54: Nutanix Weekly: Nutanix Files Episode 4.1 – A Security Story

Jun 29, 2022

With unstructured data growing exponentially, securing shared storage is increasingly becoming difficult. It is an operational nightmare to identify datacenter weak points let alone predict the next threat. Ransomware attacks are becoming more and more sophisticated, surpassing firewalls and anti-virus software. 

Does this sound familiar? You plug one hole another opens, you update software, you train end users on how to detect suspicious files or emails but the threats keep coming. The rise of Ransomware in recent years has put companies on red alert. CIO’s are well aware of the impacts this can cause and nearly all would say that security is a top priority for their business.

Host: Andy Whiteside
Co-host: Jirah Cox
Co-host: Ben Rogers


00:00:02.550 –> 00:00:09.809
Andy Whiteside: Hello everyone and welcome to episode 54 of new tonics week every host Andy whiteside i’ve got two new tonics folks with me.

00:00:10.170 –> 00:00:24.360
Andy Whiteside: gyro do you guys call yourself something special like, for example, this weekend I had on my citrix shirt and some guy recognize me as a citrix employee former citrix employee you guys have a new you guys have an affection and name for yourself don’t you.

00:00:24.450 –> 00:00:25.650
Jirah Cox: yeah man, we say mutant.

00:00:26.880 –> 00:00:29.160
Jirah Cox: which makes you curious what What do you say it’s INTEGRA.

00:00:30.120 –> 00:00:34.230
Jirah Cox: Is integrates okay well there you go that’s integrations know.

00:00:34.320 –> 00:00:41.010
Andy Whiteside: As integrations yeah we didn’t know we we pretty much steal from citrix all their good marketing stuff not the bad marketing stuff the good marketing stuff.

00:00:42.600 –> 00:00:44.130
Andy Whiteside: And they have had a lot of good stuff.

00:00:44.790 –> 00:00:46.260
Jirah Cox: That implies the existence of bad stuff.

00:00:46.920 –> 00:00:55.260
Andy Whiteside: It look if you’re it’s like I use this one, all the time it’s like it’s like auto racing specifically nascar in my case dirt track racing what have you.

00:00:55.890 –> 00:01:06.690
Andy Whiteside: If you’re not constantly tweaking you’re not really trying, because you know the tracks going to change the environments going to change what have you and there’s been probably half the tweaks i’ve ever done.

00:01:07.200 –> 00:01:15.900
Andy Whiteside: made it worse and half have made it better, but the truth is your environment is changing around you so you have to be doing something if not somebody else is going to catch you and passion.

00:01:17.550 –> 00:01:22.620
Jirah Cox: I just realized that we don’t do enough joint events together around dirt track, we need to fix that.

00:01:22.800 –> 00:01:23.880
Andy Whiteside: Oh man I would love it.

00:01:24.270 –> 00:01:28.710
Andy Whiteside: would be fun I love sliding sideways been a long time that really.

00:01:30.060 –> 00:01:39.600
Andy Whiteside: Well Okay, so that was the voice of jarrod Cox diaries our subject matter expert on all things new tannic if I ever get in a world where i’m talking to someone new tactics and i’m trying to validate myself I.

00:01:39.930 –> 00:01:47.430
Andy Whiteside: Talk about the podcast jarrod does with me and they say Oh, you must, you must be somebody then just associate with Diary, you should.

00:01:47.460 –> 00:01:47.940
Jirah Cox: You should.

00:01:48.990 –> 00:01:52.410
Jirah Cox: talk to people that are lost easily impressed, but I mean they’re pretty impressed.

00:01:53.670 –> 00:02:01.740
Andy Whiteside: Also, you guys heard been rodgers if you’ve listened to any of our other podcasts the citrix one been used to be a sales engineer over there now he’s ever written the tactics ben’s a former customer.

00:02:02.580 –> 00:02:11.670
Andy Whiteside: Used him as a reference, the other day, with a joint account they were both working on now, and you know think Ben Ben saw the vision of delivered computes in a.

00:02:12.510 –> 00:02:26.820
Andy Whiteside: Low compute fashion, in other words server hosted desktops at some point starts to bleed into vdi the world of hyper converge new tannic shows up there, but that’s been Rogers former citrus guy former customer now new tonics.

00:02:27.930 –> 00:02:31.470
Andy Whiteside: New new what you call it what was your fixing a name for yourself.

00:02:31.650 –> 00:02:32.460
Jirah Cox: or newton’s.

00:02:32.640 –> 00:02:34.290
Andy Whiteside: newton’s newton’s.

00:02:34.350 –> 00:02:34.980
Ben Rogers: yeah.

00:02:35.220 –> 00:02:39.690
Ben Rogers: I haven’t quite reached the level of Newton yet i’m called a newbie.

00:02:42.180 –> 00:02:47.520
Ben Rogers: So I think it’s when you complete your first year here you’re a newbie and and after that you can assume the name of Nick.

00:02:48.270 –> 00:02:48.630

00:02:49.800 –> 00:02:51.900
Andy Whiteside: But the acronym F and G right.

00:02:52.530 –> 00:02:54.510
Ben Rogers: There you go yeah i’m a friendly guy.

00:02:55.050 –> 00:02:55.350
Jirah Cox: Really.

00:02:55.380 –> 00:03:03.090
Ben Rogers: Probably like I would like to think and I don’t know jarrod might agree or disagree with this, I would like to think i’ve shorten the learning curve, a little bit it’s just.

00:03:03.840 –> 00:03:13.560
Ben Rogers: what’s been interesting coming from citrix to new tonics citrix had a wide portfolio to that man is a sales engineer, you had to know a little bit of the whole portfolio from end to end.

00:03:14.070 –> 00:03:21.180
Ben Rogers: New tannic is similar, you have the core product which is the ACI product, but that product and spider out and do so many things so.

00:03:21.810 –> 00:03:27.630
Ben Rogers: Learning the core has been one thing learning the 5000 things the core can do like we’re going to talk about today has been the other so.

00:03:27.930 –> 00:03:36.810
Ben Rogers: Any i’m glad to be on the podcast with you excited to be hanging out with you guys day ready to learn a bunch, thank you for allowing me to continue my journey with you guys.

00:03:38.130 –> 00:03:43.200
Andy Whiteside: So you know we kind of told been coming into this, we want to his feedback on what we do and have him chime in.

