(light upbeat music) >> Hey, everyone, welcome back to theCUBE's day two live coverage of VMware Explore 2022 from Moscone Center in San Francisco. Lisa Martin here as your host with Dave Nicholson. We've got a couple of guests here and we have some props on set. Get a load of this Nature Fresh Farms produce. Keith Bradley joins us, the VP of IT from Nature Fresh Farms, and Alison Biers is back, as well, director of marketing at Edge Solutions for Dell. Guys, welcome back to the program and thanks for bringin' some food. >> Well, thank you, yeah. >> Thank you so much. >> So, Keith, talk to us a little bit about technology from Nature Fresh Farm's perspective. How do we look at this farming organization as a tech company? >> As technical, we're something that measures everything we grow. So, we're 200 acres of greenhouse, spanning probably about 3 or 400 acres of land. Everything's entirely environmentally controlled. So, the peppers that we have in front of you, the tomatoes, they're all grown and controlled from everything they get from light to moisture to irrigation and nutrients. So, we do all that. >> So, should I be able to taste the Dell goodness in these cucumbers, for example? >> I'd like to say Nature Fresh slash Dell good. >> Connect the dots for us. So, let's go through that sort of mental exercise of how are these end products for consumers better because of what you're doing in IT? >> So, one of the things that we've been able to do, and one of the transformations we made is we are now able to run our ETLs. So, analyze the data realtime at the Edge. So, making decisions which used to be only once a day based on analytics to now multiple times a day. Our ETLs used to take 8 to 10 hours to run. Now they run- >> So, extraction, transformation and load. >> Yep, yep. >> Okay. So, we consider it a party foul if you use a TLA and you don't find it the first time. >> Okay. >> But you get a pass 'cause you're an actual and real person. >> I'll give you that one. >> I already had a claim laid on that. I'm sorry, so continue. >> Yeah, yeah. So, it allowed now the growers to make multiple decisions and then you start adding the next layer. As we expanded our technology base, we started introducing AI into it. So now, AI is even starting to make decisions before the grower even knows to make them based on historical data. So, it's allowed us to become more proactive in protecting the health and longevity and even taste of that plant and the product coming out to you. >> That's awesome. Alison, talk to us about from Dell's perspective how is it helping Nature Fresh to simplify the Edge which there's a lot of complexity there? You talked about the size of the organization but how do you help simplify it? >> I think Nature Fresh had a lot of common problems that we see customers have. So, they had some really interesting ambitions to improve their produce and do it in a GMO free way and really bring a quality product to their customer. But yet, they were each solving their problems on their individual farms in different ways. And so, one of the ways that we were able to help was to consolidate a lot of those silos as they were expanding the scope and scale of what they really wanted to do from a technology perspective. And then being able to do that in a secure way that's delivering the insights they need when they need them right there at the Edge is really critical. >> I think it's wonderful that we have the actual stuff here. Because we often talk in these abstract terms about outcomes. There's your outcome right there. >> Yeah. >> Right. >> But talk about this growing in the soil somewhere. You have growers. It's not an abstraction. These are actual actual people. Where does the technology organism interface occur here? You have organically grown crops. Where's that interface? Where's the first technology involved in this process? Literally physically. >> Physically. >> Yeah, yeah, yeah. Is there a shack with a server in it somewhere? >> So, we actually have, we have a core data center at the center of Nature Fresh set up basically where everything ends up. We have our Edge. So, we have computers, we're at the Edge analyzing stuff. But if you want to go right back to the grassroots of where it actually is, is it's right at, not dirt, but a ground up coconut husk. That is what the plants are grown in. And we analyze the data right there, 'cause that is our first Edge. And people think that's static for us. The Edge isn't static. 'Cause the Edge now moves. We have a plant that grows. Then we pick it. And then we have to store it and then we have to ship it. So, our Edge actually does move from area to area to area. So, statically one thing isn't the same all the time. It's a hard thing to say how it all starts but it's just a combination of everything from natural gas to everything. >> Okay, then are those, 'cause we think of things in terms of like internet of things and these sensors. >> Oh yeah. >> Things are being gathered. So, you've got stuff happily growing in husks and then being picked. What's the next step there? Where is that aggregated? Where does that go? Is that all going straight back to your data center or are there sort of intermediate steps in the process? >> So, what we do is we actually store everything at the Edge, and we do daily processes right there. And then it aggregates that data and it drops it down from a large number to a smaller number to go to the core. >> Got it. >> And then that way, at the core, it does the long term analysis. 'Cause again, a lot of the data that we collect, we don't need to keep. A lot of it is the temperature was X, the temperature was X, the temperature, we don't need that. So, it aggregates it all down. So, that way the information coming to the core doesn't overwhelm it. Because we do store enough information. And to give you an idea of how our 1.8 million plants are living and breathing. We actually have estimated 1.8 million plants throughout our 200 acres. >> At any moment. >> Yeah. >> That's how many plants they're tracking. And so, that realtime information is helping to make sure that they water the plants precisely with the amount that they need, that they're fertilizing them. And you were telling me about how the life of a plant, you're really maintaining that plant over the life of 12 months. So, if you make a mistake at any point along the line, then you're dealing with that in terms of their yield throughout the life of the plant. But you aggregate a lot of that data right there on site so that you're not having to send so much back to the cloud or to the core. And you do that a lot with VxRail as well as other technology you have on site. Right? >> Yeah. Our VxRail is the center of the core of how we process things. It allowed us to even expand, not even just for compute but GPUs for our AIs to do it. So, it's what we did. And it allowed us to mold how we do things. >> Alison, question for you, this sounds like a dynamic Edge the way that you described it, Keith, and you described it so eloquently. How does the partnership that Dell has with Nature Fresh, how is Dell enabling and accelerating and advancing its Edge solutions based on what you're seeing here and this need for realtime data analytics. >> Well, we spend a lot of time with customers like Keith and also across all kinds of other industries. And what we see is that they have a really common set of problems. They're all trying to derive realtime data right then and there so that they can make business decisions that impact their profitability and their competitiveness and all of their customers experience their product quality. And what we see a lot of times is that they have a common set of concerns around security. How to manage all of the hardware that they're implementing. And at the same time, they really want to be an enabler for the business outcome. So, people have creative ideas and they come to IT hoping for support in that journey. If you're managing everything as a snowflake, it becomes really hard and untenable. So, I think one of the things that we have as our mission is to help customers simplify their Edge so that they can be the enabler that's helping the business to transform and modernize. One of the things I really admire about Nature Fresh Farms is that they decided it from a full organization perspective. So, everybody from the operational technologists to the IT to the business decision makers and leaders at the company, they all decided to modernize together. And so, I think from a partnership perspective, too, that's one of the areas that we try to work with our customers on is really talking about total transformation and modernization. >> So, it sounds like, Keith, there was an appetite there as Alison was saying for a digital transformation and IT transformation. Talk to me a little bit about from a historical perspective, how old Nature Fresh is and how did you get the team on board sounds so eloquent. How did you get the team on board to go, "This is what we need to do and technology needs to fuel our business because it's going to impact the end user, consumer of our fabulous English cucumbers." >> So, it's actually really neat. Our owner, Pete Quiring, when he first started out he really wanted to embrace technology. And this is going back right to 2000. 2000 is when we first had our first planting. And he was actually a builder by nature. He actually was a builder and fabricator and he built greenhouses for other companies. But he said they're getting a little bigger and it's the labor amount, and the number of growers he needed for a range was getting exponentially higher. So, he was one of the first ones that said, "I'm going to put a computer right in the middle and control this 16 acre range." >> It's a pretty visionary view when you really think about it. He's trying to operate his farm. >> Yeah. >> Right? >> From one single computer. >> Operationalize it. It's really cool. >> So, it was neat concept and it was actually very much not a normal concept then. You go back to 2000, people weren't talking about internet of things. They didn't talk about automation. It wasn't there. And he basically said, this is the way to go. And unfortunately, he thought, "I'll sell it to somebody. I'll grow it, I'll put a product in for a year and I'll sell it." And then guess what happened? He didn't sell it. He says, "Ah, it's not big enough. I'll build another phase two." And then his comment to me was after he built the fourth phase, he says, "I guess I'm in the pepper and cucumber business now." And that's what he is just grown. But he said it was a great relationship we had and it's a great concept. And it even goes back, and I know we talked about before, is the computer allowed one senior grower to control large number of acreages. Where before, you'd need multiple growers that know exactly what to do, 'cause they'd have to manually change all these things. Now, from a single computer they can see everything that's going on in the entire range. >> You mentioned temperature and water. And this is kind of out of the blue question, but how have global circumstances and increases in the cost of fertilizer affected you? Or is that fertilizer that's not the type that you use in your operation? You have any insight into that. >> Yeah, everything has, the global change in cost has changed everybody. I don't think there's anybody that's exempt from it. The only thing that we've been able to do is we're able to control it. We don't need to rely on, I guess you can say, rely on the weather to help us do things. We can control how much is. And we recycle all of our water. So, what the plant doesn't absorb today for nutrients, we'll put it back in the system, sterilize- >> Wait, when you say 200 acres, it's all enclosed? >> Yep, 200 acres. >> 200 acres of greenhouse. >> Yep, at 200 acres of greenhouse entirely enclosed. >> Okay, okay. >> There is not a single portion of our greenhouse that's actually gets exposed to the outside. And if you ever see a picture of a greenhouse and you see one of these lovely plants here wet, that's not true. That's just a nice to make it look better. >> Spray it for the photo. >> Yeah, yeah. They spray it for the photo. But actually everything is dry. That water goes directly to the roots and we monitor how much we put in and how much comes out. And then we recycle it. We even get so much recycling, we run natural gas generators to heat the water to heat the greenhouse. We take the burn-off of natural gas, the CO2, and funnel that into the greenhouse to give it natural stimulant. >> So, this is starting to remind me of "The Martian", if you read the book or if you seen the movie. >> Oh yeah. >> But planting the potatoes inside the hab, in the habitat. >> Yeah, and you cut 'em in half and the little ones grow with that next ones. But yep, we recycle everything that we do. And that's what we do. >> That's amazing. >> And all that information at their fingertips. Really, I think what technology is enabling you all to do is focus on what you all are good at, which is focusing on your farming operation and not necessarily the technology. So, one of the places I think we deliver some value is in validating a lot of the solutions so that customers don't have to figure that all out themselves. >> Yeah, 'cause I'm not a security expert. I don't always understand the true depth of security, but that's where that relationship is. We need this and we need that. And we need a secure way to let those communicate. And we can hand that off to the experts at Dell and let us do what we do best. >> What have been some of the changes? In the last couple of years, we've seen the security elevate skyrocket to a board level conversation. Ransomware is a when, not if, we get attacked. How does Dell help you from a security perspective ensure that what you're able to do ultimately gets these products to market in a secure fashion so that all that data that you're generating isn't exposed? >> So, like I said, I agree 100%. It's not matter of if it's going to happen, it's when it's going to happen. So, one of the things that we've actually done is we started to use Dell solution, the PowerProtect Data Manager to back up our solutions on the VxRail. And it actually did twofold for us. It allowed us to do a lot of database manipulation from restores and stuff like that. But we're now actually even investing in the cyber recovery vault that gives us that protection. And it allows us to now look at how long will it take us to get back up. And we're doing some tests right now and the last test we did is we're able to get back up going as a company from a full attack in about an hour. >> Wow. >> We've actually done a few simulations now. So, we are able to recover what our core needs are within an hour. >> Which is a very different metric than simply saying, "Oh, the data's available." >> Yeah. >> No, no, no, no, no, no, no, no. You get zero credit for that. We need our operations to be back up and running. >> Even that hour is stressful to our growers. >> Sure. >> It's a variable within a variable because if you go in the summer when it's super hot, they'll be very stressed out within an hour. And then you got nice calm weather day, it's not as bad. But the weather can change in how they have to close the vents. And you're not just closing one vent, you're closing 32, 64, 100 acres of vents. And you're changing irrigation cycle. You need that automation to do it for you. >> How do you let people eat these things after all the care that goes into it? I'm going to feel mildly guilty for just about a second and a half before I sink my teeth into the cucumber. >> Oh, but that's the joy of it. That's one of the things that I love. >> This is serious. You're proud of this, aren't you? >> Oh yeah. You know what? There's not single person at Nature Fresh that isn't proud of what we do each day. We enjoy what we do and it's a culture that makes us strive to do better every day. It's just a great feeling to be there every day and to just enjoy what you're doing. >> And see, it's real. It's real. Isn't it great? Isn't it great to be a part of? My background's in economics. I think of these things in terms of driving efficiency. And this is just a beautiful thing. When you control those variables, you leverage the technology and what's the end result? You're essentially uplifting everything in the world. >> Yeah, so true. >> Not to get philosophical on ya. >> Right, and feeding the world, especially during the last couple of years, that access. One of the things we learned in the pandemic, one of many, is access to realtime data isn't a nice to have anymore, it's essential. >> Yeah. >> So true. >> And so, the story that you're telling here, the impact to the growers, enabling them to focus what you were saying, Alison, on what they do best, Dell Technologies, VxRail enabling Nature Fresh to focus on what it does best, ultimately delivering food to people during the last couple of years was huge. >> Yeah, and allowing even at a reduced labor number for us to keep growing and doing things by automation. We still need labor in the greenhouse to pick, prune and do stuff like that. But again, we're looking into technologies to help offset that. But again, it was one of those things that we just had to be efficient at everything we do. And we drove that through everything we have. >> Well, and you guys haven't stopped. Right? >> Yeah. >> You're continuing to figure out, he was just telling me a little bit about what their next step is. So, just getting more and more accurate, more intelligence as they grow. So, it's the possibilities, that's what's exciting to me about Edge. I think this example is great, 'cause it's so relatable. Everybody can understand what the Edge is in this context. And it's really driven by the fact that you can put compute into so many different places now. It's more though a matter about how do you gather it? How do you do it in a way where you can actually understand and glean information and insights from it? And that, I think, is what you all are really focused on. >> Yeah, yeah, information is key. >> It is key. What's next from Dell's perspective for Edge computing technologies? what are some of the things you guys got cooking? >> Yeah, we're going to try to help customers to continue to simplify their Edge. So, to deliver those insights that they need where they need them, to do it in a really secure way. I know we talked about security but to do it in really a zero trust fashion. And to help customers to do it also in a zero IT fashion. Because in this example, it's the growers that are out there in the fields, or in your greenhouse in this sense, helping people that aren't necessarily IT specialists to be able to get all the benefits from the technology. >> So, do you think that VxRail technology could be used to optimize say the production of olive oil? I'm looking here and we have the makings of a pretty good salad. >> Yeah, you do. >> There you go. >> It obviously doesn't just apply to food production. >> Yeah, it really goes across the board. Whether we're talking about manufacturing or retail or energy, putting technology right there at the point of data creation and being able to figure out how to manage that inflow of data, be able to figure out which portion of the data is really valuable, and then driving decisions and being able to understand and intelligently make decisions for your business based on that data is really important. >> Keith, what's next? Give us, as we wrap out this segment here, what's next from a technology perspective? You mentioned a couple things you're looking into. >> Yeah, so I think automation is really going to change the way we do things. And automation within the greenhouse is truly just becoming a reality. It's funny we go back and we say, can we do this stuff? And now it's like, oh, even three years ago, I don't think we were quite ready for it, but now it's right there. So, I see us doing a lot more work with vendors like Dell and to do automatic picking, automatic scouting, all that stuff that we do by hand, do it in an automated fashion. >> And at scale, right? >> Yeah. >> That's the important part. I think when you're managing a snowflake, you can only do it to some level, and to be able to automate it and to be able to break down those silos, you're going to be able to apply it to so many parts of your business. >> Yeah, wide applicability. Guys, thank you so much for joining us, sharing the Nature Fresh, Dell story, bringing us actual product. This is so exciting. We congratulate you on how you're leveraging technology in a really innovative way. And we look forward to hearing what's next. Maybe we'll see you at Dell Technologies World next year. >> Sounds great. >> Sounds great. >> Thank you so much. >> All right, our pleasure, guys. >> Thank you. >> For our guests and Dave Nicholson, I'm Lisa Martin. You're watching theCUBE live from VMware Explorer 2022. Dave and I will be right back with our next guest. So, stick around. (light upbeat music)

>> From the Cube studios in Palo Alto and Boston, bringing you data driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> While the precise direction of VMware's future is unknown, given the plan Broadcom acquisition, one thing is clear. The topic of what Broadcom plans will not be the main focus of the agenda at the upcoming VMware Explore event next week in San Francisco. We believe that despite any uncertainty, VMware will lay out for its customers what it sees as its future. And that future is multi-cloud or cross-cloud services, what we call Supercloud. Hello, and welcome to this week's Wikibon Cube Insights powered by ETR. In this breaking analysis, we drill into the latest survey data on VMware from ETR. And we'll share with you the next iteration of the Supercloud definition based on feedback from dozens of contributors. And we'll give you our take on what to expect next week at VMware Explorer 2022. Well, VMware is maturing. You can see it in the numbers. VMware had a solid quarter just this week, which was announced beating earnings and growing the top line by 6%. But it's clear from its financials and the ETR data that we're showing here that VMware's Halcion glory days are behind it. This chart shows the spending profile from ETR's July survey of nearly 1500 IT buyers and CIOs. The survey included 722 VMware customers with the green bars showing elevated spending momentum, ie: growth, either new or growing at more than 6%. And the red bars show lower spending, either down 6% or worse or defections. The gray bars, that's the flat spending crowd, and it really tells a story. Look, nobody's throwing away their VMware platforms. They're just not investing as rapidly as in previous years. The blue line shows net score or spending momentum and subtracts the reds from the greens. The yellow line shows market penetration or pervasiveness in the survey. So the data is pretty clear. It's steady, but it's not remarkable. Now, the timing of the acquisition, quite rightly, is quite good, I would say. Now, this next chart shows the net score and pervasiveness juxtaposed on an XY graph and breaks down the VMware portfolio in those dimensions, the product portfolio. And you can see the dominance of respondents citing VMware as the platform. They might not know exactly which services they use, but they just respond VMware. That's on the X axis. You can see it way to the right. And the spending momentum or the net score is on the Y axis. That red dotted line at 4%, that indicates elevated levels and only VMware cloud on AWS is above that line. Notably, Tanzu has jumped up significantly from previous quarters, with the rest of the portfolio showing steady, as you would expect from a maturing platform. Only carbon black is hovering in the red zone, kind of ironic given the name. We believe that VMware is going to be a major player in cross cloud services, what we refer to as Supercloud. For months, we've been refining the concept and the definition. At Supercloud '22, we had discussions with more than 30 technology and business experts, and we've gathered input from many more. Based on that feedback, here's the definition we've landed on. It's somewhat refined from our earlier definition that we published a couple weeks ago. Supercloud is an emerging computing architecture that comprises a set of services abstracted from the underlying primitives of hyperscale clouds, e.g. compute, storage, networking, security, and other native resources, to create a global system spanning more than one cloud. Supercloud is three essential properties, three deployment models, and three service models. So what are those essential elements, those properties? We've simplified the picture from our last report. We show them here. I'll review them briefly. We're not going to go super in depth here because we've covered this topic a lot. But supercloud, it runs on more than one cloud. It creates that common or identical experience across clouds. It contains a necessary capability that we call a superPaaS that acts as a cloud interpreter, and it has metadata intelligence to optimize for a specific purpose. We'll publish this definition in detail. So again, we're not going to spend a ton of time here today. Now, we've identified three deployment models for Supercloud. The first is a single instantiation, where a control plane runs on one cloud but supports interactions with multiple other clouds. An example we use is Kubernetes cluster management service that runs on one cloud but can deploy and manage clusters on other clouds. The second model is a multi-cloud, multi-region instantiation where a full stack of services is instantiated on multiple clouds and multiple cloud regions with a common interface across them. We've used cohesity as one example of this. And then a single global instance that spans multiple cloud providers. That's our snowflake example. Again, we'll publish this in detail. So we're not going to spend a ton of time here today. Finally, the service models. The feedback we've had is IaaS, PaaS, and SaaS work fine to describe the service models for Supercloud. NetApp's Cloud Volume is a good example in IaaS. VMware cloud foundation and what we expect at VMware Explore is a good PaaS example. And SAP HANA Cloud is a good example of SaaS running as a Supercloud service. That's the SAP HANA multi-cloud. So what is it that we expect from VMware Explore 2022? Well, along with what will be an exciting and speculation filled gathering of the VMware community at the Moscone Center, we believe VMware will lay out its future architectural direction. And we expect it will fit the Supercloud definition that we just described. We think VMware will show its hand on a set of cross-cloud services and will promise a common experience for users and developers alike. As we talked about at Supercloud '22, VMware kind of wants to have its cake, eat it too, and lose weight. And by that, we mean that it will not only abstract the underlying primitives of each of the individual clouds, but if developers want access to them, they will allow that and actually facilitate that. Now, we don't expect VMware to use the term Supercloud, but it will be a cross-cloud multi-cloud services model that they put forth, we think, at VMworld Explore. With IaaS comprising compute, storage, and networking, a very strong emphasis, we believe, on security, of course, a governance and a comprehensive set of data protection services. Now, very importantly, we believe Tanzu will play a leading role in any announcements this coming week, as a purpose-built PaaS layer, specifically designed to create a common experience for cross clouds for data and application services. This, we believe, will be VMware's most significant offering to date in cross-cloud services. And it will position VMware to be a leader in what we call Supercloud. Now, while it remains to be seen what Broadcom exactly intends to do with VMware, we've speculated, others have speculated. We think this Supercloud is a substantial market opportunity generally and for VMware specifically. Look, if you don't own a public cloud, and very few companies do, in the tech business, we believe you better be supporting the build out of superclouds or building a supercloud yourself on top of hyperscale infrastructure. And we believe that as cloud matures, hyperscalers will increasingly I cross cloud services as an opportunity. We asked David Floyer to take a stab at a market model for super cloud. He's really good at these types of things. What he did is he took the known players in cloud and estimated their IaaS and PaaS cloud services, their total revenue, and then took a percentage. So this is super set of just the public cloud and the hyperscalers. And then what he did is he took a percentage to fit the Supercloud definition, as we just shared above. He then added another 20% on top to cover the long tail of Other. Other over time is most likely going to grow to let's say 30%. That's kind of how these markets work. Okay, so this is obviously an estimate, but it's an informed estimate by an individual who has done this many, many times and is pretty well respected in these types of forecasts, these long term forecasts. Now, by the definition we just shared, Supercloud revenue was estimated at about $3 billion in 2022 worldwide, growing to nearly $80 billion by 2030. Now remember, there's not one Supercloud market. It comprises a bunch of purpose-built superclouds that solve a specific problem. But the common attribute is it's built on top of hyperscale infrastructure. So overall, cloud services, including Supercloud, peak by the end of the decade. But Supercloud continues to grow and will take a higher percentage of the cloud market. The reasoning here is that the market will change and compute, will increasingly become distributed and embedded into edge devices, such as automobiles and robots and factory equipment, et cetera, and not necessarily be a discreet... I mean, it still will be, of course, but it's not going to be as much of a discrete component that is consumed via services like EZ2, that will mature. And this will be a key shift to watch in spending dynamics and really importantly, computing economics, the things we've talked about around arm and edge and AI inferencing and new low cost computing architectures at the edge. We're talking not the near edge, like, Lowes and Home Depot, we're talking far edge and embedded devices. Now, whether this becomes a seamless part of Supercloud remains to be seen. Look, if that's how we see it, the current and the future state of Supercloud, and we're committed to keeping the discussion going with an inclusive model that gathers input from all parts of the industry. Okay, that's it for today. Thanks to Alex Morrison, who's on production, and he also manages the podcast. Ken Schiffman, as well, is on production in our Boston office. Kristin Martin and Cheryl Knight, they help us get the word out on social media and in our newsletters. And Rob Hoffe is our editor in chief over at Silicon Angle and does some helpful editing. Thank you, all. Remember these episodes, they're all available as podcasts, wherever you listen. All you got to do is search Breaking Analysis Podcast. I publish each week on wikibon.com and siliconangle.com. You can email me directly at david.vellante@siliconangle.com or DM me @Dvellante or comment on our LinkedIn posts. Please do check out etr.ai. They've got some great enterprise survey research. So please go there and poke around, And if you need any assistance, let them know. This is Dave Vellante for the Cube Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis. (lively music)

