>>From around the globe. It's the cube with digital coverage of Veem on 2020 brought to you by beam. >>Hi buddy. Welcome back to the cubes. Ongoing coverage of Veem on 2020s Veem online 2020 I'm Dave Volante and Rick van overs here as a senior director of product strategy at Veem. Rick, it's always a great pleasure to see you. I wish we could see each other face to face. >>Yeah. You know, it's different this year, but, uh, yeah, it is always great to be on the cube. I think, uh, uh, in 2018 had an eight year gap and it's a N a couple of times we've been back since and yeah, happy to be back on the cube. >>So how's it going with you guys with the online format? I mean, breakouts are big for you cause you're, you're profiling some new products that we're going to get into, how's it all working for you? >>Well, it's been different. It's a good way to explain it in one word different, but the reality is I have a, uh, pardon, the language, a side hustle here, where at Veeam, I've worked with the event team to kind of bring the best content. And for the breakouts, that's an area that I've been working a lot with our speakers and our, some of our partners, external experts, users, and people who have, you know, beaten ransomware and stuff like that. But I've worked really hard to aggregate the content and get the best blend of content. And we kind of have taken an interesting approach where the breakouts are that library of content that we think organizations and the people who attend the event really take away the most. So we've got this full spectrum from R and D deep level stuff to just getting started type of stuff, and really all types of levels in between. And yeah, we want the breakouts to focus on generally available products, right? So I've worked pretty diligently to bring a good spread across the, uh, different products. And then a little secret trick we're doing is that into the summer, we're going to open up new content. So there's this broadcast agenda that we've got publicized, but then beyond that, we're going to sneak in some new content into the summer. >>Well, I'm glad you're thinking that way, because you know, a lot of what a lot of people are doing. There's a church trying to take their physical events and mirror it to the, to the digital or the virtual. And I think so often with physical events, people forget about the afterglow. And so I'm glad you guys are thinking about it upfront. >>Yeah. It has to be a mechanism that we've used it a couple of different ways, one to match how things are going to be released. Right? Cause being, we're always releasing products across the different set. I mean, we have one flagship product, but then the other products have their own cycles. So if something works well for that, we'll put it into the summer library. And then it's also a great opportunity for us to reach deep and get some content from people that we might not have been able to get before. In fact, we had one of our engineers who's based in Australia and great resource, great region, strong market for us, but I can't w if we were to have the in person event, I can't bring somebody from Australia for one session, but this was a great way to bring her expertise to the event without, you know, having the travel burden and different variety of speakers and different varieties of content. So there's ways that we've been able to build on it. But again, the top level word is definitely different, but I feel like it's working for sure. >>So Rick, give us the helicopter view of some of the product areas that we should be really be aware of as it relates to what you guys are doing at Veem on 2020. And then we'll, we'll drill in give us the high level though. >>Yeah. So for people attending the event and online, my advice really is that we're spread across about 75 to 80% of the content is for technical people. 20% of the content in the breakouts is going to be for decision makers or executives, that type. And then within that, the context of the technical content, we want to have probably 10 to 15% being like presenters from our R and D group. So very technical, uh, low level type discussions, highest level architect type stuff, kind of after that generic use cases, a nice and in the middle area, because we have a lot of people that are getting started with our products, like maybe they're new to the office three 65 backup, or they're new to backing up natively in the cloud. We have a lot of contexts around the virtual machine backup and storage integration, all those other great things, but the platform is kind of spread out at Veeam. There's a lot to take in. So the thought is wherever anyone is on their journey with any of the products and not some, that's a hard task to do with a certain number of slots. We want to provide something for everyone at every level. So that's the, that's the helicopter view. >>So let me ask you a couple of follow ups on that. So let's start with office three 65. Now you guys have shared data at this event, uh, talking about that most customers just say, Oh yeah, well, I trust Microsoft to do my backup. Well, of course, as we, well, well know it, backup is one thing, but recovery is everything. And so explain