>> Live from Las Vegas it's theCUBE, covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Hey welcome back everyone, we're here live in Las Vegas, for AWS re:Invent 2018. Our sixth year covering, I'm John Furrier with Dave Vellante. Dave, it's been a wild ride, a lot going on, changing formations over the years, cloud is kickin' butt. >> Innovation, growth. >> Partnership with VMware's paying dividends. The ecosystem's evolving, startups are having opportunities. C-Chains is here. Tom Gillis, Senior Vice President and General Manager Networking and Security Business Unit at VMware is our next guest. Great to have you Tom, thanks for comin' on. >> Thanks gentlemen for havin' me. Yeah, it's good to be here. >> I'm glad you're on, because one of the things I'm always excited about is networking. If Stu Miniman were here, he'd be all over this conversation as well. It's hard, it's been part of the holy trinity of infrastructure, network, compute, storage, is never going away, but it's changing. There's new abstraction layers, there's new opportunities, you're now living and breathing and working on with VMWare, and they just, ways to make networking better. How's it going, what's the update, what's going on in networking, this Outpost deal is really interesting. You bring in worlds together, in a consistency-- >> You hit the nail on the head, right. We're bringing the worlds together. And I think, one of the things we're seeing, is that, in the enterprise, enterprise IT is looking at an increasingly heterogeneous data center environment. In in the next 12 months, you're going to have data center, where one rack is running EC2, and your data center, one rack is running vSphere, in your data center, another workload is running on Amazon, another one is running out of the Edge, so tying this all together creates some challenges, and this is a problem I think VMWare is uniquely suited to solve, networking is the fabric that connects all these disparate islands, and lets them talk to each other, lets them talk to each other in an orderly way, right? So, networking is about connectivity. It's also about policy enforcement, those are the two things we focus on with the intersects team at VMWare. >> And I'll say, as the landscape changes around how cloud impacts it, no perimeter, but networking still has to move packets from A to B, storage goes from now to then, so things are moving around. So networking is constant, straightforward and consistent, you got to move packets around. >> Yes, this is an important thing that I think people get confused on, is, when they understand, they look at the numbers that we're posting in networking, it's all software networking, right? We don't move packets from A to B. We do the policy administration. So, something has to move the packets from A to B. Cisco's switches, Arista's switches, there's a lot of really good networking hardware out there that's not going to go away any time soon. But I always say, use the right tool for the right job, so, a product like Cisco ACI is a fabric manager for a switch. And NSX is a policy layer, right. It's a software networking layer, and something we learned from the public cloud is that, you can automate network deployment using this software networking approach. How many networking people does it take to deploy a workload on AWS? >> Zero. >> Zero! You push a button and it goes. So we're giving you that same capability on-prem, within a stack, so it's automation that allows you to automatically spin up and deploy a network, and a policy to go with that network that makes sense. >> How does that impact the largest networking vendor on the planet, Cisco? How does that scenario, and how do you guys work together? Is it conflicting, is it together? >> As you pointed out, the electrons have to move from A to B and Cisco is really, really good at doing that, actually moving electrons, doing it cost effectively, efficiently, at scale, hard problem to do. So we work very closely with Cisco to make sure that, NSX and, you know, Cisco's products, are interoperable, that they work together, they solve different problems. The problem that we solve with NSX is the policy piece of it, web server can talk to app server, can talk to database. That's a very simple policy, but when you try to express that in IP addresses, that could be 5,000 firewall rules, and in NSX that's one rule, it's English language. So it's that simplicity of software networking, allows us to enforce policy, in a increasingly heterogeneous environment. >> Okay, so let's talk about Outpost a little bit. You're got two versions, if you will. You've got VMWare Cloud on AWS Outpost, and then your piece, which is the cloud foundation for EC2 on Outpost, so that's low-latency, it's consistent networking, talk about that piece of it, drill down, and some of the challenges that you had to solve. >> So, as you pointed out, we think Outpost is an industry-defining announcement, because it's really blurring the line between private and public cloud. And VMWare and Amazon have partnered very deeply to continue to make this just feel like one thing. And the piece of the puzzle that we bring to the table is infrastructure, so policy management, that connectivity, the web server talks to app server, who gets to talk to who, security policies, data management and protection policies, these are things that customers expect from us. It's very easy for us to deliver that in a VMWare, vSphere environment. I think you talked to my colleague Mark Lohmeyer, about VMC that's going to run on Outpost, that's a VMWare environment running on Amazon hardware. We also are introducing services that are going to provide VMWare capability in a native EC2 environment running on Outpost, that's what we call VMWare Cloud Foundation, or VCF for short. >> That's a particular instance of Outpost, there's also the Amazon version, how do you guys doing under the covers? Explain how it works from a VMWare standpoint on the premised piece? Talk about under the covers. >> As you pointed out, the trick is to get all these disparate hybrid, you know, clouds, these different kind of islands the capacity to talk to each other. And so we've worked very closely with Amazon team to take NSX networking, embed it into Outpost so it can talk seamlessly to enterprise networks of all shapes and sizes. That's a deep, important part of the relationship. And in addition to that, we're putting the VCF capability into EC2 to extend consistent policy enforcement, either in a vSphere environment, private thing that you're managing, the hybrid thing that maybe VMWare is managing, or that Amazon's managing, in any scenario we're going to give you one set of policy, one set of enforcement across all of this with VMWare Cloud Foundation, as well as the VMC on AWS. >> The software engineering and engineering in general for the data center, where there's hardware, software, the generations of developers have all had the same kind of language, just changes tone. Put a wrapper around it! Container, VMs, but now all the same principles. You want to make something smarter and better like an old mission critical work load, you put a wrapper around it, you kind of put software around it, and you can still run that and have new modern ways to add value to it, connector, whether it's a Micro service or an API, is a trend, the heterogeneous environment you just described, EC2 rack over here, isn't this kind of like a container for the data center? In a way? >> My view on this, and I think Amazon is really pioneering this front, the data center is becoming an appliance. When you think about it, like, every enterprise is buildin their own data center with their own pieces parts, that's nuts! It'd be like, every company building their own furniture. Yeah, you could do it, but like, really? Wouldn't you just rather buy this desk from a furniture maker? And so, Amazon has built an incredibly efficient, incredibly powerful, call it an appliance, this hardware infrastructure, that works, and it works at scale, and it's easy to use, and you can get it in two days, it ships with Amazon Prime, that is super compelling. And I think a huge amount of customers are going to look for that simplicity, that easy of use, what's necessary, you pointed this out, is an abstraction, software abstractions, that's what VMWare does. We create software abstractions to simplify the administration of all the bits and bytes, all the electrons that are flowing from A to B. We make that stuff easier to manage, with virtualization technology, that is an abstraction. >> Operational-wise, I think it is the very key point too. How do you get it to run? (chuckles) Operating the networks, operating the data center, operating systems that feed developers value and giving developers a programmable infrastructure, that's the vision of a software-defined data center. >> So, you talkin about, data centers as an appliance, I always thought Larry Ellison had it right. You develop all these appliances, like the iPhone, for enterprise, the problem was just Oracle, very narrow set of use-cases. I feel like, in a way, that I felt when the Warriors got K.D. Right? That's what Outpost to me, is like, it's almost like an unfair advantage-- >> Game over! >> It changing the game, here, so I, look, VMWare is a software company, you love anybody who will run your software on their hardware. >> But Even Duran is a great analogy. >> But you got to think, that the guys who been playing in this, you know, on-prem cloud market, are going to say, "Whoa, what do we do now? How do we respond," how do you think that affects some of your other partners? >> I think the magic of what Amazon is doing, is it's simplicity from A to Z, meaning, I have a work load, I need to deploy it, I push a button, two days later, this rack of hardware shows up at my data center, you plug it in, it talks to the cloud, it hooks itself, like, that's awesome, right? >> Patches itself, I don't have to worry about it. >> The thing they got to remember, is that data center is a means to an end, not an end in itself, right? What is a data center supposed to, it's powering software that powers the business, and companies are spending too much time building the machinery to power the software to power the business, and they want to focus on the software that's powering the business. >> Software is the world. >> Too much head count, involved in-- >> It's just a lot of work, a lot of energy, a lot of bandwidth, a lot of attention, a lot of arguing, a lot of debate. >> Move that head count into high-value activities. >> Exactly. >> That is really, I think, the key point. And again, it became its own cottage industry, for the wrong reason! >> Yeah, I feel like, working with Amazon, we can simplify how you build, deploy a data center. There's an unsung hero in this equation, that is Intel. Intel is just making these processors faster, stronger, and so, we see less and less need for highly-specialized general, specialized servers, we can go with a more generalized compute infrastructure that can cover a wider array of workloads, including networking. We're using Intel processors, and we're running 40 gigs of enterprise-grade networking-- >> I got to say Tom, that's a great to point out Intel, I was reading the news on my phone, just in between breaks here, the news articles, "Oh, Intel's new competition with ARM," what they don't understand is, this is a massively expanding addressable market. So it's not a winner-take-all, Intel doesn't have to get every deal. 'Cause there's specialism at the silicon-level now, to power these software abstractions. >> To your point too, a decade ago Paul Muret said, "We're going to run any workload, "any application, anywhere in the world, on VMWare," and a lot of people laughed. And said, "You're not going to move some of the SAP stuff, or Oracle stuff," it all went, I mean, except for very, very few. And that's to your point, it's a general purpose system now, that can pretty much do any mainstream commercial app. >> So with the power of an abstraction layer, now we can optimize, and I think we're still learning the details of what exactly Amazon's done to optimize, but we all know, it's powerful, right? And now, you can get that in Outpost. >> They've got some street cred! >> Yes, they've got some street cred, yes. >> Tom, great insight, thanks for coming on theCube. >> Gentlemen, thank you for having me, this is good-- >> Great stuff, Senior Vice President, Senior Executive at VMWare, breaking down the relationship with Amazon, it's like the Golden State Warriors getting Kevin Duran, they run the table, if they had Lebron, that'd be like, best analogy. We'll be back with more live coverage here at theCube cover of AWS Reinvented after this short break. Stay with us. (punchy electronic music)

