>>We're back with Jerome West, product management security lead at for HCI at Dell Technologies Hyper-converged infrastructure. Jerome, welcome. >>Thank you, David. >>Hey, Jerome, In this series, A blueprint for trusted infrastructure, we've been digging into the different parts of the infrastructure stack, including storage, servers and networking, and now we want to cover hyperconverged infrastructure. So my first question is, what's unique about HCI that presents specific security challenges? What do we need to know? >>So what's unique about Hyperconverge infrastructure is the breadth of the security challenge. We can't simply focus on a single type of IT system, so like a server or a storage system or a virtualization piece of software. I mean, HCI is all of those things. So luckily we have excellent partners like VMware, Microsoft, and internal partners like the Dell Power Edge team, the Dell storage team, the Dell networking team, and on and on. These partnerships, in these collaborations are what make us successful from a security standpoint. So let me give you an example to illustrate. In the recent past, we're seeing growing scope and sophistication in supply chain attacks. This mean an attacker is going to attack your software supply chain upstream so that hopefully a piece of code, malicious code that wasn't identified early in the software supply chain is distributed like a large player, like a VMware or Microsoft or a Dell. So to confront this kind of sophisticated hard to defeat problem, we need short term solutions and we need long term solutions as well. >>So for the short term solution, the obvious thing to do is to patch the vulnerability. The complexity is for our HCI portfolio. We build our software on VMware, so we would have to consume a patch that VMware would produce and provide it to our customers in a timely manner. Luckily, VX Rail's engineering team has co engineered a release process with VMware that significantly shortens our development life cycle so that VMware will produce a patch and within 14 days we will integrate our own code. With the VMware release, we will have tested and validated the update and we will give an update to our customers within 14 days of that VMware release. That as a result of this kind of rapid development process, Vxl had over 40 releases of software updates last year for a longer term solution. We're partnering with VMware and others to develop a software bill of materials. We work with VMware to consume their software manifest, including their upstream vendors and their open source providers to have a comprehensive list of software components. Then we aren't caught off guard by an unforeseen vulnerability and we're more able to easily detect where the software problem lies so that we can quickly address it. So these are the kind of relationships and solutions that we can co engineer with effective collaborations with our, with our partners. >>Great, Thank you for that. That description. So if I had to define what cybersecurity resilience means to HCI or converged infrastructure, and to me my takeaway was you gotta have a short term instant patch solution and then you gotta do an integration in a very short time, you know, two weeks to then have that integration done. And then longer term you have to have a software bill of materials so that you can ensure the providence of all the components help us. Is that a right way to think about cybersecurity resilience? Do you have, you know, a additives to that definition? >>I do. I really think that site cybersecurity and resilience for hci, because like I said, it has sort of unprecedented breadth across our portfolio. It's not a single thing, it's a bit of everything. So really the strength or the secret sauce is to combine all the solutions that our partner develops while integrating them with our own layer. So let me, let me give you an example. So hci, it's a, basically taking a software abstraction of hardware functionality and implementing it into something called the virtualized layer. It's basically the virtual virtualizing hardware functionality, like say a storage controller, you could implement it in a hardware, but for hci, for example, in our VX rail portfolio, we, or our vxl product, we integrate it into a product called vsan, which is provided by our partner VMware. So that portfolio strength is still, you know, through our, through our partnerships. >>So what we do, we integrate these, these security functionality and features in into our product. So our partnership grows to our ecosystem through products like VMware, products like nsx, Verizon, Carbon Black and Bsphere. All of them integrate seamlessly with VMware. And we also leverage VMware's software, par software partnerships on top of that. So for example, VX supports multifactor authentication through bsphere integration with something called Active Directory Federation services for adfs. So there is a lot of providers that support adfs, including Microsoft Azure. So now we can support a wide array of identity providers such as Off Zero or I mentioned Azure or Active Directory through that partnership. So we can leverage all of our partners partnerships as well. So there's sort of a second layer. So being able to secure all of that, that provides a lot of options and flexibility for our customers. So basically to summarize my my answer, we consume all of the security advantages of our partners, but we also expand on that to make a product that is comprehensively secured at multiple layers from the hardware layer that's provided by Dell through Power Edge to the hyper-converged software that we build ourselves to the virtualization layer that we get through our partnerships with Microsoft and VMware. >>Great. I mean that's super helpful. You've mentioned nsx, Horizon, Carbon Black, all the, you know, the VMware component OTH zero, which the developers are gonna love. You got Azure identity, so it's really an ecosystem. So you may have actually answered my next question, but I'm gonna ask it anyway cuz you've got this software defined environment and you're managing servers and networking and storage with this software led approach, how do you ensure that the entire system is secure end to end? >>That's a really great question. So the, the answer is we do testing and validation as part of the engineering process. It's not just bolted on at the end. So when we do, for example, the xra is the market's only co engineered solution with VMware, other vendors sell VMware as a hyperconverged solution, but we actually include security as part of the co-engineering process with VMware. So it's considered when VMware builds their code and their process dovetails with ours because we have a secure development life cycle, which other products might talk about in their discussions with you that we integrate into our engineering life cycle. So because we follow the same framework, all of the, all of the codes should interoperate from a security standpoint. And so when we do our final validation testing when we do a software release, we're already halfway there in ensuring that all these features will give the customers what we promised. >>That's great. All right, let's, let's close pitch me, what would you say is the strong suit summarize the, the strengths of the Dell hyperconverged infrastructure and converged infrastructure portfolio specifically from a security perspective? Jerome? >>So I talked about how hyper hyper-converged infrastructure simplifies security management because basically you're gonna take all of these features that are abstracted in in hardware, they're now abstracted in the virtualization layer. Now you can manage them from a single point of view, whether it would be, say, you know, in for VX rail would be b be center, for example. So by abstracting all this, you make it very easy to manage security and highly flexible because now you don't have limitations around a single vendor. You have a multiple array of choices and partnerships to select. So I would say that is the, the key to making it to hci. Now, what makes Dell the market leader in HCI is not only do we have that functionality, but we also make it exceptionally useful to you because it's co engineered, it's not bolted on. So I gave the example of, I gave the example of how we, we modify our software release process with VMware to make it very responsive. >>A couple of other features that we have specific just to HCI are digitally signed LCM updates. This is an example of a feature that we have that's only exclusive to Dell that's not done through a partnership. So we digitally sign our software updates so you, the user can be sure that the, the update that they're installing into their system is an authentic and unmodified product. So we give it a Dell signature that's invalidated prior to installation. So not only do we consume the features that others develop in a seamless and fully validated way, but we also bolt on our own specific HCI security features that work with all the other partnerships and give the user an exceptional security experience. So for, for example, the benefit to the customer is you don't have to create a complicated security framework that's hard for your users to use and it's hard for your system administrators to manage. It all comes in a package. So it, it can be all managed through vCenter, for example, or, and then the specific hyper, hyper-converged functions can be managed through VxRail manager or through STDC manager. So there's very few pains of glass that the, the administrator or user ever has to worry about. It's all self contained and manageable. >>That makes a lot of sense. So you got your own infrastructure, you're applying your best practices to that, like the digital signatures, you've got your ecosystem, you're doing co-engineering with the ecosystems, delivering security in a package, minimizing the complexity at the infrastructure level. The reason Jerome, this is so important is because SecOps teams, you know, they gotta deal with cloud security, they gotta deal with multiple clouds. Now they have their shared responsibility model going across multiple, They got all this other stuff that they have to worry, they gotta secure containers and the run time and, and, and, and, and the platform and so forth. So they're being asked to do other things. If they have to worry about all the things that you just mentioned, they'll never get, you know, the, the securities is gonna get worse. So what my takeaway is, you're removing that infrastructure piece and saying, Okay guys, you now can focus on those other things that is not necessarily Dell's, you know, domain, but you, you know, you can work with other partners to, and your own teams to really nail that. Is that a fair summary? >>I think that is a fair summary because absolutely the worst thing you can do from a security perspective is provide a feature that's so unusable that the administrator disables it or other key security features. So when I work with my partners to define, to define and develop a new security feature, the thing I keep foremost in mind is, will this be something our users want to use in our administrators want to administer? Because if it's not, if it's something that's too difficult or onerous or complex, then I try to find ways to make it more user friendly and practical. And this is a challenge sometimes because we are, our products operate in highly regulated environments and sometimes they have to have certain rules and certain configurations that aren't the most user friendly or management friendly. So I, I put a lot of effort into thinking about how can we make this feature useful while still complying with all the regulations that we have to comply with. And by the way, we're very successful in a highly regulated space. We sell a lot of VxRail, for example, into the Department of Defense and banks and, and other highly regulated environments, and we're very successful >>There. Excellent. Okay, Jerome, thanks. We're gonna leave it there for now. I'd love to have you back to talk about the progress that you're making down the road. Things always, you know, advance in the tech industry and so would appreciate that. >>I would look forward to it. Thank you very much, Dave. >>You're really welcome. In a moment I'll be back to summarize the program and offer some resources that can help you on your journey to secure your enterprise infrastructure. I wanna thank our guests for their contributions and helping us understand how investments by a company like Dell can both reduce the need for dev sec up teams to worry about some of the more fundamental security issues around infrastructure and have greater confidence in the quality providence and data protection designed in to core infrastructure like servers, storage, networking, and hyper-converged systems. You know, at the end of the day, whether your workloads are in the cloud, OnPrem or at the edge, you are responsible for your own security. But vendor r and d and vendor process must play an important role in easing the burden faced by security devs and operation teams. And on behalf of the cube production content and social teams as well as Dell Technologies, we want to thank you for watching a blueprint for trusted infrastructure. Remember part one of this series as well as all the videos associated with this program, and of course, today's program are available on demand@thecube.net with additional coverage@siliconangle.com. And you can go to dell.com/security solutions dell.com/security solutions to learn more about Dell's approach to securing infrastructure. And there's tons of additional resources that can help you on your journey. This is Dave Valante for the Cube, your leader in enterprise and emerging tech coverage. We'll see you next time.

(upbeat music) >> We're back with Jerome West, the Product Management Security Lead for HCI at Dell Technologies Hyper-Converged Infrastructure. Jerome, welcome. >> Thank you, Dave. >> Hey, Jerome, in this series "A Blueprint for Trusted Infrastructure," we've been digging into the different parts of the infrastructure stack, including storage servers and networking, and now we want to cover hyper-converged infrastructure. So my first question is what's unique about HCI that presents specific security challenges? What do we need to know? >> So what's unique about hyper-converged infrastructure is the breadth of the security challenge. We can't simply focus on a single type of IT system, so like a server or a storage system or a virtualization piece of software. I mean, HCI is all of those things. So luckily we have excellent partners like VMware, Microsoft and internal partners, like the Dell Power Edge Team, the Dell Storage Team, the Dell Networking Team, and on and on. These partnerships and these collaborations are what make us successful from a security standpoint. So let me give you an example to illustrate. In the recent past, we're seeing growing scope and sophistication in supply chain attacks. This means an attacker is going to attack your software supply chain upstream, so that hopefully a piece of code, malicious code that wasn't identified early in the software supply chain is distributed like a large player, like a VMware or a Microsoft or a Dell. So to confront this kind of sophisticated hard to defeat problem, we need short-term solutions and we need long-term solutions as well. So for the short-term solution, the obvious thing to do is to patch the vulnerability. The complexity is for our HCI portfolio, we build our software on VMware. So we would have to consume a patch that VMware would produce and provide it to our customers in a timely manner. Luckily, VxRail's engineering team has co engineered a release process with VMware that significantly shortens our development life cycle, so that VMware will produce a patch, and within 14 days we will integrate our own code with the VMware release. We will have tested and validated the update, and we will give an update to our customers within 14 days of that VMware release. That as a result of this kind of rapid development process, VxRail had over 40 releases of software updates last year. For a longer term solution, we're partnering with VMware and others to develop a software bill of materials. We work with VMware to consume their software manifest including their upstream vendors and their open source providers to have a comprehensive list of software components. Then we aren't caught off guard by an unforeseen vulnerability, and we're more able to easily detect where the software problem lies so that we can quickly address it. So these are the kind of relationships and solutions that we can co-engineer with effective collaborations with our partners. >> Great, thank you for that description. So if I had to define what cybersecurity resilience means to HCI or converged infrastructure, to me, my takeaway was you got to have a short-term instant patch solution and then you got to do an integration in a very short time, you know, two weeks to then have that integration done. And then longer-term, you have to have a software bill of materials so that you can ensure the provenance of all the components. Help us, is that a right way to think about cybersecurity resilience? Do you have, you know, additives to that definition? >> I do. I really think that cybersecurity and resilience for HCI, because like I said it has sort of unprecedented breadth across our portfolio. It's not a single thing. It's a bit of everything. So really the strength or the secret sauce is to combine all the solutions that our partner develops while integrating them with our own layer. So let me give you an example. So HCI, it's a basically taking a software abstraction of hardware functionality and implementing it into something called the virtualized layer. It's basically the virtualizing hardware functionality, like say a storage controller. You could implement it in the hardware, but for HCI, for example, in our VxRail portfolio, our VxRail product, we integrated it into a product called vSan which is provided by our partner VMware. So that portfolio strength is still, you know, through our partnerships. So what we do, we integrate these security functionality and features into our product. So our partnership grows through our ecosystem through products like VMware products, like NSX, Horizon, Carbon Black and vSphere. All of them integrate seamlessly with VMware. And we also leverage VMware's software partnerships on top of that. So for example, VxRail supports multifactor authentication through vSphere's integration with something called Active Directory Federation Services or ADFS. So there is a lot of providers that support ADFS, including Microsoft Azure. So now we can support a wide array of identity providers such as Auth0, or I mentioned Azure or Active Directory through that partnership. So we can leverage all of our partners' partnerships as well. So there's sort of a second layer. So being able to secure all of that, that provides a lot of options and flexibility for our customers. So basically to summarize my answer, we consume all of the security advantages of our partners, but we also expand on them to make a product that is comprehensively secured at multiple layers from the hardware layer that's provided by Dell through Power Edge to the hyper-converged software that we build ourselves to the virtualization layer that we get through our partnerships with Microsoft and VMware. >> Great, I mean, that's super helpful. You've mentioned NSX, Horizon, Carbon Black, all the you know, the VMware component, Auth0, which the developers are going to love. You got Azure Identity. So it's really an ecosystem. So you may have actually answered my next question, but I'm going to ask it anyway cause you've got this software-defined environment, and you're managing servers and networking and storage with this software-led approach. How do you ensure that the entire system is secure end to end? >> That's a really great question. So the answer is we do testing and validation as part of the engineering process. It's not just bolted on at the end. So when we do, for example VxRail is the market's only co-engineered solution with VMware. Other vendors sell VMware as a hyper-converged solution, but we actually include security as part of the co-engineering process with VMware. So it's considered when VMware builds their code, and their process dovetails with ours because we have a secure development lifecycle which other products might talk about in their discussions with you, that we integrate into our engineering lifecycle. So because we follow the same framework, all of the code should inter-operate from a security standpoint. And so when we do our final validation testing, when we do a software release, we're already halfway there in ensuring that all these features will give the customers what we promised. >> That's great. All right, let's close. Pitch me. What would you say is the strong suit, summarize the the strengths of the Dell hyper-converged infrastructure and converged infrastructure portfolio, specifically from a security perspective, Jerome? >> So I talked about how hyper-converged infrastructure simplifies security management because basically you're going to take all of these features that are abstracted in hardware. They're not abstracted in the virtualization layer. Now you can manage them from a single point of view, whether it would be say, you know, for VxRail it would be vCenter, for example. So by abstracting all this, you make it very easy to manage security and highly flexible because now you don't have limitations around a single vendor. You have a multiple array of choices and partnerships to select. So I would say that is the key to making, to HCI. Now what makes Dell the market leader in HCI is not only do we have that functionality, but we also make it exceptionally useful to you because it's co-engineered. It's not bolted on. So I gave the example of SBOM. I gave the example of how we modify our software release process with VMware to make it very responsive. A couple of other features that we have specific just to HCI are digitally signed LCM updates. This is an example of a feature that we have that's only exclusive to Dell. It's not done through a partnership. So we digitally sign our software updates. So the user can be sure that the update that they're installing into their system is an authentic and unmodified product. So we give it a Dell signature that's invalidated prior to installation. So not only do we consume the features that others develop in a seamless and fully validated way, but we also bolt on our own specific HCI security features that work with all the other partnerships and give the user an exceptional security experience. So for example, the benefit to the customer is you don't have to create a complicated security framework. That's hard for your users to use, and it's hard for your system administrators to manage. It all comes in a package, so it can be all managed through vCenter, for example. And then the specific hyper-converged functions can be managed through VxRail manager or through STDC manager. So there's very few panes of glass that the administrator or user ever has to worry about. It's all self-contained and manageable. >> That makes a lot of sense. So you've got your own infrastructure. You're applying your best practices to that like the digital signatures. You've got your ecosystem. You're doing co-engineering with the ecosystems, delivering security in a package, minimizing the complexity at the infrastructure level. The reason, Jerome, this is so important is because SecOps teams, you know, they got to deal with Cloud security. They got to deal with multiple Clouds. Now they have their shared responsibility model going across multiple. They got all this other stuff that they have to worry. They got to secure the containers and the run time and the platform and so forth. So they're being asked to do other things. If they have to worry about all the things that you just mentioned, they'll never get, you know, the security is just going to get worse. So my takeaway is you're removing that infrastructure piece and saying, okay, guys, you now can focus on those other things that is not necessarily Dell's, you know, domain, but you, you know, you can work with other partners and your own teams to really nail that. Is that a fair summary? >> I think that is a fair summary because absolutely the worst thing you can do from a security perspective is provide a feature that's so unusable that the administrator disables it or other key security features. So when I work with my partners to define and develop a new security feature, the thing I keep foremost in mind is will this be something our users want to use and our administrators want to administer? Because if it's not, if it's something that's too difficult or onerous or complex, then I try to find ways to make it more user-friendly and practical. And this is a challenge sometimes because our products operate in highly regulated environments, and sometimes they have to have certain rules and certain configurations that aren't the most user friendly or management friendly. So I put a lot of effort into thinking about how can we make this feature useful while still complying with all the regulations that we have to comply with. And by the way, we're very successful in a highly regulated space. We sell a lot of VxRail, for example, into the Department of Defense and banks and other highly regulated environments. And we're very successful there. >> Excellent, okay, Jerome, thanks. We're going to leave it there for now. I'd love to have you back to talk about the progress that you're making down the road. Things always, you know, advance in the tech industry, and so would appreciate that >> I would look forward to it. Thank you very much, Dave. >> You're really welcome. In a moment, I'll be back to summarize the program and offer some resources that can help you on your journey to secure your enterprise infrastructure. (upbeat music)

>>and welcome to this cube conversation. I'm john for a host of the queue here in Palo alto California. We've got two great remote guests to talk about, some big news hitting with scalability and Hewlett Packard enterprise drill, MCAT ceo of sexuality and chris Tinker, distinguished technologist from H P E. Hewlett Packard enterprise U room chris, Great to see you both. Cube alumni's from an original gangster days. As we say Back then when we started almost 11 years ago. Great to see you both. >>It's great to be back. >>So let's see. So >>really compelling news around kind of this next generation storage, cloud native solution. Okay. It's a, it's really kind of an impact on the next gen. I call, next gen devops meets application, modern application world and some, we've been covering heavily, there's some big news here around sexuality and HP offering a pretty amazing product. You guys introduced essentially the next gen piece of it are pesca, we'll get into in a second. But this is a game changing announcement you guys announces an evolution continuing I think it's more of a revolution but I think you know storage is kind of abstraction layer of evolution to this app centric world. So talk about this environment we're in and we'll get to the announcement which is object store for modern workloads but this whole shift is happening jerome, this is a game changer to storage, customers are gonna be deploying workloads. >>Yeah skeleton. Really I mean I personally really started working on Skele T more than 10 years ago 15 now And if we think about it I mean cloud has really revolutionized IT. and within the cloud we really see layers and layers of technology. I mean we all started around 2006 with Amazon and Google and finding ways to do initially we was consumer it at very large scale, very low incredible reliability and then slowly it creeped into the enterprise and at the very beginning I would say that everyone was kind of wizards trying things and and really coupling technologies together uh and to some degree we were some of the first wizard doing this But we're now close to 15 years later and there's a lot of knowledge and a lot of experience, a lot of schools and this is really a new generation, I'll call it cloud native, you can call it next year and whatever, but there is now enough experience in the world, both at the development level and at the infrastructure level to deliver truly distributed automate systems that run on industry standard service. Obviously good quality server deliver a better service than the service. But there is now enough knowledge for this to truly go at scale and call this cloud or call this cloud native. Really the core concept here is to deliver scalable I. T at very low cost, very high level of reliability. All based on software. We've we've been participated in this solution but we feel that now the draft of what's coming is at the new level and it was time for us to think, develop and launch a new product that specifically adapted to that. And chris I will let you comment on this because customers or some of them you can add a custom of you to that. >>Well, you know, you're right. You know, I've been in there have been like you have been in this industry for uh, well a long time, a little longer to 20, years. This HPV and engineering and look at the actual landscape has changed with how we're doing scale out, suffered to find storage for particular workloads and were a catalyst has evolved. Here is an analytic normally what was only done in the three letter acronyms and massively scale out politics name, space, file systems, parallel file systems. The application space has encroached into the enterprise world where the enterprise world needed a way to actually take a look at how to help simplify the operations. How do I actually be able to bring about an application that can run in the public cloud or on premise or hybrid. Be able to actually look at a workload off my stat that aligns the actual cost to the actual analytics that I'm going to be doing the work load that I'm going to be doing and be able to bridge those gaps and be able to spin this up and simplify operations. And you know, and if you if you are familiar with these parallel fossils, which by the way we we actually have on our truck. I do engineer those. But they are they are they are they have their own unique challenges. But in the world of enterprise where customers are looking to simplify operations, then take advantage of new application, analytic workloads, whether it be sparred may so whatever it might be right. If I want to spend the Mongol BB or maybe maybe a last a search capability, how do I actually take those technologies embrace a modern scale out storage stack that without without breaking the bank but also provide a simple operations. And that's that's why we look for object storage capabilities because it brings us this massive parallelization. Thank you. >>Well, before we get into the product, I want to just touch on one thing from you mentioned and chris you, you brought up the devoPS piece, next gen, next level, whatever term you use it is cloud Native. Cloud Native has proven that deVOPS infrastructure as code is not only legit being operationalized in all enterprises, add security in there. You have def sec ops this is the reality and hybrid cloud in particular has been pretty much the consensus. Is that standard. So or de facto saying whatever you want to call it, that's happening. Multi cloud on the horizon. So these new workloads have these new architectural changes, cloud on premises and edge, this is the number one story and the number one challenge, all enterprises are now working on how do I build the architecture for the cloud on premises and edge. This is forcing the deVOPS team to flex and build new apps. Can you guys talk about that particular trend and is and is that relevant here? >>Yeah, I, I not talk about uh really storage anywhere and cloud anywhere. And and really the key concept is edged to go to cloud. I mean we all understand now that the Edge will host a lot of data and the edges many different things. I mean it's obviously a smartphone, whatever that is, but it's also factories, it's also production, it's also, you know, moving uh moving machinery, trains, playing satellites, um that that's all the Edge cars obviously uh and a lot of that, I will be both produced and processed there. But from the Edge you will want to be able to send that uh for analysis for backup for logging to a court. And that core could be regional maybe not, you know, one call for the whole planet, but maybe one corporate region uh state in the US. Uh and then from there, you will also want to push some of the data to probably cloud. Uh One of the things that we see more and more is that the the our data center, the disaster recovery is not another physical data center, it's actually the cloud and that's a very efficient infrastructure, very cost efficient. Especially so really it's changing the padding on how you think about storage because you really need to integrate these three layers