 Welcome back to Veeamon 2022 in Las Vegas. We're at the Aria. This is the Cube and we're covering two days of Veeamon We've done a number of Veeamons before we did Miami. We did New Orleans. We did Chicago And we're we're happy to be back live after two years of virtual Veeamons. I'm Dave Vellante My co-host is David Nicholson. Eric Herzog is here. You think he's Eric's been on the Cube? I think more than any other guest including Pat Gelsinger who at one point was the number one guest Eric Herzog CMO of Infinidat. Great to see you again Great Dave. Thank you. Love to be on the Cube and of course notice my Hawaiian shirt except I now am sporting an Infinidat badge on it That part of the shirt or is that a clip? Yeah, one of those clip-ons, but you know it looks good looks good. Hey, man. What are you doing it at Veeamon? I mean you guys started this journey in the data protection several years ago I remember we were actually at one of their competitors events when you first released it, but Tell us what's what's going on with Veeam. So we do a ton of stuff with Veeam. We do custom integration We got some integration on the snapshotting side But we do everything and we have a purpose-built backup appliance known as Infinigard. It works with Veeam We also actually have some customers who use our regular primary storage device as a backup target The Infinigard product will do the dead reduction the dedupe compression, etc The standard product does not it's just a standard high performance array We will compress the data, but we have customers that that do it either way We have a couple customers that started with the Infinibox and then transitioned to the Infinigard Realizing that why would you put it on regular storage? Why not go to something that's customized for it? So we do that we do stuff in the field with them We've been at all the Veeamons since the since like I think the second one was the first one we came to We're doing the virtual one as well as the live ones We've got a little booth inside, but we're also doing the virtual one today as well So really strong work with Veeam particularly in the at the field level with the sales guys and in the channel So when when when Infinigard does something you guys go hardcore high-end fast recovery. You just you know Reliable that's kind of your brand. Do you see this? movement into Data protection as kind of an adjacency to your existing markets Is it a land and expand strategy? Can you kind of explain the strategy there? Ah, so it's actually for us a little bit of a hybrid So we have several accounts that started with Infinibox and now have gone with the Infinigard So they start with primary storage and go with secondary storage slash modern data protection But we also have in fact We just got a large PO from a fortune 50 who was buying the Infinigard first and now is buying our Infinibox both ways Okay, all flash array and but they started with backup first and then moved over So we've got them moving both directions and of course now that we have a full portfolio our original product the Infinibox which was a hybrid array Outperformed probably 80 to 85 percent of the all flash rays because the way we use DRAM and what's so known as our neural cache Technology so we could do very well, but there was about you know 15 20 percent of the workloads We could not outperform the competition So then we had an all flash array and purpose built backup so we can do you know what I'll say is standard Enterprise storage high performance enterprise storage and then of course modern data protection with our partnerships Such as what we do with Veeam and we've incorporated across the entire portfolio intense cyber resilience technology Why does the world Eric need another purpose built backup appliance? What do you guys bring that that is filling a gap in the marketplace? Well, the first thing we brought was much higher performance So when you look at the other purpose built backup appliances It's been about our ability to have incredibly high performance the second area has been capex and opex reduction So for example, we have a cloud service rider who happens to be in South Africa They had 14 purpose built backup appliances from someone else Seven in one data center and seven in another now. They have two Infinigards one in each data center Handling all of their backup. You know, they're selling backup as a service They happen to be using Veeam as well as one of their backup company So if you're the cloud provider from their perspective, they just dramatically reduce their capex and opex and of course They've made it easier for them. So that's been a good story for us Is that ability to consolidation whether it be on primary storage or secondary storage? We have a very strong play with cloud providers Particularly those meeting them as well that have to compete with the hyperscalers, right? They don't have the engineering of of Amazon or Google, right? They can't compete with what the Azure guys have got but because the way both the Infinigard and the Infinibox work They could dramatically consolidate workloads. We probably got 30 or 40 mid-size and actually Several members of the top 10 telcos use us and when they do their clouds both their internal cloud But actually the clouds that are actually running the transmissions and the traffic it actually runs on Infinibox One of them has close to 200 petabytes of Infinibox and Infinibox all flash technology Running one of the largest telcos on the planet in a cloud configuration So all that's been very powerful for us in driving revenue So phrases of the week have been air gap logical air gap immutable Where does Infinigard fit into that universe and what's the profile of the customer that's going to choose