(upbeat music) >> From Tavern on the Green, in Central Park New York, it's theCUBE; covering Veritas Vision Solution Day. Brought to you by Veritas. >> Welcome to the heart of New York City. We're here in Central Park the Tavern on the Green. You're watching theCUBE, the leader in live tech coverage. And we're covering the Veritas Solution Day; hashtag Vtasday. So, Scott Genereux is here as executivee president of world wide field ops for Veritas. Scott, good to see you again. Thanks for coming on. >> Thank you good to see you. Thank you. >> So, I love the location. A lot of our crew, they've never been here before; I said wait until you see Tavern on the Green, it's sweet. Customers love it. So, why this location? What are you guys doing with the Solutions Days different than the big tent event? You guys have gone to a more intimate format, explain that. >> Yeah, so last year we did the big event. We also did regional events, and it was interesting. And when we looked at the regional events; the input from our customers was; they loved the idea of doing something local, a little bigger, so they didn't have to travel. You know it's just difficult to get somebody to come out fly across the country to spend a week. And so, we decided to do 20 of these around the world. We also found out last year that the number of people who were coming to the regional events; was very very large. I mean some of our events we had four, 500 people coming. So it just made a lot more sense to us is; how do we get close to our customers, make sure they didn't have to travel; and be able to touch 'em so. >> So, collectively you're probably hitting as many if not more people. >> A lot more. >> Probably a different type of audience too when you go. So, you're doing a bunch in the US and a bunch in overseas right? >> Correct, yeah, so we've got New York, Chicago, San Francisco, we got one in Washington D.C. focus on the Fed, and we have one up in Toronto in North America. And then we've got 'em in Latin America. >> So you've been a kind of customer success executive all your life; you spend a lot of time in New York City. A lot of customers down here. A lot of the more advanced and sophisticated customers here. So, what are you hearing as you see digital transformation, big data, cloud, multi cloud; people are changing the way in which they think about data, and protecting data and getting more value out of data. What are they telling you here; the challenges that they're facing and where do they want to go with Veritas? >> You know the exciting is that look, we're still the market leader, right? Well, people say what's going on with Veritas? We're the market leader, we have been for the last 15 plus years. And, the people we're doing data protection for today, are the largest of the largest. You know, 95% of the Fortune 100 use our technology. 85% of the Fortune 500 use our technology. So, we get a lot of information knowledge experience from what you would argue and I would too. The customers here; which are the toughest of the tough too, right? I mean, they're not always nice, they tell you what they think. And they're thinking you know, two three years out of what we have to go do to support those environments. So it's interesting; you know the big thing going into this year, there was a lot of conversation around compliance. You know, GDPR in Europe was huge. And really, I kind of narrow it down to P.I.I. Regardless if you're banking, healthcare, whoever. The whole question around how do you protect data? Where is my data located? Who's touching my data? Has just become a bigger and bigger issue. And then you throw in the word cloud and as you said multi clouds, no one's using one cloud. All of a sudden your data is spread out all over the place. So, how you focus on that, how do you have visibility on that, becomes more and more important. And obviously that makes data protection, center of what's going on with customers now. >> So there are a couple of vectors now there that I'd like to explore. One is the idea that we're now looking at data protection to get more value out of it. You talked about GDPR, privacy, things of that nature. So, I want to talk about that. But also, the last thing customers want that I talked to; they don't want yet another stove pipe of data protection. And as you go, every cloud has it's own back up approach. So, I'm curious what you guys are doing. Let's start there. Are you putting in some sort of a extraction layer to be able to service all of those different multi clouds. Which cloud companies are you working with? >> Yeah, so first of all we serve all major cloud providers. For us, we're very agnostic in the sense of we don't care where your data is located; it can be behind your Firewall, it can be in Amazon, it can be Microsoft, it can be in Google, it can be in a pseudo what we would call more of a regional, you know, a sass type cloud that you support based on something uniquely in your environment. So we don't really care on where it's located. And that's actually one of our big positives. But you're right, one of the big issues customers have today is okay they start out and they might use Amazon for test development. Amazon has their own way of moving data into the cloud. And what do you do and how do you protect it? And then you go all of a sudden Office 365 because that's the you know, the Microsoft way of getting into the cloud. And so now you've got two clouds. Oracle's pushing you to do clouds. So you've got an Oracle cloud probably right? And we can go down that whole list. So everyone is driving a cloud strategy. But the problem customers have today is; they don't want to have six or seven different ways of on boarding data applications into the cloud, and they also do not want to have different ways of moving data or protecting data. And I think, so for us what we do that's very different is that, we have software that allows you to move data and applications into any one of those clouds the exact same way. I mean, if you think about it today. When you think about data replication, or protecting data; a lot of customers use hardware replication to move data. Well, the problem you run into today, when you think about it, is that the traditional cloud vendors, we just listed who they were, they don't use traditional hardware. No one's using EMCSRDF in the Amazon cloud. No one's using Hitachi's products. So, you need a software based replication tool and a data mover I'll call it, to be able to do that. And that's an area we've invested a lot of time and money on to be able to do it. And more importantly, even though I don't hear this a lot from customers any more, there was a fear for a while of cloud lock in; I don't want to be too into one cloud. We could move data between clouds also. So, you know, you don't have to bring it back and bring it back forward. So, that also makes customers at ease of how do you manage it. But it just creates a whole different environment of what to do and how to do it. >> So you're not in a technical role at the company but when you're in this business and you talk to a lot of technology people, you have to be conversant in technology. So I'm curious, so you've mentioned the high speed data mover that's something that's always been fundamental to the Veritas architecture. But you've done some other things. I've got briefed and seen some of the videos of what you guys done on 8.1.2. There's components of that are really different. I mean, modern software, micro services based architecture. >> Yep. >> That have allowed you to actually create this multi cloud sort of affinity. Maybe talk about what's the conversation like with customers with regard to modernizing your platform. >> Right. I think two things; you know it's interesting, the two things that customers always have asked us for is a new U.I. interface. You know now it's interesting like anything, customers have used us for 10 years. There's customers who love the old interface right? >> Right. >> But today, when you think about cloud or think about particular work loads, which is probably more important. You know, it's no longer the back up administrator who might have to do everything. When it used to be just the back up person, you know, having the way we used to do it, made a lot of sense. But now, you're basically grabbing someone who could be the virtual machine administrator. It could be the cloud person administrator. It could be security. And those people don't have a background in data protection. So the question is, how do you give them an interface that makes it easy for them to understand and use to be able to administrate that. So now the back up administrator can actually create groups inside of net back up. And allow those organizations to be able to look at their environments and be able to manage it very differently. So, and it's the same thing with work loads. When you think about it today, most of the data growth that we're seeing, it's traditionally not, it's not the Oracle work load, SAP work loads. 60 70 plus percent of our largest customers are creating new data based applications on non sequel stuff. It's Mongo, it's Casandra. So the new 8.1.2, supports all those environments. We didn't do that before. So that's a great interface for us. Because those data bases don't natively do back up well. The Hadoop, data analytics; huge amount of data being created there. It used to be that it used to be a sandbox; a playground. But those applications have gotten to become you know important in these customers. And so it used to be you just used to take a snap shot of this stuff and you would have about 20 copies of peta bites of data. Now you can do point in time back ups using those types of products. So 8.1.2 has that type of support in it too. And we've done a lot of stuff around VM ware specifically, focused around new innovative things that we needed to do to modernize the products. >> So those emerging work loads like not only sequel but you know, Mongo, Hadoop, etc cetera. That's now native to your stack, correct? >> Completely, yup. >> Okay, that's different. Because you've hardened that. A lot of companies in your business; maybe the some of the newer guys have to go to a partner to find those capabilities. >> Right. >> So, that's I think, big. The other thing I heard was, cloud like I think I heard self-service essentially for some of the liza business folks. Or whomever that you don't want to send them necessarily back to the back up admin. Do it on your own. Here's some policies they'll make it kindergarten proof. >> Right. >> Okay, so that's a trend you're seeing as well. >> Yes, yes, completely. >> Okay. I want to come back to something you said before, this other vector, which is other uses for back up or the back up data then just insurance. Because people don't want to pay for insurance. >> Right. >> So, you've mentioned a compliance, GDPR. I would imagine as well; when you get things like ransom ware, there's also analytics. I know you guys are applying a lot of A.I. >> Correct. >> You've got the corpus of data, just so happens that the back up data contains the data of the company. >> Correct. >> So presuming we do other things with it. So what are some of the things the customers are doing? How are they getting additional value out of the investment that they are making at Veritas? >> I think, you know, it's a couple of areas. Before we leave compliance, let me focus on one thing that's been really important is the whole question about where my data is located. This whole visual-ness of data; who's touched it last, all of that has become a really really important thing for customers because even in the natural cloud, sometimes you don't know that maybe one of the cloud providers moved your second copy of data in to a data center that is a problem for you, right? >> Physically it's in a place it shouldn't be. >> Right, yeah. It shouldn't be in a data center. It moved out of a country boundary for compliance reasons right? So, you know, we've spent a lot of time and energy creating a software technology that gives you that visibility. And not just with net back up. We also plug in all the cloud providers; we also plug in Oracle, we also plug in box.net. You know I mean, so a lot of these other companies are also plugged in. So, back to your point, we've created this huge data repository of information that now allows us when you look at our future, and we talked about a little on this session earlier; data analytics, some capabilities that we should be able to go do because we have meta data to be able to give customers that visual capability. The other thing that's interesting is that visualization software, is it also tells, it finally gives customers a proof point of what we've always known. That probably roughly about 50% of their data. And I'm being kind when I say 50. Probably hasn't been touched in three, five, four, 10 plus years, right? And we've always known that. But now we actually show a customer. Hey, using this visualization software, that you're using for compliance has also now told you where the data is located and who's touched it last, and by the way it hasn't been touched forever. It allows the customer to have two conversations; one, do they need to save it? And if they do, do they move it into a glacier type environment? Or three, do they move it to a software defying storage on the customer's floor? We can help the customer migrate it after we showed them who hasn't touched it. But we also have a software defying storage solution. That Gardener just came out and said that we're number one in this space, right? So, it's one of our fastest growing pieces of our business. Because customers all the time say to me, Scott our data protection cost is going up. And the reality is, it isn't. The reality is data is growing dramatically. Storage is going up, and oh by the way I got to back up my data that sits on the storage, right? So it all kind of combines together. >> So data protection is the percentage on the spend is not necessarily increasing but everything is growing. >> Everything is growing, yes. >> So the other thing, just a couple of points that you made me think of, the other cloud that you support is on prime. >> Yes, yeah, it's still big by the way. >> So that's another piece of it. Because you got the three laws of the cloud right? It's the law of physics. You can't necessarily put everything into the public eye. Then you got the law of economics, and you got the law of the land, in which you were talking about before, >> Right. >> If you're not supposed to leave Germany, >> Correct. >> You can't leave Germany, okay. And then, so you're using analytics to help customers to determine this. And the other thing, some of the general counselors out there don't want to keep data forever. >> Correct. >> I hear a lot from vendors, oh you could now keep it forever and GC says no, we don't want to keep it forever. >> Exactly, right. >> Okay, so you're using analytics to sort of sift through that data and surface these clues. >> Yes. >> And actions to customers. >> Yes and the new thing also at 8.1.2 is we've come out with a smart meter type technology which will let customers know how much data they're using, where they're using the data? Any hot spots in the data. And it's very file based, you know, data focused. It obviously helps customers really understand who's using what where, you know. And to be fair, they can use that to help go drive costs, figure out you know maybe someone's using something they shouldn't, maybe people are storing stuff that they don't want to store. It's not just a benefit to figure what they're doing but it's also could help and drive cost out. >> Big customer base obviously, probably the largest in the business. >> Yup, over 50,000. >> 50,000 customers? >> Yup. >> You've modernized the software. Just rap it up, the competitive customer differentiation, a lot of noise in the market place. >> Yup. >> Where do you stand? What's your position relative to the competition? Why Veritas? >> Yeah, well, so for us, when we walk in to a large customer, as you can appreciate, they don't want three or four different products; back to the cloud conversation, they don't want three or four ways of moving data in to cloud, right? They really want one. And the other issue they all ran into is this compliance conversation. You, know not everybody does everything the same. And they don't all talk together. Having a single platform, to be able to give customers the capability of backing up everything from traditional work loads of Oracle, and SAP to Mongo DB, to Casandra, to Hadoop, to containers, to open source; we're the only company out there that can do all those work loads. There are start ups. And they may do one or two things really really well, or so they say they do, we don't think they do, but they say they do, and that's what they focus in on. That's not what a large enterprise customer wants. They want capabilities to be able to scale high performance, ease of use, and 8.1.2 gives that to them. And we do more work loads than any body else in the industry. >> Excellent, well Scott thanks for coming on. We are here in the heart of New York City, at Tavern on the Green. A lot of customers, I've been talking to some of those customers today, those customers, they're as tough as Yankee fans I could tell ya. (laughing) So Scott thanks agan, good to see you. >> Alright, thank you. >> Alright, keep it right there everybody. We'll be back with our next guest right after this short break. Thank you for watching theCUBE from Veritas Solutions Days in New York, right back. (upbeat music)