(upbeat music) >> Okay, welcome back everyone to theCUBE's coverage of AWS Summit 2022, here at Moscone Center live on the floor, I'm John Furry host of theCUBE, all the action day two, remember AWS Summit in New York City is coming in the summer. We'll be there as well. Got a great guest Murli Murli who's the VP and GM of Cloud Native Business Unit Portworx, been in theCUBE multiple times. We were just talking about the customer he had on Ford from Detroit, where kubernetes will be this year. >> That's right. >> Great to see you. >> Yeah, same here, John. Great to see. >> So, what's the update? Quickly this, before we get into the country, give the update on what's going on in the company, what's happening? >> Well, you know, we've been acquired by Pure Storage it's well over a year. So we've had one full year of being inside of Pure. It's been wonderful, right? So we've had a great ride so far, The products have been renewed. We've got a bunch of integrations with Pure. We more than doubled our business and more than doubled our head count. So things are going great. >> I always had a, congratulations by the way. And I was going to ask about the integration but before I get there, yeah, we've been always like play some jokes on theCUBE and because serverless is so hot, I've been using storage lists and actually saw a startup yesterday had the word networking lists in their title. So this idea of like making things easier, but me, I mean serverless of this is basically servers that make it easier. >> Yeah, yeah >> So this is kind of where we see Cloud Native going. Can you share your thoughts on how Pure and Portworx are bringing this together? Because you can almost connect the dots in my mind. So say specifically what is the Cloud Native angle with Pure? >> Yeah. So look, I'll kind of start by being captain an obvious, I guess. Just sort of stating some obvious stuff and then get to what I hope will be a little bit more new and interesting. So the obvious stuff to start with is just the fact that Cloud Native is exploding. Containers are exploding. It's kind of a well known fact that 85% of the enterprise organizations around the world are pretty much going to be deploying containers, if not already in the next couple of years, right? So one it's really happening. The, buzz is now, it's not just in the future, the hype is now. The second part of that is it's really part of that is things are going production. 56% of these organizations are in production already. And that's the number is going to climb to 80 fairly quickly. So not only is this stuff being deployed as being deployed in sort of fairly mission critical, especially Greenfield applications. So that's kind of one, right? Now, the second thing that we're seeing is as they go in into production, John, the migraines are starting, right? Customer migraines, right? It's always happens in stuff that they have not looked around the corner and anticipated. So one of them is, again, a fairly obvious one is as they go into production, they need to be able to kind of recover from some oops that happens, right? And the kinds of think about this, right? John, this stuff is rapidly changing, right? Look at how many versions of kubernetes come out on a regular basis. On top of that, you got all these app, virgins, new database virgins, new stuff, vendors like us, ourselves have new virgins. So with all these new virgins, when you put it all together the stack, sometimes misbehave. So you got to kind of, "Hey, let me go recover." Right? You have outages. So essentially the whole area of data protection becomes a lot more critical. That's the migraine that people are beginning to get now, right? They can feel the migraine coming on. The good news is this is not new stuff. People know on- >> John: The DevOps. >> Yeah. Well, and in fact it is that transition from DevOps to ITOps, right? People know that they're going into production, that they need backup and data protection and disaster recovery. So in a way it's kind of good news, bad news, the good news is they know that they need it. The bad news is, it turns out that it's kind of interesting as they go Cloud Native, the technology stack has changed. So 82% of customers who are kind of deploying Cloud Native are worried about data protection. And in fact, I'll go one step further 67% of those people have actually kind of looked at what they can get from existing vendors and are going, "Hey, this is not it. This is not going to do my stuff for me." >> And by the way, just to throw a little bit more gas on that fire is ransomware attacks. So any kind of vulnerability opening? Maybe make people are scared. >> Murli: Absolutely. >> So with- >> Murli: Its a board level topic, right? >> Yeah, and then you bring down the DevOps, which is we all know the innovation formula launch in iterate, pivot, iterate, pivot, then innovation you get the formula, all your metrics, but it's a system. >> Correct. >> Storage is part now of a system when you bring Cloud Native into it, you have a consequence if something changes. >> Murli: Correct. >> So I see that. And the question I have for you is, where are we in the stability side of it? Are we close to getting there and what's coming out to help that, is it more tooling? Because the trend is people are building tools around their Cloud Native thing. I was just talking to MongoDB and they got a database, now that's all tooling. Vertically integrate into the asset or the product, because it integrates with APIs, right? So that makes total sense. >> So I think there's kind of again, a good news, bad news there, right? There's a lot of good news, right? In the world of containers and kubernetes what are some of the good news items, right? A lot of the APIs have settled down have been defined well, CNCF has done a great job promoting that, right? So the APIs are stable, right? Second, the product feature set, have become more stable, particularly sort of the the core kubernetes product security kind of stuff, right? Now what's the bad news. The bad news is, while these things are stable they are not ready for scale in every case yet, right? And when you integrate at scale, so and typically the tipping point is around 20 to 30 nodes, right? So typically when you go beyond 20 to 30 nodes then the stuff starts to come a apart, right? Like, the wheels come off of the train and all of that. And that's typically because there's a lot of the products that were designed for DevOps, are not well suited for ITOps. So really there is a new- >> And the talent culture. >> Exactly. >> Talent and culture sometimes aren't ready or are changing. >> So it's a whole bunch of people trying to use kind of a maturing product set with skill sets that are pretty low, right? So when we get into production, then other factors come into play, high availability, right? Security, you talk about ransomware, disaster recovery backup. So these are things that are sort of, I would say not 101 problems, but 201 problems, so right? This is natural as we go to that part of the thing. And that's the kind of stuff that, Portworx and Pure Storage have been kind of focused on solving. And that's kind of been how we've made our mark in the industry, right? We've helped people really get to production on some of these different points. >> Expectation on both companies have been strong, high quality, obviously performance on Pure side from day one, just did a great job with the products. Now, when you go into Cloud Native you have now this connection okay. To the customer, again I think huge point on the changing landscape. How do you see that IT to DevOps emerging? Because the trend that we're seeing is, abstracting way the complexities of management. So I won't say managed services are more of a trend, they've always been around but the notion of making it easier for customers. >> Yep, absolutely right. >> Super important. So can you guys share what you guys are doing to make it easier because not everyone has a DevOps team. >> Yeah, so look, the number one way things are made more easy, is to make it more consumable by making it as a service. So this is one of the things, here we are, at AWS Summit, right? And delighted to be here by the way. And we have a strategic alliance with with AWS, and specifically, what we're here to announce really is that we're announcing a backup as a SaaS product. Coming up in a few weeks we're going to be giing running on AWS as a service integrated with AWS. So essentially what happens is, if you have a containerized set of applications you're deploying it on EKS, ECS, AWS, what have you. We will automatically provide the ability for that to be backed up scaled and to be very, very container granular, very app specific, right? Yeah, so it's designed specifically for kubernetes. Now here's the kind of key thing to say, right? Backup's been around for a long time. You've interviewed, tons of backup people in the past. But traditional backup is just not going to work for kubernetes. And it's very simple if you think about it, John. >> John: And why is that? >> It's a very simple thing, right? Traditional backup focuses on apps and data, right? Those are the two kind of legs of that. And they create catalogs and then do a great job there. Well, here's, what's happened with Cloud Native. You have a thing inserted in the middle called kubernetes. So when you take a snapshot, I'm now kind of going into a specific kind of, world of storage, right? When you take a snapshot, what Portworx does is we take a 3D snapshot. What you really need to recover, from a backup situation where, you want to go back to the earlier stage to be kubernetes specific, you need a app snapshot, snapshot of the kubernetes spec, pod spec, And third of snapshot of the data. Well, traditional, backup folks are not taking that middle snapshot. So we do a 3D snapshot and we recover all three which is really what you need to be able to kind of like get backed up, get recovered in minutes. >> Okay and so the alternative to not doing that is what? What will happen? >> You To do that, to do your old machine level backup? So what happens with traditional backups are typically VM level or machine level, right? So you're taking a snapshot of the whole kind of machine and server or VM setup and then you recover all of that, and then you run kubernetes on that and then you try to recover it- >> John: To either stand everything up again. >> Yeah, yeah. >> John: Pretty much. >> Yeah. Whereas, what do most people want to do? This is a very different use case, by the way, right? How does this work? What people are doing for kubernetes is they're not doing archival kind of backup. What they're doing is real time, right? You're running an ops. Like I said, you got an oops, "Hey, a new release for one of the new databases then work right? Boom! I want to just go back to like yesterday, right? So how do I do that? Well, here you can just go back for that one database, one app, and recover back to that. So it's operational backup and recovery as opposed to archival backup and recovery. So for that, to be able to recover in seconds, right? You need to be, he kind of want integrated with AWS which is what we are. So it's integrated, it's automated, and it's very, very container granular. And so these three things are the things that make it sort of, very specific way. >> I love the integration story. 'Cause I think that's the big mega trend we're seeing now is is that integrating in. And, but again, it's a systems concept. It's not standalone storage, detached storage. >> Murli: Exactly. >> It's always, even though it might be decoupled a little bit it's glued together through say- >> John, you said it right. The easy button is for the system, right? Not for the individual component. Look, all of us vendors in this ecosystem are going around framing, having a being easy. But when we say that, what do we mean? We mean, oh, I'm easy to use. Well that doesn't help the user. Who's got to put all this stuff together. So it's really kind of making that stack work. >> This is easy to use, but it made these things more complex. This is what we do in the enterprise solve complexity with more complexity. >> Putting the problem to the other guy. Yeah. So it's that end to end ease of use is kind of what I would say, is the number one benefit, right? One it's container specific and designed for kubernetes. And second, it really, really is easy. >> Well, I really like the whole thing and I want to get your thoughts as we close out, what should people know about Pure and Portworx's relationship now and in the Amazon integration, what's the new narrative the north Star's still the same? High performance store, backup, securely recover and deliver the data in whatever mechanism we can. That north Star's clear, never changes, which is great. I feel love about Pure and Cloud Native. It's just taking the blockers away- >> I think the single biggest thing I would say, is all of these things, what we're turning into it is as a service offering. So if we're going to backup as a service our Portworx product now is going to be the Portworx enterprise Pure Storage product is going to be offered as a service. So with, as a service, it's easy to consume. It's easy to deploy. It's fully automated. That's the kind of the single biggest aha! Especially for the folks who are deploying on AWS today, AWS is well known for being easy to use. It's kind of fully automated. Well here, now you have this functionality for Cloud Native workloads. >> Final question, real quick, customer reaction so far, I'm assuming marketplace integration, buying terms, join selling, go to market? >> So yeah, it is integrated billing and all of that is part of that kind of offering, right? So when we say easy, it's not just about being easy to use it's about being easy to buy. It's being easy to expand all of that and scaling. Yeah. And being able to kind of automatically or automagically as I like to say, scale it, right? So all of that is absolutely part of it, right? So it is really kind of... It's not about having the basics anymore. We've been in the market now for six, seven years, so right? We have sort of an advanced offering that not only knows what customer want but anticipates what ones can expect and that's a key difference. >> I was talking to Dr. Matt Wood real quick. I know we got to wrap up on the schedule, but earlier today about AI and business analytics division's running and we were talking about serverless and the impact of serverless. And he really kind of came down the same lines where you are with the storage and the cloud data which is, "Hey, some people just want storage and the elastic leap analytics without all the under the cover stuff." Some people want to look under the covers, fine whatever choice. So really two things, so. >> Yeah, yeah. All the way from you can buy the individual components or you can buy the as a service offering, which just packages it all up in a on easy to consume kind of solution, right? >> Final, final question. What's it like at Pure everything going well, things good? >> We love it, man. I'll tell you these folks have welcomed us with open arms. And look, I've been acquired twice before. And I say this, that one of the key linchpins to a successful integration or acquisition is not just the strategic intent that always exists but really around a common culture. And, we've been blessed. I think the two companies have a strong common culture of being customer first, product excellence, and team wins every time. And these three things kind of have pulled us together. It's been a pleasure. >> One of the benefits of doing the queue for 13 years is that you get the seats things. Scott came on the queue to announce Pure Storage on theCUBE, cuz he was a nobody else. There was, oh, you're never going to get escape Velocity, EMC's going to kill, you never owned you. Nope. >> Well, we're talking about marketplaces and theCUBE is the marketplace of big announcements, John. So this is, delighted- >> Announcements. >> Yeah. Yeah. Well that was the AWS announcement. Yeah. So that's, that is big >> Final words, share the audience. What's what to expect in the next year for you guys? What's the big come news coming down? What's coming around the corner? >> I think you can expect from from Pure and Portworx the as a service set of offerings around, HADR backup, but also a brand new stuff, keep an eye out. We'll be back with John. I hope that talking about this is data services. So we have a Portworx data service product that is going to be announced. And it's magic. It's allowing people to deploy databases in a very, very, it's the easy button for database deployment. >> Congratulations on all your success. The VP and General Manager of the Cloud Native Business Unit. >> You make it sound bigger than it actually is, John. >> Thanks for coming on. Appreciate it. >> Thanks. >> Okay theCUBE coverage be back for more coverage. You're watching theCUBE here, live in Moscone on the ground at an event AWS Summit 2022. I'm John Furrier. Thanks for watching. (upbeat music)

>> From theCUBE studios in Palo Alto and Boston, connecting with thought-leaders all around the world, this is a Cube Conversation. >> Hi everybody, this is Dave Vellante. Welcome to this Cube Conversation. We're really excited to have Wim Coekaerts in, he is the senior vice-president of software development at Oracle. Wim, it's great to have you on, and, you know I often say I wish we were face-to-face but if we were you'd have to cut off my tie, cause developers and ties just don't go together. >> No, I know, and this is my normal outfit, so this is me wherever I go. Hi again, good to see you. >> Yeah, great to see you. So, of course, you know a lot of people are confused about Oracle, and open-source, they say "Oracle? Open-source? What is that all about?" But I think you're misunderstood. People don't, first of all, realize you as the leader of the software-development community inside of Oracle, I mean, you've been involved in Linux since the early 90s. But you guys have a lot of committers, you do a lot. I want to talk about that. What is up with Oracle, and open-source? >> Ah, well, it's a broad question. So, you know, a couple of things. One is, we have many different areas within the company that are dealing with open-source. So we have the cloud team doing a lot of stuff around cloud SDKs and support for different languages like Python and Go, and of course Java and so forth, so they do a lot around ensuring that the Oracle ecosystem is integrated in the open-source tools that customers use, or developers use, Terraform companies and so forth. And then you have the Java team, and so forth. Java is open-source and then the Graal project, GraalVM which is a polyglot compiler that can run Java, and Python, and Javascript and so forth together in one. VM do really cool optimizations, that's an open-source project, also on GitHub. There's of course MySQL, which is along with Java, they're probably the two most popular and widely used open-source projects out there. There's VirtualBox which is of course also a very popular project that's open-source. There's all the work we do around Linux. And I think one of the things is that, when you have so many different areas, doing things that are for that area, then as a developer or as a customer, you typically just deal with that group. And what you see is, oh you're talking to the Java developers, so you know what's going on around Java. The Java developers might not necessarily say, "Oh well we also do MySQL, and we do Linux and VirtualBox and so forth," and so you get a rather myopic, narrow view of the larger company. When you add all these things up, and there will be one big slide that says "This is Oracle, these are all these open source projects," and there's multiple ways. One is, we have projects that we've open-sourced and all the code came from us and we made it publicly available, we're the main contributor and we get contributions back. There are other projects where we contribute to third-party in terms of enhancing things, like I said with the Cloud Team, and then in general something like Linux where we're part of an external project and we participate in development of that project at large. And so there's these three different ways, when you count up all the developers that we have that deal with open-source on a daily basis. And in terms of contributions, in terms of bug fixes, testing, and so forth, it's thousands, literally, full-time paid developers. And of course, all the projects are all either on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And, you know, our primary goal is to provide services and products to customers, and so the open-source part is sort of embedded in a development methodology. But that's not something we sell or market separately, we just work with customers and products and services, and so in some cases it's not well-understood. >> Yeah. Well, we're talking of course, we're talking about the state of the penguin, I think it's important for people to understand, Oracle got into the Linux game in the 90s, maybe the latter part of the 90s and Oracle, of course, wants to make Linux-- wants to make Oracle, it's applications and database run better on Linux, but as you're pointing out, your Linux distro, full support, end-to-end, thousands of people in your open-source community, and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those, but of course you want an Oracle distro that is going to make Oracle stuff run better, that's always kind of been the Oracle way. >> Well, so, yes, two things though. One is, so everything we do is upstream. So we have no Linux patches that are not contributed upstream; There's no proprietary code in Oracle Linux at all, it's all completely open, publicly available: the source code, the change log, all the commits, it's fully open and public, which sometimes is not well-understood, but it's completely open. And, everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mail-list. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that eco-system. Otherwise, the cost of maintaining your own fork, so to speak, is very high and it doesn't really solve the problem. Now, the functionality we work on obviously is focused on making Oracle products run better, making Oracle Cloud run better, and so forth. However, again, what's important to understand, though, is an Oracle database is a program running on an operating system. It does IO, it does networking, it deals with memory management, lots of processing. So, for the most part, the things that we work on to improve that helps everyone out, right? It helps every other database run better, or helps every other language run better. So none of these changes are specific to Oracle, they're just things that we found doing performance benchmarks and testing and so forth, where we say "Hey, if Linux did the following, it would make boot-up faster. Now boot-up has nothing to do with the database. But our customers run on 1-terabyte, 4-terabyte, 8-terabyte systems, and so booting up, and Linux starting up, and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here, we're now talking about just enterprise for you. So there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone out. >> Yeah, that's great. So I wanted to kind of get that out of the way and help our audience understand that. So let's get into it a little bit; What are you seeing, what's going on in IT, pick your observation space and your vision of what you see happening out there. >> Well, you know, it's very interesting, it's sort of, there's two... there's sort of two worlds, right, there's the cloud world and the move to cloud, and there's the on-premises world, where people run their systems on their own. And, one of the things that we've learned is, when you talk about machine-learning, obviously, is something that's very popular these days, and automation. And so in order to rely on machine-learning well, and have algorithms that are very effective, you need lots of data. And so being a cloud vendor, and having Linux in our cloud on tens of thousands, or hundreds of thousands of servers, or more, allows us to have a view of how an operating system works across an incredibly large scale. So we get lots of data. And so for us to figure out which algorithms work well in terms of how can we do network optimizations, how can we discover anomalies on the storage site, and deal with it and so forth, we can do that at scale. And what's interesting is, how do we then bring that on-prem? Well, if we can get the data and the learning done, the training done, in our cloud directly, then when we provide that service also for people running Oracle Linux on premises then that will work. The alternative is to have point solutions where you provide something to a customer, and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds, on-prem and cloud directly, allows us to kind of benefit from that. And I think that's important, because lots of customers are interested in going to cloud. Many of the enterprises have not yet. You know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right, Autonomous Database is incredibly popular and so forth, that allows us to then say, "Here, try these things out here, it's a service. We can show you the benefits right away," and then as that improves we bring that, to a certain extent, on-premises as well. And then they can have it in both places. And that, I think, is something, again, that's relatively unique but also very important, is that we want to provide services and products that act similarly on-premises as well as in cloud, because at some point when people move we want to make that transition seamless. And what you have today for the most part is one world that's on-prem, and then the cloud world is completely different. And that is a big barrier of moving, and so we want to reduce that, we can run the same operating system local as well as cloud, you can the same functionality, and then that helps transition people over much easier. >> Yeah, well Oracle actually was one of the -- I think Oracle was the first company to actually market same-same, you actually used that term. Others put forth that concept, but Oracle was the first to announce products like Cloud at Customer, that were same-same, now it took some time to actually get it perfected, and get it to market, but the point is, and we've written about this, is Oracle, because of the ascendancy of cloud, flipped and has a cloud-first mentality, and you just kind of referenced that, you just said, "And you can bring that to on-prem." So I wonder if you could talk about that cloud-first mentality, and the impact on hybrid. >> So yeah, I think the cloud-first part is of course in cloud we work on services moreso than products that we deliver. And there's a number of things that are happening. So one is that we obviously continue to provide products to customers, you can download Oracle Linux, you can download the database and what not, you can install it on your own, you can do the traditional way of working. Then in the cloud-world, what typically happens is "Oh, I use a database service. I'm not installing anything, I push a button and I get an IP address and a SQL that connects extremely quickly to the database." And we take care of everything underneath that is on this database. Now, in order to do that, you need a whole infrastructure in place, you need log-in agents, you need a back-end that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing the service up and monitor it. And so, that takes a lot of time to do right, and we learn a lot by doing this. And so the cloud-first part of these services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy, and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can do everything at the same time. And so what we've done with Autonomous Database is we created everything in Oracle Cloud, we have the whole system running really well, and then we've been able to sort of package that and shrink it into something that can be installed on-premises, but then connected into Oracle Cloud again. And so that way we can get all the telemetry over the metric, and that allows us to scale. Because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that similar to how that runs in our own cloud. Right, otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work, and now with Cloud at Customer Database that's really in place. >> Yeah, you really want to have that same cloud experience, whether with on-prem, in the public cloud, hybrid, et cetera. So, I want to explore a little bit more who is using Oracle Linux, and what's the driver for using it. Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started this fourteen years ago, in 2006, October 25th, 2006. I remember that day very well; Penguins on stage and a big launch for Oracle Linux in San Francisco Moscone Center. So, look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, and the ability to be able to handle critical issues when that occurs, because typically a database runs the company's critical data: the most essential stuff that a company has is typically in a database, an Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger-pointing, and having to explain to an operating system vendor how the database works. In the Unix world, we had a good relationship with the OS vendors, and the hardware vendors, they were the same. And they knew our products really well, and in the Linux world, that was very different. The OS vendor basically did not want to understand or learn anything about the products living on top. And so while to a certain extent that makes sense, it's an enterprise world where time is of the essence, and downtime needs to be limited absolutely. We can't have these arguments and such. And that was the driver, initially, for doing Oracle Linux. It was to ensure there was a Linux distribution really backed by us, that we could fix, that we could fully support. That was completely the original intent. And so the early customer base was database customers. Database and middleware. Mostly database. But that has then evolved quickly, and so what happened was, people say "Look, I have a thousand servers, a hundred run Oracle, so we'll run Oracle Linux on those hundred, and we'll run something else on those other nine-hundred." Now after a year or so, they realize that our support is really good; We fix all these issues, and so then they're like "Why are we having two Linux distributions? This thing works really well, it runs any application, it's fully compatible, so we'll do a thousand with Oracle Linux." And so the early days, the first few years, was definitely Oracle Database as the core driver, and then it sort of expanded to the rest of the estate. And over the years, we've added lots of features and functionality, like Ksplice, and so forth. We have an attractive pricing model for running on servers, and so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all-or-nothing play in the Linux space, and we're well-known now, so it's actually very good. >> You just mentioned Ksplice. We've been talking about cloud, and on-prem, and hybrid. Let's talk about security, because security really is a differentiator, particularly if you're going to start to put stuff in the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So, "Security first" is sort of what you hear us say and do, in everything we do. The database obviously security, on the Linux site security matters. Ksplice as a technology is there to do critical bug-fixing and make sure that we can apply security vulnerability fixes without affecting the customer, and not have downtime. And if you look at most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well not that our customer doesn't understand that it's important, but it's a whole train of events that needs to happen. You have to, you get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-layered setup. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down, cause that talks to the database. So to patch one system, you basically have to bring down the whole application stack. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well during that time, you're vulnerable. So the only way, really, to address security in a scalable and reducing that window of time is to do it without affecting the customer. And so Casewise is something that, it's a company we acquired in 2009, and have since evolved in terms of capabilities, and so it allows us to patch the Linux terminal without downtime. We lock the kernel for 8 microseconds. It's literally no downtime. You don't have to bring down applications, the user doesn't see it, there's no hang, there's no delay. And so by doing that, you can run a Linux operating system, or gLinux, and you can be fully patched on a system that hasn't rebooted for 3 years. You don't even know it. And so by doing that type of stuff, it makes customers more secure, and it avoids them-- It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel, we do that for some of the libraries on top that are critical like OpenSSL and 2 LVC, and, you know one example-- I can give you two examples. So one example is, Heartbleed was this bug in OpenSSL a number of years ago. And so everyone had to patch their SSH server. And that meant, basically, systems around the world had to reboot. Like a whole IT reboot across the world. With Ksplice today, if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, and also, of course, the headache. Another example is, and this was in Oracle Cloud, when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, where you could basically see memory potentially of other CPUs running, the cloud is incredibly critical. We were basically able to basically patch our entire cloud in four hours. And the customer didn't know, right, a hundred and twenty million patches, or something, that we applied within four hours, all online, without any downtime. And so that technology has been really helpful, both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole, what we do in cloud we also do for customer. And I think that's a unique thing that we have at Oracle which is quite fascinating. The operating system we run for our customers, the operating system that's the host part of VMs, is the exact same binary and source code that we make available, just to be clear, the exact same binaries are the ones that you run as a customer on-premises. So if you run Oracle Linux with KVM, you run VMs, you're actually running the exact same stuff as we run underneath our customer's stuff. Nobody else does that, everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment, you're talking about that sort of security mindset, it's critical, you're not just bolting it on, it's part of the culture. But you started your career, and then of course you were a Linux person when you came to Oracle, but then I think you spent some time in database, back in the day when there were serious database wars going on, before Oracle became the king of database. So now you've got, obviously, this great portfolio, and a lot of really sharp software developers; What should we expect going forward, from Oracle? What should we look for? >> You know, I was talking to some, I was welcoming some interns to the company, for their summer internship yesterday, and one of the things I mentioned to them was that -- so cloud obviously gives us a lot of opportunities, but there's a number of things. One is, we have such a breadth of applications and software and hardware together. We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side, and one of the great opportunities, and I think we've shown a lot of this happening with the ability to create something like Autonomous Database, is to combine all these things. Right, we have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things it really becomes awesome. You cannot create autonomous database without having autonomous learning. You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers, and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly. And having the scale for that. I think that has been, for the last few years, a really great thing, but I can see that being one of the advantages that we have going forward. We have Oracle Fusion Applications, which is incredibly popular, and has great growth, and then we have that running on Oracle Cloud, that talks to Oracle Autonomous Database, so we bring all these pieces together. And no other SaaS vendor can do that, because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me, it's not so much about making my own world better, and having Linux be better, and Casewise and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle's always invested in RND, we've made that point many, many times. Whether it's database, you know Fusion was a painful but worthy effort, the whole public cloud piece, obviously many acquisitions, but the investments that you've made in open-source as well, Wim, you're a great spokesperson, and a great representative of the open-source community generally, and then Oracle specifically, so thanks very much for coming on theCUBE and sharing with us the state of the penguin, and best of luck. >> You're welcome. Thank you, thanks for having me. >> Alright, and thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (cheerful music).

