00:00
Hello, everyone. Thank you so much for joining us for the February 2022. Coffee break. Today is Wednesday, December 9th, depending on what time zone you're joining us from. As you can see today, the focus is on embracing the elephant in the room ever shifting expectations for disaster recovery and business continuity.
00:17
I'm joined by Zain Allen. Zain. Thanks so much for jumping in the boat with me today. Being willing to be here a little more about Zain in a second. Uh The reason for the topic, as you can tell disaster recovery, business continuity, it feels like it is an evergreen topic. We're always grappling with it depending on
00:31
where you are. It's more or less at different times of the year. Hurricanes, tornadoes, I don't think earthquakes are seasonal, right? But it, but it applies across the board a little bit of housekeeping as always. Um You'll see this in the follow up email uh in the PDF of the deck. I know that, hey, there's a,
00:47
there's a reason to be here for a Starbucks gift card for coffee. Thank you so much for joining for that. Uh We have uh we do now send that out after the coffee break just given this has been successful enough and we've actually had a little bit of challenge with uh automated accounts joining and trying to register for stuff. So, you know, got to grapple with the success
01:03
as well. Always want to highlight we are a year plus in and so you'll also see this in the, in the follow-up email. Some of the replays from last year have actually, I think been aging better than we thought. And we hope. And that's really because of the solution focus as always,
01:19
this isn't just like here's the peer stuff. It's more of a general, you know, kind of relaxed discussion, enough energy to keep you awake. And so whether that's Cober Netti or service economy or, you know, looking at data analytics, I mean, it's all across the board. Uh So we try to put those in and frankly, you know, I,
01:34
I find myself on a pretty regular basis sending these out to folks, not just because it's me talking, but like it's topics that matter as well. Since it's a series next month, we're gonna be, I'm gonna be joined by Tom Schroeder. Uh He's the VP of professional services at pure. And I realize, you know, I came from the customer side. So thinking about,
01:50
you know, I used to do installs when you hear consulting professional services. Sometimes you think about long migrations or endless integration projects. Sometimes you think about how do you get faster to solution success and outcomes, you know, mix up people, process technology. So what we're gonna get to some of what peer does we're gonna talk about,
02:06
you know, this general consulting and professional services, how it fits in this space overall. Next month, I'm your host, Andrew Miller for this topic. I'm not going to replay my background because you probably heard it at least a couple of times. Uh potentially uh if you haven't, uh if you're joining us for the first time,
02:21
thank you for joining. But I'm, I'm on the principal technologist team at Pure as it relates to this topic, uh Disaster recovery, business continuity. Uh I think it goes back to having failed plans as a customer that I tried to get approved for budget and didn't work out. And then a lot of quality time with site
02:37
recovery manager and Zer and replication technologies. But when I was chatting with Zain, not only Zain, do you have a lot of background around this topic? But we even shared some interesting uh graphic design background going back to like Cork Express. And um I did page maker and you said it was Rage Maker.
02:55
I'm, I'm, I'm gonna hold that against you because you were on the cork side. But Zain, if you don't mind introducing yourself. Yeah, we, we did them. All right. I went through page maker, Rage Maker to Cork to in design in fact that's, uh that's how I got into the newspaper industry where I finally started my it career.
03:10
Um But yeah, I'm, I'm Zain Allen. I'm on the, on the team here with Andrew Miller. So uh joined pure last year, year, but a big background in it, 12 years, including many different uh uh types of organizations all the way from operator or whatever. They called me in my first role to, to management, uh four years of that consulting
03:33
and, and, and even with an MSP, um, and then I was an se um, another company prior to this, uh actually focusing on data, data recovery and backup and, and, and, and those sort of things somewhere along the way in there too. I think I, I taught, I taught for a little bit, got to be an adjunct professor. Um, uh, very rewarding,
03:49
not a super from a monetary standpoint, but I really liked my time there. Um, and I don't have a picture with an exotic animal that I'm feeding. So I tried to give you, but I do have a mini towing my mountain bike. So something I've moved to the northwest in the last, what is it? 2017, I came up here, got back into mountain biking because that's when you do when you're
04:09
older. Uh, because why not? And, uh, yeah, I was towed that thing behind my mini, you know, still, still city a little bit, a little bit of a adventure there. I feel like that's some amazing juxtaposition, cognitive dissonance. I, I don't know, but it's like, I mean, it's lighter than my car,
04:25
as you can tell. I have to make sure it matches up with the windows or the, the MIRs. So today diving into and kind of wandering around like it says there, you know, ever shifting expectations, disaster recovery, business continuity to the spectrum from an agenda standpoint, a little bit familiar.
04:43
Hopefully, uh we're going to spend the first half talking about, you know, data protection, architecture knowledge. If you joined us for the very first coffee break, last January, you'll see some similar stuff because some of the concepts and principles here are timeless, you'll also see some new stuff. So as we were going through and preparing for
04:58
this, it was like, yeah, we shouldn't throw out all the old stuff because some of these concepts they still apply and it's worth thinking about them periodically and what's old is new. So, but there's new stuff in there too and updated and then we'll move into how pure can help. What a surprise. I really like the code up there.
05:13
This is from, I wanna say Eisenhower. But then sometimes depending on when I Google, I find it. But the, the idea of that in this space uh plans are useless but planning, that's everything, you know, we've got variations of what's going on and even that's a little bit of like today, we, that you and Iain, we spent some time planning out but you know,
05:31
we're gonna kind of go off the cuff a little bit and if things go a different direction, that's cool too. So we're gonna, we're gonna actually exemplify that here today. I, I used to say it, I had my, my day never went as planned, but yeah, you had to have plans for what was coming your way. So that's, that's a great quote.
05:47
No, you can always succeed if you don't plan for anything. OK. So first part around uh data protection, architecture knowledge. So the when we start out here and, and, and also by the way, sometimes as you may have noticed if you've been joining us for a while, I play a little bit more of host and, and I'm always here to make my guest look great.