live from Vancouver Canada it's the cube OpenStack summit North America 2018 brought to you by Red Hat the OpenStack foundation and its ecosystem partners welcome back I'm Stu minimun here at the OpenStack summit 2018 in Vancouver with my co-host John Troyer happy to welcome to the program a first-time guest Charles Ferlin who's the vice president of business development at nuage networks thanks for joining us thank you for having me all right so the OpenStack show we're always talking about the maturity of it where customers are going with it you're in business development so what one of the one of the things we were discussing from the keynote this morning is the telcos and the service providers and who's doing what and you know who makes up that environment so it gives us your free point what you're seeing as to you know where some of the real action is in this in this marketplace fair enough we've been talking about nav for example for many years as you know but I would say probably since the second half of 2016 that we've started to see some significant large deployment and the service provider service provider paying attention to building up a telco cloud to host their VN nav applications right so so really from the second half of 26 16 2017 we've seen massive deployments of OpenStack with a service provider and a lot of them to host applications to serve their branch office customers yeah that's that's an another motivation for them to deploy this yes so Charles you know we've talked to the 18 t Verizon you know Deutsche Telekom's up there all these big ones but I look at it and say is this an opportunity of 20 global you know you know you know telcos or is do we go down to some of the MSP CSPs however you want to call those service providers a regional one you know they're some of the regional ones that maybe aren't as much telcos or are they where's that line what do you see is kind of the TAM if you will for this space obviously the large service provider will have a piece there but we see a lot of regional customer consuming services from a local provider right they do have either for language reasons for regulation and in governance so we see a lot of them consuming services from a local service provider so an openstack sort of became the building block of these and if the infrastructure for the service provider yeah it's interesting we actually just had a infrastructure as a service company from Australia okay on and I said you know you look at their website it doesn't say OpenStack anywhere they provide cloud offerings so it's one of the things there's all these telcos and service fighters that use it but it's not like they're like we're your preferred distribution of OpenStack it's just part of the plumbing underneath the use cases that that are address buh-bye OpenStack and served by OpenStack really fits well and a lot of the telco space right now yeah so we've seen a lot of growth for virtual private cloud we see a lot of growth for a dynamically deploying application having application residing in the data center or moving closer to the users at the edge for example and these are sort of the use cases that nuage and OpenStack address pretty well well that's an interesting pivot point right I understand as an enterprise technologist why software-defined networking is important right it's important in your stack it's got to be important inside of an open OpenStack but can you talk a little bit about some of these use cases like I hadn't really thought about SD win and how that that really and what architectures and deployments would really kind of mean that they would need to deploy that with some and that's a good point because really NT as the win served as the catalyst for the service providers who start paying attention to deploying an NFV infrastructure before that there was an interest it was a motivation however SD wins be offered of dynamic flexible agile branch office connectivity that allows them to dynamically insert value-added services so yes as the one provided connectivity between the branch office but really where is the service provider are going after is offering Application Firewall DDoS services or URL filtering in all of these applications residing in the data center and all of a sudden as I hold on I cannot have it as the one solution disjoint from my data center OpenStack deployment and this is where the nuage actually served as a connecting to both environment but also this is what served as a catalyst the sd1 deployment sort of a catalyst for for them to start deploying a dynamic infrastructure in today's yes so Charles just on the SD way in piece itself we've seen a lot of activity that bunch of acquisitions in that market what what differentiates nuage in in this space well fair enough we've seen these acquisition as a complement to the strategy that we have taken over the past five years paying off we are from the get-go started to have an end-to-end as the in solution so it's not just about connecting branch office together it's not about just connecting application in the data center it's actually connecting the users in the branch office with the applications in the data center or in the public cloud and what differentiate us the most is that we have the exact same platform the same as the n solution and 2n to connect branch office programming branch routers or programming virtual switches in the data center or bare metal physical service so that is perhaps new our single most biggest differentiator is the capability to have that single policy that singled as the n framework from the users and branch to the data center or public cloud alright you've mentioned bare metal I remember it was funny when the project came out for bare metal of course it's called ironic because most people can't win OpenStack started it was it's a good name in that it was virtualized environment of course today we've got containers starting to go up the stack with kubernetes so we understand why bare metals there what are you seeing in that space and and what what kind of what do you hear from your customers so we we have a lot of traction with ironic actually it's ironic but we do and we did that actually in open Saxony in November we did a Coe presentation with Fujitsu who deployed our k5 infrastructure using nagy networks and ironic integration to roll out on top of that is flexible you can put a platform as a service they can do whatever they want on top of it but the bare amount of provisioning is somewhere we is a we have a couple of large accounts that they have deployed this globally yeah okay are you working with the cotta containers that they have here and whether you are not would love to hear kind of the security story when we talk things everything for bare metal in containers and what you're doing with OpenStack and that's that's perhaps the other the biggest differentiator we have is because we're able to have the single networking policies from a container to or programming the network of a container or a KVM VM or hyper-v or the we have the symbol their single as the end platform and we're able we see all the therefore we see all the traffic in the data pack and we're able to index this into a elasticsearch database right and and in creating an index and set a lot of users to create some thresholds and that is what is perhaps the newest thing at knowledge is the capability now to say hey once those thresholds or cross why don't we reprogram the network dynamically so near realtor in real near-real-time we're actually able to take an action to reprogram the network based on some live feed that's what can information that we're receiving from the the various element that we have program either in the branch office or in a container level okay so today cotta containers is not something you're involved with or I didn't quite that cotta containers from the new high-level project from the the OpenStack foundation I don't know right now but but your customers are using container technology docker and various others we have an integration with kubernetes so we provide CNI they're absolutely involved there and this is how a lot of our customers are using us right now and the customers we're talking about these would often be service providers is that is that correct in the context of containers and kubernetes it would mainly be on the enterprise okay out of an agile type of development where they want to have a there's a lot of developer and they want to have the networking program and the same life cycle as the application project is rolling out and having the micro segmentation meaning that we are able to isolate each one of the project from one another so in if one gets contaminated the other one doesn't and so this is where a lot of the kubernetes and deployment has been on the on the large enterprise okay that makes sense because I'm trying to as a as a person outside the telecom industry but but following kind of the enterprise and OpenStack it's interesting to see this vision of the service providers who are not dumb pipes certainly but through OpenStack and these these the nfe and the services they are able to provision with folks like nuage you know able to provide services so just trying to figure out where the line you know maybe you could draw us a picture of you know what what the modern service provider will be able to provide versus what's still left then for the at the enterprise level depending on which market size analysis analyst you're looking at you know is depends VPN connectivity will be it it varies between two to six to eight to twelve it's a relatively contained small market compared to the applicator to manage applications right manage security that's tenfold that that market race so really as you said the the objective here if the service provider is not to to become a dumb virtual pipe and the ability to dynamically insert some value-added services over the top and this is what having an agile as the when now gives them the capability to say hold on a second I can now start serving a value-added application because my dynamic network is available now and this is this is what is fueling a lot of the OpenStack deployment right now in the datacenter yeah Charles one of discussions we've been looking at the last couple of years is there's OpenStack and then there's containers and kubernetes everything how do you see those go together what are you hearing from customers general discussion here but I'd love to hear some real-world so yeah in the context of ironic as we just mentioned a lot of the time the bare metal servers are actually deployed using OpenStack and what goes on top of it is actually kubernetes right and this is very common and it gives that isolation or its deploying a virtual machine running a pass platform in there right so so actually we do see the OpenStack to be used often to deploy the the infrastructure and program and provision I should say the infrastructure and whatever goes on top it could be kubernetes and work just a very nicely Charles you've been involved with OpenStack for many years I had this is how many OpenStack summits well probably eight and a weight or more yeah how are you seeing the OpenStack community evolved what do you I know you've just arrived which day one here at this summit you know beautiful Vancouver but in terms of the energy of the community the the people who are here it's a little bit smaller this year but it you know we've got people here are actual users and actual deployers so exactly yeah thoughts there so this is perhaps the well we went through a marketing height which is great however what I would say regardless of the event today in general the OpenStack community is a lot more mature it's a lot more stable as well and in the product and the product the technology at the community is more focused around solving real use cases and real problem couple years ago there was a lot of interest a lot of hype you know but it would have solve world world hunger as well right now I think it's very pointed very precise and I'm actually new I was quite proud to be participating in contributing in that community because we're starting to see the technology really addressing key key problems here all right Charles last thing I wanted to ask is the network sits in a very special place when you talk about really the multi cloud world that customers are talking about what are you seeing when it comes to that environment you know how do customers figure out where they put their applications are they moving you know things or is it just kind of a heterogeneous but still complicated world they're still figuring out that's right I mean that it's a very dynamic environment but I would say if I had to draw a conclusion most of the customers are deploying the application on-premise they like to have either for storage either for some of the governance they do I like to have applications on-premise however the multi cloud scenario is often used in large banks to compute or a large organization to compute on a burst capability right the capability to say hey I need to have X compute power available for X time is very appealing for them and this is how most of the deployment of nuage are used right now is having doing the plumbing the virtual plumbing inside a data center and dynamically based on demand the capability to do the same networking policy the same networking extension to one of the public cloud offering is very appealing because it sporadic it's a burst type of scenario yeah especially a lot of those service providers have that direct ability right as well correct correct and it you're right that it can become a little bit complex when you have when you want to to deploy nets with the same that's working policies across on-premise and multiple cloud provider and if you have interim service provider then it becomes a little bit complicated to have to orchestrate all of it and this is where Sdn gives them that hardware abstraction and and maintain the same networking policy well Charles Berlin appreciate the update on nuage and all of your viewpoints from from the customers that you're seeing my pleasure very very much for John Troyer I'm Stu Mittleman back with more coverage here at the open sex I'm at 2018 in Vancouver thanks for watching the Q [Music]

