 Live from New Orleans, it's theCUBE. Covering VeeamON 2017, brought to you by Veeam. We're back at the Big Easy. This is theCUBE, the leader in live tech coverage, Dave Vellante with Stu Miniman. Jason Buffington, longtime CUBE guest and lead analyst at ESG. Jason, great to see you again. Thanks for having me. And Jay Buff, you're welcome. It's always a pleasure. You are an icon in this business. Ratmere today on theCUBE brought you up. So my friend Jason Buffington made an observation about the industry and it's great to see you again. Thank you. So you got some good play in the keynotes this morning. You guys just recently did a study that you spearheaded. Yes. Talking about the availability gap. Yes. Tell us about that research. So 24 countries, a little under 1,100 enterprises. So all organizations, over 1,000 employees. And so we wanted to look at was how often are you down? How much does it cost when you're down? What are the differences between what the business expects of you versus what you can actually deliver? And that's, by the way, that's the definition of the gap. So if the business expects that we cannot tolerate more than 30 minutes of downtime and yet your failover window is two hours, you have an availability gap. If the business says I cannot tolerate more than an hour of data loss but you only back up once per night, you have a protection gap. So looking at those gaps between the business expectations and what IT can deliver via whatever tools they're using, it was an unbiased panel, is what we went off and quantified. And there were some really interesting numbers in there. Were you able to go to the same firm and ask of business people and IT people at the same firm? No, in this case what we did was we looked for IT decision makers who were familiar with the data protection processes they were using as well as being able to speak to the business issues. So kind of look for that. The director IT, VP IT, someone who already has the business grade conversation, probably the person who's being held accountable by the business units when IT fails to deliver. Do you think that we've had a bunch of conversations with the practitioners today about what's the business conversation like? Well, we go to the business and say, how much data are you willing to lose? Well, none. And okay, then they go back and say. There's price for that. Yeah, there's price for that, right. And most are not doing charge back. Some are doing showbacks. So it's up to IT to say, okay, look, we know they can't afford it. We can't afford it. So this is the level of service that we'll give them. Do you think that's where the availability gap exists or is it because people have the wrong architecture, the wrong processes? I think it's more of the forward than the latter. But let me, I did a breakout session on this report earlier today. And there was a great question Q&A. Why is it backup is still broken? Why is it no one can fix these gaps? And what I offered them was that there's a lot of folks just underestimate backup. They think of it as a cost center, right? So they think it's always broken. Well, backup is not broken, right? The problem is if we were all still using Windows Server 2003 physical boxes and Exchange and SQL were still on-prem and file was just that, we'd have solved backup 10 years ago, right? But every time that you modernize production, it forces a modernization of protection. And if you do it reactively, it's because you put in this brand new shiny flexpot or Vblock or whatever and figure out, oh, that legacy backup doesn't work, right? If you do it proactively, then you're catching up with things. But the problem is if you underestimate the importance of that, you get these gaps, right? So what I counseled to the room that I was in was, the first thing you have to do is you have to stop talking about data protection, even availability as an IT problem. It is a business impact cause, period, right? So the first thing you want to do is you want to get all the tech out of the conversation. So I offer a formula up, I've published a book back in 2010 and there's a free chapter, I'll get it to you so you can put it online. But I basically break down the cost of downtime into four values. There's the cost of lost data, there's the cost of lost productivity, right? So there's time down and then time you have to repeat, right? And you can equate those to R2 and RPO. Put a parentheses around those two and then times what's the human cost plus the profitability cost. And that's overly simple, right? But the point is if you know how long you're down, if you know how much data you will have lost, multiply that times how many, you know, butts and seats are sitting idle and how much do the inside sales department not sell that hour, right? That tells you cost of outage. And then all you have to do at that point and there's no tech in that, right? It's just, you know, what is your RPO in real? How much do your humans cost? How much does your department lose? If you have those four things, you know how much the problem is. And then all you have to do is just go back to your system log and say, how many times did that happen this year? If you do that, you've turned an IT problem into a business problem. And anytime I get a hold of C level executives, the first thing I talk to them about availability is downtime is not in your budget, right? The idea