(upbeat music) (air whooshing) >> Hi everybody. John Walls here continuing our Cube Conversations here focusing on NETSCOUT today and the drawing problem of ransomware. Obviously very much in the news these days for the couple of high profile cases. It is certainly an increasing challenge, but by no means a new phenomenon at all. With us to talk about this is Roland Dobbins who is the principal engineer of NETSCOUT's A-CERT team. And Ronald and good to see you today, sir. Thanks for joining us. >> Good to see you as well. And Richard Hummel who's Threat Intelligence research lead for the A-CERT Team. And Richard, thank you for being with us as well here on the Cube. >> Absolutely John, thanks for having us. >> Yeah, let's just jump right in here. Ransomware, obviously we're all well aware of a couple of high profile cases, as I alluded to. Let's talk about first, the magnitude and scale of the problem, as it currently exists. And Roland, I'm going to let you just set the table for us here. Let's talk about ransomware, where it was maybe four or five years ago, and then the challenge has become today? >> Actually, John, if you don't mind I'd really like to hand that one to my colleague, Richard because >> By all means, so Richard- he's really has an in-depth background there if that's okay. >> Richard, jump in on that. >> Absolutely. Yeah. And so (clears throat) I'll handle all the ransomware stuff, namely because I've been doing this for going on seven years now of looking specifically at ransomware. I started this right around the time I joined Eyesight Partners, you know leading premier provider of threat intelligence who was acquired by FireEye and now Mandiat, and now even a conglomerate that just acquired Mandia. So there's been a series of acquisitions here but the reality is this threat intelligence has been pervasive across all of these. And you can see that over time that value hasn't diminished. And you can see that by all of these acquisitions. that are like that's a really good example to show how valuable this is because everybody wants it. And the reality is back then I started tracking ransomware specifically looking at a lot of the CryptoLocker variance, things like CryptoWall, and TorrentLocker, and TeslaCrypt. And there's any number I could go on and on and on about all these different variations, and how ransomware came to be, and what you know, adversaries were using it for. But the reality is ransomware has been around for a long, long time and probably three or four years ago. There was this lull in time where people are like, hey we've got these initiatives like no ransomware.org. We've got the, you know, local law enforcement backing in a bunch of different countries. There's this big huge international effort to basically get rid of ransomware. And it's going to% be a thing of the past. And we very clearly see that is not the case. And now with ransomware, you have an evolution over time. It used to be you would have different flavors of ransomware where sometimes it would encrypt your files first and then it would reach back to the command control. Sometimes it would reach back first to get keys and then it would encrypt. Sometimes the encryptions were breakable, sometimes the keys were stored locally, but a lot of them more recent variants of ransomware are very well done. They're very sophisticated. They will encrypt your files and the keys themselves are held by the adversary. And so there's no way to just decrypt it. You can't create a decryptor like a lot of these security companies do you would actually have to get that key from the adversary or you would have to restore your systems from a backup. And so the history of ransomware is very long and varied. And you know one of the core topics we want to discuss today is ransomware isn't by itself anymore. It used to be like ransomware was the name that incited fear but these guys have evolved over time. And now ransomware operators are doing kind of this triple extortion. Where they will encrypt your files, they've already gained access to that system. So then they will exfiltrate sensitive data and they will have that as kind of a hostage and say, look you're going to pay us for this ransomware to decrypt your files, to get those back. But I'll guess what? We also have your sensitive data that we're going to post online and sell and on underground forms unless you pay us additional money. But now we even have a third stage here. And this is kind of where Roland's going to come in and talk about this is we have DDoS extortion. That is surging In fact, we did a survey of enterprise internet service providers. And when we asked them what was their biggest concerns in 2020 and going into 2021 about threats, and obviously ransomware was number one but DDoS extortion was number two. And so you have this one, two bang the adversaries are using to be able to extort payment from victims. And this has been going on for a number of years with this kind of double extortion. And now this triple extortion, in fact going all the way back to the CryptoLocker days you would have banking malware, like Gameover Zeus where they would get on your system, they would do wire transfers from your bank accounts. There was steal files. And then as a last hurrah they would deploy ransomware and encrypt all your files. And so not only did they steal all your money from the bank. Now, they're going to say, you got to pay us to actually do decrypt your files. So this idea of kind of a double tap has been going on for a long time. And more recently around September of last year we started to see this DDoS aspect part of these operations. And so, yeah, that's kind of the history of what we're dealing with here. >> And so, and DDoS distributed denial service, Ronald let you pick up the ball at this point then. Now this evolution you will the triple threat, you know first you were talking about in encryption, in public exposure. And now this DDoS stage, this pillar of the malfeasance, if you will what kind of headaches is this causing in terms of from an engineering perspective from your side of the fence when you're looking at what your clients are dealing with when all of a sudden they have this entirely new plethora of challenges that are confronting them. >> Sure. So DDoS goes back a long ways. So it actually goes back to the late 80s and the early ARPANET. And then we started to see non-monetary DDoS extortion in the early 1990s. And we started to see monetary DDoS extortion that kicked off around 1997. So with any, criminals are very, very adaptive. And so when new technologies come online and new ways that they can potentially exploit it for their gain, they will do so in many cases using old modalities just simply transliterated into the new technology space. And that's what we see with (indistinct) extortion. DDOS attacks are attacks against availability. So the idea is to disrupt the access, (indistinct) access to applications, services, servers, data content, infrastructure, those different types of things. And DDoS attacks can be motivated by pretty much any motivation you can think of. But there is a hard core of DDoS extortionists that we've seen over the years. And this Richard indicated what we started to see is a convergence between these sets of criminal specialties. And so a few years ago, we actually were disassembling a piece of ransomware and it turned out that it had some very basic DDoS attack capabilities coded into it. It was obviously a prototype, it hadn't been finished, but this showed that these criminals in the ransomware space were thinking about getting into DDoS. And now they've developed this methodology where like Richard said, they, number one, they encrypt the files. Number two, they'll threaten to leak information. And then they will DDoS the public facing infrastructure of the organizations to try and put additional pressure on them to pay. And especially now during the pandemic with this wholesale shift to remote work. The attackers for the first time have the ability not only to disrupt the online operations which is bad enough, but they can actually interfere with the ordinary work day activities of the first-line workforce of organizations. And so this really makes it even more potent. And the ransomware itself is interesting as well because it uses exploits, social engineering, along with technological exploits to exploit the confidentiality and the integrity of data, and to restrict that stuff which actually turns into an attack against availability. So it's kind of really a different form of DDoS attack and coupled out with a real DDoS attack, and it can be very, very challenging. But one thing John that we've seen is that organizations if they have prepared to deal with a DDoS attack in form an architectural perspective, from an operational perspective. If they have done the things they need to do, to be able to maintain availability, even in the face of attack. There are about 80% of where they need to be to be to able to withstand a ransomware attack. Conversely, if organizations have been doing a good job and ensuring that their systems are secured and if they do get hit somehow with ransomware that they have the ability to maintain operations and communications and recover, they're about 80% of where they need to be to be able to successfully withstand DDoS attacks. And so it turns out that even though these threats are major threats and they are something that organizations need to be aware of, the good news is that a lot of the planning, and resources, and organizational changes that need to be made to face these threats are in fact very similar. >> Yeah, but (indistinct) mean the challenge is, it's hard work, right? It, there's an enormous amount of preparations got to go into this, and pre-planning, pre-thought, and that's what NETSCOUT is all about obviously is trying to get people onto that journey and getting into this examination of their services, and their networks, and... The fact that this can happen on multiple layers, right? It could be application, be protocols, transport, network, whatever, you know just multiple ways that these DDoS attacks can occur. What kind of I'd say well, challenges again does that present in the fact that it is, there are many doors, right? That these attacks can happen from or where these attacks can come from. So how do you then talk to your client base about approaching this kind of examination and these prophylactic measures that you're suggesting that have to be done in order to minimize the damage? >> It's really about business continuity. Now business continuity planning, we used to be called "disaster recovery planning", right? Is something that organizations are very familiar with. It often has executive sponsorship and a lot of planning has gone into it. The thing is DDoS attacks, which were attacks against availability are in fact a manmade disaster, right? And they interrupt the continuity of business. Same thing with the ransomware, and so from an architectural standpoint, from the standpoint of rolling out new products and services, resiliency and to attack, and the ability to maintain availability and continue with operations in the face of attack is really really key for any organization today which has any kind of significant online presence. And that's really just about all of them. And so from a planning standpoint, it's imperative from an architectural standpoint whether we're talking about things like network infrastructure, or DNS, or software applications. It's important from an operational standpoint. So one of the things that we see for example is that many organizations don't really have a good communications plan. They don't have a good internal communications plan nor do they have a good external communications plan for communicating during an event. And they don't even have really a plan for dealing with an event that is disruptive to business continuity and operations. And so that is really key. Technology is important, but the most important aspect of this is the human factor, understanding the business, understanding the types of risks to the business's ability to execute on its mission and then doing the things from a technological perspective, from an operational perspective, and from a communications perspective to maintain operations, and communications throughout an event and to be able to emerge on the other side of that agenda successfully. >> So Richard you're in threat intelligence, right? Risk assessments. And as you said, you've been around this block for quite some time now. In terms of, I guess getting people's attention that has been accomplished now with obviously some, with some of these high profile cases. But what about that kind of work that you're doing in terms of trying to communicate these very threats to your client base or to prospective clients in terms of identifying their real vulnerabilities within their networks and then having them seriously address these. I mean, what's the difference maybe in the mindset now, as opposed to where maybe that conversation was being had a few years ago? >> I think the biggest difference here is a matter of when and not if. It used to be, you could say, "Oh I'm never going to get hit by ransomware or I'm never going to get DDoS attacked." But that is no longer the case. Roland made a really good point that just about every single business in the world now relies on internet connectivity in order to operate their business. If they don't have that then they're not going to be able to connect with their consumers, their shoppers, if they're a retail, right? If you're a bank, then you have to communicate with your individuals having accounts. And I mean, I have not gone to a physical bank in probably six years. And so that just underscores how important it is to have this internet connectivity. Now, with that comes risk. Not only do you risk the DDoS attacks because you're publicly exposed in an adversary where you can actually find your internet space by doing some forensics, such as network scanning, being able to walk that back like a passive DNS but their historical records use things like showdown to figure out what kind of devices you're running. So there's any number of ways that you can do that. But at the same time you're also exposing yourself to these ransomware operators and really any kind of crime ware operator out there, because they're going to exploit you over the internet. We actually did a case study probably two years ago. Looking at brute forcing on networks and looking at exploitation attempts to figure out like what is the Delta? If you have an online internet presence are you going to get attacked? And the answer was very shocking to us. Yes, you're going to get attacked. And also it's going to be in less than five minutes, from the time a brand new IOT device goes online to the time it starts getting brute force attacked. And within 24 hours you're going to get exploitation attempts from known vulnerabilities or devices that haven't been patched and things like that. And so the reality is not if you're going to get attacked, it's when? And so understanding that is the nature of the threat landscape right now and having this kind of security awareness. Actually another good point that Roland just brought up was that human element. The human element is kind of the linchpin for any security organization. And as part of my master's I had wrote a dissertation about, and I named it as such my professor didn't really care for this, but I said, "The humans are the weakest link." Because in the security posture, that is essentially true. If you don't have the expertise on a team you're not going to be able to get things configured properly. If you don't have the expertise you're not going to be able to respond properly. If you have individuals that aren't concerned about security, now you're going to have a bunch of gaps. Not only that, social engineering is still the number one method that adversaries use to get into organizations and that manipulates the human element. And so having the security awareness in what we do here, on this cube interview, the threat reports, we publish, the blogs that we do, all the threads summaries, all of that goes hand-in-hand with educating the general public and having security awareness pushed out as much as possible to every single person we can. And that's really the key, this preparation, this awareness of what adversaries are doing in order to defend against them. >> So Roland in your mind and you've already walked us through a little bit of this about certain steps and measures. Do you think that could be taken safeguards basically, that everybody should have in the place? What is the optimal scenario from an engineering perspective in terms of trying to prevent these kinds of intrusions, these kinds of attacks in terms of what are those basic pieces, these fundamental pieces as you see it now, understanding as Richard just told us that it's matter of not if, but when? >> Right. So availability, redundancy these have to be core architectural principles whether we're talking about network infrastructure, whether we're talking about important ancillary supporting services like DNS in terms of personnel, in terms of remote access. All of these different elements and many many more have to be designed from the out. All the services in the applications whether they're used internally, whether they are part of service delivery that an organization is doing across the internet, publicly there has to be redundancy and resiliency. There has to be a defense plan in order to defend these assets in these organizations against attack. Whether it's DDoS attack or whether it's a containment plan to deal with a ransomware that potentially gets let loose inside the enterprise network, there has to be a plan to contain it, and deal with it, and restore from backup. These plans have to be continuously updated because IT is not static. There are always noose and nance and changes this organizations provision new services offer new products, move into new markets and new new sub-specializations. And so the plans have to be consistently updated and they have to be rehearsed. You can't have a plan that just exists as pixels on a phosphorous somewhere. The plan has to be executed because you're going to find that there's some scenario, some service, or application, or operational process that needs to be updated or that needs to be included in the plan. And this has to be done regularly. Another key point is that you have to have people who are very skilled and who have both depth and breadth of understanding. And either you bring those people into your organization or you reach out and get that expertise from organizations who do in fact have that kind of expertise on tap and available. >> Well, is, you both certainly exhibit the depth and the breadth to fight this issue(chuckles) I certainly appreciate the time, the insights, and the warning is quite clear. Be prepared, do the hard work upfront. It could save you a lot of headache on the backside. And it is a matter of when and not if, these days. Richard Roland, thanks for being with us here on the Cube >> Thank you so much. >> Thank you so much. It's a pleasure. >> All right, talking about the triple threat of extortion, cyber extortion these days, and DDoS, the distributed denial of service in the growing problem. It is, but there is a way that you can combat it. And you just learned about that (indistinct) NETSCOUT here on the Cube. (upbeat music)

(upbeat music) (air whooshing) >> Hi everybody. John Walls here continuing our Cube Conversations here focusing on NETSCOUT today and the drawing problem of ransomware. Obviously very much in the news these days for the couple of high profile cases. It is certainly an increasing challenge, but by no means a new phenomenon at all. With us to talk about this is Roland Dobbins who is the principal engineer of NETSCOUT's A-CERT team. And Ronald and good to see you today, sir. Thanks for joining us. >> Good to see you as well. And Richard Hummel who's Threat Intelligence research lead for the A-CERT Team. And Richard, thank you for being with us as well here on the Cube. >> Absolutely John, thanks for having us. >> Yeah, let's just jump right in here. Ransomware, obviously we're all well aware of a couple of high profile cases, as I alluded to. Let's talk about first, the magnitude and scale of the problem, as it currently exists. And Roland, I'm going to let you just set the table for us here. Let's talk about ransomware, where it was maybe four or five years ago, and then the challenge has become today? >> Actually, John, if you don't mind I'd really like to hand that one to my colleague, Richard because >> By all means, so Richard- he's really has an in-depth background there if that's okay. >> Richard, jump in on that. >> Absolutely. Yeah. And so (clears throat) I'll handle all the ransomware stuff, namely because I've been doing this for going on seven years now of looking specifically at ransomware. I started this right around the time I joined Eyesight Partners, you know leading premier provider of threat intelligence who was acquired by FireEye and now Mandiat, and now even a conglomerate that just acquired Mandia. So there's been a series of acquisitions here but the reality is this threat intelligence has been pervasive across all of these. And you can see that over time that value hasn't diminished. And you can see that by all of these acquisitions. that are like that's a really good example to show how valuable this is because everybody wants it. And the reality is back then I started tracking ransomware specifically looking at a lot of the CryptoLocker variance, things like CryptoWall, and TorrentLocker, and TeslaCrypt. And there's any number I could go on and on and on about all these different variations, and how ransomware came to be, and what you know, adversaries were using it for. But the reality is ransomware has been around for a long, long time and probably three or four years ago. There was this lull in time where people are like, hey we've got these initiatives like no ransomware.org. We've got the, you know, local law enforcement backing in a bunch of different countries. There's this big huge international effort to basically get rid of ransomware. And it's going to% be a thing of the past. And we very clearly see that is not the case. And now with ransomware, you have an evolution over time. It used to be you would have different flavors of ransomware where sometimes it would encrypt your files first and then it would reach back to the command control. Sometimes it would reach back first to get keys and then it would encrypt. Sometimes the encryptions were breakable, sometimes the keys were stored locally, but a lot of them more recent variants of ransomware are very well done. They're very sophisticated. They will encrypt your files and the keys themselves are held by the adversary. And so there's no way to just decrypt it. You can't create a decryptor like a lot of these security companies do you would actually have to get that key from the adversary or you would have to restore your systems from a backup. And so the history of ransomware is very long and varied. And you know one of the core topics we want to discuss today is ransomware isn't by itself anymore. It used to be like ransomware was the name that incited fear but these guys have evolved over time. And now ransomware operators are doing kind of this triple extortion. Where they will encrypt your files, they've already gained access to that system. So then they will exfiltrate sensitive data and they will have that as kind of a hostage and say, look you're going to pay us for this ransomware to decrypt your files, to get those back. But I'll guess what? We also have your sensitive data that we're going to post online and sell and on underground forms unless you pay us additional money. But now we even have a third stage here. And this is kind of where Roland's going to come in and talk about this is we have DDoS extortion. That is surging In fact, we did a survey of enterprise internet service providers. And when we asked them what was their biggest concerns in 2020 and going into 2021 about threats, and obviously ransomware was number one but DDoS extortion was number two. And so you have this one, two bang the adversaries are using to be able to extort payment from victims. And this has been going on for a number of years with this kind of double extortion. And now this triple extortion, in fact going all the way back to the CryptoLocker days you would have banking malware, like Gameover Zeus where they would get on your system, they would do wire transfers from your bank accounts. There was steal files. And then as a last hurrah they would deploy ransomware and encrypt all your files. And so not only did they steal all your money from the bank. Now, they're going to say, you got to pay us to actually do decrypt your files. So this idea of kind of a double tap has been going on for a long time. And more recently around September of last year we started to see this DDoS aspect part of these operations. And so, yeah, that's kind of the history of what we're dealing with here. >> And so, and DDoS distributed denial service, Ronald let you pick up the ball at this point then. Now this evolution you will the triple threat, you know first you were talking about in encryption, in public exposure. And now this DDoS stage, this pillar of the malfeasance, if you will what kind of headaches is this causing in terms of from an engineering perspective from your side of the fence when you're looking at what your clients are dealing with when all of a sudden they have this entirely new plethora of challenges that are confronting them. >> Sure. So DDoS goes back a long ways. So it actually goes back to the late 80s and the early ARPANET. And then we started to see non-monetary DDoS extortion in the early 1990s. And we started to see monetary DDoS extortion that kicked off around 1997. So with any, criminals are very, very adaptive. And so when new technologies come online and new ways that they can potentially exploit it for their gain, they will do so in many cases using old modalities just simply transliterated into the new technology space. And that's what we see with (indistinct) extortion. DDOS attacks are attacks against availability. So the idea is to disrupt the access, (indistinct) access to applications, services, servers, data content, infrastructure, those different types of things. And DDoS attacks can be motivated by pretty much any motivation you can think of. But there is a hard core of DDoS extortionists that we've seen over the years. And this Richard indicated what we started to see is a convergence between these sets of criminal specialties. And so a few years ago, we actually were disassembling a piece of ransomware and it turned out that it had some very basic DDoS attack capabilities coded into it. It was obviously a prototype, it hadn't been finished, but this showed that these criminals in the ransomware space were thinking about getting into DDoS. And now they've developed this methodology where like Richard said, they, number one, they encrypt the files. Number two, they'll threatened to leak information. And then they will DDoS the public facing infrastructure of the organizations to try and put additional pressure on them to pay. And especially now during the pandemic with this wholesale shift to remote work. The attackers for the first time have the ability not only to disrupt the online operations which is bad enough, but they can actually interfere with the ordinary work day activities of the first-line workforce of organizations. And so this really makes it even more potent. And the ransomware itself is interesting as well because it uses exploits (indistinct), social engineering, along with technological exploits to exploit the confidentiality and the integrity of data, and to restrict that stuff which actually turns into an attack against availability. So it's kind of really a different form of DDoS attack and coupled out with a real DDoS attack, and it can be very, very challenging. But one thing John that we've seen is that organizations if they have prepared to deal with a DDoS attack in form an architectural perspective, from an operational perspective. If they have done the things they need to do, to be able to maintain availability, even in the face of attack. There are about 80% of where they need to be to be to able to withstand a ransomware attack. Conversely, if organizations have been doing a good job and ensuring that their systems are secured and if they do get hit somehow with ransomware that they have the ability to maintain operations and communications and recover, they're about 80% of where they need to be to be able to successfully withstand DDoS attacks. And so it turns out that even though these threats are major threats and they are something that organizations need to be aware of, the good news is that a lot of the planning, and resources, and organizational changes that need to be made to face these threats are in fact very similar. >> Yeah, but (indistinct) mean the challenge is, it's hard work, right? It, there's an enormous amount of preparations got to go into this, and pre-planning, pre-thought, and that's what NETSCOUT is all about obviously is trying to get people onto that journey and getting into this examination of their services, and their networks, and... The fact that this can happen on multiple layers, right? It could be application, be protocols, transport, network, whatever, you know just multiple ways that these DDoS attacks can occur. What kind of I'd say well, challenges again does that present in the fact that it is, there are many doors, right? That these attacks can happen from or where these attacks can come from. So how do you then talk to your client base about approaching this kind of examination and these prophylactic measures that you're suggesting that have to be done in order to minimize the damage? >> It's really about business continuity. Now business continuity planning, we used to be called "disaster recovery planning", right? Is something that organizations are very familiar with. It often has executive sponsorship and a lot of planning has gone into it. The thing is DDoS attacks, which were attacks against availability are in fact a manmade disaster, right? And they interrupt the continuity of business. Same thing with the ransomware, and so from an architectural standpoint, from the standpoint of rolling out new products and services, resiliency and to attack, and the ability to maintain availability and continue with operations in the face of attack is really really key for any organization today which has any kind of significant online presence. And that's really just about all of them. And so from a planning standpoint, it's imperative from an architectural standpoint whether we're talking about things like network infrastructure, or DNS, or software applications. It's important from an operational standpoint. So one of the things that we see for example is that many organizations don't really have a good communications plan. They don't have a good internal communications plan nor do they have a good external communications plan for communicating during an event. And they don't even have really a plan for dealing with an event that is disruptive to business continuity and operations. And so that is really key. Technology is important, but the most important aspect of this is the human factor, understanding the business, understanding the types of risks to the business's ability to execute on its mission and then doing the things from a technological perspective, from an operational perspective, and from a communications perspective to maintain operations, and communications throughout an event and to be able to emerge on the other side of that agenda successfully. >> So Richard you're in threat intelligence, right? Risk assessments. And as you said, you've been around this block for quite some time now. In terms of, I guess getting people's attention that has been accomplished now with obviously some, with some of these high profile cases. But what about that kind of work that you're doing in terms of trying to communicate these very threats to your client base or to prospective clients in terms of identifying their real vulnerabilities within their networks and then having them seriously address these. I mean, what's the difference maybe in the mindset now, as opposed to where maybe that conversation was being had a few years ago? >> I think the biggest difference here is a matter of when and not if. It used to be, you could say, "Oh I'm never going to get hit by ransomware or I'm never going to get DDoS attacked." But that is no longer the case. Roland made a really good point that just about every single business in the world now relies on internet connectivity in order to operate their business. If they don't have that then they're not going to be able to connect with their consumers, their shoppers, if they're a retail, right? If you're a bank, then you have to communicate with your individuals having accounts. And I mean, I have not gone to a physical bank in probably six years. And so that just underscores how important it is to have this internet connectivity. Now, with that comes risk. Not only do you risk the DDoS attacks because you're publicly exposed in an adversary where you can actually find your internet space by doing some forensics, such as network scanning, being able to walk that back like a passive DNS but their historical records use things like showdown to figure out what kind of devices you're running. So there's any number of ways that you can do that. But at the same time you're also exposing yourself to these ransomware operators and really any kind of crime ware operator out there, because they're going to exploit you over the internet. We actually did a case study probably two years ago. Looking at brute forcing on networks and looking at exploitation attempts to figure out like what is the Delta? If you have an online internet presence are you going to get attacked? And the answer was very shocking to us. Yes, you're going to get attacked. And also it's going to be in less than five minutes, from the time a brand new IOT device goes online to the time it starts getting brute force attacked. And within 24 hours you're going to get exploitation attempts from known vulnerabilities or devices that haven't been patched and things like that. And so the reality is not if you're going to get attacked, it's when? And so understanding that is the nature of the threat landscape right now and having this kind of security awareness. Actually another good point that Roland just brought up was that human element. The human element is kind of the linchpin for any security organization. And as part of my master's I had wrote a dissertation about, and I named it as such my professor didn't really care for this, but I said, "The humans are the weakest link." Because in the security posture, that is essentially true. If you don't have the expertise on a team you're not going to be able to get things configured properly. If you don't have the expertise you're not going to be able to respond properly. If you have individuals that aren't concerned about security, now you're going to have a bunch of gaps. Not only that, social engineering is still the number one method that adversaries use to get into organizations and that manipulates the human element. And so having the security awareness in what we do here, on this cube interview, the threat reports, we publish, the blogs that we do, all the threads summaries, all of that goes hand-in-hand with educating the general public and having security awareness pushed out as much as possible to every single person we can. And that's really the key, this preparation, this awareness of what adversaries are doing in order to defend against them. >> So Roland in your mind and you've already walked us through a little bit of this about certain steps and measures. Do you think that could be taken safeguards basically, that everybody should have in the place? What is the optimal scenario from an engineering perspective in terms of trying to prevent these kinds of intrusions, these kinds of attacks in terms of what are those basic pieces, these fundamental pieces as you see it now, understanding as Richard just told us that it's matter of not if, but when? >> Right. So availability, redundancy these have to be core architectural principles whether we're talking about network infrastructure, whether we're talking about important ancillary supporting services like DNS in terms of personnel, in terms of remote access. All of these different elements and many many more have to be designed from the out. All the services in the applications whether they're used internally, whether they are part of service delivery that an organization is doing across the internet, publicly there has to be redundancy and resiliency. There has to be a defense plan in order to defend these assets in these organizations against attack. Whether it's DDoS attack or whether it's a containment plan to deal with a ransomware that potentially gets let loose inside the enterprise network, there has to be a plan to contain it, and deal with it, and restore from backup. These plans have to be continuously updated because IT is not static. There are always noose and nance and changes this organizations provision new services offer new products, move into new markets and new new sub-specializations. And so the plans have to be consistently updated and they have to be rehearsed. You can't have a plan that just exists as pixels on a phosphorous somewhere. The plan has to be executed because you're going to find that there's some scenario, some service, or application, or operational process that needs to be updated or that needs to be included in the plan. And this has to be done regularly. Another key point is that you have to have people who are very skilled and who have both depth and breadth of understanding. And either you bring those people into your organization or you reach out and get that expertise from organizations who do in fact have that kind of expertise on tap and available. >> Well, is, you both certainly exhibit the depth and the breadth to fight this issue(chuckles) I certainly appreciate the time, the insights, and the warning is quite clear. Be prepared, do the hard work upfront. It could save you a lot of headache on the backside. And it is a matter of when and not if, these days. Richard Roland, thanks for being with us here on the Cube >> Thank you so much. >> Thank you so much. It's a pleasure. >> All right, talking about the triple threat of extortion, cyber extortion these days, and DDoS, the distributed denial of service in the growing problem. It is, but there is a way that you can combat it. And you just learned about that (indistinct) NETSCOUT here on the Cube. (upbeat music)

>> Announcer: From around the globe, It's theCUBE with digital coverage of IBM Think 2021. Brought to you by IBM. >> Welcome back to IBM Think 2021. This is theCUBE's ongoing coverage where we go out to the events, in this case virtually to extract the signal from the noise. Now we're going to talk about one of the deepest customer relationships in the tech business with Piet Bill who is the IBM managing director for American Express. Piet, great to see you. Thanks for coming on. >> Thanks for having me, Dave. >> So as I said, this is one of the deepest vendor-client relationships. I mean, it's more than that. It's just, you're not a vendor. You're a partner, a very deep relationship many many decades, plus executives know each other. There's been some senior executives from American Express, as I recall came over to IBM of course, famously Lou Gerstner. But, talk about the, just give us the overview of the evolution of that partnership. >> Yeah well, as you rightly mentioned, the relationship is long and deep. It's over a hundred years. I mean the original deal was probably around the combine clocks and scales and all that kind of stuff, and it evolved over time. But what it does indeed create is a long, deep, lasting relationship as a fundament for doing business. And yeah, that business has gone through a lot of cycles over the last decade. So as you say, from buying stuff but I would say over time evolving really into a partnership around services, mutual business back and forth, exchanging executives on board level. American Express executives on the board of IBM and vice versa. So yeah, it's a very, very deep long relationship of two iconic companies in Manhattan. >> Yeah, well so it's got to be more than just buying stuff. Obviously, there's a lot of business being transacted, but you've got an intimate, I mean your title has American Express in it. So you've got to intimately understand your client's business. I mean, I guess that's always the case but we're taking it to another level here, aren't we? >> Yeah, yeah, absolutely. I mean, so what you really are often what we do as IBM is really get into the shoes basically of American Express trying to support their business to their clients. So American Express is very focused on small and medium businesses. So, we tap into how can we help the small and medium business as part of the American Express customer set. And how can we help evolve their business models, their technology, their services, to serve their clients better because in the old days, indeed, to your point, it was like, oh we wanted to buy the right stuff. And then we use that to do our thing but that the technology today, the area in which we operate is completely different. If you don't understand the client of American Express, we cannot serve American Express as a company. So it is indeed very important and it is therefore deeper and it requires way more focus on the clients of American Express than in the old days, I would say. >> Well, the pandemic must've been a challenging environment. Of course, I mean, you know people aren't out shopping as much, although people are waiting, they can't wait to get back out. They say, it's going to be like Woodstock here with their American Express cards. But so, maybe talk a little bit about how you worked together during the pandemic. >> Yeah, so well, first of all, like anybody we all work from home, but American Express really, I would say almost re-engaged on what is core in their strategy, is the support to small and medium business. So, American Express started this Stand For Small Initiative led by Steve Squeri himself, about how can we enable the small enterprises in doing business in the COVID period? What do they need? I mean, yeah, they need money, but they also need help. Like how to deal with your financials with your people. Can we use the spare time to do more education? And so IBM was one of the partners that jumped on board immediately to say, okay let us help in that platform, support you when necessary with the platform, but definitely help you in that platform to reach out to the small and medium enterprises, specifically in the New York area And like many other partners, we all got on board. And I think it got another focus again, I mean small and medium business has always been a focus but it's different when so many companies are struggling right now. And so we got on board and I think that is really a very clear partnership expression, I would say. >> How do you measure success with American Express? What are some of the key things that you guys look at? How have you evolved that over time? >> Well, ultimately I would say it's client satisfaction in the end. It sounds like an open door, but it really is. I mean, the real measurement, I mean there's always money measurements back and forth. And you can argue that of course you need to do solid business. There's no discussion there but I would say it's where do we align on the strategic intent from both companies? And let me elaborate a second on that one. If American Express is really transforming its business to become way more, I would say cloud enabled, hybrid technologies enabled. We provide a lot of that material. So we are really working together on trying to leverage each other in building that hybrid platform that will enable that future. And why do you need that? Well, because American Express needs to be dynamic and getting fintechs on board, getting exchanges with new companies are going way faster. It's not the traditional old style anymore where you could go for transformations for years. No, it needs to be on the spot. So we felt our strategies are really well aligned. And I would say the real measurement of success is how can we now make that to the benefit of American Express and on the back of that, we will do good business. So client satisfaction should be the primary one, strategic alignment important, and then of course doing the sound business on the back of that for both sides >> Financial services firms have always been pretty savvy when it comes to applying technology to business. Some of the most demanding customers and more advanced. And so, American Express was likely already on a digital transformation prior to the COVID hitting. At the same time, if he talks about it being accelerated. But, I think what people miss is that it wasn't, well they don't miss it, but to think about it and this way it wasn't planned, it was like forced. And, so you just, you had no choice. You couldn't think about it. You just had to do an act. And so on the one hand, okay, that's good. It was a forcing function. It also served as a Petri dish, but on the other hand, I'm sure a lot of mistakes were made. Now, as we exit the pandemic, we step back and say, okay, wow, we learned a lot. Now we can make a more planful approach and really go deeper and lean in over the next several years. What are your thoughts on that? And how does it relate to what you guys are doing with American Express? >> I think that's a very good point, I agree. It's what you see is that this indeed has forced us in a lot of things. I think the good news is American Express was already enabled for a lot of that new technology. They have invested. They have a lot of very skilled, good people and a very clear strategy and what they were after. This indeed put more pressure on it. I think what you will see happening in the foreseeable future after we get out of all of this, let's say the the urgency to complete the transformation on the cloud and data will become even more crucial. And so the priority will become higher and it will not be just higher because of the techies wanting it to do it, but because the business needs it. So they need it from a risk perspective, they need it from an agility perspective, go to market of new products. They need to really move fast. It's a fast moving market. You get a lot of it. I mean, the competition is there. So to enable that the move to get new technologies in faster is becoming pivotal and crucial. And I think for now, it's more of an almost like a survival statement. We need to get through this bubble of COVID. As soon as that's done, we need to think way more on the structural elements of data and how we enable a hybrid strategy going forward. >> So in the spirit of, you know you need to understand your customer. In this case, American Express and understand their business. And American Express is, I'll make you laugh. Anytime I call American Express, if I have to work out a problem or whatever, and I got to talk to customer service, they always thank me for my loyalty. Because I've been a customer for a long time. Back when probably when Ronald Reagan was president it was my first Amex card. And so they're like, "Oh, thank you, Mr. Vellante. We really appreciate your loyalty." So loyalty is a big thing for American Express with its customers. So what about IBM and American Express? How are you breeding? You know, what's that loyalty factor look like for you guys? >> Yeah, I think it's a very important element. I mean, to your point, I have the same experience. It's a crucial element. The whole, I mean, American express is famous for its loyalty schemes for loyalty as a company. I think loyalty, like the business has evolved. I think the loyalty evolves in the same style. And I would say in the old days, I would say the argument was you need to have the best product. You know, you need to be, and then we'll buy the product. In the current environment, I would argue it's way more about skills. Do we have the right people? Do we have the right technology, strategy kind of stuff? I would say for the future, it's way more about do we have the right trust, commitment, and loyalty of the people that work with us going forward to serve the client needs? And I think that evolution, it's almost like you have an Industrial Revolution. There was an Information Revolution. I think there's more of a Loyalty Revolution coming up where the real differentiating factors is because we can study this and argue this for ages but a lot of parties will deliver a lot of good technology to the market. They will deliver a lot of good people. They will have good price points. So what's the real differentiating factor? It's like, do we really trust these people? And then I think relationship loyalty will really come in play and it will not become in play just between an IBM and an American Express. But I would argue it will come in play in the whole business cycle of American Express to their clients. I mean, if the credit card swipe of your American Express card in a shop fails, it needs to be my problem. If I deliver the service to American Express, it cannot be that, oh, American Express has a problem. And you know what, it's eight o'clock in the evening. Yeah, we have reduced services. No, we never had that. We will never have that. But we need to get even deeper in understanding what the effects are of these business issues. >> Yeah. you're right. The nature of loyalty, I mean, certainly the products have changed. I remember, you used to travel overseas with American Express Travelers Checks. That was a staple of every overseas trip that I ever took. No matter where I was going, whether it was the Asia Pacific or Europe, I had to have that packet. And there were times when one time in particular I had a problem, boom, they were right there. It solved that problem. Now of course, many young people in the audience don't even know what America's Express Travelers Check is. They probably don't know what cash is. Carrying around crypto in their wallet. But, that's an example and that's about trust. I trust that product. I trust that company behind the product. And again, that has to extend to your relationship, doesn't it? >> Absolutely, so the technology that American Express uses, whether they do it themselves, or whether it's provided by partners like IBM. It needs to be seamless because, let's face it. Dave, you will not be interested to know who provides you the security on your credit card. If you have an American Express card, you expect it expect American Express to deliver you the security that you need. And whether American Express delivers that or IBM, you couldn't care less and you shouldn't care less. But what it does require is that, in the old school I would say it was more like, okay, we'll give some services and some products to American Express and guys, good luck! Now, we need to think ahead. And I think that's where the power of IBM comes in whether we really are tuned by industry to the industry issues like compliance, security, stability, services to the end clients, to you. So you need to feel if I cannot explain what I do to American Express in your terms as an end-user of an Amex credit card, you can argue what's the real value at? And definitely if there's like three, four, or five parties playing exactly the same game, it needs to be differentiating. And I think a company like IBM we have differentiating value, but we need to make it very clear. And that's, I think where you see companies like American Express really work together and that's where loyalty and trust really comes into play. >> Last question and we've got to go is, you have American Express in your title. Are other companies jealous? (laughs) We want that too. >> They should. They should be. I must say, we deal with a ton of financial institutions as you know around the globe, including the other credit cards. But yeah, I think when these deep relationships come in place and two, they're so old. So deep, so entrenched, and it really started. There's different dimensions to it. And it's not always that hard-coded anymore. It's the subtlety of really relying on each other. I mean, when something happens in the middle of the night with American Express, all of IBM is on board as of the second. And it's not driven by contracts or by anything. It's by people that have an American Express logo on the forehead and worked for an IBM. >> Yeah, right. That's awesome. Piet, Piet Bill's great story. Thanks so much for coming to theCUBE. It was great to have you. >> Thanks for having me. >> All right. And keep it right there. This is Dave Vellante, ongoing coverage of Think 2021. You're watching theCUBE.

>>from >>around >>The globe. It's the cube with digital coverage of IBM think 2021 brought to you >>by IBM. Welcome back to IBM Think 2021. This is the cubes ongoing coverage where we go out to the events in this case virtually to extract the signal from the noise. Now we're gonna talk about one of the deepest customer relationships in the tech business with Pete Bill, who is the IBM managing director for American Express. Pete, great to see you. Thanks for coming on. >>Thanks for having me Dave. >>So as I said, this is one of the deepest vendor client relationships. I mean, it's more than that because you're not a vendor, your partner, very deep relationship, many, many, you know, decades plus uh, executives know each other. There's been a some senior executives from American Express as I recall, came over to IBM of course, famously Lou Gerstner um, but but talk about the, just give us the overview of the evolution of that partnership. >>Yeah, well, as you rightfully mentioned, uh the relationship is long and deep, its over 100 years. I mean the original deal was probably around the club buying clocks and uh scales and all that kind of stuff and it evolved over time. But what it does indeed create is a long deep lasting relationship as a fundament for doing business and uh yeah that business has gone through a lot of cycles over the last decades, as you say, uh from from buying stuff. But I would say over time evolving really into a partnership around services, mutual business back and forth, exchanging executives on board level american Express executives on the board of IBM and vice versa. So yeah, it's a very very deep long relationship of two iconic companies in in Manhattan. >>Yeah, so it's got to be more than just buying stuff. Obviously there's a lot of business being transacted but you've got to intimate your title has american Express in it. So you've got to intimately understand your client's business. I mean that's I guess that's always the case, but we're taking it to another level here, >>aren't we? Yeah. Yeah, absolutely. I mean, so what you really are after and what we do is IBM is really get into the shoes basically of american Express trying to support their business to their clients. So american Express is very focused on small and medium business. So we tip into how can we help the small and medium businesses part of the american Express custom set and how can we help evolve their business models, that technology their services to serve their clients better because in the old days indeed. To your point it was like, oh we wanted to buy the right stuff and then we use that to do our thing. But that the technology today, the area in which we operate is completely different. If you don't understand the the client of american Express, we cannot serve american express as a company. So it is indeed very important and it is therefore deeper and it requires way more focused on the clients of american express than in the old days I would say. >>Well the pandemic must have been a challenging uh environment. Of course. I mean you know people aren't out shopping as much although you know people are waiting, they can't wait to get back out. They say it's gonna be like Woodstock with the american express cards. But so so maybe talk a little bit about how how you work together during the pandemic. >>Yeah. So well first of all like anybody, we're all work from home. But american express really uh I would say almost reengaged on what is core and the threat that used to support to small and medium business. So american Express started this stand for small initiative led by steve Square himself about how can we enable the small enterprises uh in doing business in the covid period? What do they need? I mean, yeah, they need money, but they also need help like how to deal with your financials with your people. Can we use the spare time to do more education? And so IBM was one of the partners that jumped on board immediately to say, okay, let us help in that platform support you were necessary with the platform but definitely help you in that platform to reach out to the small and medium enterprises uh specifically in the new york area. And like many other partners, we all got on board and I think it got another focus. Again, I mean small and medium business has always been a focus, but it's different when so many companies are struggling right now. And so we get a got on board. And I think that that is really a very clear partnership expression. I would say, >>how do you measure success with with american Express? What are some of the key things that you guys look at? How, how have you evolved that over time? >>Well, ultimately, I would say it's client satisfaction in the end, it sounds like an open door, but it really is. I mean the real the real measurement, I mean there's always money measurements back and forth. You can argue that that is of course you need to do solid business. There's no discussion there, but I would say it's where do we align on the strategic intent from both companies and let me elaborate a second on that one. If american Express is really transforming its business to become way more, I would say uh cloud enabled hybrid technologies enabled. Uh we provide a lot of that material. Uh so we are really working together on trying to leverage each other in building that hybrid platform that will enable that future. And why do you need that? Well, because american Express needs to be dynamic and getting fit, excellent board, getting exchanges with with with with new companies going way faster. It's not a traditional old style anymore where you could go for transformations for years now it needs to be on the spot. Um so we show our strategies are really well aligned and I would say the real measurement of success is how can we now make that to the benefit of american Express? And on the back of that we will do good business. So uh client satisfaction should be the primary one. Strategic alignment important. And then of course doing the sound business on the back of that for both sides, >>financial services firms have always been pretty savvy when it comes to applying technology to business some of the most demanding customers and more advanced. Uh So you know the american express is likely already on a digital transformation prior to the covid hitting at the same time. It talks about it being accelerated. But I think what people miss is that it wasn't well they don't miss it but you know to think about it in this way, it wasn't planned, it was like forced. And so you just you have no choice, you couldn't think about it, you just have to do an act. And so on the one hand, okay, that's good. It was a forcing function. It also served as a Petri just but on the other hand, I'm sure a lot of mistakes were made now as we exit the pandemic step back and say okay wow, we learned a lot now. We can make a more planned full approach and really go deeper and lean in over the next several years. What are your thoughts on that and how does it relate to what you guys are doing with american Express? >>I think that's a very good point. I agree. It's what you see is that uh this indeed has forced us in a lot of things. I mean I think the good news is american Express was already enabled for a lot of that new technology. They have invested, they have a lot of very skilled good people uh a very clear strategy and what they were after this and they put more pressure on it. I think what you will see happening in the foreseeable future after we get out of all of this is that the, let's say the urgency to complete the transformation on cloud and data will become even more crucial. And so the priority will become higher and it will not be just higher because of the Turkish wanting it to do it, but because the business needs it. So uh needed from a risk perspective, they needed, from an agility perspective, go to market of new products. Uh they need to really move fast. It's a fast moving market, you get a lot of the media competition is there? Uh so to enable that the move to get new technologies and faster is becoming pivotal and crucial. And I think for now it's more of almost like a survival statement. We need to get through this bubble of Covid as soon as that's done, we need to think way more on the structural elements of debt and how we enable a hybrid strategy going forward. >>So in the spirit of you need to understand your customer in this case american Express and understand their business. An american express is uh make you laugh anytime I call american Express, you know, if I have to work out a problem or whatever. Uh and I gotta talk to some customer service. They always thank me for my loyalty because I have been a customer for a long time. You know, back when probably when Ronald Reagan was president, it was my first Amex card. And so they're like, oh thank you, Mr Volonte. We we really appreciate your loyalty. So loyalty is a big thing for american Express with its customers. So what about IBM and American Express? How are you breeding, you know, what's that loyalty factor look like for you guys? >>Yeah, I think it's a very important element. I mean to your point, I have the same experience, It's it's a it's a crucial element. Uh the whole, I mean american Express is famous for its loyalty schemes for loyalty as a company. I think loyalty like the business has evolved, I think the loyalty evolves in the same style in I would say in the in the in the old days, I would say the argument was you need to have the best product, you know, you you need to be and then we'll buy the product in the current environment. I would argue that it's way more about skills, Do we have the right people? Do we have the right technology strategy kind of stuff? I would say for the future, it's way more about do we have the right trust, commitment and loyalty of the people that work with us going forward to serve the client needs? And I think that evolution, it's almost like you have an industrial revolution, there was an information resolution. I think there's more of a loyalty revolution coming up where the real differentiating factors is because we can study this and argue this for ages. But a lot of parties will deliver a lot of good technology to the market, they will deliver a lot of good people, they will have good price points. So what's the real differentiating factor? It's like, do we really trust these people? And then I think relationship loyalty will really come and play and it will not become and play just between an IBM and an american express, but I would argue it will come and play in the whole business cycle of american express to their clients. I mean if the credit card swipe of your american express card in a shop fails, It needs to be my problem. If I deliver the service to American express it cannot be that Oh American express has a problem and you know what, it's 8:00 in the evening uh yeah we have reduced services. No we never had that, we will never have that but we need to get even deeper in understanding what the effects are of these business issues. >>Yeah I mean you're right the nature of loyalty, the preservative products have changed. I mean I remember you know I used to travel overseas with american Express traveler's checks that was a staple of every overseas trip that I ever took you no matter where I was going, whether it's asia pacific or or europe, I had to have that packet and I and I had you know, there were times when, when you know one time particularly had a problem film, they were right there to solve the problem. Of course, many young people in the audience don't even know what american express traveler's check is. They probably don't know what cash is carrying around crypto in their wallet. But but but that's an example and that's about trust, trust that product, I trust that company behind the product. Again, that has to extend to your relationship doesn't. >>Absolutely. So the technology that an american Express users, whether they do it themselves or whether it's provided by partners like IBM it needs to be seamless because let's face it, you would not be interested to know who provides you the security on your credit card. If you have an american Express card, you expect expect american Express to deliver your the security that you need and whether american Express delivers that or IBM you couldn't care less and you shouldn't care less. But what it does require is that in the old school I would say it was more like okay we'll give some services and some products to american Express and guys could look now, we need to think ahead and I think that's where the power of IBM comes in where that we really attuned by industry to the industry issues like compliance, security, stability services, um to the inclined to you. So you need to feel if I cannot explain what I do to american express in your terms as an infusion of an express credit card, you can argue what's the real value add. And definitely if there's like 345 parties playing exactly the same game, it needs to be differentiating and I think a company like IBM we have differentiating value but we need to make it very clear and that's I think where you see companies like american Express really work together and that's what loyalty and trust really comes in play. >>Last question when we got to go is you have american expression, your title are other companies jealous >>we >>want that >>to, they should, they should >>be. Uh >>but I I must say, I mean we deal with a ton of financial institutions as you know around the globe including the other credit cards. But yeah, I think where these deep relationship ships commonplace indeed too. I mean they're so old, so deep, so and entrenched and it really start there's different dimensions to it and it's not always that hard coded anymore, it's the subtlety of really relying on each other. I mean when something happens in the middle of the night with american express, all of IBM is on board as of the second and it's not driven by contracts or by anything. It's by people that have an American Express logo on the forehead and work for an IBM. >>Yeah. Right. It's awesome. Pete Pete bills. Great story. Thanks so much for coming to the cube. It's great to have you. >>Thanks for having me. >>All right and keep it right. There is day volonte ongoing coverage of think 2021. You're watching the Cube? Yeah.

