(soft music) >> There are many constants in the storage business, relentlessly declining cost per bit, innovations that perpetually battled the laws of physics, a seemingly endless flow of venture capital, despite the intense competition. And there's one other constant in the storage business, Eric Hertzog, and he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. >> Great, Dave, thanks very much, we love being on theCUBE and you guys do a great job of informing the industry about what's going on in storage and IT in general. >> Well, thank you for that. >> Great job. >> We're going to cover a lot of ground today. IBM Storage, made a number of announcements the past month around data resilience, a new as-a-service model, which a lot of folks are doing in the industry, you've made performance enhancements. Can you give us the top line summary of the hard news, Eric? >> Sure, the top line summary is of course cyber security is on top of mind for everybody in the recent Fortune 500 list that came out, you probably saw, there was a survey of CEOs of Fortune 500 companies, they named cybersecurity as their number one concern, not war, not pandemic, but cybersecurity. So we've got an announcement around data resilience and cyber resiliency built on our FlashSystem family with our new offering, Safeguarded Copy. And the second thing is the move to a new method of storage consumption. Storage-as-a-Service, a pay-as-you-go model, cloud-like the way people buy cloud storage, that's what you can do now from IBM Storage with our Storage-as-a-Service. Those are the key, two takeaways, Dave. >> Yeah and I want to stay on the trends that we're seeing in cyber for a moment, the work from home pivot in the hybrid work approach has really created a new exposures, people aren't as secure outside of the walled garden of the offices and we've seen a dramatic escalation in the adversaries capabilities and techniques, another least of which is island hopping, in other words, putting code fragments in the digital supply chain, they reform once they're inside the company and it's almost like this organic creepy thing that occurs. They're also living as you know, stealthily for many, many months, sometimes years, exfiltrating data, and then just waiting and then when companies respond, the incidents response trigger a ransomware incident. So they escalate the cyber crime and it's just a really, really bad situation for victims. What are you seeing in that regard and the trends? >> Well, one of the key things we see as everyone is very concerned about cybersecurity. The Biden administration has issued (indistinct) not only to the government sector, but to the private sector, cyber security is a big issue. Other governments across the world have done the same thing. So at IBM Storage, what we see is taking a comprehensive view. Many people think that cybersecurity is moat with the alligators, the castle wall and then of course the sheriff of Nottingham to catch the bad guys. And we know the sheriff of Nottingham doesn't do a good job of catching Robin Hood. So it takes a while as you just pointed out, sitting there for months or even longer. So one of the key things you need to do in an overall cybersecurity strategy is don't forget storage. Now our announcement around Safeguarded Copy is very much about rapid recovery after an attack for malware or ransomware. We have a much broader set of cyber security technology inside of IBM Storage. For example, with our FlashSystem family, we can encrypt data at rest with no performance penalty. So if someone steals that data, guess what? It's encrypted. We can do anomalous pattern detection with our backup product, Spectrum Protect Plus, why would you care? Well, if theCUBE's backup was taking two hours on particular datasets and all of a sudden it was taking four hours, Hmm maybe someone is encrypting those backup data sets. And so we notify. So what we believe at IBM is that an overarching cybersecurity strategy has to keep the bad guys out, threat detection, anomalous pattern behavior on the network, on the servers, on the storage and all of that, chasing the bad guy down once they breach the wall, 'cause that does happen, but if you don't have cyber and data resilience built into your storage technology, you are leaving a gap that the bad guys can explain, whether that be the malware ransomware guys oh by the way, Dave, there still is internal IT theft that there was a case about 10 years ago now where 10 IT guys stole $175 million. I kid you not, $175 million from a bunch of large banks across the country, and that was an internal IT theft. So between the internal IT issues that could approach you malware and ransomware, a comprehensive cybersecurity strategy, must include storage. >> So I want to ask you about come back to Safeguarded Copy and you mentioned some features and capabilities, encrypting data at rest, your anomalous pattern recognition inferring, you're taking a holistic approach, but of course you've got a storage centricity, what's different about your cyber solution? What's your unique value probability to your (indistinct) . >> Well, when you look at Safeguarded Copy, what it does is it creates immutable copies that are logically air-gapped, but logically air-gapped locally. So what that means is if you have a malware or ransomware attack and you need to do a recovery, whether it be a surgical recovery or a full-on recovery, because they attacked everything, then we can do recovery in a couple hours versus a couple of days or a couple of weeks. Now, in addition to the logical local air-gapping with Safeguarded Copy, you also could do remote logical air-gapping by snapping out to the cloud, which we also have on our FlashSystem products and you also of course, could take our FlashSystem products and back up to tape, giving you a physical air gap. In short, we give our customers three different ways to help with malware and ransomware. >> Let me ask you- >> Are air-gapped locally. >> Yeah, please continue, I'm sorry. >> So our air-gapping locally for rapid recovery, air-gapping remotely, which again, then puts it on the cloud provider network, so hopefully they can't breach that. And then clearly a physical air gap going out to tape all three and on the mainframe, we have Safeguarded Copy already, Dave and several of our mainframe customers actually do two of those things, they'll do Safeguarded Copy or rapid recovery locally, but they'll also take that Safeguarded Copy and either put it out to tape or put it out to a cloud provider with a remote logical air-gap using a snapshot. >> I want to ask you a question about management 'cause when you ask CSOs, what's your number one challenge, they'll say lack of talent, We've got all these tools and all this lack of skills to really do all this stuff. Can't hire people fast enough and they don't have the skills. So when you think about it, and so what you do is you bring a lot of automation into the orchestration and management. My question is this, when you set up air gaps, do you recommend, or what do you see in terms of not, of logically and physically not only physically separating the data, but also the management and orchestration and automation does that have to be logically air-gapped as well or can you use the same management system? What's best practice there? >> Ah, so what we do is we work with our copy management software, which will manage regular copies as well, but Safeguarded Copies are immutable. You can't write to them, you can't get rid of them and they're logically air-gapped from the local hosts. So the hosts, for the Safeguarded Copies that immutable copy, you just made, the hosts don't even know that it's there. So you manage that with our copy management software, which by the way, we'll manage regular snapshots and replicas as well, but what that allows you to do is allows you to automate, for example, you can automate recovery