65: Nutanix Weekly: Powering Your Hybrid IT Strategy

Mar 23, 2023

 The recent pandemic upped the ante on IT modernization as most organizations accelerated cloud deployments to support workforces that distributed overnight. Now as we emerge on the other side, many enterprises are reexamining their workload deployments in the face of escalating cloud costs. Indeed, Gartner® predicts that “by 2027, 85 percent of the workload placements made until 2022 will no longer be optimal, due to changing requirements.”1 As enterprises pursue more agile, mobile, and portable applications, IT leaders need to make quick decisions about where to house their workloads and, in so doing, reevaluate their cloud strategy.

As organizations are rethinking their infrastructure strategy, they are looking to leverage new opportunities and innovations to gain agility, simplify management, drive operational efficiencies, and better equip their IT teams with the resources and skills needed to be competitive, all while keeping costs in check. The options are overwhelming. And if placing 100 percent of your workloads in the public cloud isn’t the answer, what is?

IT workload environments aren’t “one size fits all.” Many IT leaders are finding success with hybrid IT infrastructure, where applications and data are spread and shared across a combination of on-premises, colocation, and public cloud environments, based on the unique characteristics, resource utilization, performance specifications, and security requirements of each application. Hybrid IT strategies offer a host of benefits, not the least of which is that IT leaders regain control of their data, making it easier to support a remote workforce, scale their operations, increase agility, and protect critical assets, all while being cost-efficient.

Host: Andy Whiteside
Co-host: Harvey Green
Co-host: Philip Sellers

WEBVTT

1
00:00:02.160 –> 00:00:12.750
Andy Whiteside: Hello, everyone! Welcome to episode. 65 of Newton’s Weekly, or my host, Andy White Side today is March twentieth 2,023. You’ve got Harvey Green and Philip Sellers with me. Harvey. How is it going

2
00:00:12.830 –> 00:00:21.540
Andy Whiteside: going? Well, you’re getting Fancy putting the date in on that I have to, but I can’t keep track of all of them, and I go back later. I’m like what data we record that one on

3
00:00:21.860 –> 00:00:31.480
Andy Whiteside: easier to listen than it is to dig into the metadata and the details that would take like 2 extra clicks.

4
00:00:31.900 –> 00:00:36.000
Andy Whiteside: Harvey, how are things in this integral Gov. World?

5
00:00:36.070 –> 00:00:39.730
Harvey Green: Very busy. Actually.

6
00:00:39.800 –> 00:00:43.180
Harvey Green: it’s it’s been good. It’s been very busy.

7
00:00:43.250 –> 00:00:54.000
Harvey Green: So are you a CEO president, sales guy, technologist, what do you do as in tech or go? D: all of the above. Yeah.

8
00:00:54.210 –> 00:01:09.570
Andy Whiteside: that’s okay, because here’s the right guy for that in do it all with a smile, too. Absolutely. What other way is there to do it. You can frown all you want. Nobody cares. So in this moment you’re on a podcast. You’re a technologist, a sales guy, a marketing guy, or d all you about

9
00:01:11.090 –> 00:01:13.730
Harvey Green: the all of the

10
00:01:15.160 –> 00:01:26.470
Andy Whiteside: look when you’re passionate about what you do, and the brands you represent it’s it’s easy to go. Do a podcast and be a marketing guy and a sales guy and an engineer with straight face all the same time. That’s what I love about this.

11
00:01:26.630 –> 00:01:27.490
Harvey Green: as you know.

12
00:01:27.680 –> 00:01:36.010
Harvey Green: Yeah, it it does make it easy because I can be a technologist and an engineer first, and the other things just happen to hop in the car.

13
00:01:36.070 –> 00:01:44.220
Andy Whiteside: That’s right, that it so you guys have probably heard me say this. I’m sure you have somewhere along the way, and I say it all the time. People like you. You’re so passionate about it. It’s easy when you’re telling the truth.

14
00:01:44.320 –> 00:01:48.050
Harvey Green: Exactly 100%.

15
00:01:48.130 –> 00:02:01.160
Andy Whiteside: Now, fill up. I know we’ve had this conversation a little bit you just came over. I say, just it’s been a few months now. Came over from the customer side of this. Did you know that you could be on the sales slash marketing side, and still be honest.

16
00:02:02.020 –> 00:02:03.430
Philip Sellers: Well, you know

17
00:02:03.450 –> 00:02:08.960
Philip Sellers: I didn’t make the transition until I could. That was important to me. I mean, you know I

18
00:02:09.310 –> 00:02:10.870
Philip Sellers: can’t hide

19
00:02:11.060 –> 00:02:22.480
Philip Sellers: with my expression. I keep people can read my face. I don’t have a good poker face. So when when I made that transition. I needed that to happen. So that’s why I’m here.