>>from around the globe. It's the Cube presenting Cuban cloud brought to you by silicon angle, everybody to Cuban cloud. My name is Dave Volonte, and I'll be here throughout the day with my co host, John Ferrier, who was quarantined in an undisclosed location in California. He's all good. Don't worry. Just precautionary. John, how are you doing? >>Hey, great to see you. John. Quarantine. My youngest daughter had covitz, so contact tracing. I was negative in quarantine at a friend's location. All good. >>Well, we wish you the best. Yeah, well, right. I mean, you know what's it like, John? I mean, you're away from your family. Your basically shut in, right? I mean, you go out for a walk, but you're really not in any contact with anybody. >>Correct? Yeah. I mean, basically just isolation, Um, pretty much what everyone's been kind of living on, kind of suffering through, but hopefully the vaccines are being distributed. You know, one of the things we talked about it reinvent the Amazon's cloud conference. Was the vaccine on, but just the whole workflow around that it's gonna get better. It's kind of really sucky. Here in the California area, they haven't done a good job, a lot of criticism around, how that's rolling out. And, you know, Amazon is now offering to help now that there's a new regime in the U. S. Government S o. You know, something to talk about, But certainly this has been a terrible time for Cove it and everyone in the deaths involved. But it's it's essentially pulled back the covers, if you will, on technology and you're seeing everything. Society. In fact, um, well, that's big tech MIT disinformation campaigns. All these vulnerabilities and cyber, um, accelerated digital transformation. We'll talk about a lot today, but yeah, it's totally changed the world. And I think we're in a new generation. I think this is a real inflection point, Dave. You know, modern society and the geo political impact of this is significant. You know, one of the benefits of being quarantined you'd be hanging out on these clubhouse APS, uh, late at night, listening to experts talk about what's going on, and it's interesting what's happening with with things like water and, you know, the island of Taiwan and China and U. S. Sovereignty, data, sovereignty, misinformation. So much going on to talk about. And, uh, meanwhile, companies like Mark injuries in BC firm starting a media company. What's going on? Hell freezing over. So >>we're gonna be talking about a lot of that stuff today. I mean, Cuba on cloud. It's our very first virtual editorial event we're trying to do is bring together our community. It's a it's an open forum and we're we're running the day on our 3 65 software platform. So we got a great lineup. We got CEO Seo's data Practitioners. We got a hard core technologies coming in, cloud experts, investors. We got some analysts coming in and we're creating this day long Siri's. And we've got a number of sessions that we've developed and we're gonna unpack. The future of Cloud computing in the coming decade is, John said, we're gonna talk about some of the public policy new administration. What does that mean for tech and for big tech in General? John, what can you add to that? >>Well, I think one of the things that we talked about Cove in this personal impact to me but other people as well. One of the things that people are craving right now is information factual information, truth texture that we call it. But hear this event for us, Davis, our first inaugural editorial event. Robbo, Kristen, Nicole, the entire Cube team Silicon angle, really trying to put together Morva cadence we're gonna doom or of these events where we can put out feature the best people in our community that have great fresh voices. You know, we do interview the big names Andy Jassy, Michael Dell, the billionaires with people making things happen. But it's often the people under there that are the rial newsmakers amid savory, for instance, that Google one of the most impressive technical people, he's gotta talk. He's gonna present democratization of software development in many Mawr riel people making things happen. And I think there's a communal element. We're going to do more of these. Obviously, we have, uh, no events to go to with the Cube. So we have the cube virtual software that we have been building and over years and now perfecting and we're gonna introduce that we're gonna put it to work, their dog footing it. We're gonna put that software toe work. We're gonna do a lot mawr virtual events like this Cuban cloud Cuban startup Cuban raising money. Cuban healthcare, Cuban venture capital. Always think we could do anything. Question is, what's the right story? What's the most important stories? Who's telling it and increase the aperture of the lens of the industry that we have and and expose that and fastest possible. That's what this software, you'll see more of it. So it's super exciting. We're gonna add new features like pulling people up on stage, Um, kind of bring on the clubhouse vibe and more of a community interaction with people to meet each other, and we'll roll those out. But the goal here is to just showcase it's cloud story in a way from people that are living it and providing value. So enjoy the day is gonna be chock full of presentations. We're gonna have moderated chat in these sessions, so it's an all day event so people can come in, drop out, and also that's everything's on demand immediately after the time slot. But you >>want to >>participate, come into the time slot into the cube room or breakout session. Whatever you wanna call it, it's a cube room, and the people in there chatting and having a watch party. So >>when you're in that home page when you're watching, there's a hero video there. Beneath that, there's a calendar, and you'll see that red line is that red horizontal line of vertical line is rather, it's a linear clock that will show you where we are in the day. If you click on any one of those sessions that will take you into the chat, we'll take you through those in a moment and share with you some of the guests that we have upcoming and and take you through the day what I wanted to do. John is trying to set the stage for the conversations that folks are gonna here today. And to do that, I wanna ask the guys to bring up a graphic. And I want to talk to you, John, about the progression of cloud over time and maybe go back to the beginning and review the evolution of cloud and then really talk a little bit about where we think it Z headed. So, guys, if you bring up that graphic when a W S announced s three, it was March of 2000 and six. And as you recall, John you know, nobody really. In the vendor and user community. They didn't really pay too much attention to that. And then later that year, in August, it announced E C two people really started. They started to think about a new model of computing, but they were largely, you know, chicken tires. And it was kind of bleeding edge developers that really leaned in. Um what? What were you thinking at the time? When when you saw, uh, s three e c to this retail company coming into the tech world? >>I mean, I thought it was totally crap. I'm like, this is terrible. But then at that time, I was thinking working on I was in between kind of start ups and I didn't have a lot of seed funding. And then I realized the C two was freaking awesome. But I'm like, Holy shit, this is really great because I don't need to pay a lot of cash, the Provisional Data center, or get a server. Or, you know, at that time, state of the art startup move was to buy a super micro box or some sort of power server. Um, it was well past the whole proprietary thing. But you have to assemble probably anyone with 5 to 8 grand box and go in, and we'll put a couple ghetto rack, which is basically, uh, you know, you put it into some coasting location. It's like with everybody else in the tech ghetto of hosting, still paying monthly fees and then maintaining it and provisioning that's just to get started. And then Amazon was just really easy. And then from there you just It was just awesome. I just knew Amazon would be great. They had a lot of things that they had to fix. You know, custom domains and user interface Council got better and better, but it was awesome. >>Well, what we really saw the cloud take hold from my perspective anyway, was the financial crisis in, you know, 709 It put cloud on the radar of a number of CFOs and, of course, shadow I T departments. They wanted to get stuff done and and take I t in in in, ah, pecs, bite sized chunks. So it really was. There's cloud awakening and we came out of that financial crisis, and this we're now in this 10 year plus boom um, you know, notwithstanding obviously the economic crisis with cove it. But much of it was powered by the cloud in the decade. I would say it was really about I t transformation. And it kind of ironic, if you will, because the pandemic it hits at the beginning of this decade, >>and it >>creates this mandate to go digital. So you've you've said a lot. John has pulled forward. It's accelerated this industry transformation. Everybody talks about that, but and we've highlighted it here in this graphic. It probably would have taken several more years to mature. But overnight you had this forced march to digital. And if you weren't a digital business, you were kind of out of business. And and so it's sort of here to stay. How do you see >>You >>know what this evolution and what we can expect in the coming decades? E think it's safe to say the last 10 years defined by you know, I t transformation. That's not gonna be the same in the coming years. How do you see it? >>It's interesting. I think the big tech companies are on, but I think this past election, the United States shows um, the power that technology has. And if you look at some of the main trends in the enterprise specifically around what clouds accelerating, I call the second wave of innovations coming where, um, it's different. It's not what people expect. Its edge edge computing, for instance, has talked about a lot. But industrial i o t. Is really where we've had a lot of problems lately in terms of hacks and malware and just just overall vulnerabilities, whether it's supply chain vulnerabilities, toe actual disinformation, you know, you know, vulnerabilities inside these networks s I think this network effects, it's gonna be a huge thing. I think the impact that tech will have on society and global society geopolitical things gonna be also another one. Um, I think the modern application development of how applications were written with data, you know, we always been saying this day from the beginning of the Cube data is his integral part of the development process. And I think more than ever, when you think about cloud and edge and this distributed computing paradigm, that cloud is now going next level with is the software and how it's written will be different. You gotta handle things like, where's the compute component? Is it gonna be at the edge with all the server chips, innovations that Amazon apple intel of doing, you're gonna have compute right at the edge, industrial and kind of human edge. How does that work? What's Leighton see to that? It's it really is an edge game. So to me, software has to be written holistically in a system's impact on the way. Now that's not necessarily nude in the computer science and in the tech field, it's just gonna be deployed differently. So that's a complete rewrite, in my opinion of the software applications. Which is why you're seeing Amazon Google VM Ware really pushing Cooper Netease and these service messes in the micro Services because super critical of this technology become smarter, automated, autonomous. And that's completely different paradigm in the old full stack developer, you know, kind of model. You know, the full stack developer, his ancient. There's no such thing as a full stack developer anymore, in my opinion, because it's a half a stack because the cloud takes up the other half. But no one wants to be called the half stack developer because it doesn't sound as good as Full Stack, but really Cloud has eliminated the technology complexity of what a full stack developer used to dio. Now you can manage it and do things with it, so you know, there's some work to done, but the heavy lifting but taking care of it's the top of the stack that I think is gonna be a really critical component. >>Yeah, and that that sort of automation and machine intelligence layer is really at the top of the stack. This this thing becomes ubiquitous, and we now start to build businesses and new processes on top of it. I wanna I wanna take a look at the Big Three and guys, Can we bring up the other The next graphic, which is an estimate of what the revenue looks like for the for the Big three. And John, this is I asked and past spend for the Big Three Cloud players. And it's It's an estimate that we're gonna update after earning seasons, and I wanna point a couple things out here. First is if you look at the combined revenue production of the Big Three last year, it's almost 80 billion in infrastructure spend. I mean, think about that. That Z was that incremental spend? No. It really has caused a lot of consolidation in the on Prem data center business for guys like Dell. And, you know, um, see, now, part of the LHP split up IBM Oracle. I mean, it's etcetera. They've all felt this sea change, and they had to respond to it. I think the second thing is you can see on this data. Um, it's true that azure and G C P they seem to be growing faster than a W s. We don't know the exact numbers >>because >>A W S is the only company that really provides a clean view of i s and pass. Whereas Microsoft and Google, they kind of hide the ball in their numbers. I mean, I don't blame them because they're behind, but they do leave breadcrumbs and clues about growth rates and so forth. And so we have other means of estimating, but it's it's undeniable that azure is catching up. I mean, it's still quite distance the third thing, and before I want to get your input here, John is this is nuanced. But despite the fact that Azure and Google the growing faster than a W s. You can see those growth rates. A W s I'll call this out is the only company by our estimates that grew its business sequentially last quarter. Now, in and of itself, that's not significant. But what is significant is because AWS is so large there $45 billion last year, even if the slower growth rates it's able to grow mawr and absolute terms than its competitors, who are basically flat to down sequentially by our estimates. Eso So that's something that I think is important to point out. Everybody focuses on the growth rates, but it's you gotta look at also the absolute dollars and, well, nonetheless, Microsoft in particular, they're they're closing the gap steadily, and and we should talk more about the competitive dynamics. But I'd love to get your take on on all this, John. >>Well, I mean, the clouds are gonna win right now. Big time with the one the political climate is gonna be favoring Big check. But more importantly, with just talking about covert impact and celebrating the digital transformation is gonna create a massive rising tide. It's already happening. It's happening it's happening. And again, this shift in programming, uh, models are gonna really kinda accelerating, create new great growth. So there's no doubt in my mind of all three you're gonna win big, uh, in the future, they're just different, You know, the way they're going to market position themselves, they have to be. Google has to be a little bit different than Amazon because they're smaller and they also have different capabilities, then trying to catch up. So if you're Google or Microsoft, you have to have a competitive strategy to decide. How do I wanna ride the tide If you will put the rising tide? Well, if I'm Amazon, I mean, if I'm Microsoft and Google, I'm not going to try to go frontal and try to copy Amazon because Amazon is just pounding lead of features and scale and they're different. They were, I would say, take advantage of the first mover of pure public cloud. They really awesome. It passed and I, as they've integrated in Gardner, now reports and integrated I as and passed components. So Gardner finally got their act together and said, Hey, this is really one thing. SAS is completely different animal now Microsoft Super Smart because they I think they played the right card. They have a huge installed base converted to keep office 3 65 and move sequel server and all their core jewels into the cloud as fast as possible, clarified while filling in the gaps on the product side to be cloud. So you know, as you're doing trends job, they're just it's just pedal as fast as you can. But Microsoft is really in. The strategy is just go faster trying. Keep pedaling fast, get the features, feature velocity and try to make it high quality. Google is a little bit different. They have a little power base in terms of their network of strong, and they have a lot of other big data capabilities, so they have to use those to their advantage. So there is. There is there is competitive strategy game application happening with these companies. It's not like apples, the apples, In my opinion, it never has been, and I think that's funny that people talk about it that way. >>Well, you're bringing up some great points. I want guys bring up the next graphic because a lot of things that John just said are really relevant here. And what we're showing is that's a survey. Data from E. T. R R Data partners, like 1400 plus CEOs and I T buyers and on the vertical axis is this thing called Net score, which is a measure of spending momentum. And the horizontal axis is is what's called market share. It's a measure of the pervasiveness or, you know, number of mentions in the data set. There's a couple of key points I wanna I wanna pick up on relative to what John just said. So you see A W S and Microsoft? They stand alone. I mean, they're the hyper scale er's. They're far ahead of the pack and frankly, they have fall down, toe, lose their lead. They spend a lot on Capex. They got the flywheel effects going. They got both spending velocity and large market shares, and so, but they're taking a different approach. John, you're right there living off of their SAS, the state, their software state, Andi, they're they're building that in to their cloud. So they got their sort of a captive base of Microsoft customers. So they've got that advantage. They also as we'll hear from from Microsoft today. They they're building mawr abstraction layers. Andy Jassy has said We don't wanna be in that abstraction layer business. We wanna have access to those, you know, fine grain primitives and eso at an AP level. So so we can move fast with the market. But but But so those air sort of different philosophies, John? >>Yeah. I mean, you know, people who know me know that I love Amazon. I think their product is superior at many levels on in its way that that has advantages again. They have a great sass and ecosystem. They don't really have their own SAS play, although they're trying to add some stuff on. I've been kind of critical of Microsoft in the past, but one thing I'm not critical of Microsoft, and people can get this wrong in the marketplace. Actually, in the journalism world and also in just some other analysts, Microsoft has always had large scale eso to say that Microsoft never had scale on that Amazon owned the monopoly on our franchise on scales wrong. Microsoft had scale from day one. Their business was always large scale global. They've always had infrastructure with MSN and their search and the distributive how they distribute browsers and multiple countries. Remember they had the lock on the operating system and the browser for until the government stepped in in 1997. And since 1997 Microsoft never ever not invested in infrastructure and scale. So that whole premise that they don't compete well there is wrong. And I think that chart demonstrates that there, in there in the hyper scale leadership category, hands down the question that I have. Is that there not as good and making that scale integrate in because they have that legacy cards. This is the classic innovator's dilemma. Clay Christensen, right? So I think they're doing a good job. I think their strategy sound. They're moving as fast as they can. But then you know they're not gonna come out and say We don't have the best cloud. Um, that's not a marketing strategy. Have to kind of hide in this and get better and then double down on where they're winning, which is. Clients are converting from their legacy at the speed of Microsoft, and they have a huge client base, So that's why they're stopping so high That's why they're so good. >>Well, I'm gonna I'm gonna give you a little preview. I talked to gear up your f Who's gonna come on today and you'll see I I asked him because the criticism of Microsoft is they're, you know, they're just good enough. And so I asked him, Are you better than good enough? You know, those are fighting words if you're inside of Microsoft, but so you'll you'll have to wait to see his answer. Now, if you guys, if you could bring that that graphic back up I wanted to get into the hybrid zone. You know where the field is. Always got >>some questions coming in on chat, Dave. So we'll get to those >>great Awesome. So just just real quick Here you see this hybrid zone, this the field is bunched up, and the other companies who have a large on Prem presence and have been forced to initiate some kind of coherent cloud strategy included. There is Michael Michael, multi Cloud, and Google's there, too, because they're far behind and they got to take a different approach than a W s. But as you can see, so there's some real progress here. VM ware cloud on AWS stands out, as does red hat open shift. You got VM Ware Cloud, which is a VCF Cloud Foundation, even Dell's cloud. And you'd expect HP with Green Lake to be picking up momentum in the future quarters. And you've got IBM and Oracle, which there you go with the innovator's dilemma. But there, at least in the cloud game, and we can talk about that. But so, John, you know, to your point, you've gotta have different strategies. You're you're not going to take out the big too. So you gotta play, connect your print your on Prem to your cloud, your hybrid multi cloud and try to create new opportunities and new value there. >>Yeah, I mean, I think we'll get to the question, but just that point. I think this Zeri Chen's come on the Cube many times. We're trying to get him to come on lunch today with Features startup, but he's always said on the Q B is a V C at Greylock great firm. Jerry's Cloud genius. He's been there, but he made a point many, many years ago. It's not a winner. Take all the winner. Take most, and the Big Three maybe put four or five in there. We'll take most of the markets here. But I think one of the things that people are missing and aren't talking about Dave is that there's going to be a second tier cloud, large scale model. I don't want to say tear to cloud. It's coming to sound like a sub sub cloud, but a new category of cloud on cloud, right? So meaning if you get a snowflake, did I think this is a tale? Sign to what's coming. VM Ware Cloud is a native has had huge success, mainly because Amazon is essentially enabling them to be successful. So I think is going to be a wave of a more of a channel model of indirect cloud build out where companies like the Cube, potentially for media or others, will build clouds on top of the cloud. So if Google, Microsoft and Amazon, whoever is the first one to really enable that okay, we'll do extremely well because that means you can compete with their scale and create differentiation on top. So what snowflake did is all on Amazon now. They kind of should go to azure because it's, you know, politically correct that have multiple clouds and distribution and business model shifts. But to get that kind of performance they just wrote on Amazon. So there's nothing wrong with that. Because you're getting paid is variable. It's cap ex op X nice categorization. So I think that's the way that we're watching. I think it's super valuable, I think will create some surprises in terms of who might come out of the woodwork on be a leader in a category. Well, >>your timing is perfect, John and we do have some questions in the chat. But before we get to that, I want to bring in Sargi Joe Hall, who's a contributor to to our community. Sargi. Can you hear us? All right, so we got, uh, while >>bringing in Sarpy. Let's go down from the questions. So the first question, Um, we'll still we'll get the student second. The first question. But Ronald ask, Can a vendor in 2021 exist without a hybrid cloud story? Well, story and capabilities. Yes, they could live with. They have to have a story. >>Well, And if they don't own a public cloud? No. No, they absolutely cannot. Uh hey, Sergey. How you doing, man? Good to see you. So, folks, let me let me bring in Sergeant Kohala. He's a He's a cloud architect. He's a practitioner, He's worked in as a technologist. And there's a frequent guest on on the Cube. Good to see you, my friend. Thanks for taking the time with us. >>And good to see you guys to >>us. So we were kind of riffing on the competitive landscape we got. We got so much to talk about this, like, it's a number of questions coming in. Um, but Sargi we wanna talk about you know, what's happening here in Cloud Land? Let's get right into it. I mean, what do you guys see? I mean, we got yesterday. New regime, new inaug inauguration. Do you do you expect public policy? You'll start with you Sargi to have What kind of effect do you think public policy will have on, you know, cloud generally specifically, the big tech companies, the tech lash. Is it gonna be more of the same? Or do you see a big difference coming? >>I think that there will be some changing narrative. I believe on that. is mainly, um, from the regulators side. A lot has happened in one month, right? So people, I think are losing faith in high tech in a certain way. I mean, it doesn't, uh, e think it matters with camp. You belong to left or right kind of thing. Right? But parlor getting booted out from Italy s. I think that was huge. Um, like, how do you know that if a cloud provider will not boot you out? Um, like, what is that line where you draw the line? What are the rules? I think that discussion has to take place. Another thing which has happened in the last 23 months is is the solar winds hack, right? So not us not sort acknowledging that I was Russia and then wish you watching it now, new administration might have a different sort of Boston on that. I think that's huge. I think public public private partnership in security arena will emerge this year. We have to address that. Yeah, I think it's not changing. Uh, >>economics economy >>will change gradually. You know, we're coming out off pandemic. The money is still cheap on debt will not be cheap. for long. I think m and a activity really will pick up. So those are my sort of high level, Uh, >>thank you. I wanna come back to them. And because there's a question that chat about him in a But, John, how do you see it? Do you think Amazon and Google on a slippery slope booting parlor off? I mean, how do they adjudicate between? Well, what's happening in parlor? Uh, anything could happen on clubhouse. Who knows? I mean, can you use a I to find that stuff? >>Well, that's I mean, the Amazons, right? Hiding right there bunkered in right now from that bad, bad situation. Because again, like people we said Amazon, these all three cloud players win in the current environment. Okay, Who wins with the U. S. With the way we are China, Russia, cloud players. Okay, let's face it, that's the reality. So if I wanted to reset the world stage, you know what better way than the, you know, change over the United States economy, put people out of work, make people scared, and then reset the entire global landscape and control all with cash? That's, you know, conspiracy theory. >>So you see the riches, you see the riches, get the rich, get richer. >>Yeah, well, that's well, that's that. That's kind of what's happening, right? So if you start getting into this idea that you can't actually have an app on site because the reason now I'm not gonna I don't know the particular parlor, but apparently there was a reason. But this is dangerous, right? So what? What that's gonna do is and whether it's right or wrong or not, whether political opinion is it means that they were essentially taken offline by people that weren't voted for that. Weren't that when people didn't vote for So that's not a democracy, right? So that's that's a different kind of regime. What it's also going to do is you also have this groundswell of decentralized thinking, right. So you have a whole wave of crypto and decentralized, um, cyber punks out there who want to decentralize it. So all of this stuff in January has created a huge counterculture, and I had predicted this so many times in the Cube. David counterculture is coming and and you already have this kind of counterculture between centralized and decentralized thinking and so I think the Amazon's move is dangerous at a fundamental level. Because if you can't get it, if you can't get buy domain names and you're completely blackballed by by organized players, that's a Mafia, in my opinion. So, uh, and that and it's also fuels the decentralized move because people say, Hey, if that could be done to them, it could be done to me. Just the fact that it could be done will promote a swing in the other direction. I >>mean, independent of of, you know, again, somebody said your political views. I mean Parlor would say, Hey, we're trying to clean this stuff up now. Maybe they didn't do it fast enough, but you think about how new parlor is. You think about the early days of Twitter and Facebook, so they were sort of at a disadvantage. Trying to >>have it was it was partly was what it was. It was a right wing stand up job of standing up something quick. Their security was terrible. If you look at me and Cory Quinn on be great to have him, and he did a great analysis on this, because if you look the lawsuit was just terrible. Security was just a half, asshole. >>Well, and the experience was horrible. I mean, it's not It was not a great app, but But, like you said, it was a quick stew. Hand up, you know, for an agenda. But nonetheless, you know, to start, get to your point earlier. It's like, you know, Are they gonna, you know, shut me down? If I say something that's, you know, out of line, or how do I control that? >>Yeah, I remember, like, 2019, we involved closing sort of remarks. I was there. I was saying that these companies are gonna be too big to fail. And also, they're too big for other nations to do business with. In a way, I think MNCs are running the show worldwide. They're running the government's. They are way. Have seen the proof of that in us this year. Late last year and this year, um, Twitter last night blocked Chinese Ambassador E in us. Um, from there, you know, platform last night and I was like, What? What's going on? So, like, we used to we used to say, like the Chinese company, tech companies are in bed with the Chinese government. Right. Remember that? And now and now, Actually, I think Chinese people can say the same thing about us companies. Uh, it's not a good thing. >>Well, let's >>get some question. >>Let's get some questions from the chat. Yeah. Thank you. One is on M and a subject you mentioned them in a Who do you see is possible emanate targets. I mean, I could throw a couple out there. Um, you know, some of the cdn players, maybe aka my You know, I like I like Hashi Corp. I think they're doing some really interesting things. What do you see? >>Nothing. Hashi Corp. And anybody who's doing things in the periphery is a candidate for many by the big guys, you know, by the hyper scholars and number two tier two or five hyper scholars. Right. Uh, that's why sales forces of the world and stuff like that. Um, some some companies, which I thought there will be a target, Sort of. I mean, they target they're getting too big, because off their evaluations, I think how she Corpuz one, um, >>and >>their bunch in the networking space. Uh, well, Tara, if I say the right that was acquired by at five this week, this week or last week, Actually, last week for $500 million. Um, I know they're founder. So, like I found that, Yeah, there's a lot going on on the on the network side on the anything to do with data. Uh, that those air too hard areas in the cloud arena >>data, data protection, John, any any anything you could adhere. >>And I think I mean, I think ej ej is gonna be where the gaps are. And I think m and a activity is gonna be where again, the bigger too big to fail would agree with you on that one. But we're gonna look at white Spaces and say a white space for Amazon is like a monster space for a start up. Right? So you're gonna have these huge white spaces opportunities, and I think it's gonna be an M and a opportunity big time start ups to get bought in. Given the speed on, I think you're gonna see it around databases and around some of these new service meshes and micro services. I mean, >>they there's a There's a question here, somebody's that dons asking why is Google who has the most pervasive tech infrastructure on the planet. Not at the same level of other to hyper scale is I'll give you my two cents is because it took him a long time to get their heads out of their ads. I wrote a piece of around that a while ago on they just they figured out how to learn the enterprise. I mean, John, you've made this point a number of times, but they just and I got a late start. >>Yeah, they're adding a lot of people. If you look at their who their hiring on the Google Cloud, they're adding a lot of enterprise chops in there. They realized this years ago, and we've talked to many of the top leaders, although Curry and hasn't yet sit down with us. Um, don't know what he's hiding or waiting for, but they're clearly not geared up to chicken Pete. You can see it with some some of the things that they're doing, but I mean competed the level of Amazon, but they have strength and they're playing their strength, but they definitely recognize that they didn't have the enterprise motions and people in the DNA and that David takes time people in the enterprise. It's not for the faint of heart. It's unique details that are different. You can't just, you know, swing the Google playbook and saying We're gonna home The enterprises are text grade. They knew that years ago. So I think you're going to see a good year for Google. I think you'll see a lot of change. Um, they got great people in there. On the product marketing side is Dev Solution Architects, and then the SRE model that they have perfected has been strong. And I think security is an area that they could really had a lot of value it. So, um always been a big fan of their huge network and all the intelligence they have that they could bring to bear on security. >>Yeah, I think Google's problem main problem that to actually there many, but one is that they don't They don't have the boots on the ground as compared to um, Microsoft, especially an Amazon actually had a similar problem, but they had a wide breath off their product portfolio. I always talk about feature proximity in cloud context, like if you're doing one thing. You wanna do another thing? And how do you go get that feature? Do you go to another cloud writer or it's right there where you are. So I think Amazon has the feature proximity and they also have, uh, aske Compared to Google, there's skills gravity. Larger people are trained on AWS. I think Google is trying there. So second problem Google is having is that that they're they're more focused on, I believe, um, on the data science part on their sort of skipping the cool components sort of off the cloud, if you will. The where the workloads needs, you know, basic stuff, right? That's like your compute storage and network. And that has to be well, talk through e think e think they will do good. >>Well, so later today, Paul Dillon sits down with Mids Avery of Google used to be in Oracle. He's with Google now, and he's gonna push him on on the numbers. You know, you're a distant third. Does that matter? And of course, you know, you're just a preview of it's gonna say, Well, no, we don't really pay attention to that stuff. But, John, you said something earlier that. I think Jerry Chen made this comment that, you know, Is it a winner? Take all? No, but it's a winner. Take a lot. You know the number two is going to get a big chunk of the pie. It appears that the markets big enough for three. But do you? Does Google have to really dramatically close the gap on be a much, much closer, you know, to the to the leaders in orderto to compete in this race? Or can they just kind of continue to bump along, siphon off the ad revenue? Put it out there? I mean, I >>definitely can compete. I think that's like Google's in it. Then it they're not. They're not caving, right? >>So But But I wrote I wrote recently that I thought they should even even put mawr oven emphasis on the cloud. I mean, maybe maybe they're already, you know, doubling down triple down. I just I think that is a multi trillion dollar, you know, future for the industry. And, you know, I think Google, believe it or not, could even do more. Now. Maybe there's just so much you could dio. >>There's a lot of challenges with these company, especially Google. They're in Silicon Valley. We have a big Social Justice warrior mentality. Um, there's a big debate going on the in the back channels of the tech scene here, and that is that if you want to be successful in cloud, you have to have a good edge strategy, and that involves surveillance, use of data and pushing the privacy limits. Right? So you know, Google has people within the country that will protest contract because AI is being used for war. Yet we have the most unstable geopolitical seen that I've ever witnessed in my lifetime going on right now. So, um, don't >>you think that's what happened with parlor? I mean, Rob Hope said, Hey, bar is pretty high to kick somebody off your platform. The parlor went over the line, but I would also think that a lot of the employees, whether it's Google AWS as well, said, Hey, why are we supporting you know this and so to your point about social justice, I mean, that's not something. That >>parlor was not just social justice. They were trying to throw the government. That's Rob e. I think they were in there to get selfies and being protesters. But apparently there was evidence from what I heard in some of these clubhouse, uh, private chats. Waas. There was overwhelming evidence on parlor. >>Yeah, but my point is that the employee backlash was also a factor. That's that's all I'm saying. >>Well, we have Google is your Google and you have employees to say we will boycott and walk out if you bid on that jet I contract for instance, right, But Microsoft one from maybe >>so. I mean, that's well, >>I think I think Tom Poole's making a really good point here, which is a Google is an alternative. Thio aws. The last Google cloud next that we were asked at they had is all virtual issue. But I saw a lot of I T practitioners in the audience looking around for an alternative to a W s just seeing, though, we could talk about Mano Cloud or Multi Cloud, and Andy Jassy has his his narrative around, and he's true when somebody goes multiple clouds, they put you know most of their eggs in one basket. Nonetheless, I think you know, Google's got a lot of people interested in, particularly in the analytic side, um, in in an alternative, hedging their bets eso and particularly use cases, so they should be able to do so. I guess my the bottom line here is the markets big enough to have Really? You don't have to be the Jack Welch. I gotta be number one and number two in the market. Is that the conclusion here? >>I think so. But the data gravity and the skills gravity are playing against them. Another problem, which I didn't want a couple of earlier was Google Eyes is that they have to boot out AWS wherever they go. Right? That is a huge challenge. Um, most off the most off the Fortune 2000 companies are already using AWS in one way or another. Right? So they are the multi cloud kind of player. Another one, you know, and just pure purely somebody going 200% Google Cloud. Uh, those cases are kind of pure, if you will. >>I think it's gonna be absolutely multi cloud. I think it's gonna be a time where you looked at the marketplace and you're gonna think in terms of disaster recovery, model of cloud or just fault tolerant capabilities or, you know, look at the parlor, the next parlor. Or what if Amazon wakes up one day and said, Hey, I don't like the cubes commentary on their virtual events, so shut them down. We should have a fail over to Google Cloud should Microsoft and Option. And one of people in Microsoft ecosystem wants to buy services from us. We have toe kind of co locate there. So these are all open questions that are gonna be the that will become certain pretty quickly, which is, you know, can a company diversify their computing An i t. In a way that works. And I think the momentum around Cooper Netease you're seeing as a great connective tissue between, you know, having applications work between clouds. Right? Well, directionally correct, in my opinion, because if I'm a company, why wouldn't I wanna have choice? So >>let's talk about this. The data is mixed on that. I'll share some data, meaty our data with you. About half the companies will say Yeah, we're spreading the wealth around to multiple clouds. Okay, That's one thing will come back to that. About the other half were saying, Yeah, we're predominantly mono cloud we didn't have. The resource is. But what I think going forward is that that what multi cloud really becomes. And I think John, you mentioned Snowflake before. I think that's an indicator of what what true multi cloud is going to look like. And what Snowflake is doing is they're building abstraction, layer across clouds. Ed Walsh would say, I'm standing on the shoulders of Giants, so they're basically following points of presence around the globe and building their own cloud. They call it a data cloud with a global mesh. We'll hear more about that later today, but you sign on to that cloud. So they're saying, Hey, we're gonna build value because so many of Amazon's not gonna build that abstraction layer across multi clouds, at least not in the near term. So that's a really opportunity for >>people. I mean, I don't want to sound like I'm dating myself, but you know the date ourselves, David. I remember back in the eighties, when you had open systems movement, right? The part of the whole Revolution OS I open systems interconnect model. At that time, the networking stacks for S N A. For IBM, decadent for deck we all know that was a proprietary stack and then incomes TCP I p Now os I never really happened on all seven layers, but the bottom layers standardized. Okay, that was huge. So I think if you look at a W s or some of the comments in the chat AWS is could be the s n a. Depends how you're looking at it, right? And you could say they're open. But in a way, they want more Amazon. So Amazon's not out there saying we love multi cloud. Why would they promote multi cloud? They are a one of the clouds they want. >>That's interesting, John. And then subject is a cloud architect. I mean, it's it is not trivial to make You're a data cloud. If you're snowflake, work on AWS work on Google. Work on Azure. Be seamless. I mean, certainly the marketing says that, but technically, that's not trivial. You know, there are latent see issues. Uh, you know, So that's gonna take a while to develop. What? Do your thoughts there? >>I think that multi cloud for for same workload and multi cloud for different workloads are two different things. Like we usually put multiple er in one bucket, right? So I think you're right. If you're trying to do multi cloud for the same workload, that's it. That's Ah, complex, uh, problem to solve architecturally, right. You have to have a common ap ice and common, you know, control playing, if you will. And we don't have that yet, and then we will not have that for a for at least one other couple of years. So, uh, if you if you want to do that, then you have to go to the lower, lowest common denominator in technical sort of stock, if you will. And then you're not leveraging the best of the breed technology off their from different vendors, right? I believe that's a hard problem to solve. And in another thing, is that that that I always say this? I'm always on the death side, you know, developer side, I think, uh, two deaths. Public cloud is a proxy for innovative culture. Right. So there's a catch phrase I have come up with today during shower eso. I think that is true. And then people who are companies who use the best of the breed technologies, they can attract the these developers and developers are the Mazen's off This digital sort of empires, amazingly, is happening there. Right there they are the Mazen's right. They head on the bricks. I think if you don't appeal to developers, if you don't but extensive for, like, force behind educating the market, you can't you can't >>put off. It's the same game Stepping story was seeing some check comments. Uh, guard. She's, uh, linked in friend of mine. She said, Microsoft, If you go back and look at the Microsoft early days to the developer Point they were, they made their phones with developers. They were a software company s Oh, hey, >>forget developers, developers, developers. >>You were if you were in the developer ecosystem, you were treated his gold. You were part of the family. If you were outside that world, you were competitors, and that was ruthless times back then. But they again they had. That was where it was today. Look at where the software defined businesses and starve it, saying it's all about being developer lead in this new way to program, right? So the cloud next Gen Cloud is going to look a lot like next Gen Developer and all the different tools and techniques they're gonna change. So I think, yes, this kind of developer ecosystem will be harnessed, and that's the power source. It's just gonna look different. So, >>Justin, Justin in the chat has a comment. I just want to answer the question about elastic thoughts on elastic. Um, I tell you, elastic has momentum uh, doing doing very well in the market place. Thea Elk Stack is a great alternative that people are looking thio relative to Splunk. Who people complain about the pricing. Of course it's plunks got the easy button, but it is getting increasingly expensive. The problem with elk stack is you know, it's open source. It gets complicated. You got a shard, the databases you gotta manage. It s Oh, that's what Ed Walsh's company chaos searches is all about. But elastic has some riel mo mentum in the marketplace right now. >>Yeah, you know, other things that coming on the chat understands what I was saying about the open systems is kubernetes. I always felt was that is a bad metaphor. But they're with me. That was the TCP I peep In this modern era, C t c p I p created that that the disruptor to the S N A s and the network protocols that were proprietary. So what KUBERNETES is doing is creating a connective tissue between clouds and letting the open source community fill in the gaps in the middle, where kind of way kind of probably a bad analogy. But that's where the disruption is. And if you look at what's happened since Kubernetes was put out there, what it's become kind of de facto and standard in the sense that everyone's rallying around it. Same exact thing happened with TCP was people were trashing it. It is terrible, you know it's not. Of course they were trashed because it was open. So I find that to be very interesting. >>Yeah, that's a good >>analogy. E. Thinks the R C a cable. I used the R C. A cable analogy like the VCRs. When they started, they, every VC had had their own cable, and they will work on Lee with that sort of plan of TV and the R C. A cable came and then now you can put any TV with any VCR, and the VCR industry took off. There's so many examples out there around, uh, standards And how standards can, you know, flair that fire, if you will, on dio for an industry to go sort of wild. And another trend guys I'm seeing is that from the consumer side. And let's talk a little bit on the consuming side. Um, is that the The difference wouldn't be to B and B to C is blood blurred because even the physical products are connected to the end user Like my door lock, the August door lock I didn't just put got get the door lock and forget about that. Like I I value the expedience it gives me or problems that gives me on daily basis. So I'm close to that vendor, right? So So the middle men, uh, middle people are getting removed from from the producer off the technology or the product to the consumer. Even even the sort of big grocery players they have their APs now, uh, how do you buy stuff and how it's delivered and all that stuff that experience matters in that context, I think, um, having, uh, to be able to sell to thes enterprises from the Cloud writer Breuder's. They have to have these case studies or all these sample sort off reference architectures and stuff like that. I think whoever has that mawr pushed that way, they are doing better like that. Amazon is Amazon. Because of that reason, I think they have lot off sort off use cases about on top of them. And they themselves do retail like crazy. Right? So and other things at all s. So I think that's a big trend. >>Great. Great points are being one of things. There's a question in there about from, uh, Yaden. Who says, uh, I like the developer Lead cloud movement, But what is the criticality of the executive audience when educating the marketplace? Um, this comes up a lot in some of my conversations around automation. So automation has been a big wave to automate this automate everything. And then everything is a service has become kind of kind of the the executive suite. Kind of like conversation we need to make everything is a service in our business. You seeing people move to that cloud model. Okay, so the executives think everything is a services business strategy, which it is on some level, but then, when they say Take that hill, do it. Developers. It's not that easy. And this is where a lot of our cube conversations over the past few months have been, especially during the cova with cute virtual. This has come up a lot, Dave this idea, and start being around. It's easy to say everything is a service but will implement it. It's really hard, and I think that's where the developer lead Connection is where the executive have to understand that in order to just say it and do it are two different things. That digital transformation. That's a big part of it. So I think that you're gonna see a lot of education this year around what it means to actually do that and how to implement it. >>I'd like to comment on the as a service and subject. Get your take on it. I mean, I think you're seeing, for instance, with HP Green Lake, Dell's come out with Apex. You know IBM as its utility model. These companies were basically taking a page out of what I what I would call a flawed SAS model. If you look at the SAS players, whether it's salesforce or workday, service now s a P oracle. These models are They're really They're not cloud pricing models. They're they're basically you got to commit to a term one year, two year, three year. We'll give you a discount if you commit to the longer term. But you're locked in on you. You probably pay upfront. Or maybe you pay quarterly. That's not a cloud pricing model. And that's why I mean, they're flawed. You're seeing companies like Data Dog, for example. Snowflake is another one, and they're beginning to price on a consumption basis. And that is, I think, one of the big changes that we're going to see this decade is that true cloud? You know, pay by the drink pricing model and to your point, john toe, actually implement. That is, you're gonna need a whole new layer across your company on it is quite complicated it not even to mention how you compensate salespeople, etcetera. The a p. I s of your product. I mean, it is that, but that is a big sea change that I see coming. Subject your >>thoughts. Yeah, I think like you couldn't see it. And like some things for this big tech exacts are hidden in the plain >>sight, right? >>They don't see it. They they have blind spots, like Look at that. Look at Amazon. They went from Melissa and 200 millisecond building on several s, Right, Right. And then here you are, like you're saying, pay us for the whole year. If you don't use the cloud, you lose it or will pay by month. Poor user and all that stuff like that that those a role models, I think these players will be forced to use that term pricing like poor minute or for a second, poor user. That way, I think the Salesforce moral is hybrid. They're struggling in a way. I think they're trying to bring the platform by doing, you know, acquisition after acquisition to be a platform for other people to build on top off. But they're having a little trouble there because because off there, such pricing and little closeness, if you will. And, uh, again, I'm coming, going, going back to developers like, if you are not appealing to developers who are writing the latest and greatest code and it is open enough, by the way open and open source are two different things that we all know that. So if your platform is not open enough, you will have you know, some problems in closing the deals. >>E. I want to just bring up a question on chat around from Justin didn't fitness. Who says can you touch on the vertical clouds? Has your offering this and great question Great CP announcing Retail cloud inventions IBM Athena Okay, I'm a huge on this point because I think this I'm not saying this for years. Cloud computing is about horizontal scalability and vertical specialization, and that's absolutely clear, and you see all the clouds doing it. The vertical rollouts is where the high fidelity data is, and with machine learning and AI efforts coming out, that's accelerated benefits. There you have tow, have the vertical focus. I think it's super smart that clouds will have some sort of vertical engine, if you will in the clouds and build on top of a control playing. Whether that's data or whatever, this is clearly the winning formula. If you look at all the successful kind of ai implementations, the ones that have access to the most data will get the most value. So, um if you're gonna have a data driven cloud you have tow, have this vertical feeling, Um, in terms of verticals, the data on DSO I think that's super important again, just generally is a strategy. I think Google doing a retail about a super smart because their whole pitches were not Amazon on. Some people say we're not Google, depending on where you look at. So every of these big players, they have dominance in the areas, and that's scarce. Companies and some companies will never go to Amazon for that reason. Or some people never go to Google for other reasons. I know people who are in the ad tech. This is a black and we're not. We're not going to Google. So again, it is what it is. But this idea of vertical specialization relevant in super >>forts, I want to bring to point out to sessions that are going on today on great points. I'm glad you asked that question. One is Alan. As he kicks off at 1 p.m. Eastern time in the transformation track, he's gonna talk a lot about the coming power of ecosystems and and we've talked about this a lot. That that that to compete with Amazon, Google Azure, you've gotta have some kind of specialization and vertical specialization is a good one. But of course, you see in the big Big three also get into that. But so he's talking at one o'clock and then it at 3 36 PM You know this times are strange, but e can explain that later Hillary Hunter is talking about she's the CTO IBM I B M's ah Financial Cloud, which is another really good example of specifying vertical requirements and serving. You know, an audience subject. I think you have some thoughts on this. >>Actually, I lost my thought. E >>think the other piece of that is data. I mean, to the extent that you could build an ecosystem coming back to Alan Nancy's premise around data that >>billions of dollars in >>their day there's billions of dollars and that's the title of the session. But we did the trillion dollar baby post with Jazzy and said Cloud is gonna be a trillion dollars right? >>And and the point of Alan Answer session is he's thinking from an individual firm. Forget the millions that you're gonna save shifting to the cloud on cost. There's billions in ecosystems and operating models. That's >>absolutely the business value. Now going back to my half stack full stack developer, is the business value. I've been talking about this on the clubhouses a lot this past month is for the entrepreneurs out there the the activity in the business value. That's the new the new intellectual property is the business logic, right? So if you could see innovations in how work streams and workflow is gonna be a configured differently, you have now large scale cloud specialization with data, you can move quickly and take territory. That's much different scenario than a decade ago, >>at the point I was trying to make earlier was which I know I remember, is that that having the horizontal sort of features is very important, as compared to having vertical focus. You know, you're you're more healthcare focused like you. You have that sort of needs, if you will, and you and our auto or financials and stuff like that. What Google is trying to do, I think that's it. That's a good thing. Do cook up the reference architectures, but it's a bad thing in a way that you drive drive away some developers who are most of the developers at 80 plus percent, developers are horizontal like you. Look at the look into the psyche of a developer like you move from company to company. And only few developers will say I will stay only in health care, right? So I will only stay in order or something of that, right? So they you have to have these horizontal capabilities which can be applied anywhere on then. On top >>of that, I think that's true. Sorry, but I'll take a little bit different. Take on that. I would say yes, that's true. But remember, remember the old school application developer Someone was just called in Application developer. All they did was develop applications, right? They pick the framework, they did it right? So I think we're going to see more of that is just now mawr of Under the Covers developers. You've got mawr suffer defined networking and software, defined storage servers and cloud kubernetes. And it's kind of like under the hood. But you got your, you know, classic application developer. I think you're gonna see him. A lot of that come back in a way that's like I don't care about anything else. And that's the promise of cloud infrastructure is code. So I think this both. >>Hey, I worked. >>I worked at people solved and and I still today I say into into this context, I say E r P s are the ultimate low code. No code sort of thing is right. And what the problem is, they couldn't evolve. They couldn't make it. Lightweight, right? Eso um I used to write applications with drag and drop, you know, stuff. Right? But But I was miserable as a developer. I didn't Didn't want to be in the applications division off PeopleSoft. I wanted to be on the tools division. There were two divisions in most of these big companies ASAP. Oracle. Uh, like companies that divisions right? One is the cooking up the tools. One is cooking up the applications. The basketball was always gonna go to the tooling. Hey, >>guys, I'm sorry. We're almost out of time. I always wanted to t some of the sections of the day. First of all, we got Holder Mueller coming on at lunch for a power half hour. Um, you'll you'll notice when you go back to the home page. You'll notice that calendar, that linear clock that we talked about that start times are kind of weird like, for instance, an appendix coming on at 1 24. And that's because these air prerecorded assets and rather than having a bunch of dead air, we're just streaming one to the other. So so she's gonna talk about people, process and technology. We got Kathy Southwick, whose uh, Silicon Valley CEO Dan Sheehan was the CEO of Dunkin Brands and and he was actually the c 00 So it's C A CEO connecting the dots to the business. Daniel Dienes is the CEO of you I path. He's coming on a 2:47 p.m. East Coast time one of the hottest companies, probably the fastest growing software company in history. We got a guy from Bain coming on Dave Humphrey, who invested $750 million in Nutanix. He'll explain why and then, ironically, Dheeraj Pandey stew, Minuteman. Our friend interviewed him. That's 3 35. 1 of the sessions are most excited about today is John McD agony at 403 p. M. East Coast time, she's gonna talk about how to fix broken data architectures, really forward thinking stuff. And then that's the So that's the transformation track on the future of cloud track. We start off with the Big Three Milan Thompson Bukovec. At one oclock, she runs a W s storage business. Then I mentioned gig therapy wrath at 1. 30. He runs Azure is analytics. Business is awesome. Paul Dillon then talks about, um, IDs Avery at 1 59. And then our friends to, um, talks about interview Simon Crosby. I think I think that's it. I think we're going on to our next session. All right, so keep it right there. Thanks for watching the Cuban cloud. Uh huh.

