>>Welcoming into the cubes presentation of AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series covering exciting hot startups from the AWS ecosystem. Today's episode. One of season two theme is open source community and the open cloud innovations. I'm your host, John farrier of the cube. And today we're excited to be joined by Loris Dajani who is the C T O chief technology officer and founder of cystic found that in his backyard with some wine and beer. Great to see you. We're here to talk about Falco finding cloud threats in real time. Thank you for joining us, Laura. Thanks. Good to see you >>Love that your company was founded in your backyard. Classic startup story. You have been growing very, very fast. And the key point of the showcase is to talk about the startups that are making a difference and, and that are winning and doing well. You guys have done extremely well with your business. Congratulations, but thank you. The big theme is security and as organizations have moved their business critical applications to the cloud, the attackers have followed. This is Billy important in the industry. You guys are in the middle of this. What's your view on this? What's your take? What's your reaction? >>Yeah. As we, as a end ecosystem are moving to the cloud as more and more, we are developing cloud native applications. We relying on CACD. We are relying on orchestrations in containers. Security is becoming more and more important. And I would say more and more complex. I mean, we're reading every day in the news about attacks about data leaks and so on. There's rarely a day when there's nothing major happening and that we can see the press from this point of view. And definitely things are evolving. Things are changing in the cloud. In for example, Cisco just released a cloud native security and usage report a few days ago. And the mundane things that we found among our user base, for example, 60, 66% of containers are running as rude. So still many organizations adopting a relatively relaxed way to deploy their applications. Not because they like doing it, but because it tends to be, you know, easier and a little bit with a little bit less ration. >>We also found that that 27% of users unnecessary route access in the 73% of the cloud accounts, public has three buckets. This is all stuff that is all good, but can generate consequences when you make a mistake, like typically, you know, your data leaks, no, because of super sophisticated attacks, but because somebody in your organization forgets maybe some data on it on a public history bucket, or because some credentials that are not restrictive enough, maybe are leaked to another team member or, or, or a Gita, you know, repository or something like that. So is infrastructures and the software becomes a let's a more sophisticated and more automated. There's also at the same time, more risks and opportunities for misconfigurations that then tend to be, you know, very often the sewers of, of issues in the cloud. >>Yeah, those self-inflicted wounds definitely come up. We've seen people leaving S3 buckets open, you know, it's user error, but, you know, w w those are small little things that get taken care of pretty quickly. That's just hygiene. It's just discipline. You know, most of the sophisticated enterprises are moving way past that, but now they're adopting more cloud native, right. And as they get into the critical apps, securing them has been challenging. We've talked to many CEOs and CSOs, and they say that to us. Yeah. It's very challenging, but we're on it. I have to ask you, what should people worry about when secure in the cloud, because they know is challenging, then they'll have the opportunity on the other side, what are they worried about? What do you see people scared of or addressing, or what should I be worried about when securing the cloud? >>Yeah, definitely. Sometimes when I'm talking about the security, I like to compare, you know, the old data center in that the old monolithic applications to a castle, you know, in middle aged castle. So what, what did you do to protect your castle? You used to build very thick walls around it, and then a small entrance and be very careful about the entrance, you know, protect the entrance very well. So what we used to doing that, that data center was protect everything, you know, the, the whole perimeter in a very aggressive way with firewalls and making sure that there was only a very narrow entrance to our data center. And, you know, as much as possible, like active security there, like firewalls or this kind of stuff. Now we're in the cloud. Now, it's everything. Everything is much more diffused, right? Our users, our customers are coming from all over the planet, every country, every geography, every time, but also our internal team is coming from everywhere because they're all accessing a cloud environment. >>You know, they often from home for different offices, again, from every different geography, every different country. So in this configuration, the metaphor data that they like to use is an amusement park, right? You have a big area with many important things inside in the users and operators that are coming from different dangerous is that you cannot really block, you know, you need to let everything come in and in operate together in these kinds of environment, the traditional protection is not really effective. It's overwhelming. And it doesn't really serve the purpose that we need. We cannot build a giant water under our amusement park. We need people to come in. So what we're finding is that understanding, getting visibility and doing, if you Rheodyne is much more important. So it's more like we need to replace the big walls with a granular network of security cameras that allow us to see what's happening in the, in the different areas of our amusement park. And we need to be able to do that in a way that is real time and allows us to react in a smart way as things happen because in the modern world of cloud five minutes of delay in understanding that something is wrong, mean that you're ready being, you know, attacked and your data's already being >>Well. I also love the analogy of the amusement park. And of course, certain rides, you need to be a certain height to ride the rollercoaster that I guess, that's it credentials or security credentials, as we say, but in all seriousness, the perimeter is dead. We all know that also moats were relied upon as well in the old days, you know, you secure the firewall, nothing comes in, goes out, and then once you're in, you don't know what's going on. Now that's flipped. There's no walls, there's no moats everyone's in. And so you're saying this kind of security camera kind of model is key. So again, this topic here is securing real time. Yeah. How