 from theCUBE Studios in Palo Alto in Boston. It's theCUBE, covering IBM Think. Brought to you by IBM. Welcome back to IBM Think Digital 2020. This is theCUBE and we're really excited to have two great guests on. Michael Jordan is the distinguished engineer with IBM Z Security. Michael, good to see you again. Welcome back. Thank you, it's good to be back. And Matt Whitborn is the program director and offering lead for Z15. Good to see you, Matt. Thank you for having me. Guys, Z is a good place to be. Great quarter, 61% growth. You got to love it. Congratulations. You got to be feeling pretty good. I mean, other than what we're going through. But from a business standpoint, Z powered through, didn't it? It did, I mean, we're really pleased with the contribution that Z continues to make for our clients, especially right now, given everything that's going on, business continuity, scale, resilience, security. They're just so important for our clients in the platform. Yeah, so we're going to talk a lot about this. Maybe Matt, we could start with you just in terms of, you know, you talk about cyber resiliency, you hear that a lot. And I think it maybe means a lot of different things to a lot of different people. What does it mean to Z? Yeah, for us, I mean, we kind of start in many ways with like the NIST definition of it, which talks about the ability to anticipate, withstand, recover, adapt to all of these adverse conditions that you might face, or stresses, compromises and attacks on your systems and your cyber resources. So it's a really important, you know, top of mind point for a lot of clients who are thinking about this, both from, I guess, the resilience when it comes to systems and also the data as well. From our standpoint, you know, Z has been at the forefront of resilience for many, many generations now. Whether that's the scale that our systems are able to provide, the ability to tap into more capacity as needed, whether on a temporary or permanent basis. Because you never know when a spike might be occurring. And especially with clients going through digital transformation as well, the fact that we can talk about solutions being designed for seven nines of availability. And that's the reason why clients like Bradesco Reliance is for their resilient banking platform or Department of Treasury in Puerto Rico depend on us for a highly available solution. So it's never been more important for clients. So, Michael, from a technical standpoint, I mean, I go back to the RACF days and I used to ask, you know, why is it that, you know, the mainframe had, you know, such good security and it was explained to me, you know, years ago, well, because you knew everything that went on, who touched what, you know, there was a clear understanding of that, clear visibility of that. But maybe you could explain just, you know, for the laypeople, just from a technical standpoint, why is it that Z has such strong cyber resiliency? Sure. So some of it I think is there's two aspects that I want to mention. First is, you know, culture, right? You know, the IBM Z, you know, development team and broader, you know, design team. We have it in our culture to build systems that are secure and robust. That's kind of part of our DNA. And so it's that mindset when you look at, you know, technologies like parallel Sysplex and geographically dispersed parallel Sysplex, GDPS, you know, those are ingrained in those technologies. But the other capability that we have, or I should say, you know, benefit that we have is we own the whole stack, right? We own, you know, the hardware, we own the firmware and we own the software that sits on top of there in the middleware. And so whether it's resiliency or whether it's security, when we want to design and build solutions, you know, to make optimal solutions, you know, in any of those spaces, we can actually design and architect the solutions, you know, both at the right point in the stack and across the stack as needed to really deliver on these capabilities. Matt, one of our partners, ETR, holds these CIO roundtables. And one of the CIOs said we really weren't ready from a resiliency standpoint. We were too focused on DR and kind of missed the boat on business continuity. Too narrow focused. I presume you're hearing a lot of that these days. I wonder if you could just tell us about some of the things that you're seeing with clients, maybe the conversations you're having and how you're helping sort of broaden that capability. Yeah, sure, I mean, to your point, I mean, nobody really could have quite predicted, you know, what we're dealing with right now, but you know, we have had over many generations of the Z platform, you know, clients who've deeply partnered with us to try and make sure they have a highly available, you know, environment for business continuity. And yeah, not just thinking about things from a DR perspective, but you know, what they can do to fortify and make their solution sort of more resilient, you know, on a day-by-day basis. I mean, one of the things, you know, Mike was talking about some of the inherent capabilities we have in the platform, the fact that we build, you know, our systems with that additional capacity kind of baked in, which means that for so many of our clients, you know, in the first quarter where they were seeing these huge amounts of peak workload kind of coming in, that they needed to be able to deal with, the fact that we design our systems to be able to just kind of gobble up that workload without what we call dark capacity