00:00
Ok, let's get this going. I think, uh, everybody's ready for getting drinks later in the evening, so you can only be in so many sessions. So I just like to quickly introduce uh the topic ourselves and uh get this rolling here. My name is Suresh Mudu. I'm the director of product management uh at uh 色控传媒,
00:17
uh, for the DX of the Digital Experience Group. Uh, with me, my colleague Chad, you wanna introduce yourself? Hey, it's good to see everybody again. Chad Monteith, principal of our cyber resilience practice, uh, looking forward to talking to everybody here about what we're doing in cyber resilience and what some of our innovations are,
00:33
uh, in that space around orchestration automation, the Pure Protect product that you heard a little bit about this morning, um, so we're gonna talk about what we're doing with that. Uh, we've got a guest speaker with ourselves here today. Um, Eric from the Arkansas Department of Transportation who's been using this product, uh, to really help drive his disaster recovery
00:50
strategy. So, uh, looking forward to this, uh, Suresh, let's get started. All right, um, you know, this seems like a simple first initial slide to start with, but I wanted to make sure we, uh, we kind of just set up what really we're trying to do here with cyber resilience at 色控传媒, right? I think cyber resilience means a lot of
01:11
different things for different people, but what I'd like to start with is to say that the things in this statement, the uh what's written here in uh in white font. The ability of an organization to deliver critical operations and services is really what everybody just wants to deal with, right? The stuff in orange, prepare for, withstand, respond to,
01:32
recover from attacks, disruptions, or failures. That's really the job of your technologies, the stack that you are. Uh, you know, you have invested in to make sure you realize that value from it, right? So at Pure, that's kind of how we read cyber resilience and what's our job and what really your job should be,
01:49
and hopefully that resonates with you because those are things that while Um, you obviously spend your, you know, uh, your, your, your time thinking about it, being in, in technology, a lot of the solutions out there should be solving those type of problems for you. Well, so let's ask the cre the the room here, you know, is that match the KPIs that you're being judged against?
02:09
I mean, is this in line with, you know, what the business is asking of you, or would you define it differently? Anybody kind of matching KPIs? All right, I was kind of hoping for a yes. I didn't want anybody to stand up and be like no and I'm like, oh man, but OK, we're in line here.
02:24
Alright, so let's really talk about um the 色控传媒 cyber resilience platform and I hopefully this one slide is gonna show you uh what you already know from capabilities, but also what we have been building and to build towards to innovate in the space like uh Chad mentioned. So down at the bottom, there's a little icon of a flash array. Um, I think most people, if not everybody has,
02:47
uh, safe mode snapshots enabling the environment for that immutability of, uh, the copies of the data to recover in the case of any kind of, um, you know, disaster, uh, whether it's a human or man-made. Uh, you can also uh add another flash ray in your environment, locally, remotely, you can connect that up and we have additional technologies around data
03:08
protection, right, uh, things around asynchronous application, active DR, active cluster. Again, these are things that most of you have heard about are using in your environments today, right? And uh in today's announcement on main stage, uh, you heard Charlie and team uh essentially talk about pure fusion, right?
03:27
And that's uh kind of looking at everything from this cloud operating model where it's no longer about a single array, a single volume, it's about a fleet, it's about pools of storage and ways to manage all of that, right? So that's kind of the infrastructure that you're all familiar with.
03:43
Now, that infrastructure on the storage side and primary storage is supporting your applications, right? And one of the things that uh our team focuses on is that landscape, not just at the array level but also about the array, right? So your applications, your virtualized infrastructure, your VMs, um, you know, what does it mean to have a cyber resilience
04:06
platform, uh, when you actually include all of these, uh, parts of your infrastructure? And uh really, um, this is where Pure one comes in. I think hopefully some of this that I'm gonna present to you today is, uh, is new, right? And the takeaway here is gonna be,
04:24
um, that Pure one as a cloud, many of you probably have access to it. Some of you have used it, others have not even logged in, right? But over the past couple of years, we have been making a lot of innovations in the realm of cyber resilience, right? Starting with uh pure IAM.