from the cube studios in Palo Alto in Boston connecting with thought leaders all around the world this is a cube conversation hello and welcome to the cube conversation here in the Palo Alto studio I'm John four host of the cube we are here at the quarantine crew of the cube having the conversations that matter the most now and sharing that with you got a great guest here Phil Quaid was the chief information security officer of Fortinet also the author of book digital bing-bang which I just found out he wrote talking about the difference cybersecurity and the physical worlds coming together and we're living that now with kovat 19 crisis were all sheltering in place Phil thank you for joining me on this cube conversation so I want to get in this quickly that I think the main top thing is that we're all sheltering in place anxiety is high but people are now becoming mainstream aware of what we all in the industry have been known for a long time role of data cybersecurity access to remote tools and we're seeing the work at home the remote situation really putting a lot of pressure on as I've been reporting what I call at scale problems and one of them is security right one of them is bandwidth we're starting to see you know the throttling of the packets people are now living with the reality like wow this is really a different environment but it's been kind of a disruption and has created crimes of opportunity for bad guys so this has been a real thing everyone's aware of it across the world this is something that's now aware on everyone's mind what's your take on this because you guys are fighting the battle and providing solutions and we're doing for a long time around security this highlights a lot of the things in the surface area called the world with what's your take on this carbon 19 orton s been advocating for architectures and strategies that allow you to defend anywhere from the edge through the core all the way up to the cloud boom so with you know high speed and integration and so all the sudden what we're seeing not just you know in the US but the world as well is that that edge is being extended in places that we just hadn't thought about or our CV that people just hadn't planned for before so many people or telecommunication able to move that edge securely out to people's homes and more remote locations and do so providing the right type of security of privacy if those communications that are coming out of those delicate ears I noticed you have a flag in the background and for the folks that might not know you spent a lot of time at the NSA government agency doing a lot of cutting-edge work I mean going back to you know really you know post 9/11 - now you're in the private sector with Fortinet so you don't really speak with the agency but you did live through a time of major transformation around Homeland Security looking at data again different physical thing you know terrorist attacks but it did bring rise to large-scale data to bring to those things so I wanted to kind of point out I saw the flag there nice nice touch there but now that you're in the private sector it's another transformation it's not a transition we're seeing a transformation and people want to do it fast and they don't want to have disruption this is a big problem what's your reaction to that yeah I think what you're reporting out that sometimes sometimes there's catalysts that cause major changes in the way you do things I think we're in one of those right now that we're already in the midst of an evolutionary trend towards more distributed workforces and as I mentioned earlier doing so with the right type of security privacy but I would think what I think the global camp in debt endemic is showing is that we're all going to be accelerating that that thing is like it's gonna be a lot less evolutionary and a little bit more faster that's what happens when you have major world events like this being 911 fortunate tragedies it causes people to think outside the box or accelerate what they're already doing I think wearing that in that world today yeah it pulls forward a lot of things that are usually on the planning side and it makes them reality I want to get your thoughts because not only are CEOs and their employees all thinking about the new work environment but the chief information security officer is people in your role have to be more aware as more things happening what's on the minds of CISOs around the world these days obviously the pandemics there what are you seeing what are some of the conversations what are some of the thought processes what specifically is going on in the of the chief information security officer yeah I think there's probably a there's probably two different two different things there's the there's the emotional side and there's the analytic side on the emotional side you might say that some Caesars are saying finally I get to show how cyber security can be in an abler of business right I can allow you to to to maintain business continuity by allowing your workers to work from home and trying sustain business and allow you to keep paying their salary is very very important to society there's a very important time to step up as the seaso and do what's helpful to sustain mission in on the practical side you say oh my goodness my job's gotten a whole lot harder because I can rely less and less on someone's physical controls that use some of the physical benefits you get from people coming inside the headquarters facility through locked doors and there's personal congress's and personal identification authentication you need to move those those same security strategies and policies and you need to move it out to this broad eggs it's gotten a lot bigger and a lot more distributed so I want to ask you around some of the things they're on cyber screws that have been elevated to the top of the list obviously with the disruption of working at home it's not like an earthquake or a tornado or hurricane or flood you know this backup and recovery for that you know kind of disaster recovery this has been an unmitigated disaster in the sense of it's been unfor casted I was talking to an IT guy he was saying well we provisioned rvv lands to be your VPNs to be 30% and now they need a hundred percent so that disruption is causing I was an under forecast so in cyber as you guys are always planning in and protecting has there been some things that have emerged that are now top of mind that are 100 percent mindshare base or new solutions or new challenges why keep quite done what we're referring to earlier is that yep any good see so or company executive is going to prepare for unexpected things to a certain degree you need it whether it be spare capacity or the ability to recover from something an act of God as you mentioned maybe a flood or tornado or hurricane stuff like that what's different now is that we have a disruption who which doesn't have an end date meaning there's a new temporal component that's been introduced that most companies just can't plan for right even the best of companies that let's say Ronald very large data centers they have backup plans where they have spare fuel to run backup generators to provide electricity to their data centers but the amount of fuel they have might only be limited to 30 days or so it's stored on-site we might think well that's pretty that's a lot of for thinking by storing that much fuel on site for to allow you to sort of work your way through a hurricane or other natural disaster what we have now is a is a worldwide crisis that doesn't have a 30-day window on it right we don't know if it's gonna be 30 days or 120 days or or you know even worse than that so what's different now is that it's not just a matter of surging in doing something with band-aids and twine or an extra 30 days what we need to do is as a community is to prepare solutions that can be enduring solutions you know I have some things that if the absent I might like to provide a little color what those types of solutions are but that that would be my main message that this isn't just a surge for 30 days this is a surge or being agile with no end in sight take a minute explain some of those solutions what are you seeing whatever specific examples and solutions that you can go deeper on there yeah so I talked earlier about the the edge meaning the place where users interact with machines and company data that edge is no longer at the desktop down the hallway it could be 10 miles 450 miles away to where anyone where I'm telling you I'm commuting crumb that means we need to push the data confidentiality things out between the headquarters and the edge you do that with things like a secure secured tunnel it's called VPNs you also need to make sure that the user identification authentication this much is a very very secure very authentic and with high integrity so you do that with multi-factor authentication there's other things that we like that that are very very practical that you do to support this new architecture and the good news is that they're available today in the good news at least with some companies there already had one foot in that world but as I mentioned earlier not all companies had yet embraced the idea of where you're going to have a large percentage of your workforce - until a community so they're not quite so they're there they're reacting quickly to to make sure this edge is better protected by identification and authentication and begins I want to get to some of those edge issues that now translate to kind of physical digital virtualization of of life but first I want to ask you around operational technology and IT OT IT these are kind of examples where you're seeing at scale problem with the pandemic being highlighted so cloud providers etc are all kind of impacted and bring solutions to the table you guys at Foot are doing large scale security is there anything around the automation side of it then you've seen emerge because all the people that are taking care of being a supplier in this new normal or this crisis certainly not normal has leveraged automation and data so this has been a fundamental value proposition that highlights what we call the DevOps movement in the cloud world but automation has become hugely available and a benefit to this can you share your insights into how automation is changing with cyber I think you up a nice question for me is it allowed me to talk about not only automation but convergence so it's let's hit automation first right we all even even pre-crisis we need to be better at leveraging automation to do things that machines do best allow people to do higher-order things whether it's unique analysis or something else with a with a more distributed workforce and perhaps fewer resources automation is more important ever to automatically detect bad things that are about to happen automatically mitigating them before they get or they get to bad you know in the cybersecurity world you use things like agile segmentation and you use like techniques called soar it's a type of security orchestration and you want to eat leverage those things very very highly in order to leverage automation to have machines circum amount of human services but you also brought up on my favorite topics which is ot graceful technology though OTS you know are the things that are used to control for the past almost a hundred years now things in the physical world like electric generators and pipes and valves and things like that often used in our critical infrastructures in my company fort net we provide solutions that secure both the IT world the traditional cyber domain but also the OT systems of the world today where safety and reliability are about most important so what we're seeing with the co19 crisis is that supply chains transportation research things like that a lot of things that depend on OT solutions for safety and reliability are much more forefront of mine so from a cybersecurity strategy perspective what you want to do of course is make sure your solutions in the IT space are well integrated with you solutions in the OT space to the so an adversary or a mistake in cause a working to the crack in causing destruction that convergence is interesting you know we were talking before you came on camera around the fact that all these events are being canceled but that really highlights the fact that the physical spaces are no longer available the so-called ot operational technologies of events is the plumbing the face-to-face conversations but everyone's trying to move to digital or virtual eyes that it's not as easy as just saying we did it here we do it there there is a convergence and some sort of translation this new there's a new roles there's new responsibilities new kinds of behaviors and decision making that goes on in the physical and digital worlds that have to then come together and get reimagined and so what's your take on all this because this is not so much about events but although that's kind of prime time problem zooming it is not the answer that's a streaming video how do you replicate the value of physical into the business value in digital it's not a one-to-one so it's quite possible that that we might look back on this event to cover 19 experience we might look back at it in five or ten years and say that was simply a foreshadowing of our of the importance of making sure that our physical environment is appropriate in private what I mean is that with the with the rapid introduction of Internet of Things technologies into the physical world we're going to have a whole lot of dependencies on the thing inconveniences tendencies inconveniences on things an instrument our physical space our door locks or automobiles paths our temperatures color height lots of things to instrument the physical space and so there's gonna be a whole lot of data that's generated in that cyber in a physical domain increasingly in the future and we're going to become dependent upon it well what happens if for whatever reason in the in the future that's massively disruptive so all of a sudden we have a massive disruption in the physical space just like we're experiencing now with open 19 so again that's why it makes sense now to start your planning now with making sure that your safety and reliability controls in the physical domain are up to the same level security and privacy as the things in your IT delete and it highlights what's the where the value is to and it's a transformation I was just reading an article around spatial economics around distance not being together it's interesting on those points you wrote a book about this I want to get your thoughts because in this cyber internet or digital or virtualization of physical to digital whether it's events or actual equipment is causing people to rethink architectures you mentioned a few of them what's the state of the art thinking around someone who has the plan for this again is in its complex it's not just creating a gateway or a physical abstraction layer of software between two worlds there's almost a blending or convergence here what's your what's your thoughts on what's the state of the art thinking on this area yeah the book that I number of a very esteemed colleagues contribute to what we said is that it's time to start treating cybersecurity like a science let's not pretend it's a dark art that we have to relearn every couple years and what what we said in the in the digital Big Bang is that humankind started flourishing once we admitted our ignorance in ultimately our ignorance in the physical world and discovered or invented you can right word the disciplines of physics and chemistry and once we recognize that our physical world was driven by those scientific disciplines we started flourishing right the scientific age led to lots of things whether it would be transportation health care or lots of other things to improve our quality of life well if you fast forward 14 billion years after that cosmic Big Bang which was driven by physics 50 years ago or so we had a digital Big Bang where there was a massive explosion of bits with the invention of the internet and what we argue in the book is that let's start treating cybersecurity like a science or the scientific principle is that we ought to write down and follow a Rousseau's with you so we can thrive in the in the in a digital Big Bang in the digital age and one more point if you don't mind what we what we noted is that the internet was invented to do two things one connect more people or machines than ever imagined in to do so in speeds that were never imagined so the in the Internet is is optimized around speed in connectivity so if that's the case it may be a fundamental premise of cybersecurity science is make sure that your cyber security solutions are optimized around those same two things that the cyber domains are optimized around speed in integration continue from there you can you can build on more and more complex scientific principles if you focus on those fundamental things and speed and integration yeah that's awesome great insight they're awesome I wanted to throw in while you had the internet history lesson down there also was interesting was a very decentralization concept how does that factor in your opinion to some of the security paradigms is that helped or hurt or is it create opportunities for more secure or does it give the act as an advantage yeah I love your questions is your it's a very informed question and you're in a give me good segue to answer the way you know it should be answer yeah the by definition the distributed nature of the Internet means it's an inherently survivable system which is a wonderful thing to have for a critical infrastructure like that if one piece goes down the hole doesn't go down it's kind of like the power grid the u.s. the u.s. electrical power grid there's too many people who say the grid will go down well that's that's just not a practical thing it's not a reality thing the grades broken up into three major grades and there's AB ulis strategies and implementations of diversification to allow the grid to fail safely so it's not catastrophic Internet's the same thing so like my nipple like I was saying before we ought to de cyber security around a similar principle that a catastrophic failure in one partner to start cybersecurity architecture should result in cascading across your whole architecture so again we need to borrow some lessons from history and I think he bring up a good one that the internet was built on survivability so our cybersecurity strategies need to be the same one of the ways you do that so that's all great theory but one of the ways you do that of course is by making your cybersecurity solutions so that they're very well integrated they connect with each other so that you know speaking in cartoon language you know if one unit can say I'm about to fail help me out and another part of your architecture can pick up a slack and give you some more robust security in that that's what a connected the integrated cyber security architecture do for you yeah it's really fascinating insight and I think resiliency and scale are two things I think are going to be a big wave is going to be added into the transformations that going on now it's it's very interesting you know Phil great conversation I could do a whole hour with you and do a fish lead a virtual panel virtualize that our own event here keynote speech thanks so much for your insight one of things I want to get your thoughts on is something that I've been really thinking a lot lately and gathering perspectives and that is on biosecurity and I say biosecurity I'm referring to covet 19 as a virus because biology involves starting a lab or some people debate all that whether it's true or not but but that's what people work on in the biology world but it spreads virally like malware and has a similar metaphor to cybersecurity so we're seeing conversation starting to happen in Washington DC in Silicon Valley and some of my circles around if biology weapon or it's a tool like open-source software could be a tool for spreading cybersecurity Trojans or other things and techniques like malware spear phishing phishing all these things are techniques that could be deployed metaphorically to viral distribution a biohazard or bio warfare if you will will it look the same and how do you defend against the next covet 19 this is what you know average Americans are seeing the impact of the economy with the shelter in place is that what happens again and how do we prevent it and so a lot of people are thinking about this what is your thoughts because it kind of feels the same way as cybersecurity you got to see it early you got to know what's going on you got to identify it you got to respond to it time to close your contain similar concepts what's your thoughts on with BIOS we don't look with all due respect to the the the bio community let me make a quick analogy to the cyber security strategy right cyber security strategy starts with we start as an attacker so I parts of my previous career I'm an authorized had the opportunity to help develop tools that are very very precisely targeted against foreign adversaries and that's a harder job than you think I mean I think the same is true of anyone of a natural-born or a custom a buyer buyer is that not just any virus has the capability to do a lot of harm to a lot of people selling it so it's it's if that doesn't mean though you can sit back and say since it's hard it'll never happen you need to take proactive measures to look for evidence of a compromise of something whether it's a cyber cyber virus or otherwise you have to actively look for that you have to harm yourself to make sure you're not susceptible to it and once you detect one you need to make sure you have a the ability to do segmentation or quarantine very rapidly very very effectively right so in the cyber security community of course the fundamental strategy is about segmentation you keep different types of things separate that don't need to interact and then if you do have a compromise not everything is compromised and then lastly if you want to gradually say bring things back up to recover you can do some with small chunks I think it's a great analogy segmentation is a good analogy to I think what the nation is trying to do right now by warranty kneeing and gradually reopening up things in in segments in actually mention earlier that some of the other techniques are very very similar you want to have good visibility of where you're at risk and then you can automatically detect and then implement some some mitigations based on that good visibility so I agree with you that it turns out that the cyber security strategies might have a whole lot in common with biohazard I address it's interesting site reliability engineers which is a term that Google coined when they built out their large-scale cloud has become a practice that kind of mindset combined with some of the things that you're saying the cyber security mindset seemed to fit this at scale problem space and I might be an alarmist but I personally believe that we've been having a digital war for many many years now and I think that you know troops aren't landing but it's certainly digital troops and I think that we as a country and a global state and global society have to start thinking about you know these kinds of things where a virus could impact the United States shut down the economy devastating impact so I think Wars can be digital and so I may be an alarmist and a conspirators but I think that you know thinking about it and talking about it might be a good thing so appreciate your insights there Phil appreciated what one other point that might be interesting a few years back I was doing some research with the National Lab and we're looking for novel of cybersecurity analytics and we hired some folks who worked in the biology the bio the biomedical community who were studying a biome fires at the time and it was in recognition that there's a lot of commonality between those who are doing cybersecurity analytics and those reviewing bio biology or biomedical type analytics in you know there was a lot of good cross fertilization between our teams and it kind of helps you bring up one more there's one more point which is what we need to do in cybersecurity in general is have more diversity of workforces right now I don't mean just the traditional but important diversities of sex or color but diversity of experiences right some of the best people I've worked with in the cyber analytics field weren't computer science trained people and that's because they came in problems differently with a different background so one of the things that's really important to our field at large and of course the company my company fort net is to massively increase the amount of cyber security training that's available to people not just the computer scientists the world and the engineers but people in other areas as well the other degree to non-greek people and with that a you know higher level of cyber security training available to a more diverse community not only can we solve the problem of numbers we don't have enough cybersecurity people but we can actually increase our ability to defend against these things I have more greater diversity of thought experience you know that's such a great point I think I just put an exclamation point on that I get that question all the time and the skills gap is should I study computer science and like actually if you can solve problems that's a good thing but really diversity about diversity is a wonderful thing in the age of unlimited compute power because traditionally diversity whether it was protocol diversity or technical diversity or you know human you know makeup that's tend to slow things down but you get higher quality so that's a generalization but you get the point diversity does bring quality and if you're doing a data science you don't want have a blind spot I'm not have enough data so yeah I think a good diverse data set is a wonderful thing you're going to a whole nother level saying bringing diversely skill sets to the table because the problems are diverse is that what you're getting at it is it's one of our I'll say our platforms that we're talking about during the during the covered nineteen crisis which is perhaps there's perhaps we could all make ourselves a little bit better by taking some time out since we're not competing taking some time out and doing a little bit more online training where you can where you can either improve your current set of cybersecurity skills of knowledge or be introduced to them for the first time and so there's one or some wonderful Fortinet training available that can allow both the brand-new folks the field or or the the intermediate level folks with you become higher level experts it's an opportunity for all of us to get better rather than spending that extra hour on the road every day why don't we take at least you know 30 of those 60 minutes or former commute time and usually do some online soccer security treaty feel final question for you great insight great conversation as the world and your friends my friends people we don't know other members of society as they start to realize that the virtualization of life is happening just in your section it's convergence what general advice would you have for someone just from a mental model or mindset standpoint to alleviate any anxiety or change it certainly will be happening so how they can better themselves in their life was it is it thinking more about the the the experiences is it more learning how would you give advice to folks out there who are gonna come out of this post pandemic certainly it's gonna be a different world we're gonna be heightened to digital and virtual but as things become virtualized how can someone take this and make a positive outcome out of all this I I think that the future the future remains bright earlier we talked about sci-fi the integration of the cyber world in the physical world that's gonna provide great opportunities to make us more efficient gives us more free time detect bad things from happening earlier and hopefully mitigating those bad things from happening earlier so a lot of things that some people might use as scare tactics right convergence and Skynet in in robotics and things like that I believe these are things that will make our lives better not worse our responsibilities though is talking about those things making sure people understand that they're coming why they're important and make sure we're putting the right security and privacy to those things as these worlds this physical world and the soccer worlds converged I think the future is bright but we still have some work to do in terms of um making sure we're doing things at very high speeds there's no delay in the cybersecurity we put on top of these applications and make sure we have very very well integrated solutions that don't cause things to become more complex make make things easier to do certainly the winds of change in the big waves with the transformations happening I guess just summarize by saying just make it a head win I mean tailwind not a headwind make it work for you at the time not against it Phil thank you so much for your insights I really appreciate this cube conversation remote interview I'm John Ford with the cube talking about cybersecurity and the fundamentals of understanding what's going on in this new virtual world that we're living in to being virtualized as we get back to work and as things start to to evolve further back to normal the at scale problems and opportunities are there and of course the key was bringing it to you here remotely from our studio I'm John Ferrier thanks for watching [Music]

>> Live, from Washington, D.C. It's theCUBE, covering the AWS Public Sector Summit 2018. Brought to you by Amazon Web Services, and its ecosystem partners. (futuristic music) >> Hey, welcome back everyone. We're live in Washington, D.C. for Amazon Web Services Public Sector Summit. This is their big show for the public sector. It's like a mini reinvent for specifically the public sector. I'm John Furrier, your host, with Stu Miniman, my co-host this segment, and Stewart Mclaurin, president of the White House Historic Association, is our guest. I heard him speak last night at a private dinner with Teresa Carlson and their top customers. Great story here, Amazon success story, but I think something more we can all relate to. Stewart, thank you for joining us and taking the time, appreciate it. >> Thanks John, it's just great to be with you. >> Okay, so let's jump into it; what's your story? You work for the White House Historical Association, which means you preserve stuff? Or, you provide access? Tell the story. >> Well, we have a great and largely untold story, and a part of our partnership with Amazon Web Services is to blow that open so more people know who we are and what we do, and have access to the White House, because it's the people's house. It doesn't belong to any one particular president; it's your house. We were founded in 1961 by First Lady Jacqueline Kennedy, who realized that the White House needed a nonprofit, nonpartisan partner. We have no government funding whatsoever, completely private. So we fund the acquisition of art, furnishings, decorative arts for the White House, if a new rug is needed, or new draperies are needed on the State Floor, or a frame needs to be regilded. We also acquire the china, the presidential and first lady portraits that are done; we fund those. But more importantly, in my view, is our education mission that Mrs. Kennedy also started, to teach and tell the stories of White House history going back to 1792, when George Washington selected that plot of land and the architect to build that house that we know today. So we unpack those stories through publications, programs, lectures, symposia, and now this new multifaceted partnership with AWS. >> Let's talk about, first of all, a great mission. This is the people's house; I love that. But it's always the secret cloak and dagger, kind of what's going on in there? The tours are not always, they're probably packed when people go through there, but the average person on the street doesn't have access. >> Sure, well, your cable news channels handle the politics and the policy of the place. We handle the building and the history, and all that's taken place there, including innovation and technology. If you think of Thomas Edison and Alexander Graham Bell, and others that evolved their early technologies through the White House, about 500,000 people get a chance to go through the White House every year. And when you think about in that small space, the president and his family lives, the president and his staff work, it's the ceremonial stage upon which our most important visitors are received, and then about 500,000 people schlep through, so you imagine 500,000 people that are going through your house, and all of that takes place. But it's very important to us for people to be able to see up close and personal, and walk through these spaces where Lincoln walked, and Roosevelt worked. >> Is that what the book you have, and share the book 'cause it's really historic, and the app that you have with Amazon, I think this is a great-- >> Sure, this is a real prize from our office. Mrs. Kennedy wanted us to teach and tell the stories of White House history, and so the first thing she wanted was a guide book, because the White House never had one. So in 1962, she published this guide book with us, and this is her actual copy. Her hands held this book. This was her copy of the book. Now, we continue to update this. It's now in its 24th edition, and each new edition has the latest renovations and updates that the latest president has added. But it's now 2018. So books are great, but we want to be able to impart this information and experience to people not only around Washington, who are going through the White House, but across the country and around the world. So this app that we've developed, you get through WHExperience at the App Store, you have three different tours. If you're walking through the White House, tours are self-guided, so unless you know what you're looking at, you don't know what you're looking at. So you can hold up an image, you can see, it brings to life for you everything that you're looking at in every room. Two other types of tours; if you're outside the White House in President's Park, it will unpack and open the doors of these rooms for you virtually, so you can see the Oval Office, and the Cabinet Room, and the Blue Room, and the Green Room. If you're around the world, there's a third tour experience, but the best part of it is, empowered by Amazon recognition technology, and it allows people to take a selfie, and it analyzes that selfie against all presidential portraits and first lady portraits, and the spatial features of your face, and it will tell you you're 47% Ronald Reagan, or 27% Jackie Kennedy, and people have a lot of fun with that part of the app. >> (laughs) That's awesome. >> Stewart, fascinating stuff. You know, when I go to a museum a lot of times, it's like, oh, the book was something you get on the way home, because maybe you couldn't take photos, or the book has beautiful photos. Can you speak a little bit about how the technology's making the tours a little bit more interactive? >> Sure, well we love books, and we'll publish six hardbound books this year on the history of the White House, and those are all available at our website, whitehousehistory.org. But the three facets of technology that we're adapting with Amazon, it's the app that I've spoken about, and that has the fun gamification element of portrait analysis, but it also takes you in a deeper depth in each room, even more so than the book does. And we can update it for seasons, like we'll update it for the Fall Garden Tour, we'll update it for the Christmas decorations, we'll update it for the Easter Egg Roll. But another part of the partnership is our digital library. We have tens of thousands of images of the White House that have literally been in a domestic freezer, frozen for decades, and with AWS, we're unpacking those and digitizing them, and it's like bringing history to life for the first time. We're seeing photographs of Kennedy, Johnson, other presidents, that haven't been seen by anybody in decades, and those are becoming available through our digital library. And then third, we're launching here a chatbot, so that through a Lex and Polly technology, AWS technology, you'll be able to go to Alexa and ask questions about White House history and the spaces in the White House, or keyboard to our website and ask those questions as well. >> It's going to open up a lot of windows to the young folks in education too. >> It is. >> It's like you're one command away; Hey, Alexa! >> It takes a one-dimensional picture off of a page, or off of a website, and it gives the user an experience of touring the White House. >> Talk about your vision around modernization. We just had a conversation with the CEO of Tellus, when we're talking about government has a modernization approach, and I think Obama really put the stake in the ground on that; former President Obama. And that means something to a lot of people, for you guys it's extending it forward. But your digital strategy is about bringing the experience digitally online from historical documents, and then going forward. So is there plans in the future, for virtual reality and augmented reality, where I can pop in and-- >> That's right. We're looking to evolve the app, and to do other things that are AR and VR focused, and keep it cool and fun, but we're here in a space that's all about the future. I was talking at this wonderful talk last night, about hundreds of thousands of people living and working on Mars, and that's really great. But we all need to remember our history and our roots. History applies to no matter what field you're in, medicine, law, technology; knowing your history, knowing the history of this house, and what it means to our country. There are billions of people around the world that know what this symbol means, this White House. And those are billions of people who will never come to our country, and certainly never visit the White House. Most of them won't even meet an American, but through this app, they'll be able to go into the doors of the White House and understand it more fully. >> Build a community around it too; is there any online social component? You guys looking around that at all? >> All of this is just launched, and so we do want to build some interactive, because it's important for us to know who these people are. One simple thing we're doing with that now, is we're asking people to socially post and tag us on these comparative pictures they take with presidents and first ladies. So there's been some fun from that. >> So Stewart, one of the things I've found interesting is your association, about 50 people, and what you were telling me off-camera, there's not a single really IT person inside there, so walk us through a little bit about how this partnership began, who helps you through all of these technical decisions, and how you do some pretty fun tech on your space. >> Unfortunately, a lot of historical organizations are a little dusty, or at least perceived to be that way. And so we want to be a first mover in this space, and an influencer of our peer institutions. Later this summer, we're convening 200 presidential sites from around the country, libraries, birthplaces, childhood homes, and we're going to share with them the experience that we've had with AWS. We'll partner or collaborate with them like we're already doing with some, like the Lincoln Library in Illinois, where we have a digitization partnership with them. So with us, it's about collaboration and partnership. We are content rich, but we are reach-challenged, and a way to extend our reach and influence is through wonderful partnerships like AWS, and so that's what we're doing. Now another thing we get with AWS is we're not just hiring an IT vendor of some type. They know our mission, they appreciate our mission, and they support our mission. Teresa Carlson was at the White House with us last Friday, and she had the app, and she was going through and looking at things, and it came to life for her in a new real and fresh way, and she'd been to the White House many times on business. >> That's great; great story. And the thing is, it's very inspirational on getting these other historic sites online. It's interesting. It's a digital library, it's a digital version. So, super good. Content rich, reach-challenged; I love that line. What else is going on? Who funds you guys? How do you make it all work? Who pays the bills? Do you guys do donations, is it philanthropy, is it-- >> We do traditional philanthropy, and we'd love for anybody to engage us in that. During the Reagan Administration in 1981, someone had the brilliant idea, now if I'd been in the room when this happened, I probably would have said, "Okay, fine, do that." But thank goodness we did, because it has funded our organization all these years. And that's the creation of the annual, official White House Christmas ornament, and we feature a different president each year sequentially so we don't have to make a political decision. This year, it's Harry Truman, and that ornament comes with a booklet, and it has elements of that ornament that talk about those years in the White House. So with Truman, it depicts the south balcony, the Truman Balcony on the south portico. The Truman seal that eventually evolved into being the Presidential Seal. On the reverse is the Truman Blue Room of the White House. So these are teaching tools, and we sell a lot of those ornaments. People collect them; once you start, you can't stop. A very traditional thing, but it's an important thing, and that's been a lifeblood. Actually, Teresa Carlson chairs our National Council on White House History. John Wood, that you just had on before me, is on our National Council on White House History. These are some of our strong financial supporters who believe in our mission, and who are collaborating it with us on innovative ways, and it's great to have them involved with us because it brings life in new ways, rather than just paper books. >> Stewart, I had a non-technical question for you. According to your mission, you also obtained pieces. I'm curious; what's the mission these days? What sort of things are you pulling in? >> Well, there's a curator in the White House. It's a government employee that actually manages the White House collection. Before President and Mrs. Kennedy came into the White House, a new president could come in and get rid of anything they wanted to, and they did. That's how they funded the new, by selling the old. That's not the case anymore. With the Kennedys, there's a White House collection, like a museum, and so we'll work with the White House and take their requests. For example, a recent acquisition was an Alma Thomas painting. Alma Thomas is the first African American female artist to have a work in the White House collection; a very important addition. And to have a work in the White House collection, the artist should be deceased and the work over 25 years old, so we're getting more of the 21st century. The great artists of the American 20th century are becoming eligible to have their works in the collection. >> Stewart, thanks so much for coming on theCUBE and sharing your story. It's good to see you speak, and thanks for the ornament we got last night. >> Sure. Well, you've teased this ornament. Everybody's going to want and need one now, so go to whitehousehistory.org. >> John, come on, you have to tell the audience who you got face matched recognition with on the app. >> So who did you get face matched with? >> I think I'm 20% James Buchanan, but you got the Gipper. >> I'm Ronald Reagan. Supply-side economics, trickle-down, what do they call it? Voodoo economics, was his famous thing? >> That's right. >> He had good hair, John. >> Well, you know, our job is to be story tellers, and thank you for letting us share a little bit of our story here today. We love to make good friends through our social channels, and I hope everyone will download this app and enjoy visiting the White House. >> We will help with the reach side and promote your mission. Love the mission, love history, love the digital convergence while preserving and maintaining the great history of the United States. And a great, good tool. It's going to open up-- >> Amazon gave us these stickers for everybody who had downloaded the app, so I'm officially giving you your downloaded app sticker to wear. Stu, this is yours. >> Thank you so much. >> Thanks guys, really appreciate it. >> Thank so much, great mission. Check out the White House-- >> Historical Association. >> Historicalassociation.org, and get the White House app, which is WHExperience on the App Store. >> That's right. >> Okay, thanks so much. Be back with more, stay with us. Live coverage here at AWS, Amazon Web Services Public Sector Summit. We'll be right back. (futuristic music)

(inspirational music) - So GDPR, the General Data Protection Regulation was passed by the EU in 2016, in May of 2016. It is, as Ronald was saying it's four base things. The right to privacy, the right to be forgotten, privacy built into systems by default, and the right to data transfer. - [Panelist] Takes effect next year. - It is already in effect. GDPR took effect in May of 2016. The enforcement penalties take place the 25th of May 2018. Now here's where there's two things on the penalty side that are important for everyone to know. Number one. GDPR is extra territorial. Which means that any EU citizen anywhere on the planet has GDPR goes with them. So say you are a pizza shop in Nebraska. An EU citizen walks in, orders a pizza, gives the credit card, stuff like that. If you for some reason destroy that data, GDPR now applies to you Mr. Pizza Shop, whether or not you do business in the EU, because an EU citizens data is with you. It's true, the penalties are much different than they ever have been. In the old days companies could simply write off penalties as saying that's cost of doing business. With GDPR the penalties are up to 4% of your annual revenue or 20 million euros, which ever is greater, and there may be criminal sanctions against, charges against key company executives. So there's a lot of questions about how this is going to be implemented. But one of the first impacts you will see from a marketing perspective is, all the advertising we do, targeting people by their age, by their personal identifiable information, by their demographics, between now and May 25th 2018 a good chunk of that may have to go away because we may not, there's no way for you to say well this person's an EU citizen this person's not. People give false information all the time online. So how do you differentiate every company regardless whether they are in the EU or not will have to adapt to it. Or deal with the penalties. - When you think about the principles that GDPR gives you, I look at that and think that's just, to me that's just good data management practices and principles. It happens to be around personal data for GDPR right now, but those principles are just valley for probably kind of any kind of data. So if you're on the digital transformation journey, with all the change and all the opportunity that brings, these practices and principles for GDPR, they should be helping drive things like your digital transformation. For a lot of our customers, change is the only constant they've got, especially managing all this whilst everything is changing around you. It's tough for a lot of them. - How are people thinking about the data layer, where it lives, on prem, in the cloud, think about GDPR compliance, you know all that sort of good stuff. How are you and Red Hat, how are you asking people to think about that? - So, you know, data management is a big question. We build storage tooling. We understand how to put the bytes on disk, and persist and maintain the storage. It's a different question what are the data services and what is the data governance or policy around placement. And, I think it's a really interesting part of the ecosystem today. We've been working with some research partners in the Massachusets open cloud at Boston University on a project called Cloud Dataverse. And it has a whole policy question around data. It's there, scientists want to share data sets, to control and understand who you're sharing your data sets with. So its definitely a space that we are interested in. Understand that there's a lot of work to be done there, and GDPR just kind of shines the light right on it. Says, policy and governance around where data is placed is actually fundamental and important. And I think it's an important part because you have seen some of the data issues recently in the news. And, we got to get a handle on where data goes, and ultimately I'd love to see a place where I'm in control of how my data is shared with the rest of the world. - GDPR provides for two types of things that a business must do. It must provide insight into the data that it's captured, about business or an individual, legal entity. And it must also then provide the processes for mediating or taking action against that data according to whatever the customers virtues are. Tell us a little bit about that. - So these are two important features because of GDPR. First thing GDPR has 99 articles and 173 articles and 99 like term technological ways. There are other ways, legal ways to do it, but technologically what they want. Like if Peter decides, that I need to know from this bank or from this social media company how much information you have about me, and what are you doing with it. They have to provide that information in 30 days. That is called right to access. And the second thing is you can come and say, well I'm not using these five things which you sold me earlier I don't want you to use that information, or even have information on that for me or my son or my kid. So you can tell them delete that information or mask that. - And that's call the right to? - Right to erasure, right to remove the data. And these two things are very important. This gives customer, they make customer the king. They make the individual the king. He can say tell me what you have on me, and delete what you have on me. - Now the laws have been in the books in, at least in the EU for GDPR for a while. But the fines start getting leveled in May. - May 5th. - Now we've heard that... - So GDPR is a big thing for us and our customers and prospects as well. So we are actively working on getting GDPR compliant. Today our platform is FIPS compliance, so that's already a big stepping stone to getting there. So we look at GDPR in one of, in two ways again, right? One is the solution that we provide to our customers, the data platform and the data protect as we call it. Being GDPR complaint. Meaning the data that lands on that system. The ability to delete the data, the ability to say who has access to the data, rules based taxes, things like that. The second aspect is, our support and the fact that we have access to a lot of customer information ourselves, right? The fact that we can look at their systems and make sure that, everything we do internally is also GDPR compliant, so that the customers and our support systems and our sales force database is all GDPR as well. So both those elements come into play and we are actively working on all of them. (inspirational music)