00:03:43.710 –> 00:03:48.390
Andy Whiteside: just so happens harvey’s not here today, so probably play a larger role for now until he continues to evolve.

00:03:49.350 –> 00:03:59.370
Andy Whiteside: But I am going to go to been real quick and then you remember the first time, we talked about hyper converge and what you thought about my ideas that that’s where you should be heading at that moment and and how things have changed.

00:04:00.180 –> 00:04:09.840
Ben Rogers: yeah I mean I remember the conversation you I what’s really wild about my journey here in new tannic so far is that you know, I was a three tier guy.

00:04:10.560 –> 00:04:18.540
Ben Rogers: And the economics of managing that infrastructure can be an interesting according to how you’ve purchased that three tier yes it’s not always just one.

00:04:18.840 –> 00:04:27.450
Ben Rogers: purchase, so you have to work on when do the things to appreciate it out when does it make sense, so you know I never crossed the bridge of having to go ACI.

00:04:27.930 –> 00:04:40.710
Ben Rogers: it’s something that now i’m on the side, I would have definitely done, but I would have done it more to create the environment and the platform that would then allow me to spider out to the cloud services, so this whole concept of private cloud.

00:04:41.130 –> 00:04:48.360
Ben Rogers: Public cloud hybrid cloud and new tonics really has embraced that they’re creating the platform that will allow you to.

00:04:48.630 –> 00:04:56.190
Ben Rogers: Service your on Prem private cloud workloads but then also extend those out and not have to have employees learn a whole new set of.

00:04:56.460 –> 00:05:04.620
Ben Rogers: tools man so that’s been really interesting for me and looking on my past experience, I definitely could see where I would embrace that along with.

00:05:05.070 –> 00:05:13.200
Ben Rogers: Continuing to run citrix on top of it, because the goodness of the desktop that I got there and said yeah just man i’m learning a whole bunch and.

00:05:13.770 –> 00:05:26.820
Ben Rogers: Really any time to be in it and we’re in one of those moments where this is a paradigm shift of bringing in cloud, and how does that work for every organization because they’re all going to be faced with it before too long.

00:05:27.360 –> 00:05:33.000
Andy Whiteside: But it’s into I will use that to segue into the topic today, we have to you know you have the core of hyper converge, which is really.

00:05:33.300 –> 00:05:39.900
Andy Whiteside: cloud fundamentals in your data Center and then you have things like additional features we’re going to talk about today with files and then.

00:05:40.140 –> 00:05:49.710
Andy Whiteside: The the big scary security world that needs to show up and everything but file specifically and then, finally, the third thing which been brought up, which is now the elasticity of.

00:05:50.100 –> 00:05:57.210
Andy Whiteside: Multiple data centers and having that ubiquitous layer between all of them, which is going back to which is all of it right files and.

00:05:57.810 –> 00:06:03.870
Andy Whiteside: In the core operating system, the storage operating system and all that being prepared to go left or right go straight go backwards if you need to.

00:06:04.320 –> 00:06:11.970
Andy Whiteside: And that’s you know where new tactics is really aligned itself not witness like being the cloud but being an enabler of whatever your cloud strategy is.

00:06:13.170 –> 00:06:20.880
Andy Whiteside: And I had I was at a new tannic meeting last week in New York and I brought up to the team presenting right in the middle, you help customers understand it’s not the clouds clouds.

00:06:21.210 –> 00:06:27.630
Andy Whiteside: And it can really be clouds within one single organization like Microsoft, but it could be your data Center they are dirty data Center.

00:06:28.230 –> 00:06:42.900
Andy Whiteside: Data centers and the ability to be elastic and you pick what is layer in between all that the minute somebody shakes her head yeah I agree it’s clouds not cloud all the sudden this layer that new tannic brings to the equation becomes very applicable to all conversations.

00:06:43.140 –> 00:06:49.080
Jirah Cox: yeah I usually I usually say it a little differently in my customer meetings i’ll ask like who’s your cloud provider know, whatever they say, as your aws.

00:06:49.530 –> 00:06:56.070
Jirah Cox: i’ll say actually trick question you are your company five provider right, those are tools in your arsenal right but, but your company’s cloud.

00:06:56.610 –> 00:07:09.900
Jirah Cox: Can or can or might include all of those things or none whatever the right option is right choices for your company right but but yeah having that optionality that control that agility to say things to start one place move other places yeah absolutely invaluable.

00:07:10.410 –> 00:07:23.640
Andy Whiteside: And my argument there’s people that don’t don’t want people that want you to think it’s the cloud is one of these hyper scale or players who are trying to get you to go all in on their solution, and at that point, you might you might be able to think of as one big cloud.

00:07:24.330 –> 00:07:26.910
Andy Whiteside: The truth is that doesn’t work for probably anybody.

00:07:27.150 –> 00:07:33.780
Jirah Cox: And know we get we get far too much mileage out of like a single word there right so when you think about everything from people trying to do like.

00:07:34.740 –> 00:07:44.910
Jirah Cox: mainframe X in the cloud to like server list functions talking about very, very different on the clouds in there right and then containers in the middle vs in the middle.

00:07:45.240 –> 00:07:52.890
Jirah Cox: And and we’re we’re barely even talking about same technologies but we brought them all and shy and we’re doing too much work called cloud right.

00:07:53.490 –> 00:08:03.420
Ben Rogers: Now it’s been interesting Andy since i’ve been here one of the things that they really concentrate on his workload where where where do you need your workload to reside and said.

00:08:03.780 –> 00:08:10.650
Ben Rogers: You know, part of what we have to do we go in is kind of get customers to wrap their heads around you know you’ve got all the servers and all the services that you’re.

00:08:11.070 –> 00:08:17.610
Ben Rogers: You know spinning out to the company, but where what is really your workload and where do you need to concentrate those efforts.

00:08:17.940 –> 00:08:27.750
Ben Rogers: And those are different yeah I was in commercial at citrix now i’m over here enterprise, one of the things that shocked me dealing in the enterprise space is a lot of enterprise has legacy.

00:08:28.320 –> 00:08:40.590
Ben Rogers: And they can’t really man get rid of that legacy for different reasons, but they’re looking at ways to get that legacy spent out of private on Prem to the public and so it’s been interesting to.

00:08:40.950 –> 00:08:50.460
Ben Rogers: See how many attacks can help some of the larger customers that have these legacy Apps that they can’t unfold their business from how do they preserve that and make that known for.

