>> Paige: Hello everybody and thank you for joining us today for the Virtual Vertica BDC 2020. Today's breakout session is entitled Keep Data Private Prepare and Analyze Without Unencrypting With Voltage SecureData for Vertica. I'm Paige Roberts, Open Source Relations Manager at Vertica, and I'll be your host for this session. Joining me is Rich Gaston, Global Solutions Architect, Security, Risk, and Government at Voltage. And before we begin, I encourage you to submit your questions or comments during the virtual session, you don't have to wait till the end. Just type your question as it occurs to you, or comment, in the question box below the slide and then click Submit. There'll be a Q&A session at the end of the presentation where we'll try to answer as many of your questions as we're able to get to during the time. Any questions that we don't address we'll do our best to answer offline. Now, if you want, you can visit the Vertica Forum to post your questions there after the session. Now, that's going to take the place of the Developer Lounge, and our engineering team is planning to join the Forum, to keep the conversation going. So as a reminder, you can also maximize your screen by clicking the double arrow button, in the lower-right corner of the slides. That'll allow you to see the slides better. And before you ask, yes, this virtual session is being recorded and it will be available to view on-demand this week. We'll send you a notification as soon as it's ready. All right, let's get started. Over to you, Rich. >> Rich: Hey, thank you very much, Paige, and appreciate the opportunity to discuss this topic with the audience. My name is Rich Gaston and I'm a Global Solutions Architect, within the Micro Focus team, and I work on global Data privacy and protection efforts, for many different organizations, looking to take that journey toward breach defense and regulatory compliance, from platforms ranging from mobile to mainframe, everything in between, cloud, you name it, we're there in terms of our solution sets. Vertica is one of our major partners in this space, and I'm very excited to talk with you today about our solutions on the Vertica platform. First, let's talk a little bit about what you're not going to learn today, and that is, on screen you'll see, just part of the mathematics that goes into, the format-preserving encryption algorithm. We are the originators and authors and patent holders on that algorithm. Came out of research from Stanford University, back in the '90s, and we are very proud, to take that out into the market through the NIST standard process, and license that to others. So we are the originators and maintainers, of both standards and athureader in the industry. We try to make this easy and you don't have to learn any of this tough math. Behind this there are also many other layers of technology. They are part of the security, the platform, such as stateless key management. That's a really complex area, and we make it very simple for you. We have very mature and powerful products in that space, that really make your job quite easy, when you want to implement our technology within Vertica. So today, our goal is to make Data protection easy for you, to be able to understand the basics of Voltage Secure Data, you're going to be learning how the Vertica UDx, can help you get started quickly, and we're going to see some examples of how Vertica plus Voltage Secure Data, are going to be working together, in our customer cases out in the field. First, let's take you through a quick introduction to Voltage Secure Data. The business drivers and what's this all about. First of all, we started off with Breach Defense. We see that despite continued investments, in personal perimeter and platform security, Data breaches continue to occur. Voltage Secure Data plus Vertica, provides defense in depth for sensitive Data, and that's a key concept that we're going to be referring to. in the security field defense in depth, is a standard approach to be able to provide, more layers of protection around sensitive assets, such as your Data, and that's exactly what Secure Data is designed to do. Now that we've come through many of these breach examples, and big ticket items, getting the news around breaches and their impact, the business regulators have stepped up, and regulatory compliance, is now a hot topic in Data privacy. Regulations such as GDPR came online in 2018 for the EU. CCPA came online just this year, a couple months ago for California, and is the de-facto standard for the United States now, as organizations are trying to look at, the best practices for providing, regulatory compliance around Data privacy and protection. These gives massive new rights to consumers, but also obligations to organizations, to protect that personal Data. Secure Data Plus Vertica provides, fine grained authorization around sensitive Data, And we're going to show you exactly how that works, within the Vertica platform. At the bottom, you'll see some of the snippets there, of the news articles that just keep racking up, and our goal is to keep you off the news, to keep your company safe, so that you can have the assurance, that even if there is an unintentional, or intentional breach of Data out of the corporation, if it is protected by voltage Secure Data, it will be of no value to those hackers, and then you have no impact, in terms of risk to the organization. What do we mean by defense in depth? Let's take a look first at the encryption types, and the benefits that they provide, and we see our customers implementing, all kinds of different protection mechanisms, within the organization. You could be looking at disk level protection, file system protection, protection on the files themselves. You could protect the entire Database, you could protect our transmissions, as they go from the client to the server via TLS, or other protected tunnels. And then we look at Field-level Encryption, and that's what we're talking about today. That's all the above protections, at the perimeter level at the platform level. Plus, we're giving you granular access control, to your sensitive Data. Our main message is, keep the Data protected for at the earliest possible point, and only access it, when you have a valid business need to do so. That's a really critical aspect as we see Vertica customers, loading terabytes, petabytes of Data, into clusters of Vertica console, Vertica Database being able to give access to that Data, out to a wide variety of end users. We started off with organizations having, four people in an office doing Data science, or analytics, or Data warehousing, or whatever it's called within an organization, and that's now ballooned out, to a new customer coming in and telling us, we're going to have 1000 people accessing it, plus service accounts accessing Vertica, we need to be able to provide fine level access control, and be able to understand what are folks doing with that sensitive Data? And how can we Secure it, the best practices possible. In very simple state, voltage protect Data at rest and in motion. The encryption of Data facilitates compliance, and it reduces your risk of breach. So if you take a look at what we mean by feel level, we could take a name, that name might not just be in US ASCII. Here we have a sort of Latin one extended, example of Harold Potter, and we could take a look at the example protected Data. Notice that we're taking a character set approach, to protecting it, meaning, I've got an alphanumeric option here for the format, that I'm applying to that name. That gives me a mix of alpha and numeric, and plus, I've got some of that Latin one extended alphabet in there as well, and that's really controllable by the end customer. They can have this be just US ASCII, they can have it be numbers for numbers, you can have a wide variety, of different protection mechanisms, including ignoring some characters in the alphabet, in case you want to maintain formatting. We've got all the bells and whistles, that you would ever want, to put on top of format preserving encryption, and we continue to add more to that platform, as we go forward. Taking a look at tax ID, there's an example of numbers for numbers, pretty basic, but it gives us the sort of idea, that we can very quickly and easily keep the Data protected, while maintaining the format. No schema changes are going to be required, when you want to protect that Data. If you look at credit card number, really popular example, and the same concept can be applied to tax ID, often the last four digits will be used in a tax ID, to verify someone's identity. That could be on an automated telephone system, it could be a customer service representative, just trying to validate the security of the customer, and we can keep that Data in the clear for that purpose, while protecting the entire string from breach. Dates are another critical area of concern, for a lot of medical use cases. But we're seeing Date of Birth, being included in a lot of Data privacy conversations, and we can protect dates with dates, they're going to be a valid date, and we have some really nifty tools, to maintain offsets between dates. So again, we've got the real depth of capability, within our encryption, that's not just saying, here's a one size fits all approach, GPS location, customer ID, IP address, all of those kinds of Data strings, can be protected by voltage Secure Data within Vertica. Let's take a look at the UDx basics. So what are we doing, when we add Voltage to Vertica? Vertica stays as is in the center. In fact, if you get the Vertical distribution, you're getting the Secure Data UDx onboard, you just need to enable it, and have Secure Data virtual appliance, that's the box there on the middle right. That's what we come in and add to the mix, as we start to be able to add those capabilities to Vertica. On the left hand side, you'll see that your users, your service accounts, your analytics, are still typically doing Select, Update, Insert, Delete, type of functionality within Vertica. And they're going to come into Vertica's access control layer, they're going to also access those services via SQL, and we simply extend SQL for Vertica. So when you add the UDx, you get additional syntax that we can provide, and we're going to show you examples of that. You can also integrate that with concepts, like Views within Vertica. So that we can say, let's give a view of Data, that gives the Data in the clear, using the UDx to decrypt that Data, and let's give everybody else, access to the raw Data which is protected. Third parties could be brought in, folks like contractors or folks that aren't vetted, as closely as a security team might do, for internal sensitive Data access, could be given access to the Vertical cluster, without risk of them breaching and going into some area, they're not supposed to take a look at. Vertica has excellent control for access, down even to the column level, which is phenomenal, and really provides you with world class security, around the Vertical solution itself. Secure Data adds another layer of protection, like we're mentioning, so that we can have Data protected in use, Data protected at rest, and then we can have the ability, to share that protected Data throughout the organization. And that's really where Secure Data shines, is the ability to protect that Data on mainframe, on mobile, and open systems, in the cloud, everywhere you want to have that Data move to and from Vertica, then you can have Secure Data, integrated with those endpoints as well. That's an additional solution on top, the Secure Data Plus Vertica solution, that is bundled together today for a sales purpose. But we can also have that conversation with you, about those wider Secure Data use cases, we'd be happy to talk to you about that. Security to the virtual appliance, is a lightweight appliance, sits on something like eight cores, 16 gigs of RAM, 100 gig of disk or 200 gig of disk, really a lightweight appliance, you can have one or many. Most customers have four in production, just for