04:40
So Indian access management is now a key component of uh being able to like track set personas, understand who's logging in, doing what in a system, uh, and all that is available in Pier one now, right? So if you aren't already um on PPIM uh you will be, uh, you know, pretty soon. Uh, the other capability that we launched is,
05:01
uh, anomaly detection. Uh, so that's the capability where now all the telemetry that's going from your fleet up into the cloud, uh, actually is being monitored so that, um, our systems know at any point in time what's actually happening at the edge, right, on the storage platform, understanding what your baseline,
05:19
uh, performance is, what are the anomalies which are multivariate, um, that, uh, impact that, right? And what, what do you do after that? How do you remediate, right? So, some of the capabilities that we've added recently, uh, with the anomaly detection is also integration with third party platforms
05:36
using open standards like open telemetry so that you can kind of connect feeds from this detection into platforms like SEM, uh, through Slok and, you know, uh other platforms where you can uh log events, get alerts, um, integrate with so platforms, etc. right? So these are kind of new capabilities that
05:53
we've added into the, into the peer platform. Uh, on, on the left here is another capability called workflow automation, right? Um, so that's something I think you, there are, there have been a few sessions around that. But this is really the way that you can kind of connect third-party uh infrastructure on the
06:12
cyber resilience side or threat intelligence into our entire cloud platform so that it can make intelligent decisions about what to do with your infrastructure and your, um, you know, uh, your investment in the pure storage layer, uh, as well as for your applications, right? So that's something that, you know, uh, towards the end of this presentation,
06:31
I'll have a short demo kind of showing you some live information about how uh we can kind of ingest uh cyber um security um information and then use it to make proactive data defense uh kind of uh operations against your storage and your application platform layers. And really the, uh, a large portion of this talk is going to be about Pure Protect, which now finally gives you the, the end user, the capability to kind of discover,
06:59
protect and recover, um, applications at the VM level, right? So before Pure Protect existed a couple of years ago, the granular. of operations for anybody using PureR capabilities was at the, the volume level on the array, right? And so if you're, you know, using VAs or VMFS
07:18
and you have a lot of VMs there, then that's kind of the granularity for you to operate with respect to protection, replication, etc. right? Uh, well, while that's fantastic, it doesn't give you the granularity that people expect for application level protection recovery, which is really at that stack about the storage. And so what Pure Protect does is it closes that gap, right?
07:38
So now you can set policies through the Pier one management layer and it impacts or affects um the actual workloads that run within your um VMware layer as well as the storage in order to protect the data, replicate it. Recover it at the Grand Lady of a VM, uh, anywhere, right? And that includes both your on-premises infrastructure as well as cloud. So we do support,
08:01
um, the, the, the native cloud environments like AWS, uh, and we have integrations already with VMware and VMware in, in cloud like uh Azure and AWS as well. Any questions, please go ahead. Yeah, that's correct. That's, uh, currently, uh,
08:18
we protect uh VMware workloads, and as you've heard with other announcements from a hypervisor support point of view, um, Newanix is, uh, we have a relationship with Newtonix and we'll be making that investment with Pure Protect as well. Any other questions? So, um, you know, giving you that context of all these capabilities,
08:40
right? What really are the problems that we are trying to solve? So, so Chad, myself, the engineering team, um, responsible for delivering, you know, data protection, DR, cyber recovery, etc. So we really look at the problems from this point of view,
08:54
which is how do you defend against disasters, natural or man-made? Uh, how do you know that your protected data is good, right? I mean, we always get this, uh, question asked, How do you know that the snapshots and uh all these backups that you have actually are things that you can recover from, right? If you don't test it, how do you know?
09:12
Um, how can you simplify the setup protection and speed up of recovery, right? We want as little, you know, human interaction while there's a disaster going on, right? You want to make sure that the system knows what to do if you click a button. So there's a lot of uh things around automation that that we really focus on.
09:30
And then, uh, finally, how do you verify that you're ready for production, right? So that, that's uh the, the, there's a key part of it, which is there's uh a distinction between test versus what really uh can head into a production, you know, in terms of recovery operations, right? And so, so this is kind of how we uh look at
09:49
solving those problems uh with solutions such as Pure Protect and the rest of the cyber resiliency framework from the platform that, that I just mentioned a bit earlier. So, so one is being able to replicate your mission critical workloads anywhere, anytime, right? So in the past couple of days, we've had conversations with a a lot of um customers or potential customers of ours who
10:10
are really looking to figure out, all right, I have some critical production workloads, um, I have made a DR site investment of some infrastructure. Maybe uh with Pure or non-pure infrastructure, uh, how do I actually uh protect these workloads with the infrastructure that I already have, right? And so we offer the kind of automation to help
10:29
you, um, you know, protect those workloads from VMware, which are on the array and be able to like automatically test it and validate it, uh, in, in different locations. And again, uh, from the automation side, what we really seek to do is to simplify um what it means uh to uh be able to protect and recover your systems, right? So, um, we are pretty proud, uh, about the
10:55
levels of automation that we have today. Uh, which enabled you to set up simple policies, uh, against, uh, VMs in your environment that you want to protect and provide you literally one click capability, uh, to recover these workloads, um, with extremely tight SLAs for recovery, near instantaneous recovery in different locations, right?
11:14
So that's something that's a capability that we offer. And uh one of the things that uh we get again asked about is verification, right? So a key part of a lot of the automation that we're building is around the ability for you to test, right, before you can promote it, make it really easy.
11:32
Uh, and, uh, also very resource efficient so that you can, um, essentially at any point in time, uh, test the workloads, the VMs in the environment, the applications, very simply, um, and, uh, be able to test it in an isolated environment at any point in time so that you know that your applications are good.
11:52
Before you actually promote it into production, right? So, so these, um, basic principles are part of our platform, right? So when as a product manager, as an owner of that, when I look into in areas to automate and to uh make things simple, um like uh Pure's mantra is uh all the time, uh, these are some of the principles,
12:11
uh, that, that we really follow. I'm gonna take a pause here, um, open up any questions so far, and I'm gonna hand over to Chad to kind of take us through the, the next set of, uh, details around Peer Protect. Excellent, thank you, Suresh.
