>>Welcome back to a blueprint for trusted infrastructure. We're here with Rob Emsley. Who's the director of product marketing for data protection and cyber security. Rob. Good to see you a new role. >>Yeah. Good to be back, Dave. Good to see you. Yeah, it's been a while since we chatted last and you know, one of the changes in, in my world is that I've expanded my responsibilities beyond data protection marketing, to also focus on cyber security marketing specifically for our infrastructure solutions group. So certainly that's, you know, something that really has driven us to, you know, to come and have this conversation with you today. >>So data protection obviously has become an increasingly important component of the cyber security space. I, I don't think necessarily of, you know, traditional backup and recovery as security it's to me, it's an adjacency. I know some companies have said, oh yeah, now we're a security company. They're kind of chasing the valuation for sure. Bubble. Dell's interesting because you, you have, you know, data protection in the form of backup and recovery and data management, but you also have security, you know, direct security capabilities. So you're sort of bringing those two worlds together and it sounds like your responsibility is to, to connect those, those dots. Is that right? >>Absolutely. Yeah. I mean, I think that the reality is, is that security is a, a multi-layer discipline. I think the, the days of thinking that it's one or another technology that you can use or process that you can use to make your organization secure long gone. I mean, certainly you actually correct. If you think about the backup and recovery space, I mean, people have been doing that for years, you know, certainly backup and recovery. It's all about the recovery. It's all about getting yourself backup and running when bad things happen. And one of the realities, unfortunately today is that one of the worst things that can happen is cyber attacks. You know, ransomware, malware are all things that are top of mind for all organizations today. And that's why you see a lot of technology and a lot of innovation going into the backup and recovery space, because if you have a copy, a good copy of your data, then that is really the, the first place you go to recover from a cyber attack. >>And that's why it's so important. The reality is is that unfortunately the cyber criminals keep on getting smarter. I don't know how it happens, but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have, they go after your, your backup data as well. So over the last half a decade, Dell technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery volts. And that is really the, you know, we've had many conversations about that over the years. Yeah. And that's really a big tenant of what we do in the debt protection portfolio. >>So this idea of, of cybersecurity resilience, that definition is evolving. What does it mean to you? >>Yeah, I think the, the analyst team over at Gartner, they wrote a, a very insightful paper called you will be hacked, embraced the breach. And the whole basis of this analysis is so much money's been spent on prevention is that what's outta balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked. You have to embrace that fact and be ready and prepared to bring yourself back into business. You know, and that's really where cyber resiliency is very, very different than cyber security and prevention, you know, and I think that balance of get your security disciplines well funded, get your defenses as good as you can get them, but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan, it's really the basis of any good solid data protection backup from recovery philosophy. >>So if I had to do a SWOT analysis, we don't have to do the w OT, but let's focus on the S what would you say are Dell's strengths in this, you know, cybersecurity space, as it relates to data protection. >>One is we've been doing it a long time. You know, we talk a lot about Dell's data protection being proven and modern. You know, certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't, as I mentioned to you, one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduce a little over five years ago, five, six years, power protect cyber recovery is something which has become a unique capability for customers to adopt on top of their investment in Dell technologies, data protection, you know, the, the unique elements of our solution already threefold, and it's, we call them the three eyes. It's isolation, it's a mutability and its intelligence. And the, the isolation part is really so important because you need to reduce the attack surface of your good known copies of data. >>You know, you need to put it in a location that the bad actors can't get to it. And that really is the, the, the, the essence of a cyber recovery vault. Interestingly enough, you're starting to see the market throw out that word, you know, from many other places, but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault, you know, allowing it to be controlled by your backup application. Our cyber recovery vaulting technology is independent of the backup infrastructure. It uses it, but it controls its own security. And that is so, so important. It's like having a, a vault that the only way to open it is from the inside, you know, and think about that. If you think about, you know, vaults in banks or vaults in your home, normally you have a keypad on the outside, think of our cyber recovery vault as having its security controlled from inside of the vault. >>So nobody can get in, nothing can get in unless it's already in. And if it's already in, then it's trusted. Exactly. Yeah, exactly. Yeah. So isolation's the key. And then you, you mentioned immutability is the second piece. >>Yeah, so I, mutability is, is also something which has been around for a long time. People talk about backup mutability or immutable backup copies. So immutability is just the, the, the additional technology that allows the data that's inside of the vault to be unchangeable, you know, but again, that immutability, you know, your mileage varies, you know, when you look across the, the different offers that are out there in the market, especially in the backup industry, you make a very valid point earlier that the backup vendors in the market seem to be security, washing their marketing messages. I mean, everybody is leaning into the ever present danger of cyber security, not a bad thing, but the reality is is that you have to have the technology to back it up, you know, quite literally, >>Yeah, yeah, no pun intended. Right. And then actually pun intended. Now what about the intelligence piece of it? That's that's AI ML, where does that fit >>For sure. So the intelligence piece is delivered by a solution called cyber sense. And cyber sense for us is what really gives you the confidence that what you have in your cyber recovery volt is a good clean copy of data. So it's looking at the backup copies that get driven into the cyber volt, and it's looking for anomalies. So it's not looking for signatures of malware. You know, that's what your antivirus software does. That's what your endpoint protection software does. That's on the prevention side of the equation. But what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good, and that when you get a request to restore and recover your business, you go right, let's go and do it. And you don't have any concern that what you have in the vault has been compromised. >>So cyber sense is really a, a unique analytics solution in the market, based upon the fact that it, it, isn't looking at at cursory indicators of, of, of, of, of malware infection or, or, or ransomware introduction it's doing full content analytics, you know, looking at, you know, has the data in any way changed, has it suddenly become encrypted? Has it suddenly become different to how it was in the previous scan? So that anomaly detection is very, very different. It's looking for, you know, like different characteristics that really are an indicator that something is going on. And of course, if it sees it, you immediately get flagged. But the good news is, is that you always have in the vault, the previous copy of good known data, which now becomes your restore point. >>So we're talking to Rob Emsley about how data protection fits into what Dell calls DT, I, Dell trusted infrastructure. And, and I'm, I want to come back Rob to this notion of, and, or cuz I think a lot of people are skeptical. Like how can I have great security and not introduce friction into my organization? Is that an automation play? How, how does Dell tackle that problem? >>I mean, I think a lot of it is across our infrastructure is, is security has to be built in, I mean, intrinsic security within our servers, within our storage devices, within our elements of our backup infrastructure. I mean, security, multifactor authentication, you know, elements that make the overall infrastructure secure. You know, we have capabilities that, you know, allow us to identify whether or not configurations have changed. You know, we'll probably be talking about that a little bit more to you later in the segment, but the, the essence is, is security is not, not a Bolton. It has to be part of the overall infrastructure. And that's so true, certainly in the data protection space, >>Give us the, the, the bottom line on, on how you see Dell's key differentiators. Maybe you could talk about Dell, of course always talks about its portfolio, but, but why should customers, you know, lead in to Dell in, in this whole cyber resilience space, >>You know, staying on the data protection space. As I mentioned, the, the, the work we've been doing to introduce this cyber resiliency solution for debt protection is in our opinion, as good as it gets, you know, the, you know, you've spoken to a number of our, of our best customers, whether it be Bob bender from founders, federal, or more recently at Delta arches world, you spoke to Tony Bryson yep. From the town of Gilbert. And these are customers that we've had for many years that have implemented cyber recovery volts. And at the end of the day, they can now sleep at night. You know, that's really the, the peace of mind that they have is that the insurance that a data protection from Dell cyber recovery vault a para protect cyber recovery solution, gives them, you know, really allows them to, you know, just have the assurance that they don't have to pay a ransom if they have a, an insider threat issue. And you know, all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from. >>Great, well, Rob, congratulations on the new scope of responsibility. I like how you know, your organization is expanding as the threat surface is expanding. As we said, data protection becoming an adjacency to, to security, not security in and of itself. A key component of a comprehensive security strategy. Rob Emsley. Thank you for coming back in the cube. Good to see you again. >>You too, Dave. Thanks. >>All right. In a moment, I'll be back to wrap up a blueprint for trusted infrastructure. You watching the cube.

(upbeat music) >> Welcome back to a Blueprint For Trusted Infrastructure. We're here with Rob Emsley. Who's the director of product marketing for data protection and cyber security. Rob, good to see you. A new role. >> Yeah. Good to be back, Dave. Good to see you. Yeah, it's been a while since we chatted last and, you know, one of the changes in my world is that I've expanded my responsibilities beyond data protection marketing to also focus on cybersecurity marketing specifically for our infrastructure solutions group. So certainly that's, you know, something that really has driven us, you know, to come and have this conversation with you today. >> So data protection obviously has become an increasingly important component of the cyber security space. I don't think necessarily of, you know, traditional backup and recovery as security, to me, it's an adjacency. I know some companies have said, oh, yeah. Now we're a security company. They're kind of chasing the valuation bubble. >> For sure. >> Dell's interesting because you have, you know, data protection in the form of backup and recovery and data management, but you also have security, you know, direct security capabilities. So you're sort of bringing those two worlds together and it sounds like your responsibility is to connect those dots. Is that right? >> Absolutely. Yeah. I mean, I think that the reality is is that security is a multi-layer discipline. I think the days of thinking that it's one or another technology that you can use or process that you can use to make your organization secure are long gone. I mean, certainly you actually correct. If you think about the backup and recovery space, I mean, people have been doing that for years, you know, certainly backup and recovery, it's all about the recovery. It's all about getting yourself backup and running when bad things happen. And one of the realities, unfortunately today is that one of the worst things that can happen is cyber attacks. You know, ransomware, malware are all things that are top of mind for all organizations today. And that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy, a good copy of your data, then that is really the first place you go to recover from a cyber attack. And that's why it's so important. The reality is is that unfortunately the cyber criminals keep on getting smarter. I don't know how it happens, but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have, they go after your backup data as well. So over the last half a decade, Dell Technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults. We've had many conversations about that over the years and that's really a big tenant of what we do in the data protection portfolio. >> So this idea of cybersecurity resilience that definition is evolving. What does it mean to you? >> Yeah, I think the analyst team over at Gartner, they wrote a very insightful paper called you will be hacked embrace the breach. And the whole basis of this analysis is so much money's been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked. You have to embrace that fact and be ready and prepared to bring yourself back into business. You know, and that's really where cyber resiliency is very, very different than cyber security and prevention, you know, and I think that balance of get your security disciplines well funded, get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan, it's really the basis of any good, solid data protection backup from recovery philosophy. >> So if I had to do a SWOT analysis, we don't have to do the WOT, but let's focus on the S. What would you say are Dell's strengths in this, you know, cyber security space as it relates to data protection? >> One is we've been doing it a long time. You know, we talk a lot about Dell's data protection being proven and modern. You know, certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't. As I mentioned to you, one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduce a little over five years ago, five, six years. Power protect cyber recovery is something which has become a unique capability for customers to adopt on top of their investment in Dell Technologies data protection, you know, the unique elements of our solution already threefold, and we call them the three Is. It's isolation, it's a immutability and it's intelligence. And the, the isolation part is really so important because you need to reduce the attack surface of your good known copies of data. You know, you need to put it in a location that the bad actors can't get to it. And that really is the essence of a cyber recovery vault. Interestingly enough, you're starting to see the market throw out that word, you know, from many other places, but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault, you know, allowing it to be controlled by your backup application. Our cyber recovery vaulting technology is independent of the backup infrastructure. It uses it, but it controls its own security. And that is so, so important. It's like having a vault that the only way to open it is from the inside, you know, and think about that. If you think about, you know, vaults in banks or vaults in your home, normally you have a key pad on the outside. Think of our cyber recovery vault as having its security controlled from inside of the vault. >> So nobody can get in, nothing can get in unless it's already in. And if it's already in, then it's trusted. >> Exactly, exactly. >> Yeah. So isolation's the key. And then you mentioned immutability is the second piece. >> Yeah, so immutability is also something which has been around for a long time. People talk about backup mutability or immutable backup copies. So I mutability is just the additional technology that allows the data that's inside of the vault to be unchangeable, you know, but again that immutability, you know, your mileage varies, you know, when you look across the different offers that are out there in the market especially in the backup industry. You made a very valid point earlier that the backup vendors in the market seem to be security washing their marketing messages. I mean, everybody is leaning into the ever present danger of cybersecurity, not a bad thing, but the reality is is that you have to have the technology to back it up, you know, quite literally >> Yeah, no pun intended. Right. Actually pun intended. Now what about the intelligence piece of it? That's that's AI, ML, where does that fit? >> For sure. So the intelligence piece is delivered by a solution called CyberSense. And CyberSense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data. So it's looking at the backup copies that get driven into the cyber vault, and it's looking for anomalies. So it's not looking for signatures of malware. You know, that's what your antivirus software does. That's what your endpoint protection software does. That's on the prevention side of the equation. But what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business, you go, right, let's go and do it. And you don't have any concern that what you have in the vault has been compromised. So cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at at cursory indicators of malware infection or ransomware introduction, it's doing full content analytics, you know, looking at, you know, has the data in any way changed, has it suddenly become encrypted? Has it suddenly become different to how it was in the previous scan? So that anomaly detection is very, very different. It's looking for, you know, like different characteristics that really are an indicator that something is going on. And, of course, if it sees it, you immediately get flagged. But the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point. >> So we're talking to Rob Emsley about how data protection fits into what Dell calls DTI, Dell Trusted Infrastructure. And I want to come back, Rob, to this notion of, and not or cause I think a lot of people are skeptical. Like how can I have great security and not introduce friction into my organization? Is that an automation play? How does Dell tackle that problem? >> I mean, I think a lot of it is across our infrastructure is is security has to be built in, I mean, intrinsic security within our servers, within our storage devices, within our elements of our backup infrastructure. I mean, security, multifactor authentication, you know, elements that make the overall infrastructure secure. You know, we have capabilities that, you know, allow us to identify whether or not configurations have changed. You know, we'll probably be talking about that a little bit more to you later in the segment, but the essence is security is not a Bolton. It has to be part of the overall infrastructure. And that's so true, certainly in the data protection space >> Give us the bottom line on how you see Dell's key differentiators. Maybe you could talk about Dell, of course, always talks about its portfolio, but why should customers, you know, lead in to Dell in this whole cyber resilience space? >> You know, staying on the data protection space as I mentioned, the work we've been doing to introduce this cyber resiliency solution for data protection is in our opinion, as good as it gets. You know, you've spoken to a number of our best customers whether it be Bob Bender from Founders Federal or more recently at (indistinct) you spoke to Tony Bryson from the Town of Gilbert. And these are customers that we've had for many years that have implemented cyber recovery vaults. And at the end of the day, they can now sleep at night. You know, that's really the peace of mind that they have is that the insurance that a data protection from Dell cyber recovery vault, a power protect cyber recovery solution gives them, you know, really allows them to, you know, just have the assurance that they don't have to pay a ransom. If they have an insider threat issue and, you know, all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from. >> Great. Well, Rob, congratulations on the new scope of responsibility. I like how, you know, your organization is expanding as the threat surface is expanding. As we said, data protection becoming an adjacency to security, not security in and of itself. A key component of a comprehensive security strategy. Rob Emsley, thank you for coming back in theCUBE. Good to see you again. >> You too, Dave. Thanks. >> All right, in a moment, I'll be back to wrap up a blueprint for trusted infrastructure. You are watching theCUBE. (upbeat music)

(upbeat music) >> Welcome to this CUBE Conversation. My name is Dave Vellante and we're going to talk about data protection in the age of ransomware. It's a top of mind topic. And with me are two great guests and CUBE alumnus, David Noy, Vice Presidents of Product Management at Dell Technologies and Rob Emsley, Director of Data Protection Product Marketing at Dell. Guys, welcome back to the CUBE, it's good to see you both. >> Oh, thanks so much, I appreciate it. Thanks for having us. >> Yeah, thanks a lot Dave. >> Hey David, let me start with you. Maybe we could look at the macro, the big picture at Dell for cyber security. What are you seeing out there? >> You know, I'm seeing an enormous amount of interest in cybersecurity obviously driven by a string of recent events and the presidential executive order around cybersecurity. Look, we're in unprecedented times where, you know, disaster readiness is not just about being prepared for a wildfire or a sprinkler going off in your data center. It's around a new class of malicious attacks that people just have to be ready for. And it's not even a question of if it's going to happen, it's a question of when it's going to happen. We know it's going to happen, you're going to get hit by them. And so we go beyond just thinking about, hey, how do you build in technical capabilities into the product to make it difficult for attackers? We actually want to get predictive. We want to use advanced technologies and capabilities like artificial intelligence and machine learning to go out and scan users environments and look at their data which is really the lifeblood of a business and say, hey, we can see that there is potentially an attack looming. We can start to look for dormant attack vectors. And as soon as something bad is happening because we know something bad is going to happen, we can help you quickly recover the restore or figure out which restore point to recover from so you can get your business back and operational as soon as possible. >> Great, thank you for that, David. Hey Rob, good to see you. You know, we've seen a lot of changes recently kind of as David was referencing, it used to be okay, cybersecurity, that's the domain of the SecOps team and, you know, the rest of the company said, okay, it's their problem. You know, data protection or backup, that was the backup admin. Those two worlds are kind of colliding together. We use terms like cyber resiliency now. It's a sort of super set of, if you will, of the traditional cybersecurity. So how can organizations get ahead of these cyber threats when you engage with customers? Do you have any sort of specific angles or tooling that you use to help? >> Yeah, Dave, there's a couple of things to unpack there. You know, I think one of the things that you call out is cyber resiliency. You know, I think there's a balancing act that customers are all working through between cybersecurity and cyber resiliency. On the left-hand side of the balancing act, it's, you know, how can I keep bad things out of my network? And the reality is that it's very difficult, you know, to do that. You know, there's many applications that customers have deployed to protect the perimeter. But as you know, many cyber threats, you know, are manifested from inside of the perimeter. So what we're seeing is customers starting to invest more in making themselves cyber resilient organizations, you know, and as David mentioned, it's not the if, it's the when. The question is, how do you respond to when a cyber attack hits you? So one of the things that we introduced pointing back six months ago is a globally available cyber resiliency assessment. And we worked in collaboration with the Enterprise Strategy Group and we put out a free online assessment tool to allow customers to really answer questions around, you know, a big part of the NIST framework, around detection, protection and recovery. And we give customers the opportunity to get themselves evaluated on, are they prepared? Are they vulnerable? Or are they just, you know, black and white exposed? You know, what we found over the last six months is that over 70% of the people that have taken this cyber resiliency assessment fall into that category of they're vulnerable or they're exposed. >> Right, thank you for that. Yeah, the guys at ESG do a good job in that they have deep expertise in that space. And David, Rob just talked about sort of the threats from inside the perimeter and, you know, any person, you don't even need a high school diploma to be a ransomwarist, you can go on the dark web. You can acquire ransomware as a service. If you have access to a server and are willing to put a stick in there and do some bad things or give credentials out, hopefully you'll end up in handcuffs. You know, but more often than not, people are getting away with really, you know, insidious crime. So how is Dell, David helping customers respond to the threat of ransomware? >> So, you know, as I mentioned earlier, the product approach is pretty sophisticated. You know, you're right, somebody can come and just put a USB stick into a machine or if they have administrative access, they can figure out a code that they've either been given because, you know, the trust has been placed in the wrong place or they've somehow socially engineered out of someone. Look, it's not enough to just say, I'm going to go lock down my system. Someone who's gained access can potentially gain access to other systems by hopping through them. We take a more of a vault based approach which means that when you create a cyber vault, it's essentially locked down from the rest of your environment. Your cyber criminal is not able to get to that solution because it's been air gapped. It's kept somewhere else completely separate from other network but it also has keys and to the keys to the kingdom or that it opens up only at a certain time of day so it's not vulnerable to coming in at any time. It goes and requests data, it pulls the data and then it keeps that immutable copy in the vault itself. So the vault is essentially like a gated off, modded off environment that an attacker cannot get into. If you find that there was an attack or if an attack has occurred in which an attack will occur sooner or later, you then can basically prevent that attacker from getting access into that vaulted environment before that next opening event occurs. We also have to go back and look at time because sometimes these attackers don't instantiate all at once, I'm going to basically go and encrypt all your data. They take a more of a graduated approach. And so you have to go and look at patterns, access patterns of how data has actually changed and not just look at the metadata, say, okay, well, it looks like the data changed at a certain time. You have to look at the data contents. You have to look at the, if there's a file type. Often times, you can actually analyze that as well and say, hey, this given file whether it's a PowerPoint file or an Excel file or one of the a hundred or a thousand different file types should look like this, it doesn't look like that inside. What are many of the solutions that look for these attackers do is they're just looking at metadata access and then potentially just entropies or how fast things are changing. Well, it's changing faster than it normally would. That's not enough. And the attackers are just going to get smarter about how they go and change things. They're going to change it so that they don't change file suffixes or they don't change them with a very high entropy rate. And without using some kind of a system that's actually constantly tuning itself to say, hey, this is how these attack vectors are evolving over