redundancy, they don't need them for scale. But we have some customers with 16 or more in production, because they're running such high volumes of transaction load. They're running a lot of web service transactions, and they're running Vertica as well. So we're going to have those virtual appliances, as co-located around the globe, hooked up to all kinds of systems, like Syslog, LDAP, load balancers, we've got a lot of capability within the appliance, to fit into your enterprise IP landscape. So let me get you directly into the neat, of what does the UDx do. If you're technical and you know SQL, this is probably going to be pretty straightforward to you, you'll see the copy command, used widely in Vertica to get Data into Vertica. So let's try to protect that Data when we're ingesting it. Let's grab it from maybe a CSV file, and put it straight into Vertica, but protected on the way and that's what the UDx does. We have Voltage Secure protectors, an added syntax, like I mentioned, to the Vertica SQL. And that allows us to say, we're going to protect the customer first name, using the parameters of hyper alphanumeric. That's our internal lingo of a format, within Secure Data, this part of our API, the API is require very few inputs. The format is the one, that you as a developer will be supplying, and you'll have different ones for maybe SSN, you'll have different formats for street address, but you can reuse a lot of your formats, across a lot of your PII, PHI Data types. Protecting after ingest is also common. So I've got some Data, that's already been put into a staging area, perhaps I've got a landing zone, a sandbox of some sort, now I want to be able to move that, into a different zone in Vertica, different area of the schema, and I want to have that Data protected. We can do that with the update command, and simply again, you'll notice Voltage Secure protect, nothing too wild there, basically the same syntax. We're going to query unprotected Data. How do we search once I've encrypted all my Data? Well, actually, there's a pretty nifty trick to do so. If you want to be able to query unprotected Data, and we have the search string, like a phone number there in this example, simply call Voltage Secure protect on that, now you'll have the cipher text, and you'll be able to search the stored cipher text. Again, we're just format preserving encrypting the Data, and it's just a string, and we can always compare those strings, using standard syntax and SQL. Using views to decrypt Data, again a powerful concept, in terms of how to make this work, within the Vertica Landscape, when you have a lot of different groups of users. Views are very powerful, to be able to point a BI tool, for instance, business intelligence tools, Cognos, Tableau, etc, might be accessing Data from Vertica with simple queries. Well, let's point them to a view that does the hard work, and uses the Vertical nodes, and its horsepower of CPU and RAM, to actually run that Udx, and do the decryption of the Data in use, temporarily in memory, and then throw that away, so that it can't be breached. That's a nice way to keep your users active and working and going forward, with their Data access and Data analytics, while also keeping the Data Secure in the process. And then we might want to export some Data, and push it out to someone in a clear text manner. We've got a third party, needs to take the tax ID along with some Data, to do some processing, all we need to do is call Voltage Secure Access, again, very similar to the protect call, and you're writing the parameter again, and boom, we have decrypted the Data and used again, the Vertical resources of RAM and CPU and horsepower, to do the work. All we're doing with Voltage Secure Data Appliance, is a real simple little key fetch, across a protected tunnel, that's a tiny atomic transaction, gets done very quick, and you're good to go. This is it in terms of the UDx, you have a couple of calls, and one parameter to pass, everything else is config driven, and really, you're up and running very quickly. We can even do demos and samples of this Vertical Udx, using hosted appliances, that we put up for pre sales purposes. So folks want to get up and get a demo going. We could take that Udx, configure it to point to our, appliance sitting on the internet, and within a couple of minutes, we're up and running with some simple use cases. Of course, for on-prem deployment, or deployment in the cloud, you'll want your own appliance in your own crypto district, you have your own security, but it just shows, that we can easily connect to any appliance, and get this working in a matter of minutes. Let's take a look deeper at the voltage plus Vertica solution, and we'll describe some of the use cases and path to success. First of all your steps to, implementing Data-centric security and Vertica. Want to note there on the left hand side, identify sensitive Data. How do we do this? I have one customer, where they look at me and say, Rich, we know exactly what our sensitive Data is, we develop the schema, it's our own App, we have a customer table, we don't need any help in this. We've got other customers that say, Rich, we have a very complex Database environment, with multiple Databases, multiple schemas, thousands of tables, hundreds of thousands of columns, it's really, really complex help, and we don't know what people have been doing exactly, with some of that Data, We've got various teams that share this resource. There, we do have additional tools, I wanted to give a shout out to another microfocus product, which is called Structured Data Manager. It's a great tool that helps you identify sensitive Data, with some really amazing technology under the hood, that can go into a Vertica repository, scan those tables, take a sample of rows or a full table scan, and give you back some really good reports on, we think this is sensitive, let's go confirm it, and move forward with Data protection. So if you need help on that, we've got the tools to do it. Once you identify that sensitive Data, you're going to want to understand, your Data flows and your use cases. Take a look at what analytics you're doing today. What analytics do you want to do, on sensitive Data in the future? Let's start designing our analytics, to work with sensitive Data, and there's some tips and tricks that we can provide, to help you mitigate, any kind of concerns around performance, or any kind of concerns around rewriting your SQL. As you've noted, you can just simply insert our SQL additions, into your code and you're off and running. You want to install and configure the Udx, and secure Data software plants. Well, the UDx is pretty darn simple. The documentation on Vertica is publicly available, you could see how that works, and what you need to configure it, one file here, and you're ready to go. So that's pretty straightforward to process, either grant some access to the Udx, and that's really up to the customer, because there are many different ways, to handle access control in Vertica, we're going to be flexible to fit within your model, of access control and adding the UDx to your mix. Each customer is a little different there, so you might want to talk with us a little bit about, the best practices for your use cases. But in general, that's going to be up and running in just a minute. The security software plants, hardened Linux appliance today, sits on-prem or in the cloud. And you can deploy that. I've seen it done in 15 minutes, but that's what the real tech you had, access to being able to generate a search, and do all this so that, your being able to set the firewall and all the DNS entries, the basically blocking and tackling of a software appliance, you get that done, corporations can take care of that, in just a couple of weeks, they get it all done, because they have wait waiting on other teams, but the software plants are really fast to get stood up, and they're very simple to administer, with our web based GUI. Then finally, you're going to implement your UDx use cases. Once the software appliance is up and running, we can set authentication methods, we could set up the format that you're going to use in Vertica, and then those two start talking together. And it should be going in dev and test in about half a day, and then you're running toward production, in just a matter of days, in most cases. We've got other customers that say, Hey, this is going to be a bigger migration project for us. We might want to split this up into chunks. Let's do the real sensitive and scary Data, like tax ID first, as our sort of toe in the water approach, and then we'll come back and protect other Data elements. That's one way to slice and dice, and implement your solution in a planned manner. Another way is schema based. Let's take a look at this section of the schema, and implement protection on these Data elements. Now let's take a look at the different schema, and we'll repeat the process, so you can iteratively move forward with your deployment. So what's the added value? When you add full Vertica plus voltage? I want to highlight this distinction because, Vertica contains world class security controls, around their Database. I'm an old time DBA from a different product, competing against Vertica in the past, and I'm really aware of the granular access controls, that are provided within various platforms. Vertica would rank at the very top of the list, in terms of being able to give me very tight control, and a lot of different AWS methods, being able to protect the Data, in a lot of different use cases. So Vertica can handle a lot of your Data protection needs, right out of the box. Voltage Secure Data, as we keep mentioning, adds that defense in-Depth, and it's going to enable those, enterprise wide use cases as well. So first off, I mentioned this, the standard of FF1, that is format preserving encryption, we're the authors of it, we continue to maintain that, and we want to emphasize that customers, really ought to be very, very careful, in terms of choosing a NIST standard, when implementing any kind of encryption, within the organization. So 8 ES was one of the first, and Hallmark, benchmark encryption algorithms, and in 2016, we were added to that mix, as FF1 with CS online. If you search NIST, and Voltage Security, you'll see us right there as the author of the standard, and all the processes that went along with that approval. We have centralized policy for key management, authentication, audit and compliance. We can now see that Vertica selected or fetch the key, to be able to protect some Data at this date and time. We can track that and be able to give you audit, and compliance reporting against that Data. You can move protected Data into and out of Vertica. So if we ingest via Kafka, and just via NiFi and Kafka, ingest on stream sets. There are a variety of different ingestion methods, and streaming methods, that can get Data into Vertica. We can integrate secure Data with all of those components. We're very well suited to integrate, with any Hadoop technology or any big Data technology, as we have API's in a variety of languages, bitness and platforms. So we've got that all out of the box, ready to go for you, if you need it. When you're moving Data out of Vertica, you might move it into an open systems platform, you might move it to the cloud, we can also operate and do the decryption there, you're going to get the same plaintext back, and if you protect Data over in the cloud, and move it into Vertica, you're going to be able to decrypt it in Vertica. That's our cross platform promise. We've been delivering on that for many, many years, and we now have many, many endpoints that do that, in production for the world's largest organization. We're going to preserve your Data format, and referential integrity. So if I protect my social security number today, I can protect another batch of Data tomorrow, and that same ciphertext will be generated, when I put that into Vertica, I can have absolute referential integrity on that Data, to be able to allow for