August 11, 2016  - TEC37 - Transcript

Hello everyone, my name is Brian Kreutz and welcome to the World Wide Technology TEC37 webinar. Our TEC37 webinar is a monthly series focused on a different solution and designed to pack a lot of information into a quick 37-minute format so you continue on with your busy day.

The core of the presentation will be presented within a 37-minute window, so if you need to drop off, you can rest assured you've received all the information, as promised. If you have any comments or questions you think you might have missed you can find those on our blog. You can find them on WWT.com. Just be sure to scroll down to the bottom of the web page to find the WWT blog. Today's topic, deploy and manage Windows 10 at scale. We have a great lineup of WWT panelists today, including Wendell Layne, Dan Huber, DJ Dennis, Kelly Ryan, and Steve Adams is with us. Among the many items we will cover, VDI opportunities new to Windows 10, and how to use patch management to lock down Windows 10. Also, new ways to deploy old OS updates using Windows Insider Preview and Windows Current Branch. Finally, how to effectively manage physical and virtual desktops as well as mobile devices without the need for disparate systems.

Just some general housekeeping items before we begin. If at any time you have any questions you’d like to comment on, be sure to post them to the Q&A window, which is now open. We will be sure to address as many of them before the end of the presentation. Please ask those questions. These geniuses will be happy to answer them for you.

Also, we’re streaming on Facebook today, and if you have any questions on Twitter using the Twitter app or Twitter.com, be sure to use the hashtag TEC37 and you can use the @ sign, WWT, underscore INC, on Twitter.

Now that we’ve gone over those items, let’s introduce our panelists. First we have Wendell Layne. He’s the EUC services and product manager. Also with us today is Dan Huber, mobility technical solution architect. We also have DJ Dennis, the enterprise applications services lead. Kelly Ryan is with us today, VDI solutions architect. And we have guest speaker Steve Adams, Partner Technologies strategist for Microsoft. Without further ado, I will hand it over to Wendell. >> Thank you, Brian, welcome and thank you everyone for listening in on this discussion today. We have a great panel of experts lined up to talk about something that's relevant to just about every organization out there, deploying and managing Windows 10 at scale. As part of that discussion we will talk about mobile devices, about VDI, as well as the enterprise application to help keep your environment running smoothly.

So without further ado, let’s get started. Again, my name is Wendell Layne, I will be the moderator for this discussion. I'm a product manager within Professional Services, focused on end user computing and I manage a product called CPMigrator, but we will talk about that a little bit later. Now for the actual smart people on the stage. First, Steve Adams, Partner Technology Strategist for Microsoft, about 12 years now, and Steve's role is to help Microsoft partners like World Wide deliver Windows based solutions.

We have Dan Huber, technical architect within business development, focused on mobility, secure enterprise mobility management solutions. We have DJ Dennis, he is a discipline lead with Professional Services for enterprise application Services, focused on system center, exchange, active directory, Office 365, he’s been with the company about 12 years. Last, we have Kelly Ryan. He's been with World Wide about five years, solutions architect supporting the West with professional services of virtual desk top infrastructure. Thank you guys very much for being on the panel.

>> Glad to be here.>>> Steve, we're going to start with you. We're going to talk about what's new with Windows 10. We’ll then move on to deployment solutions and talk about mobile device management, enterprise application services and follow that up with VDI. When we talk about Windows 10, we're at this Windows 10 one year anniversary. A few weeks ago marked the official anniversary.-- so – there’s obviously a lot of adoption that has happened in the past year – we’re talking hundreds of millions of users, the past 12 months. Tells us a little bit about what that looks like.>> Absolutely. Trajectory has been fantastic with Windows 10. Our adoption as of last month, we were over 350 million Windows 10 users worldwide. If you think about it, in our one year anniversary that's about a million new people using new Windows 10 devices each day. So a powerful trajectory. In the enterprise and government space, our larger customer spaces, the first year we had some really good uptake from a pilot from and proof of concept standpoint. We started testing -- much earlier