>> From theCUBE studios in Palo Alto and Boston, connecting with thought-leaders all around the world, this is a Cube Conversation. >> Hi everybody, this is Dave Vellante. Welcome to this Cube Conversation. We're really excited to have Wim Coekaerts in, he is the senior vice-president of software development at Oracle. Wim, it's great to have you on, and, you know I often say I wish we were face-to-face but if we were you'd have to cut off my tie, cause developers and ties just don't go together. >> No, I know, and this is my normal outfit, so this is me wherever I go. Hi again, good to see you. >> Yeah, great to see you. So, of course, you know a lot of people are confused about Oracle, and open-source, they say "Oracle? Open-source? What is that all about?" But I think you're misunderstood. People don't, first of all, realize you as the leader of the software-development community inside of Oracle, I mean, you've been involved in Linux since the early 90s. But you guys have a lot of committers, you do a lot. I want to talk about that. What is up with Oracle, and open-source? >> Ah, well, it's a broad question. So, you know, a couple of things. One is, we have many different areas within the company that are dealing with open-source. So we have the cloud team doing a lot of stuff around cloud SDKs and support for different languages like Python and Go, and of course Java and so forth, so they do a lot around ensuring that the Oracle ecosystem is integrated in the open-source tools that customers use, or developers use, Terraform companies and so forth. And then you have the Java team, and so forth. Java is open-source and then the Graal project, GraalVM which is a polyglot compiler that can run Java, and Python, and Javascript and so forth together in one. VM do really cool optimizations, that's an open-source project, also on GitHub. There's of course MySQL, which is along with Java, they're probably the two most popular and widely used open-source projects out there. There's VirtualBox which is of course also a very popular project that's open-source. There's all the work we do around Linux. And I think one of the things is that, when you have so many different areas, doing things that are for that area, then as a developer or as a customer, you typically just deal with that group. And what you see is, oh you're talking to the Java developers, so you know what's going on around Java. The Java developers might not necessarily say, "Oh well we also do MySQL, and we do Linux and VirtualBox and so forth," and so you get a rather myopic, narrow view of the larger company. When you add all these things up, and there will be one big slide that says "This is Oracle, these are all these open source projects," and there's multiple ways. One is, we have projects that we've open-sourced and all the code came from us and we made it publicly available, we're the main contributor and we get contributions back. There are other projects where we contribute to third-party in terms of enhancing things, like I said with the Cloud Team, and then in general something like Linux where we're part of an external project and we participate in development of that project at large. And so there's these three different ways, when you count up all the developers that we have that deal with open-source on a daily basis. And in terms of contributions, in terms of bug fixes, testing, and so forth, it's thousands, literally, full-time paid developers. And of course, all the projects are all either on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And, you know, our primary goal is to provide services and products to customers, and so the open-source part is sort of embedded in a development methodology. But that's not something we sell or market separately, we just work with customers and products and services, and so in some cases it's not well-understood. >> Yeah. Well, we're talking of course, we're talking about the state of the penguin, I think it's important for people to understand, Oracle got into the Linux game in the 90s, maybe the latter part of the 90s and Oracle, of course, wants to make Linux-- wants to make Oracle, it's applications and database run better on Linux, but as you're pointing out, your Linux distro, full support, end-to-end, thousands of people in your open-source community, and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those, but of course you want an Oracle distro that is going to make Oracle stuff run better, that's always kind of been the Oracle way. >> Well, so, yes, two things though. One is, so everything we do is upstream. So we have no Linux patches that are not contributed upstream; There's no proprietary code in Oracle Linux at all, it's all completely open, publicly available: the source code, the change log, all the commits, it's fully open and public, which sometimes is not well-understood, but it's completely open. And, everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mail-list. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that eco-system. Otherwise, the cost of maintaining your own fork, so to speak, is very high and it doesn't really solve the problem. Now, the functionality we work on obviously is focused on making Oracle products run better, making Oracle Cloud run better, and so forth. However, again, what's important to understand, though, is an Oracle database is a program running on an operating system. It does IO, it does networking, it deals with memory management, lots of processing. So, for the most part, the things that we work on to improve that helps everyone out, right? It helps every other database run better, or helps every other language run better. So none of these changes are specific to Oracle, they're just things that we found doing performance benchmarks and testing and so forth, where we say "Hey, if Linux did the following, it would make boot-up faster. Now boot-up has nothing to do with the database. But our customers run on 1-terabyte, 4-terabyte, 8-terabyte systems, and so booting up, and Linux starting up, and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here, we're now talking about just enterprise for you. So there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone out. >> Yeah, that's great. So I wanted to kind of get that out of the way and help our audience understand that. So let's get into it a little bit; What are you seeing, what's going on in IT, pick your observation space and your vision of what you see happening out there. >> Well, you know, it's very interesting, it's sort of, there's two... there's sort of two worlds, right, there's the cloud world and the move to cloud, and there's the on-premises world, where people run their systems on their own. And, one of the things that we've learned is, when you talk about machine-learning, obviously, is something that's very popular these days, and automation. And so in order to rely on machine-learning well, and have algorithms that are very effective, you need lots of data. And so being a cloud vendor, and having Linux in our cloud on tens of thousands, or hundreds of thousands of servers, or more, allows us to have a view of how an operating system works across an incredibly large scale. So we get lots of data. And so for us to figure out which algorithms work well in terms of how can we do network optimizations, how can we discover anomalies on the storage site, and deal with it and so forth, we can do that at scale. And what's interesting is, how do we then bring that on-prem? Well, if we can get the data and the learning done, the training done, in our cloud directly, then when we provide that service also for people running Oracle Linux on premises then that will work. The alternative is to have point solutions where you provide something to a customer, and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds, on-prem and cloud directly, allows us to kind of benefit from that. And I think that's important, because lots of customers are interested in going to cloud. Many of the enterprises have not yet. You know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right, Autonomous Database is incredibly popular and so forth, that allows us to then say, "Here, try these things out here, it's a service. We can show you the benefits right away," and then as that improves we bring that, to a certain extent, on-premises as well. And then they can have it in both places. And that, I think, is something, again, that's relatively unique but also very important, is that we want to provide services and products that act similarly on-premises as well as in cloud, because at some point when people move we want to make that transition seamless. And what you have today for the most part is one world that's on-prem, and then the cloud world is completely different. And that is a big barrier of moving, and so we want to reduce that, we can run the same operating system local as well as cloud, you can the same functionality, and then that helps transition people over much easier. >> Yeah, well Oracle actually was one of the -- I think Oracle was the first company to actually market same-same, you actually used that term. Others put forth that concept, but Oracle was the first to announce products like Cloud at Customer, that were same-same, now it took some time to actually get it perfected, and get it to market, but the point is, and we've written about this, is Oracle, because of the ascendancy of cloud, flipped and has a cloud-first mentality, and you just kind of referenced that, you just said, "And you can bring that to on-prem." So I wonder if you could talk about that cloud-first mentality, and the impact on hybrid. >> So yeah, I think the cloud-first part is of course in cloud we work on services moreso than products that we deliver. And there's a number of things that are happening. So one is that we obviously continue to provide products to customers, you can download Oracle Linux, you can download the database and what not, you can install it on your own, you can do the traditional way of working. Then in the cloud-world, what typically happens is "Oh, I use a database service. I'm not installing anything, I push a button and I get an IP address and a SQL that connects extremely quickly to the database." And we take care of everything underneath that is on this database. Now, in order to do that, you need a whole infrastructure in place, you need log-in agents, you need a back-end that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing the service up and monitor it. And so, that takes a lot of time to do right, and we learn a lot by doing this. And so the cloud-first part of these services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy, and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can do everything at the same time. And so what we've done with Autonomous Database is we created everything in Oracle Cloud, we have the whole system running really well, and then we've been able to sort of package that and shrink it into something that can be installed on-premises, but then connected into Oracle Cloud again. And so that way we can get all the telemetry over the metric, and that allows us to scale. Because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that similar to how that runs in our own cloud. Right, otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work, and now with Cloud at Customer Database that's really in place. >> Yeah, you really want to have that same cloud experience, whether with on-prem, in the public cloud, hybrid, et cetera. So, I want to explore a little bit more who is using Oracle Linux, and what's the driver for using it. Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started this fourteen years ago, in 2006, October 25th, 2006. I remember that day very well; Penguins on stage and a big launch for Oracle Linux in San Francisco Moscone Center. So, look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, and the ability to be able to handle critical issues when that occurs, because typically a database runs the company's critical data: the most essential stuff that a company has is typically in a database, an Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger-pointing, and having to explain to an operating system vendor how the database works. In the Unix world, we had a good relationship with the OS vendors, and the hardware vendors, they were the same. And they knew our products really well, and in the Linux world, that was very different. The OS vendor basically did not want to understand or learn anything about the products living on top. And so while to a certain extent that makes sense, it's an enterprise world where time is of the essence, and downtime needs to be limited absolutely. We can't have these arguments and such. And that was the driver, initially, for doing Oracle Linux. It was to ensure there was a Linux distribution really backed by us, that we could fix, that we could fully support. That was completely the original intent. And so the early customer base was database customers. Database and middleware. Mostly database. But that has then evolved quickly, and so what happened was, people say "Look, I have a thousand servers, a hundred run Oracle, so we'll run Oracle Linux on those hundred, and we'll run something else on those other nine-hundred." Now after a year or so, they realize that our support is really good; We fix all these issues, and so then they're like "Why are we having two Linux distributions? This thing works really well, it runs any application, it's fully compatible, so we'll do a thousand with Oracle Linux." And so the early days, the first few years, was definitely Oracle Database as the core driver, and then it sort of expanded to the rest of the estate. And over the years, we've added lots of features and functionality, like Ksplice, and so forth. We have an attractive pricing model for running on servers, and so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all-or-nothing play in the Linux space, and we're well-known now, so it's actually very good. >> You just mentioned Ksplice. We've been talking about cloud, and on-prem, and hybrid. Let's talk about security, because security really is a differentiator, particularly if you're going to start to put stuff in the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So, "Security first" is sort of what you hear us say and do, in everything we do. The database obviously security, on the Linux site security matters. Ksplice as a technology is there to do critical bug-fixing and make sure that we can apply security vulnerability fixes without affecting the customer, and not have downtime. And if you look at most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well not that our customer doesn't understand that it's important, but it's a whole train of events that needs to happen. You have to, you get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-layered setup. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down, cause that talks to the database. So to patch one system, you basically have to bring down the whole application stack. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well during that time, you're vulnerable. So the only way, really, to address security in a scalable and reducing that window of time is to do it without affecting the customer. And so Casewise is something that, it's a company we acquired in 2009, and have since evolved in terms of capabilities, and so it allows us to patch the Linux terminal without downtime. We lock the kernel for 8 microseconds. It's literally no downtime. You don't have to bring down applications, the user doesn't see it, there's no hang, there's no delay. And so by doing that, you can run a Linux operating system, or gLinux, and you can be fully patched on a system that hasn't rebooted for 3 years. You don't even know it. And so by doing that type of stuff, it makes customers more secure, and it avoids them-- It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel, we do that for some of the libraries on top that are critical like OpenSSL and 2 LVC, and, you know one example-- I can give you two examples. So one example is, Heartbleed was this bug in OpenSSL a number of years ago. And so everyone had to patch their SSH server. And that meant, basically, systems around the world had to reboot. Like a whole IT reboot across the world. With Ksplice today, if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, and also, of course, the headache. Another example is, and this was in Oracle Cloud, when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, where you could basically see memory potentially of other CPUs running, the cloud is incredibly critical. We were basically able to basically patch our entire cloud in four hours. And the customer didn't know, right, a hundred and twenty million patches, or something, that we applied within four hours, all online, without any downtime. And so that technology has been really helpful, both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole, what we do in cloud we also do for customer. And I think that's a unique thing that we have at Oracle which is quite fascinating. The operating system we run for our customers, the operating system that's the host part of VMs, is the exact same binary and source code that we make available, just to be clear, the exact same binaries are the ones that you run as a customer on-premises. So if you run Oracle Linux with KVM, you run VMs, you're actually running the exact same stuff as we run underneath our customer's stuff. Nobody else does that, everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment, you're talking about that sort of security mindset, it's critical, you're not just bolting it on, it's part of the culture. But you started your career, and then of course you were a Linux person when you came to Oracle, but then I think you spent some time in database, back in the day when there were serious database wars going on, before Oracle became the king of database. So now you've got, obviously, this great portfolio, and a lot of really sharp software developers; What should we expect going forward, from Oracle? What should we look for? >> You know, I was talking to some, I was welcoming some interns to the company, for their summer internship yesterday, and one of the things I mentioned to them was that -- so cloud obviously gives us a lot of opportunities, but there's a number of things. One is, we have such a breadth of applications and software and hardware together. We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side, and one of the great opportunities, and I think we've shown a lot of this happening with the ability to create something like Autonomous Database, is to combine all these things. Right, we have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things it really becomes awesome. You cannot create autonomous database without having autonomous learning. You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers, and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly. And having the scale for that. I think that has been, for the last few years, a really great thing, but I can see that being one of the advantages that we have going forward. We have Oracle Fusion Applications, which is incredibly popular, and has great girth, and then we have that running on Oracle Cloud, that talks to Oracle Autonomous Database, so we bring all these pieces together. And no other SaaS vendor can do that, because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me, it's not so much about making my own world better, and having Linux be better, and Casewise and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle's always invested in RND, we've made that point many, many times. Whether it's database, you know Fusion was a painful but worthy effort, the whole public cloud piece, obviously many acquisitions, but the investments that you've made in open-source as well, Wim, you're a great spokesperson, and a great representative of the open-source community generally, and then Oracle specifically, so thanks very much for coming on theCUBE and sharing with us the state of the penguin, and best of luck. >> You're welcome. Thank you, thanks for having me. >> Alright, and thank you for watching, everybody. This is Dave Vellante for theCUBE. We'll see you next time. (cheerful music).

