 Five from San Francisco. Extracting the signal from the noise. It's theCUBE. Covering Oracle Open World 2015. Brought to you by Oracle. Now your hosts, John Furrier and Brian Grace Lee. Okay, welcome back everyone. We are here live in San Francisco on Howard Street. This is the set of theCUBE. Silicon Angles flagship program. We go out to the events and extract the signal from the noise. I'm John Furrier, the founder of Silicon Angle. I'm your host, Brian Grace Lee, Wikibon analyst at Wikibon.com. Our next guest is Ganesh Ramurthy, Senior Vice President of Product Development Oracle for the engineered systems in one of the most exciting areas. I think that's out there right now. We're going to hear more about it this week, but we got a little teaser from John Fowler. Welcome to theCUBE. Thank you. I'm happy to be here. So my first question is the world is moving to a horizontally scalable open source world, as Mark heard, pointed out. But, vertically integrated solutions also are kind of in there. They're not mutually exclusive. Sure. Really big point to get that efficiency. Absolutely. Total cost of ownership is probably one of the biggest things that will be discussed over the next 24 months with cloud. That's right. What's your take on this vertically integrated, horizontally scalable environment we live in? Yeah, so what as a vendor, what we want to be providing is solutions with sort of infrastructure solutions which fits into both spaces. There are some applications which are vertically scaled applications, some applications are horizontally scaled applications. And you want to design the processor, the server, the systems around a flexibility so that it can scale to both sites of the needs. So that's what I would expect. That's what we would try to do. So at wikibond.com, the research all points to one common theme we see across all verticals, all markets. Customers want more. They want more cores. They want more latency. They want more cache. They want more in memory. Especially they want nirvana, right? So more for less. I mean, how hard is it to do that? You guys are doing some things, share some insight into what you guys are building, specifically to address that concern because the speed of development is what they want. Sure, sure. So it's a really good question actually. So clearly everybody wants more for less, more performance, more security, and more efficiency gains, all basically at a less cost point at the end of the day. And they want, in the cloud space, they want agility so that they can put in new services on the fly, get things going, change as the dynamics change dynamically on the fly. So you want to build infrastructures that sort of fit into those sort of needs. And today we just introduced a range of systems based on a new technology around the Spark M7 silicon. And Spark with a C. Not to be confused with Spark with a K, which would be us, right? Memorizing open source project. That's right, that's right. In fact, as the old SunSpark. That's right, the SunSpark version of this stuff. In fact, I can talk to you about the Spark on Spark story. We can get to that in a little bit of time. But basically the Spark M7 processor technology, which we introduced, and then we introduced servers and engineer system around the stuff, brings in certain new capabilities which just doesn't exist in the industry at this point in time. So if you kind of look at the current situation, performance, everybody wants more performance for less. That's kind of a given granted thing. Everybody wants higher efficiency. But security has become a number one concern in customers, right? Into insecurity. So into insecurity has become extremely important. So enough of security violations that it's become number one concern. So our industry is sort of struggling to address those particular security needs of a customer should be there with the customer in terms of that stuff. What we have looked at on the technology front, on the product front is that, how do we make security simple and easy for customers to adopt? How do we make sure that security comes at no additional cost for customers? So let me give you an example today. So if a customer wants to turn on security, let's say encryption in the database or in the application tier, or the communication tier, they will basically have to decide which specific columns of my tables do I have to encrypt, which specific communication path do I have to encrypt because it costs a lot of CPU cycles, costs to our performance. So you have to trade off between performance and security all the time when it comes to it. So what we wanted to do was to take away the compromise so that you get security at maximum performance with this technology. John Fowler and then Larry Ellison, yesterday's keynote, talked about always on security. John Fowler's like, you have to read a white paper to get security, now you have to read a white paper to turn off security. So your vision with Oracle is always on security. What does that mean? I mean, native security? I mean, because we all know, first of all, we'd love to talk about things being dead, being bloggers and whatnot. Oh, that's dead, that's dead, Java's dead, nothing, no, nothing ever dies. But the one thing that we know is dead is perimeter-based security. That is now dead because people are infiltrating resources at every level up and down the stack. That is a core