across multiple FlashSystem arrays, the copy services manager will allow you to set different parameters for different Safeguarded Copies. So a certain Safeguarded Copy, you could say, make me a copy every four hours. And then on another volume on a different data set, you could say, make me a copy every 12 hours. Once you set all that stuff update, it's completely automated, completely automated. >> So, I want to come back to something you mentioned about anomalous pattern recognition and how you help with threat detection. So a couple of a couple of quick multi-part question here. First of all, the backup corpus is an obvious target. So that's an area that you have to protect. And so can, and you're saying, you've used the example if your backups taking too long, but so how do you do that? What's the technology behind that? And then can you go beyond, should you go beyond just the backup corpus, with primary data or copies on-prem, et cetera? Two part questions. >> So when we look at it, the anomalous pattern detection is part of our backup software, say Spectrum Protect and what it does it uses AI-based technology, it recognizes a pattern. So it knows that the backup dataset for the queue takes two hours and it recognizes that, and it sees that as the normal state of events. So if all of a sudden that backup that theCUBE was doing used to take two hours and starts taking four, what it does is that's an anomalous pattern, it's not a normal pattern. It'll send a note to the backup admin, the storage admin, whoever you designate it to and say the backup data set for theCUBE that used to take two hours, it's taken four hours, you probably ought to check that. So when we view cyber resiliency from a storage perspective, it's broad. We just talked about anomalous pattern detection in Spectrum Protect. We were talking most of the conversation about our Safeguarded Copy, which is available on the mainframe for several years and is now available on FlashSystems, making immutable local air-gap copies, that can be rapidly recovered and are immutable and can help you recover for a malware or ransomware attack. Our data at rest encryption happens to be with no performance penalty. So when you look at it, you need to create an overarching strategy for cybersecurity and then when you look at your storage estate, you need to look at your secondary storage, backup, replicas, snaps, archive, and have a strategy there to protect that and then you need a strategy to protect your primary storage, which would be things like Safeguarded Copy and encryption. So then you put it all together and in fact, Dave, one of the things we offer is a free cyber resilience assessment. It's not only for IBM Storage, but it happens to be a cyber resilience assessment that conforms to the NIST Framework and it's heterogeneous. So if you're a big company, you've got IBM EMC and HP Storage, guess what? It's all about the data sets not about the storage. So we say, you said these 10 data sets are critical, why are you not encrypting them? These data sets are XYZ, why are you not air-gapping them? So we come up based on the NIST Framework, a set of recommendations that are not IBM specific, but they are storage specific. Here's how you make your storage more resilient, both your secondary storage and your primary storage. That's how we see the big thing and Safeguarded Copy of course fits in on the primary storage side, A on the mainframe, which we've had for several years now and B in the Linux world, the Unix world and the Windows Server world on our FlashSystem portfolio with the announcement we did on July 20th. >> Great, thank you for painting that picture. Eric, are you seeing any use case patterns emerge in this space? >> Well, we see a couple of things. First of all, is A most resellers and most end-users, don't see storage an overarching part of the cybersecurity strategy, and that's starting to change. Second thing we're seeing is more and more storage companies are trying to get into this bailiwick of offering cyber and data resilience. The value IBM brings of course is much longer experience to that and we even integrate with other products. So for example, IBM offers a product called QRadar from the security divisions not a storage product, a security product, and it helps you with early data breach recognition. So it looks at servers, network access, it looks at the storage and it actually integrates now with our Safeguarded Copy. So, part of the value that we bring is this overarching strategy of a comprehensive data and cyber resilience across our whole portfolio, including Safeguarded Copy our July 20th announcement. But also integration beyond storage now with our QRadar product from IBM security division. And there will be future announcements coming in both Q4 and Q1 of additional integration with other security technologies, so you can see how storage can be a vital COD in the corporate cybersecurity strategy. >> Got it, thank you. Let's pivot to the, as-a-service it's, cloud obviously is brought in that as-a-service. Now, it seems like everybody has one now. You guys have announced obviously HPE, Dell, Lenovo, Cisco, Pure, everybody's gotten out there as-a-service model, what do we need to know about your as-a-service solution and why is it different from the others? >> Sure. Well, one of the big differences is we actually go on actual storage, not effective. So when you look at effective storage, which most of them do that includes creating the (indistinct) data sets and other things, so you're basically paying for that. Second thing we do is we have a bigger margin. So for example, if theCUBE says we want SLA-3 and we sell it by the SLA, Dave, SLA-1, two and three. So let's say theCUBE needs SLA-3 and the minimum capacity is a 100 terabytes, but let's say you think you need 300 terabytes. No problem. You also have a variable. One of the key differences is unlike many of our competitors, the rate for the base and the rate for the variable are identical. Several of our competitors, when you're in the base, you pay a certain amount, when you go into the variable, they charge you a premium. The other key differentiator is around data reduction. Some of our competitors and all storage companies have data reduction technology. Block-level D do thin provisioning, compression, we all offer those features. The difference is with IBM's pay-as-you-grow, Storage-as-a-Service model, if you have certain data sets that are not very deducible, not very compressible, we absorbed that with our competitors, most of them, if the dataset is not easily deducible, compressible, and they don't see the value, they actually charge you a premium for that. So that is a huge difference. And then the last big difference is our a 100% availability guarantee. We have that on our FlashSystem product line, we're the only one offering 100% availability guarantee. We also against many of the competitors offer a better base nines, as you know, availability characteristics. We offer six nines of availability, which is five minutes and 26 seconds of downtime and a 100% availability of offering. Some of our competitors only offer four nines of availability and if you want five or six, they charge you extra. We give you six nines base in which has only five minutes and change of downtime in a year. So those are the key difference between us and the other as-a-service models out there. >> So, the basic concept I think, is if you commit to more and buy more, you pay less per. I mean, that's the basic philosophy of these things, right? So, if- >> Yes. >> I commit to you X, let's say, I want to just sort of start small and I commit to you to X and great. I'm in now in, maybe I sign up for a multi-year term, I commit this much, whatever, a 100 terabytes or whatever the minimum is. And then I can say, Hey, you know what? This is working for me. The CFO likes it and the IT guys can provision