>>We're back with Jerome West, product management security lead at for HCI at Dell Technologies Hyper-converged infrastructure. Jerome, welcome. >>Thank you, David. >>Hey, Jerome, In this series, A blueprint for trusted infrastructure, we've been digging into the different parts of the infrastructure stack, including storage, servers and networking, and now we want to cover hyperconverged infrastructure. So my first question is, what's unique about HCI that presents specific security challenges? What do we need to know? >>So what's unique about Hyperconverge infrastructure is the breadth of the security challenge. We can't simply focus on a single type of IT system, so like a server or a storage system or a virtualization piece of software. I mean, HCI is all of those things. So luckily we have excellent partners like VMware, Microsoft, and internal partners like the Dell Power Edge team, the Dell storage team, the Dell networking team, and on and on. These partnerships, in these collaborations are what make us successful from a security standpoint. So let me give you an example to illustrate. In the recent past, we're seeing growing scope and sophistication in supply chain attacks. This mean an attacker is going to attack your software supply chain upstream so that hopefully a piece of code, malicious code that wasn't identified early in the software supply chain is distributed like a large player, like a VMware or Microsoft or a Dell. So to confront this kind of sophisticated hard to defeat problem, we need short term solutions and we need long term solutions as well. >>So for the short term solution, the obvious thing to do is to patch the vulnerability. The complexity is for our HCI portfolio. We build our software on VMware, so we would have to consume a patch that VMware would produce and provide it to our customers in a timely manner. Luckily, VX Rail's engineering team has co engineered a release process with VMware that significantly shortens our development life cycle so that VMware will produce a patch and within 14 days we will integrate our own code. With the VMware release, we will have tested and validated the update and we will give an update to our customers within 14 days of that VMware release. That as a result of this kind of rapid development process, Vxl had over 40 releases of software updates last year for a longer term solution. We're partnering with VMware and others to develop a software bill of materials. We work with VMware to consume their software manifest, including their upstream vendors and their open source providers to have a comprehensive list of software components. Then we aren't caught off guard by an unforeseen vulnerability and we're more able to easily detect where the software problem lies so that we can quickly address it. So these are the kind of relationships and solutions that we can co engineer with effective collaborations with our, with our partners. >>Great, Thank you for that. That description. So if I had to define what cybersecurity resilience means to HCI or converged infrastructure, and to me my takeaway was you gotta have a short term instant patch solution and then you gotta do an integration in a very short time, you know, two weeks to then have that integration done. And then longer term you have to have a software bill of materials so that you can ensure the providence of all the components help us. Is that a right way to think about cybersecurity resilience? Do you have, you know, a additives to that definition? >>I do. I really think that site cybersecurity and resilience for hci, because like I said, it has sort of unprecedented breadth across our portfolio. It's not a single thing, it's a bit of everything. So really the strength or the secret sauce is to combine all the solutions that our partner develops while integrating them with our own layer. So let me, let me give you an example. So hci, it's a, basically taking a software abstraction of hardware functionality and implementing it into something called the virtualized layer. It's basically the virtual virtualizing hardware functionality, like say a storage controller, you could implement it in a hardware, but for hci, for example, in our VX rail portfolio, we, or our vxl product, we integrate it into a product called vsan, which is provided by our partner VMware. So that portfolio strength is still, you know, through our, through our partnerships. >>So what we do, we integrate these, these security functionality and features in into our product. So our partnership grows to our ecosystem through products like VMware, products like nsx, Verizon, Carbon Black and Bsphere. All of them integrate seamlessly with VMware. And we also leverage VMware's software, par software partnerships on top of that. So for example, VX supports multifactor authentication through bsphere integration with something called Active Directory Federation services for adfs. So there is a lot of providers that support adfs, including Microsoft Azure. So now we can support a wide array of identity providers such as Off Zero or I mentioned Azure or Active Directory through that partnership. So we can leverage all of our partners partnerships as well. So there's sort of a second layer. So being able to secure all of that, that provides a lot of options and flexibility for our customers. So basically to summarize my my answer, we consume all of the security advantages of our partners, but we also expand on that to make a product that is comprehensively secured at multiple layers from the hardware layer that's provided by Dell through Power Edge to the hyper-converged software that we build ourselves to the virtualization layer that we get through our partnerships with Microsoft and VMware. >>Great. I mean that's super helpful. You've mentioned nsx, Horizon, Carbon Black, all the, you know, the VMware component OTH zero, which the developers are gonna love. You got Azure identity, so it's really an ecosystem. So you may have actually answered my next question, but I'm gonna ask it anyway cuz you've got this software defined environment and you're managing servers and networking and storage with this software led approach, how do you ensure that the entire system is secure end to end? >>That's a really great question. So the, the answer is we do testing and validation as part of the engineering process. It's not