than we ever did even in the XP and Windows 7 days. For the next 12 month period for our second year of Windows 10 it's really about moving from the pilots and proof of concepts into actual production.>> So with this adoption, that's definitely translated to the enterprise. We know for example the Department of Defense is committed to deploying the OS across their organization. What would you say is driving that growth?>> There's really four areas, we call them investment areas, we focus on. The first of which is looking at how we keep everybody secure. So security is really our first pillar. That's -- security user and how we keep our data and our infrastructure secure. The second one is really around deployment and management, optimizing that service that I.T. provides in provisioning and keeping machines up to date. The third one is one of my favorite areas, around productivity. Helping people, enabling people to do great things. The fourth area we focus on is really around innovation, especially when it comes to devices. Whether it's the latest, greatest tablet or desktop or notebook machine, could be a phone, but could also be something like an IoT device of any flavor, or collaboration, conference room collaboration device. Across all platforms, we want to bring that device experience consistently to all users, keeping in mind the first two pillars of keeping it well managed, well deployed and very secure.>> Great, you mentioned security, and security is definitely a core part of our go to market strategy here at worldwide. We have a team of security specialists dedicated to delivering those solutions. Can you talk to us a little bit about the capabilities of Windows 10 as it relates

to security?>> Absolutely. Our greatest testament in the United States is the Department of Defense, choosing and pushing Windows 10 to over four million devices. That's really around some key changes we made with Windows 10, starting with the user and user experience of logging in. Passwords are bad. We know people write them down, people don't always have the best passwords. So things like Windows Hello, which gives us that multi factor authentication, facial recognition, iris scan and fingerprints. We start with that, based on that and Microsoft Passport. Then we move into protecting the user once they're logged in. We have technology, that Department of Defense is very excited about and that’s Credential Guard. Once I'm logged in, it takes the security tokens and certificate and encrypts them into a virtual machine on the desktop. That means those attacks called man in the middle don't work in this environment protecting the actual machine. We have seen the spy movies where someone walks in with a USB stick and runs a program. We have something called Device Guard, again, the government uses this a lot, Device Guard does is say this given PC or this given Windows 10 device can only run these very specific operations. So I can't bring in an outside application or even a fake real application and make it work. Then, so looking at that, and protecting data, and keeping data encrypted in transmit or on the device, those are the kinds of things we really focus on with Windows 10 and bring new life to that level of security.>> Awesome. It's been great to see that investment in security, for sure. Now when it comes to managing Windows 10, we have this new thing called Windows as a

Service, and one question we get often is what does that mean, what does it look like. So can you explain it to us briefly, how the process works?>> Absolutely. What we think of is how do I.T. departments test and deploy Windows? For us consumers, it's easy. We just want the latest updates, just like we do with our phones and android devices.  We have a program called Windows Insider that allows enthusiasts and I.T. professionals, focus on desktop and Windows, allow them an early view. Can be as much as four to six months before something comes live, a feature comes live, we give them time to test, provide feedback and give us information, they need to say this works great or it would be better, if X. That's available to anyone who wants to be part of that. And we recommend all our I.T. department customers, bring those in and use them on lab machines and test specific features that they know they need to keep an eye on. The second one is Current Branch. Current Branch is what we get at home. When a new security patch comes out, we get that automatically every Tuesday. When new features come out, just like the anniversary update released last week, that is automatically, it pops up on your machine and says are you ready to do this, we're going to reboot. So, That's what I get and you get. But for I.T. departments, that's a different story. Most I.T. departments have mission critical applications, processes, hardware that requires some testing for ease of mind or if there’s remediation that needs to happen for their current business. That gives I.T. departments the ability to defer groups of users or machines to say, before it automatically rolls out, we want to test it and then when we're ready push it out. Lastly, we have our Long Term

Service branch, a very special use branch of Windows 10, designed for mission critical systems, things like aircraft control and the power grid.>> Awesome. Great explanation. So with this interest in Windows 10, obviously they want to deploy it across the enterprise. We know there are a number of challenges with that. What we have seen going on with that, is that it can be expensive, migration projects can be lengthy, disruptive or risky when it comes to user data, expensive, and keeping that user experience pristine consistent. Here at World Wide we built a tool called CPMigrator. At a high level, it automates the deployment of operating systems, the migration of data and standardizes deployment. The great thing about this product is that it's extremely portable, there's no install or special server or hardware required to use it. There are a number of organizations particularly in the DoD looking to leverage this because of the part of this Windows 10 upgrade there are a number of security boxes they have to check-- you have to make sure UEFI is enabled and security boot enabled, and we built some unique solutions that helps them make all these changes in a fairly automated process. We have this new version of CPMigrator that supports a number of great advanced features. There's a also number of use cases to support it. I want to mention there's a number of solutions that Microsoft has introduced and processes and best practice that are now new to Windows 10. So any configuration  and Window design using these provisioning packages versus -- there are a number of tools provided by World Wide and Microsoft that I think will make the automation of deployment of the operating system much easier. When it comes to in place upgrades, there's a fairly