>> PA Announcer: Off the plastic tab, and we'll turn on the colors. Welcome to New Orleans. ♪ This is it ♪ ♪ The part when I say I don't want ya ♪ ♪ I'm stronger than I've been before ♪ ♪ This is the part when I set your free ♪ (New Orleans jazz music) ("When the Saints Go Marching In") (rock music) >> PA Announcer: Ladies and gentleman, would you please welcome state of Louisiana chief design officer Matthew Vince and Choice Hotels director of infrastructure services Stacy Nigh. (rock music) >> Well good morning New Orleans, and welcome to my home state. My name is Matt Vince. I'm the chief design office for state of Louisiana. And it's my pleasure to welcome you all to .Next 2018. State of Louisiana is currently re-architecting our cloud infrastructure and Nutanix is the first domino to fall in our strategy to deliver better services to our citizens. >> And I'd like to second that warm welcome. I'm Stacy Nigh director of infrastructure services for Choice Hotels International. Now you may think you know Choice, but we don't own hotels. We're a technology company. And Nutanix is helping us innovate the way we operate to support our franchisees. This is my first visit to New Orleans and my first .Next. >> Well Stacy, you're in for a treat. New Orleans is known for its fabulous food and its marvelous music, but most importantly the free spirit. >> Well I can't wait, and speaking of free, it's my pleasure to introduce the Nutanix Freedom video, enjoy. ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ Ah, ah, ♪ ♪ Ah, ah, ♪ ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ I lose everything, so I can sing ♪ ♪ Hallelujah I'm free ♪ ♪ I'm free, I'm free, I'm free, I'm free ♪ ♪ Gritting your teeth, you hold onto me ♪ ♪ It's never enough, I'm never complete ♪ ♪ Tell me to prove, expect me to lose ♪ ♪ I push it away, I'm trying to move ♪ ♪ I'm desperate to run, I'm desperate to leave ♪ ♪ If I lose it all, at least I'll be free ♪ ♪ Ah, ah ♪ ♪ Ah, ah ♪ ♪ Hallelujah, I'm free ♪ >> PA Announcer: Ladies and gentlemen, please welcome chief marketing officer Ben Gibson ♪ Ah, ah ♪ ♪ Ah, ah ♪ ♪ Hallelujah, I'm free ♪ >> Welcome, good morning. >> Audience: Good morning. >> And welcome to .Next 2018. There's no better way to open up a .Next conference than by hearing from two of our great customers. And Matthew, thank you for welcoming us to this beautiful, your beautiful state and city. And Stacy, this is your first .Next, and I know she's not alone because guess what It's my first .Next too. And I come properly attired. In the front row, you can see my Nutanix socks, and I think my Nutanix blue suit. And I know I'm not alone. I think over 5,000 people in attendance here today are also first timers at .Next. And if you are here for the first time, it's in the morning, let's get moving. I want you to stand up, so we can officially welcome you into the fold. Everyone stand up, first time. All right, welcome. (audience clapping) So you are all joining not just a conference here. This is truly a community. This is a community of the best and brightest in our industry I will humbly say that are coming together to share best ideas, to learn what's happening next, and in particular it's about forwarding not only your projects and your priorities but your careers. There's so much change happening in this industry. It's an opportunity to learn what's coming down the road and learn how you can best position yourself for this whole new world that's happening around cloud computing and modernizing data center environments. And this is not just a community, this is a movement. And it's a movement that started quite awhile ago, but the first .Next conference was in the quiet little town of Miami, and there was about 800 of you in attendance or so. So who in this hall here were at that first .Next conference in Miami? Let me hear from you. (audience members cheering) Yep, well to all of you grizzled veterans of the .Next experience, welcome back. You have started a movement that has grown and this year across many different .Next conferences all over the world, over 20,000 of your community members have come together. And we like to do it in distributed architecture fashion just like here in Nutanix. And so we've spread this movement all over the world with .Next conferences. And this is surging. We're also seeing just today the current count 61,000 certifications and climbing. Our Next community, close to 70,000 active members of our online community because .Next is about this big moment, and it's about every other day and every other week of the year, how we come together and explore. And my favorite stat of all. Here today in this hall amongst the record 5,500 registrations to .Next 2018 representing 71 countries in whole. So it's a global movement. Everyone, welcome. And you know when I got in Sunday night, I was looking at the tweets and the excitement was starting to build and started to see people like Adile coming from Casablanca. Adile wherever you are, welcome buddy. That's a long trip. Thank you so much for coming and being here with us today. I saw other folks coming from Geneva, from Denmark, from Japan, all over the world coming together for this moment. And we are accomplishing phenomenal things together. Because of your trust in us, and because of some early risk candidly that we have all taken together, we've created a movement in the market around modernizing data center environments, radically simplifying how we operate in the services we deliver to our businesses everyday. And this is a movement that we don't just know about this, but the industry is really taking notice. I love this chart. This is Gartner's inaugural hyperconvergence infrastructure magic quadrant chart. And I think if you see where Nutanix is positioned on there, I think you can agree that's a rout, that's a homerun, that's a mic drop so to speak. What do you guys think? (audience clapping) But here's the thing. It says Nutanix up there. We can honestly say this is a win for this hall here. Because, again, without your trust in us and what we've accomplished together and your partnership with us, we're not there. But we are there, and it is thanks to everyone in this hall. Together we have created, expanded, and truly made this market. Congratulations. And you know what, I think we're just getting started. The same innovation, the same catalyst that we drove into the market to converge storage network compute, the next horizon is around multi-cloud. The next horizon is around whether by accident or on purpose the strong move with different workloads moving into public cloud, some into private cloud moving back and forth, the promise of application mobility, the right workload on the right cloud platform with the right economics. Economics is key here. If any of you have a teenager out there, and they have a hold of your credit card, and they're doing something online or the like. You get some surprises at the end of the month. And that surprise comes in the form of spiraling public cloud costs. And this isn't to say we're not going to see a lot of workloads born and running in public cloud, but the opportunity is for us to take a path that regains control over infrastructure, regain control over workloads and where they're run. And the way I look at it for everyone in this hall, it's a journey we're on. It starts with modernizing those data center environments, continues with embracing the full cloud stack and the compelling opportunity to deliver that consumer experience to rapidly offer up enterprise compute services to your internal clients, lines of businesses and then out into the market. It's then about how you standardize across an enterprise cloud environment, that you're not just the infrastructure but the management, the automation, the control, and running any tier one application. I hear this everyday, and I've heard this a lot already this week about customers who are all in with this approach and running those tier one applications on Nutanix. And then it's the promise of not only hyperconverging infrastructure but hyperconverging multiple clouds. And if we do that, this journey the way we see it what we are doing is building your enterprise cloud. And your enterprise cloud is about the private cloud. It's about expanding and managing and taking back control of how you determine what workload to run where, and to make sure there's strong governance and control. And you're radically simplifying what could be an awfully complicated scenario if you don't reclaim and put your arms around that opportunity. Now how do we do this different than anyone else? And this is going to be a big theme that you're going to see from my good friend Sunil and his good friends on the product team. What are we doing together? We're taking all of that legacy complexity, that friction, that inability to be able to move fast because you're chained to old legacy environments. I'm talking to folks that have applications that are 40 years old, and they are concerned to touch them because they're not sure if they can react if their infrastructure can meet the demands of a new, modernized workload. We're making all that complexity invisible. And if all of that is invisible, it allows you to focus on what's next. And that indeed is the spirit of this conference. So if the what is enterprise cloud, and the how we do it different is by making infrastructure invisible, data centers, clouds, then why are we all here today? What is the binding principle that spiritually, that emotionally brings us all together? And we think it's a very simple, powerful word, and that word is freedom. And when we think about freedom, we think about as we work together the freedom to build the data center that you've always wanted to build. It's about freedom to run the applications where you choose based on the information and the context that wasn't available before. It's about the freedom of choice to choose the right cloud platform for the right application, and again to avoid a lot of these spiraling costs in unanticipated surprises whether it be around security, whether it be around economics or governance that come to the forefront. It's about the freedom to invent. It's why we got into this industry in the first place. We want to create. We want to build things not keep the lights on, not be chained to mundane tasks day by day. And it's about the freedom to play. And I hear this time and time again. My favorite tweet from a Nutanix customer to this day is just updated a lot of nodes at 38,000 feed on United Wifi, on my way to spend vacation with my family. Freedom to play. This to me is emotionally what brings us all together and what you saw with the Freedom video earlier, and what you see here is this new story because we want to go out and spread the word and not only talk about the enterprise cloud, not only talk about how we do it better, but talk about why it's so compelling to be a part of this hall here today. Now just one note of housekeeping for everyone out there in case I don't want anyone to take a wrong turn as they come to this beautiful convention center here today. A lot of freedom going on in this convention center. As luck may have it, there's another conference going on a little bit down that way based on another high growth, disruptive industry. Now MJBizCon Next, and by coincidence it's also called next. And I have to admire the creativity. I have to admire that we do share a, hey, high growth business model here. And in case you're not quite sure what this conference is about. I'm the head of marketing here. I have to show the tagline of this. And I read the tagline from license to launch and beyond, the future of the, now if I can replace that blank with our industry, I don't know, to me it sounds like a new, cool Sunil product launch. Maybe launching a new subscription service or the like. Stay tuned, you never know. I think they're going to have a good time over there. I know we're going to have a wonderful week here both to learn as well as have a lot of fun particularly in our customer appreciation event tonight. I want to spend a very few important moments on .Heart. .Heart is Nutanix's initiative to promote diversity in the technology arena. In particular, we have a focus on advancing the careers of women and young girls that we want to encourage to move into STEM and high tech careers. You have the opportunity to engage this week with this important initiative. Please role the video, and let's learn more about how you can do so. >> Video Plays (electronic music) >> So all of you have received these .Heart tokens. You have the freedom to go and choose which of the four deserving charities can receive donations to really advance our cause. So I thank you for your engagement there. And this community is behind .Heart. And it's a very important one. So thank you for that. .Next is not the community, the moment it is without our wonderful partners. These are our amazing sponsors. Yes, it's about sponsorship. It's also about how we integrate together, how we innovate together, and we're about an open community. And so I want to thank all of these names up here for your wonderful sponsorship of this event. I encourage everyone here in this room to spend time, get acquainted, get reacquainted, learn how we can make wonderful music happen together, wonderful music here in New Orleans happen together. .Next isn't .Next with a few cool surprises. Surprise number one, we have a contest. This is a still shot from the Freedom video you saw right before I came on. We have strategically placed a lucky seven Nutanix Easter eggs in this video. And if you go to Nutanix.com/freedom, watch the video. You may have to use the little scrubbing feature to slow down 'cause some of these happen quickly. You're going to find some fun, clever Easter eggs. List all seven, tweet that out, or as many as you can, tweet that out with hashtag nextconf, C, O, N, F, and we'll have a random drawing for an all expenses paid free trip to .Next 2019. And just to make sure everyone understands Easter egg concept. There's an eighth one here that's actually someone that's quite famous in our circles. If you see on this still shot, there's someone in the back there with a red jacket on. That's not just anyone. We're targeting in here. That is our very own Julie O'Brien, our senior vice president of corporate marketing. And you're going to hear from Julie later on here at .Next. But Julie and her team are the engine and the creativity behind not only our new Freedom campaign but more importantly everything that you experience here this week. Julie and her team are amazing, and we can't wait for you to experience what they've pulled together for you. Another surprise, if you go and visit our Freedom booths and share your stories. So they're like video booths, you share your success stories, your partnerships, your journey that I talked about, you will be entered to win a beautiful Nutanix brand compliant, look at those beautiful colors, bicycle. And it's not just any bicycle. It's a beautiful bicycle made by our beautiful customer Trek. I actually have a Trek bike. I love cycling. Unfortunately, I'm not eligible, but all of you are. So please share your stories in the Freedom Nutanix's booths and put yourself in the running, or in the cycling to get this prize. One more thing I wanted to share here. Yesterday we had a great time. We had our inaugural Nutanix hackathon. This hackathon brought together folks that were in devops practices, many of you that are in this room. We sold out. We thought maybe we'd get four or five teams. We had to shutdown at 14 teams that were paired together with a Nutanix mentor, and you coded. You used our REST APIs. You built new apps that integrated in with Prism and Clam. And it was wonderful to see this. Everyone I talked to had a great time on this. We had three winners. In third place, we had team Copper or team bronze, but team Copper. Silver, Not That Special, they're very humble kind of like one of our key mission statements. And the grand prize winner was We Did It All for the Cookies. And you saw them coming in on our Mardi Gras float here. We Did It All for Cookies, they did this very creative job. They leveraged an Apple Watch. They were lighting up VMs at a moments notice utilizing a lot of their coding skills. Congratulations to all three, first, second, and third all receive $2,500. And then each of them, then were able to choose a charity to deliver another $2,500 including Ronald McDonald House for the winner, we did it all for the McDonald Land cookies, I suppose, to move forward. So look for us to do more of these kinds of events because we want to bring together infrastructure and application development, and this is a great, I think, start for us in this community to be able to do so. With that, who's ready to hear form Dheeraj? You ready to hear from Dheeraj? (audience clapping) I'm ready to hear from Dheeraj, and not just 'cause I work for him. It is my distinct pleasure to welcome on the stage our CEO, cofounder and chairman Dheeraj Pandey. ("Free" by Broods) ♪ Hallelujah, I'm free ♪ >> Thank you Ben and good morning everyone. >> Audience: Good morning. >> Thank you so much for being here. It's just such an elation when I'm thinking about the Mardi Gras crowd that came here, the partners, the customers, the NTCs. I mean there's some great NTCs up there I could relate to because they're on Slack as well. How many of you are in Slack Nutanix internal Slack channel? Probably 5%, would love to actually see this community grow from here 'cause this is not the only even we would love to meet you. We would love to actually do this in a real time bite size communication on our own internal Slack channel itself. Now today, we're going to talk about a lot of things, but a lot of hard things, a lot of things that take time to build and have evolved as the industry itself has evolved. And one of the hard things that I want to talk about is multi-cloud. Multi-cloud is a really hard problem 'cause it's full of paradoxes. It's really about doing things that you believe are opposites of each other. It's about frictionless, but it's also about governance. It's about being simple, and it's also about being secure at the same time. It's about delight, it's about reducing waste, it's about owning, and renting, and finally it's also about core and edge. How do you really make this big at a core data center whether it's public or private? Or how do you really shrink it down to one or two nodes at the edge because that's where your machines are, that's where your people are? So this is a really hard problem. And as you hear from Sunil and the gang there, you'll realize how we've actually evolved our solutions to really cater to some of these. One of the approaches that we have used to really solve some of these hard problems is to have machines do more, and I said a lot of things in those four words, have machines do more. Because if you double-click on that sentence, it really means we're letting design be at the core of this. And how do you really design data centers, how do you really design products for the data center that hush all the escalations, the details, the complexities, use machine-learning and AI and you know figure our anomaly detection and correlations and patter matching? There's a ton of things that you need to do to really have machines do more. But along the way, the important lesson is to make machines invisible because when machines become invisible, it actually makes something else visible. It makes you visible. It makes governance visible. It makes applications visible, and it makes services visible. A lot of things, it makes teams visible, careers visible. So while we're really talking about invisibility of machines, we're talking about visibility of people. And that's how we really brought all of you together in this conference as well because it makes all of us shine including our products, and your careers, and your teams as well. And I try to define the word customer success. You know it's one of the favorite words that I'm actually using. We've just hired a great leader in customer success recently who's really going to focus on this relatively hard problem, yet another hard problem of customer success. We think that customer success, true customer success is possible when we have machines tend towards invisibility. But along the way when we do that, make humans tend towards freedom. So that's the real connection, the yin-yang of machines and humans that Nutanix is really all about. And that's why design is at the core of this company. And when I say design, I mean reducing friction. And it's really about reducing friction. And everything we do, the most mundane of things which could be about migrating applications, spinning up VMs, self-service portals, automatic upgrades, and automatic scale out, and all the things we do is about reducing friction which really makes machines become invisible and humans gain freedom. Now one of the other convictions we have is how all of us are really tied at the hip. You know our success is tied to your success. If we make you successful, and when I say you, I really mean Main Street. Main Street being customers, and partners, and employees. If we make all of you successful, then we automatically become successful. And very coincidentally, Main Street and Wall Street are also tied in that very same relation as well. If we do a great job at Main Street, I think the Wall Street customer, i.e. the investor, will take care of itself. You'll have you know taken care of their success if we took care of Main Street success itself. And that's the narrative that our CFO Dustin Williams actually went and painted to our Wall Street investors two months ago at our investor day conference. We talked about a $3 billion number. We said look as a company, as a software company, we can go and achieve $3 billion in billings three years from now. And it was a telling moment for the company. It was really about talking about where we could be three years from now. But it was not based on a hunch. It was based on what we thought was customer success. Now realize that $3 billion in pure software. There's only 10 to 15 companies in the world that actually have that kind of software billings number itself. But at the core of this confidence was customer success, was the fact that we were doing a really good job of not over promising and under delivering but under promising starting with small systems and growing the trust of the customers over time. And this is one of the statistics we actually talk about is repeat business. The first dollar that a Global 2000 customer spends in Nutanix, and if we go and increase their trust 15 times by year six, and we hope to actually get 17 1/2 and 19 times more trust in the years seven and eight. It's very similar numbers for non Global 2000 as well. Again, we go and really hustle for customer success, start small, have you not worry about paying millions of dollars upfront. You know start with systems that pay as they grow, you pay as they grow, and that's the way we gain trust. We have the same non Global 2000 pay $6 1/2 for the first dollar they've actually spent on us. And with this, I think the most telling moment was when Dustin concluded. And this is key to this audience here as well. Is how the current cohorts which is this audience here and many of them were not here will actually carry the weight of $3 billion, more than 50% of it if we did a great job of customer success. If we were humble and honest and we really figured out what it meant to take care of you, and if we really understood what starting small was and having to gain the trust with you over time, we think that more than 50% of that billings will actually come from this audience here without even looking at new logos outside. So that's the trust of customer success for us, and it takes care of pretty much every customer not just the Main Street customer. It takes care of Wall Street customer. It takes care of employees. It takes care of partners as well. Now before I talk about technology and products, I want to take a step back 'cause many of you are new in this audience. And I think that it behooves us to really talk about the history of this company. Like we've done a lot of things that started out as science projects. In fact, I see some tweets out there and people actually laugh at Nutanix cloud. And this is where we were in 2012. So if you take a step back and think about where the company was almost seven, eight years ago, we were up against giants. There was a $30 billion industry around network attached storage, and storage area networks and blade servers, and hypervisors, and systems management software and so on. So what did we start out with? Very simple premise that we will collapse the architecture of the data center because three tier is wasteful and three tier is not delightful. It was a very simple hunch, we said we'll take rack mount servers, we'll put a layer of software on top of it, and that layer of software back then only did storage. It didn't do networks and security, and it ran on top of a well known hypervisor from VMware. And we said there's one non negotiable thing. The fact that the design must change. The control plane for this data center cannot be the old control plane. It has to be rethought through, and that's why Prism came about. Now we went and hustled hard to add more things to it. We said we need to make this diverse because it can't just be for one application. We need to make it CPU heavy, and memory heavy, and storage heavy, and flash heavy and so on. And we built a highly configurable HCI. Now all of them are actually configurable as you know of today. And this was not just innovation in technologies, it was innovation in business and sizing, capacity planning, quote to cash business processes. A lot of stuff that we had to do to make this highly configurable, so you can really scale capacity and performance independent of each other. Then in 2014, we did something that was very counterintuitive, but we've done this on, and on, and on again. People said why are you disrupting yourself? You know you've been doing a good job of shipping appliances, but we also had the conviction that HCI was not about hardware. It was about a form factor, but it was really about an operating system. And we started to compete with ourselves when we said you know what we'll do arm's length distribution, we'll do arm's length delivery of products when we give our software to our Dell partner, to Dell as a partner, a loyal partner. But at the same time, it was actually seen with a lot of skepticism. You know these guys are wondering how to really make themselves vanish because they're competing with themselves. But we also knew that if we didn't compete with ourselves someone else will. Now one of the most controversial decisions was really going and doing yet another hypervisor. In the year 2015, it was really preposterous to build yet another hypervisor. It was a very mature market. This was coming probably 15 years too late to the market, or at least 10 years too late to market. And most people said it shouldn't be done because hypervisor is a commodity. And that's the word we latched on to. That this commodity should not have to be paid for. It shouldn't have a team of people managing it. It should actually be part of your overall stack, but it should be invisible. Just like storage needs to be invisible, virtualization needs to be invisible. But it was a bold step, and I think you know at least when we look at our current numbers, 1/3rd of our customers are actually using AHV. At least every quarter that we look at it, our new deployments, at least 35% of it is actually being used on AHV itself. And again, a very preposterous thing to have said five years ago, four years ago to where we've actually come. Thank you so much for all of you who've believed in the fact that virtualization software must be invisible and therefore we should actually try out something that is called AHV today. Now we went and added Lenovo to our OEM mix, started to become even more of a software company in the year 2016. Went and added HP and Cisco in some of very large deals that we talk about in earnings call, our HP deals and Cisco deals. And some very large customers who have procured ELAs from us, enterprise license agreements from us where they want to mix and match hardware. They want to mix Dell hardware with HP hardware but have common standard Nutanix entitlements. And finally, I think this was another one of those moments where we say why should HCI be only limited to X86. You know this operating systems deserves to run on a non X86 architecture as well. And that gave birth to this idea of HCI and Power Systems from IBM. And we've done a great job of really innovating with them in the last three, four quarters. Some amazing innovation that has come out where you can now run AIX 7.x on Nutanix. And for the first time in the history of data center, you can actually have a single software not just a data plane but a control plane where you can manage an IBM farm, an Power farm, and open Power farm and an X86 farm from the same control plane and have you know the IBM farm feed storage to an Intel compute farm and vice versa. So really good things that we've actually done. Now along the way, something else was going on while we were really busy building the private cloud, we knew there was a new consumption model on computing itself. People were renting computing using credit cards. This is the era of the millennials. They were like really want to bypass people because at the end of the day, you know why can't computing be consumed the way like eCommerce is? And that devops movement made us realize that we need to add to our stack. That stack will now have other computing clouds that is AWS and Azure and GCP now. So similar to the way we did Prism. You know Prism was really about going and making hypervisors invisible. You know we went ahead and said we'll add Calm to our portfolio because Calm is now going to be what Prism was to us back when we were really dealing with multi hypervisor world. Now it's going to be multi-cloud world. You know it's one of those things we had a gut around, and we really come to expect a lot of feedback and real innovation. I mean yesterday when we had the hackathon. The center, the epicenter of the discussion was Calm, was how do you automate on multiple clouds without having to write a single line of code? So we've come a long way since the acquisition of Calm two years ago. I think it's going to be a strong pillar in our overall product portfolio itself. Now the word multi-cloud is going to be used and over used. In fact, it's going to be blurring its lines with the idea of hyperconvergence of clouds, you know what does it mean. We just hope that hyperconvergence, the way it's called today will morph to become hyperconverged clouds not just hyperconverged boxes which is a software defined infrastructure definition itself. But let's focus on the why of multi-cloud. Why do we think it can't all go into a public cloud itself? The one big reason is just laws of the land. There's data sovereignty and computing sovereignty, regulations and compliance because of which you need to be in where the government with the regulations where the compliance rules want you to be. And by the way, that's just one reason why the cloud will have to disperse itself. It can't just be 10, 20 large data centers around the world itself because you have 200 plus countries and half of computing actually gets done outside the US itself. So it's a really important, very relevant point about the why of multi-cloud. The second one is just simple laws of physics. You know if there're machines at the edge, and they're producing so much data, you can't bring all the data to the compute. You have to take the compute which is stateless, it's an app. You take the app to where the data is because the network is the enemy. The network has always been the enemy. And when we thought we've made fatter networks, you've just produced more data as well. So this just goes without saying that you take something that's stateless that's without gravity, that's lightweight which is compute and the application and push it close to where the data itself is. And the third one which is related is just latency reasons you know? And it's not just about machine latency and electrons transferring over the speed light, and you can't defy the speed of light. It's also about human latency. It's also about multiple teams saying we need to federate and delegate, and we need to push things down to where the teams are as opposed to having to expect everybody to come to a very large computing power itself. So all the ways, the way they are, there will be at least three different ways of looking at multi-cloud itself. There's a centralized core cloud. We all go and relate to this because we've seen large data centers and so on. And that's the back office workhorse. It will crunch numbers. It will do processing. It will do a ton of things that will go and produce results for you know how we run our businesses, but there's also the dispersal of the cloud, so ROBO cloud. And this is the front office server that's really serving. It's a cloud that's going to serve people. It's going to be closer to people, and that's what a ROBO cloud is. We have a ton of customers out here who actually use Nutanix and the ROBO environments themselves as one node, two node, three node, five node servers, and it just collapses the entire server closet room in these ROBOs into something really, really small and minuscule. And finally, there's going to be another dispersed edge cloud because that's where the machines are, that's where the data is. And there's going to be an IOT machine fog because we need to miniaturize computing to something even smaller, maybe something that can really land in the palm in a mini server which is a PC like server, but you need to run everything that's enterprise grade. You should be able to go and upgrade them and monitor them and analyze them. You know do enough computing up there, maybe event-based processing that can actually happen. In fact, there's some great innovation that we've done at the edge with IOTs that I'd love for all of you to actually attend some sessions around as well. So with that being said, we have a hole in the stack. And that hole is probably one of the hardest problems that we've been trying to solve for the last two years. And Sunil will talk a lot about that. This idea of hybrid. The hybrid of multi-cloud is one of the hardest problems. Why? Because we're talking about really blurring the lines with owning and renting where you have a single-tenant environment which is your data center, and a multi-tenant environment which is the service providers data center, and the two must look like the same. And the two must look like the same is that hard a problem not just for burst out capacity, not just for security, not just for identity but also for networks. Like how do you blur the lines between networks? How do you blur the lines for storage? How do you really blur the lines for a single pane of glass where you can think of availability zones that look highly symmetric even though they're not because one of 'em is owned by you, and it's single-tenant. The other one is not owned by you, that's multi-tenant itself. So there's some really hard problems in hybrid that you'll hear Sunil talk about and the team. And some great strides that we've actually made in the last 12 months of really working on Xi itself. And that completes the picture now in terms of how we believe the state of computing will be going forward. So what are the must haves of a multi-cloud operating system? We talked about marketplace which is catalogs and automation. There's a ton of orchestration that needs to be done for multi-cloud to come together because now you have a self-service portal which is providing an eCommerce view. It's really about you know getting to do a lot of requests and workflows without having people come in the way, without even having tickets. There's no need for tickets if you can really start to think like a self-service portal as if you're just transacting eCommerce with machines and portals themselves. Obviously the next one is networking security. You need to blur the lines between on-prem and off-prem itself. These two play a huge role. And there's going to be a ton of details that you'll see Sunil talk about. But finally, what I want to focus on the rest of the talk itself here is what governance and compliance. This is a hard problem, and it's a hard problem because things have evolved. So I'm going to take a step back. Last 30 years of computing, how have consumption models changed? So think about it. 30 years ago, we were making decisions for 10 plus years, you know? Mainframe, at least 10 years, probably 20 plus years worth of decisions. These were decisions that were extremely waterfall-ish. Make 10s of millions of dollars worth of investment for a device that we'd buy for at least 10 to 20 years. Now as we moved to client-server, that thing actually shrunk. Now you're talking about five years worth of decisions, and these things were smaller. So there's a little bit more velocity in our decisions. We were not making as waterfall-ish decision as we used to with mainframes. But still five years, talk about virtualized, three tier, maybe three to five year decisions. You know they're still relatively big decisions that we were making with computer and storage and SAN fabrics and virtualization software and systems management software and so on. And here comes Nutanix, and we said no, no. We need to make it smaller. It has to become smaller because you know we need to make more agile decisions. We need to add machines every week, every month as opposed to adding you know machines every three to five years. And we need to be able to upgrade them, you know any point in time. You can do the upgrades every month if you had to, every week if you had to and so on. So really about more agility. And yet, we were not complete because there's another evolution going on, off-prem in the public cloud where people are going and doing reserved instances. But more than that, they were doing on demand stuff which no the decision was days to weeks. Some of these things that unitive compute was being rented for days to weeks, not years. And if you needed something more, you'd shift a little to the left and use reserved instances. And then spot pricing, you could do spot pricing for hours and finally lambda functions. Now you could to function as a service where things could actually be running only for minutes not even hours. So as you can see, there's a wide spectrum where when you move to the right, you get more elasticity, and when you move to the left, you're talking about predictable decision making. And in fact, it goes from minutes on one side to 10s of years on the other itself. And we hope to actually go and blur the lines between where NTNX is today where you see Nutanix right now to where we really want to be with reserved instances and on demand. And that's the real ask of Nutanix. How do you take care of this discontinuity? Because when you're owning things, you actually end up here, and when you're renting things, you end up here. What does it mean to really blur the lines between these two because people do want to make decisions that are better than reserved instance in the public cloud. We'll talk about why reserved instances which looks like a proxy for Nutanix it's still very, very wasteful even though you might think it's delightful, it's very, very wasteful. So what does it mean for on-prem and off-prem? You know you talk about cost governance, there's security compliance. These high velocity decisions we're actually making you know where sometimes you could be right with cost but wrong on security, but sometimes you could be right in security but wrong on cost. We need to really figure out how machines make some of these decisions for us, how software helps us decide do we have the right balance between cost, governance, and security compliance itself? And to get it right, we have introduced our first SAS service called Beam. And to talk more about Beam, I want to introduce Vijay Rayapati who's the general manager of Beam engineering to come up on stage and talk about Beam itself. Thank you Vijay. (rock music) So you've been here a couple of months now? >> Yes. >> At the same time, you spent the last seven, eight years really handling AWS. Tell us more about it. >> Yeah so we spent a lot of time trying to understand the last five years at Minjar you know how customers are really consuming in this new world for their workloads. So essentially what we tried to do is understand the consumption models, workload patterns, and also build algorithms and apply intelligence to say how can we lower this cost and you know improve compliance of their workloads.? And now with Nutanix what we're trying to do is how can we converge this consumption, right? Because what happens here is most customers start with on demand kind of consumption thinking it's really easy, but the total cost of ownership is so high as the workload elasticity increases, people go towards spot or a scaling, but then you need a lot more automation that something like Calm can help them. But predictability of the workload increases, then you need to move towards reserved instances, right to lower costs. >> And those are some of the things that you go and advise with some of the software that you folks have actually written. >> But there's a lot of waste even in the reserved instances because what happens it while customers make these commitments for a year or three years, what we see across, like we track a billion dollars in public cloud consumption you know as a Beam, and customers use 20%, 25% of utilization of their commitments, right? So how can you really apply, take the data of consumption you know apply intelligence to essentially reduce their you know overall cost of ownership. >> You said something that's very telling. You said reserved instances even though they're supposed to save are still only 20%, 25% utilized. >> Yes, because the workloads are very dynamic. And the next thing is you can't do hot add CPU or hot add memory because you're buying them for peak capacity. There is no convergence of scaling that apart from the scaling as another node. >> So you actually sized it for peak, but then using 20%, 30%, you're still paying for the peak. >> That's right. >> Dheeraj: That can actually add up. >> That's what we're trying to say. How can we deliver visibility across clouds? You know how can we deliver optimization across clouds and consumption models and bring the control while retaining that agility and demand elasticity? >> That's great. So you want to show us something? >> Yeah absolutely. So this is Beam as just Dheeraj outlined, our first SAS service. And this is my first .Next. And you know glad to be here. So what you see here is a global consumption you know for a business across different clouds. Whether that's in a public cloud like Amazon, or Azure, or Nutanix. We kind of bring the consumption together for the month, the recent month across your accounts and services and apply intelligence to say you know what is your spent efficiency across these clouds? Essentially there's a lot of intelligence that goes in to detect your workloads and consumption model to say if you're spending $100, how efficiently are you spending? How can you increase that? >> So you have a centralized view where you're looking at multiple clouds, and you know you talk about maybe you can take an example of an account and start looking at it? >> Yes, let's go into a cloud provider like you know for this business, let's go and take a loot at what's happening inside an Amazon cloud. Here we get into the deeper details of what's happening with the consumption of a specific services as well as the utilization of both on demand and RI. You know what can you do to lower your cost and detect your spend efficiency of a dollar to see you know are there resources that are provisioned by teams for applications that are not being used, or are there resources that we should go and rightsize because you know we have all this monitoring data, configuration data that we crunch through to basically detect this? >> You think there's billions of events that you look at everyday. You're already looking at a billon dollars worth of AWS spend. >> Right, right. >> So billions of events, billing, metering events every year to really figure out and optimize for them. >> So what we have here is a very popular international government organization. >> Dheeraj: Wow, so it looks like Russians are everywhere, the cloud is everywhere actually. >> Yes, it's quite popular. So when you bring your master account into Beam, we kind of detect all the linked accounts you know under that. Then you can go and take a look at not just at the organization level within it an account level. >> So these are child objects, you know. >> That's right. >> You can think of them as ephemeral accounts that you create because you don't want to be on the record when you're doing spams on Facebook for example. >> Right, let's go and take a look at what's happening inside a Facebook ad spend account. So we have you know consumption of the services. Let's go deeper into compute consumption, and you kind of see a trendline. You can do a lot of computing. As you see, looks like one campaign has ended. They started another campaign. >> Dheeraj: It looks like they're not stopping yet, man. There's a lot of money being made in Facebook right now. (Vijay laughing) >> So not only just get visibility at you know compute as a service inside a cloud provider, you can go deeper inside compute and say you know what is a service that I'm really consuming inside compute along with the CPUs n'stuff, right? What is my data transfer? You know what is my network? What is my load blancers? So essentially you get a very deeper visibility you know as a service right. Because we have three goals for Beam. How can we deliver visibility across clouds? How can we deliver visibility across services? And how can we deliver, then optimization? >> Well I think one thing that I just want to point out is how this SAS application was an extremely teachable moment for me to learn about the different resources that people could use about the public cloud. So all of you who actually have not gone deep enough into the idea of public cloud. This could be a great app for you to learn about things, the resources, you know things that you could do to save and security and things of that nature. >> Yeah. And we really believe in creating the single pane view you know to mange your optimization of a public cloud. You know as Ben spoke about as a business, you need to have freedom to use any cloud. And that's what Beam delivers. How can you make the right decision for the right workload to use any of the cloud of your choice? >> Dheeraj: How 'about databases? You talked about compute as well but are there other things we could look at? >> Vijay: Yes, let's go and take a look at database consumption. What you see here is they're using inside Facebook ad spending, they're using all databases except Oracle. >> Dheeraj: Wow, looks like Oracle sales folks have been active in Russia as well. (Vijay laughing) >> So what we're seeing here is a global view of you know what is your spend efficiency and which is kind of a scorecard for your business for the dollars that you're spending. And the great thing is Beam kind of brings together you know through its intelligence and algorithms to detect you know how can you rightsize resources and how can you eliminate things that you're not using? And we deliver and one click fix, right? Let's go and take a look at resources that are maybe provisioned for storage and not being used. We deliver the seamless one-click philosophy that Nutanix has to eliminate it. >> So one click, you can actually just pick some of these wasteful things that might be looking delightful because using public cloud, using credit cards, you can go in and just say click fix, and it takes care of things. >> Yeah, and not only remove the resources that are unused, but it can go and rightsize resources across your compute databases, load balancers, even past services, right? And this is where the power of it kind of comes for a business whether you're using on-prem and off-prem. You know how can you really converge that consumption across both? >> Dheeraj: So do you have something for Nutanix too? >> Vijay: Yes, so we have basically been working on Nutanix with something that we're going to deliver you know later this year. As you can see here, we're bringing together the consumption for the Nutanix, you know the services that you're using, the licensing and capacity that is available. And how can you also go and optimize within Nutanix environments >> That's great. >> for the next workload. Now let me quickly show you what we have on the compliance side. This is an extremely powerful thing that we've been working on for many years. What we deliver here just like in cost governance, a global view of your compliance across cloud providers. And the most powerful thing is you can go into a cloud provider, get the next level of visibility across cloud regimes for hundreds of policies. Not just policies but those policies across different regulatory compliances like HIPA, PCI, CAS. And that's very powerful because-- >> So you're saying a lot of what you folks have done is codified these compliance checks in software to make sure that people can sleep better at night knowing that it's PCI, and HIPA, and all that compliance actually comes together? >> And you can build this not just by cloud accounts, you can build them across cloud accounts which is what we call security centers. Essentially you can go and take a deeper look at you know the things. We do a whole full body scan for your cloud infrastructure whether it's AWS Amazon or Azure, and you can go and now, again, click to fix things. You know that had been probably provisioned that are violating the security compliance rules that should be there. Again, we have the same one-click philosophy to say how can you really remove things. >> So again, similar to save, you're saying you can go and fix some of these security issues by just doing one click. >> Absolutely. So the idea is how can we give our people the freedom to get visibility and use the right cloud and take the decisions instantly through one click. That's what Beam delivers you know today. And you know get really excited, and it's available at beam.nutanix.com. >> Our first SAS service, ladies and gentleman. Thank you so much for doing this, Vijay. It looks like there's going to be a talk here at 10:30. You'll talk more about the midterm elections there probably? >> Yes, so you can go and write your own security compliances as well. You know within Beam, and a lot of powerful things you can do. >> Awesome, thank you so much, Vijay. I really appreciate it. (audience clapping) So as you see, there's a lot of work that we're doing to really make multi-cloud which is a hard problem. You know think about working the whole body of it and what about cost governance? What about security compliance? Obviously what about hybrid networks, and security, and storage, you know compute, many of the things that you've actually heard from us, but we're taking it to a level where the business users can now understand the implications. A CFO's office can understand the implications of waste and delight. So what does customer success mean to us? You know again, my favorite word in a long, long time is really go and figure out how do you make you, the customer, become operationally efficient. You know there's a lot of stuff that we deliver through software that's completely uncovered. It's so latent, you don't even know you have it, but you've paid for it. So you've got to figure out what does it mean for you to really become operationally efficient, organizationally proficient. And it's really important for training, education, stuff that you know you're people might think it's so awkward to do in Nutanix, but it could've been way simpler if you just told you a place where you can go and read about it. Of course, I can just use one click here as opposed to doing things the old way. But most importantly to make it financially accountable. So the end in all this is, again, one of the things that I think about all the time in building this company because obviously there's a lot of stuff that we want to do to create orphans, you know things above the line and top line and everything else. There's also a bottom line. Delight and waste are two sides of the same coin. You know when we're talking about developers who seek delight with public cloud at the same time you're looking at IT folks who're trying to figure out governance. They're like look you know the CFOs office, the CIOs office, they're trying to figure out how to curb waste. These two things have to go hand in hand in this era of multi-cloud where we're talking about frictionless consumption but also governance that looks invisible. So I think, at the end of the day, this company will do a lot of stuff around one-click delight but also go and figure out how do you reduce waste because there's so much waste including folks there who actually own Nutanix. There's so much software entitlement. There's so much waste in the public cloud itself that if we don't go and put our arms around, it will not lead to customer success. So to talk more about this, the idea of delight and the idea of waste, I'd like to bring on board a person who I think you know many of you actually have talked about it have delightful hair but probably wasted jokes. But I think has wasted hair and delightful jokes. So ladies and gentlemen, you make the call. You're the jury. Sunil R.M.J. Potti. ("Free" by Broods) >> So that was the first time I came out from the bottom of a screen on a stage. I actually now know what it feels to be like a gopher. Who's that laughing loudly at the back? Okay, do we have the... Let's see. Okay, great. We're about 15 minutes late, so that means we're running right on time. That's normally how we roll at this conference. And we have about three customers and four demos. Like I think there's about three plus six, about nine folks coming onstage. So we'll have our own version of the parade as well on the main stage for the next 70 minutes. So let's just jump right into it. I think we've been pretty consistent in terms of our longterm plans since we started the company. And it's become a lot more clearer over the last few years about our plans to essentially make computing invisible as Dheeraj mentioned. We're doing this across multiple acts. We started with HCI. We call it making infrastructure invisible. We extended that to making data centers invisible. And then now we're in this mode of essentially extending it to converging clouds so that you can actually converge your consumption models. And so today's conference and essentially the theme that you're going to be seeing throughout the breakout sessions is about a journey towards invisible clouds, but make sure that you internalize the fact that we're investing heavily in each of the three phases. It's just not about the hybrid cloud with Nutanix, it's about actually finishing the job about making infrastructure invisible, expanding that to kind of go after the full data center, and then of course embark on some real meaningful things around invisible clouds, okay? And to start the session, I think you know the part that I wanted to make sure that we are all on the same page because most of us in the room are still probably in this phase of the journey which is about invisible infrastructure. And there the three key products and especially two of them that most of you guys know are Acropolis and Prism. And they're sort of like the bedrock of our company. You know especially Acropolis which is about the web scale architecture. Prism is about consumer grade design. And with Acropolis now being really mature. It's in the seventh year of innovation. We still have more than half of our company in terms of R and D spend still on Acropolis and Prism. So our core product is still sort of where we think we have a significant differentiation on. We're not going to let our foot off the peddle there. You know every time somebody comes to me and says look there's a new HCI render popping out or an existing HCI render out there, I ask a simple question to our customers saying show me 100 customers with 100 node deployments, and it will be very hard to find any other render out there that does the same thing. And that's the power of Acropolis the code platform. And then it's you know the fact that the velocity associated with Acropolis continues to be on a fast pace. We came out with various new capabilities in 5.5 and 5.6, and one of the most complicated things to get right was the fact to shrink our three node cluster to a one node, two node deployment. Most of you actually had requirements on remote office, branch office, or the edge that actually allowed us to kind of give us you know sort of like the impetus to kind of go design some new capabilities into our core OS to get this out. And associated with Acropolis and expanding into Prism, as you will see, the first couple of years of Prism was all about refactoring the user interface, doing a good job with automation. But more and more of the investments around Prism is going to be based on machine learning. And you've seen some variants of that over the last 12 months, and I can tell you that in the next 12 to 24 months, most of our investments around infrastructure operations are going to be driven by AI techniques starting with most of our R and D spend also going into machine-learning algorithms. So when you talk about all the enhancements that have come on with Prism whether it be formed by you know the management console changing to become much more automated, whether now we give you automatic rightsizing, anomaly detection, or a series of functionality that have gone into it, the real core sort of capabilities that we're putting into Prism and Acropolis are probably best served by looking at the quality of the product. You probably have seen this slide before. We started showing the number of nodes shipped by Nutanix two years ago at this conference. It was about 35,000 plus nodes at that time. And since then, obviously we've you know continued to grow. And we would draw this line which was about enterprise class quality. That for the number of bugs found as a percentage of nodes shipped, there's a certain line that's drawn. World class companies do about probably 2% to 3%, number of CFDs per node shipped. And we were just broken that number two years ago. And to give you guys an idea of how that curve has shown up, it's now currently at .95%. And so along with velocity, you know this focus on being true to our roots of reliability and stability continues to be, you know it's an internal challenge, but it's also some of the things that we keep a real focus on. And so between Acropolis and Prism, that's sort of like our core focus areas to sort of give us the confidence that look we have this really high bar that we're sort of keeping ourselves accountable to which is about being the most advanced enterprise cloud OS on the planet. And we will keep it this way for the next 10 years. And to complement that, over a period of time of course, we've added a series of services. So these are services not just for VMs but also for files, blocks, containers, but all being delivered in that single one-click operations fashion. And to really talk more about it, and actually probably to show you the real deal there it's my great pleasure to call our own version of Moses inside the company, most of you guys know him as Steve Poitras. Come on up, Steve. (audience clapping) (rock music) >> Thanks Sunil. >> You barely fit in that door, man. Okay, so what are we going to talk about today, Steve? >> Absolutely. So when we think about when Nutanix first got started, it was really focused around VDI deployments, smaller workloads. However over time as we've evolved the product, added additional capabilities and features, that's grown from VDI to business critical applications as well as cloud native apps. So let's go ahead and take a look. >> Sunil: And we'll start with like Oracle? >> Yeah, that's one of the key ones. So here we can see our Prism central user interface, and we can see our Thor cluster obviously speaking to the Avengers theme here. We can see this is doing right around 400,000 IOPs at around 360 microseconds latency. Now obviously Prism central allows you to mange all of your Nutanix deployments, but this is just running on one single Nutanix cluster. So if we hop over here to our explore tab, we can see we have a few categories. We have some Kubernetes, some AFS, some Xen desktop as well as Oracle RAC. Now if we hope over to Oracle RAC, we're running a SLOB workload here. So obviously with Oracle enterprise applications performance, consistency, and extremely low latency are very critical. So with this SLOB workload, we're running right around 300 microseconds of latency. >> Sunil: So this is what, how many node Oracle RAC cluster is this? >> Steve: This is a six node Oracle RAC deployment. >> Sunil: Got it. And so what has gone into the product in recent releases to kind of make this happen? >> Yeah so obviously on the hardware front, there's been a lot of evolutions in storage mediums. So with the introduction of NVME, persistent memory technologies like 3D XPoint, that's meant storage media has become a lot faster. Now to allow you to full take advantage of that, that's where we've had to do a lot of optimizations within the storage stack. So with AHV, we have what we call AHV turbo mode which allows you to full take advantage of those faster storage mediums at that much lower latency. And then obviously on the networking front, technologies such as RDMA can be leveraged to optimize that network stack. >> Got it. So that was Oracle RAC running on a you know Nutanix cluster. It used to be a big deal a couple of years ago. Now we've got many customers doing that. On the same environment though, we're going to show you is the advent of actually putting file services in the same scale out environment. And you know many of you in the audience probably know about AFS. We released it about 12 to 14 months ago. It's been one of our most popular new products of all time within Nutanix's history. And we had SMB support was for user file shares, VDI deployments, and it took awhile to bake, to get to scale and reliability. And then in the last release, in the recent release that we just shipped, we now added NFS for support so that we can no go after the full scale file server consolidation. So let's take a look at some of that stuff. >> Yep, let's do it. So hopping back over to Prism, we can see our four cluster here. Overall cluster-wide latency right around 360 microseconds. Now we'll hop down to our file server section. So here we can see we have our Next A File Server hosting right about 16.2 million files. Now if you look at our shares and exports, we can see we have a mix of different shares. So one of the shares that you see there is home directories. This is an SMB share which is actually mapped and being leveraged by our VDI desktops for home folders, user profiles, things of that nature. We can also see this Oracle backup share here which is exposed to our rack host via NFS. So RMAN is actually leveraging this to provide native database backups. >> Got it. So Oracle VMs, backup using files, or for any other file share requirements with AFS. Do we have the cluster also showing, I know, so I saw some Kubernetes as well on it. Let's talk about what we're thinking of doing there. >> Yep, let's do it. So if we think about cloud, cloud's obviously a big buzz word, so is containers in Kubernetes. So with ACS 1.0 what we did is we introduced native support for Docker integration. >> And pause there. And we screwed up. (laughing) So just like the market took a left turn on Kubernetes, obviously we realized that, and now we're working on ACS 2.0 which is what we're going to talk about, right? >> Exactly. So with ACS 2.0, we've introduced native Kubernetes support. Now when I think about Kubernetes, there's really two core areas that come to mind. The first one is around native integration. So with that, we have our Kubernetes volume integration, we're obviously doing a lot of work on the networking front, and we'll continue to push there from an integration point of view. Now the other piece is around the actual deployment of Kubernetes. When we think about a lot of Nutanix administrators or IT admins, they may have never deployed Kubernetes before, so this could be a very daunting task. And true to the Nutanix nature, we not only want to make our platform simple and intuitive, we also want to do this for any ecosystem products. So with ACS 2.0, we've simplified the full Kubernetes deployment and switching over to our ACS two interface, we can see this create cluster button. Now this actually pops up a full wizard. This wizard will actually walk you through the full deployment process, gather the necessary inputs for you, and in a matter of a few clicks and a few minutes, we have a full Kubernetes deployment fully provisioned, the masters, the workers, all the networking fully done for you, very simple and intuitive. Now if we hop back over to Prism, we can see we have this ACS2 Kubernetes category. Clicking on that, we can see we have eight instances of virtual machines. And here are Kubernetes virtual machines which have actually been deployed as part of this ACS2 installer. Now one of the nice things is it makes the IT administrator's job very simple and easy to do. The deployment straightforward monitoring and management very straightforward and simple. Now for the developer, the application architect, or engineers, they interface and interact with Kubernetes just like they would traditionally on any platform. >> Got it. So the goal of ACS is to ensure that the developer ecosystem still uses whatever tools that they are you know preferring while at that same time allowing this consolidation of containers along with VMs all on that same, single runtime, right? So that's ACS. And then if you think about where the OS is going, there's still some open space at the end. And open space has always been look if you just look at a public cloud, you look at blocks, files, containers, the most obvious sort of storage function that's left is objects. And that's the last horizon for us in completing the storage stack. And we're going to show you for the first time a preview of an upcoming product called the Acropolis Object Storage Services Stack. So let's talk a little bit about it and then maybe show the demo. >> Yeah, so just like we provided file services with AFS, block services with ABS, with OSS or Object Storage Services, we provide native object storage, compatibility and capability within the Nutanix platform. Now this provides a very simply common S3 API. So any integrations you've done with S3 especially Kubernetes, you can actually leverage that out of the box when you've deployed this. Now if we hop back over to Prism, I'll go here to my object stores menu. And here we can see we have two existing object storage instances which are running. So you can deploy however many of these as you wanted to. Now just like the Kubernetes deployment, deploying a new object instance is very simple and easy to do. So here I'll actually name this instance Thor's Hammer. >> You do know he loses it, right? He hasn't seen the movies yet. >> Yeah, I don't want any spoilers yet. So once we specified the name, we can choose our capacity. So here we'll just specify a large instance or type. Obviously this could be any amount or storage. So if you have a 200 node Nutanix cluster with petabytes worth of data, you could do that as well. Once we've selected that, we'll select our expected performance. And this is going to be the number of concurrent gets and puts. So essentially how many operations per second