06:06
Thank you Zain. But sometimes I'm a little bit more hosting, sometimes a little bit more presenting this time. It's gonna be a little bit more half and half because these are topics that we talk about and I appreciate Zane being willing to kind of kind of balance it out with me. So why we bother, you know that there's one big reason and,
06:20
and this goes to, you know, the idea of disaster recovery expectations from the business. So, you know, if you ask your CIO your CTO, you know, like how much data can you lose? How long can you afford to be down, whether it's in backup or disaster recovery, business continuity. I mean, usually the answer is, of course nothing and it's gonna always be on and
06:36
nothing's ever gonna go down. Right. And then we look at what our capabilities are from a, you know, it standpoint and of course, this could be business continuity, et cetera. But the capabilities, you know, there's often a, you know, if we want to go uni style, you know, this is a bang equals, you know, they're not the same,
06:52
whatever it is. The other way is some time to look at that as you know, business expectations of all of it that there is like it says in the title, there's sometimes kind of, I don't know, almost an an elephant in the room if you will. No, I think this might be the only presentation you see this month with a scrolling elephant. So just for your enjoyment, we are going to leave this up because it keeps going forever.
07:14
II I think you even had a story saying there where you were like it was amazing, but some people didn't think that way. Oh yeah, absolutely. So now the name makes sense. I get it. The elephant in the room. No, no, no, absolutely. I, I talk, talk about newspapers uh young in my
07:30
it career and this, this kind of was the turning point for me. So I got to do this before I was in management so I could look smart once I got there. Lucky for me. But, uh, yeah, I was, I was with a big newspaper chain. Um, I guess I could say their name because actually they don't exist anymore. They've kind of broken up.
07:44
But I was with, and I was in their community newspaper division. So I had many community newspapers and, um this is back in the day. So we had a lot of physical virtualization was being thought of. It was kind of at the corporate level. Um And we, we protected multiple systems against, you know,
08:00
with redundancy and, and replication, which, you know, they have some other stories about how well that went sometimes. But, um, but, you know, file stuff goes on premise premises there. We, uh, we, we had basic raids, you know, that was the thing back then and we, we protected against it and of course, we backed it up every night,
08:18
um, tape, tape, of course. Right. We actually had quite a silo tape for, for all of our systems. And, uh, you know, we thought, hey, someone loses the file, something goes down. We'll have last night's backup, everything will be good.
08:31
But as you can imagine, tape over the years, data grows that got slower and slower and slower, took longer and longer. And I actually saw a raid fail and, and I should mention newspapers like to kind of run their equipment uh until it's ultimately dies, right? Very, very efficient.
08:47
Um It died in the middle of that backup. So we got some data. We didn't get some other data. The raids failed and this was, um, it was on a Saturday. So, you know, kind of the week is ending. It took us, uh I think it took us a better part of the day to restore that file.
09:02
Right. Full incremental doing the whole thing. We're very proud of ourselves. We get it back up, we lose some of the data, but we get it within a day and we were excited. We thought we got this up within the day. Didn't take two days. Business wasn't down that long. They were able to call people to say,
09:16
come in later. And when we came out to announce that to the team, man, were these people upset? They were like, what do you mean? I lost Friday. I did all this work to prepare for my weekend like this. And you know, and as they're talking to me, I mean, I was like,
09:29
what do you want me to do? Right. We have a backup. We, we responded, we did everything we could but they're right. Right. Their business was impacted here. They had to go back and repeat a Friday afternoon. This wasn't great customer service. I mean, we weren't supporting the business and
09:42
what the needs were. Absolutely. And it, it changed my mindset totally. Uh as I, as I grew in it that even kind of goes to what, what things are we protecting against and you were even going there with your story. I mean, it started kind of like, here are my backups and I got stuff back. But that wasn't the perspective at all. I mean,
09:58
you want to kind of continue wandering through what things we're protecting against here that aren't tech things, they're business things. Absolutely. So, it really kind of opened my mind to that and as I moved into management there, I mean, sales and income for sure. And, and even in the newspaper business, there's all of these parts of the business,
10:14
it's a 24 hour cycle, but there's, you know, it starts in the morning with finance. You know, advertising has to do their part editorial, the press, right? Everything had to go. And if you upset any part of that chain, right, you start kicking it down the line and that newspaper gets out later, you know, you have to give back money to advertisers.
10:31
Customers are upset, right? It really, really affects the business and we had to start thinking of it in those terms. We have to think of, um, you know, how do we support this by availability, right? How to get these files back, how to, how to impact the business, at least if there is a, a disaster or a loss of data.
10:47
And on top of that, this was a major company, we were, we were under Sarbanes Oxley. I had to protect for things like that. I have, I had regulation I had to deal with. Right. Not only from the security sets but, but backups my offsite, you know, what are my schedules? Are we keeping up with this?
10:59
Um, all while trying to keep the customer happy. Right. Or internal customer. So all of it had a piece. Right. It was at the center of all of those, um all of those departments and we helped move that business along even though we weren't the core of that business. Right?
11:14
But very, and then um employee burnout is a good one, right? You're burning out it, staff as well as uh as well as the uh front end staff. It, it's a human thing, right? And I, I'm thinking I was actually trying with a peer uh here at pure and he was telling me stories about this was,
11:29
it was actually related to, you know, a full da dr recovery and he was talking about ransomware stuff and he spent three days sleeping under his desk to bring stuff back, you know, kind of thing just because he had to physically be there. Like that was so bad that actually there was no external access. I've made that joke. I've had some 32 hour days in I and people are
11:45
like, there's not 32 hours a day. I'm like, well, there is an, it sometimes all kind of just like, just blurs together. So we think about what is a disaster. Ok. And, um, you know, so I've, I've got twin, twin boys when, when I first actually started using this
11:58
picture, they were like three and four years old. They're a little bit older now. So for anyone here who has kids or has nieces or nephews or family members or you were a kid. So that's everybody, you know, if you're a kid in this picture, this is not a disaster. This is a very happy day.