just bolted on at the end. So when we do, for example, the xra is the market's only co engineered solution with VMware, other vendors sell VMware as a hyperconverged solution, but we actually include security as part of the co-engineering process with VMware. So it's considered when VMware builds their code and their process dovetails with ours because we have a secure development life cycle, which other products might talk about in their discussions with you that we integrate into our engineering life cycle. So because we follow the same framework, all of the, all of the codes should interoperate from a security standpoint. And so when we do our final validation testing when we do a software release, we're already halfway there in ensuring that all these features will give the customers what we promised. >>That's great. All right, let's, let's close pitch me, what would you say is the strong suit summarize the, the strengths of the Dell hyperconverged infrastructure and converged infrastructure portfolio specifically from a security perspective? Jerome? >>So I talked about how hyper hyper-converged infrastructure simplifies security management because basically you're gonna take all of these features that are abstracted in in hardware, they're now abstracted in the virtualization layer. Now you can manage them from a single point of view, whether it would be, say, you know, in for VX rail would be b be center, for example. So by abstracting all this, you make it very easy to manage security and highly flexible because now you don't have limitations around a single vendor. You have a multiple array of choices and partnerships to select. So I would say that is the, the key to making it to hci. Now, what makes Dell the market leader in HCI is not only do we have that functionality, but we also make it exceptionally useful to you because it's co engineered, it's not bolted on. So I gave the example of, I gave the example of how we, we modify our software release process with VMware to make it very responsive. >>A couple of other features that we have specific just to HCI are digitally signed LCM updates. This is an example of a feature that we have that's only exclusive to Dell that's not done through a partnership. So we digitally sign our software updates so you, the user can be sure that the, the update that they're installing into their system is an authentic and unmodified product. So we give it a Dell signature that's invalidated prior to installation. So not only do we consume the features that others develop in a seamless and fully validated way, but we also bolt on our own specific HCI security features that work with all the other partnerships and give the user an exceptional security experience. So for, for example, the benefit to the customer is you don't have to create a complicated security framework that's hard for your users to use and it's hard for your system administrators to manage. It all comes in a package. So it, it can be all managed through vCenter, for example, or, and then the specific hyper, hyper-converged functions can be managed through VxRail manager or through STDC manager. So there's very few pains of glass that the, the administrator or user ever has to worry about. It's all self contained and manageable. >>That makes a lot of sense. So you got your own infrastructure, you're applying your best practices to that, like the digital signatures, you've got your ecosystem, you're doing co-engineering with the ecosystems, delivering security in a package, minimizing the complexity at the infrastructure level. The reason Jerome, this is so important is because SecOps teams, you know, they gotta deal with cloud security, they gotta deal with multiple clouds. Now they have their shared responsibility model going across multiple, They got all this other stuff that they have to worry, they gotta secure containers and the run time and, and, and, and, and the platform and so forth. So they're being asked to do other things. If they have to worry about all the things that you just mentioned, they'll never get, you know, the, the securities is gonna get worse. So what my takeaway is, you're removing that infrastructure piece and saying, Okay guys, you now can focus on those other things that is not necessarily Dell's, you know, domain, but you, you know, you can work with other partners to, and your own teams to really nail that. Is that a fair summary? >>I think that is a fair summary because absolutely the worst thing you can do from a security perspective is provide a feature that's so unusable that the administrator disables it or other key security features. So when I work with my partners to define, to define and develop a new security feature, the thing I keep foremost in mind is, will this be something our users want to use in our administrators want to administer? Because if it's not, if it's something that's too difficult or onerous or complex, then I try to find ways to make it more user friendly and practical. And this is a challenge sometimes because we are, our products operate in highly regulated environments and sometimes they have to have certain rules and certain configurations that aren't the most user friendly or management friendly. So I, I put a lot of effort into thinking about how can we make this feature useful while still complying with all the regulations that we have to comply with. And by the way, we're very successful in a highly regulated space. We sell a lot of VxRail, for example, into the Department of Defense and banks and, and other highly regulated environments, and we're very successful >>There. Excellent. Okay, Jerome, thanks. We're gonna leave it there for now. I'd love to have you back to talk about the progress that you're making down the road. Things always, you know, advance in the tech industry and so would appreciate that. >>I would look forward to it. Thank you very much, Dave. >>You're really welcome. In a moment I'll be back to summarize the program and offer some resources that can help you on your journey to secure your enterprise infrastructure. I wanna thank our guests for their contributions and helping us understand how investments by a company like Dell can both reduce the need for dev sec up teams to worry about some of the more fundamental security issues around infrastructure and have greater confidence in the quality providence