00:08:51.480 –> 00:09:01.350
Andy Whiteside: And for me there’s two ways look there’s legacy Apps that you’re currently still using and there’s legacy Apps that you can’t retire, for you know archival reasons.

00:09:02.670 –> 00:09:11.850
Andy Whiteside: In both cases, you might approach them slightly different, but having a again that ubiquitous i’ll probably say way too many times in this podcast having that layer that allows you to have high performance computing.

00:09:12.180 –> 00:09:18.810
Andy Whiteside: and storage oriented low performance compute is super valuable versus trying to buy that three tier thing that fits it all.

00:09:21.960 –> 00:09:25.650
Andy Whiteside: All right, um so the blog they were looking at his new tannic files.

00:09:26.460 –> 00:09:40.530
Andy Whiteside: episode four dot one a security story and we’re going to have gyro walk us through this and we’ve been time or rent time in as to why it matters to him as a as a CIO along the way jarrod who’s the author of this one I can’t pronounce it.

00:09:40.620 –> 00:09:51.300
Jirah Cox: yeah so Angela Gianni runs our Community programs so that includes like the MTC program for field evangelists as well as the Community site here.

00:09:52.830 –> 00:09:55.950
Jirah Cox: called next not to be confused with that next conference.

00:09:56.910 –> 00:10:07.050
Andy Whiteside: And he jumps into the blog talk about unstructured data I guess in that really means a database will be structured or legacy database would be structured now.

00:10:07.440 –> 00:10:16.710
Andy Whiteside: Structured data would be files and even you know tables and things that have not tables, but things that are just random data, how does it help me help me define unstructured data.

00:10:17.250 –> 00:10:27.210
Jirah Cox: yeah so commonly used for describe things like file shares right on an as to whether it’s SMB nfl windows file shares windows file servers vm physical.

00:10:28.500 –> 00:10:42.030
Jirah Cox: You know unstructured data, basically, meaning that it’s like non database non big data there’s not a schema that describes it it’s the structure is whatever users feel like on that day right users can go create great great.

00:10:42.780 –> 00:10:47.070
Jirah Cox: folder hierarchies right and that becomes the de facto organization, if you will, of the data.

00:10:47.550 –> 00:11:03.960
Andy Whiteside: So in 1999 I was these wintel systems admin for a company located here in the Charlotte area we had 54 gigs of user data files, you know group shares and things like that, and my unix administrator was after me all the time to get that under control, I wonder how much they have today.

00:11:05.400 –> 00:11:14.100
Jirah Cox: So yeah 34 gigs in 99 yeah it was like probably rivaling like this, like hard drive in my PC yeah.

00:11:14.550 –> 00:11:15.660
Andy Whiteside: Yes, that was crazy to.

00:11:15.660 –> 00:11:16.740
Jirah Cox: think probably using you know.

00:11:16.950 –> 00:11:21.120
Jirah Cox: 1020 times many spindles and costing I don’t know 100 times as much yeah.

00:11:21.720 –> 00:11:28.530
Andy Whiteside: Well, and then for this conversation it’s really about securing not necessarily managing and reducing that size.

00:11:29.130 –> 00:11:37.290
Andy Whiteside: We go into some things we got three bullets here Darren you want to go and hit these bullets and we’ll come back to Ben and asked him as a put on a CEO hat and tell us why that matters.

00:11:37.740 –> 00:11:46.500
Jirah Cox: It totally um so a couple of data points shared for like table setting in the article around you know history in sort of growth of ransomware i’m.

00:11:47.010 –> 00:12:02.970
Jirah Cox: not going to surprise anybody listening to this right from 2015 which is like not quite dawn of ransomware but early days of ransomware through last year 57 X growth in ransomware grow into a global $20 billion revenue stream, which is terrifying.

00:12:05.340 –> 00:12:12.300
Jirah Cox: A really even more terrifying one right or even people that pay ransoms ransomware only 65% recover their data.

00:12:14.280 –> 00:12:19.590
Jirah Cox: And then perhaps like let’s keep escalating the terror terror here the worst one perhaps.

00:12:21.060 –> 00:12:29.280
Jirah Cox: Average impact of a ransomware event can be 21 days of downtime which is and that would be crippling to almost any company, I can think of.

00:12:30.600 –> 00:12:39.090
Andy Whiteside: Do you think that was a company That said, you know frickin i’m not paying the ransom or is that a command just took that long to figure it out.

00:12:39.300 –> 00:12:44.790
Jirah Cox: I mean jeez sometimes even the debate around which one, are we going to be can take that long yeah yeah.

00:12:45.450 –> 00:12:48.570
Andy Whiteside: So been your CIO again um.

00:12:49.920 –> 00:12:52.800
Andy Whiteside: What does this mean to you that these these concerns, I mean.

00:12:53.790 –> 00:13:02.430
Andy Whiteside: First of all, I have my normal ransomware conversation ransomware to me is really just been a result, primarily, of all this bad stuff existed, now they had you know cryptocurrency and ways to get paid.

00:13:02.850 –> 00:13:11.400
Andy Whiteside: Then, if you’re the CEO today versus when you were three four years ago, how much more scared are you were you were you scared then.

00:13:12.090 –> 00:13:19.230
Ben Rogers: Oh, I was definitely scared, then I mean you know, healthcare, this was hitting healthcare, you know before I made the transition over to be in a sales engineer.

00:13:19.830 –> 00:13:24.210
Ben Rogers: These numbers are real and you know this bottom statistic that Java introduced.

00:13:24.480 –> 00:13:33.210
Ben Rogers: The 21 days of downtime he’s absolutely right, I mean for where I was at healthcare that would have destroyed the business they couldn’t have been down 21 days I mean you’re talking.

00:13:34.140 –> 00:13:42.870
Ben Rogers: You know neurosurgery stuff so that is an emergency world The other thing you know we’ve seen clients in the past and Andy you and I have worked on a couple of.

00:13:43.200 –> 00:13:54.600
Ben Rogers: Projects together on this we’re ransomware not only wiped out their production environment, but it went ahead and wiped out the backup environment where there was nothing left and the client had to start from zero.

00:13:55.110 –> 00:14:06.780
Ben Rogers: from scratch right So these are all real world scenarios and the you know what keeps people up at night and so i’m glad to see that our company is addressing some of this and.

00:14:07.050 –> 00:14:16.200
Ben Rogers: and bringing some real world solutions to this, because these statistics are not made up they’re real and they’re staggering and they’re growing I mean this is not going away.