12:11
But if you're the parent or the Anarchal or the babysitter, it's like I like, what am I walking into? So, so there is sometimes the perspective piece here but, but there, there is also, there is a formal definition by the way. So we talk about disasters. There's the it service management forum vent that affects a service or system such that significant effort is required to store,
12:32
restore the original performance level. It's, it's not a mild thing. OK? And that even goes into one other. Another set of concepts of this is as all that we do every industry because acronym heavy, right? But BC, business continuity versus Dr versus or, and, and, and say what and, and you're gonna put a little bit of a different lens on this
12:51
later Zain. But starting out business continuity, basically that no matter if I lose a site or systems, things just go online. So this is sometimes it fits high availability but it, it all goes on normal. Despite an incident, we may be running around like crazy under the covers to bring things back online.
13:06
But at an application, business, external level don't even notice disaster recovery. This is usually more of classically, I lost a site where I've got to fail over. Once I will go and do that, it becomes an automated process. But I've got to choose to push the big red button and choose if I want to do that. Because failing over is non-trivial. Failing back is probably nontrivial as well.
13:26
Right implies failure. The primary data center, operational recovery, this gets to uh the piece of, you know, that there's, there are some things that are just routine failures inside the data center. This is multiple power supplies, it's MP IO uh it's the stuff that, you know, is just, it frankly should be handled and having no single points of failure.
13:45
SPF would be a common acronym. So some things we look at and say, you know, because we, we could say a primary and a backup data center. Well, that's a single point of failure. We don't usually use those terms in the dr side. We do use it in the operational recovery side and the what matters there then is having things in those buckets even if the business doesn't quite understand those categories.
14:06
Um There's differing expectations from a timeline perspective and there should be some definition, even if internally preferably from the business, we'll keep going into objective definition. Iiii I know Zain here sometimes is when you were, even as a um as a professor, you kind of looked at some of the decision tree stuff around business continuity.
14:27
Yeah, for sure. Um And, and even in, in the newspaper realm, right, as I brought that to, to to the university um business continuity like II I like what you framed work here. We gotta maybe set these buckets of what it fits into. We get the business expectations, but then it's also that business uh stakeholders buy in,
14:47
right? Having a decision tree, knowing who has the authority to decide when and where we uh we, we make each level or, or each disaster recovery choice or we, we choose a kick over um choose to shut the system off. Um I was even uh reminded when I was part of an infer guard hearing the story and it was more about security,
15:08
it was actually around the target breach and saying that they, they kind of knew these things were happening. And you know, I know security though, as you say with uh with the university, I had to tell them, you know, information insurance backup is part of that is part of securing your data um as they went down the but to back the story back on the target uh when
15:28
they knew it was happening, they knew that breach was happening. They still didn't have maybe a clear set definition and, and, and the, the guy that was giving the speech was talking about it in regard to continuity plan and they were doing for uh the universities where have a clearly set defined call list, you know, who needs to be informed, um who,
15:48
who can make those decisions that way you're not running around at, at that dr time trying to uh trying to, trying to find these people wake them up, right? To get to, to, to get be able to move forward. I feel like you're saying planning is essential, but plans are worth something like planning is essential. Yes, once you know where the stakeholders are
16:05
and you know what that, what that mode uh mode forward is uh just gonna make it a lot easier. So, so what you can plan for because the there will be stuff you can't plan for. But if you haven't planned for the dome, the known unknowns, ok. We can go down that whole thing. I don't think I'll go all the way down, ok. So we think about what a disaster is,
16:24
there's a definition, but if we're trying to, you're trying to make it real, you know, it's look like in your environment, you know what kind of scenarios, scenarios matter because especially, you know, this picture uh the the the what's shown in this picture is very relevant in one geography but not relevant in other geographies, right, kind of thing as well as you know, where do we begin and how do we do it?
16:42
I'm hoping everyone joining us today is familiar with RPO and RT O not gonna beat it to death, but this is just so foundational that is from the point where there's been a disaster declared. Kind of like you were actually just saying, saying like, you know, who has the authority to say it's a disaster, especially in a fail over scenario where we're gonna activate a plan,
17:04
we have recovery point objective that looks back in time. The way that sometimes I ask this question to get folks attention is how much data can you afford to lose? And, and then the answer is none. It's like, well, there's gonna be cost for that, but let's think about it's not just how far do you go back to your story even? Like, is it a day?
17:19
Is it an hour? Is it minutes? And then from the point where you declare the disaster, how long does it take for you to come back online? And, and it's critical of declaring the disaster because if you haven't decided we're gonna fail over for several hours, the RT O clock and all the things that you've done start ticking from that time.
17:37
Now back to where we mentioned from an executive standpoint or even just a business standpoint, like, you know, if something doesn't cost anything, I'll take an unlimited amount of it. Right. You know, free goods get abused. This is core economics. But there is the classic bell curve here of that as we get,
17:52
you know, seconds, minutes, hours, seconds, minutes, hours from the recovery point and the recovery time, there's a classic bell curve of cost. Right. And what's fascinating from a technology standpoint is while it's always true that the closer we get to real time, no data loss and, and nothing going down, it costs more over time, these keep shifting. And that's one of the fun things because I,
18:15
I did some variations of some of these discussions for 10 to 12 years and even business impact analyst consulting all that. But like, you know, we can actually say in some ways, going back 10 years ago, maybe it's actually kind of shrunk down the minutes is less expensive than it was before. There's still sometimes the, the the reality of that, sometimes it feels like this,
18:35
that depending on what you're doing or you're trying to get a, an application developer that's really scarce and you can't even get them right. You know, maybe, maybe it feels like this. Sometimes. I, I know though, Zain, you, you've thought often about that that for better or worse, what we end up having here, especially kind of around this cost.
18:50
Bell curve is a level of silos. And while we went through business continuity, disaster recovery, operational recovery, you had kind of a different lens that you'd like to put on it. Yeah. Absolutely. And, and it goes back to expectations. Right. And, and, and, and you're absolutely right.