problem, you agree, right? Absolutely, absolutely. So how does that phenomenon get solved with the super cluster? Is it a big data problem? Is that part of the chip set? There's a lot of noise around what is actually going on. That's right, that's right. So let me talk with the processor server and then broaden it out to the end to end stuff. When it comes to security, there are three aspects of security you care about the most. Number one is that protecting your data. Be it at rest or be it on the wire, you want to protect your data. Number two, you want to make sure that there are enough access controls incorporated in your system. The third dimension is you want to make sure that you are staying compliant to whatever corporate standards you have set. It could be PCI DSS compliant, so DOD compliance, whatever the compliance standards are, you want to stay according to those compliance. So what we have done with a platform like super cluster is so that you can basically implement end to end security. Be it data at rest, data on the wire, data in memory, as well as security controls, we're reducing the surface area of where attacks can occur. We're shrunk that out dramatically. And then we are built in compliance tools out of the box on the system. So basically every time the system is brought up, we run the compliance automatically on the system, on super cluster, automated, automated. And we just tell you what are the violations with respect to compliance standards in your corporate standards? Can I poke at that a little bit? We got some feedback from our community last night during the keynote and Mark's keynote. They said, you know, there seems like kind of a little bit of a disconnect here. Larry said last night, we saw a lot of security, nobody turns it on. Mark said the same thing, but he said, but we're going to turn it on in our clouds. You can feel comfortable. You know, you're talking about doing this end to end. How do you, I mean, in essence, are you saying we're never going to change on prem mindset? They don't turn it on. So we're just going to turn it on for you in our engineered system, or is there some things that have to go on to convince customers to turn it on? It's a really good question. And so what we are doing as a default is turning on security end to end, basically. Within the engineered system. Within the engineered system on prem. So essentially, the customer, as John said, has to turn off certain pieces of security if they don't want to actually go on those controls. Right, that's number one. So it makes it, the reason why customers find it hard to get security on is that it is really a gnarly science project, right? You have to know lots of insights of the different parts of the system, how they work together to turn on the security. We have books on this stuff. We have taken the core concepts of what's in the book and we have implemented that in the engineered system and doing so that it can actually be done. So what took you guys so long to do this? I mean, John Fallows, we had this in 2005. I mean, Spark's been around some great security. That's right. Spark certainly is not dead. It's growing and thriving. Spark, Unix Spark, is this a key part of the strategy? I mean, Spark, and what is that role because you mentioned Spark with a K, which is the big data analytics in memory concept. So you got in memory, not just persistent SSD, in memory memory. So what's the dynamic between Spark, Unix Spark? Is it a platform, does Spark with a K sit on top of it? Can you slice and dice that for us? Got it, got it. So there's a lot of different angles here. So let me start with just the security angle on this one. First, and then I'll go to the Spark question in a minute. So with the advent of in-memory computing coming into play across the board because of the analytics, real-time analytics requirements of our customers. So what we have looked at is that we have to redesign our systems to be different, to be acting different. So with the in-memory coming on board, now we can actually look at what are the core security concerns. So for example, accessing data in memory like today in a secure way is nearly impossible. There is no standards available, there are no tools available for you to secure data in memory today. It's just impossible. So we have some software tools, every vendor has software tools. The moment you put the software tools on in a production system, it slows down performance by 80 to 100 times. That's the overhead involved. Impossible, that's overhead. Exactly, overheads. So essentially applications run 80 times slower, 100 times slower. So if you think about a bad job which was taking a couple of hours time and you turned it on, now you're talking about days. It's impossible to basically have it on. So what we took is that particular gnarly problem and said we can actually do some changes right in the silicon, right in the processor to assist you to enable you to protect your memory so that only the owner gets access to the portion of the memory that belongs to you. So it's like at a logical point, it's like a lock and key mechanism. If you don't have the lock, if you don't have the key, you don't have access to the particular portion of the memory. So we now prevent access to memories dramatically. And if you look at the security violations we have, Venom is a good example. Heartbreak is a good example which occurred