12:25
Any questions before I, uh, before I move on? We good? All right, I, I think you know what, what I would summarize, uh, a lot of what we've been talking about in the main stage sessions, what does the enterprise data cloud mean? What are we building with Pure Protect?
12:41
There's a lot of it is around how are we automating and accelerating cyber resilience work flows. And when we talk about, you know, that automation and that acceleration, a lot of that is technologies that we're building in to Pier one inclusive of uh Pure Protect. What I would like everybody to leave here today is sort of that high level vision of what we're
13:02
building the picture that I want you to be thinking about. Is that with what we've talked about fusion, enterprise data cloud, uh, the automation pieces, the pure Protect, imagine the deployment of let's just use what we used before like an Oracle database. You really are are providing a service. You've got a service delivery mechanism,
13:22
a service catalog where somebody's gonna say, I need something with an SLA attached. Maybe it's, let's just use the example of an Oracle database. There's gonna be a performance profile associated with that, but there's likely also additional SLAs associated with that that may say I want a safe mode enablement, that first line of defense.
13:42
Maybe I wanna have another copy a DR copy uh in a remote site. Maybe I need a tertiary copy in the cloud. Maybe I need to go tell my data protection software when that's done, then I need to start protecting it. The vision here is that you're gonna be able to choose those SLAs and define them and make it
14:00
as easy as a push button. It could be a ServiceNow ticket. Maybe you could go, uh, have a web developer write a big green or red button into your service delivery platform, but really the point is you execute. A workflow. That does all of that deploy the database, initiate the protection set safe mode, put a copy in the DR site facilitate the fail over
14:22
and fail back so that now when an event occurs. You truly have application mobility delivered automatically within Pure. and Pure Protect drives a lot of that. Send it to a remote site, bring it online. It could be a production failover.
14:39
It could be an isolated recovery environment or a clean room. All of those functions are now built natively into the product, so you're not having to go build everything script it. Design it yourself, have run books that are 1000 pages long. Now that's all developed and deployed within code.
14:58
Where we've done all of that work of the underlying pieces and you can tell us go perform in action. That's where we're heading to with these technologies and we're getting that all developed, all deployed within Pier one here. So what does it look like when we have uh a resilience strategy now that we've got that sort of automation layer, what are the pieces that go into that?
15:19
Well, the first line of defense that we talk about is always our snapshots and our safe mode. We get down into that that core technology there ensuring that you have a immutable copy of your data represented in a snapshot that's powerful. But it's only half of the story. The indelibility layer or the ability to ensure that a configuration is protected is what we've
15:42
built within safe mode. That ensures that not only do you have a representation of the data, but somebody like an attacker, a privileged user escalation attack that's coming in compromised credentials is not able to eradicate your data. We have many customers. I don't know if any of them are in the room,
15:59
but there are many customers who have actually had ransomware attacks. And when the attacker found safe mode was enabled, the forensics investigation said they got up and left. Why? Because they knew they were not gonna get a ransom out of that. The recovery was gonna be done in minutes. In fact,
16:17
we had another customer that came up on stage with us a couple of years ago. Who had that occur where the first attack. They didn't have Pier involved. They actually threw in the towel on their recovery after 10 days. They couldn't get it back up and running. It was taking too long.
16:33
But his attackers, not really so much disasters, but the attacker type of disaster came in. And attacked them a second time after they'd rebuilt. That 2nd time, can anybody guess with these technologies how fast they were up and running? It wasn't 10 days, by the way. It was 15 minutes.
16:50
15 minutes they were able to uh recover from that ransom or attack. That's why these foundational pieces are so important. We build on on top of that our high availability capabilities active cluster, active DR, the business continuance, uh, type of solutions. Again, these are tools that help us deliver that SLA.
17:10
And tools that you may or may not have to even know are, are being provisioned under the covers. The latest releases of Pure Protect we're actually configuring all of that for you. So you don't even need to worry about how do I configure a pod. How do I, uh, place volumes and do it? What do I need to do with them?
17:26
No, that's implemented by the SLA execution layer under the covers. We're still working with our backup partners Vam Convault, uh, two of our largest ones out here. They're providing that long term retention compliance copy of the data and with any data life cycle, we need to be we need to be concerned about what's happening in real time.
17:45
That's where our threat detection and our security integrations come into play. What's in the persistence layer with the storage? How do we make sure that's performing, and then ultimately how do we meet the compliance needs with that long term recoverability or that off-site off array copy of the data and tying that together is what we're building with disaster and cyber recovery with Pure Protect
18:05
again all delivered within Pier one. So now instead of having 10 products that you need to develop that you need to implement independently of each other. Maybe it's just a couple products and maybe you're just choosing the SLA to execute against automated, not having to go configure everything independent, really bringing that simplicity piece of pure to the table.
18:27
So what does Pure Protect look like? How are we, how are we building that? Well this product's been out we've had it out, uh, successfully with customers for a couple of years. And to your question about what are we, you know, what are the, um, the other hypervisors we're building,
18:42
we'll talk about what it is today towards the end we'll talk about where it's going. First use cases that we have are on-premises VMware to native AWS and now VMware to VMware. What does native AWS mean? Well, one of the challenges that a lot of customers come to me with with disaster recovery is the amount of time it takes to deploy that DR site.