do you do that? Because it's happening so fast. It's moving. There's a lot of movement. It's not at rest there's data moving around fast. What's the secret sauce to making real identifying real-time threats in an enterprise. >>Yeah. And in, in our opinion, there are some key ingredients. One is a granularity, right? You cannot really understand the threats in your amusement park. If you're just watching these from, from a satellite picture. So you need to be there. You need to be granular. You need to be located in the, in the areas where stuff happens. This means, for example, in, in security for the clowning in runtime, security is important to whoever your sensors that are distributed, that are able to observe every single end point. Not only that, but you also need to look at the infrastructure, right? From this point of view, cloud providers like Amazon, for example, offer nice facilities. Like for example, there's CloudTrail in AWS that collects in a nice opinionated consistent way, the data that is coming from multiple cloud services. So it's important from one point of view, to go deep into, into the endpoint, into the processes, into what's executing, but also collect his information like the cultural information and being able to correlate it to there's no full security without covering all of the basics. >>So a security is a matter of both granularity and being able to go deep and understanding what every single item does, but also being able to go abroad and collect the right data, the right data sources and correlated. And then the real time is really critical. So decisions need to be taken as the data comes in. So the streaming nature of security engines is becoming more and more important. So the step one of course, security, especially cost security, posture management was very much let's ball. Once in a while, let's, let's involve the API and see what's happening. This is still important. Of course, you know, you need to have the basics covered, but more and more, the paradigm needs to change to, okay, the data is coming in second by second, instead of asking for the data manually, once in a while, second by second, there's the moment it arrives. You need to be able to detect, correlate, take decisions. And so, you know, machine learning is very important. Automation is very important. The rules that are coming from the community on a daily basis are, are very important. >>Let me ask you a question, cause I love this topic because it's a data problem at the same time. There's some network action going on. I love this idea of no perimeter. You're going to be monitoring anything, but there's been trade offs in the past, overhead involved, whether you're monitoring or putting probes in the network or the different, there's all kinds of different approaches. How does the new technology with cloud and machine learning change the dynamics of the kinds of approaches? Because it's kind of not old tech, but you the same similar concepts to network management, other things, what what's going on now that's different and what makes this possible today? >>Yeah, I think from the friction point of view, which is one very important topic here. So this needs to be deployed efficiently and easily in this transparency, transparent as possible, everywhere, everywhere to avoid blind spots and making sure that everything is scheduled in front. His point of view, it's very important to integrate with the orchestration is very important to make use of all of the facilities that Amazon provides in the it's very important to have a system that is deployed automatically and not manually. That is in particular, the only to avoid blind spots because it's manual deployment is employed. Somebody would forget, you know, to deploy where somewhere where it's important. And then from the performance point of view, very much, for example, with Falco, you know, our open source front-end security engine, we really took key design decisions at the beginning to make sure that the engine would be able to support in Paris, millions of events per second, with minimal overhead. >>You know, they're barely measure measurable overhead. When you want to design something like that, you know, that you need to accept some kind of trade-offs. You need to know that you need to maybe limit a little bit this expressiveness, you know, or what can be done, but ease of deployment and performance were more important goals here. And you know, it's not uncommon for us is Dave to have users of Farco or commercial customers that they have tens of thousands, hundreds of thousands of machines. You know, I said two machines and sometimes millions of containers. And in these environments, lightweight is key. You want death, but you want overhead to be really meaningful and >>Okay, so a amusement park, a lot of diverse applications. So integration, I get that orchestration brings back the Kubernetes angle a little bit and Falco and per overhead and performance cloud scale. So all these things are working in favor. If I get that right, is that, am I getting that right? You get the cloud scale, you get the integration and open. >>Yeah, exactly. Any like ingredients over SEP, you know, and that, and with these ingredients, it's possible to bake a, a recipe to, to have a plate better, can be more usable, more effective and more efficient. That may be the place that we're doing in the previous direction. >>Oh, so I've got to ask you about Falco because it's come up a lot. We talked about it on our cube conversations already on the internet. Check that out. And a great conversation there. You guys have close to 40 million plus million downloads of, of this. You have also 80 was far gate integration, so six, some significant traction. What does this mean? I mean, what is it telling us? Why is this successful? What are people doing with Falco? I see this as a leading indicator, and I know you guys were sponsoring the project, so congratulations and propelled your business, but there's something going on here. What does this as a leading indicator of? >>Yeah. And for, for the audience, Falco is the runtime security tool of the cloud native generation such. And so when we, the Falco, we were inspired by previous generation, for example, network intrusion detection, system tools, and a post protection tools and so on. But we created essentially a unique tool that would really be designed for the modern paradigm of containers, cloud CIC, and salt and Falco essentially is able to collect a bunch of brainer information from your applications that are running in the cloud and is a religion that is based on policies that are driven by the community, essentially that allow you to detect misconfigurations attacks and normals conditions in your cloud, in your cloud