>>and welcome to this cube conversation. I'm john for a host of the queue here in Palo alto California. We've got two great remote guests to talk about, some big news hitting with scalability and Hewlett Packard enterprise drill, MCAT ceo of sexuality and chris Tinker, distinguished technologist from H P E. Hewlett Packard enterprise U room chris, Great to see you both. Cube alumni's from an original gangster days. As we say Back then when we started almost 11 years ago. Great to see you both. >>It's great to be back. >>So let's see. So >>really compelling news around kind of this next generation storage, cloud native solution. Okay. It's a, it's really kind of an impact on the next gen. I call, next gen devops meets application, modern application world and some, we've been covering heavily, there's some big news here around sexuality and HP offering a pretty amazing product. You guys introduced essentially the next gen piece of it are pesca, we'll get into in a second. But this is a game changing announcement you guys announces an evolution continuing I think it's more of a revolution but I think you know storage is kind of abstraction layer of evolution to this app centric world. So talk about this environment we're in and we'll get to the announcement which is object store for modern workloads but this whole shift is happening jerome, this is a game changer to storage, customers are gonna be deploying workloads. >>Yeah skeleton. Really I mean I personally really started working on Skele T more than 10 years ago 15 now And if we think about it I mean cloud has really revolutionized IT. and within the cloud we really see layers and layers of technology. I mean we all started around 2006 with Amazon and Google and finding ways to do initially we was consumer it at very large scale, very low incredible reliability and then slowly it creeped into the enterprise and at the very beginning I would say that everyone was kind of wizards trying things and and really coupling technologies together uh and to some degree we were some of the first wizard doing this But we're now close to 15 years later and there's a lot of knowledge and a lot of experience, a lot of schools and this is really a new generation, I'll call it cloud native, you can call it next year and whatever, but there is now enough experience in the world, both at the development level and at the infrastructure level to deliver truly distributed automate systems that run on industry standard service. Obviously good quality server deliver a better service than the service. But there is now enough knowledge for this to truly go at scale and call this cloud or call this cloud native. Really the core concept here is to deliver scalable I. T at very low cost, very high level of reliability. All based on software. We've we've been participated in this solution but we feel that now the draft of what's coming is at the new level and it was time for us to think, develop and launch a new product that specifically adapted to that. And chris I will let you comment on this because customers or some of them you can add a custom of you to that. >>Well, you know, you're right. You know, I've been in there have been like you have been in this industry for uh, well a long time, a little longer to 20, years. This HPV and engineering and look at the actual landscape has changed with how we're doing scale out, suffered to find storage for particular workloads and were a catalyst has evolved. Here is an analytic normally what was only done in the three letter acronyms and massively scale out politics name, space, file systems, parallel file systems. The application space has encroached into the enterprise world where the enterprise world needed a way to actually take a look at how to help simplify the operations. How do I actually be able to bring about an application that can run in the public cloud or on premise or hybrid. Be able to actually look at a workload off my stat that aligns the actual cost to the actual analytics that I'm going to be doing the work load that I'm going to be doing and be able to bridge those gaps and be able to spin this up and simplify operations. And you know, and if you if you are familiar with these parallel fossils, which by the way we we actually have on our truck. I do engineer those. But they are they are they are they have their own unique challenges. But in the world of enterprise where customers are looking to simplify operations, then take advantage of new application, analytic workloads, whether it be sparred may so whatever it might be right. If I want to spend the Mongol BB or maybe maybe a last a search capability, how do I actually take those technologies embrace a modern scale out storage stack that without without breaking the bank but also provide a simple operations. And that's that's why we look for object storage capabilities because it brings us this massive parallelization. Thank you. >>Well, before we get into the product, I want to just touch on one thing from you mentioned and chris you, you brought up the devoPS piece, next gen, next level, whatever term you use it is cloud Native. Cloud Native has proven that deVOPS infrastructure as code is not only legit being operationalized in all enterprises, add security in there. You have def sec ops this is the reality and hybrid cloud in particular has been pretty much the consensus. Is that standard. So or de facto saying whatever you want to call it, that's happening. Multi cloud on the horizon. So these new workloads have these new architectural changes, cloud on premises and edge, this is the number one story and the number one challenge, all enterprises are now working on how do I build the architecture for the cloud on premises and edge. This is forcing the deVOPS team to flex and build new apps. Can you guys talk about that particular trend and is and is that relevant here? >>Yeah, I, I not talk about uh really storage anywhere and cloud anywhere. And and really the key concept is edged to go to cloud. I mean we all understand now that the Edge will host a lot of data and the edges many different things. I mean it's obviously a smartphone, whatever that is, but it's also factories, it's also production, it's also, you know, moving uh moving machinery, trains, playing satellites, um that that's all the Edge cars obviously uh and a lot of that, I will be both produced and processed there. But from the Edge you will want to be able to send that uh for analysis for backup for logging to a court. And that core could be regional maybe not, you know, one call for the whole planet, but maybe one corporate region uh state in the US. Uh and then from there, you will also want to push some of the data to probably cloud. Uh One of the things that we see more and more is that the the our data center, the disaster recovery is not another physical data center, it's actually the cloud and that's a very efficient infrastructure, very cost efficient. Especially so really it's changing the padding on how you think about storage because you really need to integrate these three layers in a consistent approach, especially around the topic of security because you want the data to be secure all along the way and the data is not just data data and who can access the data, can modify the data. What are the conditions that allow modification or automatically ratios that are in some cases it's super important that data be automatically raised 10 years and all this needs to be transported fromage Co two cloud. So that that's one of the aspects, another aspect that resonates for me with what you said is a word you didn't say but it's actually crucial this whole revolution. It's kubernetes mean Cuban it isn't now a mature technology and it's just, you know, the next level of automaticity operation for distributed system Which we didn't have five or 10 years ago and that is so powerful that it's going to allow application developers to develop much faster system that can be distributed again edge to go to crowd because it's going to be an underlying technology that spans the three layers >>chris your thoughts. Hybrid cloud, I've been, I've been having conscious with the HP folks for got years and years on hybrid clouds now here. >>Well, you know, and it's exciting in a layout, right? So if you look at like a whether it be enterprise virtualization that is a scale out gender purpose fertilization workload. Whether the analytic workloads, whether we know data protection is a paramount to all of this orchestration is paramount. Uh if you look at that depth laptops absolutely you mean securing the actual data. The digital last set is absolutely paramount. And if you look at how we do this, look at the investments we're making we're making. And if you look at the collaborative platform development which goes to our partnership with reality it is we're providing them an integral aspect of everything we do. Whether we're bringing as moral which is our suffer be used orchestration. Look at the veneer of its control plane controlling kubernetes being able to actually control the african area clusters in the actual backing store for all the analytics. And we just talked about whether it be a web scale out That is traditionally using politics. Name space has now been modernized to take advantage of newer technologies running an envy me burst buffers or 100 gig networks with slingshot network at 200 and 400 gigabit. Looking at how do we actually get the actual analytics the workload to the CPU and have it attached to the data at rest? Where is the data? How do we land the data and how do we actually align essentially locality, locality of the actual asset to the compute. This is where, you know, we can leverage whether it be a juror or google or name your favorite hyper scaler, leverage those technologies leveraging the actual persistent store and this is where scale it is with this object store capability has been an industry trend setter, uh setting the actual landscape of how to provide an object store on premise and hybrid cloud running into public cloud but be able to facilitate data mobility and tie it back to and tie it back to an application. And this is where a lot of things have changed in the world of the, of analytics because the applications, the newer technologies that are coming on the market have taken advantage of this particular protocol as three so they can do web scale massively parallel concurrent workloads, >>you know what, let's get into the announcement, I love cool and relevant products and I think this hits the Mark Scaletta you guys have are Tesco which is um, just announced and I think, you know, we obviously we reported on it. You guys have a lightweight, true enterprise grade object store software for kubernetes. This is the announcement, Jerome. Tell us about it. >>What's the big >>deal? Cool and >>relevant? Come on, >>this is cool. All right, tell us >>I'm super excited. I'm not sure that it did. That's where on screen, but I'm super, super excited. You know, we, we introduced the ring 11 years ago and this is our biggest announcements for the past 11 years. So yes, do pay attention. Uh, you know, after after looking at all these trends and understanding where we see the future going, uh, we decided that it was time to embark block. So there's not one line of code that's the same as the previous generation product. They will both could exist. They both have space in the market, uh, and artist that was specifically this design for this cloud native era. And what we see is that people want something that's lightweight, especially because it had to go to the edge. They still want the enterprise grade, the security is known for and it has to be modern. What we really mean by modern is uh, we see object storage now being the primary storage for many application more and more applications and so we have to be able to deliver the performance that primary storage expects. Um this idea of skeletons serving primary storage is actually not completely new When we launched guilty 10 years ago, the first application that we were supporting West consumer email for which we were and we are still today the primary story. So we have we know what it is to be the primary store, we know what's the level of reliability you need to hit. We know what, what latest thinking and latency is different from fruit, but you really need to optimize both. Um, and I think that's still today. We're the only object storage company that protects that after both replication and the red recording because we understand that replication is factor the recording is better and more larger file were fast in terms of latency doesn't matter so much. So we, we've been bringing all that experience but really rethinking a product for that new generation that really is here now. And so we're truly excited against a little bit more about the product. It's a software was guilty is a software company and that's why we love to partner with HP who's producing amazing service. Um, you know, for the record and history, the very first deployment of skeleton in 2000 and 10 was on the HP service. So this is a, a long love story here. Um, and so to come back to artistic, uh, is lightweight in the sense that it's easy to use. We can start small, we can start from just one server or 11 VM instance. I mean start really small. Can grow infinitely. The fact that we start small, we didn't, you know, limit the technology because of that. Uh, so you can start from one too many. Um, and uh, it's contaminated in the sense that it's completely Cuban, it is compatible. It's communities orchestrated. It will deploy on many Cuban distributions. We're talking obviously with Admiral, we're also talking with Ponzu and with the other in terms of uh, communities distribution will also be able to be run in the cloud. I'm not sure that there will be many uh, true production deployment of artists in the club because you already have really good object storage by the cloud providers. But when you are developing something and you want to test their, um, you know, just doing it in the cloud is very practical. So you'll be able to deploy our discount communities cloud distribution and it's modern object storage in the sense that its application century. A lot of our work is actually validating that our storage is fit for a single purpose application and making sure that we understand the requirement of this application that we can guide our customers on how to deploy. And it's really designed to be the primary storage for these new workloads. >>The big part of the news is your relationship with Hewlett Packard Enterprises? Some exclusivity here as part of this announced, you mentioned, the relationship goes back many, many years. We've covered your relationship in the past chris also, you know, we cover HP like a blanket. Um, this is big news for h P E as >>well. >>What is the relationship talk about this? Exclusivity could you share about the partnership and the exclusivity piece? >>Well, the partnership expands into the pan HPV portfolio. We look we made a massive investment in edge IOT devices. Uh, so we actually have, how do we align the cost to the demand for our customers come to us wanting to looking at? Uh think about what we're doing with green, like a consumption based modeling, they want to be able to be able to consume the asset without having to do a capital outlay out of the gate uh, number to look at, you know, how do you deploy? Technology really demand? It depends on the scale. Right? So in a lot of your web skill, you know, scale out technologies, uh, putting them on a diet is challenging, meaning how skinny can you get it getting it