 Live from the Moscone Center in San Francisco, California, it's The Cube at AWS Summit 2015. Okay, welcome back everyone. We are here live inside The Cube in San Francisco at Moscone North, John Furrier, the founder of SiliconANGLE. It's The Cube, our flagship program. We go out to the events and extract the cinnamon noise. My co is Mark Farley. Distinguished guests this week and substitutes for Dave Vellante and Stu Miniman. You're doing great. You're doing better than both Dave and Stu combined. Yeah, well, everybody send in your ballots now, right? It's fun being the virtual Stu. You're doing great. Our next guest is Sherup Sairam with Intel Security. Welcome to The Cube. Hey, John. Great to see you guys. So Intel, obviously, big banner. So you guys, big headline sponsor here for Amazon Web Services Summit. So congratulations. Thank you. Getting the word out. You got some stuff that you're launching. You also got Intel inside for us old school generation. It's good business for you to have more and more features and computing. So what are you guys announcing here? So today, what we've done is we put together a new solution called PCS, which stands for MacAfee Public Cloud Server Security. And we made it available on the AWS marketplace. And to describe it in like one sentence, it is another security tools that someone needs to secure their AWS EC2 instances. So what's the bottom line from Intel's perspective on security? Obviously, RSA is coming up around the corner. Okay. The perimeter is no longer. Virtualization is exploding. We were talking earlier, Mark and I, about the impact of virtualization of the storage, server-defined storage. You're getting down to the root levels. New startups that are busting out, doing new paradigm security. What is the right way to do security in this new cloud environment where it's always agile, it's lower costs, it's adaptive, all this stuff's happening? What's going on? The workloads are driving it. What should people be doing? So you're absolutely right that in the public cloud and AWS and Azure and those kind of clouds, the perimeter has effectively disappeared. I mean, sometimes you do have a perimeter when you have the VPC. But then we have a ton of these customers who are designing for the cloud and they're setting up auto-scaling environments. And when you have an auto-scaling environment, you don't really have a perimeter. So the security is shifting from the perimeter to the host, right? So now, typically people used to rely on a network IPS, a network firewall at the perimeter. And in a traditional data center, nobody invested much in server security, right? The security was at the perimeter. But now once you go to AWS, the focus is back on each one of the servers itself rather than the perimeter. So what you need is antivirus or firewall and IPS and encryption solutions all in your host. And that way you get the most out of your cloud usage. So is this at the instance? Yes, security right at your windows and Linux EC2 instances. So the applications are driving. We've heard a couple of things that got my attention. You mentioned McAfee gets me thinking about, okay, application security. We were talking about perimeters in the network earlier. You got VDI on stage mentioned. The third of the cost of the VDI, I think what is Jassy said, implying WorkSpaces is doing pretty well, right? So okay, so do I secure the app? And so what is the strategy? Do you go app top down or you go bottom up infrastructure, both? So I think in the WorkSpaces context, which is desktop as a service, I think the security model remains similar to, you know, securing your PC that you have in front of you. So, you know, it is like securing any other desktop. But when you're talking about your server environment, your virtual servers, you know, the focus is more at the infrastructure security level. And Amazon, you know, gives you a great amount of hypervisor security, physical securities, they give you access controls. But within the OS, you know, the customer owns the security, right? The data and, you know, the security responsibility of within the server, the customer has to take ownership of that. And that's why you see a ton of security vendors out here, providing solutions for that. So at the end of the day, it becomes a joint security proposition where the, you know, a bunch of the vendors as well as AWS together offer a complete security solution for customers. But there's no one general purpose security solution anymore because we heard from Splunk. People are using data to be adaptive and flexible to have security policies based upon the workloads. That's right. And then now you've got network policy in me, Mark. And storage, we were talking about earlier, what's your take on all of this? Well, you know, you've seen different, you know, storage, network level security. Oh, security is really interesting. You know, in the storage space, people seldom do it because the performance hit, right? So you just assume that you just hope and pray that somebody else somewhere is doing it because the storage, you start to see, you start to see security coming in now with dataware storage. You listen to Paula Lawn from Data Gravity Talk, you know, they talk about the things that they can do with that are more audit oriented. Who's accessing data and when. But that's sort of kind of like, you know, what's the difference between what you're doing and cloud trail, right? So I guess, Mike, I'm going to answer your question by turning it back over to the room and say, look at the view for some help. Yeah, I am looking for help. The security always makes me look for help. So how do you play with or alongside or do you use cloud trail and what you're doing or? Sure. Yeah, cloud trail is a great security framework that AWS offers. But you know, there needs to be an analytics layer which consumes the information from cloud trail. And identifies security incidents or threats which, you know, are at a macro level, right? So we have a product called McAfee ESM, Enterprise Security Manager. It is a SIM solution. It consumes log information from, you know, the endpoint from network devices and