applications. Recently, we announced that the extension of Falco to support a cloud infrastructure and time security by parsing cloud logs, like cloud trail and so on. So now Falba can be used at the same time to protect the workloads that are running in virtual machines or containers. >>And also the cloud infrastructure to give the audience a couple of examples, focused, able to detect if somebody is running a shelf in a radius container, or if somebody is downloading a sensitive by, from an S3 bucket, all of these in real time with Falco, we decided to go really with CR study. This is Degas was one of the team members that started it, but we decided to go to the community right away, because this is one other ingredient. We are talking about the ingredients before, and there's not a successful modern security tool without being able to leverage the community and empower the community to contribute to it, to use it, to validate and so on. And that's also why we contributed Falco to the cloud native computing foundation. So that Falco is a CNCF tool and is blessed by many organizations. We are also partnering with many companies, including Amazon. Last year, we released that far gate support for Falco. And that was done is a project that was done in cooperation with Amazon, so that we could have strong runtime security for the containers that are running in. >>Well, I've got to say, first of all, congratulations. And I think that's a bold move to donate or not donate contribute to the open source community because you're enabling a lot of people to do great things. And some people might be scared. They think they might be foreclosing and beneficial in the future, but in the reality, that is the new business model open source. So I think that's worth calling out and congratulations. This is the new commercial open source paradigm. And it kind of leads into my last question, which is why is security well-positioned to benefit from open source besides the fact that the new model of getting people enabled and getting scale and getting standards like you're doing, makes everybody win. And again, that's a community model. That's not a proprietary approach. So again, source again, big part of this. Why was security benefit from opensource? >>I am a strong believer. I mean, we are in a better, we could say we are in a war, right? The good guys versus the bad guys. The internet is full of bad guys. And these bad guys are coordinated, are motivated, are sometimes we'll find it. And we'll equip. We win only if we fight this war as a community. So the old paradigm of vendors building their own Eva towers, you know, their own self-contained ecosystems and that the us as users as, as, as customers, every many different, you know, environments that don't communicate with each other, just doesn't take advantage of our capabilities. Our strength is as a community. So we are much stronger against the big guys and we have a much better chance doing when this war, if we adopt a paradigm that allows us to work together. Think only about for example, I don't know, companies any to train, you know, the workforce on the security best practices on the security tools. >>It's much better to standardize on something, build the stack that is accepted by everybody and tell it can focus on learning the stack and becoming a master of the steak rounded rather than every single organization naming the different tool. And, and then B it's very hard to attract talent and to have the right, you know, people that can help you with, with your issues in, in, in, in, in, with your goals. So the future of security is going to be open source. I'm a strong believer in that, and we'll see more and more examples like Falco of initiatives that really start with, with the community and for the community. >>Like we always say an open, open winds, always turn the lights on, put the code out there. And I think, I think the community model is winning. Congratulations, Loris Dajani CTO and founder of SIS dig congratulatory success. And thank you for coming on the cube for the ADB startup showcase open cloud innovations. Thanks for coming on. Okay. Is the cube stay with us all day long every day with the cube, check us out the cube.net. I'm John furrier. Thanks for watching.

>> Announcer: Live from Madrid, Spain. It's the Cube. Covering HP Discover Madrid 2017. Brought to you by Hewlett Packard Enterprise. >> Good afternoon from Madrid everybody. Good morning on the East Coast. Good really early morning on the West Coast. This is the Cube, the leader in live tech coverage. We're here day one at HPE Discover Madrid 2017. My name is Dave Velonte, I'm here with my cohost Peter Berse. Randy Meyers here is the Vice President and General Manager of the Mission Critical business unit at Hewlett Packard Enterprise. And he's joined by Alexander Zhuk, who is the SAP practice lead at Eldorado. Welcome to the Cube, thanks for coming on. >> Thanks for having us. >> Thank you. >> Randy we were just reminiscing about the number of times you've been on the Cube, consecutive years, it's like the Patriots winning the AFC East it just keeps happening. >> Or Cal Ripkin would probably be you. >> Me and Tom Brady. >> You're the Cal Ripken of the Cube. So give us the update, what's happening in the Mission Critical Business unit. What's going on here at Discover. >> Well, actually just lots of exciting things going on, in fact we just finished the main general session keynote. And that was the coming out party for our new Superdome Flex product. So, we've been in the Mission Critical space for quite some time now. Driving the HANA business, we've got 2500 customers around the world, small, large. And with out acquisition last year of SGI, we got this fabulous technology, that not only scales up to the biggest and most baddest thing that you can imagine to the point where we're talking about Stephen Hawking using that to explore the universe. But it scales down, four sockets, one terabyte, for lots of customers doing various things. So I look at that part of the Mission Critical business, and it's just so exciting to take technology, and watch it scale both directions, to the biggest problems that are out there, whether they are commercial and enterprise, and Alexander will talk about lots of things we're doing in that space. Or even high performance computing now, so we've kind of expanded into that arena. So, that's really the big news Super Dome Flex coming out, and really expanding that customer base. >> Yeah, Super Dome Flex, any memory in that baby? (laughing) >> 32 sockets, 48 terabyte if you want to go that big, and it will get bigger and bigger and bigger over time as we get more density that's there. And we really do have customers in the commercial space using that. I've got