 Welcome back, everyone, to theCUBE's live coverage here in San Francisco for VMware Explorer. I'm John Furrier, Dave Vellante. Two days of walls, three days of walls walk, of two sets, live events with Pranima, had Menabon, Senior Vice President, and General Manager of Cloud Manager at VMware. I got it right, thanks for coming on theCUBE. You got it right, good to be here. We're all smiles because we were talking about your history, you once worked at Loud Cloud, and we were reminiscing about how Cloud was before Cloud was even Cloud. Exactly. And how hard it was, and it's still hard. Complexity is a big deal, and one of the segments we want to talk to you about is the announcement around ARIA, and you see Cloud Manager, a big part of this direction to multicloud to tame the complexity, and we were quoting Andy Grove on theCUBE, let chaos reign, and then reign in the chaos. Exactly. Okay, a very famous quote in tech, and the theme here is cloud chaos. Yes. So we're starting to see signs of reining in that chaos or solving complexity, and every major inflection point has this moment where it gets so hard and then it kicks up to the right and grows and link itself. So we feel like we're in that moment. I couldn't agree more, and in fact, the way I say is our tagline is, we make the complexity of managing Cloud invisible so that you can focus on building your business apps. And you're right about the inflection point. Every time a new technology hits, you have some point of adoption, and then it becomes insanely successful, and that's when the complexity hits. Then you go and tame the complexity till the next technology hits, right? That's what happens, it's happened with virtualization, then it has happened with cloud, then with containerization, and now the next one will hit. And so with ARIA, we said we have to fundamentally change the problem, right? We're constantly running a race of taming this complexity, so very excited about this announcement which we're doing with ARIA. And we said, imagine if I could have a view of my environment and all the dependencies. I don't need to know everything, just the environment and its dependencies, then I can now start solving problems and answering questions that I was unable to before. And newer technologies can keep coming and piling on, but I'll always be able to answer that. Help our audience understand ARIA, great name, and what's new from, it's not just V realized with a new name, what's new specifically? Oh yeah, please, no. Explain, some people have confused that. Well there's some commentary on it, snarky comments, but it's a product, it's not a rebrand of something else. It's not, it's not, yeah. So what we did is, let me start off, why we started ARIA. So we said, okay, native public managing environments, native public cloud environments and cloud native applications is a different ball game. More ephemeral workloads, very large scale, highly fragmented data. So we looked at that problem, grounds up, and said we need to have a management solution that solves that problem, focused on native public cloud and cloud native apps. And the core to solving that problem was, you can't just solve it for one cloud, or you can't solve it for one discipline. When I say discipline, when you think about management, what do you manage? You're managing to optimize cost, you're managing to optimize performance, you're managing to optimize your security. And you're managing to speed up the delivery, that is it. And so we said we'll have a new look to this management and what we have done with ARIA is we have introduced a brand new platform, which we call ARIA Hub, powered by ARIA Graph, which allows you to deliver on this management challenges by creating a map of your environment, a near real-time map of your environment. And then we are able to, once we know what an application looks like and how it maps to the infrastructure, we can go and query other subsystems to tell you what is the cost of an application, what is the performance of an application, creating a common understanding. It's a new architecture. I just wanted to get that out there. It's a federated new architecture. And a graph database. Yes, it's a new architecture, federated a platform that not only gives you a map of your environment, but it federates into other sources to pull that data together. Now, one of the data sources that it federates into is, of course, also we realize, cloud health, tons of observability, you plug everything into it. And as part of the announcement, we didn't just announce a platform, we also announced a set of cross-cutting solutions because we said, okay, what is the power of the platform? The big thing is it removes the swivel chair management. It allows you to answer questions you couldn't answer before. And so... Swivel chair, meaning going from one app to another. One app. Logging in. Exactly, logging in credentials. And you don't have a common understanding of an app across those. So now you hire people who do integration buses. All kinds of problems. So the three new end-to-end solutions we are announcing also along with the platform. These are brand new. One is something called ARIA Guardrails. So when I have development environments today, for example, my I do development on public cloud as well as private cloud, I have thousands of accounts. Each one with its own security rules. Each one with its own policies. After I initially deploy the account, it becomes a nightmare to manage that. So what ARIA Guardrails allows you to do is set up these multi-cloud environments with the right policies. And not only is it about one-time provisioning, but it is maintaining them on a run-time basis. And those credentials are also a risk because you have a password on the dark web that's exposed on one and you've got to change it. And there's so many things going on on security which brings me up to the point of, we're going to see Tom later on security. We heard earlier, why wasn't security in the keynote? Oh, it's table stakes, as Zia said. But we're like, okay, I