a lot of that comes in place because of frameworks, because of technology as well, having to move after it's enabled to with frameworks, specifically with making corrective action and things like that. So, those are the challenges that we faced against. But you know like, thinking ahead to 2020, particularly with the use of artificial intelligence, everybody talks about AI, it's impacted our daily lives, but when it comes to cyber security, on the white-hat side a proctor AI and machine learning model takes times. It can take years. In fact in our case, our experience, about four to five years before we can actually roll it out to production. But the good news is, that we have been investing, and when I say we, I'm just talking to the industry in general and white-hat, we've been investing into this technology because quite frankly we've had to. It takes a lot of data, it takes a lot of smart minds, a lot of investment, a lot of processing power and that foundation has now been set over the last five years. If we look at the black-hats, it's not the case. And why? Because they've been enjoying living off the land on low hanging fruit. Path of least resistance because they have been able to. >> So, what are the things that's changing that, equilibrium then, is the availability of AI and as you said, it could take four, five years to get to a point where we've actually got useful AI that can have an impact. I guess that means that we've been working on these things for four, five years. What's the state of the art with AI as it pertains to security, and are we seeing different phases of development start to emerge as we gain more experience with these technologies? >> Yeah, absolutely. And it's quite exciting right. AI isn't this universal brain that solves the worlds problems that everyone thinks it might be right. It's very specific, it relies on machine learning models. Each machine learning model is very specific to it's task right, I mean, you know, voice learning technology versus autonomous vehicle jobbing versus cyber security, is very different when it comes to these learning purposes. So, in essence the way I look at it, you know, there's three generations of AI. We have generation one, which was the past. Generation two, which is the current, where we are now and the generation three is where we're going. So, generation one was pretty simple right. It was just a central processing alert machine learning model that will take in data, correlate that data and then take action based off of it. Some simple inputs, simple output right. Generation two where we're currently sitting is more advanced. It's looking at pattern recognition, more advanced inputs, distributed models where we have sensors lying around networks. I'm talking about even IoT devices, security appliances and so forth, that still record up to this centralized brain that's learning it and acting on things. But where things get really interesting moving forward in 2020 gets into this third generation where you have especially moving towards cloud computer, sorry, edge computing, is where you have localized learning nodes that are actually processing and learning. So you can think of them as these mini brains. Instead of having this monolithic centralized brain, you have individual learner nodes, individual brains doing their own machine learning that are actually connected to each other, learning from each other, speaking to each other. It's a very powerful model. We actually refer to this as federated machine learning in our industry. >> So we've been, first phase we simply used statistics to correlate events, take action, now we're doing acceptions, pattern recognition, or acceptions and building patterns, and in the future we're going to be able to further distribute that so that increasingly the AI is going to work with other AI so that the aggregate, this federated aggregate gets better, have I got that right? >> Yeah absolutely. And what's the advantage of that? A couple of things. It's very similar to the human immune system right. If you have, if I were to cut my finger on my hand, what's going to happen? Well, localized white blood cells, localized, nothing from a foreign entity or further away in my body, are going to come to the rescue and start healing that right. It's the same, it's because it's interconnected within the nervous system. It's the same idea of this federated machine learning model right. If a security appliance is to detect a threat locally on site, it's able to alert other security appliances so that they can actually take action on this and learn from that as well. So connected machine learning models. So it means that by properly implementing these AI, this federated AI machine earning models in an organization, that that system is able to actually in a auto-immune way be able to pick up what that threat is and be able to act on that threat, which means it's able to respond to these threat quicker or shut them down to the point where it can be you know, virtually instantaneous right, before the damage is done and bleeding starts happening. >> So the common baseline is continuously getting better even as we're giving opportunities for local managers to perform the work in response to local conditions. So that takes us to the next notion of, we've got this federated AI on the horizon, how are people, how is the world of people, security professionals going to change? What kind of recipes are they going to follow to insure that they are working in a maximally productive way with these new capabilities, these new federated capabilities, especially as we think about the introduction of 5G and greater density of devices and faster speeds in the relatancies? >> Yeah so, you know the world of cyber computer, cyber security has always been incredibly complex. So we're trying to simplify that and that's where again, this federated machine learning comes into place, particularly with playbooks, so if we look at 2019 and where we're going in 2020, we've put a lot of groundwork quite frankly and so pioneering the work of playbooks right. So when I say playbooks I'm talking about adversary playbooks, knowing the offense, knowing the tools, techniques, procedures, the way that these cyber crime operations are moving right and the black-hats are moving. The more that we can understand that, the more we can predict their next move and that centralized language right, once you know that offense, we can start to create automated blue team playbooks, so defensive playbooks. That security technology can automatically integrate and respond to it, but getting back to you question, we can actually create human readable CECO guides that can actually say, "Look, there's a threat," "here's why it's a problem," "here are the gaps in your security that we've identified," "here's some recommended course of action as an idea too." Right, so that's where the humans and the machines are really going to be working together and quite frankly moving at speed, being able to that at machine level but also being able to simplify a complex landscape, that is where we can actually gain traction right. This is part of that ascendancy of the white-hat because it's allowing us to move in a more agile nature, it's allowing us to gain ground against the attackers and quite frankly, it allows us to start disrupting their business model more right. It's a more resilient network. In the future this leads to the whole notion of self-healing that works as well that quite frankly just makes it a big pain, it disrupts your business model, it forces them to go back to the drawing board too. >> Well, it also seems as though, when we start talking about 5G, that the speeds, as I said the speeds, the dentancy, the reduced latency, the potential for a bad thing to propagate very quickly, demands