customers that are building massive ERP systems, massive data warehouses to address that kind of memory. >> Alright, let's hear from the customer. Alexander, first of all, tell us about your role, and tell us about Eldorado. >> I'm responsible for SAP basis and infrastructure. I'm working in Eldorado who is one of the largest consumer electronics network in Russia. We have more than 600 shops all over the country in more than 200 cities and towns, and have more than 16,000 employees. We have more than 50,000 stock keeping units, and proceeding over three and a half million orders with our international primarily. >> SAP practice lead, obviously this is a HANA story, so can you take us through your HANA journey, what led to the decision for HANA, maybe give us the before, during and after. Leading up to the decision to move to HANA, what was life like, and why HANA? >> We first moved our business warehouse system to HANA back in 2011. It's a time we got strong business requirements to have weak reporting. So, retail business, it's a business whose needs and very rapid decision making. So after we moved to HANA, we get the speed increasing of reports giving at 15 times. We got stock replenishment reports nine times faster. We got 50 minute sales reports every hour, instead of two hours. May I repeat this? >> No, it makes sense. So, the move to HANA was really precipitated by a need to get more data faster, so in memory allows you to do that. What about the infrastructure platform underneath, was it always HP at the time, that was 2011. What's HP's role, HPE's role in that, HANA? >> Initially we were on our business system in Germany, primarily on IBM solutions. But then according to the law requirements, we intended to go to Russia. And here we choose HP solutions as the main platform for our HANA database and traditional data bases. >> Okay Data residency forced you to move this whole solution back to Russia. If I may, Dave, one of the things that we're talking about and I want to test this with you, Alexander, is businesses not only have to be able to scale, but we talk about plastic infrastructure, where they have to be able to change their work loads. They have to be able to go up and down, but they also have to be able to add quickly. As you went through the migration process, how were you able to use the technology to introduce new capabilities into the systems to help your business to grow even faster? >> At that time, before migration, we had strong business requirements for our business growing and had some forecasts how HANA will grow. So we represented to our possible partners, our needs, for example, our main requirement was the possibility to scale up our CRM system up to nine terabytes memory. So, at that time, there was only HP who could provide that kind of solution. >> So, you migrated from a traditional RDBMS environment, your data warehouse previously was a traditional data base, is that right? And then you moved to HANA? >> Not all systems, but the most critical, the most speed critical system, it's our business warehouse and our CRM system. >> How hard was that? So, the EDW and the CRM, how difficult was that migration, did you have to freeze code, was it a painful migration? >> Yes, from the application point of view it was very painful, because we had to change everything, some our reports they had to be completely changed, reviewed, they had to adopt some abap code for the new data base. Also, we got some HANA level troubles, because it was very elaborate. >> Early days of HANA, I think it was announced in 2011. Maybe 2012... (laughing) >> That's one of the things for most customers that we talk to, it's a journey. You're moving from a tried and true environment that you've run for years, but you want the benefits in memory of speed, of massive data that you can use to change your business. But you have to plan that. It was a great point. You have to plan it's gonna scale up, some things might have to scale out, and at the same time you have to think about the application migration, the data migration, the data residency rules, different countries have different rules on what has to be there. And I think that's one of the things we try to take into account as HPE when we're designing systems. I want to let you partition them. I want to let you scale them up or down depending on the work load that's there. Because you don't just have one, you have BW and CRM, you have development environments, test environments, staging environments. The more we can help that look similar, and give you flexibility, the easier that is for customers. And then I think it's incumbent on us also to make sure we support our customers with knowledge, service, expertise, because it really is a journey, but you're right, 2011 it was the Wild West. >> So, give us the HPE HANA commercial. Everybody always tells us, we're great at HANA, we're best at HANA. What makes HPE best at HANA, different with HANA? >> What makes us best at HANA, one, we're all in on this, we have a partnership with SAP, we're designing for the large scale, as you said, that nobody else is building up into this space. Lots of people are building one terabyte things, okay. But when you really want to get real, when you want to get to 12 terabytes, when you want to get to 24 to 48. We're not only building systems capable of that, we're doing co-engineering and co-innovation work with SAP to make that work, to test that. I put systems on site in Waldorf, Germany, to allow them to go do that. We'll go diagnose software issues in the HANA code jointly, and say, here's where you're stressing that, and how we can go leverage that. You couple that with our services capability, and our move towards, you'll consume HANA in a lot of different ways. There will be some of it that you want on premise, in house, there will be some things that you say, that part of it might want to be in the Cloud. Yes, my answer to all of those things is yes. How do I make it easy to fit your business model, your business requirements, and the way you want to consume things economically? How do I alow you to say yes to that? 2500 customers, more than half of the installed base of all HANA systems worldwide reside on Hewlett Packard Enterprise. I think we're doing a pretty good job of enabling customers to say, that's a real choice that we can go forward with, not just today, but tomorrow. >> Alexander, are you doing things in the Cloud? I'm sure you are, what are you doing in the Cloud? Are you doing HANA in the Cloud? >> We have not traditional Cloud, as to use it to say, now we have a private Cloud. We have during some circumstance, we got all the hardware into our property. Now, it's operating by our partner. Between two company they are responsible for all those layers from