19:04
Now, last year, I actually asked the question to the room and I'll, you know, I'll ask it again here if you want to throw it out or I'll just tell you what most everybody said. I asked how long did it take you to build your DR site? Anybody wanna throw out what how long it took them to build the DR site?
19:21
I, I know, maybe it's something you're proud of or maybe it's something you're embarrassed of, but when I asked this last year, 50% of the respondents in the room said it took them over a year to build their disaster recovery site. There's a lot that goes into that. We've actually got that with Pure Protect down to anybody wanna hazard a guess 10 days to,
19:42
you know, 15 minutes kind of ratio, what we've turned it down to. We've got it down to 60 minutes. To build up a DR site in AWS, yes sir. That's your DR site actually. A Uh, uh, so to getting to the point of actual initial
20:02
replication, yes. So within AWS, what is different about us. Because we're focusing on that orchestration piece. We will actually go and take your AWS account. You'll run a cloud formation template that gives Pureect just the permissions that it
20:20
needs to in order to operate, and we will go build the virtual private cloud, the replication, and all of the components that we need to be able to successfully replicate, convert, and bring online and native EC2 format. All of those virtual machines within AWS so that at the end point of that. You have however many VMs you chose running in your VPC that you maintain full custody over,
20:47
full security control over, full access control over. And that can be kind of the, you know, the challenge, you know, with some is do we have AWS skills but we try to mitigate that by going as far as we can, OK? So we are replicating at the VM level. So there's two replication technologies that we have here.
21:10
The first is using VADP maximum portability. So we're just gonna grab that over the VMware APIs. We can send that anywhere again, VM level granularity. It doesn't matter if it's a block device, fiber channel I guess it doesn't even matter if it's an NFS device. It doesn't matter if it's a VSAN device.
21:26
We can pull it off over VATP. We can replicate it to AWS. That also means it's heterogeneous. It does not have to be pure storage under the covers. Now that said, in the future, actually what we're um releasing uh this month. Is integration with flash array.
21:44
So now in homogeneous flash array environments, we can actually offload that. On the bottom side here for VMware to VMR or even to CBS with the flash array doing the replication, which means instead of a VADP level of SLAs we will give you a choice. Choose your SLA. You can choose 5 minutes, 15 minutes in a few months we're gonna allow you to choose active
22:05
DR with a zero, you know, with the continuous data protection, uh, mechanism as well again where we are orchestrating that whole process. So no longer do you need to say. I'll go into UI, fail over VM, go over there, go search for it in VMware, import it, register it, boot it up.
22:23
All of that's done for you. And the reverse replication is done for you as well, once that's done. Yes, sir. Yes, that's what we've added this month is the flash rate of flash rate piece. Yes, exactly.
22:45
So you've got, you've got two options here, cloud providers, on-premises, VMware to VMware, or really any mixture that you want in there. So it's in, you know. So you may have a more aggressive replication on premises. With that automated fail over and fail back where you've got a tighter SLA.
23:04
But you may say your business may say, you know. I want a 3rd indelible copy of the data that's off-site. You go throw that into AWS, we'll put that in a snapshot archive. What's interesting in that? Well, it's an immutable copy of the data.
23:21
It's locked away where nobody else can have it. We can put a locking protocol on top of it, and if an attacker comes in on premises, they may not know you're AWS. They may not even cop they may not know the credentials and even if they do, it's actually pretty complex to figure out that snapshot even exists. So now you've got an isolated locked away copy of the entire data center that we know about we
23:38
can recover from that's a tertiary copy. What's great about that tertiary copy or the on premises copy is now you can do all of these business continuance operations that you couldn't do before we can automate recovery into an isolated recovery environment maybe it's on premise maybe it's in the cloud, maybe you want to take advantage of the elastic nature of AWS from a cost perspective.
24:01
You know, instead of buying 50 ESX servers, maybe I just run EC2 for a week. Could be a whole lot less expensive to test DR, uh, to do it in that way, OK? And if I may just add one thing just to be very direct about it, uh, this is a replacement for SRM and Certo, right? So I, that's all I want, need to say.
24:23
Yeah, I mean that that's pretty much it is that uh we are giving you the options right now as pure storage, right? A company that's been dealing with storage and data, we are uh up leveling what we're doing into the application space because customers have been asking us and we are doing everything and more than what SRM and Zerto have in the market today. Go ahead.
24:45
I Yes, uh, we have planned for Azure that's going to be in the first half of next year. Yeah, go ahead. Uh yes, I mean, so from a, uh, I'll answer the manager, the answers, yeah, yeah. So I'll answer that in two ways, right? So, um, SRM is a legacy product, right? I, I worked at VMware,
25:09
uh yeah, it was at VMware when before I had gray hair in my beard. So, um, there are, you know, we have kind of looked at the evolution of what SRM was versus a market that shifted into where we are today, and a DR product which was built over 15 years ago does not service the market that we're in today with cyber recovery and resiliency, right? So we are, we have built a SAS-based platform
25:30
that's got capabilities which match feature parity of features people actually use in SRM. Right, as well as capabilities which are forward looking in solving problems for cyber resiliency such as clean room recovery, isolated recovery, etc. right, under one platform or umbrella. Is Uh, the Oh.