simple process we won't spend a lot of time on. Essentially there's four phrases to that migration process. First, start out scanning and know everything about their platform. Know the OS running, installed applications, etc. and capture everything about that machine. Then you want to lay out the OS - going to be Windows 10, make any necessary changes to the operating system, including anything from the files, drivers installed and prepare that PC for first time use and then you want to configure that machine. This is where you begin to -- of the experience lastly want to -- maybe put it in certain OU within active directory, whatever the management tool of choice is so the customer can easily manage the device. When it comes to mobile devices, kind of a different story. Dan, you obviously spend a lot of time delivering these solutions. Can you talk about the impact?>> Certainly. I think Windows 10 created a lot of interest from users to have a seamless experience across their devices. We notice around applications, operating systems, parity, application parity, and also more specifically access to Enterprise resources. In addition, from a personal standpoint, access to cloud services. And I think Microsoft has done a really good job focusing on Windows 10. With a tool like CPMigrator and the user experience it creates the transition from Windows 7 and 8 eight to be seamless to Windows 10. Same can be said from Windows 10 to laptop when transitioning from a mobile device to a tablet. Microsoft is doing in addition is really application parity across multiple device types – with the likes of Outlook, Word, Excel and Powerpoint. Microsoft is really focusing on that. The last thing Microsoft has really done when it comes to mobile device management is

they embrace the framework. With Windows 10 it's much easier for an admin to add and deploy devices and much easier for users to enroll.>> Awesome. There's obviously this explosive growth in mobile devices in the Enterprise and I’m certain it introduced a number of challenges. Can you talk about those challenges?>> Certainly. I think there's a lot of challenges organizations are countering and some of those are really around ensuring great user experiences while also ensuring I.T. compliance around IT governance, information security and acceptable use policies. That last point is key. Organizations need to take a second look at their acceptable use policy when it comes to things like BYOD - users want to get access. We need to craft effective statements to support that and I.T. need to follow that up with effective profiles and policies to ensure certain operating system versions or blocking rooted devices, while making sure we're allowing access in the sync of data to those devices. The last point is something to call out. There's a difference between accessing data and purely synching data. With these acceptable use policies, it’s important we call that out -- but also put actual policies in place on the administrative platforms to remove that data, devices are lost, compromised or stolen.>> Awesome. So when you talk about Windows 10, you have android devices iOS devices, Windows laptops and desktops, and now you and I think been looped in on a number of opportunities lately. One thing I've been hearing a lot about is unifying -- can you talk about what that means to you?>> Definitely, it’s a hot topic. One thing we notice, it's

becoming a challenge for organizations that have multiple platforms. One easy way to define unified end point management is one console to manage all devices. Another way to look at it would be maybe, I know it’s a cliche, but single pane of glass, multiple management consoles. It's become an unfortunate joke in organizations. They own multiple platforms. They own three, four, five, it becomes very costly, becomes a challenge for the organization as well as the admins. They're encumbered by learning multiple different platforms and this doesn’t scale so it becomes a strain and burden on I.T. long term so it's definitely a priority, something organizations should be looking at.>> Awesome. So kind of take that further, you can obviously put Windows 10 on tablet which can be considered a mobile device, so when it comes to Windows 10 mobile, what do you see work versus not work?>> One reason we see some of these challenges is the consumerization of technology. With Windows 10 they really made it easy to do work -- for admins to quickly deploy -- policy we talked about. It's not necessarily something that's not working but something you need to be sure you have in place. That's effective planning around all operating system types and making sure there's some level of parity or base line when you’re talking about deploying and managing these devices.>> Awesome. You touched on the number of disparate system, management tools out there. What would you say are some of the best in class, what would you recommend for customer watching this right now?>> Certainly. We have a great aTC portal and I think at World Wide we pride ourselves on partnering with best of