hardware layer, service contracts, hardware maintenance, to the basic operation systems support, SEP support. >> So, if you had to do it all over again, what might you do differently? What advice would you give to other customers going down this journey? >> My advice is to at first, choose the right team and the right service provider. Because when you go to solution, some technical overview, architectural overview, you should get some confirmation from vendor. At first, it should be confirmed by HP. It should be confirmed by SEP. Also, there is a financial question, how to sponsor all this thing. And we got all these things from HP and our service partner. >> Right, give you the last word. >> So, one, it's an exciting time. We're watching this explosion of data happening. I believe we've only just scratched the surface. Today, we're looking at tens of thousands of skews for a customer, and looking at the velocity of that going through a retail chain. But every device that we have, is gonna have a sensor in it, it's gonna be connected all the time. It's gonna be generating data to the point where you say, I'm gonna keep it, and I'm gonna use it, because it's gonna let me take real time action. Some day they will be able to know that the mobile phone they care about is in their store, and pop up an offer to a customer that's exactly meaningful to do that. That confluence of sensor data, location data, all the things that we will generate over time. The ability to take action on that in real time, whether it's fix a part before it fails, create a marketing offer to the person that's already in the store, that allows them to buy more. That allows us to search the universe, in search for how did we all get here. That's what's happening with data. It is exploding. We are at the very front edge of what I think is gonna be transformative for businesses and organizations everywhere. It is cool. I think the advent of in memory, data analytics, real time, it's gonna change how we work, it's gonna change how we play. Frankly, it's gonna change human kind when we watch some of these researchers doing things on a massive level. It's pretty cool. >> Yeah, and the key is being able to do that wherever the data lives. >> Randy: Absolutely >> Gentlemen, thanks very much for coming on the Cube. >> Thank you for having us. >> Your welcome, great to see you guys again. Alright, keep it right there everybody, Peter and I will be back with our next guest, right after this short break. This is the Cube, we're live from HPE Discover Madrid 2017. We'll be right back. (upbeat music)

>> Narrator: Live, from Las Vegas its theCUBE. Covering NetApp Insight 2017. Brought to you by NetApp. >> Hello everyone, welcome back to our live coverage, exclusive coverage at NetApp Insight 2017, it's theCUBE's coverage. I'm John Furrier, co-host, theCUBE co-founder of SiliconANGLE Media, with my co-host, Keith Townsend at CTO Advisor. Our next two guests is Gabe Chapman, Senior Manager, NetApp HCI, and Sidney Sonnier, who's the IT consultant at 4th and Bailey, also a member of the A-Team, a highly regarded, top-credentialed expert. Welcome to theCUBE, guys. Good to see you. >> Hey >> Thanks for having us. >> Thank you, good to be here. >> So love the shirt, by the way, great logo, good font, good, comes up great on the camera. >> Thank you. >> We're talking about the rise of the cloud and everything in between, kind of the segment. As a NetApp, A-Team member, and customer. It's here, cloud's here. >> Sidney: Yes >> But it's not yet big in the minds of the Enterprise because they got, it's a path to get there. So, there's public cloud going on, >> Sidney: Right. >> Hybrid clouds, everyone gets that. >> Sidney: Right. >> There's a lot of work to do at home inside a data center. >> Yes, there is, there's an extreme amount of work. And, like you said, these are very exciting times, because we have a blend of all of the technologies and being at an event like this allows us to look at those technologies, look at that fabric, look at that platform, and how we can merge all of those things into an arena that can allow any customer to dynamically move on-prem, off-prem, public cloud, private cloud, but still be able to manage and securely keep all their data in one specific place. >> Gabe, I want to get your thoughts, as he brings up a good point. Architecture's king, it's the cloud architect. Devop has gone mainstream. Pretty much, we all kind of can look at that and say, okay QED, Don, and everyone else put their plans together, but the Enterprises and the folks doing cloud, cloud service providers and everyone else, they have issues, and their plates are full. They have an application development mandate. Get more developers, new kinds of developers, retrain, re-platforming, new onboarding, open source is booming. They have security departments that are unbundling from IT in a way and fully staffed, reporting to the board of directors, top security challenges, data coverage, and then over the top is IoT, industrial IoT. Man, their plate's full. >> Sidney: Right. >> So architecture's huge, and there's a lot of unknown things going on that need to be automated. So it's a real challenge for architects. What's your thoughts. >> So you know, my thoughts about that is, I like to make this joke that there's no book called, The Joy of Menial Tasks. And there are so many of those menial tasks that we do on a day-in and day-out basis, in terms of the Enterprise, whether it's storage, whether it's virtualization, whether it's, whatever it is, right? And I think we've seen this massive shift towards automation and orchestration, and fundamentally the technologies that we're provisioning in today. APIs are king, and they're going to be kind of the focal point, as we move forward. Everything has to have some form of API in it. We have to be making a shift in a transition towards infrastructure as code. At the end of the day the hardware has relevance. It still does, it always will. But the reality is to abstract away the need for that relevance and make it as simple as possible. That's where we have things like hyper converged infrastructure being so at the forefront for so many organizations, NetApp making a foray into this space, as well, is to push, to simplify as much as possible, the day-to-day minutiae, and the infrastructure provisioning. And then, transition those resources over towards getting those next-generation data center applications up, running, and functional. >> Old adage that's been in the industry around making things simple, as our cubbies like an aircraft carrier. But when you go below the water lines, everyone in little canoes paddling, bumping into each other. These silos, if you will. >> Gabe: Right. >> And this is really the dynamic around cloud