time, you're going to miss out on these opportunities to go and protect yourself. So we have also a constantly evolving and learning capability to go in and say, okay, as we see how these attack vectors are evolving to adapt to the way that we defend against them, we're going to also (audio glitches) other practices to make sure that we account for the new models. So it's a very adaptable kind of, it really is artificial intelligence form of protecting yourself. >> Can I ask you a question, David, just a follow-up on the immutable copy? Where does that live? Is it kind of live on prem? Is it in the cloud, either? >> Both, so we have the ability to put that on prem. We have the ability to put that in a second data center. We have the ability to keep that actually in a colo site so basically, completely out of your data center. And we've got the ability to keep that in the cloud as well. >> The reason I ask is because I just, you know, putting my paranoid SecOps hat on and I'm no expert here but I've talked to organizations that say, oh yeah, it's in the cloud, it's a service. Say, okay, but it's immutable? Yeah, it's write once, read many. You can't erase it. I go, okay, can I turn it off? Well, no, not really. Well, what if I stopped paying for the service? Well, we'd send a notice out. I said, okay, wait a minute. So am I just being too paranoid here? How do you handle that objection? >> Of turning it off? >> Yeah, can I turn it off or can you make it so that nobody can turn it off? >> Oh yeah, that's a good question. So actually what we're building into the product roadmap is the ability to that product actually self inspect and to look at. Whether or not even the underlying, so for example, if the service is running in a virtual machine. Well, the attacker could say, let me just go attack the virtual machine and it infect it and basically turn itself off even in an on-prem, nevermind in the cloud. And so we're looking at building or we're building into the roadmap, a lot more self inspection capabilities to make sure that somebody isn't going to just shut down the service. And so that kind of self resiliency is critical even to a vaulted solution which is air gapped, right? To your point. You don't want someone going, well, I can just get around your solution. I'm just going to go shut it down. That's something that we're getting at. >> So this talks, I think for the audience, this talks it's like an ongoing game of escalation and you want to have a partner who has the resources to keep up with the bad guys cause it's just the constantly, you know, upping the ante, Rob, you guys do a survey every year, the Global Data Protection Index. Tell us about that. What are the latest results? You survey a lot of people. I'm interested in, you know, the context of things like remote work and hybrid work, it's escalated the threat. What are you seeing there? >> Yeah, so as you mentioned, the Global Data Protection Index, we survey over a thousand IT executives, you know, around the globe. And in the most recent study, we absolutely started to ask questions specifically around, you know, customer's concerns with regards to cybersecurity. And we found that over 60% of the customer surveyed, you know, really are concerned that they don't feel that they are adequately prepared to respond to cyber threats that they see, unfortunately on a day-to-day basis. You know, certainly, you know, as you mentioned, the work from anywhere, learn from anywhere reality that many customers are dealing with, you know, one of the concerns that they have is the increased attack surface that they now have to deal with. I mean, the perimeter of the network is now, you know, much broader than it ever has been in the past. You know, so I think all of this leads, Dave, to cybersecurity discussions and cyber resiliency discussions being top of mind for really any CIO, their CSO in any industry. You know, in the days of old, you know, we used to focus at the financial services industry, you know, as, you know, a bunch of customers that we, you know, could have very relevant conversations with but now, you know, that is now cross industry-wide. There isn't a vertical that isn't concerned about the threats of cyber security and cyber attacks. So, you know, when we think about our business especially around data vaulting with our PowerProtect portfolio but also with our PowerScale portfolio, with our unstructured data storage solutions. You know, when we're really having constant conversations of brand, how do you make your environment more cyber resilient? And, you know, we've been seeing, you know, rapid growth in both of those solution areas, both implementing extensions of customers, backup and recovery solutions, you know, but also, you know, in the environments where, you know, we're deploying, you know, large scale unstructured storage infrastructure, you know, the ability to have real-time monitoring of those environments and also to extend that to delivering a vaulted solution for your unstructured storage are all things that are leading us to, you know, work with customers to actually help them become more cyber resilient. >> Great, thanks. The last question and maybe for both of you. Maybe Rob you start and David you can chime in. I'm interested in what's exciting you guys, what's new in the portfolio, are there new features that you're delivering that map to the current market conditions? I mean, your unique value proposition and your capabilities have shifted. You have to respond to the market changes over the left last 18 to 24 months whether it's cyber, ransomware, the digital transformation, what's new in the portfolio and what's exciting you guys. >> So Dave, yes, so quite recently we, you know, as well as, you know, running an event specifically to talk about protection and the age of ransomware and to discuss many of the things that we've covered on this call. You know, data protection is still a foundational technology to help customers become, you know, more secure and, you know, reduce their risk profiles. So innovation that we delivered very recently, you know, it's really in three specific areas, you know, VMware Data Protection, NAS Data Protection and then, you know, also, you know, we introduced a tech preview of a direction that we're taking to expand the scalability and manageability of our PowerProtect appliances. So transparent snapshots delivers capabilities to help customers better protect their VMware environment without the concern of disrupting their production applications when they're doing backup and recovery of virtual machines. Dynamic NAS protection moves away from the age old mechanism of NDMP and provides a much more performance and scalable solution for protecting all of that unstructured data running on NAS infrastructure. And then last but not least to say the tech preview of Smart Scale which is our new solution and architecture to allow customers to pull together multiple power of attack appliances within their data sensors and give them a much easier way of managing the PowerProtect appliances that they have and scaling them environment by implementing a federated namespace to align on them to get support in that environment. >> Nice, some great innovations there. All right, David bring us home. What's exciting you? You shared a little bit with the roadmap of... >> Yeah, look, I think all of this is about operations today. Every enterprise is 24/7. It doesn't matter what vertical you're in, right? Downtime is unacceptable. And whether that means whether it's downtime because you got hit by a malicious attacker, it means downtime because you were caused by disruption of virtual machine instances to Rob's point during the backup process. And we can't interrupt those processes, we can't impact their performance. It means, you know, making sure that your largest unstructured repositories in NAS deployments can be backed up in a time that makes sense so that you can meet your own SLAs. And it means that with a smart scale product there are ability to go and say, okay, as you're expanding your backup target environment, we can do that in a seamless fashion without disrupting your backup operations and your day-to-day operations. All of this is around making sure that we minimize the amount of disruption that our end users experience either because of malicious attacks or because of day-to-day operations and making, you know, making sure that those businesses really can operate 24/7. And that is the crux of a really true enterprise solution for data protection >> Guys, very important topic, really appreciate you coming on the CUBE. Great conversation and keep up the good work of protecting our data. >> Well, Dave, thanks. >> Thanks Dave. >> All right, and thanks everybody for watching this CUBE conversation. This is Dave Vellante and we'll see you next time. (gentle music)

overnight covid completely exposed those companies that were really not ready for the digital age there was a mad rush to the cloud in an effort to reshape the very notion of business resiliency and enable employees to remain productive so that they continue serve customers data protection was at the heart of this shift and cloud data protection has become a fundamental staple of organizations operating models hello everyone this is dave vellante and welcome to this cube conversation i'm joined by two long time friends of the cube rob emsley is the director of product marketing at dell technologies and stephen manley is the chief technology officer at dhruva guys great to have you on the program thanks for being here yeah great to be here dave this is the high point of my day dave all right i'm glad to hear it stephen it's been a while since we missing you guys so tell you face-to-face maybe it'll happen before 22. but we haven't aged a bit david ditto listen we've been talking for years about this shift to the cloud but in the past 12 months boy we've seen the pace of workloads that have moved to the cloud really accelerate so rob maybe you could start it off how do you see the market and perhaps what are some of the blind spots maybe that people need to think about when they're moving workloads so fast to the cloud yeah good question dave i mean you know we've spoken a number of times around how our focus has significantly shifted over the last couple of years i mean only a couple of years ago you know our focus was you know very much on on-premise data protection but over the last couple of years you know more workloads have shifted to the cloud you know customers have have started adopting sas applications and and all of these environments uh you know are creating data that is is so critical to these customers to protect you know so you know we've definitely found uh the more and more of our conversations have been centered around what can you do for me when it comes to protecting workloads in the cloud environment yeah now of course stephen this is kind of your wheelhouse how how are you thinking about the these market shifts yeah you know it's interesting and the data protection market heck the data market in general you know you see these these these sort of cycles happen and and for a long time we had a cycle where applications and environments were consolidating a lot it was all vms and oracle and sql and and we seem to be exploding out the other way to this there's a massive sprawl of different types of applications in different places like rob said you've got microsoft 365 and you've got salesforce and you've got workloads running in the cloud the world looks different and and you add on top of that the the new security threats as people move into the cloud i mean we you know a number of years ago we talked about how ransomware was an emerging threat we're way past emerging into you know there's a ransomware attack every six seconds and everybody wakes up terrified about it and so so so we really see the market has shifted i think in terms of what the apps are and also in terms of what the threats and the focus uh has come into play right well thanks for that there's there's some hard news which we're going to get to but but before we do rob stephen was mentioning the sas apps and we've been sort of watching that space for a while but a lot of people will ask why do i need a separate data protection layer doesn't my sas provider protect my data don't they replicate it they're they're cloud vendors why do i need to buy yet another backup product yeah there's there's a fairly common misconception dave you know that both sas application vendors and and and cloud vendors you know inherently are you know providing all of the data protection that you need um the reality is that they're not you know i think when you think about a lot of the data within those environments you know certainly they're focused on providing availability you know an availability you know is absolutely one thing that you can for the most part rely on the uh the cloud vendors uh to deliver to you but when it comes to actually um protecting yourself from you know accidental deletion you know protecting yourself from uh cyber threats and cyber crime that may infect your data you know through malicious acts you know that's really where you need to supplement the environment that the cloud providers provide you you know with you know best-in-class data protection solutions you know and this is really where you know we're really looking to introduce new innovations into the market you know to really really help customers you know with their client-based data protection yeah now you got some news here uh but let's kind of dig in if we we could to the to the innovations behind that maybe rob you could you could kick it off and then stephen will bring you in yeah so first piece of news that we're really happy to announce is the introduction of a new dell emc paraprotect backup service which is a new cloud data protection solution powered by druva you know hence you know the reason that stephen and i are here today it's designed to deliver additional protection without increasing it complexity so what powered by druva what does that mean can you add some color to that absolutely so you know when we really started looking at the expansion of our powerpatek portfolio you know we already have the ability to deliver both on-premises protection and to deliver that same software within the public cloud from a a paraprotect software delivery model but what we really didn't have within the portfolio is a cloud data protection platform and we really looked at you know what was available in the market we looked at our ability to develop that you know ourselves and we decided that the best path for our customers to bring capabilities to them as soon as we possibly could was to partner with druva you know when we really looked at the capabilities that that druva has been delivering for many years you know the capabilities that they have across many dimensions of of of cloud-based workloads and we're already engaged with them probably about six months ago you know first introduced druva as a an option uh to be resold by ourselves uh salesforce and partners and then we're pleased to to introduce uh a dell emc branded service power protect backup service okay so just one more point of clarification then stephen i want to bring you in so we're talking about this includes sas apps as well i'm talking 365 the google apps which we use extensively with crm salesforce for example what platforms are you actually you know connecting to and providing protection for yeah so the the real priority for us was to was to expand our power protect portfolio to support a variety of sas applications you mentioned you know uh real real major ones with respect to microsoft 365 um google workplace as well as um as uh as salesforce but the other thing that we also get with patek backup service is the ability to provide a cloud-based data protection service that supports endpoints such as laptops and desktops but also the ability to support hybrid workloads so for some customers the ability to use private backup service to give them support um for virtual machine backups both vmware and hyper-v but also application environments like oracle and sql and lastly but not least you know one of the things that backup service also provides when it comes to virtual machines is not only virtual machines on-premises but also virtual machines within the public cloud specifically vmware client on aws so stephen i i mean i i i remember i was talking to just several years ago and i've always liked sort of the druva model but it felt at the time you're like a little ahead of your time but boy the market has really come to you maybe you could just tell us a little bit more about the just generally cloud-based data protection and and the sort of low down on on your platform yeah and again i think you're right the market has absolutely swept in this direction like we were talking about with applications in so many places and endpoints in so many places and data centers and remote offices with data sprawled everywhere we find customers are looking for a solution that can connect to everything i i don't want seven different backup solutions one for each of those things i want one centralized solution and so kind of a data protection as a service becomes really appealing because instead of setting all of these things up on your own well it's just built in for you uh and and then the fact that it's it's as a service helps with things like the ransomware protection because it's off site in another location under another account and so we really see customers saying this is appealing because it helps keep my costs down it helps to keep my complexity down there's fewer moving parts and one of the nicest things is as i move to the cloud i get that one fixed cost right i'm not i'm not dealing with the oh wow this this bill is not what i was expecting it just comes in with with what i was what i was carrying and so it really comes down to as you go to the cloud you want a platform that's that's got everything built in uh something that and let's face it dell emc is is this this is this has always been the case you know that storage of last resort that backup that you can trust right you want something with a history like you said you've been talking to jaspreet for a while druva is a company that's got a proven track record that your data is going to be safe and it's going to be recoverable and you're going to want someone that can innovate quickly right so that as more new you know cloud applications arise you know we're there to help you protect them as they emerge so so talk a little bit more about the timing i mean we talked earlier about that okay covered really forced to shift to the cloud uh and you guys clearly have skated to the puck and you also you referenced sort of new workloads and and i'm just wondering how you see that from a you know timing standpoint and at this moment in time why this is such a you know the right fit yeah we we've seen a lot of customers over the last again 12 months or so you know one really accelerate their shift to things like sas applications microsoft 365 you know and and we're not just talking exchange online and onedrive but sharepoint online microsoft teams really going all in because they're finding that as as i'm distributed as i have a remote workforce my endpoints became more important again but also the ability to have collaboration became important and the more i depend on those tools to collaborate the more i'm depending on them to to replace what used to be in-person meetings where we could have a whiteboard and discuss things and it's it's done through collaboration online tools well i need to protect that not just because the data is important but because that's not how my business is running and so that entire environment is important and so it's really accelerated people coming and looking for solutions because they've realized how important these environments and this data is so stephen you mentioned you guys i mean i obviously have a track record but you got some vision too and i want to sort of poke at that a little bit i mean essentially is is what you're building is an abstraction layer that is essentially my data protection cloud is that how we should think about this and you've got your reference pricing i've seen your pricing it's clean it looks to me anyway like a like true cloud pricing gonna dial it up dial it down pay as you go consume it as you as you wish maybe talk about that a little bit yeah i mean i think if you think about the future of uh uh of consumption is that you know so many customers are looking for different choices than what many vendors have provided them in the past you know i think that you know the the days of of going through a you know a long procurement cycle and uh you know working through purchasing in order to get a big capital expense approved you know is it's just not the way that many of our customers are looking to operate now so i think that you know one of the things that we're looking at you know across the portfolio you know whether or not it be you know on-premises solutions or or cloud-based services is to provide all of that capability as a service you know i think that that will be you know a real future point of of arrival for us is we really rotate to offer that across all of our capabilities dave you know whether or not it be you know in the domain of storage or in the domain of data protection the concept of everything as a service is really something which is going to become more of the norm you know versus the exception so what does a customer have to do to be up and running what's that experience like is this going to log on and and everything's sort of you know there to them they what do they see what's the experience like yeah well that's one of the great things about parapatek backup service is that you know once the customer has has has worked through their you know their their uh their dell technologies you know sales uh team or their or their dell technologies partner you know they effectively you know get an activation um you know code to to sign up and and set up their credentials with powerpit backup servers and once they actually do that you know one of the things that they don't have to worry about is the deployment of the infrastructure the infrastructure is always on ready to go so what they do is they simply point powerpit backup service at the data sources that they wish to protect you know and that's one of the the great advantages around you know a sas based data protection platform you know and it's one of the things that that makes it very easy to get customers up and running with powerpath backup service so i'm guessing you have a roadmap you may be you maybe not you may be holding out on us and some of the other things that you're doing in this space but but what can you tell us about about other things you might be doing or that might be coming what can we expect well i mean you know dave that one of the things that you know we always talk about it's the power of the portfolio so so with the addition of private backup service it's not the only news that we're making with respect to cloud data protection you know i mentioned earlier that uh we have the ability to deploy our on-premises solutions in the public cloud with powerprotect data manager and our powerprotect virtual appliances you know and with this uh announcement that brings backup service into the portfolio we're also uh pleased to expand our support of the public cloud with full support of google cloud platform making powerprotect data manager available in the google marketplace and then lastly but not least you know our other cloud snapshot manager offering you know is now also fully integrated with our powerprotect virtual appliances to allow customers to store uh aws snapshots in a deduplicated fashion within aws s3 so that's an excellent capability that we've introduced to reduce the cost of storing um aws infrastructure backups for longer periods of time so really you know we've really continued to double down in bringing new cloud data protection capabilities to our customers wherever they may be yeah nice now steven you guys must be stoked have a partner like dell just massive distribution channel i wonder if you could give us any final thoughts you know thoughts on on the relationship how you see the future unfolding yeah i mean and obviously i've got you know history with with dell and emc and rob and one of the things you know i think dell's always been fabulous at is giving customers the flexibility to protect their data when they want how they want where they want with the investment protection but if it shifts over time they'll be there for them right going all the way back to the data protection suite and all those those those fantastic things we've done historically and so it's it's really it's great to to align with somebody that's got the same kind of values we do which is at druva it's that same model right wherever you want to protect your data wherever it is we're going to be there for you and so it was great that i think dell and druva both saw this demand from our customers and we said you know this is the right match right this is how we're going to help people keep their data safe as they start you know and continue and extend their journeys to the cloud and so you know dell proposes the the power protect backup service powered by druva and and everybody wins the dell's customers are safer dell completes its offering and let's face it it does help druva accelerate our momentum so this is this is this is and it's a lot of fun just hanging out with the people i used to work with especially wrong it's good seeing him again well you guys both have kind of alluded to the portfolio and the optionality that dell brings to its customers but rob you know i'll give you the final word a lot of times optionality brings complexity but this seems to be a really strong step in the direction of simplifying the world for your customers but rob i'll give you the last word yeah for sure i mean we've always said that it's not a one-size-fits-all world you know i think that you know one of the things that this um evolution of our powerpatek portfolio brings you know is an excellent added option for our customers you know many of the customers if not almost all of the customers that we currently sell to you know have a requirement for sas application protection you know many of them now especially after the last year have an added um sensitivity to endpoint protection you know so so those two things alone you know i think are are two things that all dell technology customers can really take advantage of with the introduction of private backup servers you know this is just a continued evolution of our uh capabilities to bring innovative data protection for multi-cloud workloads that last point is a great point about the endpoints because you got remote workers so exposed guys thanks so much for sharing the announcement details and the relationship and really good luck with the offering we'll be watching thanks dave thanks dave and thank you for watching this cube conversation this is dave vellante for the cube we'll see you next time you