get that. So let's just say that security is table stakes. There's a big trend towards security as a state of something at a given time. And that CSOs and CSOs are going to defensibility. Meaning being defensible all the time as an ongoing thing, which is not just running a pen test once a week, like multiple testing, real testing, not simulation, to be secure. So it's not about being secure. It's about having security, but defensibility is the action now. Not, how does that fit into this? Because this seems to like being in this wheelhouse of management. No, I think you're bringing a very important point which is the security as a post-the-fact item is no longer right. You want to bake in security. This is a shift left of security that we talk about. When you're building an application and you're deploying code in your test, you want to say, hey, what is the security? Is it secure? Is it meeting my guard? Then when you deploy it, from an operations perspective, also it is a security concern. It's not just a security team's concern now. So is my configuration right? Is my configuration secure? Is it drifting? It's never a snapshot in time. It's constantly you have to look at it. Is it drifting? And that is exactly what we are doing also with ARIA. So that's part of the solution you're talking about in the guardrails within? Being able to maintain the secure configuration, right? Now, as I said, there's always a security discipline which is done by security teams, but you also want operations teams and development teams to enforce security in their respective practices and that's what ARIA allows you to do. So the question on multi-cloud comes in, okay, so this is all good, by the way, we love that shift left again. Great developer, and I would argue, actually we are arguing on theCUBE, that DevOps is the development environment for cloud native, so the IT operations once called Ops is now in Dev, just saying. And then data ops and security ops are now the new IT, because that's where the hard problems are. So how do you look at the data side of it as well as security in your view of multi-cloud? Because hybrid cloud, I can see the steady state between on-premises and cloud, if it's operating cloud-like. Now you're starting to look at spanning clouds, not full-spanning workloads, that's not there yet, but certainly people have multiple clouds. But when data seems to be the first thing spanning, not necessarily the app itself, but how do you guys view that multi-cloud aspect of what you're managing? I mean, how do you look at that? I think there are different angles to it, right? You can look at it from the data angle and you look at it on how protected the data is. For us, when you look at management discipline, it is all from the perspective of configurations. If I have configured my environment correctly, then you should not be able to do something that destroys the data, right? So getting the configuration right when you're developing the app, getting the configuration right when you're provisioning the app, and then getting the configuration right even when you're doing day two and ongoing operations, that is what we bring to the table. And to some extent that ARIA visibility that I was talking about, an ARIA graph, a near real-time view of the configuration state and its dependencies is very critical. So now I can ask questions, is there a misconfiguration? By the way, the answer is yes, sir. Now- That happens a lot, by the way, too, right? Yeah, which exposes me. And then you can say, hey, is there user activity associated with that misconfigured object? Now, suddenly you go to a red alert. So not only is something misconfigured, but there is user activity associated with the misconfigured data, you know this is something that I have to do. This is where AI sings beautifully because- Beautifully. Once you have the configuration baseline done, it's like securing the S3 bucket, which is like a knee, has to be like, brushing your teeth, it's got to be a habit. Exactly. It's like you just don't even think about it. You just don't leave an S3 bucket open. It's got to be simplified because we're asking the devs now to be security pros. Secure the runtime. Secure the paths. Secure the containers. And so they need help. This is not what they wake up in the morning passionate about. And that is where the guardrails comes in. Totally, yeah. So a developer, why should they care? They should just say, look, I am developing for the credit card industry. I need a PCI compliant environment. And then let us take care of defining that environment, deploying that environment, managing that environment on an ongoing basis. They should be building code, right? But there is a change also, which is in the past, these were like two different islands and two different views. With ARIA graph, we also have created this unified API that a developer could query or an ops could query to create a common understanding of the environment. So you're not looking at, you know, the elephant one, the trunk, and the other one, the tail. You're looking at it in a common way. Can you talk about the collaboration between Tanzu and ARIA portfolios because obviously the VMware customers are investing in Tanzu. A lot of stuff's coming out of the oven. We heard some, Dave heard some stuff from Chris Wolff. He's going to come on tomorrow. And Raghu was hinting at some other stuff that's not yet public. But you know, this thing's happening. Things happening, a lot of things happening. You know, you announced what's happened years ago. Yeah, last year. Now some fruit's coming off the tree. This is a hot product, ARIA. It makes a lot of sense for the customers. Where's the cloud native stuff that they're connecting in. What's the, give us the overview. Where's the connection? Lots and lots of connections. So you have a beautiful Kubernetes environment and a cloud native platform. You have accelerated app development. Now you're building more apps, more microservices based apps, more fragmented data, more information. So think of ARIA as