architecture, is where the operating model's changing. So, you got to be prepared to handle things differently. And in storage, the old days, is, I won't say, easy, but you guys made it easy. A lot of great customers. NetApp has a long history of, but it's not the storage anymore. It's the data fabric as you guys are talking about. It's the developer enablement. It's getting these customers to drive for themselves. It's not about the engine anymore, although, you've got to have a good engine, call it tech, hardware, software together. But the ultimate outcome is the people driving the solutions are app guys. They're just the lines of businesses are under huge pressure and huge need. >> I think you can look at it this way. It's like we're kind of data-driven. You'll see Gene talk about that as part of our messaging. We can no longer be just a storage company. We need to be a data company and a data management organization as we start to have those conversations. Yes, you're going to go in there and talk to the storage administrations and storage teams, but there are 95% of the other people inside of the Enterprise, inside information technology, within different lines of business. They're the ones that we have the most relevant discussions with. That's where our message probably resonates more strongly in the data-driven aspect, or the management, or analytics, and all those other spaces. And I think that's the white space and growth area potential for NetApp, is the fact that we can go in there and have very authoritative discussions with customers around their data needs, and understanding governance. You have things like GPRD, and AMIA. That's a giant open ecosystem for, it has so many requirements and restrictions around it, and everybody's just now starting to wrap their head around it. So building a program around something like that, as well. So there's challenges for everybody. And there's even challenges for vendors like ourselves, because we had, we were mode one. Now we're mode two. So it's kind of like making that transition. And the old speeds, the speeds were always, hey, how fast can you go, what's the files look like, with replication, blah, blah, blah. Now you've got solid, solid state storage. You got SolidFire. Now people want outcomes as a service. Not outcomes anymore, like a cliché, things are happening very dynamically. And last week at Big Data NYC, our event, around the big data world, you couldn't get anymore clear that there's no more room for hype. They want real solutions now. Realtime is critical. And, now watching the keynotes here at NetApp, it's not speed that's featured, although there's a lot of work going on under the hood, it's really about competitive advantage. You're hearing words like data as a competitive advantage. >> Sidney: Yes. >> Sidney, you're in the field, you're in the front lines. Make sense of this. >> The sense that we have to make is, we made up some great points. >> Gabe: Yes. >> Getting the business engaged is one thing, because you still, with the cloud and the cloud architecture, you still have a lot of individuals who are not necessarily sold on it, all the way. So even from a technical perspective. So those guys that are down in the bottom of the boat, so to speak, you still have to kind of convince them because they feel somewhat uncomfortable about it. They have not all the way accepted it. The business is kind of accepted it in pockets. So being, having been on a customer's side and then going to more of a consulting side of things, you understand those pain points. So by getting those businesses engaged and then also engaging those guys to say, listen, it's freeing, the relevance of cloud architecture is not to eliminate a position, it's more to move the mundane tasks that you were more accustomed to using and move you closer to the business so that you can be more effective, and feel more of a participant, and have more value in that business. So that's-- >> So it's creating a value role for the-- >> Right, Right. >> The nondifferentiated tasks >> Absolutely. >> That were being mundane tasks, as you called them. >> Yes. >> You can then put that person now on, whether analytics or ... >> All those IoT things like you were mentioning on those advance projects, and use and leverage the dynamic capability of the cloud being able to go off-prem or on-prem. >> Alright, so what's the guiding principle for a cloud architecture? We'll have to get your thoughts on this because we talked about, in a segment earlier, with Josh, around a good devops person sees automation opportunities and they jump on it like a grenade. There it is, take care of that business and automate it. How do you know what to automate? How do you architect around the notion of we might be continually automating things to shift the people and the process to the value? >> I think what it boils down to is the good cloud architect looks and sees where there are redundancies, things that can be eliminated, things that can be minimized, and sees where complexity is, and focuses to simplify as much of it as possible, right? So my goal has always been to abstract away the complexity, understand that it's there and have the requirements and the teams that can functionally build those things, but then make it look to you as if it were your iPhone, right? I don't know how the app store works. I just download the apps and use it. A good cloud architect does the same thing for their customers. Internally and externally, as well. >> So where does NetApp fit in there, from a product perspective? As a cloud architect, you're always wondering what should I build versus what should I buy? When I look at the open source projects out there, I see a ton of them. Should I go out and dive head deep into one of these projects? Should I look towards a vendor like NetApp to bring to bear that simplified version? Where is the delineation for those? >> So the way we see it is traditionally, there's kind of four consumption models that exists. There's an as-a-service model, or just-in-time model. There are, we see converged, hyper converged as a consumption continuum that people leverage and utilize. There are best-of-breach solutions. Because if I want an object store, I want an object store, and I want it to do exactly what it does. That's an engineering solution. But then there's the as-a-service, I mean, I'm sorry, there's a software-defying component, as well. And those are the, kind of the four areas. If you look at the NetApp product lines, we have an ONTAP set of products, and we have an Element OS set of products, and we have solutions that fit into each one of those consumption continuums, based on what the customer's characteristics are like. You may have a customer that likes configurability. So they