(upbeat music) >> Overnight COVID completely exposed those companies that were really not ready for the digital age. There was a mad rush to the cloud in an effort to reshape the very notion of business resiliency and enable employees to remain productive so that they continue serve customers. Data protection was at the heart of this shift and cloud data protection has become a fundamental staple of organizations operating models. Hello, everyone. This is Dave Vellante and welcome to this CUBE conversation. I'm joined by two longtime friends of theCUBE, Rob Emsley is the director of product marketing at Dell Technologies. And Stephen Manley is the Chief Technology Officer at Druva. Guys, great to have you on the program. Thanks for being here. >> Yeah, great to be here, Dave. >> This is the high point of my day, Dave. >> I'm glad to hear it, Stephen. It's been a while since we... Missing you guys to tell you face to face maybe it'll happen before 22, >> We haven't aged a bit, Dave. >> (laughing) Ditto. Listen, we've been talking for years about this shift to the cloud. In the past 12 months, boy, we've seen the pace of workloads that have moved to the cloud really accelerate. So Rob, maybe you could start it off. How do you see the market and perhaps what are some of the blind spots maybe that people need to think about when they're moving workloads so fast in the cloud? >> Yeah. Good question Dave. I mean, you know, we've spoken a number of times around how our focus has significantly shifted over the last couple of years. I mean, only a couple of years ago, our focus was very much on on-premise data protection, but over the last couple of years, more workloads have shifted to the cloud. Customers have started adopting SaaS applications and all of these environments are creating data that is so critical to these customers to protect, we've definitely found that more and more of our conversations have been centered around what can you do for me when it comes to protecting workloads in the client environment? >> Yeah. Now of course, Stephen, this is kind of your wheelhouse. How are you thinking about the these market shifts? >> Yeah. You know, it's interesting in the data protection market. heck the data market in general, you see these sort of cycles happen. And for a long time, we had a cycle where applications and environments were consolidating a lot. It was all VMs and Oracle and SQL and we seem to be exploding out the other way to this massive sprawl of different types of applications in different places. Like Rob said, we've got Microsoft 365 and you've got Salesforce and you've got workloads running in the cloud. The world looks different. And you add on top of that the new security threats as people moving to the cloud. A number of years ago we talked how ransomware was an emerging threat. We're way past emerging into... there's a ransomware attack every six seconds and everybody wakes up terrified about it. And so we really see the market has shifted I think in terms of what the apps are and also in terms of what the threats and the focus and this that's come into play. >> Right. Well, thanks for that. There's some hard news which we're going to get to, but before we do, Rob, Stephen was mentioning the SaaS apps and we've been sort of watching that space for a while but a lot of people will ask why do I need a separate data protection layer? Doesn't my SaaS provider protect my data? Don't they replicate it? They're cloud vendors, why do I need to buy yet another backup product? >> Yeah, that's a fairly common misconception, Dave, that both SaaS application vendors and cloud vendors, inherently are providing all of the data protection that you need. The reality is that they're not, you know I think when you think about a lot of the data within those environments, certainly they're focused on providing availability. And availability is absolutely one thing that you can, for the most part, rely on the cloud vendors to deliver to you. But when it comes to actually protecting yourself from accidental deletion. Protecting yourself from cyber threats and cyber crime that may infect your data through malicious acts, that's really where you need to supplement the environment that the cloud providers provide you, with best in class data protection solutions. And this is really where, waywardly looking to introduce new innovations into the market to really, really help customers with that cloud based data protection. >> Yeah. Now you got some news here. Let's kind of dig in, if we could, to the innovations behind that. Maybe Rob, you could kick it off and then, Stephen, we'll bring you in. >> Yeah. So first piece of news that we're really happy to announce is the introduction of a new Dell EMC PowerProtect backup service which is a new cloud data protection solution powered by Druva, hence the reason that Stephen and I are here today. It's designed to deliver additional protection without increasing IT complexity. >> So powered by Druva. what does that mean? Can you add some color to that? >> Absolutely. So, when we really started looking at the expansion of our PowerProtect portfolio, we already have the ability to deliver both on-premises protection and to deliver that same software within the public cloud from a PowerProtect software delivery model. But what we really didn't have within the portfolio is a cloud data protection platform. And we really looked at what was available in the market. We looked at our ability to develop that ourselves. And we decided that the best path for our customers to bring capability to them as soon as we possibly could was to partner with Druva. And we really looked at the capabilities that Druva has been delivering for many years, the capabilities that they have across many dimensions of cloud-based workloads. And we already engaged with them probably about six months ago, first introduced Druva as an option to be resold by ourselves, Salesforce and partners. And then we're pleased to introduce a Dell EMC branded service PowerProtect backup service. >> Okay, so just one more point of clarification, then, Stephen, I want to bring you in. So we're talking about... this includes SaaS apps as well, I'm talking 365, the Google apps which we use extensively, CRM, Salesforce, for example. >> Absolutely. >> What platforms are you actually connecting to and providing protection for? >> Yeah, so the real priority for us was to expand our PowerProtect portfolio to support a variety of SaaS applications. You mentioned, real major ones with respect to Microsoft 365, Google workplace, as well as Salesforce. But the other thing that we also get with PowerProtect backup service is the ability to provide a cloud-based data protection service that supports endpoints such as laptops and desktops but also the ability to support hybrid workloads. So for some customers the ability to use PowerProtect backup service to give them support for virtual machine backups, both VMware and Hyper-V, but also application environments like Oracle and SQL. And lastly, but not least, one of the things that backup service also provides when it comes to virtual machines is not only virtual machines on premises, but also virtual machines within the public cloud, specifically VMware cloud on AWS. >> So, Stephen, I remember I was talking to Jaspreet several years ago, and I've always liked sort of the Druva model but it felt at the time you were like a little ahead of your time, but boy, the market has really come to you. Maybe you could just tell us a little bit more about the just generally cloud-based data protection and the sort of low down on your platform. >> Yeah, and I think you're right, the market has absolutely swept in this direction. Like we were talking about with applications in so many places and end points in so many places and data centers and remote offices with data sprawled everywhere. We find customers are looking for a solution that can connect to everything. I don't want seven different backup solutions, one for each of those things, I want one centralized solution. And so kind of a data protection as a service becomes really appealing because instead of setting all of these things up on your own, well, it's just built in for you. And then the fact that it's as a service helps with things like the ransomware protection because it's off site in another location under another account. And so we really see customers saying this is appealing because it helps keep my costs down. It helps keep my complexity down. There's fewer moving parts. And one of the nicest things is as I move to the cloud I get that one fixed cost, right? I'm not dealing with the, oh, wow, this bill is not what I was expecting. It just comes in with what I was carrying. And so it really comes down to, as you go to the cloud, you want a platform that's got everything built in, something that, and let's face it, Dell EMC, this has always been the case, that storage of last resort that backup that you can trust, right? You want something with a history, like you said, you've been talking to Jaspreet for awhile, Druva is a company that's got a proven track record that your data is going to be safe and it's going to be recoverable and you're going to want someone that can innovate quickly, right? So that as more new cloud applications arise, we're there to help you protect them as they emerge. >> So talk a little bit more about the timing. I mean, we talked earlier about, okay, COVID really forced this shift to the cloud and you guys clearly have skated to the pocket and you also... You referenced sort of new workloads and I'm just wondering how you see that from a timing standpoint. And at this moment in time why this is such a, you know, the right fit. >> We've seen a lot of customers over the last again 12 months or so, one really accelerate their shift to things like SaaS applications, Microsoft 365, and we're not just talking exchange online and One Drive, but SharePoint online, Microsoft teams, really going all in because they're finding that, as I'm distributed, as I have a remote workforce, my end points became more important again, but also the ability to have collaboration became important. And the more I depend on those tools to collaborate, the more I'm depending on them to replace what used to be in-person meetings where we could have a whiteboard and discuss things. And it's done through collaboration online tools. Well, I need to protect that. Not just because the data's important, but because that's now how my business is running. And so that entire environment is important. And so it's really accelerated people coming and looking for solutions because they've realized how important these environments and this data is. >> So, Stephen, you mentioned that you guys, I mean, obviously you have a track record but you got some vision too. And I want to sort of poke at that a little bit. I mean, essentially is what you're building is an abstraction layer that is essentially my data protection cloud. Is that how we should think about this? And you've referenced pricing, I've seen your pricing, it's clean. It looks to me anyway like a true cloud pricing. Going to dial it up, dial it down, pay as you go, consume it as you wish. Maybe talk about that a little bit. >> Yeah. I mean, I think if you think about the future of consumption is that so many customers are looking for different choices than what many vendors have provided them in the past. I think the days of of going through a long procurement cycle and working through purchasing in order to get a big capital expense approved it's just not the way that many of our customers are looking to operate now. So I think that one of the things that we're looking at across the portfolio, whether or not it be on premises solutions or cloud-based services, is to provide all of that capability as a service. I think that that will be a real future point of arrival for us as we really rotate to offer that across all of our capabilities, Dave, whether or not it be in the domain of storage, or in the domain of data protection, the concept of everything as a service is really something which is going to become more of the norm versus the exception. >> So what does a customer have to do to be up and running? What's that experience like, is he just going to log on and everything's sort of there to them, what do they see? What's the experience like? >> Yeah, that's one of the great things about PowerProtect backup services, that once the customer has worked through that, their Dell technologies sells a team or the Dell technologies partner, they effectively get an activation code to sign up and set up the credentials with PowerProtect backup service. And once they actually do that, one of the things that they don't have to worry about is the deployment of the infrastructure. The infrastructure is always on ready to go. So all they do is they simply point PowerProtect backup service at the data sources that they wish to protect. That's one of the great advantages around a SaaS based data protection platform and it's one of the things that makes it very easy to get customers up and running with PowerProtect backup service. >> So I'm guessing you have a roadmap, you may be, you may be not, you may be holding out on us in some of the other things that you're doing in this space, but what can you tell us about other things you might be doing or what might be coming? What can we expect? >> Well, I mean, Dave, that one of the things that we always talk about is the power of the portfolio. So, with the addition of PowerProtect backup service, it's not the only news that we're making with respect to client data protection. You know, I mentioned earlier that we have the ability to deploy our on premises solutions in the public cloud with PowerProtect data manager and our PowerProtect virtual appliances, and with this announcement that brings backup service into the portfolio. We're also pleased to expand our support of the public cloud with full support of Google cloud platform, making PowerProtect data manager available in the Google marketplace. And then lastly, but not least, you know our other cloud snapshot manager offering is now also fully integrated with our PowerProtect virtual appliances to allow customers to store AWS snapshots in a debilitative fashion within AWS S3. So that's an excellent capability that we've introduced to reduce the cost of storing AWS infrastructure backups for longer periods of time. So really, we've really continued to double down in bringing new client data protection capabilities to our customers, wherever they may be. >> And nice to have, Stephen, you guys must be stoked to have a partner like Dell, a massive distribution channel. I wonder if you could give us any final thoughts, thoughts on the relationship, how you see the future unfolding. >> Yeah, I mean, and obviously I've got history with Dell and EMC and Rob. And one of the things I think Dell has always been fabulous at is giving customers the flexibility to protect their data when they want, how they want, where they want, with the investment protection that if it shifts over time, they'll be there for them, right. Going all the way back to the data protection suite and all those fantastic things we've done historically. And so it's really, it's great to align with somebody that's got the same kind of value as we do, which is with Druva, it's that same model, right? Wherever you want to protect your data, wherever it is, we're going to be there for you. And so it was great that I think Dell and Druva both saw this demand from our customers. And we said, this is the right match, right? This is how we're going to help people keep their data safe as they start and continue and extend their journeys to the cloud. And so, Dell proposes the PowerProtect backup service powered by Druva. And everybody wins. The Dell's customers are safer. Dell completes this offering, and let's face it, it does help to really accelerate our momentum. So this is and it's a lot of fun just hanging out with the people I used to work with especially it's good seeing them again. >> Well, you guys both have kind of alluded to the portfolio and the optionality that Dell brings to its customers, but Rob, you know, I'll give you the final word. A lot of times optionality brings complexity, but this seems to be a really strong step in the direction of simplifying the world for your customers. But, Rob, we'll give you the last word. >> Yeah, for sure. I mean, we've always said that it's not a one size fits all world. You know, I think that one of the things that this evolution of a PowerProtect portfolio brings is an excellent added option for our customers. Many of the customers, if not, almost all of the customers that we currently sell to, have a requirement for SaaS application protection. Many of them now, especially after the last year, have an added sensitivity to endpoint protection. So those two things alone I think are two things that all Dell technology customers can really take advantage of with the introduction of perhaps that backup service. This is just a continued evolution of our capabilities to bring innovative data protection for multi-cloud workloads. >> That last point is a great point about the end points because you've got remote workers, so exposed, guys, thanks so much for sharing the announcement details, and the relationship, and really good luck with the offering. We'll be watching. >> Thanks, Dave. >> Thanks Dave. >> And thank you for watching this CUBE conversation. This is Dave Vellante for theCUBE. We'll see you next time. (soft music)

>> We're back with Rob Emsley who's the director of product marketing for Dell EMC's data protection division. Rob, good to see you. >> Hi, Dave, good to be back. >> So we just heard from Beth about some of the momentum that you guys have. From your perspective, from a product angle, what is really driving this? >> Yeah, well, one of the things that we've definitely seen is as we talk to our customers, both existing and new customers, cloud journeys is top of mind for all of the CIOs. It's being driven by either the desire to drive efficiency, take out costs, and data protection is one of the most common use cases. One of the things that we find is there's four use cases for data protection that we see. Long term retention of data, cloud disaster recovery, backup to the cloud, and the emerging desire to stand up new applications in the cloud that need to be protected. So backup in the cloud really completes the four major use cases. >> Well, one of the things I think is really important in this market is that you deliver optionality to your customers. So how are customers enabling these use cases? >> Yeah, so the first two use cases of long terms retention and cloud disaster recovery is really driven by our software and our appliances. Both of those are really predicated based upon the assumption that customers are going to deploy data protection on premises to protect their on premises workloads and then tier to the cloud, or, which is becoming more common, use the cloud as a disaster recovery target. It's delivered by our data protection software and that's either in a software form factor or that software delivered and integrated appliance form factor. >> So let's talk about purpose built backup appliances. I think our friends at IDC I think coined that, they tracked that market for awhile, you guys have been a leader there, the acquisition of Data Domain obviously put you in a really strong position. Give us the update there. Is it still a vibrant market? Is it growing, what's the size? What's it look like? >> Yeah, so as we look at 2020, IDC forecasts the market size to be a little under $5 billion. So it's still a very large market. The overall market is growing at a little over 4%. But the interesting thing is that if you think about how the market is made up, it's made up of two different types of appliances. One is a target appliance, such as Data Domain and the new PowerProtect DD, and the other is integrated appliances where you integrate the target appliance architecture with data protection software. And it's the integrated appliance part of the market that is really growing faster than the other part of the PBBA market. It's actually growing at 8%. In fact, IDC's projection is that by 2022, half of the purpose built backup appliance market will be made up of integrated appliance solutions. >> So it's grown to twice the overall market rate, but you guys have two integrated appliances. Why two, how should people think about those? >> Yeah, so a little under three years ago, we introduced a new integrated appliance called the Integrated Data Protection Appliance. It was really the combination of our backup software with our Data Domain appliance architecture. And the Integrated Data Protection Appliance has been our work course for the last three years, really allowing us to support that fastest growing segment of the market. In fact, last year, the Integrated Data Protection Appliance grew by over 100%. So triple digit growth was great. It's something that allows us to address all market segments, all the way down to SMB all the way to the enterprise. But last year, one of the things you may remember at Dell Technologies World is we introduced our PowerProtect portfolio and that constituted PowerProtect Data Manager our new software defined platform as well as the delivery of PowerProtect Data Manager in an integrated appliance form factor with PowerProtect X400. So that's really our new scale out data protection appliance. We've never had a scale out appliance in the architecture before, in the portfolio before, and that gives us the ability to offer customers choice, scale up, or scale out, integrated and target, and with the X400, it's available as a hybrid configuration or it's also our first all Flash architecture. So really, we're providing customers with the existing software solutions that we've had in the market for a long time, an integrated form factor, with the Integrated Data Protection Appliance as well as the brand new software platform that will really be our innovation engine. That will be where we will be looking at supporting new workloads and certainly leaning into how we support cloud data protection in the hybrid cloud reality of the next decade. >> Okay, so one of the other things I want to explore, is we've heard a lot about your new agile development organization, Beth has talked about that a lot, and the benefit, obviously, is you're able to get products out more quickly, respond to market changes, but ultimately the proof is in translating that development into product. What can you tell us about how that's progressing? >> Yeah, so certainly with PowerProtect Data Manager and the X400, that really is the epicenter of our agile product development activities. We've moved to a three month cadence for software releases, so working to deliver small batch releases into the market much more rapidly than we've ever done before. In fact since we introduced PowerProtect Data Manager where we shipped a first release in July, we're now at the third iteration of PowerProtect Data Manager and therefore the third iteration of the X400 appliance. So there's three things that I'd like to highlight within the X400 appliance specifically. First is really the exciting news that we've introduced support for Kubernetes, so we're really the first large enterprise data protection vendor to lean into providing Kubernetes data protection. So that becomes vitally important especially with the developments over at our partner in VMware with vSphere 7, with the introduction of Tanzu, and the reality is that customers will have both vSphere virtual machines and Kubernetes containers working side by side and both of those environments need to be protected. So PowerProtect Data Manager and the X400 appliance has that support available now for customers to take advantage of. Second, we talk about long term retention of data in the cloud. The X400 appliance has just received the capabilities to also take part in long term retention to AWS. So those are two very important cloud capabilities that are brand new with the X400 appliance. And then finally we introduce the X400 appliance with a maximum configuration of four capacity cubes. Rough and tough that was 400 terabytes of usable capacity. We've just introduced support of 12 capacity cubes. So that gives the customers the ability to scale out the X400 appliance from 64 terabytes all the way to over a petabyte of storage. So now if you look at our two integrated appliances, we now cover the landscape from small numbers of terabytes all the way through to a petabyte of capacity whether or not you pick a scale up architecture or a scale out architecture. >> Yeah, so that really comes back to the point I was making about optionality. Kubernates is key. It's going to be a linchpin, obviously, a portability for multi cloud sets that up. As we've said, it's not the be-all end-all, but it's a really necessary condition to enable multi cloud which is fundamental to your strategy. >> Absolutely. >> All right, Rob, thanks very much for coming to theCUBE. It's great to have you. >> Thanks, Dave. >> And thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (bright music)

>> From the SiliconANGLE Media office in Boston, Massachusets, it's the Cube! Now, here's your host, Dave Vellante. >> We're back with Rob Emsley, who's the Director of Product Marketing for Dell EMC Data Protection Division. Rob, good to see you. >> Oh, good to be back, Dave. >> Yeah, so we heard from Beth about some of the momentum, the pivot-to-cloud. What's fueling this from you standpoint. >> I think one of the things that most people know, is that if you're a C-I-O today, is that you have to be looking at how you're going to make use of the cloud. And data protection is one of the easiest ways of getting into, kind of your cloud journey Whether it be using the cloud as a backup target, or a backup to the cloud. Using cloud for longterm retention. And we're moving away from on premises or off premises, backup storage using the cloud for that. Using cloud for disaster recovery, standing up copies of your production environment when you need to in the case of a disaster in the cloud. Or if you've deployed applications in the cloud, backing up in the cloud. So protecting the data that that's in the cloud applications. >> That's a good point. it's actually a pretty low risk choice to use the cloud for a data product. There was an article in the wall street journal the other day and they had these experts talking about how should you protect data? And a lot of them were saying, "Well, I might protect it two, three, four times." Is that kind of what they're doing in the cloud? I mean, I can say it's a safe bet, right? >> Yeah, it is. I think the idea of using the cloud for longterm retention, I mean, so many customers, they use their backups as an archive of the history of their production systems. And one of the things though is that architecture in that situation does actually matter. So one of the things that we've been able to do is we've been able to take our on premise appliance technology that we've had in the market for many years with date domain. And our power protect DD. I've been able to take that technology, put it into a software defined architecture and deploy it in AWS, Azure, GCP. So that really allows us to bring the duplication into cloud economics. So people always say, "Oh, cloud is cheap." But you still get a bill every month. So if we can reduce the size of that bill, customers say, "Oh, that's an actually good architecture to use." So that's a big benefit. >> Yeah. And they can put that money elsewhere. So is that really how customers are enabling all these various use cases that you're talking about? >> Certainly from a longterm retention to the cloud perspective, the ability to tear to the cloud from on premises appliances, whether it be a target appliances with power protect DD or integrated appliances, letting the integrate data protection appliance or the power protect X 400. So a very easy use of the cloud as a target. So after 14 days of on premise retention, you move that data off into the public cloud. >> So let's talk about purpose-built backup appliances that was a booming market. Data domain kind of took off, got the lead. EMC obviously acquired them. Now it's Dell EMC and it's a critical part of your portfolio. Can you give us the update on what's happening in that space? >> Yeah, so still it's a big market. I think in 2019 it probably was a $3 billion market. Rough and tough. We're still very fortunate that the customers still vote with their hardened budgets to choose Dell EMC purpose-built backup appliances to put into their on premise locations to store their backups. Certainly the market is divided between two types. One is target appliances and the other is integrated on the target appliance side. We've been lucky enough to, with the acquisition of data domain and now with the new Power protect DD appliances, we already maintain a really significant market share position with those The target clients is very useful, they can be used with our software, they can be used with third party software. It's kind of a, we need a default solution for target based appliances comes from Dell EMC. But what's changed is integrated appliances have become sort of much more interesting to customers as they start thinking about what they do next with their backup software. The form factor that they like to use is an integrated appliance, >> But you still got two integrated appliances. How should customers think about those in terms of strategic fit? >> Yeah, so we introduced our first integrated appliance by combining our data in the main technology with our backup software. And we introduced the integrated data protection appliance into the market in 2017. So think of that as our scale up architecture, bringing our backup software together with our D duplication storage highly integrated with the client, the cloud's hearing, cloud AR. and that's been a very fast growing part of our portfolio. In fact, through the first three quarters of last year as trapped by IDC, we actually grew that business by over 157%. So in a very, very good way of consuming backup software and appliances. But as you mentioned, last year was a big year for us because we introduced our first scale out appliance with the power protect X 400. So not only was it our first scale out, we offered it in both a hybrid form factor, but also an all flash form factor. So that was something that really, really leans into sort of our next generation of appliances. We started using something called multidimensional appliance portfolio scale up, scale out, hybrid or flash, integrated or target. So it's really the focus of giving customers a choice of how they actually consume data protection for us. >> we've talked in the cube a lot about these data protection market, how it's evolving, extending into data management. We talked today about cloud. I want to ask you as somebody who's been in the industry, you've seen a lot of different approaches. I was commenting recently on the amazing transformation of Dell, Dell technologies, from largely a PC company with an enterprise business that was, you know, okay. But not nearly as what it is today, what amazing transformation, 90 plus billion dollar company. You left when it was EMC and now you've come back in Dell technologies, there's been a really a much greater emphasis on speed agility of the AC cloud. How do you see the culture generally and in specifically within the data protection division? >> Yeah, good question. I think that one of the biggest changes for me is the increase in time to market being so important the ability to rapidly evolve your solutions to meet market requirements. One of the things that the data protection division has done is they've truly embraced agile at scale product development. So if you think about our power protect portfolio, specifically the X 400 appliance and the power protect data manager software that powers it is that's on a three month release cadence. So that gives us the ability to rapidly provide net new functionality to our customers. That in the days of our older products is that even though those have also evolved to a more regular release cadence, that used to be the time between releases was often measured in a year to 18 months. And that's completely different now since I've come back. So that really gives a marketeer the ability to really lean into communicate into the market on a much more regular basis. Having a more of a continuous theme to deliver. So if you think about our theme for this year, cloud data protection is really the focus of what we're talking to the market about and VM-ware and cyber recovery is on how those relate to our client deck protection theme is really what we'll be using to communicate and then be supported by these regular releases into the market. >> Well, the focus on acceleration, cultural agility it's key. You guys are a leader. Everybody wants a piece of you, you're hired, you're not just going to let them take it. So you need that type of discipline to really continue to drive innovation in the marketplace. Rob, thanks so much for coming on The cube was great to have you. >> Thanks Dave. >> You're welcome. And thank you for watching everybody. We'll see you next time. (upbeat music)