of doing nothing costs you money. And that's not in your budget. And I guarantee if you did a data protection and availability solution, that will cost you less to your bottom line than the downtime that's unplanned that you have not budgeted for. Jason, Ratmir in the keynote this morning talked about, you know, the last 10 years and they launched a new logo. Talked a lot about cloud and physical and the next 10 years. What's your take on the message? You know, Veeam just changed the leadership up a little bit, you know, are they in a transitional phase? You know, where are they positioned for kind of that next wave? So the whole market's kind of in a transitional phase, right? And so I've been in data protection for 28 years. Only thing I've done since before getting out of school. And every time that we've had a major IT platform shift, the leaders in data protection have not made that jump. Right? I started when we were doing, you know, mid-range going on a network. It's like the innovative deline dose, right? And this is what Ratmir was saying today. I didn't want to steal your thunder, so I'm glad you brought this up. But he noted that you had observed this, so carry on, please. So the, in times past, you know, when we went from physical to virtual servers, those leaders didn't make the jump and Veeam did, right? Veeam kind of took the crown on that for this whole last run. Our platform is shifting again, right? Now the difference this time around is, and by the way, the reason that most people don't make the jump is because whatever made you great from a technology perspective the last time around doesn't apply to the new platform, right? So NLMs didn't apply to Windows. Agents didn't apply to hosts. We're now moving into cloud, but it's not a cloud, right? You know, some folks want IaaS, some folks want SaaS. Neither of those use the same approaches that Veeam's secret sauce for host-based protection will carry for. So the industry is in kind of a flux. And the other thing which is different this time around is when I was helping people move on to Windows and T, the presumption was we were gonna shut down all the netware when we were done, right? For most of us, as we move into virtual machines the presumption was we would get rid of the metal on the way out, right? In this case though, cloud is not necessarily the end state. The end state is hybrid, right? Some data will be on-prem. Most of that data will be virtualized. Some of it will still be physical, right? The data that's in a cloud. Some of it will just be cloud stores. Some of it will be IaaS hosted VMs. Some of it will be SaaS. But that's not because it's a prolonged transition. It's because we shouldn't be talking about migration. We should be talking about agility where some data starts in a cloud and comes home. Other data starts on-prem and moves. Or from cloud to cloud. And because of that multi-cloud hybrid architecture if that's the new end state for what IT is going to be delivering on then the rules change. There is no secret sauce that carries from the last generation over. Certainly, VMs are going to continue to be thought of as the virtualization data protection solution. But if you think about they've added agents for physical. They've added cloud-based support on the backend. They announced more support for Office 365 and SaaS. They're not a virtualization only play anymore. And so the market is going to have to take a reset where everybody is unified. The difference is you've got the legacy folks that are unified and trying to catch up on virtualization features. And you've got VM who is unified where their virtualization is their strong suit and cloud-hosted and physical are the catches. So they're flying in opposite directions. So you're saying that the VM's secret sauce doesn't necessarily, a virtualization doesn't necessarily carry over. However, they're making moves that will allow them to bridge, is that right? Absolutely, so unlike everyone else who was in that virtualization wave who solved VM protection and then happily got sold for their IP and you don't know those brands anymore, right? In this case, VM has continually looked at what else do people need? Let's go do that, right? So four or five years ago they added snapshot support which wasn't necessary, but added more scenarios. Then they added tape. Who adds tape in 2015, right? But they did because they recognized that people needed tape out, right? Since then they've added cloud, couple different versions of cloud. This week they announced continuous data protection. Now, I'm glad no one from SNEA is around because they have a very prescriptive definition of what CDP is supposed to look like. This isn't exactly that. So it's really more like K-CDP kind of, CDP kind of thing, but they continued to erode the edges. They added physical support. Those agents will also allow them for IaaS hosted. They're not unifying more. And that forward motion, but the momentum they've got coming off of the vert-first strategy, that's what's going to keep them moving forward for the next 10 years. What makes it not K-CDP and makes it pure CDP, just infinite granularity? Well, if you ask SNEA folks, they would tell you it's not just about infinite granularity on the way, on the protection. It's also infinite recoverability on the way back. It's got to be able to dial in the way back. Every single microsecond, so