>> Announcer: From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world. This is a Cube Conversation. >> Hi everybody, this is Dave Vellante and welcome to this Cube Conversation. Really excited to have Wim Coekaerts and he is the senior vice president of software development at Oracle. Wim, it's great to have you on. And you know what I often say I wish we were face to face but if we were you'd have to cut off my tie 'cause developers and ties just don't go together. >> No, I know, and this is my normal outfit so this is me, wherever I go. Hi again, good to see you. >> Yeah, great to see you. So of course, you know a lot of people are confused about Oracle and open source. They say, Oracle, open source? What is that all about? But I think you misunderstood. People don't first of all realize you as the leader of the software development community inside of Oracle, I mean, you've been involved in Linux since the early '90s but you guys have a lot of committers. You do a lot, I want to talk about that. What is up with Oracle and open source? >> Well, it's a broad question. So you know, a couple of things. One is we have many different areas within the company that are dealing with open source, right? So we have the cloud team doing a lot of stuff around the cloud SDKs and support for different languages like Python and go and of course Java and so forth. So they do a lot around ensuring that the Oracle ecosystem is integrated in the open source tools that customers use, or developers use Terraform, so on and so forth. And then you have the Java team, and so of course Java is open source. And then, the Graal project, GraalVM, which is a polyglot compiler that run Java and Python and JavaScript and so forth together in one VM, do really cool optimizations, that's an open source project. Also on GitHub, there's of course MySQL which is along with Java, they're probably the two most popular and widely used open source projects out there. There's VirtualBox which is of course also a very popular project that's open sources is all the work we do around Linux. And I think one of the things is that when you have so many different areas doing things that are for that area, then as a developer or as a customer, you typically just deal with that group and what you see is, oh, you're talking to the Java developers so you know what's going on around Java. The Java developers might not necessarily say, oh, and we also do MySQL and we do Linux and VirtualBox and so forth. And so you get sort of a rather myopic narrow view of the larger company. When you add all these things up and there would be one big slide that says, "This is Oracle, these are all these open source projects there". And there's multiple ways, right? One is we have projects that we've opened sourced and all the code came from us and we made it publicly available. We are the main distributor and we get contributions back. There are other projects where we contribute to third party in terms of enhancing things, like a separate the cloud team. And then in general, something like Linux where, you know, we're part of an external project and we participate in the development of that project at large. And so there's these three different ways when you count up all the developers that we have that deal with open source on a daily basis and in terms of contributions, in terms of both Pyxis testing and so forth, it's thousands, literally, full time developers. And of course all the projects is on GitHub or similar sites that are very popular. So yeah, I think the misunderstood is probably a lack of knowledge of the breadth of what we do. And our primary goal is to provide services and products to customers. And so the open source part is sort of embedded in the development methodology, but that's not something we sell or market separately. We just work with customers and products and services. And so in some cases it's not well understood. >> Yeah, well, we're talking, of course we're talking about the state of the Penguin. I think it's part of what people understand. I mean, Oracle got into the Linux game, in the '90s, maybe the latter part of the '90s and Oracle of course wants to make Linux, wants to make Oracle its applications and database run better on Linux. But as you're pointing out you're Linux distro, full support, end-to-end, thousands of people in your open source community and the contributions that you make to Linux, many if not most, they go upstream, everybody can benefit from those. But of course you want an Oracle distro that is going to make Oracle stuff run better. That's always kind of been the Oracle way. >> Well, so yes, two things. The one is that, so everything we do is upstream. So we have no Linux patches that are not contributed upstream. There's no proprietary code in Oracle Linux at all. It's all completely open, publicly available. The source code, the change log, all the commits, everything. It's fully open and public, which sometimes is not well understood, but it's completely open. And everything we do in terms of feature development or functionality or bug fixes goes upstream to the Linux kernel mailers. It's actually, it's the only way to be able to manage a Linux distribution and be a Linux vendor is to live in that ecosystem. Otherwise, the cost of maintaining your own forks so to speak is very high and it doesn't really solve problems. Now the functionality we worked on obviously is focused on making Oracle products run better, making Oracle cloud run better and so forth. However, again, what's important to understand though is an Oracle database is a program running on an operating system that does IO, it does networking, it does memory, it deals with memory management, lots of processes. So for the most part, the things we work on to improve that, helps everyone out, right? It helps every other database run better or it helps every other language run better. So none of these changes are specific to Oracle. They're just things that we found doing performance benchmarks and testing and so forth. But we say, "Hey, if Linux did the following, it would make boot up fast." Now boot up has nothing to do with the database. But if our customers run on one terabyte, four terabyte, eight terabyte systems, and so booting up and Linux starting up and cleaning up memory takes a long time. So we want to reduce that from an availability point of view. So here we're now talking about just enterprise, right? And so there's this broad set of things we work on that definitely help us, but they're actually really completely generic and help everyone customer. >> Yeah, that's great, good. So I wanted to kind of get that out of the way and help our audience understand it. So let's get into it a little bit. What are you seeing, what's going on in IT? Pick your observation space and your vision of what you see happening out there? >> Well it's very interesting. There's sort of two worlds, right? There's the cloud world and move to cloud and there's the on-premise world where people run their systems on their own. And one of the things that we've learned is, when you talk about machine learning obviously is something that's very popular these days and automation. And so in order to rely on machine learning well and have algorithms that are very effective, you need lots of data. And so being a cloud vendor and having Linux in our cloud on tens of thousands or hundreds of thousands of servers or more allows us to have a view of how an operating system works across incredibly large scale. So we get lots of data and so for us to figure out which algorithms work well in terms of, how can we do network customizations, how can we discover anomalies on the storage side and deal with it and so forth, we can do that at scale. And what's interesting is how do we then bring that to on-prem? Well, if we can get the data and the learning done the training done in our cloud directly, then when we provide that service also to people running Oracle Linux on-premises, then that will work. The alternative is to have point solutions where you provide something to a customer and he needs to learn something from small amounts of data. That doesn't work so well. So I think having both worlds on-prem and cloud directly allows us to kind of benefit from that. And I think that's important because lots of customers are interested in going to cloud. Many of the enterprises have not yet, you know, they're starting, but there's still a huge on-premises space that's important. And so by being able to get them familiar with how these things work at scale, autonomy is again important, right? Autonomous database is incredibly popular and so forth. That allows us to then say, "Here, try these things out here. "It's a service, we can show you the benefits right away". And then as that improves, we bring that on to a certain extent on-premise as well and then they can have it in both places. And that I think is something, again, that's relatively unique but also very important is that we want to create an... we want to provide services and products that act similarly on-premises as well as the cloud. Because at some point when people move, we want to make that transition seamless. And what you have today for the most part is one world that's on-prem and then the cloud world is completely different and that is a big barrier of moving. And so we want to reduce that. You can run the same operating system local as well as cloud, you can get the same banality and then that helps transition people over much easier. >> Yeah, well, Oracle actually was one of the... I think but Oracle was the first company to actually market same-same, you actually use that term. Others put forth that concept, but Oracle was the first to announce products like cloud to customer that was same-same now it took some time to actually get it perfective and get it to market. But the point is, and we've written about this is that Oracle, because of the ascendancy of cloud flipped and has a cloud first mentality and you just kind of referenced that you just said, "And you can bring that to on-prem". So I wonder if you could talk about that cloud first mentality and the impact on hype? >> So yeah, I think the clouds first part is of course in cloud we work on services more so than products that we deliver and there's a number of things that are happening. So one is we obviously continue to provide products across you can download Oracle Linux, you can download the database in web blog, you can install it on your own, right? You can do to the traditional way of working. Then in a cloud world, what typically happens is, oh, I use a database service. I'm not installing anything. I push a button and I get an IP address and a SQL, and a connect string and connect to a database. And we take care of everything underneath the database. Now, in order to do that, you need to hold infrastructure in place, right? You need lugging agents, you need a backend that captures all that stuff, you need monitoring tools, you need all the automation scripts for bringing this service up and monitor it. And so that takes a lot of time to do, right? And we learned a lot by doing this. And so the cloud first part of the services means that we get to experience this ourselves with direct access to everything. Now taking that service with all of the additional features like autonomy and bringing that to an on-premises world, we have to make sure we can package that so that all these pieces around it go along with it. And that takes a little bit more time, so we can't do everything at the same time. And so what we've done with autonomous database is we created everything in Oracle cloud, you have the whole system running really well. And then we've been able to sort of package that and shrink it into something that can be installed on-premises but then connected into Oracle cloud again. And so that way we can get all the telemetry, all the metrics, and that allows us to scale because part of providing a cloud service that runs on-prem in the customer environment is that we need to be able to remotely manage that, similar to how we manage something that runs in their own cloud, right? Otherwise it doesn't scale. And so that takes a little bit of time, but we've done all that work and now we've got our customer database that that's really in place. >> Yeah, you really want to have that same cloud experience, whether it's on-prem, in the public cloud, hybrid, et cetera. So I want to explore a little bit more. Who is using Oracle Linux and what's the driver for using it? Can you describe maybe some of the types of customers and why they buy? >> Sure, so we started 14 years ago, right? 2006, October 25th, 2006 (giggles). I remember that day very well. Penguin's on stage and a big launch for Linux in San Francisco Moscone Center. So look, the initial driver for Oracle Linux was to ensure that Oracle database customers or Oracle product customers had a good operating system experience, right? And the ability to be able to handle critical issues when that occurs because typically a database runs the company's critical data. The most essential stuff that a company has is typically in a database, in Oracle database. And so when that thing has issues with the operating system, you don't want just to talk to multiple vendors and have finger pointing and having to explain to an operating system vendor how the database works. In the Unix world, we had a glitch relationship with the OS vendors and the hardware vendors. They were the same. And they knew our products really well, and in the Linux world that was very different. The OS vendor basically did not want to understand or learn anything about products living on top. And so, while, to a certain extent, that makes sense. It's an enterprise world where time is of the essence and downtime needs to be limited absolutely. We can't have these arguments and such. And so that was the driver initially for doing Oracle. So it was to ensure there was a Linux distribution really backed by us that we could fix and we could fully support, right? That was completely the original intent. And so the early customer base was database customers. Database and middleware, mostly database. So but that has then evolved quickly, and so, (clears throat) sorry. What happened was, people would say, "Look, have a thousand servers, a hundred run Oracle, "so we'll run Oracle Linux on those hundred "and we run, something else on those other 900." Now after a year or so, they realized that our support was really good. We fixed all these issues and so then they're like, "Why are we having two Linux distributions? "This thing works really well. "It's runs any application, it's fully compatible. "So we'll just go a thousand with Oracle Linux". And so the early days, the first few years was definitely Oracle database as the core driver and then it sort of expanded to the rest of the estate. And over the years (clears throat), we've added lots of features and functionality, like Ksplice and so forth. We have an attractive pricing model for running on servers. And so now lots of our customers have a very small Oracle percentage running and many other things running. So it's really become a all or nothing play in the Linux space and we're well known now, so it's been actually very good. >> You just mentioned Ksplice. I mean, we've been talking about cloud and on-prem and hybrid and let's talk about security because security really is a differentiator but particularly if you're going to start to put stuff into the cloud. Talk about Ksplice specifically, but generally security and your policy there. >> So security first is sort of what you hear us say and do in everything we do, right? The database obviously security on the Linux side, security matters, Ksplice as the technology is there to do critical bug fixing and make sure that we can apply security vulnerability fixes without affecting the customer and not have downtime, right? And if you look at, most of the cases or many of the cases where you have security vulnerabilities and exploits, it tends to be because systems were not patched. Why were they not patched? Well, not that a customer doesn't understand that it's important, but it's a whole train of events that needed to happen. You have to get notified that there's a security issue in your operating system or application. Then, well, an application typically means it's a multi-tiered set up. So if you have to bring your database server down, then you first have to coordinate with the application users to bring the app server down because that talks to the database. So to patch one system, you basically have to bring down all application stacks. You have to negotiate with the DBAs, you have to negotiate with the app admins, you have to negotiate with the user. It takes weeks to do that and find time. Well, during that time you're vulnerable. So the only way really to address security in a scalable way and reducing that window of time is to do it without effecting the customer, right? And so Ksplice is something that... It's a company we acquired in 2009 and have since evolved in terms of capabilities. And so it allows us to patch the Linux kernel without downtime, right? We lock the kernel for a microsecond, so it's literally no downtime. You don't have to bring down applications. The user doesn't see it. There's no hang, there's no delay. And so by doing that, you can run the Linux operating system, Oracle Linux, and you can be fully patched on a system that hasn't rebooted for three years and you don't even know it. And so by doing that type of stuff, it makes customers more secure and it avoids them... It saves them a lot of money in terms of dealing with project management and so forth, but it really keeps them secure. And so we do that for the Linux kernel. We do that for some of the libraries on up that are critical, like OpenSSL and glibc and one example, I can give you two examples. So one example is Heartbleed was this bug in OpenSSL a number of years ago and so everyone had to patch their SSH server. And that meant basically, systems around the world had to reboot, like a whole active reboot across the world. With the Ksplice today if Heartbleed were to happen tomorrow, we would be able to patch this online for all the Oracle Linux customers without any downtime. No reboots, no restarting of applications, everything keeps running. The amount of money saved would be massive, right? And also of course, the headache. Another example is, (clears throat) and this was an Oracle cloud when some of these CPU bugs that happened a few years ago that were rather damaging on the cloud side, right? Where you could basically see memory of potentially of other machines running that the cloud it's incredibly critical. We were basically able to patch our entire cloud in four hours and the customer didn't know, right? 120 million patches or something that we applied within four hours all online without any down time. And so that technology has been really helpful both for us to run our cloud, but the exact same patches and same fixes go to customers on-premises as well. But this comes back to the whole what we do in cloud, we also do for customer, and I think that's a unique thing that we have at Oracle, which is quite fascinating, right? The operating system we run for our customers, the operating system that's the host for the VM is the exact same binary and source code that we make available, just to be clear. The exact same binaries are the ones that you run as a customer on premises. So you run Oracle Linux with KVM, you run VMs, you're actually running the same stuff as we do for our... That we run underneath our customer stuff. Nobody else does that. Everyone else has a black box. So I think that helps a little bit with transparency as well. >> Yeah, and that homogeneity just creates an environment you're talking about sort of the security mindset is critical. You're not just bolting it on, it's part of the culture. Look, you were, you know, started your career, and then of course you were a Linux person when you came to Oracle, but then I think you've spent some time in the database back in the day when there were some serious database wars going on before Oracle, became the king of database. So now you've got obviously this great portfolio and a lot of really sharp software developers. What should we expect going forward from Oracle? What should we look for? >> I was welcoming some interns to the company, (clears throat) for their summer internship yesterday. And one of the things that I, (clears throat) I'm sorry. One of the things I mentioned to them, was that one of the... So cloud obviously gives us a lot of opportunities, but there's a number of things. One is we have such a breadth of applications and software and hardware together, right? We have the servers, we have the storage, we have the operating systems, we have the database layer and so forth, and we have the cloud side. And one of the great opportunities and I think we've shown a lot of this happening with the ability to create something like autonomous database is to combine all these things, right? We have such a broad portfolio of really cool technology that by itself is okay, but if you combine the things, it really becomes awesome, right? You cannot create autonomous database without having autonomous Linux, right? You cannot create those two and make them really safe without also controlling the firmware on the hardware and so forth. So by being able to combine all these layers and by having a really great relationship across the teams within the company, that opens up a lot of opportunities to do stuff really quickly and having the scale for that. I think that has been for the last few years a really great thing but I can see that being one of the advantages that we have going forward, right? We have Oracle Fusion Applications, which is incredibly popular and has great growth. And then we have that running on Oracle cloud that talks to our autonomous database. So we bring all these pieces together and no other SaaS vendor can do that because they don't have these other pieces. They have one area, we have all of them. And so that's the exciting part for me is basic... It's not so much about making my own world better and having Linux be better and Ksplice and so forth, which is important, but that becoming part of the bigger picture. And that's the exciting part. >> Well, Oracle has always invested in R&D. We've made that point many many times, whether it's database, fusion was a painful but worthy (giggles) effort. The whole public cloud piece, obviously many acquisitions but the investments that you've made in open source as well. Wim, you're a great spokesperson and a great representative of the open source community generally, and an Oracle specifically. So thanks very much for coming on theCUBE and sharing with us the state of the Penguin. The best of luck. >> You're welcome. Thank you, thanks for having me. >> All right, and thank you for watching everybody. This is Dave Vellante for theCUBE. We'll see you next time. (soft music)

>>Hi from San Francisco, it's the cube covering RSA conference, 2020 San Francisco, brought to you by Silicon angle media. >>You're welcome back. You're ready. Jeff Frick here with the cube. We are wrapping up Wednesday here at RSA 2020 Moscone center. It's the year we know everything. It's women in tech Wednesday and we're really excited that our next guest, she's been coming to the show for a very, very long time. She's really dialed into the community. She's an author. I got the whole as author, advisor, consultant, speaker. I could go on and on and on as you share. Rubinoff Shira, great to see you and welcome back to the cube. Oh, thank you so much. Pleasure to be here. Again, RSA 2020. A lot of kind of crazy stuff going on. The little coronavirus, you know, kind of impact, which is really interesting coming off of mobile world Congress, being in the event space and kind of seeing how this is gonna shake out. But the theme this year is the human element, which, uh, kind of plays right into your strengths. >>So just first get your kind of impressions of the show and really kind of that theme and kind of your take on why that's an important theme for RSA this year? >> Well, I think the human element has always been at the forefront. It's just now becoming accepted and put at the beginning of what people are really talking about. We talk about the people, the process and the technology all the time. When it comes to practice, everyone's really been focused on the security and the technology, but they forget the human elements and RSA this year is really focused on the human element being at the forefront. We have to realize there's a human creating the technology, a human at the end of the truck. Technology is trying to help and the glue between the process, how it all intersects together really depends on how people embrace it. And that was actually the premise for my book cyber Myers. >>So a plug for the book plug for the book cyber minds is a, a book is I view cybersecurity as the umbrella over all other technology. You need cybersecurity intersected in some way when you're dealing really with anything. But the human element really takes the forefront. So I really talk about cybersecurity and cyber hygiene and cyber elements within the book and cyber hygiene. I broke down into four categories which are training and that's ongoing training from the top down, being from the border and all the way down to the intern. Global awareness with an organization, keeping that culture going, a security and patching and digital transformation within the organization as well as zero trust. And I take that and I really continue with it throughout the book when we talk about blockchain, artificial intelligence, internet of things and cyber warfare and really showing how the human element is an integral part of everything we're doing in order to protect ourselves as a, as people, as an organization and just all support friends and sharing of information now is being, is completely critical. And it's being done because of that human element piece that's being embraced and understood >> lot a lot there. Right? So the human over the string, right? So it used to be per T E Z to identify a phishing attack. Right. You know, bad grammar and everything. A little bit of context and >>maybe the vocabulary wasn't quite right. That's not the way anymore. The sophistication of these attacks, the phishing attacks specifically at a friend in the, in the, in the real estate business, you know, and it was, it was an email from a banker that he does business with at a bank that he does business with around the transaction that he had knowledge about and doing a wire transfer. And it just was slightly mistimed where he, where he called the banker, his buddy and said, you know, did you, did you send this? So, you know, in the age of deep fakes, which is barely beginning in the age of this war, advanced AI for them to really put together these packages, um, and really infinite bandwidth, time and money. If you're really trying to pervade, I mean, how will the role of the human shift, you know, can we really expect them even with ongoing training to be sophisticated enough to keep up with these attacks? >>Well, I think it also boils down to real world examples and we have to really understand the demographics that we're working for. I think today it's the first time really in history that we have four generations working side by side in the workforce, so we have to understand that people learn differently. Training should be adjusted to the type of people that we're teaching, but fishing doesn't just boil down to clicking on links. Fishing teaches. Also, it boils down to tricking somebody, getting someone's trust, and it could come in many different forms. For example, think of social media. How do people connect? We're connecting for us social media on many different platforms. I'll give a very easy example. LinkedIn. LinkedIn is a business platform. We're all connected on LinkedIn. Why we connect on LinkedIn, because that's a social platform that people feel safe on because we're able to connect to each other in a business form. >>However, think of the person who's getting the first job with an organization, their first job in maybe their project manager and they're working for bank, a excited to be working for bank gay. Hey, I'm the list all the projects I'm working for. So here's now my resume on LinkedIn. I'm working on project a, B, C, D, and this is my manager I report to. Perfect. There's some information sitting there on LinkedIn. Now what else I will tell you is that you might have somebody who looking to get into that bank. What will they do? Let's look for the lowest hanging fruit. Ooh, this new project manager. Oh, I see. They're working on these projects and they're reporting into someone. Well, I'm not a project manager. I'm a senior project manager from a competing bank. I'm going to be friend them and tell them that I'm really excited about the work they're doing. So you're their social engineering your way into their friendship, into their good graces, into their trust. Once somebody becomes a trusted source, people share information freely. So people are putting too much information out there on social trusting to easily opening the door for more than a phishing attack. And things are just rapidly going out of control. Right. >>Well, it's funny. So one of my other favorite women in cyber is Rachel Tobik. Back, I don't know if you know Rachel, but she's famous for, you know, kind of live hacking at black hat, all social engineering, calling people up and just getting through and you know, she says she's basically undefeated. Um, this >>way if you're about the human elements, why do people act quickly? The biggest problem is people don't stop and pause. So if you think about, my background also is in psychology, psychology and business. So when you deal about the human element, it's panic. Let's set panic in. When you set panic in on a personal nature, people are quick to respond and quick over to give over information. If they feel it's pertinent to them, calling someone quickly, Hey your babysitter called, I need your social or anything like that. Set somebody into a spin. They're very quick to give over information cause they feel personal at risk when it comes to business and the business setting, it may not be as personal that way. That, so they kind of composite about the way people get in as through other social channels in ways that are more personal to individuals. >>So is that, is, is, is more sophistication around the human training element. Really the key as opposed to God knows how many vendors are in this, this building right now. I mean I, I feel so much for the buyer trying to sort it all out. Right? And there's big players in the established solutions that have been around forever. And then of course he get a spice with the startups that are cutting edge and doing new things when in fact all that goes out the window. If I can call the person up and say, you know, your house is on fire, please give me your, your password or your front door. Cause I gotta get the kids out. I mean I'm exaggerating to make a point, but is enough appreciation going into the human factors of training? Not on the technology side, but really the motivators for people to do things, um, to, to, to make, to try to please. Right. That's another great motivator to try to please. >>Well, right. Cause people like to be wanted. They like to be acknowledged. So they like to feel they're doing good. But again, it boils down to the people, the process and the technology. You can't have one without the other. You can't just focus on the people without focusing on the technology. But if you leave them as separate entities and you don't deal with the process in the middle, that glue, you're gonna leave yourself open. So they have to work hand in hand all the time. It's something that's a, it's a one plus one if you'll stand right at that perspective. So yes, you really need all of it together. >>The other thing that we hear over and over and over, right is just zero trust. The whole concept of zero trust. It's been around for a long time, which, which you know, you just assume that the bad guys are going to get in. Right? So then how do you try to find them quicker? How do you try to limit what they can get once they get in? So it's a really different kind of point of view to take a zero trust attitude on the assumption they're going to get it at some point and then try to mitigate the damage after the fact. >>So I look at zero trust from a little bit of a different perspective. I think zero trust is pertinent. Everyone should be using it because again, you're authenticating yourself, you're giving access only to that person for that specific task. But again, in organizations, if they say we're locking down everything all the time because we want to be secure, the employees are going to say, this is ridiculous. We don't have to be locked down for ABC. It makes no difference to us. What I say to organizations that are don't lock down things that don't need to be locked down, and when you do lock down something, it's important to have that three 60 dialogue with your employees. Explain why. Make them part of the solution, not part of the problem. If everyone's saying, Hey, you human, you're the weakest link. >>People are going to take offense at that and say, look, we know what we're doing. But if you make them part of the solution, Hey, we're in this together, let's make this part of the culture and they act as that with an organization you're going to have, they'll kill piece of ness so becomes just an ongoing everyday life living thing. Right. You brought that up. The windy neither from from Cisco is one of the keynotes on the first day and she was phenomenal. The basic, her basic premise was we as an industry have been to a kind of a not inclusive, exclusive like we own everything. We have all the control, we have all the answers, we know everything and her whole gist was no you don't. You don't have the context necessarily to make risk trade offs a benefit trade off. You don't necessarily have the context to see the softer stuff and really what you're saying really embrace everybody as part of the solution as opposed to trying to Creech people to do certain things and do and not do other things. >>I'm a little bit of both, right? Proper balance but also look at organizations today in the past would be, these are our solutions. We found out this Intel, you figure it out on your own and that it wasn't helping anybody. The idea now of sharing of information has become widely embraced certainly in the larger security companies at large and they really understand the value of it. So when I talk about, yes, you do have to lock down certain things and people do have to understand where the end points are, but they also need to understand that they are part of the solution and where the ends in the beginning. Let's shift gears a little bit from the people who back to the machines because the other thing that's happening really, really fast, right? As IOT. Yes, a lot of more edge devices, a lot of sensor devices. >>We saw what happened with, with some of the Alexa devices that was not very, was not very good. Um, so as you talk to your clients and, and, and, and people that read your book, how do you get them to think about IOT? How do you get them to think about this kind of machine to machine though? Of course that five G, which will just accelerate it at a, at a whatever, a hundred X, uh, speed to think about working. That is because we want API to API communication. We want machines to, to interface with each other. We want to remove that kind of human integration point a lot of times. But now you just opening up a boatload more of attack surfaces don't necessarily have the smartest machines is and often they can be compromised in ways that maybe people didn't think through before they connected them onto the internet. >>Well, it's also interesting when you talk about five G, it's not that we can do things at speed that speed, it's also bad actors could do things at that speed sales. So understand the portals of what your connectivity is, your third party software to whose, who has access, where are the access points, how are you going to protect those access points because the speed is that much quicker. We have to be that much more diligent. So yes, they're massive. Haas, really good positives. But there's also some negatives. So if we have to be diligent around those, it can be fabulous, but it could also be really, really dangerous for us. Sure. And it's coming right? It's coming. Right. So give us the, give us the 401 on the book. What's the, you know, kind of the top level themes for people to run out and get this? I saw some great reviews on Amazon. You're selling it upstairs, you know, what are kind of the really key takeaways here? >>Well, the key takeaways are really, again, cybersecurity is the umbrella over all of the technology. When you think of technology, cybersecurity is part of it. And when you look at cyber security, that comes from many different elements. It's not just a technology play, it's also a human element play. And the humans are an essential part of cybersecurity, whether you're securing for or securing too. It's just an interplay of both. So cyber mine's really touches upon all those concepts and all the latest and greatest emerging tech out there, as well as blockchain, AI, IOT, cyber warfare. Uh, think about it. It really just travels through. And I had some really amazing interviews with some top of the minds within the book that really adds tremendous value to it and grateful for them. >>Great. Well, I'm glad to finally get my own copies so I will be able to dig in and next time we talk I'll be digging deep into this book with you and getting a little bit more of that insight. I look forward to hearing your thoughts. Well, thanks. You're, hopefully you can kick your feet up a little bit tonight, but probably not. I'm sure you're busy, busy, busy. Well, thanks for stopping by. All right. She shear. I'm Jeff. You're watching the cube. We're at RSA 2020 at Moscone. Thanks for watching. We'll see you next time.