we want this instance to be able to facilitate. Once we've done that, the platform will actually automatically determine how many virtual machines it needs to deploy as well as the resources and specs for those. And once we've done that, we'll go ahead and click save. Now here we can see it's actually going through doing the deployment of the virtual machines, applying any necessary configuration, and in the matter of a few clicks and a few seconds, we actually have this Thor's Hammer object storage instance which is up and running. Now if we hop over to one of our existing object storage instances, we can see this has three buckets. So one for Kafka-queue, I'm actually using this for my Kafka cluster where I have right around 62 million objects all storing ProtoBus. The second one there is Spark. So I actually have a Spark cluster running on our Kubernetes deployed instance via ACS 2.0. Now this is doing analytics on top of this data using S3 as a storage backend. Now for these objects, we support native versioning, native object encryption as well as worm compliancy. So if you want to have expiry periods, retention intervals, that sort of thing, we can do all that. >> Got it. So essentially what we've just shown you is with upcoming objects as well that the same OS can now support VMs, files, objects, containers, all on the same one click operational fabric. And so that's in some way the real power of Nutanix is to still keep that consistency, scalability in place as we're covering each and every workload inside the enterprise. So before Steve gets off stage though, I wanted to talk to you guys a little bit about something that you know how many of you been to our Nutanix headquarters in San Jose, California? A few. I know there's like, I don't know, 4,000 or 5,000 people here. If you do come to the office, you know when you land in San Jose Airport on the way to longterm parking, you'll pass our office. It's that close. And if you come to the fourth floor, you know one of the cubes that's where I sit. In the cube beside me is Steve. Steve sits in the cube beside me. And when I first joined the company, three or four years ago, and Steve's if you go to his cube, it no longer looks like this, but it used to have a lot of this stuff. It was like big containers of this. I remember the first time. Since I started joking about it, he started reducing it. And then Steve eventually got married much to our surprise. (audience laughing) Much to his wife's surprise. And then he also had a baby as a bigger surprise. And if you come over to our office, and we welcome you, and you come to the fourth floor, find my cube or you'll find Steve's Cube, it now looks like this. Okay, so thanks a lot, my man. >> Cool, thank you. >> Thanks so much. (audience clapping) >> So single OS, any workload. And like Steve who's been with us for awhile, it's my great pleasure to invite one of our favorite customers, CSC Karen who's also been with us for three to four years. And I'll share some fond memories about how she's been with the company for awhile, how as partners we've really done a lot together. So without any further ado, let me bring up Karen. Come on up, Karen. (rock music) >> Thank you for having me. >> Yeah, thank you. So I remember, so how many of you guys were with Nutanix first .Next in Miami? I know there was a question like that asked last time. Not too many. You missed it. We wished we could go back to that. We wouldn't fit 3/4s of this crowd. But Karen was our first customer in the keynote in 2015. And we had just talked about that story at that time where you're just become a customer. Do you want to give us some recap of that? >> Sure. So when we made the decision to move to hyperconverged infrastructure and chose Nutanix as our partner, we rapidly started to deploy. And what I mean by that is Sunil and some of the Nutanix executives had come out to visit with us and talk about their product on a Tuesday. And on a Wednesday after making the decision, I picked up the phone and said you know what I've got to deploy for my VDI cluster. So four nodes showed up on Thursday. And from the time it was plugged in to moving over 300 VDIs and 50 terabytes of storage and turning it over for the business for use was less than three days. So it was really excellent testament to how simple it is to start, and deploy, and utilize the Nutanix infrastructure. Now part of that was the delight that we experienced from our customers after that deployment. So we got phone calls where people were saying this report it used to take so long that I'd got out and get a cup of coffee and come back, and read an article, and do some email, and then finally it would finish. Those reports are running in milliseconds now. It's one click. It's very, very simple, and we've delighted our customers. Now across that journey, we have gone from the simple workloads like VDIs to the much more complex workloads around Splunk and Hadoop. And what's really interesting about our Splunk deployment is we're handling over a billion events being logged everyday. And the deployment is smaller than what we had with a three tiered infrastructure. So when you hear people talk about waste and getting that out and getting to an invisible environment where you're just able to run it, that's what we were able to achieve both with everything that we're running from our public facing websites to the back office operations that we're using which include Splunk and even most recently our Cloudera and Hadoop infrastructure. What it does is it's got 30 crawlers that go out on the internet and start bringing data back. So it comes back with over two terabytes of data everyday. And then that environment, ingests that data, does work against it, and responds to the business. And that again is something that's smaller than what we had on traditional infrastructure, and it's faster and more stable. >> Got it. And it covers a lot of use cases as well. You want to speak a few words on that? >> So the use cases, we're 90%, 95% deployed on Nutanix, and we're covering all of our use cases. So whether that's a customer facing app or a back office application. And what are business is doing is it's handling large portfolios of data for fortune 500 companies and law firms. And these applications are all running with improved stability, reliability, and performance on the Nutanix infrastructure. >> And the plan going forward? >> So the plan going forward, you actually asked me that in Miami, and it's go global. So when we started in Miami and that first deployment, we had four nodes. We now have 283 nodes around the world, and we started with about 50 terabytes of data. We've now got 3.8 petabytes of data. And we're deployed across four data centers and six remote offices. And people ask me often what is the value that we achieved? So simplification. It's all just easier, and it's all less expensive. Being able to scale with the business. So our Cloudera environment ended up with one day where it spiked to 1,000 times more load, 1,000 times, and it just responded. We had rally cries around improved productivity by six times. So 600% improved productivity, and we were able to actually achieve that. The numbers you just saw on the slide that was very, very fast was we calculated a 40% reduction in total cost of ownership. We've exceeded that. And when we talk about waste, that other number on the board there is when I saved the company one hour of maintenance activity or unplanned downtime in a month which we're now able to do the majority of our maintenance activities without disrupting any of our business solutions, I'm saving $750,000 each time I save that one hour. >> Wow. All right, Karen from CSE. Thank you so much. That was great. Thank you. I mean you know some of these data points frankly as I started talking to Karen as well as some other customers are pretty amazing in terms of the genuine value beyond financial value. Kind of like the emotional sort of benefits that good products deliver to some of our customers. And I think that's one of the core things that we take back into engineering is to keep ourselves honest on either velocity or quality even hiring people and so forth. Is to actually the more we touch customers lives, the more we touch our partner's lives, the more it allows us to ensure that we can put ourselves in their shoes to kind of make sure that we're doing the right thing in terms of the product. So that was the first part, invisible infrastructure. And our goal, as we've always talked about, our true North is to make sure that this single OS can be an exact replica, a truly modern, thoughtful but original design that brings the power of public cloud this AWS or GCP like architectures into your mainstream enterprises. And so when we take that to the next level which is about expanding the scope to go beyond invisible infrastructure to invisible data centers, it starts with a few things. Obviously, it starts with virtualization and a level of intelligent management, extends to automation, and then as we'll talk about, we have to embark on encompassing the network. And that's what we'll talk about with Flow. But to start this, let me again go back to one of our core products which is the bedrock of our you know opinionated design inside this company which is Prism and Acropolis. And Prism provides, I mentioned, comes with a ton of machine-learning based intelligence built into the product in 5.6 we've done a ton of work. In fact, a lot of features are coming out now because now that PC, Prism Central that you know has been decoupled from our mainstream release strain and will continue to release on its own cadence. And the same thing when you actually flip it to AHV on its own train. Now AHV, two years ago it was all about can I use AHV for VDI? Can I use AHV for ROBO? Now I'm pretty clear about where you cannot use AHV. If you need memory overcome it, stay with VMware or something. If you need, you know Metro, stay with another technology, else it's game on, right? And if you really look at the adoption of AHV in the mainstream enterprise, the customers now speak for themselves. These are all examples of large global enterprises with multimillion dollar ELAs in play that have now been switched over. Like I'll give you a simple example here, and there's lots of these that I'm sure many of you who are in the audience that are in this camp, but when you look at the breakout sessions in the pods, you'll get a sense of this. But I'll give you one simple example. If you look at the online payment company. I'm pretty sure everybody's used this at one time or the other. They had the world's largest private cloud on open stack, 21,000 nodes. And they were actually public about it three or four years ago. And in the last year and a half, they put us through a rigorous VOC testing scale, hardening, and it's a full blown AHV only stack. And they've started cutting over. Obviously they're not there yet completely, but they're now literally in hundreds of nodes of deployment of Nutanix with AHV as their primary operating system. So it is primetime from a deployment perspective. And with that as the base, no cloud is complete without actually having self-service provisioning that truly drives one-click automation, and can you do that in this consumer grade design? And Calm was acquired, as you guys know, in 2016. We had a choice of taking Calm. It was reasonably feature complete. It supported multiple clouds. It supported ESX, it supported Brownfield, It supported AHV. I mean they'd already done the integration with Nutanix even before the acquisition. And we had a choice. The choice was go down the path of dynamic ops or some other products where you took it for revenue or for acceleration, you plopped it into the ecosystem and sold it at this power sucking alien on top of our stack, right? Or we took a step back, re-engineered the product, kept some of the core essence like the workflow engine which was good, the automation, the object model and all, but refactored it to make it look like a natural extension of our operating system. And that's what we did with Calm. And we just launched it in December, and it's been one of our most popular new products now that's flying off the shelves. If you saw the number of registrants, I got a notification of this for the breakout sessions, the number one session that has been preregistered with over 500 people, the first two sessions are around Calm. And justifiably so because it just as it lives up to its promise, and it'll take its time to kind of get to all the bells and whistles, all the capabilities that have come through with AHV or Acropolis in the past. But the feature functionality, the product market fit associated with Calm is dead on from what the feedback that we can receive. And so Calm itself is on its own rapid cadence. We had AWS and AHV in the first release. Three or four months later, we now added ESX support. We added GCP support and a whole bunch of other capabilities, and I think the essence of Calm is if you can combine Calm and along with private cloud automation but also extend it to multi-cloud automation, it really sets Nutanix on its first genuine path towards multi-cloud. But then, as I said, if you really fixate on a software defined data center message, we're not complete as a full blown AWS or GCP like IA stack until we do the last horizon of networking. And you probably heard me say this before. You heard Dheeraj and others talk about it before is our problem in networking isn't the same in storage. Because the data plane in networking works. Good L2 switches from Cisco, Arista, and so forth, but the real problem networking is in the control plane. When something goes wrong at a VM level in Nutanix, you're able to identify whether it's a storage problem or a compute problem, but we don't know whether it's a VLAN that's mis-configured, or there've been some packets dropped at the top of the rack. Well that all ends now with Flow. And with Flow, essentially what we've now done is take the work that we've been working on to create built-in visibility, put some network automation so that you can actually provision VLANs when you provision VMs. And then augment it with micro segmentation policies all built in this easy to use, consume fashion. But we didn't stop there because we've been talking about Flow, at least the capabilities, over the last year. We spent significant resources building it. But we realized that we needed an additional thing to augment its value because the world of applications especially discovering application topologies is a heady problem. And if we didn't address that, we wouldn't be fulfilling on this ambition of providing one-click network segmentation. And so that's where Netsil comes in. Netsil might seem on the surface yet another next generation application performance management tool. But the innovations that came from Netsil started off at the research project at the University of Pennsylvania. And in fact, most of the team right now that's at Nutanix is from the U Penn research group. And they took a really original, fresh look at how do you sit in a network in a scale out fashion but still reverse engineer the packets, the flow through you, and then recreate this application topology. And recreate this not just on Nutanix, but do it seamlessly across multiple clouds. And to talk about the power of Flow augmented with Netsil, let's bring Rajiv back on stage, Rajiv. >> How you doing? >> Okay so we're going to start with some Netsil stuff, right? >> Yeah, let's talk about Netsil and some of the amazing capabilities this acquisition's bringing to Nutanix. First of all as you mentioned, Netsil's completely non invasive. So it installs on the network, it does all its magic from there. There're no host agents, non of the complexity and compatibility issues that entails. It's also monitoring the network at layer seven. So it's actually doing a deep packet inspection on all your application data, and can give you insights into services and APIs which is very important for modern applications and the way they behave. To do all this of course performance is key. So Netsil's built around a completely distributed architecture scaled to really large workloads. Very exciting technology. We're going to use it in many different ways at Nutanix. And to give you a flavor of that, let me show you how we're thinking of integrating Flow and Nestil together, so micro segmentation and Netsil. So to do that, we install Netsil in one of our Google accounts. And that's what's up here now. It went out there. It discovered all the VMs we're running on that account. It created a map essentially of all their interactions, and you can see it's like a Google Maps view. I can zoom into it. I can look at various things running. I can see lots of HTTP servers over here, some databases. >> Sunil: And it also has stats, right? You can go, it actually-- >> It does. We can take a look at that for a second. There are some stats you can look at right away here. Things like transactions per second and latencies and so on. But if I wanted to micro segment this application, it's not really clear how to do so. There's no real pattern over here. Taking the Google Maps analogy a little further, this kind of looks like the backstreets of Cairo or something. So let's do this step by step. Let me first filter down to one application. Right now I'm looking at about three or four different applications. And Netsil integrates with the metadata. So this is that the clouds provide. So I can search all the tags that I have. So by doing that, I can zoom in on just the financial application. And when I do this, the view gets a little bit simpler, but there's still no real pattern. It's not clear how to micro segment this, right? And this is where the power of Netsil comes in. This is a fairly naive view. This is what tool operating at layer four just looking at ports and TCP traffic would give you. But by doing deep packet inspection, Netsil can get into the services layer. So instead of grouping these interactions by hostname, let's group them by service. So you go service tier. And now you can see this is a much simpler picture. Now I have some patterns. I have a couple of load balancers, an HA proxy and an Nginx. I have a web application front end. I have some application servers running authentication services, search services, et cetera, a database, and a database replica. I could go ahead and micro segment at this point. It's quite possible to do it at this point. But this is almost too granular a view. We actually don't usually want to micro segment at individual service level. You think more in terms of application tiers, the tiers that different services belong to. So let me go ahead and group this differently. Let me group this by app tier. And when I do that, a really simple picture emerges. I have a load balancing tier talking to a web application front end tier, an API tier, and a database tier. Four tiers in my application. And this is something I can work with. This is something that I can micro segment fairly easily. So let's switch over to-- >> Before we dot that though, do you guys see how he gave himself the pseudonym called Dom Toretto? >> Focus Sunil, focus. >> Yeah, for those guys, you know that's not the Avengers theme, man, that's the Fast and Furious theme. >> Rajiv: I think a year ahead. This is next years theme. >> Got it, okay. So before we cut over from Netsil to Flow, do we want to talk a few words about the power of Flow, and what's available in 5.6? >> Sure so Flow's been around since the 5.6 release. Actually some of the functionality came in before that. So it's got invisibility into the network. It helps you debug problems with WLANs and so on. We had a lot of orchestration with other third party vendors with load balancers, with switches to make publishing much simpler. And then of course with our most recent release, we GA'ed our micro segmentation capabilities. And that of course is the most important feature we have in Flow right now. And if you look at how Flow policy is set up, it looks very similar to what we just saw with Netsil. So we have load blancer talking to a web app, API, database. It's almost identical to what we saw just a moment ago. So while this policy was created manually, it is something that we can automate. And it is something that we will do in future releases. Right now, it's of course not been integrated at that level yet. So this was created manually. So one thing you'll notice over here is that the database tier doesn't get any direct traffic from the internet. All internet traffic goes to the load balancer, only specific services then talk to the database. So this policy right now is in monitoring mode. It's not actually being enforced. So let's see what happens if I try to attack the database, I start a hack against the database. And I have my trusty brute force password script over here. It's trying the most common passwords against the database. And if I happen to choose a dictionary word or left the default passwords on, eventually it will log into the database. And when I go back over here in Flow what happens is it actually detects there's now an ongoing a flow, a flow that's outside of policy that's shown up. And it shows this in yellow. So right alongside the policy, I can visualize all the noncompliant flows. This makes it really easy for me now to make decisions, does this flow should it be part of the policy, should it not? In this particular case, obviously it should not be part of the policy. So let me just switch from monitoring mode to enforcement mode. I'll apply the policy, give it a second to propagate. The flow goes away. And if I go back to my script, you can see now the socket's timing out. I can no longer connect to the database. >> Sunil: Got it. So that's like one click segmentation and play right now? >> Absolutely. It's really, really simple. You can compare it to other products in the space. You can't get simpler than this. >> Got it. Why don't we got back and talk a little bit more about, so that's Flow. It's shipping now in 5.6 obviously. It'll come integrated with Netsil functionality as well as a variety of other enhancements in that next few releases. But Netsil does more than just simple topology discovery, right? >> Absolutely. So Netsil's actually gathering a lot of metrics from your network, from your host, all this goes through a data pipeline. It gets processed over there and then gets captured in a time series database. And then we can slice and dice that in various different ways. It can be used for all kinds of insights. So let's see how our application's behaving. So let me say I want to go into the API layer over here. And I instantly get a variety of metrics on how the application's behaving. I get the most requested endpoints. I get the average latency. It looks reasonably good. I get the average latency of the slowest endpoints. If I was having a performance problem, I would know exactly where to go focus on. Right now, things look very good, so we won't focus on that. But scrolling back up, I notice that we have a fairly high error rate happening. We have like 11.35% of our HTTP requests are generating errors, and that deserves some attention. And if I scroll down again, and I see the top five status codes I'm getting, almost 10% of my requests are generating 500 errors, HTTP 500 errors which are internal server errors. So there's something going on that's wrong with this application. So let's dig a little bit deeper into that. Let me go into my analytics workbench over here. And what I've plotted over here is how my HTTP requests are behaving over time. Let me filter down to just the 500 ones. That will make it easier. And I want the 500s. And I'll also group this by the service tier so that I can see which services are causing the problem. And the better view for this would be a bar graph. Yes, so once I do this, you can see that all the errors, all the 500 errors that we're seeing have been caused by the authentication service. So something's obviously wrong with that part of my application. I can go look at whether Active Directory is misbehaving and so on. So very quickly from a broad problem that I was getting a high HTTP error rate. In fact, usually you will discover there's this customer complaining about a lot of errors happening in your application. You can quickly narrow down to exactly what the cause was. >> Got it. This is what we mean by hyperconvergence of the network which is if you can truly isolate network related problems and associate them with the rest of the hyperconvergence infrastructure, then we've essentially started making real progress towards the next level of hyperconvergence. Anyway, thanks a lot, man. Great job. >> Thanks, man. (audience clapping) >> So to talk about this evolution from invisible infrastructure to invisible data centers is another customer of ours that has embarked on this journey. And you know it's not just using Nutanix but a variety of other tools to actually fulfill sort of like the ambition of a full blown cloud stack within a financial organization. And to talk more about that, let me call Vijay onstage. Come on up, Vijay. (rock music) >> Hey. >> Thank you, sir. So Vijay looks way better in real life than in a picture by the way. >> Except a little bit of gray. >> Unlike me. So tell me a little bit about this cloud initiative. >> Yeah. So we've won the best cloud initiative twice now hosted by Incisive media a large magazine. It's basically they host a bunch of you know various buy side, sell side, and you can submit projects in various categories. So we've won the best cloud twice now, 2015 and 2017. The 2017 award is when you know as part of our private cloud journey we were laying the foundation for our private cloud which is 100% based on hyperconverged infrastructure. So that was that award. And then 2017, we've kind of built on that foundation and built more developer-centric next gen app services like PAS, CAS, SDN, SDS, CICD, et cetera. So we've built a lot of those services on, and the second award was really related to that. >> Got it. And a lot of this was obviously based on an infrastructure strategy with some guiding principles that you guys had about three or four years ago if I remember. >> Yeah, this is a great slide. I use it very often. At the core of our infrastructure strategy is how do we run IT as a business? I talk about this with my teams, they were very familiar with this. That's the mindset that I instill within the teams. The mission, the challenge is the same which is how do we scale infrastructure while reducing total cost of ownership, improving time to market, improving client experience and while we're doing that not lose sight of reliability, stability, and security? That's the mission. Those are some of our guiding principles. Whenever we take on some large technology investments, we take 'em through those lenses. Obviously Nutanix went through those lenses when we invested in you guys many, many years ago. And you guys checked all the boxes. And you know initiatives change year on year, the mission remains the same. And more recently, the last few years, we've been focused on converged platforms, converged teams. We've actually reorganized our teams and aligned them closer to the platforms moving closer to an SRE like concept. >> And then you've built out a full stack now across computer storage, networking, all the way with various use cases in play? >> Yeah, and we're aggressively moving towards PAS, CAS as our method of either developing brand new cloud native applications or even containerizing existing applications. So the stack you know obviously built on Nutanix, SDS for software fine storage, compute and networking we've got SDN turned on. We've got, again, PAS and CAS built on this platform. And then finally, we've hooked our CICD tooling onto this. And again, the big picture was always frictionless infrastructure which we're very close to now. You know 100% of our code deployments into this environment are automated. >> Got it. And so what's the net, net in terms of obviously the business takeaway here? >> Yeah so at Northern we don't do tech for tech. It has to be some business benefits, client benefits. There has to be some outcomes that we measure ourselves against, and these are some great metrics or great ways to look at if we're getting the outcomes from the investments we're making. So for example, infrastructure scale while reducing total cost of ownership. We're very focused on total cost of ownership. We, for example, there was a build team that was very focus on building servers, deploying applications. That team's gone down from I think 40, 45 people to about 15 people as one example, one metric. Another metric for reducing TCO is we've been able to absorb additional capacity without increasing operating expenses. So you're actually building capacity in scale within your operating model. So that's another example. Another example, right here you see on the screen. Faster time to market. We've got various types of applications at any given point that we're deploying. There's a next gen cloud native which go directly on PAS. But then a majority of the applications still need the traditional IS components. The time to market to deploy a complex multi environment, multi data center application, we've taken that down by 60%. So we can deliver server same day, but we can deliver entire environments, you know add it to backup, add it to DNS, and fully compliant within a couple of weeks which is you know something we measure very closely. >> Great job, man. I mean that's a compelling I think results. And in the journey obviously you got promoted a few times. >> Yep. >> All right, congratulations again. >> Thank you. >> Thanks Vijay. >> Hey Vijay, come back here. Actually we forgot our joke. So razzled by his data points there. So you're supposed to wear some shoes, right? >> I know my inner glitch. I was going to wear those sneakers, but I forgot them at the office maybe for the right reasons. But the story behind those florescent sneakers, I see they're focused on my shoes. But I picked those up two years ago at a Next event, and not my style. I took 'em to my office. They've been sitting in my office for the last couple years. >> Who's received shoes like these by the way? I'm sure you guys have received shoes like these. There's some real fans there. >> So again, I'm sure many of you liked them. I had 'em in my office. I've offered it to so many of my engineers. Are you size 11? Do you want these? And they're unclaimed? >> So that's the only feature of Nutanix that you-- >> That's the only thing that hasn't worked, other than that things are going extremely well. >> Good job, man. Thanks a lot. >> Thanks. >> Thanks Vijay. So as we get to the final phase which is obviously as we embark on this multi-cloud journey and the complexity that comes with it which Dheeraj hinted towards in his session. You know we have to take a cautious, thoughtful approach here because we don't want to over set expectations because this will take us five, 10 years to really do a good job like we've done in the first act. And the good news is that the market is also really, really early here. It's just a fact. And so we've taken a tiered approach to it as we'll start the discussion with multi-cloud operations, and we've talked about the stack in the prior session which is about look across new clouds. So it's no longer Nutanix, Dell, Lenova, HP, Cisco as the new quote, unquote platforms. It's Nutanix, Xi, GCP, AWS, Azure as the new platforms. That's how we're designing the fabric going forward. On top of that, you obviously have the hybrid OS both on the data plane side and control plane side. Then what you're seeing with the advent of Calm doing a marketplace and automation as well as Beam doing governance and compliance is the fact that you'll see more and more such capabilities of multi-cloud operations burnt into the platform. And example of that is Calm with the new 5.7 release that they had. Launch supports multiple clouds both inside and outside, but the fundamental premise of Calm in the multi-cloud use case is to enable you to choose the right cloud for the right workload. That's the automation part. On the governance part, and this we kind of went through in the last half an hour with Dheeraj and Vijay on stage is something that's even more, if I can call it, you know first order because you get the provisioning and operations second. The first order is to say look whatever my developers have consumed off public cloud, I just need to first get our arm around to make sure that you know what am I spending, am I secure, and then when I get comfortable, then I am able to actually expand on it. And that's the power of Beam. And both Beam and Calm will be the yin and yang for us in our multi-cloud portfolio. And we'll have new products to complement that down the road, right? But along the way, that's the whole private cloud, public cloud. They're the two ends of the barbell, and over time, and we've been working on Xi for awhile, is this conviction that we've built talking to many customers that there needs to be another type of cloud. And this type of a cloud has to feel like a public cloud. It has to be architected like a public cloud, be consumed like a public cloud, but it needs to be an extension of my data center. It should not require any changes to my tooling. It should not require and changes to my operational infrastructure, and it should not require lift and shift, and that's a super hard problem. And this problem is something that a chunk of our R and D team has been burning the midnight wick on for the last year and a half. Because look this is not about taking our current OS which does a good job of scaling and plopping it into a Equinix or a third party data center and calling it a hybrid cloud. This is about rebuilding things in the OS so that we can deliver a true hybrid cloud, but at the same time, give those functionality back on premises so that even if you don't have a hybrid cloud, if you just have your own data centers, you'll still need new services like DR. And if you think about it, what are we doing? We're building a full blown multi-tenant virtual network designed in a modern way. Think about this SDN 2.0 because we have 10 years worth of looking backwards on how GCP has done it, or how Amazon has done it, and now sort of embodying some of that so that we can actually give it as part of this cloud, but do it in a way that's a seamless extension of the data center, and then at the same time, provide new services that have never been delivered before. Everyone obviously does failover and failback in DR it just takes months to do it. Our goal is to do it in hours or minutes. But even things such as test. Imagine doing a DR test on demand for you business needs in the middle of the day. And that's the real bar that we've set for Xi that we are working towards in early access later this summer with GA later in the year. And to talk more about this, let me invite some of our core architects working on it, Melina and Rajiv. (rock music) Good to see you guys. >> You're messing up the names again. >> Oh Rajiv, Vinny, same thing, man. >> You need to back up your memory from Xi. >> Yeah, we should. Okay, so what are we going to talk about, Vinny? >> Yeah, exactly. So today we're going to talk about how Xi is pushing the envelope and beyond the state of the art as you were saying in the industry. As part of that, there's a whole bunch of things that we have done starting with taking a private cloud, seamlessly extending it to the public cloud, and then creating a hybrid cloud experience with one-click delight. We're going to show that. We've done a whole bunch of engineering work on making sure the operations and the tooling is identical on both sides. When you graduate from a private cloud to a hybrid cloud environment, you don't want the environments to be different. So we've copied the environment for you with zero manual intervention. And finally, building on top of that, we are delivering DR as a service with unprecedented simplicity with one-click failover, one-click failback. We're going to show you one click test today. So Melina, why don't we start with showing how you go from a private cloud, seamlessly extend it to consume Xi. >> Sounds good, thanks Vinny. Right now, you're looking at my Prism interface for my on premises cluster. In one-click, I'm going to be able to extend that to my Xi cloud services account. I'm doing this using my my Nutanix credential and a password manager. >> Vinny: So here as you notice all the Nutanix customers we have today, we have created an account for them in Xi by default. So you don't have to log in somewhere and create an account. It's there by default. >> Melina: And just like that we've gone ahead and extended my data center. But let's go take a look at the Xi side and log in again with my my Nutanix credentials. We'll see what we have over here. We're going to be able to see two availability zones, one for on premises and one for Xi right here. >> Vinny: Yeah as you see, using a log in account that you already knew mynutanix.com and 30 seconds in, you can see that you have a hybrid cloud view already. You have a private cloud availability zone that's your own Prism central data center view, and then a Xi availability zone. >> Sunil: Got it. >> Melina: Exactly. But of course we want to extend my network connection from on premises to my Xi networks as well. So let's take a look at our options there. We have two ways of doing this. Both are one-click experience. With direct connect, you can create a dedicated network connection between both environments, or VPN you can use a public internet and a VPN service. Let's go ahead and enable VPN in this environment. Here we have two options for how we want to enable our VPN. We can bring our own VPN and connect it, or we will deploy a VPN for you on premises. We'll do the option where we deploy the VPN in one-click. >> And this is another small sign or feature that we're building net new as part of Xi, but will be burned into our core Acropolis OS so that we can also be delivering this as a stand alone product for on premises deployment as well, right? So that's one of the other things to note as you guys look at the Xi functionality. The goal is to keep the OS capabilities the same on both sides. So even if I'm building a quote, unquote multi data center cloud, but it's just a private cloud, you'll still get all the benefits of Xi but in house. >> Exactly. And on this second step of the wizard, there's a few inputs around how you want the gateway configured, your VLAN information and routing and protocol configuration details. Let's go ahead and save it. >> Vinny: So right now, you know what's happening is we're taking the private network that our customers have on premises and extending it to a multi-tenant public cloud such that our customers can use their IP addresses, the subnets, and bring their own IP. And that is another step towards making sure the operation and tooling is kept consistent on both sides. >> Melina: Exactly. And just while you guys were talking, the VPN was successfully created on premises. And we can see the details right here. You can track details like the status of the connection, the gateway, as well as bandwidth information right in the same UI. >> Vinny: And networking is just tip of the iceberg of what we've had to work on to make sure that you get a consistent experience on both sides. So Melina, why don't we show some of the other things we've done? >> Melina: Sure, to talk about how we preserve entities from my on-premises to Xi, it's better to use my production environment. And first thing you might notice is the log in screen's a little bit different. But that's because I'm logging in using my ADFS credentials. The first thing we preserved was our users. In production, I'm running AD obviously on-prem. And now we can log in here with the same set of credentials. Let me just refresh this. >> And this is the Active Directory credential that our customers would have. They use it on-premises. And we allow the setting to be set on the Xi cloud services as well, so it's the same set of users that can access both sides. >> Got it. There's always going to be some networking problem onstage. It's meant to happen. >> There you go. >> Just launching it again here. I think it maybe timed out. This is a good sign that we're running on time with this presentation. >> Yeah, yeah, we're running ahead of time. >> Move the demos quicker, then we'll time out. So essentially when you log into Xi, you'll be able to see what are the environment capabilities that we have copied to the Xi environment. So for example, you just saw that the same user is being used to log in. But after the use logs in, you'll be able to see their images, for example, copied to the Xi side. You'll be able to see their policies and categories. You know when you define these policies on premises, you spend a lot of effort and create them. And now when you're extending to the public cloud, you don't want to do it again, right? So we've done a whole lot of syncing mechanisms making sure that the two sides are consistent. >> Got it. And on top of these policies, the next step is to also show capabilities to actually do failover and failback, but also do integrated testing as part of this compatibility. >> So one is you know just the basic job of making the environments consistent on two sides, but then it's also now talking about the data part, and that's what DR is about. So if you have a workload running on premises, we can take the data and replicate it using your policies that we've already synced. Once the data is available on the Xi side, at that point, you have to define a run book. And the run book essentially it's a recovery plan. And that says okay I already have the backups of my VMs in case of disaster. I can take my recovery plan and hit you know either failover or maybe a test. And then my application comes up. First of all, you'll talk about the boot order for your VMs to come up. You'll talk about networking mapping. Like when I'm running on-prem, you're using a particular subnet. You have an option of using the same subnet on the Xi side. >> Melina: There you go. >> What happened? >> Sunil: It's finally working.? >> Melina: Yeah. >> Vinny, you can stop talking. (audience clapping) By the way, this is logging into a live Xi data center. We have two regions West Coat, two data centers East Coast, two data centers. So everything that you're seeing is essentially coming off the mainstream Xi profile. >> Vinny: Melina, why don't we show the recovery plan. That's the most interesting piece here. >> Sure. The recovery plan is set up to help you specify how you want to recover your applications in the event of a failover or a test failover. And it specifies all sorts of details like the boot sequence for the VMs as well as network mappings. Some of the network mappings are things like the production network I have running on premises and how it maps to my production network on Xi or the test network to the test network. What's really cool here though is we're actually automatically creating your subnets on Xi from your on premises subnets. All that's part of the recovery plan. While we're on the screen, take a note of the .100 IP address. That's a floating IP address that I have set up to ensure that I'm going to be able to access my three tier web app that I have protected with this plan after a failover. So I'll be able to access it from the public internet really easily from my phone or check that it's all running. >> Right, so given how we make the environment consistent on both sides, now we're able to create a very simple DR experience including failover in one-click, failback. But we're going to show you test now. So Melina, let's talk about test because that's one of the most common operations you would do. Like some of our customers do it every month. But usually it's very hard. So let's see how the experience looks like in what we built. >> Sure. Test and failover are both one-click experiences as you know and come to expect from Nutanix. You can see it's failing over from my primary location to my recovery location. Now what we're doing right now is we're running a series of validation checks because we want to make sure that you have your network configured properly, and there's other configuration details in place for the test to be successful. Looks like the failover was initiated successfully. Now while that failover's happening though, let's make sure that I'm going to be able to access my three tier web app once it fails over. We'll do that by looking at my network policies that I've configured on my test network. Because I want to access the application from the public internet but only port 80. And if we look here under our policies, you can see I have port 80 open to permit. So that's good. And if I needed to create a new one, I could in one click. But it looks like we're good to go. Let's go back and check the status of my recovery plan. We click in, and what's really cool here is you can actually see the individual tasks as they're being completed from that initial validation test to individual VMs being powered on as part of the recovery plan. >> And to give you guys an idea behind the scenes, the entire recovery plan is actually a set of workflows that are built on Calm's automation engine. So this is an example of where we're taking some of power of workflow and automation that Clam has come to be really strong at and burning that into how we actually operationalize many of these workflows for Xi. >> And so great, while you were explaining that, my three tier web app has restarted here on Xi right in front of you. And you can see here there's a floating IP that I mentioned early that .100 IP address. But let's go ahead and launch the console and make sure the application started up correctly. >> Vinny: Yeah, so that .100 IP address is a floating IP that's a publicly visible IP. So it's listed here, 206.80.146.100. And that's essentially anybody in the audience here can go use your laptop or your cell phone and hit that and start to work. >> Yeah so by the way, just to give you guys an idea while you guys maybe use the IP to kind of hit it, is a real set of VMs that we've just failed over from Nutanix's corporate data center into our West region. >> And this is running live on the Xi cloud. >> Yeah, you guys should all go and vote. I'm a little biased towards Xi, so vote for Xi. But all of them are really good features. >> Scroll up a little bit. Let's see where Xi is. >> Oh Xi's here. I'll scroll down a little bit, but keep the... >> Vinny: Yes. >> Sunil: You guys written a block or something? >> Melina: Oh good, it looks like Xi's winning. >> Sunil: Okay, great job, Melina. Thank you so much. >> Thank you, Melina. >> Melina: Thanks. >> Thank you, great job. Cool and calm under pressure. That's good. So that was Xi. What's something that you know we've been doing around you know in addition to taking say our own extended enterprise public cloud with Xi. You know we do recognize that there are a ton of workloads that are going to be residing on AWS, GCP, Azure. And to sort of really assist in the try and call it transformation of enterprises to choose the right cloud for the right workload. If you guys remember, we actually invested in a tool over last year which became actually quite like one of those products that took off based on you know groundswell movement. Most of you guys started using it. It's essentially extract for VMs. And it was this product that's obviously free. It's a tool. But it enables customers to really save tons of time to actually migrate from legacy environments to Nutanix. So we took that same framework, obviously re-platformed it for the multi-cloud world to kind of solve the problem of migrating from AWS or GCP to Nutanix or vice versa. >> Right, so you know, Sunil as you said, moving from a private cloud to the public cloud is a lift and shift, and it's a hard you know operation. But moving back is not only expensive, it's a very hard problem. None of the cloud vendors provide change block tracking capability. And what that means is when you have to move back from the cloud, you have an extended period of downtime because there's now way of figuring out what's changing while you're moving. So you have to keep it down. So what we've done with our app mobility product is we have made sure that, one, it's extremely simple to move back. Two, that the downtime that you'll have is as small as possible. So let me show you what we've done. >> Got it. >> So here is our app mobility capability. As you can see, on the left hand side we have a source environment and target environment. So I'm calling my AWS environment Asgard. And I can add more environments. It's very simple. I can select AWS and then put in my credentials for AWS. It essentially goes and discovers all the VMs that are running and all the regions that they're running. Target environment, this is my Nutanix environment. I call it Earth. And I can add target environment similarly, IP address and credentials, and we do the rest. Right, okay. Now migration plans. I have Bifrost one as my migration plan, and this is how migration works. First you create a plan and then say start seeding. And what it does is takes a snapshot of what's running in the cloud and starts migrating it to on-prem. Once it is an on-prem and the difference between the two sides is minimal, it says I'm ready to cutover. At that time, you move it. But let me show you how you'd create a new migration plan. So let me name it, Bifrost 2. Okay so what I have to do is select a region, so US West 1, and target Earth as my cluster. This is my storage container there. And very quickly you can see these are the VMs that are running in US West 1 in AWS. I can select SQL server one and two, go to next. Right now it's looking at the target Nutanix environment and seeing it had enough space or not. Once that's good, it gives me an option. And this is the step where it enables the Nutanix service of change block tracking overlaid on top of the cloud. There are two options one is automatic where you'll give us the credentials for your VMs, and we'll inject our capability there. Or manually you could do. You could copy the command either in a windows VM or Linux VM and run it once on the VM. And change block tracking since then in enabled. Everything is seamless after that. Hit next. >> And while Vinny's setting it up, he said a few things there. I don't know if you guys caught it. One of the hardest problems in enabling seamless migration from public cloud to on-prem which makes it harder than the other way around is the fact that public cloud doesn't have things like change block tracking. You can't get delta copies. So one of the core innovations being built in this app mobility product is to provide that overlay capability across multiple clouds. >> Yeah, and the last step here was to select the target network where the VMs will come up on the Nutanix environment, and this is a summary of the migration plan. You can start it or just save it. I'm saving it because it takes time to do the seeding. I have the other plan which I'll actually show the cutover with. Okay so now this is Bifrost 1. It's ready to cutover. We started it four hours ago. And here you can see there's a SQL server 003. Okay, now I would like to show the AWS environment. As you can see, SQL server 003. This VM is actually running in AWS right now. And if you go to the Prism environment, and if my login works, right? So we can go into the virtual machine view, tables, and you see the VM is not there. Okay, so we go back to this, and we can hit cutover. So this is essentially telling our system, okay now it the time. Quiesce the VM running in AWS, take the last bit of changes that you have to the database, ship it to on-prem, and in on-prem now start you know configure the target VM and start bringing it up. So let's go and look at AWS and refresh that screen. And you should see, okay so the SQL server is now stopping. So that means it has quiesced and stopping the VM there. If you go back and look at the migration plan that we had, it says it's completed. So it has actually migrated all the data to the on-prem side. Go here on-prem, you see the production SQL server is running already. I can click launch console, and let's see. The Windows VM is already booting up. >> So essentially what Vinny just showed was a live cutover of an AWS VM to Nutanix on-premises. >> Yeah, and what we have done. (audience clapping) So essentially, this is about making two things possible, making it simple to migrate from cloud to on-prem, and making it painless so that the downtime you have is very minimal. >> Got it, great job, Vinny. I won't forget your name again. So last step. So to really talk about this, one of our favorite partners and customers has been in the cloud environment for a long time. And you know Jason who's the CTO of Cyxtera. And he'll introduce who Cyxtera is. Most of you guys are probably either using their assets or not without knowing their you know the new name. But is someone that was in the cloud before it was called cloud as one of the original founders and technologists behind Terremark, and then later as one of the chief architects of VMware's cloud. And then they started this new company about a year or so ago which I'll let Jason talk about. This journey that he's going to talk about is how a partner, slash customer is working with us to deliver net new transformations around the traditional industry of colo. Okay, to talk more about it, Jason, why don't you come up on stage, man? (rock music) Thank you, sir. All right so Cyxtera obviously a lot of people don't know the name. Maybe just give a 10 second summary of why you're so big already. >> Sure, so Cyxtera was formed, as you said, about a year ago through the acquisition of the CenturyLink data centers. >> Sunil: Which includes Savvis and a whole bunch of other assets. >> Yeah, there's a long history of those data centers, but we have all of them now as well as the software companies owned by Medina capital. So we're like the world's biggest startup now. So we have over 50 data centers around the world, about 3,500 customers, and a portfolio of security and analytics software. >> Sunil: Got it, and so you have this strategy of what we're calling revolutionizing colo deliver a cloud based-- >> Yeah so, colo hasn't really changed a lot in the last 20 years. And to be fair, a lot of what happens in data centers has to have a person physically go and do it. But there are some things that we can simplify and automate. So we want to make things more software driven, so that's what we're doing with the Cyxtera extensible data center or CXD. And to do that, we're deploying software defined networks in our facilities and developing automations so customers can go and provision data center services and the network connectivity through a portal or through REST APIs. >> Got it, and what's different now? I know there's a whole bunch of benefits with the integrated platform that one would not get in the traditional kind of on demand data center environment. >> Sure. So one of the first services we're launching on CXD is compute on demand, and it's powered by Nutanix. And we had to pick an HCI partner to launch with. And we looked at players in the space. And as you mentioned, there's actually a lot of them, more than I thought. And we had a lot of conversations, did a lot of testing in the lab, and Nutanix really stood out as the best choice. You know Nutanix has a lot of focus on things like ease of deployment. So it's very simple for us to automate deploying compute for customers. So we can use foundation APIs to go configure the servers, and then we turn those over to the customer which they can then manage through Prism. And something important to keep in mind here is that you know this isn't a manged service. This isn't infrastructure as a service. The customer has complete control over the Nutanix platform. So we're turning that over to them. It's connected to their network. They're using their IP addresses, you know their tools and processes to operate this. So it was really important for the platform we picked to have a really good self-service story for things like you know lifecycle management. So with one-click upgrade, customers have total control over patches and upgrades. They don't have to call us to do it. You know they can drive that themselves. >> Got it. Any other final words around like what do you see of the partnership going forward? >> Well you know I think this would be a great platform for Xi, so I think we should probably talk about that. >> Yeah, yeah, we should talk about that separately. Thanks a lot, Jason. >> Thanks. >> All right, man. (audience clapping) So as we look at the full journey now between obviously from invisible infrastructure to invisible clouds, you know there is one thing though to take away beyond many updates that we've had so far. And the fact is that everything that I've talked about so far is about completing a full blown true IA stack from all the way from compute to storage, to vitualization, containers to network services, and so forth. But every public cloud, a true cloud in that sense, has a full blown layer of services that's set on top either for traditional workloads or for new workloads, whether it be machine-learning, whether it be big data, you know name it, right? And in the enterprise, if you think about it, many of these services are being provisioned or provided through a bunch of our partners. Like we have partnerships with Cloudera for big data and so forth. But then based on some customer feedback and a lot of attention from what we've seen in the industry go out, just like AWS, and GCP, and Azure, it's time for Nutanix to have an opinionated view of the past stack. It's time for us to kind of move up the stack with our own offering that obviously adds value but provides some of our core competencies in data and takes it to the next level. And it's in that sense that we're actually launching Nutanix Era to simplify one of the hardest problems in enterprise IT and short of saving you from true Oracle licensing, it solves various other Oracle problems which is about truly simplifying databases much like what RDS did on AWS, imagine enterprise RDS on demand where you can provision, lifecycle manage your database with one-click. And to talk about this powerful new functionality, let me invite Bala and John on stage to give you one final demo. (rock music) Good to see you guys. >> Yep, thank you. >> All right, so we've got lots of folks here. They're all anxious to get to the next level. So this demo, really rock it. So what are we going to talk about? We're going to start with say maybe some database provisioning? Do you want to set it up? >> We have one dream, Sunil, one single dream to pass you off, that is what Nutanix is today for IT apps, we want to recreate that magic for devops and get back those weekends and freedom to DBAs. >> Got it. Let's start with, what, provisioning? >> Bala: Yep, John. >> Yeah, we're going to get in provisioning. So provisioning databases inside the enterprise is a significant undertaking that usually involves a myriad of resources and could take days. It doesn't get any easier after that for the longterm maintence with things like upgrades and environment refreshes and so on. Bala and team have been working on this challenge for quite awhile now. So we've architected Nutanix Era to cater to these enterprise use cases and make it one-click like you said. And Bala and I are so excited to finally show this to the world. We think it's actually Nutanix's best kept secrets. >> Got it, all right man, let's take a look at it. >> So we're going to be provisioning a sales database today. It's a four-step workflow. The first part is choosing our