and data protection designed in to core infrastructure like servers, storage, networking, and hyper-converged systems. You know, at the end of the day, whether your workloads are in the cloud, OnPrem or at the edge, you are responsible for your own security. But vendor r and d and vendor process must play an important role in easing the burden faced by security devs and operation teams. And on behalf of the cube production content and social teams as well as Dell Technologies, we want to thank you for watching a blueprint for trusted infrastructure. Remember part one of this series as well as all the videos associated with this program, and of course, today's program are available on demand@thecube.net with additional coverage@siliconangle.com. And you can go to dell.com/security solutions dell.com/security solutions to learn more about Dell's approach to securing infrastructure. And there's tons of additional resources that can help you on your journey. This is Dave Valante for the Cube, your leader in enterprise and emerging tech coverage. We'll see you next time.

>> Narrator: Live from Las Vegas, its theCUBE, covering Dell Technologies World 2018. Brought to you by Dell EMC and its ecosystem partners. >> Welcome back to theCUBE, SilconANGLE's premier live streaming show where we go out to the events and extract the signal from the noise we are live day two of Dell Technologies World. I'm Lisa Martin with Keith Townsend, welcoming back a CUBE alumni, Gil Shneorson Senior Vice President of VxRail and GM at Dell EMC. Hey Gil. >> Thank you for having me back. >> Well we're excited to talk to you. So looking at some of the announcements that came out today where Dell EMC says they're the number one market leader in global hyper-converged infrastructure, and you've said that's happened really quickly. Tell us a little bit about that leadership. >> I think we found a way to take a systems approach to what is otherwise a software-defined world. So we found a way to get all of the economical benefits of hyper-converged driven by software, at the same time own the responsibility for those systems to be up and running and life cycle managed, taking away more of the responsibility then customers would have to do it on their own and I think that recipe has led us to a leadership position very, very quickly. >> So, you know we talked earlier today, can you expand upon some of that responsibility alleviating from customers, specifically around SLAs, around IO when you software-define or software-deliver storage, kind of the operating model changes. Can you expand upon that? >> Yeah, that's a very good point. So look at software-defined storage technology, for example. We happen to work with VSAN, which is the leading software-defined technology, but when customers choose to deploy software-defined solutions on their own, they're doing something that they haven't been doing in many, many years, which is take on the responsibility for up timing. It used to be that storage vendors, you know held responsibility for storage up time, for IOPs, for performance. So I think what we're doing is we found the balance. We've been getting a lot of benefits of hyper-converged and software defined, but at the same time own the responsibility from an operations standpoint to make it more like a traditional architecture and what they know. And that combination is very, very important. So for example, the ability to look at the entire system from software to driver to firmware, and always deliver a known good package because something that customers would have to do on their own, and they're all capable of doing it, but if they could choose not to do it why not offload it to somebody like us that does it for them. And so while there are two deployment models, we have a very massive growth in the systems approach, model (music drowns out voice) and I think people hand off things that they could do but they choose not to because they can focus on other things in the IT shop. For example, digital transformation and really the path to the multicloud by adding more and more layers on top of infrastructure that they can trust. >> Speaking of multicloud, I was in Jeff Clarke's opening session this morning. He was talking about, he gave a stat, I think it was 50 plus to 56% of users surveyed are using more than one cloud. So one of the things I also saw in the press release about the advancements of VxRail and VxRack, giving customers a clear path to adopt VMWare-based multiclouds. What is that clear path? How was that differentiated? So let's remember that both of those products, VxRail and VxRack SDDC are products that are built on the VMWare stack. They're optimized for VMWare users. They're not agnostic to anything. They're really VMWare on VMWare with automation and hardware and packaging that we do as a system. By delivering that robust infrastructure in one of the announcements that we made was that we created the VMWare validated design to add the rest of the VMWare stack and create an infrastructure as a service environment. That inherently comes with the ability to offload workloads to VMWare's service provider, cloud service provider, including Amazon and Google and the likes, but really a very vast network. So you take an infrastructure that's based on VMWare and harden is designing the system, you add on top of it to a prescriptive VVD exactly how to add the layered toppings like VRealize Automation, and through that inherently you get the entire VMWare value proposition going from a local solution to multicloud. And so the announcement was that validated design, which is very important, and then the announcement also included all sorts of hardware innovations or small evolutions like NVMe drives and 25 gigabyte ethernet, and higher memory CPUs. All of those are just to make sure that the infrastructure itself is ready to support that software stack that ultimately leads them to a full IO solution and offloading to the multicloud that are available to them. >> So big announcement or big set of education last year at VM World was the VCF. VMWare Cloud Foundation. It is the foundation of VMWare's infrastructure cloud play. Can you help talk through the importance in how VCF differentiates VMWare, VxRail, VxRack from competitors. >> So VCF is a software bundle. It's also an orchestrator that allows customers to manage