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum, World 2019 brought to you by IBM Wear and its ecosystem partners. >> Welcome back inside the Moscow The Center. We're here, Mosconi North, Wrapping up our coverage here. Veum World 2019 Glad to have you with us here on the Cuba's. We continue our 10th year of 10th consecutive year of coverage here of the events to minimum, along with John Wall's joined now by Robin's Lee, who was director of data protection, product marketing and L E M C Rob. Good to see you, sir. >> Hey, Joan. >> So you almost want to walk to the first person I saw when I walked in the room the other day? >> You. And >> now you won't be one of the last on effort to tell Shy, Who is the director of Data protection and Cloud native APS. Adele AMC Effort. Good to see you, sir. Good to see you. Yeah, First off, let's just let's just talk about the world of data protection in general here by sucking multi and hybrid and all these things. Your world's changing a little bit, right? Because of these new environments in these new opportunities. So if you could just paint that 30,000 foot picture first off thematically, how how your world is evolving. >> Yeah. I mean, I think the key would indebted protection is data, you know, and I think that wherever it is created, and wherever it is managed, customers need to look after it. You know this? The old adage that there's only two things that customers worry about one is their employees, and two, is there data. So as we've seen the adoption of of Cloud is a A zone infrastructure model on you're starting to see many customers extend their own premises infrastructure to the cloud on using the cloud for production level applications. They realize that on often they're told, you gotta do something about your data. So that's led to all vendors and especially ourselves over the last several years, really expanding the portfolio and the capabilities that we have from a non premises centric environment to the multi class. >> Yeah, so every ah, a lot of discussion about kubernetes. Before we get into that, you've got cloud native in your title, and Rob talked about data and talk about the applications I'm hoping you can bring us inside is to you know, what's different when we're talking about cloud native applications that from a data protection standpoint, you know, what do you have to think about differently? Is it the micro Service's architecture in containers Fundamentally changed the way things are done, is it, You know, similar what we've done in the past? >> Definitely. We see customers. Some customers are taking what they head back now and they move it in tow. Cloud native infrastructures. A lot of customers are building new applications and new workloads, and they build it on top off new applications. So they basically building a whole new set off applications and infrastructure and want to combine in together and they come to us on Dad, ask us, How do I protect this? And these things spin up, spin down, move around. They have very different life cycle than the traditional applications. >> Okay, Yeah, it's funny. You know, Rob, I think back to you know, it's like tape. You know how we dealt this because of the environment versus disc versus, you know, containerized application. Buoyed by the time I want to set something up isn't that gone and things move around all over the place. It's You gotta put a different different types of environments than you need to span. All of these >> I was chatting with with every earlier, and we were talking about what? What's what's changed, kind of in the last couple of years around the deployment and usage of of kubernetes, the deployment of containers. And after he was saying that one of the most fundamental changes is the introduction of persistent volumes on a Sooners. Persistency comes into the mix. You know, that's where things start to change. And, you know, Jeffrey's phone started ringing with respect to hate. What are you doing to bring dead protection into you know, this environment? >> I think two years ago, everything was Toby stateless on then suddenly, people understand that's not enough. You need to add states some states to existing applications. And then the notion of persistent volumes came along and then customers and developers so that it's actually working quite nicely. And they started relying more and more on moving more state in tow, their applications running on containers, environments. So the first thing that customers ask us about is where I store my data. Where's the primary volume that is done by our storage folks? The next question is, how do I protect my data? And this is where we come into the picture. And we offer an architecture that is built for containers environment and takes care off that life cycle that we talked about before. Containers are coming and going. You need to protect the data and the containers, the data and the meta data together in order to bring that protection level of customers. Looks from, >> you know, as as the concerns about data protection have been elevated now and sea sweet discussions now, um has that created a different approach, or maybe a change of tone or tenor from your clients to you, because the discussions are being elevated in their own businesses. And and so there's Is there a different kind of attention being paid to this or different kinds of concerns that maybe 34 years ago? Yeah, >> I mean, it's interesting. I mean, one of things we were on every couple of years is a ah, global study. We called it the Global Day Protection Index. This year, we we interviewed 2200 i t. Decision makers and we kind of asked them about you know, how how are they value in dead protection and also how the valuing data and the one thing that has definitely changed is that the value of data to them has become Maur critically important. I think it's always been important, but I think you know, if they start thinking about data is capital, you know they are starting to realize that it's only capital if you've got it. If you don't have it, it's It's nothing Thio >> and it's only yours if you have it. Well, yeah, and nobody else. Absolutely. Right here. >> Every kubernetes courses open source and everybody's got what they're what they're doing in it. You've got announcement, some work you're doing with VM, where it's open source. Also bring us inside a little bit. Valero, how did we get to this point? You know this, you know, part of the C n c f. Yet it kind of being submitted, or how does that fit into the whole community? >> Yeah, sure. So, as you said and we talked about earlier this week with Beth and people at the protection announcements We are working with collaboration with Valero now part off Veum, where in orderto being that data protection solution So Valero is an open source projects. It's out there in the open. You have thousands off stars get up. Stars are very popular among the Dev Ops community about communities users you can hear about it from customers that are looking for for solutions. There is very good at backing up cluster containers and applications. And we have a lot of experience in enterprise data protection making sure that you have a solution that, um, has compliance reporting. You contract your data, you can define policies scheduling all of that eso we are combining these two and collaborating with Valero in orderto have a solution that answers. Boston is off the back of that mean and they just want to go home knowing that the production environment is protected, the and the develops people in the communities administrators and they just want toe, get the volume and forget about the protection. Everybody can work in their environment with the tools that they know with permissions that they want, and they can both work together and be happy. And the companies that we work with are the ones that have good relationship between the devil steam and the backup administrators. And they see that the same table and talk to us, and everybody tells us what they want and what they need. As a result, we build a solution so that we'll be able to answer the needs of both of them. >> So do you have to build sometimes those relationships within a company to get them to talk or collaborate in a more conducive environment cause you see all kinds, right? I mean, you see, the full range just talked by then a free that some very successful, some very constructive, maybe some that that aren't on the same page agent. So that's almost part of your responsibility. Coming before you even get to where you could talk about the work, we've got to talk about the collaboration. Yeah, that they're not area >> we really come When there is a story, people try to move their applications to production. The developers are really already working on something, and now the developers want volumes on the I T ops people. Tell them No, no, no. If you can't protect it. According to our rules. We will not pass the audience. We can do that for you, and that creates the friction inside those teams in the organization that we talked with. There is recognition off that already and now they come together to the table and they want to hear something that would they would be able to work with us both on the management on the I T ops and and management on cube control and what develops people are using. >> And it's it's large companies that are coming in talking to us. And I think, you know, when you get a large companies, quite often you have some more of these things different fiefdoms of, of, of users inside. But because they're large companies, they have, you know, certain requirements from regulations and compliance is perspective. So they have those concerns, but and every has been saying is we look at the early design partners, customers that were looking to work with, you know, the big the big companies coming to us. >> Rob, can you just help us understand? We talked about Valero there says some open, soft, soft, soft words. That's the power tech. Just sit on top of that >> s Oh, it's a great question. So, you know, as you know, we introduced power protects after exile technologies world. It started shipping to customers at the end of July. And Coop, in any support, is really the first example of what we said that we were going to be able to do, which is more rapidly bring new workload to new capabilities into our power, protect softer offering than we've ever been able to do before. You know, we're really embarking on a quarterly release cadence, you know, which will allow us to, you know, to do things that, you know in our existing portfolio are released cadences. What's being measured in in many, many months and quite often is long as a year and beyond. So what we will do is the tech preview that we that we announced this week. You know, we will roll that out in a nup coming release in production on that will become available to any of the parent protect software users. So right within the power protect software match me interface. You know that has the VMS support Oracle sequel in file systems. We'll add the additional workload support have been able to protect kubernetes using the same workloads, the abilities to create protection policies and I'm interested every is is with protection policies. Because that she was saying about how the environment can change quite rapidly is that by using a policy, you don't need to watch for those changes as changes happen, the policy. We'll keep track of what it needs to do as far as protecting the new applications as they come up and have to go away. >> What happens is the ones we find. The policies are the arty operations in the back apartments. They want to comply with the rules that they have, and they define the gold, silver, bronze policies, whatever have you and then they can give it to the Cuban, said Means. And, the criminalist admits, can say OK, these are my volumes. These are more applications I will just use keep control and potatoes objects We will discover that will automatically create a schedule that would create that that backup. So in essence, the community suddenly doesn't need really need to care about the compliance rules they need to care about policies and the Becca pod mean can take care of other wrist >> and the applications of driving the policies and not not the other way around. >> Yeah, I mean, the creepiest ad means are used to defining policies in terms of five day provisions, their storage, for example. We want to do the same in the data protection area. >> So as far as things like retention periods, as far as whether or not the data needs to be replicated, where not the data needs to be a tear to the cloud that those are all things that the I T admin team can do on it sort of separates kind of orchestration and governance is, is a big part of perfect ex often >> love to get your viewpoint on is data protection historically was not one of the faster moving things in the I T. Realm Last two or three years at VM World, it's been one of the hottest topic, I said. You know, the keynote on Monday felt like we were kubernetes world. Not quite Cube con just yet, because there's a lot of projects there, but I walked down to the the show floor. It's not storage world like Thursday. Its data protection world is Cygnus lots of glowing parties of people so that customers, you know, the embracing change. And what does that mean for your portfolio? >> Yeah, I mean, it's interesting. I mean, I think over the years, if you think about where you go if you want to learn about data protection, VM world is probably one of the best shows to go to because >> we're >> all here. I mean, I mean, you know when you know, you know, I've you know, I've been crazy enough to be in the debt protection business for almost 15 years now. Um, and it hasn't changed. If you if you want to talk to data protection vendors than VM World, is a really good show to go to. You know, I think that that for us, you know what I am. Where has done is It's It's It's It's It's provoked provided a common foundation, you know, And that's also providing a common foundation to get us from on premises into the multi cloud environment. So once she developed, um uh, great data protection solutions in the van, where environment is that you're your target market becomes quite broad because, you know, there's so much VM were virtual ization out there in the market, but you're absolutely correct. Is that you on the show floor? And it's It's It's an interesting sight >> thinking. In addition to that, you also have obviously been at this in the show, and I think what we have seen over the last couple of years is that customers were coming tow us, asking for solutions. And this is why we were able, with the power, protect architecture and platform to innovate more quickly and respond to those faster changing trends. Because now you have persistency of volumes. Now you have protection. The M were acquired. Help tell, you know, we could work together on creating the solution. >> Yeah, absolutely. Have we've been at the Cube contract for number years. Help Theo. Of course, the president's last year VM were had a bigger presence, but that maturation of the storage component with something we knew would take time. You know, we watched it in the virtual ization world. Those of us that lived through that, you know, 10 to 15 years ago and container ization. It's starting to reach that maturity, and we're getting that inflection point >> if you also want to think about the announcement that path made on the keynote on Monday where he said we're goingto work much more with park protects, toe address, spot data protection capabilities. This is one of the things we're collaborating With the help to your team, we're contributing to the open source. We're building together things that can move in the pace off communities and address the needs off our more legacy. Companies that needed protection with complaints. >> So, Rob, that will keep you in business for another 15 years? >> I hope >> so, gentlemen. Thanks for the time. Thank you. Appreciate that. Especially on your birthday. Right? Tomorrow. Tomorrow, Right here. Tomorrow. Your birthday home for that Happy early birthday. >> Thank you very much. >> We should have a cute cake, but should especially >> the end of the day. >> I know, I know. I'll end of the day. We got something better than a cake. Gentlemen. Thank you again. Thanks. We'll be back in a little bit. Streaming content. Continuing coverage here. Avian World 2019 with some final thoughts from our panelists. Just a little bit. See on the other side for that

>> Live from Las Vegas, it's theCube covering Dell Technologies world 2019 brought to you by Dell Technologies and its ecosystem partners. >> Good afternoon and welcome back to theCube day three of our live coverage of Dell Technologies World 2019, I'm Lisa Martin with my co-host Dave Vellante. Hey, Dave. >> Hey, Lisa, how's it going? >> Good. Day three. >> It's cold here. >> It's cold in here. I agree. But we're going to lighten it up with some really good conversation. We've got Rob Emsley back on thCube, Director of Product Marketing for data protection, Dell EMC, Rob, great to have you back. >> Great to be back. >> We got show and tell you brought Adam Schmitt network architect from customer GEI consultants. Welcome, Adam. >> Thank you-- >> Time to heat it up. >> What a great topic he's out with data protection. >> It's a hot topic. You're right. All right. So before we turn the way up on the seat, Adam, give us an overview of GEI Consultants who you guys are, what you do. >> Sure, GEI consultants is an environmental water resources, structural an engineering firm, we focus on anything and everything under the sun from structural geotechnical, bio chemical, you know, pretty much anything and everything engineering. >> So important stuff. Talk to us about before you were using working with Dell EMC, talk to us about your, your infrastructure, on prem, hybrid, what were you doing in terms of ensuring that that data was protected was accessible, so insights can be extracted from it? >> Absolutely. So GEI has 43 offices East to West Coast, and each of those offices has their own actual infrastructure that we have to protect at each site, ranging anywhere between three to 15 terabytes of size. So we're talking a lot of data and a lot of different geographical locations that I as a network architect had to worry about protecting, and one of the challenges of our older infrastructure, we were running 40 servers, just doing file level backups and restores, and we didn't have the ability to do any offline site backups in any locations. Now, we did have those in our primary data centers, and we were able to cross backup from each location to another when necessary, but it was, again, only a file level backup, it wasn't an actual full image, and we didn't have a full cloud picture yet that we could expand on going forward. >> So not a really robust data disaster recovery strategy in the event that you had to get something like that. >> It took several times and there are examples that I could give you office lost hardware in their actual infrastructure and we had to do a restore by restoring the files out an off site location, putting it on a USB hard drive and shipping it to that location, and then having to rebuild the infrastructure from the ground up and copy the data over not a timely manner of free storage. >> Or inexpensive. >> Robin, in the old days, you'd have an admin in the remote office, they load in a tape and it did recycle the tape every day, you know, you'd have it for a week, and then you'd reuse the same tape over and over again. That was the architecture, state of the art back then. >> Yeah, you probably remember something for those ads, there was a picture of a slightly undesirable individual and says, would you like this person to be your backup admin, which I thought was a little bit strange. But now I think things have moved on a little bit. >> What's the architecture look like today? >> Well, you know, one of the things in architecture is a very key word, because we have a belief in a saying that architecture matters, and when you have a distributed network, where you have lots of edge locations, and you have the requirement to protect them, and bring them back to the edge, the architecture that you deploy, really does make a difference. You know, there's a famous Star Trek line, I've heard it a few times this week that you cannot change the laws of Physics, and the amount of data that you move from the edge to the core, you want to make it as small as possible because if you don't, the amount of time that it takes to get data protected from the edge, especially you have lots of edges becomes a real constraint. So that was something which you know, GEI was able to take advantage of. >> So can you do that at speed? Doesn't that change the laws of Physics anyway? We don't go there, okay, so I wonder if you could share with us kind of how you came to this spot? What was life like before? Did you look at any other vendors, you know, paint the picture for us. >> So working with the Dell EMC technical team, as well as the DPS sales team, we were able to come up with a different strategy going forward. But it wasn't after a lot of trial and error when doing proof of concepts with other companies that, you know, made promises that they could do the backups that we needed off site at different locations geographically, but when it came down to it, we were going to have to fork up a lot of money for infrastructure being installed at every single location, whereas Dell EMC, I don't have to deploy any or any hardware, all I had to deploy was a virtual appliance at each location and we were successful in backing up remotely, we tried various technologies that claim that they could do it, and they didn't work successfully. So after a lot of trial and error, roughly, in total about a year's worth of trying, we finally got Dell EMCs technical team and the DPS came on board and we sat down in front of a whiteboard in Boston, Massachusetts, and said, this is what we're trying to paint as a picture, help me paint this as a full blown architecture and make this happen in this design fashion, and luckily, the Dell EMC team was so experienced and has so many different strategies that they can focus on, they were able to take every little thing that we needed, mark every checkbox and deliver a package with DPS for our solution in our own architecture that answered all of my questions instantly. >> You said virtual appliance it's got to run on something. So what is that actually? It's like serverless, right? >> So we have a physical infrastructure at every location, I deployed a virtual CentOS box, that's proxy that talks back to my data domain and communicates the CVT data changes back for backup. So it's not doing a full consecutive backup. That leaves a lot of headroom left over on your actual production server, so that it's not pegged while staff are using it. So I can kick off backups during the day, it takes a snapshot, and then the data gets backed up without anybody knowing. >> So this is really important as you said, Rob, you can't change the law of Physics. I imagine you got a straw and you got to put all this data through. It's like, it's like when you backup your iPhone for the first time it takes forever now. So you're talking about, you know, changed, just checking the changed data, and putting it through that straw, even though it's maybe a little bigger than a straw, so each day, it's just a smaller amount of data, okay, but what happens on a restore? >> On a restore same instance. So we'll restore that file, if we're doing the file level restore to the data domain, and then copy it wherever we need to on the network. Or if we're doing a full image based backup, we can restore that either to the cloud disaster recovery into AWS or Azure, or we can restore it to the actual data domain and Vmotion it wherever we need to after that point. >> So let's talk about business impact Sounds like there was a lot of trial and error, as you explained, really needing to work with a strategic partner who said all right, I get what you're trying to do, obviously, not easy, but you've been able to implement that. So how is GEI's business positively benefiting from this data protection strategy that you've implemented? >> Well, not just on a financial perspective, because we've eliminated the need for a completely separate off site data center, we have everything running in a cloud environment for CDR, so that we can restore instantly anytime that we need to, so we no longer needed to spend the footprint on another network architect on another infrastructure on all the different things that rely on another infrastructure at a separate location, so on top of financial savings for the company, I mean, we saved a huge amount of money, they're on infrastructure, that's only for disaster recovery, it's not doing anything, whereas we can just spend money on object storage in AWS, and use that as our cloud disaster recovery strategy. When you need it, you pay for it for your instances but otherwise, you're just paying for object storage, it's a lot cheaper than ever having to run a full separate data center. >> Specifically what is Dell's role in that equation in terms of the value chain? >> The data domain, we also got CDR, which allows us to use an appliance on premise to talk to an instance server in AWS or Azure, and it after its normal backup period, the backup completes and then shoots all the data that changed up to AWS in an S3 Bucket, and your data stored there and in a VMDK chunk data, that after need for restore can be turned into an AMI for AWS available, and then online whenever you need it. >> So this is very key, you know, on Tuesday, cloud was a big topic, hybrid cloud reality for the majority of customers and Adam and GEI the leverage of AWS is a great example of what many of our clients are looking to do from their investment in the public cloud. Certainly no GEI today is using AWS as a alternative to having to purchase a secondary disaster recovery site, or having to sign up with a managed service provider that's providing like a co-location service for disaster recovery, so using the public cloud and using the software capabilities around cloud disaster recovery, gives them a tremendous opportunity to save themselves a lot of money and do it very efficiently. >> It's like though friends don't let friends build data centers just for DR. Yeah, if you're going to build it for something that gives you a competitive advantage, okay. >> But it's interesting with some of the plans that Adam's got for the future, you know, you want to share some of those as far as what you're thinking about for the next few years. >> So future plans for GEI is definitely more cloud growth and minimizing the footprint that we have on premise, making it so that we don't have to have infrastructure at every location, consolidation of all of our data, obviously, going forward, GEI is going to continue growing with data, with videos