19:08
Any, any time I've done any, it project, especially on backup, it's, uh, well, can we do this? And it's, well, how much time and how much money you're gonna give me because we can probably do anything. Um, but there's a real, there's a realistic approach to this, right? What are, what are we trying to solve for?
19:20
Right. What's the problem we're trying to solve? Um So I, yeah, I like to break it up in, in uh in, in the kind of these buckets and you know, and include backup in this because company might say, hey, we want you back up. So you give me a right? And you're like, well,
19:33
not, not necessarily, right? That's not, that's not what we're gonna give you, right, the RPO and RT O being very, very much uh crucial to that conversation. So really breaking into high availability or business continuity as you put it before uh which this is really that zero down time or zero loss, getting back to data the way it was the zero wish downtime,
19:53
right? There's always some sort of a flip over depending on how you're doing it. Um But important that this is really automated and it's gonna be your most critical applications, right? Those things that you need to keep up and running and, and, and really to solve against failures uh at,
20:06
at a single point, right, like eliminating those single points of failure, right? Uh compute node storage rack, um really those kind of failures that might happen more often you can protect against it, keep the business going or even patching, right? You can use this for that. Um And then categorizing under uh disaster recovery, right?
20:24
Dr and this is more of that regional failure as we talked about the um and I, I like how you put it uh choosing to push the button, I call it like a low touch recovery. I'm gonna manually kick it off. I don't want maybe the system to decide that I have a failure, maybe I have that decision tree. Um And it looks like we kept the typo in there and might be playing to uh to tell a joke
20:46
about tape and LTO just saying, you know, that's a pretty easy for anybody. Uh But you know, man, need to kick off but you, you know what the plan is. I know what my dr is gonna be when we do this, this is how we're going to recover and this is what state we're going to get to and we're probably gonna do it in a different region and then, you know, something like a backup. Um And,
21:05
and this could be, you know, this is your backup appliance, this is putting your data out. Uh could be snapshots could be part of that. Uh But these are for, I'd say low failures, but I mean, file corruption, deletion, maybe even hackers, right? Maybe I need to restore a lot of data,
21:22
but it's not a system wide failure. Um uh So these are uh these are those kind of failures where I can restore data back to different locations, different manners from different sources, different points in time um with a very defined RPO RT O, right? I know I back up once a day, I know I back up
21:38
this or I keep data for this long, right? And I can, and then I can restore it anywhere. So I kind of like to think of these. Now there there's some bleed over, but again, you know, backup is not gonna be your H A and so forth mental constructs that help a full disclosure. We're gonna come back in later months and actually focus more on the backup in the
21:53
restore side. But it is all part of a continuum that makes sense and frankly, even tape can make some sense in here. I see a comment from, from Ryan, right? It's not that it can't make any sense in here. Um But, but, but it's definitely shifted things that are available. OK. Last couple items here as we go through some,
22:10
some overarching concepts, they're hopefully helpful. This is pulling more from some of our consulting background and customer background than it is like here's the pier stuff, although pure helps with all these things next. So how do we, how do we get to determining, you know, RPO and RT O whatever, whatever we call them to be? My slides are jumping around on me.
22:27
There we go. I want to get to this one. So how do we help the business figure that out the way that we usually do that is via a process called a business impact analysis. Sometimes this might be a consulting engagement with external consultants in the 56 figure range. Sometimes it might be something you would do internally, it's to help you understand what's
22:43
the true monetary impact, what's the most critical applications, right, kind of thing? Because that this is, and, and this is like if it goes down was the actual, you know, can we measure that per minute, per hour, et cetera. Sometimes things that uh we don't think are critical become critical.
22:59
It's a a noncritical system, but it supports a tier one system, we figure that out when it goes down, that's very painful, right kind of thing. And then that gives us the template of what we can justify from a cost standpoint, right? Because ultimately, it's like you said, we can, we can potentially do anything if we have enough money and time
23:15
but is it justifiable or worth it to the business? Does it make sense? This is not just, yes, this is not just a technical discovery exercise. It's also a discussion. Best example I know from this is, is a peer long ago,
23:30
you know, in two previous lives where he was actually interviewing a line of business owner, an application owner and say, you know, hey, what happens if this application goes down, you will bring it out, bring it down. For me. It's like it's critical and we lose all this money, da da da 15 minutes into the 30 minute discussion. Um One of this gentleman's employees books his
23:45
head in the door and says, hey, such and such application is down and the boss says, well, you know, I'm kind of in the middle of this. This is an important thing. Can you come back in 15 minutes when I'm done and I'll call in if it's still down and the consult, my consultant friend is like, can we back up the conversation? 10 minutes where he said,
24:00
like this is top tier critical. Can't ever be down, you know, like, hm, you know, kind of square that circle for me out of this often comes. Um often comes and I'm I'm just gonna kind of power through to the end here. Zain. If that's all right, we've got some other stories we'll toss in later.
24:14
Um is the idea of priority tiers, right? So you put applications as long as there's even a priority zero, this is DNS DH CPA directory, this stuff, you can't even log into the systems, the recovery systems until that stuff is online, right? Two more concepts. One's the idea of risk over time.
24:33
Anything that involves regular testing, there's drift, right. So we have new systems, we have new applications, we have new people, you know, that may not know the process or where to find the run book and that comes in kind of thing. So as we go and look at the idea of testing, um testing a plan, uh the longer we go between those times,
24:54
whatever the time is, I've intentionally left out the timeframe on here. There's the idea that your, your, your confidence level or your recovery risk inverse actually goes higher until you do the test and then you reset it back down low, you're really confident and then it just keeps going up over time, right, kind of thing that leads into the final one, which is this idea of risk actually,
25:14
I mean, like where it says recovery risk there, the idea of risk, it's a function of the likelihood of a threat Axon on, on a vulnerability and what's the impact? So what I want to dial in on here is how do you protect against high impact low probability scenarios? Ok. Um Because hopefully it's not happening every day, you're not having disaster every day,
25:35
you're not having a ransomware attack, whatever else, right? But when that happens, if we're not careful, we can get to something like this, right? You know, there's all this stuff going on. Uh, coffee dog. Right. You know, this is fine right now. It's, the fire is just keeping my coffee warm. It's not,
25:49
if you go find the rest of this one, it's not melting me in a kind of a gruesome way. Right. You know, I got out the door today. It's all right. You know, kind of thing. So it goes to the idea that in a high impact, low probability scenario, complexity is really the enemy.