down into the 50 terabyte range and then the complexities of those technologies at as you take a day one implementation and scale it out over, you know, you know, multiple iterations of recorders. The growth becomes a challenge. So, working with scalability, we we believe we've actually cracked this nut. We figured out how to a number one, how to start small but not limited customers ability to scale it out incrementally or grotesquely grotesque. A you can depending on the quarters the month, whatever whatever the workload is, how do you actually align and be able to consume it? Uh So now, whether it be on our edge line products are D. L. Products go back there. Now what the journalist talking about earlier, you know, we ship a server every few seconds. That won't be a problem. But then of course into our density optimized compute with the Apollo product. Uh This where uh our two companies have worked in an exclusivity where the, the scaly software bonds on the HP ecosystem. Uh and then we can of course provide you our customers the ability to consume that through our Green link financial models or through a complex parts of >>awesome. So jerome and chris who's the customer here? Obviously there's an exclusive period talk about the target customer. And how do customers get the product? How do we get the software? And how does this exclusivity with HP fit into it? >>Yeah. So there's really three types of customers and we really, we've worked a lot with a company called use design to optimize the user interface for each of the three types of customers. So we really thought about each uh customer role and providing with each of them the best product. Uh So the first type of customer application owners who are deploying application that requires an object storage in the back end. They typically want a simple objects to of one application. They wanted to be temple and work. I mean yesterday they want no freedom to just want an object store that works and they want to be able to start as small as they start with their application. Often it's, you know, the first department, maybe a small deployment. Um, you know, applications like backup like female rubric or uh, analytics like Stone Carver, tikka or false system now available as a software. Uh, you know, like Ceta does a really great department or nass that works very well. That means an object store in the back end of high performance computing. Wake up file system is an amazing file system. Um, we also have vertical application like broad peak, for example, who provides origin and view the software, the broadcasters. So all these applications, they request an object store in the back end and you just need a simple, high performance, working well object store and I'll discuss perfect. The second type of people that we think will be interested by artists. Uh essentially developers who are currently developing some communities of collaborative application your next year. Um and as part of their development stack, um it's getting better and better when you're developing a cloud native application to really target an object storage rather than NFS as you're persistently just, you know, think about generations of technologies and um, NFS and file system were great 25 years ago. I mean, it's an amazing technology. But now when you want to develop a distributed scalable application, objects toys a better fit because it's the same generation and so same thing. I mean, you know, developing something, they need uh an object so that they can develop on so they wanted very lightweight, but they also want the product that they're enterprise or their customers will be able to rely on for years and years on and this guy is really great for today. Um, the third type of customer are more architecture with security architects that are designing, uh, System where they're going to have 50 factories, 1000 planes, a million cars are going to have some local storage, which will they want to replicate to the core and possibly also to the club. And uh, as the design is really new generation workloads that are incredibly distributed. But with local storage, uh, these guys are really grateful for that >>and talk about the HP exclusive chris what's the, how does that fit into? They buy through sexuality. Can they get it for the HP? Are you guys working together on how customers can procure >>place? Yeah. Both ways they can procure it through security. They can secure it through HP. Uh, and it is the software stack running on our density, optimized compute platforms which you would choose online does. And to provide an enterprise quality because if it comes back to it in all of these use cases it's how do we align up into a true enterprise step? Um bringing about multi Tennessee, bringing about the fact that, you know, if you look at like a local racial coding, uh one of the things that they're bringing to it so that we can get down into the deal 3 25. So with the exclusivity, uh you actually get choice and that choice comes into our entire portfolio, whether it be the edge line platform, the D. L 3:25 a.m. B. Processing stack or the intel deal three eighties or whether whether it be the Apollo's or Alexa, there's there's so many ample choices there that facilitates this and it just allows us to align those two strategies >>awesome. And I think the kubernetes pieces really relevant because, you know, I've been interviewing folks practitioners um and kubernetes is very much maturing fast. It's definitely the centerpiece of the cloud native, both below the line, if you will under the hood for the, for the infrastructure and then for apps, um they want to program on top of it. That's critical. I mean, jeremy, this is like this is the future. >>Yeah. And if you don't mind, like to come back for a minute on the exclusive with HP. So we did a six month exclusive and the very reason we could do this is because HP has suffered such wrath of server portfolio and so we can go from, you know, really simple, very cheap, you know, HDD on the L 3 80 means a machine that retails for a few $4. I mean it's really like Temple System 50 terabyte. Uh we can have the dl 3 25. That uh piece mentioned there is really a powerhouse. All envy any uh slash uh all the storage is envy any uh very fast processors or uh you know, dance large large system like the Apollo 4500. So it's a very large breath of portfolio. We support the whole portfolio and we work together on this. So I want to say that you know, one of the reasons I want to send kudos to HP for for the breath of the silver lining rio as mentioned, um Jessica can be ordered from either company, hand in hand together. So anyway you'll see both of us uh and our field is working incredibly well together. >>We'll just on that point, I think just for clarification, uh was this co design by scalability and H P E. Because chris you mentioned, you know, the configuration of your systems. Can you guys quickly talk about the design, co design >>from from from the code base? The software entirely designed and developed by security from a testing and performance. So this really was a joint work with HP providing both hardware and manpower so that we could accelerate the testing phase. >>You know, chris H P E has just been doing such a great job of really focused on this. And you know, I've been Governor for years before it was fashionable the idea of apps working no matter where it lives. Public Cloud data center Edge, you mentioned. Edge line has been around for a while. You know, apps centric, developer friendly cloud first has been an H P E. Kind of guiding first principle for many, many years. >>But it has and you know, you know as our our ceo internal areas cited by 2022 everything will be able to be consumed as a service in our portfolio. Uh And then this stack allows us the simplicity and the consume ability of the technology and degranulation of it allows us to simplify the installation, simplify the actual deployment bringing into a cloud ecosystem. But more importantly for the end customer, they simply get an enterprise quality product running on identity optimized stack that they can consume through a orchestrated simplistic interface. That's that's cos that's what they're warning for today is where they come to me and asked hey how do I need a, I've got this new app new project and you know it goes back to who's actually coming, it's no longer the I. T. People who are actually coming to us, it's the lines of business. It's it's that entire dimension of business owners coming to us going this is my challenge and how can you HP help us And we rely on our breath of technology but also a breath of partners to come together and are of course reality is hand in hand and are collaborative business unit are collaborative storage product engineering group that actually brought this market. So we're very excited about this solution >>chris thanks for that input. Great insight, Jerome, congratulations on a great partnership with H. P. E. Obviously um great joint customer base congratulations on the product release here. Big moving the ball down the field as they say new functionality, clouds cloud native object store, phenomenal um So wrap wrap wrap up the interview. Tell us your vision for scalability in the future of storage. >>Yeah. Yeah I start I mean skeleton is going to be an amazing leader is already um but yeah so you know I have three themes that I think will govern how storage is going and obviously um Mark Andrews had said it software is everywhere and software is eating the world so definitely that's going to be true in the data center in storage in particular. Uh But the free trends that are more specific. First of all I think that security performance and agility is now basic expectation. It's not you know, it's not like an additional feature. It's just the best table, stakes, security performance and a job. Um The second thing is and we've talked about it during this conversation is edged to go you need to think your platform with Edge Co and cloud. You know you don't want to have separate systems separate design interface point for edge and then think about corn and think about clouds and then think about the divers. All this needs to be integrated in the design. And the third thing that I see as a major trend for the next 10 years is that a sovereignty uh more and more. You need to think about where is the data residing? What are the legal challenges? What is the level of protection against who are you protected? What what is your independence uh strategy? How do you keep as a company being independent from the people? You need to be independent. And I mean I say companies, but this is also true for public services. So these these for me are the three big trends. I do believe that uh software find distributed architecture are necessary for these tracks. But you also need to think about being truly enterprise grade. And there has been one of our focus with the design of a fresca. How do we combine a lot with product With all of the security requirements and that our sovereignty requirements that we expect to have in the next 10 years? >>That's awesome. Congratulations on the news scale. D Artois ca the big release with HP exclusive um, for six months, chris tucker, distinguished engineer at H P E. Great to ceo, jeremy, katz, ceo sexuality. Great to see you as well. Congratulations on the big news. I'm john for the cube. Thanks for watching. >>Mhm. >>Yeah.

>>Hi. Um, and thank you for inviting me to speak at the Entity Research Summit. And congratulations for NTT for setting up the neuroses club in the area. Okay, so I'm gonna talk about fully by deniable encryption and multiply the competition. And, uh, this is joint work with park from Harvard. And Santa will bring a, uh, she structurally right now in Russia during the rest. Um, so So so consider thesis, uh, two kids, which maybe some of you still remember its violence for check the incredible kids. And they are want they want to talk to each other privately without her mother learning what talking about. So here they are using this lead pipe, which is that cannot be secure Channel and and violent can say to that track that she doesn't want to do her homework and check it was the watch movie. And she knows that the judge will understand what she says. We hear what she says, but her mother, their mother, is not going to anything because it z this lead pipe. She doesn't know what they're talking about. Um and and and we know how to implement this actually in without lead pipes in the software will Do you have encryption, which, you know, you know, for I know, uh, 40 for the last 40 years or so, but actually for many more s. Oh, this is great. Encryption gives us private communication against, uh, eavesdropping adversary. So passive adversaries s but But you know that mothers can be more than passives. What if the mother he goes and asks Pilot that? What did you talk? What do you say to judge it So you know, if valid, really said, you know, used this'll end pipe. She can say whatever she wants to say. I actually said that I was study, and then the mother goes to judge. I can ask him what did about tell you, and she said that she was studied and the mother still cannot tell anything about what happened. She doesn't know trillions. Death was sent or not. Um, in fact, even if violence said that she was studying and and Jackson said something else that you know, she said she was she rather watch movie. Even then the mother doesn't know who was right. I mean, not from the pipe music. Look them in the eye and not this way, but not from the communication she doesn't. Andi. In fact, we could go on like this, and, you know, the lead type doesn't help at all to understand what really have. And this is really another very important form off this really secure channels that it doesn't allow external parties. Course, there's, uh, certain what really happened. Even when they asked to see all the internals of all the parties. In fact, even further, the Violet Jack Jack have no way to actually convince the mother that this is what happened. Even if you want, right, they have no way of actually proving to the mother that they said this and not the other thing with this lead pipe. So the question is can be obtained a similar effects with, you know, software encryption. Uh, can we have an encryption scheme that has the same sort of properties? So we know that Peoria, the total encryption doesn't have this property. That encryption leaves traces. So there's this cipher text that that the mother of the course of seized. Then when the mother goes toe the parties and you know the ballot judge, you can ask him uh, give me. Show me your randomness. Show me all the internals. I want to see what really? How you generated the text and how you decrypted it with no money. Encryption is only one way that, but inject, checking opened the suffer text, and therefore, there is no real privacy anymore. Um, so So this is the case. So so really to do to address this issue? The this this concept of deniable encryption that was considered, uh, you know, many years ago. Andi idea here is that you wanted encryption scheme that provides, uh, protection of privacy. Uh, on ability, toe keep private. You really, really, really value. And maybe, ah, fake or lie about what you say in a convincing way, even against such a course. Uh huh. So and so? So the idea is that, you know, So they actually do you think of three types here, So there is centered in apple. So we're just going us to center off the off the message. You know how How did you encrypt the message? Show me your encryption. Andalus Suing The decryption key is public. Um, and if you