>>Live from Las Vegas. It's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. >> Welcome to Fortinet Accelerate 2018. I'm Lisa Martin with theCUBE and we're excited to be here doing our second year of coverage of this longstanding event. My cohost for the day is Peter Burris; excited to be co-hosting with Peter again, and we're very excited to be joined by the CEO, Founder, and Chief Chairman of Fortinet, Ken Xie, Ken welcome back to theCUBE. >> Thank you, Lisa, thank you, Peter. Happy to be here. >> It's great to be here for us as well, and the title of your Keynote was Leading the Change in Security Transformation, but something as a marketer I geeked out on before that, was the tagline of the event, Strength in Numbers. You shared some fantastic numbers that I'm sure you're quite proud of. In 2017, $1.8 in billing, huge growth in customer acquisitions 17.8 thousand new customers acquired in 2017 alone, and you also shared that Forinet protects around 90% of the Global S&P 100. Great brands and logos you shared Apple, Coca Cola, Oracle. Tell us a little bit more and kind of as an extension of your Keynote, this strength in numbers that you must be very proud of. >> Yeah, I'm an engineer background, always liked the number, and not only we become much bigger company, we actually has 25 to 30% global employment in a network security space. That give a huge customer base and last year sales grow 19% and we keeping leading the space with a new product we just announced today. The FortiGate 6000 and also the FortiOS 6.0. So all this changing the landscape and like I said last year we believe the space is in a transition now, they've got a new generation infrastructure security, so we want to lead again. We started the company 18 years ago to get into we called a UTM network firewall space. We feel infrastructure security is very important now. And that we want to lead in the transition and lead in the change. >> So growth was a big theme or is a big theme. Some of the things that we're also interesting is another theme of really this evolution, this landscape I think you and Peter will probably get into more the technology, but give our viewers a little bit of an extension of what you shared in your keynote about the evolution. These three generations of internet and network security. >> Yeah, when I first start my network security career the first company I was study at Stanford University, I was in the 20s. It was very exciting is that a space keeping changing and grow very fast, that makes me keeping have to learning everyday and that I like. And then we start a company call Net Screen when it was early 30s, that's my second company. We call the first generation network security which secured a connection into the trust company environment and the Net Screens a leader, later being sold for $4 billion. Then starting in 2000, we see the space changing. Basically you only secure the connection, no longer enough. Just like a today you only validate yourself go to travel with a ticket no longer enough, they need to see what you carry, what's the what's the luggage has, right. So that's where we call them in application and content security they call the UTM firewall, that's how Fortinet started. That's the second generation starting replacing the first generation. But compared to 18 years ago, since change it again and nowadays the data no longer stay inside company, they go to the mobile device, they go to the cloud, they call auditive application go to the IoT is everywhere. So that's where the security also need to be changed and follow the important data secure the whole infrastructure. That's why keeping talking from last year this year is really the infrastructure security that secure fabric the starting get very important and we want to lead in this space again like we did 18 years ago starting Fortinet. >> Ken, I'd like to tie that, what you just talked about, back to this notion of strength in numbers. Clearly the bad guys that would do a company harm are many and varied and sometimes they actually work together. There's danger in numbers Fortinet is trying to pull together utilizing advanced technologies, new ways of using data and AI and pattern recognition and a lot of other things to counter effect that. What does that say about the nature of the relationships that Fortinet is going to have to have with its customers going forward? How is that evolving, the idea of a deeper sharing? What do you think? >> Actually, the good guy also started working together now. We formed the they call it the Cyber Threat Alliance, the CTA, and Fortinet is one of the founding company with the five other company including Palo Alto Network, Check Point and McAfee and also feel a Cisco, there's a few other company all working together now. We also have, we call, the Fabric-Ready Program which has 42 big partners including like IBM, Microsoft, Amazon, Google, all this bigger company because to defend the latest newest Fabric threat you have to be working together and that also protect the whole infrastructure. You also need a few company working together and it's a because on average every big enterprise they deploy 20 to 30 different products from different company. Management cost is number one, the highest cost in the big enterprise security space because you have to learn so many different products from so many different vendor, most of them competitor and now even working together, now communicate together. So that's where we want to change the landscape. We want to provide how infrastructure security can work better and not only partner together but also share the data, share the information, share the intelligence. >> So fundamentally there is the relationship is changing very dramatically as a way of countering the bad actors by having the good actors work more closely together and that drives a degree of collaboration coordination and a new sense of trust. But you also mentioned that the average enterprise is 20 to 30 fraud based security products. Every time you introduce a new product, you introduce some benefits you introduce some costs, potentially some new threat surfaces. How should enterprises think about what is too many, what is not enough when they start thinking about the partnerships that needed put together to sustain that secure profile? >> In order to have the best protection today you need to secure the whole infrastructure, the whole cyberspace. Network security still the biggest and also grow very fast and then there's the endpoint and there's a like a cloud security, there's a whole different application, email, web and all the other cloud all the other IoT. You really need to make sure all these different piece working together, communicate together and the best way is really, they have to have a single panel of our management service. They can look at them, they can make it integrate together they can automate together, because today's attack can happen within seconds when they get in the company network. It's very difficult for human to react on that. That's where how to integrate, how to automate, this different piece, that is so important. That's where the Fabric approach, the infrastructure approach get very important. Otherwise, you cannot react quick enough, in fact, to defend yourself in a current environment. On the other side for your question, how many vendor do you have, I feel the less the better. At least they have to work together. If they're not working together, will make it even more difficult to defend because each part they not communicate and not react and not automate will make the job very, very difficult and that's where all this working together and the less vendor they can all responsible for all your security it's better. So that's where we see some consolidation in the space. They do still have a lot of new company come up, like you mentioned, there's close to 2,000 separate security company. A lot of them try to address the point solution. I mentioned there's a four different level engineer after engineer work there because I see 90% company they do the detection. There's a certain application you can detect the intrusion and then the next level is where they after you attack what are going to do about it. Is it really the prevention setting kick in automatic pull out the bad actor. After that, then you need to go to the integration because there's so many different products, so many different piece you need to working together, that's the integration. Eventually the performance and cost. Because security on average still cost 100 times more expensive under same traffic and also much slower compared to the routing switch in networking device. That's what the performance cost. Also starting in the highest level, that's also very difficult to handle. >> So, we're just enough to start with the idea of data integration, secure data integration amongst the security platform, so enough to do as little as possible, as few as possible to do that, but enough to cover all the infrastructure. >> Yes, because the data is all a whole different structure. You no longer does have to trust environment. Because even inside the company, there's so many different way you can access to the outside, whether it by your mobile device so there's a multiple way you can connect on the internet and today in the enterprise 90% connection goes to Wi-Fi now it's not goes to a wired network, that's also difficult to manage. So that's where we will hide it together and make it all working together it's very important. >> So, in the spirit of collaboration, collaborating with vendors. When you're talking with enterprises that have this myriad security solutions in place now, how are they helping to guide and really impact Fortinet's technologies to help them succeed. What's that kind of customer collaboration like, I know you meet with a lot of customers, how are they helping to influence the leading security technologies you deliver? >> We always want to listen the customer. They have the highest priority, they gave us the best feedback. Like the presentation they talked about there's a case from Olerica which is where they have a lot of branch office and they want to use in the latest technology and networking technology, SD-WAN. Are working together with security, that's ready the new trend and how to make sure they have all the availability, they have the flexibility software-defined networking there and also make sure to security also there to handle the customer data, that's all very important so that's what we work very closely with customer to response what they need. That's where I'm still very proud to be no longer kind of engineer anymore but will still try to build in an engineer technology company. Listen to the customer react quick because to handle security space, cyber security, internet security, you have to work to quickly react for the change, on internet, on application. So that's where follow the customer and give them the quick best solution it's very very important. >> On the customer side in Anaemia we talked about that was talked a little bit about this morning with GDPR are is around the corner, May 2018. Do you see your work coordinates work with customers in Anaemia as potentially being, kind of, leading-edge to help customers in the Americas and Asia-Pacific be more prepared for different types of compliance regulations? >> We see the GDPR as an additional opportunity, as a additional complement solution compared to all the new product technology would come up. They definitely gave us an additional business rate, additional opportunity, to really help customer protect the data, make the data stay in their own environment and the same time, internet is a very global thing, and how to make sure different country, different region, working together is also very important. I think it's a GDPR is a great opportunity to keeping expanding a security space and make it safer for the consumer for the end-user. >> So Ken as CEO Fortinet or a CEO was tough act, but as CEO you have to be worried about the security of your business and as a security company you're as much attacked, if not more attacked than a lot of other people because getting to your stuff would allow folks to get to a lot of other stuff. How do you regard the Fortinet capabilities inside Fortinet capability as providing you a source of differentiation in the technology industry? >> Yeah we keep security in mind as the highest priority within a company. That's where we develop a lot of product, we also internally use tests first. You can see from endpoint, the network side, the email, to the web, to the Wi-Fi access, to the cloud, to the IoT, it's all developing internally, it tests internally so the infrastructure security actually give you multiple layer protection. No longer just have one single firewall, you pass the fire were all open up. It's really multiple layer, like a rather the ransomware or something they had to pass multiple layer protection in order to really reach the data there. So that's where we see the infrastructure security with all different products and developed together, engineer working together is very important. And we also have were strong engineer and also we call the IT security team lead by Phil Cauld, I think you are being interview him later and he has a great team and a great experience in NSA for about 30 years, secure country. And that's where we leverage the best people, the best technology to provide the best security. Not only the portal side, also our own the internal security in this space. >> So, in the last minute or so that we have here, one of the things that Patrice Perce your global sales leader said during his keynote this morning was that security transformation, this is the year for it. So, in a minute or so, kind of what are some of the things besides fueling security transformation for your customers do you see as priorities and an exciting futures this year for Fortinet, including you talked about IoT, that's a $9 billion opportunity. You mentioned the securing the connected car to a very cool car in there, what are some of the things that are exciting to you as the leader of this company in 2018? >> We host some basic technology, not another company has. Like a built in security for a single chip. I also mentioned like some other bigger company, like a Google started building a TPU for the cloud computing and Nvidia the GPU. So we actually saw this vision 18 years ago when we start a company and the combine the best hardware and best technology with solve for all this service together. So, long term you will see the huge benefit and that's also like translate into today you can see all these technology enable us to really provide a better service to the customer to the partner and we all starting benefit for all this investment right now. >> Well Ken, thank you so much for joining us back on theCUBE. It's our pleasure to be here at the 16th year of the event, our second time here. Thanks for sharing your insight and we're looking forward to a great show. >> Thank you, great questions, it's the best platform to really promoting the technology, promoting the infrastructure security, thank you very much. >> Likewise, we like to hear that. For my co-host Peter Burris, I'm Lisa Martin, we are coming to you from Fortinet Accelerate 2018. Thanks for watching, stick around we have great content coming up.