20
00:02:22.560 –> 00:02:30.740
Andy Whiteside: and you know what. If we tell somebody something, it ends up being wrong, either because the vendor misled us or we misled because we made a mistake. You know we’ll do, we’ll we’ll make it right.

21
00:02:30.840 –> 00:02:33.350
Harvey Green: Yeah, we’ll fix it. Yeah, that’s exactly what?

22
00:02:34.270 –> 00:02:51.660
Andy Whiteside: Well, I think we have a good topic to cover today. Let me pull it up on my screen. Here it is a blog from march twentieth 2023. So it must be from today either that radically says it from the 6 months ago. So maybe they just keep it fresh by

23
00:02:51.660 –> 00:03:01.540
Andy Whiteside: the name of the blog is a hybrid cloud security. Everything you need to know. Well, that’s a that’s saying a lot, so we’ll we’ll find out what it is, Everything is a big world.

24
00:03:01.580 –> 00:03:05.670
Andy Whiteside: so maybe everything might be a stretch, but a lot of what you need to know. How about that?

25
00:03:06.770 –> 00:03:13.640
Andy Whiteside: All right, so there is nobody listed as the author unless i’m missing. I’m missing the author of this blog.

26
00:03:15.180 –> 00:03:27.270
Harvey Green: I don’t think I am no okay. All right, so it’s a guess it was a ghost writer, or maybe it was Chat AI, or whatever that stuff’s called. Oh, my gosh.

27
00:03:27.420 –> 00:03:33.350
Andy Whiteside: yeah, I think about it. You could. I mean, I get. You know, your school term paper blah, blah, blah, but just blogs.

28
00:03:33.420 –> 00:03:45.910
Andy Whiteside: You might get a lot of blogs written using, so I I Haven’t used chat gpt at all yet, but I have heard lots of things to the point that I had.

29
00:03:46.160 –> 00:04:04.220
Harvey Green: A colleague of mine said that he was putting on some some training, and he said it was actually for service. Now, he said, write a, write, an invite for service now training, and include these 3 things, and it wrote out like a full page email that he basically took

30
00:04:04.560 –> 00:04:10.350
Philip Sellers: edited 3 or 4 words and sent it out. It was like Holy crap. This is ridiculous.

31
00:04:10.780 –> 00:04:20.130
Andy Whiteside: Well, I think that was interesting time, because while we were talking, the little Chat BoT in the right hand corner came up. When we talked to me and we were talking about it. It’s it’s relatives.

32
00:04:20.940 –> 00:04:30.470
Andy Whiteside: all right. So, Philip, you helped us select this blog. The opening comments here. The opening couple of paragraphs. Why, why did you want to cover this one? And why did Harvey agree to it?

33
00:04:30.890 –> 00:04:47.940
Philip Sellers: And so, you know, we talk a lot about strategy, and this is a pretty high level blog focused on security. But we’ve got a lot of customers where we’re talking about hybrid cloud where some elements of the cloud strategy are on prem. Some of the elements are in a hyper scalar.

34
00:04:47.950 –> 00:05:02.390
Philip Sellers: and we’re having a ton of conversations, particularly around mechanics, cloud clusters or Nc. 2 on the hyper scalars and other vendors. You know it’s not just aws and azure, but it’s also equinix and

35
00:05:02.510 –> 00:05:05.940
of thef cloud, and and some of the other providers. So

36
00:05:06.790 –> 00:05:08.080
Philip Sellers: security

37
00:05:08.080 –> 00:05:27.270
Philip Sellers: is something that clearly falls to the customer. So your account, your identity strategy, a lot of those things are rules that the customer is going to have to deal with. So I feel like this is something that we really want to introduce as a topic to have customers thinking about just

38
00:05:27.270 –> 00:05:34.760
Philip Sellers: just to raise awareness, because, you know, when we talk about who’s responsible for what and hybrid cloud. Sometimes

39
00:05:34.860 –> 00:05:38.860
Philip Sellers: there’s a lot of misinformation about who’s responsible for what?

40
00:05:39.780 –> 00:05:50.220
Andy Whiteside: Well, so, Philip, true statements, true or false, you know, when it comes to security. Yes, there’s a lot of people you can rely on and trust and get advisement from. But at the end of the day

41
00:05:50.320 –> 00:05:51.290
Andy Whiteside: it’s up to you.

42
00:05:51.800 –> 00:05:53.300
Philip Sellers: Yeah, yeah.

43
00:05:53.450 –> 00:05:55.850
Andy Whiteside: you have to own.