go to the receiver and ask him show me your decryption key. I want to see how you decrypted. And you can also think about natural case where the course actually goes to both parties and ask them for the for the internals and compares one against the other. Right? So this is the bite inability concept. Andi, you can, of course, naturally generalize it. Not just to encryption to, say, two party competition soon here, Violent and Jack. Jack. You know, uh, maybe not even trust each other fully, But they want toe compute together, you know? Or, you know, do they actually know a kid they both know and rapes in school, Right. So, So, So violent has her own list of kids, and she knows grapes and injection to, and they want to do this to Paris ST secure competition to figure out if they keep the both. And so if they have this ideal trusted party or stay for somewhere where they can actually do the security applications uh um, securely then they can, of course, learned the answer without learning anything else. And also, if the mother comes in after the fact and ask them, you know who I see that you were trying to figure out who very school, you know. So tell me what you did. Tell me your inputs them you are supposed to give me all the randomness. And And I want to know for the kids that you know, that vaping school. So if they were using such such a physically, I didn't secure gadget then, uh, then they can say You know why? You know? So So what is the state of, I don't know, anybody Invasion did Jack this theater and I got nothing into something or nothing. Jake Jackson. Consistency and off course. Mother has no way of knowing if this is true. No. And even if, uh, injected decides to tell the truth and actually tells is really important. Really put real randomness. And, uh, no randomness here and violent tells still here. Nothing. Nothing that the mother has no way of knowing which one is like. She clearly some of one of them is language. Doesn't know which one. I mean, chicken again looked deep in the eye, but not from the communication. She cannot figure out. Um, so s so we want to get something like that for for two party competition. Uh, and and and again, eso again, again, again. The case that, you know, one is like going to the truth is still don't know. Um, so the question is there a protocol that that one is still behavior, and, uh, incredible. How do you define us? Uh, and the point is that, you know, Okay, 11 further thing toe. Think about, you know, this doesn't shouldn't end with two parties can think about three or more parties on, uh, and the same thing happens. You know, just maybe the trust structure, the consistency structure becomes more complicated. Uh, you know, you could buy groups of people which is consistent with each other and not without, um Okay, so So what are our results here? So first result is regarding encryption. So we come up with the first bite, the novel communication protocol. It's not encryption because it's three messages. Uh, so it is three messages, and it is this way need a reference string, which is like, programs in the sky. And but it's a short registering. I mean, one short programs that everybody in the world uses for the encryptions for the entire duration of time. and our assumptions are some expansion, Leo in one functions, uh, and on. But just to say that what was done previously? It was just senator deniable or receiver deniable, um, And then and nothing that we do is that actually way define and also obtained this extra property, which we call off the record inability which talks with you about the case where, as I said before, that one party, uh uh, is saying one thing and the other practicing nothing they insisted. So they cannot. There is no way for them to frame each other. Um, and the way the other result is regarding a multiparty function evaluation on Dhere, we come up with the first all deniable secure function evaluation for quote Well, you know, I mean, I mean that the protocol with the adversary or the coarser expect to see all off the transcript of the competition, including all the randomness in all the internal state of all the parties eso superiors results in this area always assumed that you know, either the course only can concourse on some of the parties or if you can force all the parties and there is some some physical gadget, uh, which is crucial information about the personnel puts and you know, nobody can see inside, so no, here, we actually that the Attackers see everything. Uh, because they think they see everything on we can still provide inability onda protocol. Also, our protocols also withstand inconsistencies. Mean the case off this off the record style that one party says one thing partisans don't think. But this is only in the case of two parties and only for functions where the input size is polynomial in play. Put size. Uh, domain. Um, so in this actually interested open question how to extend it beyond that. Uh, so just to say that this is kind of it's a surprising thing that you can even do such thing, because what it allows you to do is actually such to completely rewrite history. Eso you during your competition on. Then somebody comes, and that will show me everything that happened. All the runners, all the entire transcript, the competition from beginning to the end. And you can now tell them something else. Not something that really happened. I mean, they see, you know, the public messages they see it on thistle is un contestable, but you can show different internals that there are very different than what really happened. And still nobody can catch you. So it's really some sense. Uh, who knows what's really happened? Um, so anyway, so So this is the, uh this is the result. Let's just say a few words about fully deniable encryption. Uh, just toe give a more detailed So So So So, how do you define this? Fully deniable encryption. So first I want to say that, you know, if you just, uh if the parties have appreciate key then, uh, deniability is with these because what you know, you just in orderto cryptic message just want some part of the key. And this one temple is completely deniable, right? Because you can just take this self a text and claim that it was any message encryption off any message off your choice. But just, you know, extra it. But just coming up with the key, which is the Solvents Architects as a message of futures. So this is completely diamond by both parties, and even it's off the record because if the two parties say different things, there's no way to know what's right. So Eh, so what? But it means that, you know, the hard part is actually had to come up with this shirt key, uh, in a deniable way. So you can actually later argued that this key was an, um so s so we need kind of deniable key exchange, and then this is what we do. So we come up with this idea by by the application of what? This what this means. So it's a protocol, you know, for two parties, uh, change, keep with messages and which gives you the ability to life. Somebody asked you which was key and claim it was anything, uh, later. So more formally. So we have two parties. One You know, this is the key change protocol for one party, and this is the kitchen for the other party in each party also is equipped with this faking algorithm. This is s faking arctic. I keep, you know, Senator, receiver, Even though it's not teach change, it's affecting and breaking. Allows you to come up with fake randomness. That demonstrate kills anything and we want correctly since semantic security as usual and we want toe this s fake takes a transcript and the randomness and the old key in the nuclear that you want. Andi comes up with fake randomness such that, uh um and this is you know, that that consistent with this new key, k prime and the same for the receiver. It comes up with a new randomness. The assistant to the crime and the requirement is that, uh, the attack. I cannot tell the difference between the experiment when you know the key key was exchanged. These transcripts respecto the real key or the case where the key was exchanged, and then the faking accurately going folk What? The adversary seizes the actual transcript, but then opening to a different. So there's a distinguished group. Um, And then what if the parties that were okay then there is another requirement there that says that even if the parties you know, one of them face, the other one doesn't and they then you can't tell which one will effect in which one wants to tell the truth. Onda point is that this to this to produce properties together really give you what you would like for my dearly your channel, even with respect toe courses. Um, so just to point out that you know this, this properties hold only if the parties in the follow the protocol during the execution actually choose randomness is they should. Otherwise things does work. In fact, otherwise, there's nothing that could work because the party's chief from the beginning and just use the terroristic protocol instead of randomized or just, you know, just randomness, which is predetermined. And, of course, nothing you can do. Uh, however, you know, there are, of course, interesting situations where it is. You know, it's reasonable to trust that the parties are actually using the randomness Aziz instructed during the execution of the protocol, for instance, we're thinking about voting this something can be forced, uh, by the voting booth, but you know, other situations. But this is kind of like essentially eso maybe another minute to say a few words about, you know, just like construction. How it kind of works in, you know, in general. So So we have, like, a three months, three rounds protocols. So we have four programs, you know, two from each party don't to deal with the three messages. Then we have a faking program for each party, so the way it works, you know, first, the violent here is has this is Harris randomness and actually chooses the key that they're going Thio agree ahead of time. It inputs to the first program which is going to think of it is the office care program black box program. And there's the message. First message is basically a harsh appear f off the K and then the, uh and then the responder gets this message has its own randomness and outputs. Another message, which is the hash off the first message agronomists. And then the third message now is going to be a new encryption off the key on the hashes and the end to a previous messages. This is, ah, company encryption off this one long spring and then the fourth with the fourth program just takes the randomness off the receiver and the two messages and put it in. And then I'll put the key, which is decrypted essentially the Crips, the subtextual from here in the old checks, right? And then the faking programs. What they do, they just take those. The transcript and the cookie and the new key and the striking program here are puts a new randomness for the senator and this one There's a new randomness for the receiver and the way it does near random estrogen offering work eyes, uh, is again It's kind of fact natural a t least the face of it. It uses the seeking hidden triggers idea off, off, so high in waters for descending on the inability that, you know, trigger each one of those programs toe put actually write message even when you get this, uh, crime on eventually this k problems are Well, the problem is that this scene in triggers, you know, give you local consistency for each problem by itself. This was this was the east their goal. But there is no global consistency about those six programs together and and get the six programs together to be consistent with the fact that the key would actually keep prominent K is high in contribute. And this is something that we become the main challenge of this work. This also, I did this three messages because if you have only to then there is no way to get a double consistency. Ah, s O s. So this is, uh this is the test on just to say about, you know, the future. So definitely we want stronger than ability for for MPC. As I said, we just give partial results there on. Then there is kind of, like some very interesting questions. One is like in general, You know, we know that your is very nice, but in many cases, we actually can do things without, uh but in this situation with prosecution, but maybe the inability of one of the very few cases where actually, we don't have any other way to do things out of the Neo. Is it really essential? Can we prove it? You know, and if not, can we do without? Can we get around CRS? Can you actually do with public friend of mysterious? Uh, you know, and more generally? Uh, no. We actually, uh, sweated a lot. You know, spit blood. In order to make this thing work with Leo and because I always really hard to work with, you know, would agree toe, find some some some general set of tools to work more easily. I was there. Um, Louis, thank you very much on death's

>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019 brought to you by Amazon Web service is and its ecosystem partners. >> Hey, welcome back, everyone to Cubes. Live coverage here in Boston, Massachusetts for eight of us reinforced Amazon Web service is inaugural event around Cloud Security. I'm Jeffrey Day Volante. Two days of coverage. We're winding down Day two. We're excited to have a year in The Cube Special guest, part of Big and that one of the big announcements. Well, I think it's big. Nerdy Announcement is the automated reasoning. Byron Cook, director of the Automated Reasoning Group within AWS. Again, this is part of the team that's gonna help figure out security use automation to augment humans. Great to have you on big part of show here. Thanks very much to explain the automated reasoning group. Verner Vogel had a great block post on All things distributed applies formal verification techniques in an innovative way to cloud security and compliance for our customers. For our own there's developers. What does that mean? Your math? >> Yeah, let me try. I'll give you one explanation, and if I puzzle, you all try to explain a different way. 300 So do you know the Pythagorean Theorem? Yeah, sure, Yeah. So? So that the path I agree in theory is about all triangles that was proved in approximately B. C. It's the proof is a finite description in logic as to why it's true and holds for all possible triangles. So we're basically using This same approach is to prove properties of policies of networks of programs, for example, crypto virtualization, the storage, et cetera. So we write software. This finds proofs in mathematics and this the proofs are the same as what you could found for thuggery and should apply into >> solve problems that become these mundane tasks of checking config files, making sure things are that worries kind of that's I'll give you an example. So so that's two in which is the T. L s implementation used, for example, in history. But the large majority >> of AWS has approximately 12,000 state holding elements, so that with if you include the stack of the heat usage, so the number >> of possible >> states it could reach us to to the 12,000. And if you wanted to show that the T. L s handshake Implementation is correct or the H Mac implementation is correct. Deterministic random bit generator implementation is correct, which is what we do using conventional methods like trying to run tests on it. So you would need, if you have, like, 1,000,000 has, well, microprocessors and you would need many more lifetimes in the sun is gonna admit light at 3.4 $4,000,000,000 a year to test to exhaustively test the system. So what we do is we rather than just running a bunch of inputs on the code, we we represent