26:04
And we need these last lines of defense to be as simple as possible or else not just in the classic. Oh, we need it simple, but it won't be there when you need it if it's not simple enough. And that has all these moving parts that require day to day care and feeding, it's not gonna be there when we need it. And ultimately, you know, that that can lead to this kind of thing.
26:24
So this is end to section number one. You know, for me, uh, my sad panda was every morning as a junior backup admin coming in and seeing a, a wall of red fail backup jobs, right? He was like, I just spent yesterday cleaning all that up. Um This is for anyone listening. If you have a sad panda moment for this kind of stuff, feel free to put it in the chat Zain.
26:43
But what, what's your, uh what's your sad panda story? Um I think we had talked earlier about that. It was any time I had to do a restore and especially with back my tape days, which uh I was definitely terrified of restores. Uh, cross your fingers, light some sage, you know, hope, hope the data that it says is there is there and you can bring it back in a,
27:01
in a, in a, in a, in a reasonable manner. Um But it probably led to me uh quite a career in data protection because I was so afraid of what it was. I needed to ensure that I was taking out complexity and, and uh you know, ensuring my backups were, were and my dr plans were, were solid.
27:19
I see, I see tape restore, put the media in and pray. Um Yeah. Yeah, exactly. I just go, please. Ok, so we've got about 15 minutes left and sometimes it's always hard to know how things expand. But there was, there's no way that we cover all
27:32
the pure stuff in this space because there's so much here, right? Um So this is the classic, you know, so what about pure, right? There's pure logos on the slide, but we are here to talk about pure stuff and the reason by the way that we can take such kind of a almost agnostic front end approach here and talking through both it and my
27:47
background, it's what we like to do, but we're with a company that can help with a lot of this stuff across a lot of the pieces of the portfolio. So we don't have to be like the answer is always this no matter what you tell us from a requirement standpoint. So wanna do a little bit of a global view quickly and then we'll cherry pick three items around kind of flash array replication around
28:09
ransomware and around containers and kubernetes. But from a global view, there's what we call internally. Um sometimes internally the purity protect Continuum Continuum is a fun name. It takes me back to a very old computer game. I used to play on this one on this chart. You actually see RT O going up, you know, here and RT O out to the side local. The idea is inside the data center.
28:31
So there's a lot of stuff that we can do here whether it is inside the data center synchronous replication, it's an active cluster, we can do object versioning. This may be in some cases with some customers, they've got, you know, different sides of a big data center on different power grids or a colo facility. There's a lot that we can do with local snapshots and cloning at a block and a file
28:49
level. We can offload data in interesting ways for either archive purposes or high performance purposes. You know, that can be rapid restore, backup and fast restore. You've been working a lot with a lot of our backup software partners, very tight partnership with cos around the flash recover product.
29:05
Of course, lots of orchestration and application level integration capabilities. All the software is included. Pier One go back two months. A lot of this stuff shows up in Pier one. This is where the platforms we provide are evergreen, you know, they get better over time and you can refresh them. Let's flip that around from a remote and then there's ransomware specific pieces that wrap
29:24
around some of these. I got that transition if we flip it around from a remote standpoint. OK. So same kind of construct RT O here. RT O going this way but remote going outside the data center, excuse me, you're gonna see a lot of the same pieces here. Although you will see one like say active dr this gets into low RPO,
29:43
we're going to go there deeper in a minute, you know, replication options and archive options outside the data center, replicated backup options. So sometimes when we're, you know, white boarding this out, it almost feels a little bit like a whiteboard. I I can feel I can see your fingers kind of itching a little Zan because you like to whiteboard more than slides,
29:57
right? So this is almost the style of what you might might whiteboard. You can be like jazz hands. So the because there's so much here and actually you'll see this in some of the follow up uh links in the email or even just going to the pure site.
30:11
We thought what we do is instead of trying to cover all of these and not even hit it a little bit and I'll take a sip of water here. I'll toss it to Zane. Th thanks Sam. We want to focus on three areas. The first is when we look at flash array. It's pretty fascinating how much is available on platform from a data protection standpoint.
30:34
Do you mind taking us through that? Oh, absolutely. So yeah, these are features built into uh PD OS. Um And we got them listed here as, as, as that RPO kind of fan uh RPO and RT O fans out. So first one is active cluster that's gonna be your, your zero your zero RPO RT O. That's that H A, that's that business continuity, right?
30:54
Built into the arrays easily stretch that in the, in the concept of pods uh which is very, very interesting then we have active Dr, right? So a little stretched out a little farther, maybe a little more geo geo uh redundant. Um But still getting you close to that, that low rpo RT O, right? Something that um get you back up and working more, more towards the DR side, right? But availability if you will still um and then
31:20
of course, a sync replication kind of more points in time replicating those over to another site. So I can really kind of uh keep this maybe longer and and distance and, you know, my RPO RT O is fading out. But again, you know, all features that are in that same pure D OS. Um And then of course, we can offload those, keep local snapshots,
31:38
like I said, kind of augment your backup with, with, with that technology. I think I keep going or I'll jump in, I keep going. So the what, what's fascinating here is that all of these are, you don't see anything here on this about separate licensing cost, separate hardware, et cetera. And where sometimes when I'm chatting about
31:56
these and even going back to my history where sometimes I had, I had other platforms where I didn't necessarily know what I needed in the future. But then if I didn't plan well from a rack space standpoint, I had to add some appliances in or I didn't buy the license because I didn't need it then and I was trying to, you know, save to buy something. So this is all included without so extra
32:16
licensing cost without extra hardware. And the concept there that I love to park on is the idea of architectural flexibility and not knowing what's coming in the future. And even if you know, a certain workload is say, you know, kind of mid-range rpo and RT O and that workload needs to go up a lot higher from an RPO RT O standpoint, it's not a big deal or it's still work.