would look at a traditional FlexPod with a FAS and say that that's a great idea for me for, in terms of provisioning infrastructure. You may get other customers that are looking at, I want the next-generation data center. I want to provide block storage as a service. So they would look at something like SolidFire. Or, you have the generalist team that looks at simplicity as the key running factor, and time-to-value. And they look at hyper converged infrastructure. So there's a whole set. For me, when I have a conversation with a customer around build versus buy, I want to understand why they would like to build it versus buy it. Because I think that a lot of times, people think, oh, I just download the software and I put it on a box. I'm like, well, right, that's awesome. Now you're in the supply-chain management business. Is that your core competency? Because I don't think it is, right? And so there's a whole bunch of things. It's like firmware management and all these things. We abstract away all of that complexity. That's the reason we charge up for a product, Is the fact that we do all that heavy lifting for the customer. We provide them with an engineered solution. I saw a lot of that when we really focused significantly on the OpenStack space, where we would come up and compete against SEP. And I'm like, well how many engineers do you want to dedicate to keeping SEP up and running? I could give you a turnkey solution for a price premium, but you will never have to dedicate any engineers to it. So that's the trade-off. >> So on that point, I just want to followup. A followup to that is you vision OpenStack, which, big fans of, as you know, we love OpenStack. In the beginning, the challenge with the dupe in OpenStack early on, although that kind of solved, the industry's evolved, is that the early stage was the cost of ownership problem. Which means you had the early tire kickers. Early pioneers doing to work. And they iterated through it. So the question around modernization, which came up as a theme here, what are some modernization practices that I could take as a potential customer, or customer of NetApp, whether I'm an existing customer or a future customer, I want to modernize but I don't want to, I want to manage cost of ownership. And I want to have an architect that's going to allow me to manage my data for that competitive advantage. So I want the headroom of know that it's not just about putting a data link out there, I got to make data realtime, and I don't know when and where it's going to be available. So I need kind of like a fabric or a layer, but I got to have a modern infrastructure. What do I do, what's the playbook? >> So that's where that data fabric, again, comes in. It's like one of the keynotes we heard earlier in the General Session yesterday. We have customers now who are interested in buying infrastructure like we buy electricity. Or like we buy Internet service at home. So by us having this fabric, and it being associated with a brand like NetApp, we're, it's opening up to the point where, what do you really want to do? That's the question we come to you and ask. And if you're into the modernization, we can provide you all the modernization tools right within this fabric, and seamlessly transition from one provider to the next, or plug into another platform or the next, or even put it on-prem. Whatever you want to do. But this will allow the effective management of the entire platform in one location, where you don't have to worry about a big team. You can take your existing team, and that's where that internal support will come in and allow people to kind of concentrate and say, oh, this is some really interesting stuff. Coming from the engineering side of things, being on that customer side, and when you go into customers, you can connect with those guys and help them to leverage this knowledge that they already have because they're familiar with the products. They know the brand. So that makes it more palatable for them to accept. >> So from the cloud architect's perspective, as you look at it, you look at the data-driven fabric or data fabric, and you're like, wow, this is a great idea. Practically, where's the starting point? Is this a set of products? Is it an architecture? Where do I start to bite into this apple? >> So ultimately, I think, you look at it, and I approach it the same way, I would say, like, I can't just go and buy devops. >> Right. >> Right, but data fabric is still, it's a concept, but it's enabled by a suite of technology products. And we look at NetApp across our portfolio and see all the different products that we have. They all have a data fabric element to them, right? Whether it's a FAS, and Snapmirror and snapping to, and ONTAP cloud, it's running in AWS. Whether it's how we're going to integrate with Azure, now with our NFS service that we're providing in there, whether it's hyper converged infrastructure and the ability to move data off there. Our friend Dave McCrory talked about data having gravity, right, he coined that term. And it does, it does have gravity, and you need to be able to understand where it sits. We have analytics in place that help us craft that. We have a product called OCI that customers use. And what it does, it gives them actionable intelligence about where their data sits, where things may be inefficient. We have to start making that transition to, not just providing storage, but understanding what's in the storage, the value that it has, and using it more like currency. We heard George talk about data as currency, it really is kind of the currency, and information is power, right? >> Yeah, Gabe, I mean Gabe, this is right on the money. I mean cryptocurrency and blockchain is a tell sign of what's coming around the corner. A decentralized and distributed environment that's coming. That wave is way out there, but it's coming fast. So you, I want you to take a minute to talk about the cloud component. >> Sidney: Sure. >> Because you mentioned cloud. Talk about your relationship to the clouds, because multi cloud is coming, too. It's not yet there yet, but just because you have a cloud, something in every cloud means multi cloud in the sense of moving stuff around. And then talk about the customer perspective. Because if I'm a customer, I'm saying to myself, okay, I have NetApp, I got files everywhere, I've got ONTAP, they understand the management game, they know how to manage data on-prem, but now I got this cloud thing going on, and I got this shiny new toy start-up over there that's promised me the moon. But I got to make a decision. You're laughing, I know you're thinking about it. This is the dilemma. Do I stay with what I know? >> Right. >> And what I know, is that relevant for where I'm going? A lot of times start-ups