that we have a more consistent, coherent response, at both the the machine level but also the people level. We 5G into this conversation. What's, what will be the impact to 5G on how these playbooks and AI start to come together over the next few years? >> Yeah, it's going to be very impactful. It is going to take a couple of years and we're just at the dawn of 5G right now. But if you think of 5G, your talking about a lot more volume, essentially as we move to the future, we're entering into the age of 5G and edge computing. And 5G and edge computing is going to start eating the cloud in a sense that more of that processing power that was in the cloud is starting to shift now towards edge computing right. This is at on Premis.it So, A; it is going to allow models like I was talking about, federated machine learning models and from the white-hats point of view, which again I think we are in the driver seat and a better, more advantageous position here, because we are more experienced again like I said, we've been doing this for years with black-hats quite frankly haven't. Yes, they're toying with it, but not in the same level and skill as we have. But, you know, (chuckles) I'm always a realist. This isn't a completely realsy picture, I mean, it is optimistic that we are able to get this upper hand. It has to be done right. But if we think about the weaponisation of 5G, that's also a very large problem right. Last year we're talking about swarm networks right, the idea of swarm networks is a whole bunch of devices that can connect to each other, share intelligence and then act to do something like a large scale DDoS attack. That's absolutely in the realm of possibility when it comes to the weaponisation of 5G as well. >> So one of the things, I guess the last question I want to ask you is, is you noted that these playbooks incorporate the human element in ways that are uniquely human. So, having CECO readable recipes for how people have to respond, does that also elevate the conversation with the business and does, allows us to do a better job of understanding risk, pricing risk and appropriately investing to manage and assure the business against risk in the right way? >> Absolutely. Absolutely it does, yeah. Yeah, because the more you know about going back to the playbooks, the more you know about the offense and their tools, the more you know about how much of a danger it is, what sort of targets they're after right. I mean if they're just going trying to look to collect a bit of information on, you know, to do some reconnaissance, that first phase attack might not cause a lot of damage, but if this group is known to go in, hit hard, steal intellectual property, shut down critical business streams through DoS, that in the past we know and we've seen has caused four, five million dollars from one breach, that's a very good way to start classifying risk. So yeah, I mean, it's all about really understanding the picture first on the offensive, and that's exactly what these automated playbook guides are going to be doing on the blue team and again, not only from a CoC perspective, certainly that on the human level, but the nice thing about the playbooks is because we've done the research, the threat hunting and understood this, you know from a machine level it's also able to put a lot of those automated, let's say day-to-day decisions, making security operation centers, so I'm talking about like SecDevOps, much more efficient too. >> So we've talked about more density at the edge amongst these devices, I also want to bring back one last thought here and that is, you said that historically some of the black-hats have been able to access with a degree of impunity, they have necessarily been hit hard, there's been a lot of slapping on the wrist as I think you said. Talk about how the playbooks and AI is going to allow us to more appropriately share data with others that can help both now but also in some of the forensics and the enforcement side, namely the legal and policing world. How are we going to share the responsibility, how is that going to change over the next few years to incorporate some of the folks that actually can then turn a defense into a legal attack? >> Threat elimination is what I call it right. So again, if we look at the current state, we've made great strides, great progress, you know, working with law enforcement, so we've set up public private sector relationships, we need to do that, have security experts working with law enforcement, law enforcements working on their end to train prosecutors to understand cyber crime and so forth. That foundation has been set, but it's still slow moving. You know, there's only a limited amount of playbooks right now. It takes a lot of work to unearth and do, to really move the needle, what we need to do, again like we're talking about, is to integrate a artificial intelligence with playbooks. The more that we understand about groups, the more that we do the threat illumination, the more that we uncover about them, the more we know about them, and by doing that we can start to form predictive models right. Based, I always say old habits die hard. So you know, if an attacker goes in, hits a network and their successful following a certain sequence of patterns, they're likely going to follow that same sequence on their next victim or their next target. So the more that we understand about that, the more that we can forecast A; from a mitigation standpoint, but the, also by the same token, the more correlation we're doing on these playbooks, the more machine learning we're doing on these playbooks, the more we're able to do attribution and attribution is the holy grail, it's always been the toughest thing to do when it comes to research. But by combing the framework that we're using with playbooks, and AI machine learning, it's a very very powerful recipe and that's what we need to get right and forward in the right direction. >> Derek Manky, Fortinet's Chief of Security Insights & Threat Alliances, thanks again for being on theCUBE. >> It's a pleasure. Anytime. Happy to talk. >> And I want to thank you for joining us for another CUBE conversation. I'm Peter Burris, see you next time. (upbeat jazz music) >> Yeah I thought it was pretty good. [Man] - That was great. [Derek] - Yeah, yeah.

(techno music) >> From our studios in the heart of Silicon Valley, Palo Alto, California, this is a Cube conversation. >> Hi, and welcome to theCube studios for another Cube conversation, where we go in depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. The notion of data services has been around for a long time, but it is being up-ended, recast, reformed, as a consequence of what cloud can do. But that also means that cloud is creating new ways of thinking about data services, new opportunities to introduce and drive this powerful approach of thinking about digital businesses centralized assets and to have that conversation about what that means, we've got Chadd Kenney, who is a VP and chief technologist of Clumio with us today. Chad, welcome to theCube. >> Thanks so much for having me. >> Okay, so let's start with that notion of data services, and the role the cloud is going to play. Clumio has looked at this problem, or looked at this challenge from the ground up. What does that mean? >> So if you look at the cloud as a whole, customers have gone through a significant journey. We've seen the first shadow IT kind of play out, where the people decided to go to the cloud, IT was too slow. It moved into kind of a cloud first movement, where people realized the power of cloud services. That then got them to understand a little bit of interesting things that have played out. One, moving applications as they exist were not very efficient, and so they needed to re-architect certain applications. Second, SaaS