that as the mathematical system and then we use proof techniques, auto automatically search for a proof and with our tools, we in about 10 minutes or able to prove all those properties of s two in the way of your intimidates. And then we apply that to pieces of s three pieces of easy to virtual ization infrastructure on. Then, uh, what we've done is we've realized that customers had a lot of questions about their networks and their policies. So, for example, they have a complicated network worldwide different different availability zones, different regions on. They want to ask. Hey, does there exist away for this machine to connect to this other machine. Oh, are you know, to do all this all SS H traffic coming in that eventually gets to my Web server, go through a bastion host, which is the best, best practice. And then we can answer that question again, using logic. So we take the representation that semantics of easy to networking the policy, the network from the customer, and then the question we're asking, expressing logic. And we throw a big through their call ifthere improver, get the answer back. And then same for policy. >> So you're analyzing policies, >> policies, networks, programs, >> networks, connections. Yeah, right. And it to the tooling is sell cova. Eso >> eso eso basically way come with We come with an approach and then we have many tools that implement the approach on different, different problems. That's how you apply Volkova all underneath. It's all uses of a kind of tool called SMT inside. So there's a south's over, uh, proves theorems about formula and proposition. A logic and SMT is sat modular theories. Those tools can prove properties of problems expressed in first order logic. And so what we do is we take the, for example, if you have a question about your policies answering, answering semantic level questions about policies is actually a piece space problem. So that's harder than NP complete. We express the question in logic and then call the silvery and they get their answer back on Marshall it back. And that's what Volkova does. So that's calling a tool called CVC four, which is which is an open source. Prove er and we wenzel Koval. We take the policy three question encoded to logic. Call a Silver and Marshall answer back. >> What's the What's the root of this? I mean, presumably there's some academic research that was done. You guys were applying it for your specific use case, But can you share with this kind of He's the origination of this. >> So the first Impey complete problem was discovered by a cook and not not me. Another cook the early seventies on. So he proved that the proposition a ll satisfy ability problem is impeccably and meanwhile, there's been a lot of research from the sixties. So Davis and Putnam, for example, I think a paper from the mid sixties where they were, we're trying to answer the question of can we efficiently solved this NP complete problem proposition will satisfy ability on that. Researchers continue. There have been a bunch of breakthroughs, and so now we're really starting to see very from. There's a big breakthrough in 2001 on, then some and then some further breakthroughs in the 5 4008 range. So what we're seeing is that the solvers air getting better and better. So there's an international competition of Let's Save, usually about 30 silvers. And there's a study recently where they took all of the winners from this competition each year 2001 5 4008 30 2002 to 2011 and compared them on the same bench marks and hardware, and the 2002 silver is able to solve 1/4 of the benchmarks in the 2011 solved practically all of them and then the the 2019 silvers, or even better. Nowadays they can take problems and logic that have many tens of millions of variables and solve them very efficiently. So we're really using the power of those underlying solvers and marshaling the questions to those to those overs, codifying thinking math. And that's the math. The hour is you gave a talk in one sessions around provable security. Kind of the title proves provable. >> What's what is that? What is that? Intel. Can you just explain that concept and sure, in the top surfaces. So, uh, uh, >> so mathematical logic. You know, it's 2000 years old, right? So and has refined Sobule, for example, made logic less of a philosophical thing and more of a mathematical thing. Uh, and and then automated reasoning was sort of developed in the sixties, where you take algorithms and apply algorithms to find proofs and mathematical logic. And then provable security is the application of automated reasoning to questions and security and compliance. So we you wanna prove absence of memory, corruption errors and C code You won't approve termination of of event handling routines that are supposed to handle security events. All of those questions, their properties of your program. And you can use these tools to automatically or uh oh, our find proofs and then check The proofs have been found manually. That's what that's >> where approvable security fix. What was the makeup of the attendee list where people dropping this where people excited was all bunch of math geeks. You have a cross section of great security people here, and they're deep dive conversations Not like reinvent this show. This is really deep security. What was some of the feedback and makeup of the attendees? >> Give you two answers because I actually gave to talks. And the and the answers are a little bit different because the subject of the talk So there was one unprovable security, which was a basically the foundation of logic And how we how Cheers since Volkova and our program, because we also prove correctness of crypto and so on. So those tools and so that was largely a, uh uh, folks who had heard about it. And we're wanting to know more, and we're and we're going to know how we're using it and trying to learn there was a second talk, which was about the application of it to compliance. So that was with Tomic, Andrew, who is the CEO of Coal Fire, one of the third party auditors that AWS uses in a lot of customers used and also Chad Wolf, who's vice president of security, focused on compliance. And so the three of us spoke about how we're using it internally within eight of us to automate, >> uh, >> certification compliance, sort of a commission on. So that crowd was really interesting mixture of people interested in automated reasoning and people interested in compliance, which are two communities you wouldn't think normally hang together. But that's sort of like chocolate and peanut butter. It turns out to be a really great application, >> and they need to work together to, because it is the world. The action is they don't get stuck in the compliance and auditing fools engineering teams emerging with old school compliance nerds. So there's a really interesting, uh, sort of dynamic to proof that has a like the perfect use casing compliance. So the problem of like proving termination of programs is undecided ble proving problems and proposition a logic is np complete as all that sounds very hard, difficult and you use dearest six to solve this problem. But the thing is that once you've found a proof replaying, the proof is linear and size of the proof, so actually you could do extremely efficiently, and that has application and compliance. So one could imagine that you have, for example, PC I hip fed ramp. You have certain controls that you want to prove that the property like, for example, within a W s. We have a control that all data dressed must be encrypted. So we are using program verification tools, too. Show that of the code base. But now, once we've run that tool that constructs a proof like Euclid founded the sectarian serum that you can package up in a file hand to an auditor. And then a very simple, easy to understand third party open source tool could replay that proof. And so that becomes audit evidence. It's a scale of total examples >> wth e engineering problem. You're solving a security at scale. The business problem. You're solving it. Yeah. His customers are struggling. Just implementing There just >> aren't enough security professionals to hire right? So the old day is, the talk explains. It's out there all on YouTube's. The people watching the show can go check it out. But I am by the way I should I should make a plug for if you Google a W s provable security. There's a Web page on eight of us that has papers and videos and lots of information, so you might wanna check that out. I can't remember what I was answering now, but >> it's got links to the academic as >> well. Oh, yes. Oh, yes. That was the point that Tommy Kendra is pointing out, as in the old days, you would do an audit would come in to be a couple minutes box that we win this box. You check a few things to be a little network. Great. But now you have machines across the world, extremely complex networks, interaction between policies, networks, crypto, etcetera. And so there's There's no way a human or even a team of human could come in and have any reasonable chance of actually deeply understanding the system. So they just sort of check some stuff and then they call it success. And these tools really allow you to actually understand the entire system buyer and you guys doing some cutting edge work, >> folks watching and want to know how math translates into the real world with all your high school kids out their parents. This is stuff you learn in school like you could be played great work. I think I think this is cutting edge. I think math and the confidence of math intersects with groups. The compliance example audited example shows that world's gonna come together with math. I think this is a big mega trend. It's gonna not eliminate the human element. It's going augment that so great stuff, its final question just randomly. And while you're here, since your math guru we're always interested, we always covering our favorite topic of Blockchain, huh? We believe that a security conference is gonna soon have a Blockchain component because because of the mutability of it, there's a lot of math behind it. So as that starts to mature certainly Facebook entering him at their own currency. Whole nother conversation you don't want to have here is bring a lot of attention. So we see the intersection of security being a supply chain problem in the future. Your thoughts on that just generally. So So the problem of proving programs is undecided, and that means that you can't build a general solution. What you're gonna have to do is look >> for niche areas like device drivers, networks, policies, AP, I used to dream crypto et cetera, and then make the tools work for that area, and you will have to be comfortable with the idea that occasionally the tools aren't gonna be able to find an answer. And so the Amazon culture of being customer obsessed and working as closely as possible with the customer has been really helpful to my community of of logic, uh, full methods, practitioners, because they were really forced to work with a customer, understand the problem. So what I've been doing is listening to the customer on finding out what the problems with concerns. They are focusing my attention on that. And I haven't yet heard of, uh, of customers asking for mathematical proof on crypto currency Blockchain sorts of stuff. But I'm I I await further and you're intrigued. Yeah, I'm s I always like mathematics, but where we have been hearing customers asked for help is for Temple. We're working on free Our toss s o i o T applications Understand the networks that are connecting up the coyote to the cloud, understanding the correctness of machine learning. So why, why So I reused. I've done some machine learning. I've constructed a model. How do I know what it does? And is it compliant? Does it respect hip fed ramp PC, i et cetera, and some other issues like that. >> There's a lot of talk in the industry about quantum computing and creating nightmares for guys like you. How much thought given that you have any thing that you can share with us? >> Yes. Oh, there's there's work in the AWS crypto team preparing for the post quantum world. So imagine Adversary has quantum computer. And so there are proposals on eight of us has a number of proposals, and we've and those proposals have been implemented. So their standards and we've our team has been doing proof on the correctness of those. So, actually, in the one of my talks, I think the talk not with Chad and Tom. I show a demo of our work to prove the correctness of someplace quantum code. >> So, Byron, thank you for coming on the inside. Congratulations on the automated reason. Good to see it put in the practice and appreciate the commentary. Thank you very much. Thank you. Here for the first inaugural security cloud security event reinforced AWS is putting on cube coverage. I'm John Fairy with Day Volonte. Thanks for watching

>> Announcer: Live from San Diego, California it's theCUBE, covering Cisco Live US 2019. Brought to you by Cisco and its ecosystem partners. >> Welcome back to theCUBE, day two of our coverage of Cisco Live. We are live also from San Diego. I'm Lisa Martin, Stu Miniman is my co-host. And one of our alumni is back with us, Eric Herzog, the CMO of IBM Storage. >> Great, thank you for having us. >> Welcome back. So, lots of buzz, we're in the DevNet Zone. This has been, I hear, one of the busiest expos at Cisco Live this year. The community is, I'm hearing, approaching 600,000 strong. Yesterday we were talking a lot about the big waves of innovation, one of them being GPU's everywhere, AI, but also some of the challenges with respect to data, that companies are generally getting less than 1% of that data to really extract insights from it. So let's talk about what IBM is doing with respect to AI and big data, and really helping customers really turn that dial up on getting more value out of what they have. >> Well, so we're doing a lot in that space. First of all, when you're running AI in particular, if you're really going to do something like run a robotic factory, you'd better make sure the storage doesn't fail. But that's sort of, you know, the checkbox item, just the way a car always has a spare tire. So the real differentiator, from a storage perspective, is what do you do to help the data prep, what do you help to do to make sure that the data is always in the right kind of pipeline? For example, just like a human always learns, right, at least smart humans always learn, so you learned certain things when you were seven or eight, they might've changed by the time you were in college, by the time you have your first kid they might be different again, and by the time you're getting ready to retire, but it could be still the same topic and the data's recycling, and then you learn new things about that topic. So in the case of a data workload, what you need to do is make sure you have data prep along the entire pipeline. And that's what we've done with a whole bunch of software that we offer for the big data and AI workloads and applications. >> So, Eric, we've talked with you many times about what's happening in the multi-cloud world. It feels like IBM and Cisco are on similar, parallel paths as to the move from, traditionally we think about boxes, and from a Cisco standpoint it's ports, and, you know, more and more it's about the software. So can you talk a little bit about that software-defined world in where IBM and Cisco are going together along that journey. >> So, one of the things that we've done from a storage division perspective, we do what we call the VersaStack. It's a converge infrastructure that includes Cisco UCS, our all-flash arrays, but it's packed with a