to be able to be turned on at the drop of a hat is tremendously important, because not only do you need to be able to be, obviously just resilient in terms of the applications, but you need to be able to deal with growth, you know, as you're going through that. The other aspect which is a new capability with Z15, that kind of builds on what we can do with that dark capacity, is this concept of instant recovery. And what we're actually helping clients do there, in terms of fortifying and making their environment more resilient is letting them tap into that dark capacity when they're going through restart activities of partitions. Not just thinking about unplanned scenarios, but actually planned outages as well. So what that really helps with is, because you always have to do planned maintenance, you know, on your systems, you know, on your partitions of your systems or your Z environment. So what we're doing is saying, when you're going through that restart sort of process, whether it's the shutdown, whether it's the bring up of the partition or the middleware, or even in fact, actually helping you catch up kind of for what you lost while you weren't sort of processing workload, we turn on that extra capacity in the system automatically for this boost window that we're helping our clients with. And not only we do that, and Mike's point about owning the stack means that we can deliver that in a way that there's no increase in IBM software costs during your lever. So we're always kind of looking about what we can do to kind of move the ball forward to make clients with environment even more resilient as well. I've always, I learned from my mainframe days many, many years ago when a vendor comes in and shows a new product, they always ask the question, what happens when something goes wrong? I mean, it's all about recovery. That's always been one of the mainframe strengths. Mike, I want to ask you about data protection. I mean, it's a topic that again means a lot of things to a lot of people. You know, does it mean, you know, back up, there's data privacy, there's data provenance, there's data sovereignty. Talk about data protection from a Z prism. Sure. So our point of view on data protection is we view it as a multi-layered proposition. It's not just one thing. And in fact, we view it at the lens of a broader, you know, layered cybersecurity strategy where, you know, data protection in, you know, in this case, you know, talking about encryption and being able to encrypt data on a massive scale is the foundation for, you know, a layered cybersecurity strategy and providing capabilities for clients to, you know, protect data at the disk level. With Z15, we also introduced the ability of actually being able to protect the data as it flows through their storage area network through something we call fiber channel endpoint security. And then layering on top of that, you know, host-based encryption capabilities, you know, in the operating system, whether it's, you know, file or dataset level encryption. And, you know, then on top of that, they can layer additional capabilities for things like multi-factor authentication to protect, you know, your privileged identities from being compromised or being able to do, you know, damage to your system. And then, you know, building and layering on top of that, things like security intelligence and being able to monitor and understand, you know, what's happening across the system. So I was talking to a developer the other day about a cloud app, you know, pretty, you know, non-mission critical, but I asked him, do you use encryption? And he said, yeah, we could, but we don't, because it kind of slows us down a little bit. So I'm wondering how you deal with that trade-off of performance versus protection, the Z, how does Z deal with that? Sure, so that's a great question. And that actually goes back to, you know, what we did with our Z14, so the generation before. And I think we've improved that with the Z15 and I'll get to that in a bit. But one of the barriers that we recognize is exactly what you said is the, you know, the cost of doing encryption is prohibitive. And what we did is we have a cryptographic accelerator that's integrated into our microprocessor that's capable of encrypting, you know, so each core is capable of encrypting up to 14 gigabytes of data per second. And if you multiply that by the number of cores that you have, you know, a fully configured, you know, Z15, Matt, what does it have? How many cores do we have in that? We've got 190 with the system. 190, so do the math, right? 190 times, you know, 14 gigabytes per second, it's an encryption powerhouse and that can all be done synchronously with extremely low latency. So we have the horsepower to do encryption on a very broad scale with, you know, very, very low overhead and that's what our clients are leveraging and taking advantage of. And with the Z15 that we announced and made available last year, we actually have now compression that's built into the microprocessor. So you can actually compress the data first and then encrypt it and there's a two-fold benefit to that first is now I have less data to encrypt so I've lowered my encryption overhead and at the same time I've managed to preserve my storage efficiency so it's a two-fold benefit there. Matt, you know, people talk about Z, they talk about it's open, it kind of all started back when you guys brought in Linux and now of course it's much more than that. But I'm wondering how open plays into this notion of cyber