00:14:16.860 –> 00:14:32.520
Ben Rogers: The the bad guys are getting smarter and the good guys, are they always seem to me to be in reactive mode and trying to flip the script and being proactive, which is what some of these tools are going to do is a great thing, so I mean I applaud but yeah it scared me then scares me now.

00:14:33.600 –> 00:14:40.470
Ben Rogers: How you handle it, you know man, make sure you got your backups going and so these techniques that john has been talking about built into our systems.

00:14:42.300 –> 00:14:44.250
Andy Whiteside: And it highlights here in the very next statement that.

00:14:44.340 –> 00:14:54.270
Andy Whiteside: This is all targeted at unstructured data, where we can those bad guys can get there, get their hooks in and wait for the right moment to be called upon next key.

00:14:54.570 –> 00:14:59.400
Ben Rogers: yeah now let’s talk about I do have a comment on the unstructured data unstructured data.

00:14:59.880 –> 00:15:10.980
Ben Rogers: people think about shares and stuff like that, but there are some database systems that use image files and if that application was written before the days of blob and some of the you know.

00:15:11.400 –> 00:15:21.300
Ben Rogers: object storage that’s out now, you could have a database engine that is pointing to flat files we call it flat file back in the day, not unstructured data.

00:15:22.200 –> 00:15:29.490
Ben Rogers: But that was a worry for me, because I was like Okay, you have these images that are being produced by the database engine.

00:15:29.910 –> 00:15:35.520
Ben Rogers: But they’re not necessarily stored in the database engine or the storage that’s doing the database engine.

00:15:35.790 –> 00:15:39.510
Ben Rogers: they’re being stored out here on some kind of unc path that the.

00:15:39.750 –> 00:15:49.980
Ben Rogers: database is aware of it can call but that to me, I considered that unstructured data, and that was one of the big things that I was scared of is that you would have a ransomware attack.

00:15:50.190 –> 00:15:57.870
Ben Rogers: And those storage silos that might not necessarily meet your database engines, but guess what when a doctor goes and pulls up that image.

00:15:58.110 –> 00:16:01.980
Ben Rogers: And it’s sitting there going we can’t find whack whack you and see fat that up.

00:16:02.190 –> 00:16:15.150
Ben Rogers: That that’s you know some of the things that scared me so when we talk about those structured data just don’t assume that it’s shares these could be legacy Apps that have pointers in them that call out to unstructured data yeah.

00:16:15.510 –> 00:16:16.170
Jirah Cox: that’s a good appointment.

00:16:18.360 –> 00:16:27.420
Andy Whiteside: So gyro walk us through this next little section talking a little bit about what new tonics has done up till now, to help with unstructured data as part of its overarching operating system.

00:16:27.660 –> 00:16:37.080
Andy Whiteside: Storage operating system which, by the way, runs on multiple hypervisor Acropolis hypervisor being one being were being one what what is new tonics done up to this point.

00:16:37.800 –> 00:16:45.330
Jirah Cox: Sure, so yeah I mean everything we’re talking about comes over and above right some of the basics that we’ve had for a long, long time right around.

00:16:45.750 –> 00:16:56.850
Jirah Cox: antivirus integration for like pick your favorite antivirus scanning engine that can then come over and scan our shares, we can like notified when new files get written notified when people want to do a file access.

00:16:58.620 –> 00:16:59.670
Jirah Cox: You can of course block.

00:17:01.170 –> 00:17:11.820
Jirah Cox: undesirable file extensions right you keep people from storing you know, in that, in that 54 gig mountain of data in 1999 right, you know no MP3 collections right no rip CDs.

00:17:13.290 –> 00:17:18.630
Jirah Cox: As well as, of course, data snapshots right so of course fully agree with Ben right you don’t want to have your backups in order.

00:17:19.650 –> 00:17:24.570
Jirah Cox: test them regularly monitor for change rates hopefully at the moment i’m kind of an immutable platform.

00:17:25.170 –> 00:17:35.880
Jirah Cox: But we also ideally want to help you never need them either right if we can recover from a snapshot on the primary storage that’s when we faster than having to hold that back from the backup tier as well, so.

00:17:36.870 –> 00:17:43.530
Jirah Cox: Those snapshots also are in play, these are all just things that that files, I think, either launched with or got very, very quickly after.

00:17:44.400 –> 00:17:54.660
Jirah Cox: Last year, we also launched data lens right which does cloud based analytics of the data itself looking for things like ransomware signatures primarily for that launch.

00:17:55.710 –> 00:18:01.380
Jirah Cox: file extension based which is we’ll talk about you know is is something it might be slightly.

00:18:02.400 –> 00:18:08.310
Jirah Cox: imperfect or not all encompassing right we’ll get into more more advanced section we’ve got now but yeah.

00:18:09.240 –> 00:18:17.910
Jirah Cox: ransomware detection powered by cloud by data lens in the cloud looking at file extensions to help identify things more quickly, so we can alert on them, and you can react to them faster.

00:18:19.170 –> 00:18:23.490
Andy Whiteside: Now is that you jumping into the four dot one behavior of data lens.

00:18:23.550 –> 00:18:24.480
Jirah Cox: or sure can yeah.

00:18:24.750 –> 00:18:25.380
Andy Whiteside: yeah okay.

00:18:25.440 –> 00:18:27.510
Jirah Cox: yeah so with this with four dot one recent.

00:18:28.800 –> 00:18:41.310
Jirah Cox: files update this lots of then now also do even deeper analysis, so we can actually look into the data streams themselves and detect a this file, even if the extension is not changed actually has changed and now.

00:18:42.420 –> 00:18:50.940
Jirah Cox: is exhibiting indicators that are probably indicate ransomware right, so you can alert on that, even within the file decision falcons itself doesn’t change.

00:18:52.050 –> 00:18:57.660
Jirah Cox: As well as behavior analysis right around hey, this is the wrong time of day for this many files to be getting touched, this is the wrong.

00:18:59.190 –> 00:19:03.570
Jirah Cox: Perhaps unusual user activity right for this account to be touching.

00:19:08.610 –> 00:19:09.660
Andy Whiteside: Sorry guys I lose you.

00:19:10.230 –> 00:19:10.920
Jirah Cox: Different we’re here.

00:19:11.310 –> 00:19:12.930
Andy Whiteside: I moved my desk I sat down and.