44
00:05:56.050 –> 00:06:03.230
Philip Sellers: Yeah, I mean the the hyper scalars are not gonna solve it for you Magically, Somehow, at the end of the day your security

45
00:06:03.560 –> 00:06:07.540
Philip Sellers: through your workloads that’s going to be a customer decision.

46
00:06:07.560 –> 00:06:08.180
Right

47
00:06:09.200 –> 00:06:22.030
Andy Whiteside: so, Harvey, your thoughts on why you thought Well, let me say this before I get to one of the reasons why we chose this one, because that’s a lot of content on it and without gyro. So we need to we a lot of content. But other than that, Harvey, Why.

48
00:06:22.450 –> 00:06:23.800
Andy Whiteside: why did you choose this one?

49
00:06:24.020 –> 00:06:33.500
Harvey Green: What I mean? Same sort of concept is is still there. You know we’ve got lots of conversations that we have.

50
00:06:33.560 –> 00:06:45.430
Harvey Green: We do our best to make sure that everybody’s educated, and making sure that they understand what hurts them, what helps them when it comes to security. We talk a whole lot

51
00:06:45.490 –> 00:06:58.870
Harvey Green: about the power of mechanics and what you can get out of it, and being able to move workloads, migrate back and forth from Cloud Hybrid cloud. You know, host, the data center, Colo, whatever whatever you want to use.

52
00:06:59.020 –> 00:07:09.390
Harvey Green: And you know, sometimes I I like to bring things back so that we have the conversation of you have all of this power that you get from this tool.

53
00:07:09.400 –> 00:07:13.750
Harvey Green: But now we have to talk about. You know the the consequences of that power.

54
00:07:14.170 –> 00:07:32.870
Harvey Green: the the things that you need to know, you know, so that you don’t just take this and say, oh, this is great, and roll it out everywhere and forget that you know you have to have different security for an on-premise data center versus a a cloud data center or a call, or you know everything in between.

55
00:07:33.090 –> 00:07:45.720
Harvey Green: It’s the same concept that I try to teach my kids. When they go to the amusement part they jump on the ride, and you know, buckle up, and maybe they pull it, or maybe they don’t. Now, why will you always have to check it.

56
00:07:45.850 –> 00:08:04.060
Harvey Green: you know, like Why, they’re gonna come around, anyway. Well, you don’t depend on him. You kind of look it for yourself. What if what if you got it wrong? Well, okay, you’ll be. I’ll soon. Well, you’ll be dead.

57
00:08:04.060 –> 00:08:06.740
Harvey Green: It it won’t. Be that easy.

58
00:08:06.850 –> 00:08:11.170
Andy Whiteside: all right. Well, I just grabbed on my other screen here. I’ll drag it over, you know, and super Spider man

59
00:08:11.240 –> 00:08:22.580
Andy Whiteside: with power comes great responsibility, and I and I bring that up on, because, like with, with enablements like hyper scalars and hypervisors inside hyper scalars. That’s a lot of enablement. It’s a lot of capabilities.

60
00:08:22.800 –> 00:08:30.270
Andy Whiteside: But there’s a lot to go wrong. If you don’t pay attention to some of these finer points. So what is Hybrid Security

61
00:08:30.570 –> 00:08:31.240
Andy Whiteside: Bill?

62
00:08:32.110 –> 00:08:46.590
Philip Sellers: Well, I mean it. It’s just basically, you know, hybrid cloud means that it’s private and public. There’s some some element of both in the mixture of your strategy. And so you know you’ve you’ve got

63
00:08:46.810 –> 00:08:54.970
Philip Sellers: what you’ve traditionally run on your own premises, or your Colo, where it’s fully within your control. And some third party

64
00:08:55.080 –> 00:09:10.540
Philip Sellers: cloud services where there are elements of it that are managed by someone else that are enabled by someone else, You know. I mean it’s recognition that certain security policies only work for certain zones. You

65
00:09:10.540 –> 00:09:18.510
Harvey Green: open the front door to your house you walk in, and you want to be able to get into every room you walk into a hotel.

66
00:09:18.690 –> 00:09:22.780
Harvey Green: You really don’t want everybody to have access to every room.

67
00:09:23.040 –> 00:09:29.680
Andy Whiteside: you know. That’s a great example. Right. You walk into a hotel, and at least for most of the day. The front doors unlocked. But all the rooms are locked.

68
00:09:29.740 –> 00:09:33.560
Andy Whiteside: house, the front doors locked, but all the rooms are unlocked.

69
00:09:33.650 –> 00:09:34.640
Harvey Green: That’s it.

70
00:09:34.660 –> 00:09:39.400
Andy Whiteside: That’s kind of exactly what we’re talking about here, and we’re trying to go in between each other.