was a core way of getting to the cloud in a very simplistic fashion without having to do much whatsoever, and so for applications that were not core competencies, they realized they should go Saas and for anything that was a core competency, they needed to really re-architect to be able to take advantage of those very powerful cloud services. And so when you look at it, if people were to develop applications today, cloud is the default that you'd go toward. And so for us, we had the luxury of building from the cloud up on the very powerful cloud services to enable a much more simple model for our customers to consume, but even more so, to be able to actually leverage the agility and elasticity of the cloud. Think about this for a quick second, we can take facilities, break them up, expand them across many different compute resources within the cloud, versus having to take kind of what you did on-prem in a single server, or multitudes of servers, and try to plant that in the cloud. From a customer's experience perspective, it's vastly different. You get a world where you don't think about how you manage the infrastructure, how you manage the service, you just consume it, and the value that customers get out of that, is not only getting their data there, which is the on-ramp around our data protection mechanisms, but also being able to leverage cloud-native services on top of that data in the longer term, as we have this one common global index and platform. What we are super excited today to announce is that we are adding in AWS native capabilities to be able to protect that data in the public cloud. And this is kind of the default place where most people go to from a cloud perspective, to really get their applications up and running and take advantage of a lot of those cloud-native services. >> Well, if you're going to be cloud native and promise to customers is you are going to support their workload, you've got to be, obviously, on AWS. So congratulations on that. Let's go back to this notion of, you used the word powerful. AWS is a mature platform. GCP is coming along very rapidly. Azure is, you know, also very, very good, and there are others as well, but sometimes enterprises discover that they have to make some trade-offs. To get the simplicity, they have to get less function. To get the reliability, they have to get rid of simplicity. How does Clumio think through those trade-offs to deliver that simple, that powerful, that reliable platform for something as important as data protection and data services in general? >> So we wanted to create an experience that was single click, discover everything, and be able to help people consume that service quickly. And if you look at the problem that people are dealing with, customers talk to us about this all the time is the power of the cloud resulted in 100s if not 1000s of accounts within AWS. And now you get into a world where you are having to try to figure out how to I manage all these for one, discover all of it, and consistently make sure that my data, which as you mentioned, is incredibly important to businesses today, is protected. And so having that one common view is incredibly important to start with. And the simplicity of that is immensely powerful. When you look at what we do as a business to make sure that that continues to occur is first we leverage cloud-native services on the back, which are complex, and getting those things to run and orchestrate are things that we build on the back-end. On the front-end, we take the customer's view in looking at what is the most simple way of getting this experience to occur for both discovery, as well as, you know backup, recovery, and even being able to search in a global fashion. And so really taking their seats to figure out what would be the easiest way to both consume the service and then also be able to get value from it by running that service. >> AWS has been around, well, AWS in many respects founded the cloud industry. It is certainly sales force on the Saas side, but AWS was that first company to make the promise that it was going to provide this very flexible, very powerful, very agile infrastructure as a service. And they have done an absolutely marvelous job about it. And they have also advanced the state of the art of the technology dramatically and in many respects are in the driver's seat. What trade-offs, what limits does your new platform face as it goes to AWS or is it the same Clumio experience adding now all of the capabilities of AWS? >> That's a great question because I think a lot of solutions out there today are different parts and pieces kind of clumped together. What we built is a platform that these new services just get instantly added, next time you log in to that service, you will see that available to you, and you can just go ahead and log in to your accounts and be able to discover directly. And I think that the power of SaaS is really that. Not only have we made it immensely secure, which is something that people think about quite a bit, with having not only data in flight but data at rest encryption, and leveraging really the cloud capabilities of security, but we have made it incredibly simple for them to be able to consume that easily, literally not lift a finger to get anything done, it's available for you when you log into that system. And so, having more and more data sources in one single pane of glass, and being able to see all of the accounts, especially in AWS where you have quite a few of those accounts, and to be able to apply polices in a consistent fashion to ensure that you are, you know, compliant within the environment for whatever business requirements that you have around data protection, is immensely powerful to our customers. >> Chadd Kenney, chief technologist, Clumio, thanks very much for being on theCube. >> Thank you. >> And thanks for joining us for another Cube conversation. I'm Peter Burris, see you next time. (techno music)

(energetic music) >> Hi, and welcome to another Cube conversation, where we go in-depth with the thought leaders in the industry that are making significant changes to how we conduct digital business and the likelihood of success with digital business transformations. I'm Peter Burris. Every organization today has some experience with the power of analytics. But, they're also warning that the value of their analytics systems are, in part, constrained and determined by their access to core information. Some of the most important information that any business can start to utilize within their new advanced analytic systems, quite frankly, is that operational business information, that the business has been using to run the business on for years. Now, we've looked at that as silos and maybe it is. Although, partly, that's in response to the need to have good policy, good governance, and good certainty and practicably in how the system behaves and how secure it's going to be. So, the question is, how do we marry the new world of advanced analytics with the older, but, nonetheless, extremely valuable world of operational processing to create new types of value within digital business today? It's a great topic and we've got a great conversation. Tendu Yogurtcu is the CTO of Syncsort. Tendu, welcome back to The Cube! >> Hi Peter. It's great to be back here in The Cube. >> Excellent! So, look, let's start with the, let's start with a quick update on Syncsort. How are you doing, what's going on? >> Oh, it's been really exciting time at Syncsort. We have seen a tremendous growth in the last three years. We quadrupled our revenue, and also number of employees, through both organic innovation and growth, as well as through acquisitions. So, we now have 7,000 plus customers in over 100 countries, and, we still have the eight 40 Fortune 100, serving large