25:56
Possible AA AI that is being presented. Mhm. And, um Is this available in the current version? Oh, I'm sorry, of what cord? So, so, so let me, so while you think about the, the co-pilot question, I'll I'll answer the second question.
26:23
So, uh, Pure Protect is delivered as a subscription and Pier one, so there's no dependency on flash array code. It's not running on flash array. A few slides from here I'll, I'll show you, you know, what it looks like, but it's essentially 95% of everything is running in Pier1 as a service. Anywhere you can access Pier one, you've got full access to the control plane.
26:44
Um, as part of that 30 minute per site deployment that we talked about, there's a little, uh, API broker that we deploy in VCenter. It's a little virtual machine. You can't even log into it, it just connects to us and it acts as an API broker on premises. I don't You deploy the VM, you point it to us and it just acts as part of Pier one.
27:07
You already have 2 what? I've already got 2 version Oh, so VM analytics and things like that, yeah, yeah, well, hopefully at some point we consolidate those things, but that's not in the short term road map, you know, that that's for you to go talk to this guy about just,
27:26
just go ahead, yeah. Yes. Yes, yes. Yes. Yes, so with, so remember there, there's two data paths here, the VADP data path, which means anything that's we can get off of VADP, we've actually got a size and qualification tool to help validate it,
27:51
so you can actually run it on your environment, even on NFS data stores that'll validate that we can get it. But yes, anything that you can grab off VADP we can get. That's our portability, uh, in in integration, um, and then there's the enhanced SLA integration which is the flash array where we offload and we tell the flash array to do it.
28:09
Um, so really the difference is just the SLA that you need to deliver. If your SLA is a 4 hour RPO and a, I don't know, a 12 hour RTO, you know, we can give you the technology options on that. Maybe you can go to AWS or Azure or a data store, you know, provided by one of our competitors that's NFS.
28:28
Conversely, if you need a very tight SLA like 5 minutes. And we'll restrict that to flash ray technologies where we can drive use underlying array technologies to actually deliver that service level to you and you know, within the UI you'll get drop downs and you know we'll gray stuff out and things like that so you know what you can deliver.
28:46
All right, so before I move on to the co-pilot question, yeah, so on the AI side, um, you know, the way that we are focusing on that is around anomaly detection, right? So that we believe is the first real value that we can provide by integrating Pure Protect and those capabilities with true value for you, which is being able to detect uh things in real time or near real time and then using that
29:10
intelligence to actually make some proactive decisions. I'll actually be showing a demo in a bit, uh, for that, yeah. So a lot of your questions covered a lot of these, so I'll cover these uh a little bit faster, but it is all software, so there is no hardware dependency to the question on the flash array.
29:25
Uh, there are no. Licenses with products like VMware if you're going to AWS so we can really turn it into a true elastic model with native resources within the cloud providers. That's a big cost and complexity differentiator there. I've had customers who had built full VMware deployments within the cloud.
29:45
We turned them to this elastic model. On average they saw an 80% cost reduction month over month, uh, in delivering it that way. So those who didn't need and always on solution in the cloud, great option there. Within the on-premises piece, so we've got the ability to pick the individual VMs,
30:02
so you're not replicating at a volume level, you're choosing your SLAs at a VM level. We can work as I mentioned with any storage. Any data store that's valid within. Uh, VMware we can protect, but if you want to use flash array, we can give you substantially improved SLAs, substantially improved recovery times.
30:22
Think of it on the order of bringing up, you know, European do type requirements, thousands of virtual machines in less than an hour type of performance. So, um, coming up on time, so I'm gonna go quickly through this because I talked about it a little bit. With the with the Q&A we've got Pure Protect 80-90% that's running up top there up in Pier one that's your command and control interface
30:43
SLAs where you drive recovery points, recovery jobs, etc. The first deployment and so we've got this concept of deployments which are made up of sites. You can have as many deployments as you want representing different business units, whatever it is, and each deployment has those sites. In this case we've got two sites one is VCenter.
31:02
You'll see that edge appliance, that's that small API broker that we put into your Venter. That is our communication path to VMware. You'll give us VMware credentials. It's our communication path to the flash array to drive flash array replication. Within EC2. We deploy that orange box, again,
31:19
that cloud formation template takes about half an hour to run. We build your VPC. We manage the failover. We deploy the edge appliance. We facilitate the reIPing, the renaming, renaming, all of those components that are necessary to be successful.
31:34
We do use EBS volume and snapshots. That's how we have that indelible copy of all of your data in one site. We released about 2 months ago, the VMware to VMware piece. Again, this is more of a heterogeneous workflow. These data stores can be from any vendor to any vendor, but utilizing our same orchestration
31:52
and automation layer. OK. Yes sir. It's in Be That, so, so the context that we connect with is is Venter. So if you want to replicate between different locations that are managed within one construct, we can absolutely do that.