71
00:09:40.000 –> 00:09:57.470
Andy Whiteside: as if the house in the hotel or next door, and there’s a whole. There’s a walkway in between the 2. We got to change our posture from one side, and and not only that, but I mean extending upon Harvey’s analogy here. We don’t mostly carry cards in our houses.

72
00:09:57.470 –> 00:10:01.510
Philip Sellers: you know. We don’t use key cards to get into our rooms in our houses.

73
00:10:01.630 –> 00:10:18.060
Philip Sellers: but we certainly expect that when we go to a hotel right? You know we’re so you know the model for security is different, and and I know there’s smart locks and things like that, so it’s starting to fall apart on me. But

74
00:10:18.380 –> 00:10:38.160
Philip Sellers: at the end of the day the security models are a little different. What we’ve done in our own house is not the same as what we get in the hotel. And and so we have to adapt to the security model that we’re provided with so hotel, You know i’m gonna go to the Hilton and use a key card. I may go to

75
00:10:39.390 –> 00:10:42.970
Philip Sellers: the West and and have to use a key key, you know. I mean.

76
00:10:43.080 –> 00:11:04.360
Andy Whiteside: I know nobody has keys anymore. But if you take the you, you apply your logic and your strategy, and maybe you start to apply it across both. And maybe this is where Newton’s example comes in, and all of a sudden I’ve got a smart key on my phone that not only works for my house, but also works for my hotel for 3 nights until I check out and it automatically stops working

77
00:11:04.590 –> 00:11:06.120
Philip Sellers: that it was right.

78
00:11:06.310 –> 00:11:25.120
Andy Whiteside: And that really is the power of what new Tanks is trying to do here by extending a known consistent management plane and enablement and services, no matter where you run their stack. So maybe 90% of the security goes in both directions. But 10% needs to be thought of differently

79
00:11:25.120 –> 00:11:27.560
Andy Whiteside: on depending on which side at the moment you’re on.

80
00:11:27.840 –> 00:11:32.210
Harvey Green: That’s correct, or maybe it’s 90, 10, or 1090. Who knows

81
00:11:32.340 –> 00:11:44.330
Andy Whiteside: but either way you have the power of the tool in both places. So the next section says, the title of it’s the nature of security and private and public cloud, which might align with what we’re just talking about. What are they trying to get across from this point in the blog

82
00:11:44.860 –> 00:12:00.220
Philip Sellers: really is you you? You’ve got virtualized resources in both locations, but one supports just you. The other supports a lot of customers. Your connectivity is is different. Your public cloud is going to be connected to the Internet.

83
00:12:00.220 –> 00:12:10.220
Philip Sellers: And so you’re gonna have to layer on some other things. There you may have your own private network through a service provider on the private side.

84
00:12:10.510 –> 00:12:11.570
Philip Sellers: so it’s

85
00:12:11.990 –> 00:12:26.420
Philip Sellers: it. It’s one of those things where I guess you have to understand the caveat and the Graphic shows it here. One is suited for less confidential information, being the public cloud and the other more suited for your very secure

86
00:12:26.720 –> 00:12:31.820
Philip Sellers: core systems and confidential information. What I would call your crown jewels.

87
00:12:32.060 –> 00:12:47.660
Andy Whiteside: you know. I think there’s no better example than what we do. The most of we’re not limited to most of, and that’s like desktop, and that virtualization that is, you know not super well suited for the cloud, because it gets very expensive up there, and we need low latency super high performance. But the other stuff that it then talks to

88
00:12:47.820 –> 00:12:51.330
Andy Whiteside: could very much be public cloud suited

89
00:12:52.380 –> 00:13:01.460
Philip Sellers: well, and and you know not this conversation. But I like the idea of data gravity. You know. Where is your most

90
00:13:02.070 –> 00:13:19.690
Philip Sellers: centrist type data. Where’s the most important data to your business? And then you have to create an ecosystem around that to deliver and access that data. And oftentimes with customers and traditional applications that’s going to be in their own prim data center.

91
00:13:19.690 –> 00:13:31.240
Andy Whiteside: or, you know, on on their newtenance platform. Yeah, a new tanks platform in their data center, maybe in a private to my private data center, like ours. and all that high speed connected to

92
00:13:31.390 –> 00:13:39.750
Andy Whiteside: the public cloud, which is just somebody else’s data center. You know one of the big boys, and in theory the users should log in and never know where they’re at.

93
00:13:39.770 –> 00:13:41.210
Andy Whiteside: They just see what they see

94
00:13:42.350 –> 00:13:43.810
Philip Sellers: together.

95
00:13:43.900 –> 00:13:53.090
Philip Sellers: The other big difference, too, and I like that. It talks a little bit about this in this section is is the way that we access. It is is different.