in a consistent approach, especially around the topic of security because you want the data to be secure all along the way and the data is not just data data and who can access the data, can modify the data. What are the conditions that allow modification or automatically ratios that are in some cases it's super important that data be automatically raised 10 years and all this needs to be transported fromage Co two cloud. So that that's one of the aspects, another aspect that resonates for me with what you said is a word you didn't say but it's actually crucial this whole revolution. It's kubernetes mean Cuban it isn't now a mature technology and it's just, you know, the next level of automaticity operation for distributed system Which we didn't have five or 10 years ago and that is so powerful that it's going to allow application developers to develop much faster system that can be distributed again edge to go to crowd because it's going to be an underlying technology that spans the three layers >>chris your thoughts. Hybrid cloud, I've been, I've been having conscious with the HP folks for got years and years on hybrid clouds now here. >>Well, you know, and it's exciting in a layout, right? So if you look at like a whether it be enterprise virtualization that is a scale out gender purpose fertilization workload. Whether the analytic workloads, whether we know data protection is a paramount to all of this orchestration is paramount. Uh if you look at that depth laptops absolutely you mean securing the actual data. The digital last set is absolutely paramount. And if you look at how we do this, look at the investments we're making we're making. And if you look at the collaborative platform development which goes to our partnership with reality it is we're providing them an integral aspect of everything we do. Whether we're bringing as moral which is our suffer be used orchestration. Look at the veneer of its control plane controlling kubernetes being able to actually control the african area clusters in the actual backing store for all the analytics. And we just talked about whether it be a web scale out That is traditionally using politics. Name space has now been modernized to take advantage of newer technologies running an envy me burst buffers or 100 gig networks with slingshot network at 200 and 400 gigabit. Looking at how do we actually get the actual analytics the workload to the CPU and have it attached to the data at rest? Where is the data? How do we land the data and how do we actually align essentially locality, locality of the actual asset to the compute. This is where, you know, we can leverage whether it be a juror or google or name your favorite hyper scaler, leverage those technologies leveraging the actual persistent store and this is where scale it is with this object store capability has been an industry trend setter, uh setting the actual landscape of how to provide an object store on premise and hybrid cloud running into public cloud but be able to facilitate data mobility and tie it back to and tie it back to an application. And this is where a lot of things have changed in the world of the, of analytics because the applications, the newer technologies that are coming on the market have taken advantage of this particular protocol as three so they can do web scale massively parallel concurrent workloads, >>you know what, let's get into the announcement, I love cool and relevant products and I think this hits the Mark Scaletta you guys have are Tesco which is um, just announced and I think, you know, we obviously we reported on it. You guys have a lightweight, true enterprise grade object store software for kubernetes. This is the announcement, Jerome. Tell us about it. >>What's the big >>deal? Cool and >>relevant? Come on, >>this is cool. All right, tell us >>I'm super excited. I'm not sure that it did. That's where on screen, but I'm super, super excited. You know, we, we introduced the ring 11 years ago and this is our biggest announcements for the past 11 years. So yes, do pay attention. Uh, you know, after after looking at all these trends and understanding where we see the future going, uh, we decided that it was time to embark block. So there's not one line of code that's the same as the previous generation product. They will both could exist. They both have space in the market, uh, and artist that was specifically this design for this cloud native era. And what we see is that people want something that's lightweight, especially because it had to go to the edge. They still want the enterprise grade, the security is known for and it has to be modern. What we really mean by modern is uh, we see object storage now being the primary storage for many application more and more applications and so we have to be able to deliver the performance that primary storage expects. Um this idea of skeletons serving primary storage is actually not completely new When we launched guilty 10 years ago, the first application that we were supporting West consumer email for which we were and we are still today the primary story. So we have we know what it is to be the primary store, we know what's the level of reliability you need to hit. We know what, what latest thinking and latency is different from fruit, but you really need to optimize both. Um, and I think that's still today. We're the only object storage company that protects that after both replication and the red recording because we understand that replication is factor the recording is better and more larger file were fast in terms of latency doesn't matter so much. So we, we've been bringing all that experience but really rethinking a product for that new generation that really is here now. And so we're truly excited against a little bit more about the product. It's a software was guilty is a software company and that's why we love to partner with HP who's producing amazing service. Um, you know, for the record and history, the very first deployment of skeleton in 2000 and 10 was on the HP service. So this is a, a long love story here. Um, and so to come back to artistic, uh, is lightweight in the sense that it's easy to use. We can start small, we can start from just one server or 11 VM instance. I mean start really small. Can grow infinitely. The fact that we start small, we didn't, you know, limit the technology because of that. Uh, so you can start from one too many. Um, and uh, it's contaminated in the sense that it's completely Cuban, it is compatible. It's communities orchestrated. It will deploy on many Cuban distributions. We're talking obviously with Admiral, we're also talking with Ponzu and with the other in terms of uh, communities distribution will also be able to be run in the cloud. I'm not sure that there will be many uh, true production deployment of artists in the club because you already have really good object storage by the cloud providers. But when you are developing something and you want to test their, um, you know, just doing it in the cloud is very practical. So you'll be able to deploy our discount communities cloud distribution and it's modern object storage in the sense that its application century. A lot of our work is actually validating that our storage is fit for a single purpose application and making sure that we understand the requirement of this application that we can guide our customers on how to deploy. And it's really designed to be the primary storage for these new workloads. >>The big part of the news is your relationship with Hewlett Packard Enterprises? Some exclusivity here as part of this announced, you mentioned, the relationship goes back many, many years. We've covered your relationship in the past chris also, you know, we cover HP like a blanket. Um, this is big news for h P E as >>well. >>What is the relationship talk about this? Exclusivity could you share about the partnership and the exclusivity piece? >>Well, the partnership expands into the pan HPV portfolio. We look we made a massive investment in edge IOT devices. Uh, so we actually have, how do we align the cost to the demand for our customers come to us wanting to looking at? Uh think about what we're doing with green, like a consumption based modeling, they want to be able to be able to consume the asset without having to do a capital outlay out of the gate uh, number to look at, you know, how do you deploy? Technology really demand? It depends on the scale. Right? So in a lot of your web skill, you know, scale out technologies, uh, putting them on a diet is challenging, meaning how skinny can you get it getting it down into the 50 terabyte range and then the complexities of those technologies at as you take a day one implementation and scale it out over, you know, you know, multiple iterations of recorders. The growth becomes a challenge. So, working with scalability, we we believe we've actually cracked this nut. We figured out how to a number one, how to start small but not limited customers ability to scale it out incrementally or grotesquely grotesque. A you can depending on the quarters the month, whatever whatever the workload is, how do you actually align and be able to consume it? Uh So now, whether it be on our edge line products are D. L. Products go back there. Now what the journalist talking about earlier, you know, we ship a server every few seconds. That won't be a problem. But then of course into our density optimized compute with the Apollo product. Uh This where uh our two companies have worked in an exclusivity where the, the scaly software bonds on the HP ecosystem. Uh and then we can of course provide you our customers the ability to consume that through our Green link financial models or through a complex parts of >>awesome. So jerome and chris who's the customer here? Obviously there's an exclusive period talk about the target customer. And how do customers get the product? How do we get the software? And how does this exclusivity with HP fit into it? >>Yeah. So there's really three types of customers and we really, we've worked a lot with a company called use design to optimize the user interface for each of the three types of customers. So we really thought about each uh customer role and providing with each of them the best product. Uh So the first type of customer application owners who are deploying application that requires an object storage in the back end. They typically want a simple objects to of one application. They wanted to be temple and work. I mean yesterday they want no freedom to just want an object store that works and they want to be able to start as small as they start with their application. Often it's, you know, the first department, maybe a small deployment. Um, you know, applications like backup like female rubric or uh, analytics like Stone Carver, tikka or false system now available as a software. Uh, you know, like Ceta does a really great department or nass that works very well. That means an object store in the back end of high performance computing. Wake up file system is an amazing file system. Um, we also have vertical application like broad peak, for example, who provides origin and view the software, the broadcasters. So all these applications, they request an object store in the back end and you just need a simple, high performance, working well object store and I'll discuss perfect. The second type of people that we think will be interested by artists. Uh essentially developers who are currently developing some communities of collaborative application your next year. Um and as part of their development stack, um it's getting better and better when you're developing a cloud native application to really target an object storage rather than NFS as you're persistently just, you know, think about generations of technologies and um, NFS and file system were great 25 years ago. I mean, it's an amazing technology. But now when you want to develop a distributed scalable application, objects toys a better fit because it's the same generation and so same thing. I mean, you know, developing something, they need uh an object so that they can develop on so they wanted very lightweight, but they also want the product that they're enterprise or their customers will be able to rely on for years and years on and this guy is really great for today. Um, the third type of customer are more architecture with security architects that are designing, uh, System where they're going to have 50 factories, 1000 planes, a million cars are going to have some local storage, which will they want to replicate to the core and possibly also to the club. And uh, as the design is really new generation workloads that are incredibly distributed. But with local storage, uh, these guys are really grateful for that >>and talk about the HP exclusive chris what's the, how does that fit into? They buy through sexuality. Can they get it for the HP? Are you guys working together on how customers can procure >>place? Yeah. Both ways they can procure it through security. They can secure it through HP. Uh, and it is the software stack running on our density, optimized compute platforms which you would choose online does. And to provide an enterprise quality because if it comes back to it in all of these use cases it's how do we align up into a true enterprise step? Um bringing about multi Tennessee, bringing about the fact that, you know, if you look at like a local racial coding, uh one of the things that they're bringing to it so that we can get down into the deal 3 25. So with the exclusivity, uh you actually get choice and that choice comes into our entire portfolio, whether it be the edge line platform, the D. L 3:25 a.m. B. Processing stack or the intel deal three eighties or whether whether it be the Apollo's or Alexa, there's there's so many ample choices there that facilitates this and it just allows us to align those two strategies >>awesome. And I think the kubernetes pieces really relevant because, you know, I've been interviewing folks practitioners um and kubernetes is very much maturing fast. It's definitely the centerpiece of the cloud native, both below the line, if you will under the hood for the, for the infrastructure and then for apps, um they want to program on top of it. That's critical. I mean, jeremy, this is like this is the future. >>Yeah. And if you don't mind, like to come back for a minute on the exclusive with HP. So we did a six month exclusive and the very reason we could do this is because HP has suffered such wrath of server portfolio and so we can go from, you know, really simple, very cheap, you know, HDD on the L 3 80 means a machine that retails for a few $4. I mean it's really like Temple System 50 terabyte. Uh we can have the dl 3 25. That uh piece mentioned there is really a powerhouse. All envy any uh slash uh all the storage is envy any uh very fast processors or uh you know, dance large large system like the Apollo 4500. So it's a very large breath of portfolio. We support the whole portfolio and we work together on this. So I want to say that you know, one of the reasons I want to send kudos to HP for for the breath of the silver lining rio as mentioned, um Jessica can be ordered from either company, hand in hand together. So anyway you'll see both of us uh and our field is working incredibly well together. >>We'll just on that point, I think just for clarification, uh was this co design by scalability and H P E. Because chris you mentioned, you know, the configuration of your systems. Can you guys quickly talk about the design, co design >>from from from the code base? The software entirely designed and developed by security from a testing and performance. So this really was a joint work with HP providing both hardware and manpower so that we could accelerate the testing phase. >>You know, chris H P E has just been doing such a great job of really focused on this. And you know, I've been Governor for years before it was fashionable the idea of apps working no matter where it lives. Public Cloud data center Edge, you mentioned. Edge line has been around for a while. You know, apps centric, developer friendly cloud first has been an H P E. Kind of guiding first principle for many, many years. >>But it has and you know, you know as our our ceo internal areas cited by 2022 everything will be able to be consumed as a service in our portfolio. Uh And then this stack allows us the simplicity and the consume ability of the technology and degranulation of it allows us to simplify the installation, simplify the actual deployment bringing into a cloud ecosystem. But more importantly for the end customer, they simply get an enterprise quality product running on identity optimized stack that they can consume through a orchestrated simplistic interface. That's that's cos that's what they're warning for today is where they come to me and asked hey how do I need a, I've got this new app new project and you know it goes back to who's actually coming, it's no longer the I. T. People who are actually coming to us, it's the lines of business. It's it's that entire dimension of business owners coming to us going this is my challenge and how can you HP help us And we rely on our breath of technology but also a breath of partners to come together and are of course reality is hand in hand and are collaborative business unit are collaborative storage product engineering group that actually brought this market. So we're very excited about this solution >>chris thanks for that input. Great insight, Jerome, congratulations on a great partnership with H. P. E. Obviously um great joint customer base congratulations on the product release here. Big moving the ball down the field as they say new functionality, clouds cloud native object store, phenomenal um So wrap wrap wrap up the interview. Tell us your vision for scalability in the future of storage. >>Yeah. Yeah I start I mean skeleton is going to be an amazing leader is already um but yeah so you know I have three themes that I think will govern how storage is going and obviously um Mark Andrews had said it software is everywhere and software is eating the world so definitely that's going to be true in the data center in storage in particular. Uh But the free trends that are more specific. First of all I think that security performance and agility is now basic expectation. It's not you know, it's not like an additional feature. It's just the best table, stakes, security performance and a job. Um The second thing is and we've talked about it during this conversation is edged to go you need to think your platform with Edge Co and cloud. You know you don't want to have separate systems separate design interface point for edge and then think about corn and think about clouds and then think about the divers. All this needs to be integrated in the design. And the third thing that I see as a major trend for the next 10 years is that a sovereignty uh more and more. You need to think about where is the data residing? What are the legal challenges? What is the level of protection against who are you protected? What what is your independence uh strategy? How do you keep as a company being independent from the people? You need to be independent. And I mean I say companies, but this is also true for public services. So these these for me are the three big trends. I do believe that uh software find distributed architecture are necessary for these tracks. But you also need to think about being truly enterprise grade. And there has been one of our focus with the design of a fresca. How do we combine a lot with product With all of the security requirements and that our sovereignty requirements that we expect to have in the next 10 years? >>That's awesome. Congratulations on the news scale. D Artois ca the big release with HP exclusive um, for six months, chris tucker, distinguished engineer at H P E. Great to ceo, jeremy, katz, ceo sexuality. Great to see you as well. Congratulations on the big news. I'm john for the cube. Thanks for watching. >>Mhm. >>Yeah.

(uplifting music) >> Hello and welcome to this Cube Conversation. I'm John Furrier, host of theCube here in Palo Alto, California. We've got two great remote guests to talk about some big news hitting with Scality and Hewlett Packard Enterprise. Jerome Lecat CEO of Scality and Chris Tinker, Distinguished Technologist from HPE, Hewlett Packard Enterprise, Jerome, Chris, great to see you both Cube alumnis from an original gangster days as we'd say back then when we started almost 11 years ago. Great to see you both. >> It's great to be back. >> Good to see you John. >> So, really compelling news around kind of this next generation storage cloud native solution. Okay, it's really kind of an impact on the next gen, I call next gen, dev ops meets application, modern application world and something we've been covering heavily. There's some big news here around Scality and HPE offering a pretty amazing product. You guys introduced essentially the next gen piece of it, Artesca, we'll get into in a second, but this is a game-changing announcement you guys announced, this is an evolution continuing I think is more of a revolution, but I think, you know storage is kind of abstractionally of evolution to this app centric world. So talk about this environment we're in and we'll get to the announcement, which is object store for modern workloads, but this whole shift is happening Jerome. This is a game changer to storage and customers are going to be deploying workloads. >> Yeah, Scality really, I mean, I personally really started working on Scality more than 10 years ago, close to 15 now. And if we think about it I mean the cloud has really revolutionized IT. And within the cloud, we really see layers and layers of technology. I mean, it all start at around 2006 with Amazon and Google and Facebook finding ways to do initially what was consumer IT at very large scale, very low credible reliability and then slowly creeped into the enterprise. And at the very beginning, I would say that everyone was kind of wizards trying things and really coupling technologies together. And to some degree we were some of the first wizard doing this, but we, we're now close to 15 years later and there's a lot of knowledge and a lot of experience, a lot of tools. And this is really a new generation. I'll call it cloud native, or you can call it next gen whatever, but there is now enough experience in the world, both at the development level and at the infrastructure level to deliver truly distributed automated systems that run on industry standard servers. Obviously good quality server deliver a better service than others, but there is now enough knowledge for this to truly go at scale. And call this cloud or call this cloud native. Really the core concept here is to deliver scalable IT at very low cost, very high level of reliability, all based on software. And we've, we've been participated in this motion, but we feel that now the breadth of what's coming is at the new level, and it was time for us to think, develop and launch a new product that's specifically adapted to that. And Chris, I will let you comment on this because the customers or some of them, you can add a customer, you do that. >> Well, you know, you're right. You know, I've been in the, I've been like you I've been in this industry for a, well, along time. Give a long, 20 to 21 years in HPE in engineering. And look at the actual landscape has changed with how we're doing scale-out software-defined storage for particular workloads. And we're a catalyst has evolved here is an analytics normally what was only done in the three letter acronyms and massively scale-out parallel namespace file systems, parallel file systems. The application space has encroached into the enterprise world where the enterprise world needed a way to actually take a look at how to, how do I simplify the operations? How do I actually be able to bring about an application that can run in the public cloud or on premise or hybrid, be able to actually look at a workload optimized step that aligns the actual cost to the actual analytics that I'm going to be doing the workload that I'm going to be doing and be able to bridge those gaps and be able to spin this up and simplify operations. And you know, and if you, if you are familiar with these parallel processes which by the way we actually have on our truck, I, I do engineer those, but they are, they are, they are they have their own unique challenges, but in the world of enterprise where customers are looking to simplify operations, then take advantage of new application, analytic workloads whether it be smart, Mesa, whatever it might be, right. I mean, if I want to spin up a Mongo DB or maybe maybe a, you know, last a search capability how do I actually take those technologies, embrace a modern scale-out storage stack that without without breaking the bank, but also provide a simple operations. And that's, that's why we look for object storage capabilities because it brings us this massive parallelization. Back to you John. >> Well before we get into the product. I want to just touch on one thing Jerome you mentioned, and Chris, you, you brought up the DevOps piece next gen, next level, whatever term you use. It is cloud native, cloud native has proven that DevOps infrastructure is code is not only legit. It's being operationalized in all enterprises and add security in there, you have DevSecOps, this is the reality and hybrid cloud in particular has been pretty much the consensus is that standard. So our defacto center whatever you want to call it, that's happening. Multicloud are on the horizon. So these new workloads are have these new architectural changes, cloud on premises and edge. This is the number one story. And the number one challenge all enterprises are now working on. How do I build the architecture for the cloud on premises and edge? This is forcing the DevOps team to flex and build new apps. Can you guys talk about that particular trend? And is it, and is that relevant here? >> Yeah, I, I now talk about really storage anywhere and cloud anywhere and and really the key concept is edge to go to cloud. I mean, we all understand now that the edge will host a lot of that time and the edge is many different things. I mean, it's obviously a smartphone, whatever that is, but it's also factories, it's also production. It's also, you know, moving moving machinery, trains, planes, satellites that that's all the edge, cars obviously. And a lot of that I will be both produced and process there, but from the edge who will want to be able to send the data for analysis, for backup, for logging to a call, and that call could be regional, maybe not, you know, one call for the whole planet, but maybe one corporate region the state in the U.S. And then from there you will also want to push some of the data to public cloud. One of the thing that we see more and more is that the D.R that has centered the disaster recovery is not another physical data center. It's actually the cloud, and that's a very efficient infrastructure very cost efficient, especially. So really it, it, it's changing the paradigm on how you think about storage because you really need to integrate these three layers in a consistent approach especially around the topic of security because you want the data to be secure all along the way. And data is not just data, its data, and who can access the data, who can modify the data what are the conditions that allow modification all automatically erasure of the data? In some cases, it's super important that the data automatically erased after 10 years and all this needs to be transported from edge to core to cloud. So that that's one of the aspects. Another aspects that resonates for me with what you said is a word you didn't say, but it's actually crucial this whole revolution. It's Kubernetes I mean, Kubernetes is in now a mature technology, and it's, it's just, you know the next level of automatized operation for distributed system, which we didn't have 5 or 10 years ago. And that is so powerful that it's going to allow application developers to develop much faster system that can be distributed again edge to go to cloud, because it's going to be an underlying technology that spans the three layers. >> Chris, your thoughts hybrid cloud. I've been, I've been having questions with the HPE folks for God years and years on hybrid clouds, now here. >> Right (chuckles) >> Well, you know, and, and it's exciting in a layout right, so you look at like a, whether it be enterprise virtualization, that is a scale-out general purpose virtualization workloads whether it be analytic workloads, whether it be no data protection is a paramount to all of this, orchestration is paramount. If you look at that DevSecOps, absolutely. I mean, securing the actual data the digital last set is, is absolutely paramount. And if you look at how we do this look at the investments we're making, we're making enough and look at the collaborative platform development which goes to our partnership with Scality. It is, we're providing them an integral aspect of everything we do, whether we're bringing in Ezmeral which is our software we use for orchestration look at the veneer of its control plane, controlling Kubernetes. Being able to actually control the active clusters and the actual backing store for all the analytics that we just talked about. Whether it be a web-scale app that is traditionally using a politics namespace and now been modernized and take advantage of newer technologies running an NBME burst buffers or a hundred gig networks with Slingshot network of 200 and 400 gigabit looking at how do we actually get the actual analytics, the workload to the CPU and have it attached to the data at risk. Where's the data, how do we land the data? How do we actually align, essentially locality, locality of the actual asset to the computer. And this is where, you know, we can look leverage whether it be a Zair or Google or name your favorite hybrid, hyperscaler, leverage those technologies leveraging the actual persistent store. And this is where Scality is, with this object store capability has it been an industry trendsetter, setting the actual landscape of how provide an object store on premise and hybrid cloud run it in a public cloud, but being able to facilitate data mobility and tie it back to, and tie it back to an application. And this is where a lot of things have changed in the world of analytics, because the applications that you, the newer technologies that are coming on the market have taken advantage of this particular protocol as threes. So they can do web scale massively parallel concurrent workloads. >> You know what let's get into the announcement. I love cool and relevant products. And I think this hits the mark. Scality you guys have Artesca, which is just announced. And I think it, you know, we obviously we reported on it. You guys have a lightweight true enterprise grade object store software for Kubernetes. This is the announcement, Jerome, tell us about it. What's the big deal? Cool and relevant, come on, this is cool. Right, tell us. >> I'm super excited. I'm not sure, if you can see it as well on the screen, but I'm super, super excited. You know, we, we introduced the ring 11 years ago and they says our biggest announcements for the past 11 years. So yes, do pay attention. And, you know, after, after looking at, at all these trends and understanding where we see the future going. We decided that it was time to embark (indistinct) So there's not one line of code that's the same as our previous generation product. They will both exist, they both have a space in the market. And Artesca was specifically designed for this cloud native era. And what we see is that people want something that's lightweight especially because it had to go to the edge. They still want the enterprise grid that Scality is known for. And it has to be modern. What we really mean by modern is, we see object storage now being the primary storage for many application more and more applications. And so we have to be able to deliver the performance, that primary storage expects. This idea of a Scality of serving primary storage is actually not completely new. When we launched Scality 10 years ago, the first application that we were supporting was consumer email for which we were, and we are still today, the primary storage. So we have, we know what it is to be the primary store. We know what's the level of reliability you need to hit. We know what, what latency means and latency is different from throughput, you really need to optimize both. And I think that still today we're the only object storage company that protects data from both replication and original encoding Because we understand that replication is faster, but the original encoding is more better, and more, of file where fast internet latency doesn't matter so much. So we we've been being all that experience, but really rethinking of product for that new generation that really is here now. And so where we're truly excited, I guess people a bit more about the product. It's a software, Scality is a software company and that's why we love to partner with