>> (Narrator) Live from Las Vegas. It's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. >> Welcome to Fortinet Accelerate 2018. I'm Lisa Martin with theCUBE and we're excited to be here doing our second year of coverage of this longstanding event. My cohost for the day is Peter Burris; excited to be co-hosting with Peter again, and we're very excited to be joined by the CEO, Founder, and Chief Chairman of Fortinet, Ken Xie, Ken welcome back to theCUBE. >> Thank you, Lisa, thank you, Peter. Happy to be here. >> It's great to be here for us as well, and the title of your Keynote was Leading the Change in Security Transformation, but something as a marketer I geeked out on before that, was the tagline of the event, Strength in Numbers. You shared some fantastic numbers that I'm sure you're quite proud of. In 207, $1.8 in billing, huge growth in customer acquisitions 17.8 thousand new customers acquired in 2017 alone, and you also shared that Forinet protects around 90% of the Global S&P 100. Great brands and logos you shared Apple, Coca Cola, Oracle. Tell us a little bit more and kind of as an extension of your Keynote, this strength in numbers that you must be very proud of. >> Yeah, I'm an engineer background, always liked the number, and not only we become much bigger company, we actually has 25 to 30% global employment in a network security space. That give a huge customer base and last year sales grow 19% and we keeping leading the space with a new port out we just announced today. The FortiGate 6000 and also the FortiOS 6.0. So all this changing in the landscape and like I said last year we believe the space is in a transition now, they've got a new generation infrastructure security, so we want to lead again. We started the company 18 years ago to get into we called a UTM network firewall space. We feel infrastructure security is very important now. And that we want to lead in the transition and lead in the change. >> So growth was a big theme or is a big theme. Some of the things that we're also interesting is another theme of really this evolution, this landscape I think you and Peter will probably get into more the technology, but give our viewers a little bit of an extension of what you shared in your keynote about the evolution. These three generations of internet and network security. >> Yeah, when I first start my network security career the first company I was study at Stanford University, I was in the 20s. It was very exciting is that a space keeping changing and grow very fast, that makes me keeping have to learning everyday and that I like. And then we start a company call Net Screen when it was early 30s, that's my second company. We call the first generation network security which secured a connection into the trust company environment and the Net Screens a leader, later being sold for $4 billion. Then starting in 2000, we see the space changing. Basically you only secure the connection, no longer enough. Just like a today you only validate yourself go to travel with a ticket no longer enough, they need to see what you carry, what's the what's the luggage has, right. So that's where we call them in application and content security they call the UTM firewall, that's how Fortinet started. That's the second generation starting replacing the first generation. But compared to 18 years ago, since change it again and nowadays the data no longer stay inside company, they go to the mobile device, they go to the cloud, they call auditive application go to the IoT is everywhere. So that's where the security also need to be changed and follow the important data secure the whole infrastructure. That's why keeping talking from last year this year is really the infrastructure security that secure fabric the starting get very important and we want to lead in this space again like we did 18 years ago starting Fortinet. >> Ken, I'd like to tie that, what you just talked about, back to this notion of strength in numbers. Clearly the bad guys that would do a company harm are many and varied and sometimes they actually work together. There's danger in numbers Fortinet is trying to pull together utilizing advanced technologies, new ways of using data and AI and pattern recognition and a lot of other things to counter effect that. What does that say about the nature of the relationships that Fortinet is going to have to have with its customers going forward? How is that evolving, the idea of a deeper sharing? What do you think? >> Actually, the good guy also started working together now. We formed the they call it the Cyber Threat Alliance, the CTA, and Fortinet is one of the founding company with the five other company including Palo Alto Network, Check Point and McAfee and also feel a Cisco, there's a few other company all working together now. We also have, we call, the Fabric-Ready Program which has a 42 bigger partner including like IBM, Microsoft, Amazon, Google, all this bigger company because to defend the latest newest Fabric threat you have to be working together and that also protect the whole infrastructure. You also need a few company working together and it's a because on average every big enterprise they deploy 20 to 30 different products from different company. Management cost is number one, the highest cost in the big enterprise security space because you have to learn so many different products from so many different vendor, most of them competitor and now even working together, now communicate together. So that's where we want to change the landscape. We want to provide how infrastructure security can work better and not only partner together but also share the data, share the information, share the intelligence. >> So fundamentally there is the relationship is changing very dramatically as a way of countering the bad actors by having the good actors work more closely together and that drives a degree of collaboration coordination and a new sense of trust. But you also mentioned that the average enterprise is 20 to 30 fraud based security products. Every time you introduce a new product, you introduce some benefits you introduce some costs, potentially some new threat surfaces. How should enterprises think about what is too many, what is not enough when they start thinking about the partnerships that needed put together to sustain that secure profile? >> In order to have the best protection today you need to secure the whole infrastructure, the whole cyberspace. Network security still the biggest and also grow very fast and then there's the endpoint and there's a like a cloud security, there's a whole different application, email, web and all the other cloud all the other IoT. You really need to make sure all these different piece working together, communicate together and the best way is really, they have to have a single panel of our management service. They can look at them, they can make it integrate together they can automate together, because today's attack can happen within seconds when they get in the company network. It's very difficult for human to react on that. That's where how to integrate, how to automate, this different piece, that is so important. That's where the Fabric approach, the infrastructure approach get very important. Otherwise, you cannot react quick enough, in fact, to defend yourself in a current environment. On the other side for your question, how many vendor do you have, I feel the less the better. At least they have to work together. If they're not working together, will make it even more difficult to defend because each part they not communicate and not react and not automate will make the job very, very difficult and that's where all this working together and the less vendor they can all responsible for all your security it's better. So that's where we see some consolidation in the space. They do still have a lot of new company come up, like you mentioned, there's close to 2,000 separate security company. A lot of them try to address the point solution. I mentioned there's a four different level engineer after engineer work there because I see 90% company they do the detection. There's a certain application you can detect the intrusion and then the next level is where they after you attack what are going to do about it. Is it really the prevention setting kick in automatic pull out the bad actor. After that, then you need to go to the integration because there's so many different products, so many different piece you need to working together, that's the integration. Eventually the performance and cost. Because security on average still cost 100 times more expensive under same traffic and also much slower compared to the routing switch in networking device. That's what the performance cost. Also starting in the highest level, that's also very difficult to handle. >> So, we're just enough to start with the idea of data integration, secure data integration amongst the security platform, so enough to do as little as possible, as few as possible to do that, but enough to cover all the infrastructure. >> Yes, because the data is all a whole different structure. You no longer does have to trust environment. Because even inside the company, there's so many different way you can access to the outside, whether it by your mobile device so there's a multiple way you can connect on the internet and today in the enterprise 90% connection goes to Wi-Fi now it's not goes to a wired network, that's also difficult to manage. So that's where we will hide it together and make it all working together it's very important. >> So, in the spirit of collaboration, collaborating with vendors. When you're talking with enterprises that have this myriad security solutions in place now, how are they helping to guide and really impact Fortinet's technologies to help them succeed. What's that kind of customer collaboration like, I know you meet with a lot of customers, how are they helping to influence the leading security technologies you deliver? >> We always want to listen the customer. They have the highest priority, they gave us the best feedback. Like the presentation they talked about there's a case from Olerica which is where they have a lot of branch office and they want to use in the latest technology and networking technology. I see when I'm working together with security, that's ready the new trend and how to make sure they have all the availability, they have the flexibility software-defined networking there and also make sure to security also there to handle the customer data, that's all very important so that's what we work very closely with customer to response what they need. That's where I'm still very proud to be no longer kind of engineer anymore but will still try to build in an engineer technology company. Lesson to the customer react quick because to handle security space, cyber security, internet security, you have to be work quickly react for the change, on internet, on application. So that's where follow the customer and give them the quick best solution it's very very important. On the customer side in Anaemia we talked about that was talked a little bit about this morning with GDPR are is around the corner, May 2018. Do you see your work coordinates work with customers in Anaemia as potentially being, kind of, leading-edge to help customers in the Americas and Asia-Pacific be more prepared for different types of compliance regulations? >> We see the GDPR as an additional opportunity, as a additional complement solution compared to all the new product technology would come up. They definitely gave us an additional business rate, additional opportunity, to really help customer protect the data, make the data stay in their own environment and the same time, internet is a very global thing, and how to make sure different country, different region, working together is also very important. I think it's a GDPR is a great opportunity to keeping expanding a security space and make it safer for the consumer for the end-user. >> So Ken as CEO Fortinet or a CEO was tough act, but as CEO you have to be worried about the security of your business and as a security company you're as much attacked, if not more attacked than a lot of other people because getting to your stuff would allow folks to get to a lot of other stuff. How do you regard the Fortinet capabilities inside Fortinet capability as providing you a source of differentiation in the technology industry? >> Yeah we keep security in mind as the highest priority within a company. That's where we develop a lot of product, we also internally use tests first. You can see from endpoint, the network side, the email, to the web, to the Wi-Fi access, to the cloud, to the IoT, it's all developing internally, it tests internally so the infrastructure security actually give you multiple layer protection. No longer just have one single firewall, you pass the fire were all open up. It's really multiple layer, like a rather the ransomware or something they had to pass multiple layer protection in order to really reach the data there. So that's where we see the infrastructure security with all different products and developed together, engineer working together is very important. And we also have were strong engineer and also we call the IT security team lead by Phil Cauld, I think you are being interview him later and he has a great team and a great experience in NSA for about 30 years, secure country. And that's where we leverage the best people, the best technology to provide the best security. Not only the portal side, also our own the internal security in this space. >> So, in the last minute or so that we have here, one of the things that Patrice Perce your global sales leader said during his keynote this morning was that security transformation, this is the year for it. So, in a minute or so, kind of what are some of the things besides fueling security transformation for your customers do you see as priorities and an exciting futures this year for Fortinet, including you talked about IoT, that's a $9 billion opportunity. You mentioned the securing the connected car to a very cool car in there, what are some of the things that are exciting to you as the leader of this company in 2018? >> We host some basic technology, not another company has. Like a built in security for a single chip. I also mentioned like some other bigger company, like a Google started building a TPU for the cloud computing and Nvidia the GPU. So we actually saw this vision 18 years ago when we start a company and the combine the best hardware and best technology with solve for all this service together. So, long term you will see the huge benefit and that's also like translate into today you can see all these technology enable us to really provide a better service to the customer to the partner and we all starting benefit for all this investment right now. >> Well Ken, thank you so much for joining us back on theCUBE. It's our pleasure to be here at the 16th year of the event, our second time here. Thanks for sharing your insight and we're looking forward to a great show. >> Thank you, great questions, it's the best platform to really promoting the technology, promoting the infrastructure security, thank you very much. >> Likewise, we like to hear that. For my co-host Peter Burris, I'm Lisa Martin, we are coming to you from Fortinet Accelerate 2018. Thanks for watching, stick around we have great content coming up.

