(funk music) (funk music) (funk music) (funk music) >> Hello and welcome to theCUBE studios in Palo Alto, California for another CUBE conversation where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. Every enterprise is responding to the opportunities of cloud with significant changes in people, process, how they think about technology, how they're going to align technology overall with their business and with their business strategies. Now those changes are affecting virtually every aspect of business but especially every aspect of technology. Especially security. So what does it mean to envision a world in which significant new classes of services are being provided through cloud mechanisms and modes, but you retain and in fact, even enhance the quality of security that your enterprise can utilize. To have that conversation, we're joined today by a great guest, Amit Sinha is president and CTO at Zscaler. Amit, welcome back to theCUBE. >> Thank you Peter, it's a pleasure to be here. >> So before we get into it, what's new at Zscaler? >> Well, at Zscaler our mission is to make the internet and cloud a secure place for businesses and as I engage with our global 2000 customers and prospects, they are going through some of the digital transformation challenges that you just alluded to. Specifically for security, what is happening is that they had a lot of applications that were sitting in a data center or in their headquarters and that center of gravity is now moving to the cloud. They probably adopt their Office 365, and Box, and Salesforce, and these applications have moved out. Now in addition, the users are everywhere. They're accessing those services, not just from offices but also from their mobile devices and home. So if your users have left the building, and your applications are no longer sitting in your data center, that begs that question: Where should the security stack be? You know, it cannot be your legacy security appliances that sat in your DMZ and your IT closets. So that's the challenge that we see out there, and Zscaler is helping these large global organizations transform their security and network for a more mobile and a cloud-first world. >> Distributed world? So let me make sure I got this right. So basically, cause I think I totally agree with you >> Right. >> Just to test it, that many regarded the cloud as a centralization strategy. >> Correct. >> What we really see happening, is we're seeing enterprises more distribute their data, more distribute their processing, but they have not updated how they think about security so the presumption is, "yeah we're going to put more processing data out closer to the action but we're going to backhaul a whole bunch back to our security model," and what I hear you saying is no, you need to push those security services out to where the data is, out to where the process, out to where the user is. Have I got that right? >> You have nailed it, right. Think of it this way, if I'm a large global 2000 organization, I might have thousands of branches. All of those branches, traditionally, have used a hub-and-spoke network model. I might have a branch here in Palo Alto but my headquarters is in New York. So now I have an MPLS circuit connecting this branch to New York. If my Exchange server and applications and SAP systems are all there, then that hub-and-spoke model made sense. I am in this office >> Right. >> I connect to those applications and all my security stack is also there. But fast forward to today, all of those applications are moving and they're not just in one cloud. You know, you might have adopted Salesforce.com for CRM, you might have adopted Workday, you might have adopted Office 365. So these are SaaS services. Now if I'm sitting here in Palo Alto, and if I have to access my email, it makes absolutely no sense for me to VPN back to New York only to exit to the internet right there. What users want is a fast, nimble user experience without security coming in the way. What organizations want is no compromise in their security stack. So what you really need is a security stack that follows the user wherever they are. >> And the data. >> And the data, so my data...you know Microsoft has a front-door service here in Redwood City and if if you are a user here and trying to access that, I should be able to go straight with my entire security stack right next to it. That's what Gartner is calling SASE these days. >> Well, let's get into that in a second. It almost sounds as though what you're suggesting is that the enterprise needs to look at security as a SaaS service itself. >> 100 percent. If your users are everywhere and if your applications are in the cloud, your security better be delivered as a consistent "as-a-service," right next to where the users are and hopefully co-located in the same data center as where the applications are present so the only way to have a pervasive security model is to have it delivered in the cloud, which is what Zscaler has been doing from day one. >> Now, a little spoiler alert for everybody, Zscaler's been talking about this for 10-plus years. >> Right. >> So where are we today in the market place starting to recognize and acknowledge this transformation in the basic security architecture and platform that we're going through? >> I'm very excited to see that the market is really adopting what Zscaler has been talking about for over a decade. In fact, recently, Gartner released a paper titled "SASE," it stands for Secure Access Service Edge and there are, I believe, four principal tenets of SASE. The first one, of course, is that compute and security services have to be right at the edge. And we talked about that. It makes sense. >> For where the service is being delivered. >> You can't backhaul traffic to your data center or you can't backhaul traffic to Google's central data center somewhere. You need to have compute capabilities with things like SSL Interception and all the security services running right at the edge, connecting users to applications in the shortest path, right? So that's sort of principle number one of SASE. The second principle that Gartner talks about, which again you know, has been fundamental to Zscaler's DNA, is to keep your devices and your branch offices light. Don't shove too much complexity from a security perspective on the user devices and your branches. Keep it simple. >> Or the people running those user devices >> Absolutely >> in the branches >> Yeah, so you know, keep your branch offices like a light router, that forwards traffic to the cloud, where the heavy-lifting is done. >> Right. >> The third principle they talk about is to deliver modern security, you need to have a proxy-based architecture and essentially what a proxy architecture allows you to do is to look at content, right? Gone are the days where you could just say, stop a website called "evil.com" and allow a website "good.com," right? It's not like that anymore. You have to look at content, you know. You might get malware from a Google Drive link. You can't block Google now, right? So looking at SSL-encrypted content is needed and firewalls just can't do it. You have to have a proxy architecture that can decrypt SSL connections, look at content, provide malware services, provide policy-based access control services, et cetera and that's kind of the third principle. And finally what Gartner talks about is SASE has to be cloud-native, it has to be, sort of, born and bred in the cloud, a true multitenant, cloud-first