more seamlessly, we got our chargeback or showback model goes, I want to now make a bigger commitment and I can, and I want to sort of, can I break my three-year term and come back and then renegotiate, kind of like reserved instances, maybe bigger and pay less? How do you approach that? >> Well, what you do is we do a couple of things. First of all, you could always add additional capacity, and you just call up. We assign a technical account manager to every account. So in addition to what you get from the regular sales team and what you get from our value business partners, by the way, we did factor in the business partners, Dave, into this, so business partners will have a great pay-as-you-go Storage-as-a-Service solution, that includes partners and their ability to leverage. In fact, several of our partners that do have both MSP and MHP businesses are working right now to leverage our Storage-as-a-Service, and then add on their own value with their own MSP and MHP capability. >> And they can white label that? Is that right or? >> Well, you'd still have Storage-as-a-Service from IBM. They would resell that to theCUBE and then they'd add in their own MHP or MSP. >> Got it. >> That said partners interested in doing a white label, we would certainly entertain that capability. >> Got it. I interrupted you, carry on please. >> Yeah, you can go ahead and add more capacity, not a problem. You also can change the SLA. So theCUBE, one of the leading an industry analyst firms, you bought every analyst firm in the world, and you're using IBM Storage-as-a-Service, pay-as-you-go cloud-like model. So what you do is you call up the technical account manager and say, Eric, we bought all these other companies they're using on-prem storage, we'd like to move to Storage-as-a-Service for all the companies we acquire. We can do that, so that would up your capacity. And then you could say, now we've been at SLA-2, but because we're adding all these new applications of workloads from our acquired companies, we want some of it to be at SLA-1. So we can have some of your workloads on SLA-2, others on SLA-1, you could switch everything to SLA-1, and you just call your technical account manager and they'll make that happen for you or your business partner, obviously, if you bought through the channel. >> I get it, the hard question is what if all those other companies theCUBE acquired are also IBM Storage-as-a-Service customers? Can I, what's that discussion like? Hey, can I consolidate those and get a better deal? >> Yeah, there are all Storage-as-a-Service customers and Dave I love that thought, we would just figure out a way to consolidate the agreement. The agreements are one through five years. What I think also that's very unique is let's say for whatever reason, and we all love finance people. Let's say the IT guys have called the finance and say, we did a one-year contract, we now like to do a three-year contract. The one year is coming up and guess what? Finance's delayed for whatever reason, the PO doesn't go through. So the ITI calls up the technical account manager, we love your service, it's delayed in finance. We will let them stay on their Storage-as-a-Service, even though they don't have a contract. Now, of course they've told us they want to do one, but if they exceed the contract by a quarter or two, because they can't get the finance guys are messing with the IT guys, that's fine. What the key differentiators? Exactly the same price. Several of our competitors will also extend without a contract, but until you do a contract, they charge you a premium, we do not, whatever, if you're an SLA-3, you're SLA-3, we'll extend you and no big deal. And then you do your contract, when the finance guys get their act together and you're ready to go. So that is something we can do and we'll do on a continual basis. >> Last question. Let's go way out. So, we're not doing any time, near-term forecasts, I'm trying to understand how popular you think as-a-service is going to be. I mean, if you think about the end of the decade, let's think industry total, IBM specific, how popular do you think as-a-service models will be? Do you think it will be the majority of the transacted business or it's kind of more of a, just one of many? >> So I think there will be many, some people will still have bare metal on-premises. Some people will still do virtualization on-premises or in a hybrid cloud configuration. What I do think though is Storage-as-a-Service will be over 50% by the end. Remember, we're sitting at 2021. So we're talking now 2029. >> Right. >> So I think Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud model. I think the days of a 100% cloud, which is the way it started. I think a lot of people realize that a 100% cloud actually is more expensive than a hybrid cloud or fully on-prem. I was at a major university in New York, they are in the healthcare space and I know their CIO from one of my past lives. I was talking to him, they did a full on analysis of all the cloud providers going a 100% cloud. And their analysis showed that a 100% cloud, particularly for highly transactional workloads was 50% more expensive than buying it, paying the maintenance and paying their employees. So we did an all in view. So what I think it's going to be is Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud configuration with storage on-prem or in a colo, like what our IBM pay-as-you-go service will do and then it will be accessed and available through a hybrid cloud configuration with IBM Cloud, Google, Amazon as or whoever the cloud provider is. So I do think that you're looking at over 50% of the storage being as-a-service, but I do think the bulk of that as-a-service will be as-a-service through someone like IBM or our competitors and then part of it will be from the cloud providers. But I do think you're going to see a mix because right now the expense of going a 100% cloud cloud storage is dramatically understated and when someone does an analysis like that major university in New York did, they had a guy from finance, help them do the analysis and it was 50% more expensive than doing on-premise either on-prem or on-prem as-a-service, both were way cheaper. >> But you own the asset, right? >> Yes. >> As-a-service model. >> We, right, we own the asset. >> And I would bet, >> I would bet that over the lifetime value of the spend and it as-a-service model, just like the cloud, if you do this with IBM or any of your competitors, I would bet that overall you're going to spend more just like you've seen in the cloud, but you get the benefit is the flexibility that you get. >> Yeah, yeah. If you compare it to the, so obviously the number one model would be to buy. That's probably going to be the least expensive. >> Right. >> But it's also the least flexible. Then you also have leasing, more flexibility, but leasing usually is more expensive. Just like when you lease your car, if you add up all the lease payments and then you, at the end, pay that balloon payment to buy, it's cheaper to buy the car up front than it is to lease a car. Same thing with any IT asset, now storage network servers, all are available on leasing, the net is at the bottom line, that's more than buying it upfront. And then Storage-as-a-Service will also be more expensive than buying it, my friend, but ultimate capability, altering SLAs, adding new capacity, being able to handle an app very quickly. We can provision the storage, as you mentioned, the IT guys can easily provision. We provision, the storage in 10 minutes, if you bought from IBM Storage or any competitor you bought and you need more storage, A you got to put a PO through your system and if you're not theCUBE, but you're a giant global Fortune 500, sometimes it takes weeks to get the PO done. Then the PO has to go to the business partner, the business partner has got to give a PO to the distributor and a PO to IBM. So it