database engine. And since it's our sales database, we want it to be highly available. So we'll do a two node rack configuration. From there, it asks us where we want to land this service. We can either land it on an existing service that's already been provisioned, or if we're starting net new or for whatever reason, we can create a new service for it. The key thing here is we're not asking anybody how to do the work, we're asking what work you want done. And the other key thing here is we've architected this concept called profiles. So you tell us how much resources you need as well as what network type you want and what software revision you want. This is actually controlled by the DBAs. So DBAs, and compute administrators, and network administrators, so they can set their standards without having a DBA. >> Sunil: Got it, okay, let's take a look. >> John: So if we go to the next piece here, it's going to personalize their database. The key thing here, again, is that we're not asking you how many data files you want or anything in that regard. So we're going to be provisioning this to Nutanix's best practices. And the key thing there is just like these past services you don't have to read dozens of pages of best practice guides, it just does what's best for the platform. >> Sunil: Got it. And so these are a multitude of provisioning steps that normally one would take I guess hours if not days to provision and Oracle RAC data. >> John: Yeah, across multiple teams too. So if you think about the lifecycle especially if you have onshore and offshore resources, I mean this might even be longer than days. >> Sunil: Got it. And then there are a few steps here, and we'll lead into potentially the Time Machine construct too? >> John: Yeah, so since this is a critical database, we want data protection. So we're going to be delivering that through a feature called Time Machines. We'll leave this at the defaults for now, but the key thing to not here is we've got SLAs that deliver both continuous data protection as well as telescoping checkpoints for historical recovery. >> Sunil: Got it. So that's provisioning. We've kicked off Oracle, what, two node database and so forth? >> John: Yep, two node database. So we've got a handful of tasks that this is going to automate. We'll check back in in a few minutes. >> Got it. Why don't we talk about the other aspects then, Bala, maybe around, one of the things that, you know and I know many of you guys have seen this, is the fact that if you look at database especially Oracle but in general even SQL and so forth is the fact that look if you really simplified it to a developer, it should be as simple as I copy my production database, and I paste it to create my own dev instance. And whenever I need it, I need to obviously do it the opposite way, right? So that was the goal that we set ahead for us to actually deliver this new past service around Era for our customers. So you want to talk a little bit more about it? >> Sure Sunil. If you look at most of the data management functionality, they're pretty much like flavors of copy paste operations on database entities. But the trouble is the seemingly simple, innocuous operations of our daily lives becomes the most dreaded, complex, long running, error prone operations in data center. So we actually planned to tame this complexity and bring consumer grade simplicity to these operations, also make these clones extremely efficient without compromising the quality of service. And the best part is, the customers can enjoy these services not only for databases running on Nutanix, but also for databases running on third party systems. >> Got it. So let's take a look at this functionality of I guess snapshoting, clone and recovery that you've now built into the product. >> Right. So now if you see the core feature of this whole product is something we call Time Machine. Time Machine lets the database administrators actually capture the database tape to the granularity of seconds and also lets them create clones, refresh them to any point in time, and also recover the databases if the databases are running on the same Nutanix platform. Let's take a look at the demo with the Time Machine. So here is our customer relationship database management database which is about 2.3 terabytes. If you see, the Time Machine has been active about four months, and SLA has been set for continuously code revision of 30 days and then slowly tapers off 30 days of daily backup and weekly backups and so on, so forth. On the right hand side, you will see different colors. The green color is pretty much your continuously code revision, what we call them. That lets you to go back to any point in time to the granularity of seconds within those 30 days. And then the discreet code revision lets you go back to any snapshot of the backup that is maintained there kind of stuff. In a way, you see this Time Machine is pretty much like your modern day car with self driving ability. All you need to do is set the goals, and the Time Machine will do whatever is needed to reach up to the goal kind of stuff. >> Sunil: So why don't we quickly do a snapshot? >> Bala: Yeah, some of these times you need to create a snapshot for backup purposes, Time Machine has manual controls. All you need to do is give it a snapshot name. And then you have the ability to actually persist this snapshot data into a third party or object store so that your durability and that global data access requirements are met kind of stuff. So we kick off a snapshot operation. Let's look at what it is doing. If you see what is the snapshot operation that this is going through, there is a step called quiescing the databases. Basically, we're using application-centric APIs, and here it's actually RMAN of Oracle. We are using the RMan of Oracle to quiesce the database and performing application consistent storage snapshots with Nutanix technology. Basically we are fusing application-centric and then Nutanix platform and quiescing it. Just for a data point, if you have to use traditional technology and create a backup for this kind of size, it takes over four to six hours, whereas on Nutanix it's going to be a matter of seconds. So it almost looks like snapshot is done. This is full sensitive backup. You can pretty much use it for database restore kind of stuff. Maybe we'll do a clone demo and see how it goes. >> John: Yeah, let's go check it out. >> Bala: So for clone, again through the simplicity of command Z command, all you need to do is pick the time of your choice maybe around three o'clock in the morning today. >> John: Yeah, let's go with 3:02. >> Bala: 3:02, okay. >> John: Yeah, why not? >> Bala: You select the time, all you need to do is click on the clone. And most of the inputs that are needed for the clone process will be defaulted intelligently by us, right? And you have to make two choices that is where do you want this clone to be created with a brand new VM database server, or do you want to place that in your existing server? So we'll go with a brand new server, and then all you need to do is just give the password for you new clone database, and then clone it kind of stuff. >> Sunil: And this is an example of personalizing the database so a developer can do that. >> Bala: Right. So here is the clone kicking in. And what this is trying to do is actually it's creating a database VM and then registering the database, restoring the snapshot, and then recoding the logs up to three o'clock in the morning like what we just saw that, and then actually giving back the database to the requester kind of stuff. >> Maybe one finally thing, John. Do you want to show us the provision database that we kicked off? >> Yeah, it looks like it just finished a few seconds ago. So you can see all the tasks that we were talking about here before from creating the virtual infrastructure, and provisioning the database infrastructure, and configuring data protection. So I can go access this database now. >> Again, just to highlight this, guys. What we just showed you is an Oracle two node instance provisioned live in a few minutes on Nutanix. And this is something that even in a public cloud when you go to RDS on AWS or anything like that, you still can't provision Oracle RAC by the way, right? But that's what you've seen now, and that's what the power of Nutanix Era is. Okay, all right? >> Thank you. >> Thanks. (audience clapping) >> And one final thing around, obviously when we're building this, it's built as a past service. It's not meant just for operational benefits. And so one of the core design principles has been around being API first. You want to show that a little bit? >> Absolutely, Sunil, this whole product is built on API fist architecture. Pretty much what we have seen today and all the functionality that we've been able to show today, everything is built on Rest APIs, and you can pretty much integrate with service now architecture and give you your devops experience for your customers. We do have a plan for full fledged self-service portal eventually, and then make it as a proper service. >> Got it, great job, Bala. >> Thank you. >> Thanks, John. Good stuff, man. >> Thanks. >> All right. (audience clapping) So with Nutanix Era being this one-click provisioning, lifecycle management powered by APIs, I think what we're going to see is the fact that a lot of the products that we've talked about so far while you know I've talked about things like Calm, Flow, AHV functionality that have all been released in 5.5, 5.6, a bunch of the other stuff are also coming shortly. So I would strongly encourage you guys to kind of space 'em, you know most of these products that we've talked about, in fact, all of the products that we've talked about are going to be in the breakout sessions. We're going to go deep into them in the demos as well as in the pods. So spend some quality time not just on the stuff that's been shipping but also stuff that's coming out. And so one thing to keep in mind to sort of takeaway is that we're doing this all obviously with freedom as the goal. But from the products side, it has to be driven by choice whether the choice is based on platforms, it's based on hypervisors, whether it's based on consumption models and eventually even though we're starting with the management plane, eventually we'll go with the data plane of how do I actually provide a multi-cloud choice as well. And so when we wrap things up, and we look at the five freedoms that Ben talked about. Don't forget the sixth freedom especially after six to seven p.m. where the whole goal as a Nutanix family and extended family make sure we mix it up. Okay, thank you so much, and we'll see you around. (audience clapping) >> PA Announcer: Ladies and gentlemen, this concludes our morning keynote session. Breakouts will begin in 15 minutes. ♪ To do what I want ♪

>> Announcer: Live from Madrid, Spain, it's theCUBE, covering HP Discover Madrid 2017. Brought to you by Hewlett-Packard Enterprise. >> We're back in Madrid, everybody. This is theCUBE, the leader in live tech coverage. My name is Dave Vellante and I'm here with my colleague, Peter Burris, co-host for the week, covering HPE Discover Madrid 2017. McLeod Glass is here. He's the vice president of product management for software defined in the cloud group at Hewlett-Packard Enterprise, and he's joined by Ronald Veirweij, who is the managing partner with The Sourcing Company. >> Ronald: Yeah. >> Dave: Good to see you. >> Thank you. >> Dave: Thanks so much for coming on theCUBE. >> Thanks, thanks for-- >> So I'm excited about this. We've been hearing about Azure Stack for awhile now, and we've been talking about bringing the cloud model to your business for awhile now and it looks like it's here. >> Yeah, no, absolutely. We're excited. I mean, you know, I think we've worked hard with Microsoft to pull together what we believe is a very compelling solution with Azure Stack. I think this gentleman here can attest to the value behind it, but we basically pulled together a lot of capability and flexibility in the overall solution that allows our customers to be able to pull together a solution that lets you take Azure-centric type services and run them on premise for maybe conditions where you have data sovereignty issues or you maybe have edge applications where you can't actually have the connectivity you need to the Azure cloud and be able to start building on those capabilities. >> Well, Ronald, I wonder if you could come in. It's interesting to juxtapose, take the AWS strategy, which is hey, got the cloud here, bring it all over. Microsoft obviously has an on-prem estate already, recognizes the customer need for that, and says, alright, we can bring substantially that cloud model on-prem. Why does that appeal to you, and does it work? >> Well, actually, we do think that for the first time now it's possible to get control of cloud. To us, it's the connection between the devices and the Azure cloud, and Azure Stack, to us, is between in. As a company, we do have control of Azure Stack, but we can also give control to our clients for Azure Stack. So a user can decide to put things in the cloud, and the company can decide whether they go in the cloud, or whether they stay into Azure Stack. So they have control of their data, and they can keep control of their data. On top of that, it's our hardware. So the data they decide to store on Azure Stack is on our hardware, and it's not a US hardware company, it's a Dutch hardware company. >> So, should I ask you upfront? Talk about The Sourcing Company, what you guys do, what your role is. >> Well, we are a cloud service provider. We do deliver cloud service to end users. We have a strong vertical focus. We do lawyer companies. We do housing companies. And we do care companies. And especially for the lawyer companies, we have built our own proposition where we connected several applications together, called Magistra, and that's what we bring to companies to use. >> So the model is when you bring a solution on-prem, you bill it like it's a cloud, is that right? >> Absolutely, yeah, it's all pay per use. >> Dave: Okay, describe that a little bit more detail. What are my limitations of that pay per use? >> What's different between the on-prem version and the non-on-prem version? >> I can talk something about it. We have an Azure Pack, which is just a formal system cloud environment. We call it our legacy environment. That's in a pay-per-month model. So we do report to Microsoft what licenses are used, and we do that monthly. Azure and Azure Stack are different. Azure is in a pay-per-second model, and Azure Stack is in a pay-per-minute model. Actually, for the first time, we are also able to create more flexibility. If in our legacy environment, a machine is on for two minutes, we have to pay for it for a month. If we do the same in our Azure Stack environment, well, we have to pay for the minutes. For example, at lawyer offices, you'll have people supporting the lawyers while they work for maybe 16-20 hours a week. You know, the lawyers themselves try to. >> Dave: But they bill a lot more. >> They try to see if they can put 100 hours in a week. And we're now able to create more agility in that, and to make it more flexible. >> So you were an early Azure Stack customer. >> Yeah, we're three years in March of program now. We decided in March on the early Azure Stack, to acquire to buy the Azure Stack. >> So how's it working-- maybe take us through the journey. A lot of times, the first Microsoft product isn't quite right. The second one starts to get really good. And then after it's mature-- >> Ronald: Well, almost. >> Yeah. >> Ronald: Well, our company was founded almost 11 years ago. And we always have looked into ways to simplify our environment. We were founded on the estate of Nyenrode Business University. We were not able to put any service over there, so we decided to put in a data center, and that's what we now call our legacy cloud environment. But in that road, we were always searching to simplify our environment. And Azure Pack was a good step, but not good enough. And Azure Stack, actually, does simplify that. It's a box, and nothing more than that. And if the box runs, then the box runs, and we decide when to update it, and we decide what to put on it, and well, that helps us. Next to the simplification of our environment, we also wanted to be able to generate more standardization. And with Azure Stack, you are forced to use defaults. The best way to use Azure Stack is to create templates and with the creation of templates, you have a defaults environment. So that's also the biggest thing. >> So McLeod, what do you guys bring to the table? What does Microsoft bring into the table? >> Yeah, so obviously we've got a longstanding relationship, partnership, with Microsoft. We worked hand-in-hand with them on the solution. I mean, first of all, it's based on proliant hardware, which we all know and love, but then we've also worked very hard to engineer this solution. One of the things that separates our configuration, our solution, from some of the others, is the expandability. We allow you to scale it by node, so basically, you can add individual nodes. We have some capabilities around adding different memory, and different networking configurations that we support around that. And then also, wrapping some of our flexible capacity capabilities around that to allow a pay-as-you-go type of model, consumption model, very much in line with what he was talking about earlier, that really kind of builds together a complete solution. And the other thing that we've done, is we've co-invested with Microsoft in what we call our Azure Stack Innovation Centers. So there's one in Bellevue and one here in Switzerland, in Geneva, that allows customers to actually go and test and leverage the great capabilities of our solution in a controlled environment. They can actually go there and work with experts to kind of engineer their solution, or they can actually connect remotely to those. And we also spent a lot of time training a lot of individuals. I think somewhere in the neighborhood of about 6,000 individuals in the company from a service and support standpoint to support the solution. So we're very excited about it. >> So as I understand it, you're a cloud service provider. You're a service provider. So how does this granularity provided by Azure Stack translate into a superior experience for your customers? >> Well, it simplified our platform. And while simplifying our platform, we have time up. And we can, in that time, we can do other things. If you look to Magistra, Magistra is a complete workspace for lawyers, and while we are forced to keep it standard, in a default, and keeping the template up to date. So while doing that, we don't have to bother about the things below the template, because that's taken care of by HP and by Microsoft. So it gives us time to think of other things that helps lawyers. And we like to think of things what helps them enable more productivity. For example, for a lawyer, it is absolutely a thing to keep time writing right. And we just announced that we will extract the time-writing with artificial intelligence at keeping up what they do during the day, and at the end of the day, tells them, okay, you worked for 48 minutes on that document. We do take that from that client, and swipe to the right, and it's accepted. Swipe to the left, and that changes. And that, things we like to do to enable more productivity for our end users. >> So the advantages are at least that you can now put more time and energy into creating services. How do you go to market? Do you go to market, is it all self-service? Do you have a direct sales organization that's going out and meeting with law firms? How do you sell your service? >> The things we do most is go to events and sponsor events and tell people that Magistra is there. And then, second, is one-on-one meetings. >> Peter: That's person-to-person. >> Absolutely, yeah. We do think that we put a lot of time in finding out what they need, and what keeps them awake at night. And we try to translate that into software and into a product, Magistra, what's helped them not being awake at night. >> But for many years, one of the challenges of doing this approach for a partner like yourself was, you want to present the solution to the customer in a form that they understand, but the underlying provisioning of the assets and ultimately the costs end up being presented in infrastructure and technology terms, which means a salesperson's having a hard time, the customer's having a hard time. Does this kind of common, simplified approach allow the customer, the salesperson, and the business overall to use a common template to articulate and make commitments about what's going to be delivered, have conversations about what's needed, all of those things. It's just simplifying not only the technology, but the business and how the customer perceives value. >> Well, look at it this way. Implementation time is quite low, because when we go to an office and ask them what they want, we need at least two, maybe three months to implement that. But we have to think about the solution in Magistra, well, we just run the script. It runs for seven hours, and then it's there. The environment's there. 21 servers are enrolled. The SharePoint of the commencement system is enrolled. The things are put in place. So the functionality is there. And maybe it's not answering all the functionality. Maybe it's answering 60, 70, maybe 80%. But it's fast. And that's what they like. >> What is keeping your clients up at night? >> To a lawyer, we do think three things. They want to have a good office functionality. To us, that's Office 365. They want to have a good document management system. Being sure that they are not having two colleagues working on the same case. And time writing. And those three things were the first we enabled in Magistra. >> McLeod, so what's your expectation for this business? I mean you guys have been, the market's been waiting for it for a long time, and it looks like it's here and ready to roll. >> Yeah, we're very excited. I mean, the interest has been very high especially by, with customers, especially in the service provider space, and customers that are looking to deploy Edge applications. That's been really where we've seen the most uptake, at the beginning here. And also some of the other kind of common use cases are things like areas where compliance or data sovereignty is a concern, and we're very excited about it. It's been great so far, so we're looking forward to it this year. >> Do you think other large cloud service providers, namely AWS, are going to have to respond with something like Azure Stack? >> We think they will. >> I mean, I don't see how they could just let that big of a market go. But it's capitulating to the dogma of everything has to be in the cloud. >> Here's what we know. >> You would presumably welcome that. If AWS comes to you and says hey, we want to partner with HP >> Hey, we believe the world is hybrid, right. The world is hybrid, and it's going to be hybrid. >> Peter: This is not a belief. >> And that, yeah. >> Peter: It is. >> Yes. >> It is today. And there's not a lot of changes expected in the laws of physics that are going to change in the next couple of years to make it easier for AWS. I think it's going to be the same basic physics. So from that perspective, it suggests pretty strongly that while there's a lot of use cases and there's a lot of money to be made just on that central piece, and then introducing new technologies like serverless and functional to approximate the ability to serve, but you can't do an office environment easily in a serverless computing world. It's just not how it's going to work. >> True. >> So at the end of the day, AWS is going to be able to do a great business doing what it does, because there's a lot of open space, but if they want to claim that it's everything, if they want to get everything, they're not going to do it by just claiming that this is all going to go away. >> I mean, the TAM of this opportunity for HPE and Microsoft is quite large, right, I would think. >> Oh, it's enormous. >> Anyway, I'd be surprised if we don't see something-- >> They have to respond. >> Anyway, guys, last word on HPE Discover. What's the bumper sticker, pulling out of the show? >> Well they have it, it's stable. They have it all on the right note. >> Dave: On the right path. >> On the right path. >> We're just continuing to make hybrid IT simple, and you've seen more of it here at the show. There's been a lot of exciting announcements and a lot of the technologies that we're bringing together. Azure Stack's just one of many that we've got in our portfolio that we're extremely excited about. >> Gents, thanks so much for coming to theCUBE. It was a pleasure to have you. >> McLeod: Alright, thanks. >> You're welcome. Alright, keep it right there, buddy. Everybody. Peter and I will be back after this.

>> Announcer: Live, from Midtown Manhattan, it's theCUBE. Covering Big Data, New York City, 2017. Brought to you by SiliconANGLE Media and its ecosystem sponsors. >> Okay welcome back, everyone. Live in Manhattan, New York City, in Hell's Kitchen, this is theCUBE's special event, our annual CUBE-Wikibon Research Big Data event in Manhattan. Alongside Strata, Hadoop; formerly Hadoop World, now called Strata Data, as the world continues. This is our annual event; it's our fifth year here, sixth overall, wanted to kind of move from uptown. I'm John Furrier, the co-host of theCUBE, with Peter Burris, Head of Research at SiliconANGLE and GM of Wikibon Research. Our next guest is Tim Smith, who's the SVP of technical operations at AppNexus; technical operations for large scale is an understatement. But before we get going; Tim, just talk about what AppNexus as a company, what you guys do, what's the core business? >> Sure, AppNexus is the second largest digital advertising marketplace after google. We're an internet technology company that harnessed, we harness data and machine learning to power the companies that comprise the open internet. We began by building a powerful technology platform, in which we embedded core capabilities, tools and features. With me so far? >> Yeah, we got it. >> Okay, on top of that platform, we built a core suite of cloud-based enterprise products that enable the buying and selling of digital advertising, and a scale-transparent and low-cost marketplace where other companies can transact; either using our enterprise products, or those offered by other companies. If you want to hear a little about the daily peaks, peak feeds and speeds, it is Strata, we should probably talk about that. We do about 11.8 billion impressions transacted on a daily basis. Each of those is a real-time auction conducted in a fraction of a second, well under half a second. We see about 225 billion impressions per day, and we handle about 5 million queries per second at peak load. We produce about 150 terabytes of data each day, and we move about 400 gigabits into and out of the internet at peak, all those numbers are daily peaks. Makes sense? >> Yep. >> Okay, so by way of comparison, which might be useful for people, I believe the NYSE currently does roughly 2 million trades per day. So if we round that up to 3 million trades a day and assume the NYSE were to conduct that volume every single day of the year; 7 days a week, 365 days a year, that'd be about a billion trades a year. Similarly, I believe Visa did about 28-and-a-half billion transactions in their fiscal third quarter. I'll round that up to 30 billion, and average it out to about 333 million transactions per day and annualize it to about 4 billion transactions per year. Little bit of math, but as I mentioned, AppNexus does an excess of 10 billion transactions per day. And so it seems reasonable to say that AppNexus does roughly 10 times the transaction volume in one day, than the NYSE does in a year. And similarly, it seems reasonable to say that AppNexus daily does more than two times the transaction volume that Visa does in a year. Obviously, these are all just very rough numbers based on publicly available information about the NYSE and Visa, and both the NYSE and Visa do far, far more volume than AppNexus when measured in terms of dollars. So given our volumes, it's imperative that AppNexus does each transaction with the maximum efficiency and lowest reasonable possible cost, and that is one of the most challenging aspects of my job. >> So thanks for spending the time to give the overview. There's a lot of data; I mean 10 billion a day is massive volume. I mean the internet, and you see the scale, is insane. We're in a new era right now of web-scale. We've seen it in Facebook, and it's enormous. It's only going to get bigger, right? So on the online ad tech, you guys are essentially doing like a Google model, that's not everything but Google, which is still huge numbers. Then you include Microsoft and everybody else. Really heavy lifting, IT-like situation. What's the environment like? And just talk about, you know, what's it like for you guys. Because you got a lot of opp's, I mean terms of dev opp's. You can't break anything, because that 10 billion transaction or near, it's a significant impact. So you have to have everything buttoned-up super tight, yet you got to innovate and grow with the future growth. What's the IT environment like? >> It's interesting. We have about 8,000 servers spread across about seven data centers on three continents, and we run, as you mentioned, around the clock. There's no closing bell; downtime is not acceptable. So when you look at our environment, you're talking about four major categories of server complexes. We have real-time processing, which is the actual ad serving. We have a data pipeline, which is what we call our big data environment. We also have client-facing environment and an infrastructure environment. So we use a lot of different tools and applications, but I think the most relevant ones to this discussion are Hadoop and its friends HDFS, and Hive and Spark. And then we use the Vertica Analytics Platform. And together Hadoop and its friends, and Vertica comprise our entire data pipeline. They're both very disk-intensive. They're cluster based applications, and it's a lot of challenge to keep them up and running. >> So what are some of those challenges? Just explain a little bit, because you also have a lot of opportunity. I mean, it's money flowing through the air, basically; digital air, if you will. I mean, they got a lot of stuff happening. Take us through the challenges. >> You know, our biggest apps are all clustered. And all of our clusters are built with commodity servers, just like a lot of other environments. The big data app clusters traditionally have had internal disks, while almost all of our other servers are very light on disk. One of the biggest challenges is, since the server is the fundamental building block of a cluster, then regardless of whether you need more compute or more storage, you always have to add more servers to get it. That really limits flexibility and creates a lot of inefficiencies, and I really, really am obsessive about reducing and eliminating inefficiencies. So, with me so far? >> Yep. >> Great. The inefficiencies result from two major factors. First, not all workloads require the same ratio of compute to storage. Some workloads are more compute-intensive, and others are really less dependent on storage, while other workloads require a lot more storage. So we have to use standard server configurations and as a result, we wind up with underutilized compute and storage. This is undesirable, it's inefficient, yet given our scale, we have to use standardized configurations. So that's the first big challenge. The second is the compute to disk ratio. It's generally fixed when you buy the servers. Yes, we can certainly add more disks in the field, but that's a labor intensive, and it's complicated from a logistics and an asset management standpoint, and you're fundamentally limited by the number of disk slots in the server. So now you're right back into the trap of more storage requires more servers, regardless of whether you need more compute or not. And then you compound the inefficiencies. >> Couldn't you just move the resources from, unused resources, from one cluster to the other? >> I've been asked that a lot; and no, it's just not that simple. Each application cluster becomes a silo due to its configuration of storage and compute. This means you just can't move servers from clusters because the clusters are optimized for the workloads, and the fact that you can't move resources from one cluster to another, it's more inefficiencies. And then they're compounded over time since workloads change, and the ideal ratio of compute-to-storage changes. And the end result is unused resources trapped in silos and configurations that are no longer optimized for your workload. And there's only really one solution that we've been able to find. And to paraphrase an orator far, far more talented than I am, namely Ronald Reagan, we need to open this gate, tear down these silos. The silos just have to go away. They fundamentally limit flexibility and efficiency. >> What were some of the other issues caused by using servers with internal drives? >> You have more maintenance, you've got to deal with the logistics. But the biggest problem is service and storage have significantly different life cycles. Servers typically have a three year life cycle before they're obsolete. Storage typically is four to six years. You can sometimes stretch that a little further with the storage. Inside the servers that are replaced every 3 years, we end up replacing storage before the end of its effective lifetime; that's inefficient. Further, since the storage is inside the servers, we have to do massive data migrations when we replace servers. Migrations, they're time consuming, they're logistically difficult, and they're high risk. >> So how did DriveScale help you guys? Because you guys certainly have a challenging environment, you laid out the the story, and we appreciate that. How did DriveScale help you with the challenges? >> Well, what we really wanted to do was disaggregate storage from servers, and DriveScale enables us to do that. Disaggregating resources is a new term in the industry, but I think lot of people are focusing on it. I can explain it if you think that would make sense. >> What do you mean by disaggregating resources? Can you explain that, and how it works? >> Sure, so instead of buying servers with internal drives, we now buy diskless servers with JBODs. And DriveScale lets us easily compose servers with whatever amount of disk storage we need, from the server resource pool and the disk resource pool; and they're separate pools. This means we have the right balance of compute and storage for each workload, and we can easily adjust it over time. And all of this is done via software, so it's easy to do with a GUI or in our case, at our scale, scripting. And it's done on demand, and it's much more efficient. >> How does it help you with the underutilized resource challenge you mentioned earlier? >> Well, since we can add and remove resources from each cluster, we can manage exactly how much compute power and storage is deployed for each workload. Since this is all done via software, it can be done quickly and easily. We don't have to send a technician into a data center to physically swap drives, add drives, move drives. It's all done via software and it's very, very efficient. >> Can you move resources between silos? >> Well, yes and no. First off, our goal is no more silos. That said, we still have clusters, and once we completely migrate to DriveScale, all of our compute and storage resources will be consolidated into just a few common pools. And disk storage will no longer differentiate pools; thus, we have fewer pools. For more, we have fewer pools and can use the resources in each pool for more workloads. And when our needs change and they always do, we can reallocate resources as needed. >> What of the life cycle management challenge? How you guys address that? >> Well that's addressed with DriveScale. The compute and the storage are now disaggregated or separated into diskless servers and JBODs, so we can upgrade one without touching the other. We want to upgrade servers to take advantage of new processors or new memory architectures, we just replace the servers, re-combine the disks with the new servers, and we're back up and operating. It saves the cost of buying new disks when we don't need to, and it also simplifies logistics and reduces risk, as we no longer have to run the old plant and the new plant concurrently, and do a complicated data migration. >> What about this qualifying server and storage vendors? Do you still do that? Or how's that impact -- >> We actually don't have to do it. We're still using the same server vendor. We've used Dell for many, many years, we continue to use them. We are using them for storage and there was no real work, we just had to add DriveScale into the mix. >> What's it like working with DriveScale? >> They're really wonderful to work with. They have a really seasoned team. They were at Sun Microsystems and Cisco, they built some of the really foundational products that changed the internet, that the internet was built on. They're really talented, they really bright, and they're really focused on customer success. >> Great story, thanks for sharing that. My final question for you is, you guys have a very big, awesome environment, you've got a lot of scale there. It's great for a startup to get into an environment like this, because one, they could get access to the data, work with a good team like you have. What's it like working with a startup? >> You know it's always challenging at first; too many things to do. >> They got talented guys. Most of the startups, those early day startups, they got all their A players out there. >> They have their A players, and we've been very pleased working with them. We're dealing with the top talent, some of the top talent in the industry, that created the industry. They have a proven track record. We really don't have any concerns, we know they're committed to our success and they have a great team, and great investors. >> A final, final question. For your friends out there are watching, and other practitioners who are trying to run things at scale with a cloud. What's your advice to them? You've been operating at scale, and a lot of, billions of transactions, I mean huge; it's only going to get bigger. Put your IT friendly advice hat on. What's the mindset of operators out there, technical op's, as dev op's comes in seeing a lot of that. What do people need to be thinking about to run at scale? >> There's no magic silver bullet. There's no magic answers. The public cloud is very helpful in a lot of ways, but you really have to think hard about your economics, you have to think about your scale. You just have to be sure that you're going into each decision knowing that you've looked at the costs and the benefits, the performance, the risks, and you don't expect there to be simple answers. >> Yeah, there's no magic beans as they say. You've got to make it work for the business. >> No magic beans, I wish there were. >> Tim, thanks so much for the story. Appreciate the commentaries. Live coverage at Big Data NYC, it's theCUBE. Be back with more after this short break. (upbeat techno music)

>> Narrator: Live, from Munich, Germany, it's the CUBE. Covering IBM, Fast Track Your Data. Brought to you by IBM. >> Welcome to Munich everybody. This is a special presentation of the CUBE, Fast Track Your Data, brought to you by IBM. My name is Dave Vellante. And I'm here with my cohost, Jim Kobielus. Jim, good to see you. Really good to see you in Munich. >> Jim: I'm glad I made it. >> Thanks for being here. So last year Jim and I hosted a panel at New York City on the CUBE. And it was quite an experience. We had, I think it was nine or 10 data scientists and we felt like that was a lot of people to organize and talk about data science. Well today, we're going to do a repeat of that. With a little bit of twist on topics. And we've got five data scientists. We're here live, in Munich. And we're going to kick off the Fast Track Your Data event with this data science panel. So I'm going to now introduce some of the panelists, or all of the panelists. Then we'll get into the discussions. I'm going to start with Lillian Pierson. Lillian thanks very much for being on the panel. You are in data science. You focus on training executives, students, and you're really a coach but with a lot of data science expertise based in Thailand, so welcome. >> Thank you, thank you so much for having me. >> Dave: You're very welcome. And so, I want to start with sort of when you focus on training people, data science, where do you start? >> Well it depends on the course that I'm teaching. But I try and start at the beginning so for my Big Data course, I actually start back at the fundamental concepts and definitions they would even need to understand in order to understand the basics of what Big Data is, data engineering. So, terms like data governance. Going into the vocabulary that makes up the very introduction of the course, so that later on the students can really grasp the concepts I present to them. You know I'm teaching a deep learning course as well, so in that case I start at a lot more advanced concepts. So it just really depends on the level of the course. >> Great, and we're going to come back to this topic of women in tech. But you know, we looked at some CUBE data the other day. About 17% of the technology industry comprises women. And so we're a little bit over that on our data science panel, we're about 20% today. So we'll come back to that topic. But I don't know if there's anything you would add? >> I'm really passionate about women in tech and women who code, in particular. And I'm connected with a lot of female programmers through Instagram. And we're supporting each other. So I'd love to take any questions you have on what we're doing in that space. At least as far as what's happening across the Instagram platform. >> Great, we'll circle back to that. All right, let me introduce Chris Penn. Chris, Boston based, all right, SMI. Chris is a marketing expert. Really trying to help people understand how to get, turn data into value from a marketing perspective. It's a very important topic. Not only because we get people to buy stuff but also understanding some of the risks associated with things like GDPR, which is coming up. So Chris, tell us a little bit about your background and your practice. >> So I actually started in IT and worked at a start up. And that's where I made the transition to marketing. Because marketing has much better parties. But what's really interesting about the way data science is infiltrating marketing is the technology came in first. You know, everything went digital. And now we're at a point where there's so much data. And most marketers, they kind of got into marketing as sort of the arts and crafts field. And are realizing now, they need a very strong, mathematical, statistical background. So one of the things, Adam, the reason why we're here and IBM is helping out tremendously is, making a lot of the data more accessible to people who do not have a data science background and probably never will. >> Great, okay thank you. I'm going to introduce Ronald Van Loon. Ronald, your practice is really all about helping people extract value out of data, driving competitive advantage, business advantage, or organizational excellence. Tell us a little bit about yourself, your background, and your practice. >> Basically, I've three different backgrounds. On one hand, I'm a director at a data consultancy firm called Adversitement. Where we help companies to become data driven. Mainly large companies. I'm an advisory board member at Simply Learn, which is an e-learning platform, especially also for big data analytics. And on the other hand I'm a blogger and I host a series of webinars. >> Okay, great, now Dez, Dez Blanchfield, I met you on Twitter, you know, probably a couple of years ago. We first really started to collaborate last year. We've spend a fair amount of time together. You are a data scientist, but you're also a jack of all trades. You've got a technology background. You sit on a number of boards. You work very active with public policy. So tell us a little bit more about what you're doing these days, a little bit more about your background. >> Sure, I think my primary challenge these days is communication. Trying to join the dots between my technical background and deeply technical pedigree, to just plain English, every day language, and business speak. So bridging that technical world with what's happening in the boardroom. Toe to toe with the geeks to plain English to execs in boards. And just hand hold them and steward them through the journey of the challenges they're facing. Whether it's the enormous rapid of change and the pace of change, that's just almost exhaustive and causing them to sprint. But not just sprint in one race but in multiple lanes at the same time. As well as some of the really big things that are coming up, that we've seen like GDPR. So it's that communication challenge and just hand holding people through that journey and that mix of technical and commercial experience. >> Great, thank you, and finally Joe Caserta. Founder and president of Caserta Concepts. Joe you're a practitioner. You're in the front lines, helping organizations, similar to Ronald. Extracting value from data. Translate that into competitive advantage. Tell us a little bit about what you're doing these days in Caserta Concepts. >> Thanks Dave, thanks for having me. Yeah, so Caserta's been around. I've been doing this for 30 years now. And natural progressions have been just getting more from application development, to data warehousing, to big data analytics, to data science. Very, very organically, that's just because it's where businesses need the help the most, over the years. And right now, the big focus is governance. At least in my world. Trying to govern when you have a bunch of disparate data coming from a bunch of systems that you have no control over, right? Like social media, and third party data systems. Bringing it in and how to you organize it? How do you ingest it? How do you govern it? How do you keep it safe? And also help to define ownership of the data within an organization within an enterprise? That's also a very hot topic. Which ties back into GDPR. >> Great, okay, so we're going to be unpacking a lot of topics associated with the expertise that these individuals have. I'm going to bring in Jim Kobielus, to the conversation. Jim, the newest Wikibon analyst. And newest member of the SiliconANGLE Media Team. Jim, get us started off. >> Yeah, so we're at an event, at an IBM event where machine learning and data science are at the heart of it. There are really three core themes here. Machine learning and data science, on the one hand. Unified governance on the other. And hybrid data management. I want to circle back or focus on machine learning. Machine learning is the coin of the realm, right now in all things data. Machine learning is the heart of AI. Machine learning, everybody is going, hiring, data scientists to do machine learning. I want to get a sense from our panel, who are experts in this area, what are the chief innovations and trends right now on machine learning. Not deep learning, the core of machine learning. What's super hot? What's in terms of new techniques, new technologies, new ways of organizing teams to build and to train machine learning models? I'd like to open it up. Let's just start with Lillian. What are your thoughts about trends in machine learning? What's really hot? >> It's funny that you excluded deep learning from the response for this, because I think the hottest space in machine learning is deep learning. And deep learning is machine learning. I see a lot of collaborative platforms coming out, where people, data scientists are able to work together with other sorts of data professionals to reduce redundancies in workflows. And create more efficient data science systems. >> Is there much uptake of these crowd sourcing environments for training machine learning wells. Like CrowdFlower, or Amazon Mechanical Turk, or Mighty AI? Is that a huge trend in terms of the workflow of data science or machine learning, a lot of that? >> I don't see that crowdsourcing is like, okay maybe I've been out of the crowdsourcing space for a while. But I was working with Standby Task Force back in 2013. And we were doing a lot of crowdsourcing. And I haven't seen the industry has been increasing, but I could be wrong. I mean, because there's no, if you're building automation models, most of the, a lot of the work that's being crowdsourced could actually be automated if someone took the time to just build the scripts and build the models. And so I don't imagine that, that's going to be a trend that's increasing. >> Well, automation machine learning pipeline is fairly hot, in terms of I'm seeing more and more research. Google's doing a fair amount of automated machine learning. The panel, what do you think about automation, in terms of the core modeling tasks involved in machine learning. Is that coming along? Are data scientists in danger of automating themselves out of a job? >> I don't think there's a risk of data scientist's being put out of a job. Let's just put that on the thing. I do think we need to get a bit clearer about this meme of the mythical unicorn. But to your call point about machine learning, I think what you'll see, we saw the cloud become baked into products, just as a given. I think machine learning is already crossed this threshold. We just haven't necessarily noticed or caught up. And if we look at, we're at an IBM event, so let's just do a call out for them. The data science experience platform, for example. Machine learning's built into a whole range of things around algorithm and data classification. And there's an assisted, guided model for how you get to certain steps, where you don't actually have to understand how machine learning works. You don't have to understand how the algorithms work. It shows you the different options you've got and you can choose them. So you might choose regression. And it'll give you different options on how to do that. So I think we've already crossed this threshold of baking in machine learning and baking in the data science tools. And we've seen that with Cloud and other technologies where, you know, the Office 365 is not, you can't get a non Cloud Office 365 account, right? I think that's already happened in machine learning. What we're seeing though, is organizations even as large as the Googles still in catch up mode, in my view, on some of the shift that's taken place. So we've seen them write little games and apps where people do doodles and then it runs through the ML library and says, "Well that's a cow, or a unicorn, or a duck." And you get awards, and gold coins, and whatnot. But you know, as far as 12 years ago I was working on a project, where we had full size airplanes acting as drones. And we mapped with two and 3-D imagery. With 2-D high res imagery and LiDAR for 3-D point Clouds. We were finding poles and wires for utility companies, using ML before it even became a trend. And baking it right into the tools. And used to store on our web page and clicked and pointed on. >> To counter Lillian's point, it's not crowdsourcing but crowd sharing that's really powering a lot of the rapid leaps forward. If you look at, you know, DSX from IBM. Or you look at Node-RED, huge number of free workflows that someone has probably already done the thing that you are trying to do. Go out and find in the libraries, through Jupyter and R Notebooks, there's an ability-- >> Chris can you define before you go-- >> Chris: Sure. >> This is great, crowdsourcing versus crowd sharing. What's the distinction? >> Well, so crowdsourcing, kind of, where in the context of the question you ask is like I'm looking for stuff that other people, getting people to do stuff that, for me. It's like asking people to mine classifieds. Whereas crowd sharing, someone has done the thing already, it already exists. You're not purpose built, saying, "Jim, help me build this thing." It's like, "Oh Jim, you already "built this thing, cool. "So can I fork it and make my own from it?" >> Okay, I see what you mean, keep going. >> And then, again, going back to earlier. In terms of the advancements. Really deep learning, it probably is a good idea to just sort of define these things. Machine learning is how machines do things without being explicitly programmed to do them. Deep learning's like if you can imagine a stack of pancakes, right? Each pancake is a type of machine learning algorithm. And your data is the syrup. You pour the data on it. It goes from layer, to layer, to layer, to layer, and what you end up with at the end is breakfast. That's the easiest analogy for what deep learning is. Now imagine a stack of pancakes, 500 or 1,000 high, that's where deep learning's going now. >> Sure, multi layered machine learning models, essentially, that have the ability to do higher levels of abstraction. Like image analysis, Lillian? >> I had a comment to add about automation and data science. Because there are a lot of tools that are able to, or applications that are able to use data science algorithms and output results. But the reason that data scientists aren't in risk of losing their jobs, is because just because you can get the result, you also have to be able to interpret it. Which means you have to understand it. And that involves deep math and statistical understanding. Plus domain expertise. So, okay, great, you took out the coding element but that doesn't mean you can codify a person's ability to understand and apply that insight. >> Dave: Joe, you have something to add? >> I could just add that I see the trend. Really, the reason we're talking about it today is machine learning is not necessarily, it's not new, like Dez was saying. But what's different is the accessibility of it now. It's just so easily accessible. All of the tools that are coming out, for data, have machine learning built into it. So the machine learning algorithms, which used to be a black art, you know, years ago, now is just very easily accessible. That you can get, it's part of everyone's toolbox. And the other reason that we're talking about it more, is that data science is starting to become a core curriculum in higher education. Which is something that's new, right? That didn't exist 10 years ago? But over the past five years, I'd say, you know, it's becoming more and more easily accessible for education. So now, people understand it. And now we have it accessible in our tool sets. So now we can apply it. And I think that's, those two things coming together is really making it becoming part of the standard of doing analytics. And I guess the last part is, once we can train the machines to start doing the analytics, right? And get smarter as it ingests more data. And then we can actually take that and embed it in our applications. That's the part that you still need data scientists to create that. But once we can have standalone appliances that are intelligent, that's when we're going to start seeing, really, machine learning and artificial intelligence really start to take off even more. >> Dave: So I'd like to switch gears a little bit and bring Ronald on. >> Okay, yes. >> Here you go, there. >> Ronald, the bromide in this sort of big data world we live in is, the data is the new oil. You got to be a data driven company and many other cliches. But when you talk to organizations and you start to peel the onion. You find that most companies really don't have a good way to connect data with business impact and business value. What are you seeing with your clients and just generally in the community, with how companies are doing that? How should they do that? I mean, is that something that is a viable approach? You don't see accountants, for example, quantifying the value of data on a balance sheet. There's no standards for doing that. And so it's sort of this fuzzy concept. How are and how should organizations take advantage of data and turn it into value. >> So, I think in general, if you look how companies look at data. They have departments and within the departments they have tools specific for this department. And what you see is that there's no central, let's say, data collection. There's no central management of governance. There's no central management of quality. There's no central management of security. Each department is manages their data on their own. So if you didn't ask, on one hand, "Okay, how should they do it?" It's basically go back to the drawing table and say, "Okay, how should we do it?" We should collect centrally, the data. And we should take care for central governance. We should take care for central data quality. We should take care for centrally managing this data. And look from a company perspective and not from a department perspective what the value of data is. So, look at the perspective from your whole company. And this means that it has to be brought on one end to, whether it's from C level, where most of them still fail to understand what it really means. And what the impact can be for that company. >> It's a hard problem. Because data by its' very nature is now so decentralized. But Chris you have a-- >> The thing I want to add to that is, think about in terms of valuing data. Look at what it would cost you for data breach. Like what is the expensive of having your data compromised. If you don't have governance. If you don't have policy in place. Look at the major breaches of the last couple years. And how many billions of dollars those companies lost in market value, and trust, and all that stuff. That's one way you can value data very easily. "What will it cost us if we mess this up?" >> So a lot of CEOs will hear that and say, "Okay, I get it. "I have to spend to protect myself, "but I'd like to make a little money off of this data thing. "How do I do that?" >> Well, I like to think of it, you know, I think data's definitely an asset within an organization. And is becoming more and more of an asset as the years go by. But data is still a raw material. And that's the way I think about it. In order to actually get the value, just like if you're creating any product, you start with raw materials and then you refine it. And then it becomes a product. For data, data is a raw material. You need to refine it. And then the insight is the product. And that's really where the value is. And the insight is absolutely, you can monetize your insight. >> So data is, abundant insights are scarce. >> Well, you know, actually you could say that intermediate between insights and the data are the models themselves. The statistical, predictive, machine learning models. That are a crystallization of insights that have been gained by people called data scientists. What are your thoughts on that? Are statistical, predictive, machine learning models something, an asset, that companies, organizations, should manage governance of on a centralized basis or not? >> Well the models are essentially the refinery system, right? So as you're refining your data, you need to have process around how you exactly do that. Just like refining anything else. It needs to be controlled and it needs to be governed. And I think that data is no different from that. And I think that it's very undisciplined right now, in the market or in the industry. And I think maturing that discipline around data science, I think is something that's going to be a very high focus in this year and next. >> You were mentioning, "How do you make money from data?" Because there's all this risk associated with