Infinigard as the target Where they're immutable right once read many Data is going to live So we did is we announced our infinite safe technology first on the Infinigard, which is actually earlier this year So we have what I call the four legs of the stool of cyber resilience one is immutable snapshots, but that's only part of it second is logical air gapping and we can do both local and remote and we can provide and Combine local with remote so for example what that air gap does is separate the management plane from the actual data plane Okay, so in this case the beam data backup sets so the management Cannot touch that immutable can't change it can't delete it can't edit it So management is separated once you start and say I want to do an immutable snap of two petabytes of beam backup data Set them we just do that and the air gap does it but then you could take the local air gap because as you know From inception to the end of an attack can be close to 300 days, which means there could be a fire There could be a tornado There could be a hurricane there could be an earthquake and In the primary data center So you might as well have that air gap just as you would do it do a remote for disaster recovery and business continuity Then we have the ability to create a fenced Forensic environment to evaluate those backup data sets and we can do that actually on the same device That is the purpose built backup appliance So when you look at the architectural these are public from our competitors including the guys that are in sort of Hopkinson slash Austin Texas you can see that they show a minimum of two physical devices and in many cases a third We can do that with one So not only do we get the fence forensic environment just like they do but we do it with reduction both capex and op-ex Purpose built backup is very high performance and then the last thing is our ability to recover So some people talk about rapid recovery. I would say they don't know what they're talking about So when we launched the infinite guard with infinite safe We did a live demo 1.5 petabytes of beam backup data set we recovered it in 12 minutes So once you've identified and that's on the infinite guard on the infinite box Once you've identified a good copy of data to do the recovery when you're free of malware ransomware We can do the recovery in three to five seconds Okay, so really really quick I just want to double-click on something because people talk about immutable copies immutable snapshots in particular What have the actual advances been I mean is this simply a setting that maybe we didn't set for retention at some time in the past Or if you had to engineer something net new into a system so provide that logical air gap So what's net new is the air gapping part immutable snapshots have been around you know before we were on screen You talked about worm right once read many well since I'm almost 70 years old I actually know what that means when you're 30 or 40 or 50 you probably even know what a worm is Okay, and the real use of immutable snapshots a was to replace worm Which was an optical technology and what was the primary usage? Regulatory and compliance health care finance and publicly traded companies that we worried about the SEC or the EU or the Japanese Finance Ministry coming down on them because they're out of compliance and regulatory that was the original use of immutable snap Then people rise will wait a second Malware ransomware could attack me and if I got something that's not changeable that makes it tougher So the real magic of immutability was now creating the air gap part immutability has been around I'd say 25 years I mean worms sort of died back when I was at max store the first time so that was 1990 is when worms sort of fell away and There have been immutable snapshots from most of the major storage vendors as well as a lot of the small vendors Ever since they came out It's kind of like a checkbox item because again regulatory and compliance You're gonna sell the health care finance publicly traded you don't have the immutable snapshot Then they don't have their compliance and regulatory for SEC or tax purposes right with they ever end up in an audit You've got to produce data and no one's using a worm drive anymore to my knowledge I remember the first storage conference. I ever went to was in Monterey It had to be in the early 1980s 84 maybe and it was a Optical disk drive conference the the gym porter of optical. Yep. Yeah, forget what the guy's name was and I remember as somebody coming up to me I think it was like Bob Peyton rest his soul super smart strategy guys And this is never gonna happen because of the cost and that's what it was and now you've got that capability on flash Hard disk right so the four pillars immutability the air gap both local and remote the fence forensics and The recovery speed right right cup is one thing recovery is everything those are the four pillars right those are the four things And your contention is that those four things together differentiate you from the competition you mentioned, you know the big competition but but but How unique is this in the marketplace those capabilities and how difficult is it to replicate? So first of all if someone really puts their engineering hat to it It's not that hard to replicate it takes a while particularly if you're doing an enterprise For example our solutions all have hundred percent availability guarantee. That's hard to do most guys have seven nines We really will guarantee hundred percent availability. We offer an SLA that's included when you buy we don't charge extra for it It's like if you want it like you just get it Second thing is really making sure on the recovery side is the hardest part particularly on a