96
00:13:53.090 –> 00:14:10.080
Philip Sellers: you know, with public cloud. Everything is through management interfaces, and so it’s a very standardized way of access. So They’ve taken choices off the table for us, where we had everything at our disposal in our private cloud. We can do it any way that we choose.

97
00:14:10.080 –> 00:14:23.590
Philip Sellers: There’s gonna be standard mapped ways that you do things in a a public cloud environment on a hyper scalar. And so you have to follow their rules and you have to follow the way that they give you to

98
00:14:23.610 –> 00:14:26.250
Philip Sellers: secure things to do things.

99
00:14:26.300 –> 00:14:40.900
Andy Whiteside: Yeah, yeah, when’s the last time you were talking to one of the Public Cloud providers, and asking them how they striped their disc, for you know, reads and writes so. Hey, could you just throw in some erasure coding there for us, and they’re gonna look at you and go. No.

100
00:14:40.980 –> 00:14:48.040
Andy Whiteside: yeah. you you don’t have to know nor care. Here’s what you get. and there’s a lot of benefits now.

101
00:14:48.240 –> 00:14:49.360
Harvey Green: Absolutely

102
00:14:49.560 –> 00:14:55.200
Andy Whiteside: All right, Harvey. I go to the hybrids of the benefits of hybrid cloud security.

103
00:14:57.890 –> 00:15:05.540
Harvey Green: Yeah. So you know, one of the one of the big ones they get in here on is

104
00:15:05.550 –> 00:15:09.320
Harvey Green: being able to diversify across multiple clouds.

105
00:15:09.510 –> 00:15:18.980
Harvey Green: You you definitely want to start to move into a model that that does that you in which you’re doing that.

106
00:15:19.080 –> 00:15:20.840
Harvey Green: because ultimately.

107
00:15:20.980 –> 00:15:26.910
Harvey Green: you know you always have. It is never, if in it it is always when

108
00:15:27.050 –> 00:15:33.800
Harvey Green: Ultimately you will have some time when you can’t get to one, or one is compromised.

109
00:15:33.950 –> 00:15:47.670
Harvey Green: And if you are not across multiple environments, then you basically set yourself up for being down by things that are not your fault.

110
00:15:48.110 –> 00:15:58.130
Harvey Green: You have exposure to downtime. You have exposure to the security of along the same lines as the provider that you’re using.

111
00:15:58.260 –> 00:16:07.890
Harvey Green: whereas if you strike that across multiple data centers, then you’re you know, giving yourself a much better footprint there, much.

112
00:16:07.940 –> 00:16:09.390
Harvey Green: much more.

113
00:16:09.740 –> 00:16:16.660
Harvey Green: What’s the word I’m looking for? I a much more resilient environment.

114
00:16:16.820 –> 00:16:17.410
No.

115
00:16:17.670 –> 00:16:19.170
Andy Whiteside: Don’t, we need to add to this one.

116
00:16:19.240 –> 00:16:23.910
Philip Sellers: Yeah, I mean, it’s not just resilient in my mind. I I love that that

117
00:16:24.310 –> 00:16:31.090
Philip Sellers: point because it is spot on it’s also a robustness, sometimes a and this is the generally the case with

118
00:16:31.290 –> 00:16:44.370
Philip Sellers: AI and Ml. Type workloads. But there’s a lot of things public cloud can provide that we can’t replicate on prem, and it’d be cost effective. They’re providing differentiated services, and maybe

119
00:16:44.460 –> 00:16:52.450
Philip Sellers: opening an enterprise tool set to our mid market customers who might not be able to do it. you know.

120
00:16:52.960 –> 00:17:12.069
Philip Sellers: cost effectively today. So things like micro segmentation, being able to create security policies and posture that that just weren’t possible maybe in the on-prem, as we talk about new tanks, this is where flow and flow. Security kinda comes into play, and

121
00:17:12.069 –> 00:17:38.600
Philip Sellers: and being able to do you know that configuration both on Prem and in the cloud. But then, when we start talking about augmenting native cloud services around that, then you’ve got a whole, another tool set in the hybrid scalars that are at your disposal. Those are an extension of that Newtonics when you go into a hybrid cloud, so that, I think is a benefit, because you get this robust tool set.

122
00:17:38.600 –> 00:18:00.150
Philip Sellers: and it’s on a consumption basis, pricing not something where you have to do a a 1 million and a half dollar upfront capital investment to be able to even have it at your disposal. Yeah, that that was actually the next thing that I was going to hit on is that you’ve got a set of tools there that are already implemented that have already gone through.

123
00:18:00.250 –> 00:18:11.260
Harvey Green: You know all of the things that you would go through in a normal implementation and a normal configuration. They’ve been tested. They’ve been certified, you know. All of those things are already in place.