>> Narrator: Live from San Francisco It's theCUBE. Covering RSA Conference 2020, San Francisco. Brought to you by Silicon Angled Media >> Hi everyone, welcome to theCUBE's coverage here at RSA Conference 2020. I'm John Furrier, host of theCUBE We're on the floor getting all the data, sharing it with you here, Cube coverage. Got the best new generation shift happening as cloud computing goes to the whole other level. Multi-cloud, hybrid cloud changing the game. You're seeing the companies transition from an on-premises to cloud architecture. This is forcing all the companies to change. So a new generation of security is here and we've got a great guest, so a hot start-up. Masha Sedova, co-founder of Elevate Security. Welcome to theCUBE, thanks for joining us. >> Thank you so much for having me, John. >> So the next generation in what will be a multi-generational security paradigm, is kind of happening right now with the beginning of, we're seeing the transition, Palo Alto Networks announced earnings yesterday down 13% after hours because of the shift to the cloud. Now I think they're going to do well, they're well positioned, but it highlights this next generation security. You guys are a hot start-up, Elevate Security. What is the sea change? What is going on with security? What is this next generation paradigm about? >> Yeah, so it's interesting that you talk about this as next generation. In some ways, I see this as a two-prong move between, yes, we're moving more into the cloud but we're also going back to our roots. We're figuring out how to do asset management right, we're figuring out how to do patching right, and for the first time, we're figuring how to do the human element right. And that's what where we come in. >> You know, the disruption of these new shifts, it also kind of hits like this, the old expression, 'same wine, new bottle', all this, but it's a data problem. Security has always been a data problem, and we've seen some learnings around data. Visualization, wrangling, there's a lot of best practices around there. You guys are trying to change the security paradigm by incorporating a data-centric view with changing the behavior of the humans and the machines and kind of making it easier to manage. Could you share what you guys are doing? What's the vision for Elevate? >> Yeah, so we believe and we've seen, from our experience being practitioners, you can't change what you can't measure. If you don't have visibility, you don't know where you're going. And that's probably been one of the biggest pain-point in the security awareness space traditionally. We just roll out training and hope it works. And it doesn't, which is why human error is a huge source of our breaches. But we keep rolling out the same one-size fits all approach without wanting to measure or, being able to. So, we've decided to turn the problem on its head and we use existing data sets that most organizations who have a baseline level of maturity already have in place. Your end point protections, your DLP solutions, your proxies, your email security gateways and using that to understand what your employees are doing on the network to see if user generated incidents are getting better over time or getting worse. And using that as the instrumentation and the level of visibility into understanding how you should be orchestrating your program in this space. >> You know, that's a great point. I was just having a conversation last night at one of the cocktail parties here around RSA and we were debating on, we talk about the kind of breaches, you mentioned breaches, well there's the pure breach where I'm going to attack and penetrate the well fortified network. But then there's just human error, an S3 bucket laying open or some configuration problem. I guess it's not really a breach, it's kind of an open door so the kind of notion of a breach is multifold. How do you see that, because again, human error, insider threats or human error, these are enabling the hackers. >> Yeah >> This is not new. >> Yeah. >> How bad is the problem? >> It depends on what report you read. The biggest number I've seen so far is something like 95% of breaches have human error. But I honestly, I couldn't tell you what the 5% that don't include it because if you go far enough back, it's because a patch wasn't applied and there is a human being involved there because there is vulnerability in code, that's probably a secure coding practice when you're a development organization. Maybe it's a process that wasn't followed or even created in the first place. There's a human being at the core of every one of these breaches and, it needs to be addressed as holistically as our technologies and our processes right now in the space. >> The evolution of human intelligence augmented by machines will certainly help. >> That's it, yeah. >> I mean, I've got to ask you, obviously you're well-funded. Costanova Ventures well known in the enterprise space, Greg Sands and the team there, really strong, but you guys entered the market, why? I mean you guys, you and your founder both at Salesforce.com. Salesforce gurus doing a lot of work there. Obviously you've seen the large scale, first wave of the cloud. >> Yeah >> Why do the start-up? What was the problem statement you guys were going after? >> So, my co-founder and I both came from the world of being practitioners and we saw how limited the space was and actually changing human behavior, I was given some animated PowerPoints, said use this to keep the Russians out of your network, which is a practical joke unless your job is on the line, so I took a huge step back and I said, there are other fields that have figured this out. Behavioral science being one of them, they use positive reinforcement, gamification, marketing and advertisements have figured out how to engage the human element, just look around the RSA floor, and there's so many learnings of how we make decisions as human beings that can be applied into changing people's behaviors in security. So that's what we did. >> And what was the behavior you're trying to change? >> Yeah, so the top one's always that our attackers are getting into organizations, so, reducing phishing click-throughs an obvious one, increasing reporting rates, reducing malware infection rates, improving sensitive data handling, all of which have ties back to, as I was mentioning earlier, security data sources. So, we get to map those and use that data to then drive behavior change that's rooted in concepts like social proof, how are you doing compared to your peers? We make dinner decisions on that and Amazon buying decisions on that, why not influence security like that? >> So building some intelligence into the system, is there a particular market you're targeting? I mean, here people like to talk in segments, is there a certain market that you guys are targeting? >> Yeah, so the amazing thing about this is, and probably no surprise, the human element is a ubiquitous problem. We are in over a dozen different industries and we've seen this approach work across all of those industries because human beings make the same mistakes, no matter what kind of company they're in. We really work well with larger enterprises. We work well with larger enterprises because they tend to have the data sets that really provides insights into human behavior. >> And what's the business model you guys envision happening with your service product? >> We sell to enterprises and security, the CISO and the package as a whole, gives them the tools to have the voice internally in their organization We sell to Fortune 1000 companies, >> So it's a SAAS service? >> Yeah, SAAS service, yeah. >> And so what's the technology secret sauce? (laughing) >> Um, that's a great question but really, our expertise is understanding what information people need at what time and under what circumstances, that best changes their behavior. So we really are content diagnostic, we are much more about the engine that understands what content needs to be presented to whom and why. So that everyone is getting only the information they need, they understand why they need it and they don't need anything extra-superfluous to their... >> Okay, so I was saying on theCUBE, my last event was at, CIO's can have good days and bad days. They have good days, CISOs really have good days, many will say bad days, >> Masha: Yeah, it's a hard job. >> So how do I know I need the Elevate Solution? What problem do I have, what's in it for me? What do I get out of it? When do I know when to engage with you guys? >> I take a look at how many user generated incidents your (mumbles) responding to, and I would imagine it is a large majority of them. We've seen, while we were working at Salesforce and across our current customers, close to a 40% reduction rate in user generated incidents, which clearly correlates to time spent on much more useful things than cleaning up mistakes. It's also one of the biggest ROI's you can get for the cheapest investment. By investing a little bit in your organization now, the impact you have in your culture and investing in the future decision, the future mistakes that never get made, are actually untold, the benefit of that is untold. >> So you're really kind of coming in as a holistic, kind of a security data plane if you will, aggregating the data points, making a visualization in human component. >> You've got it. >> Now, what's the human touchpoint? Is it a dashboard? Is it notifications? Personalization? How is the benefit rendered for the customer? >> So we give security teams and CSOs a dashboard that maps their organization's strengths and weaknesses. But for every employee, we give personalized, tailored feedback. Right now it shows up in an email that they get on an ongoing basis. We also have one that we tailor for executives, so the executive gets one for their department and we create an executive leaderboard that compares their performance to fellow peers and I'll tell you, execs love to win, so we've seen immense change from that move alone. >> Well, impressive pedigree on your entrepreneurial background, I see Salesforce has really kind of, I consider real first generation cloud before cloud actually happened, and there's a lot of learn, it was always an Apple case, now it's AWS, but it's it's own cloud as we all know, what are the learnings that you saw from Salesforce that you said hey, I'm going to connect those dots to the new opportunity? What's the real key there? >> So, I had two major aha's that I've been sharing with my work since. One, it's not what people know, but it's what they do that matters, and if you can sit with a moment and think about that, you realize it's not more training, because people might actually know the information, but they just choose not to do it. How many people smoke, and they still know it kills them? They think that it doesn't apply to them, same thing with security. I know what I need to do, I'm just not incentivized to do it, so there's a huge motivation factor that needs to be addressed. That's one thing that I don't see a lot of other players on the market doing and one thing we just really wanted to do as well. >> So it sounds like you guys are providing a vision around using sheet learning and AI and data synthesis wrangling and all that good stuff, to be an assistant, a personal assistant to security folks, because it sounds like you're trying to make their life easier, make better decisions. Sounds like you guys are trying to distract away all these signals, >> You're right. >> See what to pay attention to. >> And make it more relevant, yeah. Well think about what Fitbit did for your own personal fitness. It curates a personal relationship based on a whole bunch of data. How you're doing, goals you've set, and all of a sudden, a couple of miles walk leads to an immense lifestyle change. Same thing with security, yeah. >> That's interesting, I love the Fitbit analogy because if you think about the digital ecosystem of an enterprise, it used to be siloed, IT driven, now with digital, everything's connected so technically, you're instrumenting a lot of things for everything. >> Yeah. >> So the question's not so much instrumentation, it's what's happening when and contextually why. >> That's it, why, that's exactly it. Yeah, you totally got it. >> Okay. I got it. >> Yeah, I can see the light bulb. >> Okay, aha, ding ding. All right, so back to the customer pain point. You mentioned some data points around KPI's that they might or things that they might want to call you so it's incidents, what kind of incidents? When do I know I need to get you involved? Will you repeat those again? >> There's two places where it's a great time to involve. Now, because of the human element is, or think about this as an investment. If you do non-investor security culture, one way or another, you have security culture. It's either hurting you or it's helping you and by hurting you, people are choosing to forego investing security processes or secure cultures and you are just increasing your security debt. By stepping in to address that now, you are actually paying it forward. The second best time, is after you realize you should have done that. Post-breaches or post incidents, is a really great time to come in and look at your culture because people are willing to suspend their beliefs of what good behavior looks like, what's acceptable and when you look at an organization and their culture, it is most valuable after a time of crisis, public or otherwise, and that is a really great time to consider it. >> I think that human error is a huge thing, whether it's as trivial as leaving an S3 bucket open or whatever, I think it's going to get more acute with service meshes and cloud-native microservices. It's going to get much more dynamic and sometimes services can be stood up and torn down without any human knowledge, so there's a lot of blind spots potentially. This brings up the question of how does the collaboration piece, because one of the things about the security industry is, it's a community. Sharing data's important, having access to data, how do you think about that as the founder of a start-up that has a 20 mile steer to the future around data access, data diversity, blind spots, how do you look at that and how do you advise your clients to think about that? >> I've always been really pro data sharing. I think it's one of the things that has held us back as an industry, we're very siloed in this space, especially as it relates to human behavior. I have no idea, as a regular CISO of a company, if I am doing enough to protect my employees, is my phishing click (mumbles), are my malware download rates above normal, below or should I invest more, am I doing enough? How do I do compared to my peers and without sharing industry stats, we have no idea if we're investing enough or quite honestly, not enough in this space. And the second thing is, what are approaches that are most effective? So let's say I have a malware infection problem, which approach, is it this training? Is it a communication? Is it positive reinforcement, is it punishment? What is the most effective to leverage this type of output? What's the input output relation? And we're real excited to have shared data with Horizon Data Breach Report for the first time this year, to start giving back to the communities, specifically to help answer some of these questions. >> Well, I think you're onto something with this behavioral science intersection with human behavior and executive around security practices. I think it's going to be an awesome, thanks for sharing the insights, Miss Masha on theCUBE here. A quick plug for your company, (mumbles) you're funded, Series A funding, take us through the stats, you're hiring what kind of positions, give a plug to the company. >> So, Elevate Security, we're three years old. We have raised ten million to date. We're based in both Berkeley and Montreal and we're hiring sales reps on the west coast, a security product manager and any engineering talent really focused on building an awesome data warehouse infrastructure. So, please check out our website, www.elevatesecurity.com/careers for jobs. >> Two hot engineering markets, Berkeley I see poaching out of Cal, and also Montreal, >> Montreal, McGill and Monterey. >> You got that whole top belt of computer science up in Canada. >> Yeah. >> Well, congratulations. Thanks for coming on theCUBE, sharing your story. >> Thank you. >> Security kind of giving the next generation all kinds of new opportunities to make security better. Some CUBE coverage here in San Francisco, at the Moscone Center. I'm John Furrier, we'll be right back after this break. (upbeat music)

(upbeat music) >> Announcer: Live from Barcelona, Spain, it's theCUBE. Covering Cisco Live 2020. Brought to you by Cisco and it's ecosystem partners. >> Welcome back to Barcelona everybody. This is theCUBE, the leader in live tech coverage. We go out to the events and extract the signal from the noise. My name is Dave Vellante, I'm here with my co-hosts Stu Miniman, John Furrier is also in the house. We're here with Ryan Rose, Technical Program Manager at Cisco Devnet. Ryan, great to see you. What's goin' on? >> Hey, thank you so much. I'm really glad to be here. >> You know, we have a soft spot in our heart, for Devnet, because of course, we're in the Devnet zone, Devnet is the reason why theCUBE originally came to Cisco Live, and so it's been awesome seeing the evolution and the ascendancy of DevNet. It's now mainstream, you get a lot of love on the main stage, and really, it is the linchpin of the next generation of training and certifications for the engineers, the network engineers. So, tell us, give us a little quick history of Devnet, You've been here since the beginning, you remember the first Devnet. >> Oh yeah, in fact, so during my time at Cisco, like I was originally in learning at Cisco and being able to move over into Devnet, but I remember the very first Devnet experience that I had, and it started back when Devnet started about five years ago now. It was at Cisco Live San Francisco. At the time, they had split us across two streets, you know, they were trying to put, Cisco was trying to put a lot of activities going on in San Francisco. And they put Devnet in this walkway that was next to the Moscone Center, and, inside the Moscone Center. And when you went in there, it was packed. I mean, it was just shoulder to shoulder. Everyone there was just so excited because everyone was trying to learn, like, what is Devnet? And now, to look back on that, it's just so crazy how people have just been so quick to embrace the Devnet mission, the Devnet philosophy. Really getting into automation and programmability. And it's so exciting for us every year to be coming back, seeing you at theCUBE, being here in the Devnet zone, and being able to help people continue on that journey. Yeah, it's been great. >> Yeah, so, and we got some hard news to talk about today, I said in my breaking analysis this week that Cisco, when it rose, it pulled a number of levers, and one of them was really creating the role of the Network Engineer, the CCIE, and the certifications. People have really understood the challenges of what Stu calls the dark art of networking. And now you're bringing that sort of hardware certification to software, so let's get right into the news. What are you guys announcing today, and why is this important? >> Thank you so much for letting us talk about this because I think everybody has been really excited since Chuck came out in San Diego, announced the Devnet certification, said they were going to be, the new exams were going to be available February 24th, so we're about a month out from there. And to help people get started, we just announced here, about two big new offerings. The first is our Devnet Associate Fundamentals Training. Which we'll be launching on February 21st, so that way we can help individuals that are looking to start building up the skills and the exam readiness that they need to pursue a Devnet Associate Certification. We also announced our new Devnet Study Group Platform. Because we don't want people to just find the tools and the training that they need at Devnet, we want them to find each other. We want them to not just build together, but learn together. So we will now have a brand new Devnet Study Group Platform to help people have that type of interactivity. >> Ryan, I'm curious if you have much visibility into who's going to be taking these. You know, how many of them are the ones that, are the NetVets, the CCIE's that have done this year after year, and how many are new? >> Oh, I will tell you right now, we are actually getting this really wide and diverse audience, in fact, in the Devnet zone, we are providing a presentation on getting ready for Devnet certification four times a day, and it is packed every time we do it. And the audience is networking engineers, veteran networking engineers. When we ask people in the crowd how many of you have certifications, how many of you are CCIE's? We get a wide variety of CCIE's. This morning, we had a crew of software developers. So, we are getting people that are coming from kind of, all job roles, at all stages in their career. What they're embracing is that Devnet philosophy, around coding, around automation. They want to bring those practices back, whether that's DevOps, whether that's bringing a greater understanding of programmability, and so we're actually getting everyone, whether again, they're veterans or brand new. >> Yep, now I love that, because about 10 years ago there was this big movement, and they said, network engineers, your future is miserable, you all need to learn to decode, throw out what you learned, and fast forward to today, there's multiple paths to get there. As you were talking about, there's diverse backgrounds, there's lots of ways to be relevant to automation, of course, is hugely important. Coding is a major piece of it, but it's not, forget everything that you knew, it's how everything all works together. >> Yeah, I completely agree. I feel like, especially because the Devnet certifications aren't just the, are only one part of the launch on February 24th. In fact, the entire certification portfolio, and I know you're going to have other Cisco leaders on to talk about this, that is also being updated and launched on February 24th. And what I think you're going to see here is that flexibility that is in the program now, where you can actually have elements of automation baked into that network engineering journey. So you can still have the elements that people have been focusing on and building upon, except now you can stack on these new skills as you go. >> So, if I go back 10 years, maybe even a little bit more, but certainly 10 years ago, people were reticent to embrace automation. You know, you sort of alluded to that Stu, but now in this day and age, automation is fundamental. You can't scale without automation. And so the Devnet zone is really about taking beyond that existing skill set, going to the next level. Okay, so if you think about the network engineer and the training that they've gotten in the past, to deploy, manage, and optimize networks, automation comes in, simplifies all that. How do you describe what the future looks like for that engineer that's been Devnet certified? What are they doing? >> Oh, I think that now it's like, it opens up a brand new horizon of tasks and even efficiencies. New things that people have yet to even, or new job roles that even starting to emerge. A really good example, and one that we even talked about here at the Devnet zone, is the DevSecOps engineer, or the SecDevOps engineer. It's not that, and Susie has even talked about this as well too, Susie Wee, who leads Devnet. It's that jobs are changing, and roles are expanding, and so rather than just having this opportunity where you're looking at supporting a network or acting as a network administrator, now with automation, to your point, we actually can expand the opportunities of the roles themselves, and really open up things like, maybe you want to add those security automation elements, maybe you're interested in adding the collaboration automation elements, but whatever you are looking to do, the way that the program is built, post February 24th of 2020, you're able to actually have the opportunity to add in those skill validation exams, really build upon where you want to go. So I would say the horizon is wide and bright. >> So, to carry this up further, my question is, so the lines are blurring between, you know, Dev and Ops, right, and then, so a network engineer is going to become more Dev oriented, do you see them actually either contributing to or, certainly contributing to, but actually developing apps, say for instance, for the Edge? Maybe you can talk about that a little bit. >> Well, we are actually encouraging, as we have more and more people join the Devnet community, we actually have two elements, two exchanges, our automation exchange and our code exchange, to really help people as they're moving through that. We're already starting to see that learners, individuals, are coming through Devnet, making that change themselves, and actually contributing code to our code exchange, but also adding use cases to our automation exchange. So that way they're able to show not only how they're implementing these cases, buy why they're doing it. And the types of business outcomes that they're achieving. So that's a practice that has already started to take off. And I think certifications and things like the automation exchange, they go hand in hand, building the skills, and then adding to the program. >> Well, you hear in the keynote today, all the talk about bringing IT and OT together. Again, part of that, I've always said that the edge is going to be won by developers. Because critical infrastructure needs to be secured. And, you know, developers, the DevSecOps role, and I think this crowd is actually going to be an important lever in terms of bringing those two worlds together, your thoughts on that? >> Yeah, I actually think that that bridge is something that everyone is crossing right now. And, in fact, that's one of the motivations behind the updates to the certification portfolio. In fact, you'll find that we have parts of the portfolio that are shared between the hardware side and the software side. So that way we can have people as they're making that transition, as they're starting to move into that world, that larger world of network automation, we're actually having it be more of a clear journey for them, so they're able to work that into their own certification pouch. And I would say that these people that are here in the Devnet zone, they're the pioneers. They're the ones that are out there on that edge that are doing that exploration and building these new things, these new worlds that we are going to start experiencing in automation. >> And I guess Stu, it goes without saying, but it's worth saying, this is really all about programmable infrastructure, infrastructurous code, bringing the cloud operating model to your data, to your infrastructure, wherever it lives, right? >> Yeah, so Ryan, one of the things that struck us is not only is there so much enthusiasm, but the breadth of the offering here, everything from, here's some cool Meraki IOT things, to you, you talked about security, automation sprinkled throughout, can you just remind our audience a little bit as people get through the certifications, you know, what are some of the PaaS that they have for different parts of the portfolio? >> Oh, absolutely, so the certification journey that we have right now within Devnet, we actually align it to all of our five major technology tracks right now, so there are pathways within the portfolio around enterprise networking, security, collaboration, service provider, and also data center. But we also have pathways, as well, around application buildouts in IOT, and Edge computing, WebEx, and also, we have an entire practice that's now just dedicated to DevOps. And because DevOps is a concentration that can be, that is a horizontal throughout all of the certifications, this is something that you can now add to your journey. So we can actually have people here, and in fact, we've been answering this question more and more, how do I become more proficient at DevOps? A part of that is now in the certification journey. And so we've done that here. >> You should mention that we're in the IOT takeover right now in the Devnet zone. >> So Ryan, what about the partner ecosystem, talk to us about how, what impact do they have, how much of the ecosystem is getting involved in certifications too. >> Oh, well, I will say that we've actually, we've brought in a lot of people to help us develop this program initially. And I know that you're going to have additional Devnet leaders, they're going to be coming on, talking about partner ecosystems, so I don't want to take anything away from them, but I will say this. There is a lot of excitement because of the fact that when we brought the Devnet certifications out and what that would mean, for example, the new Devnet partner specialization. This is something that has been embraced by our partner community, but it's been embraced by the developers, whether they're our partner developers, they're our customers, or our networking engineers. Now that they have these as options for them to pursue, we have only been met with like positive enthusiastic engagement. And in fact, even now, we're starting to see a lot of people that aren't asking anymore, in fact, going back to San Francisco, when everyone was saying, what is Devnet, now they're asking how do I Devnet. And it is so great to be able to come and show them not only the certifications, but the associate fundamentals training, these new Devnet study group platforms that we have to show them you know the what now, here's the how. >> So, how challenging, cus I was talking to a lady on the floor yesterday, and we were chatting, and I said, "you were CCIE", she goes, "Oh, it's my dream, you know, I'm working my way there, it's very challenging, but I'm doing really well". Similar challenges, presumably, to get Devnet certified? >> Yes. >> How trivial. >> No, it is not trivial. It is a certification in the exact same hallmark that we hold CCNA, CCNP, and CCIE. The Devnet certifications are just as rigorous. And so we are giving people a lot of tools to help them get ready. And in fact, one of the things that we've done to help people on this journey take the initial steps, is we are not holding back any secrets. We've hosted every one of our exam topics for all 10 of our Devnet exams at developer.cisco.com/certification. There you can find out the exact skills we'll be testing you on for all of those exams. But we went a step further. We found every Devnet learning lab that you can take today for free to start getting ready on that exam journey. And so for every single exam, you can find training that you can engage with. So as people are starting this journey, if they want to get ready and just build their skills, especially if they're starting at zero, for example, if they think python is just a snake, we have a learning lab for them. So we have an entire plan that's built so they can start getting ready, and advance and move forward for that certification process. >> What should a college kid do to get prepared for this? If he or she wants to get into IT, become a network engineer, or Devnet is interested in them, what should they take, what courses should they be interested in? >> Oh man, that is a great question. We talk to a lot of people that are in a CS program, or computer science program, and so many young people that are moving through college now, they're already in the habit of programming. They've been working on things, they might have even been programming their own video games, or adding something to the new Mario games where you can actually build your own levels. What I would recommend to every young person, and in fact, to anyone that's on this journey, come to Devnet. We have an incredible amount of tools. At developer.cisco.com, just by signing up, you get access, not only to training that can take you from zero to coding, to making your first API call, to finding our Sandboxes, where you can take that theoretical knowledge and put it into practice using Cisco hardware and tools, and then you can also find use cases there too. I think everyone is often just looking for where can I start, how do I start. Devnet is gone so far as to even have a Start Now area on the Devnet main page. So when you come to Devnet, we're always trying to meet you where you're at. If you're a veteran networking engineer, if you're a veteran developer, or if you're just starting out, you're a college student, we've got a plan for you to be able to take. >> Awesome, right, check it out folks, you know, career builder, Cisco's always been renowned at that. Thanks so much for coming on theCUBE, it's great to have you. >> Oh, hey, thank you so much for having me. >> You're welcome, all right, keep it right there buddy, we'll be back with our next guest from Cisco Live in Barcelona. You're watching theCUBE. (upbeat music)