analytics to occur, without even decrypting Data in many cases. And we have decrypt access for authorized users only, with the ability to add LDAP authentication authorization, for UDx users. So you can really have a number of different approaches, and flavors of how you implement voltage within Vertica, but what you're getting is the additional ability, to have that confidence, that we've got the Data protected at rest, even if I have a DBA that's not vetted or someone new, or I don't know where this person is from a third party, and being provided access as a DBA level privilege. They could select star from all day long, and they're going to get ciphertext, they're going to have nothing of any value, and if they want to use the UDF to decrypt it, they're going to be tracked and traced, as to their utilization of that. So it allows us to have that control, and additional layer of security on your sensitive Data. This may be required by regulatory agencies, and it's seeming that we're seeing compliance audits, get more and more strict every year. GDPR was kind of funny, because they said in 2016, hey, this is coming, they said in 2018, it's here, and now they're saying in 2020, hey, we're serious about this, and the fines are mounting. And let's give you some examples to kind of, help you understand, that these regulations are real, the fines are real, and your reputational damage can be significant, if you were to be in breach, of a regulatory compliance requirements. We're finding so many different use cases now, popping up around regional protection of Data. I need to protect this Data so that it cannot go offshore. I need to protect this Data, so that people from another region cannot see it. That's all the kind of capability that we have, within secure Data that we can add to Vertica. We have that broad platform support, and I mentioned NiFi and Kafka, those would be on the left hand side, as we start to ingest Data from applications into Vertica. We can have landing zone approaches, where we provide some automated scripting at an OS level, to be able to protect ETL batch transactions coming in. We could protect within the Vertica UDx, as I mentioned, with the copy command, directly using Vertica. Everything inside that dot dash line, is the Vertical Plus Voltage Secure Data combo, that's sold together as a single package. Additionally, we'd love to talk with you, about the stuff that's outside the dash box, because we have dozens and dozens of endpoints, that could protect and access Data, on many different platforms. And this is where you really start to leverage, some of the extensive power of secure Data, to go across platform to handle your web based apps, to handle apps in the cloud, and to handle all of this at scale, with hundreds of thousands of transactions per second, of format preserving encryption. That may not sound like much, but when you take a look at the algorithm, what we're doing on the mathematics side, when you look at everything that goes into that transaction, to me, that's an amazing accomplishment, that we're trying to reach those kinds of levels of scale, and with Vertica, it scales horizontally. So the more nodes you add, the more power you get, the more throughput you're going to get, from voltage secure Data. I want to highlight the next steps, on how we can continue to move forward. Our secure Data team is available to you, to talk about the landscape, your use cases, your Data. We really love the concept that, we've got so many different organizations out there, using secure Data in so many different and unique ways. We have vehicle manufacturers, who are protecting not just the VIN, not just their customer Data, but in fact they're protecting sensor Data from the vehicles, which is sent over the network, down to the home base every 15 minutes, for every vehicle that's on the road, and every vehicle of this customer of ours, since 2017, has included that capability. So now we're talking about, an additional millions and millions of units coming online, as those cars are sold and distributed, and used by customers. That sensor Data is critical to the customer, and they cannot let that be ex-filled in the clear. So they protect that Data with secure Data, and we have a great track record of being able to meet, a variety of different unique requirements, whether it's IoT, whether it's web based Apps, E-commerce, healthcare, all kinds of different industries, we would love to help move the conversations forward, and we do find that it's really a three party discussion, the customer, secure Data experts in some cases, and the Vertica team. We have great enablement within Vertica team, to be able to explain and present, our secure Data solution to you. But we also have that other ability to add other experts in, to keep that conversation going into a broader perspective, of how can I protect my Data across all my platforms, not just in Vertica. I want to give a shout out to our friends at Vertica Academy. They're building out a great demo and training facilities, to be able to help you learn more about these UDx's, and how they're implemented. The Academy, is a terrific reference and resource for your teams, to be able to learn more, about the solution in a self guided way, and then we'd love to have your feedback on that. How can we help you more? What are the topics you'd like to learn more about? How can we look to the future, in protecting unstructured Data? How can we look to the future, of being able to protect Data at scale? What are the requirements that we need to be meeting? Help us through the learning processes, and through feedback to the team, get better, and then we'll help you deliver more solutions, out to those endpoints and protect that Data, so that we're not having Data breach, we're not having regulatory compliance concerns. And then lastly, learn more about the Udx. I mentioned, that all of our content there, is online and available to the public. So vertica.com/secureData , you're going to be able to walk through the basics of the UDX. You're going to see how simple it is to set up, what the UDx syntax looks like, how to grant access to it, and then you'll start to be able to figure out, hey, how can I start to put this, into a PLC in my own environment? Like I mentioned before, we have publicly available hosted appliance, for demo purposes, that we can make available to you, if you want to PLC this. Reach out to us. Let's get a conversation going, and we'll get you the address and get you some instructions, we can have a quick enablement session. We really want to make this accessible to you, and help demystify the concept of encryption, because when you see it as a developer, and you start to get your hands on it and put it to use, you can very quickly see, huh, I could use this in a variety of different cases, and I could use this to protect my Data, without impacting my analytics. Those are some of the really big concerns that folks have, and once we start to get through that learning process, and playing around with it in a PLC way, that we can start to really put it to practice into production, to say, with confidence, we're going to move forward toward Data encryption, and have a very good result, at the end of the day. This is one of the things I find with customers, that's really interesting. Their biggest stress, is not around the timeframe or the resource, it's really around, this is my Data, I have been working on collecting this Data, and making it available in a very high quality way, for many years. This is my job and I'm responsible for this Data, and now you're telling me, you're going to encrypt that Data? It makes me nervous, and that's common, everybody feels that. So we want to have that conversation, and that sort of trial and error process to say, hey, let's get your feet wet with it, and see how you like it in a sandbox environment. Let's now take that into analytics, and take a look at how we can make this, go for a quick 1.0 release, and let's then take a look at, future expansions to that, where we start adding Kafka on the ingest side. We start sending Data off, into other machine learning and analytics platforms, that we might want to utilize outside of Vertica, for certain purposes, in certain industries. Let's take a look at those use cases together, and through that journey, we can really chart a path toward the future, where we can really help you protect that Data, at rest, in use, and keep you safe, from both the hackers and the regulators, and that I think at the end of the day, is really what it's all about, in terms of protecting our Data within Vertica. We're going to have a little couple minutes for Q&A, and we would encourage you to have any questions here, and we'd love to follow up with you more, about any questions you might have, about Vertica Plus Voltage Secure Data. They you very much for your time today.

(upbeat music) >> Live from Barcelona, Spain, it's theCUBE! Covering Cisco Live! Europe, brought to you by Cisco and it's eco system partners. >> Welcome back to theCUBE's live coverage of Cisco Live! 2019 here in Barcelona, Spain. I'm Stu Miniman, my co-host for this segment is Dave Vellante. Dave, myself, and John Furrier here, gettin' wall to wall coverage. Happy to welcome to the program, first time guest, Dave Stanford, who's the Customer Experience Cloud Product Management at Cisco, Dave thanks so much for joining us. >> Thanks for having me here. >> Alright. So, we've been digging into the whole multi-Cloud piece here, some real big announcements. A lot of their business solutions talking about being anywhere, it's the bridge-to-possible here at the show- >> Exactly. >> So, tell us exactly the customer experience there. Is this, the gooeys, much more than that, do you know? >> It is. >> What's that encompass? >> We really want to put a whole wrapper around all these products and solutions from a service perspective, and that includes everything from advisory, really guiding our customers, how do I get there, we see all these products and sometimes, it's like, well what do I use these for? So, we want to guide them, help them adopt it and then, support it, support's probably the most important piece. With all these multiple solutions, who can the customers call to get support for all of these? >> You know, I mean, I've worked with Cisco, partnered with Cisco my entire career, and the last few years, boy, things are changing so fast. >> Absolutely. >> A year ago kind of opened my eyes, and said, oh Cisco's movin' to be a software company? You really see the movement when I come to the show here, when I talk to people like the Cisco DNA Platform Solutions. >> Exactly. >> And all the things that customers need to change. Bring us inside how you're helping customers with that change, the services, and everything that you're wrapping around there. >> Sure. My role today is to develop the offers and scale them out and enable our other advanced services folks to deliver, but previously I was delivery myself. So, I understand the challenges that the customers have, so I know what they expect, they want the products to go out there and seamlessly work together, now they do. There's APIs, there's connectivity, but we have to actually show them what they can do with them, what are the use-cases. And from our perspective, when a product's released, a CX offer or service package should go out the door with that, too. QuickStarts are the biggest thing we have. >> Yeah and actually one of the keys things we talk about that move to software, with hardware it was inner-operability and how do all these things wire together? >> Exactly. >> Software, right, it needs to be seamless. >> It does. >> It should be platforms. And solutions in there, so give us the critical eye, a look internally, how's Cisco doing, what's the feedback you're hearing from the teams and partners? >> I think we're on the right track. We're well ahead with some of the solutions we're released with Cisco Container Platform, Cisco CloudCenter Suite. The biggest thing we hear from customers, a