 Live from San Francisco, extracting the signal from the noise, it's theCUBE, covering Oracle Open World 2015, brought to you by Oracle. Now your hosts, John Furrier and Dave Vellante. Okay, welcome back everyone. You are watching theCUBE's Silicon Angles flagship program. We go out to the events and extract the signal and noise. I'm John Furrier, the founder of Silicon Angles. I'm John McCose, Dave Vellante, founder of wikibond.com research. And we are here on Howard Street for exclusive coverage of Oracle Open World. Our next guest is Edward Shrevin, who's the chief corporate architect for Oracle, man behind the curtain, making it all happen. Big job, welcome to theCUBE. Thank you. We've been calling it the new Oracle. Some analysts said, well, I wouldn't call it the new Oracle. And we were kind of talking about, you know, car makers and Tesla changes the game. We are kind of in a shift. I'll see it's happened. You guys aren't determined to be in the cloud. You're in the cloud business. But the re-architecting of Oracle going back five years has been interesting, right? So you guys have saw the shift. You had the engineer systems come in full bloom. Got the database optimized for in memory. You have a great position with the platform, with past now and products on-prem and in the cloud. So significant position with shipping products, Oracle on Oracle, but beyond Oracle. You have an ecosystem exploding on the application side. So is that by design? Was it you guys sit back and say, hey, we want to do this and take us through some of the early days and where we are now. Are you where you wanted to be? Has things changed? The world certainly has changed. And Dave Donatelli laid out the keynote. Yeah, absolutely. I mean, so our, you know, if you go back and look through the history of Oracle, we've been very focused over many years, actually far longer than the cloud, in making sure that we build out a full stack of hardware and software that let our customers process all of their information through every phase of its life cycle, that we make sure that our customers can leverage that information for business advantage. And business advantage could mean not just more profits, but it could be in providing better service to citizens if you're a government. Now, you know, one of the advantages of providing that full stack of hardware and software is that as we transition into the cloud, it means that we can make sure and do a great job of building out the fundamental infrastructure. We can do a great job of building out the platform and that includes database and middleware, and then of course doing a great job building out the applications. Now, we make that complete stack of hardware and software available not only to our customers in the cloud, but also to customers on premise. So our customers have compatibility between what they run in their own data center and what they run in our data center. Now, you mentioned one very important feature we've added to the Oracle database that makes it especially good in the cloud, which is in memory, but there's something else we've added, which is called a multi-tenant, right? So because our database can actually run multiple logical databases with one single database, it makes it very easy for our customers in their own premises to actually run a cloud environments with database themselves. And we leverage, of course, multi-tenant database features ourselves. AdJL has been the DevOps ethos, being AdJL, that's the new normal in cloud standing stuff up quick. Now operationalizing that is difficult because you have a security on it. Hello, other operational things. So, you know, AdJL and security have always been at odds with each other. Certainly Larry's message yesterday was very clear. Let's get security always on. Let's push that down into the stack as low as possible. What does that mean for customers? And how does that enable more innovation on top of it? Is it free people up to not worry about security? Will it support global data sovereignty situations? How would you guys look at that? How do you balance that agility with the security challenges? Actually, I don't believe that security implies lack of agility. I think that you need to have the right set of security technologies in place in order to maintain your agility. Okay, so by building security into the stack as opposed to having to implement security as part of your application, it comes much easier to do DevOps, to build that application, to deploy it and to manage it. So for example, in the Oracle database, we implemented something called database vault, which means that data that you store in the Oracle database is not visible to your admins. So they can perform their admin operations without having to compromise security. We've built transparent data encryption where we actually store the keys outside the database in a key vault. And for our cloud, in fact, those keys can actually be stored on your premise when your data is in our cloud. So Oracle cannot get to your stored keys. Oracle cannot actually decrypt the data from disk. So that means that you have the full advantage of doing DevOps in the cloud without having to compromise security. So the sort of superficial assessment of security has always been a bolt-on, just sort of doesn't really work that well. You guys are clearly driving security, down to the silicon. But one could infer from Larry's keynote yesterday that multi-tenant is less secure than dedicated. So there's a spectrum. So can you help us understand sort of where you're advising people to actually use each? I guess it's