why, uh, what will explain the value that you guys bring? Why can't I just rely on the SAS vendor, uh, to, to do my backup and recovery? >>Well, there's a lot to that question, Dave, the number one thing I'll say is that at Veeam, we have partnerships with Microsoft. You have where HPE, all the household brands of it. And in many of these situations, we've always come into the market with the platform itself, providing a basic backup. I'll give windows, for example, anti backup, right? Yeah. Those, you know, it's there, but there's always a market for more capabilities, more functionality, more portability. So we've taken office three 65 is a different angle for backup. And we lead with the shared responsibility model, Microsoft as well as the other clouds, make it very clear that data classification and that responsibility of data that actually sits 100% with the customer. And so, yes, you can add things to the platform, but if we have organizations where we have things like I need to retain my content forever, or I need a discovery use case. >>And then if you think about broader use cases like one drive for business data, especially with the rapid shift of work from home organizations may not be not so much using the file server, but using things like one drive for business, for file exchanges, right? So having a control plane over that data is, is very important. So we really base it on the shared responsibility and Microsoft is one of our strongest partners. So they are very keen for us to provide solutions that are going to consume and move data around to, to meet customer needs in the cloud and in the SAS environment. For sure. So, you know, it's been a very easy conversation for our customers and it's our fastest growing product as well. So, uh, this, this product is doing great. Uh, I don't have the quarterly numbers, but we just released the mid part of Q4. We just released the newest release, which implemented object storage support. So that's been the big ask for our customers, right? So it's a, it's that product's doing great. >>Yeah. So, you know, that notion of shared responsibility, you hear that a lot in cloud security, you're applying it to cloud data protection, which, you know, security and data protection are now, you know, there's a lot of gray area between them now. Uh, and I think it's, you know, security is a, or data protection is a fundamental part of your security strategy, but that notion of shared responsibility is very important. And one that's oftentimes misunderstood because people hear, Oh, it's in the cloud. Okay. My cloud vendor has got to cover it, but what does, what does that shared responsibility mean? Ultimately, isn't it up to the customer to own the end end result. >>It is. And I look at, especially Microsoft, they classify their software for different ways on prem software, uh, software as a service, the infrastructure as a service. Uh, I forget what the third one is, but they have so many different ways that you can package their software, but in all of them, they put the data classification for the customer and it same for other clouds as well. And when, if I'm an organization today, if I'm running data in a SAS platform, if I am running systems in iOS platforms, in the hyperscale public clouds, that is an opportunity for me to really think about that control plane of the data and the backup and restore responsibility, because it has to be easy to use. It has to be very consumable so that customers can avoid that data loss or be in a situation where the complexity to do a restore is so miserable that they may not even want to go do it. I've actually had conversations with organizations as they come to Veeam. That was their alternative. Oh, it's just too painful to do. Like, why would you even do that? You know, so that, that shared responsibility model across the different data types in the cloud and on-premise well, and SAS models, that's really where we find the conversations go pretty nicely. >>Right. And if it's too complicated, you won't even bother testing it. So I want to ask you something about cloud native. You mentioned cloud native, your cloud native capabilities, um, and I'm, I'm inferring from that, that you basically are not just taking your on prem stack and shoving it into the cloud. You're actually taking advantage of the native cloud services. Can you, can you explain what's going on there and maybe some product specifics? >>Sure. So, you know, Veeam has this reputation of number one, VM backup, you know, here in my office, I have posters from all over the years and somewhere down here is number one, VM backup. And that's where we cut our teeth and got our name out there. But now if you're an Azure, if you're an Amazon, we have cloud native backup products available. In fact, the last time you and I spoke was that an Amazon reinvent where we launched the Amazon product. And then last month we launched the Azure product, which provides cloud native backup for Azure. And so now we have this cloud feature parody and those products are going to move very quickly as well. We've had the software as a service product for office three 65, where we keep adding services. And we saw in the general