00:19:12.990 –> 00:19:15.720
Andy Whiteside: All right, then you start speaking, I wonder if I miss things that.

00:19:17.160 –> 00:19:18.930
Jirah Cox: I can keep going so we’re all in in through.

00:19:20.250 –> 00:19:25.170
Jirah Cox: configurable remediation policies right so like once we detect this, how do we want to respond right, and this is always.

00:19:26.190 –> 00:19:33.900
Jirah Cox: A little bit of a cultural decision for every customer, but you know, usually i’d recommend take a stronger stance right go ahead and block a session terminates sessions.

00:19:34.830 –> 00:19:42.060
Jirah Cox: cut a user off from from perhaps SMB access or no final sessions block the IP address let them call the help desk.

00:19:42.540 –> 00:19:51.630
Jirah Cox: You know apologize to them say sorry what you were doing with like ransomware versus take a softer stance and like alert someone but maybe that looking at their email inbox for the next hour.

00:19:52.890 –> 00:20:07.230
Jirah Cox: You know don’t wait for a human, to respond to that threat, be a little bit more proactive, you know if it does, you know Bruce and feelings better to prevent something that might have the indicators of malware versus versus a softer stance and.

00:20:07.260 –> 00:20:13.260
Andy Whiteside: jarrod was this all new tannic development in the product or are these things that you bought through other companies and added.

00:20:13.650 –> 00:20:16.080
Jirah Cox: I think it’s all 100% organic yeah.

00:20:16.680 –> 00:20:18.600
Andy Whiteside: But I love that because That just shows that.

00:20:19.710 –> 00:20:30.120
Andy Whiteside: Even though well, I was gonna okay i’ll say it, you know file storage and it’s not the sexiest thing, however, security around fast file storage is you know, one of the hottest topics out there.

00:20:31.470 –> 00:20:49.260
Andy Whiteside: It just shows that you guys, have you have a platform, but you’re investing in extending that platform that again goes back to cloud use cases hybrid cloud use cases private data centers semi private data centers you know the same feature sets going to work, no matter where you’re landing.

00:20:51.090 –> 00:20:53.010
Jirah Cox: Like yeah hundred percent right it’s part of the.

00:20:53.580 –> 00:21:07.350
Jirah Cox: Enhanced value of the Platform right now trying to be a single you know one trick pony around like just desktops or just you know minimally viable file shares, but like what are we really need to run this for rich enterprise right with security controls that respond to real world situations.

00:21:08.640 –> 00:21:09.450
Andy Whiteside: Then you’re going to come in.

00:21:09.540 –> 00:21:20.490
Ben Rogers: yeah I mean one of the things that I think is so crucial about this article is one of the first things he says is that some of these exploits are getting past firewalls some of the first layer defenses.

00:21:20.850 –> 00:21:24.150
Ben Rogers: So you know somebody gets an email, and it gets to the email server I mean.

00:21:24.690 –> 00:21:31.950
Ben Rogers: Our users might not be aware of that these things are happening so having some of these additional remediation processes in the background, like.

00:21:32.310 –> 00:21:39.510
Ben Rogers: Are we seeing 10,000 files being encrypted at midnight on a Friday night when nobody’s in the office that’s that’s something that you know.

00:21:40.230 –> 00:21:48.000
Ben Rogers: cios and it directors are going to get a grip on because they might not have a lens on they might be enjoying your weekend or whatever so.

00:21:48.300 –> 00:21:58.590
Ben Rogers: Again, when you read the article in totality you’ll realize that it’s just a combination of multiple things it creates a secure environment, and this is just one cog in that wheel.

00:21:58.830 –> 00:22:09.390
Ben Rogers: i’m glad we’re developing it, because things do get past the firewalls things do get past, you know email security and so having this safety net at the storage level is awesome.

00:22:10.110 –> 00:22:11.970
Jirah Cox: Totally I mean and you mentioned how.

00:22:13.290 –> 00:22:20.250
Jirah Cox: In your mind, like the the rise of ransomware tied in with like the method of payment right so cryptocurrency kind of fosters.

00:22:20.670 –> 00:22:26.760
Jirah Cox: ransomware I think it’s totally valid I think it’s one of like eight different things that all sort of enabled the rise of ransomware right.

00:22:27.660 –> 00:22:37.920
Jirah Cox: Strong encryption right Sir encryption being able to be offloaded to like a consumer grade cpu right because it’s all done on the user’s workstation right, but they have a great cpu that can do strong ciphers.

00:22:39.870 –> 00:22:48.270
Jirah Cox: Encryption in general, being a good thing right that we can do strong encryption like for end users, because all the wrestlers doing right it’s just automating things the user has permission to do.

00:22:49.560 –> 00:23:03.510
Jirah Cox: The user getting too much visibility to too much data right 20 years ago 1989 most of that user’s data, even if there was a 54 gig you know aggregate file share for users, there was way more data on people’s desktops right but encrypting woman’s desktop.

00:23:05.070 –> 00:23:13.890
Jirah Cox: was kind of a less valuable target that desktop was more like more likely to just define up die anyway right like that you know workstations were just the thing they were always in the shop.

00:23:15.750 –> 00:23:23.430
Jirah Cox: Back then, so as a result, data migrated to the data Center right, so all the data moved into user shares home shares application shares team shares.

00:23:24.750 –> 00:23:29.880
Jirah Cox: On the NASA so then that put kind of more eggs in a more valuable basket right so ransomware so hey I can hit more.

00:23:31.200 –> 00:23:31.980
Jirah Cox: effectively.

00:23:34.320 –> 00:23:41.460
Jirah Cox: And then of course yeah speed of the modern cpu right so like it got a perfect storm ransomware was almost like in some ways it’s almost a.

00:23:42.810 –> 00:23:49.260
Jirah Cox: perfect example for bad automation we talked about you know it’s definitely automation start to finish right with lots of resilient error handling.

00:23:50.670 –> 00:23:54.720
Jirah Cox: But you know orchestration automation at the desktop level nonetheless yeah.

00:23:55.830 –> 00:24:02.070
Andy Whiteside: Well, this next section talks about right once read many which I.

00:24:02.190 –> 00:24:04.740
Andy Whiteside: Think comes from the s3 world you.

00:24:04.800 –> 00:24:13.080
Andy Whiteside: clarify that, for me, if you would I I will point out the acronym of worm which insecurity terms has historically to me mean like a bad thing.

