 Hi, I'm John Furrier with siliconangle.com, siliconangle.tv. This is a mobile cube interview, and we're reporting live here at Intel Developer Forum in 2012 in San Francisco at the Moscone Center. Intel's having their developer event. All the alpha geeks are here, and they're talking about the future. I'm here with Jim Green, who's the security expert at Intel, and in data center, cloud mobile and social as your world. Security's hot. What do you think of what's happening here at the Intel Developer Forum? Quick, quick vibe of what the scene's like here. And then tell us your view of what's happening in security. Well, it's a great vibe, as always. You always get the innovation, and people want to see what's new and what's kind of the challenges they're facing and really see how it's being addressed. Where we are in security, that's always a great question. I think we're kind of in a very practical place. We've gone beyond the age of the hype of it's all doom and gloom. We've gone beyond the age of the hype that all is wonderful. Now we're down to the pragmatic, how do we implement real cloud security for the workloads that we need to move for that next generation workloads to put in the cloud? I mean, obviously we're seeing security. So when you say we're out of denial, that means, hey, this is security's a problem. The big boys have to step up and answer. You're one of the big boys at Intel. GoDaddy was just in the news for a breach. You got hackers everywhere organizing. It's now cyber war going on between countries. This is a big deal. You got the Patriot Act. I mean, this is crazy. So where are we? What do we need to do? What's the opportunity? What are the big boys doing? Yeah, the three big trends we look at are the attackers and the landscape and then kind of the regulatory landscape. All signs point to bad things happening, right? What is needed is the IT guys need something better to help defend themselves. So from an Intel perspective is what can we do? So we want to look at what can we do with the hardware and make it harder, stronger, more efficient, a more active player in the security profile of an enterprise, and then what is the software stack that takes that and builds that into some usable solution? And then what services allow that to scale to the global basis you need to on a worldwide cloud type infrastructure? We're seeing a lot of partners really start to take that to heed. Some of the big guys are going to move at their own pace and innovate on their own pace. A lot of what we see is the really interesting stuff having kind of that second tier provider that really is putting security as part of their DNA and that's the value prop that's going to differentiate from what differentiate them from what they would call kind of the generic cloud. We're seeing a huge trend around software-defined data centers, obviously VMware just recently bought in a Sierra for a billion dollars, huge acquisition, great exit for the venture capitalists and the entrepreneurs, but we interviewed Martin on theCUBE at VMworld and he was very excited about changing the game around networking, but what came out of that discussion was this notion of security. A lot of stuff going on at the network level and you guys certainly have taken care of your business with security and the processor business and hardening that top where you bound the platform. What is the security paradigm now? Is it a complete do-over? Is it incremental change? Is there different competing opinions on this and what is the reality? I think the universal theme here is that you can't start from scratch, you can't do a do-over. It's like, what can I do incrementally? Just because you don't adopt the cloud all in one, right? You incrementally expand your businesses. How do I rationalize this and how do I adopt new technologies and add new layers, extend my security, project my security profile out into that cloud and get the same type of control I have my data center? That's the nirvana and that's why they need new tools, new protections that give them those control points and that visibility. Visibility is really kind of one of the key things. Let me see what's going on out there and I'll make the judgment of what needs to happen. I gave you Simon Crosby as a startup called Bromium. He's talking about a little token base. He's talking about the RSA hack. He says, hey, RSA got hacked. This is, this Togo stuff's not working. This notion of perimeter-based security is dead. Things like that is being kicked around. How do you guys address this? I mean, you guys have done this before with hardware. You got virtualization, which is software. How do you ensure and what's the roadmap here? So perimeter is dead is an interesting concept. I think the perimeter is changing and the perimeter is no longer the outside of my business because you might be putting some of your stuff outside of your business. What you want to do is you want to put a perimeter around your data and that's kind of the key concept here. What we're looking at is what controls, what hardware enforcement points, what software and services need to be put in place so that you can project that perimeter and enforce that perimeter and manage and control that perimeter whether you physically still have control of the data or whether someone else has control of it on your behalf. And that's where we think we're doing interesting things, things like TXT and AS&I. Give us those low level hardware control points software. We talk a lot about what we do with McAfee, we do similar things with other partners much like VMware to have really interesting use models that people can get that control and visibility in their cloud and in their data center. It's interesting, perimeter is changing, it