architecture. You can't take, sort of, legacy security appliances and shove it in third-party infrastructure like AWS and GCP and deliver a cloud service and the example I use often is, just because you had a great blu-ray player or a DVD player in your home theater, you can't take 100,000 of these and shove it into AWS and become a Netflix. You really need to build that service from the ground up. You know, in a multitenant fashion and that's what we have done for security as a service through the cloud. >> So we are now, the market seems to be kind of converging on some of the principles that Zscaler's been talking about for quite some time. >> Right. >> When we think about 2020, how do you anticipate enterprises are going to respond as a consequence of this convergence in acknowledging that the value proposition and the need are starting to come together? >> Absolutely, I think we see the momentum picking up in the market, we have lots of conversations with CIO's who are going through this digital transformation journey, you know transformation is hard. There's immune response in big organizations >> Sure. >> To change. Not much has changed from a security and network architecture perspective in the last two decades. But we're seeing more and more of that. In fact, over 400 of global 2000 organizations are 100 percent deployed on Zscaler. And so that momentum is picking up and we see a lot of traction with other prospects who are beginning to see the light, as we say it. >> Well as you start to imagine the relationship between security and data, between security and data, one of the things that I find interesting is many respects to cloud, especially as it becomes more distributed, is becoming better acknowledged almost as a network of services. >> Right. >> As opposed to AWS as a data center here and that makes it a cloud data center. >> Right. >> It really is this network of services, which can happen from a lot of different places, big cloud service providers, your own enterprise, partners providing services to you. How does the relationship between Zscaler and kind of an openness >> Hm-mm. >> Going to come together? Hm-mm. >> So that you can provide services from a foreign enterprise to the enterprise's partners, customers, and others that the enterprise needs to work with. >> That's a great question, Peter and I think one of the most important things I tell our customers and prospects is that if you look at a cloud-delivered security architecture, it better embrace some of the SASE principles. One of the first things we did when we built the Zscaler platform was to distribute it across 150 data centers. And why did we do that? We did that because when a user is going to destinations, they need to be able to access any destination. The destination could be on Azure, could be on AWS, could be Salesforce, so by definition, it has to be carrier-neutral, it has to be cloud-neutral. I can't build a service that is designed for all internet traffic in a GCP or AWS, right. So how did we do that? We went and looked at one of the world's best co-location facilities that provide maximum connectivity options in any given region. So in North America, we might be in an Equinix facility and we might use tier one ISPs like GTT and Zayo that provide excellent connectivity to our customers and the destinations they want to visit. When you go to China, there's no GCP there, right so we work with China Unicom and China Telecom. When we are in India, we might work with an Airtel or a Sify, when we are in Australia, we might be working with Telstra. So we work with, you know, world class tier one ISPs in best data centers that provide maximum connectivity options. We invested heavily in internet exchange connectivity. Why? Because once you come to Zscaler, you've solved the physics problem by building the data center close to you, the next thing is, you want quickly go to your application. You don't want security to be in the way >> Right. >> Of application access. So with internet exchange connectivity, we are peered in a settlement-free way or BGP with Microsoft, with Akamai, with Apple, with Yahoo, right. So we can quickly get you to the content while delivering the full security stack, right? So we had to really take no shortcuts, back to your point of the world is very diverse and you cannot operate in a walled garden of one provider anymore and if you really build a cloud platform that is embracing some of the SASE principles we talked about, you have to do it the hard way. By building this one data center at a time. >> Well, you don't want your servicers to fall down because you didn't put the partnerships in place >and hardend them Correct. >> As much as you've hardened some of the other traffic. So as we think about kind of, where this goes, what do you envision Zscaler's, kind of big customer story is going to be in 2020 and beyond? Obviously, the service is going to be everywhere, change the way you think about security, but how, for example, is the relationship between the definition of the edge and the definition of the secure service going to co-evolve? Are people going to think about the edge differently as they start to think more in terms of a secure edge or where the data resides and the secure data, what do you think? >> Let's start off with five years and go back, right? >> We're going forward. >> Work our way back. Well, five years from now, hopefully everyone is on a 5G phone, you know, with blazing-fast internet connections, on devices that you love, your applications are everywhere, so now think of it from an IT perspective. You know, my span of control is becoming thinner and thinner, right? my users are on devices that I barely control. My network is the internet that I really don't control. My applications have moved to the cloud or either hosted in third-party infrastructure or run as a SaaS application, which I really don't control. Now, in this world, how do I provide security? How do I provide user experience? Imagine if you are the CIO and your job is to make all of this work, where will you start, right? So those are some of the big problems that we are helping our customers with. So this-- >> Let me as you a question 'cause here's where I was going with the question. I would start with, if I can't control all these things, I'm going to apply my notion of security >> Hm-mm. >> And say I am going to control that which is within >> Right. >> my security boundaries, not at a perimeter level, not at a device level, but at a service level. >> Absolutely and that's really the crux of the Zscaler platform service. We build this Zero Trust architecture. Our goal is to allow users to quickly come to Zscaler and Zscaler becomes the policy engine that is securely connecting them to all the cloud services that they want to go to. Now in addition, we also allow the same users to connect to internal applications that might have required a traditional VPN. Now think of it this way, Peter. When you connect to Google today, do you VPN to Google's network? To access Gmail? No. Why should you have to VPN to access an internal application? I mean, you get a link on your mobile phone, you click on it and it didn't work because it required a separate form of network access. So with Zscaler Internet Access and Zscaler Private Access, we are delivering a beautiful service that works across 150 data centers. Users connect to the service and the service becomes a policy engine that is securely connecting you to the destinations