that were modeling for different damn inspections, levy inspections, we're collecting a lot of data. But the problem is having that data geographically everywhere makes it challenging for future admins, including myself to continue to restore and backup and keep everybody happy. It's a really challenging task to continue supporting. So going forward with consolidating all that data into a central location, i.e. multi cloud environments, or Dell EMC cloud that was announced this week, we have the option for leveraging multi cloud instances, and being able to keep all of our instances alive in the cloud, rather than on premise. >> So you said put it on one location you talking physically or is it some kind of logical mapping that you're doing? >> There'll be logical mapping with some type of caching technology at the off site so that it's ready and available-- >> So a mapping that allows you to recover really fast if you need to, what about as part of that future in the roadmap, analytics on that of backup data? >> So the analytics on in terms of how much backups are going on on a nightly basis-- >> So specifically, are you using that corporate for any other reason? Well, let's see, might be looking at anomalous behavior, doing stuff with with air gaps, and you know, investigating that other DevOps activities. >> It's interesting that you say that because we were talking about a Data Domain having an air gap last night, at an event and the air gap method, making sure that your data domain is protected, it puts it in a right only mode, so that nobody can get into your data domain and actually do any damage to your data. Because you're right, you're backing out. There are anomalies that happen. If those anomalies happen to get into your infrastructure into your data backups, you could technically get ransomware or you know, locked out of your own data. Whereas Data Domain does support air gap technology, allowing you to lock down the system and require two admins before any changes are made to it. So definitely going-- >> Read only, read only. >> I think I heard that. But it's it's a good question with respect to data reuse is that, you know, the use case that Adam is currently using is to use AWS as a disaster recovery location, but the ability to spin up his data within AWS, yes, for the purpose of insurance, being able to access those production copies within AWS. But why not be able to use those for other purposes, such as interrogation of the data that was in them? That's all things that really start to evolve the conversation from what do you do for data protection to what do you do for data management? >> Yeah, so let's use some of the tool chains in live in AWS, say for example, apply some machine intelligence and machine learning and see what we find there, maybe anticipate anomalies or find some things that we didn't know. >> Absolutely, especially when users are dumping large amounts of data, we had an instance where before we started to actually seeing large data dumps when our data started to grow in the first place, we were inspecting levees and models in Colorado, and we had three engineers fill up an entire server of 4k videos, and our nightly backup all of a sudden said, Hey, you just got a huge amount of data change in an instant. Were you expecting this kind of change? If not, you should probably start knocking on someone's door, so we were able to use that analysis really quickly. >> So looking at day three of Dell Technologies World lots of announcements, Robbie, you kind of talked about some of those, you know, cloud enabled data protection becoming a big focus for you guys, I'm curious, Adam, to get your thoughts on some of the announcements. You mentioned the VMware on Dell, a cloud on Dell EMC, what are some things that really kind of piqued your interest as, hey, we're going to have more and more data coming, we've got lots of edge devices, they talked yesterday about the edges coming what did you hear that you thought, awesome, this is really going to be integral part of our strategy going forward? >> Definitely, so one thing that was mentioned was Power Protect, and that has everybody's interest right now. Because having the ability of basically an Avamar system with all flash or a Data Domain with all flash gives you obvious IO advantages in the future, that's probably going to be my next hot topic that I'm very vigorously researching everything out to see if in a couple of years or sooner that's going to fit into GEI's infrastructure and give us more benefits going forward. >> What's your biggest data protection challenge in 2019? >> Our biggest challenge up front was definitely moving from one backup strategy to a new backup strategy and that's from file level backups, only to image based backups, that was one of the biggest challenges, because anytime you lift a backup infrastructure out of production, and put a new one in, you're starting from zero, you can't really start from where you left off, you had to get all of that data, and geographically 43 offices doesn't seem like a lot, but when you're collecting data at all of those locations, that was a challenge, getting everything worked out and getting everything backed up in the first place. >> So you're knocking down that problem. If you're in a private meeting with Rob and his engineering team is there, what's the one thing that he could do to make your life easier? >> One thing he could do to make my life easier-- >> Drop prices-- >> Oh, sorry, then I have nothing else to say. (both laugh) >> Sounds like you-- >> Really, is that what you were going to say? >> So if we could enhance the performance of DD Boost, DD Boost already does a lot of performance benefits for what we do, DD Boost, in essence of what your network performance is, if there was a way of tweaking that on new servers, when you implement it, for example, we acquire companies every now and then we're implementing their strategies for their backups, and we have to start new backups, if there was a better methodology of seeding rather than having to go out physically plug in a hard drive and an NFL storage, make a clone of it and transfer it back. If there was a different method of seeding that technology or those backups, that would make things a little bit easier. >> Get on that. >> I mean, nobody can ever have enough performance and then, as Adam said, the big part of the Power Protect announcement yesterday was, you know, the introduction of, you know, the industry's first all-flash purpose built backup appliance with integrated software capabilities, and an all flash, I think, over the coming years is going to get is going to become a definite option for secondary storage workloads, not only for the straight performance of backup and restore speeds, but also for this huge opportunity around data reuse, and I think that you'll start to see more flash appearing in the data center, not just for production systems, but also for secondary workloads and where you're storing copies of production. >> At the end of the day, it sounds like you're probably quite the hero to all those folks that need making sure they have access to that data because that's what is, as we say, it's Michael Dell said it's inexhaustible, it's gold, that's what drives the business forward, that's what allows you to identify new products and new revenue streams. So we'll say congratulations on being an enabler of the business so far, we appreciate you guys sharing what GEI is doing and Rob, we appreciate your insights as well. We thank you for spending some time with us on theCube. >> Thank you very much. >> Oh, our pleasure. For Dave Vellante, I'm Lisa Martin. You're watching theCube live, Dell Technologies World 2019 day three of theCubes coverage continues in just a moment. (upbeat music)

>> CUBE, covering Cisco Live 2018 brought to you by Cisco, NetApp, and theCUBe's Ecosystem Partners. (techno music) >> Welcome back. >> Welcome back. I'm Stu Miniman, and this is theCUBE's coverage. Wait, we're surrounded by green. I've got two gentlemen from Veeam here. No, but we're not at VeeamON. We're at Cisco Live 2018 here in Orlando, happy to welcome back to the program Carey Stanton and Rob Emsley. Gentlemen, thanks so much for joining us. >> Ace too. >> All right, yeah, so I was with you guys not too long ago at the VeeamON conference. I had a lot of fun in Chicago, brought back some of the famous popcorn for my family, but we're here in Orlando, so way bigger convention center, 26,000 people. We're all walking a lot, talking a lot about networking in Multi-Cloud and everything there. Tell us a little bit about your experience here at the show and what you've taken. >> Yeah, it's great, thanks, Stu. We have as you may know a tier-one partnership with Cisco. We're a platinum sponsor at this event and we're here all around our relationships with them on their data protection with their hyper-flex and their 32-60 and S2-40 relationships and we continue to see rapid growth in the channel and we have a direct-dedicated team selling with them on a global basis, so here making a lot of new connections across their other business units. >> Rob, I see the Green Veeam booth at almost every show I go to. >> Absolutely. >> How's Cisco different from some of the other ones that we go to? >> Well, one of the the things that Chuck Robins talked about in his keynote yesterday was how they summarize the focus of the company, and there's two specific areas that Veeam works very closely with Cisco on. One is the powering the Multi-Cloud, and unlocking the power of data. Those are two big focuses for us. You remember in Chicago, we're all about Multi-Cloud, On-Premises, Manage Cloud, Software as a Service, the Public Cloud; that's the reality of where data lives, so we're very much in lock-step with Cisco. We've been working with Cisco for several years. We last year became available through their global price list, so we're actually finding that Cisco in the data sensor, especially when you think about conversion infrastructure and hyper-conversion infrastructure, it's an area where we can really compliment what they're doing with their opportunities. >> Yeah, Carey, it's interesting because we go a lot of shows and we're hearing a lot of similar themes. Even I think the last time I'd come to the Cisco Live US show was 2009. Applications and data, it's like, oh, come on, those are just bits running through our pipes. It's not really a big deal. Well, we're here in the DevNet zone. We're talking about how Cisco's been moving up the stacks, how they're enabling companies to build new application, do cool things with wireless and SD-WAN and everything like that. I'm sure you must be seeing big change in a lot of your infrastructure partners that fits, as Rob said, that power of data and where that fits. >> Yeah, we're seeing it across the board and what we like about the relationship we have with Cisco is they look to us as their data availability experts, right? That we go into the data center conversation and they bring us in as their subject-matter experts, and that's where I think they want to expand their footprint in their TEM with their product lines, and whether it's UCS or hyper-flex, and they're bringing us into those discussions because we solve a unique problem that they otherwise wouldn't be able to solve. >> Yeah, Rob, you saw the keynote yesterday. I think we were a little surprised. Diane Green comes walking out there. Cisco of course, big push in Cloud. I've actually interviewed a number of Cisco executives of things like AWS Reinvent and the like. Does the Veeam partnership with Cisco, do you touch on some of the Public Cloud pieces as well as? >> Yeah, very much so. One of the things that Cisco is very focused on is their SOS provider right to market, so that's an area where we've been very focused over the last probably three to four years, building out and enabling often our resellers to become managers providers themselves, but the reality is that you're starting to look at that Public Cloud tie-in, whether it be Microsoft Azure, whether it be AWS or IBM Cloud, so these are really all areas where we can provide an on-ramp to connect any Cisco data center environment and provide a relationship with the Public Cloud, provide that data management level layer. >> Yeah, I think back. Cisco really helped a lot of the channel community mature their market. Went from being the silo network to building data center businesses back eight years ago when we started talking about conversion infrastructure. Today, this week I've interviewed Presidio and WWT. They're talking a lot about how they're helping customers, enabling that Cloud. I'd love to hear your perspectives on the maturation of the channel and how they fit in this multi-cloud world. >> Yeah, I mean, if you look at Veeam, where there are 55,000 channel partners our brand promises to remain a 100% channel-driven company, but having these relationships that are primary Cisco-predominant partners, like WWT, Presidio, ePlus, I think it's just opening up discussions that we otherwise wouldn't have had, and we're seeing 50% of the opportunities that we're closing in the field are Cisco-led opportunities that are being driven from these new channel partners, and so again, I think this is the one plus one equals three story that we talk a lot about, that we're bringing a lot to the table and 50% of the opportunities for them and vice versa for us. >> Yeah, one of the things that we really like about Cisco is their focus on their partner community is extremely high, both from the enablement perspective and the educational perspective. They have a fully resourced partner marketing team, and we've been doing a lot of work with them. One of the things that Cisco has been transitioning to, it sort of fits into your space, is the whole move to marketing in a digital world and the whole need to change the type of content, and this type of content you can think about the video sort of assets becomes so much more important, so we've been working very closely with them to do joint digital marketing. It's very easy sometimes to do joint event-based marketing, but when you start getting into digital, you really have to think outside the box about how you bring two companies together to meet in the digital world, so we've been really doing that to drive joint opportunities, and that's been something that we've really got some some success with from our relationship with Cisco. >> In fact, you were just in Barcelona. >> Yeah, every year they run a marketing summit for their channel partners and ecosystem partners, and we actually won the Cisco marketing innovation award for a digital marketing always on campaign slope, just full of assets for joint digital, for joint Cisco and Veeam customers. >> Congratulations, I did see some of that on some of the social media. Yeah, it's interesting to look at how marketing changes in this new digital world. I ask every CMO I talk to these days is to, "How is digital changing the way things happen?" >> Yeah, and you mentioned our other infrastructure partners and there's no other partner that we've worked with at the size of Cisco that embraced it day one, so they look to Veeam as, "Okay, we're going "to work with Veeam, we're going to go deeper, "we're going to bring them on our global prices," and day one they were, "How can we get intertwined "into what Veeam does extremely well as our digital marketing machine?" And just from the get-go they've just continued to accelerate through that process. >> Yeah, one of the things I know every partner loves when they come to an event like this, there's a lot of customers here. Give us a little insight if you can, either specific examples or give us some of the themes you're hearing from customers at the show. What's top of mind? What're some of the biggest challenges that they're facing today? >> Yeah, I mean, I think what they're looking at doing is from a refresh of legacy backup solutions and replication solutions into modernizing their data center, and so they're looking to Cisco as their experts through the last decade plus, and now that Veeam is tied directly in with Cisco in some of those relationships, so it's from a refresh standpoint, from a modernizing their data center to the hybrid Cloud strategies that it's intertwined. We fit very well into those discussions, and we're seeing our customers come to us in these large ELAs, where Cisco is bringing us in as part of those discussions, so again, where otherwise we would have had a hard time getting into it, their customers are coming and saying, "What is the relevancy? "Should I really be looking at this," and Cisco's backing up those discussions. >> Certainly, to tap down on the data sensor, conversion infrastructure and hyper-conversion infrastructure is top of mind for a lot of the customers that come in by the booth. Certainly, which works well for us, because some of our relationships with our other storage alliance partners, whether it be Pure or NetOut, big partners of Cisco, so rather than one plus one equals three, it's one plus one plus one equals five quite often. We're going together as a group in order to go after opportunities, so that's definitely an area. If you think about conversion, IP Converge, it's always highly virtualized, so that plays very well to where we've built the company from: a big focus on virtual machine availability, but we're just more moving that now to the whole concept of data management across a Multi-Cloud world. >> Yeah, absolutely. One of the things we talk at all the shows is the pace of change and how receptive are customers to making changes. What are you hearing from the customers here? The storage market has long been it's sticky, it's a little bit entrenched, making changes, and networking we used to measure in decades as to you roll this out and then I'll wait for the next major speed bump before we'll do that, and you'll roll that out over years. Today, we think things are moving faster, but we'd love to hear points or counterpoints that you're hearing. >> Well, I think that the customers are looking to Cisco, indirectly to Veeam from removing complexity, and I think what they've seen in the past is they've deployed solutions that have bogged down their process. They look to the Cloud as an agile environment and they look back with their Legacy systems that they know they can't continue, and so from my standpoint, the customers that we talk to consistently is, "Are you gonna be the platform that's gonna allow me "to embrace a hybrid Cloud and to remove the complexity "that I have and to be agile," and so that's constantly what the Veeam messaging is solving, right? Mission critical backup and recovery workloads and doing it at a fraction of the cost and accelerating that Veeam speed. >> Yeah, I mean, if you just take the Legacy backup market, Legacy back up installed base, it seems that the openness to change is greater now than I've ever seen it, and you know I've been playing around in this space for quite a few years, but certainly recently we've found the openness to people to look for something new. Our friends that gotten it always used to say the three things that people worry about, the three Cs: Cost, complexity, and capabilities, and those are still very much top of mind around what causes a customer to say, "Hey, what I've been doing for the last several years "hasn't quite been getting it done for me." I think the big change is that backup as an insurance policy is no longer good enough. I think the ability to leverage your backup infrastructure and the data contained within it is really driving people to think about, that's more of a value to me than simply having an insurance policy. >> Absolutely, backup was never enough. We do backup, I need to restore, but it's about that data. Want to give you the opportunity. Veeam is I think we said kind of a tweener. You're not what I would consider an old company. You've always been a software company, born in the virtualization age, but there's a bunch of newer developer focused and Cloud-native. How does Veeam stay and fight and compete against some of the new ones coming after this multi-billion dollar market? >> Want to take that? >> Yeah, well, I think that we pride ourselves on innovation. We pride ourselves on iterating very quickly, and we pride ourselves on adhering to our NPS score of 73, where there at 300,000 customers, and what we are gonna continue on our path, on what's made us successful, and we know that there's always competition. There's lots of VC money out there, and it's not that we're looking away from what the competition is doing. It's that we believe with our 4000 customers a month, our 133 customers that we close on a daily basis across all segments of SNB, commercial, and enterprise is indicative that our strategy is working. We're not going to stray away. We're just going to look to partners like Cisco and others to expand our target market, but stay true to the solution that we've provided in that virtualization environment. You were at VeeamON. You saw the announcements that we're making to support additional workloads and additional environments in the days to come. >> Yeah, I think our ability to evolve and adapt is second to none, and some of that is just based upon the structure of the company. We're still private, we're still pretty much driving our own growth, and I think that allows us to make decisions quickly and very strategically to allow us to go into the areas that I think people instinctively know what is needed to evolve in this space around supporting multi-Cloud, supporting data as an asset, leveraging it as an asset, and I think that's where we've been fueling, both in an engineering perspective, in a capacity to meet with customers and grow, and that's certainly what's going to I think sustain us as we keep going forward. >> All right, gentlemen, I want to give you a final word as to key takeaways you see here from Cisco Live 2018. >> That we will be here for the duration of the time, and our relationship with Cisco will continue to expand, and that we look forward to meeting everyone at the Veeam booth and walking through our product solutions and meeting the Veeam team and answering any questions they may have, but we're thrilled to be part of the Cisco family, and hopefully, again, in the years to come that we'll just continue to expand our relationship. >> And I'll leave you with an African proverb. If you want to go fast, go alone. If you want to go far, go together. >> Absolutely. Rob Emsley, Carey Stanton, always a pleasure to catch up with you. I'll leave with the final aphorism of my own, which is, never confuse activity with progress. Ben Franklin, so I'm Stu Miniman, back with lots more coverage here from Cisco Live 2018. Thanks for watching theCUBE. (techno music)

[Music] the cyber security landscape has changed dramatically over the past 24 to 36 months rapid cloud migration has created a new layer of security defense sure but that doesn't mean csos can relax in many respects it further complicates or at least changes the cso's scope of responsibilities in particular the threat surface has expanded and that creates more seams and csos have to make sure their teams pick up where the hyperscaler clouds leave off application developers have become a critical execution point for cyber assurance shift left is the kind of new buzz phrase for devs but organizations still have to shield right meaning the operational teams must continue to partner with secops to make sure infrastructure is resilient so it's no wonder that an etr's latest survey of nearly 1500 cios and it buyers that business technology executives cite security as their number one priority well ahead of other critical technology initiatives including collaboration software cloud computing and analytics rounding out the top four but budgets are under pressure and csos have to prioritize it's not like they have an open checkbook they have to contend with other key initiatives like those just mentioned to secure the funding and what about zero trust can you go out and buy zero trust or is it a framework a mindset in a series of best practices applied to create a security consciousness throughout the organization can you implement zero trust in other words if a machine or human is not explicitly allowed access then access is denied can you implement that policy without constricting organizational agility the question is what's the most practical way to apply that premise and what role does infrastructure play as the enforcer how does automation play in the equation the fact is that today's approach to cyber resilient type resilience can't be an either or it has to be an and conversation meaning you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible and don't even talk to me about the edge that's really going to keep you up at night hello and welcome to the special cube presentation a blueprint for trusted infrastructure made possible by dell technologies in this program we explore the critical role that trusted infrastructure plays in cyber security strategies how organizations should think about the infrastructure side of the cyber security equation and how dell specifically approaches securing infrastructure for your business we'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile first up are pete gear and steve kenniston they're both senior cyber security consultants at dell technologies and they're going to talk about the company's philosophy and approach to trusted infrastructure and then we're going to speak to paris our godaddy who's a senior consultant for storage at dell technologies to understand where and how storage plays in this trusted infrastructure world and then finally rob emsley who heads product marketing for data protection and cyber security he's going to take a deeper dive with rob into data protection and explain how it has become a critical component of a comprehensive cyber security strategy okay let's get started pete gear steve kenniston welcome to the cube thanks for coming into the marlboro studios today great to be here dave thanks dave good to see you great to see you guys pete start by talking about the security landscape you heard my little rap up front what are you seeing i thought you wrapped it up really well and you touched on all the key points right technology is ubiquitous today it's everywhere it's no longer confined to a monolithic data center it lives at the edge it lives in front of us it lives in our pockets and smartphones along with that is data and as you said organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago and along with that cyber crime has become a very profitable uh enterprise in fact it's been more than 10 years since uh the nsa chief actually called cybercrime the biggest transfer of wealth in history that was 10 years ago and we've seen nothing but accelerating cybercrime and really sophistication of how those attacks are are perpetrated and so the new security landscape is really more of an evolution we're finally seeing security catch up with all of the technology adoption all the build out the work from home and work from anywhere that we've seen over the last couple of years we're finally seeing organizations and really it goes beyond the i.t directors it's a board level discussion today security's become a board level discussion so yeah i think that's true as well it's like it used to be the security was okay the sec ops team you're responsible for security now you've got the developers are involved the business lines are involved it's part of onboarding for most companies you know steve this concept of zero trust it was kind of a buzzword before the pandemic and i feel like i've often said it's now become a a mandate but it's it's it's still fuzzy to a lot of people how do you guys think about zero trust what does it mean to you how does it fit yeah i thought again i thought your opening was fantastic in this whole lead into to what is zero trust it had been a buzzword for a long time and now ever since the federal government came out with their implementation or or desire to drive zero trust a lot more people are taking a lot more seriously because i don't think they've seen the government do this but ultimately let's see ultimately it's just like you said right if you don't have trust to those particular devices applications or data you can't get at it the question is and and you phrase it perfectly can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive because we're seeing with your whole notion around devops and the ability to kind of build make deploy build make deploy right they still need that functionality but it also needs to be trusted it needs to be secure and things can't get away from you yeah so it's interesting we attended every uh reinforce since 2019 and the narrative there is hey everything in this in the cloud is great you know and this narrative around oh security is a big problem is you know doesn't help the industry the fact is that the big hyperscalers they're not strapped for talent but csos are they don't have the the capabilities to really apply all these best practices they're they're playing whack-a-mole so they look to companies like yours to take their your r d