32:23
If I understood the question correctly, is that what you heard? OK, yeah, so you have a Venter, the product is gonna work, right? So So what we've added here, um, we're actually announcing it now we're, um, we're gonna have some initial beta, uh, customers in the next couple of weeks is the flash array offload integration.
32:43
So this is where we get those tightest SLAs like continuous data protection, 5, 15 minutes, the failovers of thousands of VMs in less than an hour, etc. So, uh, Eric, while I'm bringing you up, uh, Suresh run I just build this real quick and you comment here and then we'll get ready for a Q&A. So, yeah, thanks, Chad.
33:02
Um, so, so really, uh, kind of summing it up here, right, in terms of everything we spoke about, uh, what Pure Protect from a customer value perspective, what we bring in here is just in time provisioning, um, so what that really means is whether you are going from on-prem to the cloud, uh, or on-prem to on-prem.
33:21
Uh, we look at the resources that you bring into the product and we can land VMs into those resources that you have, right? So what that means is in the clouds side of things, it's, uh, pay as you go, it's on demand, so we focus on cost optimization, uh, just in time deployments. Um, so, uh, you know, a specific example there, if you had 100 VMs that you want to recover
33:42
into AWS, we don't have 100 compute nodes running, right? It's all just, it just, uh, replicates the data into storage. You only, your bill in AWS is just for storage. And when you click a button that says, I want to recover, that's when we actually spin up the workloads, that's when you see a cost on the cloud side for compute.
33:58
That's a very important, you know, cost optimization mechanism. If you are running from VMA to VMware, just in time provisioning really means again that as we're replicating snapshots from your flash ray to your target flash ray and we want to recover those VMs into the target site, we actually let you scale down your actual VMs whether you want to test or deploy them in the target.
34:19
So if we look at the resources that you bring, CPUs, memory, etc. and you can say, you know, for this test purpose, I only want to, I want to scale everything down by 50%, right? And we will fit the VMs into that, uh, you know, cluster and resources that you provide us.
34:33
So, so we really try to take care about the resources that you bring into the product so that we are very efficient and optimized in the way we help you with the recoveries and production. Pre-conversion is something that applies for critical VMs in AWS. Uh, on the AWS side of things, the RPO or the protection interval is typically,
34:49
uh, you know, much longer from an RPO point of view than the on-premise environments. So our SLA for RPO and the cloud side of things there are about 4 hours, depends on the connection that you have to the cloud, uh, but on-premise like Chad mentioned, we have the ability to recover in, in minutes and with active DR integration and RPO of zero,
35:08
right, continuous replication. And finally, the, the last couple of points, really is talking about, um, this is a product that uh as far as we're concerned, where we're heading with this one single platform to manage both disaster recovery. And cyber recovery use cases, right? And the,
35:24
the distinction being that in cyber recovery, you need some flexibility. You want to be able to isolate workloads, recover them in what people call, you know, air gaps or virtual air gaps or all kinds of terms these days, so that you can kind of test uh those applications in isolation. Uh, to know that the data is good before you promote them into production,
35:44
right? So we actually help you automate all of that, uh, with a very simple abstract, and, um, simple objects in our model, um, what we call, um, yeah, recovery zones to help you, you know, achieve some of those things, right? So hopefully this uh under one platform umbrella, you can kind of do all these different use cases,
36:02
um, and then finally, a lot of this is really about automation, right? Um, so, uh, customers have been asking us and we're trying to deliver, uh, just, um, unparalleled, uh, automation end to end, um, you know, from a point of view of, uh, these, uh, you know, core principles for cyber resiliency.
36:18
So that with that chat, excellent that automation piece, you know, so to steal a little bit of Surecious thunder for after we talked to Eric here is he's got a demo that he's gonna prepare up there and while you're watching that demo, think about it in the context of the full run book life cycle. Of a cyber event.
36:37
We're gonna show you integration and detection with the real lifetime applications that are detecting things like ransomware attacks in real time. We're gonna show it driving real time operations within pure snapshots, safe mode, automatic deployment of a clean room. Automatic, uh, copy within AWS really whatever meets the business objectives that you've got.
37:02
So while we're getting that ready, let's talk about and welcome Eric Simpson from, uh, Arkansas Department of Transportation. Thank you. Welcome, uh, for joining us. So first, um, why don't you tell us a little bit about, uh, AR.'s mission and, uh, kind of what your role is and,
37:18
and there. I'm the, uh, IT infrastructure and cybersecurity manager. Uh, so we're a couple of hats there, but you know, our, our's primary mission is to deliver modern transportation systems that enhance safety and quality of life in Arkansas, right? So that's,
37:36
that's our mission where IT fits into that is, you know, we have traffic management systems that monitor cameras and do dispatching of our highway police. We keep a lot of the all of the RGIS infrastructure is in our data center, so we have critical systems that people are gonna depend on. In an emergency, um, and that's kind of how we
37:57
support some of those just a few of those critical operations in the state. What I had noticed it sounds like you've got a large uh um safety component to it as well yeah, we have the Arkansas Highway police that uh is part of the Department of Transportation in Arkansas so we have that law enforcement first responder. Oh excellent you know so you know at some level we're uh we're helping enable the people that
38:21
are keeping people safe and healthy, maybe even alive so uh so that's good. So in that context what are the uh what are the challenges that the Department of Transportation has been facing? Well, so for, for us in the context of today's discussion, you know, our biggest challenge was being able with a small staff to be able to respond.