that you want. Now, in addition, you asked about what's going to happen in a couple of years. The same service can be extended for partners. I'm a business, I have hundreds of partners who want to connect to me. Why should I allow legacy VPN access or private circuits that expose me? I don't even know who's on the other end of the line, right? They come onto my network and you hear about the Target breaches because some HVAC contract that had unrestricted access, you hear about the Airbus breach because another contract that had access. So how do we build a true Zero Trust cloud platform that is securely allowing users, whether it's your employees, to connect to named applications that they should, or your partners that need access to certain applications, without putting them on the network. We're decoupling application access from network access. And there's one final important linchpin in this whole thing. Remember we talked about how powerless organizations >> Right. >> feel in this distributed model? Now imagine, your job is to also ensure that people are having a good user experience. How will you do that, right? What Zscaler is trying to do now is, we've been very successful in providing the secure and policy-based connectivity and our customers are asking us, hey, you're sitting in between all of this, you have visibility into what's happening on the user's device. Clearly you're sitting in the middle in the cloud and you see what's happening on the left-hand side, what's happening on the right-hand side. You know, you have the cloud effect, you can see there's a problem going on with Microsoft's network in the China region, right? Correlate all of that information and give me proactive intelligence around user experience and that's what we launched recently at Zenith Live. We call it Zscaler Digital Experience, >> Hmm. >> So overall the goal of the platform is to securely connect users and entities to named applications with Zero Trust principles. We never want security and user experience to be orthogonal requirements that has traditionally been the case. And we want to provide great user experience and visibility to our customers who've started adopting this platform. >> That's a great story. It's a great story. So, once again, I want to thank you very much for coming in and that's Amit Sinha, who is the president and CTO at Zscaler, focusing a lot on the R&D types of things that Zscaler's doing. Thanks again for being on theCUBE. >> It's my pleasure, Peter. Always enjoy talking to you. >> And thanks for joining us for another CUBE conversation. I'm Peter Burris, see you next time. (funk music) (funk music)

>> From Orlando, Florida, it's theCUBE. Covering SAP Sapphire Now 2018. Brought to you by NetApp. >> Welcome back to theCUBE, Lisa Martin with Keith Townsend. We are in Orlando in the NetApp booth at SAP Sapphire 2018. We are joined by a new person to theCube, Amit Sinha, the Founder and Chief Customer Officer at WorkSpan. Amit, welcome to theCUBE. >> Thank you for having me, excited to be here. >> So I'm really excited to understand more about WorkSpan, what you guys do. Tell us a little about that, what opportunity you saw in the market with respect to alliances that you went, "Ah why is it no one's doing that." You have this great idea. >> Yeah, absolutely, we had this ah-ha moment, in this day and age of connectedness around the world, there is not a single company that goes to market alone. Right, when the reality's that we all serve the same demanding end-customers. We got to align our marketing. We got to align our messages, We need to align our innovation. I mean just altogether in order to be more. Easier said then done, right. So that's we saw the opportunity, that what if there was a network of alliances that are connected with one another, and if they can truly define a joint innovation, a joint solution, take it to market, co-market it. When they co-market they can get twice the audience at half the cost, and then co-sell. That way they can improve their vendors, and we are truly seeing that, so that's the opportunity that we saw, to really make the life of the alliance manager, the alliance leader, simpler, and easier to do in this connected day and age. >> Well, essential because also on your website, 60 to 75 percent of announced alliances fail. That's enormous, so talk to us about some of the successes that you have had, talking with companies, as you say, that, you know, nobody goes to market alone these days, did they have those ah-ha moments as well when you came knocking on there and say, hey look what we're developing. >> Absolutely, so look at this large event here. Sapphire is one of the biggest enterprise events out here. Over 100 strategic alliances are here from SAP, and they will all make key announcements here about joint products, big golden markets, but can you imagine, three months down the line, 70 percent of them will be actually catching dust on the road. They won't even watch the people, the business cases will be the winner. And that's such a wasted opportunity. The amount of due diligence that goes into kind of creating an alliance, thinking about the business case, people putting together solutions. But then once they announce the keynote, that's where the decline really happens. There's no operational support behind, how do you take this to market. That's where WorkSpan comes in. People wanting to join sales plan, the joint marketing plan, the joint solution plan, to really operationalize that people coming together across the platform. In India we say that a marriage is between families, and that's very true. So really, an alliance is between companies, deep in the companies, not just the alliance manager working with another alliance manager. It's really marketeers, sales folks, alliance people. So, it's a family of two companies coming together. And that's where WorkSpan, why it's the foundation, the consistent process logic, and a data driven argument around it. So you can dig decisions on the base of data, to say, okay where is my alliance working, and where does it need help? You don't do post mortems after that, you can fix as you're going along. >> So let's talk about that process and data driven nature of alliances. Alliances are complex setups, just starting at the very beginning of saying, you know what, I'm, we're two companies, we overlap in areas of competition, but there's these outliers where we really can partner together to make that happy. You look on a show floor, you see brands that are obvious, you know, we're in the NetApp booth and we've talked SAP Hanna a lot, and right across the way is the Oracle booth, and they're talking heavily SAP on Oracle, so there's this opportunity to cooperate, and there's this area of competition. A lot of that is data driven, how do you capture that data and help create the process logic to help companies identify alliances and then execute upon, and manage those alliances going forward. >> Well I think that's an excellent question, so when you are living in a network in this interdependent work, you will partner in some areas and you will compete in some places. So for this network world, we need a new security model, so that only people who are allowed to see something are able to see that thing. We call this Attribute Base Access Control. Compare that to traditional applications which do role based access control, just because you're higher up in the organization, you get to see everything. But this new