bunch of software. So we can use that to transparently move block data out to a cloud, any cloud, IBM cloud, Amazon, Azure. We could move it out to a block store or to an object store. Now obviously to move it out to an object store, that can help you, can prevent ransomware and malware. And it's all automated. We've done the same thing with Scale-Out File, where we just see cloud as just a tier, and we've done the same thing with object storage. So the big thing we see from a hybrid, multi-cloud perspective at the IBM storage division, is everything needs to be able to have the data easily portable, easily migrateable, and easily replicable back, and constantly moving back and forth, not just going out to the cloud and staying there. So we've done that from our software-defined portfolio. But we also did it with our modern data protection portfolio, Spectrum Protect, which is one of the most award-winning products in the backup space. We've got over 400 small-medium cloud providers where their backup-as-a-service offering is based on Spectrum Protect. So if they go to Wikibon and Wikibon says, we want to back up to the cloud and you're using Tectrade or Cloud Temple or i-Virtualize, all those cloud providers, the backup-as-a-service they sell you is based on IBM Spectrum Protect. So for us cloud is just another tier. Just like hard drives and flash and tape, cloud's just the new tier. >> So in this pivot towards software-defined everything, with, say, VersaStack for example, give us one of your favorite customer success stories that really highlights the value of what IBM and your partnerships deliver. >> Sure, sure. So one of them would be Tectrade. So Tectrade is one of our public references. They only do PCI data. So, Wikibon couldn't be a customer, IBM can't be a customer, theCube can't be a customer, Cisco can't be, because we don't specialize, as you know, in financial-centric data. So they back up about, they do about two million backups a day, all of financial data across Europe and into North America, and they've got a VersaStack that happens to run Spectrum Protect on it. It's all flash, so they're not worried about performance. And then they back up to giant hard drive farms that they've also bought from IBM. But the real thing on the VersaStack is having that very fast edge, and then having the software that allows them to A, control the storage side, but then run Spectrum Protect to do backup. So if you were a bank, if theCUBE was a bank, then you guys could use Tectrade and they use a VersaStack for backing up data as a service. That's a perfect example of what we've done with the VersaStack solution, in this case in a hybrid cloud scenario. >> What are some of the business impacts that they have achieved so far? Are they finding new revenue streams, are they unlocking more valuable data to be more competitive? >> So, what they do is obviously in the PCI world. They're very centered, you can't lose anything. Because it's financial data. So for them, it's all about the security of the data, making sure the data gets there, the data's encrypted in flight, they know that the customers can do a lot of different things, because Spectrum tech is very much a big enterprise package that's very strong in the global Fortune 2000. So they like it for that. Now, we've had some other customers, and their the value has been things like the return on investment. For example, the second-largest dating site on the planet uses VersaStack. And they got a four month return on investment. They bought it, and in four months it paid for themselves, so they bought like four or five more. We had another customer who saved, and this is also a cloud service provider by the way, so they saved the equivalent of five full-time employees that were writing custom code and managing stuff, and they used Spectrum Protect also for backup. But in this case you and I could use them because they're not specialists like Tectrade is, and they'll back up anybody's data. And they saved five full-time equivalents. So they've now redeployed those full-time employees to do something else. So those are just examples from three different companies of ways that they've saved money and really driven a business value, not just about the data, and yeah, the data's fast, but really, if you're a storage guy, been doing it as long as I have, the data's always fast and it just gets faster every generation, so okay, it's fast. And in this case it's really about business value, about the value of the data, not about the storage. >> Eric, you mentioned security. Of course security is one of those topics that's hitting all of the environments here at Cisco, but bring us inside, especially from a storage division, modern data protection and how that's getting involved in the security discussion. >> Sure, so what we've done across the portfolio, even in primary storage, is made sure that we've done all sorts of things that help you against a ransomware or malware attack, keep the data encrypted. I think the key point actually, I think Silicon Angle wrote about this, something like 98% of all enterprises are going to get broken into anyway. So it's great that you've got security software on the edge, whether that be IBM or RSA or BlueCoat or Checkpoint, or who cares who you buy the software from. But when they're in, they're stealing. And sometimes, some accounts have told us that they can track them down in a day, but if you're a giant global Fortune 500 with data centers up, it might take you a week. They could be stealing stuff right and left. So we've done everything from, we have write-once technology, so it's immutable data, you can't change it. We've got encryption, so if they steal it, guess what, they can't use it. But the other thing we've done is real protection against ransomware and malware. So I am going to attack Wikibon, theCUBE, and I am going to charge you $10 million, and I'm going to steal every video you've ever created and hold it for ransom. So the way I would do that is I look at your snapshots, your replicas, and your backups first. So what do we do? We can actually snapshot a replica out to an object store, and ransomware and malware, at least today, doesn't attack object storage. So that way, when I'm talking to you or Stu and said I want $10 million, you start laughing, and go, what are you talking about? We replicate every night. Okay, we lose one day of data. He can't get half the $10 million. So that's ransomware or malware protection. We've also built that into Spectrum Protect, because what happens is when you're starting to, if you will, look at that data to get it wrapped up in the ransomware or malware, you have a whole bunch of extra activity around the backup data sets, so we send an alert. We'd send an alert to you, Lisa, and you would say, oh my god, what's going on? Why is all this activity going on the backup set? Because the backup's not scheduled, let's say, for tonight. And we would send you a note now, at two o'clock, that there's all kinds of activity, and you would go, what is going on, and you would check it out. So we can help with ransomware and malware, encryption on primary data. So we've really integrated across the portfolio, whether it be primary storage or secondary storage. And by the way, almost nobody thinks about storage. They always say, whose security package should I buy? And they never say okay, I'm going to buy it, but I, might buy some security for the storage, too. No one ever talks like that, which is why we're bringing up, and we actually launched a sales play for the field, all around storage for cyber resiliency. >> And how is that going, if you're saying it's-- >> It's actually gone incredibly well. We started with a product called Safeguarded Copy on the mainframe, and we actually got, in the first four months, almost $60 million a pipeline in the first four months of the product shipping. And now we've got it all over the whole portfolio, so we tried it just when we first got started, and now we're now talking about the ransomware and malware stuff, which by the way we've had for three years, but we were never emphasizing it to the end user. Now we're saying, by the way, has it happened or are you worried about it? Well guess what, if you're backing up with Spectrum Protect, we'll warn you. Why don't you go out to tape and air gap? Or why you don't go out to the cloud and we can do essentially a cloud air gap to object storage? And we weren't really talking like that until really we started doing it in Q4 and then really expanded it in Q1, so it's been very, very successful. The end users love it, our business partners who sell to the end users, they're loving it. And by the way, no one else is really talking about it. It's all about the security software company. So we're going beyond that. >> So, Eric, you talked about some of the products with Cisco and IBM working together. I wonder if you can up-level a little bit. You're a great watcher of the industry out there. Chuck Robbins, now four years into his tenure as CEO, Wall Street's doing well with the stock on there, finances look well. IBM and Cisco, two of the bellwethers in tech out there. How's Cisco doing? When you talk to your customers, what are they liking about Cisco, what do they want to see more from Cisco, are they aware of the transformation that Cisco's going through? >> Well, I think there's a couple things. First of all, IBM and Cisco have a mutual relationship that spans billions of dollars. Whether that be, for example, as they publicly have disclosed, IBM is the biggest customer for WebEx on the planet, and they talked about that. There's products that we sell to them that they're one of our biggest customers in the world as well. But then beyond that, whether it's common end users or common channel partners, we make sure that we deliver the right solutions together. So I think the feedback I get from both the end users and the partners is that Cisco's back. Right when Chuck came in, said, oh, what's going on with Cisco? They're still big, but the big sometimes fall over big, right? Like in the beanstalk, the giant falls over, right? So that's what I think people were thinking four years, I don't think people are thinking that now. From our perspective, we've always kept working tightly with them, between our relationship with them as a customer and us as their customer. But more importantly, it's really the common customers we have and the common channel partners, and we've never wavered for that support from a Cisco perspective. But just sort of off the cuff, when people make a comment that's like, hey, those Cisco guys are back. And four years ago people were saying, ehh, what do you think about Cisco? My wife works at Cisco, and my ex-wife works at Cisco, so it's a little easier for them to ask me that. Because I'm a Cisco shareholder too. But now you don't hear that question. It's like Cisco's got their act together, they're doing all the right stuff. So that's very good for me personally with my stock, but it's also good just for the industry. You know, you don't want someone to not be able to make the transition. And the valley's littered with that. DEC, Compaq, they're all gone. They're not the only guys that are gone. So Cisco's not going to go the way that other big companies have. They've made the transition and are transforming to what the end users really need. >> And I think the DevNet community growth is a great, speaks to the pivot that Cisco's making. DevNet has been in large part an accelerator of Cisco's transition from network appliance provider to more of a software services provider. But that community symbiosis with their end user customers, with their partners, and with their developer community, is really a driving force here. And I think just being in this DevNet Zone and how big it is, is a great example of how they're leveraging those other feedback channels to not just persist but be successful. So here we are, their Q3 2019 results are really strong, growth across all three business segments, we're in the middle of their fourth quarter. So for Cisco's FY 2020, what are some of the big bets that you can share with us that IBM and Cisco-- >> Well, the one we've done together has been one on security, so we have joint security products that we've done. We have a joint product on the system side with the VersaStack. We've done joint products with them also in the cloud solution area, both, if you think about hybrid cloud, but also in private cloud, so IBM Cloud Private for example is available on their HCI box, right, so their hyperconverged infrastructure solution includes an option for IBM Cloud Private. So IBM has made many bets with them in the security space, in the cloud space. Also, by the way, one of the biggest providers of service on Cisco solutions is actually IBM. So our services divisions do tons of business with Cisco, whether that's servicing the physical gear or servicing the software. And we've been doing that for years. So whether it be service, whether it be cloud, whether it be infrastructure, IBM is doing joint solutions across the board with the Cisco community. >> Got to ask you one last question, Eric. You've been in this industry a long time, you're a veteran extraordinaire. What keeps you excited about storage? >> Storage always change. Storage is not boring. Storage is boring for the uneducated. It is the most exciting thing, it changes all the time. I remember one of the good things about IBM was not just an array, come here, we only just do backup software, we've got high-end storage arrays, we still do tape. We're by far the dominant player, and we're having a huge resurgence there with hyperscalers and cloud providers. We're going crazy with tape because, for them, they're all about saving money for backup and archive, and we're critical to that. We are the number two storage software company in the world, all of our software works off of our gear. Some of the other guys that sell lots of software, yeah, they sell lots, but it only works on their products. Our software works with all of our competitor's products. So that makes everything exciting. I've done this now for 35 years. I've seen hard drives that were the size of a dishwasher to now flash that fits into your phone, or my MacBook, I've got five terabytes of flash. So, you know, to me that's all exciting. And the software is where it really matters. You know, we've gone from bare metal to virtualization, now to containers and cloud. So there's always new stuff going on. But I really think part of the problem with storage is everybody takes it for granted and doesn't realize, if your storage doesn't work, isn't performing, isn't reliable, and isn't available, basically your entire infrastructure caves in. I don't care whether you're in the cloud, whether you're in a virtual world, or you're still doing it really old hat with bare metal, the storage doesn't work, you're shutting down your company until that storage is back up and running again. So it is the critical foundation for every application workload and use case, in any company, big, medium, or small. And it's always evolving. So to me it's very exciting, although some people think storage is boring. I'd say networking is boring. That, to me, is boring. (Lisa laughs) Storage is exciting. >> Stu: Don't say that too loud, here. (Eric laughs) >> That's true, storage is sexy. Well Eric, it's been a pleasure to have you back on theCUBE once again, and we very much appreciate your time. >> Great, well thank you for having us. >> Our pleasure. For Stu Miniman, I'm Lisa Martin. You're watching theCUBE live, from Cisco Live in San Diego.