and bake it into security products and solutions so what are the critical aspects of the so-called dell trusted infrastructure that we should be thinking about yeah well dell trusted infrastructure for us is a way for us to describe uh the the work that we do through design development and even delivery of our it system so dell trusted infrastructure includes our storage it includes our servers our networking our data protection our hyper-converged everything that infrastructure always has been it's just that today customers consume that infrastructure at the edge as a service in a multi-cloud environment i mean i view the cloud as really a way for organizations to become more agile and to become more flexible and also to control costs i don't think organizations move to the cloud or move to a multi-cloud environment to enhance security so i don't see cloud computing as a panacea for security i see it as another attack surface and another uh aspect in front that organizations and and security organizations and departments have to manage it's part of their infrastructure today whether it's in their data center in a cloud or at the edge i mean i think it's a huge point because a lot of people think oh the data's in the cloud i'm good it's like steve we've talked about oh why do i have to back up my data it's in the cloud well you might have to recover it someday so i don't know if you have anything to add to that or any additional thoughts on it no i mean i think i think like what pete was saying when it comes to when it comes to all these new vectors for attack surfaces you know people did choose the cloud in order to be more agile more flexible and all that did was open up to the csos who need to pay attention to now okay where can i possibly be attacked i need to be thinking about is that secure and part of the part of that is dell now also understands and thinks about as we're building solutions is it is it a trusted development life cycle so we have our own trusted development life cycle how many times in the past did you used to hear about vendors saying you got to patch your software because of this we think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective and make sure we don't give up or or have security become a whole just in order to implement a feature we got to think about those things yeah and as pete alluded to our secure supply chain so all the way through knowing what you're going to get when you actually receive it is going to be secure and not be tampered with becomes vitally important and pete and i were talking earlier when you have tens of thousands of devices that need to be delivered whether it be storage or laptops or pcs or or whatever it is you want to be tr you want to know that that that those devices are can be trusted okay guys maybe pete you could talk about the how dell thinks about it's its framework and its philosophy of cyber security and then specifically what dell's advantages are relative to the competition yeah definitely dave thank you so i we've talked a lot about dell as a technology provider but one thing dell also is is a partner in this larger ecosystem we realize that security whether it's a zero trust paradigm or any other kind of security environment is an ecosystem with a lot of different vendors so we look at three areas uh one is protecting data in systems we know that it starts with and ends with data that helps organizations combat threats across their entire infrastructure and what it means is dell's embedding security features consistently across our portfolios of storage servers networking the second is enhancing cyber resiliency over the last decade a lot of the funding and spending has been in protecting or trying to prevent cyber threats not necessarily in responding to and recovering from threats right we call that resiliency organizations need to build resiliency across their organization so not only can they withstand a threat but they can respond recover and continue with their operations and the third is overcoming security complexity security is hard it's more difficult because of the the things we've talked about about distributed data distributed technology and and attack surfaces everywhere and so we're enabling organizations to scale confidently to continue their business but know that all all the i.t decisions that they're making um have these intrinsic security features and are built and delivered in a consistent security so those are kind of the three pillars maybe we could end on what you guys see as the key differentiators uh that people should know about that that dell brings to the table maybe each of you could take take a shot at that yeah i i think first of all from from a holistic portfolio perspective right the secure supply chain and the secure development life cycle permeate through everything dell does when building things so we build things with security in mind all the way from as pete mentioned from from creation to delivery we want to make sure you have that that secure device or or asset that permeates everything from servers networking storage data protection through hyper converge through everything that to me is really a key asset because that means you can you understand when you receive something it's a trusted piece of your infrastructure i think the other core component to think about and pete mentioned as dell being a partner for um making sure you can deliver these things is that even though those are that's part of our framework these pillars are our framework of how we want to deliver security it's also important to understand that we are partners and that you don't need to rip and replace but as you start to put in new components you can be you can be assured that the components that you're replacing as you're evolving as you're growing as you're moving to the cloud as you're moving to more on-prem type services or whatever that your environment is secure i think those are two key things got it okay pete bring us home yeah i think one of one of the big advantages of dell uh is our scope and our scale right we're a large technology vendor that's been around for decades and we develop and sell almost every piece of technology we also know that organizations are might make different decisions and so we have a large services organization with a lot of experienced services people that can help customers along their security journey depending on uh whatever type of infrastructure or solutions that they're looking at the other thing we do is make it very easy to consume our technology whether that's traditional on-premise in a multi-cloud environment uh or as a service and so the best of breed technology can be consumed in any variety of fashion and know that you're getting that consistent secure infrastructure that dell provides well and dell's forgot the probably top supply chain not only in the tech business but probably any business and so you can actually take take your dog food and then and allow other your champagne sorry allow other people to you know share share best practices with your with your customers all right guys thanks so much for coming thank you appreciate it okay keep it right there after this short break we'll be back to drill into the storage domain you're watching a blueprint for trusted infrastructure on the cube the leader in enterprise and emerging tech coverage be right back you

okay we're back digging into trusted infrastructure with paris are good at he's a senior consultant for product marketing and storage at dell technologies pastor welcome to the cube good to see you great to be with you dave yeah coming from hyderabad awesome so i really appreciate you uh coming on the program let's start with talking about your point of view on what cyber security resilience means to to dell generally but storage specifically yeah so for something like storage you know we are talking about the data layer name and if you look at cyber security it's all about securing your data applications and infrastructure it has been a very mature field at the network and application layers and there are a lot of great technologies right from you know enabling zero trust uh advanced authentications uh identity management systems and so on and and in fact you know with the advent of you know the the use of artificial intelligence and machine learning really these detection tools for cyber securities have really evolved in the network and application spaces so for storage what it means is how can you bring them to the data layer right how can you bring you know the principles of zero trust to the data layer uh how can you leverage artificial intelligence and machine learning to look at you know access patterns and make intelligent decisions about maybe an indicator of a compromise and identify them ahead of time just like you know how it's happening and other of of applications and when it comes to cyber resilience it's it's basically a strategy which assumes that a threat is imminent and it's a good assumption with the severity and the frequency of the attacks that are happening and the question is how do we fortify the infrastructure in this rich infrastructure to withstand those attacks and have a plan a response plan where we can recover the data and make sure the business continuity is not affected so that's uh really cyber security and cyber resiliency at storage layer and of course there are technologies like you know network isolation um immutability and all these principles need to be applied at the storage level as well let me have a follow up on that if i may the intelligence that you talked about that ai and machine learning is that do you do you build that into the infrastructure or is that sort of a separate software module that that points at various you know infrastructure components how does that work both dave right at the data storage level we have come up with various data characteristics depending on the nature of data we developed a lot of signals to see what could be a good indicator of a compromise um and there are also additional applications like cloud iq is the best example which is like an infrastructure wide health monitoring system for dell infrastructure and now we have elevated that to include cyber security as well so these signals are being gathered at cloud iq level and other applications as well so that we can make those decisions about compromise and we can either cascade that intelligence and alert stream upstream for uh security teams um so that they can take actions in platforms like sign systems xtr systems and so on but when it comes to which layer the intelligence is it has to be at every layer where it makes sense where we have the information to make a decision and being closest to the data we have we are basically monitoring you know the various parallels data access who is accessing um are they crossing across any geo fencing is there any mass deletion that is happening or a mass encryption that is happening and we are able to uh detect uh those uh patterns and flag them as indicators of compromise and in allowing automated response manual control and so on for i.t teams yeah thank you for that explanation so at dell technologies world we were there in may it was one of the first you know live shows that that we did in the spring certainly one of the largest and i interviewed shannon champion and my huge takeaway from the storage side was the degree to which you guys uh emphasized security uh within the operating systems i mean really i mean power max more than half i think of the features were security related but also the rest of the portfolio so can you talk about the the security aspects of the dell storage portfolio specifically yeah yeah so when it comes to data security and broadly data availability right in the context of cyber resiliency um dell storage uh this you know these elements have been at the core of our um a core strength for the portfolio and a source of differentiation for the storage portfolio you know with almost decades of collective experience of building highly resilient architectures for mission critical data something like power max system which is the most secure storage platform for high-end enterprises um and now with the increased focus on cyber security we are extending those core technologies of high availability and adding modern detection systems modern data isolation techniques to offer a comprehensive solution to the customer so that they don't have to piece together multiple things to ensure data security or data resiliency but a well-designed and well-architected solution by design is uh delivered to them to ensure cyber protection at the data layer got it um you know we were talking earlier to steve kenniston and pete gear about this notion of dell trusted infrastructure how does storage fit into that as a component of that sort of overall you know theme yeah and you know and let me say this if you could adjust because a lot of people might be skeptical that i can actually have security and at the same time not constrict my organizational agility that's old you know not an or it's an and how do you actually do that if you could address both of those that would be great definitely so for dell trusted infrastructure cyber resiliency is a key component of that and just as i mentioned you know uh air gap isolation it really started with you know power protect cyber recovery you know that was the solution more than three years ago we launched and that was first in the industry which paved way to you know kind of data isolation being a core element of data management and you know for data infrastructure and since then we have implemented these technologies within different storage platforms as well so the customers have the flexibility depending on their data landscape they can approach they can do the right data isolation architecture right either natively from the storage platform or consolidate things into the backup platform and isolate from there and and the other key thing we focus in trusted infrastructure delta dell trusted infrastructure is you know the goal of simplifying security for the customers so one good example here is uh you know risk being able to respond to these cyber threats or indicators of compromise is one thing but an i.t security team may not be looking at the dashboard of the storage systems constantly right storage administration admins may be looking at it so how can we build this intelligence and provide this upstream platforms so that they have a single pane of glass to understand security landscape across applications across networks firewalls as well as storage infrastructure and and compute infrastructure so that's one of the key ways where how we are helping simplify the um kind of the ability to uh respond ability to detect and respond these threads uh in real time for security teams and you mentioned you know about zero trust and how it's a balance of you know not uh kind of restricting users or put heavy burden on you know multi-factor authentication and so on and this really starts with you know what we are doing is provide all the tools you know when it comes to advanced authentication uh supporting external identity management systems multi-factor authentication encryption all these things are intrinsically built into these platforms now the question is the customers are actually one of the key steps is to identify uh what are the most critical parts of their business or what are the applications uh that the most critical business operations depend on and similarly identify uh mission critical data where part of your response plan where it cannot be compromised where you need to have a way to recover once you do this identification then the level of security can be really determined uh by uh by the security teams by the infrastructure teams and you know another you know intelligence that gives a lot of flexibility for for even developers to do this is today we have apis um that so you can not only track these alerts at the data infrastructure level but you can use our apis to take concrete actions like blocking a certain user or increasing the level of authentication based on the threat level that has been perceived at the application layer or at the network layer so there is a lot of flexibility that is built into this by design so that depending on the criticality of the data criticality of the application number of users affected these decisions have to be made from time to time and it's as you mentioned it's it's a balance right and sometimes you know if if an organization had a recent attack you know the level of awareness is very high uh against cyber attacks so for a time you know these these settings may be a bit difficult to deal with but then it's a decision that has to be made by security teams as well got it so you're surfacing what may be hidden kpis that are being buried inside for instance the storage system through apis upstream into a dashboard so that somebody you know dig into the storage tunnel extract that data and then somehow you know populate that dashboard you're saying you're automating that that that workflow that's a great example and you may have others but is that the correct understanding absolutely and it's a two-way integration let's say a detector an attack has been detected at a completely different layer right in the application layer or at a firewall we can respond to those as well so it's a two-way integration we can cascade things up as well as uh respond to threats that have been detected elsewhere uh through the api that's great all right api for power skill is the best example for that uh excellent so thank you appreciate that give us the last word put a bow on this and and bring this segment home please absolutely so a dell uh storage portfolio um using advanced data isolation um with air gap having machine learning based algorithms to detect uh indicators of compromise and having ripple mechanisms um with granular snapshots being able to recover data and restore applications to maintain business continuity is what we deliver to customers uh and these are areas where a lot of innovation is happening a lot of product focus as well as you know if you look at the professional services all the way from engineering to professional services the way we build these systems the very we configure and architect these systems cyber security and protection is a key focus uh for all these activities and dell.com securities is where you can learn a lot about these initiatives that's great thank you you know at the recent uh reinforce uh event in in boston we heard a lot uh from aws about you know detent and response and devops and machine learning and some really cool stuff we heard a little bit about ransomware but i'm glad you brought up air gaps because we heard virtually nothing in the keynotes about air gaps that's an example of where you know this the cso has to pick up from where the cloud leaves off but as i was in front and so number one and number two we didn't hear a ton about how the cloud is making the life of the cso simpler and that's really my takeaway is is in part anyway your job and companies like dell so paris i really appreciate the insights thank you for coming on thecube thank you very much dave it's always great to be in these uh conversations all right keep it right there we'll be right back with rob emsley to talk about data protection strategies and what's in the dell portfolio you're watching the cube [Music] you

the cyber security landscape has changed dramatically over the past 24 to 36 months rapid cloud migration has created a new layer of security defense sure but that doesn't mean csos can relax in many respects it further complicates or at least changes the ciso's scope of responsibilities in particular the threat surface has expanded and that creates more seams and cisos have to make sure their teams pick up where the hyperscaler clouds leave off application developers have become a critical execution point for cyber assurance shift left is the kind of new buzz phrase for devs but organizations still have to shield right meaning the operational teams must continue to partner with secops to make sure infrastructure is resilient so it's no wonder that in etr's latest survey of nearly 1500 cios and it buyers that business technology executives cite security as their number one priority well ahead of other critical technology initiatives including collaboration software cloud computing and analytics rounding out the top four but budgets are under pressure and csos have to prioritize it's not like they have an open checkbook they have to contend with other key initiatives like those just mentioned to secure the funding and what about zero trust can you go out and buy xero trust or is it a framework a mindset in a series of best practices applied to create a security consciousness throughout the organization can you implement zero trust in other words if a machine or human is not explicitly allowed access then access is denied can you implement that policy without constricting organizational agility the question is what's the most practical way to apply that premise and what role does infrastructure play as the enforcer how does automation play in the equation the fact is that today's approach to cyber resilient type resilience can't be an either or it has to be an and conversation meaning you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible and don't even talk to me about the edge that's really going to keep you up at night hello and welcome to the special cube presentation a blueprint for trusted infrastructure made possible by dell technologies in this program we explore the critical role that trusted infrastructure plays in cyber security strategies how organizations should think about the infrastructure side of the cyber security equation and how dell specifically approaches securing infrastructure for your business we'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile first up are pete gear and steve kenniston they're both senior cyber security consultants at dell technologies and they're going to talk about the company's philosophy and approach to trusted infrastructure and then we're going to speak to paris arcadi who's a senior consultant for storage at dell technologies to understand where and how storage plays in this trusted infrastructure world and then finally rob emsley who heads product marketing for data protection and cyber security he's going to take a deeper dive with rob into data protection and explain how it has become a critical component of a comprehensive cyber security strategy okay let's get started pete gear steve kenniston welcome to the cube thanks for coming into the marlboro studios today great to be here dave thanks dave good to see you great to see you guys pete start by talking about the security landscape you heard my little rap up front what are you seeing i thought you wrapped it up really well and you touched on all the key points right technology is ubiquitous today it's everywhere it's no longer confined to a monolithic data center it lives at the edge it lives in front of us it lives in our pockets and smartphones along with that is data and as you said organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago and along with that cyber crime has become a very profitable enterprise in fact it's been more than 10 years since uh the nsa chief actually called cyber crime the biggest transfer of wealth in history that was 10 years ago and we've seen nothing but accelerating cyber crime and really sophistication of how those attacks are perpetrated and so the new security landscape is really more of an evolution we're finally seeing security catch up with all of the technology adoption all the build out the work from home and work from anywhere that we've seen over the last couple of years we're finally seeing organizations and really it goes beyond the i t directors it's a board level discussion today security's become a board level discussion yeah i think that's true as well it's like it used to be the security was okay the secops team you're responsible for security now you've got the developers are involved the business lines are involved it's part of onboarding for most companies you know steve this concept of zero trust it was kind of a buzzword before the pandemic and i feel like i've often said it's now become a mandate but it's it's it's still fuzzy to a lot of people how do you guys think about zero trust what does it mean to you how does it fit yeah i thought again i thought your opening was fantastic in in this whole lead into to what is zero trust it had been a buzzword for a long time and now ever since the federal government came out with their implementation or or desire to drive zero trust a lot more people are taking a lot more seriously because i don't think they've seen the government do this but ultimately let's see ultimately it's just like you said right if if you don't have trust to those particular devices uh applications or data you can't get at it the question is and and you phrase it perfectly can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive because we're seeing with your whole notion around devops and the ability to kind of build make deploy build make deploy right they still need that functionality but it also needs to be trusted it needs to be secure and things can't get away from you yeah so it's interesting we attended every uh reinforce since 2019 and the narrative there is hey everything in this in the cloud is great you know and this narrative around oh security is a big problem is you know doesn't help the industry the fact is that the big hyperscalers they're not strapped for talent but csos are they don't have the the capabilities to really apply all these best practices they're they're playing whack-a-mole so they look to companies like yours to take their r your r d and bake it into security products and solutions so what are the critical aspects of the so-called dell trusted infrastructure that we should be thinking about yeah well dell trusted infrastructure for us is a way for us to describe uh the the work that we do through design development and even delivery of our it system so dell trusted infrastructure includes our storage it includes our servers our networking our data protection our hyper converged everything that infrastructure always has been it's just that today customers consume that infrastructure at the edge as a service in a multi-cloud environment i mean i view the cloud as really a way for organizations to become more agile and to become more flexible and also to control costs i don't think organizations move to the cloud or move to a multi-cloud environment to enhance security so i don't see cloud computing as a panacea for security i see it as another attack surface and another uh aspect in front that organizations and and security organizations and departments have to manage it's part of their infrastructure today whether it's in their data center in a cloud or at the edge i mean i think it's a huge point because a lot of people think oh data's in the cloud i'm good it's like steve we've talked about oh why do i have to back up my data it's in the cloud well you might have to recover it someday so i don't know if you have anything to add to that or any additional thoughts on it no i mean i think i think like what pete was saying when it comes to when it comes to all these new vectors for attack surfaces you know people did choose the cloud in order to be more agile more flexible and all that did was open up to the csos who need to pay attention to now okay where can i possibly be attacked i need to be thinking about is that secure and part of the part of that is dell now also understands and thinks about as we're building solutions is it is it a trusted development life cycle so we have our own trusted development life cycle how many times in the past did you used to hear about vendors saying you got to patch your software because of this we think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective and make sure we don't give up or or have security become a whole just in order to implement a feature we got to think about those things yeah and as pete alluded to our secure supply chain so all the way through knowing what you're going to get when you actually receive it is going to be secure and not be tampered with becomes vitally important and pete and i were talking earlier when you have tens of thousands of devices that need to be delivered whether it be storage or laptops or pcs or or whatever it is you want to be you want to know that that that those devices are can be trusted okay guys maybe pete you could talk about the how dell thinks about it's its framework and its philosophy of cyber security and then specifically what dell's advantages are relative to the competition yeah definitely dave thank you so we've talked a lot about dell as a technology provider but one thing dell also is is a partner in this larger ecosystem we realize that security whether it's a zero trust paradigm or any other kind of security environment is an ecosystem uh with a lot of different vendors so we look at three areas one is protecting data in systems we know that it starts with