breed solutions across OEM. We talked a little bit about Microsoft and their core management capability -- that's a clear leader. We also have partnership with Jant who has the Casper suite for management suite for managing Mac OS, IOS devices, and then you get into the -- some of the leaders doing really good work there are the likes of the -- but also very compelling work around managing -- use case but also identity manager and their -- We have mobile -- and one of the compelling things they're doing, they're independent and focusing on building an ecosystem around Enterprise integration and also apps. From a cloud standpoint, Microsoft is doing a good job of tying into SCCM so you're getting a real good management system to manage the -- and also that data, and those devices – platforms. And lastly, certainly not least, is Meraki’s systems manager. I have to specifically call it out. It's a unique platform in that you're deploying a cloud management network, so you have security, you have switching, wireless plus all the way down to the device, a strong ecosystem and we have all this available in our advanced technology center so we can engage in technical workshops, briefings, et cetera.>> Awesome. A great explanation, and we talk about mobile devices, end users, it's hard not to bring up productivity which brings us to Office 365, and in my experience, Office 365 -- Windows deployment, I should say office deployment and Windows deployment often don’t go hand in hand. So DJ, this is your area of expertise. What would you suggest?>> Microsoft has a fantastic app. When it comes to end users adapting and transitioning to Office 365 it's seamless, a perfect integration because everything looks

and feels -- like it did before whether they’re using -->> The challenge however is the I.T. style because they don't necessarily find that integration to be quite as pure. The reason is they're not adequately prepared to make that transition to Office 365 without doing some sort of pre-migration plan or some sort of remediation. So we find that many system integrators that are out there frequently understate or completely fail to identify those potential risks. They are however usually revealed in the middle of a migration and that's not the time to find them out. WWT brings that knowledge and experience to identify and categorize risk in advance so that we can measure the risks against the benefits when we're performing the transition. We want to develop alternative approaches to those problems. The main thing we're finding however is there are so many options, they're so complex. It’s a very difficult landscape to navigate when you don’t know between the different options out there for different business agreements -- three, eight, five, what do I get with that, and once they buy it, are they really taking advantage of what they're paying for, for all those -- so as those, as Microsoft continues to develop around Office 365 platform and they continue to enhance things like exchange online or adding new things like planner and advance threat detection, we want to be there with the our customers to partner with them and say hey, help us to get you where you need to be so you adequately understand all the services available and by leveraging that expertise, complete solution can be delivered for them in advance rather than finding out midstream they didn't do something they needed to take advantage of -->> So you touched on complexity there. So you got

Windows 10, you got Office 365, there’s mobile devices, now you have new versions of -- coming out. So it can be extremely complex. So talk to us a little bit about where you start, when you're trying to get all this upgraded to support this new Microsoft environment.>> Well, the first thing I'll say to people is don't wait. If you've got, if you're out there with 20 2007 either move to a new platform or be ready to do side by side migrations because the construct has changed. One thing we highly recommend, hey, get WSUS updated, make sure they're on the current version. But really, the patch level is critical because new patching strategy, that's key to  ensuring the entire infrastructure is properly deployed. But more than that, when you look at FCCM, understand what it is you want to do. Understand what the options are. It always comes down to capabilities and scope. So consider the scope, research the configuration managed capabilities you want to deploy out there and make sure you're ready to leverage that technology against those assets. and know what you have going and where you want to go, that's really how to create the road map for you.>> You touched on security a little bit there, alluding to some of the points Steve made. Talk to us about how security impacts enterprise application services.>> It's everything. Everyone is talking about security. Any conversation that includes SCCM, it brings one point firmly home. We need to know when an attack is occurring while the attack is occurring. Because if we're waiting to figure it out forensically later, it's too late. So WWT supports our customers with full scope security audits, active directory assessments. We identify the vulnerability and create remediation plans. one product we highly

emphasize goes hand in hand with SCCM-- unlike a lot of products out there –Tanium can find that the behavior going on across millions of machines within fifteen seconds. Sounds like I'm making that it. I'm really not. The more machines in the environment, the better it works. And it does this by leveraging everybody to kind of be (indiscernible) being able to gather that information, being able to act on it even more important. So we can do some interesting things. Registry key changes, you can identify what machines are vulnerable, which ones have been hit, you can change registry keys on the fly, force reboots, do whatever manipulations we have to, to secure the environments. That's really a big deal but it's not the end of the story. While that works well, you really need to make sure they're happening to the -- and with the opening of cloud it's really important people change their mindset. Today we're used to the border being the security barrier. But with cloud and the mobile devices being out there we have to change the way we think about what we're securing. No longer are we securing it at the border because everybody has access to the data everywhere whether of it's on the device or just transitioning to the device, at that moment it's still being moved or manipulated. so we need to think about securing data over borders. As we do that, there's different technologies, ways we do that. Microsoft 2016 has the new addition of PEM allowing us to do -- management, and all that leads us to a new way of thinking about role based access and even attribute based access being while you're in the office with this IP address you can have access to this data and when you're at home -- access to the data so the data being secured where it is, all that comes together to help