>> live from San Francisco celebrating 10 years of high tech coverage. It's the Cube covering Veum World 2019 brought to you by IBM Wear and its ecosystem partners. >> Welcome back to San Francisco. We continue our coverage here. Live on the Cube. 10th year John of covering Veum World This is 29 teens version John for John Wall's Got to have inside the Moscone Center. We're joined now by Varun Chabrol It was the vice president of marketing at Delhi M. C. Good to see you today. >> Thanks for having me. >> How's your week been? So far? >> It's been amazing. How can you don't get excited? All the innovation we're seeing this week >> we'll hear about some big announcements. Do you guys have made? And Moon Young Man Azzedine, who is the vice president of product marketing that for cloud security and works based solutions at Veum wear when you're good to see you. >> Good to see you again. You, By >> the way, you might be the busiest guy here. Yesterday, when you came into the set, you were coming in. Just spoken to 1300 people in a standing room only session You coming out? 500 folks, How many sessions have you done? The seven. So >> you don't count the the one on one with the analyst. And, uh, you know, the customers and partners and press. And tomorrow actually host ah 140 press media analyst on campus in Palo Alto from Asia Pacific because they float all the way from Asia >> plus 140. Yeah, it's a piece of cake. >> Yeah, hose them from 10 to 4. So, I mean, >> you're always smiling >> knowing that this is a pretty wide audience to whom you've been speaking. But just generally, what are you if there's a common thread at all about the kinds of questions that people are coming to you with, or or the concerns or maybe just the things they want to talk about being inspired. But what they're hearing here at the show, >> Okay. Now, according to two aspects of it, one obviously from analysts themselves, you know, they are actually have been very complimentary about the way we've taken our approach. I'm not sure if you could have paid attention. In the last couple of years, we've been talking especially the cloud side, the narrative, to be very much about use cases, solving problems. You know the key? No, we talked about hate my grade modernize. It wasn't about Hey, I've got the next big product here with all these features and capabilities. You do this and that. So we're gonna shifted out narrative. And it was very, you know, the the analyst across the boat. You know, we've been seeing an appreciative of the fact that you actually changing a narrative to be re compelling and we're gonna reflected. And we have some things here like Cloud City, where it's not a standard demo boot. It's a it's ah, Customers walk in and they touch and feel and see which we did it, Adele technology will, too. It's like, What's your business? Probably going through these applications. I'm sitting. I don't know if I should be modernizing them or should be migrating into Amazon. A ridge or so. So you know that narrative the analysts are appreciative off, and that reflects into the customer conversations I've been having in the briefings, like one on one with customers. They're really kind of lost us. D'oh! Hey, I've I'm working in this environment. There's a lot of pressure for me. Thio modernize my applications or go adopt my cloud. First strategy is where do I start? Where do I go? It's like, you know, there's a big pressure, so they just want clarity. I think in the end, everything we're gonna we're doing in our study that comes out obviously the buzzword for this weird world. It stanza, right? And, you know, >> we've won the product announcements was >> actually Brandon can Oh, yeah. Branding announcement, to be honest is yeah, because we're trying to bring together, as you know, in Tansy has landed in Bill Run Manage billed as in you know how our intent to acquire Pivotal Already acquired Big Tommy. How all our different acquisitions with different brand names are coming together to establish our bills portfolio again. The sphere. Everybody knows the sphere Project Pacific P ks. All of those create a good run time, environment and manageability like Adi manage with assets from ve Franta gain morbid Nami and you know it. So this multiple brands that are coming into this package off Iran. So we had a creative tan Xue too, you know, put forward statement together that yes is going to be 78 different brands coming into this, but going forward to stand. >> So so that's a great strategy on De Liam Seaside on Del Technology. Michael Dell was in here and I asked him. I said he could have been number one in everything you could. Let's talk about I'm number one in servers again. You kind of get on HP, little baby. But those air peace parts now. So we've got the cloud game. It's bringing despair it at parts together kind and making it coherent from a positioning standpoint and understandable and deployable. So you guys are going down there. That's your cloud strategy. Take a minute to explain that. >> Yeah, absolutely, John. So So what? What we've been doing. We announced this at Del Technologies will this year. But, you know, in the cloud infrastructure space, we're working very closely with the anywhere too tightly integrate our hardware solutions with their their cloud software. And we think that by combining these two in a tightly integrated joined engineer, jointly engineered solutions coupled with the service, is that you know, both of'em were and l e m c bring the customers we think we have. We're giving customers are very consistent experience both with their own premises, infrastructure with public cloud as well as with the edge cloud. And that's really what we're trying to do. That's what we've been building upon and uniting the announcements this week. You know, just just hopefully show customers that the sky's the limit, whether it's not just your infrastructure management. Also app development. Managing your APS both traditional and and cloud native. It's all here for And >> what's the big takeaway free from your standpoint that you'd like people to know about what's going on? Adele the emcee for the VM. Where relation. What's the big top item? >> Yeah, there's there's there's just so much good Doctor Wait forever drank the town about. If someone rises >> way, only have two hours >> time work. The most important thing that people should should know about it, >> you know, both deli M. C and V. M. R. I think, are very, very customer driven companies that we respond to customer feedback and we try to respond to them very fast. That's been true to our respective lifetimes and what we've done in the so that I think there's two broad areas of collaboration. One is in the cloud space, which is all about, you know, making sure that the the innovation that GM is bringing the market, we're providing that in a toy tightly integrated infrastructure solution. Right. So we announced from a deli in seaside support for Vienna, where p ks being deployed automatically on Vieques trail using VCF return. Our customers can you know, a lot of teams were telling us we have our developers and turning developers banging slash knocking on the door, saying we need to build a cloud. Native applications. You need to give us an environment that we can use. And you know, if if all righty, if these IittIe teams don't turn around and give them something relatively quickly Well, guess what? The developers will go somewhere else, right? Yeah, exactly. So And if you look at the kubernetes environment today, if you really look look at what the work that's required to set up kubernetes and ready infrastructure. So a lot of scripting a lot of manual, you know, work command line interface is testing stuff. And what what? V m r p k s does. And you know what times you will do as well is really makes it easy when we've taken that with the magic of the American Foundation sitting on top of the exhale to make it super easy for our customers to be able to deploy kubernetes ready infrastructure and then have it be ready for scale, right? And then the important thing here also is this is the same infrastructure of the expelling bcf that our customers are using for traditional applications as well, right? Trying to reduce that complexity. Give them the one platform. So this cloud, you know, we had we were doing the same integration on just with R A C I platform, but also with our best to breach storage or we're not working with the C f. And then we're also making investments on data protection like it's so important to be able to manage your data in this multi cloud world. We have applications sitting everywhere, data. We all know that it is a crown jewel. So >> it's really a king validating from the Vienna a point of view. How that works right is is about applications is about the infrastructure, and it's about the operation and it really kind of together as we talk about Han Xue p. K s is giving our customers that Chuy's off. You pick Cuban eighties, you know, environments, application choice. >> Um, >> it took us. Actually, we didn't We didn't arrive it in that order. Wait. Did it. In the outer off Infrastructure Plot Foundation is a critical piece of the joint engineering. But being aware and the Della Bella Technologies is really from aviary perspective. It took Locke Foundation, and that's the stack that runs in every public cloud. So, you know AWS as your G C P 4000 plus, you know, cloud provider partners. But Flat Foundation is a platform that was validated on. They'll take hardware and you know, that's the package. But now, as you see, we're lighting that it's same infrastructure up for traditional and culminated applications. >> I think the app sides important to point out, because if you could ve m wears heritage, you look at Dale's heritage. You had abs that ran on PCs absent, ran on servers, client server. And if you look at the fertilization that wasn't under the covers, apt an innovation that didn't require code changes. So that's the DNA that you guys have. Now, when you think about like cloud to point out which we've been riffing on that concept that's basically enterprise cloud mean donut. Hybrid cloud applications are gonna drive. The value on our premises is that they're going to be customer requirements that traditionally wouldn't have fit in the product. Marketing, management, featureless customs. Gonna define what they want. They'll build it, and then they'll dictate to the infrastructure to make it run. What? We can't do that yet. It'll be, Yes, we cannot be enabled to be dynamics. This is a a new cloud. 2.0, feature. This changes the complete game on suppliers >> completely agree. You know to your point, because, you know, you bring it thio back toward civilization. We've been going higher up the stack on So Day zero virtualization infrastructure will virtual eyes. So the line off abstraction has just been climbing from hardware retort realization next to like, you know, Pat platform of the service, and you kind of were working up our way down infrastructure. Now that base infrastructure platform looks like plants. Right? >> And there were times out a little bit over here. On the upside, you meet in the middle of >> it in the middle >> that is Hello, >> absolutely so ap and at middle wears shrinking down this way. Infrastructures. You know that the cloud incriminating stride in the middle to say, Well, that's a bit of, you know, infrastructure is a Kodak and pull. He's a bit of a AP AP eyes I can can I draw from And that's kind of nice future middleware. But our dad, I >> mean, I think applications air in charge, right? I mean, that's not sure That's the dynamic. That's the way it should be. But it never was that way before is basically the infrastructure was your gating factor. The network exact cloud two points Network security data. Yes, Dev Ops. A true Dev Ops Devane, Ops, Infrastructures Code. >> The only point I wanted to add is the reason the emphasis on abscess change acts in the past. Used to be a business support system after today is business. >> Yeah, I mean, it's >> really or you're you're gonna live or die based on the digital services you provide your customers. The other thing I was going to say about cloud 2.0, is that it's also becoming increasingly clear when we Dr customers that, um, customers are realizing Cloud is not a place right. There was this kind of cloud. One point it was okay. Big honking data centers, hyper skaters will be found now is that customers have gone through that process of and there's a lot more maturity in terms of understanding. What is good, better running on premises. What is what's better running in public Cloud? There's a place for both of them and that, um, and the cloud is actually the automation, the service delivery. It's Maurin operation and a way of being almost than a place. >> And what is it? Well, what does it do for you all? Then, in terms of challenge, especially at your teams, because you talk about all this customization, you're allowing the application to almost drive. You know, you're changing places in terms of who's the power of the relationship? Yes. Oh, me, yeah, How what? What does that do for you? Oh, in terms of how you approach that, how you change of mindset and how you change what you deliver? >> I think John, it's the way I think about it is that both daily emcee in Vienna, or any technology provider that's worth their salt is in the business of building platforms. Right? And platforms are essentially extensible. They're really they really provide a foundation that other people can innovate on top of it. And that's how I think you handled the customers issue. If one thing I think we can all agree on is that I t has always taught us there's no one size fits. All right? Right. So I think providing choice along every single dimension is super important for our >> customers. Yeah, I think that platform thing is a huge point. And I was gonna ask that question before John got jumped in because one of the things that you just brought up was platform is you guys have to build an enabling platform. One as suppliers. Okay, The successful cloud to point out cos are ones that are innovating in weird areas. Monitoring, for instance, they who will have thought that monitoring now observe ability would be such a massive, lucrative sector four. I pose M and A Why? Because it's data. It's instrumentation. This is operating system kind of thinking here is like network. So thinking like a platform on the supplier size one, the customers got to start thinking like a platform because their stakeholders air their internal developers or a P I shipping to suppliers. This is new for enterprises. This is news requires full hybrid capability. This requires date at the center of the value proposition. >> That's again the biggest value is business and I tr coming together on the area of applications and data. Yeah, that's starting up giving because the successful businesses are the ones who leveraged. Those guys have failed in the future, or the ones who don't pay attention to how critical applications are to the business logic and how critical data is to be able to mine and get the behavioral analytics to get ahead. And >> now the challenge in all this. But I'm learning and covering some of the public sector activity from the C I. A contract Jedi with Amazon to we had Raytheon Her here earlier is another customer example with another client is that procurement? And how they do business is not just a technical thing. There's like all this old legacy, things like, How do you procure technology, who you hire her and we hire developers? We build our own stack, so there's a lot of things going on. >> Yes, and you know, it's really interesting on the even on the procurement front, how our customers experience with Cloud has changed expectations, right, And that's really what we're doing with the McLaren DMC is what customers told us is, Hey, I love the agility of the cloud portal based access. Easy procurement. I love just being able to click a button and not have to navigate all this complexity. I need that for my own premises infrastructure. Imagine FRA structure. And that's, you know, in an example, while all of these dynamics are really all converging, >> well, if you can create abstraction, layer on a level of complexity and make things easy, simple and affordable, that's good business. Model >> one of our customers without taking the name right. The massive retailer you know they're spinning up, um, the retail outlets like crazy. They measure success in This was one truck roll, so they wanna have the entire infrastructure come into stand up one of the retail outlets in one truck roll. When everything comes in one button push that everything gets in a provision and up together. >> So that means I gotta have full software instrumentation automation Got intelligence. This is kind of where cloud 2.0, will lead us all >> likely. And that's expectation now that they go so fast and deploying this one Truck roll Hardware's there. Switch it on from the cloud it stood up and they're in operation 24 hours. >> Well, guys, we're going to get you on our power panels in our Palace of studio on this topic cloudy. But it's gonna be very aggressive and controversial topic because it's going to challenge the status quo. And that's really what this we're talking about >> that's in our DNA. >> And the good news is that that's more time with John. >> So as we before, we say so long, we've talked about clients. We talked about the folks you bet here. We talked about the presentation on this thing and what they're all getting out of it. What are you getting out of this? I mean, what are your takeaways? As you had back to your respective work orders, you get first. Okay? >> I think for me the biggest takeaway is just how incredibly vibrant via more user communities. I mean, it is unlike anything else I've seen before and now with the things like Project Pacific. I just feel like it's It's an opportunity for this community to be able to take the skills they have right now and actually go into this brave new world of containers with so much help forces having to do this all by yourself. Which means it's gonna be, you know, if you think about how largest community is, think about how much innovation this will spore in the container space and because of that in the application space and then because of that in business is I mean, this is a It just feels like a tipping point for me >> to me. Sure, I got high fives from every tech geek, you know, when we came out, you know, I also on our technical advisory boats for the company that these are the hot core geeks who were followed and you know us to the, you know, these were the fans and they were like, you know, they always kind of like if you walk out of them and you talk to them and they, uh how did it work? Because they my bar, you have a very high bar. They cut through all your marketing messaging. They go right to the hay. Is there meet in this And the high fives? I got the hajj. I got out. This is like, guys, you're nailing it. That's enough to tell me that a This is, like, 10 years ago. Yeah, that body. It's like you're so busy. I'm still smiling because the energy is I >> can't give you a hug. Give me a high five. Right. Good work, gentlemen. Thanks for the time. Always, he's still smiling to >> get you to a step. >> Good deal. Thanks for being with us. Thank you. Live on the Cube. You're watching our coverage in world 2019. Where? San Francisco. Back with more. Right after this.

>> Live from San Francisco, celebrating 10 years of high tech coverage, it's the cube. Covering VMWorld 2019 Brought to you by VMware and it's ecosystem partners. >> It is 10 years and going strong for the cube coverage here at Vmworld, Vmworld 2019, we were here 10 years back, and looking forward to the next 10 or more. We're at Moscone Center North San Francisco, the cube with Dave Vellante, John Walls. We're joined now by Tom Barsi, who is the senior vice president, business development at Carbon Black Inc. Tom kind of required couple of weeks for you not much really going on in all serious.. >> Tom: Just a little bit (laughs) >> Yeah I mean big purchase VMware, I'm sure you're aware pick up Carbon Black making that announcement official this week. You were in the center of that, that discussion so if you would kind of give us a little behind the scenes peek, behind the curtain if you will of how those talks developed and really back to your relationship with VMware to begin with. >> Tom: Yeah >> Cause this goes back for a while. >> Tom: Needless to say a super, a super exciting week and accomodation of a lot of work amongst a army of people to get us to where we are and obviously announcement last week, around the acquisition of Carbon Black was huge but I think the announcement this week in terms of going into more detail that Sanjay and Pat went to in terms of combining the best infrastructure management with our best app reek cloud, native, modern, security platform with analytics combine that together, I think there is really an opportunity to transform the industry and currently we've been working with VMware for well over 2 years. So 2 years ago Vmworld we announced an exclusive partnership with VM where we integrated with Vmwares newly announced app defense product, which is really around securing cloud workloads, obviously their in a unique position to secure workloads because of where they sit, leveraging the infrastructure and knowing what's good and what should be running within those workloads so they've leveraged that and build app defense and for the first time we built that integration, exclusive integration and for the first time a security operation center has been able to have visibility into the hypervisor. So that's where we started to see that potential and the opportunity and it also gave us an opportunity to really start to work closely with the Vmworld team, understand their culture, understand their community, understand their leadership, their commitment to winning, understanding commitment to really sort of transform in security and it just became, we dated and it became just obvious that there is so much energy between our leadership and theirs, so much energy in terms of vision of you know, securing the world from, make them safe from cyber attacks and so it just made so much sense. So in Pat's words sure it de-risked the acquisition over a period of time but it also allowed us to really work closer together know what we're getting into and really getting super excited. So I can tell you the response from our employees has been overwhelming and their response here at Vmworld has been just amazing in terms of traffic and the partners, customers and all that. >> Dave: I asked Pat Gelsinger 5 years ago if the cube was security broken and he said "Yeah, it's broken" and I was like "what you going to do about it" stay tuned well, we've been tuned. I did an analysis of, and this may be, first of all Patrick is going to take over as to run Vmwares cloud security business? >> Tom: Correct. >> Dave: So when Patrick stated... >> John: Patrick Morelik >> Dave: Yeah, Patrick Morelik CEO of Carbon Black and Pat Gelsinger said that we want to be the cloud security company. >> Tom: Absolutely. >> Dave: Okay, so I love when they lace down aspirations like that, now this now may not be fair to you because you... >> Tom: We've been in the security, yeah. >> Dave: But there's a portfolio there that may not be as familiar with but I'll ask you anyway cause you're going to have to come familiar with it soon. So I did analysis of the Carbon Black acquisition, obviously app defense was in there but if you look at the VMware security portfolio, NSX has a micro segmentation. >> Tom: Absolutely. >> Dave: News case. Obviously, Air watch you know. >> Tom: Workspace One >> Dave: Competing with Workspace Once >> Tom: Absolutely >> Dave: Cloud Corio, E8 security bracket, Trinsic is another tuck in acquisition that VMware did so while their building up this portfolio, can you help us understand how that's shaping out and where Carbon Black fits. >> Tom: Yeah, absolutely. So let's talk about first the opportunity here. The opportunity is to leverage infrastructure management and security portfolio that VMware has and then sprinkling the Carbon Black portfolio, capabilities across that infrastructures, so in betting NSX for network to end point. And embedding works in base one, which we've already done. Embedding it with integrating app defense, which we've already done. The ability to do agent less within the steer, super super powerful. Post close we'll be working on things like that, so basically by integrating across that portfolio you really have the ability to transform the entire security space, and I'll talk about that in a second. But what that means is basically by embedding security across that infrastructure management and eliminate a lot of complexity in the overhead in the bloat you're coming up with basically intrinsic security. The best thing from a human prespective to increase your immune system, you know, is or staying healthy is boosting your immune system and the best way, reason we're doing this, the best best way to secure enterprise is to integrate, embed security into the actual infrastructure and take the benefits of infrastructure management with security, combine it and eliminate a lot complexity, so let's talk just a second about being broken. It's hard for a security guy coming in and saying the industry is broken, I will tell you that but truth is it needs to be transformed there is just no question about it. So let's talk about it just from in point perspective, and then we'll get into the whole opportunity to extend that capability. You look at the end point from a enterprise customer perspective it's well documented that you know Legacy AV was built 20 years ago and not built for the modern tact factor so it's well documented, yes customers still have Legacy AV, it's not, you know it's 35% effective so what have customers done? They've gone and deployed EDR and point detection response, which is what Carbon Black strive has been a market leader hands down market leader in this space in terms of adding EDR's, yet another sensor. Then you want to have the ability to say look we got workloads and there's another sensor for that. Then you want to talk about, hey, vulnerability is coming out and we want to be able to query across the fleet to understand what vulnerabilities were in your environment, tanium like, right, there's a sensor for that. So you know what 2 and a half years ago our customers came back to us and said look we love you guys, what you guys are doing but there's too many sensors on the end point bloating and slowing my systems and my security teams is getting fatigue with all this point tools they said we need a integrated approach, in comes the Carbon Black clouds and that's we're we had the ability to integrate multiple services, NG, next-gen anti-virus, EDR, Life ops, the ability to query across. We've integrated App D for hard workload all those are shipping today, all those service on single, soft, light weight sensor and a modern cloud native SAS back in with analytics, so it's just super powerful and so now you're consolidating on that, you're getting more efficient, you're eliminating overhead and you're making the security operations team that much more effective, now, imagine taking that approach to the broken network and workload and exedra and extending that capability across the entire infrastructure and that really is what we're talking about in terms of teaming with VMware embedding our security capabilities across infrastructure a lot across NXS into work app D into workspace one which we're already doing and again eliminating a lot of that bloat and making our customers more secure and much more efficient. >> Dave: So there's another dimension to this acquisition which I like which is your SAS business, so I think it's about 38% of your revenue, I call it roughly 40% of your revenue, but growing very very rapidly, growing to 70% of the year. >> Tom: Exactly. >> Dave: So VMware has said that this acquisition along with pivotal is going to have add a billion dollars in, basically, mostly in all subscription revenue next year and three billion in year two and it's going to be accretive in cash flow deposit acquisition by year two so all very, VMware actually keeps well generally in acquisitions and so notwithstanding some weird stuff in the economy they usually hit their targets. >> Tom: Yes. >> Dave: You know they intend to be conservative so I really like that and that's clearly the direction you're moving. The other thing about this, a lot of people on Wall street said well it's maybe overpaid for stock and I want to get your opinion. Cause you're out competing everyday and cloud strike is obviously the comparison to use, okay. Say a company is a 16/17 billion dollar valuation you're valuation was 2.7 billion, you look at cloud strikes post IPO's, doc chart, it looks like a bathtub you know, it kind of goes like this and then goes like that because people start to realize wow this asset actually has you know a lot of intrinsic value upon attend it. So in comparing cloud strike with Carbon Black in terms of feature, function, capabilities you know execution and those technology. Is it really that much of difference 16 billion and 2.7 billion (laughs) >> Tom: You know I can't really comment on Crowdstrike's market cap, obviously I respect them as a competitor. >> Dave: Great, great job. >> Tom: I don't have to like them but I respect them as a competitor no question. >> Dave: What in terms of the function and the capabilities. >> Tom: In terms of the functionality look we've significantly close the gap and adding cloud workload capability with app D adding the query kit with live ops and extending that capabilities so from a feature functionality look at VMware is technology driven they kick tires and they do the diligence on technology that's the strength of VMware, they look deep and what they came away with was we have a super competitive platform, you're seeing it in our wins our growth rate you're seeing it with our wins and large customers that I can't really name so from a feature functionality perspective you know we're at parr in many ways we're better now, now if you look at where the market is going look Crowdstrike is going to be a great point product solution for end point. But we believe, that they're going to do phenomenally well but we believe there's an opportunity here, again to integrate infrastructure management that VMWare has security capability and deliver an end to end platform and truly transform across the entire infrastructure of an enterprise so that really where we see the opportunity and the opportunity for growth and then you want to look at our growth rate I mean to your point, VMware does an incredible job and you know you start talking about the reach of VMware and talk about the reach of DellEMC and it's super exciting. >> Dave: Yeah the VMware brain trust is very capable both from a strategy standpoint and a technical, strong, very strong engineering culture. >> Tom: Yeah >> Dave: You saw this with Airwatch so Airwatch when VMware required Airwatch VMware was struggling what was then the VDI business and airwatch wasn't you know number one in the market place but VMware like now crushes, people are making similar analogy with regard to Carbon Black do you think that's fair, I mean you think you can repeat that sort of momentum. >> Tom: Yeah you know I've obviously been very very close to this relationship and I have been sort of the number one fan and cheerleader of this partnership because I just believe in my soul that it's going to be transformative really is so to that point I you know I think and I've talked about it internally what they've done with my serie what they've done with aiwth now workspace one and the ability to take a business from me no revenues or couple hundred million and take them to two billion. I absolutely believe you will see, it's going to take a lot of work but we're going to see rejectorty I've been focussed on if there are gaps we're going to force it in or anything to accelerate the road map to allow us to win and then you're going to talk about the triple acceleration with VMWare and DeliMC so answer I say I truly truly believe that we can take our position to number two and really be number one >> John: Transformative in a significant way a significant word to use. What's that end product going to be that makes you looking at it at this visionary stand point that, this is a perfect marriage this is a fantastic opportunity. You're not you're selling hard >> Tom: Yeah >> Dave: It's a platform really >> Tom: Look it is a platform and at the end of the day we're focused on here as customers we're talking about how do we protect our customers and the best way to protect those customers is to embed the capability you know we did many years back Carbon Black we exposed our data and many of our partners, sometimes we compete with cisco or firehire a number of other players because customers demand the end to end visibility from network to end point. Can you imagine the kind of damage when you integrate Carbon Black and our modern platform are analytics and the ability to pull data from hypervisor the ability to pull data from NSX to ability to pull data from workspace one into a common console and then understand exactly what is happening from an attack perspective and then let's talk about okay, so now you have the visibility it's a 360 degree view of what happening in the network now you want to talk about the ability to orgistrate or imidiate like solve the problem. Well historically it's been security operations center over here and you got IT over there. And there's been this friction because Sycguys says take it down take the server down there's a problem and the IT guys ops, hey, I got run time I got to keep it up so now you have the opportunity again to leverage that management to identify a threat and the ability to seemlessly leverage VMware infrastructure's management tools to instantly reimmediate and orgistrate a problem without the conflict with IT and security operations. So we've actually seen an opportunity to eliminate our friction and create coloboration between those two. >> Dave: And security is broken, it is a do over and to talk to ops team they'll tell you, we're fighting everyday and bombs are dropping, we have to succeed everyday. The bad guy only has to succeed once so yeah they bring in all these tools and a lot of times they don't work together and they have a very hard time to just figure out okay, what do we prioritize on and obviously analytics helping that but yeah, you see that stats after you get infiltrated to whatever 300 days 250 days they even identify that you have been infiltrated and it's just a very complex environment so the do over is a platform that will give you end visibility and doesn't force you to different point tools and it has a comprehensive in a view of your >> [Tom[ That Right >> Dave: Infrastructure >> Tom: That's right and I do want to point out it doesn't mean that we're going to create this platform that's closed. A lot of competitors like to built closed platforms and Carbon Black has always been API driven like open, and the whole point of this openness is to, we collect this powerful end point data and we want to expose that data across the infrastructure so we're exposing it to the network security guys whether it be Vectra or Palato networks or FireMandion depending on who it is. We're exposing that data to splunk IBMQ radar and IBM rasilion and we're going to continue to do that, leverage this platform and all this powerful delimentry and we're going to continue to have this open platform and continue to work across the industry to make sure it's not just our platform from the MDM just across the ecosystem. >> Dave: Well it's something VMware has been strong if this heritage genaty, you know they help you know balance the score card >> Tom: Yeah >> John: It's been a understatement that it's been an exciting week for you, it's been a great two years it sounds like and we wish you success now it's on down the road like he said a lot of hard work still ahead of you. >> Tom: Absolutely, so congratulations on ten years, I look forward being here in year 20. (laughs) >> John: We'll be right back, we'll be right back just taking a break here on the cube we're at Vmworld 2019. Moscone center, San Francisco. (music)