session, we're going to add protection for a new service in office three 65. >>So we're going to continue to innovate around these different areas. And there's also another cloud that we announced a capability for as well. So, you know, the platform at Veem it's growing, and it's amazing to see this happen cause you know, customers are making cloud investments and there's no cloud for all right. So some organizations like this cloud that cloud are a little bit of these two clouds combined. So we have to really go into the cloud with customer needs in mind because there's no one size fits all approach to the cloud, but their data, everybody knows how important that is. >>So to that end though, each, each cloud is going to have a set of native services and you've got to develop specific to that cloud, right? So that you can have the most, the lowest, highest performance, the most efficient, the lowest cost data protection solution backup and recovery possible is that, I mean, taking advantage of those native cloud services is going to be unique for each cloud, right? Because AWS has cloud and Azure cloud. Those are, those are different, you know, technically underneath, is that, is that right? >>You're absolutely right. And the cost models, they have different behaviors across the clouds. In fact, the breakout that I did here at the event with Melissa Palmer, those who are interested in the economics of the cloud should check that out because the cloud is all about consuming those resources. When I look at backup, I don't want backup to be a cost prohibitive insurance policy. Basically I want backup to be a cost effective yet resilient technology that when we're using the cloud, we can kind of balance all these needs. And one of the ways that beam's done that is we've put in cost estimators, which it's not that big of a like flashy part of the user interface, but it's so powerful to customers. The thought is if I want to consume infrastructure as a service in the cloud, and I want to back up via API calls, snapshots to ECE, two instances only nice and high performance, nice and fast. >>But the cost profile of that if I kept them for a year is completely different than if I used object storage. And what we're doing with the Veeam backup for Azure and Amazon products is we're putting those numbers right there in the wizard. So you could say, Hey, I want to keep two years of data. And I have snapshots and I have object storage, totally different cost profiles. And I'll put those costs testaments in there. And you can make egregious examples where it'll be like 10 and 20 X the price, but it really allows customers to get it fast, to get it cost efficient. And more importantly, at the end of the day, have that protection that they need. And that's, you know, that's something that I've been trying to evangelize at this cost. Estimator is a really big deal. >>Yeah. Provides transparency so that you can let the business, you know, drive sort of what the, what the data protection level is as opposed to sort of either, whether it's a one size fit all or you're under protected or overprotected and spending too much, I asked Anton is going to kind of, how do you prioritize it? Because basically his answer was we look at the economics and then ultimately you're giving tools to allow the customer to decide, >>Yeah, you don't want to have that surprise cloud bill at the end of the month. You don't want to have, um, you know, waste in the cloud and Anton's right. The economics are very important. The modeling process that we use is interesting. I had a chat with one of the product managers who is basically in charge of our cloud economic modeling and to the organizations out there. This is a really practical bit is, think about modeling, think about cloud economics, because here's the very important part. If you've already implemented something it's too late and what I mean by that, the economics, if they're not right when you implement it, so you're not modeling ahead of time. Once you implement, you can monitor it all you want, but you're just going to monitor it off the model. So the thought is, this is all a backwards process. You have to go backwards with the economics, with the modeling, and that will lead you to no surprises down the road. For sure. >>I want to ask you about the COVID impact generally, but specifically as it relates to ransomware, I mean, we've had a lot more inquiries regarding ransomware. There's certainly a lot more talk about it in the press. What have you seen, uh, specifically with respect to ransomware since the pandemic and since the lockdown. >>So that's something that's near and dear to my heart on the technology team here at product strategy, everyone has like a little specialization industry specialization. Ransomware's mine. So good ask. So the one thing that sticks out to me a lot is identifying where ransomware comes in and around. I have one data point that indicated around 58 or so percent of ransomware comes in through remote desktop. And the thought here is if we have shifted to remote access and new working models, what really worries me, Dave is when people hustle, when people hurry and the thought here is you can have it