and ends with data that helps organizations combat threats across their entire infrastructure and what it means is dell's embedding security features consistently across our portfolios of storage servers networking the second is enhancing cyber resiliency over the last decade a lot of the funding and spending has been in protecting or trying to prevent cyber threats not necessarily in responding to and recovering from threats right we call that resiliency organizations need to build resiliency across their organization so not only can they withstand a threat but they can respond recover and continue with their operations and the third is overcoming security complexity security is hard it's more difficult because of the things we've talked about about distributed data distributed technology and and attack surfaces everywhere and so we're enabling organizations to scale confidently to continue their business but know that all all the i.t decisions that they're making um have these intrinsic security features and are built and delivered in a consistent security so those are kind of the three pillars maybe we could end on what you guys see as the key differentiators that people should know about that that dell brings to the table maybe each of you could take take a shot at that yeah i think first of all from from a holistic portfolio perspective right the uh secure supply chain and the secure development life cycle permeate through everything dell does when building things so we build things with security in mind all the way from as pete mentioned from from creation to delivery we want to make sure you have that that secure device or or asset that permeates everything from servers networking storage data protection through hyper converge through everything that to me is really a key asset because that means you can you understand when you receive something it's a trusted piece of your infrastructure i think the other core component to think about and pete mentioned as dell being a partner for making sure you can deliver these things is that even though those are that's part of our framework these pillars are our framework of how we want to deliver security it's also important to understand that we are partners and that you don't need to rip and replace but as you start to put in new components you can be you can be assured that the components that you're replacing as you're evolving as you're growing as you're moving to the cloud as you're moving to a more on-prem type services or whatever that your environment is secure i think those are two key things got it okay pete bring us home yeah i think one of one of the big advantages of dell is our scope and our scale right we're a large technology vendor that's been around for decades and we develop and sell almost every piece of technology we also know that organizations are might make different decisions and so we have a large services organization with a lot of experienced services people that can help customers along their security journey depending on whatever type of infrastructure or solutions that they're looking at the other thing we do is make it very easy to consume our technology whether that's traditional on-premise in a multi-cloud environment uh or as a service and so the best of breed technology can be consumed in any variety of fashion and know that you're getting that consistent secure infrastructure that dell provides well and dell's forgot the probably top supply chain not only in the tech business but probably any business and so you can actually take take your dog food and then and allow other billionaire champagne sorry allow other people to you know share share best practices with your with your customers all right guys thanks so much for coming thank you appreciate it okay keep it right there after this short break we'll be back to drill into the storage domain you're watching a blueprint for trusted infrastructure on the cube the leader in enterprise and emerging tech coverage be right back concern over cyber attacks is now the norm for organizations of all sizes the impact of these attacks can be operationally crippling expensive and have long-term ramifications organizations have accepted the reality of not if but when from boardrooms to i.t departments and are now moving to increase their cyber security preparedness they know that security transformation is foundational to digital transformation and while no one can do it alone dell technologies can help you fortify with modern security modern security is built on three pillars protect your data and systems by modernizing your security approach with intrinsic features and hardware and processes from a provider with a holistic presence across the entire it ecosystem enhance your cyber resiliency by understanding your current level of resiliency for defending your data and preparing for business continuity and availability in the face of attacks overcome security complexity by simplifying and automating your security operations to enable scale insights and extend resources through service partnerships from advanced capabilities that intelligently scale a holistic presence throughout it and decades as a leading global technology provider we'll stop at nothing to help keep you secure okay we're back digging into trusted infrastructure with paris sarcadi he's a senior consultant for product marketing and storage at dell technologies parasaur welcome to the cube good to see you great to be with you dave yeah coming from hyderabad awesome so i really appreciate you uh coming on the program let's start with talking about your point of view on what cyber security resilience means to to dell generally but storage specifically yeah so for something like storage you know we are talking about the data layer name and if you look at cyber security it's all about securing your data applications and infrastructure it has been a very mature field at the network and application layers and there are a lot of great technologies right from you know enabling zero trust advanced authentications uh identity management systems and so on and and in fact you know with the advent of you know the the use of artificial intelligence and machine learning really these detection tools for cyber securities have really evolved in the network and the application spaces so for storage what it means is how can you bring them to the data layer right how can you bring you know the principles of zero trust to the data layer uh how can you leverage artificial intelligence and machine learning to look at you know access patterns and make intelligent decisions about maybe an indicator of a compromise and identify them ahead of time just like you know how it's happening and other ways of applications and when it comes to cyber resilience it's it's basically a strategy which assumes that a threat is imminent and it's a good assumption with the severity of the frequency of the attacks that are happening and the question is how do we fortify the infrastructure in the switch infrastructure to withstand those attacks and have a plan a response plan where we can recover the data and make sure the business continuity is not affected so that's uh really cyber security and cyber resiliency and storage layer and of course there are technologies like you know network isolation immutability and all these principles need to be applied at the storage level as well let me have a follow up on that if i may the intelligence that you talked about that ai and machine learning is that do you do you build that into the infrastructure or is that sort of a separate software module that that points at various you know infrastructure components how does that work both dave right at the data storage level um we have come with various data characteristics depending on the nature of data we developed a lot of signals to see what could be a good indicator of a compromise um and there are also additional applications like cloud iq is the best example which is like an infrastructure wide health monitoring system for dell infrastructure and now we have elevated that to include cyber security as well so these signals are being gathered at cloud iq level and other applications as well so that we can make those decisions about compromise and we can either cascade that intelligence and alert stream upstream for uh security teams um so that they can take actions in platforms like sign systems xtr systems and so on but when it comes to which layer the intelligence is it has to be at every layer where it makes sense where we have the information to make a decision and being closest to the data we have we are basically monitoring you know the various parallels data access who is accessing um are they crossing across any geo fencing uh is there any mass deletion that is happening or a mass encryption that is happening and we are able to uh detect uh those uh patterns and flag them as indicators of compromise and in allowing automated response manual control and so on for it teams yeah thank you for that explanation so at dell technologies world we were there in may it was one of the first you know live shows that that we did in the spring certainly one of the largest and i interviewed shannon champion and a huge takeaway from the storage side was the degree to which you guys emphasized security uh within the operating systems i mean really i mean powermax more than half i think of the features were security related but also the rest of the portfolio so can you talk about the the security aspects of the dell storage portfolio specifically yeah yeah so when it comes to data security and broadly data availability right in the context of cyber resiliency dell storage this you know these elements have been at the core of our um a core strength for the portfolio and the source of differentiation for the storage portfolio you know with almost decades of collective experience of building highly resilient architectures for mission critical data something like power max system which is the most secure storage platform for high-end enterprises and now with the increased focus on cyber security we are extending those core technologies of high availability and adding modern detection systems modern data isolation techniques to offer a comprehensive solution to the customer so that they don't have to piece together multiple things to ensure data security or data resiliency but a well-designed and well-architected solution by design is delivered to them to ensure cyber protection at the data layer got it um you know we were talking earlier to steve kenniston and pete gear about this notion of dell trusted infrastructure how does storage fit into that as a component of that sort of overall you know theme yeah and you know and let me say this if you could adjust because a lot of people might be skeptical that i can actually have security and at the same time not constrict my organizational agility that's old you know not an ore it's an end how do you actually do that if you could address both of those that would be great definitely so for dell trusted infrastructure cyber resiliency is a key component of that and just as i mentioned you know uh air gap isolation it really started with you know power protect cyber recovery you know that was the solution more than three years ago we launched and that was first in the industry which paved way to you know kind of data isolation being a core element of data management and uh for data infrastructure and since then we have implemented these technologies within different storage platforms as well so that customers have the flexibility depending on their data landscape they can approach they can do the right data isolation architecture right either natively from the storage platform or consolidate things into the backup platform and isolate from there and and the other key thing we focus in trusted infrastructure dell infra dell trusted infrastructure is you know the goal of simplifying security for the customers so one good example here is uh you know being able to respond to these cyber threats or indicators of compromise is one thing but an i.t security team may not be looking at the dashboard of the storage systems constantly right storage administration admins may be looking at it so how can we build this intelligence and provide this upstream platforms so that they have a single pane of glass to understand security landscape across applications across networks firewalls as well as storage infrastructure and in compute infrastructure so that's one of the key ways where how we are helping simplify the um kind of the ability to uh respond ability to detect and respond these threads uh in real time for security teams and you mentioned you know about zero trust and how it's a balance of you know not uh kind of restricting users or put heavy burden on you know multi-factor authentication and so on and this really starts with you know what we're doing is provide all the tools you know when it comes to advanced authentication uh supporting external identity management systems multi-factor authentication encryption all these things are intrinsically built into these platforms now the question is the customers are actually one of the key steps is to identify uh what are the most critical parts of their business or what are the applications uh that the most critical business operations depend on and similarly identify uh mission critical data where part of your response plan where it cannot be compromised where you need to have a way to recover once you do this identification then the level of security can be really determined uh by uh by the security teams by the infrastructure teams and you know another you know intelligence that gives a lot of flexibility uh for for even developers to do this is today we have apis um that so you can not only track these alerts at the data infrastructure level but you can use our apis to take concrete actions like blocking a certain user or increasing the level of authentication based on the threat level that has been perceived at the application layer or at the network layer so there is a lot of flexibility that is built into this by design so that depending on the criticality of the data criticality of the application number of users affected these decisions have to be made from time to time and it's as you mentioned it's it's a balance right and sometimes you know if if an organization had a recent attack you know the level of awareness is very high against cyber attacks so for a time you know these these settings may be a bit difficult to deal with but then it's a decision that has to be made by security teams as well got it so you're surfacing what may be hidden kpis that are being buried inside for instance the storage system through apis upstream into a dashboard so that somebody could you know dig into the storage tunnel extract that data and then somehow you know populate that dashboard you're saying you're automating that that that workflow that's a great example and you may have others but is that the correct understanding absolutely and it's a two-way integration let's say a detector an attack has been detected at a completely different layer right in the application layer or at a firewall we can respond to those as well so it's a two-way integration we can cascade things up as well as respond to threats that have been detected elsewhere um uh through the api that's great all right hey api for power skill is the best example for that uh excellent so thank you appreciate that give us the last word put a bow on this and and bring this segment home please absolutely so a dell storage portfolio um using advanced data isolation um with air gap having machine learning based algorithms to detect uh indicators of compromise and having rigor mechanisms with granular snapshots being able to recover data and restore applications to maintain business continuity is what we deliver to customers uh and these are areas where a lot of innovation is happening a lot of product focus as well as you know if you look at the professional services all the way from engineering to professional services the way we build these systems the way we we configure and architect these systems um cyber security and protection is a key focus uh for all these activities and dell.com securities is where you can learn a lot about these initiatives that's great thank you you know at the recent uh reinforce uh event in in boston we heard a lot uh from aws about you know detent and response and devops and machine learning and some really cool stuff we heard a little bit about ransomware but i'm glad you brought up air gaps because we heard virtually nothing in the keynotes about air gaps that's an example of where you know this the cso has to pick up from where the cloud leaves off but that was in front and so number one and number two we didn't hear a ton about how the cloud is making the life of the cso simpler and that's really my takeaway is is in part anyway your job and companies like dell so paris i really appreciate the insights thank you for coming on thecube thank you very much dave it's always great to be in these uh conversations all right keep it right there we'll be right back with rob emsley to talk about data protection strategies and what's in the dell portfolio you're watching thecube data is the currency of the global economy it has value to your organization and cyber criminals in the age of ransomware attacks companies need secure and resilient it infrastructure to safeguard their data from aggressive cyber attacks [Music] as part of the dell technologies infrastructure portfolio powerstor and powermax combine storage innovation with advanced security that adheres to stringent government regulations and corporate compliance requirements security starts with multi-factor authentication enabling only authorized admins to access your system using assigned roles tamper-proof audit logs track system usage and changes so it admins can identify suspicious activity and act with snapshot policies you can quickly automate the protection and recovery process for your data powermax secure snapshots cannot be deleted by any user prior to the retention time expiration dell technologies also make sure your data at rest stays safe with power store and powermax data encryption protects your flash drive media from unauthorized access if it's removed from the data center while adhering to stringent fips 140-2 security requirements cloud iq brings together predictive analytics anomaly detection and machine learning with proactive policy-based security assessments monitoring and alerting the result intelligent insights that help you maintain the security health status of your storage environment and if a security breach does occur power protect cyber recovery isolates critical data identifies suspicious activity and accelerates data recovery using the automated data copy feature unchangeable data is duplicated in a secure digital vault then an operational air gap isolates the vault from the production and backup environments [Music] architected with security in mind dell emc power store and powermax provides storage innovation so your data is always available and always secure wherever and whenever you need it [Music] welcome back to a blueprint for trusted infrastructure we're here with rob emsley who's the director of product marketing for data protection and cyber security rob good to see a new role yeah good to be back dave good to see you yeah it's been a while since we chatted last and you know one of the changes in in my world is that i've expanded my responsibilities beyond data protection marketing to also focus on uh cyber security marketing specifically for our infrastructure solutions group so certainly that's you know something that really has driven us to you know to come and have this conversation with you today so data protection obviously has become an increasingly important component of the cyber security space i i don't think necessarily of you know traditional backup and recovery as security it's to me it's an adjacency i know some companies have said oh yeah now we're a security company they're kind of chasing the valuation for sure bubble um dell's interesting because you you have you know data protection in the form of backup and recovery and data management but you also have security you know direct security capability so you're sort of bringing those two worlds together and it sounds like your responsibility is to to connect those those dots is that right absolutely yeah i mean i think that uh the reality is is that security is a a multi-layer discipline um i think the the days of thinking that it's one uh or another um technology that you can use or process that you can use to make your organization secure uh are long gone i mean certainly um you actually correct if you think about the backup and recovery space i mean people have been doing that for years you know certainly backup and recovery is all about the recovery it's all about getting yourself back up and running when bad things happen and one of the realities unfortunately today is that one of the worst things that can happen is cyber attacks you know ransomware malware are all things that are top of mind for all organizations today and that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy a good copy of your data then that is really the the first place you go to recover from a cyber attack and that's why it's so important the reality is is that unfortunately the cyber criminals keep on getting smarter i don't know how it happens but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have they go after your your backup data as well so over the last half a decade dell technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults and that is really the you know we've had many conversations about that over the years um and that's really a big tenant of what we do in the data protection portfolio so this idea of of cyber security resilience that definition is evolving what does it mean to you yeah i think the the analyst team over at gartner they wrote a very insightful paper called you will be hacked embrace the breach and the whole basis of this analysis is so much money has been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked you have to embrace that fact and be ready and prepared to bring yourself back into business you know and that's really where cyber resiliency is very very different than cyber security and prevention you know and i think that balance of get your security disciplines well-funded get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan is really the basis of any good solid data protection backup and recovery uh philosophy so if i had to do a swot analysis we don't have to do the wot but let's focus on the s um what would you say are dell's strengths in this you know cyber security space as it relates to data protection um one is we've been doing it a long time you know we talk a lot about dell's data protection being proven and modern you know certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't as i mentioned to you one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduced a little over five years ago five six years parapatek cyber recovery is something which has become a unique capability for customers to adopt uh on top of their investment in dell technologies data protection you know the the unique elements of our solution already threefold and it's we call them the three eyes it's isolation it's immutability and it's intelligence and the the isolation part is really so important because you need to reduce the attack surface of your good known copies of data you know you need to put it in a location that the bad actors can't get to it and that really is the the the the essence of a cyber recovery vault interestingly enough you're starting to see the market throw out that word um you know from many other places but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault you know allowing it to be controlled by your backup application our cyber recovery vaulting technology is independent of the backup infrastructure it uses it but it controls its own security and that is so so important it's like having a vault that the only way to open it is from the inside you know and think about that if you think about you know volts in banks or volts in your home normally you have a keypad on the outside think of our cyber recovery vault as having its security controlled from inside of the vault so nobody can get in nothing can get in unless it's already in and if it's already in then it's trusted exactly yeah exactly yeah so isolation is the key and then you mentioned immutability is the second piece yeah so immutability is is also something which has been around for a long time people talk about uh backup immunoability or immutable backup copies so immutability is just the the the additional um technology that allows the data that's inside of the vault to be unchangeable you know but again that immutability you know your mileage varies you know when you look across the uh the different offers that are out there in the market especially in the backup industry you make a very valid point earlier that the backup vendors in the market seems to be security washing their marketing messages i mean everybody is leaning into the ever-present danger of cyber security not a bad thing but the reality is is that you have to have the technology to back it up you know quite literally yeah no pun intended and then actually pun intended now what about the intelligence piece of it uh that's that's ai ml where does that fit for sure so the intelligence piece is delivered by um a solution called cybersense and cybersense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data so it's looking at the backup copies that get driven into the cyber vault and it's looking for anomalies so it's not looking for signatures of malware you know that's what your antivirus software does that's what your endpoint protection software does that's on the prevention side of the equation but what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business you go right let's go and do it and you don't have any concern that what you have in the vault has been compromised so cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at cursory indicators of of um of of of malware infection or or ransomware introduction it's doing full content analytics you know looking at you know has the data um in any way changed has it suddenly become encrypted has it suddenly become different to how it was in the previous scan so that anomaly detection is very very different it's looking for um you know like different characteristics that really are an indicator that something is going on and of course if it sees it you immediately get flagged but the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point so we're talking to rob emsley about how data protection fits into what dell calls dti dell trusted infrastructure and and i want to come back rob to this notion of and not or because i think a lot of people are skeptical like how can i have great security and not introduce friction into my organization is that an automation play how does dell tackle that problem i mean i think a lot of it is across our infrastructure is is security has to be built in i mean intrinsic security within our servers within our storage devices uh within our elements of our backup infrastructure i mean security multi-factor authentication you know elements that make the overall infrastructure secure you know we have capabilities that you know allow us to identify whether or not configurations have changed you know we'll probably be talking about that a little bit more to you later in the segment but the the essence is is um security is not a bolt-on it has to be part of the overall infrastructure and that's so true um certainly in the data protection space give us the the bottom line on on how you see dell's key differentiators maybe you could talk about dell of course always talks about its portfolio but but why should customers you know lead in to dell in in this whole cyber resilience space um you know staying on the data protection space as i mentioned the the the work we've been doing um to introduce this cyber resiliency solution for data protection is in our opinion as good as it gets you know the you know you've spoken to a number of our of our best customers whether it be bob bender from founders federal or more recently at delton allergies world you spoke to tony bryson from the town of gilbert and these are customers that we've had for many years that have implemented cyber recovery vaults and at the end of the day they can now sleep at night you know that's really the the peace of mind that they have is that the insurance that a data protection from dell cyber recovery vault a parapatex cyber recovery solution gives them you know really allows them to you know just have the assurance that they don't have to pay a ransom if they have a an insider threat issue and you know all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from great well rob congratulations on the new scope of responsibility i like how you know your organization is expanding as the threat surface is expanding as we said data protection becoming an adjacency to security not security in and of itself a key component of a comprehensive security strategy rob emsley thank you for coming back in the cube good to see you again you too dave thanks all right in a moment i'll be back to wrap up a blueprint for trusted infrastructure you're watching the cube every day it seems there's a new headline about the devastating financial impacts or trust that's lost due to ransomware or other sophisticated cyber attacks but with our help dell technologies customers are taking action by becoming more cyber resilient and deterring attacks so they can greet students daily with a smile they're ensuring that a range of essential government services remain available 24 7 to citizens wherever they're needed from swiftly dispatching public safety personnel or sending an inspector to sign off on a homeowner's dream to protecting restoring and sustaining our precious natural resources for future generations with ever-changing cyber attacks targeting organizations in every industry our cyber resiliency solutions are right on the money providing the security and controls you need we help customers protect and isolate critical data from ransomware and other cyber threats delivering the highest data integrity to keep your doors open and ensuring that hospitals and healthcare providers have access to the data they need so patients get life-saving treatment without fail if a cyber incident does occur our intelligence analytics and responsive team are in a class by themselves helping you reliably recover your data and applications so you can quickly get your organization back up and running with dell technologies behind you you can stay ahead of cybercrime safeguarding your business and your customers vital information learn more about how dell technology's cyber resiliency solutions can provide true peace of mind for you the adversary is highly capable motivated and well equipped and is not standing still your job is to partner with technology vendors and increase the cost of the bad guys getting to your data so that their roi is reduced and they go elsewhere the growing issues around cyber security will continue to drive forward thinking in cyber resilience we heard today that it is actually possible to achieve infrastructure security while at the same time minimizing friction to enable organizations to move quickly in their digital transformations a xero trust framework must include vendor r d and innovation that builds security designs it into infrastructure products and services from the start not as a bolt-on but as a fundamental ingredient of the cloud hybrid cloud private cloud to edge operational model the bottom line is if you can't trust your infrastructure your security posture is weakened remember this program is available on demand in its entirety at thecube.net and the individual interviews are also available and you can go to dell security solutions landing page for for more information go to dell.com security solutions that's dell.com security solutions this is dave vellante thecube thanks for watching a blueprint for trusted infrastructure made possible by dell we'll see you next time