HPE who's producing amazing servers, you know for the record and the history. The very first deployment of Scality in 2010 was on the HP servers. So this is a long love story here. And so to come back to our desk is lightweight in the sense that it's easy to use. We can start small, we can start from just one server or one VM I mean, you would start really small, but he can grow infinitely. The fact that we start small, we didn't, you know limit the technology because of that. So you can start from one to many and it's cloud native in the sense that it's completely Kubernetes compatible it's Kubernetes office traded. It will deploy on many Kubernetes distributions. We're talking obviously with Ezmeral we're also talking with zoo and with the other all those of communities distribution it will also be able to be run in the cloud. Now, I'm not sure that there will be many true production deployment of Artesca going the cloud, because you already have really good object storage by the cloud providers but when you are developing something and you want to test that, you know just doing it in the cloud is very practical. So you'll be able to deploy our Kubernetes cloud distribution, and it's more than object storage in the sense that it's application centric. A lot of our work is actually validating that our storage is fit for this single purpose application. And making sure that we understand the requirement of these application, that we can guide our customers on how to deploy. And it's really designed to be the primary storage for these new workloads. >> The big part of the news is your relationship with Hewlett Packard Enterprise is some exclusivity here as part of this and as you mentioned the relationship goes back many, many years. We've covered the, your relationship in the past. Chris also, you know, we cover HP like a blanket. This is big news for HPE as well. >> This is very big news. >> What is the relationship, talk about this exclusivity Could you share about the partnership and the exclusivity piece? >> Well, there's the partnership expands into the pan HPE portfolio. we look, we made a massive investment in edge IOT device. So we actually have how did we align the cost to the demand. Our customers come to us, wanting to looking at think about what we're doing with Greenlake, like in consumption based modeling. They want to be able to be able to consume the asset without having to do a capital outlay out of the gate. Number two, look at, you know how do you deploy technology, really demand. It depends on the scale, right? So in a lot of your web skill, you know, scale out technologies, it putting them on a diet is challenging. Meaning how skinny can you get it. Getting it down into the 50 terabyte range and then the complexities of those technologies at as you take a day one implementation and scale it out over you know, you know, multiple iterations over quarters, the growth becomes a challenge so working with Scality we, we believe we've actually cracked this nut. We figured out how to a number one, how to start small, but not limit a customer's ability to scale it out incrementally or grotesquely. You can eat depending on the quarters, the month, whatever whatever the workload is, how do you actually align and be able to consume it? So now whether it be on our Edgeline products our DL products go right there, now what that Jerome was talking about earlier you know, we, we, we ship a server every few seconds. That won't be a problem. But then of course, into our density optimized compute with the Apollo products. And this where our two companies have worked in an exclusivity where they scale the software bonds on the HP ecosystem. And then we can, of course provide you, our customers the ability to consume that through our GreenLake financial models or through a CapEx partners. >> Awesome, so Jerome and, and Chris, who's the customer here obviously, there's an exclusive period. Talk about the target customer and how the customers get the product and how they get the software. And how does this exclusivity with HP fit into it? >> Yeah, so there there's really a three types of customers and we've really, we've worked a lot with a company called UseDesign to optimize the user interface for each the types of customers. So we really thought about each customer role and providing with each of them the best product. So the, the first type of customer are application owners who are deploying an application that requires an object storage in the backend, you typically want a simple object store for one application, they want it to be simple and work. Honestly they want no thrill, just want an object store that works. And they want to be able to start as small as they start with their application. Often it's, you know, the first deployment maybe a small deployment, you know applications like a backup like VML, Rubrik, or analytics like (indistinct), file system that now, now available as a software, you know like CGI does a really great departmental NAS that works very well that needs an object store in the backend. Or for high performance computing a wake-up house system is an amazing file system. We will also have vertical application like road peak, for example, who provides origin and the view of the software broadcasters. So all these are application, they request an object store in the backend and you just need a simple high-performance working well object store and I'll discuss perfect for that. Now, the second type of people that we think will be interested by Artesca are essentially developer who are currently developing some capabilities or cloud native application, your next gen. And as part of their development stack, it's getting better and better when you're developing a cloud native application to really target an object storage rather than NFS, as you're persistent. It just, you know, think about generations of technologies and NFS and filesystem were great 25 years ago. I mean, it's an amazing technology. Now, when you want to develop a distributed scalable application object storage is a better fit because it's the same generation. And so same thing, I mean, you know, they're developing something they need an object store that they can develop on. So they want it very lightweight, but they also want the product that their enterprise or their customers will be able to rely on for years and years on. And this guy's really great fit to do that. The third type of customer are more architects, I would say are the architects that are designing a system where they are going to have 50 factories, a thousand planes, a million cars, they are going to have some local storage which will they want to replicate to the core and possibly also to the cloud. And as the design is really new generation workloads that are incredibly distributed but with local storage Artesca are really great for that. >> And tell about the HPE exclusive Chris. What's the, how does that fit in? Do they buy through Scality? Can they get it for the HP? Are you guys working together on how customers can procure it? >> Both ways, yeah both ways they can procure it through Scality. They can secure it through HPE and it's, it's it's the software stack running on our density optimized compute platforms which you would choose and align those and to provide an enterprise quality. Cause if it comes back to it in all of these use cases is how do we align up into a true enterprise stack, bringing about multitenancy bringing about the, the, the fact that you know, if you look at like a local coding one of the things that they're bringing to it, so that we can get down into the DL325. So with the exclusivity, you actually get choice. And that choice comes into our entire portfolio whether it be the Edgeline platform the DL325 AMD processing stack or the Intel 380, or whether it be the Apollos or like I said, there's, there's, there's so many ample choices there that facilitate this, and it's this allows us to align those two strategies. >> Awesome, and I think the Kubernetes piece is really relevant because, you know, I've been interviewing folks practitioners and Kubernetes is very much maturing fast. It's definitely the centerpiece of the cloud native both below the, the line, if you will below under the hood for the, for the infrastructure and then for apps, they want a program on top of it that's critical. I mean, Jerome, this is like, this is the future. >> Yeah, and if you don't mind like to come back to the myth on the exclusivity with HP. So we did a six month exclusive and the very reason we could do this is because HP has such breadth of server portfolio. And so we can go from, you know, really simple, very cheap you know, DL380, machine that we tell us for a few dollars. I mean, it's really like simple system, 50 terabyte. We can have the DL325 that Chris mentioned that is really a powerhouse all NVME, clash over storage is NVME, very fast processors you know, dense, large, large system, like the APOE 4,500. So it's a very large graph of portfolio. We support the whole portfolio and we work together on this. So I want to say that you know, one of the reason I want to send kudos to HP for the breadth of their server line really. As mentioned, Artesca can be ordered from either company. In hand-in-hand together, so anyway, you'll see both of us and our field working incredibly well together. >> Well, just on that point, I think just for clarification was this co-design by Scality and HPE, because Chris you mentioned, you know, the, the configuration of your systems. Can you guys, Chris quickly talk about the design. >> From, from, from the code base the software is entirely designed and developed by Scality, from testing and performance, so this really was a joint work with HP providing both a hardware and manpower so that we could accelerate the testing phase. >> You know, Chris HPE has just been doing such a great job of really focused on this. I know I've been covering it for years before it was fashionable. The idea of apps working no matter where it lives, public cloud, data center, edge. And you mentioned edge line's been around for awhile, you know, app centric, developer friendly, cloud first, has been an HPE kind of guiding first principle for many, many years. >> Well, it has. And, you know, as our CEO here intended, by 2022 everything will be able to be consumed as a service in our portfolio. And then this stack allows us the simplicity and the consumability of the technology and the granulation of it allows us to simplify the installation. Simplify the actual deployment bringing into a cloud ecosystem, but more importantly for the end customer. They simply get an enterprise quality product running on an optimized stack that they can consume through a orchestrated simplistic interface. That customers that's what they're wanting for today's but they come to me and ask, hey how do I need a, I've got this new app, new project. And, you know, it goes back to who's actually coming. It's no longer the IT people who are actually coming to us. It's the lines of business. It's that entire dimension of business owners coming to us, going this is my challenge. And how can you, HPE help us? And we rely on our breadth of technology, but also our breadth of partners to come together in our, of course Scality is hand in hand and our collaborative business unit our collaborative storage product engineering group that actually brought, brought this to market. So we're very excited about this solution. >> Chris, thanks for that input and great insight. Jerome, congratulations on a great partnership with HPE obviously great joint customer base. Congratulations on the product release here. Big moving the ball down the field, as they say. New functionality, clouds, cloud native object store. Phenomenal, so wrap, wrap, wrap up the interview. Tell us your vision for Scality and the future of storage. >> Yeah, I think I started in, Scality is going to be an amazing leader, it is already. But yeah, so, you know I have three things that I think will govern how storage is going. And obviously Marc Andreessen said it software is everywhere and software is eating the world. So definitely that's going to be true in the data center in storage in particular, but the three trends that are more specific are first of all, I think that security performance and agility is now basic expectation. It's, it's not, you know it's not like an additional feature. It's just the basic tables, security performance and our job. The second thing is, and we've talked about it during this conversation is edge to go. You need to think your platform with edge, core and cloud. You know, you, you don't want to have separate systems separate design interface point for edge and then think about the core and then think about cloud, and then think about the diverse power. All this needs to be integrated in a design. And the third thing that I see as a major trend for the next 10 years is data sovereignty. More and more, you need to think about where is the data residing? What are the legal challenges? What is the level of protection, against who are you protected? What is your independence strategy? How do you keep as a company being independent from the people you need to be in the band? And I mean, I say companies, but this is also true for public services. So these, these for me are the three big trends. And I do believe that software defined distributed architecture are necessary for these trends but you also need to think about being truly enterprise grade. and that has been one of our focus with design of Artesca. How do we combine a lightweight product with all of the security requirements and data sovereignty requirements that we expect to have in the next thing? >> That's awesome. Congratulations on the news Scality, Artesca. The big release with HPE exclusive for six months, Chris Tinker, Distinguished Engineer at HPE. Great to see you Jerome Lecat CEO of Scality, great to see you as well. Congratulations on the big news. I'm John Furrier from theCube. Thanks for watching. (uplifting music)

(soft music) >> From theCUBE studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is theCUBE Conversation. >> Hi, I'm Stu Miniman coming to you from our Boston area studio here for a CUBE conversation. Really like when we can dig into help some of the nonprofits in our industry, going to be talking about, training, helping other people lift up their careers. Happy to welcome to the program, first time guests, Jerome Hardaway. He's the founder of vets who code coming down from Nashville, Jerome, I seem to remember a time where I was able to travel. I did some lovely hiking even saw bear last time I was down in Nashville. Thanks so much for joining us. Roger that. Thank you, a funny story. I saw a cow on the loose while driving on the highway yesterday. So not much has changed. (Jerome laughs) Thank you guys for having me. >> Yeah, it is a little bit of strange times here in the Covert area. I live kind of suburban Massachusetts area. One of my neighbors did report a small bear in the area. I'm definitely seeing more than just the usual, what kind of wild turkeys and the like that we get up in New England, but let's talk about Vets Who Code. So, you're the founder, the name doesn't leave much up for us to guess what you do, but tell us a little bit as to the inspiration and the goals of your organization. Roger that, Vets Who Code is the first veteran founded, operated and led, a remote 501 C three that focuses on training veterans regardless where they are and modern age of technologies. Our stack right now, I would say is focused more towards front-end DevOps with a lot of serverless technologies being built-in. And that's pretty much what exactly what we do well. >> Well awesome, I had been loving digging into the serverless ecosystem the last few years. Definitely an exciting area, help us understand a little bit, who comes and joins this? What skill set do they have to have coming in? And explain a little bit the programs that they can offer that they can be part of. >> Yeah, cool. So we run Vets Who Code like a mixture between a tech company or a tech nonprofit, I guess, using those practices while also using military practices as well. And the people that come in are veterans and military spouses. And we try to use what we call a pattern matching practice, showcasing like. Hey, these are the things, he's been in military. This is how it translates to the tech side. Like, our sit reps is what you guys would call stand up. Kanban is what we would call like systems checks and frag orders, Op orders, things like that, or, our SLPs. So we turn around, we just train them, retrain them. So that way they can understand the lingo, understand how things, how you code, move and communicate and make sure that these guys and girls, they know how the work as JavaScript engineers and a serverless community. As of right now, we've helped 252 veterans in 37 States get jobs, our social economic impacts, then I think it's at 17.6 million right now. So it all from the comfort of their homes, that's like the cool and free, and those are like the coolest things that we've been able to do. >> Wow, that's fascinating. Jerome, I heard something that you've talked about, leveraging the military organizational styles. I'm just curious, there's in the coding world a lot of times we talk about Conway's law, which is that the code will end up resembling the look of the organization. And you talk about DevOps, DevOps is all about various organizations collaborating and working together. It seems a little bit different from what I would think of traditional military command and control. So is that anything you've given any thought to? Is there some of the organizational pieces that you need to talk to people about? Moving into these environments compared to what they might've had in the military. >> Negative, I think the biggest misconception that we have is that people, when you're talking about how the military moves, they're thinking of the military of yesteryear of 20, 30, 40 years ago. They're not thinking of global war on terrorism veterans and how we move and things like that. We understand distributed chains. We understand cause we call, that's what we've done at CENTAF and CENTCOM in Iraq and Afghanistan. So we honored, like we are already doing a lot of this stuff, we just naming it different. So that's part of the thing that we have as an advantage as the, cause all the people who are educators, there are veterans who learn how to code and they've been working in industry and they know. And so when they're teaching, they know the entire process that a veteran's going to go through. So that's how now we focus on things. And so the organizational structure for us first term to second term veterans is pretty normal. If you're coming out within the last, heck 10 years. (Jerome laughs) >> Yeah, absolutely. That's wonderful. And I I've had the opportunity to work with plenty of people that had come from the military. Very successful in the tech industry, definitely tend to be hard workers and engaged in what they'r doing. Curious, you talked about being able to do this remotely and then it is free. What's the impact of the current global pandemic? Everything that's happening here in 2020 been on what you're doing in your resources. >> Of the impact, unfortunately, I mean, not unfortunately, fortunately it has been nothing but positive. It's been crazy, we've gotten more applications. We have people are seeing that during, I was the crazy person in the room, when in 2014, when I was saying nonprofits should move to remote first protocols. So that way they could have greater impact for less, with less financial resources. And back then I was the, like what are you talking about? This is the way we've always done. Well now everybody was scrambling to try to figure out how to help people without being in same room with them. We were like, Oh, okay, lt's do today. So we got an influx of people applying, influx of people, sending me, trying to get into our next cohort in August. It's just, the biggest thing that has happened for Vets Who Code is yet, it's been a really positive experience for us, which is really weird to say, but I think it has, my doomsday Murphy's law style of preparing, I assume that anything that can go wrong will go wrong. So I try to prepare for that. So being open source, being serverless, being having everything in a manner to where--in case I was out of the pot, out of the situation, other people operate having this distributed teams, or there are other leaders that can take over and do things. It's all stuff that, I guess I got from the military. So, we were know we were prepared because there was absolutely zero pivot for us. If anything, it has been more resources. We've been able to dive deeper in more subjects because people have had more time, but, we can do, we can dive deeper into AWS. We started a lunch and learn every two weeks. We actually have a lunch and learn next week with Dr. Lee Johnson. And she's going to be talking, we open that to it by all juniors and entry level devs, developers, regardless of whether you're a veteran or not, we just throw it on Twitter and let them get in. And the focus will be on tech ethics. We all know, right now we've been leading the charge on trying to make sure people are supercharging their skills during this time frame. So that's what, it's been very positive. I've been working with magazine, front-end masters. It's been awesome. >> Well, that's wonderful. Wish everyone had the mindset coming into 2020, because it does seem that anything that could go wrong has, (both laugh) I'm curious, once people have skilled up and they've gone through the program, what connections do you have with industry? How do you help with job placement in that sort of activity? >> That is the most asked question, because that is the thing that people expect because of code schools, because of our educational program protocols. We don't really need that issue because our veterans are skilled enough to where to hiring managers know the quality that we produce. I live in Nashville and I've only been able to place one veteran that I've trained locally in the community because of fame companies have snatched up every other veteran I've ever trained in the community, so things like that, it's not a problem because no, a usually 80% of our veterans have jobs before they even graduate. So you're literally picking up, picking people who, they know they have the potential to get a bit companies if they put the work in and it's just as they come, we actually have people. I think a company reached out to me yesterday and I was like, I don't even have people for you. They already have jobs. (jerome laughs) Or I'm in a situation now where all my senior devs are looking for fame companies. Cause that's one of the things we do is that we support our veterans from reentry to retirement. So we're not like other code schools where they only focus on that 30 to 60 to 90 days, so that first job, our veterans, they keep coming back to re-skill, get more skills, come up to the lunch and learns, come to our Slack side chats to become better programmers. And once they're, so we've helped several of our programmers go from entry-level dev to senior dev, from absolutely zero experience. And so, I think that's the most rewarding thing. When you see a person who they came in knowing nothing. And three years later, like after the cohort safe they got their job and then they come back after they got the jobs, they want to get more skills and they get another job and then they come back. And the next thing, my favorite, one of my favorites Schuster, he starts at a local web shop, a web dev shop in Savannah, Georgia. And then next thing, oh, he's on Amazon, he's at Amazon three years later and you're like, Oh wow, we did that, that's awesome. So that's the path that we do is awesome. >> I'm curious, are there certain skill sets that you see in more need than other? And I'm also curious, do you recommend, or do you help people along with certain certifications? Thinking, the cloud certifications definitely have been on the rise, the last couple years. >> I feel like the cloud, the cloud certifications have been on the rise because it's expensive to like test for that stuff. If a person messes up, unless you have a very dedicated environment to where they can't mess up, they can cost you a lot of money, right? So you want that certain, right? But for us, it's been, we just focused on what we like to call front-end DevOps. We focus on Jamstack, which is JavaScript, APIs and markup, also along with a lot of serverless. So we're using AWS, we're using, also they're, they're learning Lambda functions, all this stuff. We're using a query language called GraphQL. We're using Apollo with that query language. We're using some node, React, GET, Speed. And a lot of third party API has to do like a lot of heavy lifting cause we believe that the deeper dive that a person has in a language and being able to manipulate and utilize APIs that they can, the better they will be, Right? So, same way that colleges do it, but a more modern take like colleges, they give you the most painful language to learn, which is usually like C right? Where you had to make everything a very low-level language. And then you're going through this process of building. And because of that, other languages are easier because you felt the pain points. We do the same thing, but with JavaScript, because it's the most accessible, painful language on earth, that's what I called it with Wire magazine last year anyway. (jerome laughs) >> So Jerome, you've laid out how you you're well organized. You're lean and financially, making sure that things are done responsibly. We want to give you the opportunity though. What's the call to action? Vets Who Code, you're looking for more people to participate. Is it sponsorships? Work in the community, look to engage. >> Roger that, we are looking for two things. One, we're always looking for people to help support us. We're open source, we're on GitHub sponsors. Like the people who we we're up, we're open source. But the people that do most of our tickets are the students themselves. So that's one of the best things about us. there is no better move, feeling that having something in production that works, right? It actually does something right? Like, Oh, this actually helps people, right? So we help have our veterans like actually pull tickets and do things like that. But, we also, we build, we're building out teams that they're on all the time as well. We have our new tutorials team or veterans. They literally built front facing tutorials for people on the outside. So that way they can learn little skills as we also have podcasts team and they're always podcasting, always interviewing people that in community, from our mentors to our students, to our alumni. And so just, let's throw our podcasts on Spotify. Let's do some codes, the best Code podcast and sponsor song get up. >> Wonderful, Jerome. We want to give you the final word. you're very passionate. You've got a lot interested, loved hearing about some of the skill sets that you're helping others with. What's exciting you these days? What kind of things are you digging into, beyond Vets Who Code? >> Oh man, everything serverless dude. As a front-end, as a person who was full stack and move to front-end. This has never been a more exciting time to learn how to code because there's so many serverless technologies and is leveling the playing field for front-end engineers, just knowing a little bit of like server-side code and having DevOp skills and being able to work in a CLI, you can do like Jamstack and the people that are using it. You have Nike, you have governments. It's just, it's such an exciting time to be a front-end. So I'm just like, and just seeing also how people are like really turning towards wanting their data more open source. So that's another thing that's really exciting for me. I've never been a person that was very highbrow when it came to talking about code. I felt like that was kind of boring, but seeing how, when it comes to like how code is actually helping normal, average everyday people and how the culture as a whole is starting to get more hip to how, API is like our running the world and how tech is being leveraged for. And it gets them, I'm on fire with these conversations, so I try to contain it cause I don't want to scare anyone on TV, but we could talk like, we could talk hours of that stuff. Love it. >> Well, Jerome, thank you so much for sharing with our community, everything you're doing and wonderful activity Vets Who Code, definitely call out to the community, make sure check it out, support it. If you can and tie so much in Jerome, I've got a regular series I do called Cloud Native Insights that are poking at some of those areas that you were talking about serverless and some of the emerging areas. So Jerome, thanks so much for joining, pleasure having you on the program. >> Roger that, thank you for having me. >> All right. Be sure to check out thecube.net for all of the videos that we have as well as Siliconangle.com for the news an6d the writeups, what we do. I'm Stu Miniman and thank you for watching theCUBE. (soft music)

>>The cybersecurity landscape continues to be one characterized by a series of point tools designed to do a very specific job, often pretty well, but the mosaic of tooling is grown over the years causing complexity in driving up costs and increasing exposures. So the game of Whackamole continues. Moreover, the way organizations approach security is changing quite dramatically. The cloud, while offering so many advantages, has also created new complexities. The shared responsibility model redefines what the cloud provider secures, for example, the S three bucket and what the customer is responsible for, eg properly configuring the bucket. You know, this is all well and good, but because virtually no organization of any size can go all in on a single cloud, that shared responsibility model now spans multiple clouds and with different protocols. Now, that of course includes on-prem and edge deployments, making things even more complex. Moreover, the DevOps team is being asked to be the point of execution to implement many aspects of an organization's security strategy. >>This extends to securing the runtime, the platform, and even now containers, which can end up anywhere. There's a real need for consolidation in the security industry, and that's part of the answer. We've seen this both in terms of mergers and acquisitions as well as platform plays that cover more and more ground. But the diversity of alternatives and infrastructure implementations continues to boggle the mind with more and more entry points for the attackers. This includes sophisticated supply chain attacks that make it even more difficult to understand how to secure components of a system and how secure those components actually are. The number one challenge CISOs face in today's complex world is lack of talent to address these challenges, and I'm not saying that SecOps pros are now talented. They are. There just aren't enough of them to go around, and the adversary is also talented and very creative, and there are more and more of them every day. >>Now, one of the very important roles that a technology vendor can play is to take mundane infrastructure security tasks off the plates of SEC off teams. Specifically, we're talking about shifting much of the heavy lifting around securing servers, storage, networking, and other infrastructure and their components onto the technology vendor via r and d and other best practices like supply chain management. And that's what we're here to talk about. Welcome to the second part in our series, A Blueprint for Trusted Infrastructure Made Possible by Dell Technologies and produced by the Cube. My name is Dave Ante, and I'm your host now. Previously, we looked at what trusted infrastructure means >>And the role that storage and data protection play in the equation. In this part two of the series, we explore the changing nature of technology infrastructure, how the industry generally in Dell specifically, are adapting to these changes and what is being done to proactively address threats that are increasingly stressing security teams. Now today, we continue the discussion and look more deeply into servers networking and hyper-converged infrastructure to better understand the critical aspects of how one company Dell is securing these elements so that devs SEC op teams can focus on the myriad new attack vectors and challenges that they faced. First up is Deepak rang Garage Power Edge security product manager at Dell Technologies, and after that we're gonna bring on Mahesh Naar oim, who was a consultant in the networking product management area at Dell. And finally, we're closed with Jerome West, who is the product management security lead for HCI hyperconverged infrastructure and converged infrastructure at Dell. Thanks for joining us today. We're thrilled to have you here and hope you enjoy the program.