enterprises. It's been a really great journey. >> Well, so, let's get into the specific distinction that you guys have. At Wikibon theCube, we've observed, we predicted that 1919, 2019 rather, 2019 was going to be the year that the enterprise assert itself in the cloud. We had seen a lot of developers drive cloud forward. We've seen a lot of analytics drive cloud forward. But, now as enterprises are entering into cloud in a big way, they're generating, or bringing with them, new types of challenges and issues that have to be addressed. So, when you think about where we are in the journey to more advanced analytics, better operational certainty, greater use of information, what do you think the chief challenges that customers face today are? >> Of course, as you mentioned, that everybody, every organization is trying to take advantage of the data. Data is the core. And, take advantage of the digital transformation to enable them for taking, getting more value out of their data. And, in doing so, they are moving into cloud, into hybrid cloud architectures. We have seen early implementations, starting with the data lake. Everybody started creating the centralized data hub, enabling advanced analytics and creating a data marketplace for their internal, or external clients. And, the early data lakes were for utilizing Hadoop on premise architectures. Now, we are also seeing data lakes, sometimes, expanding over hybrid or cloud architectures. The challenges that these organizations also started realizing is around, once I create this data marketplace, the access to the data, critical customer data, critical product data, >> Order data. >> Order data, is a bigger challenge than I thought that it would be in the pilot project. Because, these critical data sets, and core data sets, often in financial services, banking and insurance, and health care, are in environments, data platforms that these companies have invested over multiple decades. And, I'm not referring to that as legacy because definition of legacy changes. These environment's platforms have been holding this current critical data assets for decades successfully. So-- >> We call them high-value traditional applications. >> High-valude traditional sounds great. >> Because, they're traditional. We know what they do, and there's a certain operational certainty, and we've built up the organization around them to take care of those assets. >> But, they still are very very high-value. >> Exactly. And, making those applications and data available for next generation, next wave platforms, is becoming a challenge, for couple of different reasons. One, accessing this data. And, accessing this data, making sure the policies and the security, and the privacy around these data stores are preserved when the data is available for advanced analytics. Whether it's in the cloud or on premise deployments. >> So, before we go to the second one, I want to make sure I'm understanding that, because it seems very very important. >> Yes. >> That, what you're saying is, if I may, the data is not just the ones and the zeroes in the file. The data really start, needs to start being thought of as the policies, the governance, the security, and all the other attributes and elements, the metadata, if you will, has to be preserved as the data's getting used. >> Absolutely. And, there are challenges around that, because now you have to have skill sets to understand the data in those different types of stores. Relational data warehouses. Mainframe, IBMI, SQL, Oracle. Many different data owners, and different teams in the organization. And, then, you have to make sense of it and preserve the policies around each of these data assets, while bringing it to the new analytics environments. And, make sure that everybody's aligned with the access to privacy, and the policies, and the governance around that data. And also, mapping to metadata, to the target systems, right? That's a big challenge, because somebody who understands these data sets in a mainframe environment is not necessarily understanding the cloud data stores or the new data formats. So, how do you, kind of, bridge that gap, and map into the target-- >> And, vice-versa, right? >> Yes. >> So. >> Likewise, yes. >> So, this is where Syncsort starts getting really interesting. Because, as you noted, a lot of the folks in the mainframe world may not have the familiarity of how the cloud works, and a lot of the folks, at least from a data standpoint. >> Yes. >> And, a lot of the folks in the cloud that have been doing things with object stores and whatnot, may not, and Hadoop, may not have the knowledge of how the mainframe works. And, so, those two sides are seeing silos, but, the reality is, both sides have set up policies and governance models, and security regimes, and everything else, because it works for the workloads that are in place on each side. So, Syncsort's an interesting company, because, you guys have experience of crossing that divide. >> Absolutely. And, we see both the next phase, and the existing data platforms, as a moving, evolving target. Because, these challenges have existed 20 years ago, 10 years ago. It's just the platforms were different. The volume, the variety, complexity was different. However, Hadoop, five, ten years ago, was the next wave. Now, it's the cloud. Blockchain will be the next platform that we have to, still, kind of, adopt and make sure that we are advancing our data and creating value out of data. So, that's, accessing and preserving those policies is one challenge. And, then, the second challenge is that as you are making these data sets available for analytics, or machine learning, data science applications, deduplicating, standardizing, cleansing, making sure that you can deliver trusted data becomes a big challenge. Because, if you train the models with the bad data, if you create the models with the bad data, you have bad model, and then bad data inside. So, machine learning and artificial intelligence depends on the data, and the quality of the data. So, it's not just bringing all enterprise data for analytics. It's also making sure that the data is delivered in a trusted way. That's the big challenge. >> Yeah. Let me build on that, if I may, Tendu. Because, a lot of these tools involve black box belief in what the tool's performing. >> Correct. >> So, you really don't have a lot of visibility in the inner workings of how the algorithm is doing things. It's, you know, that's the way it is. So, in many respects, your only real visibility into the quality of the outcome of these tools is visibility into the quality of the data that's going into the building of these models. >> Correct. >> Have I got that right? >> Correct. And, in machine learning, the effect of bad data is, really, it multiplies. Because of the training of the model, as well as insights. And, with Blockchain, in the future, it will also become very critical because, once you load the data into Blockchain platform, it's immutable. So, data quality comes at a higher price, in some sense. That's another big challenge. >> Which is to say, that if you load bad data into a Blockchain, it's bad forever. >> Yes. That's very true. So, that's, obviously, another area that Syncsort, as we are accessing all of the enterprise data, delivering high-quality data, discovering and understanding the data, and delivering the duplicated standardized enriched data to the machine learning and AI pipeline, and analytics pipeline, is an area that we are focused with our products. And, a third challenge is that, as you are doing it, the speed starts mattering. Because, okay, I created the data lake or the data hub. The next big use case we started seeing is that, "Oh yeah, but I have 20 terabyte data, "only 10% is changing on a nightly basis. "So, how do I keep my data lake in