124
00:18:11.310 –> 00:18:15.480
Harvey Green: and the work has largely been done for you.

125
00:18:15.620 –> 00:18:35.040
Harvey Green: There are, you know, a lot of customers who don’t have the resources and resources not just meaning, you know, financial resources, just the actual manpower to be able to implement the type of security tools that are already there, simply because, you know, the the

126
00:18:35.190 –> 00:18:44.270
Harvey Green: Cloud providers already have customers in there who are, you know way more worried about security, you know, than one another customer

127
00:18:44.360 –> 00:18:57.700
Harvey Green: that have already put all of these things in place that you know for somebody else to put in place would be a a monumental uplift. Yeah, it’s all within reach of customers of all sizes these days, right?

128
00:18:58.160 –> 00:19:02.190
Andy Whiteside: So what it, Philip, what are some of the challenges for hybrid class security? Then?

129
00:19:02.810 –> 00:19:21.040
Philip Sellers: Well, you know I mean, I think, one. We’ve already kind of talked about the incompatibility of of models between on-prem and public cloud, I mean they don’t act the same. So there’s a learning curve for organizations who are adopting public cloud and hybrid cloud as a strategy.

130
00:19:22.540 –> 00:19:35.530
Philip Sellers: and the the same hopes true for multi cloud. So if you’re not just working with one of the hyper scalars, there’s differentiation and and differences in how you manage between aws as your and Gcp.

131
00:19:35.600 –> 00:19:39.500
Philip Sellers: So I think that’s one of the first challenges is just

132
00:19:39.550 –> 00:19:47.530
Philip Sellers: understanding the different operating models, what they call things and what policies are available to you.

133
00:19:47.650 –> 00:19:50.610
Philip Sellers: Connectivity the other big one. I mean.

134
00:19:50.920 –> 00:20:09.220
Philip Sellers: we we joke about what’s a perfect network, you know. Perfectly secure, perfect running, and it’s a network with no users right? But that’s not a very effective network At the end of the day You’ve got to have access for your users. So that connectivity piece is where

135
00:20:09.780 –> 00:20:10.740
Philip Sellers: where

136
00:20:11.240 –> 00:20:25.170
Philip Sellers: you open the potential to get things wrong. And so it’s a critical part of your design to talk about how you get user traffic in, how you connect and extend your on prem to the public cloud.

137
00:20:25.210 –> 00:20:29.630
Philip Sellers: and how you get data between the locations.

138
00:20:30.360 –> 00:20:45.770
Andy Whiteside: What do you think you see as a challenge for the Gov users that you interact with these days? Yeah, I mean that. So the next one that they hit on here is knowing where to place data when to move it and how to handle the overall management of data.

139
00:20:45.810 –> 00:20:51.550
Harvey Green: I hear that all the time. I discuss it all the time. I mean the

140
00:20:51.750 –> 00:21:05.140
Harvey Green: yes. You have this great ability to move things, you know, back and forth to the cloud from the cloud to 1 one data center versus another multi cloud, You again. You get all of this power.

141
00:21:05.340 –> 00:21:14.970
Harvey Green: But there is so much responsibility behind that in proper planning proper design, knowing to Phillips Point earlier about data gravity.

142
00:21:14.990 –> 00:21:30.740
Harvey Green: knowing that you know when you have the Crown jewels sitting in one location, and your users are going to be accessing the crown jewels in and out all day, moving the users to a separate data center. Then, where the crown jewels live

143
00:21:30.800 –> 00:21:43.950
Harvey Green: automatically, implements, latency, and either your application can stand that or it can’t. And if it can’t, you need to know that your users need to be in the same location as where your crown jewels are.

144
00:21:44.140 –> 00:21:53.530
Harvey Green: That that’s a huge conversation that a lot of people just Don’t necessarily think about in the same way.

145
00:21:53.680 –> 00:21:54.600
Andy Whiteside: And

146
00:21:54.610 –> 00:22:05.110
Andy Whiteside: how have we? As a you know, digital workspace Oriented company? Have we typically been able to solve that? Where’s your users? Where’s the app? What’s the security needs?

147
00:22:05.220 –> 00:22:14.050
Harvey Green: I mean, I I talk about users and data as as an entire workload. I I want to make sure that they stay together.

148
00:22:14.070 –> 00:22:27.030
Harvey Green: They’re holding hands the entire time, and if at any point we separate them, we know where they’re separated, why they’re separated, and how we can, you know, make concessions to bring them closer together.