will have that pitch. >> Oh, yeah. >> Right >> So address the cloud and then talk about the impact of the customer around the choice. >> Ultimately, it boils down to me in many respects. When I have a conversation with a customer, if I'm going to go for the bright and shiny, right, there has to be a very compelling business interest to do so. If I've built a set of tools and processes around data governance, management, implementation, movement, et cetera, around a bunch of on-premises technologies and I want that same effect or that same look and feel in the public cloud, then that's how we transition there. I want to make it look like I'm using it here locally but it's not on my site, it's somewhere else. It's being managed by somebody else, from a physical standpoint. I'm just consuming that information. But I also know I have to go back and retool everything I've spent in the last 15 and 20 years building because something new and neat comes along. If that new and neat thing comes along, it abstracts away, or it makes a significant cost reduction or something like that, then obviously, you're going to validate that or look at and vet that technology out. But reality is, is that we kind of have these-- >> Well, they don't want to recode, they don't want to retool, they'll rewrite code, but if you look at the clouds, AWS, Azure, and Google, top three in my mind, >> Sidney: Right. >> They all implement everything differently. They got S3 over there, they got it over here, so like, I got it resting on-prem but then I got to hire a devops team that's trained for Azure, Sidney, this is the reality. I mean, evolution might take care of this, but right now, customers have to know that. >> We're at a point right now where customers, businesses we go to, realtime is very important. Software as a service is the thing now. So if you have a customer who is just clicking on a button, and if they can't see that website or whatever your business is, that's a problem. You're going to lose money. You're going to lose customers, you're going to lose revenue. So what you have to do is, as a business, discover what you have internally. And once you discover that and really understand it as a business, not just the tech team, but the business actually understands that. Move that forward and then blend some cloud technology in that with a data fabric, because you're leveraging what you already have. Most of the time, they usually have some sort of NetApp appliance of some sort. And then some of the new appliances that we do have, you can either say, have a small spin, put it next to an old appliance, or use some of the OCI, or something of that nature, to help you migrate to a more dynamic, and the thing about it is, is to just make it more a fluid transition. That's what you're looking to do. Uptime is everything. >> Yeah. >> Totally. >> This fabric will allow you to have that uptime so that you can propel your business and sustain your business. Because you want to be able to still use what you have, and still get that ROI out of that technology, but at the same token, you want to be more dynamic than the competition, so that you can increase that business and still grow the business, but now lose any business. >> Sidney, you bring up a good point. In fact, we should do a followup segment on this, because, what I'm hearing you say, and I've heard this many times in theCUBE, but it's happening, and certainly, we're doing our part on theCUBE to help, but the tech guys, whether they're ops or devs, they're becoming more business savvy. They've got to get closer to the business. >> Sidney: You have to. >> But they don't want to get an MBA, per se, but they have to become street MBA. >> Sidney: Right. >> They got to get that business degree through scar tissue. >> Yes. You can't just be the tech anymore, you have to understand why your business is making this effort, why it's investing this technology, why they would look to go to the public cloud, if you can't deliver a service, and try to emulate that. We've seen that time and time again, the concept of shadow IT, and a shift away from resources. And if you want to be relevant longterm, and not just the guy that sits in the closet, and then plugs in the wires, start learning about your business. Learn about how the business is run and how it generates revenue and see what you can do to affect that. >> Yeah, and the jobs aren't going away. This nonsense about automation killing jobs. >> No, it's not. >> And they use the mainframe as an example, not really relevant, but kind of, but there are other jobs. I mean, look at cyber security, huge data aspect, impact story. >> Sure, it's huge. >> That paradigm is changing realtime. So good stuff, a lot of good business conferences we should do a followup on. I'll give you guys a final word in this segment. If you could each weigh in on what cloud architects should be doing right now. I mean, besides watching theCUBE, and watching you guys here. They got to have the 20-mile stare. They got to understand the systems that are in place. It's almost like an operating system model. They got to see the big picture. Architecting on paper seems easy, but right now it's hard. What's your advice for cloud architects? >> I mean, I say continue to follow the trends. Continue to expose yourself to new technologies. I mean, I'm really interested in things like serverless and those type technologies, and how we integrate our platforms into those types of solutions. Because, that's kind of the next wave of things that are coming along, as we become more of an API-driven ecosystem, right? So if it's infrastructure, if it's code, if it's everything is just in time instance of spin up, how do I have the communications between those technologies? You've just got to stay well ahead of the curve and, you know ... >> John: Sidney, your thoughts? >> My thoughts are along those lines. Not only from a technical perspective but also like you were talking about, that business perspective. Understand your business needs. Because even though, and be able to provide a portfolio, or a suite of tools that will help that business take that next step. And that's where that value. So it's kind of like a blend. You're more of a hybrid. Where you're coming in, not only as a technical person, but you're coming in to assist the business and develop it and help it take it's next step. >> John: And IT is not a department, anymore, it's everywhere. >> No it's not, not. >> It's integrated. >> It is the business. >> Yes. >> Guys, great conversation here on the future of the cloud architect, here inside theCUBE at NetApp Insight 2017 here at the Mandalay Bay in Las Vegas, theCUBE's coverage. We'll be right back with more after this short break. (techno music) (fast and furious music)