lot of, especially developers, application users, they don't care, they just want it to be up and running. So, with our integrated solutions, with things like the new HyperFlex 4.0, we build on top of that, they don't have to worry about connectivity to security or to load balancing, name the technology, they can bring it up and we can actually have the software do exactly what it needs to do. >> So, I've observed for decades the evolution and the services' business. >> Yeah. >> When I started in the business, it was all about break-fix. >> Yes. >> Right and then you had large software projects and ERPs. >> Yeah. >> And business process, re-engineering, a lot of consultative selling, internet came in. A lot of e-commerce activity. >> Yeah. >> How has the Cloud changed the service role, the organization, and how you go to market and scale, as you mentioned before. >> I think the biggest change with the Cloud, it's no longer just break-fix, let me go and install it and figure it out. It's, we really need to understand what our requirements are before we move to the Cloud, we hear about speed, cost-performance, but there's a lot more thought that has to go into it. We have to look across the IT infrastructure. So, that advisory upfront, that guidance, that wasn't necessarily always there, that's the biggest change, before we even think about using the product, we need to understand why we purchase this product. >> And so, what do you need from the customer? I mean, you obviously need data and participation and buy-in from the customer, what do you need to be successful there? >> Really from the customer we need to know, what are you trying to accomplish? What are the use-cases, and we have a lot of common use-cases we've seen, security is always a concern. How do I securely connect to the Cloud? How can I leverage Cisco's software to do that? And it's not just about connecting to Cisco's software, but how do we use Cisco's software to do that connectivity? So, it's over and over we see this constant pattern of, I want to build a manager hybrid Cloud securely, multi-Cloud network it and take the complexity out of what we do there. >> As the demographics of your buyer changes- >> Yes. >> How do you service them differently? How do you create a customer experience that's more focused on the way they want to interact with you? Whether it's chat or talk about that a little bit. >> So, you're not really talking to the IT infrastructure person anymore, you're talking to the lines of business or the application developers. So, you have to go in with the understanding of, I'm not going to go in and say, we're going to refresh the hardware, we're going to do this, we're going to give you new switches, new routers. You start the conversation at the application level now. What types of applications do you have? Are they traditional, do we have to re-factor them? Can't we just move them to the Cloud? Then, you go to the next level of, we understand this, now let's get our hardware in place to support this and then our infrastructure. But applications, that's the big shift. That's where the discussion is now. >> Alright, so we've talked about some of the impact of Cloud. >> Yeah. >> We've been hearing about how AI and ML are getting infused- >> Yes. >> Into all the products and that has to have a huge impact on how the customers interact and manage- >> It does. >> And there's got to be a little bit of the retraining that we talked about, too. >> Definitely, I mean, that's probably the biggest challenge, even hiring right now to find the right fit for Cloud or for Dev-Ops, AI, ML, it's a challenge. So, you have to have a plan in place with this background. And, what we've done within CX is we have a five tiered model. So, we start with the pre-requisites, where are you in this scale, we'll give you a rating based on what you have, but you really still have to train the folks, you have to give boot camps, cohorts, then code deliver on different engagements. But you still have to bring in folks with the right background, even if it's network route-switch, you can train them, but you have to have that program in place to be able to ramp them up. >> Yeah, we always said one of the biggest strengths Cisco has, is you've got those army of Cisco certified- >> Yes. >> The CCIEs out there. >> Yes. >> CCNPS and the like out there. Now, a lot of what they have to manage, it's either outside of their control, it's in the public Cloud >> It is, yeah. >> Or, right there's automation. I don't need to just get an alert and go do it, wait I need to make sure that the business rules are in place and- >> Exactly. >> The tooling's going to take care of that. So, help us understand what's the new, what's the new role inside the customers, that's got to change who you're negotiating with and who's involved in the conversations when you're putting this solution together, as well as, kind of the pre as well as the post deployments. >> Sure, sure I think the biggest difference is our customers now have customers. >> Yeah. >> Before we just managed their IT infrastructure. A good example, we have a healthcare comp, a healthcare corporation in Canada, the clinics are basically the clients of the overall organization, they don't care how long it takes to spend, they want speed. They can't go to the IT department and say, give me a VM and then three weeks later, they give it up or they provision it. And then, they'll go and say, well this is too slow. Here's my credit card, I'm going to buy Amazon Web Services and provision it, now we need to bring all of that together so, the route-switch folks need to become multi-Cloud architects. And when I talk about multi-Cloud, they need to know everything up the stack, infrastructure, connectivity with the CSR, security with our Cloud Protect Portfolio, and then the applications, not to mention the vast array of third party solutions, Cooper Netties is everywhere now. It's the defacto standard for containerization. This is really something that's come up over and over. And that's probably one of the biggest challenges is to get our folks to look at the overall stack rather than one piece. >> You challenge. I mean, Cisco and Hallmark, and Cisco has always been partner friendly. >> Yes. >> It's worked with all the different infrastructure that's out there. >> Yup. >> Now, you add in all the different Clouds. >> Exactly. >> And it's not just a cloud. >> It's an entire cloud stack, all the APIs. Your eyes bleed when you look at all the different APIs from Amazon- >> Yup. >> Data services, even. >> Exactly. >> There are dozens and dozens of them and so, so how do you manage (chuckles) that challenge? You can't just throw bodies at it? >> No, so we leverage the tools that we have. Cisco Container Platform's a good example. We use it in-house, but it's the biggest thing we position to our customers in the Cloud story because it's made deploying and managing containers or Cooper Netties simple. Before CCP, my team would deploy open source Cooper Netties which worked great, it was complex to set up, but then you had to look at, I need a tool for monitoring, I need one for logging, for load balancing, you ended up with 10 different applications. You thought you were moving to containers, but hey, there's much more to it. So, now with CCP, it's all packaged, everything's simple to manage. So, that's just the containers. And you mentioned governance before. I think this is a big thing, CloudCenter Suite, we can model our applications in there, deploy to any Cloud endpoint, so we support over 15 Clouds. And what my team does is bring this all together. So, it's not just a service, we want to show you how you can automatically provision those clusters and move it anywhere you want to go. >> Yeah, I wonder if you can put a point on that. The CloudCenter Suite, CloudCenter's been around for awhile. >> It has. >> But there's really been a re-architecture. It's built, Cloud native. >> It is. >> Cooper Netties' in there, but what, as a customer, is going to be like, oh wait, this isn't what I was used to in the past, help us understand what it is for the future. >> Absolutely, I think CloudCenter has been around for awhile, it's an amazing product. I took over this Cloud Portfolio and Services about a year ago and I'd heard all about it, started to ramp up on it, within four hours I couldn't believe this is really gooey-based. This is simple, so I can model the application and it's a simple as clicking deploy, and I can push it to any Cloud environment. And I think that's the biggest challenge, it's always been, how do I migrate my applications from the data center to the cloud or vice-versa. And CloudCenter's made it so simple within two minutes, you can actually migrate an application or deploy it, and they've added so many other features around cost and orchestration that it's everyday, I see customers starting to adopt CloudCenter Suite. >> I want to ask you about Swimlanes. >> Yeah. >> Cisco's a product company. >> Yes. >> You R&D. You build product, you ship products. >> You're not a services company. but you have a large services organization. How do you, what's your swim lane relative to some of the big SIs, what's your relationship with them? How does that work? >> Sure. So, I'm really closely partnered with all of the engineering teams, but at the same time, the partner organization, the systems integrators, they're still partners, especially in the new CX organization, we want to drive the solutions out to our customers, so we're actually taking some of our partners, bringing them on board, ramping them up on our services. And saying, hey you know what, you go deliver it, we'll support you, there's not a competition. I think, with CX now, we've combined everything together, the partners are just as important to us as the products that we sell. >> Will they private label those services or is- >> Yeah, absolutely, so our QuickStarts for example, these smaller packages, to turn up the solution stack quickly and drive adoption, we can hand that off to 'em, they can sell it themselves and label it. >> Yeah, so you're open that. And that drives their brand and their value. Their intimacy with their customers, yeah. >> I mean, we have a big market, but still the partners can reach them different spaces that we wouldn't traditionally be able to get to in professional services. >> Yeah, they have those relationships. Services has always been very local by nature. >> It has. >> The world's not just going to, we've talked about this, not just going to go to three clouds. I mean- >> That's right. >> Services, people want to meet people and they're in the same neighborhood. And there's trust. >> Yup. >> And that just doesn't disappear over night. >> And you have to build that, too. But you have to build the expertise before you get that trust. >> Yeah (chuckles). >> So, Dave, lot of customers here, you've been in meetings, giving presentations all week, give us a little bit of what's the buzz at the show? What are some of the top conversations? People are doing their planning for 2019. >> Yeah. >> You know, big hurdles and big opportunities that people are excited for. >> So, two common themes, security has come up over and over again, customers who haven't moved to Cloud they're concerned, how do I connect? And can I really put this in the Cloud? Or do I have to keep it in the data center? So, we talk about how we can secure and it- >> And I'm sorry, are they concerned about security, compliance, governance- >> They are. >> All of the above. >> One example. Yesterday, a customer said, I have a top secret application. And my company's pushing me towards the Cloud, can I really put this top secret application in a container in a public Cloud environment? So, that's just one conversation. It's the concern of, I don't own this anymore. It's not my data center, so how do I secure the application? How do I make sure there's no type of interference with that app, any type of interjection into damage it, right? And then, the other thing is, I see your stack, I see you have infrastructure, I see all the products, I don't think it's that simple to put together. It's great on a PowerPoint, but show me in the real world how this works together. And, that's what we've been doing, showing these demos, how we can build everything. >> Alright, so once you've shown them, walked through everything, they're feeling answered? >> They're feeling much better, but we go back to the whole CX lifecycle, advisory, implement, support, and that brings it all together. >> Yeah, and the top secret thing, Google, you've been highlighting partnerships with Google, Microsoft, Amazon, they've got specific Clouds, we've been watching this- >> They do. >> 'Specially, all the stuff happening at the government level. >> Yeah. >> And one of the great proof points about public Cloud adoption. >> Yeah, definitely. >> Alright, want to give you the final word as people come away from Cisco Live! 2019, when it comes to customer experience, what do you want them to understand? >> It's all about solutions, putting it together. So, you see all these products, it's not that complex, CX, our partners can help you build it, scale it out, and really adopt it. >> Alright, well Dave Stanford, really appreciate you helping us understand the CX experience here. >> Thank you. >> Definitely lots of opportunities here. Cloud, AI, ML, putting all the solutions together. For Dave Vallente, I'm Stu Miniman, back with more coverage here of Cisco Live! 2019. Thanks for watching theCUBE. (funky upbeat music)