can take you weeks to actually get the additional storage that you need. With Storage-as-a-Service from IBM with our pay-as-you-go, cloud-like model, all you have to do is provision and you're done. And by the way, we provide a 50% overage for free. So if they end up needing more storage, that 50% is actually sitting on-prem already and if they get to 75% utilization of the total amount of storage, we then call them up, the technical account manager would call them up and their business partner and say, Dave, do you know that you guys are at 75% full? We'd like to come add some additional storage to get you back down to a 50% margin. And by the way, most of our competitors only do a 25% margin. So again, another differentiator for IBM Storage-as-a-Service. >> What about, I said, last question, but I have another question. What about day one? Like how long does it take, if I want to start fresh with as-a-service? >> Get it. >> How long does it take to get up and running? >> Basically you put the PO through, whatever it takes on your side or through your business partner, we then we'll sign the technical account manager, will call you up because you need to tell us, do you want to, in a colo facility that you're working with or do you want to put it on on-prem? And then once we do that, we just schedule a time for your IT guys do the install. So, probably two weeks. >> Yeah. >> It all depends because you've got to call back and say, Eric, we'd like it at our colo partner, our colo partners, ABC, we got to call ABC and then get back to you or on-prem , we're going to have guys in the office, a good day when it's not going to be too busy. Could you come two weeks from Thursday? Which now would be three weeks for sake of argument. But that would be, we interface with the customer, with the technical account manager to do it on your schedule on your time, whether you do it in your own facility or use a colo provider. >> Yeah, but once you tell, once I tell you, once we get through all that stuff, it's two weeks from when that's all agreed. >> Yeah. >> It's like the Xerox copier salesman, (Dave chuckles) Where are you going to put it? Once you decide where you're going to put it, then it's a couple of weeks. It's not a month or two months or yeah. >> Yeah, it's not. And we need additional capacity, remember there's a 50% margin sitting there. So if you need to go into the variable and use it, and when we hit a 75%, we actually track it with our storage insights pro. So we'll call you up and say, Dave, you're at 76%. We'd like to add more storage to give you better margin of extra storage and you would say, great, when can we do it? So, yeah, we're proactive about that to make sure that you stay at that 50% margin. Again, our competitors, all do only have 25% margin. So we're giving you that better margin, a larger margin in case you really have a high capacity demand for that quarter and we proactively will call you up, if we think you need more based on monitoring your storage usage. >> Great. Eric got to go, thank you so much for taking us through that great detail, I really appreciate it. Always good to see you. >> Great, thanks Dave, really appreciate it. >> Alright, thank you for watching this CUBE conversation, this is Dave Vellante and we'll see you next time. (soft music)

(electronic music) >> Announcer: Live from Barcelona Spain, it's theCUBE covering Cisco Live 2020. Brought to you by Cisco and its ecosystem partners. >> Welcome back to Espania this is theCUBE the leader in live tech coverage, we're here in Barcelona, at Cisco Live 2020 inside the Devnet zone. This is day one Eric Herzog is back to talk about cybersecurity he's the CMO and vice president of global channels for IBM storage, good to see you again my friend. >> Dave, Stu, thank you very much for having us we love being on theCUBE and you are the leaders in IT information no one better especially for realtime. >> Thank you very much for that so we're going to talk cyber, very important topic it's a big tailwind for Cisco, IBM obviously a big player in security its on every CIO's mind. What's your angle though in storage specifically? >> Sure, what I think one of the key things is that when people think security they think keep the bad guy out and when the bad guy gets in chase him down and catch him. What they don't realize is sometimes it could be a day, a week or weeks till they know the bad guy is in. So how are you going to protect yourself when all your valuable data is exposed like that, and then when you do have an incident, particularly malware or ransomware, how do you come back to a state where you know you have good data and you basically don't have to pay the ransom or in the case of malware that data is good data. So we can help on both fronts with the things we've done with our cyber resiliency play inside our storage portfolio. So compliments and gives IT and the CSO as well as the CIO, an overall comprehensive security strategy so that when they're in my house how am I keeping them from somehow stealing it even though they're in the house, that's what we can help with. >> Okay I see where you're going here so and by the way I've seen stats that say it's upwards of two hundred or three hundred days before people even realize they've been infiltrated and then it becomes a matter of okay how do I respond, now you've got malware, not only malware but you've got ransomware, and so let's talk more specifically about how you attack that problem. Do you help me sort of find when somethings been penetrated? By looking at the backup corpus? analytics? what do you guys do? >> So we do a couple things, so first of all we do have in our Spectrum Protect Suite, which is our modern data protection, it does the backup et cetera is we can detect anomalous activity in backup data sets, snaps and replicas. We use AI and machine learning to understand if that's a new occurrence so lets take an example, the backup data set runs from 11 a.m. to 1 p.m. at midnight you have all kinds of weirdo backup activity, why? Because if you're malware or ransomware you want to get to the secondary data sets first before you attack the primary otherwise they'll just go back to the secondary, yeah they'll lose some time but they'll go to that. So we can detect that and alert the backup admin the storage admin whoever you tell us to do. Then overtime if that process changes and so you're always going to have certain activity at time that previously didn't. We learn that and stop sending alerts and stop sending notes. And obviously we don't say we think it's malware this or ransomware that, what we do is alert them to anomalous activity as an attack could be starting. So that's just one of the things we do, we have much more that we do in cyber resiliency, but in that case monitoring and detection, threat detection, we help do by looking at secondary data sets. >> Eric, wonder if you could bring us on sign to the organization of your customers, because is this something that just the storage team buys or are you being bought in you said by the CSO or you know some other organization and you know want it installed then how does this play out inside the organization? >> Sure, so it's a hybrid strategy so lets take for example, we have a thing called Safeguarded Copy, we've had it for eighteen months now in the mainframe, wildly successful, wildly successful, not just with the new Z but with the old Z14 and the reason is we would go in to the storage guys, and in the Z world money was tight, and we said what if we could help you protect against mal or ransomware or even internal threats we has dual access control capability from an internal management perspective they said "really?" And then the storage guys actually took that to the security team and said guess what we can help you and they said "oh my god." and they gave money actually to the storage guys, in other instances we approach