00:24:14.070 –> 00:24:24.780
Andy Whiteside: Now we’re talking about worm also being reused again as an acronym to mean a good thing jarrod what what is right once read many and my correct that came out of the s3 concept or am I wrong.

00:24:26.700 –> 00:24:33.060
Jirah Cox: about it probably predated that right, because I can think of a couple of like backup applications even back in like the tape days.

00:24:33.120 –> 00:24:33.420
Andy Whiteside: Okay.

00:24:33.480 –> 00:24:39.450
Jirah Cox: That would have operated like honestly most tape backups were sort of a right once read many construct.

00:24:40.950 –> 00:24:48.120
Jirah Cox: But but yeah it going back like a security model like what if we can take away from a vast set of users.

00:24:48.990 –> 00:24:56.640
Jirah Cox: and apply that sort of minimal permissions need to do their job and what if that includes deleting files right, can you maybe you need to be able to create files, but not delete files.

00:24:57.300 –> 00:25:05.460
Jirah Cox: or change files, which is what ransomware wants to do so, taking that away if that’s viable and a good option for for your company then it’s a great.

00:25:06.060 –> 00:25:13.590
Jirah Cox: problem solver right to say you know, maybe I can change a file for 10 minutes after I created, but after that maybe gets locked in, and now it can’t be.

00:25:14.310 –> 00:25:21.150
Jirah Cox: deleted, maybe by anybody or maybe only by like an administrator so that I can have more secure accounts that files could be deleted, if they needed to.

00:25:22.320 –> 00:25:23.730
Jirah Cox: kind of differentiating here between.

00:25:24.930 –> 00:25:31.740
Jirah Cox: You know enterprise mode versus like a true like legal legal compliance mode right we’re we’re kind of familiar with the concept of putting like a mailbox in a legal hold.

00:25:32.190 –> 00:25:38.400
Jirah Cox: fashion, so I can do the same thing with data right is it is it allowed to delete any data or it’s just really hard to delete any data.

00:25:38.940 –> 00:25:42.600
Andy Whiteside: And you know, maybe this is where i’m naive here so.

00:25:42.900 –> 00:25:54.240
Andy Whiteside: When it comes to the ransomware stuff are we taking the data letting it stay there, and encrypting it, or are we, the leading it and making the accessibility to get back to it encrypted what what, what do you ransomware folks typically do.

00:25:54.870 –> 00:25:57.000
Jirah Cox: So, usually most ransomware is going to.

00:25:58.500 –> 00:26:09.780
Jirah Cox: Take a given file like a word document andy’s favorite word document create another file that’s me andy’s favorite word document, maybe dot dot X, maybe Doc X dot bad extension here.

00:26:10.440 –> 00:26:14.730
Jirah Cox: but either way, creating a separate encrypted file and then deleting the original.

00:26:15.240 –> 00:26:24.960
Jirah Cox: Or maybe in some cases, doing an in place overwrite of that same file so such that the data is overwritten and only the encrypted data remains yeah in in either path.

00:26:25.590 –> 00:26:35.580
Jirah Cox: This kind of functionality to do right once read many the the either the update or delete gets blocked right the user, the user right bad actor ransomware.

00:26:37.110 –> 00:26:47.880
Jirah Cox: With the user credentials can either do the delete or can’t do the override to effectively destroy that data right and remove your copy of it, so the only the copier that remains yeah.

00:26:48.510 –> 00:26:54.390
Andy Whiteside: Okay, then thoughts on this technique Where are you guys using this where you came from, or.

00:26:55.200 –> 00:27:05.550
Andy Whiteside: Not in this like this version obviously you can extend have, at a time you haven’t enix but were you accomplished in this any other way or and I guess tape backup would be one of the ways we’ve done this through the years.

00:27:05.550 –> 00:27:18.960
Ben Rogers: yeah I mean man backing up to disk because there’s one way that we did we went back you know went to take to disk and then I think one comment I like to make about this particular part of the article was this idea of immutable backup.

00:27:19.710 –> 00:27:24.090
Ben Rogers: The back up not being able to be changed i’ve seen a lot of customers, as they go.

00:27:24.390 –> 00:27:36.330
Ben Rogers: we’re going to do on Prem backups for so many days are private cloud backups and the correct my my verbiage here private cloud backups for so many days, but then we want to tear those back ups off to cloud.

00:27:36.630 –> 00:27:44.970
Ben Rogers: And a lot of people want those backups when they’re tearing off the cloud to be immutable where they cannot be changed, you know and that’s the start of the Dr bcp.

00:27:45.660 –> 00:27:56.730
Ben Rogers: scenario so it’s been interesting to me and come to the side of the fence and here people go, you know what my backups go from private cloud public cloud we want them to be warm it stays.

00:27:56.970 –> 00:28:06.060
Ben Rogers: immutable no changes done told me when we will make sure that there are changes to be done so that’s where this has come up a lot for me and my conversations with my customers today.

00:28:08.430 –> 00:28:16.140
Andy Whiteside: Well, I, like you went down for the new article and brought up immutable and it’s just a smarter way to do immutable store drain.

00:28:19.890 –> 00:28:20.280
Andy Whiteside: My other than.

00:28:20.340 –> 00:28:32.670
Ben Rogers: That correct my opinion, yes, know that diary he’s the expert here but yeah if I was sitting in a another CIO role where I was responsible for the operations and, more importantly, getting the operations back up with.

00:28:33.120 –> 00:28:42.780
Ben Rogers: srp oh past are to this would be definitely something that I would be interested in, or if I was going to make that break where now i’m going to take my health care data.

00:28:43.290 –> 00:28:56.310
Ben Rogers: Which is hipaa protected and I need to ensure that it put it in a public area, even though it’s still my tenant and I should have access to it, I would want some kind of protection, ensure that that cannot be changed, was it broke that that barrier.

00:28:57.330 –> 00:29:04.170
Jirah Cox: yeah in my mind yeah immutability and worm really as a lot of overlap on the venn diagram right.

00:29:05.880 –> 00:29:16.950
Jirah Cox: That ability to save this file set can be touched can be changed until it ages out and hit some defined retention threshold right so yeah hundred percent just great label for some capability.

00:29:19.050 –> 00:29:23.940
Andy Whiteside: So this next section talks about multiple file server client networks.

00:29:25.200 –> 00:29:27.450
Andy Whiteside: gyro us and help us understand what this means.