module of security, Attribute Based Access Control model, allows the right people to get into the right plans, so that they, and they alone, can see it. So you might be working for SAP on, let's say the Google relationship, or the Apple relationships, or the Oracle relationship, or the NetApp relationship, only those right people have those accesses. And the owners of those programs can control and secure that data. So what it allows a company to then do is, it's even more secure in this day and age. We can argue that in this day and age with GDPR and all those compliance efforts, that WorkSpan is far more secure, than sending spreadsheets out, which is the current mode of collaboration. So you can enforce a corporate policy around, what is your shared data, what's your private data. So in the same opportunity you can have private data for your own company, employees to see that as them as sort of partners. So that translucency, not transparency, but translucency is really really important when you do alliances, and that we understand is model of WorkSpan. >> So how do you help, like, for alliances marketing for example, and say there's a joint campaign, NetApp with one of their partners for example, and they wanted to do some lead generation activities, events, webinars, lunch and learns, digital campaigns, and they're gonna get leads that come in from that, and they might say, ah, okay, well I don't want to give you all of that. How do you help with some of that, I mean it kind of goes to the "coopertition" theme a little bit, but from a marketing standpoint, I'm just curious, how do you help either reduce or mitigate concerns that companies, alliance partners would have in that space, or do you come in and sort of help them from a strategic area to normalize some of these concerns? >> Yeah, so what we do is we partner with the company's marketing automation systems, so let's say NetApp is working with AP Cloud for customer. So at this event we announce the integration between WorkSpan and this AP Cloud for customer. Similarly other customers may have other marketing optimations, and you should see in a low quarter market, or a salesfirst.com, so we integrate with those systems. So what happens is marketeers can continue their contact database and their lead machine in those systems, and we get aggregate results in WorkSpan to really see which alliances are doing well. So we don't get into what marketing automation systems do, we partner and we integrate with them. So that, what happens in that, we are extending an investment the company already has made in their marketing automations tech, and we come across as a partner or alliance automations tech, so that really the alliances knew one another. And why is this important. This is important because if you're like an Intel or a NetApp, you may be working with a whole ecosystem of providers, and they themselves have their own marketing automation systems. So you imagine if you are at an intel or you're a NetApp or you're an SAP, you can get all this data back, because there's WorkSpan in the middle. So as a network, you may have just one percent of the data, but your overall network is far more intelligent than all the data you've been collecting. >> So again, whenever we get a topic like this, we have to invoke John Forrier's name and get some block chain conversation going on, from an ideal of, you know, basically there's just, you guys have become an authority of authentication, there's reputation, there's all these fundamental infrastructure things that you have to determine. And you think through, you scale this out beyond just, you know, alliances, and honestly technology is one area. There's all the attributes in manufacturing, in other companies, how does this align with, or a more aggressive question, how does this sort plant like, the ideas of smart contracts with the lies of block chain? >> Yeah, absolutely. So BlockShare is a really good implementation of what we really have done in WorkSpan. So, in WorkSpan, if you think about it, it's a network. There are transactions, they're like, flowing across different parties. And these transactions are trusted, right, across different parties. Let's say an Intel or a NetApp stays approved on our platform, the process extends to the partner and they get a contract, that simple. So in some ways, in living in a connected world, we need to have these kinds of smart contracts and trust in data source that is not just your own. We're living in a shared data world, right? So one of the key partners at Bolt, well NetApp works with this Bolt Intel as well as SAP, right. So, because SAP program funds the SAP marketing campaigns here, and they're both Intels, and they both come from trusted parties, NetApp is able to trust that data, trust that transaction that makes it too. So we provide that trans-foundation based on the qualities that.. >> Sorry, Amit, but that's kind of the trust foundation, as sort of aligns to what Bill Madridment said in his keynote this morning, about, you know, trust being this new currency. You guys have been attaining a lot of momentum in the Fortune 500 space. Tell us a little bit about how you're doing that, and then if there's a customer example that you, that's one of your favorites that you think really articulates your brand values, share that too. >> Absolutely, so we've been very fortunate that we've been trusted by a lot of Fortune 500 companies to come on the platform. Really want to orchestrate their platform and their ecosystem. And we are seeing this need that the head of alliances seen, they're going to be very strategic at the board, where they want to be data driven and numbers driven. They're no longer saying, I'm okay by saying that my alliance with such and such partner is going well. They want to be quantified, they wanna say it's going well by this much. So this is where the main value prop is, we have had companies on our platform that have generated 58 percent more leads, that have reduced their marketing cost by 50 percent. Intel and SAP specifically, this is their third year on our platform, and year on year they have collaborated more number of campaigns, deeper in the regions, where their marketeers are working with intel marketeers, for example. So they got a 24X internal marketing investment, [Lisa] Wow. where as they were expecting an eight to 10x marketing investment, so dramatically increased. For SAP, that meant 100 million dollars more than double at lower marketing cost, just because the two companies can unleash their shared potential with the shared customers across the world. Now this happened, this was not an overnight success, this is a three year success in the making, where there's deep partnership and collaboration at the regional level, at the marketeer level, and all rolling it up at the head of alliances. So Intel is one company, we have SAP of course as a marketing account. We not only work with hardware alliances like NetApp and Intel, but also their SI alliances are on WorkSpan, so large, as many as size you see here, those programs are coming at WorkSpan as well. People at Novel were invited on WorkSpan, HPE is on WorkSpan, so that's a great example as well of a Fortune 500 company. >> Wow, lot of momentum. You know, it's for companies like SAP, like WorkSpan, where you've got software and you've got something under the hood that a lot of people won't know what's happening, or further jobs don't have to know or care, it's always challenging for a