a lot of security events. And that consumes the cloud trail feed as well, right? And now you have information from so many different directions and you correlate all of that and you're able to identify macro security trends, right? Because if you're just looking at cloud trail alone out of context from the other events, you will not be able to identify those macro trends. So how close to real time can somebody be aware that there may be a breach going on? Or how, I mean, that's the idea, right? Is to identify a breach as soon as possible. Realistically, what can you do? But how soon can you identify something? It's a very good question. So, you know, there's been an emergence of a new category called ETDR. It stands for End Point Threat Detection and Response. And I'd seen the past 12 months or so, this category's become very popular, where, you know, everyone assumes that you've already been breached, right? Now that you've been breached, how do you identify where your breach is? How do you see where it's been spread? And how do you remediate all of that, right? So there are a bunch of tools to do that and very recently, McAfee just announced a technology called Active Response. Active Response. That's great. So the idea of Active Response is, you know, we'll be able to query all your systems instantaneously, discover value of breaches, and take action. So where's this information coming from? Is it coming from servers, storage, networks? It is coming from each one of the servers, yeah. Okay. The EC2 instances. Okay. So on the security thing I said earlier, we don't need any help with security because it's so broken. There's no help anyone could have. That is what you said. You said it was, it was so effed up. Effed up, I mean, that's a word. So we are hearing security being broken everywhere and you know, the guys at Illumio, which is a startup in our area, are taking a different attack. There's all kinds of different philosophies, but bottom line is the perimeter kind of models dead. That's the general security practice. So now the philosophies are changing. So I want to get your take on RSA coming up. What you think is going to be the top themes there because this is the big conversation because the hacking is here. The White House just got recently hacked. I mean, this is a serious issue right now. I mean, people are in denial, it's broken. And it's being re-architected in real time. So no one really has that blueprint yet. There's a variety of approaches. I want to get your take. What you think needs to be done. Thoughts, ideas, vision. And then what's going to happen at RSA this year? So John, I mean, I agree with you that security is kind of broken. And the reason is, it's mostly point solutions. Paloalto provides great network security. Symantec provides great endpoint security. Splunk provides great analytics. But then now you're working with three different vendors which are not necessarily connected with each other. So in McAfee, we believe in the security connected strategy where we try to connect it. That's right. And we actually have a technology called DXL Data exchange layer where the different pieces of security they work with each other. So the old adage goes one plus one equals three. That's the value proposition that we keep pushing. So, and like I was telling Mark as well, there is this new category of solutions called threat detection and response is, yeah, you're going to get breached anyways. Now that you got breached, how do you find what your damage is and how do you fix it? So that's going to be a big theme in RSA coming up. And what about RSA? What's the bloodbath going to look like at RSA? Is there going to be a big, you know, cage match between different vendors? Are users a revolt? And certainly what's going to happen at RSA in your opinion? You know what? I think the industry is kind of matured is what I'm seeing. It's not like them fighting against each other. So in fact, even Obama's created this security telco body and a lot of the top security vendors are part of the board. So I think Palo Alto Networks, CEO is the chairman and Intel's president, Brenia James, she's the vice chairman and the different security vendors are coming together and they are actually working as an alliance, right? So, you know, that's the only way you beat the bad guys is, you know, exchange threat information. You work well with each other's solutions. And yeah, I mean, if you compete with each other, like, you know, the bad guys are going to win. So I would guess that they're, that Intel is working on integrating security technology and with the chips that they're building. Are there things that you can talk about that are going on there? I can talk about a bit. So not the future stuff, but stuff that is public information. So, you know, Intel's AS&I has been out there for a long time, which makes encryption like pretty, you know, native speed encryption, right? So that's been a, you know, promising chip feature which has helped the security industry. And then there's been the TXT and TPM technology, which helps measure the trust and the attestation involved in your stack once it boots up because your infrastructure stack includes the physical, you know, chip, the hypervisor, and then the guest operating system. There's so many layers in the infrastructure and you need to measure whether any one of them have been tampered, right? So Intel has great technology for that. And then the next technology which Intel has publicized is something called SGX. It stands for software guard extensions and it's a secure enclave. And, you know, that's a place in the chip where you can store secure information, do secure operations. And we think it will be a game changer for, you know, cloud security. All right, well, we appreciate you coming on theCUBE. We're getting the hook here, getting towards the end of the day. Thanks so much for joining us on theCUBE and sharing your insight. We really appreciate it. Thank you very much. It's my pleasure. Thank you. Okay, we are live here in San Francisco. This is theCUBE. John Furrier with Mark Farley. We'll be back after this short break with our next guest.