an envelope around all of this. So wherever you are, whether you're building an application, employing an application, managing an application, retiring an application through that lifecycle, we can bring that management. So what we are doing with Tanzu is with the platform, development platform, now we can hook in management with a common perspective earlier in the lifecycle. I don't have to wait for it to go to production to start saying, is it secure? Is it configured? How is it performing? What is my cost trade off? As a developer, I've decided to fix a latency issue. I'm going to add a new region or I'm going to scale out a particular tier. Do I know how much it'll cost me? Can I give you that right at your fingertips, potentially even within the development platform and within the IDE? That's the power, right? So bringing ARIA and Tanzu together. But not a lot of heavy lifting on the developers. It's pretty much almost like a query to a database or something. Give it a simple API that they can just query as part of their development process. So by bringing ARIA and Tanzu and really ARIA enveloping Tanzu, you're able to bring the power. I just always smile because I remember, we have a group called the Clouderati, the early O.G. founder. Clouderati. The early days of cloud. When we were talking about infrastructure as code, way back when, and finally it's actually happening. So what you're describing is infrastructure as code because now this is more complexly happening under the hard and top. Exactly. And services are being turned on and off automatically. Sometimes you might not even know what's going on. Exactly. But if you have guardrails. But you have to discover the state, know something has turned on, understand the implication, and then synthesize it down to the insight for the user. You know a lot of people have been complaining about other older companies like Splunks of the World who have great logging technology for Gen 1 cloud. But now these new logging becomes a problem. Can you talk about how you guys are handling that, give confidence or explain that everything's going to be logged properly? Yeah. So really, look, there are three disciplines that we are management. Ultimately there are thousands of names but it boils down to you're managing the cost, you're managing the security, you're managing the performance of your application. That is it, right? So what we found is when you think of these disciplines as siloed solutions, you can't ask a simple question as what is my cost performance trade off? You can't ask a simple question as hey, I'm improving performance, what is the implication of security? And that's when you start building complex solutions that say, okay, let me collect log from here, let me collect this from here, then let me correlate and normalize an application definition and tell you something. And then put it in a spreadsheet. And put it in a spreadsheet finally for some value over. Exactly. So one of the pillars is about managing performance. We have very powerful capabilities today in our portfolio. Tanzu Observability, which is part of ARIA portfolio. We realize log, which is part of ARIA portfolio, networks, insights and operations. So when you have a common language, we have a common language, we understand each other. Similarly with ARIA Graph and ARIA Hub, we have creating this common language. So once we create a common language, all the various observability and log solutions have a meaning. They have relevance. And so we are able to take the noise from all these systems and synthesize it down to what we call business insights. And that's what is another big announcement as part of ARIA. Take data, which we have lots of, and convert it to information. Give us the bumper sticker on why VMware. Well, I'll tell you, when you talk about various public clouds, each public cloud has their native solutions. I've got Control Tower, I've got CloudWatch, Cloud 12, different solutions. And some of the hyperscalers are also expanding their solutions to other cloud. I think VMware, in a way, from a multi-cloud perspective, we are in a wonderfully neutral position. Not only do we have a wealth of technology and assets that we can bring to the game, but we can also do it evenly across all clouds. So look at something like cost. Do you trust one of the hyperscalers to tell you that what is the cost comparison between them and another hyperscaler? That is where the VMware value comes in. I think people just start to figure out what the cost of one cloud is. Exactly, exactly, that is often. People make money doing that as a job. No, no, definitely, even a single cloud, what is the cost? There's a cloud economist out there, and we know who he is, Corey, a friend of the queue. He does it for his living, so it helps people figure out their bill. Exactly. Just one cloud. Exactly, it's one cloud. So being able, we have that unique position where and the right sets of technologies and experiences to bring that solution to bear across multi-cloud, right? Right. What's your vision? Real quick, one minute left. What's your vision for the group? What are you investing in? What's your goals? What are you trying to do? Obviously the product's new, going to roll that out. What's the plan? Really, again, the biggest one, the tagline I talked about, right? I want to, you know, I'm telling customers, managing stuff is boring. Don't waste your time on it. Let us take care of it, right? So make the cloud complexity invisible so that you can focus on building your applications. And everything that we do in the business unit is targeted towards that one goal. It is not about doing more features, more capabilities. It's, are you solving customers' questions? And we start from question down. Pranima, thank you for spending your valuable time here in theCUBE explaining the new news, appreciate it. All right. Good day. All right, we'll be back after lunch, after the short break, stay more with theCUBE live here in San Francisco for VMware Explorer 22. I'm John, that's Dave. Thank you.