149
00:22:27.180 –> 00:22:35.510
Harvey Green: Because if you separate those things, you you definitely will feel that your users will feel that you will

150
00:22:35.590 –> 00:22:39.810
Harvey Green: see the brunt of you know what comes by way of that separation.

151
00:22:39.960 –> 00:22:47.180
Andy Whiteside: Yeah. Well, then, what I was doing there, and you answered it in a good way, too. But you know that application, virtualization

152
00:22:47.240 –> 00:22:50.490
Andy Whiteside: through presentation that we’ve done for all these years.

153
00:22:50.740 –> 00:23:06.560
Andy Whiteside: you know, if I have to put the app and the data way over here and the user over here. I can use a delivery protocol to make them feel like they’re more or less in the same room. Absolutely that that is definitely a way to help bring them closer together by way of a a protocol that’s living between them.

154
00:23:06.720 –> 00:23:18.170
Andy Whiteside: But again, that goes back to you know proper design if that goes back to making sure that if they’re not in the same place, you do everything that you can to make them feel like they’re in the same place

155
00:23:18.250 –> 00:23:29.460
Philip Sellers: when there’s one other huge one that I want to point out here, and that’s around identity. So, knowing who your users are, as you give permissions to

156
00:23:29.520 –> 00:23:49.370
Philip Sellers: the services is huge, and identities become an evolving conversation that we have with our customers, and it’s one that that I I encourage all organizations to think about, because the days of active directory being enough, those have gone, and you need a broader

157
00:23:49.480 –> 00:24:00.990
Philip Sellers: identity strategy, because the reality is. All organizations are adopting Sas and some some layer form. Whether it’s it’s it driven.

158
00:24:01.190 –> 00:24:09.010
Philip Sellers: or Hr driven, or business driven. There are going to be Sas applications that you have to to also enable.

159
00:24:09.050 –> 00:24:21.860
Philip Sellers: And if you use built in authentication for each one of those. Now you’ve got 6 7 points to revoke access to provision access. You need an identity strategy that’s going to stretch and understand

160
00:24:22.290 –> 00:24:40.200
Philip Sellers: what you’re doing from an infrastructure is a service standpoint with your app Delivery and Vdi, and also any of your Sas applications. It’s a continuum, and it’s a place where, if you don’t have a good strategy, it’s gonna get solved for you, and it’s probably going to get solved poorly.

161
00:24:40.200 –> 00:24:58.060
Andy Whiteside: So you’re saying, before you go, any of these directions before you have your Cloud initiatives and strategies start to kick in, or before you start to figure how you’re going to secure it or optimize it. Stop, make sure you got a single identity strategy that has legs on it, and then start to move forward

162
00:24:58.280 –> 00:25:10.010
Philip Sellers: Absolutely because I mean, this is a core tenet of security, right knowing who your user is, and what they have access to. That is a gatekeeper. Fundamental

163
00:25:10.280 –> 00:25:14.390
Philip Sellers: principle that you need to have worked out. And

164
00:25:14.670 –> 00:25:34.040
Philip Sellers: you You’ve got all sorts of different things again back to our our previous conversation. You got these capabilities that are built into the hyper scalars, but you may see fit to bring in a third party that just does identity for you. You may end up with an you know, as your AD, or or something that your cloud provider already

165
00:25:34.040 –> 00:25:51.460
Philip Sellers: has available to you, but you need to look at it as a central source of truth, and a place where you can revoke access, because I mean at the end of the day. Getting people in is one thing, but keeping people out

166
00:25:51.680 –> 00:26:11.280
Philip Sellers: is also a huge, huge thing. So you know, if you’ve got people who parted ways with your company, you need to be able to remote a re revoke that access. You need to be able to to make sure that you’ve gotten multi factor and identity includes that multi-factor authentication, and proving who someone is

167
00:26:11.400 –> 00:26:18.400
Philip Sellers: and then by basis we can start talking about 0 trust authentication. Models. If you’ve got a good identity strategy.

168
00:26:18.440 –> 00:26:23.230
Andy Whiteside: Yeah. all right. So the last section of the blog is how to choose the right

169
00:26:23.250 –> 00:26:27.270
Andy Whiteside: hybrid security solution and Philip Harvey.

170
00:26:27.520 –> 00:26:29.950
Andy Whiteside: Neither one of you are allowed to say it depends.

171
00:26:30.510 –> 00:26:42.810
Philip Sellers: I was accepted, even though it kind of depends.

172
00:26:43.320 –> 00:26:50.620
Harvey Green: I mean, Ultimately, my strategy is always going to involve

173
00:26:51.120 –> 00:27:09.710
Harvey Green: not locking myself in, so I I approach it from that standpoint. I’m going to want things like what? Phil just brought to the table. I’m gonna want something where I can use my identity provider to go across a a bunch of the things that i’m targeting a bunch of the

174
00:27:09.710 –> 00:27:14.240
Harvey Green: the software and data that i’m responsible for up keeping.

