 Hi everybody, we're back. This is Dave Vellante with Stu Miniman. And this is our spotlight on service providers. It's a critical segment of the market that Wikibon and SiliconANGLE have covered for quite some time. And we have been on this trend. I mean, we've certainly been tracking the whole cloud service provision market for a number of years now. It's a critical value add for clients. It's a distribution channel. It's a technology innovator. One of the things we said when we first brought theCUBE to VMworld 2010 is we noted that most IT shops, and virtually all IT shops you talk to, their budgets really aren't growing unless the company is growing like crazy. And even then, budgets are under a lot of pressure. It's different to cloud service providers. Cloud service providers monetize IT. They're growing like crazy. They're investing. They're innovating. And it's very difficult in our view over time for IT to close that innovation gap. And the way they close that gap really is we've talked about a number of times. They become cloud brokers. They tap the best services that they can find for the right use case. And that's really what we're sort of unpacking today. And we're taking some examples of partners of VMware, the EMC's Velocity Service Provider Program. It's a growing and increasingly rich set of partners. And one of them is Secure24. Sean Donaldson is here. He's chief architect of Secure24, cloud service provider. Sean, welcome to theCUBE. Thank you, thank you. So kind of a long-winded intro here to let you collect your thoughts about what you're going to say in theCUBE. Tell me, where are we with regard to the state of the cloud service provider? Again, you heard my intro. There seems to be significant uptake in your market space. Tell us about your company and how you're participating in that trend. Yeah, absolutely. Specifically in a cloud hosting. Cloud hosting can meet a lot of different things to a lot of different people, right? It's a very ambiguous term all the way from Amazon where you're deploying systems yourself, but you have no SLA, let's say, right? What we do is we fit a pretty unique niche in that market where we focus on high-compliancy, tier one applications. What we like to refer to as an enterprise private cloud. So our cloud hosting is really focused around what are the applications that are most critical for your business that you have challenges with today from both a maintaining top-end resources to compliancy and auditing. And you want to outsource, but you want to actually have that reassurance that they're still being secured, they still have tight SLA's around them and availability and compliancy, right? Okay, so you said, you said you called it no SLA and the no SLA, there's an SLA in Amazon, I can pull it off the web. But you're calling it no SLA and that's because you're, I'm inferring from your statement that you offer a much more rigorous SLA. Talk about that a little bit. Absolutely, absolutely. So just like within a traditional hosting environment, your tier one applications are going to be your most critical applications for your business, right? So SLA's are measured obviously with the utmost availability. So we look at hosting our infrastructure more from even an infrastructure SLA to an application availability SLA. So if the systems we run, the systems we host go down, it's not somehow that it's an inconvenience for the business, it's somehow that shipping stops on the West Coast or global manufacturing stops for an organization. Okay, so turn that or take that through to the SLA that you offer. So I mean, we all, I mean, I've read Amazon's SLA's, I've gone through and I mean essentially it's a shared risk model. Let me just put it that way. They put a lot of risk on the customer and the penalties are relatively minimal. How is yours different? So our SLA obviously varies on a client by client basis based on the architecture and design that you pick, right? So we partner obviously very closely with EMC, VMware. So based on a lot of the technologies we offer, we could offer everything from a zero RPO RTO to three or four nines, depending on what you purchase. It's all about the infrastructure as designed for the particular client and we have skin in the game, right? So there is financial penalties for us if we don't miss those SLA's. Okay, so I got to keep asking. So there's financial penalties for Amazon too, they're just minimal. Now you can argue that it's a reasonable way for them to approach the business because they're massive scale, 200,000 customers. When you say financial penalties, so give me a rough example. I mean, is there pain for you if the customer goes down and how much pain? You know, low, medium, high. Yeah, there's a significant amount of pain for us if the customer goes down. So that's, I would say, very high in that regard, right? And keep in mind, customers are trusting us with, again, like I said, their most critical applications. So SAP, Oracle, e-business, Hyperion, the financials that run their companies. So there's a high penalty there and also you got to look at it from the perspective of compliancy, right? So most compliancy, depending on if it's PCI, if it's SOCs, if it's ITAR, there's penalties that are tied to those as well. Sean, I'm wondering if you can talk to customer adoption. Obviously EMC has a long tradition of running mission critical applications, but even moving to virtualized mission critical applications, it took us years to get there. I think back to five, 10 years ago, just like Amazon is mostly test dev, that's where VM were started. How do you get that customer to not only say, okay, I'm going to be virtualized, but I'm now going to use some service provider for that. How do they make that leap of faith and how do you bring them along that path? No, absolutely. And through the progression of VMware, right? So what we've seen is with, and it really started, for us, it really started with vSphere 5, right? So vSphere 5 is really when we saw with a lot of the capabilities for increased memory, increased VMware size, that's where we saw the transition from VMware being a consolidation product to VMware being a availability product. So where we see a lot of adoption is being able to offer such things as SRM where we can