sync? "Not only that, I want to keep my data lake in sync, "I also would like to feed that change data "and keep my downstream applications in sync. "I want to feed the change data to the microservices "in the cloud." That speed of delivery started really becoming a very critical requirement for the business. >> Speed, and the targeting of the delivery. >> Speed of the targeting, exactly. Because, I think the bottom line is, you really want to create an architecture that you can be agnostic. And, also be able to deliver at the speed the business is going to require at different times. Sometimes, it's near real-time, and at batch, sometimes it's real-time, and you have to feed the changes as quickly as possible to the consumer applications and the microservices in the cloud. >> Well, we've got a lot of CIO's who are starting to ask us questions about, especially, since they start thinking about Kubernetes, and Istio, and other types of platforms that are intended to facilitate the orchestration, and ultimately, the management of how these container-based applications work. And, we're starting to talk more about the idea of data assurance. Make sure the data's good. Make sure it's been high-quality. Make sure it's being taken care of. But, also make sure that it's targeted where it needs to be. Because, you don't want a situation where you spin up a new cluster, which you could do very quickly with Kubernetes. But, you haven't made the data available to that Kubernetes-based application, so that it can, actually, run. And, a lot of CIO's, and a lot of application development leaders, and a lot of business people, are now starting to think about that. "How do I make sure the data is where it needs to be, "so that the applications run when they need to run?" >> That's a great point. And, going back to your, kind of, comment around cloud, and taking advantage of cloud architectures. One of the things we have observed is organizations, for sure, looking at cloud, in terms of scalability, elasticity, and reducing costs. They did lift and shift of applications. And, not all applications can be taking advantage of cloud elasticity, then you do that. Most of these applications are created for the existing on-premise fixed architectures. So, they are not designed to take advantage of that. And, we are seeing a shift now. And, the shift is around, instead of, trying to, kind of, lift and shift existing applications. One, for new applications, let me try and adopt the technology assets, like you mentioned Kubernetes, that I can stay vendor-agnostic, for cloud vendors. But, more importantly, let me try to have some best practices in the organization. The new applications can be created to take advantage of the elasticity. Even though, they may not be running in the cloud yet. So, some organizations refer to this as cloud native, cloud first, some different terms. And, make the data. Because, the core asset here, is always the data. Make the data available, instead of going after the applications. Make the data from these existing on-premise and different platforms available for cloud. We are definitely seeing that the shift. >> Yeah, and make sure that it, and assure, that that data is high-quality, carries the policies, carries the governance, doesn't break in security models, all those other things. >> That is a big difference between how, actually, organizations ran into their Hadoop data lake implementations, versus the cloud architectures now. Because, when initial Hadoop data lake implementations happened, it was dump all the data. And, then, "Oh, I have to deal with the data quality now." >> It was also, "Oh, those mainframe people just would, "they're so difficult to work with." Meanwhile, you're still closing the books on a monthly basis, on a quarterly basis. You're not losing orders. Your customers aren't calling you on the phone angry. And, that, at the end of the day, is what a business has to do. You have to be able to extend what you can currently do, with a digital business approach. And, if you can replace certain elements of it, okay. But, you can't end up with less functionality as you move forward in the cloud. >> Absolutely. And, it's not just mainframe. It's IBMI, it's the Oracle, it's the teledata, it's the TDZa. It's growing rapidly, in terms of the complex stuff, that data infrastructure. And, for cloud, we are seeing now, a lot of pilots are happening with the cloud data warehouses. And, trying to see if the cloud data warehouses can accommodate some of these hybrid deployments. And, also, we are seeing, there's more focus, not after the fact, but, more focus on data quality from day one. "How am I going to ensure that "I'm delivering trusted data, and populating "the cloud data stores, or delivering trusted data "to microservices in the cloud?" There's greater focus for both governance and quality. >> So, high-quality data movement, that leads to high-quality data delivery, in ways that the business can be certain that whatever derivative work is done remains high-quality. >> Absolutely. >> Tendu Yogurtcu, thank you very much for being, once again, on The Cube. It's always great to have you here. >> Thank you Peter. It's wonderful to be here! >> Tandu Yogurtcu's the CTO of Syncsort, and once again, I want to thank you very much, for participating in this cloud, or this Cube conversation. Cloud on the mind, this Cube conversation. Until next time. (upbeat electronic music)

our studios in the heart of Silicon Valley Palo Alto California this is a cute conversation welcome to another wiki bond digital community event this one's sponsored by Columbia I'm your host Peter Burris any business that aspires to be a digital business needs to think about its data differently it needs to think about how data can be applied to customer experience value propositions operations that improve profitability and strategic options for the business as it moves forward but that means openly either we're thinking about how we embed data more deeply into our operations that means we must also think about how we're going to protect that data so the business does not suffer because someone got a hold of our data or corrupted our data or that a system just failed and we needed to restore that data very quickly now what we want to be able to do is we want to do that in a way that's natural and looks a lot like a cloud because we want that cloud experience in our data protection as well so that's we're going to talk about with clue Meo today a lot of folks think in terms of moving all the data into the cloud we think increasingly we have to recognize a cloud is not a strategy for centralizing data but rather distributing data and being able to protect that data where it is utilizing a simple common cloud like experience it's becoming an increasingly central competitive need for a lot of digital enterprises the first conversation we had was with a puja and Kumar who John is a CEO and co-founder of comeö let's hear a puja I had to say about data value data services and clue me oh who john welcome to the show Thank You Bertram nice to be here so give us the update in Colombia so Tomio is a two year old company right we just recently launched out of stealth so so far you know we we came out with the innovative offering which is a SAS solution to go and protect on premises you know VMware and BMC environments that's what we launched out of style two months ago we our best of show when we came out of stealth in in VMware 2019 well ultimately we started with a vision about you know protecting data irrespective of where it resides so it was all about you know you know on-premises on cloud and other SAS services so one single service that protects data irrespective of where it resides so far we executed on on-premises VMware and VM see today what we are announcing