175
00:27:14.520 –> 00:27:20.360
Harvey Green: I am going to want to have my data live in more than one place.

176
00:27:20.980 –> 00:27:28.960
Harvey Green: I am going to want to be able to use one tool to manage that data that lives in more than one place.

177
00:27:29.140 –> 00:27:39.750
Harvey Green: I mean. Ultimately, I want flexibility. I want to not be locked in, and I want it to be secure. So I that’s that’s always on the

178
00:27:40.130 –> 00:27:51.290
Philip Sellers: so harvey since, Andy said, I can’t say it depends. I’m going to say, summarize. I’m going to try and summarize what you just said. Use them all.

179
00:27:51.790 –> 00:28:01.990
Philip Sellers: create a strategy where you can plug in any single one of them absolutely. That is the winning way to create your

180
00:28:02.200 –> 00:28:10.290
Philip Sellers: cloud strategy and your your security Strategy across them is create a framework that would work for any of them.

181
00:28:10.350 –> 00:28:27.020
Harvey Green: Yeah, ultimately in in it. You don’t always get to choose what you’re going to use that that is chosen for you so as much as you can have something that’s compatible across across what you’re using

182
00:28:27.020 –> 00:28:35.070
Harvey Green: and across what you will be using in the future that is completely undefined at this very moment. That’s the way that you want to go.

183
00:28:35.690 –> 00:28:42.720
Philip Sellers: So i’m gonna throw another curve ball at the conversation and bring it back. Mechanics. Either that

184
00:28:43.380 –> 00:28:45.200
Philip Sellers: or abstract it.

185
00:28:45.200 –> 00:29:08.450
Philip Sellers: Use something that has consistent security policies, no matter where you run it and cloud clusters, is a great example of that. Whether it’s me creating the Dr. Site on Nc. 2 running mechanics on Prem. You know we have that consistency of security policies. We have the consistency of operating model management consoles.

186
00:29:08.450 –> 00:29:15.010
Philip Sellers: So there’s a lot of benefits that come to an enterprise organization when you can standardize across those

187
00:29:15.170 –> 00:29:20.100
Philip Sellers: It’s not possible for everything. I think that’s the reality that we know, but

188
00:29:20.140 –> 00:29:32.750
Harvey Green: it certainly hits a huge swath of what customers are trying to do, I mean ultimately you. You can probably see in my answer why I like new techniques.

189
00:29:32.870 –> 00:29:42.480
Harvey Green: You. You get the power. You get, the flexibility. You get the ability to have it live in more than one place and manage it in the same way. I mean, that’s

190
00:29:43.100 –> 00:29:52.220
Andy Whiteside: that’s like almost exactly what I described, and what you’re saying. There. It’s very powerful, very ubiquitous, but also simple to manage.

191
00:29:52.290 –> 00:30:12.150
Andy Whiteside: and that’s part of new tanks getting the benefit of growing up at this time. And, I say growing up, it’s, you know, 10 plus years old now, but evolving at a time where that was the focus and not just functionality was functionality. Yes, but ease of management and ubiquitous capabilities. Across all different platforms.

192
00:30:12.150 –> 00:30:23.310
Andy Whiteside: There’s no legacy there. It’s built from day one to be ready to go in this these directions.

193
00:30:23.420 –> 00:30:26.740
Harvey Green: I mean you. You get that functionality.

194
00:30:26.750 –> 00:30:42.540
Harvey Green: but it doesn’t have to live there. You don’t have to give up the rest of what you might want when it comes to that very secure type environment. We talked about earlier where you might not be getting what you need from that perspective out of a public cloud.

195
00:30:44.080 –> 00:30:51.570
Andy Whiteside: Well, guys, I think we covered it. Philip Hardy. Anything else that you’d like to tie into this conversation?

196
00:30:55.470 –> 00:31:06.200
Andy Whiteside: Be on the lookout for more’s integral stuff, or our new workshops and other things, you know little advertising. I I almost did that.

197
00:31:06.310 –> 00:31:20.880
Harvey Green: Well, guys, I appreciate it. I’m sorry we missed Gyro today, but I think we did a pretty good job of that one, and he’ll be back with us him and Ben as well in a couple of weeks. That’s right, and Gyra as many words as we share today. You have to do as many next time.

198
00:31:20.960 –> 00:31:22.250
Philip Sellers: 100%.

199
00:31:22.570 –> 00:31:23.990
Andy Whiteside: All right, gentlemen. Thank you.

200
00:31:24.120 –> 00:31:24.940
Philip Sellers: Thanks.