>>The cybersecurity landscape continues to be one characterized by a series of point tools designed to do a very specific job, often pretty well, but the mosaic of tooling is grown over the years causing complexity in driving up costs and increasing exposures. So the game of Whackamole continues. Moreover, the way organizations approach security is changing quite dramatically. The cloud, while offering so many advantages, has also created new complexities. The shared responsibility model redefines what the cloud provider secures, for example, the S three bucket and what the customer is responsible for eg properly configuring the bucket. You know, this is all well and good, but because virtually no organization of any size can go all in on a single cloud, that shared responsibility model now spans multiple clouds and with different protocols. Now that of course includes on-prem and edge deployments, making things even more complex. Moreover, the DevOps team is being asked to be the point of execution to implement many aspects of an organization's security strategy. >>This extends to securing the runtime, the platform, and even now containers which can end up anywhere. There's a real need for consolidation in the security industry, and that's part of the answer. We've seen this both in terms of mergers and acquisitions as well as platform plays that cover more and more ground. But the diversity of alternatives and infrastructure implementations continues to boggle the mind with more and more entry points for the attackers. This includes sophisticated supply chain attacks that make it even more difficult to understand how to secure components of a system and how secure those components actually are. The number one challenge CISOs face in today's complex world is lack of talent to address these challenges. And I'm not saying that SecOps pros are not talented. They are. There just aren't enough of them to go around and the adversary is also talented and very creative and there are more and more of them every day. >>Now, one of the very important roles that a technology vendor can play is to take mundane infrastructure security tasks off the plates of SEC off teams. Specifically we're talking about shifting much of the heavy lifting around securing servers, storage, networking, and other infrastructure and their components onto the technology vendor via r and d and other best practices like supply chain management. And that's what we're here to talk about. Welcome to the second part in our series, A Blueprint for Trusted Infrastructure Made Possible by Dell Technologies and produced by the Cube. My name is Dave Ante and I'm your host now. Previously we looked at what trusted infrastructure means and the role that storage and data protection play in the equation. In this part two of the series, we explore the changing nature of technology infrastructure, how the industry generally in Dell specifically, are adapting to these changes and what is being done to proactively address threats that are increasingly stressing security teams. >>Now today, we continue the discussion and look more deeply into servers networking and hyper-converged infrastructure to better understand the critical aspects of how one company Dell is securing these elements so that dev sec op teams can focus on the myriad new attack vectors and challenges that they faced. First up is Deepak rang Garage Power Edge security product manager at Dell Technologies. And after that we're gonna bring on Mahesh Nagar oim, who was consultant in the networking product management area at Dell. And finally, we're close with Jerome West, who is the product management security lead for HCI hyperconverged infrastructure and converged infrastructure at Dell. Thanks for joining us today. We're thrilled to have you here and hope you enjoy the program. Deepak Arage shoes powered security product manager at Dell Technologies. Deepak, great to have you on the program. Thank you. >>Thank you for having me. >>So we're going through the infrastructure stack and in part one of this series we looked at the landscape overall and how cyber has changed and specifically how Dell thinks about data protection in, in security in a manner that both secures infrastructure and minimizes organizational friction. We also hit on the storage part of the portfolio. So now we want to dig into servers. So my first question is, what are the critical aspects of securing server infrastructure that our audience should be aware of? >>Sure. So if you look at compute in general, right, it has rapidly evolved over the past couple of years, especially with trends toward software defined data centers and with also organizations having to deal with hybrid environments where they have private clouds, public cloud locations, remote offices, and also remote workers. So on top of this, there's also an increase in the complexity of the supply chain itself, right? There are companies who are dealing with hundreds of suppliers as part of their supply chain. So all of this complexity provides a lot of opportunity for attackers because it's expanding the threat surface of what can be attacked, and attacks are becoming more frequent, more severe and more sophisticated. And this has also triggered around in the regulatory and mandates around the security needs. >>And these regulations are not just in the government sector, right? So it extends to critical infrastructure and eventually it also get into the private sector. In addition to this, organizations are also looking at their own internal compliance mandates. And this could be based on the industry in which they're operating in, or it could be their own security postures. And this is the landscape in which servers they're operating today. And given that servers are the foundational blocks of the data center, it becomes extremely important to protect them. And given how complex the modern server platforms are, it's also extremely difficult and it takes a lot of effort. And this means protecting everything from the supply chain to the manufacturing and then eventually the assuring the hardware and software integrity of the platforms and also the operations. And there are very few companies that go to the lens that Dell does in order to secure the server. We truly believe in the notion and the security mentality that, you know, security should enable our customers to go focus on their business and proactively innovate on their business and it should not be a burden to them. And we heavily invest to make that possible for our customers. >>So this is really important because the premise that I set up at the beginning of this was really that I, as of security pro, I'm not a security pro, but if I were, I wouldn't want to be doing all this infrastructure stuff because I now have all these new things I gotta deal with. I want a company like Dell who has the resources to build that security in to deal with the supply chain to ensure the providence, et cetera. So I'm glad you you, you hit on that, but so given what you just said, what does cybersecurity resilience mean from a server perspective? For example, are there specific principles that Dell adheres to that are non-negotiable? Let's say, how does Dell ensure that its customers can trust your server infrastructure? >>Yeah, like when, when it comes to security at Dell, right? It's ingrained in our product, so that's the best way to put it. And security is nonnegotiable, right? It's never an afterthought where we come up with a design and then later on figure out how to go make it secure, right? Our security development life cycle, the products are being designed to counter these threats right from the big. And in addition to that, we are also testing and evaluating these products continuously to identify vulnerabilities. We also have external third party audits which supplement this process. And in addition to this, Dell makes the commitment that we will rapidly respond to any mitigations and vulnerability, any vulnerabilities and exposures found out in the field and provide mitigations and patches for in attacking manner. So this security principle is also built into our server life cycle, right? Every phase of it. >>So we want our products to provide cutting edge capabilities when it comes to security. So as part of that, we are constantly evaluating what our security model is done. We are building on it and continuously improving it. So till a few years ago, our model was primarily based on the N framework of protect, detect and rigor. And it's still aligns really well to that framework, but over the past couple of years we have seen how computers evolved, how the threads have evolved, and we have also seen the regulatory trends and we recognize the fact that the best security strategy for the modern world is a zero trust approach. And so now when we are building our infrastructure and tools and offerings for customers, first and foremost, they're cyber resilient, right? What we mean by that is they're capable of anticipating threats, withstanding attacks and rapidly recurring from attacks and also adapting to the adverse conditions in which they're deployed. The process of designing these capabilities and identifying these capabilities however, is done through the zero press framework. And that's very important because now we are also anticipating how our customers will end up using these capabilities at there and to enable their own zero trust IT environments and IT zero trusts deployments. We have completely adapted our security approach to make it easier for customers to work with us no matter where they are in their journey towards zero trust option. >>So thank you for that. You mentioned the, this framework, you talked about zero trust. When I think about n I think as well about layered approaches. And when I think about zero trust, I think about if you, if you don't have access to it, you're not getting access, you've gotta earn that, that access and you've got layers and then you still assume that bad guys are gonna get in. So you've gotta detect that and you've gotta response. So server infrastructure security is so fundamental. So my question is, what is Dell providing specifically to, for example, detect anomalies and breaches from unauthorized activity? How do you enable fast and easy or facile recovery from malicious incidents? >>Right? What is that is exactly right, right? Breachers are bound to happen. And given how complex our current environment is, it's extremely distributed and extremely connected, right? Data and users are no longer contained with an offices where we can set up a perimeter firewall and say, Yeah, everything within that is good. We can trust everything within it. That's no longer true. The best approach to protect data and infrastructure in the current world is to use a zero trust approach, which uses the principles. Nothing is ever trusted, right? Nothing is trusted implicitly. You're constantly verifying every single user, every single device, and every single access in your system at every single level of your ID environment. And this is the principles that we use on power Edge, right? But with an increased focus on providing granular controls and checks based on the principles of these privileged access. >>So the idea is that service first and foremost need to make sure that the threats never enter and they're rejected at the point of entry. But we recognize breaches are going to occur and if they do, they need to be minimized such that the sphere of damage cost by attacker is minimized. So they're not able to move from one part of the network to something else laterally or escalate their privileges and cause more damage, right? So the impact radius for instance, has to be radius. And this is done through features like automated detection capabilities and automation, automated remediation capabilities. So some examples are as part of our end to end boot resilience process, we have what they call a system lockdown, right? We can lock down the configuration of the system and lock on the form versions and all changes to the system. And we have capabilities which automatically detect any drift from that lockdown configuration and we can figure out if the drift was caused to authorized changes or unauthorized changes. >>And if it is an unauthorize change can log it, generate security alerts, and we even have capabilities to automatically roll the firm where, and always versions back to a known good version and also the configurations, right? And this becomes extremely important because as part of zero trust, we need to respond to these things at machine speed and we cannot do it at a human speed. And having these automated capabilities is a big deal when achieving that zero trust strategy. And in addition to this, we also have chassis inclusion detection where if the chassis, the box, the several box is opened up, it logs alerts, and you can figure out even later if there's an AC power cycle, you can go look at the logs to see that the box is opened up and figure out if there was a, like a known authorized access or some malicious actor opening and chain something in your system. >>Great, thank you for that lot. Lot of detail and and appreciate that. I want to go somewhere else now cuz Dell has a renowned supply chain reputation. So what about securing the, the supply chain and the server bill of materials? What does Dell specifically do to track the providence of components it uses in its systems so that when the systems arrive, a customer can be a hundred percent certain that that system hasn't been compromised, >>Right? And we've talked about how complex the modern supply chain is, right? And that's no different for service. We have hundreds of confidence on the server and a lot of these form where in order to be configured and run and this former competence could be coming from third parties suppliers. So now the complexity that we are dealing with like was the end to end approach. And that's where Dell pays a lot of attention into assuring the security approach approaching. And it starts all the way from sourcing competence, right? And then through the design and then even the manufacturing process where we are wetting the personnel leather factories and wetting the factories itself. And the factories also have physical controls, physical security controls built into them and even shipping, right? We have GPS tagging of packages. So all of this is built to ensure supply chain security. >>But a critical aspect of this is also making sure that the systems which are built in the factories are delivered to the customers without any changes or any tapper. And we have a feature called the secure component verification, which is capable of doing this. What the feature does this, when the system gets built in a factory, it generates an inventory of all the competence in the system and it creates a cryptographic certificate based on the signatures presented to this by the competence. And this certificate is stored separately and sent to the customers separately from the system itself. So once the customers receive the system at their end, they can run out to, it generates an inventory of the competence on the system at their end and then compare it to the golden certificate to make sure nothing was changed. And if any changes are detected, we can figure out if there's an authorized change or unauthorize change. >>Again, authorized changes could be like, you know, upgrades to the drives or memory and ized changes could be any sort of temper. So that's the supply chain aspect of it. And bill of metal use is also an important aspect to galing security, right? And we provide a software bill of materials, which is basically a list of ingredients of all the software pieces in the platform. So what it allows our customers to do is quickly take a look at all the different pieces and compare it to the vulnerability database and see if any of the vulner, which have been discovered out in the wild affected platform. So that's a quick way of figuring out if the platform has any known vulnerabilities and it has not been patched. >>Excellent. That's really good. My last question is, I wonder if you, you know, give us the sort of summary from your perspective, what are the key strengths of Dell server portfolio from a security standpoint? I'm really interested in, you know, the uniqueness and the strong suit that Dell brings to the table, >>Right? Yeah. We have talked enough about the complexity of the environment and how zero risk is necessary for the modern ID environment, right? And this is integral to Dell powered service. And as part of that like you know, security starts with the supply chain. We already talked about the second component verification, which is a beneath feature that Dell platforms have. And on top of it we also have a silicon place platform mode of trust. So this is a key which is programmed into the silicon on the black service during manufacturing and can never be changed after. And this immutable key is what forms the anchor for creating the chain of trust that is used to verify everything in the platform from the hardware and software integrity to the boot, all pieces of it, right? In addition to that, we also have a host of data protection features. >>Whether it is protecting data at risk in news or inflight, we have self encrypting drives, which provides scalable and flexible encryption options. And this couple with external key management provides really good protection for your data address. External key management is important because you know, somebody could physically steam the server, walk away, but then the keys are not stored on the server, it stood separately. So that provides your action layer of security. And we also have dual layer encryption where you can compliment the hardware encryption on the secure encrypted drives with software level encryption. Inion to this we have identity and access management features like multifactor authentication, single sign on roles, scope and time based access controls, all of which are critical to enable that granular control and checks for zero trust approach. So I would say like, you know, if you look at the Dell feature set, it's pretty comprehensive and we also have the flexibility built in to meet the needs of all customers no matter where they fall in the spectrum of, you know, risk tolerance and security sensitivity. And we also have the capabilities to meet all the regulatory requirements and compliance requirements. So in a nutshell, I would say that, you know, Dell Power Service cyber resident infrastructure helps accelerate zero tested option for customers. >>Got it. So you've really thought this through all the various things that that you would do to sort of make sure that your server infrastructure is secure, not compromised, that your supply chain is secure so that your customers can focus on some of the other things that they have to worry about, which are numerous. Thanks Deepak, appreciate you coming on the cube and participating in the program. >>Thank you for having >>You're welcome. In a moment I'll be back to dig into the networking portion of the infrastructure. Stay with us for more coverage of a blueprint for trusted infrastructure and collaboration with Dell Technologies on the cube. Your leader in enterprise and emerging tech coverage.

>>The cybersecurity landscape continues to be one characterized by a series of point tools designed to do a very specific job, often pretty well, but the mosaic of tooling is grown over the years causing complexity in driving up costs and increasing exposures. So the game of Whackamole continues. Moreover, the way organizations approach security is changing quite dramatically. The cloud, while offering so many advantages, has also created new complexities. The shared responsibility model redefines what the cloud provider secures, for example, the S three bucket and what the customer is responsible for eg properly configuring the bucket. You know, this is all well and good, but because virtually no organization of any size can go all in on a single cloud, that shared responsibility model now spans multiple clouds and with different protocols. Now that of course includes on-prem and edge deployments, making things even more complex. Moreover, the DevOps team is being asked to be the point of execution to implement many aspects of an organization's security strategy. >>This extends to securing the runtime, the platform, and even now containers which can end up anywhere. There's a real need for consolidation in the security industry, and that's part of the answer. We've seen this both in terms of mergers and acquisitions as well as platform plays that cover more and more ground. But the diversity of alternatives and infrastructure implementations continues to boggle the mind with more and more entry points for the attackers. This includes sophisticated supply chain attacks that make it even more difficult to understand how to secure components of a system and how secure those components actually are. The number one challenge CISOs face in today's complex world is lack of talent to address these challenges. And I'm not saying that SecOps pros are not talented, They are. There just aren't enough of them to go around and the adversary is also talented and very creative, and there are more and more of them every day. >>Now, one of the very important roles that a technology vendor can play is to take mundane infrastructure security tasks off the plates of SEC off teams. Specifically we're talking about shifting much of the heavy lifting around securing servers, storage, networking, and other infrastructure and their components onto the technology vendor via r and d and other best practices like supply chain management. And that's what we're here to talk about. Welcome to the second part in our series, A Blueprint for Trusted Infrastructure Made Possible by Dell Technologies and produced by the Cube. My name is Dave Ante and I'm your host now. Previously we looked at what trusted infrastructure means and the role that storage and data protection play in the equation. In this part two of the series, we explore the changing nature of technology infrastructure, how the industry generally in Dell specifically, are adapting to these changes and what is being done to proactively address threats that are increasingly stressing security teams. >>Now today, we continue the discussion and look more deeply into servers networking and hyper-converged infrastructure to better understand the critical aspects of how one company Dell is securing these elements so that dev sec op teams can focus on the myriad new attack vectors and challenges that they faced. First up is Deepak rang Garage Power Edge security product manager at Dell Technologies. And after that we're gonna bring on Mahesh Nagar oim, who was consultant in the networking product management area at Dell. And finally, we're close with Jerome West, who is the product management security lead for HCI hyperconverged infrastructure and converged infrastructure at Dell. Thanks for joining us today. We're thrilled to have you here and hope you enjoy the program. Deepak Arage shoes powered security product manager at Dell Technologies. Deepak, great to have you on the program. Thank you. >>Thank you for having me. >>So we're going through the infrastructure stack and in part one of this series we looked at the landscape overall and how cyber has changed and specifically how Dell thinks about data protection in, in security in a manner that both secures infrastructure and minimizes organizational friction. We also hit on the storage part of the portfolio. So now we want to dig into servers. So my first question is, what are the critical aspects of securing server infrastructure that our audience should be aware of? >>Sure. So if you look at compute in general, right, it has rapidly evolved over the past couple of years, especially with trends toward software defined data centers and with also organizations having to deal with hybrid environments where they have private clouds, public cloud locations, remote offices, and also remote workers. So on top of this, there's also an increase in the complexity of the supply chain itself, right? There are companies who are dealing with hundreds of suppliers as part of their supply chain. So all of this complexity provides a lot of opportunity for attackers because it's expanding the threat surface of what can be attacked, and attacks are becoming more frequent, more severe and more sophisticated. And this has also triggered around in the regulatory and mandates around the security needs. >>And these regulations are not just in the government sector, right? So it extends to critical infrastructure and eventually it also get into the private sector. In addition to this, organizations are also looking at their own internal compliance mandates. And this could be based on the industry in which they're operating in, or it could be their own security postures. And this is the landscape in which servers they're operating today. And given that servers are the foundational blocks of the data center, it becomes extremely important to protect them. And given how complex the modern server platforms are, it's also extremely difficult and it takes a lot of effort. And this means protecting everything from the supply chain to the manufacturing and then eventually the assuring the hardware and software integrity of the platforms and also the operations. And there are very few companies that go to the lens that Dell does in order to secure the server. We truly believe in the notion and the security mentality that, you know, security should enable our customers to go focus on their business and proactively innovate on their business and it should not be a burden to them. And we heavily invest to make that possible for our customers. >>So this is really important because the premise that I set up at the beginning of this was really that I, as of security pro, I'm not a security pro, but if I were, I wouldn't want to be doing all this infrastructure stuff because I now have all these new things I gotta deal with. I want a company like Dell who has the resources to build that security in to deal with the supply chain to ensure the providence, et cetera. So I'm glad you you, you hit on that, but so given what you just said, what does cybersecurity resilience mean from a server perspective? For example, are there specific principles that Dell adheres to that are non-negotiable? Let's say, how does Dell ensure that its customers can trust your server infrastructure? >>Yeah, like when, when it comes to security at Dell, right? It's ingrained in our product, so that's the best way to put it. And security is nonnegotiable, right? It's never an afterthought where we come up with a design and then later on figure out how to go make it secure, right? Our security development life cycle, the products are being designed to counter these threats right from the big. And in addition to that, we are also testing and evaluating these products continuously to identify vulnerabilities. We also have external third party audits which supplement this process. And in addition to this, Dell makes the commitment that we will rapidly respond to any mitigations and vulnerability, any vulnerabilities and exposures found out in the field and provide mitigations and patches for in attacking manner. So this security principle is also built into our server life cycle, right? Every phase of it. >>So we want our products to provide cutting edge capabilities when it comes to security. So as part of that, we are constantly evaluating what our security model is done. We are building on it and continuously improving it. So till a few years ago, our model was primarily based on the N framework of protect, detect and rigor. And it's still aligns really well to that framework, but over the past couple of years, we have seen how computers evolved, how the threads have evolved, and we have also seen the regulatory trends and we recognize the fact that the best security strategy for the modern world is a zero trust approach. And so now when we are building our infrastructure and tools and offerings for customers, first and foremost, they're cyber resilient, right? What we mean by that is they're capable of anticipating threats, withstanding attacks and rapidly recurring from attacks and also adapting to the adverse conditions in which they're deployed. The process of designing these capabilities and identifying these capabilities however, is done through the zero press framework. And that's very important because now we are also anticipating how our customers will end up using these capabilities at there and to enable their own zero trust IT environments and IT zero trusts deployments. We have completely adapted our security approach to make it easier for customers to work with us no matter where they are in their journey towards zero trust option. >>So thank you for that. You mentioned the, this framework, you talked about zero trust. When I think about n I think as well about layered approaches. And when I think about zero trust, I think about if you, if you don't have access to it, you're not getting access, you've gotta earn that, that access and you've got layers and then you still assume that bad guys are gonna get in. So you've gotta detect that and you've gotta response. So server infrastructure security is so fundamental. So my question is, what is Dell providing specifically to, for example, detect anomalies and breaches from unauthorized activity? How do you enable fast and easy or facile recovery from malicious incidents, >>Right? What is that is exactly right, right? Breachers are bound to happen and given how complex our current environment is, it's extremely distributed and extremely connected, right? Data and users are no longer contained with an offices where we can set up a perimeter firewall and say, Yeah, everything within that is good. We can trust everything within it. That's no longer true. The best approach to protect data and infrastructure in the current world is to use a zero trust approach, which uses the principles. Nothing is ever trusted, right? Nothing is trusted implicitly. You're constantly verifying every single user, every single device, and every single access in your system at every single level of your ID environment. And this is the principles that we use on power Edge, right? But with an increased focus on providing granular controls and checks based on the principles of these privileged access. >>So the idea is that service first and foremost need to make sure that the threats never enter and they're rejected at the point of entry, but we recognize breaches are going to occur and if they do, they need to be minimized such that the sphere of damage cost by attacker is minimized so they're not able to move from one part of the network to something else laterally or escalate their privileges and cause more damage, right? So the impact radius for instance, has to be radius. And this is done through features like automated detection capabilities and automation, automated remediation capabilities. So some examples are as part of our end to end boot resilience process, we have what they call a system lockdown, right? We can lock down the configuration of the system and lock on the form versions and all changes to the system. And we have capabilities which automatically detect any drift from that lockdown configuration and we can figure out if the drift was caused to authorized changes or unauthorized changes. >>And if it is an unauthorize change can log it, generate security alerts, and we even have capabilities to automatically roll the firm where, and always versions back to a known good version and also the configurations, right? And this becomes extremely important because as part of zero trust, we need to respond to these things at machine speed and we cannot do it at a human speed. And having these automated capabilities is a big deal when achieving that zero trust strategy. And in addition to this, we also have chassis inclusion detection where if the chassis, the box, the several box is opened up, it logs alerts, and you can figure out even later if there's an AC power cycle, you can go look at the logs to see that the box is opened up and figure out if there was a, like a known authorized access or some malicious actor opening and chain something in your system. >>Great, thank you for that lot. Lot of detail and and appreciate that. I want to go somewhere else now cuz Dell has a renowned supply chain reputation. So what about securing the, the supply chain and the server bill of materials? What does Dell specifically do to track the providence of components it uses in its systems so that when the systems arrive, a customer can be a hundred percent certain that that system hasn't been compromised, >>Right? And we've talked about how complex the modern supply chain is, right? And that's no different for service. We have hundreds of confidence on the server and a lot of these form where in order to be configured and run and this former competence could be coming from third parties suppliers. So now the complexity that we are dealing with like was the end to end approach and that's where Dell pays a lot of attention into assuring the security approach approaching and it starts all the way from sourcing competence, right? And then through the design and then even the manufacturing process where we are wetting the personnel leather factories and wetting the factories itself. And the factories also have physical controls, physical security controls built into them and even shipping, right? We have GPS tagging of packages. So all of this is built to ensure supply chain security. >>But a critical aspect of this is also making sure that the systems which are built in the factories are delivered to the customers without any changes or any tapper. And we have a feature called the secure component verification, which is capable of doing this. What the feature does this, when the system gets built in a factory, it generates an inventory of all the competence in the system and it creates a cryptographic certificate based on the signatures presented to this by the competence. And this certificate is stored separately and sent to the customers separately from the system itself. So once the customers receive the system at their end, they can run out to, it generates an inventory of the competence on the system at their end and then compare it to the golden certificate to make sure nothing was changed. And if any changes are detected, we can figure out if there's an authorized change or