brand to go, how do we show the value of our product and service is when it's not something we can touch, or see, or feel. And it's really through the validation, the best you can get, is through the voice of your customer. And the stats that you shared, you must be sort of salivating, with we can actually help you increase Legion by 58 percent, or increase revenue opportunities by 40 percent. I mean, you've got some really substantial data driven facts to show how you're transforming a business. That's got to be, that's gotta make doing business a little bit easier, that you know you've got such salitity. >> Actually when you think of the world, it's really diverse, right, but you can see patterns from this all. So when you work with a lot of partners and you're orchestrating them on your ecosystem, you're running different kinds of marketing campaigns or different sales opportunities. They have different traction depending on how you actually executed them, right. But when you step back and you say, hey, webinars don't really work well in Japan, late evening events work better in Japan. But in the US, one of the best course, it seems like webinars work better. Or such and such partner does a really good job of hiring clients in events, but this other partner I spent a lot of money with, it all seems to go in search or non advertising that I don't see a lot of benefit of, right. So you can make these data driven arguments by partner, by channel, by investment, by, you know by any metric that you want now. So now the head of alliance, this is exactly where the value profit for spenders. Now you can be totally data driven and say, this works, that doesn't work, so I should do more of this and spend less there. >> Fantastic, well Amit I wish we had more time to keep chatting, but thanks so much for stopping by and sharing not only who WorkSpan is and what you do, but some of the significant impact that you can deliver to your customers. >> Thank you so much for the opportunity, loved talking to you both. >> Likewise. We want to thank you for watching theCube, I am Lisa Martin with Keith Townsend, from SAP Sapphire 2018, thanks for watching. (electronic music)

>> From Orlando, Florida it's theCUBE, covering SAP Sapphire Now 2018. Brought to you by Netapp. >> Welcome back to theCUBE. Lisa Martin with Keith Townsend. We are in Orlando in the Netapp booth at SAP Sapphire 2018. We are joined by a new person to theCUBE, Amit Sinha, the Founder and Chief Customer Officer at WorkSpan. Amit, welcome to theCUBE. >> Thank you for having me, excited to be here. >> So I'm really excited to understand more about WorkSpan, what you guys do. Tell us a little bit about that and what opportunity you saw in the market with respect to alliances that you went, ah, why is it no one's doing that, and you have this great idea. >> Yeah, absolutely, we had this ah-ha moment. In this day and age of connectedness around the world, there is not a single company that goes to market alone. Right, when the reality's that we all serve the same demanding end customers. We've got to align our marketing, we've got to align our messages. We need to align our innovation, and we need to sell together in order to earn more. Easier said than done, right? So that's where we saw the opportunity. That what if there was a network of alliances that are connected with one another, and if they can truly define a joint innovation, a joint solution, take it to market, co-market it. When they co-market they can get twice the audience at half the cost, and then co-sell. That way they can improve their vend rates, and we are truly seeing that. So that's the opportunity we saw, to really make the life of the alliance manager, the alliance leader, simpler and easier to do in this connected day and age. >> Well, essential because also on your website, 60 to 75% of announced alliances fail. That's enormous. So talk to us about some of the successes that you have had talking with companies, as you say that nobody goes to market alone these days. Did they have those ah-ha moments as well when you came knocking on there and said, hey look what we're developing. >> Absolutely, so look at this large event here. Sapphire is one of the biggest enterprise events out here. Over a hundred strategic alliances are here from SAP and they will all make key announcements here about joint products, big golden markets, but can you imagine three months down the line, 70% of them will be actually catching dust on the ground. They won't be even worth the paper the business cases were building on, and that's such a wasted opportunity. The amount of due diligence that goes into creating an alliance, thinking about the business case, people putting together solutions. But then once they announce it in the key note, that's where the decline really happens. There's no operational support behind, how do you take this to market? That's where WorkSpan comes in. We provide the joint sales plan, the joint marketing plan, the joint solution plan, to really operationalize the people coming together across the partnership. In India we say that a marriage is between families and that's very true. Some brilliant alliances between companies, deep in the company, it's not just the alliance manager working with another alliance manager. It's really marketers, sales force, alliance people. So it's a family of two companies coming together. That's where WorkSpan provides the foundation, the consistent process logic, and a data driven argument around it. So you can take decisions on the base of data to say, okay where is my alliance working and where does it need help? You don't do postmortems after that. You can fix as you're going along. >> So let's talk about that process and, data driven nature of alliances. Alliances are complex setups just starting at the very beginning of saying, you know what, we're two companies. We overlap in areas of competition, but there's these outliers where we really can partner together to make that happen. You look on a show floor, you see brands that are obvious. You know, we're in the NetApp booth for, and we've talked SAP Hana an awful lot and right across the way is the Oracle booth and they're talking heavily SAP on Oracle. So there's this opportunity to cooperate, and there's this area of competition. A lot of that is data driven. >> Yep. >> How do you capture that data and help create the process logic to help companies identify alliances and then execute upon and manage those alliances going forward? >> By the way, that's an excellent question. So when you are living in a network in this interdependent world, you will partner somewhere and you will compete with some places. So for this network world, we need a new security mark. So that only people who are allowed to see something are able to see that thing. We call this Attribute-based Access Control. I compare that to traditional applications which do Role-based Access Control. Just because you're higher up in the organization you get to see everything. But this new model of security, Attribute-based Access Control Mark, allows the right people to get into the right plans, so that they and they alone can see it. So you might be working for SAP on let's say the Google relationship or the Apple relationship, or the Oracle relationship, or the Netapp relationship, only those right people have those accesses, and the owners of those programs can control and secure that data. So what it allows a company to then do is it's even