(intense orchestral music) >> Hello everybody welcome to theCUBE, special announcement here, exclusive coverage. Covering Oracle NetSuite SuiteWorld with some special news, we're here with Jason Maynard, Sr. Vice President of Marketing and Strategy at Oracle NetSuite, and Jim McGeever, EVP, Second to Vice President at Oracle NetSuite. Thanks For joining this special CUBE coverage. >> Thanks... - Thank you. >> Great to be here. So we've got some exclusive news around SuiteWorld going on, so let's get down and dirty, so you got four major announcements goin' on: Oracle NetSuite global, vertical IntelligenceSuite, and new SuiteCommerce, let's get into the hard news. What's the big story around the news? >> The big story is we're going global, and in a big way, it's one of the big advantages of the Oracle acquisition, we could never have afforded to go to as many countries as fast as we can, and now with Oracle, we'll really be able to go really fast. And as a result, we're building a lot of new international features. So 2018, we've really turned the developmentship to build out deep localizations for most of the major economies around the world. >> NetSuite's had a great track record, obviously everyone kind of has well documented history, obviously now with Oracle. What's the stride look like, what's, what're you guys, you guys are hitting a stride. What's is look like, what's different about it, if anything, what's the big highlight here at SuiteWorld? >> Well, we've really put the foot on the gas petal, so we're actually growing much faster now than we were when we were independent. And a lot of it is due to the international growth, I mean, for example in China, China we didn't have a market presence, it's now our fourth biggest market after only a year. And that's just starting, it's amazing how fast that it's grown. >> Talk about the international global piece, because global has become kind of like a, a whitewash term for some, but it's hard to do. Especially China you mentioned that one, so you have China, and then the rest of international. There are issues with Cloud, you've got regions, you've got data privacy, obviously GDPR's on the horizon, and it's got some teeth to it I would argue, relatively, you know, sharp in some areas, not in others, but it's a challenging dynamic, but the upside is it's a very lucrative opportunity. What's different about international now, then say just five-six years ago? >> Oh, there's two major differences. So one is the data privacy rules, GDPR, I mean that's just amazing how, what an impact that has on businesses, and also the data residency rules. So we're having to build our data centers around the globe, which we never would've had to do before. Now this is, thankfully we have a company that has data centers around the world, so it's becoming a lot cheaper and easier for us to do that. But that's really tough for a business to be able to do that themselves. >> So, you know, the theme I want to get out there is, is that, you know people want to do more with less, that's a classic consolidation message. There's some consolidation going on, when you look at Cloud, how people are trying to figure out Cloud on premise in the, in Cloud. But it's not a consolidation market, it's a massive growth market. Jason what does more mean? I mean people want more, they might have to do with less, but there's an upside, growth component. How are you guys talking with that one challenge? Cuz there's challenges, and there's opportunities at the same time. >> You know, it's an interesting time, I think a lot of folks say it's easier than ever to start a business. But the flip side is, is it's harder than ever to actually scale and grow. So when we're out talking to our customers, and were getting, you know, into what they're trying to solve. The biggest issue they have, is how do I overcome this issue of breaking these barriers of growth. So, it could be going global, It could be doing more with less, right? How do I automate my business so I can reinvest into things that are going to make me more successful? Like acquiring new customers. Those are the type of challenges that we see out there, it's more with less, get me to where I need to be, and frankly, stop doing the things that are sort of counterproductive and inefficient, and really drive, top lane. >> I think that's one nuance that's missed a lot in the analysis is that, it's not so much more with less, it's more efficiency with Cloud, you get more leverage than software. That's always been the case with software economics. How does that translate to the business strategy for you guys as you guys go global? Talk about some of news around the, the verticals, vertical integration, cuz that's going to be a big part of it, with either the developer community and/or your partner ecosystems. >> Sure, so what we're seeing is, if you look at our product, what people use. When we looked at our customer base, customers who are international, customers who use vertical features grow much faster than customers who are single domestic. So we looked across the board, and so what we're really focused on is how we can help those companies grow even faster. So how do you go international quicker? But every business is not a generic business, so they all have these vertical features, some have inventory, some have projects. So what they really need is features that can help them execute their business better. So we go deep by vertical, and in fact, our whole company is organized vertically, our sales teams, our development teams, and so when we go to market we go vertically, and so we're doing some really cool stuff. Especially in the product-based area, uh, that's the new supply tower control center, which really helps enable people to get product to their customers on time. >> Well I'd like to get both of you to weigh in on the hard question, right? Bringin' the heat now. >> Jim: Okay. >> Jason: Alright. >> Everyone wants to know, okay, what's it like with Oracle? Is that helping you, is it hurting you? Oracle has a reputation, they're moving to the Cloud very quickly, but again they're an incumbent, okay in the old, in the Cloud way. So, you know hards pers putting up some numbers, you can talk to folks at amazon like whoa, you know, they're Oracle. So there's a lot of uncertainty around who's going to be the modern player. So the question is: How are you guys, working in that environment? Obviously Oracles numbers are up, they're moving to the Cloud model, they're stats are flying, at a pace that, they're moving as fast as they can. But you guys have always had a different perspective. How is the NetSuite/Oracle relationship working, and how do you talk to customers about that? >> Sure. So we're, they've run us really independently, so we're a global business unit inside of Oracle. So all sales, development, marketing, product, all report up through me, Evan, and Jason, and we report into the CEO of Oracle. So we're really run purely independently. The only other thing I'll add, so really not that much has changed, other than we get to leverage a lot of their global scale, and as Mark Hurd says, and try to avoid the negatives of the scale. But they are all in on Cloud, this is, when you're in a meeting with the senior leadership at Oracle, it's not a fake thing, it's a not a, a marketing message they truly believe at their core, that in the Cloud, or that everything's moving to the Cloud. So there's, we get the same incentives to sell to an Oracle owned premise customer as we do to an SAP owned premise customer. >> Jason to add to that, I want to get your perspective. We were talking before we came on around, the scale piece, that Jim just mentioned. Talk about the profile of the kind of customers that you guys have here as SuiteWorld. Is the profile of your customer changing? Take a minute to explain who is the NetSuite customer, cuz the global thing is interesting, if you're growing, soon to be multi-national, or you're already multi-national company, this matters. So, and then the scale matters as well, so, what is the profile of the customer, how does that help, how does that weave into the Oracle scale? >> So we have over 40 thousand organizations globally running NetSuite. It's a pretty interesting mix. Obviously a lot of small/mid-sized companies, and we have a few, you know, a good decent percentage of our base are multi-billion dollar companies. We see an interesting, I think, dynamic, which is: the most successful NetSuite customers, are the ones that have gone global. They grow faster like Jim said, than the domestic only. I think the one other hallmark that I would point out to the NetSuite customer, the customer base. You see sort of an innovative group of entrepreneurs. So we see all sorts of great stories with the customers, you know, in Jim's keynote, Kara Goldin, the founder of Hint, right? She started off with a mission to stop folks from drinking soda water and drink actual water. Started with, you know, 10 years ago, and is now on an amazing trajectory. So we find-- >> John: You guys get a lot of growth companies. >> Yeah, we get a lot of the growers, we get a lot of the, really kind of the entrepreneurs who start small with us, and then scale with us, all the way to becoming a multi-billion dollar company. >> And this is where the international piece matters, right? >> Oh yeah. >> So let's talk about that and then we'll move onto the the next set of news. So if I'm a growing company, and we're expanding crazy, I care about localization, I care about data in regions, certainly Cloud, as you mentioned Oracle's really serious about what they are, they care about regions, this is an issue. So talk about the benefits of me, a growing company, how do I take advantage of localization, what do you guys offer, what's the playbook? (laughing) >> It's, we just make it easy. I mean, our whole focus is: if you're a business, it's hard enough to go international, and figure out your value proposition, and what makes you unique and what makes you differentiated, the last thing you need to be worried about are your IT systems, and spending your time on infrastructure, and selling it all up. So our kind of job is, we'll just take care of that, if you want to go to Germany, you will literally flip a switch inside the system, and you have a German enabled application. >> And what's the alternative, if I don't go with you guys? >> You have to go find someone in Germany, to go buy an application, install it, then you implement it, then you integrate it. I mean that's a multi-month, if not year