fail over between multiple data centers. High availability across hardware. Some of those features and concepts are what really allow us to host those tier one applications in a virtualized environment. And not only do the consolidation, but also do increase availability and increase uptime for the client. Does that make sense? Yeah, yeah, absolutely. So I guess when I look at what's really needed in the service provider market, networking is one of the critical components. Most of the time, service providers either have some mega networking piece or they're close to their customer. How do you get your guys, is it a locality thing for most of your clients? How do you deal with that? Again, with us really focusing on top tier applications, tier one applications in the cloud, we actually, just about all of our customers connect to and to us with MPLS, right? So Secure 24 within our multiple data centers runs our own private MPLS network. And we have our clients connect into our MPLS network via their MPLS network, right? So it's kind of a bridging of the two MPLS networks. And we keep that layer three separation for each individual client all the way through the environment. Right now we're very focused on the Cisco stack. So we're very much Cisco Nexus 1000V. We're very excited about the NSX release where we've had quite a few meetings about that and we're very interested to see where that's going and see how that can kind of change the shape of virtual networking. Yeah, so I wonder if you can comment then if you're using Cisco but you're looking at NSX, there's a little bit of difference of opinion as to where the future of networking go. What's your take? What's needed from your standpoint to be able to bring your network and entire solution forward? You know, ultimately it comes down to, so a lot of people talk about software defined networking, right? One of the biggest aspects we see with NSX that is kind of maybe a little bit undercut is software defined security as well, right? So one of the big advantages obviously is the capability of being able to more easily automate my network deployment, my complex network deployments across multiple data centers, but also to take that security farther into the virtualization stack and be able to offer that security all the way up into the hypervisor in the ESX layer. So I wonder if we can come back to this whole notion that I was exploring a little earlier in this segment on competing as an ecosystem. So obviously you got the gorilla in the room, the public cloud is Amazon. You've got other large companies as well, you know, IBM and HP, huge customer bases. You and others are partnering up with companies like VMware, like EMC to compete on an ecosystem basis. What are the advantages and challenges of that approach that you see in the marketplace? Can you restate that? Yeah, so you're basically competing, not head on, you know, with an Amazon or even an HP or an IBM, you're competing as partners. You're competing, you know, together as what I would call an ecosystem. So a group of partners that bring different skill sets to the table that allow you to offer as much as a single company as a group. But so there are challenges to doing that. You know, just got to work together, you're different companies, you got different billing systems, you got different go-to-market, you got different strategies, so there's incompatibilities. So at the same time, there's advantages. You can tap resources that you don't necessarily have in turn, so I wanted you to talk about that a little bit. What are some of the pluses in the drawbacks that you find and how are you managing those? Yeah, so, you know, a lot of our stack currently is Cisco, EMC, VMware, right? And they've been very successful with us as far as growing very flexible. So a few of the things that really differentiate ourselves, obviously there's the security and the compliancy, but we very much look at ourselves as a customer service organization as well. And one of the biggest things that helps differentiate ourselves from maybe some of the other providers is that customer, as well as the compliancy and the other aspects there, but the customer service focus and the nimbleness that go to the time to market, right? A lot of our clients want that, you know, from a cloud provider, it's got to be both a balance between two worlds, right? It's got to be the balance between rapid deployment and the balance between control and compliancy. Okay, so I'm going to play devil's advocate for a minute. I want to talk about security again, so that you're, it's an area that you know very well, much better than I. So Amazon says security is our number one priority. Our security is better than most of our customers, you know, in a non-premise environment. We're innovating and you know, it's a differentiator for us. And we'll take anybody on in security. So when you hear that as a security practitioner. Yeah. At a company whose name, you know, implies security. What do you say to that? You know, I say it's, I definitely appreciate their drive toward it and I definitely think security is going to be a lot of the future. I think everybody sees that. I think a lot of evidence of the importance of security is what Amazon's doing, right? So showing that Amazon is intrinsically showing the importance of why security is important for a cloud infrastructure. And obviously taking their path to do that. Well, Secure 24, we're taking the path of partnering with, you know, VMware, Cisco and trying to, and also continuing to stay, you know, cutting edge on the security side. And what we do is what we offer sometimes that's a little more transparency into how we're doing it, right? So we can, we can bring our clients with our partners and show them the security technologies, security infrastructure and security methodologies that we're using. So, okay, so I want to follow up on that. I pick on Amazon because they're the largest player. Everybody compares to, you know, to Amazon. You can sure you get a lot of questions from customers about Amazon. So transparency. So Amazon would say to that, well, you can go in and you can get a console and you can see virtually how everything's configured and the like. We're very transparent on our security. Now I know