more secure in this day and age. We can argue that in this day and age with GDPR and all those compliance efforts that WorkSpan is far more secure than sending spreadsheets out, which is the current mode of collaboration. So you can enforce a corporate policy around what is your shared data, what is your private data. So in the same opportunity, you can have private data for your own company employees to see that is never shown to partners. So that translucency, not transparency, that translucency is really, really important when you do alliances, and then we understand this model of WorkSpan. >> So how do you help like, for alliances marketing for example, and say there's a joint campaign, Netapp with one of their partners for example, and they wanna do some lead generation activities, events, webinars, lunch and learns, digital campaigns and they're gonna get leads that come in from that and they might say, okay, well, I don't wanna give you all of that. How do help with some of that? I mean, it kinda goes to the competition theme a little bit, from a marketing standpoint, I'm just curious how do you help either reduce or mitigate concerns that companies, alliance partners would have in that space, or do you come in and sort of help them from a strategic area to normalize some of these concerns? >> Yeah, so what we do is we partner with the companies marketing automation systems. So let's say Netapp is working with SAP cloud for Customer. So at this event we announce an integration between WorkSpan and SAP cloud for customer. Similarly other customers may have other marketing automations solutions. Let's say (mumbles) or a salesforce.com. So we integrate with those systems. What happens is marketers can continue their contact database and and delete machine in those systems and figure aggregate result on WorkSpan, to really see which alliances are doing well. So we don't get in to what marketing automation systems do we partner and we to get with them. So that way what happens is we are extending the investment that a company already has made in their marketing automation stack, and we come across as the partner or alliance automation stack. So that way alliances with one another. And why is this important? This is important because if you're like an Intel or a Netapp you may be working with a who ecosystem of povides, and they themselves have their own marketing automation systems. So imagine if you're an Intel or if you're a Netapp or you're an SAP, you can get all this data back because there's WorkSpan in the middle. So as a network you may have just 1% of the data but your overall network is far more intelligent with all the data hat you can collect. >> So again, whenever we get a topic like this, we have to involve John Furrior's name, and get some Blockchain conversation goin' on. (laughing) From a ideal, you know, basically there's just you guys become an authority of authentication, you, there's the reputation, there's all these fundamental infrastructure things that you have to determine. That you think through it, you scale this out beyond just you know, alliances and auto (mumbles) technology in one area. There's all the attributes and manufacturing and other companies. How does this align with, or a more aggressive question, how does this plant like the ideas of smart contracts, with the likes of Blockchain? >> Yeah, absolutely. So Blockchain is a really good implementation of what we really have done in WorkSpan. So in WorkSpan, if you think about it, it's a network. Their transactions are like flowing across different parties and these transactions are trusted, right? Across different parties when let's say an Intel or Netapp sees a proven now platform. The process extends to the partner that they get a contract that's approved. So in some ways, in a living in a connected world you need to have these kinds of smart contracts and trusting data source that is not just your own. We're living in a shared data world, right? So one of the key partners that put, that Netapp works with is both Intel as well as SAP, right. So because SAP program funds an SAP marketing campaigns right here, and so is Intel's and they both come from (mumbles) parties. Netapp is able to trust that data, trust that transaction, execute. So we provide that trust foundation based on technologies on data. >> Sorry Amit, that's kind of the trust foundation, it sort of aligns to what Bill McDermott said in his keynote this morning about you know, trust being this new currency. You gus have been attaining a lot of momentum in the Fortune 500 space. >> Yes. >> Tell us a little bit about how you're doing that and ten if there's a customer example that you, that's one of your favorites that you think really articulates your brand value, share that too. >> Absolutely. So we've been very fortunate that we've been trusted by a lot of Fortune 500 companies to come on the platform. Really want to orchestrate their platform and their ecosystem, and we are seeing this need that the head of alliances is seeing they ought to be very strategic at the board where they want to be data to run and numbers to them. They're no longer saying I'm okay by saying that my alliance with such and such partner is going well. They wanna be quantified, they want to say it's going well by this much. So this is where the mean value prop is, we have had companies on our platform that have genetic for 8% mornings that have reduced their marketing cost by 50%. Intel and SAP specifically, this is their 12 year on our platform, and year on year they have collaborated a more number of campaigns deeper in the regions where their marketers are working with Intel marketers for example. So they are a 24x auto marketing investment. >> Wow. >> Where as they were expecting an 8 to 10x in a total marketing investment. So dramatically increased. For SAP, that meant $100,000,000 more in revenue at your marketing cost. Just because the two companies can unleash their shared potential with shared customers across the world. Now this happened, this is not an overnight success, this is a three year success in the making. Where there's deep partnership and collaboration at the regional level, at the marketing (mumbles) level and all will and up at the head of alliance (mumbles). So Intel's one company, we have SAP of course is a marketing account, they've normally worked with hardware alliances like Netapp and Intel but also their assigned alliance out of WorkSpan so a large, as many a size that you see here, those programs are coming on WorkSpan as well. We have the norm one bite on WorkSpan as well. HPE is on WorkSpan so that's a great example as well for Fortune 500 companies working on platform. >> Wow, a lot of momentum. You know it's for companies lik SAP, like WorkSpan, where you've got software, you've got something under the hood that a lot of people won't know what's happening or for their jobs have, to know or care. It's always challenging for a brand to go how we show a value of our product services when it's not something that we can touch or see or feel. And it's really through the validation, the best you can get is through the voice of your customer. And the stats that you've shared, you must be sort of salivating with, we can actually help you increase legion of 58% or increase revenue opportunities by 40%. I mean, you've got some really substantial data driven >> Yep. >> facts to show how you're transforming a business. That's got to be, that's gonna make you know, doing