for the first time is our protection to go and protect applications natively built on AWS so these are applications that an aptitude natively built on AWS that clue me or as a service will protect irrespective of you know them running you know in one region or cross region cross accounts and a single service that will allow our customers to protect native AWS applications the other big announcement we are making is a new round of financing and that is testament to the interest in the space and the innovative nature of the platform that we have built so when we came out of stealth we announced we had raised two rounds of financing 51 million dollars in series a and Series B rounds of financing today what we are announcing is a Series C round of financing of 135 million dollars the largest I would say Series C financing for a SAS enterprise company especially a company that's a little over two years old Oh congratulations that's gonna buy a lot of new technology and a lot of customer engagement but what customers as I said up from where customers are really looking for is they're looking for tooling and methods and capabilities that allow them to treat their data differently talk a little bit about the central importance of data and how it's driving decisions of Cluny oh yes so fundamentally you know when we built out the the data platform it was about going after the data protection as the first use case in the platform longer term the journey really is to go from a data protection company to a data management company and this is possible for the first time because you have the public cloud on your side if you truly built a platform for the cloud on the public cloud you have this distinct advantage of now taking the data that you're protecting and really leveraging it for others that you can enable the enterprise for and this is exactly what enterprises are asking for especially as they you know you know make a transition from on-premises to the public cloud where they are powering on more and more applications in the public cloud and they really you know sometimes have no idea in terms of where the data is sitting and how they can take advantage of all these data sources that ultimately Klum is protecting well no idea where the data is sitting take advantage of these data sources presumably facilitate new classes of integration because that's how you generate value out of data that suggests that we're not just looking at protection as crucially important as it is we're looking at new classes of services they're going to make it possible to alter the way you think about data management if I got that right and what are those new services yes it's it's a journey as I said right so starting with you know again data protection it's also about doing data protection across multiple clouds right so ultimately we are a platform even though we are announcing you know AWS you know application support today we've already done VMware and VM C as we go along you'll see us kind of doing this across multiple clouds so an application that's built on the cloud running across multiple clouds AWS asher and GC p or whatever it might be you see as kind of doing data protection across in applications in multiple clouds and then it's about going and saying you know can we take advantage of the data that we are protecting and really power on adjacent use cases you know they could be security use cases because we know exactly what's changing when it's changing there could be infrastructure analytics use cases because people are running tens of thousands of instances and containers and n VMs in the public cloud and if a problem happens nobody really knows what caused it and we have all the data and we can kind of you know index it in the backend analyze in the backend without the customer needing to lift a finger and really show them what happened in their environment that they didn't know about right so there's a lot of interesting use cases that get powered on because you have the ability to index all the data here you have the ability to essentially look at all the changes that are happening and really give that visibility to the end customer and all of this one-click and automating it without the customer needing to do much I will tell you this that we've talked to a number of customers of Cuneo and the fundamental choice the clue mio choice was simplicity how are you going to sustain that even as you add these new classes of services yes that is the key right and that is about the foundation we have built at the end of the day right so if you look at all of our customers that have you know on-boarded today it's really the experience where in less than you know 15 minutes they can essentially start enjoying the power of the platform and the backend that we have built and the focus on design that we have is ultimately why we are able to do this with simplicity so so when we when we think about you know all the things we do in the backend there's obviously a lot of complexity in the backend because it is a complex platform but every time we ask ourselves the question that okay from a customer perspective how do we make sure that it is one click and easy for them so that focus and that attention to detail that we have behind the scenes to make sure that the customer ultimately should just consume the service and should not need to do anything more than what they absolutely need to do so that they can essentially focus on what adds value to their business takes a lot of Technology a lot of dedication to make complex things really simple absolutely whoo John Kumar CEO and co-founder of Clue leo thanks very much for being on the cube Thank You bigger great conversation with poo John data value leading to data services now let's think a little bit more about how enterprises ultimately need to start thinking about how to manifest that in a cloud rich world Chad Kenny is the vice president and chief technologist at Kumi oh and Chad and I had an opportunity to sit down and talk about some of the interesting approaches that are possible because of cloud and very importantly to talk about a new announcement that clew mios making as they expand their support of different cloud types let's see what Chad had to say the notion of data services has been around for a long time but it's being upended recast reformed as a consequence of what cloud can do but that also means that cloud is creating new ways of thinking about data services new opportunities to entry and drive this powerful approach of thinking about digital businesses centralized assets and to have that conversation about what that means we've got Chad Kenny who's a VP and chief technologist of comeö with us today Chad welcome to the cube thanks so much for having me okay so let's start with that notion of data services and the role the clouds gonna play loomio has looked at this problem with this challenge from the ground up what does that mean so if you look at the the cloud as a whole customers have gone through a significant journey we've seen you know that the first shadow IT kind of play out where people decided to go to the cloud IT was too slow it moved into kind of a cloud first movement where people realize the power of cloud services that then got them to understand a little bit of interesting things that played out one moving applications as they exist were not very efficient and so they needed to react exort anapa second SAS was a core way of getting to the cloud in a very simplistic fashion without having to do much of whatsoever and so for applications that were not core competencies they realized they should go SAS and for anything that was a core competency they needed to really reaaargh attack to be able to take advantage of those you know very powerful cloud services and so when you look at