how I would respond to that if I were you, but I want to put words in your mouth. What do you say to that? Well, I mean, I think they use a lot of proprietary code, right? It's a lot of proprietary code they run in. I don't think their transparency is quite as, as clear as a lot of these large enterprises require. So a lot of large enterprise, they require auditing from, they're continuously being audited and that's kind of where the compliancy side comes in. So when you have, whether it's PCI or SOX or HIPAA or ITAR, where you have regulations that say, for example, only U.S. citizens can access even the physical infrastructure for it, right? You need maybe a little bit of additional degrees of isolation and separation in the environment that you could ever get from an Amazon type company. Okay, so your argument is you provide that. The other thing I would say is that Amazon won't let you come in and audit the physical site. Will you do that? Absolutely, absolutely. So that's also a good example. So breaking down to what? I got a lot of them. We can talk offline if you want. No, absolutely, absolutely, yeah. It's always great to hear, right? But it's all about breaking down the physical stack or the application stack. And that's what we can even do with our clients and with the auditors. We can take it all the way from application security to the OS security, to the virtualization layer security, and looking at things like VMware, for example, there's very specific industry standard hardening guides for VMware, right? So giving that transparency to an industry standard hardening guide, auditors can accept that very well. Then getting into the data center space, right? There's very accepted industry standards for data center, hardening data center tiers, what's within it. And to your point, right? Being able to actually, here's the site, take it from all the way from a site audit all the way up through the application. John, what's your strategy with regard to alternative hypervisors or platforms, whether it's Hyper-V or OpenStack? Are you sort of riding the VMware wave in that regard, or do you have other more deliberate, sort of paths and vectors there? No, absolutely. So VMware is pretty much our primary go-to market. We do have a number of other hypervisors we run, well, for very specific use cases, right? So Oracle VM, for example, Oracle is very specific about their licensing and RedStack, right? So that's another option for, but it's all about a very specific use case. And it's not about locking ourselves into one technology. We obviously have a primary go-to market, and we've had a lot of success with VMware, and we've found it to really be one of the more mature hypervisors on the market. But we also are always trying to also stay open-minded and look at all the other... It's the best for the mission critical applications, wouldn't you say? No, I completely agree with that. There's no question, right? Practitioners worldwide would disagree, right? But yeah. I guess in public Oracle would disagree, but I mean, OVM and VMware, OVM is definitely showing up more in our surveys, right, Stu? But I mean, I think the customers speak for themselves. So Sean, talking about your environment, you have the heterogeneous pieces. If I look at the typical enterprise versus the big cloud guys or even the service fighters, it's usually around how you scale, how you can grow really fast, and how you can manage your environment. So the hyperscale guys talk about how they can manage 10,000 servers and just move in racks and new data centers easily, and the PUEs that are ridiculously low. Can you tell us a little bit about your environment and how you simplify your management? What's the size of your IT team and how much breadth are you covering and how fast are you growing? Yeah, absolutely. So we're growing at a tremendous rate. I'm trying to think of some numbers I could very, very specifically give you. It's always hard, right? But what we've kind of designed is we've kind of designed ourselves into and a lot of people take their own different approaches as we call it the secure 24 universe, right? So, which we thought was an interesting place since they said masters of the universe in the opening, right? So it actually worked out very well for us, but and our data center is a very modular data center in that approach where we can grow compute and compute resources at a very easy, modular, consistent rate. So growing, and we have a number of data centers, but for our model, growing a data center from let's say a thousand virtual machines to 10,000 to 50,000 is a consistent reproducible process. We don't run into the, at a certain point, the bubble bursts and you have big challenges, right? So, a lot of times enterprises run into that situation where there's the network infrastructure, the storage infrastructure. It runs into this case where the environment works very good, but at a particular point in scale, the complexity increases exponentially, right? So the model we've put in place is very automation focused, right? We're using VCO for that, and it's that idea of linear scalability without exponential complexity, right? So that's the compute, how about the rest of your stack? Specifically storage. Oh, storage. Well, storage is obviously a challenge for a lot of people right now, and V-Valls are very exciting to be coming out in vSphere 6. So I think we're all pretty excited about what's going to happen with that. So we use V-Max, and we've actually kind of scaled V-Max in a lot of the similar ways, right? So we're a big opponent of the V-Max 10Ks and we scale those out in equal sized chunks and grow those out kind of in the same linear fashion. So we've decoupled our enterprise compute from our enterprise storage and they both grow in their own kind of linear fashion. Okay. All right, Sean, well listen, thanks very much for coming on theCUBE, sharing your perspectives, and we wish you the best of luck and love to trade ideas and notes with you as this thing changes. It's an ever moving target, isn't it? Absolutely. You're never done, as they say. All right, Stu, thank you. Keep it right there, buddy. We'll be back up, Stu. We'll be right back. Stu and I will be back to wrap up VMworld 2013 Day 3, right back after this.