multiple VMWare clusters within context. It's called a workload domain, and they can manage those clusters, and they can deploy them, they can life cycle management, they can microsegment them with NSX, and they can move workloads between them and to the cloud. VxRack SDDC is a system that basically lays down the VCF bits on a system premanufactured, and that's how we benefit from VCF as a differentiator. What we've done in addition we've announced 14G servers to be supported in that architecture. And we've also extended it to a, for example, a dial home on a system level. A lot of serviceability features, a physical view of the service as part of the graphic user interface. So not only does VCF differentiate VMWare by having the ability to finally leverage the entire stack, our value add is in taking that in the physical to virtual integration, if you will, life cycle management, and serviceability around servicing all of the system, which makes it a very robust infrastructure. So today customers have two choices. They can buy VxRack with VCF on top of it, or they can get to the same outcome with VxRail following a VVD prescriptive. And so what we do is we let them choose. If they're not ready for an NSX deployment they'd start with one, if they are they'll start with the other. Either way the outcome is going to be a full (music drowns out voice) from VMWare that can offload to multicloud. We just give them choices of how to get there. >> So want to kind of play off the value add for a second. We're at this event, the event theme Make It Real, making digital transformation real is a mandatory for businesses, right? They have the opportunity to take and apply data to multiple cases, use cases, within their organization to deliver differentiation. So you talked about a lot of the value out of the choices that you're giving customers from an IT perspective, what are some of the business, when you're sitting there with customers, what are some of the business outcomes they're looking for this technology to help them deliver? >> So that's a good question. So two levels of an answer. One is that by getting an automated infrastructure, IT itself can free up cycle to actually implement the (mumbles). It also frees up time for those organizations who are embarking on native cloud application development. For example, to deploy pivotal Cloud Foundry on top of (mumbles) Which is another prescriptive reference cycle actually that we have out there. And allow them to innovate. What I'm most interested in when I visit customers is what workloads are running on HCI. And I ask them and they say, is it testive, is it mission critical? And I'm happy to see that by now HCI, and specifically our products, have become mission critical, data centered, so all the way from the core to the edge running, banking applications a scale, running trading applications scale, running manufacturing application scale, running ports all over the world. I mean there's one customer that runs ports with automated trucks where the AI that runs those trucks is running on a VxRail. I mean, it's very, very exciting to see how our technology has been adopted into mainstream, into mainstream application compute. I think that's very exciting. And IT can enable more of those applications run and develop more because they have to do less in managing the physical infrastructure across multi companies. >> So Lee Caswell, Senior Vice President of Products over at VMWare brought in his customer from Celtic yesterday, and he validated that. They went all in from a legacy three tier architecture on Dell SE, they were Dell customer before, went with the Xrack, sorry VxRail, mission critical applications out the gate. So I'm seeing a shift. Last year around this time we were doing education and saying, you know, what is HCI versus a traditional architecture? Are you seeing that same thing at the show, as a shift that customers are no longer asking oh what is VxRail or VxRack, but that very thing is how can we accelerate digital transformation using VxRail or VxRack? >> Yeah, we have a very large percentage of the meetings, in fact almost 200 meetings that were requested to review the technology with us initial. That's a lot, that shows a lot of interest. There are a few customers that still don't know, and we've met some of those at the show. There are a few customers who are still contemplating whether HCI is right for them. And by the way, to those customers we say, don't rush into it, you have choices. If that's what you used to, what the economics were for you, there is no reason to rush into HCI. It's just depending on if you're going to get a better outcome than what you have today. But a very common question from customers is okay, then why do I need traditional storage? And for somebody from my vantage point, let's say there's a lot of bare-metal computing out there that requires traditional. But we think that traditional storage becomes more specialized, you know specific DR use cases, very large ratios between compute and storage and requires shared storage, but the HCI type of technology is definitely, and we see it with market growth, right? The market is growing at 60 to 70%. We're growing over 150% and taking share in this growing market, but we're still very, very small if you compare it to the whole IT tam. So there's a lot of way to go. Partly is that we still need to work on the last mile, being sure that our products are more mature, that we figure out how to operate them in a real life environment. So there's work to do, but the economical benefits are so strong that customers are making the choice more and more and more, and they trust us to know how to close the gaps that we still have. And it's a very collaborative effort between our and our customers. We listen, we respond very quickly, and so we can keep the machine going. >> It sounds like a momentum that we talked about with you I think at VM World back in eight or so months ago continues. And we want to thank you for stopping by theCUBE, sharing what's new with VxRack, VxRail, and how customers can be successful there. >> Absolutely. >> Thanks, Gil. >> Thank you for having me again. >> We want to thank you for watching theCUBE. We are live in a concert at Dell Technologies World. I'm Lisa Martin with Keith Townsend. We'll be right back with our next guest after a short break.