>> Announcer: Live from San Juan, Puerto Rico, it's the Cube, covering blockchain unbound. Brought to you by Blockchain Industries. (upbeat Cuban music) >> Hello there, and welcome back to our exclusive coverage. This is the Cube's coverage in Puerto Rico for Blockchain Unbound. We start week of variety of activities here on the island around blockchain, cryptocurrency, the decentralized internet, the future of work, the future of play, the future of society, all here, happening. My next guest is an entrepreneur. Steve Steward is the CEO and co-founder of that's V-E-Z-T. Really changing the game around music, relationship to fans, and using blockchain and tokens to enable that. Welcome to The Cube. >> Thank you so much John, it's great to be here. >> Thanks for coming on, so first talk a little bit about what your value proposition, what you guys are doing. Obviously, people who ever downloaded iTunes, and then said, "This sucks, let's go to Spotify." Now are going, "Hey, I'm on Instagram. "I have access to my artist directly." The internet is a response vehicle; one on one. Tell them about your opportunity. >> There's two value props. One for the consumer, right? So, if you're an artist fan, and you love a song. You love an artist. You want to be involved with that artist on a one to one basis, there's no way to do that right now. You can follow somebody on Twitter, you can like their YouTube, that doesn't connect you with them. Our platform let's you buy in, and by buy in I mean ownership. You own a piece of the IP with that artist in their song, so it's on a song by song basis. But if Ariana Grande's my favorite artist, I want to buy a little slice of her song for $10 or $100, I now have the opportunity to put that out there, and I can share in that royalty stream with her. And she and I will connect on a level. If she wants to take my information and send other things to me like concert tickets or backstage passes, that's possible now. So the value prop for the fan, is connection with the artist and ability to say, "I own a piece of that royalty stream. "I own a piece of that song." And on the artist side the value prop is, "I now get to actually share directly with my fans, "build that community directly. "There's no gate keeper like a label "or publishing company in the middle, "and I have the ability to reach out "and monetize directly based on demand and merit. "Then take that and do whatever I want "and build up my brand." >> So this is a great example where artists that have direct relationships, might be undervalued. Also, in a way there doing their own mini ICO, so to speak, with their fans by sharing in the future value of the success with the people that got 'em there. >> They are, we call it an ISO, Initial Song Offering. So just like a ticket on sale, it allows an artist to pick a time and date and say, "At noon on Thursday, I'm putting out 5% of my song "to raise $10,000." They pick the pricing, they pick the amount they want to put up, we admin the actual royalty stream for those people that put money into it, and the artist keeps the rest of it. >> I've seen a lot of pitches, I've seen a lot of stuff online, "Oh yeah, we're going to revolutionize "the new music industry, were going to use tokens." I've seen I feel pitches, but again, if you look at the smart money investors, they're looking at deals and saying, "Is there a network effect? "Is there a protocol of some sort in there?" Obviously you've identified a relationship that has tokenization or token economics built into the business model. Take a minute to explain that key tokenization. Why you're business is set for token economics? Why you, over someone else? >> So my backgrounds in the music business, I used to manage a band called Stone Temple Pilots for 20 years. Actually for 10 years, from 1990 to 2000. I had 20 other artist in that meantime. I understand the pain points from an artists perspective. I also know where the value is in the industry. It's in the publishing. Most of these entertainment businesses, the IP is where the real value is. Film, books, T.V., music, it's all in the underlying content. Not the distribution, not how many times I've downloaded it, but the actual ownership of the content. What we want to do, is put that in a basis so the artist can now take that on a fractional basis. We can use a tokenized product to let the fans buy in. The blockchain helps us track those rights, keep them secure, make them transparent, and allow the ownership to be shared between thousands or hundreds of thousands of people. >> And this also helps build community. I want to get your thoughts on something. I held a panel on Sundance this year, Sundance Film Festival, called The New Creative. What you're seeing emerging is a new artist. The new artists are digital native, their fan base is direct. Things we just talked about. But they're undervalued, because the gatekeepers, either the studios and or labels in your instance, are controlling distribution and they're also controlling the activities. So we all know what Apple's done with some of their artists, and artists have to go on the road and do all this work. Well digital changes all that, so from your perspective as a industry guru in music, how has digital changed that dynamic? And talk about this new artist breed, this new young upcoming digital generation of artists. >> There's two things. First, internet really hasn't delivered what it said it was going to the music community, right? When you had Napster come out, it's great for the fan base. The artist and the creators actually lost out. Music got valued from here to here. It went almost to zero. People were sharing files for free, so at some point we thought-- >> Regulatory tried to solve that legal-- >> Tried and tried, but once you build a generation on free, it's hard to change that. On the fan side it was great. There was a lot more distribution. On the artist and creator side, it wasn't so great. What we're trying to do is bring value back to that. We're going to use digital in a way that lets people share what they believe in, without these gatekeepers like you said; fully demand based. If I'm the small artist who plays banjo in Kentucky, but I've got a 100,000 fans who really love me, and they can show that by buying in, forget the labels. Forget the publishers. Forget the brands. I now have a direct connection. I'm earning a living directly from my fan base, which is how it should be. >> Kind of like we do open source content. We were talking about our business, you are enabling people to self-identify with the artist, letting the artist be open to that, make that handshake or if you will, digital handshake, and have a relationship beyond just being a fan. >> Most of the labels, in fact all the labels: Spotify, YouTube, Pandora. None of those platforms let the artist share directly with the consumer, right? If I say, "Look, I've got 20,000 streams today, "can you tell me who they were, no. "Can you show me where the downloads are, no." Why aren't they letting those people connect. The artist has a natural connection with their fans. >> That's because the tech platforms are optimized for a different business model. Look at Facebook, they're living in their own problem. Their success is almost killing them. They have this centralized data optimization for the wrong incentive. They're optimizing data for advertising, not user experience. In this case, you're saying, "Hey, lets use the infrastructure and crypto "to optimize the fan relationship and expand it." >> The reason artists get on stage, the reason they write a song, is to connect with people, right? We've disembodied that connection to the point where they're out there in the ether and the fans are over here. They're like, "How do we get together?" If we can bring that back, there's a very powerful connection there that we can take advantage of and let people actually make money from their craft. >> Well Steve, great to have you on The Cube because one, you have domain expertise, you're business model solid, and we've been saying yesterday and on The Cube that it's a reverse of the old stack model. The top of the stack is the business model. You nail the business model, the underlying plumbing will sort itself out. With that in mind, how are you guys looking at the plumbing? What are you doing here in Puerto Rico? Are you raising money? Are you doing an ICO? Take a little bit to explain your relationship to the plumbing under the hood, in the blockchain, crypto world. And then what you guys are doing here in Puerto Rico. >> We started building our platform the traditional way. We took traditional VC funding about a year ago. As we were building the platform, we understood the importance of a blockchain, some type of decentralized ledger that allows people to look transparently under the ownership stack. As we were building that, one of our engineers said, "hey, have you guys heard of an ICO?" we had no idea what this was. It was about a year ago. Got educated very quickly, dove deep on it, and realized there's an opportunity, not really for the fact that it's crypto, but to actually capitalize the company in a meaningful way. We want to scale this very quickly. We've got strategic partners in Asia, other parts of the world, that we need to grow very quickly into. We realized it was an opportunity to have. We did a raise close of December 1st; oron exchanges. >> An equity raise or a token raise? >> The token raise. We did a U.S. based PPM SAFT. >> So a security token. >> It's a utility token, but we followed a process that our legal advisors advised us. In the U.S., keep it as a PPM SAFT. If it's offshore, it's offshore. >> So accredited investors? >> Accredited investors only, small cap, try to keep it reasonable, because we don't need 100 billion dollars to build this platform right now. We're looking to get this in a traditional business sense, so we're building a real platform with a real team. We took advantage of that. We got listed on an exchange January 12th. At this point, we're head down in product. We're looking to launch this in 45 days at Coachella. We had an event two nights ago at South by Southwest. We came up here from Austin, so we're going back to California tomorrow. >> John: You're on a plane. >> Yeah, we're on a roadshow. We've got artist brand partners now. We're signing people, two or three artists a week that come in. We've got publishing catalogs that are coming on board realizing that there's a B to be played, because publishers only monetize the top two or 3% of their catalogs. The other 98% get no love. If they can put that on a retail platform like us, and allow consumers to buy directly into it, it's a whole windfall for them. >> Everyone's a media company these days. We've been saying it, and that's the new media model. You got a great formula, good luck. We'd love to keep in touch. >> Absolutely. >> What are you guys looking to do next six months as you get the product out the door? Ecosystem, you got to recruit more artists? What's the plan? >> My goal is 100,000 songs in the platform by the end of summer. Like I said, we're doing a lot of brand activations at music festivals. We see people, you know, exponential growth. Each song comes with an artist fan base. This builds into it. We're also supporting producers, co-writers, performers, the other guys that aren't on the stage. We realize this platforms for them, because the own live ownership in these songs, but have never had a way to monetize it. We're growing this very quickly. >> Steve Steward, CEO/co-founder of that's V-E-Z-T. Check 'em out. If you like music, this is a great way to actually take part in being a fan and owner of the actual property; great business model. We'll keep in touch. Thanks for sharing on The Cube. More live coverage here on The Cube, bringing you all the action, and extracting the signal from the noise. I'm John Furrier, thanks for watching. We'll be right back with more coverage after this break. >> Thanks guys, thanks John. (electronic instrumental music)

>> Narrator: Live from Washington, DC, it's The Cube covering .NEXT conference brought to you by Nutanix. >> We're back at Nutanix .NEXT. This is The Cube, the leader in live tech coverage. We go out to the events and extract the signal from the noise. My name is Dave Vellante and I'm here with my longtime co-host Stu Miniman. Don Mims is here as the director of infrastructure and virtualization at Baylor, Scott, & White Health. Don, great to see you. Thanks for comin' on The Cube. >> Thanks for havin' me. I appreciate it bein' here, it's very nice. >> Yeah, so Baylor, Scott, & White Health, we weren't familiar with that before we met you. Tell us a little bit about the organization. >> Sure. So, Baylor, Scott & White Health is based in Dallas, Texas. We've recently had, over the last couple of years, a merger opportunity. We merged with Scott & White that is down in Temple, Texas which is a little farther east, or west and south of Dallas. And we've grown our organization to around 40 hospitals, over 500 clinics and we continue to grow and make strives in the healthcare space. >> Dallas is booming. I mean, obviously-- >> It is. World-class city with world-class healthcare. Talk about some of the things that are happening in healthcare that are sort of driving your strategy, the challenges that you guys are having. I mean, obviously, there's, there's EMR, there's meaningful use, there's, you know, changes in the Affordable Care Act, all that stuff. That and or other things that are really driving strategy and creating challenges for you. >> Yeah, one of the biggest things that we're doin' right now is movin' into the digital space. So, the patient, centered focus being in a traditional brick and mortar facility, is shifting. Patients wants quicker access to data, quicker access to physicians. So, bein' able to create solutions that can deliver a physician and patient experience, possibly from a mobile device, a phone, a tablet, a PC, is where we're movin' the market towards. So, some of the solutions that we're building and delivering are enabling a faster delivery of technology for healthcare. >> You know, sort of, when you think about last decade, docs were, sort of, averse, somewhat to technology. >> You're right. >> And mobile really changed that, hasn't it? >> It has. >> How has that affected your, the backend infrastructures? >> So, it definitely has to be more robust. As you're delivering content now, video, web chats, things like that that have to be reliable because now patient outcomes depend on that type of data delivery, the backend has to be available more than ever at this time. >> So it's kind, you actually kind of have an IOT use case in the hospitals, right? >> We're