resiliency and in some respects they're counter-poised, but how do you sort of square that circle for me? Yeah, I mean, I kind of look at it as when it comes to openness and digital transformation it's kind of doing it without compromise. And that's kind of the way I look at the Z platform because you're right, I mean, the fact that we have the likes of OpenShift support on the Z platform or you can use, you know, Ansible for doing automation. I mean, we're always looking to try and make sure that we support from a management standpoint or development standpoint, you know, we'll use whichever tools, frameworks, languages are appropriate both on the platform and to be able to integrate into a hybrid cloud wherever you want to go. But that's why we look at it both from the perspective of what it really means to have mission critical applications and why it's, you know, why that is the key point about banks, insurance companies, et cetera, continue to trust Z as the home for their system of record because they want to get the benefits, you know, the best of both worlds. So they want to be able to have the security, the resilience and the scale of the platform, but at the same time they want to have flexibility to be able to, you know, use cloud native technologies to be able to deploy them on the platform. And then as Mike was sort of talking about, the exciting thing for us is even going one step further that says, if you do want your data to move around your hybrid cloud for very good reasons for certain scenarios, being able to have that capability to protect the data, not just encrypt it, but manage the privacy of the data as it flows out of Z to kind of take those Z characteristics into the hybrid cloud is something that, you know, a lot of our clients have been really, really excited to take advantage of with Z to speak. You see that? We're turning Matt into a security guy. Do you see that? I think everybody's got to be a security person these days. I want to ask about zero trust, you know, that term is thrown around a lot, you know, it can get kind of buzzwordy, but yeah, see people always have substance. So I want to ask you guys, what does zero trust mean to you all? So I think there's, my view of zero, where we're at from an industry from zero trust is very similar to where we're at with cloud, you know, going back a handful of years where if you asked 10 different people what, you know, cloud was you'd get 10 different answers and none of them were probably wrong. And so I think, you know, we're a very similar state in terms of our understanding and, you know, market maturity around zero trust. But there's, you know, at its core, you know, the idea is, you know, we've been focused on, you know, protecting, you know, our environments using, you know, a castle and moat type of approach. And, you know, you know, protecting the perimeter and then trusting everything inside of, inside of that, you know, that moat, if you will. And what the zero trust is a recognition that that's not sufficient and, you know, and then if you look at that in the context of our evolving and changing environment and moving to hybrid multi-clouds where the notion of a perimeter is gone, you know, that strategy and approach for, you know, protection doesn't hold up. And so we need to evolve that. And we need to have, you know, move from the notion of operational trust to a notion of, you know, technical trust and building, you know, building more sophisticated mechanisms for doing authentication, understanding broader what's happening across the environment and feeding that into, you know, decisions that are made in terms of who gets to access what data. Yeah, good. Matt, bring us home, overnight, you know, this pandemic has really heightened our awareness of cyber resiliency, business continuity, kind of changed our mindset and definition of those two things, but give us your final thoughts on this topic. I think it's probably just putting into sharp focus, you know, really what it means to have, you know, mission-critical applications that are right at the heart of your business. And, you know, you come to realize very quickly that if those services are not available to your, you know, end clients, I mean, it can have such, you know, long-lasting implications. And so I think as people are considering, you know, their strategy when it comes to, you know, reliance of applications, of infrastructure and all of that in the context of business continuity, I think people are going to have a much sharper focus in the future to really see, you know, what does it mean and it's the lifeblood of their business if they're not able to operate and serve their clients. And probably as well, more and more applications that maybe weren't considered mission-critical in the past will be considered mission-critical now because it's not just the back-end services, but it's the way that you communicate with clients. So a lot of that I think is going to play out as the way that, you know, people think about their business continuity strategy in the future. You're right, video conferencing has become mission-critical, hasn't it? Guys, thanks so much for coming to theCUBE. Again, you know, keep up the good work. I really appreciate your time and your insights. Always great talking Z, so thanks again. Thank you. All right, thank you for watching everybody. This is Dave Vellante for theCUBE, our wall-to-wall coverage of the Think 2020 digital event experience. Keep it right there, right back, right after this short break.