business a little bit easier that you know >> Yeah. >> you've got such solidity. >> Actually, when you think of the word it's really diverse right. Where you can see patterns from this type. So when you work with a lot of partners and you're orchestrating them on your ecosystem, you're running different kinds of marketing campaigns or different sales, a portion of these. They have different traction depending on how you actually execute it then right? But when you step back and you say, hey webinars don't really work well in Japan. Late evening events work better in Japan but in the U.S. on the West Coast, it seems like webinars work better or such and such partner does a really good job of hiring clients when events. But that this other partner I spent a lot of money with it all seems to go in search or plan advertising that I don't see a lot of benefit of, right. So you can make these data driven arguments by partner, by channel, by investment, by you know, by any metric that you want now. So now the head of alliance, and we, this is exactly where divided platform will expand this, now you can be totally data driven and say this works, that doesn't work, so I should do more of this and spend less there. >> Fantastic. Well Amit, I wish we had more time to keep chatting but thank you so much for stopping by and sharing not only who WorkSpan is and what you do but some of the significant impact that yo can deliver to your customers. >> Thank you so much for the opportunity. Love talking to you about. >> Ah, likewise. We wanna thank you for watching theCUBE. I'm Lisa Martin with Keith Townsend from SAP Sapphire in 2018, thanks for watching. (upbeat music)

>> Welcome back to the Cuban Peterborough's chief research officer of Silicon Angle and general manager of Wicked Bond. We're as part of our continuing coverage of the arse a show. We have a great guest Z scaler amid sin. Ha! Welcome to the Cube. >> Thank you for having me here. It's a pleasure to be here. >> So, um, it what exactly does Z scaler? D'oh >> Z's killer is in the business of providing the entire security stack as a service for large enterprises. We sit in between enterprise users and the Internet and various destinations they want to goto, and we want to make sure that they have a fast, nimble Internet experience without compromising any security. >> So if I can interpret what that means, that means that as Maur companies are trying to serve their employees that Air Mobile or customers who aren't part of their corporate network they're moving more. That communication in the Cloud Z scale is making it possible for them to get the same quality of security on that communication in the cloud is he would get on premise. >> Absolutely. If you look at some of the big business transformations that are happening, work lords for enterprises are moving to the cloud. For example, enterprises are adopting Office 3 65 instead, off traditional exchange based email and on your desktop applications. They might be adopting sales force for CR M Net suite for finance box for storage. So as these workloads are moving to the cloud and employees are becoming more and more mobile, you know they might be at a coffee shop. They might be on an iPad. Um, and they might be anywhere in the world. That begs the basic security question. Where should that enterprise DMC the security stack be sitting back in the day? Enterprises had a hub and spokes model, right? They might have 50 branch offices across the world. A few mobile workers, all of them, came back over private networks to a central hub, and that hub was where racks and racks of security appliances were deployed. Maybe they started off with a firewall. Later on, they added a proxy. You are l filtering some d e l P er down the road. People realized that you need to inspect us to sell. So they added some SSL offload devices. Someone said, Hey, we need to do some sand boxing for behavioral analysis. People started adding sandboxes. And so, over time the D. M. Z got cluttered and complicated and fast forward to Today. Users have become mobile. Workloads have moved to the cloud. So if I'm sitting in a San Francisco office on my laptop trying to do my regular work, my email is in the cloud. My my court applications are sitting in the cloud. Why should I have to vpn back to my headquarters in Cincinnati over a private network, you know, incurring all the Leighton see and the delays just so that I can get inspected by some legacy appliances that are sitting in that DMC, right? So we looked at that network transformation on We started this journey at Ze scale or eight years ago, and we said, Look, if users are going to be mobile and workloads are going to be in the cloud, the entire security stack should be as close as possible to where the users are. In that example, I described, I'm sitting here. I'm going to Salesforce. We're probably going to the same data center in San Francisco. Shouldn't my entire security stag be available right where I am, um, and my administrators should have full visibility, full control from a single pane of glass. I get a fast, nimble user experience. The enterprise doesn't have to compromise in any security, and that's sort of the vision that we have executing towards. >> But it's not just for some of the newer applications or some of the newer were close. We're also seeing businesses acknowledge that the least secure member of their community has an impact on overall security. So the whole concept of even the legacy has to become increasingly a part of this broad story. So if anybody accesses anything from anywhere through the cloud that those other workloads increasing, they're gonna have to come under the scrutiny of a cloud based security option. >> Absolutely. I mean, that's a brilliant point, Peter. >> I >> think of >> it this way. Despite all those security appliances that have been deployed over time, they're still security breach is happening. And why is that? That is because users are the weakest link, right? If I'm a mobile work user, I'm sitting in a branch office. It's just painful for me to go back to those headquarter facilities just for additional scanning so two things happen either I have a painful user experience. What? I bypassed security, right? Um, and more and more of the attacks that we see leverage the user as the weakest link. I send you a phishing email. It looks like it came from HR. It has a excel sheet attached to it to update some information. But, you know, inside is lurking a macro, right? You open it. It is from a squatter domain that looks very similar to the company you work for. You click on it and your machine is infected. And then that leads to further malware being downloaded, data being expatriated out. So the Z scaler solution is very, very simple. Conceptually, we want to sit between users and the destinations they goto all across the world. And we built this network of 100 data centers. Why? Because you cannot travel faster than the speed of light. So if you're in San Francisco, you better go through our San Francisco facility. All your policies will show up here. All the latest and greatest security protections will be available. We serve 5000 large enterprises. So if we discover a new security threat because of an employee from, let's say, a General Electric. Then someone from United Airlines automatically gets protection simply because the cloud is live all the time. You're not waiting for your security boxes to get, you know, the weekly patch updates for new