[Music] okay we're back digging into trusted infrastructure with paris our godaddy he's a senior consultant for product marketing and storage at dell technologies parasite welcome to the cube good to see you great to be with you dave yeah coming from hyderabad awesome so i really appreciate you uh coming on the program let's start with talking about your point of view on what cyber security resilience means to to dell generally but storage specifically yeah so for something like storage you know we are talking about the data layer name and if you look at cyber security it's all about securing your data applications and infrastructure it has been a very mature field at the network and application layers and there are a lot of great technologies right from you know enabling zero trust uh advanced authentications uh identity management systems and so on and and in fact you know with the advent of you know the the use of artificial intelligence and machine learning really these detection tools for cyber securities have really evolved in the network and the application spaces so for storage what it means is how can you bring them to the data layer right how can you bring you know the principles of zero trust to the data layer how can you leverage artificial intelligence and machine learning to look at you know access patterns and make intelligent decisions about maybe an indicator of a compromise and identify them ahead of time just like you know how it's happening in other words of of applications and when it comes to cyber resilience it's it's basically a strategy which assumes that a threat is imminent and it's a good assumption with the severity and the frequency of the attacks that are happening and the question is how do we fortify the infrastructure in the switch infrastructure to withstand those attacks and have a plan a response plan where we can recover the data and make sure the business continuity is not affected so that's uh really cyber security and cyber resiliency and storage layer and of course there are technologies like you know um in network isolation um immutability and all these principles need to be applied at the storage level as well let me have a follow up on that if i may the intelligence that you talked about that ai and machine learning is that do you do you build that into the infrastructure or is that sort of a separate software module that that points at various you know infrastructure components how does that work both dave um right at the data storage level um we have come with various data characteristics depending on the nature of data we developed a lot of signals to see what could be a good indicator of a compromise um and there are also additional applications like cloud iq is the best example which is like an infrastructure-wide health monitoring system for dell infrastructure and now we have elevated that to include cyber security as well so these signals are being gathered at cloud iq level and other applications as well so that we can make those decisions about compromise and we can either cascade that intelligence and alert stream upstream for uh security teams um so that they can take actions in platforms like sign systems xtr systems and so on but when it comes to which layer the intelligence is it has to be at every layer where it makes sense where we have the information to make a decision and being closest to the data we have we are basically monitoring you know the various parallels data access who is accessing um are they crossing across any geo fencing is there any mass deletion that is happening or mass encryption that is happening and we are able to uh detect uh those uh patterns and flag them as indicators of compromise and in allowing automated response manual control and so on for iot teams yeah thank you for that explanation so at dell technologies world we were there in may it was one of the first you know live shows that that we did in the spring certainly one of the largest and i interviewed shannon champion and my huge takeaway from the storage side was the degree to which you guys uh emphasized security uh within the operating systems i mean really i mean powermax more than half i think of the features were security related but also the rest of the portfolio so can you talk about the the security aspects of the dell storage portfolio specifically yeah yeah so when it comes to data security and broadly data availability right in the context of cyber resiliency um dell storage uh this you know these elements have been at the core of our um a core strength for the portfolio and a source of differentiation for the storage portfolio you know with almost decades of collective experience of building highly resilient architectures for mission critical data something like power max system which is the most secure storage platform for high-end enterprises um and now with the increased focus on cyber security we are extending those core technologies of high availability and adding modern detection systems modern data isolation techniques to offer a comprehensive solution to the customer so that they don't have to piece together multiple things to ensure data security or data resiliency but a well-designed and well-architected solution by design is delivered to them to ensure cyber protection at the data layer got it um you know we were talking earlier to steve kenniston and pete gear about this notion of dell trusted infrastructure how does storage fit into that as a component of that sort of overall you know theme yeah and you know and let me say this if you could address because a lot of people might be skeptical that i can actually have security and at the same time not constrict my organizational agility that's old you know not an ore it's an end how do you actually do that if you could address both of those that would be great definitely so for dell trusted infrastructure cyber resiliency is a key component of that and just as i mentioned you know uh air gap isolation it really started with you know power protect cyber recovery you know that was the solution more than three years ago we launched and that was first in the industry which paved way to you know kind of data isolation being a core element of data management and uh for data infrastructure and since then we have implemented these technologies within different storage platforms as well so that customers have the flexibility depending on their data landscape they can approach they can do the right data isolation architecture right either natively from the storage platform or consolidate things into the backup platform and isolate from there and and the other key thing we focus in trusted infrastructure dell infra dell trusted infrastructure is you know the goal of simplifying security for the customers so one good example here is uh you know being able to respond to these cyber threats or indicators of compromise is one thing but an i.t security team may not be looking at the dashboard of the storage systems constantly right storage administration admins may be looking at it so how can we build this intelligence and provide this upstream platforms so that they have a single pane of glass to understand security landscape across applications across networks firewalls as well as storage infrastructure and and compute infrastructure so that's one of the key ways where how we are helping simplify the um kind of the ability to uh respond ability to detect and respond these threads uh in real time for security teams and you mentioned you know about zero trust and how it's a balance of you know not uh kind of restricting users or put heavy burden on you know multi-factor authentication and so on and this really starts with you know what we are doing is provide all the tools you know when it comes to advanced authentication uh supporting external identity management systems multi-factor authentication encryption all these things are intrinsically built into these platforms now the question is the customers are actually one of the key steps is to identify uh what are the most critical parts of their business or what are the applications uh that the most critical uh business operations depend on and similarly identify uh mission critical data where part of your response plan where it cannot be compromised where you need to have a way to recover once you do this identification then the level of security can be really determined uh by uh by the security teams by the infrastructure teams and you know another you know intelligence that gives a lot of flexibility uh for for even developers to do this is today we have apis um that so you can not only track these alerts at the data infrastructure level but you can use our apis to take concrete actions like blocking a certain user or increasing the level of authentication based on the threat level that has been perceived at the application layer or at the network layer so there is a lot of flexibility that is built into this by design so that depending on the criticality of the data criticality of the application number of users affected these decisions have to be made from time to time and it's as you mentioned it's it's a balance right and sometimes you know if if an organization had a recent attack you know the level of awareness is very high uh against cyber attacks so for a time you know these these settings may be a bit difficult to deal with but then it's a decision that has to be made by security teams as well got it so you're surfacing what may be hidden kpis that are buried inside for instance the storage system through apis upstream into a dashboard so that somebody could you know dig into the storage tunnel extract that data and then somehow you know populate that dashboard you're saying you're automating that that that workflow that's a great example and you may have others but is that the correct understanding absolutely and it's a two-way integration let's say a detector an attack has been detected at a completely different layer right in the application layer or at a firewall we can respond to those as well so it's a two-way integration we can cascade things up as well as uh respond to uh threats that have been detected elsewhere um through the api that's great all right api for power scale is the best example for that uh excellent so thank you appreciate that give us the last word put a bow on this and and bring this segment home please absolutely so a dell storage portfolio um using advanced data isolation with air gap having machine learning based algorithms to detect uh indicators of compromise and having rigor mechanisms with granular snapshots being able to recover data and restore applications to maintain business continuity is what we deliver to customers uh and these are areas where a lot of innovation is happening a lot of product focus as well as you know if you look at the professional services all the way from engineering to professional services the way we build these systems the way we we configure and architect these systems uh cyber security and protection uh is a key focus uh for all these activities and dell.com securities is where you can learn a lot about these initiatives that's great thank you you know at the recent uh reinforce uh event in in boston we heard a lot uh from aws about you know detent and response and devops and machine learning and some really cool stuff we heard a little bit about ransomware but i'm glad you brought up air gaps because we heard virtually nothing in the keynotes about air gaps that's an example of where you know this the cso has to pick up from where the cloud leaves off that was in front and so number one and number two we didn't hear a ton about how the cloud is making the life of the cso simpler and that's really my takeaway is is in part anyway your job and companies like dell so paris i really appreciate the insights thank you for coming on thecube thank you very much dave it's always great to be in these uh conversations all right keep it right there we'll be right back with rob emsley to talk about data protection strategies and what's in the dell portfolio you're watching the cube [Music] you

(upbeat music) >> The cybersecurity landscape has changed dramatically over the past 24 to 36 months. Rapid cloud migration has created a new layer of security defense, sure, but that doesn't mean CISOs can relax. In many respects, it further complicates, or at least changes, the CISO's scope of responsibilities. In particular, the threat surface has expanded. And that creates more seams, and CISOs have to make sure their teams pick up where the hyperscaler clouds leave off. Application developers have become a critical execution point for cyber assurance. "Shift left" is the kind of new buzz phrase for devs, but organizations still have to "shield right," meaning the operational teams must continue to partner with SecOps to make sure infrastructure is resilient. So it's no wonder that in ETR's latest survey of nearly 1500 CIOs and IT buyers, that business technology executives cite security as their number one priority, well ahead of other critical technology initiatives including collaboration software, cloud computing, and analytics rounding out the top four. But budgets are under pressure and CISOs have to prioritize. It's not like they have an open checkbook. They have to contend with other key initiatives like those just mentioned, to secure the funding. And what about zero trust? Can you go out and buy zero trust or is it a framework, a mindset in a series of best practices applied to create a security consciousness throughout the organization? Can you implement zero trust? In other words, if a machine or human is not explicitly allowed access, then access is denied. Can you implement that policy without constricting organizational agility? The question is, what's the most practical way to apply that premise? And what role does infrastructure play as the enforcer? How does automation play in the equation? The fact is, that today's approach to cyber resilience can't be an "either/or," it has to be an "and" conversation. Meaning, you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible. And don't even talk to me about the edge. That's really going to keep you up at night. Hello and welcome to this special CUBE presentation, "A Blueprint for Trusted Infrastructure," made possible by Dell Technologies. In this program, we explore the critical role that trusted infrastructure plays in cybersecurity strategies, how organizations should think about the infrastructure side of the cybersecurity equation, and how Dell specifically approaches securing infrastructure for your business. We'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile. First up are Pete Gerr and Steve Kenniston, they're both senior cyber security consultants at Dell Technologies. And they're going to talk about the company's philosophy and approach to trusted infrastructure. And then we're going to speak to Parasar Kodati, who's a senior consultant for storage at Dell Technologies to understand where and how storage plays in this trusted infrastructure world. And then finally, Rob Emsley who heads product marketing for data protection and cyber security. We're going to going to take a deeper dive with Rob into data protection and explain how it has become a critical component of a comprehensive cyber security strategy. Okay, let's get started. Pete Gerr, Steve Kenniston, welcome to theCUBE. Thanks for coming into the Marlborough studios today. >> Great to be here, Dave. Thanks. >> Thanks, Dave. Good to see you. >> Great to see you guys. Pete, start by talking about the security landscape. You heard my little wrap up front. What are you seeing? >> I thought you wrapped it up really well. And you touched on all the key points, right? Technology is ubiquitous today. It's everywhere. It's no longer confined to a monolithic data center. It lives at the edge. It lives in front of us. It lives in our pockets and smartphones. Along with that is data. And as you said, organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago. And along with that, cyber crime has become a very profitable enterprise. In fact, it's been more than 10 years since the NSA chief actually called cyber crime the biggest transfer of wealth in history. That was 10 years ago. And we've seen nothing but accelerating cyber crime and really sophistication of how those attacks are perpetrated. And so the new security landscape is really more of an evolution. We're finally seeing security catch up with all of the technology adoption, all the build out, the work from home and work from anywhere that we've seen over the last couple of years. We're finally seeing organizations, and really it goes beyond the IT directors, it's a board level discussion today. Security's become a board level discussion. >> Yeah, I think that's true as well. It's like it used to be that security was, "Okay, the SecOps team. You're responsible for security." Now you've got, the developers are involved, the business lines are involved, it's part of onboarding for most companies. You know, Steve, this concept of zero trust. It was kind of a buzzword before the pandemic. And I feel like I've often said it's now become a mandate. But it's still fuzzy to a lot of people. How do you guys think about zero trust? What does it mean to you? How does it fit? >> Yeah. Again, I thought your opening was fantastic. And this whole lead in to, what is zero trust? It had been a buzzword for a long time. And now, ever since the federal government came out with their implementation or desire to drive zero trust, a lot more people are taking it a lot more seriously, 'cause I don't think they've seen the government do this. But ultimately, it's just like you said, right? If you don't have trust to those particular devices, applications, or data, you can't get at it. The question is, and you phrase it perfectly, can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive? 'Cause we're seeing, with your whole notion around DevOps and the ability to kind of build, make, deploy, build, make, deploy, right? They still need that functionality but it also needs to be trusted. It needs to be secure and things can't get away from you. >> Yeah. So it's interesting. I've attended every Reinforce since 2019, and the narrative there is, "Hey, everything in the cloud is great. And this narrative around, 'Oh, security is a big problem.' doesn't help the industry." The fact is that the big hyperscalers, they're not strapped for talent, but CISOs are. They don't have the capabilities to really apply all these best practices. They're playing Whac-A-Mole. So they look to companies like yours, to take your R&D and bake it into security products and solutions. So what are the critical aspects of the so-called Dell Trusted Infrastructure that we should be thinking about? >> Yeah, well, Dell Trusted Infrastructure, for us, is a way for us to describe the the work that we do through design, development, and even delivery of our IT system. So Dell Trusted Infrastructure includes our storage, it includes our servers, our networking, our data protection, our hyper-converged, everything that infrastructure always has been. It's just that today customers consume that infrastructure at the edge, as a service, in a multi-cloud environment. I mean, I view the cloud as really a way for organizations to become more agile and to become more flexible, and also to control costs. I don't think organizations move to the cloud, or move to a multi-cloud environment, to enhance security. So I don't see cloud computing as a panacea for security, I see it as another attack surface. And another aspect in front that organizations and security organizations and departments have to manage. It's part of their infrastructure today, whether it's in their data center, in a cloud, or at the edge. >> I mean, I think that's a huge point. Because a lot of people think, "Oh, my data's in the cloud. I'm good." It's like Steve, we've talked about, "Oh, why do I have to back up my data? It's in the cloud?" Well, you might have to recover it someday. So I don't know if you have anything to add to that or any additional thoughts on it? >> No, I mean, I think like what Pete was saying, when it comes to all these new vectors for attack surfaces, you know, people did choose the cloud in order to be more agile, more flexible. And all that did was open up to the CISOs who need to pay attention to now, okay, "Where can I possibly be attacked? I need to be thinking about is that secure?" And part of that is Dell now also understands and thinks about, as we're building solutions, is it a trusted development life cycle? So we have our own trusted development life cycle. How many times in the past did you used to hear about vendors saying you got to patch your software because of this? We think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective, and make sure we don't give up or have security become a hole just in order to implement a feature. We got to think about those things. And as Pete alluded to, our secure supply chain. So all the way through, knowing what you're going to get when you actually receive it is going to be secure and not be tampered with, becomes vitally important. And then Pete and I were talking earlier, when you have tens of thousands of devices that need to be delivered, whether it be storage or laptops or PCs, or whatever it is, you want to be know that those devices can be trusted. >> Okay, guys, maybe Pete, you could talk about how Dell thinks about its framework and its philosophy of cyber security, and then specifically what Dell's advantages are relative to the competition. >> Yeah, definitely, Dave. Thank you. So we've talked a lot about Dell as a technology provider. But one thing Dell also is is a partner in this larger ecosystem. We realize that security, whether it's a zero trust paradigm or any other kind of security environment, is an ecosystem with a lot of different vendors. So we look at three areas. One is protecting data in systems. We know that it starts with and ends with data. That helps organizations combat threats across their entire infrastructure. And what it means is Dell's embedding security features consistently across our portfolios of storage, servers, networking. The second is enhancing cyber resiliency. Over the last decade, a lot of the funding and spending has been in protecting or trying to prevent cyber threats, not necessarily in responding to and recovering from threats. We call that resiliency. Organizations need to build resiliency across their organization, so not only can they withstand a threat, but they can respond, recover, and continue with their operations. And the third is overcoming security complexity. Security is hard. It's more difficult because of the things we've talked about, about distributed data, distributed technology, and attack surfaces everywhere. And so we're enabling organizations to scale confidently, to continue their business, but know that all the IT decisions that they're making have these intrinsic security features and are built and delivered in a consistent, secure way. >> So those are kind of the three pillars. Maybe we could end on what you guys see as the key differentiators that people should know about that Dell brings to the table. Maybe each of you could take a shot at that. >> Yeah, I think, first of all, from a holistic portfolio perspective, right? The secure supply chain and the secure development life cycle permeate through everything Dell does when building things. So we build things with security in mind, all the way from, as Pete mentioned, from creation to delivery, we want to make sure you have that secure device or asset. That permeates everything from servers, networking, storage, data protection, through hyperconverged, through everything. That to me is really a key asset. Because that means you understand when you receive something it's a trusted piece of your infrastructure. I think the other core component to think about, and Pete mentioned, as Dell being a partner for making sure you can deliver these things, is that even though that's part of our framework, these pillars are our framework of how we want to deliver security, it's also important to understand that we are partners and that you don't need to rip and replace. But as you start to put in new components, you can be assured that the components that you're replacing as you're evolving, as you're growing, as you're moving to the cloud, as you're moving to more on-prem type services or whatever, that your environment is secure. I think those are two key things. >> Got it. Okay. Pete, bring us home. >> Yeah, I think one of the big advantages of Dell is our scope and our scale, right? We're a large technology vendor that's been around for decades, and we develop and sell almost every piece of technology. We also know that organizations might make different decisions. And so we have a large services organization with a lot of experienced services people that can help customers along their security journey, depending on whatever type of infrastructure or solutions that they're looking at. The other thing we do is make it very easy to consume our technology, whether that's traditional on premise, in a multi-cloud environment, or as a service. And so the best-of-breed technology can be consumed in any variety of fashion, and know that you're getting that consistent, secure infrastructure that Dell provides. >> Well, and Dell's got probably the top supply chain, not only in the tech business, but probably any business. And so you can actually take your dog food, or your champagne, sorry, (laughter) allow other people to share best practices with your customers. All right, guys, thanks so much for coming up. I appreciate it. >> Great. Thank you. >> Thanks, Dave. >> Okay, keep it right there. After this short break, we'll be back to drill into the storage domain. You're watching "A Blueprint for Trusted Infrastructure" on theCUBE, the leader in enterprise and emerging tech coverage. Be right back. (upbeat music)