gettin' there. >> And then when you start pushin' video around it's got to be very challenging. Now you're also doing some projects around DNA sequencing. Is that right? >> We are. It's very exciting space. We recently delivered a solution on Nutanix to create a DNA sequencing platform that hasn't been done before as we know it. The vendor, this was the first time for the vendor, a first time for Baylor, and it has been very successful implantation and it's, it's a very robust system today. >> Don, can you bring us inside a little bit? What were the requirements you were lookin' for? What led you down the path to Nutanix? Had you been usin' them before or was this the first-use case? >> It's actually not the first-use case. The project actually started out as a, it was a migration. The customer was using a hosted solution. It was slow. Their sequencing data was taking a long time. Their results were being held up because of the way their architecture was set up. So, we decided to bring it in-house and put it on a platform that was kind of new to us and try to deliver it with better speed and it definitely has done that. >> And does that trickle down to, you know, what does that mean to the cost of solutions? I mean, I think we all know it, you know, DNA sequencing used to take a long time and a lot of money and it's now, you know, kind of, do a swab type things and it's done a lot less. >> Yeah, so with this platform, the customer, the physician is now not only going to use this platform to get results quicker, we're also going to start potentially offering this as a service to others and help other physicians and other clinics also get their results quicker as well. So, it's going to grow over time to just an in-house solution to maybe something more broad-scale. >> So you saw the keynotes this morning. They're pushin' a lot of information at us. Obviously, we, Stew and I talked about it in our open. Nutanix, a couple years ago, sort of pivoted beyond hyper-coverged infrastructure, tryin' to position as cloud even though they still a lot of hyper-converged infrastructure, let's face it. But, as a consumer, as a practitioner, how does that message relate to you? You have a lot of vendors tryin' to sell to you. You got cloud, different cloud strategies, cloud, cloud, cloud, cloud, cloud. Dev-ops, containters. So, do you, what do you want to see from a company like Nutanix? Do you want them to, like, stick to their knitting, hey just give me hyper-converged infrastructure, or do you want them to take you on, on a journey? I wonder if you could add some color to that. >> Sure, and where you're goin' with that question is exactly the reason we chose this solution because it's way bigger than just a hyper-converge, you know, solution. That was, for me, that was kind of the first thing. That's what got us hooked and then the innovation that's come, you know, since then, and things that we've learned about the product and where they're goin' with automation, migration strategies of current workloads, the ease of management, the cloud strategy, the partnerships that they're makin' now with other, with other partners. That's really what I like to see and that continued growth is why we chose this product 'cause they have that vision and it's really appealing. >> And so, do you, are you using public cloud today? >> We are in a very limited manner. As you can imagine, health care and personal health information in the cloud can be kind of scary to some people so we have started that roadmap and we continue to try to expand that as we go. >> Is it fair to say that as an infrastructure professional that you're, you're, can I summarize your infrastructure strategy is you want, like, to, substantially mimic the attributes of a public cloud where it makes sense on prem. Is that fair? >> That's exactly what we're tryin' to do. Speed to delivery, server provisioning, resiliency of the infrastructure, invisible infrastructure, you might have heard that term today or over the past few days. That's what we're tryin' to accomplish. >> Self-service or no? >> Self-service internally right now. So, my own staff are going to use the automation internally to deliver quicker and then eventually as we perfect that, we'll let our customers self-service. >> So be as cloud-like as possible but not too cloud-like too soon? >> Exactly. >> So do you feel as though, as an IT pro, that you are on the path to achieving that vision? >> I do. We are, at Baylor, we're breaking new grounds with what we've done recently and I think the longterm vision to where we want to be is going to be, is going to be big over the next few years. >> So we get, we get into a lot of discussions with folks in our community that are, you know, kind of, cloud bigots, I'll call them and they say, "Hey, the vendors like Nutanix "and even more so vendors like IBM and HPE "and, you know, EMC, and their customers "will never be able to achieve what Amazon achieves." My question to you is, and you probably agree with that, I mean, Amazon's ahead of you, I bet. But, I would hope. But, how do you feel about that? Is that okay? Do you lose sleep over that or do you feel as though, "Hey, we've made so much progress." I wonder if you could comment on that as an IT pro. >> Yeah, sure. So, briefly on that topic, Amazon's business model is a little different than the industry that we're in, right? >> Yeah, sure. >> And, we're not really in the technology delivery business, right? We're in healthcare and patient servicing but what we do behind the scenes to enable the patient satisfaction and patient outcomes using this web-scale technology or this Amazon-like infrastructure is something that we're going to continue to build and grow on. We'll never be in that position, like Amazon is. But behind the scenes with automation and the infrastructure resiliency, using that same technology is what we're going to, how we're going to accomplish that. >> So a big part of that, 'cause you mentioned some of the digital transformation you're doin' up front, a big part of that cloud-like on prem, is makin' your people more productive and not, you know, focused on provisioning LUNs and servers and-- >> That's right. >> You know, pluggin' in cables. It's really automating as much as possible. So, have you seen the affect on non-differentiated IT labor in your shop? >> We have. So, just within our team, the amount of time the engineers have to spend on just this specific infrastructure has been greatly reduced so we get to spend more time doin' things like protectin' our environment. You know, a lot of these, these viruses have been comin' out lately. These, these exploits. So, we've been able to patch more diligently, remediate issues, and then we've seen other reduction in time for other teams. Storage team, they don't have to deal with our stuff anymore. They can focus in other areas. So it's really been a shift in the way we do business. >> So just one more followup, I know that Stu wants to jump in. So, and this is a hard question to be precise on, but, in rough terms, if you think in, you know, rough percentage terms, how much, you know, sort of, of the labor effort you've been able to shift to more interesting, the fun stuff, as Stu calls it. Is it a 5% factor or a 20%, 50%, you know, 100% factor? I wonder if you could just give us some anecdotal-- >> Right now the impact has been pretty small. If you look at the, our Nutanix infrastructure today, it's a very small portion of our overall infrastructure since it's fairly new. >> Right. >> But, I can tell you, the time that we spend on that right now is very minimal. I have one engineer that oversees the entire infrastructure at this point. I'm freein' up multiple other resources to do other things, so it's been an improvement. >> And so, and so pre-, pre-hyper-converged, if you didn't go that direction you'd have more than one engineer or? >> Oh, I'd have, I'd probably have at least three times as many. >> So three x factor, wow. >> Just because there's so many other components that you have to manage that aren't just specific to that one stack. >> David: Mhm, right. >> Don, you've got virtualization in your title, how do you look at virtualization today? Where are you in that journey? We've been hearin' at a lot of these shows that we've been at that, you know, virtualization feels like it's played out for the most part. We know where it is. Cloud has been the big discussion. Where is it in your job? >> So, kind of two paths in my infrastructure. We have server virtualization which is traditional, you know, virtualizing the compute workload. And then also on application virtualization, so app delivery. And I think there's still a lot of room for growth in both of those aspects. Application delivery is going to continue to morph and it can be delivered from multiple different platforms and I can see it doin' that over time. Server virtualization is a way to go and what we're doin' there is tryin' to continue to deliver the capacity, you know, that we're at or continue to grow it but at the same time shrinking that hardware footprint and relieving some of the stress in the data center and that's what we're lookin' for. >> On server virtualization what are you usin' today? >> For server virtualization we use VM ware, ESX. >> And have you looked at the HV stuff at all? >> We have and I'm very excited about that and it's kind of one of those things where you can't jump in with two feet right off the bat just because it is a little new and you feel like you need to really look at it really closely but at the same time, I'm pretty confident that it's going to be a good, longterm replacement as we continue to look at it. >> One of the, Nutanix has really been looking out for their future plans. One, share, you know, what resonates with you, and what about yourself? What kind of future strategy do you have? What are you looking for from the vendor community to help you do even more with your resources? >> So, the vendor community definitely, this is kind of a new area for them. A lot of the application vendors we talked to aren't really familiar with this platform so I think as this product grows and as this space grows, I think more vendor awareness is going to come about and they're going to be more comfortable with this as a solution. >> Okay, yeah, especially healthcare. It's all those ISVs that need to integrate and support and say, "Yes, I'm okay with it." >> Exactly. >> We saw that with virtualization at first and... >> Yup. And health care is always traditionally a little bit behind 'cause it's a little more conservative space. So, I think it'll take a little bit of time for them to feel comfortable there, as well. >> So what are the big problems you're tryin' to solve today from an infrastructure standpoint? >> Well, you know, financial issues are always a topic, right? So, what we're tryin' to do is deliver infrastructure to support our patients in a cost-effective way. So bein' as frugal with the money that we do have and buyin' the right technology and not spendin' a lot of money on a diverse stack and wasting financials. >> I mean, you just basically, you know, reduced your IT labor in that little part of the world by, you know, a factor of, you know, 3x as we talked about. Is there a gain-sharing philosophy where some of that reduction comes back to you for innovation or is it just, sort of, go back to other parts of the hospital? >> It will go back, probably, just to the bigger, to the bigger team. I mean, there are benefits to us, you know, specifically that we're going to achieve, but overall, that time-saving goes back and allows, you know, different teams to do other things which overall will help improve our whole environment. >> So in the keynotes today, and I was talking to you off-camera about one-click migration, there was a database migration and, I think it was one-click DR as well, but I'm interested in the database stuff. You've got some experience with databases. Actually, let me ask you, is that part of the infrastructure definition is database on down? >> It is. >> Yeah, okay. So what was your reaction to the sort of one-click database migration? >> It's very exciting. I think that's going to help in the aspect of migrating workloads from, from Legacy or traditional to this new platform. There's, I think there's still some components that you have to consider. The migration is very nice but, you know, validation, testing, all those kind of components also have to be part of that whole plan. >> So if I looked at the, I mean, database migrations can sometimes be real hard balls. So if I, if I look at the cycle, you know, the anatomy of a migration, let's say it takes, you know, n amount of time, what is that amount of time, you know, on average, and I know it's a hard, it's one of those stupid average questions. >> It can vary based on size. >> Yeah, I know it's a big it depends. But what percent of that, that, that value chain, if you will, that sequence chain is Nutanix attacking with what you saw today in your view? >> So, what you do is reduce the execution part of that migration and you probably reduce a lot of the planning phase of that because in any kind of a database migration, there are so many factors that go into that and a lot of the discussion is around how are we going to move this workload to this new space? And Nutanix has solved that by taking care of the how and then, you know, you just need to figure out how you're going to validate, test it, and confirm that once it's there, everything continues to work as expected. So I think you've reduced the time of planning and execution both with that strategy. >> I mean, the planning piece has actually got to be a huge portion-- >> Huge. >> Is it half of the total? >> It's probably at least half. >> Yeah, I would think so. >> Because the better you plan, the better you're going to execute, right, so. >> Yeah, yeah, right, right. Okay, good. Well, Don, I'll give you a last word on futures. What kinds of things are you workin' on that, you know, you can share with us? >> So for us, the future is going to be to, to continue to converge this stack. We're going to continue to move forward with automation. Try to reduce the delivery time for applications and servers and infrastructure and eventually simplify our management layer and spend more time doin' other things, doin' more fun stuff. And that's what we're lookin' to do. >> Love it. As I always say, love havin' the practitioners on we get to pepper questions and get the real story. So Don, thanks very much for comin' on The Cube. >> Thank you for havin' me, I appreciate it. >> You're very welcome. Alright, keep it right there everybody. Stu and I will be back with our next guest right after this short break.