38:40
And keep all those critical systems running when when disaster strikes because again they're gonna be looking to us to make sure all of those roadway cameras dynamic message signs all those things that seem like they they go on seamlessly on the roadway how do we make sure those are still operating the highway police are getting where they need to go. When everybody else is experiencing disaster whether it's tornado,
39:05
earthquake, yeah, Arkansas does have earthquakes, by the way, um, and you know, any other thing, it can be even, you know, human attacks or other things that we've got to be prepared for. So how do we keep all those systems running. And and in a timely manner and I don't, I don't know about you all,
39:20
but you know they mentioned RPOs and RTOs and most of us are pretty comfortable with our RPOs, right? We go, OK, well I've got backups every night, so we're good. RPOs 24 hours for me, I started examining RTOs on some of the old, uh, spinning rust, uh, y'all know that spinning disk, right, hardware and, and the reality is I was testing and evaluating a full recovery is it
39:43
would have taken months. Not hours, not days or weeks. It would have taken months to recover our systems on those on that older technology and that's what really got me exploring and looking at I, I've got a problem here. I can't recover in a timely manner to get these systems up and that's when I started looking at
40:05
those other options and alternatives and and came across the Pure protect and disaster recovery of service because I could meet my RPOs all day long. What I discovered is I could not meet the RTOs, so the RTO thing was really what was what was compelling about what we built here, you know, so, so what did that enable, you know, end up enabling you to do?
40:27
So I mean we went from being months or or weeks and and maybe days for critical a few critical systems, um, to where we've got an SLA now that we could have our critical infrastructure up and running within 2 hours, um, and that was. I mean when I when I briefed that to executive leadership because I had to tell him the other thing first which I, I gave, I had my resume ready when I did that but but you know when,
40:54
when you tell executives the truth it's not always good for your resume but um when we're able to go back and go, no we can recover our critical systems now within 2 hours. I mean that that was a game changer, right? They were like, is that even possible? We're like yeah watch we we can we can even test it and prove it.
41:13
Um, so to be able to have those critical safety systems, so our RTO now for all of those safety, public safety and, and critical systems is less than 4 hours, which makes me sleep a lot better at night. Um, but I think that was a game changer for us and being capable and being able to test our response time, um, and, and the other aspect too for us was we have a,
41:38
a legislative so your state government, you got a lot of legislative requirements and a lot of industries have this requirement as well. We had to have a second data center, right? Well, the requirement is our backups have to be in another location off site, right? Well, they had, they had had plans to build a
41:58
separate data center across the state. That was gonna be a multi-million dollar capital expenditure investment not only today but every 5 to 7 years when we change over our infrastructure and refresh our hardware. So by doing disaster recovery as a service, it actually covered two things. It gave us the RTO capabilities that we needed.
42:21
But it cut my capex by millions because now I'm meeting the requirement of having our backup location off-site. And prevent it prevents us from having to invest millions in an offsite data center location because by using the AWS, the EC2 pilot light, uh, for me I'm spending about $450 a month to keep that pilot light and that data stored
42:48
and it's only gonna get expensive when I turn it on, right, but that's hopefully just for a short period. But that also saved millions where we could invest in other areas not only in IT but Florida as a whole, uh, so the cost savings, uh, when we looked at this was a huge, huge compelling part as well so cost savings, the time to actually be able to implement it,
43:11
not having to go procure and, and buy other pieces, um, but also the RTO it sounds like from a. You know, from a delivery I don't know what you would call it I guess you know delivery to your citizens the service delivery to your citizens, you know, public safety being able to prove that as well no that's uh that's excellent so you know.
43:29
You know how, how would you, you know, summarize that to the citizens like, you know. I'm, I mean, as a citizen of Arkansas and have my own family and stuff to worry about, um, knowing that we can respond quickly and get first responders and critical systems up in place just gives me peace of mind so I would hope that would give them peace of mind knowing that we can have critical infrastructure up and
43:52
running quickly, um, in, in the time where they're gonna need it the most excellent allowed you to do, uh, you know, actually execute on those plans. Um, let me open it up to the room. Do you have any questions for Eric here? Yes sir. b Is that The data sit in EDS.
44:17
Yeah, it it it does. So, so S3 is an intermediate area we do store the persistent copy in an EBS, uh, snapshot, um, so we actually run a qualification tool that will give you a list price Amazon estimate again it's a little bit different if it's VMware you've kind of already burdened most of those costs, uh, but for Amazon we can actually give you a budgetary
44:39
estimate for all the components the compute piece, the storage piece, uh, all of those and then you're free to go to negotiate with them. Amazon for independent individual services for a discount and it only goes down from there but you know we know your policy we know your data because we've scanned it you know we know how our application behaves we can tell you what that is so you know versus trying to you know
45:00
dig into those details if you're interested I'll just run that tool and we can give you something real, not hypothetical. Well, it is so if you noticed this morning in in the assessments if you've got VM analytics running. It's in Pier one now. I hope they've turned it live in Pier one. I don't know if they actually have yet.