it if people were to develop applications today cloud is the default that you'd go towards and so for us we had the luxury of building from the cloud up on these very powerful cloud services to enable a much more simple model for our customers to consume but even more so to be able to actually leverage the agility and elasticity of the cloud think about this for a quick second we can take facilities break them up expand them across many different computer resources within the cloud versus having to take kind of what you did on Prem in a single server or multitudes of servers and try to plant that in the cloud from a customer's experience perspective it's vastly different you get a world where you don't think about how you manage the infrastructure how you manage the service you just consume it and the value that customers get out of that is not only getting their data there which is the on-ramp around our data protection mechanisms but also being able to leverage cloud native services on top of that data in the longer term as we have this one common global index and path and what we're super excited today to announce is that we're adding in AWS native capabilities to be able to date and protect that data in the public cloud and this is kind of the default place where most people go to from a cloud perspective to really get their applications up and running and take advantage of a lot of those cloud native services well if you're gonna be cloud native and promised to customers as you can support their workloads you got to be obviously on AWS so congratulations on that but let's go back to this notion of user word powerful mm-hmm 80 of us is a mature platform GCPs coming along very rapidly asher is you know also very very good and there are others as well but sometimes enterprises discover that they have to make some trade-offs to get the simplicity they have to get less function to get the reliability they have to get rid of simplicity how does ku mio think through those trade-offs to deliver that simple that powerful that reliable platform for something as important as data protection and data services in general so we wanted to create an experience that was single click discover everything and be able to help people consume that service quickly and if you look at the problem that people are dealing with a customer's talked to us about this all the time is the power of the cloud resulted in hundreds if not thousands of accounts within AWS and now you get into a world where you're having to try to figure out how do I manage all of these for one discover all of it and consistently make sure that my data which as you've mentioned is incredibly important to businesses today as protect it and so having that one common view is incredibly important to start with and the simplicity of that is immensely powerful when you look at what we do as a business to make sure that that continues to occur is first we leverage cloud native services on the back which are complex and and and you know getting those things to run and orchestrate are things that we build on the back end on the front end we take the customer's view and looking at what is the most simple way of getting this experience to occur for both discovery as well as you know backup for recovery and even being able to search in a global fashion and so really taking their seats to figure out what would be the easiest way to both consume the service and then also be able to get value from it by running that service AWS has been around well AWS in many respects founded the cloud industry it's it's you know certainly Salesforce and the south side but AWS is the first company to make the promise that it was going to provide this very flexible very powerful very agile infrastructure as a service and they've done an absolutely marvelous job about it and they've also advanced the state of the art of the technology dramatically and in many respects are in the driver's seat what trade offs what limits does your new platform face as it goes to AWS or is it the same coolio experience adding now all of the capabilities of AWS it's a great question because I think a lot of solutions out there today are different parts and pieces kind of klom together well we built is a platform that these new services just get instantly added next time you log into that service you'll see that that available to you and you can just go ahead and log in to your accounts and be able to discover directly and I think that the Vout the power of SAS is really that not only have we made it immensely secure which is something that people think about quite a bit with having you know not only data in flight but data at rest encryption and and leveraging really the cloud capabilities of security but we've made it incredibly simple for them to be able to consume that easily literally not lift a finger to get anything done it's available for you when you log into that system and so having more and more data sources in one single pane of glass and being able to see all the accounts especially in AWS where you have quite a few of those accounts and to be able to apply policies in a consistent fashion to ensure that you're you know compliant within the environment for whatever business requirements that you have around data protection is immensely powerful to our customers Chad Kenney chief technologist plumie Oh thanks very much for being on the tube thank you great conversation Chad especially interested in hearing about how klum EO is being extended to include AWS services within its overall data protection approach and obviously into Data Services but let's take a little bit more into that Columbia was actually generated and prepared a short video that we could take a look at that goes a little bit more deeply into how this is all going to work [Music] enterprises are moving rapidly to the cloud embracing sass for simplified delivery of key services in this cloud centric world IT teams can focus on more strategic work accelerating digital transformation initiatives when it comes to backup IT is stuck designing patching and capacity planning for on-premise systems snapshots alone for data protection in the public cloud is risky and there are hundreds of unprotected SAS applications in the typical enterprise the move to cloud should make backup simpler but it can quickly become exponentially worse it's time to rethink the backup experience what if there were no hardware software or virtual appliances to size configure manage or even buy it all and by adding Enterprise backup public cloud workloads are no longer exposed to accidental data deletion and ransomware at Clube o we deliver secure data backup and recovery without any of that complexity or risk we provide all of the critical functions of enterprise backup d dupe and scheduling user and key management and cataloging because we're built in the public cloud we can rapidly deliver new innovations and take advantage of inherent data security controls our mission is to protect your data wherever it's stored the clew mio authentic SAS backup experienced scales on-demand to manage and protect your data more easily and efficiently and without things like cloud bills or egress charges pluto gives you predictable costs monitoring global backup compliance is far simpler and the built-in always-on security of Clue mio means that your data is safe take advantage of the cloud for backup with no constraints clew mio authentic SAS for the enterprise great video as we think about moving forward in the future and what customers are trying to do we have to think more in terms of the native services that cloud can provide and how to fully exploit them to increase the aggregate flexible both within our enterprises but also based on what our supplies have to offer we had a great conversation with wounds