test dev as the example that he gave. But you're not saying your multi-tenant is not secure because you're driving a lot of security into it. So help us understand sort of that spectrum. Yeah, I think multi-tenant as realized by many of our competitors is actually not secure, right? I mean, many of our competitors have built multi-tenant by essentially implementing an application in a more or less conventional way and then striping the columns of their database with a subscriber ID and then in the code of their application checking all the time to make sure subscriber ID is correct. That is fundamentally less secure than using technologies that understand multi-tenant all the way down to the core. So Oracle multi-tenant database is not less secure than running separate database instances. We've implemented the separation between subscribers all the way down at the fundamental core of the database. And that's what I mean by saying that I think that the dichotomy between security and agility is actually a false choice. I mean, if you actually choose the right set of technologies and you actually choose, frankly, the right cloud provider, you can have both security and agility. And when Larry mentioned in his keynote, always on security, that's what he meant. So when you use Oracle infrastructure, especially when you use Oracle Cloud infrastructure, Oracle Cloud Platform, Oracle SaaS applications, you always get security. You don't have a choice. And the price you pay for it is nothing because we work so hard to wire that security down in a fundamental layer of the platform, including all the way down to the Silicon now with Spark M7. You don't pay a management overhead. You don't pay a performance penalty. So if I understand that then your contention would be your multi-tenant approach is more secure than one that's done at the application. But your dedicated approach for those who are super paranoid, so help us understand that end of the spectrum. So we implement some, we provide now something in our cloud called dedicated compute. And so that means that you could walk into our data center, if we let you walk into our data center. And you could physically touch all of the processors that you're going to be running on. And you could physically touch the switch that's connecting them. So you're guaranteed that the traffic that's going through that switch is your traffic. And you're guaranteed that all the code that's running on those processors is your code. Now, from a security perspective, that can be reassuring. I don't think it's the fundamental advantage of it. The fundamental advantage is that you never have to worry about competing for CPU cycles. You never have to worry about competing for a network bandwidth with some other subscriber. Some other subscriber all of a sudden starts some overwhelming query on the same processors, which is consuming a lot of CPU. I mean, that's something that you run in all the time in EC2. Is that some noisy, it's called a noisy neighbor problem. That's a quality service issue more than a security issue. It's a quality service issue, and it's a resource availability issue. So if I have dedicated compute, I know exactly what my CPU capacity is. I know what my cross-sectional bandwidth of my network between those processes are. And I know that if I need to spike up in terms of load, I can get there. I don't have to be concerned about what's going to happen over time, as I spin up VMs on some random other server in the pool. And one of the things I want to tease out of this conversation is real-time thinking here on theCUBE is there's a lot of debate, certainly even amongst ourselves and the analysts out there. Hey, Oracle's number one in the cloud. That's what Mark's saying. We're down here in all this cloud. And people are trying to squint through all the noise. But the positioning really is solid. You've got on-prem, it runs the same code on public. Hybrid could be an architectural thing engineered in between or engineered cloud, as we call it. So we try to create a metaphor for that. And one of the things we were saying on the opening was, to Dave Donnelly's point, is that it's like a new car. Oracle's like a new car. And Dennis Howell, an analyst, said the word Tesla, which kind of sparked the creativity of saying, okay, old car makers, data center, guys doing cloud, multi-tenancy, maybe not secure. If Oracle is the new Tesla, a car, it drives on the road, but it's different and it's winning. People like it and it has big data in it. If you had to say, if I asked you, what's in Oracle Cloud that makes it Tesla-like that's different from the other guys? What would you say? Well, I think it's the integration. It's the integration between platform and infrastructure and SaaS applications. And I think it's also the compatibility. And compatibility has two important aspects. So one is, of course, we can take your applications that you already wrote and you're already running and we can run them in our cloud. But the other thing is that all of the knowledge that you have as a customer, an Oracle customer, about how to use our products, about how to write applications, those transfer immediately. And you get to transfer those skills into an environment which is modern, which has the modern DevOps paradigm, which uses containers, which uses virtualization, which is standards-based. And so that means that you don't have to rethink and re-architect and reimagine the way your applications are because our customers have thousands and thousands of applications that they wrote themselves. New functionality will come