in the last year or so. These are common memory violation related security issues. Basically hackers found base into systems because of memory violations and guarded the system. Now we absolutely completely prevent it. And the fun part is that Oracle Database comes shipping with security turned on with this particular feature. That's the only way you get it. We saw the Intel CEO on stage last night, Mark and him, we're talking about this partnership. How much, Larry talked about, we're open. You need to be able to run your application on tram in Oracle's cloud, but any cloud. How much do you have to work with the Intel teams to take some of the spark learning and put that into X86 so that I can do security memory on X86? Sure. So as Oracle, we're obviously open. We work with other partners. So clearly Spark, as in Spark C, is part of Oracle teams. So there is a very tight cooperation between the software teams and the hardware teams. The Larry's philosophy sort of executed on a day-to-day basis, right? Where we basically, on Redwood Shores and the Bay Area, sort of working together hand in hand towards improving security end to end as well as other performance factors. Now, we do talk to Intel. We expose all of the opportunities that we have with our partners and it's up to them basically to take up and run with it. So it depends on them to basically how fast they want to implement this. How about the customers now? For customers who are concerned around their future. Sure. They have Oracle as a big partner of them and you get to a fortified position. Yeah. I mean, it's interesting. John and Interdeep, we're talking about the middleware win you guys have at the cloud on-prem, really good position. Customer's going to scratch their head, okay, where do I go from here? They want a bridge to the future. So how do you talk about Super Cluster in context to the future build-out plan? How would you share your thoughts as product developer? Hey, look, we're working hard. Okay, I don't want to hear that answer, but more of specific. This is the roadmap. Connect the dots to the future for the customer. That's a great question. So Super Cluster, first of all, is an engineering system platform, which is great to run Oracle database applications all tied together. So customers have talked about security, the big concern, performance, the big concern, availability, the big concern. So number one, on the availability side, we have no single point of failure on the platform. So essentially, you can run all components of your application all on the same stack. The fun part you get is that from a security standpoint, you can actually implement your end-to-end security on a single platform. Imagine that, right? Your web stack, your middleware stack, your application stack, database stack, all sitting in the same platform where you can actually encrypt and implement security end-to-end on the same platform. So that's a massive, massive differentiation value for customers to basically get from it. John laid out an interesting vision yesterday. He was saying, look, in sort of a perfect world, perfect data center world, he said, look, everything's in memory. I do very few reads. It's just writes. And everything is high speed in Finneban 100 gig connections. That would put you guys squarely in the crosshairs of being a network vendor and being a storage vendor. Do you expect that we'll see you guys talking about really disrupting storage and networking as well because of, you know, we're moving into a very data-centric world. I have teased me very data-centric, mobile data-centric analytics. Do we expect you're going to disrupt those markets as well or do you feel comfortable where you are? So what we look forward is basically customers want simpler, easier building blocks to solve their larger problems. They do not want to be the integrators for us at the end of the day. So that's been our philosophy for quite some time. What they're looking for is platforms. Platforms to run databases, platforms to run applications, platform for end-of-the-web tier. That's what they're looking for, platforms, right? And so we have to look ourselves as a platform provider that they can run a range of applications. Customers shouldn't have to worry about what is the speed of the connectivity between my storage node and my computer node. How many blocks, building blocks do we need to have now? You don't have to, they have to worry about, hey, I want to solve my ERP problem. I want to solve my analytics problem, right? That's what they need to be thinking about. And Oracle is driving towards integrating these components together in a way to address specific issues of customer opportunity. Talk about the end-to-end security game, because what you're saying on the opening yesterday, that this is a game changer, because automating an orchestration are principles of DevOps in the cloud, and we'd love to hear that. It's a middleware concept as well. But when you actually automate a lot of these functions around security, because there is no perimeter, this is so profound right now. It's a big problem that no one really has a solution for, in my opinion. That you can actually enable an end-to-end security model. It sounds almost too good to be true. So the question is, what does it mean for the customer, and what do you guys provide specifically that provides that? So again, the CXO is sitting there