the security side and in fact one of the things we've done is talked to a lot of our partners who have a security practice a storage practice and never thought about thinking of them in a holistic fashion, so from a partner perspective it gives a more holistic solution to the end user, they sell keep the bad guy out, track the bad guy down and by the way did you know that IBM's flash system will do data-at-rest encryption with no performance penalties so you can encrypt everything on that and there's no penalty, it's at line speed so if they're there for a week or two hundred days or whatever, that data is protected because it's encrypted. So that's more of a the partners work in a holistic security strategy. >> I mean IBM has a long heritage in security, RACF all you old mainframers, Resource Access Control Facility was the gold standard back in the day, and really you know set the road map for you know best practice. So obviously things have changed a lot, what is best practice today are you recommending customers set up air gaps? certainly tooling but more tooling is a challenge for people but how are you seeing customers combat the problem? >> So what we do is we look at if from a storage perspective so we have a couple things, A we have air gaping to tape and air gaping out to clouds, so our Spectrum Virtualize sits on-prem and off-prem we can do air gaping with our Spectrum scale product which are AI and big data again put it out, IBM can all put eventually a snap or a replica out to a cloud, gives you a logical air gap, tape will work with anything file, block and object, then you have a physical air gap, so that's one aspect, the other thing of course you had mentioned already is encrypting, you can encrypt file block and object data, in fact we can worm it, so make it immutable and then encrypt a worm, so and in fact with our object storage because of the way we do our hashing and the way we do our erasure encoding and the way we hide the key, is we basically make it almost non crackable. So file, block and object, what we do to prevent and then the air gaping and the last thing to do is incidents recovery, so they had an incident to go back to a known good copy, so the Safeguarded Copy we can basically mount instantaneously snaps or replicas, they would do a ring-fence network cause obviously they do it online with the real network they could crash it or compromise so you set up a ring-fence network and you keep bringing back the snaps or replicas and look it at right, have the app guys come in run an app and "oh no there's malware okay we can't use that snap" and it's very easy to do, we can automate the process they have to put the ring-fence around and they can go back to as many copies or replicas they have whether it be the file side block or object. So that would help in incident recovery after they know they've had an attack, they've cleaned it up, now you've got to make sure that your secondary data is good data before you restore it, otherwise you could put the malware, ransomware right back in to what you had. So the recovery side, protection side on-prem with encryption and then obviously with air gaping protection but if you will out of house either physical or out to cloud. >> Eric help us connect the dots between what your talking about and the audience here at Cisco Live, obviously networking people there's always a little bit of security inside there, so help us understand how these go together and the reception you get from them. >> Well again the reception is very good because what we do is, Cisco is looking at doing all the network security we're a partner of theirs again allows them or their channel partners to go in and say here's a holistic strategy, keep the bad guy out, okay here's what you do to track the bad guy down, by the way here's what you do on the network side with our Cisco gear, here's what you can do with the storage gear so, partner can go with a holistic strategy to the end user right and say here's what we will do for the network, here's what we'll do for the storage and of course it doesn't step on each other because you're looking at the network traffic, where looking of course at primary storage and secondary storage and actually hybrid multi cloud storage as ways for them to protect their data so it's completely in complimentary play, by the way the other things that IBM security division does both to keep the bad guy out and track the bad, are also none of these things step on each other, it allows you to have a truly holistic strategy cause right now network security is semi thought about, storage security is almost never though about. So it's like let me give you a whole strategy that's going to work bring the data back, help you understand it, keep the data from being stolen, immutable copies, if they're get there and they steal the data, encrypted data, so all kinds of strategies the networking guys just so it allows the end user or certainly the CIO to go to the CSO or to the chief legal officer and say I've got a holistic strategy yes I'm good, it's not an if question it's a when, so here's what I'm doing to reduce the incidents time, here's what I'm doing to keep the bad guy out which is not what we do in the storage division, here's what we do if they're in to keep the data safe so we know if it gets stolen it can't be used. And by the way once we clean up the malware and ransomware we need to get you up and going as soon as possible mister CEO or CFO now or the line of business guys, we can do that with without having the data being compromised or the data being bad data. >> It's interesting to hear tape as part of the equation, right it keeps coming back, but it is part of the best practice, so there's the air gap but tape kind of the last resort, you don't want to really recover from tape, but you know if you have tape in an offsite location, you know if it's a lot of data it's fast to move, because you're putting it on a truck, it may be an RPO issue, but are you seeing that certain industries, financial services in particular, maybe or certain companies are mandating that last resort? >> So what you're seeing with tape overall, is for IBM to renaissance, both inside the data centers, so from that perspective think enterprise accounts, the global fortune two thousand, and from that perspective it's partially about the air gaping, it's partially I've got gobs of data, what's the cheapest way to make sure I've got a backup copy, okay then we're also seeing a huge take up with hyperscalers and cloud providers. So we have several of the top ten cloud providers on the planet that when you buy their archive or cold store that actually goes onto IBM tape platters, so you have a cost angle which is independent of the cyber resiliency side, then you've got the cyber resiliency side, and for us when we're talking bigger accounts, so think enterprise up to that you know fortune two thousand they're probably going to do different things for different data sets, so certain things might be snapped out to the cloud, other data sets might go out to tape and their are regulated industries still, like healthcare, finance and obviously the government itself where sometimes tape is still like mandated and so even though it's legacy the bottom line is they need it and then once you get in there between the cost angle of what they can save and the fact that oh wait, I thought just back to well wait, what about malware and ransomware and by the way a smart company is going to use a hybrid combination, so they'll have some stuff going out to the cloud then they have on premises. Again our safeguard copy on the mainframe is actually can be on premise, so you've got five hundred immutable snaps that are encrypted and then you keep going back to your final one that didn't have the malware and ransomware, so it's probably a combination strategy even on the storage side which would include tape, what