Young who is the CTO and co-founder of Clue mio about just that let's hear it wound had to say everybody's talking about the cloud and what the cloud might be able to do for their business the challenge is there are a limited number of people in the world who really understands what it means to build for the cloud utilizing the cloud it's a lot of approximations out there but not a lot of folks are deeply involved in actually doing it right we've got one here with us today woo Jung is the CTO and co-founder of Cluny o moon welcome to the cube how they tittie here so let's start with this issue of what it means to build for the cloud now loomio has made the decision to have everything fit into that as a service model what is that practically mean so from the engineering point of view building our SAS application is fundamentally different so the way that I'll go and say is that at Combe you know we actually don't build software and ship software what we actually do it will service and service is what we actually ship to our customers let me give you an example in the case of chromium they say backups fail like software sometimes fails and we get that failures too the difference in between criminal and traditional solutions is that if something were to fail we are the one detecting that failure before our customers - not only that when something fails we actually know exactly why you fail therefore we can actually troubleshoot it and we can actually fix it and upgrade the service without the customer intervention so it's not about the bugs also or about the troubleshooting aspect but it's also about new features if you were to introduce our new features we can actually do this without having customers upgraded code we will actually do it ourselves so essentially it frees the customers from actually doing all these actions because we will do them on behalf of them at scale and I think that's the second thing I want to talk about quickly is that the ability to use the cloud to do many of the things that you're talking about at scale creates incredible ranges of options that customers have at their disposal so for example AWS customers have historically used things like snapshots to provide a modicum of data protection to their AWS workloads but there are other new options that could be applied if the system's are built to supply them give us a sense of how kkumeul is looking at this question of you know snapshots versus something else yeah so basically traditionally even on the on print side of the things you have something called a snapshot and you had your backups right and they're they're fundamentally different but if you actually shift your gears and you look at what they WS offers today they actually offers the ability for you to take snapshots but actually that's not a backup right and they're fundamentally different so let's talk about it a little bit more what it means to be snapshots and a backup right so let's say there's a bad actor and your account gets compromised like your AWS account gets compromised so then the bad actor has access not only to the EBS volumes but also to the EBS snapshots what that means is that that person can actually go ahead and delete the EBS volume as well as the EBS snapshots now if you had a backup let's say you actually take a backup of that EBS volume to Kumu that bad actor will have access to the EBS volumes however you won't be able to delete the backup that we actually have in Kumu so in the whole thing the idea of Kumi on is that you should be able to protect all of your assets that being either an on-prem or an AWS by setting up a single policies and these are true backups and not just snapshots and that leads to the last question I have which is ultimately the ability to introduce these capabilities at scale creates a lot of new opportunities that customers can utilize to do a better job of building applications but also I presume managing how they use AWS because snapshots and other types of service can expand dramatically which can increase your cost how is doing it better with things like native backup services improve a customer's ability to administer their AWS spend and accounts great question so essentially if you look at the enterprise's today obviously they have multiple you know on-premise data centers and also a different cloud providers that the you like AWS and Azure and also a few SAS applications right so then the idea is for kkumeul is to create this single platform where all of these things can actually be backed up in a uniform way where you can actually manage all of them and then the other thing is all doing it in the cloud so if you think about it if you don't solve the poem fundamentally in the cloud there's things that you end up paying later on so let's take an example right moving bytes moving bytes in between one server to the other traditionally basically moving bytes from one rack to the other it was always free you never had to pay anything for that certainly in the data center alright but if you actually go to the public cloud you cannot say the same thing right basically moving by it across aw s recent regions is not free anymore moving data from AWS to the on premises that's not free either so these are all the things that any you know car provider service provider like ours has to consider and actually solve so that the customers can only back it up into Kumu but then they actually can leverage different cloud providers you know in a seamless way without having to worry all of this costs associated with it so kkumeul we should be able to back it up but we should be able to also offer mobility in between either AWS backup VMware or VNC so if I can kind of summarize what you just said that you want to be able to provide to an account to an enterprise the ability to not have to worry about the backend infrastructure from a technical and process standpoint but not also have to worry so much about the backend infrastructure from a cost and financial standpoint that by providing a service and then administering how that service is optimally handled the customer doesn't have to think about some of those financial considerations of moving data around in the same way that they used to oh I got that right I absolutely yes basically multiple accounts multiple regions multiple providers it is extremely hard to manage what Cuneo does it will actually provide you a single pane of glass where you can actually manage them all but then if you actually think about just and manageability this actually you can actually do that by just building a management layer on top of it but more importantly you and we need to have a single data you know repository for you for us to be able to provide a true mobility in between them one is about managing but the other thing is about if you're done if you're done it the real the right way it provides you the ability to move them and it leverages the cloud power so that you don't have to worry about the cloud expenses but kkumeul internally is the one are actually optimizing all of this try our customers wound jeong CTO and co-founder of Kaleo thanks very much for being on the queue thank you thanks very much moon I want to thank chromeo for providing this important content about the increasingly important evolution of data protection and cloud now here's your opportunity to weigh in on this crucially important arena what do you think about this evolving relationship how do you foresee it operating in your enterprise what comments do you have what questions do you have of the thought leaders from Cluny oh and elsewhere that's what we're gonna do now we're gonna go into the crowd chat and we're gonna hear from each other about this really important topic and what you foresee in your enterprise as your digital business transforms let's crouch at