45:18
We showed it like it was. If not, it'll be there soon. Yes sir. Well, I'll just say to, um, it also depends on what you choose to pre-convert. That's how you can kind of keep some costs down. So we're very selective of what we have pre-converted and what we just keep as a snapshot. So you do have that option as you're building
45:34
your plan and you can kind of do that cost benefit analysis as you're building. And then anything not covered in DAs for whatever reason, we just take those beam backups and move them to that same S3 bucket so everything's there. OK. Excellent. Well, thank you, Eric. I appreciate it.
45:54
Suresh, we'll have you do the uh the demo and then we'll wrap it up. All right, so I'll run by this is pretty quick. Uh, here's a set up slide and then I'll show you the demo. Uh, so in this slide, what this is really showing is all those pieces that I showed in the original slide at the beginning kind of uh tied together, right? So, uh, we have a bunch of different,
46:13
uh, partnerships with different uh providers of cybersecurity. The demo I'm gonna show you with today is uh with uh CrowdStrike. Um, so really what we're trying to do here is to kind of show you the capabilities that we have in, in Pier One. I see a few of my colleagues sitting in the back there, um, uh, who are delivering some of these as,
46:30
as PMs within Pier One as well. So one is, uh, workflow automation. So that allows you as a customer to bring any third party system which has APIs into the PO1 platform for integration, right? So for example, with CrowdStrike, CrowdStrike has something called CrowdStrike Falcon.
46:47
They have an API endpoint. You can essentially attach your credentials for uh your API token for CrowdStrike into into our platform, and that allows us to kind of start to read real-time feeds directly from CrowdStrike, uh, things of nature such as IOAs, indicators of attack, behavior, right? Things that CrowdStrike is known to kind of
47:07
look at in real near real time. Uh, we then feed that into an AI engine that is able to, um, essentially make inferences based on threats, uh, what we essentially try to call data defense, and uh that intent of that is to kind of use information from your storage, that baseline of workloads, see what's an anomaly,
47:28
what's changed. Um, tie that information together with the threat analysis and the profiles that we see, and then trigger events both at the Pure Prode level for VMs and your application stack, as well as directly with the storage of the snapshot layer of your storage, right? All in in one platform. You can uh create policies to replicate your data off-site to a DR site.
47:48
You can have multiple levels of safe board snapshots, uh, within your array, change SLAs, etc. So that's the setup. So, um, I kind of talk through this. So here you, you kind of see your, uh, uh, standard VMware environment. We have a couple of SQL servers, like an app server front end.
48:06
There's a, um, uh, like an ADC Citrix ADC sitting there from a Lord Ba point of view. Um, so that's kind of on the VMware side, but on the Pure Protect side, we have some policies that kind of define different SLAs. So the two ones that I want you to kind of pay attention to are the tier 0, 5-minute RPO and the tier 1 15 minute RPO, right?
48:24
So we have these two tiers and we applied those policies to groups. So if you look at the cyber SLA group, there are no VMs there, and that's where we tie in the 0, you know, 5-minute RPO to that actual group, and there's nothing in that group at all at the moment. And to the right of it, the tier one, SQL group, which has got the,
48:44
you know, um, uh, the, the, the 15 minute SLA if my eyes are correct, um, has all those VMs embedded in them, right? So these VMs are being protected based on that SLA by PO Protect on a regular basis. So, um, that's kind of the setup there, but on the CrowdStrike side, what we see from the Falcon environment is that SQL AGO1 prod server has a critical event
49:09
that's been triggered, right? And that critical event, if you look at the, the process graph within CrowdStrike, shows you where those actual events manifested, right? It shows you that somebody tried to log on an event. There was like a user-initiated explorer activity and a PowerShell command with some
49:26
commands that are run that impact that actual application. And then if you flip back to Pure Protect, what you really see now is that the cyber SLA already has a running protection, and the VMs that used to be in the SQL Group no longer exist there. They've been moved into the cyber SLA group and the exact same VMs are automatically moved, right?
49:47
So there's no manual intervention here at all. So which means that for those applications, when you are getting a protection uh point every hour or so or based on whatever SLA that was, we kind of reconfigure. Get it on the fly for you, right? So now that that's kind of the, the, the quick part of the demo, but what this kinda shows you is um a a flavor,
50:08
right, of how you're using the, the power of the the Pure one cloud that I kinda showed right in the, in the original slide here which is um which is over here. Um, really talking about how we kind of use that integrated approach, right, of looking at the power of the cloud combined with what you actually have at the edge, which is your flash rays and the data, which is what you're trying to protect.
50:34
And application tier, fully integrated end to end, all the way from threat intelligence, feeding into the system on the left-hand side and all the way to, you know, logging and analytics and, uh, any event, um, you know, uh, triggers and alerts that you want to do on the right hand side, right? So, uh, again, we're trying to make it really
50:52
simple, um, you know, so that we provide you with that level of cyber capability that you, you kind of don't see, uh, out there in the market today, right? So that's kind of where we kind of continue to innovate. And that's about it.