unauthorize change. >>Again, authorized changes could be like, you know, upgrades to the drives or memory and ized changes could be any sort of temper. So that's the supply chain aspect of it and bill of metal use is also an important aspect to galing security, right? And we provide a software bill of materials, which is basically a list of ingredients of all the software pieces in the platform. So what it allows our customers to do is quickly take a look at all the different pieces and compare it to the vulnerability database and see if any of the vulner which have been discovered out in the wild affected platform. So that's a quick way of figuring out if the platform has any known vulnerabilities and it has not been patched. >>Excellent. That's really good. My last question is, I wonder if you, you know, give us the sort of summary from your perspective, what are the key strengths of Dell server portfolio from a security standpoint? I'm really interested in, you know, the uniqueness and the strong suit that Dell brings to the table, >>Right? Yeah. We have talked enough about the complexity of the environment and how zero risk is necessary for the modern ID environment, right? And this is integral to Dell powered service. And as part of that like you know, security starts with the supply chain. We already talked about the second component verification, which is a beneath feature that Dell platforms have. And on top of it we also have a silicon place platform mode of trust. So this is a key which is programmed into the silicon on the black service during manufacturing and can never be changed after. And this immutable key is what forms the anchor for creating the chain of trust that is used to verify everything in the platform from the hardware and software integrity to the boot, all pieces of it, right? In addition to that, we also have a host of data protection features. >>Whether it is protecting data at risk in news or inflight, we have self encrypting drives which provides scalable and flexible encryption options. And this couple with external key management provides really good protection for your data address. External key management is important because you know, somebody could physically steam the server walk away, but then the keys are not stored on the server, it stood separately. So that provides your action layer of security. And we also have dual layer encryption where you can compliment the hardware encryption on the secure encrypted drives with software level encryption. Inion to this we have identity and access management features like multifactor authentication, single sign on roles, scope and time based access controls, all of which are critical to enable that granular control and checks for zero trust approach. So I would say like, you know, if you look at the Dell feature set, it's pretty comprehensive and we also have the flexibility built in to meet the needs of all customers no matter where they fall in the spectrum of, you know, risk tolerance and security sensitivity. And we also have the capabilities to meet all the regulatory requirements and compliance requirements. So in a nutshell, I would say that you know, Dell Power Service cyber resident infrastructure helps accelerate zero tested option for customers. >>Got it. So you've really thought this through all the various things that that you would do to sort of make sure that your server infrastructure is secure, not compromised, that your supply chain is secure so that your customers can focus on some of the other things that they have to worry about, which are numerous. Thanks Deepak, appreciate you coming on the cube and participating in the program. >>Thank you for having >>You're welcome. In a moment I'll be back to dig into the networking portion of the infrastructure. Stay with us for more coverage of a blueprint for trusted infrastructure and collaboration with Dell Technologies on the cube, your leader in enterprise and emerging tech coverage. We're back with a blueprint for trusted infrastructure and partnership with Dell Technologies in the cube. And we're here with Mahesh Nager, who is a consultant in the area of networking product management at Dell Technologies. Mahesh, welcome, good to see you. >>Hey, good morning Dell's, nice to meet, meet to you as well. >>Hey, so we've been digging into all the parts of the infrastructure stack and now we're gonna look at the all important networking components. Mahesh, when we think about networking in today's environment, we think about the core data center and we're connecting out to various locations including the cloud and both the near and the far edge. So the question is from Dell's perspective, what's unique and challenging about securing network infrastructure that we should know about? >>Yeah, so few years ago IT security and an enterprise was primarily putting a wrapper around data center out because it was constrained to an infrastructure owned and operated by the enterprise for the most part. So putting a rapid around it like a parameter or a firewall was a sufficient response because you could basically control the environment and data small enough control today with the distributed data, intelligent software, different systems, multi-cloud environment and asset service delivery, you know, the infrastructure for the modern era changes the way to secure the network infrastructure In today's, you know, data driven world, it operates everywhere and data has created and accessed everywhere so far from, you know, the centralized monolithic data centers of the past. The biggest challenge is how do we build the network infrastructure of the modern era that are intelligent with automation enabling maximum flexibility and business agility without any compromise on the security. We believe that in this data era, the security transformation must accompany digital transformation. >>Yeah, that's very good. You talked about a couple of things there. Data by its very nature is distributed. There is no perimeter anymore, so you can't just, as you say, put a rapper around it. I like the way you phrase that. So when you think about cyber security resilience from a networking perspective, how do you define that? In other words, what are the basic principles that you adhere to when thinking about securing network infrastructure for your customers? >>So our belief is that cybersecurity and cybersecurity resilience, they need to be holistic, they need to be integrated, scalable, one that span the entire enterprise and with a co and objective and policy implementation. So cybersecurity needs to span across all the devices and running across any application, whether the application resets on the cloud or anywhere else in the infrastructure. From a networking standpoint, what does it mean? It's again, the same principles, right? You know, in order to prevent the threat actors from accessing changing best destroy or stealing sensitive data, this definition holds good for networking as well. So if you look at it from a networking perspective, it's the ability to protect from and withstand attacks on the networking systems as we continue to evolve. This will also include the ability to adapt and recover from these attacks, which is what cyber resilience aspect is all about. So cybersecurity best practices, as you know, is continuously changing the landscape primarily because the cyber threats also continue to evolve. >>Yeah, got it. So I like that. So it's gotta be integrated, it's gotta be scalable, it's gotta be comprehensive, comprehensive and adaptable. You're saying it can't be static, >>Right? Right. So I think, you know, you had a second part of a question, you know, that says what do we, you know, what are the basic principles? You know, when you think about securing network infrastructure, when you're looking at securing the network infrastructure, it revolves around core security capability of the devices that form the network. And what are these security capabilities? These are access control, software integrity and vulnerability response. When you look at access control, it's to ensure that only the authenticated users are able to access the platform and they're able to access only the kind of the assets that they're authorized to based on their user level. Now accessing a network platform like a switch or a rotor for example, is typically used for say, configuration and management of the networking switch. So user access is based on say roles for that matter in a role based access control, whether you are a security admin or a network admin or a storage admin. >>And it's imperative that logging is enable because any of the change to the configuration is actually logged and monitored as that. Talking about software's integrity, it's the ability to ensure that the software that's running on the system has not been compromised. And, and you know, this is important because it could actually, you know, get hold of the system and you know, you could get UND desire results in terms of say validation of the images. It's, it needs to be done through say digital signature. So, so it's important that when you're talking about say, software integrity, a, you are ensuring that the platform is not compromised, you know, is not compromised and be that any upgrades, you know, that happens to the platform is happening through say validated signature. >>Okay. And now, now you've now, so there's access control, software integrity, and I think you, you've got a third element which is i I think response, but please continue. >>Yeah, so you know, the third one is about civil notability. So we follow the same process that's been followed by the rest of the products within the Dell product family. That's to report or identify, you know, any kind of a vulnerability that's being addressed by the Dell product security incident response team. So the networking portfolio is no different, you know, it follows the same process for identification for tri and for resolution of these vulnerabilities. And these are addressed either through patches or through new reasons via networking software. >>Yeah, got it. Okay. So I mean, you didn't say zero trust, but when you were talking about access control, you're really talking about access to only those assets that people are authorized to access. I know zero trust sometimes is a buzzword, but, but you I think gave it, you know, some clarity there. Software integrity, it's about assurance validation, your digital signature you mentioned and, and that there's been no compromise. And then how you respond to incidents in a standard way that can fit into a security framework. So outstanding description, thank you for that. But then the next question is, how does Dell networking fit into the construct of what we've been talking about Dell trusted infrastructure? >>Okay, so networking is the key element in the Dell trusted infrastructure. It provides the interconnect between the service and the storage world. And you know, it's part of any data center configuration for a trusted infrastructure. The network needs to have access control in place where only the authorized nels are able to make change to the network configuration and logging off any of those changes is also done through the logging capabilities. Additionally, we should also ensure that the configuration should provide network isolation between say the management network and the data traffic network because they need to be separate and distinct from each other. And furthermore, even if you look at the data traffic network and now you have things like segmentation isolated segments and via VRF or, or some micro segmentation via partners, this allows various level of security for each of those segments. So it's important you know, that, that the network infrastructure has the ability, you know, to provide all this, this services from a Dell networking security perspective, right? >>You know, there are multiple layer of defense, you know, both at the edge and in the network in this hardware and in the software and essentially, you know, a set of rules and a configuration that's designed to sort of protect the integrity, confidentiality, and accessibility of the network assets. So each network security layer, it implements policies and controls as I said, you know, including send network segmentation. We do have capabilities sources, centralized management automation and capability and scalability for that matter. Now you add all of these things, you know, with the open networking standards or software, different principles and you essentially, you know, reach to the point where you know, you're looking at zero trust network access, which is essentially sort of a building block for increased cloud adoption. If you look at say that you know the different pillars of a zero trust architecture, you know, if you look at the device aspect, you know, we do have support for security for example, we do have say trust platform in a trusted platform models tpms on certain offer products and you know, the physical security know plain, simple old one love port enable from a user trust perspective, we know it's all done via access control days via role based access control and say capability in order to provide say remote authentication or things like say sticky Mac or Mac learning limit and so on. >>If you look at say a transport and decision trust layer, these are essentially, you know, how do you access, you know, this switch, you know, is it by plain hotel net or is it like secure ssh, right? And you know, when a host communicates, you know, to the switch, we do have things like self-signed or is certificate authority based certification. And one of the important aspect is, you know, in terms of, you know, the routing protocol, the routing protocol, say for example BGP for example, we do have the capability to support MD five authentication between the b g peers so that there is no, you know, manages attack, you know, to the network where the routing table is compromised. And the other aspect is about second control plane is here, you know, you know, it's, it's typical that if you don't have a control plane here, you know, it could be flooded and you know, you know, the switch could be compromised by city denial service attacks. >>From an application test perspective, as I mentioned, you know, we do have, you know, the application specific security rules where you could actually define, you know, the specific security rules based on the specific applications, you know, that are running within the system. And I did talk about, say the digital signature and the cryptographic check that we do for authentication and for, I mean rather for the authenticity and the validation of, you know, of the image and the BS and so on and so forth. Finally, you know, the data trust, we are looking at, you know, the network separation, you know, the network separation could happen or VRF plain old wheel Ls, you know, which can bring about sales multi 10 aspects. We talk about some microsegmentation as it applies to nsx for example. The other aspect is, you know, we do have, with our own smart fabric services that's enabled in a fabric, we have a concept of c cluster security. So all of this, you know, the different pillars, they sort of make up for the zero trust infrastructure for the networking assets of an infrastructure. >>Yeah. So thank you for that. There's a, there's a lot to unpack there. You know, one of the premise, the premise really of this, this, this, this segment that we're setting up in this series is really that everything you just mentioned, or a lot of things you just mentioned used to be the responsibility of the security team. And, and the premise that we're putting forth is that because security teams are so stretched thin, you, you gotta shift the vendor community. Dell specifically is shifting a lot of those tasks to their own r and d and taking care of a lot of that. So, cuz scop teams got a lot of other stuff to, to worry about. So my question relates to things like automation, which can help and scalability, what about those topics as it relates to networking infrastructure? >>Okay, our >>Portfolio, it enables state of the automation software, you know, that enables simplifying of the design. So for example, we do have, you know, you know the fabric design center, you know, a tool that automates the design of the fabric and you know, from a deployment and you know, the management of the network infrastructure that are simplicities, you know, using like Ansible s for Sonic for example are, you know, for a better sit and tell story. You know, we do have smart fabric services that can automate the entire fabric, you know, for a storage solution or for, you know, for one of the workloads for example. Now we do help reduce the complexity by closely integrating the management of the physical and the virtual networking infrastructure. And again, you know, we have those capabilities using Sonic or Smart Traffic services. If you look at Sonic for example, right? >>It delivers automated intent based secure containerized network and it has the ability to provide some network visibility and Avan has and, and all of these things are actually valid, you know, for a modern networking infrastructure. So now if you look at Sonic, you know, it's, you know, the usage of those tools, you know, that are available, you know, within the Sonic no is not restricted, you know, just to the data center infrastructure is, it's a unified no, you know, that's well applicable beyond the data center, you know, right up to the edge. Now if you look at our north from a smart traffic OS 10 perspective, you know, as I mentioned, we do have smart traffic services which essentially, you know, simplifies the deployment day zero, I mean rather day one, day two deployment expansion plans and the lifecycle management of our conversion infrastructure and hyper and hyper conversion infrastructure solutions. And finally, in order to enable say, zero touch deployment, we do have, you know, a VP solution with our SD van capability. So these are, you know, ways by which we bring down the complexity by, you know, enhancing the automation capability using, you know, a singular loss that can expand from a data center now right to the edge. >>Great, thank you for that. Last question real quick, just pitch me, what can you summarize from your point of view, what's the strength of the Dell networking portfolio? >>Okay, so from a Dell networking portfolio, we support capabilities at multiple layers. As I mentioned, we're talking about the physical security for examples, say disabling of the unused interface. Sticky Mac and trusted platform modules are the things that to go after. And when you're talking about say secure boot for example, it delivers the authenticity and the integrity of the OS 10 images at the startup. And Secure Boot also protects the startup configuration so that, you know, the startup configuration file is not compromised. And Secure port also enables the workload of prediction, for example, that is at another aspect of software image integrity validation, you know, wherein the image is data for the digital signature, you know, prior to any upgrade process. And if you are looking at secure access control, we do have things like role based access control, SSH to the switches, control plane access control that pre do tags and say access control from multifactor authentication. >>We do have various tech ads for entry control to the network and things like CSE and PRV support, you know, from a federal perspective we do have say logging wherein, you know, any event, any auditing capabilities can be possible by say looking at the clog service, you know, which are pretty much in our transmitter from the devices overts for example, and last we talked about say network segment, you know, say network separation and you know, these, you know, separation, you know, ensures that are, that is, you know, a contained say segment, you know, for a specific purpose or for the specific zone and, you know, just can be implemented by a, a micro segmentation, you know, just a plain old wheel or using virtual route of framework VR for example. >>A lot there. I mean I think frankly, you know, my takeaway is you guys do the heavy lifting in a very complicated topic. So thank you so much for, for coming on the cube and explaining that in in quite some depth. Really appreciate it. >>Thank you indeed. >>Oh, you're very welcome. Okay, in a moment I'll be back to dig into the hyper-converged infrastructure part of the portfolio and look at how when you enter the world of software defined where you're controlling servers and storage and networks via software led system, you could be sure that your infrastructure is trusted and secure. You're watching a blueprint for trusted infrastructure made possible by Dell Technologies and collaboration with the cube, your leader in enterprise and emerging tech coverage, your own west product management security lead at for HCI at Dell Technologies hyper-converged infrastructure. Jerome, welcome. >>Thank you Dave. >>Hey Jerome, in this series of blueprint for trusted infrastructure, we've been digging into the different parts of the infrastructure stack, including storage servers and networking, and now we want to cover hyperconverged infrastructure. So my first question is, what's unique about HCI that presents specific security challenges? What do we need to know? >>So what's unique about hyper-converge infrastructure is the breadth of the security challenge. We can't simply focus on a single type of IT system. So like a server or storage system or a virtualization piece of software, software. I mean HCI is all of those things. So luckily we have excellent partners like VMware, Microsoft, and internal partners like the Dell Power Edge team, the Dell storage team, the Dell networking team, and on and on. These partnerships in these collaborations are what make us successful from a security standpoint. So let me give you an example to illustrate. In the recent past we're seeing growing scope and sophistication in supply chain attacks. This mean an attacker is going to attack your software supply chain upstream so that hopefully a piece of code, malicious code that wasn't identified early in the software supply chain is distributed like a large player, like a VMware or Microsoft or a Dell. So to confront this kind of sophisticated hard to defeat problem, we need short term solutions and we need long term solutions as well. >>So for the short term solution, the obvious thing to do is to patch the vulnerability. The complexity is for our HCI portfolio. We build our software on VMware, so we would have to consume a patch that VMware would produce and provide it to our customers in a timely manner. Luckily VX rail's engineering team has co engineered a release process with VMware that significantly shortens our development life cycle so that VMware would produce a patch and within 14 days we will integrate our own code with the VMware release we will have tested and validated the update and we will give an update to our customers within 14 days of that VMware release. That as a result of this kind of rapid development process, VHA had over 40 releases of software updates last year for a longer term solution. We're partnering with VMware and others to develop a software bill of materials. We work with VMware to consume their software manifest, including their upstream vendors and their open source providers to have a comprehensive list of software components. Then we aren't caught off guard by an unforeseen vulnerability and we're more able to easily detect where the software problem lies so that we can quickly address it. So these are the kind of relationships and solutions that we can co engineer with effective collaborations with our, with our partners. >>Great, thank you for that. That description. So if I had to define what cybersecurity resilience means to HCI or converged infrastructure, and to me my takeaway was you gotta have a short term instant patch solution and then you gotta do an integration in a very short time, you know, two weeks to then have that integration done. And then longer term you have to have a software bill of materials so that you can ensure the providence of all the components help us. Is that a right way to think about cybersecurity resilience? Do you have, you know, a additives to that definition? >>I do. I really think that's site cybersecurity and resilience for hci because like I said, it has sort of unprecedented breadth across our portfolio. It's not a single thing, it's a bit of everything. So really the strength or the secret sauce is to combine all the solutions that our partner develops while integrating them with our own layer. So let me, let me give you an example. So hci, it's a, basically taking a software abstraction of hardware functionality and implementing it into something called the virtualized layer. It's basically the virtual virtualizing hardware functionality, like say a storage controller, you could implement it in hardware, but for hci, for example, in our VX rail portfolio, we, our Vxl product, we integrated it into a product called vsan, which is provided by our partner VMware. So that portfolio of strength is still, you know, through our, through our partnerships. >>So what we do, we integrate these, these security functionality and features in into our product. So our partnership grows to our ecosystem through products like VMware, products like nsx, Horizon, Carbon Black and vSphere. All of them integrate seamlessly with VMware and we also leverage VMware's software, part software partnerships on top of that. So for example, VX supports multifactor authentication through vSphere integration with something called Active Directory Federation services for adfs. So there's a lot of providers that support adfs including Microsoft Azure. So now we can support a wide array of identity providers such as Off Zero or I mentioned Azure or Active Directory through that partnership. So we can leverage all of our partners partnerships as well. So there's sort of a second layer. So being able to secure all of that, that provides a lot of options and flexibility for our customers. So basically to summarize my my answer, we consume all of the security advantages of our partners, but we also expand on them to make a product that is comprehensively secured at multiple layers from the hardware layer that's provided by Dell through Power Edge to the hyper-converged software that we build ourselves to the virtualization layer that we get through our partnerships with Microsoft and VMware. >>Great, I mean that's super helpful. You've mentioned nsx, Horizon, Carbon Black, all the, you know, the VMware component OTH zero, which the developers are gonna love. You got Azure identity, so it's really an ecosystem. So you may have actually answered my next question, but I'm gonna ask it anyway cuz you've got this software defined environment and you're managing servers and networking and storage with this software led approach, how do you ensure that the entire system is secure end to end? >>That's a really great question. So the, the answer is we do testing and validation as part of the engineering process. It's not just bolted on at the end. So when we do, for example, VxRail is the market's only co engineered solution with VMware, other vendors sell VMware as a hyper converged solution, but we actually include security as part of the co-engineering process with VMware. So it's considered when VMware builds their code and their process dovetails with ours because we have a secure development life cycle, which other products might talk about in their discussions with you that we integrate into our engineering life cycle. So because we follow the same framework, all of the, all of the codes should interoperate from a security standpoint. And so when we do our final validation testing when we do a software release, we're already halfway there in ensuring that all these features will give the customers what we promised. >>That's great. All right, let's, let's close pitch me, what would you say is the strong suit summarize the, the strengths of the Dell hyper-converged infrastructure and converged infrastructure portfolio specifically from a security perspective? Jerome? >>So I talked about how hyper hyper-converged infrastructure simplifies security management because basically you're gonna take all of these features that are abstracted in in hardware, they're now abstracted in the virtualization layer. Now you can manage them from a single point of view, whether it would be, say, you know, in for VX rail would be b be center, for example. So by abstracting all this, you make it very easy to manage security and highly flexible because now you don't have limitations around a single vendor. You have a multiple array of choices and partnerships to select. So I would say that is the, the key to making it to hci. Now, what makes Dell the market leader in HCI is not only do we have that functionality, but we also make it exceptionally useful to you because it's co engineered, it's not bolted on. So I gave the example of spo, I gave the example of how we, we modify our software release process with VMware to make it very responsive. >>A couple of other features that we have specific just to HCI are digitally signed LCM updates. This is an example of a feature that we have that's only exclusive to Dell that's not done through a partnership. So we digitally signed our software updates so the user can be sure that the, the update that they're installing into their system is an authentic and unmodified product. So we give it a Dell signature that's invalidated prior to installation. So not only do we consume the features that others develop in a seamless and fully validated way, but we also bolt on our own a specific HCI security features that work with all the other partnerships and give the user an exceptional security experience. So for, for example, the benefit to the customer is you don't have to create a complicated security framework that's hard for your users to use and it's hard for your system administrators to manage it all comes in a package. So it, it can be all managed through vCenter, for example, or, and then the specific hyper, hyper-converged functions can be managed through VxRail manager or through STDC manager. So there's very few pains of glass that the, the administrator or user ever has to worry about. It's all self contained and manageable. >>That makes a lot of sense. So you've got your own infrastructure, you're applying your best practices to that, like the digital signatures, you've got your ecosystem, you're doing co-engineering with the ecosystems, delivering security in a package, minimizing the complexity at the infrastructure level. The reason Jerome, this is so important is because SecOps teams, you know, they gotta deal with cloud security, they gotta deal with multiple clouds. Now they have their shared responsibility model going across multiple cl. They got all this other stuff that they have to worry, they gotta secure the containers and the run time and and, and, and, and the platform and so forth. So they're being asked to do other things. If they have to worry about all the things that you just mentioned, they'll never get, you know, the, the securities is gonna get worse. So what my takeaway is, you're removing that infrastructure piece and saying, Okay guys, you now can focus on those other things that is not necessarily Dell's, you know, domain, but you, you know, you can work with other partners to and your own teams to really nail that. Is that a fair summary? >>I think that is a fair summary because absolutely the worst thing you can do from a security perspective is provide a feature that's so unusable that the administrator disables it or other key security features. So when I work with my partners to define, to define and develop a new security feature, the thing I keep foremost in mind is, will this be something our users want to use and our administrators want to administer? Because if it's not, if it's something that's too difficult or onerous or complex, then I try to find ways to make it more user friendly and practical. And this is a challenge sometimes because we are, our products operate in highly regulated environments and sometimes they have to have certain rules and certain configurations that aren't the most user friendly or management friendly. So I, I put a lot of effort into thinking about how can we make this feature useful while still complying with all the regulations that we have to comply with. And by the way, we're very successful in a highly regulated space. We sell a lot of VxRail, for example, into the Department of Defense and banks and, and other highly regulated environments and we're very successful there. >>Excellent. Okay, Jerome, thanks. We're gonna leave it there for now. I'd love to have you back to talk about the progress that you're making down the road. Things always, you know, advance in the tech industry and so would appreciate that. >>I would look forward to it. Thank you very much, Dave. >>You're really welcome. In a moment I'll be back to summarize the program and offer some resources that can help you on your journey to secure your enterprise infrastructure. I wanna thank our guests for their contributions in helping us understand how investments by a company like Dell can both reduce the need for dev sec up teams to worry about some of the more fundamental security issues around infrastructure and have greater confidence in the quality providence and data protection designed in to core infrastructure like servers, storage, networking, and hyper-converged systems. You know, at the end of the day, whether your workloads are in the cloud, on prem or at the edge, you are responsible for your own security. But vendor r and d and vendor process must play an important role in easing the burden faced by security devs and operation teams. And on behalf of the cube production content and social teams as well as Dell Technologies, we want to thank you for watching a blueprint for trusted infrastructure. Remember part one of this series as well as all the videos associated with this program and of course today's program are available on demand@thecube.net with additional coverage@siliconangle.com. And you can go to dell.com/security solutions dell.com/security solutions to learn more about Dell's approach to securing infrastructure. And there's tons of additional resources that can help you on your journey. This is Dave Valante for the Cube, your leader in enterprise and emerging tech coverage. We'll see you next time.