process. >> John: And expensive. >> Very expensive-- >> You've got to find people, you got to know the nuances, the local issues. (laughing) >> Right. And so you've got to learn all that. We come fully localized, and we don't do it just in a way that is, it's a starting point. We have all the German tax forms built-in to the system, when you log onto NetSuite and once you flip this switch, you go to page, all the German tax forms are there, and we will automatically fill them out for you. >> Jason, I want to get your perspective, because local marketing is a big deal. You guys are in hundreds of countries, I know that from, from doing the research and watching you guys grow. But where do you have actual presence and where does presence matter, can you just highlight, the NetSuite, cuz I think this is going to where, people going to want to know, okay, there's hundreds of countries out there, but where are you, where's the core going to be? >> So it's an interesting point because it's, I think it's not just about product, right? It's not just about having a product that's localized for a specific country, it's about having everything else, right? It's having, making sure the support is in the local language, it's making sure that we have people who speak the language, making sure we have facilities, sales, service people, having a localized data center-- >> John: You guys are committed to that. >> We are 100% committed, this is, you know you asked the question earlier about what, what has been the benefit of Oracle? I don't think, as a standalone company, we'd have been able to pull off what we're pulling off and announcing this week. Without the backing of, and the Oracle resources, because the have the global reach, that we can easily tap into. So when we do local now, we're doing it with everything that a customer needs to be successful. >> Okay, so the next set it is, I want to dive into the hard news is the, new SuiteCommerce kind of vibe, sweet success for SuiteCommerce. It's a new e-commerce solution that gives customers the freedom to grow and evolve their digital commerce business. So this is basically commerce, you're talking about like, doing business. What is this news about, gives us the quick summary, and let's discuss. So our previous commerce product was actually very advanced, we actually started at the top first. We enabled you to touch every pixel on the page, customizing in any way, shape, or form you wanted. What we've done with SuiteCommerce is now we've taken it, and came out with an entirely pre-packaged, pre-built websites. So you can be up and running, with a very complex, fully featured website, in 30 days or less. And it's point and click choose, and this is not going to a basic colors and theme choices, we have complex features that enable you to run your business. So you can come to us, and we will have you running, with commerce enabled, integrated with your back office, with less, in 30 days. >> Jason, I can see two use-cases for this, one is, you know, I need turnkey guys, here's the keys to the kingdom, build it for me, I'll give you all my raw materials, we're up and running, you know, classic turnkey. Then there's the more of the dev ops Cloud model, which is, hey I need access to APIs, I have my own development team. Okay, how do you talk to both those guys, and there's also hybrids in the intersection of both those. So there's two modes of use-cases, how do you guys address the developer? It's interesting, I think the way we look at it is, we can be the first system you buy, and we can also be the last system you'd ever buy, right? And that's that freedom to grow and evolve. So, you may want to start out with us because you're an emerging retailer, and you're launching just in the US. But as you evolve to six more countries in a year and a half because you've got the hit product or you're selling, and you want to start to then expand your sophistication, then we can migrate you to some of the more advanced capabilities, but. What we're delivering today is that ability to have a packaged, out of the Cloud, easier to use, on ramp, to get the value of of NetSuite. >> And the horizontally scalable Cloud is obviously, with developers like, what's the developer story here? Can you guys share the developer perspective for your customer, if I have a team of developers? >> So we use the exact same technology, so SuiteCommerce and SuiteCommerce advanced is the exact same technology. One, we've been the developer, and pre-packaged it, and delivered it to the customer. But if you start with that, you can instantly switch over, and take over the development yourself. So either stay with us, we'll work with you, we'll develop it. Or you can just take that as a starting point and develop it going forward. >> John: Awesome. >> Literally, I think something is 75-80% of our customers, literally customize NetSuite in some shape or form, so you can imagine-- >> John: So you guys are totally open to let developers completely develop them. >> Yeah, there's a platform as a service offering, inside of NetSuite, which is something, that as customers evolve and grow they tend to consume and use more of those platforming features. >> So one of the things I'm reading here in the news, that I want to dive into, that I like. You know I like... (stammering) I like new things. So the latest edition you guys are doing have this concept of micro verticals, that span a variety of industry. So that means data potentially could fly around, certainly. In cyber security we were covering at RSA just recently, the role of data sharing is huge, you obviously got the other end on the policy side of, you know the data protection. So you can't have, you got to have a combination of data sharing to make machine learning, and make, you know, some of these new AI capabilities work. At the same time, you got to have policies around that. But these micro verticals will have to operate in a new way. So, what does a micro vertical mean, and how are you helping customers saying you know, I played a little bit of media, I play a little bit in financial, you know have a lot of different requirements that may cross verticals. How do you guys handle that? >> Well we started off with industries, so we used to think of wholesale distribution as a whole series of vertical features, you need a warehouse, you need all the management, there's all these things that you needed in order to make that work. And now we're going into verticals within that, such as food and beverage, or health and beauty. Then we get down food and beverage, now you have cold storage, so that's where we get to the micro vertical level, and the requirements there are actually quite different than you may get from a generic health and beauty vertical. So what we build are those micro vertical features, to enable this business. >> So you guys drill down into the verticals and segment them down, and, rather than some general purpose solution that's, you know, tryin' to hit, so there's some requirements changes. >> And all the regulatory and compliance requirements that go with those micro verticals, those are engineered as part of the process. >> And what's the impact of the customers, talk about the customer impact, what's the benefit for them? They get better product, they're happier, they get it quicker, and they get it cheaper. So it's kind of the more we do, and the less you do, the happier the customer is going to be. >> Alright philosophical question now, this is really what customers want, they want to have, they want to feel like it's a personal experience customized for their business. How do you make that work in this new Cloud world, what's the secret sauce that you guys bring to the table to make customers get the flexibility, the agility, obviously the scale of Oracle helps, on the foundational level. But as you guys roll out the NetSuites next generation customer environment, what's the secret? >> Well we've always had a platform, a deep platform, and so people have always customized our product. So we're using the exact same customization technologies to deliver these micro verticals that customers and developers have been able to do for years so it's just about leveraging what everyone can do to make it a better solution for those customers. >> Final question now, I mentioned machine learning and AI before, so the IntelligenceSuite is news here. Let's get into that. If you're not doing AI you're not relevant these days, everyone's throwing AI around like it's like at, oh we're AI-ing this so it's machine learning. But this is real, I mean software has to drive efficiencies. There's scale involved in software. Machine learning and artificial intelligence is a great path to operationalize, and automate, and create insights. So what is IntelligenceSuite about, can you share the news there? >> Sure, so we're not building a generic AI tool, Oracle's got a massive investment in that, and I'm sure at some point we'll leverage it. We're actually looking at very specific use-cases within our application, that customers can use right now. And so we're actually taking solutions such as: what is the quickest way to get your inventory to your customer, and using some machine learning to help actually route, and pick the right inventory items, and the right location to get the quickest delivery time to your customer. So we're taking very specific use-cases, and we're building that intelligence in, around that. We're not coming out with a generic AI tool that will, solve all potential questions, answer all potential questions even if you don't know what the questions are, that will come a little bit later. But right now, this is really-- So you guys are taking the low-hanging fruit, drilling down in known use-cases for your customers, and bringing that kind of automation to the table? I think, we basically take the attitude of, machines and humans together are generally a better answer than either by themselves. So we'll give you all the choices, and give you the recommendations, and let you pick the way you want to go. >> Jason how do you market that to a customer? Cuz this is really, I think, a big point. Humans and machines clearly are involved, you look at all the success of machine learning. This is now becoming known, you look at Facebook in front of the United States lawmakers, you know, they don't even know how Facebook works so, you know, you've got an enterprise, they're learning about data, they want real answers and they need to have it digged out for them. >> Jason: I think AI and machine learning could perhaps be, you know, the new planking, the most overused, over-hyped, you know, thing out there right now, and every vendor has to come up with a, like a sort of a perceived AI strategy, so I think it's overwhelming for a lot of customers. Because at the end of the day, these customers are trying to figure out how do I solve really specific problems. They don't have AI problems, they have tangible business problems. And so we took this approach to build this from scratch, inside of NetSuite, we didn't acquire, you know, some random startup, and try and plug and graph that onto NetSuite, we built it with the same though process, around how do we solve that problem, make it more efficient, so. Our conversations with our customers are not about technology, they're about, hey how do we get you, you know, better turns on your inventory, how do we solve a specific business problem, and that resonates, that makes it a lot easier, cuz that's what they know. >> Yeah, there's a shiny new toy, kind of thing, hey look it we got some new tools, and there's a place for that kind of, from a developers standpoint I can see it being a great sandbox. But you guys are taking a different approach, add known customer problems, that you can automate away and create insights, is that right? >> That's it. >> Yeah, absolutely. >> To wrap up, I want to get the thoughts of SuiteWorld, what's going on here, what's the main conversations, what're you guys promoting, what's the message, what's some of the conversations, and what's next for NetSuite? >> You know the biggest conversation is customers talking to each other about how they grow and scale their business. And so we try and create an environment at SuiteWorld where these customers can learn from each other, they can talk to each other. Obviously we share our insights and perspectives, but it's really about them, and how they figure out, and really learn from other experiences to solve what they're trying to accomplish. >> Jim top level message to customers, next 10 years, what's the NetSuite 20 mile stair look like for you guys? >> You know the great thing about NetSuite, we've been around almost 20 years, we've been on the same mission, the same product, and we look at the confusion that's out there in the marketplace. I think people feel very grateful that we're on the path and we know where we're going, and we're delivering them real value, real deliverables, and we're not forcing them to change their business. We change for them, not the other way round. >> From a tech perspective, tech enablement, and outcome perspective, what's the main themes of the show this year. >> It's mostly about or international rollout, our new commerce products, our vertical features, our micro vertical features, and our intelligence assistance. >> Cloud, IOT, AI, software all powerin' this, guys thanks so much for the insight. Exclusive news coverage here on Oracle NetSuite SuiteWorld, big announcements here, this is theCUBE, thanks for watching. (intense orchestral music)