might be gone, there is no perimeter. But we were talking about this at VMworld around applications, do you rewrite applications? And the general consensus was rewrite the big applications that the primary applications and port the other ones, encapsulate them, whatever, you know, wrap it around, whatever they were saying. But really this takes the notion of security a little bit differently. So if apps are being rewritten with virtualization in mind, network virtualization all the way up and down the stack, has that changed the security equation because this notion of data protection is the hottest thing on the market right now. That's the most demand. There's compliance issues, there's risk issues, risk management, what's your view on that? Compliance is a huge driver, as you mentioned. It's no longer kind of a choice about how you protect data, increasing your seeing it very closely prescribed how you do it. You're always going to be better off if you start security from the ground up. So if you were doing a rewriter, if you're starting a green field type application, building security into the DNA is always the best bet. Anything you try to glom on or bolt on or slap on after the fact inherently is going to have some type of compromise. That being said, most people can't reinvent their enterprise. What should they do if they're rewriting? I think the key concept here is where is my data going to reside? And think opportunistically, where might it reside? It might be here today, could be somewhere else tomorrow. What are the implications of that? And then it becomes, now I know what enforcements I need to put in. Do I need to encrypt it? Do I need to constrain it based on geography? Based on what is the regulatory environment or the industry standard environment that this is going to exist on? That's going to inform what type of controls you need to put in place. And then obviously, subsequently that, what is the audit trail that you need to generate to prove the protections you're putting in place? Talk about your relationship with VMware. Obviously, VMware has a growing platform. They have great domains in the enterprise. Obviously, that's going to extend out to the cloud. And up and down the stack, they got network virtualization now and it's here in the bottom of the stack. And while we have the top, they got dynamic ops and all kinds of VCloud stuff. So what's the security picture look like in that regard? And what are some of the things that they're doing to change that? As a security, I think they've done a lot of nice stuff. I think they're taking a very pragmatic view. Everyone has to incrementally improve and adapt to the threats and the challenges that they see in the environment. They've done some nice stuff on their edge, security things, they've done some nice stuff, opening some APIs to security players to make sure they get access to the plumbing. They've done some nice work with us in terms of their enablement of AES and I so that they can do better data protection. Some of the stuff they've done on TXT. So now you can actually see a strategy here where they've got edge protection perimeter, if you will. They've got some analytics going back to the traffic and flow in the virtualized environment. And they can actually now root their hypervisor, the integrity of that hypervisor in the hardware itself. So they've actually got a very nice edge to Silicon security story. So final question before I let you go, you've got another meeting is the outlook of the future, both on the consumer side as well as the enterprise because they're kind of converging together pretty fast. It's being talked about, it's well documented at this point. Consumerization of IT is happening and you're seeing some of the hottest things going on in this enterprise cloud space. What are the big challenges that you see? Is it multi-tenancy? Is it just security, nuts and bolts, blocking and tackling? What do you share with the folks out there? Blocking and tackling is always, getting the basics right is always important. Just operationalizing security is important. Multi-tenancies huge, right? Do I want to put my workload next to potentially my competitors, especially as you go from the private to the public? Still matters in private, but in the public it's really essential. That's going to be key. And what we hear about a lot is the whole BYOD, bring your own device. How do I get this appropriate level of security when I no longer can mandate what the client access might be? And how do I put the right, it can that client, no matter what type it is. Can I have the assurance that it's going to be able to protect that data? So we're always looking across our compute spectrum. The good thing about Intel is we provide hardware across that whole spectrum. Can we put better controls in place so that they can address those things? So you can allow your employees to bring in advice and have some assurance and prove that you're protecting data still. Just one more follow-up real quick on that last question is what can folks expect from Intel this coming year with respect to the roadmap and some of the things you're doing? I think it's going to see more innovation. What can we do in terms of Silicon, but also what can we do in collaboration with our software partners, McAfee and others to give you better protection from the data center to the client to protect the platform, to protect the identity of the users and protect the data on that platform. Okay, we're here with Jim Green, security expert with Intel. Thanks for your time. We're reporting live from Intel IDF in Moscone in San Francisco. Intel Developer Forum 2012, software.intel.com. This is siliconangle.com. I'm John Furrier. We'll be right back with our next guests.