we could do for file block and object on flash we could even do it for if someones got older disk or you know want to use second or like IBM cloud object storage is mostly done on disk, well guess what now that older data is encrypted it's wormed, it's protected, by the way we can air gap IBM cloud objects storage out to the cloud too, so it may well be a very comprehensive strategy based on application workload use case value of the data set and obviously with things like tape and backup to the cloud you have a secondary use case, which is not just about the security but I need to back up the data in case there's a fire or me being the silicon valley guy need to go out to tape cause there might really be an earthquake and as great as IBM arrays are or any of our competitors arrays, cause we as you know with our software support all our competition, those arrays are going to be crushed when the building falls down in silicon valley, so you might need to have tape for cheap backup, so there's a lot of different angles that involve not just cyber resilient but the combination of cyber resiliency and really data reliability and data safety that are independent of the cyber attack worry and you can combine them cause of they way we put this together with our technologies. >> Yeah your talking about a comprehensive strategy, which is very important because this has become a board level topic and it's no longer I'm sure it still happens in many organizations "oh yeah check off item yeah we do that, we do backup to whatever cloud tape" check off, but in many organizations, if not most certainly publicly traded organizations, it's a board level conversation and they really do their homework, down to even the testing, although testing is a little tough right, it's time consuming and cumbersome, but definitely thinking through the board wants to know what happens if okay what about this what about that and they've experienced a lot of different permutations, so it's again not just a check off item anymore you can say oh yeah we comply it's really no we need something that actually works because we know we're going to get hacked. >> Well that's part of the reason Safeguarded Copy on the mainframe side has done so well, companies that are using mainframe it is the most mission critical workloads, the highest transaction workloads, so in the financial sector, in the government sector, in some of the big giant manufacturing or retailers, they're running mainframes and they have been for years and they're not stopping and so for them system uptime is an issue, security is an issue, so the Safeguarded Copy for us has really been really a grand slam home run product, to use a very US centric term, but maybe a sixer if you like cricket or it was a try if you like rugby, but for all those various sports it's been very successful because of what they use that mainframe for and how critical that data, so it's been very successful from that perspective. >> They're like oh, how about, you're obviously sharing a lot of knowledge specific to storage, I said before IBM's got a long heritage in security, how do you collaborate with the other you know security pros at IBM, how much of that sort of filters in to storage and back out? >> So what we do is we make sure that they're aware of what we do, they're looking at some new things, that I can't disclose, around security that would make places for people to go and practice if you will, and do some other things. We're going to be involved in that program which allows people to try things out if you will in a very secure way and someday IBM's going to do a cross storage will be part of its security and some of the other divisions but we haven't yet rolled it out, but it's something they're working on that we'll be part of. And then obviously there are many times in the big accounts where you know the security division are in there the storage guys are in there, but the account team knows that there's both issues and bring us together inside of a big account, so that happens as well more if you will from the sales side versus this official program that we're going to be launching shortly later this year. >> So wrap it up what's going on at Cisco Live? What are the conversations like with customers? What's IBM all about here? >> So for us our big thing has been about both our hybrid mutlicloud technology, which allows seamless move data back and forth, and we have a product called the Versastack, which incorporates our award winning Flashsystems, so we're positioned to either standalone or with the Versastack we have a Versastack in the booth. And then also obviously cyber resiliency, so I just presented yesterday on hybrid multicloud and then today I presented on cyber resiliency and how those things work together, and what we do as Cisco, so it's been a very good show and you know very successful for IBM here at Cisco Live. >> Good to hear, well you guys are great partners thanks for coming on theCUBE, love the shirt as always Eric Herzog IBM thanks so much. >> Thank you. >> All right your welcome, all right keep it right there everybody, we'll be back with our next guest for Cisco Live Barcelona, Dave Vellante with Stu Miniman for John Furrier, we'll be right back. (gentle electronic music)

>> Announcer: Live from San Diego, California it's theCUBE, covering Cisco Live US 2019. Brought to you by Cisco and its ecosystem partners. >> Welcome back to theCUBE, day two of our coverage of Cisco Live. We are live also from San Diego. I'm Lisa Martin, Stu Miniman is my co-host. And one of our alumni is back with us, Eric Herzog, the CMO of IBM Storage. >> Great, thank you for having us. >> Welcome back. So, lots of buzz, we're in the DevNet Zone. This has been, I hear, one of the busiest expos at Cisco Live this year. The community is, I'm hearing, approaching 600,000 strong. Yesterday we were talking a lot about the big waves of innovation, one of them being GPU's everywhere, AI, but also some of the challenges with respect to data, that companies are generally getting less than 1% of that data to really extract insights from it. So let's talk about what IBM is doing with respect to AI and big data, and really helping customers really turn that dial up on getting more value out of what they have. >> Well, so we're doing a lot in that space. First of all, when you're running AI in particular, if you're really going to do something like run a robotic factory, you'd better make sure the storage doesn't fail. But that's sort of, you know, the checkbox item, just the way a car always has a spare tire. So the real differentiator, from a storage perspective, is what do you do to help the data prep, what do you help to do to make sure that the data is always in the right kind of pipeline? For example, just like a human always learns, right, at least smart humans always learn, so you learned certain things when you were seven or eight, they might've changed by the time you were in college, by the time you have your first kid they might be different again, and by the time you're getting ready to retire, but it could be still the same topic and the data's recycling, and then you learn new things about that topic. So in the case of a data workload, what you need to do is make sure you have data prep along the entire pipeline. And that's what we've done with a whole bunch of software that we offer for the big data and AI workloads and applications. >> So, Eric, we've talked with you many times about what's happening in the multi-cloud world. It feels like IBM and Cisco are on similar, parallel paths as to the move from, traditionally we think about boxes, and from a Cisco standpoint it's ports, and, you know, more and more it's about the software. So can you talk a little bit about that software-defined world in where IBM and Cisco are going together along that journey. >> So, one of the things that we've done from a