>> Announcer: Live from Boston, Massachusetts, it's theCUBE, covering Spark Summit East 2017. Brought to you by Databricks. Now, here are your hosts Dave Vellante and George Gilbert. >> Welcome back to snowy Boston, everybody. This is theCUBE, the leader in live tech coverage. We're here at Spark Summit East, hashtag SparkSummit. Manish Gupta is here, he's the CMO at Redis Labs. Manish, welcome to theCUBE. >> Thank you, good to be here. >> So, you know, 10 years ago you say you're in the database business and everybody would yawn. Now you're the life of the party. >> Yeah, the world has changed. I think the party has lots and lots of players. We are happy to be on the top of that heap. >> It is a crowded space, so how does Redis Labs differentiate? >> Redis Labs is the company behind the massively popular open source Redis, and Redis became popular because of its performance primarily, and then simplicity. Developers could very easily run up an instance of Redis, solve some very hairy problems, and time to market was a big issue for them. Redis Enterprise took that forward and enabled it to be mission critical, ready for the largest workloads, ready for things that the enterprises need in a highly distributed clustered environment. So they have resilience and they benefit from the performance of Redis. >> And your claim to fame, as you say, is that top-gun performance, you guys will talk about some of the benchmarks later. We're talking about use cases like fraud detection, as example. Obviously ad serving would be another one. But add some color to that if you would. >> Redis is whatever you need to make real time real, Redis plays a very important role. It is able to deliver millions of operations per second with sub-millisecond latency, and that's the hallmark. With data structures that comprise Redis, you can solve the problems in a way, and the reason you can get that performance is because the data structures take some very complex issues and simplify the operation. Depending on the use case, you could use one of the data structures, you can mix and match the data structures, so that's the power of a Redis. We're used for ITO, for machine learning, for metering of billing and telecommunications environment, for personalization, for ad serving with companies like Groupon and others, and the list goes on and on. >> Yeah, you've got a big list on your website of all your customers, so you can check that out. Let's get the business model piece out of the way. Everybody's always fascinated. Okay, you got open source, how do you make money? How does Redis make money? >> Yeah, you know, we believe strategically fostering the growth of open source is foundational in our business model, and we invest heavily both R&D and marketing to do that. On top of that, to enable enterprise success and deployment of Redis, we have the mission critical, highly available Redis Enterprise offerings. Our monetization is entirely based on the Redis Enterprise platform, which takes advantage of the data structures and performance of core Redis, but layers on top management and the capabilities that make things like auto-recovery, auto-sorting, management much, much easier for the enterprise. We make that available in four deployment models. The enterprise can select us as Redis cloud, which runs on a public infrastructure on any of the four major platforms. We also allow for the enterprise to select a VPC environment in their own private clouds. They can also get software and self-manage that, or get our software and we can manage it for them. Four deployment options are the modalities in other ways where the enterprise customers help us monetize. >> When you said four major platforms, you meant cloud platforms? >> That's right. AWS, >> So, AWS, Azure >> Azure, Google, and IBM. >> Is IBM software, got there in the fourth, alright. >> That's right, all four. >> Go to the whip IBM. Go ahead, George. >> Along the lines of the business model, and we were sort of starting to talk about this earlier offline, you're just one component in building an application, and there's always this challenge of, well, I can manage my component better than anyone else, but it's got to fit with a bunch of other vendors' components. How do you make that seamless to the customer so that it's not defaulting over to a cloud vendor who has to build all the components themselves to make it work together? >> Certainly, you know, database is an integral part of your stack, of your application stack, but it is a stack, so there are other components. Redis and Redis Labs has a very, very large ecosystem within which we operate. We work closely with others for interfaces, for connectors, for interoperability, and that's a sustained environment that we invest in on a continuous basis. >> How do handle application consistency? A lot of in the no-SQL world, even in the AWS world, you hear about eventual consistency, but in the real-time world, there's a need for more rigorous, what's your philosophy there, how do you approach that? >> I think that's an issue that many no-SQL vendors have not been able to crack. Redis Labs has been at the forefront of that. We are taking an approach, and we are offering what we call tuneable consistency. Depending on the economics and the business model and the use case, the needs of consistency vary. In some cases, you do need immediate consistency. In other cases, you don't ever need consistency. And to give that flexibility to the customer is very important, so we've taken the approach where you can go from loose consistency to what we call strong eventual consistency. That approach is based on a fairly well trusted architecture and approach called CRDT, Conflict-free Replication Data Type. That approach allows us to, regardless of what the cluster magnitude or the distribution looks like geographically, we can deliver strong eventual consistency which meets the needs of majority of the customers. >> What are you seeing in terms of, you know, also in that a discussion about acid properties, and how many workloads really need acid properties. What are seeing now as you get more cloud native workloads and more no-SQL oriented workloads in terms of the requirement for those acid properties? >> First of all, we truly believe and agree that not all environments required acid support. Having said that, to be a truly credible database, you must support acid, and we do. Redis is acid-compli, supports acid, and Redis Labs certainly supports that. >> I remember on a stage once with Curt Monash, I'm sure you know Curt, right? Very famous database person. And he basically had a similar answer. But you would say that increasingly there are workloads that, the growth workloads don't necessarily require that, is that fair statement? >> That's a fair statement I would say. >> Dave: Great, good. >> There's a trade-off, though, when you talked about strong eventual consistency, potentially you have to wait for, presumably, a quorum of the partitions, I'm getting really technical here, but in other words, you've got a copy of the data here-- >> Dave: Good CMO question. (laughing) >> But your value proposition to the customers, we get this stuff done fast, but if you have to wait for a couple other servers to make sure that they've got the update, that can slow things way down. How does that trade-off work? >> I think that's part of the power of our architecture. We have a nothing shared, single proxy architecture where all of the replication, the disaster recovery, and the consistency management of the back end is handled by the proxy, and we ensure that the performance is not degraded when you are working through the consistency challenges, and that's where significant amount of IP is in the development of that proxy. >> I'll take that as a, let's go into it even more offline. >> Manish: Sounds good. >> And I have some other CMO questions, if I may. A lot of young companies like yours, especially in open source world, when they go to get the word out, they rely on their community, their open source community, and that's the core, and that makes a lot of sense, it's their peeps. As you become, grow more into enterprise grade apps and workloads, how do you extend beyond that? What is Redis Labs doing to sort of reach that C-Suite, are you even trying to reach that C-Suite up level to messaging? How do you as a CMO deal with those challenges? >> Maybe I'll begin by talking about our personas that matter to us in the ecosystem. The enterprise level, the architects, the developers, are the primary target, which we try to influence in early part of the decision cycle, it's at the architectural level. The ultimate teams that manage, run, and operate the infrastructure is certainly the DevOps, or the operations teams, and we spend time there. All along for some of the enterprise engagements, CIOs, chief data officers, and CTOs tend to play a very important role in the decisions and the selection process, and so, we do influence and interact with the C-Suite quite heavily. What the power of the open source gives us is that groundswell of love for Redis. Literally you can walk around a developer environment, such as the Spark Summit here, and you'll find people wearing Redis Geek shirts. And we get emails from Kazakhstan and strange, places from all over the world where we don't necessarily have salesforce, and requesting t-shirts, "send us stickers." Because people love Redis, and the word of mouth, that ground level love for the technology enables the decisions to be so much easier and smoother. We're not convincing, it's not a philosophical battle anymore. It's simply about the use case and the solution where Redis Enterprise fits or doesn't fit. >> Okay, so it really is that core developer community that are your advocates, and they're able to internally sell to the C-Suite. A lot of times the C-Suite, not the CTO so much, but certainly the CIO, CDO are like, "Yeah, yeah, they're geekin' out on some new hot thing. "What's the business impact?" Do you get that question a lot, and how do address it? >> I think then you get to some of the very basic tools, ROI calculators and the value proposition. For the C-level, the message is very simple. We are the least risky bet. We are the best long-term proposition, and we are the best cost answer for their implementation. Particularly as the needs are increasingly becoming more real-time in nature, they are not batch processed. Yes, there will always be some of that, but as the workloads are becoming, there is a need for faster processing, there is a