security breaches. But at the risk of sounding simplistic, you can generate revenue from system optimization, or from developing products and services. Using data to develop products and services that better meet the demands and requirements of your markets. So that you can sell more. So either you are using data to earn more money. Or you're using data to optimize your system so you have less cost. And that's a simple answer for how you're going to be making money from the data. But yes, there is always the counter to that, which is the security risks. >> Well, and my question really relates to, you know, when you think of talking to C level executives, they kind of think about running the business, growing the business, and transforming the business. And a lot of times they can't fund these transformations. And so I would agree, there's many, many opportunities to monetize data, cut costs, increase revenue. But organizations seem to struggle to either make a business case. And actually implement that transformation. >> Dave, I'd love to have a crack at that. I think this conversation epitomizes the type of things that are happening in board rooms and C suites already. So we've really quickly dived into the detail of data. And the detail of machine learning. And the detail of data science, without actually stopping and taking a breath and saying, "Well, we've "got lots of it, but what have we got? "Where is it? "What's the value of it? "Is there any value in it at all?" And, "How much time and money should we invest in it?" For example, we talk of being about a resource. I look at data as a utility. When I turn the tap on to get a drink of water, it's there as a utility. I counted it being there but I don't always sample the quality of the water and I probably should. It could have Giardia in it, right? But what's interesting is I trust the water at home, in Sydney. Because we have a fairly good experience with good quality water. If I were to go to some other nation. I probably wouldn't trust that water. And I think, when you think about it, what's happening in organizations. It's almost the same as what we're seeing here today. We're having a lot of fun, diving into the detail. But what we've forgotten to do is ask the question, "Well why is data even important? "What's the reasoning to the business? "Why are we in business? "What are we doing as an organization? "And where does data fit into that?" As opposed to becoming so fixated on data because it's a media hyped topic. I think once you can wind that back a bit and say, "Well, we have lot's of data, "but is it good data? "Is it quality data? "Where's it coming from? "Is it ours? "Are we allowed to have it? "What treatment are we allowed to give that data?" As you said, "Are we controlling it? "And where are we controlling it? "Who owns it?" There's so many questions to be asked. But the first question I like to ask people in plain English is, "Well is there any value "in data in the first place? "What decisions are you making that data can help drive? "What things are in your organizations, "KPIs and milestones you're trying to meet "that data might be a support?" So then instead of becoming fixated with data as a thing in itself, it becomes part of your DNA. Does that make sense? >> Think about what money means. The Economists' Rhyme, "Money is a measure for, "a systems for, a medium, a measure, and exchange." So it's a medium of exchange. A measure of value, a way to exchange something. And a way to store value. Data, good clean data, well governed, fits all four of those. So if you're trying to figure out, "How do we make money out of stuff." Figure out how money works. And then figure out how you map data to it. >> So if we approach and we start with a company, we always start with business case, which is quite clear. And defined use case, basically, start with a team on one hand, marketing people, sales people, operational people, and also the whole data science team. So start with this case. It's like, defining, basically a movie. If you want to create the movie, You know where you're going to. You know what you want to achieve to create the customer experience. And this is basically the same with a business case. Where you define, "This is the case. "And this is how we're going to derive value, "start with it and deliver value within a month." And after the month, you check, "Okay, where are we and how can we move forward? "And what's the value that we've brought?" >> Now I as well, start with business case. I've done thousands of business cases in my life, with organizations. And unless that organization was kind of a data broker, the business case rarely has a discreet component around data. Is that changing, in your experience? >> Yes, so we guide companies into be data driven. So initially, indeed, they don't like to use the data. They don't like to use the analysis. So that's why, how we help. And is it changing? Yes, they understand that they need to change. But changing people is not always easy. So, you see, it's hard if you're not involved and you're not guiding it, they fall back in doing the daily tasks. So it's changing, but it's a hard change. >> Well and that's where this common parlance comes in. And Lillian, you, sort of, this is what you do for a living, is helping people understand these things, as you've been sort of evangelizing that common parlance. But do you have anything to add? >> I wanted to add that for organizational implementations, another key component to success is to start small. Start in one small line of business. And then when you've mastered that area and made it successful, then try and deploy it in more areas of the business. And as far as initializing big data implementation, that's generally how to do it successfully. >> There's the whole issue of putting a value on data as a discreet asset. Then there's the issue, how do you put a value on a data lake? Because a data lake, is essentially an asset you build on spec. It's an exploratory archive, essentially, of all kinds of data that might yield some insights, but you have to have a team of data scientists doing exploration and modeling. But it's all on spec. How do you put a value on a data lake? And at what point does the data lake itself become a burden? Because you got to store that data and manage it. At what point do you drain that lake? At what point, do the costs of maintaining that lake outweigh the opportunity costs of not holding onto it? >> So each Hadoop note is approximately $20,000 per year cost for storage. So I think that there needs to be a test and a diagnostic, before even inputting, ingesting the data and storing it. "Is this actually going to be useful? "What value do we plan to create from this?" Because really, you can't store all the data. And it's a lot cheaper to store data in Hadoop then it was in traditional systems but it's definitely not free. So people need to be applying this test before even ingesting the data. Why do we need this? What business value? >> I think the question we need to also ask around this is, "Why are we building data lakes "in the first place? "So what's the function it's going to perform for you?" There's been a huge drive to this idea. "We need a data lake. "We need to put it all somewhere." But invariably they become data swamps. And we only half jokingly say that because I've seen 90 day projects turn from a great idea, to a really bad nightmare. And as Lillian said, it is cheaper in some ways to put it into a HDFS platform, in a technical sense. But when we look at all the fully burdened components, it's actually more expensive to find Hadoop specialists and Spark specialists to maintain that cluster. And invariably I'm finding that big data, quote unquote, is not actually so much lots of data, it's complex data. And as Lillian said, "You don't always "need to store it all." So I think if we go back to the question of, "What's the function of a data lake in the first place? "Why are we building one?" And then start to build some fully burdened cost components around that. We'll quickly find that we don't actually need a data lake, per se. We just need an interim data store. So we might take last years' data and tokenize it, and analyze it, and do some analytics on it, and just keep the meta data. So I think there is this rush, for a whole range of reasons, particularly vendor driven. To build data lakes because we think they're a necessity, when in reality they may just be an interim requirement and we don't need to keep them for a long term. >> I'm going to attempt to, the last few questions, put them all together. And I think, they all belong together because one of the reasons why there's such hesitation about progress within the data world is because there's just so much accumulated tech debt already. Where there's a new idea. We go out and we build it. And six months, three years, it really depends on how big the idea is, millions of dollars is spent. And then by the time things are built the idea is pretty much obsolete, no one really cares anymore. And I think what's exciting now is that the speed to value is just so much faster than it's ever been before. And I think that, you know, what makes that possible is this concept of, I don't think of a data lake as a thing. I think of a data lake as an ecosystem. And that ecosystem has evolved so much more, probably in the last three years than it has in the past 30 years. And it's exciting times, because now once we have this ecosystem in place, if we have a new idea, we can actually do it in minutes not years. And that's really the exciting part. And I think, you know, data lake versus a data swamp, comes back to just traditional data architecture. And if you architect your data lake right, you're going to have something that's substantial, that's you're going to be able to harness and grow. If you don't do it right. If you just throw data. If you buy Hadoop cluster or a Cloud platform and just throw your data out there and say, "We have a lake now." yeah, you're going to create a mess. And I think taking the time to really understand, you know, the new paradigm of data architecture and modern data engineering, and actually doing it in a very disciplined way. If you think about it, what we're doing is we're building laboratories. And if you have a shabby, poorly built laboratory, the best scientist in the world isn't going to be able to prove his theories. So if you have a well built laboratory and a clean room, then, you know a scientist can get what he needs done very, very, very efficiently. And that's the goal, I think, of data management today. >> I'd like to just quickly add that I totally agree with the challenge between on premise and Cloud mode. And I think one of the strong themes of today is going to be the hybrid data management challenge. And I think organizations, some organizations, have rushed to adopt Cloud. And thinking it's a really good place to dump the data and someone else has to manage the problem. And then they've ended up with a very expensive death by 1,000 cuts in some senses. And then others have been very reluctant as a result of not gotten access to rapid moving and disruptive technology. So I think there's a really big challenge to get a basic conversation going around what's the value using Cloud technology as in adopting it, versus what are the risks? And when's the right time to move? For example, should we Cloud Burst for workloads? Do we move whole data sets in there? You know, moving half a petabyte of data into a Cloud platform back is a non-trivial exercise. But moving a terabyte isn't actually that big a deal anymore. So, you know, should we keep stuff behind the firewalls? I'd be interested in seeing this week where 80% of the data, supposedly is. And just push out for Cloud tools, machine learning, data science tools, whatever they might be, cognitive analytics, et cetera. And keep the bulk of the data on premise. Or should we just move whole spools into the Cloud? There is no one size fits all. There's no silver bullet. Every organization has it's own quirks and own nuances they need to think through and make a decision themselves. >> Very often, Dez, organizations have zonal architectures so you'll have a data lake that consists of a no sequel platform that might be used for say, mobile applications. A Hadoop platform that might be used for unstructured data refinement, so forth. A streaming platform, so forth and so on. And then you'll have machine learning models that are built and optimized for those different platforms. So, you know, think of it in terms of then, your data lake, is a set of zones that-- >> It gets even more complex just playing on that theme, when you think about what Cisco started, called Folk Computing. I don't really like that term. But edge analytics, or computing at the edge. We've seen with the internet coming along where we couldn't deliver everything with a central data center. So we started creating this concept of content delivery networks, right? I think the same thing, I know the same thing has happened in data analysis and data processing. Where we've been pulling social media out of the Cloud, per se, and bringing it back to a central source. And doing analytics on it. But when you think of something like, say for example, when the Dreamliner 787 from Boeing came out, this airplane created 1/2 a terabyte of data per flight. Now let's just do some quick, back of the envelope math. There's 87,400 fights a day, just in the domestic airspace in the USA alone, per day. Now 87,400 by 1/2 a terabyte, that's 43 point five petabytes a day. You physically can't copy that from quote unquote in the Cloud, if you'll pardon the pun, back to the data center. So now we've got the challenge, a lot of our Enterprise data's behind a firewall, supposedly 80% of it. But what's out at the edge of the network. Where's the value in that data? So there are zonal challenges. Now what do I do with my Enterprise versus the open data, the mobile data, the machine data. >> Yeah, we've seen some recent data from IDC that says, "About 43% of the data "is going to stay at the edge." We think that, that's way understated, just given the examples. We think it's closer to 90% is going to stay at the edge. >> Just on the airplane topic, right? So Airbus wasn't going to be outdone. Boeing put 4,000 sensors or something in their 787 Dreamliner six years ago. Airbus just announced an 83, 81,000 with 10,000 sensors in it. Do the same math. Now the FAA in the US said that all aircraft and all carriers have to be, by early next year, I think it's like March or April next year, have to be at the same level of BIOS. Or the same capability of data collection and so forth. It's kind of like a mini GDPR for airlines. So with the 83, 81,000 with 10,000 sensors, that becomes two point five terabytes per flight. If you do the math, it's 220 petabytes of data just in one day's traffic, domestically in the US. Now, it's just so mind boggling that we're going to have to completely turn our thinking on its' head, on what do we do behind the firewall? What do we do in the Cloud versus what we might have to do in the airplane? I mean, think about edge analytics in the airplane processing data, as you said, Jim, streaming analytics in flight. >> Yeah that's a big topic within Wikibon, so, within the team. Me and David Floyer, and my other colleagues. They're talking about the whole notion of edge architecture. Not only will most of the data be persisted at the edge, most of the deep learning models like TensorFlow will be executed at the edge. To some degree, the training of those models will happen in the Cloud. But much of that will be pushed in a federated fashion to the edge, or at least I'm predicting. We're already seeing some industry moves in that direction, in terms of architectures. Google has a federated training, project or initiative. >> Chris: Look at TensorFlow Lite. >> Which is really fascinating for it's geared to IOT, I'm sorry, go ahead. >> Look at TensorFlow Lite. I mean in the announcement of having every Android device having ML capabilities, is Google's essential acknowledgment, "We can't do it all." So we need to essentially, sort of like a setting at home. Everyone's smartphone top TV box just to help with the processing. >> Now we're talking about this, this sort of leads to this IOT discussion but I want to underscore the operating model. As you were saying, "You can't just "lift and shift to the Cloud." You're not going to, CEOs aren't going to get the billion dollar hit by just doing that. So you got to change the operating model. And that leads to, this discussion of IOT. And an entirely new operating model. >> Well, there are companies that are like Sisense who have worked with Intel. And they've taken this concept. They've taken the business logic and not just putting it in the chip, but actually putting it in memory, in the chip. So as data's going through the chip it's not just actually being processed but it's actually being baked in memory. So level one, two, and three cache. Now this is a game changer. Because as Chris was saying, even if we were to get the data back to a central location, the compute load, I saw a real interesting thing from I think it was Google the other day, one of the guys was doing a talk. And he spoke about what it meant to add cognitive and voice processing into just the Android platform. And they used some number, like that had, double the amount of compute they had, just to add voice for free, to the Android platform. Now even for Google, that's a nontrivial exercise. So as Chris was saying, I think we have to again, flip it on its' head and say, "How much can we put "at the edge of the network?" Because think about these phones. I mean, even your fridge and microwave, right? We put a man on the moon with something that these days, we make for $89 at home, on the Raspberry Pie computer, right? And even that was 1,000 times more powerful. When we start looking at what's going into the chips, we've seen people build new, not even GPUs, but deep learning and stream analytics capable chips. Like Google, for example. That's going to make its' way into consumer products. So that, now the compute capacity in phones, is going to, I think transmogrify in some ways because there is some magic in there. To the point where, as Chris was saying, "We're going to have the smarts in our phone." And a lot of that workload is going to move closer to us. And only the metadata that we need to move is going to go centrally. >> Well here's the thing. The edge isn't the technology. The edge is actually the people. When you look at, for example, the MIT language Scratch. This is kids programming language. It's drag and drop. You know, kids can assemble really fun animations and make little movies. We're training them to build for IOT. Because if you look at a system like Node-RED, it's an IBM interface that is drag and drop. Your workflow is for IOT. And you can push that to a device. Scratch has a converter for doing those. So the edge is what those thousands and millions of kids who are learning how to code, learning how to think architecturally and algorithmically. What they're going to create that is beyond what any of us can possibly imagine. >> I'd like to add one other thing, as well. I think there's a topic we've got to start tabling. And that is what I refer to as the gravity of data. So when you think about how planets are formed, right? Particles of dust accrete. They form into planets. Planets develop gravity. And the reason we're not flying into space right now is that there's gravitational force. Even though it's one of the weakest forces, it keeps us on our feet. Oftentimes in organizations, I ask them to start thinking about, "Where is the center "of your universe with regard to the gravity of data." Because if you can follow the center of your universe and the gravity of your data, you can often, as Chris is saying, find where the business logic needs to be. And it could be that you got to think about a storage problem. You can think about a compute problem. You can think about a streaming analytics problem. But if you can find where the center of your universe and the center of your gravity for your data is, often you can get a really good insight into where you can start focusing on where the workloads are going to be where the smarts are going to be. Whether it's small, medium, or large. >> So this brings up the topic of data governance. One of the themes here at Fast Track Your Data is GDPR. What it means. It's one of the reasons, I think IBM selected Europe, generally, Munich specifically. So let's talk about GDPR. We had a really interesting discussion last night. So let's kind of recreate some of that. I'd like somebody in the panel to start with, what is GDPR? And why does it matter, Ronald? >> Yeah, maybe I can start. Maybe a little bit more in general unified governance. So if i talk to companies and I need to explain to them what's governance, I basically compare it with a crime scene. So in a crime scene if something happens, they start with securing all the evidence. So they start sealing the environment. And take care that all the evidence is collected. And on the other hand, you see that they need to protect this evidence. There are all kinds of policies. There are all kinds of procedures. There are all kinds of rules, that need to be followed. To take care that the whole evidence is secured well. And once you start, basically, investigating. So you have the crime scene investigators. You have the research lab. You have all different kind of people. They need to have consent before they can use all this evidence. And the whole reason why they're doing this is in order to collect the villain, the crook. To catch him and on the other hand, once he's there, to convict him. And we do this to have trust in the materials. Or trust in basically, the analytics. And on the other hand to, the public have trust in everything what's happened with the data. So if you look to a company, where data is basically the evidence, this is the value of your data. It's similar to like the evidence within a crime scene. But most companies don't treat it like this. So if we then look to GDPR, GDPR basically shifts the power and the ownership of the data from the company to the person that created it. Which is often, let's say the consumer. And there's a lot of paradox in this. Because all the companies say, "We need to have this customer data. "Because we need to improve the customer experience." So if you make it concrete and let's say it's 1st of June, so GDPR is active. And it's first of June 2018. And I go to iTunes, so I use iTunes. Let's go to iTunes said, "Okay, Apple please "give me access to my data." I want to see which kind of personal information you have stored for me. On the other end, I want to have the right to rectify all this data. I want to be able to change it and give them a different level of how they can use my data. So I ask this to iTunes. And then I say to them, okay, "I basically don't like you anymore. "I want to go to Spotify. "So please transfer all my personal data to Spotify." So that's possible once it's June 18. Then I go back to iTunes and say, "Okay, I don't like it anymore. "Please reduce my consent. "I withdraw my consent. "And I want you to remove all my "personal data for everything that you use." And I go to Spotify and I give them, let's say, consent for using my data. So this is a shift where you can, as a person be the owner of the data. And this has a lot of consequences, of course, for organizations, how to manage this. So it's quite simple for the consumer. They get the power, it's maturing the whole law system. But it's a big consequence of course for organizations. >> This is going to be a nightmare for marketers. But fill in some of the gaps there. >> Let's go back, so GDPR, the General Data Protection Regulation, was passed by the EU in 2016, in May of 2016. It is, as Ronald was saying, it's four basic things. The right to privacy. The right to be forgotten. Privacy built into systems by default. And the right to data transfer. >> Joe: It takes effect next year. >> It is already in effect. GDPR took effect in May of 2016. The enforcement penalties take place the 25th of May 2018. Now here's where, there's two things on the penalty side that are important for everyone to know. Now number one, GDPR is extra territorial. Which means that an EU citizen, anywhere on the planet has GDPR, goes with them. So say you're a pizza shop in Nebraska. And an EU citizen walks in, orders a pizza. Gives her the credit card and stuff like that. If you for some reason, store that data, GDPR now applies to you, Mr. Pizza shop, whether or not you do business in the EU. Because an EU citizen's data is with you. Two, the penalties are much stiffer then they ever have been. In the old days companies could simply write off penalties as saying, "That's the cost of doing business." With GDPR the penalties are up to 4% of your annual revenue or 20 million Euros, whichever is greater. And there may be criminal sanctions, charges, against key company executives. So there's a lot of questions about how this is going to be implemented. But one of the first impacts you'll see from a marketing perspective is all the advertising we do, targeting people by their age, by their personally identifiable information, by their demographics. Between now and May 25th 2018, a good chunk of that may have to go away because there's no way for you to say, "Well this person's an EU citizen, this person's not." People give false information all the time online. So how do you differentiate it? Every company, regardless of whether they're in the EU or not will have to adapt to it, or deal with the penalties. >> So Lillian, as a consumer this is designed to protect you. But you had a very negative perception of this regulation. >> I've looked over the GDPR and to me it actually looks like a socialist agenda. It looks like (panel laughs) no, it looks like a full assault on free enterprise and capitalism. And on its' face from a legal perspective, its' completely and wholly unenforceable. Because they're assigning jurisdictional rights to the citizen. But what are they going to do? They're going to go to Nebraska and they're going to call in the guy from the pizza shop? And call him into what court? The EU court? It's unenforceable from a legal perspective. And if you write a law that's unenforceable, you know, it's got to be enforceable in every element. It can't be just, "Oh, we're only "going to enforce it for Facebook and for Google. "But it's not enforceable for," it needs to be written so that it's a complete and actionable law. And it's not written in that way. And from a technological perspective it's not implementable. I think you said something like 652 EU regulators or political people voted for this and 10 voted against it. But what do they know about actually implementing it? Is it possible? There's all sorts of regulations out there that aren't possible to implement. I come from an environmental engineering background. And it's absolutely ridiculous because these agencies will pass laws that actually, it's not possible to implement those in practice. The cost would be too great. And it's not even needed. So I don't know, I just saw this and I thought, "You know, if the EU wants to," what they're essentially trying to do is regulate what the rest of the world does on the internet. And if they want to build their own internet like China has and police it the way that they want to. But Ronald here, made an analogy between data, and free enterprise, and a crime scene. Now to me, that's absolutely ridiculous. What does data and someone signing up for an email list have to do with a crime scene? And if EU wants to make it that way they can police their own internet. But they can't go across the world. They can't go to Singapore and tell Singapore, or go to the pizza shop in Nebraska and tell them how to run their business. >> You know, EU overreach in the post Brexit era, of what you're saying has a lot of validity. How far can the tentacles of the EU reach into other sovereign nations. >> What court are they going to call them into? >> Yeah. >> I'd like to weigh in on this. There are lots of unknowns, right? So I'd like us to focus on the things we do know. We've already dealt with similar situations before. In Australia, we introduced a goods and sales tax. Completely foreign concept. Everything you bought had 10% on it. No one knew how to deal with this. It was a completely new practice in accounting. There's a whole bunch of new software that had to be written. MYRB had to have new capability, but we coped. No one actually went to jail yet. It's decades later, for not complying with GST. So what it was, was a framework on how to shift from non sales tax related revenue collection. To sales tax related revenue collection. I agree that there are some egregious things built into this. I don't disagree with that at all. But I think if I put my slightly broader view of the world hat on, we have well and truly gone past the point in my mind, where data was respected, data was treated in a sensible way. I mean I get emails from companies I've never done business with. And when I follow it up, it's because I did business with a credit card company, that gave it to a service provider, that thought that I was going to, when I bought a holiday to come to Europe, that I might want travel insurance. Now some might say there's value in that. And other's say there's not, there's the debate. But let's just focus on what we're talking about. We're talking about a framework for governance of the treatment of data. If we remove all the emotive component, what we are talking about is a series of guidelines, backed by laws, that say, "We would like you to do this," in an ideal world. But I don't think anyone's going to go to jail, on day one. They may go to jail on day 180. If they continue to do nothing about it. So they're asking you to sort of sit up and pay attention. Do something about it. There's a whole bunch of relief around how you approach it. The big thing for me, is there's no get out of jail card, right? There is no get out of jail card for not complying. But there's plenty of support. I mean, we're going to have ambulance chasers everywhere. We're going to have class actions. We're going to have individual suits. The greatest thing to do right now is get into GDPR law. Because you seem to think data scientists are unicorn? >> What kind of life is that if there's ambulance chasers everywhere? You want to live like that? >> Well I think we've seen ad blocking. I use ad blocking as an example, right? A lot of organizations with advertising broke the internet by just throwing too much content on pages, to the point where they're just unusable. And so we had this response with ad blocking. I think in many ways, GDPR is a regional response to a situation where I don't think it's the exact right answer. But it's the next evolutional step. We'll see things evolve over time. >> It's funny you mentioned it because in the United States one of the things that has happened, is that with the change in political administrations, the regulations on what companies can do with your data have actually been laxened, to the point where, for example, your internet service provider can resell your browsing history, with or without your consent. Or your consent's probably buried in there, on page 47. And so, GDPR is kind of a response to saying, "You know what? "You guys over there across the Atlantic "are kind of doing some fairly "irresponsible things with what you allow companies to do." Now, to Lillian's point, no one's probably going to go after the pizza shop in Nebraska because they don't do business in the EU. They don't have an EU presence. And it's unlikely that an EU regulator's going to get on a plane from Brussels and fly to Topeka and say, or Omaha, sorry, "Come on Joe, let's get the pizza shop in order here." But for companies, particularly Cloud companies, that have offices and operations within the EU, they have to sit up and pay attention. So if you have any kind of EU operations, or any kind of fiscal presence in the EU, you need to get on board. >> But to Lillian's point it becomes a boondoggle for lawyers in the EU who want to go after deep pocketed companies like Facebook and Google. >> What's the value in that? It seems like regulators are just trying to create work for themselves. >> What about the things that say advertisers can do, not so much with the data that they have? With the data that they don't have. In other words, they have people called data scientists who build models that can do inferences on sparse data. And do amazing things in terms of personalization. What do you do about all those gray areas? Where you got machine learning models and so forth? >> But it applies-- >> It applies to personally identifiable information. But if you have a talented enough data scientist, you don't need the PII or even the inferred characteristics. If a certain type of behavior happens on your website, for example. And this path of 17 pages almost always leads to a conversion, it doesn't matter who you are or where you're coming from. If you're a good enough data scientist, you can build a model that will track that. >> Like you know, target, infer some young woman was pregnant. And they inferred correctly even though that was never divulged. I mean, there's all those gray areas that, how can you stop that slippery slope? >> Well I'm going to weigh in really quickly. A really interesting experiment for people to do. When people get very emotional about it I say to them, "Go to Google.com, "view source, put it in seven point Courier "font in Word and count how many pages it is." I guess you can't guess how many pages? It's 52 pages of seven point Courier font, HTML to render one logo, and a search field, and a click button. Now why do we need 52 pages of HTML source code and Java script just to take a search query. Think about what's being done in that. It's effectively a mini operating system, to figure out who you are, and what you're doing, and where you been. Now is that a good or bad thing? I don't know, I'm not going to make a judgment call. But what I'm saying is we need to stop and take a deep breath and say, "Does anybody need a 52 page, "home page to take a search query?" Because that's just the tip of the iceberg. >> To that point, I like the results that Google gives me. That's why I use Google and not Bing. Because I get better search results. So, yeah, I don't mind if you mine my personal data and give me, our Facebook ads, those are the only ads, I saw in your article that GDPR is going to take out targeted advertising. The only ads in the entire world, that I like are Facebook ads. Because I actually see products I'm interested in. And I'm happy to learn about that. I think, "Oh I want to research that. "I want to see this new line of products "and what are their competitors?" And I like the targeted advertising. I like the targeted search results because it's giving me more of the information that I'm actually interested in. >> And that's exactly what it's about. You can still decide, yourself, if you want to have this targeted advertising. If not, then you don't give consent. If you like it, you give consent. So if a company gives you value, you give consent back. So it's not that it's restricting everything. It's giving consent. And I think it's similar to what happened and the same type of response, what happened, we had the Mad Cow Disease here in Europe, where you had the whole food chain that needed to be tracked. And everybody said, "No, it's not required." But now it's implemented. Everybody in Europe does it. So it's the same, what probably going to happen over here as well. >> So what does GDPR mean for data scientists? >> I think GDPR is, I think it is needed. I think one of the things that may be slowing data science down is fear. People are afraid to share their data. Because they don't know what's going to be done with it. If there are some guidelines around it that should be enforced and I think, you know, I think it's been said but as long as a company could prove that it's doing due diligence to protect your data, I think no one is going to go to jail. I think when there's, you know, we reference a crime scene, if there's a heinous crime being committed, all right, then it's going to become obvious. And then you do go directly to jail. But I think having guidelines and even laws around privacy and protection of data is not necessarily a bad thing. You can do a lot of data, really meaningful data science, without understanding that it's Joe Caserta. All of the demographics about me. All of the characteristics about me as a human being, I think are still on the table. All that they're saying is that you can't go after Joe, himself, directly. And I think that's okay. You know, there's still a lot of things. We could still cure diseases without knowing that I'm Joe Caserta, right? As long as you know everything else about me. And I think that's really at the core, that's what we're trying to do. We're trying to protect the individual and the individual's data about themselves. But I think as far as how it affects data science, you know, a lot of our clients, they're afraid to implement things because they don't exactly understand what the guideline is. And they don't want to go to jail. So they wind up doing nothing. So now that we have something in writing that, at least, it's something that we can work towards, I think is a good thing. >> In many ways, organizations are suffering from the deer in the headlight problem. They don't understand it. And so they just end up frozen in the headlights. But I just want to go back one step if I could. We could get really excited about what it is and is not. But for me, the most critical thing there is to remember though, data breaches are happening. There are over 1,400 data breaches, on average, per day. And most of them are not trivial. And when we saw 1/2 a billion from Yahoo. And then one point one billion and then one point five billion. I mean, think about what that actually means. There were 47,500 Mongodbs breached in an 18 hour window, after an automated upgrade. And they were airlines, they were banks, they were police stations. They were hospitals. So when I think about frameworks like GDPR, I'm less worried about whether I'm going to see ads and be sold stuff. I'm more worried about, and I'll give you one example. My 12 year old son has an account at a platform called Edmodo. Now I'm not going to pick on that brand for any reason but it's a current issue. Something like, I think it was like 19 million children in the world had their username, password, email address, home address, and all this social interaction on this Facebook for kids platform called Edmodo, breached in one night. Now I got my hands on a copy. And everything about my son is there. Now I have a major issue with that. Because I can't do anything to undo that, nothing. The fact that I was able to get a copy, within hours on a dark website, for free. The fact that his first name, last name, email, mobile phone number, all these personal messages from friends. Nobody has the right to allow that to breach on my son. Or your children, or our children. For me, GDPR, is a framework for us to try and behave better about really big issues. Whether it's a socialist issue. Whether someone's got an issue with advertising. I'm actually not interested in that at all. What I'm interested in is companies need to behave much better about the treatment of data when it's the type of data that's being breached. And I get really emotional when it's my son, or someone else's child. Because I don't care if my bank account gets hacked. Because they hedge that. They underwrite and insure themselves and the money arrives back to my bank. But when it's my wife who donated blood and a blood donor website got breached and her details got lost. Even things like sexual preferences. That they ask questions on, is out there. My 12 year old son is out there. Nobody has the right to allow that to happen. For me, GDPR is the framework for us to focus on that. >> Dave: Lillian, is there a comment you have? >> Yeah, I think that, I think that security concerns are 100% and definitely a serious issue. Security needs to be addressed. And I think a lot of the stuff that's happening is due to, I think we need better security personnel. I think we need better people working in the security area where they're actually looking and securing. Because I don't think you can regulate I was just, I wanted to take the microphone back when you were talking about taking someone to jail. Okay, I have a background in law. And if you look at this, you guys are calling it a framework. But it's not a framework. What they're trying to do is take 4% of your business revenues per infraction. They want to say, "If a person signs up "on your email list and you didn't "like, necessarily give whatever "disclaimer that the EU said you need to give. "Per infraction, we're going to take "4% of your business revenue." That's a law, that they're trying to put into place. And you guys are talking about taking people to jail. What jail are you? EU is not a country. What jurisdiction do they have? Like, you're going to take pizza man Joe and put him in the EU jail? Is there an EU jail? Are you going to take them to a UN jail? I mean, it's just on its' face it doesn't hold up to legal tests. I don't understand how they could enforce this. >> I'd like to just answer the question on-- >> Security is a serious issue. I would be extremely upset if I were you. >> I personally know, people who work for companies who've had data breaches. And I respect them all. They're really smart people. They've got 25 plus years in security. And they are shocked that they've allowed a breach to take place. What they've invariably all agreed on is that a whole range of drivers have caused them to get to a bad practice. So then, for example, the donate blood website. The young person who was assist admin with all the right skills and all the right experience just made a basic mistake. They took a db dump of a mysql database before they upgraded their Wordpress website for the business. And they happened to leave it in a folder that was indexable by Google. And so somebody wrote a radio expression to search in Google to find sql backups. Now this person, I personally respect them. I think they're an amazing practitioner. They just made a mistake. So what does that bring us back to? It brings us back to the point that we need a safety net or a framework or whatever you want to call it. Where organizations have checks and balances no matter what they do. Whether it's an upgrade, a backup, a modification, you know. And they all think they do, but invariably we've seen from the hundreds of thousands of breaches, they don't. Now on the point of law, we could debate that all day. I mean the EU does have a remit. If I was caught speeding in Germany, as an Australian, I would be thrown into a German jail. If I got caught as an organization in France, breaching GDPR, I would be held accountable to the law in that region, by the organization pursuing me. So I think it's a bit of a misnomer saying I can't go to an EU jail. I don't disagree with you, totally, but I think it's regional. If I get a speeding fine and break the law of driving fast in EU, it's in the country, in the region, that I'm caught. And I think GDPR's going to be enforced in that same approach. >> All right folks, unfortunately the 60 minutes flew right by. And it does when you have great guests like yourselves. So thank you very much for joining this panel today. And we have an action packed day here. So we're going to cut over. The CUBE is going to have its' interview format starting in about 1/2 hour. And then we cut over to the main tent. Who's on the main tent? Dez, you're doing a main stage presentation today. Data Science is a Team Sport. Hillary Mason, has a breakout session. We also have a breakout session on GDPR and what it means for you. Are you ready for GDPR? Check out ibmgo.com. It's all free content, it's all open. You do have to sign in to see the Hillary Mason and the GDPR sessions. And we'll be back in about 1/2 hour with the CUBE. We'll be running replays all day on SiliconAngle.tv and also ibmgo.com. So thanks for watching everybody. Keep it right there, we'll be back in about 1/2 hour with the CUBE interviews. We're live from Munich, Germany, at Fast Track Your Data. This is Dave Vellante with Jim Kobielus, we'll see you shortly. (electronic music)

>> Announcer: Live from San Francisco, it's the Cube covering Spark Summit 2017, brought to you by databricks. >> Hi, we're back here where the Cube is live, and I didn't even know it Welcome, we're at Spark Summit 2017. Having so much fun talking to our guests I didn't know the camera was on. We are doing a talk with Cloudera, a couple of experts that we have here. First is Mark Grover, who's a software engineer and an author. He wrote the book, "Dupe Application Architectures." Mark, welcome to the show. >> Mark: Thank you very much. Glad to be here. And just to his left we also have Jennifer Wu, and Jennifer's director of product management at Cloudera. Did I get that right? >> That's right. I'm happy to be here, too. >> Alright, great to have you. Why don't we get started talking a little bit more about what Cloudera is maybe introducing new at the show? I saw a booth over here. Mark, do you want to get started? >> Mark: Yeah, there are two exciting things that we've launched at least recently. There Cloudera Altus, which is for transient work loads and being able to do ETL-Like workloads, and Jennifer will be happy to talk more about that. And then there's Cloudera data science workbench, which is this tool that allows folks to use data science at scale. So, get away from doing data science in silos on your personal laptops, and do it in a secure environment on cloud. >> Alright, well, let's jump into Data Science Workbench first. Tell me a little bit more about that, and you mentioned it's for exploratory data science. So give us a little more detail on what it does. >> Yeah, absolutely. So, there was private beta for Cloudera Data Science Workbench earlier in the year and then it was GA a few months ago. And it's like you said, an exploratory data science tool that brings data science to the masses within an enterprise. Previously people used to have, it was this dichotomy, right? As a data scientist, I want to have the latest and greatest tools. I want to use the latest version of Python, the latest notebook kernel, and I want to be able to use R and Python to be able to crunch this data and run my models in machine learning. However, on the other side of this dichotomy are the IT organization of the organization, where if they want to make sure that all tools are compliant and that your clusters are secure, and your data is not going into places that are not secured by state of the art security solutions, like Kerberos for example, right? And of course if the data scientists are putting the data on their laptops and taking the laptop around to wherever they go, that's not really a solution. So, that was one problem. And the other one was if you were to bring them all together in the same solution, data scientists have different requirements. One may want to use Python 2.6. Another one maybe want to use 3.2, right? And so Cloudera Data Science Workbench is a new product that allows data scientists to visualize and do machine learning through this very nice notebook-like interface, share their work with the rest of their colleagues in the organization, but also allows you to keep your clusters secure. So it allows you to run against a Kerberized cluster, allows single sign on to your web interface to Data Science Workbench, and provides a really nice developer experience in the sense that My workflow and my tools and my version of Python does not conflict with Jennifer's version of Python. We all have our own docker and Kubernetes-based infrastructure that makes sure that we use the packages that we need, and they don't interfere with each other. We're going to go to Jennifer on Altus in just a few minutes, but George first give you a chance to maybe dig in on Data Science workshop. >> Two questions on the data science side: some of the really toughest nuts to crack have been Sort of a common environment for the collaborators, but also the ability to operationalize the models once you've sort of agreed on them, and manage the lifecycle across teams, you know? Like, challenger champion, promote something, or even before that doing the ab testing, and then sort of what's in production is typically in a different language from what, you know, it was designed in and sort of integrating it with the apps. Where is that on the road map? Cause no one really has a good answer for that. >> Yeah, that's an excellent question. In general I think it's the problem to crack these days. How do you productionalize something that was written by a data scientist in a notebook-like system onto the production cluster, right? And I think the part where the data scientist works in a different language than the language that's in production, I think that problem, the best I can say right now is to actually have someone rewrite that. Have someone rewrite that in the language you're going to make in production, right? I don't see that to be the more common part. I think the more widespread problem is even when the language is production, how do you go making the part that the data scientist wrote, the model or whatever that would be, into a prodution cluster? And so, Data Science Workbench in particular runs on the same cluster that is being managed by Cloudera manager, right? So this is a tool that you install, but that is available to you as a web server, as a web interface, and so that allows you to move your development machine learning algorithms from your data science workbench to production much more easier, because it's all running on the same hardware and same systems. There's no separate Cloudera managers that you have to use to manage the workbench compared to your actual cluster. >> Okay. A tangential question, but one of the, the difficulties of doing machine learning is finding all the training data and, and sort of data science expertise to sit with the domain expert to, you know, figure out proper model of features, things like that. One of the things we've seen so far from the cloud vendors is they take their huge datasets in terms of voice, you know, images. They do the natural language understanding, speech or rather text to speech, you know, facial recognition. Cause they have such huge datasets they can train on. We're hearing noises that they'd going to take that down to the more mundane statistical kind of machine learning algorithms, so that you wouldn't be, like, here's a algorithm to do churn, you know, go to town, but that they might have something that's already kind of pre-populated that you would just customize. Is that something that you guys would tackle, too? >> I can't speak for the road map in that sense, but I think some of that problem needs to be tackled by projects like Spark for example. So I think as the stack matures, it's going to raise the level of abstraction as time goes on. And I think whatever benefits Spark ecosystem will have will come directly to distributions like Cloudera. >> George: That's interesting. >> Yeah >> Okay >> Alright, well let's go to Jennifer now and talk about Altus a little bit. Now you've been on the Cube show before, right? >> I have not. >> Okay, well, familiar with your work. Tell us again, you're the product manager for Altus. What does it do, and what was the motivation to build it? >> Yeah, we're really excited about Cloudera Altus. So, we released Cloudera Altus in its first GA form in April, and we launched Cloudera Altus in a public environment in Strata London about two weeks ago, so we're really excited about this and we are very excited to now open this up to all of the customer base. And what it is is a platform as a service offering designed to leverage, basically, the agility and the scale of cloud, and make a very easy to use type of experience to expose Cloudera capacity for, in particular for data engineering type of workloads. So the end user will be able to very easily, in a very agile manner, get data engineering capacity on Cloudera in the cloud, and they'll be able to do things like ETL and large scale data processing, productionized machine learning workflows in the cloud with this new data engineering as a service experience. And we wanted to abstract away the cloud, and cluster operations, and make the end user a really, the end user experience very easy. So, jobs and workloads as first class objects. You can do things like submit jobs, clone jobs, terminate jobs, troubleshoot jobs. We wanted to make this very, very easy for the data engineering end user. >> It does sound like you've sort of abstracted away a lot of the infrastructure that you would associate with on-prem, and sort of almost make it, like, programmable and invisible. But, um, I guess my, one of my questions is when you put it in a cloud environment, when you're on-prem you have a certain set of competitors which is kind of restrictive, because you are the standalone platform. But when you go on the cloud, someone might say, "I want to use red shift on Amazon," or Snowflake, you know, as the MPP sequel database at the end of a pipeline. And it's not just, I'm using those as examples. There's, you know, dozens, hundreds, thousands of other services to choose from. >> Yes. >> What happens to the integrity of that platform if someone carves off one piece? >> Right. So, interoperability and a unified data pipeline is very important to us, so we want to make sure that we can still service the entire data pipeline all the way from ingest and data processing to analytics. So our team has 24 different open source components that we deliver in the CDH distribution, and we have committers across the entire stack. We know the application, and we want to make sure that everything's interoperable, no matter how you deploy the cluster. So if you deploy data engineering clusters through Cloudera Altus, but you deployed Impala clusters for data marks in the cloud through Cloudera Director or through any other format, we want all these clusters to be interoperable, and we've taken great pains in order to make everything work together well. >> George: Okay. So how do Altus and Sata Science Workbench interoperate with Spark? Maybe start with >> You want to go first with Altus? >> Sure, so, we, in terms of interoperability we focus on things like making sure there are no data silos so that the data that you use for your entire data lake can be consumed by the different components in our system, the different compute engines and different tools, and so if you're processing data you can also look at this data and visualize this data through Data Science Workbench. So after you do data ingestion and data processing, you can use any of the other analytic tools and then, and this includes Data Science Workbench. >> Right, and for Data Science Workbench runs, for example, with the latest version of Spark you could pick, the currently latest released version of Spark, Spark 2.1, Spark 2.2 is being boarded of course, and that will soon be integrated after its release. For example you could use Data Science Workbench with your flavor of Spark two's version and you can run PySpark or Scala jobs on this notebook-like interface, be able to share your work, and because you're using Spark Underneath the hood it uses yarn for resource management, the Data Science Workbench itself uses Docker for configuration management, and Kubernetes for resource managing these Docker containers. >> What would be, if you had to describe sort of the edge conditions and the sweet spot of the application, I mean you talked about data engineering. One thing, we were talking to Matei Zaharia and Ronald Chin about was, and Ali Ghodsi as well was if you put Spark on a database, or at least a, you know, sophisticated storage manager, like Kudu, all of a sudden there're a whole new class of jobs or applications that open up. Have you guys thought about what that might look like in the future, and what new applications you would tackle? >> I think a lot of that benefit, for example, could be coming from the underlying storage engine. So let's take Spark on Kudu, for example. The inherent characteristics of Kudu today allow you to do updates without having to either deal with the complexity of something like Hbase, or the crappy performance of dealing HDFS compactions, right? So the sweet spot comes from Kudu's capabilities. Of course it doesn't support transactions or anything like that today, but imagine putting something like Spark and being able to use the machine learning libraries and, we have been limited so far in the machine learning algorithms that we have implemented in Spark by the storage system sometimes, and, for example new machine learning algorithms or the existing ones could rewritten to make use of the update features for example, in Kudu. >> And so, it sounds like it makes it, the machine learning pipeline might get richer, but I'm not hearing that, and maybe this isn't sort of in the near term sort of roadmap, the idea that you would build sort of operational apps that have these sophisticated analytics built in, you know, where the analytics, um, you've done the training but at run time, you know, the inferencing influences a transaction, influences a decision. Is that something that you would foresee? >> I think that's totally possible. Again, at the core of it is the part that now you have one storage system that can do scans really well, and it can also do random reads and writes any place, right? So as your, and so that allows applications which were previously siloed because one appication that ran off of HDFS, another application that ran out of Hbase, and then so you had to correlate them to just being one single application that can use to train and then also use their trained data to then make decisions on the new transactions that come in. >> So that's very much within the sort of scope of imagination, or scope. That's part of sort of the ultimate plan? >> Mark: I think it's definitely conceivable now, yeah. >> Okay. >> We're up against a hard break coming up in just a minute, so you each get a 30-second answer here, so it's the same question. You've been here for a day and a half now. What's the most surprising thing you've learned that you thing should be shared more broadly with the Spark community? Let's start with you. >> I think one of the great things that's happening in Spark today is people have been complaining about latency for a long time. So if you saw the keynote yesterday, you would see that Spark is making forays into reducing that latency. And if you are interested in Spark, using Spark, it's very exciting news. You should keep tabs on it. We hope to deliver lower latency as a community sooner. >> How long is one millisecond? (Mark laughs) >> Yeah, I'm largely focused on cloud infrastructure and I found here at the conference that, like, many many people are very much prepared to actually start taking more, you know, more POCs and more interest in cloud and the response in terms of all of this in Altus has been very encouraging. >> Great. Well, Jennifer, Mark, thank you so much for spending some time here on the Cube with us today. We're going to come by your booth and chat a little bit more later. It's some interesting stuff. And thank you all for watching the Cube today here at Spark Summit 2017, and thanks to Cloudera for bringing us these two experts. And thank you for watching. We'll see you again in just a few minutes with our next interview.