right. Or you can have it right now in mid March, we needed to make a move right now. So I worry about UN UN incomplete security models, right? People hurrying to, um, implement and maybe not taking their security, right. Especially when you think about most ransomware can come in through remote desktop. >>I thought fish attacks were the main attack vector, but I had some data points that told me this. So I have been, and I just completed a great white paper that those watching this can go to dot com and download. But the thought here is I just completed a great white paper on tips to beat ransomware and yes, Veeam has capabilities, but here's the logic. Dave. I like to explain it this way, beating ransomware. And we had a breakout that I recorded here at the event, encourage everyone to watch that I had two users share their story of how they beat ransomware with Veem. Two very different ways too. Any product is, or is not necessarily ransomware resilient. It's like going through an audit. And what I mean by that is people ask me all the time is being compliant to this standard or that standard it's 100% dictated how the product's implemented, how the product's audited, same with ransomware. >>It's 100% dictated on how Veem is implemented. And then what's the nature of the exploit. And so I break it down to three simple things. We have to educate. We have to know what threats are out there. We have to know who is accessing, what data. And then the big part of it is the implementation. How have we implemented Veeam? Are we keeping data in immutable buckets in the cloud? Are we keeping data with an air gap? And then three, the remediation when something does happen, how do we go about solving that problem? I talked to our tech support team who deals with it every day and they have very good insights, very good feedback on this phenomena. And that they've helped me shape some of the recommendations I put in the paper. But, uh, yeah, it's a 30 page paper. I don't know if I can summarize it here. That's a long one for me, but, uh, the threats real, and this is something we'll never be done with. Right. I have, I've done two other papers on it and I'm going to have another one soon after that, but we're building stuff into the product. We're educating the market. And, um, you know, we're winning, we're seeing like I had the two customers, um, beat ransomware, great stories. I think I learned so much hearing from someone who's gone through it and that you can find that in the, in the Vermont broadcast for those attending here. >>Well, you've touched on a couple of having them take advantage of the cloud guys who have these immutable mutable buckets that you can, you can leverage. Um, a lot of people don't even don't even know about that. Um, and then, like you say, create an air gap and presumably there's best practice around how often you write to that bucket and how often you create, you know, that air gap you may be, you may be change up the patterns. I don't know other, other thoughts on that. >>Well, I collectively put, I've created a term and uh, nobody's questioning me on it yet, so that's good, but I'm calling it ultra resilient storage. And what I'm referring to is that immutable backup in the cloud. And if we, it becomes a math calculation, you know, if you have one data point in there, that's good. But if you had a week's worth of data points, that's better. If you had a month's worth of data points, that's even better. But of course those cost profiles are going to change. Same thing with tape tapes, a an air gap, removable media, and I go back and forth on this, but some of the more resilient storage snapshot engines can do ultra resilient techniques as well, such as like, uh, pure storage, safe mode and NetApp snap fall. And then the last thing is actually a Veeam technology. It's been out for three, four years now, insider protection. >>It's a completely out of band copy of backup data that that Veeam cloud connect offers. So my thought here is that these ultra resilient types, those are best defense in these situations. And, you know, it's, it's a, it becomes a calculated risk of how much of it do I want to keep, because I want to have the most restore options available. I want to have no data loss, but I also don't want it old. Right. You know, there's a huge decline in value taking your business back a year ago, because that's the last tape you had, for example, I want today's or yesterday's backup if I'm in that type of situation. So I go through a lot of those points in my paper, but I hope that, um, those out there fighting the war on ransomware have the tools. I know they have the tools to win with them. >>Well, it's like we were talking about before and ransomware is a really good example of the, the blurring lines between security and backup and recovery. Of course. Uh, what role do analytics play in terms of providing transparency and identifying anomalous behavior in the whole ransomware equation? >>Well, the analytics are very important and I have to be really kind of be transparent, you know, VMs, backup company, right? We're not a security tool, but this is it's getting awfully close. And the, I don't want to say the long