00:29:27.840 –> 00:29:35.370
Jirah Cox: Totally so so some customers let’s say your service service provider, with a bunch of tenants that each have their own network that can’t talk to one another.

00:29:36.930 –> 00:29:46.320
Jirah Cox: In the before times right on like files for that oh and prior you would have to deploy a different files cluster right because you can X files is a cluster of virtual machines.

00:29:47.610 –> 00:29:50.550
Jirah Cox: You deploy a different cluster into each of those different networks.

00:29:51.780 –> 00:29:57.180
Jirah Cox: For each of those different tenants right which is totally fine very valid easy to size for.

00:29:58.530 –> 00:30:11.640
Jirah Cox: One objection, we would send us here is like well that’s a whole lot of compute a lot of cpu larger number of virtual machines given right every if I have a small tenant itself to deploy like three of these virtual machines to run the file services for that tenant.

00:30:12.660 –> 00:30:18.540
Jirah Cox: So this is more of a shared computer, but still network isolation approach to say I can run one cluster of.

00:30:19.380 –> 00:30:32.010
Jirah Cox: file server vm 119 X files deployment that I can then give different legs on the network right into multiple tenant environments and then even further restricted to say that if i’m coming from network, a I can only see shares a.

00:30:32.790 –> 00:30:45.120
Jirah Cox: Network beacon Lacey shares be and it’s still a shared compute environment right it’s only one set of FSB albums faster review comes to run all the different environments, but each tenant only sees their data yeah.

00:30:45.600 –> 00:30:53.520
Andy Whiteside: Not makes tons of sense, you would want this shared shared storage environment, but you would want to make sure people only saw what they had.

00:30:54.630 –> 00:31:03.300
Andy Whiteside: It really helps you in Ecstasy, they could only get to not solve but get access to what they use the network layer talk to what they have access to.

00:31:03.690 –> 00:31:14.790
Jirah Cox: Which is the same as it was before, but now we’re helping you run leaner as a service provider right or get more bang, for your buck out of the hardware you’re going to run these beams on right you leave more resources, free to do other workloads.

00:31:15.360 –> 00:31:27.690
Andy Whiteside: What was it called in the new dynamics of the Novell world where we hid shares will get hide shares from people and then Microsoft adopted that maybe 2012 timeframe of what it was that called you remember.

00:31:28.020 –> 00:31:30.000
Jirah Cox: Access based enumeration access.

00:31:30.030 –> 00:31:31.350
Andy Whiteside: yeah access based integration a.

00:31:31.500 –> 00:31:41.070
Jirah Cox: Man but it’s yeah cuz I remember, I worked in places where that like wasn’t turned on and you could see 500 file 500 directories under the share, but you can only touch two of them.

00:31:41.550 –> 00:31:51.810
Jirah Cox: Right and we tried to open any of the other ones you got an error right and access based enumeration which we also support it’s not really a security feature it’s one of the obscurity feature right.

00:31:52.890 –> 00:31:57.540
Jirah Cox: says, if I can only open to have them only show me those to not show me the 500 yeah.

00:31:58.290 –> 00:32:09.090
Andy Whiteside: yeah well and then at this point, I mean real security, especially if you said there were guys and they’re not wrong in this case starts at the network level if you can’t get there, then you have security.

00:32:09.570 –> 00:32:10.890
Jirah Cox: yeah yeah hundred percent.

00:32:12.330 –> 00:32:12.690
Ben Rogers: Okay.

00:32:13.530 –> 00:32:25.800
Andy Whiteside: The last paragraph, talks about those intent on unleashing malicious activities will continue to find strategies we just got to keep blocking them where we can and think proactively about where they’re going next.

00:32:26.910 –> 00:32:35.340
Andy Whiteside: You know what somebody wants to do harm they will find ways, but we need to turn off their basic ways they can get to us.

00:32:35.520 –> 00:32:49.380
Jirah Cox: Totally right, I mean Defense in depth applies to literally everything here right from you know, if at all possible, you know rewrite your URLs scan your incoming email block your outbound DNS so that you can’t even do look ups to get to you know bad places.

00:32:51.180 –> 00:33:01.230
Jirah Cox: But then let’s say the external is running on one of your desktops then if they can’t get there at like the layer three level that’s a good step if they can get there but they can’t enumerate that’s another good step.

00:33:01.680 –> 00:33:10.170
Jirah Cox: If they can see the file, but then that information to the directory again least possible permissions for a user role, then that’s a good thing.

00:33:10.740 –> 00:33:21.900
Jirah Cox: But then, if they can still see and touch the file Well then, if it doesn’t really need to be a file that allows updates, well then worm as well, so we’ve got a whole bunch of bunch of layers in that in that thread bottle yeah.

00:33:21.930 –> 00:33:30.390
Andy Whiteside: Well, I think Ben hit on this, a minute ago or in the beginning, that it’s lots of different approaches all coming together to form a solution.

00:33:30.900 –> 00:33:41.910
Andy Whiteside: And then I keep harping you know ubiquitously across multiple platforms, no matter where it is your cloud and your data Center your partner data Center and your pillow you know it’s all clouds at that point.

00:33:43.020 –> 00:33:54.690
Ben Rogers: funny at all i’ll jump on a funny bandwagon here with us, we kind of get to the end of this one of the things I get asked all the time come in new tannic says oh I hate Sky was dead, you know.

00:33:55.710 –> 00:34:02.130
Ben Rogers: Or, I thought you guys were storage company, you know a lot of customers think it was as a storage company or ACI what I look at him as.

00:34:02.460 –> 00:34:08.490
Ben Rogers: An ACI might be dead storage might be be dead, but what’s more important than anything is data management.

00:34:08.910 –> 00:34:19.920
Ben Rogers: And that’s really where some of these tools come into play is you know yeah yeah we can run it on the platform, but the platform doesn’t have to be physical, it can be hurtful it can be you know in third party data Center.

00:34:20.430 –> 00:34:30.060
Ben Rogers: we’re looking at tools that will allow you to manage that data set and ensure that that data set is operational and restorable if needed and multiple facets.

00:34:30.480 –> 00:34:38.940
Ben Rogers: I want to come in and one part of this article that we kind of glazed over is when I was in a managerial role, and I was responsible for these things.

00:34:39.360 –> 00:34:50.910
Ben Rogers: I selected the nist cybersecurity framework to model my framework around as far as you know, being able to remediate problems and how I go to make sure the environment is healthy and stay healthy.