>> Narrator: Live from Las Vegas, it's the Cube, covering VMWorld 2017. Brought to you by VMWare and its ecosystem partners. (bright music) >> Hi, I'm Stu Miniman with the Cube, here with my guest host, Justin Warren. Happy to have a returning Cube alum, but in a different role then we had. It's been a few years. Tal Klein, who is the author of The Punch Escrow. >> Au-tor, please. No, I'm just kidding. (laughing) Tal, thanks so much for joining us. It's great for you to be able to find time to hang out with the tech geeks rather than all the Hollywood people that you've been with recently. (laughing) >> You guys are more interesting. (laughing) >> Well thank you for saying that. So last time we interviewed you, you were working for a sizable tech company. You were talking about things like, you know, virtualization, everything like that. Your Twitter handle's VirtualTal. So how does a guy like that become not only an author but an author that's been optioned for a movie, which those of us that, you know, are geeks and everything are looking at, as a matter of fact, Pac Elsiger this morning said, "we are seeing science fiction become science fact." >> That's right. >> Stu: So tell us a little of the journey. >> Yeah, cool, I hope you read the book. (laughing) I don't know, the journey is really about marketing, right? Cause a lot of times when we talk about virtual, like, in fact last time I was on the Cube, we were talking about the idea that desktops could be virtual. Cause back then it was still this, you know, almost hypothetical notion, like could desktops be virtual, and so today, you know, so much of our life is virtual. So much of the things that we do are not actually direct. I was watching this great video by Apple's new augmented reality product, where you sit in the restaurant and you look at it with your iPad, and it's your plate, and you can just shift the menu items, and you see the menu items on your plate in the context of the restaurant and your seat and the person you're sitting across from. So I think the future is now. >> Yeah, it reminds of, you know, the movie Wall-E, the animated one. We're all going to be sitting in chairs with our devices or Ready Player One, you know, very popular sci-fi book that's being done by Speilberg, I believe. >> Yes, yeah, very exciting. >> Tell us a little bit about your book, you know, we talked, when I was younger and used to read a lot of sci-fi, it was like, what stuff had they done 50 years ago that now's reality, and what stuff had they predicted, like, you know, we're going to go away from currency and go digital currency, and it's like we're almost there. But we still don't have flying cars. >> Yeah, we're, I mean, the main problem with flying cars is that we need pilots. And I think actually we're very close to flying cars, cause once we have self-driving vehicles and we no longer need to worry about it being a person behind the joystick, then we're in really good shape. That's really the issue, you know, the problem with flying cars is that we are so incompetent at driving and or flying. That's not our core competency, so let's just put things that do understand how to make those things happen and eliminate us from the equation. >> Everything is a people problem. >> Yeah, so when I wrote the book, Punch Escrow, Punch Escrow, (laughing) when I wrote the book, I really thought about all the things that I read growing up in science fiction, you know, things like teleportation, things like nanotechnology, things like digital currency, you know, how do we make those, how do we present those in a viable way that doesn't seem too science fictiony. Like one of the things I really get when people read the book is it feels really near-future, even though it's set like 100 plus years in the future, all the concepts in it feel very pragmatic or within reach, you know? >> Yeah, absolutely. It's interesting, we look at, you know, what things happen in a couple of years and what things take a long time. So artificial intelligence, machine learning, it's not like these are new concepts, you know? I read a great book by, you know, it was Isaacson, The Innovators. You go back to like Aida Lovelace, and the idea of what a machine or computer would be able to do. So 100 years from now, what's real, what's not real? We still all have jobs or something? >> We have jobs but different. Remember, I don't know if you're a historian, but back in the industrial age, there was a whole bunch of people screaming doom and gloom. In fact, if we go way back to the age of the Luddites, who just hated machines of any kind. I think that in general, we don't like, you know, we're scared of change. So I do think a lot of the jobs that exist today are going to be done by machines or code. That doesn't mean the jobs are going away. It means jobs are changing. A lot of the jobs that people have today didn't exist in the industrial age. So I think that we have to accept that we are going to be pragmatic enough to accept the fact that humans will continue to evolve as the infrastructure powering our world evolves, you know? We talk about living in the age of the quantified self, right? There's a whole bunch that we don't understand how to do yet. For example, I can think of a whole industry that tethers my FitBit to my nutrition. You know, like there's so much opportunity that for us to say, oh that's going to be the end of jobs, or the end of innovation or the end of capitalism, is insane. I think this just ushers in a whole new age of opportunity. And that's me, I'm just an optimist that way, you know. >> So the Luddites did famously try to destroy the machines. But the thing is, the Luddites weren't wrong. They did lose their jobs. So what about the people whose jobs are replaced, as you say net new, there's a net new number of jobs. But specific individuals, like people who manufacture cars for example, lose their jobs because a robot can do that job safer and better and faster than a human can do it. So what do we do with those humans? Because how do we get people to have new jobs and retrain themselves? >> I address some of these notions in the book. For example, one of the weird things that we're suffering from is the lack of welders in society today, cause welding has become this weird thing that we don't think we need people for, so people don't really get trained up in it because, you know, machines do a lot of welding but there's actually specialty welding that machines can't do. So I think the people who are really good at the things that they do will continue to have careers. I think their careers will become more niche. Therefore they'll be able to create, to demand a higher wage for it because almost like a carpenter, you know, a specialist carpenter will be able to earn a much higher wage today by having fewer customers who want really custom carpentry versus things that can be carved up by a machine. So I think what we end up seeing is that it's not that those jobs go away. It's they become more specialized. People still want Rolls Royces. People still want McLarens. Those are not done by machines. Those are hand-made, you know? >> That's an interesting point, so the value of something being hand-made becomes, instead of it being a worse product, it's actually- >> Tal: That's a big concept in the book. >> Oh okay, right. >> A big concept in the book is that we place a lot of value on the uniqueness of an object. And that parlays in multiple ways. So one of the examples that I use in the book is the value of a Big Mac actually coming from McDonald's. Like, you can make a Big Mac. We know the recipe for a Big Mac. But there is a weird sort of nacent value to getting a Big Mac from McDonald's. It's something in our brain that clicks that tethers it to an originality. Diamonds, another really good example. Or you know, we know there's synthetic diamonds. We still want the ones that get mined in the cave. Why? We don't know. Right, they're just special. >> Because De Beers still has really good marketing. (laughing) >> So I think there's- >> That's interesting, so the concept of uniqueness, which again comes to scarcity and so on. As an author, someone who is no doubt, signed a lot of his book, that means that that book is unique because it's signed by the author, unlike something which is mass produced and there is hopefully thousands and thousands of copies that you sell. >> Going into this, I actually thought about that a lot. And that's why I've created like multiple editions of the book. So like the first 500 people who pre-ordered it, they get like a special edition of the book that's like stamped and all this kind of stuff. I even used different pens. (laughs) I appreciate that because I'm also a collector. I collect music, I collect books. And you know, so I see those aspects in myself. So I know what I value about them, you know? >> And the crossover between music and books is interesting. So as someone who has a musical background, I know that there's a lot of musicians who'll come out with special editions, and you know, because this is an age where we can download it. You can download the book. Do you think there is something, is there something that is intrinsic to having a physical object in a virtual world? >> I think to our generation, yes. I'm not so sure about millennials, when they grow up. But there are, for example, I'm going to see U2 next week, I'm very lucky to see that. But part of the U2 buying experience, to get access to the presale, you need to be part of their fan club. To be a part of their fan club, you need to get, you get like a whole bunch of limited edition posters, limited edition vinyl, and all this kind of stuff. So there's an experience. It's no longer just about going to see U2 at a concert. There's like the entire package of you being a special U2 fan. And they surround it with uniqueness. It's not necessarily limited, but there's an enhanced experience that can't just be, it's not just about you having a ticket to a single concert. >> Justin: Yeah, okay. >> I'm curious, the genre, if you'd call it, is hard science fiction. >> Yes. >> The challenge with that is, you know, what is an extension of what we're doing, and what is fiction? And people probably poke at that. Have you had any interesting experience, things like that? I mean, I've listened to a lot of stuff like Andy Weir, like let the community give feedback before he created the final The Martian. (laughing) But so yeah, what's it like, cause we can, the geeks can be really harsh. >> Yes, I've learned from my Reddit experience that, so what's really funny about it is the first draft of this novel was hard as nails. It was crazy. And my publisher read it, and it would have made all the hard science fiction guys super happy. My publisher read it, he was like, you've written a really great hard science fiction book, and all five people who read it are going to love it. (laughing) You know, but like, I came here with my buddy Danny. He couldn't even get through the first three pages of it. He's like, he wanted to read it. So part of working through the editorial process is saying, look, I care a lot about the science because one of my deep goals is to write a STEM-oriented book that gets people excited about technology and present the future as not a dystopian place. And so I wanted the science to be there and have a sort of gravity to the narrative. But yeah, it's tough. I worked with a physicist, a biologist, a geneticist, an anthropologist, and a lawyer. (laughs) Just to try to figure out, how do we carve out, you know, what does the future look like, what does the evolution of each individual sciences, we talked about the mosquitoes, right? You know, we're already doing a lot of crazy stuff with mosquitoes. We're modifying them so that the males mate with females that carry the Zika virus, you know, give birth to offspring that never reach maturity. I mean, this is just crazy, it's science fiction. And now that they're working on modifying female mosquitoes into vaccine carriers instead of disease carriers. I mean, this is science fiction, right? Like who believes this stuff? It's crazy. >> Christopher is amazing. >> Yeah, I've loved, there's been a bunch of movies recently that have kind of helped to educate on STEM some, you know, Martian got a lot of people excited, you know, Hidden Figures, the one that I could being my kids that are teenagers now into it and they get excited, oh, science is great. So the movie, how much will you be involved? You know, what can you share about that experience, too, so far? >> It's been, it's very surreal. That's the word is use to describe it, the honest, god's honest truth, I mean. I've been very lucky in that my representation in Hollywood is this rock-solid guy called Howie Sanders. And he's this bigger-than-life Hollywood agent guy. He's hooked me up, we've made a lot of business decisions that we're focused less on the money and more on the team, which is nice to be, like when you're in your 40s and you're more financially settled, you're not in the kind of situation where you might be in your 20s and just going to sign the first deal that people give you. So we really focused on hooking up with like the director, James Bovin is, you know, he's the guy who co-created Flight of the Concords. He did the Muppets movie, you know, Alice Through the Looking Glass. Really professional guy but also really understands the tone of the book, which is like humorous, you know, kind of sarcastic. It's not just about the technology. It's also about the characters. Same thing with the production team. The two producers, Mandeville Productions, I was just talking to Todd Lieberman, and we're talking about just what is augmented reality, like how does it look like on the screen? So I'm not- >> It's not going to look like Blade Runner is what I'm hearing. >> (laughs) I don't know. It's going to look real. I imagine, I don't know, they're going to make whatever movie they're going to make, but their perspective, one of the things we talked about is keeping the movie very grounded. Like you know, one of the big questions they ask first going into it is before we even had any sort of movie discussions is like is this more of like a Looper, Gattica, or District Nine, or is it more like The Fifth Element, you know, I mean, is it like, do you want it to be this sort of grounded movie that feels authentic and real and near future or do you want this to be like completely alien and weird and out of it. And the story is more grounded. So I think a lot, hopefully what we display on the screen will not feel that far away from reality. >> Okay, yeah. >> You do marketing in your day job. >> I do. >> I'm curious as you look at this, kind of the balance of educating, reaching a broad audience, you have passion for STEM, what's your thoughts around that? Is it, I worry there's so much general, like television or things like that, when I see the science stuff, it like makes me groan. Because you know, it's like I don't understand that. >> I am the worst, because I got a security background too, so that's the one I get scrambled on. The war, I mean, like. >> Wait, thank goodness I updated my firewall settings because I saved the world from terrorists. >> Hang on, we're breaking through the first firewall. Now we're through the