saying, okay, I got to put out the new platform. Yeah, shadow IT, with big data, it's an app-driven economy. I get that we're hiring developers. A lot of POCs and business cases being established in the cloud, but then they got to get operationalized. The next question is, hey, great success. Meet my security audit guy. Everything slows down to a halt. That is a big problem. How do you solve that problem? So this is kind of where the compliance mechanism comes into play. Implementing, how do I implement the security standards? And what happens is that, as time goes by, I patch this, I change that, and I slowly start deviating from my security compliance mechanisms. I don't have a clear-cut mechanism to make sure that my entire data center is staying compliant as I change my infrastructure. This is exactly why we said, we're going to build in compliance into the platform. You basically check for compliance, and you don't have to run any compliance. We run the compliance for you, and we just tell you what the deviations are. And let's say you have a deviation in your system, we tell you, hey, if you allow us, we will actually correct the deviation for you as we go forward on this thing. Right, so that's kind of the evolution that chains that we have done on the platform. So the next question is, okay, it's a workload-specific outcome-driven economy now. Hey, this app runs here. That comes down from the top of the stack. How do you guys integrate with those developers? Because they're out there, they're like DevOps. They don't want to know the plumbing down to the chip level. And software on the Silicon is a real advancement in that performance piece. So as a person who's workload-specific, I don't really care what's going on in the covers. What do you say to that person? So this is a good question. So essentially what we've done with software in Silicon, there are sort of three pieces of software in Silicon which we did. One was security in Silicon, which is where I talked about the memory protection, the cryptographic protection for the at rest at network. So that's one piece. The second piece is around SQL and Silicon. So what that means is that we have taken the core in-memory functions of the database and we have moved that directly into the Silicon. So talk about scans, which is common, joins, which are common, filters. And you were talking about spark-on-spark, sometime back. And so what we have done is basically taken those core SQL and Silicon functions, the in-memory analytics functions, and we are exposing that to third-party developers and application providers. And we have done an integration with Spark, Spark as in Spark K, so that you can actually run your big data analytics on this platform. Just like the same applications runs the same way, it just runs a lot faster. You don't slow that and you accelerate that. It's a big deal. I mean, when VMware first came out and then Intel VT, which accelerated virtualization, market exploded, doing some of those things in Silicon that are very common, it's a really big deal. Absolutely, absolutely. The third piece we haven't talked about is the capacity. So as you move more and more data in memory, you do more and more big data stuff in memory, you want to basically compress your footprint in memory so we have a decompression algorithm in the Silicon so that you can actually keep the data compressed in memory and then decompress it on the flight process itself. All again, thoroughly innovate to completely different, don't exist in the industry at this point in time. And because of those differentiations, we can actually derive different forms of service and engineering system to give you sort of the needs on the analytics space, OLTP space, all the operational. Ganesh, thanks so much for sharing your insight here on theCUBE. We're like car geeks in technology. We want to look onto the hood, Intel. We're super excited about the super cluster in the M7, John Fowler again. It was great yesterday. I'll give you the final word. Share with the folks watching, because this is coming out for all your developers, releasing the new products. What are they going to see here? What's the main message that you'd like to share with folks here that you're super excited about? So with the new platforms, what we have, number one is that we have done all the usual stuff, increased performance by about two and a half to three X and a processor processor basis. We have 20 world record benchmarks. We double the number of cores, we quadruple the crash sizes. We have done all of that big leap, number one. But on top of it, we have done a big revolutionary thing of actually integrating software functions into the silicon. We talked about security, we talked about capacity, and we talked about basically SQL and analytics in silicon, right? That's kind of a revolutionary thing which sort of sets us new base for running Oracle database, Java middleware, and any enterprise applications coming from a customer base, from Oracle, or from a third party vendor. More cores, more performance, certainly better security for the customer securely, and a competitive advantage for Oracle. Absolutely, absolutely. You know, thanks for joining us. This is theCUBE, we're live in San Francisco on Howard Street. We'll be here for the next two days, live five wall to wall coverage in theCUBE. We'll be right back with more after this short break.