from that. Correct. There's new functionality, of course, that we've built throughout our technology stack to make our cloud work very, very well. But leveraging those new technologies doesn't mean you have to forget everything that you knew how to do. And it doesn't mean you have to hire all new people. I wonder if we could talk about openness. Here, Jay, Donna Telly this morning said, the big question he always gets is, what about the lock-in? I'm not so much interested in the lock-in. It's a different conversation to me, but your perspective on open and open standards, I mean, SQL is an example of a de facto standard that emerged that Oracle got behind very early, changed the history of the industry. Java is another example. He mentioned x86 and Linux. What's Oracle's point of view on openness? Yeah, so we've been very focused over the years in making sure we build out that complete stack. But the one thing that we never wanted to do is we never wanted to build a proprietary stack. We never wanted to build a combination of hardware and software that was based on Oracle private interfaces only, and it didn't support other open standards. And the reason was very simple. For one thing, even though we do a good job of building a large set of hardware and software, we don't build everything. And so there will always be other vendors out there who build value-added components that we want to integrate into our stack. If we support open standards, that's easy. But I think there's some more subtle and actually more important reason, right? And that is that there are a lot of really smart people in the world who are building lots of new and interesting kinds of technology. And if what we do is we use standards as a guidepost for what we build and the way we architect our systems, it means that we'll be able to leverage that innovation. And sometimes I'm asked, well, how is what you're doing now different than what IBM did in the 60s? And the answer is they were completely proprietary. They actually closed their eyes to what other people were working on. And that left them in the dust. I mean, it worked for a while, but eventually as the world innovated, they got left behind, right? And so we're very fixated on making sure that doesn't happen. We follow open standards because it helps guide us in the direction of sustained innovation. That's why I'm interested in this question about the Tesla, because if you can argue that this platform is not Oracle on Oracle, which is vertically integrated in the old client server architecture, apps had fully integrated stacks underneath it. And there was some great apps and people made a lot of money and some good stuff happened. But architecture, that dictated kind of how that ecosystem built on an application market basis. And it was a huge tsunami of application growth. So now let's fast forward to today's modern infrastructure. The application market doesn't seem to be exploding yet, but yet, if you connect the dots, you could argue that, okay, some core apps, ERP, CRN, HCM on Oracle, but a slew of other opportunities are going to exist across the board. So that brings up the developer question and ultimately what is this new application market about? You guys mentioned Docker, you mentioned DevOps in there, right? Is that part of the architecture? Are you trying to enable that kind of explosion? Absolutely. I mean, if you, the application market, I think it's going to be, it's going to have sort of two segments, right? I mean, one is large SaaS providers like Oracle, right? And so we provide all of the core kinds of SaaS applications you want. It's like HRMS and ERP, manufacturing and a lot of interesting vertical SaaS applications as well, right? Now, alongside that is going to be an endless array of new and interesting applications that are designed to be integrated into those core applications, right? And so when we built our SaaS applications, what we knew we had to make sure we enabled was a way for third parties to provide integrated components that connected to those applications because there was going to be this exploding market of new and interesting applications in this new cloud computing style. And so I think that's one of the very compelling advantages of our SaaS applications, is that because they are tied to our platform running in the cloud, they're tied to our infrastructure in the cloud. We enable all of those interesting new applications to run in our cloud and be integrated with our applications. And one thing I'd like to point out is like if you look at kind of what is happening in SaaS applications, I mean customers are, it's actually very similar to the beginning part of the packaged application world, right? So in packaged application world, what happened is each vendor, they built out their own kind of proprietary tool stack, they then customers did a sort of a best of read buy. They bought like different applications of different vendors and then they went through some massive, complex, expensive integration process. They spent a huge amount of money doing that. Now if what you do as a customer is you go by a whole basketful of SaaS subscriptions from lots of different vendors, you've recreated that integration problem, right? You no longer have an integrated view of your business, right? So Oracle, by providing a comprehensive set of the core SaaS applications that customers want plus an environment in which those new, new interesting applications are added, we get rid of that integration problem for our customers. I'll give you a quick use kit. I know Dave wants to jump in on a