second firewall. (laughing) Now we're going through the third firewall, like 15 firewalls. And let me upload the virus, like all that stuff. It's difficult for me. I think that, you know, hopefully, there's also a group in Hollywood called the Hollywood Science and Entertainment Exchange. And they're a group of scientists who work with film makers on, you know, reigning things in. And film makers don't usually take all their advice, i.e. Interstellar, (laughing) but you know, I think (laughing) in many cases there's some really good ideas that come to play into it that hopefully bring up, like I think Jarvis for example, in Iron Man or the Avengers is a really cool implementation of what the future of AI systems might be like. And I know they used the Hollywood Science Exchange to figure out how is that going to work? And I think the marketing aspect is, you know, the reason I came up with the idea for this book is because my CEO of a company I used to work for, he had this whole conversation about teleportation, like teleportation was impossible. And he's like, it's not because the science, yes, the science is a problem right now, but we'll get over it. The main issue is that nobody would ever step foot into a device that vaporizes them and then printed them out somewhere else. And I said, well that's great, cause that's a marketing problem. (laughing) >> Yeah, you're dead every time you do it. But it's the same you, I can't tell the difference. >> Well, you say you're dead, I'm saying you're just moving. (laughing) >> Artificial intelligence, you know, kind of a big gap between the hype to where we need to go. What's your thoughts on that space in general? >> I think that we have, it's a great question because I feel like that's a term that gets thrown around a lot, and I think as a result it's becoming watered down. So you've this sort of artificial intelligence that comes with like, you know, Google building an app that can beat the world's best Go player, which is a really, really difficult puzzle. The problem is, that app can do one thing, and that's play Go. You put in it a chess game, and it's like I don't know what's going on. >> It's a very specialized kind of intelligence, yeah. >> Now with Open AI, you know, they just had some pretty interesting implementations where they actually played video games with a real live competition and won. Again, you know, but without the smack talk, which really I think would add a lot. Now you got to get an AI to smack talk. So I think the problem is we haven't figured out a really good way of creating a general purpose AI. And there's a lot of parallels to the evolution of computing in general because if you look at how computers were before we had general purpose operating systems like Unix, every computer was built to do a very, very specific function, and that's kind of what AI is right now. So we're still waiting to have a sort of general purpose AI that can do a lot of specialized activities. >> Even most robots are still very single-purpose today. >> That's the fundamental problem. But you're seeing the Cambridge guys are working on sort of the bipedal robot that can do lots of things. And Siri's getting better, Cortana's getting better, Watson's getting better, but we're not there. We still need to find a really good way of integrating deep knowledge with general purpose conversational AI. Cause that's really what you need to like, Stu, what do you need? Here, let me give it to you, you know? >> Do you draw a distinction between AI that's able to simply sort of react as a fairly complex machine or something that can create new things and add something? >> That's in the book as well. So the fundamental thing that I don't think we get around even in the future is giving computers the ability to actually come up with new ideas. There's actually a career, the main job of the protagonist in the book, his job is a salter. And his job is to salt AI algorithms to introduce entropy so they can come up with new ideas. >> Okay, interesting. >> So based off the sort of chaos theory. >> Like chaos monkey, right? >> Yeah. And that's really what you're trying to do is like, okay, react to things that are happening because you can't just come up with them on their own. There's a whole, I don't want to bore you, but there's a whole bunch of stuff in the book about how that works. >> It's like hand-carving ideas that are then mass produced by machines. >> Yeah, I don't know if you guys are going to have Simon Crosby on here, he's kind of like an expert on that. He was the Dean of Kings College, which is where Turing came from. So he really knows a lot about that. He's got a lot of strong ideas about it. But I learned a lot from him in that regard. There's a lot of like, the snarky spirit of Simon Crosby lives on in my book somewhere. But he's just funny cause he's, coming from that field, he immediately sees a lot of BS right off the bat, whenever anybody's presenting. He's got like the ability to just cut through it. Because he understands what it would actually take to make that happen, you know? So I tried to preserve some of that in the book. >> That is refreshing in the tech industry. >> So Tal, I need to let you, you know, wrap this up. Give us a plug for the book, tell us, when are we going to be able to see this on the big screen? >> I don't know about the big screen, but the Punch Escrow is now available. You can get it on Amazon, Barnes and Noble, anywhere books are sold. It's been optioned by Lionsgate. The director attached to it is James Bovin, production team is Mandeville Productions. I'm very excited about it. Go check it out. It's a pretty quick read, reads like a technothriller. It's not too hard. And it's fun for the whole family. I think one of the coolest things about it is that the feedback I've been getting has been that it really is appealing to everybody. I've got mother-in-laws reading it, you know, it's pretty cool. Initially I sold it, my initial audience is like us, but it's kind of cool, like, Stu will finish the book, he'll give it to, you know, wife, daughter, anything, and they're really digging it. So it's kind of fun. >> Justin: Thanks a lot. >> Tal Klein, really appreciate you coming. Congratulations on the book, we look forward to the movie. Maybe, you know, we'll get the Cube involved down the road. (laughing) >> And we're giving away 75 copies of it here at Lakeside booth, if you guys want to come. >> Tal Klein, author of The Punch Escrow, also CMO of Lakeside, who is here in the thing. But yeah, (laughing) a lot of stuff. Justin and I will be back with more coverage here from VMWorld 2017. You're watching the Cube. (bright music)

>> Announcer: Live from Orlando, Florida, it's the Cube. Covering Servicenow, Knowledge 17. Brought to you by Servicenow. >> Welcome back to Orlando everybody this is the Cube the leader in live tech coverage, we go out to the events, we extract the signal from the noise, and we are here for our fifth year at Knowledge this is Knowledge 17, Sean Convery's here he's the general manager of the security business unit at Servicenow, an area that I'm very excited about Shawn. Welcome back to the Cube, it's good to see you again. >> It's great to be here, thanks for having me. >> So let's see you guys launched last year at RSA we talked in depth at Servicenow Knowledge about what you guys were doing. You quoted a stat the other day which I thought was pretty substantial at the financial analyst meeting, 1.1 million job shortfall in cyber. That is huge. That's the problem that you're trying to address. >> Well it's unbelievable, I was- you know we were just doing the keynote earlier this morning and I was recounting, most people in security get in it because they have some, you know desire to save the world right? To to- they watched a movie, they read a book, they're really excited and motivated to come in- >> What's was yours, was it comic book, was it- >> It was, uh, War Games with Matthew Broderick, I was 10 years old which totally dates me, movie came out in '83 so nobody has to look it up. (laughing) And you know I was just, you know blown away by this idea of using technology and being able to change things and the trouble is analysts show up to work and they don't have that experience, and nobody's expected, but they're not even close right? They wind up being told okay here's all this potential phishing email, we'd like you to spend 20 minutes on each one trying to figure out if it actually is phishing. And there's 600 messages. So tell me when you're done and I'll give you the next 600 messages. And so it's not motivating >> Not as sexy as War Games. >> It's not as sexy as War Games exactly. And then the CICO's say, well I can't even afford the people who are well trained. So I hire people right out of school, it takes me six months to train them, they're productive for six months, and then they leave for double their salary. So you wind up with a, sort of a 50 percent productivity rate out of you new hires, and it's just, it's just a recipe for for the past right? You know, we need to think more about how we, how we change things. >> So let's sort of remind our audience in terms of security, you're not building firewalls, you're not, you know competing with a lot of the brand name securities like MacAfee or FireEye, or Palo Alto networks, you're complementing them. Talk about where you fit in the security ecosystem. >> Sure. So if you boil down the entire security market, you can really think about protection and detection as the main two areas, so protection think of a firewall, an antivirus, something that stops something bad, and think of detection as uh, I'm going to flag potentially bad things that I think are bad but I'm not to certain that I want to absolutely stop them. And so what that does is it creates a queue of behavior that needs to be analyzed today by humans, right? So this is where the entire SIM market and everything else was created to aggregate all those alerts. So once you've got the alerts, you know awesome, but you've got to sort of walk thought them and process them. So what Servicenow has focused on is the response category. And visualization, aggregation is nice, but will be much better is to provide folks the mechanism to actually respond to what's happening. Both from a vulnerability standpoint, and from an incidence standpoint. And this is really where Servicenow's expertise shines because we know workflow, we know automation, we know about system of action, right? So that's our pedigree and IT frankly is several years ahead of where the security industry is right now until we can leverage that body of expertise not just with Servicenow, but with now all of our partners to help accelerate the transformation for security team. >> So I got to cut right to the chase. So last year we talked about- and of course every time we get a briefing for instance from a security vendor, where- we're given a stat that is on average it takes 200 sometimes you've seen as high as 300 but let's say 200 days to detect an incident then the answer is so buy our prevention, or our detection solution. >> Yeah. >> I asked you last year and I tweeted out, you know a couple days ago is, has Servicenow affected that? Can you affect- I asked you last year, can you affect that, can you compress that timeframe, you said "we think so." Um what kind of progress have you made? >> Sure so you have to remember about that 200 day stat that that is a industry average across all incidents right? So the Ponemon institute pulls this data together once a year, they survey over 300 companies, and they found that I think it's 206 days is the average right now. And so to identify an- a breach, and then another 75 days to contain it. So together it's nine months, which is a frighteningly long period of time. And so what we wanted to do is measure across all of our productions security operations customers what is their average time to identify and time to contain. So it turns out, it's so small we have to convert it to hours. It's 29 hours to identify, 33 hours to contain, which actually is a 160x improvement in identification, and a 50x improvement in containment. And so we're really excited about that. But you know, frankly, I'm not satisfied. You know, I'm still measuring in hours. Granted we've moved from months to hours, but I want it from hours, to minutes, to seconds, and really, you know we can show how we can do that in minutes today with certain types of attacks. But, there's still the long breaches. >> That's a dramatic reduction, you know I know it's, that 206 whatever it is is an average of averages. >> For sure. >> But the delta between what you're seeing and your customer base is not explainable by, oh well the Servicenow customers just happen to be better at it or lucky year, it's clearly an impact that you're having. >> Well sure, let's be you know as honest as we can be here right? The, you know the people who are adopting security operations are forward thinking security customers so you would expect that they're better, right? And so your- there program should already be more mature than the average program. And if you look across those statistics, like 200 and some days, you know that includes four year long breaches, and it also includes companies that frankly don't pay as much attention to security as they should. But even if you factor all of that out, it's still a massive massive difference. >> So if I looked at the bell curve of your customers versus some of the average in that survey, you'd see, the the shift, the lump would shift way to the left, right? >> Correct. Correct. And, and you know we actually have a customer, Ron Wakely from ANP Financial Services out of Australia, who was just up on stage talking about a 60 percent improvement in his vulnerability and response time. So from identifying the vulnerabilities via Quaales, Rapid 7, Tenable, whoever their scanning vendor is, all the way through IT patching, 60 percent faster, and given that, I think it's something like 80 percent of vulnerabi- or 80 percent of attacks, come from existing vulnerabilities, that's big change. >> So do get- you got to level it when you're measuring things and you change the variable that you're measuring, as opposed to the number, right? That means you're doing a good thing. So to go from, from hours to minutes, is it continuous improvement, or are there some big, you know potential challenges that you can see that if you overcome those challenges, those are going to give you some monumental shifts in the performance. >> I, I think we're ready. I think when we come back next year, the numbers will be even better and this is why, so many of our customers started by saying "I have no process at all, I have manual, you know I'm using spreadsheets, and emails, and notebooks, you know, and trying to manage the security incident when it happens." So let me just get to a system of action, let me get to a common place where I can do all of this investigation. And that's where most of our production customers are so if you look across the ones who gave us the 29 hour and the 33 hour set, that really just getting that benefit from having a place for everybody to work together where we're going, but this is already shipping in our product is the ability to automate the