32:36
Let's be real about it. We've still got to do stuff, but it's not a, I've got to get extra hardware and I don't know if I can pull this off and what's my budget kind of thing. So that idea of like, not knowing where workloads are gonna go and what's the future all of this being built into flash Ara and I've even worked with some of the other synchronous replication technologies
32:50
where you would never describe them as simple and included just you wouldn't, they were good but it's not what they were. Not even one or the other. Right. It's neither. Yep. Yep. Yep. No, I think that's a great point. Right. It's, it's built in and you can add them on as you go. Right. Absolutely. It's a beauty simplest.
33:06
Activate next piece. I, I think we're not allowed to have a session where we, at least I think I already said ransomware. So anyone who's, uh crossing off buzzword bingo has probably already checked that. But I'm gonna let them check the cross off the ransomware, uh, term with authority on their bingo card. In this section.
33:26
I talk about this topic almost too much. So I was, I was looking forward to hearing kind of your, almost, you know, outside in perspective because you've been here for a little while. But you've actually been looking at this, this topic more from before pure than at pure. I have. I have. Yeah.
33:40
Yeah, I was in se with uh with the data protection software. And um we would talk about this together and I always liked this message because I believe it, right. And I think you hit on that kind of in the last ones. Um So we're talking about ransomware attack mitigation, really any recovery, but definitely around that you need something simple to
33:58
implement. And I think simple to operate is even more important management, right? More management layers means more failures, more human touch if you will. Um You just don't know if it's gonna be there when you need it. Um But you also need to know that your data is intact the way that you expect it and that it's
34:14
available to you and that during the attack immutable. And I think, you know, that's kind of a word people have different uh uh definitions for, but really something that can't be changed makes sense. Our snapshots or our DR technology has that. But I like this idea of resiliency. That's kind of the word I use meaning it can't be changed,
34:32
but I also can't remove it before it's time, right? I and I have a set period of time for it. I know it'll be there when I need it, right if I need to recover from it. And then of course, you know, all flash unmatched speed for recovering or restore iteration when we were looking at earlier about H A and Dr and backup,
34:48
you know, there are a lot, especially in backups probably were gonna come from. So you're gonna go back to point in time and now you might have to restore a lot of data and if you're doing that from, so I say tape is in dr if I'm trying to do that from, from something that's slower or even farther away from production, that's just gonna add to that RPO and RT O that I did not plan for.
35:06
So, and that's kind of how I look at those three and, and having a system or solution that, that gives you all three is, is, is crucial. So while we could talk a lot about um some of the pieces we've had for a while around snapshots and, and it's always interesting to kind of sometimes reeducate people around snapshots
35:22
because it's better. There's one specific extra layer here of safe mode, I think. Yeah, I, I think I'll keep being quiet if you don't mind walking through a little Zain from, from your standpoint. Absolutely. Yeah. I mean to, to want to educate about snapshots, but this works because of the way pure does it snapshots.
35:40
We'll say that. And once, once I learned that I was told that's why I'm here. Um But it's this kind of the concept I said before, the mutable snapshot snapshot immutable can't, can't change the data, but it's more than that. It's my admins can't delete this. I set these so safe mode is really I set policies.
35:58
Um and this idea of this eradication uh bucket or I guess it's the late bucket. But the eradication mode that peer builds in or a snapshot or a volume doesn't quite leave the array to you, to you forcefully delete or eradicate it. Um But blocking that first period of time and elongating that that time period and then even taking away the uh admins uh ability to do that by having this agreement with the business and
36:18
peer support uh to have kind of other stakeholders, other key holders that have to be involved in the process of making any changes. Uh just really goes back to that resiliency and, and, and ensuring that your data is there when you need it and you can recover from even the most compromised of environments. The um sometimes like it says their permission, I like that too.
36:39
But yeah, permission. Air gap, I, I like that term. I like that term. It's, it's cheating a little bit because um let's, let's let's be all very real here um Outside of mission impossible and Tom Cruise, there's not real air gaps in it or, or actually no, let's be defense and military purposes. Usually when we see the term air gap, it's about a network draw bridge that goes up and
36:57
down with a lot of cost, complexity and slow restore times which are a problem in a rent more scenario. So this gives the idea of the separation of power. So sometimes I use the term informations air gap with a little bit of a wink and a nod. Well, no, and it's, it's giving, it's achieving that goal,
37:12
but keeping your data kind of close to the source so you can bring it back quickly. That's, that's why I love it. Right. So last piece here and, and to be clear, there is stuff while we didn't go and cherry pick on flash blade, uh flash blade has great replication capabilities, both at a file and an object level. OK?
37:27
As well. There's both backup replication capabilities. There's a lot that we're leaving out here as we're, you know, go back to that purity protect continuum. Last one, number two that we're kind of cherry picking. Sometimes I think about the idea that even if there's, there's different distributions and
37:42
kind of the folks that I that I chat with of people that are all in on Kubernetes containers, et cetera or really let's be real. This is about if a nextgen application development strategy that is driven around using micro services, if you want to do that, you've got to have lots of little instances which are containers and then you'd keep Huber Netti to deal with. I've got a million containers or 100,000
38:04
containers or 10 containers either way, maybe not 10, but still OK. So when we start to do that and at that point, we're firmly into DEV ops land, we're into the the data protection and the data abilities are often getting abstracted up above the infrastructure layer, right, more up into the application layer.
38:22
And I think as infrastructure teams and even application teams, even if, if you don't care about Cober ttys, Cober netti cares about you kind of thing. This is the landscape we're going to. So sometimes I'll have the conversation with folks that are like, you know, if you're not thinking about this, you want to think about it,
38:36
you want to get ahead of it from a career standpoint. It's, it's worth it. Even if it feels a little buzzword. Sometimes like this is coming as a bigger wave from a peer standpoint, we're both trying to provide what people need when they're ready in that area, but also embrace the people that are pushing further ahead in this space.