>>Hello, and welcome. Very excited to see everybody here. DockerCon is going fantastic. Everybody's uh, engaging in the chat. It's awesome to see. My name is Peter McKee. I'm the head of developer relations here at Docker and Taber. Today. We're going to be talking about container first development now and in the future. But before we do that, a couple little housekeeping items, first of all, yes, we are live. So if you're in our session, you can go ahead and chat, ask us questions. We'd love to get all your questions and answer them. Um, if you come to the main page on the website and you do not see the chat, go ahead and click on the blue button and that'll die. Uh, deep dive you into our session and you can interact with the chat there. Okay. Without further ado, let's just jump right into it. Katie, how are you? Welcome. Do you mind telling everybody who you are and a little bit about yourself? >>Absolutely. Hello everyone. My name is Katie and currently I am the eco-system advocate at cloud native computing foundation or CNCF. My responsibility is to lead and represent the end-user community. So these are all the practitioners within the cloud native space that are vendor neutral. So they use cloud native technologies to build their services, but they don't sell it. So this is quite an important characteristic as well. My responsibility is to make sure to close the gap between these practitioners and the project maintainers, to make sure that there is a feedback loop around. Um, I have many roles within the community. I am on the advisory board for KIPP finishes, a sandbox project. I'm working with open UK to make sure that Elton standards are used fairly across data, hardware, and software. And I have been, uh, affiliated way if you'd asked me to make sure that, um, I'm distributing a cloud native fundamental scores to make cloud and they do a few bigger despite everyone. So looking forward to this panel and checking with everyone. >>Awesome. Yeah. Welcome. Glad to have you here. Johanna's how are you? Can you, uh, tell everybody a little bit about yourself and who you are? Yeah, sure. >>So hi everybody. My name is Johannes I'm one of the co-founders at get pot, which in case you don't know is an open-source and container based development platform, which is probably also the reason why you Peter reached out and invited me here. So pleasure to be here, looking forward to the discussion. Um, yeah, though it is already a bit later in Munich. Um, and actually my girlfriend had a remote cocktail class with her colleagues tonight and it took me some stamina to really say no to all the Moscow mules that were prepared just over there in my living room. Oh wow. >>You're way better than me. Yeah. Well welcome. Thanks for joining us. Jerome. How are you? Good to see you. Can you tell everybody who you are and a little bit about yourself? Hi, >>Sure. Yeah, so I'm, I, I used to work at Docker and some, for me would say I'm a container hipster because I was running containers in production before it for hype. Um, I worked at Docker before it was even called Docker. And then since 2018, I'm now a freelancer and doing training and consulting around Docker containers, Kubernetes, all these things. So I used to help folks do stuff with Docker when I was there and now I still have them with containers more generally speaking. So kind of, uh, how do we say same, same team, different company or something like that? Yeah. >>Yeah. Perfect. Yeah. Good to see you. I'm glad you're on. Uh, Jacob, how are you? Good to see you. Thanks for joining us. Good. Yeah. Thanks for having me tell, tell everybody a little bit about yourself who you are. >>Yeah. So, uh, I'm the creator of a tool called mutagen, which is an open source, uh, development tool for doing high performance file synchronization and, uh, network forwarding, uh, to enable remote development. And so I come from like a physics background where I was sort of always doing, uh, remote developments, you know, whether that was on a big central clusters or just like some sort of local machine that was a bit more powerful. And so I, after I graduated, I built this tool called mutagen, uh, for doing remote development. And then to my surprise, people just started using it to use, uh, with Docker containers. And, uh, that's kind of grown into its primary use case now. So I'm, yeah, I've gotten really involved with the Docker community and, uh, talked with a lot of great people and now I'm one of the Docker captains. So I get to talk with even more and, and join these events and yeah, but I'm, I'm kind of focused on doing remote development. Uh, cause I, you know, I like, I like having all my tools available on my local machine, but I also like being able to pull in a little bit more powerful hardware or uh, you know, maybe a software that I can't run locally. And so, uh, that's sort of my interest in, in Docker container. Yeah. Awesome. >>Awesome. We're going to come back to that for sure. But yeah. Thank you again. I really appreciate you all joining me and yeah. So, um, I've been thinking about container first development for a while and you know, what does that actually mean? So maybe, maybe we can define it in our own little way. So I, I just throw it out to the panel. When you think about container first development, what comes to mind? What w what, what are you kind of thinking about? Don't be shy. Go ahead. Jerome. You're never a loss of words >>To me. Like if I go back to the, kind of the first, uh, you know, training engagements we did back at Docker and kind of helping folks, uh, writing Dockerfiles to stop developing in containers. Um, often we were replacing, um, uh, set up with a bunch of Vagrant boxes and another, like the VMs and combinations of local things. And very often they liked it a lot and they were very soon, they wanted to really like develop in containers, like run this microservice. This piece of code is whatever, like run that in containers because that means they didn't have to maintain that thing on their own machine. So that's like five years ago. That's what it meant to me back then. However, today, if you, if you say, okay, you know, developing in containers, um, I'm thinking of course about things like get bought and, uh, I think it's called PR or something like that. >>Like this theme, maybe that thing with the ESCO, that's going to run in a container. And you, you have this vs code thing running in your browser. Well, obviously not in your browser, but in a container that you control from your browser and, and many other things like that, that I, I think that's what we, where we want to go today. Uh, and that's really interesting, um, from all kinds of perspectives, like Chevy pair pairing when we will not next to each other, but actually thousands of miles away, um, or having this little environment that they can put aside and come back to it later, without it having using resource in my machine. Um, I don't know, having this dev service running somewhere in the cloud without needing something like, it's at the rights that are like the, the possibilities are really endless. >>Yeah. Yeah. Perfect. Yeah. I'm, you know, a little while ago I was, I was torn, right. W do I spin up containers? Do I develop inside of my containers? Right. There's foul sinking issues. Um, you know, that we've been working on at Docker for a while, and Jacob is very, very familiar with those, right? Sometimes it, it becomes hard, but, and I, and I love developing in the cloud, but I also have this screaming, you know, fast machine sitting on my desktop that I think I should take advantage of. So I guess another question is, you know, should we be developing inside of containers? Is that a smart thing to do? Uh, I'd love to hear you guys' thoughts around that. >>You know, I think it's one of those things where it's, you know, for me container first development is really about, um, considering containers as sort of a first class citizen in, in terms of your development toolkit, right. I mean, there's not always that silver bullet, that's like the one thing you should use for everything. You know, you shouldn't, you shouldn't use containers if they're not fitting in or adding value to your workflow, but I think there's a lot of scenarios that are like, you know, super on super early on in the development process. Like as soon as you get the server kind of running and working and, you know, you're able to access it, you know, running on your local system. Uh that's I think that's when the value comes in to it to add containers to, you know, what you're doing or to your project. Right. I mean, for me, they're, um, they're more of a orchestrational tool, right? So if I don't have to have six different browser tabs open with like, you know, an API server running at one tab and a web server running in another tab and a database running in another tab, I can just kind of encapsulate those and, and use them as an automation thing. So I think, you know, even if you have a super powerful computer, I think there's still value in, um, using containers as, as a orchestrational mechanism. Yeah. Yeah, >>For sure. I think, I think one of the, one of my original aha moments with Docker was, oh, I can spin up different versions of a database locally and not have to install it and not have to configure it and everything, but, you know, it just ran inside of a container. And that, that was it. Although it's might seem simple to some people that's very, very powerful. Right. So I think being able to spin things up and containers very quickly is one of the super benefits. But yeah, I think, uh, developing in containers is, is hard right now, right. With, um, you know, and how do you do that? Right. Does anybody have any thoughts around, how do you go about that? Right. Should you use a container as just a development environment, so, you know, creating an image and then running it just with your dev tools in it, or do you just, uh, and maybe with an editor all inside of it, and it's just this process, that's almost like a VM. Um, yeah. So I'll just kick it back to the panel. I'd love to hear your thoughts on, you know, how do you set up and configure, uh, containers to develop in any thoughts around that? >>Maybe one step back again, to answer your question, what kind of container first development mean? I think it doesn't mean, um, by default that it has to be in the cloud, right? As you said, um, there are obvious benefits when it comes to the developer experience of containers, such as, I dunno, consistency, we have standardized tools dependencies for the dev side of things, but it also makes their dev environment more similar to all the pipeline that is somehow happening to the right, right. So CIC D all the way to production, it is security, right? Which also somehow comes with standardization. Um, but vulnerability scanning tools like sneak are doing a great job there. And, um, for us, it gets pod. One of the key reasons why we created get pod was literally creating this peace of mind for deaths. So from a developer's point of view, you do not need to take care anymore about all the hassle around setups and things that you will need to install. >>And locally, based on some outdated, REIT me on three operating systems in your company, everybody has something different and leading to these verbs in my machine situations, um, that really slow professional software developers down. Right. Um, back to your point, I mean, with good pod, we obviously have to package everything together in one container because otherwise, exactly the situation happens that you need to have five browser tabs open. So we try and leverage that. And I think a dev environment is not just the editor, right? So a dev environment includes your source code. It includes like a powerful shell. It includes file systems. It includes essentially all the tools you need in order to be productive databases and so on. And, um, yeah, we believe that should be encapsulated, um, um, in a container. >>Yeah. Awesome. Katie, you talked to a lot of end users, right. And you're talking to a lot of developers. What, what's your thoughts around container first development, right? Or, or what's the community out there screaming or screaming. It might be too to, uh, har you know, to, to two grand of the word. Right. But yeah, I love it. I love to hear what your, your thoughts. >>Absolutely. So I think when you're talking about continuing driven development, uh, the first thing that crosses my mind is the awareness of the infrastructure or the platform you're going to run your application on top of, because usually when you develop your application, you'd like to replicate as much as possible the production or even the staging environment to make sure that when you deploy your application, you have us little inconsistencies as possible, but at the same time, you minimize the risk for something to go wrong as well. So when it talking about the, the community, um, again, when you deploy applications and containers and Kubernetes, you have to use, you have awareness about, and probably apply some of the best practices, like introducing liveliness and readiness probes, to make sure that your application can restart in, in case it actually goes down or there's like a you're starving going CPU or something like that. >>So, uh, I think when it comes to deployment and development of an application, the main thing is to actually improve the end developer experience. I think there has been a lot of focus in the community to develop the tool, to actually give you the right tool to run application and production, but that doesn't necessarily, um, go back to how the end developer is actually enabling that application to run into that production system. So I think there has been, uh, this focus for the community identified now, and it's more, more, um, or trying to build momentum on enhancing the developer experience. And we've seen this going through many, uh, where we think production of many tools did what has been one of them, which actually we can have this portable, um, development environment if you choose so, and you can actually replicate them across different teams in different machines, which is actually quite handy. >>But at the same time, we had tools such as local composts has been a great tool to run locally. We have tool such as carefully, which is absolutely great to automatically dynamically upload any changes to how within your code. So I think all of these kinds of tools, they getting more matured. And again, this is going back to again, we need to enhance our developer experience coming back to what is the right way to do so. Um, I think it really depends on the environment you have in production, because there's going to define some of the structures with the tool and you're going to have internally, but at the same time, um, I'd like to say that, uh, it really depends on, on what trucks are developing. Uh, so it's, it's, I would like to personally, I would like to see a bit more diversification in this area because we might have this competitive solutions that is going to push us to towards a new edge. So this is like, what definitely developer experience. If we're talking about development, that's what we need to enhance. And that's what I see the momentum building at the moment. >>Yeah. Yeah. Awesome. Jerome, I saw you shaking your head there in agreement, or maybe not, but what's your thoughts? >>I was, uh, I was just reacting until 82. Uh, it depends thinking that when I, when I do training, that's probably the answer that I gave the most, uh, each time somebody asks, oh, should we do diesel? And I was also looking at some of the questions in the chat about, Hey, the, should we like have a negatory in the, in the container or something like that. And folks can have pretty strong opinions one way or the other, but as a ways, it kind of depends what we do. It also depends of the team that we're working with. Um, you, you could have teams, you know, with like small teams with folks with lots of experience and they all come with their own Feb tools and editorials and plugins. So you know that like you're gonna have PRI iMacs out of my cold dead hands or something like that. >>So of course, if you give them something else, they're going to be extremely unhappy or sad. On the other hand, you can have team with folks who, um, will be less opinionated on that. And even, I don't know, let's say suddenly you start working on some project with maybe a new programming language, or maybe you're targeting some embedded system or whatever, like something really new and different. And you come up with all the tools, even the ADE, the extensions, et cetera, folks will often be extremely happy in that case that you're kind of giving them a Dettol and an ADE, even if that's not what they usually would, uh, would use, um, because it will come with all of the, the, the nice stage, you know, the compression, the, um, the, the, the bigger, the, whatever, all these things. And I think there is also something interesting to do here with development in containers. >>Like, Hey, you're going to start working on this extremely complex target based on whatever. And this is a container that has everything to get started. Okay. Maybe it's not your favorites editor, but it has all the customization and the conserver and whatever. Um, so you can start working right away. And then maybe later you, we want to, you know, do that from the container in a way, and have your own Emacs, atom, sublime, vs code, et cetera, et cetera. Um, but I think it's great for containers here, as well as they reserve or particularly the opportunity. And I think like the, that, that's one thing where I see stuff like get blood being potentially super interesting. Um, it's hard for me to gauge because I confess I was never a huge ID kind of person had some time that gives me this weird feeling, like when I help someone to book some, some code and you know, that like with their super nice IDE and everything is set up, but they feel kind of lost. >>And then at some point I'm like, okay, let's, let's get VI and grep and let's navigate this code base. And that makes me feel a little bit, you know, as this kind of old code for movies where you have the old, like colorful guy who knows going food, but at the end ends up still being obsolete because, um, it's only a going for movies that whole good for masters and the winning right. In real life, we don't have conformance there's anymore mentioned. So, um, but part of me is like, yeah, I like having my old style of editor, but when, when the modern editorial modern ID comes with everything set up and configured, that's just awesome. That's I, um, it's one thing that I'm not very good at sitting up all these little things, but when somebody does it and I can use it, it's, it's just amazing. >>Yeah. Yeah. I agree. I'm I feel the same way too. Right. I like, I like the way I've I have my environment. I like the tools that I use. I like the way they're set up. And, but it's a big issue, right? If you're switching machines, like you said, if you're helping someone else out there, they're not there, your key bindings aren't there, you can't, you can't navigate their system. Right? Yeah. So I think, you know, talking about, uh, dev environments that, that Docker's coming out with, and we're, you know, there's a lot, there, there's a, it's super complex, all these things we're talking about. And I think we're taking the approach of let's do something, uh, well, first, right. And then we can add on to that. Right. Because I think, you know, setting up full, full developed environments is hard, right. Especially in the, the, um, cloud native world nowadays with microservices, do you run them on a repo? >>Do you not have a monitor repo? Maybe that would be interesting to talk about. I think, um, you know, I always start out with the mono repos, right. And you have all your services in there and maybe you're using one Docker file. And then, because that works fine. Cause everything is JavaScript and node. And then you throw a little Python in there and then you throw a little go and now you start breaking things out and then things get too complex there, you know, and you start pulling everything out into different, get repos and now, right. Not everything just fits into these little buckets. Right. So how do you guys think maybe moving forward, how do we attack that night? How do we attack these? Does separate programming languages and environments and kind of bring them all together. You know, we, we, I hesitate, we solve that with compose around about running, right about executing, uh, running your, your containers. But, uh, developing with containers is different than running containers. Right. It's a, it's a different way to think about it. So anyway, sorry, I'm rattling on a little bit, but yeah. Be interesting to look at a more complex, uh, setup right. Of, uh, of, you know, even just 10 microservices that are in different get repos and different languages. Right. Just some thoughts. And, um, I'm not sure we all have this flushed out yet, but I'd love to hear your, your, you guys' thoughts around that. >>Jacob, you, you, you, you look like you're getting ready to jump there. >>I didn't wanna interrupt, but, uh, I mean, I think for me the issue isn't even really like the language boundary or, or, um, you know, a sub repo boundary. I think it's really about, you know, the infrastructure, right? Because you have, you're moving to an era where you have these cloud services, which, you know, some of them like S3, you can, you can mock up locally, uh, or run something locally in a container. But at some point you're going to have like, you know, cloud specific hardware, right? Like you got TPS or something that maybe are forming some critical function in your, in your application. And you just can't really replicate that locally, but you still want to be able to develop against that in some capacity. So, you know, my, my feeling about where it's going to go is you'll end up having parts of your application running locally, but then you also have, uh, you know, containers or some other, uh, element that's sort of cohabitating with, uh, you know, either staging or, or testing or production services that you're, uh, that you're working with. >>So you can actually, um, you know, test against a really or realistic simulation or the actual, uh, surface that you're running against in production. Because I think it's just going to become untenable to keep emulating all of that stuff locally, or to have to like duplicate these, you know, and, you know, I guess you can argue about whether or not it's a good thing that, that everything's moving to these kind of more closed off cloud services, but, you know, the reality of situation is that's where it's going to go. And there's certain hardware that you're going to want in the cloud, especially if you're doing, you know, machine learning oriented stuff that there's just no way you're going to be able to run locally. Right. I mean, if you're, even if you're in a dev team where you have, um, maybe like a central machine where you've got like 10 or 20 GPU's in it, that's not something that you're going to be able to, to, to replicate locally. And so that's how I kind of see that, um, you know, containers easing that boundary between different application components is actually maybe more about co-location, um, or having different parts of your application run in different locations, on different hardware, you know, maybe someone on your laptop, maybe it's someone, you know, AWS or Azure or somewhere. Yeah. It'd be interesting >>To start seeing those boundaries blur right. Working local and working in the cloud. Um, and you might even, you might not even know where something is exactly is running right until you need to, you know, that's when you really care, but yeah. Uh, Johanas, what's your thoughts around that? I mean, I think we've, we've talked previously of, of, um, you know, hybrid kind of environments. Uh, but yeah. What, what's your thoughts around that? >>Um, so essentially, yeah, I think, I mean, we believe that the lines between cloud and local will also potentially blur, and it's actually not really about that distinction. It's just packaging your dev environment in a way and provisioning your dev environment in a way that you are what we call always ready to coat. So that literally, um, you, you have that for the, you described as, um, peace of mind that you can just start to be creative and start to be productive. And if that is a container potentially running locally and containers are at the moment. I think, you know, the vehicle that we use, um, two weeks ago, or one week ago actually stack blitz announced the web containers. So potentially some things, well, it's run in the browser at some point, but currently, you know, Docker, um, is the standard that enables you to do that. And what we think will happen is that these cloud-based or local, um, dev environments will be what we call a femoral. So it will be similar to CIS, um, that we are using right now. And it doesn't literally matter, um, where they are running at the end. It's just, um, to reduce friction as much as possible and decrease and yeah, yeah. Essentially, um, avoid or the hustle that is currently involved in setting up and also managing dev environments, um, going forward, which really slows down specifically larger teams. >>Yeah. Yeah. Um, I'm going to shift gears a little bit here. We have a question from the audience in chat, uh, and it's, I think it's a little bit two parts, but so far as I can see container first, uh, development, have the challenges of where to get safe images. Um, and I was going to answer it, but let me keep it, let me keep going, where to get safe images and instrumentation, um, and knowing where exactly the problem is happening, how do we provide instrument instrumentation to see exactly where a problem might be happening and why? So I think the gist of it is kind of, of everything is in a container and I'm sitting outside, you know, the general thought around containers is isolation, right. Um, so how do I get views into that? Um, whether debugging or, or, or just general problems going on. I think that's maybe a broader question around the, how you, you know, you have your local hosts and then you're running everything containers, and what's the interplay there. W what's your thoughts there? >>I tend to think that containers are underused interactively. I mean, I think in production, you have this mindset that there's sort of this isolated environment, but it's very, actually simple to drop into a shell inside of a container and use it like you would, you know, your terminal. Um, so if you want to install software that way, you know, through, through an image rather than through like Homebrew or something, uh, you can kind of treat containers in that way and you can get a very, um, you know, direct access to the, to the space in which those are running in. So I think, I think that's maybe the step one is just like getting rid of that mindset, that, that these are all, um, you know, these completely encapsulated environments that you can't interact with because it's actually quite easy to just Docker exec into a container and then use it interactively >>Yeah. A hundred percent. And maybe I'll pass, I'm going to pass this question. You drone, but maybe demystify containers a little bit when I talked about this on the last, uh, panel, um, because we have a question in the, in the chat around, what's the, you know, why, why containers now I have VMs, right? And I think there's a misunderstanding in the industry, uh, about what, what containers are, we think they're fair, packaged stuff. And I think Jacob was hitting on that of what's underneath the hood. So maybe drown, sorry, for a long way to set up a question of what, what, what makes up a container, what is a container >>Is a container? Well, I, I think, um, the sharpest and most accurate and most articulate definition, I was from Alice gold first, and I will probably misquote her, but she said something like containers are a bunch of capsulated processes, maybe running on a cookie on welfare system. I'm not sure about the exact definition, but I'm going to try and, uh, reconstitute that like containers are just processes that run on a Unix machine. And we just happen to put a bunch of, um, red tape or whatever around them so that they are kind of contained. Um, but then the beauty of it is that we can contend them as much, or as little as we want. We can go kind of only in and put some actual VM or something like firecracker around that to give some pretty strong angulation, uh, all we can also kind of decontam theorize some aspects, you know, you can have a container that's actually using the, um, the, um, the network namespace of the host. >>So that gives it an entire, you know, wire speed access to the, to the network of the host. Um, and so to me, that's what really interesting, of course there is all the thing about, oh, containers are lightweight and I can pack more of them and they start fast and the images can be small, yada yada, yada. But to me, um, with my background in infrastructure and building resilient, things like that, but I find really exciting is the ability to, you know, put the slider wherever I need it. Um, the, the, the ability to have these very light containers, all very heavily, very secure, very anything, and even the ability to have containers in containers. Uh, even if that sounds a little bit, a little bit gimmicky at first, like, oh, you know, like you, you did the Mimi, like, oh, I heard you like container. >>So I put Docker when you're on Docker. So you can run container for you, run containers. Um, but that's actually extremely convenient because, um, as soon as you stop building, especially something infrastructure related. So you challenge is how do you test that? Like, when we were doing.cloud, we're like, okay, uh, how do we provision? Um, you know, we've been, if you're Amazon, how do you provision the staging for us installed? How do you provision the whole region, Jen, which is actually staging? It kind of makes things complicated. And the fact that we have that we can have containers within containers. Uh, that's actually pretty powerful. Um, we're also moving to things where we have secure containers in containers now. So that's super interesting, like stuff like a SIS box, for instance. Um, when I saw that, that was really excited because, uh, one of the horrible things I did back in the days as Docker was privileged containers, precisely because we wanted to have Docker in Docker. >>And that was kind of opening Pandora's box. That's the right, uh, with the four, because privileged containers can do literally anything. They can completely wreck up the machine. Um, and so, but at the same time, they give you the ability to run VPNs and run Docker in Docker and all these cool things. You can run VM in containers, and then you can list things. So, um, but so when I saw that you could actually have kind of secure containers within containers, like, okay, there is something really powerful and interesting there. And I think for folks, well, precisely when you want to do development in containers, especially when you move that to the cloud, that kind of stuff becomes a really important and interesting because it's one thing to have my little dev thing on my local machine. It's another thing when I want to move that to a swarm or Kubernetes cluster, and then suddenly even like very quickly, I hit the wall, which is, oh, I need to have containers in my containers. Um, and then having a runtime, like that gets really intense. >>Interesting. Yeah, yeah, yeah. And I, and jumping back a bit, um, yeah, uh, like you said, drum at the, at the base of it, it containers just a, a process with, with some, uh, Abra, pardon me, operating constructs wrapped around it and see groups, namespaces those types of things. But I think it's very important to, for our discussion right. Of, uh, developers really understanding that, that this is just the process, just like a normal process when I spin up my local bash in my term. Uh, and I'm just interacting with that. And a lot of the things we talk about are more for production runtimes for securing containers for isolating them locally. I don't, I don't know. I'll throw the question out to the panel. Is that really relevant to us locally? Right. Do we want to pull out all of those restrictions? What are the benefits of containers for development, right. And maybe that's a soft question, but I'd still love to hear your thoughts. Maybe I'll kick it over to you, Katie, would you, would you kick us off a little bit with that? >>I'll try. Um, so I think when, again, I was actually thinking of the previous answers because maybe, maybe I could do a transition here. So, interesting, interesting about containers, a piece of trivia, um, the secrets and namespaces have been within the Linux kernel since 2008, I think, which just like more than 10 years ago, hover containers become popular in the last years. So I think it's, it's the technology, but it's about the organization adopting this technology. So I think why it got more popular now is because it became the business differentiator organizations started to think, how can I deliver value to my customers as quickly as possible? So I think that there should be this kind of two lane, um, kind of progress is the technology, but it's at the same time organization and cultural now are actually essential for us to develop, uh, our applications locally. >>Again, I think when it's a single application, if you have just one component, maybe it's easier for you to kind of run it locally, have a very simple testing environment. Sufficient is a container necessary, probably not. However, I think it's more important when you're thinking to the bigger picture. When we have an architecture that has myriads of microservices at the basis, when it's something that you have to expose, for example, an API, or you have to consume an API, these are kind of things where you might need to think about a lightweight set up within the containers, only local environment to make sure that you have at least a similar, um, environment or a configuration to make sure that you test some of the expected behavior. Um, I think the, the real kind of test you start from the, the dev cluster will like the dev environment. >>And then like for, for you to go to staging and production, you will get more clear into what exactly that, um, um, configuration should be in the end. However, at the same time, again, it's, it's more about, um, kind of understanding why you continue to see this, the thing, like, I don't say that you definitely need containers at all times, but there are situations when you have like, again, multiple services and you need to replicate them. It's just the place to, to, to work with these kind of, um, setups. So, um, yeah, really depends on what you're trying to develop here. Nothing very specific, unfortunately, but get your product and your requirements are going to define what you're going to work with. >>Yeah, no, I think that's a great answer, right. I think one of the best answers in, in software engineering and engineering in general as well, it depends. Right. It's things are very specific when we start getting down to the details, but yeah, generally speaking, you know, um, I think containers are good for development, but yeah, it depends, right. It really depends. Is it helping you then? Great. If it's hindering you then, okay. Maybe think what's, what's the hindrance, right. And are containers the right solution. I agree. 