investigation, so back to, back to the, you know, the poor 10 year old who didn't get to save the world, you know, now he gets to say, this entire investigation stage is entirely automated. So if I hand an analyst, for example, an infected server, there's 10 steps they need to do before they even make a decision on anything right? They have to get the network connections, get the running processes, compare them to the processes that should be on the system, look up on a reputation site all the ones that are wrong like all these manual steps. We can automate that entire process so that the analyst gets to make the decision, he's sort of presented the data, here's the report, now decide. The analogy I always use is the, the doctor who's sort of rushing down in an ER show, and somebody hands him an MRI or an X-ray and he's looking at it, you know, through the fluorescent, you know, lights as he's walking and he's like "oh" you know "five millileters of" whatever and "do this" right? >> Right. >> That's the way an analyst wants to work right? They want the data so they can decide. >> I tell you this is the classic way that machines help people do better work right? Which we hear about over and over and over. Let the machines do the machine part, collecting all the shitty boring data, um, and then present you know the data to the person to make the decision. >> Absolutely. >> Probably with recommendations as well right? With some weighted average recommendations >> Yeah and this is where it gets really exciting, because the more we start automating these tasks, you know the human still wants to make the decision but as we grow and grow this industry, one of the benefits of us being in a cloud, is we can start to measure what's happening across all of our customers, so when attack X occurs, this is the behavior that most of our customers follow, so now if you're a new customer, we can just say "in your industry, customers like you tend to do this". >> Right. >> Right? And really excited by what our engineering team is starting to put together. >> Do you have a formal, or at some point maybe down the road a formal process where customers can opt in to an aggregation of, you know we're all in this together we're probably going to share our breach data with one another so that we can start to apply a lot more data across properties to come to better resolutions quicker. >> Well we actually announced today something called trusted security circles. So this is a capability to allow all of our customers to share indicators, so when you're investigating an issue, the indicators are something that are called an indicator of compromise, or an IOC, so we can share those indicators between customers, but we can do that in an anonymous way right? And so you know, the analogy I give you is, what do you do when you lose power in your house? Right? You grab the flashlight, you check the breakers, and then you look out the window, because what are you trying to find out? >> Is anybody else out? >> Is anybody else out exactly. So, you can't do that in security, you're all alone, because if you disclose anything, you risk putting your company further in a bad spot right? Cause now it's reputation damage, somebody discloses the information, so now we've been able to allow people to do this anonymously right so it's automatic. I share something with both of you, you only see that I shared if it's relevant, meaning the service now instance found it in your own environment, and then if all three of us are in a trusted circle, when any one of us shares, we know it was one of the three, but we don't know which one. So the company's protected. >> So just anecdotally when I speak to customers, everybody still is spending more on prevention than on detection. And there's a recognition that that has to shift, and it's starting to. Now you're coming in saying, invest in response. Which, remember from our conversation last year is right on I'm super excited about that because I think the recognition must occur at the board room that you are going to get infiltrated it's the response that is going to determine the quality of your security. And you still have to spend on prevention and detection. But as you go to the market, first of all can you affirm or deny that you're seeing that shift from prevention to detection in spending, is it happening sort of fast enough, and then as you go in and advise people to think about spending on responding, what's their reaction? What are you finding is the, are the headwinds and what's the reception like? >> Sure. So you know to answer your first question about protection to detection, I would say that if you look at the mature protection technologies, right they are continuing to innovate, but certainly what you would expect a firewall to do this year, is somewhat what you expected it to do last year. But the detection category really feels like where there's a lot of innovation, right? So you're seeing you know new capabilities on the endpoint side network side, anomol- you're just seeing all sorts of diff- >> Analytics. >> Analytics, absolutely. And so uh, I do see more spent simply because more of these attacks are too, too nasty to stop, right? You sort of have to detect them and do some more analysis before you can make the decision. To your second question about, you know, what's the reception been when we started talking about response. You know, I haven't had a single meeting with a customer where they haven't said, "wow" like "we need that", right? It was very- I've never had anybody go "Well yeah our program is mature, we're fine, we don't need this." Um, the question is always just where do we start? And so we see, you know vulnerability management as one great place to start incident response is another great place to start. We introduced the third way to start, just today as well. We started shipping this new capability called vendor risk management, which actually acknowledges the the, you know we talked about the perimeter list network what five years ago? Something like that, we're saying oh the perimeter's gone, you know, mobile devices, whatever. But there's another perimeter that's been eroding as well, which is the distinction between a corporate network and your vendors and suppliers. And so your vendors and suppliers become massive sources of potential threat if they're not protected. And so the assessment process, you know, there's telcos who have 50,000 vendors. So you think about the exposure of that many companies and the process to figure out, do they have a strong password policy, right? Do they follow the best practices around network security, those kinds of things, we're allowing you to manage that entire process now. >> So you're obviously hunting within the service now customer-based presumably, right? You want to have somebody to have the platform in order to take advantage of your product. >> Sure. >> Um, could you talk about that dynamic, but also other products that you integrate with. What are you getting from the customers, do I do I have this capability- this is who I use for firewall who I use for detection do you integrate them, I'm sure you're getting that a lot. Maybe talk to that. >> Sure sure. So first off, it's important to share that the Servicenow platform as a whole is very easy to integrate with. There's API's throughout the entire system, you know we can very easily parse even emails, we have a lot of customers that you know have an email generated from an alert system, and we can parse out everything in the email and map it right into a structured workflow, so you can kind of move from unstructured email immediately into now it's in service now. But we have 40 vendors that we directly integrate with today and when I was here about a year ago, I think that number was maybe three or two. And so we're up at 40 now, and that really encompasses a lot of the popular products so we can for example, you know, a common use case, we talked about phishing a little bit right? You know, let me process a potential phishing email, pull out the URL, the subject line, all the things that might indicate bad behavior, let me look them up automatically on these public threat sources like Virus Total or Meta Defender, and then if the answer is they don't think it's bad, I can just close the incident right? If they think it's bad, now I can ask the Palo Alto Firewall, are you already blocking this particular URL, and if the Palo Alto Firewall says "yeah I was already blocking it", again you can close the incident. Only the emails that were known to be bad, and your existing perimeter capabilities didn't stop, did you need to involve people. >> I have to ask you, it goes back to the conversation we had with Robert Gates last year, but I felt like Stuxnet was this milestone, where the, the game just got escalated big time. And it went from sort of harmless, sometimes not harmless, really up the level of risk. Because now others, you know the bad guys really dug into what they could do, and it became pretty substantial. I was asking Gates generally about some future warfare in cyber, and he, this is obviously before the whole Russian hacking, but certainly Snowden and Wikileaks and so fourth was around. And he said, "The United States has to be very careful about how it responds. We have maybe many more capabilities but if we show our hand, others are going to see those weapons, and have access to those weapons, cause it's digital." I wonder as a security expert if you could sort of comment on the state of security, the future of that threat generically, or generally. Where do you see that going? >> Well there's a couple of things that come to mind as you're talking. Uh, one is you're right, Stuxnet was an eye opener I think for a lot of people in the industry that that, that these kinds of vulnerabilities are being used for, you know nation state purposes rather than, you know just sort of, uh random bad behavior. So yeah I would go back to what I said earlier and say that, um, we have to take the noise, the mundane off the table. We have to automate that, you're absolutely right. These sort of nation state attackers, if you're at a Global 2000 organization, right your intellectual property is valuable, the data you have about your employees is valuable, right all this information is going to be sought by competitors, by nation states, you have to be able to focus on those kinds of attacks, which back to my kind of War Games analogy, like that's what these people wanted to do, they wanted to find the needle in the haystack, and instead they're focusing on something more basic. And so I think if we can up the game, that changes things. The second, and really interesting thing for me is this challenge around vulnerability, so you talked about Gates saying that he has to be careful sort of how much he tips his hand. I think it was recently disclosed that the NSA had a stockpile of vulnerabilities that they were not disclosing to weaponize themselves. And that's a really paradoxical question right? You know, do you share it so that everybody can be protected including your own people, right? Imagine Acrobat, you find some problem in Acrobat, like well do you use it to exploit the enemy, or do you use it to protect your own environment? >> It's quite a dilemma. >> You- it's a huge dilemma cause you're assuming either they have it or they don't have the same vulnerability and so I'm fascinated by how that whole plays out. Yeah, it's a little frightening. >> And you know, in the land of defense, you think okay United States, you know biggest defense, spends the most money, has the, you know the most, you know, amazing machines whatever. Um, but in cyber, you know you presume that's the case, but you don't really know, I think of high frequency trading, you know, it was a lit of Russian mathmeticians that actually developed that, so clearly other states have, you know smart people that can you know create, you know, dangerous threats. And it's, it's- >> You only have to live once to, that's kind of the defense game. You got to defend them all, you have to bat 1000 on the defense side, or you know, get it and react, from the other guys side, he can just pow pow pow pow pow, you just got to get through once. >> So this is why your strategy of response is such a winner. >> Well this is where it comes back to risk as well right? At the end of the day you're right, you know a determined adversary you know, sorry to break it to everybody at some point is going to be able to find some way to do some damages. The question is how do you quantify the various risks within your organization? How do you focus your energy from a technology perspective, from a people standpoint, on the things that have the most potential to do your organization harm, and then, you know there's just no way people can stop everything unless you, you know unplug. >> And then there's the business. Then there's the business part of it too right? Cause this is like insurance when do you stop buying more insurance, you know? You could always invest more at what point does the investment no longer justify the cost because there's no simple answer. >> Well this is where, uh you know, we talked to chief information security officers all the time who are struggling with the board of directors conversation. How do I actually have an emotional conversation that's not mired in data on how things are going? And today they often have to fall back on stats like you know we process 5 million alerts per day, or we have, you know x number of vulnerabilities. But with security operations what they can do is say things like well my mean time to identify, you know was 42 hours, and this quarter it's 14 hours, and so the dollars you gave me, here's the impact. You know I have 50 critical vulnerabilities last quarter, this quarter I have 70, but only on my mission critical system, so that indicates future need to fund or reprioritize, right? So suddenly now you've got data where you can actually have a meaningful conversation about where things are from a posture prospective. >> These are the assets that we've, you know quantified the value of, these are the ones that were prioritizing the protection on and here's why we came up with that priority, let's look at that and, you know agree. >> Exactly. You know large organizations, I was talking to the CISO of a fortune ten, 50 I guess and he was sharing that it takes 40 percent of their time in incident response is spent tracking down who owns the IP address. 40 percent. So imagine, you spent 40 percent of a, you know 25 hour response time investigating who owns the asset, and then you find out it's a lab system, or it's a spare. You just wasted 40 percent of your time. But if you can instead know, oh this is your finance reporting infrastructure, okay you super high priority, let's focus in on that. So this is where the business service mapping, the CMDB becomes such a differentiator, when it's in the hands of our customers. >> Super important topic Sean Convery, thanks very much for coming back in the cube and, uh great work. Love it. >> It's great to be here, thanks for having me. >> Alright keep it right there everybody we'll be right back with our next guest, this is the Cube, we're live from Servicenow Knowledge 17 in Orlando. We'll be right back.