us facilitate a better on premise security task whether it's on premise -->> Then I think security is important. I've heard a few times. So thank you, DJ, so Kelly, moving on to VDI, I think Windows 10, the deployment of Windows 10 can provide a great opportunity for organizations to -- truly modernize – and structure and VDI certainly plays a role in workspace transformation. Talk to us about the role VDI plays.>> With VDI, virtual desktop infrastructure, it allows an enterprise to be much more flexible in getting where they are today to getting where they want to be. Before, with the old traditional way, it would be hardware, and you'd have to make sure the drivers et cetera were completely compatible with the new ones. VDI make it much more elastic for an enterprise to get to Windows 10 VDI. As opposed to the physical, the traditional way of migrating to a new machine. So it has really opened up just a myriad of opportunities and from a security perspective, in the old days where we would have that hard case lap top user or desk top user, all that information for the most part would be local. VDI adds to the security that we have been talking about. Instead of having data localized to that end point, if your laptop dies or gets stolen, that data is gone. With VDI, that desktop data stays within the data center construct. So it's adding more layers of security within the desktop.>> Awesome. So from a readiness perspective, how does a customer determine what can even become VDI? How do you make that decision?>> So at World Wide, we do extensive workshops, VDI assessments, liability, this type of thing where we do on prem interviews, we incorporate special tool to collect a

myriad of amounts of technical -- within the Enterprise. We want to know the number of users, the type of data, we look at everything over say a thirty day period that garners a lot of information about where the customer is at. During these interviews we can determine what is the next best step for the customer. Is it a real candidate? Are the applications friendly? What makes the best VDI candidates, what makes sense, does it actually fix problems for the business? So with a VDI workshop I'd encourage customers to get with their account teams and start with their VDI assessment workshop.>> Awesome. So we continue down to this path then, the customers made the decision, which candidate makes the most sense for moving to VDI and now you're in the deployment phase you've been deploying VDI for a while now. Talk to us about some of the challenges that come with deploying VDI. How do you avoid this?>> So there's two things I like to get a full understanding and make sure everybody is on the same page. One is I want to know about the end user data, how it's being managed currently today. Is it local, is it on a shared file, where is the data actually at, how are they using that data and is it critical data, is it not so critical? I want to get a full understanding of how the end user needs to get the data and where it's at. The second thing would be the end users’ applications. What applications are they using, what are the application dependencies? Is it local install, is it being hosted, is it being hosted RDSH, Citrix, et cetera, so I gain a lot of understanding about the dependencies, what applications, how do they get them and a lot that of is fleshed out during the discovery assessment piece. Those are the two biggest things. What we don't want to see is

having an Enterprise going through the blood, sweat and tears of getting the VDI set up, then end users not being able to get their applications or data.>> Awesome. Once 10 is deployed what are some ways to get the VDI, up to date?>> Good question. The traditional way, instead of updating hundreds or even thousands of desktop end points, VDI allows the Enterprise, the capability of just updating currently a one-off image. So your total cost of ownership is greatly reduced and it allows a roll back option, so in the event that an update kind of goes sideways or doesn't do what it expected to do, maybe not flushed out fully, most VDI technologies allow an Enterprise to quickly roll back into a known good state. So it's a lot more flexible, makes an Enterprise more ductile and malleable going forward with their updates. >> Awesome. So I think we can take a few key things away from this discussion. Obviously, Windows 10 plays a big role in securing, modernizing the infrastructure, one other thing hopefully everybody listening in on this discussion can take away is the role that World Wide can play with helping customers getting it deployed. Scoping and planning, designing their technical solution, whether it's mobile devices, virtual desk top infrastructure, the enterprise applications that support all of this, the implementation of support. We have a lot of supply chaing integrative technology capability as well. I think World Wide is able to provide a pretty holistic and comprehensive solution. So thank you again very much for your participation. At this the point in time, we will see if there are any questions from the audience.>> Our first question is what's the difference between