question. So in that, if you take that forward, which by the way, that's a winning formula, you got that open, that's a platform, that's an enabling platform, which creates innovation. So here's an example, you got a great HCM cloud practices, it's booming, we heard that here, but let's just say there's a developer out there that builds the best maternity leave application and it's peaked, it's got APIs, it's totally cloud and it's targeted for that specific unique use case, maternity leave. It might not be on the big Oracle system where they might have some feature, but they do a better job. How would a use case like that fit into the Oracle architecture? They would come to the Oracle platform, they would use the platform services we provide, including Database or Hadoop or Node.js, a wide variety of technologies we support in our platform, they would implement that platform, they would then implement interfaces that allow our existing HR SaaS application to talk to third party components and they would then be able to provide an integrated experience to any of our HR SaaS customers to use our HR applications, would then be able to use that maternity application as well, in conjunction with and integrated with their HR system. So if good, they can get the distribution off the Oracle platform and plug that right in. So that touches my question. I wanted to ask about the architecture of Fusion, because it was like giving birth for 10 years and then now you've got this platform that's developed in Java, which is open, nobody's going to debate that. So when you think about organic development of apps versus acquisitions and the like, can you talk architecturally how you design that platform in order to accommodate both organic and inorganic growth? You sort of touched upon the inorganic piece with the interfaces, Java obviously most popular programming language in the world, not the fastest growing, so you got all this other stuff around it. Can you sort of add some color to that? Yeah, so when we decided that we needed to move to the cloud, we needed to offer a SaaS instead of just conventional on-premise applications. We realized that you can't just take a traditional on-premise application and put it in the cloud. It doesn't work very well. SAP has tried many times, they failed every time. So we needed to actually fundamentally write our applications. And so we had just a few core tenants that we applied. One of them was that it had to be implemented in a modern programming language and that was Java. Another one is that it had to support open interfaces, which means it was very easy to move data in and out. It was very easy to extend through those interfaces. You didn't have to customize it, you could just extend it. And then it had to be run in conjunction with a platform environment that let those extensions run in the cloud. And now fundamentally that is what allows that third-party environment to exist for third parties to create interesting applications that run integrated with and in conjunction with our applications. Now we realized of course that we chose Java, we chose the Oracle Database, we chose other technologies. Other vendors may want to choose other technologies, right? I mean there are other... To MySQL as well. That's right, I mean they want to choose MySQL, which is an Oracle product. They might want to choose Node.js, they may want to choose Ruby, and they may want to choose Python. So we support a broad set of technologies in our platform, managed through exactly the same interfaces and able to integrate with our SaaS applications in exactly the same way that a Java application is. So we don't constrain the kinds of technologies that third parties can use running in our platform to extend our applications, right? And when we do an acquisition, we don't limit ourselves only to the set of companies out there who chose to use Java. Now it turns out a lot of them have, Java is a very good programming language, it's very popular, but it's not the only programming language. So we do acquire companies that say implemented their code based in primarily Python, and that's fine, we can run that in our platform and in the Oracle Cloud. Edward, thanks for spending the time to come on theCUBE, really appreciate you laying it out for us here as the architecture of Oracle's new cloud success. I wish we had more time, I have a slew of more questions I'd love to ask you around data identity, because there's a lot of stuff going on around data, data hoarding, data silos, busting down those silos, obviously marketing cloud, HCM, CRM, a lot of data. So final word for the segment, just share your quick thoughts on the role of data in this new architecture. Well, I mean, data is central, right? I mean, fundamentally what people want to be able to do is they want to be able to understand what's going on in their business, they want to understand what's going on in the minds of their customers, they want to be able to understand what's going on with their employees, right? They need to leverage that data to make better business decisions and either provide better service or make more money. Federated identity, all this stuff, good stuff. Persona 360, you're the customer, supply chain innovation, all this stuff's changing. Thanks so much for sharing your insights here on theCUBE, really appreciate it. This is theCUBE, we are live on Howard Street with exclusive Oracle open world coverage from SiliconANGLE Media's theCUBE team, web TV team and also Wikibon Research at SiliconANGLE.com reporters. We'll be right back with more after this short break.