>> Announcer: Live, from Boston, Massachusetts, it's the Cube. Covering Red Hat Summit 2017. Brought to you by Red Hat. (futuristic tone) >> Welcome back to the Cube's coverage of the Red Hat Summit here in Boston, Massachusetts. I'm your host, Rebecca Knight, along with my co-host Stu Miniman. We are welcoming right now Sam Ramji. He is the Vice President of Product Management Google Cloud Platforms. Thanks so much for joining us. >> Thank you, Rebecca, really appreciate it. And Stu good to see you again. >> So in your keynote, you talked about how this is the age of the developer. You said this is the best time in history to be a developer. We have more veneration, more cred in the industry. People get us, people respect us. And yet you also talked about how it is also the most challenging time to be a developer. Can you unpack that a little bit for our viewers? >> Yeah, absolutely. So I think there's two parts that make it really difficult. One is just the velocity of all the different pieces, how fast they're moving, right? How do you stay on top of all the different latest technology, right? How do you unpack all of the new buzzwords? How do you say this is a cloud, that's not a cloud? So you're constantly racing to keep up, but you're also maintaining all of your old systems, which is the other part that makes it so complex. Many old systems weren't built for modernization. They were just kind of like hey, this is a really cool thing, and they were built without any sense of the history, or the future that they'd be used in. So imagine the modern enterprise developer who's got a ship software at high rates of speed, support new business initiatives, they've got to deliver innovation, and they have to bridge the very new with the very old. Because if your mobile app doesn't talk to your mainframe, you are not going to move money. It's that simple. There's layers of technology architecture. In fact, you could think of it as technology archeology, as I mentioned in the keynote, right, this we don't want to create a new genre of people called programmer archeologists, who have to go-- >> I'm picturing them just chipping away. >> Sam: I don't think it'll be as exciting as Indiana Jones. >> No. >> Digging through layers of the stack is not really what people want to be doing with their time. >> Sam: Temple of the lost kernel. >> I love it. >> So Sam, it's interesting to kind of see, I was at the Google Cloud event a couple months ago, and here you bring up the term open cloud, which part of me wants to poke a hole in that and be like, come on, everybody has their cloud. Come on, you want to lock everybody in, you've got the best technology, therefore why isn't it just being open because it's great to say open and maybe people will trust you. Help explain that. >> Puppies, freedom, apple pie, motherhood, right. >> Stu: Yeah, yeah. (laughs) >> So there's a couple sides to that. One, we think the cloud is just a spectacular opportunity. We think about 1.2 trillion dollars in current spend will end up in cloud. And the cloud market depending on how you measure it is in the mid 20 billions today. So there's just unbounded upside. So we don't have to be a aspirational monopolist in order to be a successful business. And in fact, if you wind the clock forward, you will see that every market ends up breaking down into a closed system and a closed company, and an open platform. And the open platforms tend to grow more slowly, sort of exponential versus logarithmic, is how we think about it. So it's a pragmatic business strategy. Think about Linux in '97. Think about Linux in 2002. Think about Linux in 2007. Think about Linux in 2012. Think about Linux today. Look at that rate. It's the only thing that you're going to use. So open is very pragmatic that way. It's pragmatic in another direction which is customer choice. Customers are going to come for things that give them more options. Because your job is to future proof your business, to create what in the financial community call optionality. So how do you get that? In 2011, about eight other people and I created a nonprofit called the Open Cloud Initiative. And the Initiative is long since dead, we didn't fund it right, we kind of got these ideas baked, and then moved on. >> Stu: There's another OCI now. >> That's right, it's the Open Container Initiative. But we had three really crisp concepts there. We said number one, an open cloud will be based on open source. There won't be stuff that you can't get, can't replicate, can't build yourself. Second, we said, it'll have open access. There'll be no barriers to entry or exit. There won't be any discrimination on which users can or can't come in, and there won't be any blockers to being able to take your stuff out. 'Cause we felt that without open access, the cloud would be unsafe at any speed, to borrow a quote from Ralph Nader. And then third, built on an open ecosystem. So if you are assuming that you have to be able to be open to tens of thousands of different ideas, tens of thousands of different software applications, which are maybe database infrastructure, things that as a cloud provider, you might want to be a first party provider of. Well those things have to compete, or trade off or enrich each other in a consistent way, in a way that's fair, which is kind of what we mean when we say open ecosystem, but being able to be pulled through is going to give you that rate of change that you need to be exponential rather than logarithmic. So it's based on some fairly durable concepts, but I welcome you to poke holes in it. >> So we did an event with MIT a little while back. We had Marshall Van Alstyne, professor at BU who I know you know. He's an advisor at Cloud Foundry, and he talked about those platforms and it was interesting, you know, with the phone system you had Apple who got lots of the money, smaller market share as opposed to Android, which of course comes out of Google, has all of the adoption but less revenue. So, not sure it's this, yeah. >> Interestingly, we've run those curves, and you kind of see that same logarithmic versus exponential shift happening in Android. So we've seen, I don't have the latest numbers on the top of my head, but that is generating billions of dollars of third party revenue now. So share does shift over time in favor of openness and faster innovation. >> So let's bring it back to Red Hat here, because if I talk to all the big public cloud guys, Microsoft has embraced open source. >> And they're not just guys, actually, there's lots of women. >> Rebecca: Yes, thank you. >> Stu: I apologize. >> Sorry, I'm in a little bit of a jam here, where I'm trying to tell people the collective noun for technologists is not guys. >> Stu: Okay. >> It could be people, it could be folks, internally we use squirrels from time to time, just to invite people in. >> So, when I talk to the cloud squirrels, Microsoft has embraced open source. Amazon has an interesting relationship. >> I was there when that happened. >> You and I both know the people that they've brought in who have very good credibility in the open source community that are helping out Amazon there. Is it Kubernetes that makes you open because I look at what Red Hat's doing, we say okay, if I want to be able to live across many clouds or in my own data centers, Kubernetes is a layer to do that. It comes back to some of the things like Cloud Foundry. Is that what makes it open because I have choice, or is there more to it that you want to cover from an open cloud standpoint, from a Google standpoint? >> Open and choice effectively is a spectrum of effort. If it's incredibly difficult, it's the same as not having a choice. If it's incredibly easy, then you're saying actually, you really are free to come and go. So Kubernetes is kind of the brightest star in the solar system of open cloud. There's a lot of other technologies, new things that are coming out, like istio and pluri. I don't want to lose you in word soup. Linker D, container D, a lot of other things, because this is a whole new field, a whole fabric that has to come to bear, that just like the internet, can layer on top of your existing data centers or your existing clouds, that you can have other applications or other capabilities layered on top of it. So this permission-less innovation idea is getting reborn in the cloud era, not on top of TCP/IP, we take that for granted, but on top of Kubernetes and all of the linked projects. So yeah, that's a big part of it. >> I want to continue on with that idea of permission-less innovation and talk about the culture of open source, particularly because of what you were saying in the keynote about how it's not about the code, it's about the community. And you were using words like empathy and trust, and things that we don't necessarily think of as synonymous with engineers. >> Sam: Isn't it? >> So, can you just talk a little bit about how you've seen the culture change, particularly since your days at Microsoft, and now being at Google, in terms of how people are working together? >> Absolutely, so the first thing is why did it change? It became an economic imperative. Let's look at software industry competition back in the 90s. In general, the biggest got the mostest. If you could assemble the largest number of very intelligent engineers, and put them all on the same project, you would overwhelm your competition. So we saw that play out again and again. Then this new form of collaboration came around, not just birthed by Linux, but also Apache and a number of other things, where it's like oh, we don't have to work for the same company in order to collaborate. And all of a sudden we started seeing those masses grow as big as the number of engineers who went a single company. Ten thousand people, ten thousand engineers, share the copyright to the Linux kernel. At no point have they worked at the same company. At no point could a company have afforded to get all of them together. So this economic imperative that marks what I think of as the first half of the thirty years of open source that we've been in. The second half has been more us all waking up, and realizing open source has got to be inclusive. A diverse world needs diverse solutions built by diverse people. How do we increase our empathy? How do we increase our understanding so that we can collaborate? Because if we think each other is a jerk, if we get turned off of building our great ideas into software because some community member has said something that's just fundamentally not cool, or deeply hurtful, we are human beings and we do take our toys away, and say I'm not going to be there. >> That's the crux of it too. >> It's absolutely a cutthroat industry, but I think one of the things I'm seeing, I've been in Silicon Valley for 22 years, less three years for a stint at Microsoft, I've actually started to see the community become more self-reflective and like, if we can have cutthroat competition in corporations, we don't have to make that personal. 'Cause every likelihood of open source projects is you're employed as a professional engineer at a company, and that employment agreement might change. Especially in containers, right? Great container developers you'll see they move from one company to another, whether it's a giant company like Google, or whether it's a big startup like Docker, or any range of companies. Or Red Hat. So, this sort of general sense that there is a community is starting to help us make better open source, and you can't be effective in a community if you don't have empathy and you don't start focusing on understanding code of conduct community norms. >> Sam, I'm curious how you look at this spectrum of with this complexity out there, how much will your average customer, and you can segment it anywhere you want, but they say, okay I'm going to engage with this, do open source, get involved, and what spectrum of customers are going to be like, well, let me just run it on Google because you've got a great platform, I'm not going to have Google engineers and you guys have lots of smart people that can do that in any of the platform. How do you see that spectrum of customer, is it by what their business IT needs are, is it the size of the customer, is there a decision tree that you guys have worked out yet to try to help end users with what do they own, what do they outsource? It's in clouds more than outsourcing these days. The deal of outsourcing was your mess for less, and this should be somewhat more transformational and hopefully more business value, right? >> Yeah, Urs Hölzle, who's our SVP of Technical Infrastructure, says, the cloud is not a co-location facility. It is different, it is not your server that you shipped up and you know, ran. It's an integrated set of services that should make it incredibly easy to do computing. And we have tons of very intelligent women and men operating our cloud. We think about things like how do you balance velocity and reliability? We have a discipline called site reliability engineering. We've published a book on it, a community is growing up around that, it's sort of the mainstream version of dev ops. So there are a bunch of components that any company at any size can adopt, as long as you need both velocity and reliability. This has always been the tyranny of the or. If I can move fast I can break things, but even Mark Zuckerberg recently said you know, move fast and break fewer things. Kind of a shift, 'cause you don't want to break a lot of people's experience. How do you do that, while making sure that you have high reliability? It really defies simple classification. We have seen companies from startups to mom and pop shops, all the way to giant enterprises adopting cloud, adopting Google cloud platform. One of the big draws is of course, data analytics. Google is a deeply data intensive business, and we've taken that to eleven basically with machine learning, which is why it was so important to explain tense or flow, offer that as open source, and be able to move AI forward. Any company, at any size that wants to do high speed, high scale data analytics, is coming to GCP. We've seen it basically break down into, what's the business value, how close is it to the decision maker, and how motivated is an engineer to learn something different and give cloud a try. >> Because the engineer has to get better at working with the data, understanding the data, and deriving the right insights from the data. >> You're exactly right. Engineers are people, and people need to learn, and they need to be motivated to change. >> Sam, last question I have for you is, you've been involved in many different projects. We look at from the outside and say, okay, how much should be company driven, how much does a foundation get involved? We've seen certain foundations that have done very well, and others that have struggled. It's very interesting to watch Google. We'd give you good as we've talked on the Cube so far. Kubernetes seems to be going well. Great adoption. Google participates, but not too much, and Red Hat I think would agree with that. So congratulations on that piece. >> Sam: Thank you. >> What's your learnings that you've had as you've been involved in some of these various initiatives, couple foundations. We interviewed you when you were back at the Cloud Foundry, and things like that, so, what have you learned that you might want to say, hey, here's some guidelines. >> Yeah, so I think the first guideline is the core of a foundation is, the core purpose of a foundation is bootstrapping trust. So where trust is missing, then you will need that in order to create better contribution and higher velocity in the project. If there's trust there, if there's a benevolent dictator and everyone says that person's fine or that company's fine, then you won't necessarily need a foundation. You've seen a lot of changes in open source startups, dot coms that are also a dot org, shifting to models where you say well, this thing is actually so big it needs to not be owned by any one company. And therefore, to get the next level of contribution, we need to be able to bring in giant companies, then we create trust at that next level. So foundations are really there for trust. It's really important to be strong enough to get something off the ground, and this is the challenge we had at Cloud Foundry, it was a VMware project and then a Pivotal project, and many people believe this is great open source, but it's not an open community, but the technology had to keep working really well. So we how do we have a majority contributor, and start opening up, in a thoughtful process and bringing people in, until you can say what our target is to have the main contributor be less than 50% of the code commits. 'Cause then the majority is really coming from the community. Other projects that have been around for longer, maybe they started out with no majority. Those organizations, those projects tend to be self-organizing, and what they need is just a foundation to build a place that people can contribute money to, so the community can have events. So there's two very different types of organizations. One's almost like a charity, to say I really care about this popular open source project, and I want to be able to give something back, and others are more like a trade association, which is like, we need to enable very complex coordination between big companies that have a lot at stake, in which case you'll create a different class of foundation. >> Great, well Sam Ramji, thank you so much for being with us here on the Cube. I'm Rebecca Knight, and for your host Stu Miniman, please join us back in a bit. (futuristic tone)