>> Live from Las Vegas, it's theCUBE. Covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Hello Rod, we are here live in Las Vegas where Amazon Web Services' AWS re:Invent 2018. It's our sixth year covering re:Invent. We've been there from the beginning, as a customer using EC2 when it first launched in 2006, one of my first start-ups. What a scene it is here. Everyone in the industry is here full on, it's a Super Bowl of technology, Amazon is leading in the cloud game, and we're breaking it down for you in theCUBE. Our next guest is Holland Barry, Senior Vice President in Cybersecurity for Cyxtera, a hot company. Welcome to theCube, thanks for joining me. >> Thanks for having me. >> So, it's great to have a senior people, start-ups, technical people on theCube. Kind of extracting, kind of squint through the volume of data that's being announced here at the show. Huge set of announcements already out the door. More coming. I'm expecting to hear a big connectivity announcement at 11:30 involving satellite and remote coverage for IoT devices, VM containers, micro VMs, all this massive amount of tech. Putting it into reality is critical. This is what customers want to do, they want to lower their costs, they want more performance, lower cost, more capability. Ushering in a true programing model for DevOps. How do you guys fit here? What's your story? Why are you here? What's the value proposition? >> So we're really focused, especially at this show around the DevOps community, and enabling agility for those folks. Ten years ago, the word DevOps and the term DevOps came to life, and there was this tug-o-war going on between the development teams and the operations team. Where development team wanting to move fast, and have all the agility. And the operations team wanted to have stability, and then all these things. They came together in a matrimony, and 10 years later we're highly automated, everything looks great from a DevOpps perspective, but what we're seeing now is security, being a bit of a speed bump. They're having a hard time catching up with that. That's our focus on the show is unleashing the DevOps folks >> and letting security move at the speed of DevOps. >> Lets drill down on security. Obvious cyber security is a global issue. It's also a national security issue in the United States, but other countries too. It's a global policy thing. There's tech involved, right? Cyber warfare all those, we hear about the news. But for a basic enterprise, the perimeter's no longer there with cloud. You got to think differently around how you're going to secure things. Amazon is now seeing security, not a blocker. Used to be no cloud implementation, it's not secure at all. Now you're hearing people saying, it's actually pretty secure, but there's more things going on keep raising the bar on capabilities that are needed. Could you share your expert opinion on, state of security of the cloud. What are the key areas? Where are they kind of leveled out? What's the baseline now? How acceptable is that? And what are the gaps, what are people working on? >> I think we're seeing a lot more security components, move into that infrastructure as code conversations. Amazon is fantastic about launching stacks, via cloud formation template, or maybe using TerraForm And now we're seeing the need for security components to move into that as an extension, of that infrastructure type deployment. That's another are of deep focus for us. >> Is there a tech trend that's a tail win for this? Is there anything helping? Or is there more headwins then tailwins? What's the big focus? >> I think one of the big trends we're seeing, and we're getting a lot of analyst conformations on this trend too is, the whole thing around software to find perimeters. So a new approach to describing access, for the users, kind of getting away from the VPN model, where you have a central concentration entry point. And then having the traverse complicated, to maintain back haul lines right? We're seeing software define perimeter, allow users and DevOps professionals access multiple environments simultaneously, without the need of these more archaic architectures if you will. >> Now the way it works braided to VP is absolutely great. Very secure malware transmission to the inpoint. >> Absolutely, I mean you think about the old style of connectivity, and you've got a user, that has nearly unfettered access wants that VPN connection isn't created. They have way more access, they have way more ability to spread malware laterally, with a VPN connection. Software to find perimeter, greatly reduces that attack surface, by giving those users only access to those items, within the perpend infrastructure, that they're vetted to have access to, and nothing more. >> So hold on, I got to ask you a question around cloud architects, the hottest area that we're seeing from an educational, learning, progressionary, knowledge seeking area, what is a cloud architect? And what are the things that make up, how would you describe and ideal cloud architecture? So I'm enterprise, I realize I've got to straighten my data center down, I'm using the cloud, lot of great things about the cloud, lot of great things about having something around perimeters of low latency. Now we've got IOT Edge, I'm going to want to power that with power, and then have connectivity now, that's over the top. How do I architect this? 