38:53
That's why we acquired Port works and there's two main messages here. One is while Port works is a data Hubert's data services platform. You know, ranked very highly from GE go home. It's the any any, any approach. So that's part number one piece. Number one here, you know, just about any app, you can think of Verne's distributions all over
39:11
the place, including cloud hosted Kubernetes distributions that you see some of them here because a lot of that's a pretty high stat. I think I saw it 70 plus percent TTI distribute is actually running the cloud and maybe even one cloud depending on the stat in any cloud, multiple clouds, any infrastructure, you don't see these logos on pure slides very often, right? Cobert Port works is fundamentally software
39:32
software only. We want to make it work best with pure storage. And actually before we, before peer acquired port works, the largest port works customer independently chose pure because they wanted the storage to be invisible. It's kind of cool, but we're not gonna leave all these other people out here in the cold.
39:48
You know, we hope we'll see, you know, the light but also even let's think about it in the cloud, right? You know, so it's bare metal, you know, other other infrastructure. So storage in the cloud, any any stage. The second piece here is around the modules, whether it's providing a common provisioning API on prem hybrid in the cloud protecting
40:07
data at an application level, visibility, actually integrating up to the application, whether it's backup or disaster recovery, even some things with synchronous replication at a cooper netti level, that's pretty cool, flexibility and freedom to develop in one spot and then move it on prem to the cloud, the cloud on prem have the have the same experience both depending on what makes sense for your economics, security matters as well as and I
40:28
could go way deep there. We did last month with Nick as well as from an autopilot standpoint. This is about github get lab type integration and automation as well as even sometimes better fa more intelligent provisioning to help with the cost. That is the 90 well, maybe it was the 182nd version of port works. Go back and look at the April uh session for a
40:47
much deeper version of this and we're probably gonna revisit this topic next month because this is kind of relevant. But the data protection aspect it actually matters and sometimes it's easy to be focused just on the infrastructure layer for this. With that Zain, I think we are, believe it or not. Once again at the end here, this is our uh this is the classic,
41:06
you know, agenda slide. Hopefully you've got a sense of how the concepts we were talking about at the beginning are enabled by a comprehensive, all included, simplified, differentiated set of data protection capabilities. Any final thoughts before we and for everyone, we'll be, we'll be staying around for Q and A but any final thoughts and you know,
41:24
the formal the formal session, I mean, there's a lot to this subject. So there's pure uh sales teams and, and, and even Andrew myself and JD love talking about this stuff. So definitely here to answer questions here and beyond that. Um But yeah, hopefully, hopefully you got a sense of, you know, what, what goes into, maybe you're reminded,
41:44
maybe these are things. Uh and then, you know, where the tools that uh pure could help uh along the way. Thank you. I appreciate so much for jumping in the boat with me on a, on a topic being real. Sometimes the preparation, it's, it's always ahead of time, but sometimes it's the last second.
41:58
Say it was a, it was a great sport here next month. Thank you. Next month, Tom Schroeder is gonna be joining us for a discussion about solution, success and faster outcomes. If you stayed around for the drawing, we're mixing it up this month. Thank you Emily for helping with some uh some new options.
42:14
This month, the drawing is going to be for an ember mug retail value of 100 and $30. It's the kind you can control with your phone because that's fun and cool and it's kind of techie right at the same time, the drawing winner is Thomas M from screen vision. We'll be reaching out to you. Thank you so much. Before we get to the Q and A, we are now at the 45 minute mark after the hour.
42:36
So heads up, we are done on time because we try to make this 45 minutes, but we always stay around for questions. Wanted to actually go and leverage while we're doing a little bit of Q and A. Get input from you around what you would like to see for future topics or things where we'll kind of let the music go a little bit feedback in the chat,
42:55
please. Or anyone else if it's too, too loud. But, you know, all of that kind of keeps it interesting and I'm actually gonna go to the next slide here while we still have that poll open because you might be reading and kind of pondering the questions. Man. There's a lot of people already answering. It's like 500 so far already. Thank you.
43:11
So, let that, let me go. And, um, I think JD there was one question there, feel free to jump back on video if you want to or you know, you can stay anonymous either way, depending on how you're feeling. Uh Damn coming through. Yeah, you are. I'll just let you pose that first question if
43:27
you don't mind. Yeah, absolutely. I've been trying to do a lot of them live. My uh my fingers are, are on fire here, but one came through that I know that you really like to touch on, especially when you're kind of talking about anatomy of attack and timelines. And so I thought this would be a good one live. It's how would you respond to an objection that
43:46
our safe mode feature would not cover the time period that most ransomware attacks cover, which could be measured in months of infiltration, not days. So for the, I'll do the short answer, the long answer, go back to the A March coffee break last year, but it goes into that what actually what you mentioned the anatomy and attack. So the, the idea that someone gets into an environment, that's the point of infiltration
44:11
they're in for weeks or months, like the, the questioner said, and then there's the point of encryption that's when and usually that's kicked off in mass. The, the problem is regardless of what method you're using, we can't roll the entire business back weeks and months, we all just go out of business. So the focus from a recovery standpoint is to
44:29
be able to get to as close as we can right before the point of encryption, which usually notice pretty quickly applications are going offline, the phone's ringing and then we do that in an offline environment and then clean out root kits malware. We need good logs to be able to know what to clean out. But the data we're trying to bring that back as
44:46
close to right before the point of encryption as possible offline and then clean it out and anything that we do need to go further back, we may cherry pick from other methods that aren't as fast to restore and that's fine, right? But the mass restore scenario, we want that to be as close to the point of encryption as possible, even as we need logging that goes back to the point of infiltration.
45:06
Try to keep that short because I can make that 1 10 minutes. Zain. You wanna, you wanna tag on anything there? No, that, that's 100% right? You might go through different iterations of the data but you wanna get close as close as you can to that, to that at a encryption event.