>> Narrator: Live from Munich, Germany it's the CUBE, covering Dataworks Summit Europe 2017. Brought to you by Hortonworks. >> Okay, welcome back everyone here at day two coverage of the CUBE here in Munich, Germany for Dataworks 2017. I'm John Furrier, my co-host Dave Vellante. Two days of wall to wall coverage SiliconANGLE Media's the CUBE. Our next guest is Raj Verma, the president and COO of Hortonworks. First time on the CUBE, new to Hortonworks. Welcome to the CUBE. >> Thank you very much, John, appreciate it. >> Looking good with a three piece suit we were commenting when you were on stage. >> Raj: Thank you. >> Great scene here in Europe, again different show vis-a-vis North America, in San Jose. You got the show coming up there, it's the big show. Here, it's a little bit different. A lot of IOT in Germany. You got a lot of car manufacturers, but industrial nation here, smart city initiatives, a lot of big data. >> Uh-huh. >> What's your thoughts? >> Yeah no, firstly thanks for having me here. It's a pleasure and good chit chatting right before the show as well. We are very, very excited about the entire data space. Europe is leading many initiatives about how to use data as a sustainable, competitive differentiator. I just moderated a panel and you guys heard me talk to a retail bank, a retailer. And really, Centrica, which was nothing but British Gas, which is rather an organization steeped in history so as to speak and that institution is now, calls itself a technology company. And, it's a technology company or an IOT company based on them using data as the currency for innovation. So now, British Gas, or Centrica calls itself a data company, when would you have ever thought that? I was at dinner with a very large automotive manufacturers and the kind of stuff they are doing with data right from the driving habits, driver safety, real time insurance premium calculation, the autonomous drive. It's just fascinating no matter what industry you talk about. It's just very, very interesting. And, we are very glad to be here. International business is a big priority for me. >> We've been following Hortonworks since it's inception when it spun out of Yahoo years ago. I think we've been to every Hadoop World going back, except for the first one. We watched the transition. It's interesting, it's always been a learning environment at these shows. And certainly the customer testimonials speaks to the ecosystem, but I have to ask you, you're new to Hortonworks. You have interesting technology background. Why did you join Hortonworks? Because you certainly see the movies before and the cycles of innovation, but now we're living in a pretty epic, machine learning, data AI is on the horizon. What were the reasons why you joined Hortonworks? >> Yeah sure, I've had a really good run in technology, fortunately was associated with two great companies, Parametric Technology and TIBCO Software. I was 16 years at TIBCO, so I've been dealing with data for 16 years. But, over the course of the last couple of years whenever I spoke to a C level executive, or a CIO they were talking to us about the fact that structured data, which is really what we did for 16 years, was not good enough for innovation. Innovation and insights into unstructured data was the seminal challenge of most of the executives that I was talking to, senior level executives. And, when you're talking about unstructured data and making sense of it there isn't a better technology than the one that we are dealing with right now, undoubtedly. So, that was one. Dealing with data because data is really the currency of our times. Every company is a data company. Second was, I've been involved with proprietary software for 23 years. And, if there is a business model that's ready for disruption it's the proprietary software business model because I'm absolutely convinced that open source is what I call a green business model. It's good for planet Earth so as to speak. It's a community based, it's based on innovation and it puts the customer and the technology provider on the same page. The customer success drives the vendor success. Yeah, so the open source community, data-- >> It's sustainables, pun intended, in the sense that it's had a continuing run. And, it's interesting Tier One software is all open source now. >> 100%, and by the way not only that if you see large companies like IBM and Microsoft they have finally woken up to the fact that if they need to attract talent and if they want to be known as talk leaders they have to have some very meaningful open source initiatives. Microsoft loves Linux, when did we ever think that was going to happen, right? And, by the way-- >> I think Steve Bauman once said it was the cancer of the industry. Now, they're behind it. But, this is the Linux foundation has also grown. We saw a project this past week. Intel donated a big project to the Linux now it's taking over, so more projects. >> Raj: Yes. >> There's more action happening than ever before. >> You know absolutely, John. Five years ago when I would go an meet a CIO and I would ask them about open source and they would wink, they say "Of course, "we do open source. But, it's less than 5%, right? Now, when I talk to a CIO they first ask their teams to go evaluated open source as the first choice. And, if they can't they come kicking and screaming towards propriety software. Most organizations, and some organizations with a lot of historical gravity so as to speak have a 50/50 even split between proprietary and open source. And, that's happened in the last three years. And, I can make a bold statement, and I know it'll be true, but in the next three years most organizations the ratio of proprietary to open source would be 20 proprietary 80 open source. >> So, obviously you've made that bet on open source, joining Hortonworks, but open is a spectrum. And, on one end of the spectrum you have Hortonworks which is, as I see it, the purest. Now, even Larry Ellison, when he gets onstage at Oracle Open World will talk about how open Oracle is, I guess that's the other end of the spectrum. So, my question is won't the Microsofts and the Oracles and the IBM, they're like recovering alcoholics and they'll accommodate their platforms through open source, embracing open source. We'll see if AWS is the same, we know it's unidirectional there. How do you see that-- >> Well, not necessarily. >> Industry dynamic, we'll talk about that later. How do you see that industry dynamic shaking out? >> No, absolutely, I think I remember way back in I think the mid to late 90s I still loved that quote by Scott McNeely, who is a friend, Dell, not Dell, Digital came out with a marketing campaign saying open VMS. And, Scott said, "How can someone lie "so much with one word?" (laughs) So, it's the fact that Oracle calling itself open, well I'll just leave it at, it's a good joke. I think the definition of open source, to me, is when you acquire a software you have three real costs. One is the cost of initial procuring that software and the hardware and all the rest of it. The second is implementation and maintenance. However, most people miss the third dimension of cost when acquiring software, which is the cost to exit the technology. Our software and open source has very low exit barriers to our technology. If you don't like our technology, switch it off. You own the software anyways. Switch off our services and the barrier of exits are very, very low. Having worked in proprietary software, as I said, for 23 years I very often had conversations with my customers where I would say, "Look, you really "don't have a choice, because if you want to exit "our technology it's going to probably cost you "ten times more than what you've spent till date." So, it a lock in architecture and then you milk that customer through maintenance, correct? >> Switching costs really are the metric-- >> Raj: Switching costs, exactly. >> You gave the example of Blockbuster Camera, and the rental, the late charge fees. Okay, that's an example of lock in. So, as we look at the company you're most compared with, now that's it's going public, Cloudera, in a way I see more similarities than differences. I mean, you guys are sort of both birds of a feather. But, you are going for what I call the long game with a volume subscription model. And, Cloudera has chosen to build proprietary components on top. So, you have to make big bets on open. You have to support those open technologies. How do you see that affecting the long term distance model? >> Yeah, I think we are committed to open source. There's absolutely no doubt about it. I do feel that we are connected data platform, which is data at rest and data in motion across on prem and cloud is the business model the going to win. We clearly have momentum on our side. You've seen the same filings that I have seen. You're talking about a company that had a three year head start on us, and a billion dollars of funding, all right, at very high valuations. And yet, they're only one year ahead in terms of revenue. And, they have burnt probably three times more cash than we have. So clearly, and it's not my opinion, if you look at the numbers purely, the numbers actually give us the credibility that our business model and what we are doing is more efficient and is working better. One of the arguments that I often hear from analysts and press is how are your margins on open source? According to the filings, again, their margins are 82% on proprietary software, my margins on open source are 84%. So, from a health of the business perspective we are better. Now, the other is they've claimed to have been making a pivot to more machine learning and deep learning and all the rest of it. And, they actually'd like us to believe that their competition is going to be Amazon, IBM, and Google. Now, with a billion dollars of funding with the Intel ecosystem behind them they could effectively compete again Hortonworks. What do you think are their chances of competing against Google, Amazon, and IBM? I just leave that for you guys to decide, to be honest with you. And, we feel very good that they have virtually vacated the space and we've got the momentum. >> On the numbers, what jumps out at you on filing since obviously, I sure, everyone at Hortonworks was digging through the S1 because for the first time now Cloudera exposes some of the numbers. I noticed some striking things different, obviously, besides their multiple on revenue valuation. Pretty obvious it's going to be a haircut coming after the public offering. But, on the sales side, which is your wheelhouse there's a value proposition that you guys at Hortonworks, we've been watching, the cadence of getting new clients, servicing clients. With product evolution is challenging enough, but also expensive. It's not you guys, but it's getting better as Sean Connolly pointed out yesterday, you guys are looking at some profitability targets on the Ee-ba-dep coming up in Q four. Publicly stated on the earnings call. How's that different from Cloudera? Are they burning more cash because of their sales motions or sales costs, or is it the product mix? What's you thoughts on the filings around Cloudera versus the Hortonworks? >> Well, look I just feel that, I can talk more about my business than theirs. Clearly, you've seen the same filings that I have and you've see the same cash burn rates that we have seen. And, we clearly are ore efficient, although we can still get better. But, because of being public for a little more than two years now we've had a thousand watt bulb being shown at us and we have been forced to be more efficient because we were in the limelight. >> John: You're open. >> In the open, right? So, people knew what our figures are, what our efficiency ratios were. So, we've been working diligently at improving them and we've gotten better, and there's still scope for improvement. However, being private did not have the same scrutiny on Cloudera. And, some would say that they were actually spending money like drunken sailors if you really read their S1 filing. So, they will come under a lot of scrutiny as well. I'm sure they'll get more efficient. But right now, clearly, you've seen the same numbers that I have, their numbers don't talk about efficiency either in the R and D side or the sales and marketing side. So, yeah we feel very good about where we are in that space. >> And, open source is this two edged sword. Like, take Yarn for example, at least from my perspective Hortonworks really led the charge to Yarn and then well before Doctor and Kubernetes ascendancy and then all of a sudden that happens and of course you've got to embrace those open source trends. So, you have the unique challenge of having to support sort of all the open source platforms. And, so that's why I call it the long game. In order for you guys to thrive you've got to both put resources into those multiple projects and you've got to get the volume of your subscription model, which you pointed out the marginal economics are just as good as most, if not any software business. So, how do you manage that resource allocation? Yes, so I think a lot of that is the fact that we've got plenty of contributors and committers to the open source community. We are seen as the angel child in open source because we are just pure, kosher open source. We just don't have a single line of proprietary code. So, we are committed to that community. We have over the last six or seven years developed models of our software development which helps us manage the collective bargaining power, so as to speak, of the community to allocate resources and prioritize the allocation of resources. It continues to be a challenge given the breadth of the open source community and what we have to handle, but fortunately I'm blessed that we've got a very, very capable engineering organization that keeps us very efficient and on the cutting edge. >> We're here with Raj Verma, With the new president and COO of Hortonworks, Chief Operating Officer. I've got to ask you because it's interesting. You're coming in with a fresh set of eyes, coming in as you mentioned, from TIBCO, interesting, which was very successful in the generation of it's time and history of TIBCO where it came from and what it did was pretty fantastic. I mean, everyone knows connecting data together was very hard in the enterprise world. TIBCO has some challenges today, as you're seeing, with being disrupted by open source, but I got to ask you. As a perspective, new executive you got, looking at the battlefield, an opportunity with open source there's some significant things happening and what are you excited about because Hortonworks has actually done some interesting things. Some, I would say, the world spun in their direction, their relationship with Microsoft, for instance, and their growth in cloud has been fantastic. I mean, Microsoft stock price when they first started working with Hortonworks I think was like 26, and obviously with Scott Di-na-tell-a on board Azure, more open source, on Open Compute to Kubernetes and Micro Services, Azure doing very, very well. You also have a partnership with Amazon Web Services so you already are living in this cloud era, okay? And so, you have a cloud dynamic going on. Are you excited by that? You bring some partnership expertise in from TIBCO. How do you look at partners? Because, you guys don't really compete with anybody, but you're partners with everybody. So, you're kind of like Switzerland, but you're also doing a lot of partnerships. What are you excited about vis-a-vis the cloud and some of the other partnerships that are happening. >> Yeah, absolutely, I think having a robust partner ecosystem is probably my number one priority, maybe number two after being profitable in a short span of time, which is, again, publicly stated. Now, our partnership with Microsoft is very, very special to us. Being available in Azure we are seeing some fantastic growth rates coming in from Azure. We are also seeing remarkable amount of traction from the market to be able to go and test out our platform with very, very low barriers of entry and, of course, almost zero barriers of exit. So, from a partnership platform cloud providers like Amazon, Microsoft, are very, very important to us. We are also getting a lot of interest from carriers in Europe, for example. Some of the biggest carriers want to offer business services around big data and almost 100%, actually not almost, 100% of the carriers that we have spoken to thus far want to partner with us and offer our platform as a cloud service. So, cloud for us is a big initiative. It gives us the entire capability to reach audiences that we might not be able to reach ringing one door bell at a time. So, it's, as I said, we've got a very robust, integrated cloud strategy. Our customers find that very, very interesting. And, building that with a very robust partner channel, high priority for us. Second, is using our platform as a development platform for application on big data is, again, a priority. And that's, again, building a partner ecosystem. The third is relationships with global SIs, Extensia, Deloitte, KPMG. The Indian SIs of In-flu-ces, and Rip-ro, and HCL and the rest. We have some work to do. We've done some good work there, but there's some work to be done there. And, not only that I think some of the initiatives that we are launching in terms of training as a service, free certification, they are all things which are aimed at reaching out to the partners and building, as I said, a robust partner ecosystem. >> There's a lot of talk a conferences like this about, especially in Hadoop, about complexity, complexity of the ecosystem, new projects, and the difficulties of understanding that. But, in reality it seems as though today anyway the technology's pretty well understood. We talked about Millennials off camera coming out today with social savvy and tooling and understanding gaming and things like that. Technology, getting it to work seems to not be the challenge anymore. It's really understanding how to apply it, how to value data, we heard in your panel today. The business process, which used to be very well known, it's counting, it's payroll, simple. Now, it's kind of ever changing daily. What do you make of that? How do you think that will effect the future of work? Yeah, I think there's some very interesting questions that you've asked in that the first, of course, is what does it take to have a very successful big data, or Hadoop project. And, I think we always talk about the fact that if you have a very robust business case backing a Hadoop project that is the number one key ingredient to delivering a Hadoop project. Otherwise, you can tend to boil the ocean, all right, or try and eat an elephant in one bite as I like to say. So, that's one and I think you're right. It's not the technology, it's not the complexity, it's not the availability of the resources. It is a leadership issue in organizations where the leader demands certain outcomes, business outcomes from the Hadoop project team and we've seen whenever that happens the projects seem to be very, very successful. Now, the second part of the question about future of work, which is a very, very interesting topic and a topic which is very, very close to my heart. There are going to be more people than jobs in the next 20, 25 years. I think that any job that can be automated will be automated, or has been automated, right? So, this is going to have a societal impact on how we live. I've been lucky enough that I joined this industry 25 years ago and I've never had to change or switch industries. But, I can assure you that our kids, and we were talking about kids off camera as well, our kids will have to probably learn a new skill every five years. So, how does that impact education? We, in our generation, were testing champions. We were educated to score well on tests. But, the new form of education, which you and I were talking about, again in California where we live, and where my daughter goes to high school and in her school the number one, the number one priority is to instill a sense of learning and joy of learning in students because that is what is going to contribute to a robust future. >> That's a good point, I want to just interject here because I think that the trend we're seeing in the higher Ed side too also point to the impact of data science, to curriculum and learning. It's not just putting catalogs online. There's now kind of an iterative kind of non-linear discovery to proficiency. But, there's also the emotional quotient aspect. You mentioned the love of learning. The immersion of tech and digital is creating an interdisciplinary requirement. So, all the folks say that, what the statistic's like half the jobs that are going to be available haven't even been figured out yet. There's a value creation around interdisciplinary skill sets and emotional quotient. >> Absolutely. >> Social, emotional because of the human social community connectedness. This is also a big data challenge opportunity. >> Oh, 100% and I think one of the things that we believe is in the future, jobs that require a greater amount of empathy are least susceptible to automation. So, things like caring for old age people in the world, and nursing, and teaching, and artists, and all the rest will be professions which will be highly paid and numerous. I also believe that the entire big data challenge about how you use data to impact communities is going to come into play. And also, I think John, you and I were again talking about it, the entire concept of corporations is only 200 years old, really, 200, 300 years old. Before that, our forefathers were individual contributors who contributed a certain part in a community, barbers, tailors, farmers, what have you. We are going to go back to the future where all of us will go back to being individual contributors. And, I think, and again I'm bringing it back to open source, open source is the start of that community which will allow the community to go back to its roots of being individual contributors rather than being part of a organization or a corporation to be successful and to contribute. >> Yeah, the Coase's Penguin has been a very famous seminal piece of work. Obviously, Ronald Coase who's wrote the book The Nature of the Firm is interesting, but that's been a kind of historical document. You look at blockchain for instance. Blockchain actually has the opportunity to disrupt what the Nature of the Firm is about because of smart contracts, supply chain, and what not. And, we have this debate on the CUBE all the time, there's some naysayers, Tim Conner's a VC and I were talking on our Friday show, Silicon Valley Friday show. He's actually a naysayer on blockchain. I'm actually pro blockchain because I think there's some skeptics that say blockchain is really hard to because it requires an ecosystem. However, we're living in an ecosystem, a world of community. So, I think The Nature of the Firm will be disrupted by people organizing in a new way vis-a-vis blockchain 'cause that's an open source paradigm. >> Yeah, no I concur. So, I'm a believer in that entire concept. I 100%-- >> I want to come back to something you talked about, about individual contributors and the relationship in link to open source and collaboration. I personally, I think we have to have a frank conversation about, I mean machines have always replaced humans, but for the first time in our history it's replacing cognitive functions. To your point about empathy, what are the things that humans can do that machines can't? And, they become fewer and fewer every year. And, a lot of these conferences people don't like to talk about that, but it's a reality that we have to talk about. And, your point is right on, we're going back to individual contribution, open source collaboration. The other point is data, is it going to be at the center of that innovation because it seems like value creation and maybe job creation, in the future, is going to be a result of the combinatorial effects of data, open source, collaboration, other. It's not going to because of Moore's Law, all right. >> 100%, and I think one of the aspects that we didn't touch upon is the new societal model that automation is going to create would need data driven governance. So, a data driven government is going to be a necessity because, remember, in those times, and I think in 25, 30 years countries will have to explore the impact of negative taxation, right? Because of all the automation that actually happens around citizen security, about citizen welfare, about cost of healthcare, cost of providing healthcare. All of that is going to be fueled by data, right? So, it's just, as the Chinese proverb says, "May you live in interesting times." We definitely are living in very interesting times. >> And, the public policy implications are, your friend and one of my business heroes, Scott McNeally says, "There's no privacy in "the internet, get over it." We interviewed John Tapscott last week he said "That's unacceptable, "we have to solve that problem." So, it brings up a lot of public policy issues. >> Well, the social economic impact, right now there's a trend we're seeing where the younger generation, we're talking about the post 9/11 generation that's entering the workforce, they have a social conscience, right? So, there's an emphasis you're seeing on social good. AI for social good is one of the hottest trends out there. But, the changing landscape around data is interesting. So, the word democratization has been used whether you're looking at the early days of blogging and podcasting which we were involved in and research to now in media this notion of data and transparency and open source is probably at a tipping point, an all time high in terms of value creation. So, I want to hear your thoughts on this because as someone who's been in the proprietary world the mode of operation was get something proprietary, lock it dowm, build a fence and a wall, protect it with folks with machine guns and fight for the competitive advantage, right? Now, the competitive advantage is open. Okay, so you're looking at pure open source model with Hortonworks. It changes how companies are competing. What is the competitive advantage of Hortonworks? Actually, to be more open. >> 100%. >> How do you manage that? >> No absolutely, I just think the proprietary nature of software, like software has disrupted a lot of businesses, all right? And, it's not a resistance to disruption itself. I mean, there has never been a business model in the history of time where you charge a lot of money to build a software, or sell a software that you built and then whatever are the defects in that software you get paid more money to fix them, all right? That's the entire perpetual and maintenance model. That model is going to get disrupted. Now, there are hundreds of billions of dollars involved in it so people are going to come kicking and screaming to the open source world, but they will have to come to the open source world. Our advantage that we're seeing is innovation now in a closed loop environment, no matter what size of a company you are, cannot keep up with the changing landscape around you from a data perspective. So, without the collective innovation of the community I don't really think a technology can stay at par with the changes around them. >> This is what I say about, this is what I think is such an important point that you're getting at because we were started SiliconANGLE actually in the Cloudera office, so we have a lot of friends that work there. We have a great admiration for them, but one of the things that Cloudera has done through their execution is they have been very profit oriented, go public at all costs kind of thing that they're doing now. You've seen that happen. Is the competitive advantage that you're pointing out is something we're seeing that similar that Andy Jasseys doing at AWS, which is it's not so much to build something proprietary per se, it's just to ship something faster. So, if you look at Amazon's competitive advantage is that they just continue to ship product faster and faster and faster than companies can build themselves. And also, the scale that they're getting with these economies is increasing the quality. So, open source has also hit the naysayers on security, right? Everyone said, "Oh, open source is not secure." As it turns out, it's more secure. Amazon at scale is actually becoming more secure. So, you're starting to see the new competitive advantage be ship more, be more open as the way to do business. What do you think the impact will be to traditional companies whether it's a startup competing or an existing bank? This is a paradigm shift, what's the impact going to be for a CIO or CEO of a big company? How do they incorporate that competitive advantage? Yeah, I think the proprietary software world is not going to go away tomorrow, John, you know that. There so much of installed software and there's a saying from where I come from that "Even a dead elephant is worth a million dollars," right? So, even that business model even though it is sort of dying it'll still be a good investment for the next ten years because of the locked in business model where customers cannot get out. Now, from a perspective of openness and what that brings as a competitive differentiators to our customer just the very base at which, as I've said I've lived in a proprietary world, you would be lucky if you were getting the next version of our software every 18 months, you'd be lucky. In the open source community you get a few versions in 18 months. So, the cadence at which releases come out have just completely disrupted the proprietary model. It is just the collective, as I said, innovative or innovation ability of the community has allowed us to release, to increase the release cadence to a few months now, all right? And, if our engineering team had it's way it'll further be cut short, right? So, the ability of customers, and what does that allow the customer to do? Ten years ago if you looked for a capability from your proprietary vendor they would say you have to wait 18 months. So, what do you do, you build it yourself, all right? So, that is what the spaghetti architecture was all about. In the new open source model you ask the community and if enough people in the community think that that's important the community builds it for you and gives it to you. >> And, the good news is the business model of open source is working. So, you got you guys have been public, you got Cloudera going public, you have MuleSoft out there, a lot of companies out there now that are public companies are open source companies, a phenomenal change over. But, the other thing that's interesting is that the hiring factor for the large enterprise to the point of, your point about so proprietary not updating, it's the same is true for the enterprise. So, just hiring candidates out of open source is now increased, the talent pool for a large enterprise. >> 100%, 100%. >> Well, I wonder if I could challenge this love fest for a minute. (laughs) So, there's another saying, I didn't grow up there, but a dying snake can still bite you. So, I bring that up because there is this hybrid model that's emerging because these elephants eventually they figure it out. And so, an example would be, we talked about Cloudera and so forth, but the better example, I think, is IBM. What IBM has done to embrace open source with investing years ago a billion dollars into Linux, what it's doing with Spark, essentially trying to elbow its way in and say, "Okay, "now we're going to co-opt the ecosystem. "And then, build our proprietary pieces on top of it." That, to me, that's a viable business model, is it not? >> Yes, I'm sure it is and to John's point with the Mule going IPO and with Cloudera having successfully built a $250 million, $261 million business is testimony, yeah, it's a testimony to the fact that companies can be built. Now, can they be more efficient, sure they can be more efficient. However, my entire comment on this is why are you doing open source? What is your intent of doing open source, to be seen as open, or to be truly open? Because, in our philosophy if you a add a slim layer of proprietariness, why are you doing that? And, as a businessman I'll tell you why you increase the stickiness factor by locking in your customer, right? So, let's not, again, we're having a frank conversation, proprietary code equals customer lock in, period. >> Agreed. And, as a business model-- >> I'm not sure I agree with that. >> As a business model. >> Please. (laughs) We'll come back to that. >> So, it's a customer lock in. Now, as a business model it is, if you were to go with the business models of the past, yes I believe most of the analysts will say it a stickier, better business model, but then we would like to prove them wrong. And, that's our mission as open source purely. >> I would caution though, Amazon's the mother of all lock in's. You kind of bristled at that before. >> They're not, I mean they use a lot of open source. I mean, did they open source it? Getting back to the lock in, the lock in is a function of stickiness, right? So, stickiness can be open source. Now, you could argue that Horonworks through they're relationship with partnering is a lock in spec with their stickiness of being open. Right, so I come back down to the proprietary-- >> Dave: My search engine I like Google. >> I mean Google's certainly got-- >> It's got to be locked in 'cause I like it? >> Well, there's a lot of do you care with proprietary technology that Google's built. >> Switching costs, as we talked about before. >> But, you're not paying for Si-tch >> If the value exceeds the price of the lock in then it's an opportunity. So, Palma Richie's talking about the hardened top, the hardened top. Do you care what's in an Intel processor? Well, Intel is a proprietary platform that provides processing power, but it enables a lot of other value. So, I think the stickiness factor of say IBM is interesting and they've done a lot open source stuff to defend them on Linux, for example they do a (mumbles) blockchain. But, they're priming the pump for their own business, that's clear for their lock In. >> Raj wasn't saying there's not value there. He's saying it's lock in, and it is. >> Well, some customers will pay for convenience. >> Your point is if the value exceeds the lock in risk than it's worth it. >> Yeah, that's my point, yeah. >> 1005, 100%. >> And, that's where the opportunity is. So, you can use open source to get to a value projectory. That's the barriers to entry, we seen 'em on the entrepreneurship side, right? It's easier to start a company now than ever before. Why? Because of open source and cloud, right? So, does that mean that every startup's going to be super successful and beat IBM? No, not really. >> Do you thinK there will be a red hat of big data and will you be it? >> We hope so. (laughs) If I had my that's definitely. That's really why I am here. >> Just an example, right? >> And, the one thing that excites us about this this year is as my former boss used to say you could be as good as you think you are or the best in the world but if you're in the landline business right now you're not going to have a very bright future. However, the business that we are in we pull from the market that we get, and you're seeing here, right? And, these are days that we have very often where customer pool is remarkable. I mean, this industry is growing at, depending on which analyst you're talking to somewhere between 50 to 80% ear on ear. All right, every customer is a prospect for us. There isn't a single conversation that we have with any organization almost of any size where they don't think that they can use their data better, or they can enhance and improve their data strategy. So, if that is in place and I am confident about our execution, very, very happy with the technology platform, the support that we get from out customers. So, all things seem to be lining up. >> Raj, thanks so much for coming on, we appreciate your time. We went a little bit over, I think, the allotted time, but wanted to get your insight as the new President and Chief Operating Officer for Hortonworks. Congratulations on the new role, and looking forward to seeing the results. Since you're a public company we'll be actually able to see the scoreboard. >> Raj: Yes. >> Congratulations, and thanks for coming on the CUBE. There's more coverage here live at Dataworks 2017. I John Furrier, stay with us more great interviews, day two coverage. We'll be right back. (jaunty music)

>> Narrator: Live from Las Vegas, it's the Cube. Covering Interconnect 2017. Brought to you by IBM. >> OK, welcome back everyone. We're here live in Las Vegas. I'm wearing the Blockchain Revolution hat right here. Of course, I'm John Furrier with the Cube, and my co host Dave Vellante, we're excited to have celebrity author, thought leader, futurist and fill in the blank on the title Don Tapscott, who's the author of the Blockchain Revolution. Legend in the industry, thought leader, you and your son a compelling new book, but you've been on the fringe of all the game changing technologies going back with social media, we've been following your work, it's been great. Now we're at the front range of Blockchain, OK? Now it's becoming pretty clear to some of the innovators like IBM and others that it's not about Bitcoin alone, it's about the Blockchain Revolution, the Blockchain itself. Welcome to the Cube and what's going on? What is Blockchain? (laughing) >> Well, it's great to hear, be here. The one thing you didn't mention is I play keyboards in a rock band. So. >> The most interesting man on the Cube right now. >> We used to do a concert every year whether our public demanded it or not, but no, we're a charity event. We've raised a few million dollars for good causes. Anyway. I think, along with my son Alex, we figured this out a couple of years ago that this is the second era of the internet. For the first few decades, we've had the internet of information. And if I send you some information, PDF, PowerPoint, E-mail, even with the website, I keep the original. I'm sending you a copy. That doesn't work so great for assets. Like money, stocks, bonds. Identities, votes. Music, art. Loyalty points. If I send you $100, it's really important I don't still have the money, and I can't send it to you. So this has been called the double spend problem by cryptographers for a long time. And Blockchain solves this problem. We've had the internet of information, now we're getting the internet of value. Where anything of value, from money to votes to music can be exchanged peer to peer. And where we can transact, keep records, and trust each other without powerful intermediaries. Now that doesn't mean intermediaries are going to go away, but they're going to have to embrace this technology or they will be toast. >> I mean, this is clear, you see the distributive computing paradigm, I mean, we're all network guys and by training, you can follow this revolution. But now when you start thinking about trust and value and you talk about digitizing the world. So, if you go to digital transformation, that's the thesis, that we're in this digital transformation, you're digitizing money, you're digitizing transactions. Explain more on the value piece because now if everything's going digital, there now needs to be a new model around how to handle the transactions at scale, and with security problems, hackers. >> Yeah, OK. Well that gets to a couple of really good points. First of all, what is digital? You know, you think, "Well, I tap my card at Starbucks "and bits go through all these networks and different "companies with different computer systems and three "days later a settlement occurs." But that's actually a bunch of messages. It's not money. Money, cash, is a bare instrument. If you have cash in your pocket, you are the bearer of that instrument, which means that you own it. And what we're talking about is something very different here, of creating digital cash. That's stored on a global ledger. So, rather than there being a three day settlement period, there's no settlement period because you're just making a change in the database. And this is a very revolutionary concept. And as for security, I mean, think about, I don't know, you're right, it's not about Bitcoin. But if we took the case of the Bitcoin Blockchain. If I wanted to hack that, I'd have to hack that 10 minute block that has all those transactions, which is linked to the previous block and the previous block, I'd have to hack the entire history of commerce on that Blockchain, not just on one computer, but simultaneously across millions of computers, all using the highest level of cryptography, while the most powerful computing resource in the world, the minors are watching me to make sure I don't mess around. Now, I won't say it's impossible, just like I suppose it's not impossible to take a Chicken McNugget and turn it back into a chicken, but it's really hard to do. A lot, and so these systems are way more secure than our current systems. >> Yes, it fundamentally impossible, and you don't have a third party verification system that's also an exposure area, it's globally distributed, right, so let's go back to what is Blockchain? What's the Blockchain 101? >> Well, Blockchain is a distributed ledger where anything of value, from money to votes, and music can be stored, transacted, managed, in a secure and confidential way, and where trust between parties is established, not by a big intermediary, but by cryptography, by collaboration, and some clever code. >> So, talk about the premise of the book. Sort of why you wrote it and what the fundamental premise is. >> Well, three years ago, three years and five weeks ago, at a father son ski trip, over a large piece of beef, and a very nice bottle of wine, Alex and I started thinking about what all this means. And we decided to work together. And he wrote a very cogent paper about how this new ecosystem could govern itself and my publisher got wind of it and said, "That sounds like a book." So we launched a dozen projects, couple of years ago, on how this technology changes, not just financial services, how it changes the corporation and the deep structure and architecture of the firm. How it changes every industry. How it changes government. Democracy, there's an opportunity to end the crisis of legitimacy of our democratic institutions. But what it means for culture and so on. And then we wrote the book. And it was published in May 10th last year, it's been a big best seller, it's the best selling book on Blockchain. It's actually the only real book on Blockchain. In some countries it was ridiculous. For a while, in Canada, it was competing with Harry Potter and an adult coloring book, as the best selling book in the country. >> That's the state of our culture right there. (laughing) >> What is an adult coloring book, anyway? (laughing) >> That's the million dollar question right there. >> There are a lot of geeky books on Blockchain, but this-- >> Well, actually, there aren't, there are books on crypto currency, on Bitcoin. >> Yeah, absolutely. >> And but the only real book on Blockchain is Blockchain Revolution. >> So, but you're really focusing on the business impact, organizational impact, even societal impact, so explain the premise. >> Well, where do we start? Let's start with the firm. Corporation, foundation of capitalism, based on double entry accounting. That's what enabled capitalism. Well, with Blockchain, you get a third entry onto the ledger, so you have triple entry accounting, so you don't need, say, audits. Every year, because there's an annual audit. That's just the beginning. Because the reason that we have firms, according to the Nobel Prize winning economist Ronald Coase, is that the transaction costs in an open market, like the cost of search, finding all the right people and information, the cost of contracting, for every little activity we're contract prohibitive. The cost of coordination, getting all these people to work together, didn't know each other. The cost of establishing trust, all of that in an open market is prohibitive, so we bring that inside the boundaries of a firm. Well, Blockchain will devastate those transaction costs. So we're talking about a fundamental change in how we orchestrate capability, in our economy, to innovate, to create goods and services. And for that matter, to create public value. So this is not some interesting little technology. This is the second era of the internet. I think it's going to be bigger than the first era was. >> So the internet, I mean, the value creation side. So let's take that additional asset side. So assume everything's digitized, got IOTs out there, industrial IOT, wearables, smart cars, smart cities, smart everything, but now you've got to create value as a firm, so let's roll that forward, we have the now somewhat frictionless transactional environment in an open market, how do firms create value out of those digital assets? >> Well, they'll create value in some ways that are radically different than today. So let me give you an example. Who are the big digital value disrupters today? Well, you can start with the so called sharing economy. You know, Uber, Airbnb, Lyft. >> The Cube. >> Sorry? >> The Cube. (laughing) We're disrupting the world right now. >> Well, you're actually not a sharing economy company in the sense that I think. >> In the traditional sense. >> Actually, I don't think they are, either. I mean, the reason that Uber's successful is precisely because it doesn't share. It's a service aggregator. So, why do you need a $70,000,000,000 corporation to do what Uber does? It could be done by a distributed ledger with some smart contracts and autonomous agents. Everything that the corporation does could be done by software. Airbnb. You know, how about, we'll call it B Airbnb, Blockchain Airbnb. So, you go onto your mobile device, and you're looking for a place, and you're going to be in Vegas, and all the hotels are booked because of IBM, and then you find a place, you book it, and then you show up, you turn your key that starts a smart contract payment to the owner of the apartment or the room, and you check out, you turn your key, it's closed. The software has a payment system built into it. So the renter of the room gets paid. You enter a five star on your device. And that's immutable, and it's a five star rating on a Blockchain. Everything that Airbnb as a company does could actually be done by this software. So, Bob Dylan, there's something going on here and you don't know what it is, I mean, people are all locked in an old paradigm about what's disruption. Get ready for this. >> So what's the impact, I mean, not the impact, what's the inhibitor, so, obviously, any new technology you see all the naysayers, so obviously this is a great vision, what's going to be the impediment? >> Well, they are all kinds of impediments and inhibitors, and there are all kinds of ways that this can get messed up. A big one is that we're overcoming now is that people think, well this is about Bitcoin, well, it's not. The real pony here is the underlying technology of Blockchain, and that's the biggest innovation in computer science in a generation, I think. But also, you know, I wrote this 1992 in Paradigm Shift, I said, when you get a new paradigm, it's a new mental model, and these things cause dislocation and disruption and uncertainty, and they're nearly always received with coolness. I mean, you guys know what it's like to be received with coolness as you introduce a new idea as do I, going back to the '70s. But, and vested interests fight against change. And leaders of old paradigms have great difficulties embracing the new. So you think about a company like Western Union that can charge 10% for remittances that take four to seven days. Well, with new tools, they don't take four to seven days, they take minutes, and they charge, based on Blockchain, they charge a point and a half. So, it's the old-- >> The inhibitors, they got to get their solutions out there so that they could go after and eat some of the lunch of the older guys. >> Well, they have to eat their own lunch, that's-- >> Western Union could be disrupted by a new entrant, right? So you got a new entrant coming in, they got to cannibalize themselves-- >> And at that point, it tips, there are enough disruptive entrants, right? >> So, it's all those inhibitors to change and for the IT people that are at this event, this is an exciting opportunity, but you do need to learn a new kind of knowledge base to function in this distributed ledger environment. You need to learn about hyper ledger, for starters, because that's the real enterprise platform. >> All right, so folks watching, like my son who helps us out sometimes as well, you have a father son relationship, which is super inspirational. He's, say he wants to get involved in Blockchain. He wants to jump right in, he's kind of a hacker type, what does he do? How does he get involved? Obviously read the book, Blockchain Revolution, get the big picture. Is there other things you'd advise? >> Well, buying the book in massive volume is always a good first step, no. Seriously. Well, one thing I always say to people is personal use is a precondition for any kind of comprehension. So just go get yourself a wallet for some crypto currency and download it and you'll learn all about public key encryption and so on. But I think in a company there are a number of things that managers need to do. Need to start doing pilots, sandboxes, developing and understanding use cases, and our new Blockchain research institute is going to be a big help in that. But also, for an IT person, is your son an IT guy or he's more an entrepreneur? >> No, he's 21 years old. >> He's 21. >> He doesn't know anything about IT. >> He's a computer science guy. >> He's born in the cloud. IT, can't spell IT. >> Well. (laughing) >> IT's for old guys like us. (laughing) >> We're telling him what he should do, he should be here telling us what we should do. >> John: That's why we hired him, he's a little guinea pig. >> Digital natives, you know, we're digital immigrants, we had to learn the language. But, for the IT people, it's all about not just experimenting, but about moving towards operational systems and about architecture. Because our architectures are based on traditional computing environments and this is something from Paradigm Shift, you remember, I interviewed Max Hopper who invented the Sabre Reservation System for American Airlines, and he says, "The big problem, Don, "is that if I don't have a target architecture, "every time I spend a dollar, I'm building up my legacy "and making it worse by investing in IT." And so that's where I came up with this formulation, yeah, God may have created the world in six days, but he didn't have an installed base to start with. (laughing) So, what we need to do is to start to think about architectures that embrace Blockchain. And this is an historic new opportunity for anybody who cares about IT. >> Is the disruptive enabler for Blockchain the fact that we're now fully connected as a society, or is it something else that we don't see? What's your view on, what's the real wealth creating disruptive enabler? >> Well, you can sense that the rate of change is a lot faster for the second generation than the first. 1993, '94, when I wrote the Digital Economy, it was dial-up. Ebay. >> 14 four. >> Amazon didn't exist. >> Actually 98 I think it was. >> When I wrote that book. Google was five years away. Facebook was 10 years away, so but now we've got wireless, we've got IP everywhere. We've got mobility. We've got the cloud, we've got all the preconditions for this new innovation to happen a lot faster. And that's why, I mean, a year ago, there wasn't a lot of talk at this event about Blockchain. Today it's the big buzz. >> I wonder if you could talk about other applications. You talk about hyper ledger, it's a great place for a starting point, especially for IBM, but one of the areas I'm excited about is security. You know, like the MIT Enigma Project, and there are others, you know, security is such a problem. Every year we look back, John and I, we say, do we feel more secure? And no, we feel less secure. What about the application of Blockchain in security use cases? >> Well, Blockchains are more secure in a number of ways. One is they're harder to hack than traditional servers. And people say, "No, our company, we're bulletproof." Right, tell that to JP Morgan and Home Depot-- >> Target fidelity-- >> The Democratic National Convention, but also tell it to the CIA. I mean, if the CIA can be hacked, then any of these traditional server technologies can be hacked. So that, alone, is a huge case to move towards hyper ledger and these other type platforms. But you said, "I feel less secure these days." And that's a really interesting statement. Because I think that, in many ways, the security of the person has been undermined by the internet of information, as well. That, first of all, we don't own the data that we create. That's a crazy situation. We all create this massive new asset. It's a new asset class. Probably more important than industrial plant, in the industrial age. Maybe more important than land in the agrarian age. We create it, but these data frackers, you know, like-- >> Facebook. >> --Facebook. Own it and that's a big problem. The virtual you is not owned by you. So we need to get our identity back and to manage it responsibly, and people who say to me, "Well, Don, privacy's dead, get over it." This is foolishness. Privacy is the foundation of freedom. And all these things are happening in our world today that undermine our basic security. Our identity's being taken away from us. Or the fact that things happen in this digital world that we don't know, what are the underlying algorithms? If I take this, and I drop it, that's called gravity. I know what's going to happen. But if I go onto Facebook and I do certain things, I have no idea what are the algorithms that's determining what's happening with that and how the data is used. So-- >> Hello fake news. That's how fake news came about. >> Well, yeah, totally. >> People don't know what to trust and it's like, wait a minute. >> Exactly, and well, this has led, also, to a total fragmentation of public discourse, where we've all ended up in these little self reinforcing echo chambers where the purpose of information is not to inform us, it's to, I don't know, give us comfort. >> Divide people. >> Yeah. So, I'm not saying that Blockchains can fix everything, in fact, they can't fix anything, it's humans that fix things. But the key point that Alex and I make in the book is that once again the technology genie has escaped from the bottle, and it was summoned by this person that we don't even know who they are. At a very uncertain time in history. But it's giving us another kick at the can. To sort of fix these problems. To make a world where trust is embedded in everything and where things are trustworthy, and where people are trustworthy, and maybe we can rewrite the whole economic power grid and the old order of things for the better. And that's really important. >> My final question for you, and this is kind of a thought provoking question. Every major revolution, you see, big one, you've seen a counter culture, '60s, computer revolution, PC revolution, are we on the edge now of a new counter culture developing? Because the things you're kind of teasing out is this new generation, is it the '60s version of tech hippies or is there going to be a, because you're getting at radical reconfiguration, radical value creation, this is good evolution, and fast. So you can almost see the young generation, like my son, you're talking about, teaching us how to do it, that's a counter culture. Do you see that happening? >> Well, first of all, I see this change in culture profoundly, so artists can get fairly compensated for the work they create. Imogen Heap puts her song on a Blockchain platform, and the song's inside a smart contract that specifies the IP rights. And you want to listen to it, maybe it's free, you want to put it in your movie, it costs more. The way she describes it is the song acts as a business, and it has a bank account. So, we can profoundly change many aspects of culture, bringing more justice to our culture. But I'm not sure there'll be a counter culture in the traditional sense because you've got people embracing Blockchain that want to fix a bunch of problems, but also people who want to make large organizations more competitive and more effective. The smart banks are embracing this because they know they can cut their transaction costs in half, probably. And they know that if they don't do it, somebody else will. >> And IBM's embracing it because they write software and they service all those firms with technology. >> Well, IBM, the case of IBM is really interesting, and I'll end on that one. That if you think about it, and I go back, I mean, there were only main frames when I started, and IBM was the leader of the bunch, right? And then all the bunch died, but IBM somehow reinvented itself and it got into mini computers and then we saw the rise of the PC and IBM invented the IBM PC, and then we got into the internet, and once again, all these companies died off but somehow IBM was able to find within itself the leadership to transform itself. And I'm, I won't say I'm shocked, but I have to tell you, I'm really delighted that IBM has figured this one out and is driving hard to be a leader of this next generation of the internet. >> And they're driving open source, too, to give IBM a plug, Don Tapscott, great to have you on the Cube. Good luck with your speech today. A legend in the industry, great thinker, futurist. Amazing work. Blockchain is the next revolution, it will impact, it's an opportunity for entrepreneurs, this is a disruptive enabler, you can literally take down incumbent businesses. Changing the nature of the firm, radical economical change. Thanks so much for sharing the insight. >> Nice hat, too. >> I got a nice hat. I got a free bowl of soup with this hat, as they say-- >> Don: It's all about the Blockchain, baby. >> It's all about the Blockchain. >> It's all about the Blockchain. >> More Blockchain Cube analysis as we disrupt you with more coverage, I'm John Furrier, Dave Velante, stay with us. (musical sting)