'Cause data is going to live there, human computes can move around from Amazon, that's the direction that they're going. How do I lay it all out? What's your view on Cloud architect these days, and how they should be thinking? >> Well the Cloud architect role I think has evolved a lot, So start off with right? It's no longer just being an infrastructure person, you've got to be sort of an expert on security, some of an expert on networking, and a lot of storage all these other components. I think it's different, the organization, I think there's a series of best practices. I think AWS does a fantastic job of delivering templatized best practices to folks who are looking to adopt a cloud architecture. I think that's a great guide post to go by. Is the recommendations. >> How about staffing? What are you seeing in the makeup of the kind of, you know, I don't want to sound....Ninja or pirate, or whatever metaphor you want to use. You see kind of a new bread of, DevOps engineering, >> Absolutely. >> Mixed with app developer emerging. >> Yeah I think you got it, I think that matrimony that happened between the develop and the operations team has continued to evolve, and we're seeing this new kind of combined specialty. Where you've got great programming chopped, You're a python or JavaScript ninja, and you also know a lot more about the infrastructure than traditionally, your development role would of necessitated in the past. >> What are the top security conversations are you having in a DevOps environment, because there's some really great DevOps shops, and DevOps thinking in a lot of companies. And then you've got the people who're now learning DevOps they're kind of getting cloud native. They see Kubernetes around the corner. They see.. they put containers around things. I could keep my work loads on premises. Okay I got some cloud. What is some of the thinking around that? What's your view on all this? >> So I think access is a big piece, I think, you know developers needing to get to heterogeneous set of hybrid environments. They might have some legacy, or new stuff on prem. They might have a couple of clouds they're working with, how do you have a single unified policy contract that talks about how it's users can interact with it. And we're also hearing a lot about DevSecOps to moving that detection of vulnerabilities, and code imperfections earlier on in that development cycle. And we're enabling a big compliment to that, we're not DevSecOps ourselves, but we're involved in that conversation from an access perspective. >> Can't you explain what you guys do I want to get that out there because board. What do you guys actually do? How do you make money? What's your business model? What's the product? >> Yeah, so Cyxtera is a cyber security company, that also happens to have a colocation data center footprint in 29 markets. We've got 50+ data centers. We're here focused on, once of our access products called Appgte STP Appgate is a secure access solution, that was really built with developers in mind, that allows that simultaneous secure access, to a multitude of environments. So if you're a native U.S customer, and you've got 20 or 30 accounts, we can seamlessly allow that connectivity with a very robust policy structure, to allow all those developers, those users, to interact with those environments, without having to do that VPN switching that we discussed earlier. A real real clean in sophisticated way to connect your users into your internal and sensitive infrastructure. >> And what're the...who's the buyer of the product? And why are they using you guys? >> It's typically going to be the security team, sometime we'll have the networking in the cloud, infrastructure teams involved in the conversations, but this is a security product. This is secured access product. And this is really a evolution, of what people are using for the VPN, and jumpboxes and things like that for these days. >> How dead is the VP if you had to put it on a scale? One being on life support, 10 being still state of the art. I mean VP is still around, people are using VPNs a lot. >> Totally. >> There's a role for VPNs. Is it a rip and replace? Or is it more of a functional, some spots VPNs are great, some spots they're not. What's the role of VPN? >> We're seeing them, and I think Gartner has a statistic, that 60% of VPNs will be dead by 2021, or something like that. We're seeing that evolution occur. Looking simple environment, A VPN might be a really appropriate approach. But when you have cloud workloads everywhere, you got on premise data, you've got your users everywhere. It simply can't keep up. That's really the problem space part of it. >> Where's the action for security in terms of good developing trends? Is it at the network layer? Is it the virtualization layer? The identity layer? Where are you seeing, security really advancing and excelling with cloud? What specifically, where's the action happening? >> I think it's at all airs. I mean, we've seen the identity access management, identity provider market explode. We're seeing great new technologies around, container security, virtual machine security. I can't pick any one category, I just wouldn't. I would argue though, that this access category in the software to find perimeter trend, is something. We're tuned into it obviously, maybe a little more than most. But we are seeing a huge uptake. >> Well what's the alternative? I mean most IT guys, obviously they're scared. I mean they're not... They're kind of running scared. They've been doing perimeter based security for years. Firewalls, routers, all classic all lock down. Now in comes API economy, and now they're like, "Okay." I got to figure out, buy them everything in the planet to figure it out. What are they doing now? What's state of the art for people who are moving off the perimeter completely? >> I think the adoption of, more cloud native controls. A lot folks right now, are very familiar with traditional firewall vendor, and they'll tend to take that, and implement a software version of that hardware box up in the cloud. And we're not arguing that, you need to get away from something, like a next generation firewall. This traffic exception is does a lot of things, that our solution specifically doesn't do on a lot of the SDP soluntions don't. Taking that layer approach, and seeking out the solutions that are, that are cloud native. Forcing an uptech on that, and it's really changing the way people think about the architecture in their environments too. We're familiar with one thing from OnFarm We try to shoehorn that, that methodology in the cloud >> So single sign on is critical >> SSO is critical, we're seeing a huge check up on that. Absolutely. >> How do I handle the sprawl of new environments, with IOT Edgefor instance, you'll see a lot more things connect in. How do you do that? Is it manual, was there any animation or machine learning? How are you guys bringing that to scale? Because that's a big challenge we hear a lot. >> Absolutely. One of the things we're doing, at Cyxtera, is allowing you to templatize what secured access should look like for these new environments. So just like you're deploying that