00:34:51.270 –> 00:35:05.160
Ben Rogers: And part of this article addresses that man, and you know they they set they are looking at how this does things and trying to make sure that we can accomplish those things and that’s you know identify protect detect respond and recover.

00:35:05.520 –> 00:35:13.170
Ben Rogers: And if you know organizations are looking to meet those goals and that’s what they’ve set out to do, from an IP level and a business level.

00:35:13.470 –> 00:35:23.970
Ben Rogers: Our products really fall into that because we’re following those models and we’re making sure that those models are being met in our product set so I mean, I was pleased to see that when I read this.

00:35:24.150 –> 00:35:35.430
Ben Rogers: Today, that we had included a little bit of a blurb of we can help you get to a nist framework platform and and that’s that’s ministers, a lot, you know, and so I didn’t want to glaze over that.

00:35:36.750 –> 00:35:45.570
Ben Rogers: Another question I have you know we sell our based product does this technology come with our base product or just require.

00:35:45.990 –> 00:35:58.680
Ben Rogers: Additional licensing educate me, as you know what could have been a future customer now and employee trying to understand our licensing Where does this fit in our product set and how to our customers take advantage of this so.

00:35:58.710 –> 00:36:07.530
Andy Whiteside: been real quick for you go there, though, the fact that you know you haven’t done this standard that you go by that’s important, I hope, most companies have something that they’re that is their target, you know the go by.

00:36:08.940 –> 00:36:12.060
Andy Whiteside: The fact that you brought up credit lost my thought here.

00:36:13.620 –> 00:36:16.890
Andy Whiteside: The people think hyper convergence did have converged is not dead.

00:36:17.430 –> 00:36:21.930
Andy Whiteside: It is happening, whether you know it or not, and it’s obscured from you that’s that’s the thing I mean.

00:36:22.140 –> 00:36:28.200
Andy Whiteside: it’s become such the status quo behind the scenes that you think you’re getting some as a service been through there.

00:36:28.440 –> 00:36:39.060
Andy Whiteside: But if you’re building out your own or you’re planning your own companies destiny you better realize is still there and not think that you don’t need it because it only enables those things you’re going to do next, but you gotta have it if we get the next.

00:36:39.360 –> 00:36:47.850
Ben Rogers: Oh, I totally agree, I mean i’m sure there’s a lot of hyper convergence of these big data Center it means these cloud providers it’s just you know customers.

00:36:48.660 –> 00:36:52.080
Ben Rogers: You know, they want to challenges, so when I come back to you know yeah.

00:36:52.380 –> 00:37:00.780
Ben Rogers: Where I for converges company we’re storage company, we can do all those things, but more importantly we’re looking at data management and how can we make sure your data is available to you.

00:37:01.110 –> 00:37:09.990
Ben Rogers: And if something happens to it out quickly, can we get back the rpm in our to is always interesting conversation to have with it leadership.

00:37:11.010 –> 00:37:15.540
Andy Whiteside: So gyro who gets it who owns it who owns files for dot one that we’ve been talking about the last hour.

00:37:15.930 –> 00:37:17.580
Jirah Cox: yeah if you’re running an engine X cluster.

00:37:18.750 –> 00:37:26.220
Jirah Cox: Virtually every cluster in under the sun is licensed for its first tip which is like a terabyte but it’s based to versus base 10.

00:37:27.540 –> 00:37:30.750
Jirah Cox: But really close things we were you know engineers going to engineer.

00:37:31.860 –> 00:37:41.340
Jirah Cox: You can you can definitely try this out today on your cluster when you click to deploy files in prism right it’s an automated procedure for you just asked you for like some IP addresses.

00:37:41.700 –> 00:37:47.970
Jirah Cox: For what can it can assign there it’ll actually pull down the latest files at that time, so you can just tell it deploys straight on to four dot one.

00:37:49.290 –> 00:38:03.690
Andy Whiteside: And Java does files follow your your right frequency scenarios, in other words if i’ve got a file that’s in files within new tactics, is it going to be written twice written three times the data associated with it, is that the hell works.

00:38:03.810 –> 00:38:11.550
Jirah Cox: yep yeah files falls under that you know rf to rf three user configurable data management model for right right all all.

00:38:12.060 –> 00:38:17.880
Jirah Cox: pieces of data twice or three times for resiliency and then also to probably what you’re also has an Anti about.

00:38:18.690 –> 00:38:32.220
Jirah Cox: Data tearing right so hot as data lives in the hottest storage in the cluster right so whether that’s ssd versus hd or envy me versus sst or even now like updating versus envy me, whatever it is hot as data can float to the hottest tier of storage.

00:38:32.430 –> 00:38:37.470
Andy Whiteside: And then metro clusters we’re going to have it redone that somewhere else, and then we’re also possibly going to back it up on site.

00:38:38.520 –> 00:38:40.560
Jirah Cox: And we get your replicated we can.

00:38:41.580 –> 00:38:41.820
Ben Rogers: tear.

00:38:42.090 –> 00:38:43.260
Jirah Cox: It up, we can recover it.

00:38:43.410 –> 00:38:45.060
Jirah Cox: All the above yeah.

00:38:45.420 –> 00:38:54.990
Ben Rogers: i’ve had some conversations with customers talking about tearing in these different cloud providers because guess what that exists there and you’re paying for you know speed, the.

00:38:55.440 –> 00:39:02.340
Ben Rogers: ability so some customers have come to us and said how can you help us provide a better model for data data management and our cloud providers.

00:39:03.420 –> 00:39:03.630

00:39:05.040 –> 00:39:13.920
Andy Whiteside: yeah I mean you want to kind of control that destiny to you don’t just want to rely on whatever services they’re offering because then they control the narrative that point.

00:39:15.300 –> 00:39:23.580
Andy Whiteside: Well, gentlemen, I appreciate it it’s been a Monday and I snuck in a dental appointment, which, by the time yeah that till Monday I don’t know what happened to the day, but.

00:39:24.210 –> 00:39:29.310
Andy Whiteside: it’s over and we’ll got four more days for the week and i’m sure you guys have plenty to do so i’m gonna let you go.

00:39:30.450 –> 00:39:31.890
Jirah Cox: cool pleasure talking to you all, as always.

00:39:32.310 –> 00:39:34.650
Ben Rogers: always find it again, we appreciate it thanks job.

00:39:35.310 –> 00:39:35.790
Jirah Cox: Thank you.