virtual desktop infrastructure and application virtualization.>> Good question. I think, Kelly and Dan.>> Virtual desktop is literally software based that emulates an actual physical desktop. It's virtual, not the physical real deal. It's actually served and hosted up and you get a desktop look, type and feel. Virtual application virtualization is a technology or concept where you can actually install an application and package that within its own construct to where it's decoupled away from the operating system and is much more elastic and that's how in the Enterprise, so it's packaged somewhat in its virtual bubble, so to speak, and allows it to be much more versatile and leveraged in different areas within your actual Enterprise.>> Awesome. Any other questions?>> Yeah, a few more. Can you deep dive on some of the new Microsoft Windows 10 deployment tools?>> Awesome.>> Absolutely. We look at the tools and we say tools, but I almost like to think of it as the whole Microsoft stack. What we're looking at is what is nirvana, where do we want to be from a Windows 10 deployment standpoint. Today, with Windows 7, we do it the same way we did it with XP. We had gold images we built and wiped and replaced. That works in a brick and mortar environment that works in a traditional I.T. shop. But where we're getting, especially with mobility, is let's say, Wendell, that you're on your way to Seattle and you're driving cross country and you end up in Provo, Utah, and you drop your machine and it breaks. But you're still working. You still got to get your job done, so what do you do? It used to be you'd call I.T. and say I broke my machine, it's not working any more, will you send

me a new one? We'll get you a new one, and put your account on it and send it and you will have it within 48 hours. With Windows 10, we have this almost nirvana scenario. We talked about provisioning and we talked about getting connected. So with, tools like In Tune and Air Watch, we have the ability to move that all through the cloud. So in your scenario, we go to Staples or Best Buy. You buy a $299 HP device, it's temporary. You bring it up, turn on Windows 10, first thing it asks you, is this your work machine or your personal machine? Put in your work email, your work password, within twenty minutes you have Office 365 up and running and all your files, the PowerPoint you were working on this morning is there. Twenty minutes. You're doing this from a Starbucks. Based on the tools we have, you mentioned wicked earlier, we have a new tool that allows us to move all that configuration so we can truly get to that zero touch deployment experience. Why is that important? When we did XP, to 7, we found on average it cost about two thousand dollars per device, not including hardware, for two thousand dollars per device to move them from XP to 7. Moving anything from Windows 10 can't cost that much. So we applaud WWT and tools like CPMigrator and the processes and people you have in place to do that. Really getting that optimized experience through your customers so that scenario, I lost my machine, I need to be productive in an hour, go buy a machine, log in and you're good to go, we can be there today with all the right tools in place you talked about today, get that in place for your customers.>> Awesome. Our last question is when you talked about preparing for transitions to Office 365, what are the problems that the assessments reveal that will need to be

remediated before an organization is ready to make the transition?>> I guess that one put me on the spot. There's a change, let me start by saying I don't want to point out anybody is wrong. When something is working, it's very difficult to say it's the wrong implementation. But I will say that the assessments that we have done and the recent history have revealed very good honest hard working people developing fantastic Windows 2000 AD designs. The problem is the data we’re in 2016, we have to change the way you think about like I mentioned before, changing where the security is happening. Microsoft CIO published a fantastic volume of material out on their website, if you search for it, it's 22 best practices for securing -- they talk about really interesting concepts where using secure admin work station, virtual desk top infrastructure, and we're completely segmenting now active directory in our critical assets and complete pristine -- for those admin users and Enterprise admins are creating new boundaries through one way trust relationships and completely segmenting those things off of our core network because threats are no longer just from the outside. Edward Snowden’s of the world are creating dangers that lurk everywhere so it's our responsibility as I.T. guys to stop fighting the day to day battle of who needs access to a file and off shoot that to the end users. They run the share, let them decide who has permissions. These are least privileged -- just in time for credentialing, Microsoft, utilizes these different technologies to create a better secure environment where we're securing what we need to. That becomes our focus. We don't have time to babysit the entire Enterprise. We need to get better at those things.

With the advent of  Linux Microsoft environment, we have things like token bloat, so having a whole bunch of groups doesn’t work for us anymore -- we really found we have to streamline how we're applying permissions, where we're applying it. Certainly, the old adage of -- those still work but we need to find better ways to implement those. That's really what we're finding out there, is that we need to mature those, they need to be modernized. They're not wrong, they're just different, not quite where they need to be for a cloud first technology.>> Awesome. Another great answer. Was that the last question, Brian? Last take away, you guys are smart, you made my job easy. So thank you, guys, very much. Thank you, everybody, attending in person, and thank you everybody on the webinar for listening in on this TEC37. Thank you. ///