infrastructure as code, we're just a secured access piece of that. All the connectivity has already been described, by the security team. So back to the comment about DevOps Where operations team needing to move fast. Thinking that would deploy a brand new environment, with that access me and you >> So you're splitting up the auto building, you're standing it up quickly. >> Yeah >> All built in a preconfigured policy just goes out. >> Absolutely. Data dog, one of our reg AWS customers a great example of someone who is highly automated everything. They don't even touch our UI They use APIs for everything. They've codeified all the elements of our platform, and so when they spin up a new environment, you know they'll actually check out, a configuration from their, whatever, get hub get lab they're using. And inject that into the spin up of the new environment. Super sophisticated, high level of automation. Really at the end of the day, what's it helping them do? Why are we doing any of this? Why are we doing DevOps? We can move faster to the live product and services, quicker to our customers. >> So you guys are basically DevOps version of security, you're instrumenting everything DevO.. Data Ghost is a great example. They're instrumenting every, all the application areas. You guys are taking the sim.... Devops approach to security. Is that your approach? >> DevOps approach to security and user access, yeah, very much so. >> And what's the big conversation you're having here, at reInvent? Obviously a lot going on, what's most exciting for you here? Every event. >> I think it's everything that we just talked about, we're hearing people finally get ready for this, message you know, we're practitioners and users of this platform ourselves, and the SDP speck. I use it everyday. I flip up my laptop in the morning, I get instantly connected from anywhere to seven and 10, what we call sites right? We're familiar with the power, we're leveraging the power internally. Now seeing other people come over, what people like Data Dog and Voicebase or tour AWS clients, seeing what they've done, seeing their story, and having them say, "Hey how did they do that, we want to do that too." >> And how 'about a global scale, you guys are agnostic on geography, so they play into it. >> Completely neutral to the underlying infrastructure, the geography our solution acts the same. It doesn't matter public, private, cloud, bare metal, it's a unified policy framework that allows you to, to whatever level of granularity you want. Just grab access from the user, even including, ingredient from a third party system. For instance, I may have a developer that's assigned to a task, or a story, or an epic. Inside a Jira project for instance. Popular development tool. I can dictate, his or her access, to the infrastructure. And the projects are working on, based on an API called the Jira saying, "Okay this person has access to these things." Now I have a conditional response to, should someone have access to this resource. It's well, it depends, are they working on this project? Are they in the office? Is there a machine patched? Who are they and the identity provider? All these things should feed in to.. >> And they're automated too. They're automating in? >> This is all completely automated, and all these checks that I just described, are actually done our system, preauthentication. So you're vetted first, and then you're handed an access passport, we call Live Entitlement. And that gets you to the infrastructure, and only the infrastructure and applications you're vetted to do. Based on that evaluation that happened preautentication >> How agile are you guys when new things have to change? There's a security threat, or something on the landscape or surface area changes. How do you guys respond to it from aj Jilly standpoint? >> Yeah so, our system can take hints VN and API as well, so if you have a, you know, a threat system or something giving you signals that something might be going on. You could come into our system for instance, and revoke everyone's accces, you could prompt someone, maybe for a step up authentication, to make the reprove who they are, they got a one time password. So lot of options. We want to take hints from third party systems, we're designed that way. We can adjust, network access and program the network, based on other things that are happening. >> Final question before we wrap up here. Let get a plug in for the company. How old is the company? How many people... So how about some of your customers? Give the plug for Cyxtera. >> 1500 employees, I think I mentioned, 50+ data centers across 29 markets, hundred and hundreds of customers on the security access product that I talk about. You know, many thousands of customers in our data center. >> So business is good? >> Business is good. Yeah. In terms of like focus areas for next year, we're all in on DevOps, we're investing heavily in this area. Expect to hear more about a richer API set. More prebundled integrations, and also a bigger focus on containers. >> Well I think you guys are a great example of, success with using cloud. Lot more work to do. >> Yep. >> I mean you've got, Global, you've got all kinds of new landscapes changes. Final question, What's the one problem you saw, summarize it in a sound bite, why do people buy Cyxtera? Why do they use you? >> For network platform access for your user with a single security contract. I can't stress that. It's a huge competitive differentiation, versus some of the web application proxys that are out there. I invite everyone to dig into the details about what we provide. You can go to appgateforaws.com if you want to test dive the product. Get a feel for the admin UI, the client setup all that stuff. It's really simple and I give ya real good taste. And please come by the booth and see a demo as well. >> Tell th em Johnathan, you get a 10% discount. Only kidding. Hey, thanks for sharing your insight on theCUBE. >> Thank you very much. >> We're here at reInvent, lot of action happening. Obviously a crowd of great people. Lot of great networking, but more importantly than industry continues to power forward, with cloud, on premise, in the world. It's cute bringing all the action her in Las Vegas. We'll be back with more after this short break.