45:19
Um Yeah, because otherwise that malware could have been there for a very long time. And who, who wants to take their business back more than a month? I mean, more than a week really? Can you two days or can you? Yeah, great question. I love it. Safe mode should be there to make sure that your data is where you expect it,
45:38
right? You got protection groups, you're bringing it back. I think that's, that's the kind of the way to think of it. I see one more here from uh Ryan. I'll just keep jumping a little bit. So uh pure integration with VSS on Hyper V like you can with VM Ware.
45:54
I'm actually not sure if that's the top of my head. Our VM Ware side phenomenal. We do have customers running hyper V to be real. It's a noticeably smaller amount and more just follows hyper V. Um It follows hyper V market share, Zain or JD. Do you know that if not Ryan are happy to follow up with you? Because I know I've had some discussions,
46:11
but I don't want to be definitive off the top of my head, but I'm not sure. Yeah, I was trying to do a bit of uh searching in our documentation uh while, while you were talking, I I'll see if I can come up with something by the end and if not, maybe we'll uh we'll do back around or, or connect with your local. Cool.
46:28
There was one other question earlier in the chat I wanted to highlight and I've forgotten whose name it was. Apologies if you're still on was asking about replication over fiber channel. It said the question was FCO ip I'm gonna answer it the way that I, I think it is or at least the way that I can. So all of the replication technologies for flash array and let's just let you know as we
46:47
can, we'll just jump back to this slide here. Um You know, these ones sync near as uh they have been over IP for a long time as of 6.1 and even 6.1 0.7 depending on this specific one here, all of these can be over fiber channel. So usually that's where the storage team is responsible for their application.
47:07
Either maybe the storage and network team don't get along or there's a good division of responsibilities, you know, it can be, it can be both. Um And then of course, that means that sometimes we have distance around the private fiber uh that you can get or what feels like private fiber kind of thing because you can get MP LS on the network side that goes wherever, you know,
47:24
in the world and it feels just like it's on the same network. So the the short answer is yes. As of later flash releases over a fiber channel for the replication transport as well as IP Cool. Got a um Jeremiah uh webinar on Cryptocurrency. That's a great question. I'm not sure. And the reason I say that is and just to be
47:46
real pulling back the curtain a little bit sometimes when we are looking at this, we look for topics where there are interesting folks that can join that have good backstories and credibility that Zain today, you know, right kind of thing, topics that are in relevant from an industry standpoint and ones that relates to stuff that pure does, right, kind of thing. We want to be educational,
48:03
but it needs to relate to things that pure does. Um We don't have a huge plan in Cryptocurrency. So honestly, I'm not sure I'll have to think about it. Um Identity. There's a question about how does the session, sorry, go ahead. Someone or whoever is no Blockchain is
48:17
definitely an interesting topic. But yeah, you have to find out how it relates. It's very interesting. Um These sessions are usually on a monthly basis, um minimum bandwidth for active cluster. Um I'm looking deeply Zanier in J DS eyes, so I don't just keep going if I shouldn't. The there's not I'm there I be there's actually some bandwidth testing that is done actually
48:41
testing between the arrays. I don't know the minimum bandwidth off the top of my head. But I would actually say the minimum bandwidth would be based on what is the right bandwidth that's coming into your array right now. Because fundamentally while even with active cluster, we're doing compression because it's in the pr IO stack,
48:58
whatever right bandwidth you have coming into your array, something roughly similar to that, albeit a little bit less is what we're gonna have to shove across to the array on the other end of that active cluster link. That's a, it depends with a little bit of depth answer maybe. So, I think, I think we'll take one or two more
49:18
just as uh sadly, I've got a back to back today and the questions are slowing down a little bit. Um Zain, if you want to cherry pick one, feel free, otherwise I'll just keep trucking here. We still got 1000 people and it's pretty amazing. Yeah. OK. Thanks for hanging out. Um And actually, while you're looking, I'm gonna go ahead and I'm gonna go ahead and Emily
49:39
and close the poll and share the results just because I actually think it's interesting for folks to see what people are interested in. Um So your results there cloud, it's not just a buzzword, people are interested. What do you know? So, um data protection history today that may be a story of back and recovery.
49:57
Um But we will, this is great. Um And we'll look at anyone who put stuff in the chat. So sorry, go ahead. I was just looking for the ones that weren't answered already. Uh It looks like someone did ask about what you mentioned flash recover and this wasn't a
50:10
session on that, but we're talking about Dr and backup. Uh Yes, pure has a product called flash recover that uh combines cohesive with our flash blade for, for very rapid restore. Um All, all sold through pure and all managed by pure. So that, that's the product that's basically what it is is roughly.
50:27
And um we've worked with many data partners, but that is a product line that we have. I see one question about um recommendation for how many days to keep for immutable snapshots, which is an interesting one that is so totally and it depends, but what it depends on uh also all snapshots on p immutable. It's about the scenario.
50:46
Uh You may be keeping them for test dev recovery, you know, a test de cloning kind of thing. That's maybe a couple days for day to day operational. Oh, I messed something up. You know, that's in the 3 to 5 days, maybe seven days or sometimes eight days because you might notice on, on a weekly basis that's not seven days.
51:01
Monday to Monday is eight days on the calendar. After all a ransomware recovery scenario, usually see in the 5 to 7 to 14 days, five days gets you past a long weekend. Well, 5 to 88 gets you past a week past, you know, even kind of the five day range, you're probably gonna be cherry picking stuff out of the snapshots because you don't want to roll the whole environment back four routine and or longer is usually more about sometimes
51:22
executive or board comfort level to be very real. Um And the capacity used by snapshots is more dictated by the retention than the frequency. So sometimes you can do more frequent, that's fine. It doesn't actually affect the, uh the space usage very much. It's just change rate at that point. Right.
51:40
And maybe, and maybe if you have a policy to like rent more mitigation, they gotta keep stuff for insurance for inspection or something like that, you might have a policy longer than that. But I think that's, that's a very good guideline. So, with that, I think if it's all right, Zain JD, I'm gonna,
51:56
I think we will call it a wrap for everyone who's still with us.