110% and, >>And everything. I would like absurd this too as well. When we, again, we're talking about the development team and now we have this culture where we have the platform and infrastructure team, and then you have your engineering team separately, especially when the regulations are going to be segregated. So, um, it's quite important to understand that there might be a, uh, a level of up-skilling required. So pushing for someone to use containers, because this is the right way for you to develop your application might be not, uh, might not be the most efficient way to actually develop a product because you need to spend some time to make sure that the, the engineering team has the skills to do so. So I think it's, it's, again, going back to my answers here is like, truly be aware of how you're trying to develop how you actually collaborate and having that awareness of your platform can be quite helpful in developing your, uh, your publication, the more importantly, having less, um, maybe blockers pushing it to a production system. >>Yeah, yeah. A hundred percent. Yeah. The, uh, the cultural issue is, is, um, within the organization, right. Is a very interesting thing. And it, and I would submit that it's very hard from top down, right. Pushing down tools and processes down to the dev team, man, we'll just, we'll just rebel. It usually comes from the bottom up. Right. What's working for us, we're going to do right. And whether we do it in the shadows and don't let it know, or, or we've conformed, right. Yeah. A hundred percent. Um, interesting. I would like to think a little bit in the future, right? Like, let's say, I don't know, two, three years from now, if, if y'all could wave a and I'm from Texas. So I say y'all, uh, if you all could wave a magic wand, what, what, what would that bring about right. What, what would, what would be the best scenario? And, and we just don't have to say containers. Right. But, you know, what's the best development environment and I'm going to kick it over to you, Jacob. Cause I think you hinted at some of that with some hybrid type of stuff, but, uh, yeah. Implies, they need to keep you awake. You're, you're, you're, uh, almost on the other side of the world for me, but yeah, please. >>Um, I think, you know, it's, it's interesting because you have this technology that you've been, that's been brought from production, so it's not, um, necessarily like the right or the normal basis for development. So I think there's going to be some sort of realignment or renormalization in terms of, uh, you know, what the, what the basis and the abstractions that we're using on a daily basis are right. Like images and containers as they exist now are really designed for, um, for production use cases. And, and in terms of like, even even the ergonomics of opening a shell inside a container, I think is something that's, um, you know, not as polished or not as smooth as it could be because they've come from production. And so I think it's important, like not to, not to have people look at, look at the technology as it exists now and say like, okay, this is slightly rough around the edges, or it wasn't designed for this use case and think, oh, there's, you know, there's never any way I could use this for, for my development of workflows. >>I think it's, you know, it's something Docker's exploring now with, uh, with the, uh, dev containers, you know, it's, it's a new, and it's an experimental paradigm and it may not be what the final picture looks like. As, you know, you were saying, there's going to be kind of a baseline and you'll add features to that or iterate on that. Um, but I think that's, what's interesting about it, right? Cause it's, there's not a lot of things as developers that you get to play with that, um, that are sort of the new technology. Like if you're talking about things you're building to ship, you want to kind of use tried and true components that, you know, are gonna, that are going to be reliable. But I think containers are that interesting point where it's like, this is an established technology, but it's also being used in a way now that's completely different than what it was designed for. And, and, you know, as hackers, I think that's kind of an interesting opportunity to play with it, but I think, I think that's, what's going to happen is you're just going to see kind of those production, um, designed, uh, knobs kind of sanded down or redesigned for, for development. So that's kind of where I see it going. >>Yeah. Yeah. And I think that's what I was trying to hint out earlier is like, um, yeah, just because all these things are there, does it actually mean we need them locally? Right. Do they make sense? I, I agree. A hundred percent, uh, anybody else drawn? What are your thoughts around that? And then, and then, uh, I'll probably just ask all of you. I'd love to hear each of your thoughts of the future. >>I had a thought was maybe unrelated, but I was kind of wondering if we would see something on the side of like energy efficiency in some way. Um, and maybe it's just because I've been thinking a lot about like climate change and things like that recently, and trying to reduce like the, uh, the energy use energy use and things like that. Perhaps it's also because I recently got a new laptop, which on paper is super awesome, but in practice, as soon as you try to have like two slack tabs and a zoom call, you know, it's super fast, both for 30 seconds. And after 30 seconds, it blows its thermal budget and it's like slows down to a crawl. And I started to think, Hmm, maybe, you know, like before we, we, we were thinking about, okay, I don't have that much CPU available. So you have to be kind of mindful about that. >>And now I wonder how are we going to get in something similar to that, but where you try to save CPU cycles, not just because you don't have that many CPU cycles, but more because you know, that you can't go super fast for super long when you are on one of these like small laptops or tablets or phones, like you have this demo budget to take into account. And, um, I wonder if, and how like, is there something where goaltenders can do some things here? I guess it can be really interesting if they can do some the equivalent of like Docker top and Docker stats. And if I could see, like how much what's are these containers using, I can already do that with power top on Linux, for instance, like process by process. So I'm thinking I could see what's the power usage of, of some containers. Um, and I wonder if down the line, is this going to be something useful or is this just silly because we can just masquerade CPU usage for, for Watson and forget about it. >>Yeah. Yeah. It was super, super interesting, uh, perspective for sure. I'm going to shut up because I want to, I want to give, make sure I give Johannes and Katie time. W w what are your thoughts of the future around, let's just say, you know, container development in general, right? You want, you want to start absolutely. Oh, honest, Nate. Johns wants more time. I say, I'll try not to. Beneficiate >>Expensive here, but, um, so one of the things that we've we've touched upon earlier in the panel was multicloud strategy. And I was reading one of the data reports from it was about the concept of Kubernetes from gamer Townsville. But what is working for you to see there is that more and more organizations are thinking about multicloud strategy, which means that you need to develop an application or need an infrastructure or a component, which will allow you to run this application bead on a public cloud bead, like locally in a data center and so forth. And here, when it comes to this kind of, uh, maybe problems we come across open standards, this is where we require something, which will allow us to execute our application or to run our platform in different environments. So when you're thinking about the application or development of the application, one of the things that, um, came out in 2019 at was the Oakland. >>Um, I wish it was Kybella, which is a, um, um, an open application model based application, which allows you to describe the way you would like your service to be executed in different environments. It doesn't need to be well developed specifically for communities. However, the open application model is specialized. So specialized tries to cover multiple platforms. You will be able to execute your application anywhere you want it to. So I think that that's actually quite important because it completely obstructs what is happening underneath it, completely obstructs notions, such as containers, uh, or processes is just, I want this application and I want to have this kind of behavior is so example of, to scale in this conditions or to, um, to be exposed for these, uh, end points and so forth. And everything that I would like to mention here is that maybe this transcends again, the, uh, the logistics of the application development, but it definitely will impact the way we run our applications. >>So one of the biggest, well, one of the new trends that is kind of gaining momentum now has been around Plaza. And this is again, something which is trying to present what we have the on containers. Again, it's focusing on the, it's kind of a cyclical, um, uh, action movement that we have here. When we moved from the VMs to containers, it was smaller footprint. We want like better execution, one, this agnosticism of the platforms. We have the same thing happening here with Watson, but again, it consents a new, um, uh, kind of, well, it teaches in you, uh, in new climax here, where again, we shrink the footprint of the cluster. We have a better isolation of all the services. We have a better trend, like portability of how services and so forth. So there is a great potential out there. And again, like why I'm saying this is some of these technologies are gonna define the way we're gonna do our development of the application on our local environment. >>That's why it's important to kind of maybe have an eye there and maybe see if some of those principles of some of those technologies we can bring internally as well. And just this, like a, a final thought here, um, security has been mentioned as well. Um, I think it's something which has been, uh, at the forefront, especially when it comes to containers, uh, especially when it comes to enterprise organizations and those who are regulated, which I feel come very comfortable to run their application within a VM where you have the full isolation, you can do what we have complete control of what's happening inside that compute. So, um, again, security has been at the forefront at the moment. So I know it has mentioned in the panel before. I'd like to mention that we have the security white paper, which has been published. We have the software supply chain, white paper as well, which twice to figure out or define some of these good practices as well, again, which you can already apply from your development environment and then propagate them to production. So I'm just going to leave, uh, all of these. That's all. >>That's awesome. And yeah, well, while is very, very interesting. I saw the other day that, um, and I forget who it was, maybe, maybe all can remember, um, you know, running, running the node, um, engine inside of, you know, in Walzem inside of a browser. Right. And, uh, at first glance I said, well, we already have a JavaScript execution engine. Right. And it's kind of like Docker and Docker. So you have, uh, you know, you have the browser, then, then you have blossom and then you have a node, you know, a JavaScript runtime. And, and I didn't understand was while I was, um, you know, actually executing is JavaScript and it's not, but yeah, it's super interesting, super powerful. I always felt that the browser was, uh, Java's what write once run anywhere kind of solution, right. That never came about, they were thinking of set top, uh, TV boxes and stuff like that, which is interesting. >>I don't know, you'll some of the history of Java, but yeah. Wasm is, is very, I'm not sure how to correctly pronounce it, but yeah, it's extremely interesting because of the isolation in that boxing. Right. And running powerful languages that were used to inside of a more isolated environment. Right. And it's almost, um, yeah, it's kind of, I think I've mentioned it before that the containers inside of containers, right. Um, yeah. So Johannes, hopefully I gave you enough time. I delayed, I delayed as much as I can. My friend, you better, you better just kidding. I'm just kidding, please, please. >>It was by the way, stack let's and they worked together with Google and with Russell, um, developing the web containers, it's called there's, it's quite interesting. The research they're doing there. Yeah. Yeah. I mean, what we believe and I, I also believe is that, um, yeah, probably somebody is doing to death environments, what Docker did to servers and at least that good part. We hope that somebody will be us. Um, so what we mean by that is that, um, we think today we are still somehow emotionally attached to our dev environments. Right. We give them names, we massage them over time, which can also have its benefits, but it's, they're still pets in some way. Right. And, um, we believe that, um, environments in the future, um, will be treated similar like servers today as automated resources that you can just spin up and close down whenever you need them. >>Right. And, um, this trend essentially that you also see in serverless, if you look at what kind of Netlify is doing a bit with preview environments, what were sellers doing? Um, there, um, we believe will also arrive at, um, at Steph environments. It probably won't be there tomorrow. So it will take some time because if there's also, you know, emotion involved into, in that, in that transition, but ultimately really believe that, um, provisioning dev environments also in the cloud allows you to leverage the power of the cloud and to essentially build all that stuff that you need in order to work in advance. Right? So that's literally either command or a button. So either, I don't know, a command that spins up your local views code and SSH into, into a container, or you do it in a browser, um, will be the way that professional development teams will develop in the future. Probably let's see in our direction of document, we say it's 2000 to 23. Let's see if that holds true. >>Okay. Can we, can, we let's know. Okay. Let's just say let's have a friendly bet. I don't know that's going to be closed now, but, um, yeah, I agree. I, you know, it's my thought around is it, it's hard, right? Th these are hard. And what problems do you tackle first, right? Do you tackle the day, one of, uh, you know, of development, right. I joined a team, Hey, here's your machine? And you have Docker installed and there you go, pull, pull down your environment. Right. Is that necessarily just an image? You know, what, what exactly is that sure. Containers are involved. Right. But that's, I mean, you, you've probably all gone through it. You joined a team, new project, even open-source project, right there. There's a huge hurdle just to get everything configured, to get everything installed, to get it up and running, um, you know, set aside all understanding the code base. >>Cause that's a different issue. Right. But just getting everything running locally and to your point earlier, Jacob of around, uh, recreating, local production cues and environments and, you know, GPS or anything like that, right. Is extremely hard. You can't do a lot of that locally. Right. So I think that's one of the things I'd love to see tackled. And I think that's where we're tackling in dev environments, uh, with Docker, but then now how do you become productive? Right. And where do we go from there? And, uh, and I would love to see this kind of hybrid and you guys have been all been talking about it where I can, yes. I have it configured everything locally on my nice, you know, apple notebook. Right. And then, you know, I go with the family and we go on vacation. I don't want to drag this 16 inch, you know, Mac laptop with me. >>And I want to take my nice iPad with the magic keyboard and all the bang stuff. Right. And I just want to fire up and I pick up where I left off. Right. And I keep coding and environment feels, you know, as much as it can that I'm still working at backup my desktop. I think those, those are very interesting to me. And I think reproducing, uh, the production running runtime environments as close as possible, uh, when I develop my, I think that's extremely powerful, extremely powerful. I think that's one of the hardest things, right. It's it's, uh, you know, we used to say, we, you debug in production. Right. We would launch, right. We would do, uh, as much performance testing as possible. But until you flip that switch on a big, on a big site, that's where you really understand what is going to break. >>Right. Well, awesome. I think we're just about at time. I really, really appreciate everybody joining me. Um, it's been a pleasure talking to all of you. We have to do this again. If I, uh, hopefully, you know, I I'm in here in America and we seem to be doing okay with COVID, but I know around the world, others are not. So my heart goes out to them, but I would love to be able to get out of here and come see all of you and meet you in person, maybe break some bread together. But, um, again, it was a pleasure talking to you all, and I really appreciate you taking the time. Have a good evening. Cool. >>Thanks for having us. Thanks for joining us. Yes.

(plane engine roars) (upbeat music) >> They call me Dr. Goh. I'm Senior Vice President and Chief Technology Officer of AI at Hewlett Packard Enterprise. And today I'm in Munich, Germany. Home to one and a half million people. Munich is famous for everything from BMW, to beer, to breathtaking architecture and festive markets. The Bavarian capital is the beating heart of Germany's automobile industry. Over 50,000 of its residents work in automotive engineering, and to date, Munich allocated around 30 million euros to boost electric vehicles and infrastructure for them. (upbeat music) >> Hello, everyone, my name is Dr. Jerome Baudry. I am a professor at the University of Alabama in Huntsville. Our mission is to use a computational resources to accelerate the discovery of drugs that will be useful and efficient against the COVID-19 virus. On the one hand, there is this terrible crisis. And on the other hand, there is this absolutely unique and rare global effort to fight it. And that I think is a is a very positive thing. I am working with the Cray HPE machine called Sentinel. This machine is so amazing that it can actually mimic the screening of hundreds of thousands, almost millions of chemicals a day. What we take weeks, if not months, or years, we can do in a matter of a few days. And it's really the key to accelerating the discovery of new drugs, new pharmaceuticals. We are all in this together, thank you. (upbeat music) >> Hello, everyone. I'm so pleased to be here to interview Dr. Jerome Baudry, of the University of Alabama in Huntsville. >> Hello, Dr. Goh, I'm very happy to be meeting with you here, today. I have a lot of questions for you as well. And I'm looking forward to this conversation between us. >> Yes, yes, and I've got lots of COVID-19 and computational science questions lined up for you too Jerome. Yeah, so let's interview each other, then. >> Absolutely, let's do that, let's interview each other. I've got many questions for you. And , we have a lot in common and yet a lot of things we are addressing from a different point of view. So I'm very much looking forward to your ideas and insights. >> Yeah, especially now, with COVID-19, many of us will have to pivot a lot of our research and development work, to address the most current issues. I watch your video and I've seen that you're very much focused on drug discovery using super computing. The central notebook you did, I'm very excited about that. Can you tell us a bit more about how that works, yeah? >> Yes, I'd be happy to in fact, I watch your video as well manufacturing, and it's actually quite surprisingly close, what we do with drugs, and with what other people do with planes or cars or assembly lanes. we are calculating forces, on molecules, on drug candidates, when they hit parts of the viruses. And we essentially try to identify what small molecules will hit the viruses or its components, the hardest to mess with its function in a way. And that's not very different from what you're doing. What you are describing people in the industry or in the transportation industry are doing. So that's our problem, so to speak, is to deal with a lot of small molecules. Guy creating a lot of forces. That's not a main problem, our main problem is to make intelligent choices about what calculates, what kind of data should we incorporate in our calculations? And what kind of data should we give to the people who are going to do the testing? And that's really something I would like you to do to help us understand better. How do you see artificial intelligence, helping us, putting our hands on the right data to start with, in order to produce the right data and accuracy. >> Yeah, that's that's a great question. And it is a question that we've been pondering in our strategy as a company a lot recently. Because more and more now we realize that the data is being generated at the far out edge. By edge. I mean, something that's outside of the cloud and data center, right? Like, for example, a more recent COVID-19 work, doing a lot of cryo electron microscope work, right? To try and get high resolution pictures of the virus and at different angles, so creating lots of movies under electron microscope to try and create a 3D model of the virus. And we realize that's the edge, right, because that's where the microscope is, away from the data center. And massive amounts of data is generated, terabytes and terabytes of data per day generated. And we had to develop means, a workflow means to get that data off the microscope and provide pre-processing and processing, so that they can achieve results without delay. So we learned quite a few lessons there, right, especially trying to get the edge to be more intelligent, to deal with the onslaught of data coming in, from these devices. >> That's fantastic that you're saying that and that you're using this very example of cryo-EM, because that's the kind of data that feeds our computations. And indeed, we have found that it is very, very difficult to get the right cryo-EM data to us. Now we've been working with HPE supercomputer Sentinel, as you may know, for our COVID-19 work. So we have a lot of computational power. But we will be even faster and better, frankly, if we knew what kind of cryo-EM data to focus on. In fact, most of our discussions are based on not so much how to compute the forces of the molecules, which we do quite well on an HP supercomputer. But again, what cryo-EM 3D dimensional space to look at. And it's becoming almost a bottleneck. >> Have access to that. >> And we spend a lot of time, do you envision a point where AI will be able to help us, to make this kind of code almost live or at least as close to live as possible, as that that comes from the edge? How to pack it and not triage it, but prioritize it for the best possible computations on supercomputers? >> What a visionary question and desire, right? Like exactly the vision we have, right? Of course, the ultimate vision, you aim for the best, and that will be a real time stream of processed data coming off the microscope straight, providing your need, right? We are not there. Before this, we are far from there, right? But that's the aim, the ability to push more and more intelligence forward, so that by the time the data reaches you, it is what you need, right, without any further processing. And a lot of AI is applied there, particularly in cryo-EM where they do particle picking, right, they do a lot of active pictures and movies of the virus. And then what they do is, they rotate the virus a little bit, right? And then to try and figure out in all the different images in the movies, to try and pick the particles in there. And this is very much image processing that AI is very good at. So many different stages, application is made. The key thing, is to deal with the data that is flowing at this at this speed, and to get the data to you in the right form, that in time. So yes, that's the desire, right? >> It will be a game changer, really. You'll be able to get things in a matter of weeks, instead of a matter of years to the colleague who will be doing the best day. If the AI can help me learn from a calculation that didn't exactly turn out the way we want it to be, that will be very, very helpful. I can see, I can envision AI being able to, live AI to be able to really revolutionize all the process, not only from the discovery, but all the way to the clinical, to the patient, to the hospital. >> Well, that's a great point. In fact, I caught on to your term live AI. That's actually what we are trying to achieve. Although I have not used that term before. Perhaps I'll borrow it for next time. >> Oh please, by all means. >> You see, yes, we have done, I've been doing also recent work on gene expression data. So a vaccine, clinical trial, they have the blood, they get the blood from the volunteers after the first day. And then to run very, very fast AI analytics on the gene expression data that the one, the transcription data, before translation to emit amino acid. The transcription data is enormous. We're talking 30,000, 60,000 different items, transcripts, and how to use that high dimensional data to predict on day one, whether this volunteer will get an adverse event or will have a good antibody outcome, right? For efficacy. So yes, how to do it so quickly, right? To get the blood, go through an SA, right, get the transcript, and then run the analytics and AI to produce an outcome. So that's exactly what we're trying to achieve, yeah. Yes, I always emphasize that, ultimately, the doctor makes that decision. Yeah, AI only suggests based on the data, this is the likely outcome based on all the previous data that the machine has learned from, yeah. >> Oh, I agree, we wouldn't want the machine to decide the fate of the patient, but to assist the doctor or nurse making the decision that will be invaluable? And are you aware of any kind of industry that already is using this kind of live AI? And then, is there anything in, I don't know in sport or crowd control? Or is there any kind of industry? I will be curious to see who is ahead of us in terms of making this kind of a minute based decisions using AI? Yes, in fact, this is very pertinent question. We as In fact, COVID-19, lots of effort working on it, right? But now, industries and different countries are starting to work on returning to work, right, returning to their offices, returning to the factories, returning to the manufacturing plants, but yet, the employers need to reassure the employees that things, appropriate measures are taken for safety, but yet maintain privacy, right? So our Aruba organization actually developed a solution called contact location tracing inside buildings, inside factories, right? Why they built this, and needed a lot of machine learning methods in there to do very, very well, as you say, live AI right? To offer a solution? Well, let me describe the problem. The problem is, in certain countries, and certain states, certain cities where regulations require that, if someone is ill, right, you actually have to go in and disinfect the area person has been to, is a requirement. But if you don't know precisely where the ill person has been to, you actually disinfect the whole factory. And if you have that, if you do that, it becomes impractical and cost prohibitive for the company to keep operating profitably. So what they are doing today with Aruba is, that they carry this Bluetooth Low Energy tag, which is a quarter size, right? The reason they do that is, so that they extract the tag from the person, and then the system tracks, everybody, all the employees. We have one company, there's 10,000 employees, right? Tracks everybody with the tag. And if there is a person ill, immediately a floor plan is brought up with hotspots. And then you just targeted the cleaning services there. The same thing, contact tracing is also produced automatically, you could say, anybody that is come in contact with this person within two meters, and more than 15 minutes, right? It comes up the list. And we, privacy is our focused here. There's a separation between the tech and the person, on only restricted people are allowed to see the association. And then things like washrooms and all that are not tracked here. So yes, live AI, trying to make very, very quick decisions, right, because this affects people. >> Another question I have for you, if you have a minute, actually has to be the same thing. Though, it's more a question about hardware, about computer hardware purify may. We're having, we're spending a lot of time computing on number crunching giant machines, like Sentinel, for instance, which is a dream to use, but it's very good at something but when we pulled it off, also spent a lot of time moving back and forth, so data from clouds from storage, from AI processing, to the computing cycles back and forth, back and forth, did you envision an architecture, that will kind of, combine the hardware needed for a massively parallel calculations, kind of we are doing. And also very large storage, fast IO to be more AI friendly, so to speak. You see on the horizon, some kind of, I would say you need some machine, maybe it's to be determined, to be ambitious at times but something that, when the AI ahead plan in terms of passing the vector to the massively parallel side, yeah, that makes sense? >> Makes a lot of sense. And you ask it I know, because it is a tough problem to solve, as we always say, computation, right, is growing capability enormously. But bandwidth, you have to pay for, latency you sweat for, right? >> That's a very good >> So moving data is ultimately going to be the problem. >> It is. >> Yeah, and we've move the data a lot of times, right, >> You move back and forth, so many times >> Back and forth, back and forth, from the edge that's where you try to pre-process it, before you put it in storage, yeah. But then once it arrives in storage, you move it to memory to do some work and bring it back and move it memory again, right, and then that's what HPC, and then you put it back into storage, and then the AI comes in you, you do the learning, the other way around also. So lots of back and forth, right. So tough problem to solve. But more and more, we are looking at a new architecture, right? Currently, this architecture was built for the AI side first, but we're now looking and see how we can expand that. And this is that's the reason why we announced HPE Ezmeral Data Fabric. What it does is that, it takes care of the data, all the way from the edge point of view, the minute it is ingested at the edge, it is incorporated in the global namespace. So that eventually where the data arrives, lands at geographically one, or lands at, temperature, hot data, warm data or cold data, regardless of eventually where it lands at, this Data Fabric checks everything, from in a global namespace, in a unified way. So that's the first step. So that data is not seen as in different places, different pieces, it is a unified view of all the data, the minute that it does, Just start from the edge. >> I think it's important that we communicate that AI is purposed for good, A lot of sci-fi movies, unfortunately, showcase some psychotic computers or teams of evil scientists who want to take over the world. But how can we communicate better that it's a tool for a change, a tool for good? >> So key differences are I always point out is that, at least we have still judgment relative to the machine. And part of the reason we still have judgment is because our brain, logical center is automatically connected to our emotional center. So whatever our logic say is tempered by emotion, and whatever our emotion wants to act, wants to do, right, is tempered by our logic, right? But then AI machine is, many call them, artificial specific intelligence. They are just focused on that decision making and are not connected to other more culturally sensitive or emotionally sensitive type networks. They are focus networks. Although there are people trying to build them, right. That's this power, reason why with judgment, I always use the phrase, right, what's correct, is not always the right thing to do. There is a difference, right? We need to be there to be the last Judge of what's right, right? >> Yeah. >> So that says one of the the big thing, the other one, I bring up is that humans are different from machines, generally, in a sense that, we are highly subtractive. We, filter, right? Well, machine is highly accumulative today. So an AI machine they accumulate to bring in lots of data and tune the network, but our brains a few people realize, we've been working with brain researchers in our work, right? Between three and 30 years old, our brain actually goes through a pruning process of our connections. So for those of us like me after 30 it's done right. (laughs) >> Wait till you reach my age. >> Keep the brain active, because it prunes away connections you don't use, to try and conserve energy, right? I always say, remind our engineers about this point, about prunings because of energy efficiency, right? A slice of pizza drives our brain for three hours. (laughs) That's why, sometimes when I get need to get my engineers to work longer, I just offer them pizza, three more hours, >> Pizza is universal solution to our problems, absolutely. Food Indeed, indeed. There is always a need for a human consciousness. It's not just a logic, it's not like Mr. Spock in "Star Trek," who always speaks about logic but forgets the humanity aspect of it. >> Yes, yes, The connection between the the logic centers and emotional centers, >> You said it very well. Yeah, yeah and the thing is, sleep researchers are saying that when you don't get enough REM sleep, this connection is weakened. Therefore, therefore your decision making gets affected if you don't get enough sleep. So I was thinking, people do alcohol test breathalyzer test before they are allowed to operate sensitive or make sensitive decisions. Perhaps in the future, you have to check whether you have enough REM sleep before, >> It is. This COVID-19 crisis obviously problematic, and I wish it never happened, but there is something that I never experienced before is, how people are talking to each other, people like you and me, we have a lot in common. But I hear more about the industry outside of my field. And I talk a lot to people, like cryo-EM people or gene expression people, I would have gotten the data before and process it. Now, we have a dialogue across the board in all aspects of industry, science, and society. And I think that could be something wonderful that we should keep after we finally fix this bug. >> Yes. yes, yes. >> Right? >> Yes, that's that's a great point. In fact, it's something I've been thinking about, right, for employees, things have changed, because of COVID-19. But very likely, the change will continue, yeah? >> Right. Yes, yes, because there are a few positive outcomes. COVID-19 is a tough outcome. But there positive side of things, like communicating in this way, effectively. So we were part of the consortium that developed a natural language processing system in AI system that would allow you scientists to do, I can say, with the link to that website, allows you to do a query. So say, tell me the latest on the binding energy between the Sasko B2 virus like protein and the AC receptor. And then you will, it will give you a list of 10 answers, yeah? And give you a link to the papers that say, they say those answers. If you key that in today to NLP, you see 315 points -13.7 kcal per mole, which is right, I think the general consensus answer, and see a few that are highly out of out of range, right? And then when you go further, you realize those are the earlier papers. So I think this NLP system will be useful. (both chattering) I'm sorry, I didn't mean to interrupt, but I mentioned yesterday about it, because I have used that, and it's a game changer indeed, it is amazing, indeed. Many times by using this kind of intelligent conceptual, analyzes a very direct use, that indeed you guys are developing, I have found connections between facts, between clinical or pharmaceutical aspects of COVID-19. That I wasn't really aware of. So a it's a tool for creativity as well, I find it, it builds something. It just doesn't analyze what has been done, but it creates the connections, it creates a network of knowledge and intelligence. >> That's why three to 30 years old, when it stops pruning. >> I know, I know. (laughs) But our children are amazing, in that respect, they see things that we don't see anymore. they make connections that we don't necessarily think of, because we're used to seeing a certain way. And the eyes of a child, are bringing always something new, which I think is what AI could potentially bring here. So look, this is fascinating, really. >> Yes, yes, difference between filtering subtractive and the machine being accumulative. That's why I believe, the two working together, can have a stronger outcome if used properly. >> Absolutely. And I think that's how AI will be a force for good indeed. Obviously see, seems that we would have missed that would end up being very important. Well, we are very interested in or in our quest for drug discovery against COVID-19, we have been quite successful so far. We have accelerated the process by an order of magnitude. So we're having molecules that are being tested against the virus, otherwise, it would have taken maybe three or four years to get to that point. So first thing, we have been very fast. But we are very interested in natural products, that chemicals that come from plants, essentially. We found a way to mine, I don't want to say explore it, but leverage, that knowledge of hundreds of years of people documenting in a very historical way of what plants do against what diseases in different parts of the world. So that really has been a, not only very useful in our work, but a fantastic bridge to our common human history, basically. And second, yes, plants have chemicals. And of course we love chemicals. Every living cell has chemicals. The chemicals that are in plants, have been fine tuned by evolution to actually have some biological function. They are not there just to look good. They have a role in the cell. And if we're trying to come up with a new growth from scratch, which is also something we want to do, of course, then we have to engineer a function that evolution hasn't already found a solution to, for in plants, so in a way, it's also artificial intelligence. We have natural solutions to our problems, why don't we try to find them and see their work in ourselves, we're going to, and this is certainly have to reinvent the wheel each time. >> Hundreds of millions of years of evolution, >> Hundreds of millions of years. >> Many iterations, >> Yes, ending millions of different plants with all kinds of chemical diversity. So we have a lot of that, at our disposal here. If only we find the right way to analyze them, and bring them to our supercomputers, then we will, we will really leverage this humongus amount of knowledge. Instead of having to reinvent the wheel each time we want to take a car, we'll find that there are cars whose wheels already that we should be borrowing instead of, building one each time. Most of the keys are out there, if we can find them, They' re at our disposal. >> Yeah, nature has done the work after hundreds of millions of years. >> Yes. (chattering) Is to figure out, which is it, yeah? Exactly, exactly hence the importance of biodiversity. >> Yeah, I think this is related to the Knowledge Graph, right? Where, yes, to objects and the linking parameter, right? And then you have hundreds of millions of these right? A chemical to an outcome and the link to it, right? >> Yes, that's exactly what it is, absolutely the kind of things we're pursuing very much, so absolutely. >> Not only only building the graph, but building the dynamics of the graph, In the future, if you eat too much Creme Brulee, or if you don't run enough, or if you sleep, well, then your cells, will have different connections on this graph of the ages, will interact with that molecule in a different way than if you had more sleep or didn't eat that much Creme Brulee or exercise a bit more, >> So insightful, Dr. Baudry. Your, span of knowledge, right, impressed me. And it's such fascinating talking to you. (chattering) Hopefully next time, when we get together, we'll have a bit of Creme Brulee together. >> Yes, let's find out scientifically what it does, we have to do double blind and try three times to make sure we get the right statistics. >> Three phases, three clinical trial phases, right? >> It's been a pleasure talking to you. I like we agreed, you knows this, for all that COVID-19 problems, the way that people talk to each other is, I think the things that I want to keep in this in our post COVID-19 world. I appreciate very much your insight and it's very encouraging the way you see things. So let's make it happen. >> We will work together Dr.Baudry, hope to see you soon, in person. >> Indeed in person, yes. Thank you. >> Thank you, good talking to you.