form historical definition of it. Security was something around this thing called a CIA triad, maintaining confidentiality, integrity, and availability of data. So security tools are really big on the confidentiality and integrity side of it. But on the availability side, that's ravine can come in. So the analytics come in to our play pretty naturally, right? We have, the Veem has had for years now, uh, an alarm that detects abnormal behavior in regards to CPU rights or CPU usage and disk, right IO. Like if there's both of those or abnormally high, that this is what we call possible ransomware activity. Or if we have a incremental backup, that is like 100% change rate, that's a bad sign, right. >>Things like that. And then the other angle is even on PCs desktops like this computer, I'm talking to you now on w we have just simple logic of, once you take a backup eject the drive. So it's offline, right? So analyzing where the threats come from, what kind of behavior they're going to have when we apply it to backup. Veem can have these built in analytic engines that are just transparently there for our customers. There's no deep reeducation necessary to use these, but the thought is we want a very flexible model. That's going to just provide simple ease of use, and then allow that protection with the threatscape to help it help the customers where we can, because no two ransomware threats are the same. That's the other thing. They are so varied in what they do everything from application specific to files. And now there's these new ones that upload data. The ransom is actually a data leak. They're not encrypting the data. They're just the ransom is to take down potentially huge amounts of data leakage, right? So, um, all kinds of threat actors out there for sure. >>You know, it's a last kind of line of questioning here. Rick is, as I've said, a number of times, it's just, it's ironic that we're entering this new decade in this pandemic hits. And everybody talks about the acceleration of certain trends. But if you think about the trends, you know, last decade, it's always performance and costs. We talked a lot about granularity. We talked about, you know, simplicity, you guys expanded your number of use cases. Uh, the, the support, the compatibility matrix, if you will, all those things are sort of things that you've executed on. As you look forward to this coming decade, we talked about cloud. I mean, we were talking about cloud, you know, back in the, in 2008, 2009 time frame, but it was a relatively small portion of the business. Now everybody's talking cloud. So cloud cloud, native DePaul discussion on ransomware and maybe even broader business resiliency, digital transformation, we've been, we've been given lip service in a lot of cases to digital transformation. All of a sudden that's changed. So as you put on, you pull out the telescope and look forward to the trends that are going to drive your thinking in themes, decision making. What do you look toward? >>Well, I think that laser focused on four things, backup solutions for cloud workloads, and there's incredible opportunity there, right? So yes, we have a great Azure story, great Amazon story. And in the keynote, we indicated the next cloud capability, but there's still more, there's more services in the cloud that we need to go after. There's also the sass pocket. We have a great office, three 65 story, but there's other SAS products that we could provide a story for. And then the physical and virtual platforms. I mean, I feel really confident there we've got really good capabilities, but there's always the 1%. And you know, what's in the corner. What's the 1% of the 1%, right? And those are workloads we can continue to go after. But my thought is, as long as we attack those four areas, we're going to be on a good trajectory to deliver on that promise of being that most trusted provider of cloud data management for backup solutions. >>So my thought here is that we're going to just keep adding products. And it's very important to make it sometimes a new product. We don't want to just bolt it on to backup and replication via 11 or be 10 for that, for that matter, because it'll slow it down, right? The cloud native products are going to have to have their own cadence, their own independent, um, development cycles. And they're going to move faster, right? Because they'll need to, so you'll, you'll see us continuing to add new products, new capabilities, and sometimes it'll, it'll intermix, you know, and that's, that's, that's the whole definition of a platform when one product is talking to another, from a management side, a control plane, given customer portability, all that stuff. So we're going to just go after a cloud, virtual, physical SAS, and new products and new capabilities to do it. >>Well, Rick, it's always a pleasure talking to you. Your home studio looks great. You look good. And, but, but nonetheless, hopefully we'll be able to see each other face to face here shortly. Thanks for coming on. >>Thank you, Dave. >>All right. And thank you for watching. Everybody's Dave Vellante and our continuous coverage of the Mon 2020, the online version of right back, right after this short break.