(futuristic techno music) >> Narrator: Live from San Francisco, celebrating ten years of high-tech coverage, it's theCUBE! Covering VMworld 2019. Brought to you by VMware and it's eco-system partners. >> Good morning, welcome to day three of our coverage here on theCUBE of VMworld 2019. We're at Moscone Center North, here in San Francisco. Kind of a, well not kind of, it's a really cloudy day but I kind of expect that. We've been talking about clouds all week, right? Multi, hybrid, public, private, you name it, we've been talking about it. John Walls and Dave Vellante, good to see you this morning. >> Good to see you John. >> Yep. We're joined now by a couple of executives from Kaminario. Josh Epstein, who's a CMO and Eyal David who's the CTO of Kaminario. Good morning gentlemen, >> Good morning, >> Morning. >> Great to be here, great to be here. First of, let's just talk about the show. I know you've got a presence down on the floor, just your feeling about the traffic, the kind of traffic you're seeing at your booth, what the questions are, coming from customers, maybe what those answers are. Eyal, why don't you jump on that? >> Yeah, so first of all, it's great to be back in San Francisco for this conference! >> John: Here, here! >> Dave: Agreed! >> Definitely. (laughter) And I think it's very clear that, yes definitely, cloud is the name of the game, and especially how do you implement a hybrid cloud, customers are all on their cloud journey, and the big question is, "How do I do that?" "How do I take these new technologies, the cloud, "containers, and how do I take my applications "and my data services to the next step?" And it's kind of all over the place, all decisions, all the customers are asking about, this is where the focus is, where the interest is, and it's a great to be in the center of all of that. >> Yeah, you made a big decision, or a big announcement about a month ago. You said, "Okay, public cloud; that's where we're going." Josh, the driver behind that and kind of, what the early fall outs were? >> Sure, sure. I mean, we started our journey, really from the beginning of Kaminario, Kaminario's about ten years old, and you know, the data storage market, as a traditional all-flash storage array. The past 24 months, we've really pivoted the business model towards first, 100% software, we got out of the appliance business, started really focusing our business on doing these large software based implementations, moving into more subscription based revenue, kind of delivering that cloud based economics experience. And then, over the last several months, we've been focusing on taking our core architecture, which fundamentally decouples the data services from annoying infrastructure, and thinking about how that might actually look on public clouds. So doing the same thing, kind of creating this sort of shared storage experience, delivering all the traditional enterprise class data services, but sitting on public cloud infrastructure. It's been a really interesting journey. >> So let's double click on that, because it's clear that this space is not about the media, it's about the business model, it's about the additional value you can add for customers, so maybe you could add a little bit of color, as to sort of, how's that going, where you guys are differentiating in the marketplace, where you're winning. >> Sure, I mean I think- >> Yeah. >> Jump in, Eyal. >> Yeah, so I think it's, as you said, it's not about the media, it's all about how do you help customers have a uniform experience around any deployment model. So they want to deploy on-prem, they want to deploy in the cloud, they are actively seeking for a uniform way to do that without too much heavy lift. There's some challenges in going to the cloud. If you are not born in the cloud, you need to re-architect your applications, you need to kind of, learn some new skills. There's a big challenge, especially if you have big data intensive applications. That's where we focus, delivering that uniform experience around orchestration of resources and data services across your on-prem, off-prem and public cloud implementations. >> So you guys decided not to ship a box anymore, you know the Silicon Valley show, "Where's the box?" so I'm interested in the technical challenges of doing that, but also the customer feedback, because sometimes people want an appliance, so how were you able to transition through that and what's the feedback been? >> Yeah, I think for us, I mean, our core business, our core customer, has really been cloud scale applications, for the last five years. So this is large SAAS providers, e-commerce platforms, fintech, healthtech, any of these large, mature software companies, right, their core business is delivering a cloud scale application. And for them, you know, many of them were born before the age of the public clouds, they've actually heavily invested in application architectures that rely on enterprise class and shared storage. That said, they see the draw towards the cloud, they see the benefit of the cloud like economics, subscription based, consumption based economics, and then the overall capability to scale up and scale down like the cloud does, but that said, they need that bridge, from where they are today, with traditional data centric architectures to this cloud world. >> You mentioned fintech, and there's an interesting case, because when the cloud really started to gain momentum, a lot of financial services companies, the big guys especially, said "You know, we can build our own clouds." And then they realized, "Well we can't build them as fast as Amazon can build them", and so they sort of pulled back on that. But they, and they sort of put their foot in the cloud, and then went all, and then they said, "Wait a minute." So what are you seeing, in terms of, call it the private cloud, you know, we've kind of swung back to that, is that gap closing, are they able to get close enough? The key part of that is obviously the pricing models, and the pay by the drink. I wonder if you could add some color to the on-prem cloud business- >> Josh: Sure. >> If we can call it that. Some people might object, but that's- >> Yeah, definitely. So the way we approach it is that we want to bring the simplicity, the agility and the flexibility of the cloud model to this on-prem data center, to deliver the same performance, control of a dedicated resource, which is exactly what these type of fintech customers are looking for. So, in our basic architecture, which was already, we decoupled from hardware, already decoupled performance from capacity, we're able to do that extremely flexibly. You can get the same flexibility of the cloud in an on-prem solution with all the benefits, and you can also decide, on your own pace, in your own terms, what you actually need and makes sense to run on a public cloud infrastructure. >> So scale is obviously a big deal for your customers, that's kind of been your focus since day one, what's the bell curve look like? Are we talking about scale in just the ability to scale quickly, or is it also the sheer size, and what does it look like? >> Yeah, I think it's about performance at scale, it's about control over performance at scale, it's about control over availability at scale, and it's obviously about cost at scale, right? I mean, it's too, there's so many different ways to look at the economics of public cloud versus on-prem. If you're looking at the pure dollar, it's clearly building on your own dedicated on-prem infrastructure, it's clearly cheaper than paying Amazon or Google or whoever to do it. But there's clear benefits to kind of going in that direction, in terms of agility, in terms of hands off management, in terms of really just, you know, staffing expertise. But I think it does come down to control, right? And when you talk about scale, when you talk about petabyte scale, it's easy to lose control, and this is the benefit of shared storage models, and this is where we think there's a real opportunity. >> Can I follow up on that, because you said there's a clear benefit of, if I understood it correctly, of building out your own prem infrastructure at some critical mass. There's obviously people, like Andy Jassy, who would disagree with that. So what's your data showing? I presume it's weighted towards large customers. >> Absolutely. >> Yeah. >> But maybe you can add some color to that? >> We've certainly got good research, good analysis on this. And I think if you're talking about, we're talking about certainly over 500 terabytes to a petabyte, it's a multi petabyte scale, data driven applications, we're talking about business critical applications, big block storage, heavy analytics. If you compare just raw economics, the thing is, there's a lot more than just the raw economics, but the raw economics of an infrastructure built on Kaminario versus the equivalent infrastructure, built on one of the block storage resources from one of the public clouds, it's literally about 1/3 the cost, to build out your own dedicated infrastructure, leveraging a good, high quality colo, a good, high quality hardware underneath it. So raw economics, it's clear where that sits. >> Okay, so that's if we're comparing the cost of the, the acquisition costs versus some end number of years, right? >> That's correct, yeah exactly. >> And not really going into the labor costs at that- >> Not going into the direct labor costs of managing the storage, yes, there's clearly interesting benefits to going to a 100% cloud model. What that does to an organization, when you kind of, hands off, you know, you don't have the same kind of in house IT resources, you're out sourcing a lot of that- >> Well except what Eyal was saying before, is that you're trying to bring that cloud model to the data. So to the extent that you can close that gap, then you can- >> Eyal: Differently. >> Substantially mimic, exactly. >> We saw the opportunity to extend those capabilities into the public cloud, delivering a high performance storage solution in the cloud today is as expensive. Our focus over the years, of taking these commodity components and comprising them into a high performance shared storage solution. We can do the same in the cloud. >> But I think the key is multi-cloud. >> Yeah, let's talk about that. >> The key is that there's not one size fits all, and it really is about creating this mobility between your on-prem data and public cloud number one, and then public cloud number two. One of the key concerns about moving a business critical application to a public cloud is lock in, right? And if you can create this infrastructure where you're decoupling that data services stack that the application relies on, from the underlying infrastructure, you get this mobility between clouds that becomes really attractive. >> So you're kind of answering the next question that was on my mind, of how are you selling that to customers. The fact that we're having this very robust discussion about this fundamental shift and you get it, because you're providing this service to your whole client base, but if I'm a client, my head's starting to spin a little bit, right? And I've got big decisions to make, so how do you sell that, that this is not a little shift, this is a fundamental way, the way you're going to do your business? >> So, in the simplest form, we tell the customers that we significantly lower the barrier of entry into the cloud. You don't need to re-architect everything, you don't need to be worried about performance management, or, control, or orchestrating resources; we do all that for you, and we do it in the same way that we did it for you in your own on-prem data center, and we can do it on any of the public clouds. So the barrier of entry, the risk of actually doing that transition- >> John: Is lowered. >> Is lowered significantly, and you can that on your own pace, in your own terms, and make some smart decisions later on about what needs to reside where over time. >> So, when we think about multi-cloud, we think about, "Okay, I'm going to have data on-prem, I might choose "Azure for my collaborative workloads, "I might put my dev stuff in AWS, "I might put some analytics in Google..." You know, whatever, my business is going to decide what to do, I'm not going to have this grand, multi-cloud strategy, it's just kind of going to happen. And then IT's going to be called in to clean up the crime scene! But we're envisioning this architecture that's shipping metadata, and maybe compute to the data, versus moving data. Do you agree with that, or do you see it differently? >> We see, I think, two types of customers. Some behave just as you describe, but some have a very specific decision not to be locked into single vendors. So they'll say, "I'll put one business unit on Google Cloud, "and put the other business unit on Azure. "I'll put this certain type of application on one cloud, "and the other type on the other cloud, "because I want to make sure that I am cloud agnostic. "I'm actually mandating with an organization that "I can run anywhere." >> As a hedge. >> As a hedge, as a definite hedge, because they are concerned about locking to either of the vendors, and in that sense, they later on make the decision, "Okay, where is the "core of the data? "Where is my mission critical data which always "has some gravity, and how do I make sure that it's in "the right place at the right time." >> Doesn't that add complexity for the client? I mean, if they've got a workload here, and here, and here, it'll be a lot easier if it was all here, or most of it were here. But that adds, I'm wondering if- >> You're absolutely right, but what we see is this rapid shift towards embracing the multi-cloud model. So let's take an example. You have a classic cloud scale application, and might have an active/active data centers in two parts of the United States, sort of serving up the production application. You have dev test requirements, so they want the ability to rapidly spin up an environment to mimic a problem or do some development. Public cloud's a great example for that. You have DR requirements, your back up requirements, they want to be backing up, they want the ability to rapidly spin up in instance, in a public cloud instance, and no matter what, within every organization somewhere, even in the most sophisticated IT organizations where they have tremendous control over the data centers, some C-level exec somewhere that says, "In five years, I'm 100% on public cloud. I want nothing." So you have to sort of service that element as well, and what we're doing is saying, "Listen, you can continue to focus on building out "a world class, next generation data center, "based on the NVMe, all NVMe fabric, "and still have the mobility to do certain things "in the cloud, and still have this path, "if it makes for your organization, "to migrate the entire thing to public cloud, "and not get locked in." They'd be able to sort of, surf the clouds as actually- >> So technically, that means you have to speak as your API, S3, whatever language of the cloud, and so I'm trying to understand, sort of, technically, what you have to do, and then where you add value, where you pick up from whatever, VMware or whomever else is trying to be the control plane. >> So then, that is exactly the point, and to address the question about what the complexity of this multi-cloud world, this is exactly where we see the rise of this next generation orchestration framework, either from VMware or from others, that strive to give you this uniform experience. So we deliver that at the data services layer, we connect that to the orchestration layer, that allows you do seamless workload abilities, seamless data mobility to wherever it makes sense for those applications or business workloads to run. And basically, the customers expect, to date, that we encapsulate all that complexity for them. They want to be able to put their Google, Amazon or Azure credentials , and then forget exactly where it went. And this is a lot of what's going on in the floor this week, and that's exactly where we connect to the rest of that orchestration scene within the data center or the public cloud. >> So, in that context, are you primarily, I know you sell to a lot of different people, but is it the cloud architect, or the architect that's actually determining that throughout the organization, or is it again, cleaning up the crime scene type of a thing? >> It's usually a conversation with that CIO, who's kind of, on that cloud journey, building his cloud strategy, and even if he made the decision to in five years be in the cloud, now the question is, "Okay, what's happening in the meantime? "How do I actually do that?" >> One of the cool things that's happening in the meantime is most of our customers are in just this perpetual state of data center consolidation, right? Most of these large SAAS companies, they're growing through acquisition, they've got nine data to data centers, they all have a plan within two or three years to be consolidated on three next generation data centers and then have cloud mobility. So what we're able to do, this is leveraging our software model as well, is say, "Listen, let's do an enterprise wide, "unified licensing scheme, "where you're paying on consumption, "based on actual data stored, "and then you can build the underlying infrastructure "wherever you want. "You can base it on your traditional infrastructure "you might already own, it might be on next generation "NVMe, NVMe over Fabrics connected data centers, "and then a piece of it now might be in the public cloud." >> So, you're talking CIO, Dave, you're talking CSI, I'm just little confused! (laughter) Gentlemen, thanks for the time, we appreciate it. Great discussion, and continued success downstairs and on down the road. >> Great to be here guys, thank you. >> All right, back with more VMWorld 2019, here on theCUBE. (futuristic techno music)

(Techno music) >> Live from San Francisco, celebrating ten years of high tech coverage, it's The Cube. Covering VMworld 2019. Brought to you by VMware and it's ecosystem partners. >> Well we are in Moscone Center North here in San Francisco, the city by the bay. Gorgeous day outside. Day two of our coverage here on the Cube. Vmworld 2019. I'm John Walls with John Troyer. John good to see you today. >> Great to be here with you. >> Good for day two. We have a couple of authors with us today, both from VMware. Rosa Lear who is the Director of Marketing at VeloCloud, in the business unit there. Rosa thank you for being with us. >> Thank you. >> Appreciate that. And Dave Twinam, who is the Director of Systems Engineering in that business unit at VMware. And this is the book that they have collaborate on I think with 12 others, there were 14 who came together on this project. It's called SD-WAN one on one, the what, the why, and the how. This is going to answer all those riddles, all those puzzles that you have about how to software define wide area network work, where are the pitfalls, where are the challenges, what are we going to do to solve our problems. So folks what was the genesis of this? It's a hefty thing for sure, >> (Rosa) It is, yes. And really well illustrated, we'll get into that in a little bit, but what was the genesis of this? Rosa if you would first, what drove you to put this together? >> Sure, there are a lot of books out there on the market that are focused on the SD-WAN because it's such a hot topic, but what we saw was a big deficit on how does it actually work. Getting down into that second, third layer of what people are looking for. So it's not so superficial. They really want to know how does it work, how do I integrate it into my network, what are the steps that I go through. So it's not a user manual, but it definitely gives you that deep perspective of what SD-WAN can provide and how to implement it into your network. >> So the target audience would be who? >> Network engineers, we also got stuff in here for the business owners, so CTO's. We actually have two characters that help outline a lot of the comments, or a lot of the meat of the book. One is Elvina. She's the CTO, so she really describes what her business needs are. And then there's Rodney who is her network engineer who actually implements this, the architect, so it's told from their perspective and really introducing each of the chapters, the concepts, and the takeaways. >> So Dave as you've been doing this, you're talking to customers out there, what's the state of the art here, where are we with the evolution of SD-WAN? It's kind of a noisy space from my perspective. Also from a VMware perspective, this brings VMware out of the data center into the network, and network edge, and wide area network. So can you just talk a little bit about what are the problems people are seeing, and that they're solving with SD-WAN, and why are network engineers interested in taking this as their bedtime reading. >> Absolutely, clearly what we're seeing in the marketplace is that there is a lot of noise out there, there are a lot of vendors that are in the SD-WAN space. I think it's important to note though that we are number one. It's always a good place to be. So while VMware is a newer kind of entrant into the wide area market in particular we already have a leadership position via the VeloCloud acquisition, and obviously the continued enhancements to the portfolio from there. So the reality is that SD-WAN, it's kind of funny we have the why at the beginning of the book, more and more customers aren't asking the why. They know why they need it, which is it's the natural evolution of their wide area infrastructure. They know that software is the future, that's why we are here at Vmworld cause we're all about software, and understanding how they can evolve to meet those business challenges in a software framework versus the traditional rip and replace hardware based model over the past. >> And you're on one side of the equation obviously, you're supplying this information, supplying the services, developing the solutions whatever. How much listening do you do to the other side to put together something like this? Cause I would assume you had to have a real sense of what the problems are and what the questions are. What is the what, what is the why, what is the how that's going on on the customer side of this. Tell me about that process if you will. >> Sure, so one of the unique parts of this book is that with these other authors that we brought in to put this book together, and we did this within five days which is a great project, but we really took the people out of the field. So these are the engineers that helped create this book are the ones who are shoulder to shoulder with the customer. Helping them that implementation, talking to them about how they actually implement this. So they talk to the customers, this is brought out from the field. It's not some guy sitting in an ivory tower talking about what you should do. This is actually what you should do because this is the best practice, this is what we hear from customers, this is what works best for all of the people we've implemented SD-WAN with. >> You did this in five days? >> Five days, so we hired a company. >> (John) How many of you 14? >> There was 15 of us. >> 15 in five days, we're you locked up for >> Yes. 24 hours around the clock. I read you went to Miami, I remember that, but I didn't realize it was in that compressed of a time frame. >> Oh yeah, it was great. I mean we all learned, I think, a lot because we come from different geography's. We came from different deployment models and so forth. And yeah we just all got together. >> I love the idea of the book spread. So you've captured a moment in time, of the technology, of the marketplace, but you said this isn't a dummies book, isn't an intro, nor is it a how to manual right. It's not a product manual. So I'm thinking it should be somewhat conceptual and have a life span of more then just the latest release of anything right. Is that part of the goal here? Is this going to have a lifespan? >> Absolutely. >> I mean what do you envision? Again it's interesting you're both engineering and you said the CTO, the CXO level can get some understanding of why some things are going on. >> Sure, you think about it from a CXO perspective right. What are the business challenges that that individual sees. They don't necessarily care about the bits and bites of networking underneath. They know that they need a network, but they also know that it's a really expensive part of their budget. So they need to understand how does it actually support the business and ultimately how can they do more with it, and ideally what we always hear is do more with less. So how do we get to that point and understanding then that's one need that comes from the business side. Well how do we complement that from the technical side of things. How do we solve those problems. But the reality is we're not solving technical problems just to solve technical problems. We're solving them to actually meet the needs of the business. So kind of seeing both side and how they come together is critical to it and I think that's something we tried hard to put into the book. >> When you have a collaboration like this, and you said you brought 15 people together, I'm sure there has to be some disagreement at some point or some discussion. So what were some of those points that came up where somebody thought that perhaps maybe a little more attention here, maybe a little less attention there. Maybe this is something we should bring, no that's not touch that base. How about those discussions, that back and forth, and how did you settle that with so many people in the room? >> So one of the things that we first outlined when we started this process was that this is a safe space. That nobody is really wrong, cause we're also bringing in different perspectives here. So we definitely all decided that we're going to treat each other respectfully. There was a lot of arguments here and there about certain things but we all are professional so we all figured out what the right thing was to do. >> So let's talk about the order, let's talk about how you dealt with it, the what's and the whys. You said why almost didn't make the cut but did make the dress rehearsal and the publishing. How do you put together something like this, that is not a user manual, cause that's the first thing I thought of. I thought okay, you're going to show me what SD-WANS all about and how I'm going to deploy it. VMwares services or solutions rather on my network. But that's not what this is all about. How did you parts that? How did you decide this is the direction we're going to go, and not just make it a how to for people or a dummies. >> So we already have a dummies book, so you should check that out. There's also a PDF on our website, velocloud.com, so we needed another layer, another book that would go deeper on that. We needed something that, I mean you can always write a user manual. Anybody can sit in a room and put that together, but we wanted something that was different. That was actually going to, I guess, comfort customers who were looking at the solution. Give them the right idea that this is what they need, and also what they were going to get into. That's a big question, you don't understand what the implementations going to be like until you're in it. So this gives you that view. So you can use it as a pre-customer read, or you can use it post-sales and really help define what you need to do when you're implementing. >> Nice, nice. We're here at VMworld 2019, this is my you know millionth VMworld. Very interesting, a lot of talk at the top level. Apps and kubernetes and that sort of stuff. At the bottom level, networking and a lot of other things, that maybe the traditional admin, Vsphere admin, already kind of a silo busters from old rolls is already here but sometimes when the networking folks talk with the server folks the words mean different things. They're slightly different tribes lets say. App performance is an SD-WAN context may mean something completely different then app performance in a data center, server context. So you're here at the show. You've got the network edge zone down in the show floor. You've got a booth there, you've got activities, obviously a lot of break out sessions. How have the networker's mixed with the admins? How has it been? And you all are from VeloCloud which has been with VMware for? >> (Rosa) Almost two years in December. >> Talk about both that integration, both corporately and you know here at the show. >> You want to go first? >> Sure, the event has been fantastic for us. We are getting a lot of traction. We actually did a book signing for this book yesterday with six of the authors. 96 books are gone, and I feel like the conversations are really migrating to the networking space. The wide area networking space rather then just data center. You're right there is a lot of overlap in the technology and the lingo and jargon, but I think if we know what were talking about in terms of wide area networking I think those conversations can easily be fudged or gaped. >> Just I would add, I've been at VMware about five years now so I was on the NSX team prior to moving over to the Velo team. So five years ago there was virtually no presence of networking. We were the only networking people here for the most part, And that's really changed substantially. And this year in particular is the first year where there are a lot of networking folks that are roaming the halls here. Whether its understanding the NSX side of the house or whether its SD-WAN there is a significantly greater presence then there's ever been previously. So the other piece is realizing we're a networking company now and a security company right. Those components are integral as a part of the solution and so the makeup has actually begun to change a little bit and there's more co-mingling then there's ever been before in this space. >> You touch on security in the book? >> Absolutely there's an entire chapter on it. >> So C-Cell might be interested as well? >> Absolutely. >> All right so the book I've seen is for purchase here on site. >> (Rosa) Yes. >> In case somebody's watching and they're here tell them where they can get it. >> Go the the VMware book store, it's in Moscone West, and then we also will be making it available on Amazon starting next week. >> All right so here's again a look at the book. SD-WAN one on one, the what, the why and the how. Rosa, Dave thanks for being with us. Congratulations on, I assume first book? >> For me yes. >> Third for me. >> Oh okay, a practiced hand. (laughing) >> First print though. >> Not fair. Thank you both, appreciate the time. >> (in unison) Thank you. >> Back with more continued coverage here on the cube of Vmworld 2019. (techno music)