from the silicon angle media office in Boston Massachusetts it's the queue now here's your host David on tape hi everybody this is Dave a latte from our studios in Marlborough Massachusetts you're watching the cube I'm here with Terry Richardson who's the vice president of North America alliances and channels for Hewlett Packard Enterprise we're gonna talk about a program that HPE has called HPE complete Terry good to see you thanks for having me Dave really good to be here you're welcome HPE complete what's that all about HP complete is our way to extend our portfolio to customers and partners so we essentially work with leading technology Alliance vendors and ISPs to certify their solutions with HPE infrastructure and we and we go kind of two steps further once that certification is complete we add those offerings to our price book so they become available to customers and partners you know it allows us to sell complete solutions to customers but we also we also take advantage of the opportunity to develop joint go to market programs with these vendors because that kind of last mile execution is what really matters how often do you have something that's available in a price book but kind of gets no attention so the complete program is really end to end and it allows us to as I said develop solutions for customers that that the components may not exist in the HP completely eportfolio so by leveraging complete we have I think the industry's most complete portfolio of offerings across the infrastructure this is really important because you have some companies some vendors will say okay we're gonna create a stack and be our stack and sort of a closed stack and I'm sure there's some advantage to that level of integration but one of them is not horizontal you know scale and and penetration in various markets so it allows you to say oK we've got some white space here and some gaps we're gonna fill that through partnerships and as you said there go to market implications as well so so I would think that partners actually really love that because they love choice they love flexibility right and and I think we we allow for it to be easier for partners if they take advantage of these technology offerings that are all available through HPE right because one of the challenges a traditional business partner has is how many different vendors can they contract with how many vendor certification programs can they go through how many different you know kind of hoops can they can they jump through this way they can kind of do everything through HPE and there's certainly some financial benefits for you know when they do so and so does that mean there's a SKU for all of these offerings kind of gets queued up in the HPE price book and and they contribute towards the partners attainments of their annual revenue commitment HPE that allows them to achieve their medallion status whether it's platinum gold or or silver so let's say a name so we're some of the partners that you work on so I don't have time to probably name them all but I'll give you a couple of examples we'll just talk about in the infrastructure category specific to storage so HPE portfolio is pretty complete led by you know kind of three part technology and nimble and the associated info site software as well as our you know backup data protection products but we have some gaps right we have gaps in file and objects so companies like accumulo Scalla t really start to fill in the in the blanks there we looked at the trend towards Software Defined and it brought us to a company called doTERRA that that we have for software-defined storage kind of you know continuing to extend our reach into kind of virtualized backup would be technologies with a company like like Veeam so you know just and then you know kind of the exploding secondary data market has led us to partner collaboratively with Co he city so our value prop to these vendors is they can tap into HP's global channel and kind of get you know much broader scale than they could as smaller companies and they also get a selling force at HPE that's motivated to deliver the solutions that our customers and partners need and and dragging those technologies along so it really becomes a win-win yeah from your standpoint you don't have to go out and you'll make acquisitions but you're not to buy every company who's known there and try to figure out how to stitch it together you can do some integration I mean cumulus unev Isilon they're doing very well in the market I know Jerome Ellicott known him for years great skill any CEO from skaila Tico he cities like killing it with modern data protection you got V was really well established you know almost a billion-dollar company now maybe even they'd be surpassed that and in de Tierra when you start talking about Software Defined and we talked about the edge in one of our earlier conversations starts to play kind of an interesting you know great potential technology and so love to see you guys partnering and stitching together and I'm sure like you say there are many more we just don't have time we don't have time to cover them all but those are examples and I think there's a real not only do the partners get to deal with a HPE broader portfolio but in in their go to market execution when they're in partnership with those vendors they tend to be hungrier selling organizations kind of the proverbial hunter analogy because they're focused on kind of rapid growth and market adoption to take advantage of a window in time so partners appreciate the fact that not only will HPE be hunting but a lot of these vendors are hunting too and the partners of the beneficiary what do they have to go through to complete HPE guns there's a pretty thorough certification process that our team goes through to to certify those offerings working on our infrastructure product platform so it's not just signed the contract in your in its as it's a series of technical testing that that goes on so then we put our name and brand behind something we have high confidence that it'll deliver the intent of results to customers and partners so there may be some engineering changes this imaginary work to take advantage of the capabilities in many of these cases it may be HPE compute infrastructure so taking advantage of all the capabilities of our compute flatform and ultimately management there's some integration work that gets done critical for partners simplifies their portfolio by working with HPE Terri thanks so much thank you Dave appreciate the explanation of HPE complete alright and thank you everybody for watching we'll see you next time you're watching the cube [Music]

>>Live from the Mandalay convention center in Las Vegas, Nevada. It's not cue at IBM insight 2014 >>you're all your hosts. John furrier and Dave Volante.. >>Okay. Welcome back everyone. We're here live inside the cube at IBM insight. I'm Sean with Dave Volante. We go after the events, extract the signal and noise. We go wall to wall covers what we do here. I don't, of course we're excited to have awesome gas. We talked to the executives, entrepreneurs, but we get the media stars in here. Uh, Katie Lyndon doll. Welcome to the cube. You are with CNN, the today show. You're the tech correspondent and you get a lot of energy. I could just tell this is going to be fun. It's been fun to hear the last few days. So I mean, Watson is the geeky story of any what, what are you seeing? Let me get the wife in a second. But outside of Watson, what's the coolest thing you've seen? >>I'm constantly on the hunt for the latest innovations in technology and I think that's probably the best part about my job. And always chasing down high level stories. I recently just came back for a dive with NASA. I learned that NASA astronauts actually train underwater to simulate microgravity and I'm like, Oh my gosh, no way. And they're like, do you want to come down to the world's only Marine underwater habitat? I was like, yes, please. So went down to the Florida keys, it's an hour off the coast and was diving literally with NASA European space agency and the Canadian space agency underwater. And again, it's the world's only underwater Marine habitat and seeing how they train in everything from asteroid mining to um, underwater surgery to actually seeing how the body responds to exercise. I guess water simulates one sixth of gravity. So it was a pretty dynamic shoot. >>I was doing that for NBC news and it's just I, those are the types of stories. I, I am a diver. I actually was doing a story on big data last year and it required me to get my dive certs and the Island of Bermuda feel very bad. It was a presentation that I was speaking on here at insight a, there was all this crowdsourced information about how the lion fish, if you've ever heard of the lion fish has been, it's an invasion in the Atlantic ocean. I took all of this information and metrics and made a story for CNN and it required me to get my advanced dive certs. So now I'm getting all these dive stories cause there's not a lot of us dive reporters. So the lion fish story for CNN too. Another good example of a piece that I go after. >>So you, you bring a lot of energy. What do you see here? I mean you see a lot of stories and you get pitched stories. I can imagine that your email box flux, I mean it's like, Oh >>I have 78,000 unread emails right now. I'm not proud of that. But yes, constantly being pitched. >>I had 40,000 I'm a little bit blind. I'm going to give that to you in the today show. Not too shabby. But what do you do? You get pitched all the time and so you got the vet stories. What's your formula for vetting stories? I mean, what gets your attention and how do you go outside your comfort zone to select good stories? What your attention. It's funny, >>you know, so I've been in television for the last 10 years and I feel like now I have this internal barometer and knowing when something's very good and the scope of the things that I cover from, you know, in the past month alone when I was talking about the NASA piece and then I'll flip the next day and do top Halloween gadgets on today's show. So it's, it's very vast, but I can instantly tell and it's, it's come through experience and being in a background in technology and knowing what's gonna work for the consumer and knowing a hot product. When I see it and I I T I gotten pretty good I think at it spotting a product that a consumer is going to love but also finding a story that is, maybe it's super nerdy, but my job is to take it and to bring it down to a level that's entertaining for any kind of audience, whether it be CNN or whether it be today. >>So it says your Guinness book of world record holder, share that in little nugget with the folks in. Yes, that is a true story. I have a Guinness world record holder in the most high fives and one minute. Okay, so this probably solicit some like how the heck did that happen? I've always been fascinated with Guinness world records and I always wanted one and I've always been obsessed with a high five like I am paranoid of huggers, there's nothing that scares me more or good high five just go for the five. I don't want to bring it in and okay, it's a little OCD. I will completely aware. So anyways, I found that this Guinness world record was held by a clown in England for the most high fives and one minute. So I convinced I was hosting a show on spike TV and I convinced them to allow me to break this record. >>So we had all these people line up in the MTV cafeteria and you have a Guinness world record adjudicator come onsite, you get two tries and if you win you get a plaque in a formal ceremony. The cube before we should do the most consecutive interviews to having a drink of water. We want to just come here and we could break something able to break something or like you said, it's his official. Yeah, we started to get like real nervous and like hot and yeah, so I had two tribes. Oh I was, I was giving him a big ass big fitness person. So I was like ready. And if clown beats me at this point, it's over your careers. division. You'll never work again because I beat it on the first try and then I advanced it on a single hand or you go, there's a whole process as you can imagine with the adjudicator's she's like real intense. >>She's like counting with her clicker on the high five so I go down this line of people and it has to be over there can't be like a mailed in like you know like a high five you go for the five names and then I got a couple that were disqualified, you know like a couple didn't count because it wasn't like a full on five four so like a film replay. Super slow motion. I like argued a few. I was like no, I was for sure up on that one. The flag, it was sponsored by PRL. It wasn't but it should have been but it was fun. So I have a plaque how many? 107 heard rumors that it's been broken but I didn't care as long as I've got a plan to that plan at one point. Okay. Let's cut to about IBM because Watson is the coolest thing I'll say is pretty mainstream. >>It hits your wheelhouse. I'll see for the day I've seen jeopardy. Absolutely. Now how does that translate into a story for sure. Stuff going on here. What do you, so what's very cool about Watson? I called my boyfriend because I've had a relationship with him now over the last few years, a few years ago on CVS. I actually got to challenge Watson on a full game of jeopardy and I think that was of course the most, the most memorable part of Watson when he took on the two, you know, jeopardy champions. But so this is like a lifetime moment for me. I got a full game of jeopardy, me Watson and another individual smoked me and actually I was doing okay and then it was like tennis vocab. I was like, Oh, I got this. You know, like I've been in sports my whole life. I've been worked at ESPN for seven years. >>I got this in the bag, I was doing good. And then they were like, Oh, we had them on the low setting. I was like, all right, really? Like really? Like I was just feeling good about myself. I finished with $2, two bucks. Um, and I thought it was so cool how gimmicky it was, you know, in a healthy beach in the tennis category. Oh, you smoking, you never in the low setting for sure. I got a few of those, a few. I actually got set in Tennessee vocab. You're going to have it right. Even watching tennis your whole life. Right. ESPN is embarrassing and disappointing. And then I weighed you too much and then the double jeopardy. Anyways, I digress. So how cool is it that I got to play Watson but then now years later seeing the power in it in many different developments and most notably I work over at as a volunteer at Sloan Memorial Kettering cancer center for a small group called Candlelighters that works with individuals that come in from around the world for cancer treatments. >>Now Sloan is one of those powerful cancer centers in the world is actually using it as predictive analysis. So here and I work with these kids and I, it's very complex. When they go in for a diagnosis, there's lots of different problems that they have and really it's, it's, it's, it's, it's guesswork for a doctor now. They can put all of these things that are happening with it, with a child into a machine, and they can pump out a hypotheses. Of course, you're going to have to have the human interaction tailored with that to have the emotional side, but I had been fascinated, especially on the medical side, watching your boyfriend at this point. That's interesting. We'll get that to the world of Facebook. It's complicated. I heard rumors that he's talks back and we'll listen to this a true statement. He's a lot smarter than I am. >>I'm intimidated by that, but what's the coolest demo with Watson that you've seen besides jeopardy? Yeah, that would have, well I actually learned something new from a few developers that I met yesterday about the new chef app. So being able to go into your pantry and to do some recipe from what you have, the ingredients you have insider, I think that's a little more consumer friendly. So I was kind of like, um, I'm excited to check that one out. Looking at the tech landscape, what are you most excited about? I mean, what's the coolest kind of consumer meats like gadget, short door, tech cloud. If you could pull a few favorites at what's, what's drawing your attention? Uh, one that we actually had here that's probably popped into mind. There's so many to choose from, but in the world of Oculus rift, and the reason I say that is not for the gaming aspect, but more for the potential in the landscape of physical therapy. >>The first time I got on Oculus raft, I was actually training on a Navy boat and I was doing a segment where all my camera men were all around me. I lost track of reality and I got so immersed into virtual reality and being there and even as a huge diver, I get very motion sick and I got motion sick on the boat. Being in this physical, this augmented reality world, we're actually shooting this at the birthplace of Oculus rift. So we really diving behind the scenes into the actual, uh, software and hardware and it was such a cool, immersive experience and realize that what this could do for physical therapy or even at the dentist at a lower end, I think the capabilities for augmented reality and taking yourself out of that moment are huge. So I think that's very exciting. How about drones? >>Oh my gosh. So yes, let's talk to, and my nephew the other day and he said, do you want to see the drone that I built? And I said, yeah, it's got this four or five quadcopter. It's a quadcopter. Yup. I said, where'd you get the software for? He goes, I'll download it. It's all open source. I hacked it a little bit. I actually have several drones. Okay. Nominal. Because this blew me away. I probably have what I consider is the best prosumer drone. It's a DGI Phantom, a DJI Phantom two and I have got some incredible aerial footage over the mountains of Montana and also over a Bermuda, the Island of Bermuda. I sent it up, put it over a shipwreck, gorgeous. And for me as a flake, being in photo and video and going out and getting my own video and not having to rely on a cop, a copter for, you know, that would be thousands of dollars worth of footage or relying on a cameraman. >>I just sent that baby up. I'm like, please don't hit anybody. It's a little hard to operate when you get the one, the higher end models. I have a couple of the parents too. There are a lot easier to operate and do it right from my iPhone, but I am just like, I'm so into it now. I think it's a little gimmicky when we talk about Amazon and pizza deliveries and taco deliveries and beer deliveries with a drone shooting surprises. Texas man, what am, I don't know about that. But uh, I think it's fascinating. I think it's a really cool technology. And again, I've personally saved tens and thousands of dollars using my drones. So you, when you flew over these sites yet proximate, so you had visual concepts. So the Phantom Jerome that I have, that's my favorite one. I actually attach a GoPro to it so I can send it up and I use the gyroscope or just kind of move my GoPro around in mid air. It goes hundreds of feet high. I mean, you've really got to get a grasp on it and know what you're doing. I had it out in a field well before I took it out to an Island on a beach. But I'm not, a drive is not something you really, it's not a remote control car. Now did you build it? Oh no. Goodness. Aww, that's totally on the market. Yeah, I got it at B and H photo >>sending them out. So in San Francisco off their balconies and then they're going out to, you know, angel Island, Alcatraz, and literally they're flying out then unregulated. It's like someday there'll be drone collisions, let's say this is unregulated. This is a huge, people are geeking out with the drones. It's super exciting. Dave camera's shooting down him sending him into football venues or you know, the world series delivering packages. But mom's a streaker. I mean Amazon. I like that. Okay. So what else is new for you? Tell us more about some, some cool behind the scenes at a today's show. Any sad night live, uh, opportunities for you next been >>to Saturday night live. Oh my gosh. By the way, that's like the hottest ticket in New York to get. I've had the opportunity to go to two shows cause my friend's a cameraman over there. The rehearsal for it is like amazing. I know that's a huge digression, but talking about something to see in person, that's one of my bucket lists. Phenomenal. Yeah. Phenomenal. What else is new in New York and the scene there? Uh, Oh, we constantly covering a lot of different pieces. Uh, one, I just came back from Africa a little bit ago. I was doing a number of pieces over there from an elephant orphanage to one of my favorite pieces that we'll be rolling out soon. I did it for cnn.com and also working on a video piece of it. I went in embedded myself in the second poorest part of the entire world in the slums of Kibera, Kenya, and it was amazing to see that in these very poor areas, 70 to 80% cell penetration. A lot of people don't think that a smartphone would be prevalent. It sure is. And these kids, yeah, absolutely. There's cell towers everywhere. These kids were, you know, they don't have much, but they have e-reader devices and they can have thousands of books when they're walking 10 miles to school. You walk into the school that doesn't have any electricity, it's a hundred degrees, but they all have e-readers, Kindles right on their desk. I was blown away. I went to several different schools around Eastern Kenya. Fascinating story to be able to cover. So >>yeah, that's a really good point. In mobile penetration. If I was talking to this startup that where their business plan is to build, sell a solar battery recharging stations because they have the exact points, like they have all these devices but it's not, they don't have the traditional electricity and the parks >>one outlet in the entire school. So fortunately for, you know, with wifi off it's about a week charge on a Kindle. So it is, >>yeah, I think, I think that's a great market opportunity. Certainly in emerging countries, the mobile penetration, I'm so suites about the IBM show here. Is this your first time here or, >>I have had the luxury and the opportunity to be a part of several IBM events and everyone is so uniquely different. And this one all about developers obviously. So something I get to nerd out in myself in that is an it girl and also a developer. It's fun to be able to learn. I picked up so much new information so I just kind of like, they're like, you can, you're done with, I'm like, I'm going to hang out for a little bit longer. >>You know, you know you're a, you know, you're a geek when you're geeking out, when you're off the clock, you know Steve and I the same way. We're like we should stop rookies now let's keep going. So CES, UFC, yes, >>yes, every year for sure. And for anyone that hasn't been to CF, it's kind of on the bucket list for anybody that's attending technology, 35 football fields full of gadgets. Amazing. Yeah, it's always one of my biggest times of the year. So we'll be back here. >>now do you enjoy CES or is it a hard slog for you because you must have to really get down and dirty for CS, I mean a lot of stuff to cover. >>I did and I tried to make it to like the most random boosts. I find someone of my best technology products and like the ma and PA type shops that don't have the million dollar booth and like you know that are really back in a corner and I'm like zero in, >>you go on to cover, by the way, do you go into cover? You kind of sneak in there and you go into the camera guys. No, I go for it. You go for it. Okay. Time. Okay. All right guys. Um, that's awesome. Well can. Thanks for coming on the cube. We really appreciate spending the time. We'd love the personality. I love the energy. I mean Dave and I think you know, we're, first of all we're huge fans of your work. Especially the ESPN part. No, we're, we're big sports fans. In fact we call this the ESPN of tech cause it's our kind of version of like trying to be like ESPN. But we think technology is going mainstream. People at this new generation are geeks and even too, you alluded to ESPN, even sports and technology, I can't tell you how many pieces I've covered in pro athletes and how tech is entering in that space. Everywhere. Disruption in the data, the social media, you know, limiting have agents that go direct to the audience. Just super exciting. I mean I'm real big fan of media, tech, sports and entertainment. Thanks for coming on the cube. We appreciate it. We'll be right back with this after the short break here inside the cube live in Las Vegas. I'm John and Dave. We write back.