purpose-built backup appliance So when you look at other people and you delve into their public Material press releases white paper support documentation. No one's talking about yeah We can take a 1.5 petabyte beam backup data set and make it available in 12 minutes and 12 seconds Which was exact the exact time that we did on our live demo when we launched the product in February of 2022 No one's talking that on primary storage. You're hearing some of the vendors Such as my old employer that also who's also starts with an eye Talk about a recovery time of two to three hours once you have a known good copy on primary storage Once we have a known good copy. We're talking three to five seconds For that copy to be available So that's just sure the power of the snapshot technology how we manage our metadata and what we've done which Previous to cyber resiliency. We were known for our replication capability and our snapshot capability from an enterprise class data So that's what people said infinite that really knows how to do the replication snapshot I remember our founder was one of the technical founders of EMC for a product known as the symmetric which then became the D-max the V-max and is now as the paramax that was invented by the guy who founded infinite at so that Team has the real chops at enterprise high-end storage to the global fortune 2000 and what a key feature checkbox items they need that's in both the infinite box and also in the infinite guard So the business case for cyber resiliency is changing as Dave said We've had a big dose the last several months You know a couple years actually of the importance of cyber resiliency given all the ransomware attacks, etc But it sounds like the business case is shifting really focused on avoiding that risk avoiding that that downtime time versus The cost the cost is always important. I mean you got a consolidation play here, right? Yeah Yeah, D-dupe does D-dupe come into play so on the infinite guard We do both D-dupe and compression on the infinite box. We only do compression So we do have data reduction that depends on which product you're using from a beam perspective Most of that now is with the infinite guard So you get the block level D-dupe and you get compression and if you can do both depending on the data set we do both How does that affect recovery time? Yeah, so it doesn't affect recovery times explain why so first of all When you're doing a backup data set the final final recovery you recover the backup data set whether it's Veeam Or one of their competitors you actually make it available to the backup administrator to do a full restore of a backup data set Okay, so in that case we get it ready and expose it to the Veeam admin or some other backup admin And then they launch the Veeam software or the other software and do a restore Okay, so it's really a two-step process on the secondary storage Model and actually three first identifying a known good backup copy second Then we recover which is again the 12 13 minutes and then the backup admin's got to do a you know Restore of the backup because it's backup data set in the format of backup, which is different from every backup vendor So we support that we get it ready to go and then whether it's a Veeam backup administrator and quite honestly from our perspective Most of our customers in the global fortune 2000 25% of the fortune 50 use infinite that products 25% we're a tiny company So we must have some magic fairy dust that appeals to the biggest companies on the planet But most of our customers in that area and actually say pride in the fortune 500 actually is two to three different backup packages So we can support all those on a single InfiniGuard or multiples depending on how big their backup data sets our biggest InfiniGuard is 50 petabytes counting the data reduction technology So we get that ready on the infinite box the recovery really is You know a couple of seconds and in that case it's primary data in block format So we just make that available. So on the infinite box recovery is once well to Identifying a known good copy first step then just doing recovery and it's available because it's blocked data And that recovery doesn't include movement of a whole bunch of data It's essentially realignment of pointers to where the good data is right now in the infinite box as well as an InfiniGuard no it would be so in the case of that in the case of the InfiniGuard it's a full recovery of a backup data set Okay, the backup software just launches and it sees okay back up one a beam and just starts doing a restore with the beam Restoration technology, okay, okay in the case of the block as long as the physical InfiniBox if that was the primary storage and Then the box is not damaged when you make it available It's available right away to the apps now if you had an issue with the app side or the physical server side And now you're pointing new apps You had to reload stuff on that side you have to point it at that infinite box Which has the data and then you got to wait for the servers and the SAP or Oracle or Mongo or Cassandra to recognize Oh, this is my primary story So it depends on the physical configuration on the server side and the application perspective How bad were the apps damaged? So let's take malware malware is even worse because you either destroying data or messing playing with the app so that the app is Now corrupted as well as the data is corrupted. So then it's going to take longer the block data is ready it's a p workload and If the SAP somehow was compromised, which is a malware thing not a ransomware thing They got a reload a good copy of SAP before it can see the data because the malware attacked the application as well as the Data ransomware doesn't do that