>> Announcer: Live from San Francisco, celebrating 10 years of high tech coverage, it's theCUBE. Covering VMworld 2019. Brought to you by VMware and its ecosystem partners. >> Welcome back to bright and sunny San Francisco. Gorgeous day here in the City on the Bay. Dave Vellante, John Walls. We continue our coverage here on theCUBE VMworld 2019 with Doc D'Errico from Infodant, CMO. Doc, good to see you again, sir! >> Infinidat. >> Oh Infinidat! Sorry, sorry, sorry. (Doc laughs) But, good to see you! >> I missed my opportunity but thanks, Dave, yeah, it's good to be back. >> John: You bet. Marc Creviere, who is principle systems engineer at US Signal. Good to see you again, Marc here. You were here just last year, right? >> Yeah, I'm an alumni now. >> We'll touch base on that in just a little bit. Doc, first off, let's just talk about the show from your perspective. What you're doing here, explain to our viewers at home what it's all about and what you find the vibe that's going on this year. What kind of sense do you get? >> The vibe is fantastic The sense is great. Coming back to San Francisco, I'm not sure what we were really expecting but it's a really good tempo, a lot of great people, lot of great feedback on our recent launch. A lot of people looking at what're we doing, especially with VMware and availability. Lots of new use cases for snapshot technologies which is fantastic. The 100% availability, it's great getting people come up to you who say "Hey, this is incredible. "You guys actually put some teeth behind your guarantees," "you know, you're not just promising "some future discounts or something. "In the VMworld environment where I've got my VMs, "I need that kind of guarantee, I need that support. "I need to know that my systems "are going to be there when I need them, "because that's my business," right? It's just an incredible vibe. >> And had your party last night? >> We had our party last night. And guess who was there? (laughs) >> I did stop by, it was a very cool venue. The San Francisco Mint, which is, it was kind of awesome. >> Yeah, it was a great, great environment. It was great having people like Dave there, and some of the other industry luminaries talk to our customers. >> I didn't get the tour of the Vault. >> Doc: I'll get you a picture. (laughing) >> So, Marc, I mentioned in the intro, we had you on last year. So, let's look back at the last 12 months for you. US Signal, and what's been going on with you, and what are you seeing here and kind of feeling here in terms of business? >> Yeah, thanks for having me back. It's been another great year at US Signal. We are planning on opening a new data center in the Detroit Metro area, coming up online Q1 of 2020, so that's exciting for us. Purpose built, wholly owned and operated by us, so that's great. It's going to add to our capabilities in that region. We've had a heavy focus on DR technologies, DR as a Service technologies in the past year. Seeing a lot of success, a lot of really good conversations with customers and developing their plans, and bringing our new capabilities to be able to service those needs. >> So, tell us more about the DR as a Service. I mean, that's obviously one of the early sort of cloud-use cases? >> Marc: Yeah. >> Add some color, what is it all about, how does it relate to some of the other DR solutions that are out there and what role do these guys play? >> Yeah, well we conducted a survey of a little over 100 of companies in our region, a little over 100 respondents, and three out of four respondents told us that their biggest concerns were either distributed denial of service or ransomware. Obviously, we've got these bad actors out there. And it doesn't necessarily have to be a bad actor, it could be something force of nature making data unavailable, right? It doesn't matter how great the equipment is if either a bad actor or nature takes it out for you. So, having that protection, we're able to have replication technology. We actually have three separate technologies that we use now. We enhanced our Zerto-based offering to include multi-cloud so we can now have customers replicate to either multiple cloud destinations, us being one of them, or they can replicate to one of their sites and us as a tertiary site, so that's new. They're able to bring their existing licensing. One thing that's exciting to me, near and dear to my heart, is drafts for VMware based on the vCloud availability platform. So, we're a big VM, vCloud shop, big consumer of VMware technologies, that's why we're out here, and that's really exciting to me because it uses built in VMware replication technologies. There's not a lot of learning curve, there's not a lot of extra components. Super simple to get up and running and get RPOs as low as 5 minutes, and it's easy, and it's relatively cheap on an OPX-type platform, where you're paying for storage and per VM and that's it. And then we've also spun up a replication for Veeam, Cloud replication for Veeam based on that ecosystem. So, we've got a lot of entry points, a lot of different ways that we can protect that data and bring it in and get a copy in our data center, so in the event that it becomes unavailable at the source, it's either managed or customer managed. We can get it up and running in a short time frame on our infrastructure. >> And Infinidat is the primary storage underneath all this? >> Marc: Yeah. >> So, explain more about... So, Doc, you and I have had these conversations. The state of the art, whatever, 15 years ago, was three-site data centers, very complex, extremely expensive. I'm interested in how we're attacking that problem today. You obviously, with multi cloud, it's multi-site, but how are we attacking the cost problem, the complexity problem, the "I can't test because I can fail over "but I'm afraid to fail back" problem? >> Well, you know, there's so many different ways to cover all of these. We're talking just about ransomware, you know, ransomware are immutable snaps, become an important play and we have Snap Rotator which will allow you to build a certain number of snaps and have them just rotate through so you're not just creating an infinite number, you're not wasting time and space. And, by the way, time and space, our snapshots are zero-overhead. There's zero performance penalty, unless you want to crash consistent copy, and there's really zero data overhead because it's only the incremental data that you write. So, by creating this, you can do it every couple seconds, and then create some immutable copies of that. You know, make them time out, so they can't be modified, 30 days, 60 days, whatever you decide administratively. So that's great. If you're looking for the DRaaS, the DR as a Service-type capabilities, whether it's single site or multi site, going to cloud service providers makes a lot of sense. 'Cause now, even if it's on premises to a cloud service provider, now you're not having to worry about that second set of infrastructure, you're not having to worry about the management of it, you're not having to worry about the systems integration of it, or even go CSP to CSP, right? Go from one data center within your favorite cloud service provider, hopefully US Signal, to another or any one of our great partners would be super, too. And then, of course, InfiniSync, where if you really want that longer distance capability, why bother with a bunker site? Why bother with all that complexity and that cost and overhead? Put in an InfiniSync appliance in with a VM, and you've got the recoverability. You can go asynchronous distances, and have a zero RPO. >> For way, way less. >> Oh, a fraction of the cost. It'll cost you less for the InfiniSync appliance than it'll cost you for the telecoms equipment that you need for a bunker site. >> If I don't want to build another data center... Go ahead. >> What I'm curious about; I heard a number yesterday in one of the interviews we had, about ransomware. The number kind of blew me away, and I thought about one out of every three companies will be a victim of, or at least a ransomware attack within the next two years, which means everyone, over the next six, if you extrapolate that out. Does that sound about right from what you're seeing? That the intrusions are reaching that kind of frequency? >> I'm surprised it's that low, but I'll let Marc try and answer that. >> We've done some events where we actually demo how easy it is, like, through a phishing attack, to get that in there. So, it's not just about having those protections in place, it's your user training; that's a huge area, training those users what to look for in those emails to avoid that sort of thing, but it's not perfect. People are imperfect. >> Dave: And yeah, you got to have both the protection on the front end, the training for the people, and those recovery options in the event it does get in. In our survey, the average monetary damage was over $150,000 per incident. And that means that some people got off a little lighter and some people paid a lot more, if that was the average. >> Should you pay the ransom? >> Uh, not if you've got a good plan in place that can test it. (laughs) >> But it is, it's a reasonable question. >> Huge quandary. Some are, some aren't, right? Atlanta says "no, we're going to pay a boatload "to protect against it, but we're not going to pay that," what was it, 55,000 or whatever it was? >> Let's negotiate. >> Yeah, I think I said last time I was here that until you've tested your plan, you don't really have one. You know, it rings just as true today. >> What's your business worth? I mean, it's a great question, really. What is your business worth to you? Your business is probably worth a lot more, and they probably throw these numbers out there, thinking "Well...", then becomes a no-brainer for you to pay, and that's the whole point. Because what is ransomware? It's malware that's recoverable, maybe. You're not even sure of that. >> Is it usually, is it operator error? Is it human error that allows that to work more often than not? Or, is it a mixture of technical chops, or just...? >> It's a mixture; you've got to know what vulnerabilities are out there on your infrastructure, you got to make sure you're staying up to date on patching those vulnerabilities, paying attention to any compliance practices, if you're a compliant organization. You know, HIPAA, PCI, our entire infrastructure footprint is actually HIPAA and PCI compliant at the levels that we control. So, it's a heavy lift. You got to stick with it. >> But just to kind of bring it full circle to the comment about the ransom and paying it, you know Marc said something really important, "Have a good plan." I would argue, have a good partner. If you don't have a CISO who's got the chops to be dealing with these types of problems, that's when you need a partner like US Signal to really step in and take you through what's involved in a realistic plan, something that's not going to break the bank, something that's really going to protect your business going forward, because these things are very real. >> One of the concerns I have in this topic is that things happen really fast these days. So, if there are problems, they replicate very, very quickly. How do you address that problem? Is it architecture, analytics, I'm sure process, maybe you could add some color to that. >> All of the above. Having those controls in place, those segregations, we've got, obviously, clear segregation between our management and customer data plans. And each of our customer data plans are separate from each other. It's secure multi-tenancy, not just multi-tenancy. So yeah, it's important to keep those delineations, user access, making sure that people only have access to what they need, and a lot of that, again, is covered by those compliance practices and paying close attention to what they have. There are reasons they have these guidelines and these rules and these audits. It's to help, in large part to protect against that. >> You mentioned before, Marc, you're a heavy VMware user, Infinidat, it's kind of the new kid on the block. People said "Oh, they'll never be--" >> Marc: Not for us. >> What's that? >> Not for us. >> Not for you, right, but for the storage industry. Doc and I have been in the storage industry a while. But, I'm curious as to what you want from a supplier like Infinidat, why you chose Infinidat? How're they doing with regard to VMware affinity, all those things people tend to talk about as important. >> Marc: All right, well-- >> What do you think is important? >> Well, in the Infinidat experience, the company experience, the support experience, it is the benchmark by which we judge all other vendors now. It's that good. The working with us whenever we need equipment, obviously they've got, the price per terabyte is hard to beat with the way they're able to leverage that technology. The responsiveness, if we've needed something in a hurry they've been able to get it to us in a hurry, It ties in extremely well with our infrastructure because we scale so quickly, right? Trends are very hard with us, because there's all these hockey sticks. It's going, going, going, we get a big order and it goes up really fast. I think the theme right now is scale to win? >> Yep. >> So that resonates with us because by having that in place and having that scale ready to go, we don't even need to anticipate those hockey sticks because it's already there. >> Great. Well, gentlemen, thanks for the time. We appreciate that. Doc, Infinidat. (laughs) >> Thank you very much it's great to see you both again. >> John: Look forward to see you in 2020, right? >> I'll be back. >> Yeah, it's become an annual thing. >> Michael said we'll be celebrating our 20th year, so I'm looking forward to seeing-- >> And this is our 10th year here, so anniversaries all across the board. >> Congratulations. >> Congratulations. >> Have a good rest of the show, we appreciate the time. >> Thank you very much. >> Thank you. >> Back with more VMworld 2019, we continue our coverage live here on theCUBE. We're at Moscone Center North in San Francisco. (upbeat electronic music)

>> Narrator: Live, from San Francisco, celebrating 10 years of high-tech coverage, It's theCUBE! Covering VMworld 2019. Brought to you by VMware, and its ecosystem partners. >> And, welcome back here on theCUBE, we're at the Moscone Center here at downtown San Francisco. Gorgeous day outside, by the way. Picture perfect day. Chamber of Commerce weather, but a lot of big news happening inside here for VMworld 2019, along with John Troyer. I'm John Walls, we're joined by Pierluca Chiodelli, who's the Vice President of Product Management at Dell EMC. And, Pierluca, good to see you, Sir. >> Thank you, it's awesome to be here. >> Great, thanks for being here. And Muneyb Minhazuddin, whose the VP of solutions product marketing at VMware. And Muneyb, I know you're right just hot off the presentation stage. >> Yes I am. >> Catch your breath, it's all going to be fine. How was your audience? I'm sure standing remotely. >> Yeah, it was thirteen hundred plus >> Excellent, yeah. Been a big week, already. >> Of course it has, yeah. >> For you and your team. So, first off, let me just, let's step back, talk about the vibe of the show, the theme of the show we saw Pat on the stage. >> Muneyb: Perfect. >> About an hour and a half this morning, just your thoughts about day one and the big announcements that VMware's been making. >> It's been a great week, and it's actually been a great approaching week. As you know, on Thursday we announced intent and acquire both Pivotal and Carbon Black for close to about $5,000,000,000. So, that's, kind of a big announcement by itself, and then how do you kind of bring in and keep day one where you're not too focused on those two, but get the narrative of VMworld across. And really, you know, where we have, you know, CUBE has been with us on this journey for a long time. >> Right. >> We've seen that data center shift into kind of two tangents. One is, you know, workloads into data center break out into public clouds. Second, rerouting into cloud native applications. And, if you've seen our strategy wall when that was kind of the key messages. Hey, we're embracing both the modern app development, the focus on Kubernetes and Tanzoo announcement, was all about to say, "VMware platforms ready "for the breakout of both tangents." First, Cloud Native, we've got Kubernetes, we're bringing it right into vSphere, so that everybody in the audience can support it. Second, the breadth of our cloud everywhere, right, so, we've gone from Amazon to IBM to Google to Ajour. So, it'll give you the infrastructure for your workloads to be your choice. Modernize or migrate. (chuckles) That was a key message for us to kind of land today. For a lot of our audience who are kind of stuck in that same piece of, "What am I doing with my workloads? "What is that platform I got to build on?" And, you know, the key foundational platform being VMware Cloud Foundation. Right, that was our strategy, and I think last year we called out VMware Cloud Foundation in Pat's keynote, because I wrote it 44 times. (laughs) (group laughter) We didn't do it that many times, this time. We only said that's the platform that lands in Amazon, GCP, Ajour, IBM, and 4,200, you know, cloud provider partners. That gives you really that public cloud extension. The second part being modern apps, Kubernetes is a new, kind of, modern app development platform, vSphere is embedded into that project pacific and the whole Tanzoo announcement, right? So, really, a powerful message, what do you think? Was that successfully landed? >> I think so. John, do you feel good about what you heard today? >> Yeah, absolutely, I think VCF is super interesting. I'm also kind of, so there was an announcement today also about the Dell Technologies Cloud Validated Designs for using VCF. So, VCF the layer, which is kind of the VMware stack with some extra magic in it, that can be in, can make a private hybrid cloud, you know, everywhere. So, talk to us a little bit about Dell Technologies Cloud. As I call it, "DTC." The, it's a lot, there's a lot of stuff in that as well, so, but we have two very complicated solutions stacks that are, we're talking about now, so. >> Yeah, absolutely. >> Can you talk a little bit about the validated design and what came out of that? >> Absolutely, so before we go into the validated design, I think it's very important as Muneyb said. When we think about the Dell Technology Cloud, really, it's a component of the best (murmurs) technology from our storage, networking, and also compute, but we did the VMware VCS on top. So, we work very closely with VMware, and today we are announcing today the Cloud Validated Design. As we announce at the Dell Technology World in May, we said Dell Technology Cloud is this, now we want to tell to the people, how you can easily deploy this. What is make this tangible? So, what we are doing today is rapid time to value. We did design and pretested configuration, that we put in Dell Technologies Cloud Validated Design, as we said. The other important things as Muneyb said, right? It's... And, I heard this also from theCUBE. There was a debate with Stu and other people about, what is the Cloud? How I deploy the Cloud? When we think about Dell Technologies we speak with different peoples, and two set of peoples. One is the app, right? The Cloud app, all the app people that, they want to build have all the automation, DevOps operation and all these things. But, behind those people, there's still an infrastructure. So, we are speaking on both things. So, it's very important this paradigm is there, where you can have people that they can consume the technology, and understand how to build the infrastructure to be automated, and build that automation for the Cloud. So, that's what is the Dell Technologies Font Validation Design. Right. So, one of the biggest things here that we announced, is not only the Cloud Validation Design. It's the first one but also the ability to have compute, storage and network together, and also use it primary storage as a primary citizen of the VCF. So, we should talk about that later but that's-- >> Absolutely, and I think to catch onto that, you know, talking about the applications et cetera, you know, again, in the evolution of Cloud, and we've been on the journey for 10 years is, we've had, the first few years of the Cloud journey was, felt a little like a one way street, which was, kind of meant where people were shutting down data centers and going to all these public cloud providers, was always a one-way street. Now, VMware, and if you followed us closely, we had a service call VMware, you know VCHS, which is VMware Hybrid Cloud Service before the vCloud Air and then we came out with this solution, right? The idea was, we thought there's going to be movement back-and-forth but it wasn't the case. People were seriously shutting down and going one way. As we made all these partnerships of you know, Amazon, IBM, we started seeing, and you heard stories of IHS, Freddie Mac on stage where they take six weeks to move 100 applications one way into the Cloud, customers started asking us some questions, say, 'If it's so easy to go that way, is it also that easy to bring it back?' >> Come back! >> Right? And, that kind of lead to the whole kind of Dell partnership, Dell announcement within the Dell Cloud Foundation, you know, VMware Cloud Foundation, Dell Technologies Cloud Platform to say that, "Hey, it's actually..." There's a notion of not going from hardware-specific, you know, just high-tuned for workloads to commodity hardware in the Public Cloud. There's now a need for having common hardware platform on both on-PRAM, off-PRAM because there is a need for customers to take EC2 workloads or, you know, Ajour workloads and bring it on PRAM again. That was just a notion of how fast it is. I add that point because it is so critical to know that your hardware is performing in tuned, to perform for a high business critical applications. People forgot about them the first few phases of going to the Cloud, and now as they think about a hybrid, true hybrid Cloud nature, they want optimal performance in the software layer, in the hardware layer. You know, hence our announcement of Dell Technologies Cloud, Cloud Foundation, Validated Design. It's really supporting that customer notion. >> So, it's like this optimal, or maximized flexibility is what you're trying to give people. I mean, is that-- >> Pierluca: With the Cloud simplicity, that's really the key. >> But what drives that? I know that you have, you've, you know, whether you're on-PRAM or you're off-PRAM, you're going to decide what workload's going to go on what space on, so forth, but is some of that kind of hedging bets for future workloads because you can't predict where they're going to be done or where you want them done? Or is it just providing flexibility today, and let's not worry about tomorrow? You know, it just seems like there's a lot of runway here, if you will. >> Yeah, and I think there's no right or wrong answer. One of the big workshops I do with our customers is really kind of say have you figured out what's your three to five-year application strategy? Because again, in that first phase of that fast migration to the Public Cloud, people were just like CIOs I know, it's like, I have a cloud for strategy, what does that mean? I'm shutting down all data centers, I'm going to the Cloud. Right or wrong, and that's my Cloud First strategy. Now, what they've come to realize is not all workloads work effectively in the Cloud, right? So, they kind of like, hey, put an application strategy to say what are the most optimal applications that will get the benefit of Cloud? These are like, e-commerce retail. They have to have, you know, Black Friday, expanding elasticity. If you got no slow, mundane, you know backend processes doing batch processes of massive storage of in a bank ledger in the back end, they're not going to get that elasticity. I know what it is, I know how many, you know, batch processes I got to run. So, people are getting smarter about which ones get the benefit of, you know, modern app development, or Cloud elasticity, which ones don't really need to have that. So, we've seen best practice customers actually have a very good app strategy, three to five years, and then decide how much of my app strategy is gone to the right, you know, or gone to the left, right? It's pretty much to say, "I don't have to change." 60, 70% of my Eastern European customers, their banking ledgers are still on mainframes. They're not in a hurry to go to the Cloud, whereas, you know Fintech on the East Coast is going, "I'm going to the, I'm going to the Cloud", right? So, it's really that strategy that's, they should take the app strategy and decide what the infrastructure strategy is on the top shelf. >> I think from the storage business, we see that really clear, right? The app is definitely what is moving the things, right? It's not, people they're not thinking anymore because the transformation is in the way that you consume the infrastructure. They not thinking anymore about what I put there, but is about what app I need to run, how I build my app. So, it's the environment. And, I don't think personally I meet a lot of customer. There is not one right way or wrong way, it's an end, right? As you can see also in VCF we have Vsend, VxRail and primary storage. If you look at two years ago, we will be sitting here and say, you know, "It's only this, not the other things." When we, I been in governor conference, three years ago was like, it's all Cloud. It's reality is the world, the information technology world is always the same, where is a natural genius things. Because people, they need to have the trust, right? You cannot run your entire things on something that you don't know or you didn't prove. So, what we give here today with our technology is the flexibility. You can have a Cloud approach, but use the trusted PowerMax, for example, in conjunction with Vsend, in conjunction with the Unity. So, not all these is the proof that you can preserve your investment. But, is the proof that you can start to build those up. And, if you've seen what paths say today, then those app can live everywhere. So, you can go, you can move, it's much easier to move, and you can just trust what you're doing. >> And, you hit an important point on the move part, right? And, people are so easy, like, "Hey I moved a thousand applications in six weeks "to VMC and AWS." The fundamental notion where that was not possible before, was compute, network, storage. Like, we've been doing vSphere for a long time, you know that. And, it wasn't that easy because what used to happen is people thought, "Hey, a virtualized computer, I can move it." But, what did not happen as you moved that, was your databases, you know, your storage, rules didn't follow you into the Cloud. Your networking QOS and, you know, policies, and you know, priorities didn't follow you into the Cloud. So, that was kind of like, you know, you know, I'm an Australian, so it was a half-assed solution, right? (group laughing) So bear with my language, right. It was a half-assed solution, but really what needs to happen is your compute, your network, your storage has to all work together. And, that's where Cloud Foundation was powerful. And, what we're lighting with this Validated Designs is also that capability that your computer, or storage is one unit from a app. Once you package it and make it available in all the platforms, then that migration becomes six weeks, two weeks to move that. Because once you break it apart, it's a nightmare. There's not a lot of folks who have survived database migrations. (laughs) >> I mean maybe Pierluca, you can kind of sum us up here. This conversation's been a lot around evolution, right? And, there's also been an evolution of data center design and what to expect with that, you know, just buying things off the shelf and getting a Var and, you know, the VMAX, and we've been through this whole, and now, we've talked about VxRail, which can be part of this solution. But, can you talk, just, maybe, take us in, take us out with the, or into the future with the Dell Technologies Cloud as the idea of the Validated Design, the idea of this stack from Dell Technologies in storage et cetera, what can we expect in the near future? And, how much guidance will folks get? >> Yeah, absolutely. So, without breaking any NDA things, but this is only the first step. So, the Cloud Validated Design is just the first step where we said, 'Okay, we are tasked in this, "we putting this together." We are working very closely to also solve the entire things that VCF allow you to do first day deployment, allow you to expand the infrastructure, and allow you also to do life cycle management. For example, with the VxRail we already have the life cycle management part. We are working in way to do that also for our storage and other things. So, if you think about that then it becomes as you said, all the policy we put, like with Vworld, will be strategically in that sense, the policies can be carried over. So, then you can go to VMC, you can go to another place where the software and infrastructure can move back. So, because people can do this on PRAM, a replicate exactly but not only replicate the application, but replicate the (murmurs). What do you do on the QOS, all these key things that makes people running enterprise application, right? So that's, I think, it's very exciting moment. I think it's just the starting of this dream. >> Absolutely. >> Gentlemen, thanks for the time. >> Thank you. >> And you're all, you paint a pretty exciting future, don't ya? >> I hope so. >> So, I can't wait to look forward to even VMworld 2020? >> Wait 'til Barcelona, come on? (laughs) >> All right, well I'm not making that road trip, so unfortunately-- >> We going to more out there. >> But, Barcelona's going to be good. >> Yes, thank you for having us. >> No, I'm not the best guy, so, all right good. Hey, gentlemen, thank you for the time. >> Thank you >> Thank you. >> I appreciate it very much, great discussion. >> Thank you very much. >> Thanks for having us. >> Back with more from San Francisco right after this. (techno music)