storage division perspective, we do what we call the VersaStack. It's a converge infrastructure that includes Cisco UCS, our all-flash arrays, but it's packed with a bunch of software. So we can use that to transparently move block data out to a cloud, any cloud, IBM cloud, Amazon, Azure. We could move it out to a block store or to an object store. Now obviously to move it out to an object store, that can help you, can prevent ransomware and malware. And it's all automated. We've done the same thing with Scale-Out File, where we just see cloud as just a tier, and we've done the same thing with object storage. So the big thing we see from a hybrid, multi-cloud perspective at the IBM storage division, is everything needs to be able to have the data easily portable, easily migrateable, and easily replicable back, and constantly moving back and forth, not just going out to the cloud and staying there. So we've done that from our software-defined portfolio. But we also did it with our modern data protection portfolio, Spectrum Protect, which is one of the most award-winning products in the backup space. We've got over 400 small-medium cloud providers where their backup-as-a-service offering is based on Spectrum Protect. So if they go to Wikibon and Wikibon says, we want to back up to the cloud and you're using Tectrade or Cloud Temple or i-Virtualize, all those cloud providers, the backup-as-a-service they sell you is based on IBM Spectrum Protect. So for us cloud is just another tier. Just like hard drives and flash and tape, cloud's just the new tier. >> So in this pivot towards software-defined everything, with, say, VersaStack for example, give us one of your favorite customer success stories that really highlights the value of what IBM and your partnerships deliver. >> Sure, sure. So one of them would be Tectrade. So Tectrade is one of our public references. They only do PCI data. So, Wikibon couldn't be a customer, IBM can't be a customer, theCube can't be a customer, Cisco can't be, because we don't specialize, as you know, in financial-centric data. So they back up about, they do about two million backups a day, all of financial data across Europe and into North America, and they've got a VersaStack that happens to run Spectrum Protect on it. It's all flash, so they're not worried about performance. And then they back up to giant hard drive farms that they've also bought from IBM. But the real thing on the VersaStack is having that very fast edge, and then having the software that allows them to A, control the storage side, but then run Spectrum Protect to do backup. So if you were a bank, if theCUBE was a bank, then you guys could use Tectrade and they use a VersaStack for backing up data as a service. That's a perfect example of what we've done with the VersaStack solution, in this case in a hybrid cloud scenario. >> What are some of the business impacts that they have achieved so far? Are they finding new revenue streams, are they unlocking more valuable data to be more competitive? >> So, what they do is obviously in the PCI world. They're very centered, you can't lose anything. Because it's financial data. So for them, it's all about the security of the data, making sure the data gets there, the data's encrypted in flight, they know that the customers can do a lot of different things, because Spectrum tech is very much a big enterprise package that's very strong in the global Fortune 2000. So they like it for that. Now, we've had some other customers, and their the value has been things like the return on investment. For example, the second-largest dating site on the planet uses VersaStack. And they got a four month return on investment. They bought it, and in four months it paid for themselves, so they bought like four or five more. We had another customer who saved, and this is also a cloud service provider by the way, so they saved the equivalent of five full-time employees that were writing custom code and managing stuff, and they used Spectrum Protect also for backup. But in this case you and I could use them because they're not specialists like Tectrade is, and they'll back up anybody's data. And they saved five full-time equivalents. So they've now redeployed those full-time employees to do something else. So those are just examples from three different companies of ways that they've saved money and really driven a business value, not just about the data, and yeah, the data's fast, but really, if you're a storage guy, been doing it as long as I have, the data's always fast and it just gets faster every generation, so okay, it's fast. And in this case it's really about business value, about the value of the data, not about the storage. >> Eric, you mentioned security. Of course security is one of those topics that's hitting all of the environments here at Cisco, but bring us inside, especially from a storage division, modern data protection and how that's getting involved in the security discussion. >> Sure, so what we've done across the portfolio, even in primary storage, is made sure that we've done all sorts of things that help you against a ransomware or malware attack, keep the data encrypted. I think the key point actually, I think Silicon Angle wrote about this, something like 98% of all enterprises are going to get broken into anyway. So it's great that you've got security software on the edge, whether that be IBM or RSA or BlueCoat or Checkpoint, or who cares who you buy the software from. But when they're in, they're stealing. And sometimes, some accounts have told us that they can track them down in a day, but if you're a giant global Fortune 500 with data centers up, it might take you a week. They could be stealing stuff right and left. So we've done everything from, we have write-once technology, so it's immutable data, you can't change it. We've got encryption, so if they steal it, guess what, they can't use it. But the other thing we've done is real protection against ransomware and malware. So I am going to attack Wikibon, theCUBE, and I am going to charge you $10 million, and I'm going to steal every video you've ever created and hold it for ransom. So the way I would do that is I look at your snapshots, your replicas, and your backups first. So what do we do? We can actually snapshot a replica out to an object store, and ransomware and malware, at least today, doesn't attack object storage. So that way, when I'm talking to you or Stu and said I want $10 million, you start laughing, and go, what are you talking about? We replicate every night. Okay, we lose one day of data. He can't get half the $10 million. So that's ransomware or malware protection. We've also built that into Spectrum Protect, because what happens is when you're starting to, if you will, look at that data to get it wrapped up in the ransomware or malware, you have a whole bunch of extra activity around the backup data sets, so we send an alert. We'd send an alert to you, Lisa, and you would say, oh my god, what's going on? Why is all this activity going on the backup set? Because the backup's not scheduled, let's say, for tonight. And we would send you a note now, at two o'clock, that there's all kinds of activity, and you would go, what is going on, and you would check it out. So we can help with ransomware and malware, encryption on primary data. So we've really integrated across the portfolio, whether it be primary storage or secondary storage. And by the way, almost nobody thinks about storage. They always say, whose security package should I buy? And they never say okay, I'm going to buy it, but I, might buy some security for the storage, too. No one ever talks like that, which is why we're bringing up, and we actually launched a sales play for the field, all around storage for cyber resiliency. >> And how is that going, if you're saying it's-- >> It's actually gone incredibly well. We started with a product called Safeguarded Copy