It just holds it for ransom and encrypts. This is exactly what we were talking about when we talk about operational recovery and automation Eric is addressing the reality that it doesn't just end at the line above some arbitrary storage box You know reaching up real recovery reaches up into the application space and it's complicated That's when you're actually recovered right when the well think of it like a disaster Okay, I'll knock on wood since I was born and still live in California Dave to Let's assume. There's a massive earthquake in the Bay Area in LA. Let's not okay. Let's yes, but hypothetically and The data centers cat five. It doesn't matter what they are. They're all debt toast Okay, a couple weeks later. It's modern You know people figure out what to do and certain buildings don't fall down because of the way earthquake standards are in California now so there's data veil they move into temporary space. Okay data is sitting there in the Colorado data center and They could do a restore Well, they can't do a restore how many servers did they need had they reloaded all of the application software to do a restoration What happened to the people if no one got injured like in the 1989 earthquake in California very few people got injured yet Costs billions of dollars, but everyone was watching this San Francisco Giants play the Oakland eight I remember no one was on the road now Michaels Imagine it's in the middle of commute time in LA and San Francisco hundreds of thousand people What if it's your data center team? Right, so there's a whole bunch around disaster recovery and business continuity that have nothing to do with the storage The people what your process so I would argue that malware ransomware is a disaster and it's exactly the same thing You know you got the known good copy. You've got okay You're sure that the SAP and Oracle especially on the malware side weren't compromised on the ransomware side You don't have to worry about that and those other things you got to take a look at just as if I would argue malware Ransware is a disaster and you need to have a process just like you would if there was an earthquake of fire or a flood in The data center you need a similar process that's slightly different, but the same thing servers people Software the data itself and when you have that all mapped out, that's how you do successful malware ransomware recovery It's a different type of disaster. It's absolutely a disaster it comes down to business continuity and be able to transact business There's little disruption as possible We heard today from the keynotes and then Jason Buffington came on about the preponderance of ransomware Okay, we know that but then the other interesting stat was the percentage of customers that paid the ransom about a third weren't able to recover And so because you kind of had this feeling of all right Well, you know see it on you know CMBC should you pay the ransom or not? You know pay the ransom Okay, you'll get back, but now it's not the case. You won't necessarily get back So, you know Veeam stated hey our goal is to sort of eliminate that problem Are you you feel like you guys in a partnership can actually achieve that? Yes, and you have customers that have actually avoided, you know been hit and we're able to we have people who Won't publicly say they've been hit But but the way they talk about what they did like in a meeting they were hit and They were very thankful And so that's been very good. I got proof. Yes We absolutely have proof and quite honestly With the recent legislation the United States malware and ransomware actually now is also regulatory and compliance Because the new law states mid-march that whether it's Herzog's barn grill to Bank of America or any Large foreign company doing business in the US you have to report to the United States federal government any attack same with the county school District with any local government any agency the federal government as well as every company from the tiniest to the largest in the World that's does but they're supposed to report it because the governor is trying to figure out how to fight it just the way if you Don't report burglary how they catch the burglars is your solution simplify testing in any way or reduce the risk of testing? Well because the recovery is so rapid we recommend that people do this on a regular basis So for example because the recovery is so quick You can recover in 12 minutes while we do not practice Let's say once a month or once every couple weeks and guess what it also allows you to build a repository of known good copies Remember when you get ransomware, no one's gonna come say hey, I'm mr. Rancher gonna steal your stuff. It's all done Circusly they're all James Bond on the sly who doesn't say by the way, I'm James Bond They are truly underneath the radar and they're very slowly Encrypting that data set so guess what your primary data and your backup day that you don't want to be attacked can be attacked So it's really about finding a known good copy So if you're doing this on a regular basis you can get an index of known good copies right and then you know Oh, I can go back to last Tuesday and You know that that's good Otherwise, you're literally testing Wednesday Thursday Friday Saturday to try to find a known good copy Which delays the recovery process because really do have to test they make sure it's good that frequency You're gonna protect yourself. That's why I gotta go. Thanks so much for coming on the cubes. Great to see you Great. Thank you very much. I'll be wearing a different Hawaiian shirt next. All right. That sounds good Eric Hertzog on the cube Dave Vellante for David Nicholson. We'll be right back at Veeam on 2022 right after this short break