I think more like- It's CRR, isn't it? Yeah, the thing more like SQL does with every given transaction could be rolled back to a given point. You need a database to be involved to actually get there. Yeah, but again, what I think is interesting is it's not just about backup, right? So in the availability report we talked about, the gap between how little downtime that an organization can tolerate versus just backup can't meet that goal, right? You can't recover fast enough if the only thing you're going to do is restore from backup. So being able to integrate snapshots, being able to have replication which shrinks down that data loss window considerably, that's how you meet the rest of the story that backup alone can't do. And kudos to Veeam for doing that. Jason, how should we think about some of these emerging players who are actually in Veeam's ecosystem, like Rubrik or Cohesity or Datos. Datos not here, but these sort of new emerging, they don't want to call themselves backup players. They want to call them data protection or availability. So I don't know if that's a clue. How should we think about those emerging players? So I have a category in a slide. I put them all in the category that I lovingly call disruptors, right? Because it forces you to reconsider the conversation. If you kind of step back and I could put Veeam and then some of the other legacy, unified enterprise class data protection products in one category. And what all of them are saying is let's take the backups that you know and that you trust us with. We're going to add indexing. We're going to add orchestration. We're going to help you do more with your data along the way. And the end result is what the industry is currently calling copy data management. What else can you do with that data, which is otherwise dormant, sitting waiting to restore, right? What the disruptor category would tell you is instead of starting with backup and trying to evolve it forward, start with disruptive, start with new storage, right? Think of the things you could do with a new paradigm for storage, right? So that storage that would automatically know where the footprints are, that would automatically back you up along the way, that would automatically allow for copy data management type scenarios, right? So again, it's two ways to get there. There's the backup first approach and building on who you trust. And then there's the, if you want to start over again and have I got a deal for you, right? And that's going to be really interesting. For the rest of 2017 and 2018, the whole space of copy data management, copy data virtualization, copy data fill in the blank, you know, that whole idea of good, better, best. Good, keep all your data as long as you need. Better, and get rid of it a moment longer. And then best, what else can you do with it? Analytics, test of reporting, et cetera. That'll be an interesting market to watch. And one that, you know, now that Veeam is broad enough, we'll start to play in as the year moves forward. Jason, like us, you go to a lot of these conferences. A lot of these conferences. You've been to the Veeam on trail, it's our first one here for the audience that's not here. What differentiates the show from some of the other ones that you go to? What excites you about the community, the show itself, anything surrounding it? Sure, Veeam has a wonderful sense of community that most of the other vendors have just not been able to capitalize on. You know, there's certainly, there are many, many thousands of IT professionals that have made their career out of this storage platform or that backup software platform, et cetera. And they're all good for support. Veeam has somehow cracked that code like Microsoft MVPs. The difference between a post sales will help you, if you want, to pre-sales advocates, right? They literally have a green army walking around on this floor who is delighted to tell anybody who will listen how Veeam saved their bacon, gave them back their weekends, et cetera. That energy of community, that's what's different about not only a Veeam on, it's also what's different about like a Veeam party at a Veeam world or a Microsoft event. That culture and community, they've tapped something special there and it shows in their results. All right, we got to wrap there, but I'll give you the last word. Any upcoming research we should be paying attention to or you want to promote a little bit? Sure. My blog with an ESG is technicaloptimist.com. I do primary research on a whole bunch of things. Next ones coming out are on data protection modernization. So why are people staying put or changing? If so, why or why not? And then what features matter most? So that's the next one that'll come out for me and then over the summer I'm going to look at appliances as a form factor. There's a lot of those to look at this week. What the effect of the DBA and the Veeadmin are having in the market? And then also more on the availability study. What we did for Veeam was so interesting, ESG's going to go and take a few other angles and look at it some more. Awesome, great research agenda you got upcoming. We'll be looking for that. So Jason, thanks very much. Always a pleasure to see you. Thanks for having me. You're welcome. All right, keep it right there, buddy. We'll be back with our next guest. This is theCUBE. We're live from Veeam on 2017 in New Orleans. Right back.