on the mainframe, and we actually got, in the first four months, almost $60 million a pipeline in the first four months of the product shipping. And now we've got it all over the whole portfolio, so we tried it just when we first got started, and now we're now talking about the ransomware and malware stuff, which by the way we've had for three years, but we were never emphasizing it to the end user. Now we're saying, by the way, has it happened or are you worried about it? Well guess what, if you're backing up with Spectrum Protect, we'll warn you. Why don't you go out to tape and air gap? Or why you don't go out to the cloud and we can do essentially a cloud air gap to object storage? And we weren't really talking like that until really we started doing it in Q4 and then really expanded it in Q1, so it's been very, very successful. The end users love it, our business partners who sell to the end users, they're loving it. And by the way, no one else is really talking about it. It's all about the security software company. So we're going beyond that. >> So, Eric, you talked about some of the products with Cisco and IBM working together. I wonder if you can up-level a little bit. You're a great watcher of the industry out there. Chuck Robbins, now four years into his tenure as CEO, Wall Street's doing well with the stock on there, finances look well. IBM and Cisco, two of the bellwethers in tech out there. How's Cisco doing? When you talk to your customers, what are they liking about Cisco, what do they want to see more from Cisco, are they aware of the transformation that Cisco's going through? >> Well, I think there's a couple things. First of all, IBM and Cisco have a mutual relationship that spans billions of dollars. Whether that be, for example, as they publicly have disclosed, IBM is the biggest customer for WebEx on the planet, and they talked about that. There's products that we sell to them that they're one of our biggest customers in the world as well. But then beyond that, whether it's common end users or common channel partners, we make sure that we deliver the right solutions together. So I think the feedback I get from both the end users and the partners is that Cisco's back. Right when Chuck came in, said, oh, what's going on with Cisco? They're still big, but the big sometimes fall over big, right? Like in the beanstalk, the giant falls over, right? So that's what I think people were thinking four years, I don't think people are thinking that now. From our perspective, we've always kept working tightly with them, between our relationship with them as a customer and us as their customer. But more importantly, it's really the common customers we have and the common channel partners, and we've never wavered for that support from a Cisco perspective. But just sort of off the cuff, when people make a comment that's like, hey, those Cisco guys are back. And four years ago people were saying, ehh, what do you think about Cisco? My wife works at Cisco, and my ex-wife works at Cisco, so it's a little easier for them to ask me that. Because I'm a Cisco shareholder too. But now you don't hear that question. It's like Cisco's got their act together, they're doing all the right stuff. So that's very good for me personally with my stock, but it's also good just for the industry. You know, you don't want someone to not be able to make the transition. And the valley's littered with that. DEC, Compaq, they're all gone. They're not the only guys that are gone. So Cisco's not going to go the way that other big companies have. They've made the transition and are transforming to what the end users really need. >> And I think the DevNet community growth is a great, speaks to the pivot that Cisco's making. DevNet has been in large part an accelerator of Cisco's transition from network appliance provider to more of a software services provider. But that community symbiosis with their end user customers, with their partners, and with their developer community, is really a driving force here. And I think just being in this DevNet Zone and how big it is, is a great example of how they're leveraging those other feedback channels to not just persist but be successful. So here we are, their Q3 2019 results are really strong, growth across all three business segments, we're in the middle of their fourth quarter. So for Cisco's FY 2020, what are some of the big bets that you can share with us that IBM and Cisco-- >> Well, the one we've done together has been one on security, so we have joint security products that we've done. We have a joint product on the system side with the VersaStack. We've done joint products with them also in the cloud solution area, both, if you think about hybrid cloud, but also in private cloud, so IBM Cloud Private for example is available on their HCI box, right, so their hyperconverged infrastructure solution includes an option for IBM Cloud Private. So IBM has made many bets with them in the security space, in the cloud space. Also, by the way, one of the biggest providers of service on Cisco solutions is actually IBM. So our services divisions do tons of business with Cisco, whether that's servicing the physical gear or servicing the software. And we've been doing that for years. So whether it be service, whether it be cloud, whether it be infrastructure, IBM is doing joint solutions across the board with the Cisco community. >> Got to ask you one last question, Eric. You've been in this industry a long time, you're a veteran extraordinaire. What keeps you excited about storage? >> Storage always change. Storage is not boring. Storage is boring for the uneducated. It is the most exciting thing, it changes all the time. I remember one of the good things about IBM was not just an array, come here, we only just do backup software, we've got high-end storage arrays, we still do tape. We're by far the dominant player, and we're having a huge resurgence there with hyperscalers and cloud providers. We're going crazy with tape because, for them, they're all about saving money for backup and archive, and we're critical to that. We are the number two storage software company in the world, all of our software works off of our gear. Some of the other guys that sell lots of software, yeah, they sell lots, but it only works on their products. Our software works with all of our competitor's products. So that makes everything exciting. I've done this now for 35 years. I've seen hard drives that were the size of a dishwasher to now flash that fits into your phone, or my MacBook, I've got five terabytes of flash. So, you know, to me that's all exciting. And the software is where it really matters. You know, we've gone from bare metal to virtualization, now to containers and cloud. So there's always new stuff going on. But I really think part of the problem with storage is everybody takes it for granted and doesn't realize, if your storage doesn't work, isn't performing, isn't reliable, and isn't available, basically your entire infrastructure caves in. I don't care whether you're in the cloud, whether you're in a virtual world, or you're still doing it really old hat with bare metal, the storage doesn't work, you're shutting down your company until that storage is back up and running again. So it is the critical foundation for every application workload and use case, in any company, big, medium, or small. And it's always evolving. So to me it's very exciting, although some people think storage is boring. I'd say networking is boring. That, to me, is boring. (Lisa laughs) Storage is exciting. >> Stu: Don't say that too loud, here. (Eric laughs) >> That's true, storage is sexy. Well Eric, it's been a pleasure to have you back on theCUBE once again, and we very much appreciate your time. >> Great, well thank you for having us. >> Our pleasure. For Stu Miniman, I'm Lisa Martin. You're watching theCUBE live, from Cisco Live in San Diego.