need for quick insights, and real-time is not a moniker anymore, right. Real-time truly needs to be delivered today. And so, I think those three propositions for the C-Suite are resonating very well. >> Let's talk about ROI calculators for a second. I love talking about it because it underscores what a company feels as though its core value proposition is. I would think with Redis Labs part of the value proposition is you are enabling new types of workloads and new types of, whether it's sources of revenue or productivity. And these are generally telephone numbers as compared to some of the cost savings head to head to your competition, which of course you want to stress as well because the CFO cares about the cap-backs. What do you emphasize in that, and we don't have to get into the calculator itself, but in the conceptual model, what's the emphasis? Is it on those sort of business value attributes, is it on the sort of cost-savings? How do you translate performance into that business value? A lot of questions there, but if you could summarize, that'd be great. >> Well, I think you can think of it in three dimensions. The very first one is, does the performance support the use case or the solution that is required? That's the very first one. The second piece that fits in it, and that's in our books, that's operations per second and the latency. The second piece is the cost side, and that has two components to it. The first component is, what are the compute requirements? So, what is the infrastructure underneath that has to support it? And the efficiency that Redis and Redis Enterprise has is dramatically superior to the alternatives. And so, the economics show up. To run a million operations per second, we can do that on two nodes as opposed to alternative, which might need 50 nodes or 300 nodes. >> You can utilize your assets on the floor much better than maybe the competition can. >> This is where the data structures come into play quite a bit. That's one part of-- >> Dave: That's one part of the cost. >> Yeah. The other part of the cost is the human cost. >> Dave: People, yeah. >> And because, and this goes back to the open source, because the people available with the talent and the competency and appreciation for Redis, it's easy to procure those people, and your cost of acquisition and deploying goes down quite a bit. So, there's a human cost to it. The third dimension to this whole equation is time to market. And time to market is measured in many ways. Is it lost revenue if it takes you longer to get there? And Redis consistently from multiple analysts' reports gets top ranking for fastest way to get to market because of how simple it is. Beyond performance, simplicity is a second hallmark. >> That's a benefit acceleration, and you can quantify that. >> Absolutely, absolutely. And that's a revenue parameter, right. >> For years, people have been saying this Cambrian explosion of databases is unsustainable, and sort of in response we've gotten a squaring of the Cambrian explosion. The question is, with your sort of very flexible, I don't want to get too geeky, 'cause Dave'll cut me off, but the idea that you can accommodate time series and all these different ways of, all these different types of data, are we approaching a situation where customers can start consolidating their database choices and have fewer vendors, fewer products in their landscape? >> I think not only are we getting there, but we must get there. You've got over 300 databases in the marketplace, and imagine a CIO or an architect trying to have to sort through that to make a decision, it's difficult, and you certainly cannot support it from a trading standpoint or from an investment, cap-backs, and all that standpoint. What we have done with Redis is introduce something called Redis Modules. We released that at the last RedisConf in May in San Francisco. And the Redis Module is a very simple concept but a very powerful concept. It's an API which can be utilized to take an existing development effort, written as CC++, that can be ported onto the Redis data structures. This gives you the flexibility without having to reinvent the wheel every single time to take that investment, port it on top of Redis, and you get the performance, and you can make now Redis becomes a multi-model database. And I'm going to get to your answer of how do you address the multiple needs so you don't need multiple databases. To give you some examples, since the introduction of Redis Modules, we have now over 50 modules that have been published by a variety of places, not just Redis Labs. To indicate how simple and how powerful this model is. We took Lucene and developed the world's fastest full-text search engine as a module. We have very recently introduced Redis machine learning as a module that works with Spark ML and serves as a great serving layer in the machine learning domain. Just two very simple examples, but work that's being done ported over onto Redis data structures and now you have ability to do some very powerful things because of what Redis is. And this is the way future's going to be. I think every database is trying to offer multi-functionality to be multi-model in nature, but instead of doing it one step at a time, this approach gives us the ability to leverage the entire ecosystem. >> Your point being consolidation's inevitable in this business as well. >> Manish: Architectural consolidation. >> Yes, but also you would think, company consolidation, isn't that going to follow? What do you make of the market, and tell me, if you look back on the database market and what Oracle was able to achieve in the face of, maybe not as many players, but you had Sybase and Informix, and certainly DB2's still around, and SQL Server's still around, but Oracle won, and maybe it was SQL standards that. It's great to be lucky and good. Can we learn from that, or is this a whole different world? Are there similarities, and how do you, how do you see that consolidation potentially shaking out, if you agree that there will be consolidation? >> Yeah, there has to be, first and foremost, an architectural approach that solves the OPEX, CAPEX challenge for the enterprise. But beyond that, no industry can sustain the diversity and the fragmentation that exists in database world. I think there will always be new things coming out, of universities particularly. There's great innovation and research happening, and that is required to augment. But at the end of the day, the commercial enterprises cannot be of the fragmented volume that we have today in the database world, so there is going to be some consolidation, and it's not unnatural. I think it's natural, it's expected, time will tell what that looks like. We've seen some of our competitors acquire smaller companies to add graph functionality, to add search functionality. We just don't think that's the level of consolidation that really moves the needle for the industry. It's got to be at a higher level of consolidation. >> I don't want to, don't take this the wrong way, don't hate me for saying it, but is Oracle sort of the enemy, if I can say that. I mean, it's like, no, okay. >> Depends how you define enemy. >> I'm not going to go do many of the workloads that you're talking about on Oracle, despite what Larry tells me at Oracle OpenWorld. And I'm not going to make Oracle my choice for any of the workloads that you guys are working on. I guess in terms, I mean, everybody who's in the database business looks at that and say, "Hey, we can do it cheaper, better, "more productively," but, could you respond to that, and what do you make of Amazon's moves in the database world? Does that concern you? >> We think of Amazon and Oracle as two very different philosophies, if you can use that word. The approach we have taken is really a forward-looking approach and philosophy. We believe that the needs of the market need to be solved in new ways, and new ways should not be encumbered by old approaches. We're not trying to go and replicate what was done in the SQL world or in a relational database world. Our approach is how do you deliver a multi-model database that has the real-time attribute attached to it in a way that requires very limited computer force power and very few resources to manage? You take all of those things as kind of the core philosophy, which is a forward-looking philosophy. We are definitely not trying to replicate what an Oracle used to be. AWS I think is a very different animal. >> Dave: Interesting, though. >> They have defined the cloud, and I think play a very important role. We are a strong partner of theirs, much of our traffic runs on AWS infrastructure, certainly also on other clouds. I think AWS is one to watch in how they evolve. They have database offerings, including Redis offerings. However, we fully recognize, and the industry recognizes that that's not to the same capability as Redis Enterprise. It's open sourced Redis managed by AWS, and that's fine as a cache, but you cannot persist, and you really cannot have a multi-model capability that's a full database in that approach. >> And you're in the marketplace. >> Manish: We are in the marketplace. >> Obviously. >> And actually, we announced earlier, a few weeks ago, that you can buy and get Redis cloud access, which is Redis Enterprise cloud, on AWS through the integrated billing approach on their marketplace. You can have an AWS account and get our service, the true Redis Enterprise service. >> And as a software company, you'd figure, okay, the cloud infrastructures are service, we don't care what infrastructure it runs on. Whatever the customer wants, but you see AWS making these moves up-market, you got to obviously be paying attention to that. >> Manish: Certainly, certainly. >> Go ahead, last question. >> Interesting that you were saying that to solve this problem of proliferation of choice it has to be multi-model with speed and low resource requirement. If I were to interpret that from an old-style database perspective, it would be you're going to get, the multi-model is something you are addressing now, with the extensibility, but the speed means taking out that abstraction layer that was the query optimizer sort of and working almost at the storage layer, or having an option to do that. Would that be a fair way to say? >> No, I don't think that necessarily needs to be the case. For us, speed translates from the simplicity and the power of the data structures. Instead of having to serialize, deserialize before you process data in a Spark context, or instead of having to look for data that is perhaps not put in sorted sets for a use case that you might be doing, running a query on, if the data is already handled through one of the data structures, you now have a much faster query time, you now have the ability to reach the data in the right approach. And again, this is no-SQL, right, so it's a schema lesson write and it sets your scheme as you want it be on read. We marry that with the data structures, and that gives you the ultimate speed. >> We have to leave it there, but Manish, I'll give you the last word. Things we should be paying attention to for Redis Labs this year, events, announcements? >> I think the big thing I would leave the audience with is RedisConf 2017. It's May 31 to June 2 in San Francisco. We are expecting over 1,000 people. The brightest minds around Redis of the database world will be there, and anybody who is considering deploying the next generation database should attend. >> Dave: Where are you doing that? >> It's the Marriott Marquis in San Franciso. >> Great, is that on Howard Street, across from the--? >> It is right across from Moscone. >> Great, awesome location. People know it, easy to get to. Well, congratulations on the success. We'll be lookin' for outputs from that event, and hope to see you again on theCUBE. >> Thank you, enjoyed the conversation. >> Alright, good. Keep it right there, everybody, we'll be back with our next guest. This is theCUBE, we're live from Spark Summit East. Be right back. (upbeat electronic rock music)