malware indicators and so on. Right, So, um, you get your stack right where you are. It's always up to date. User experience is not compromised. Your security administrators get a global view off things. And one >> of the >> things that that I that we haven't talked about here it is the dramatic cost savings that this sort of network transformation brings for enterprises. To put that in perspective, let's say you're a Fortune 100 organization with 100,000 employees worldwide in that, huh? Been spoke model. You are forcing all those workloads to come toe a few choke points, right? That is coming over. Very expensive. NPLs circuits private circuits from service providers. You're double trombone in traffic, back and forth. You know, you and I are in a branch. We might be on. Ah, Skype session. Ah, Google Hangout session. All our traffic goes to H Q. Goes to the cloud comeback comes back to h. Q comes back to you, there's this is too much back and forth, and you're paying for those expensive circuits and getting a poor user experience. Wouldn't it be great if you and I could go straight to the Internet? And that can only be enabled if we can provide that pervasive security stack wherever you are? And for that, we built this network of 100 data centers worldwide. Always live, always up to date you. You get routed to the closest the scaler facility. All your policy show up. They're automatically and you get the latest and greatest protection. >> So it seems as though you end up with three basic benefits. One is you get the cost benefit of being able to, uh, have being able to leverage a broader network of talent, skills and resources You reduce. Your risk is not the least of which is that the cost and the challenges configuring a whole bunch of appliances has not gotten any easier over the last. No, it hasn't cheaters. And so not only do you have user error, but you also Administrator Erin, absolutely benign, but nonetheless it's there, and then finally and this is what I want to talk about. Increasingly, the clot is acknowledged as the way that companies are going to improve their portfolio through digital assets. Absolutely. Which means new opportunities, new competition, new ways of improving customer experience. But security has become the function of no within a lot of organizations. Absolutely. So How does how does AE scaler facilitate the introduction of new business capabilities that can attack these opportunities in a much more timely way by reducing doesn't reduce some of those some of those traditional security constraints. >> Absolutely right, and we call it the Department of No right. We've talked to most people in the industry. They view their I t folks there, security forces, the department of Know Why? Because there's this big push from users to adopt newer, nimble, faster cloud based ah solutions that that improved productivity. But often I t comes in the way. No, If you look at what Izzy's killer is doing, it's trying to transform the adoption of these Cloud service. Is that do improve business productivity? In fact, there is no debate now because there are many, many industries that ever doubt adopted a cloud first strategy. Well, that means is, as they think of the network and their security, they want to make sure that cloud is front and center. Words E scaler does is it enables that cloud for a strategy without any security compromise. I'll give you some specific examples. Eight out of 10 c I ose that we talk to our thinking about office 3 65 or they have already deployed it right. One of the first challenge is that happens when you try to adopt office. 3 65 is that your legacy network and security infrastructure starts to come crumble. Very simple things happen. You have your laptop. Suddenly, that laptop has many, many persistent SSL connections to the clothes. Because exchange is moved to the cloudy directory, service is are moving to the cloud. If you have a small branch office with 2000 users, each of them having 30 40 persistent connections to the cloud will your edge firewall chokes. Why? Because it cannot maintain so many active ports at the same time, we talked about the double trombone ing of traffic back and forth. If you try to not go direct to the Internet but force everyone to go through a couple of hubs. So you pay for all the excessive band with your traditional network infrastructure, and your security infrastructure might need a forklift upgrades. So a cloud transformation project quickly becomes a network in a security transformation project. And this is where you nosy scaler helps tremendously because we were born and bred in the cloud. Many of these traditional limitations that you have with appliance based security or networking, you know, in the traditional sense don't exist for the scaler, right? We can enable your branch officers to go directly to the cloud. In fact, we've started doing some very clever things. For example, we peer with Microsoft in about 20 sites worldwide. So what that means is, when you come to the scaler for security, there's a very high likelihood that Microsoft has a presence in the same data center. We might be one or two or three millisecond hops away because we're in the same equinox facility in New York or San Jose. And so not only are you getting your full security stack where you are, you're getting the superfast peered connections to the end Cloud service is that you want to goto. You don't have to work. Worry about you know your edge Firewalls not keeping up. You don't have to worry about a massive 30 40% increase in back hole costs because you were now shipping all this extra traffic to those couple of hubs. And more importantly, you know, you've adopted these transformative technologies on your users don't have to complain about how slow they are because you know, most of the millennials hitting the workforce. I used to a very fast, nimble experience on their mobile phones with consumer APS. And then they come into the enterprise and they quickly realize that, well, this is all cumbersome and old and legacy stuff >> in me s. So let's talk a little bit about Let's talk a bit about this notion of security being everywhere and increasingly is removed to a digital business or digital orientation. With digital assets being the basis for the value proposition, which is certainly happening on a broad scale right now, it means it's security going back to the idea of security being department. No security has to move from an orientation of limiting access to appropriately sharing. Security becomes the basis for defining the digital brand. So talk to us a little bit about how the how you look out, how you see the world, that you think security's gonna be playing in ultimately defining this notion of digital brand digital perimeters from a not a iittie standpoint. But from a business value standpoint, >> absolutely. I would love to talk about that. So Izzy's killer Our cloud today sees about 30,000,000,000 transactions a day from about 5000 enterprises. So we have a very, very good pulse on what is happening in large enterprises, from from a cloud at perspective or just what users are doing on the Internet. So here are some of the things that we see. Number one. We see that about 50 60% of the threats are coming inside SSL, so it's very important to inspect SSL. The second thing that we observe is without visibility. It is very different, very difficult for your security guys to come up with a Chris policy, right? If you cannot see what is happening inside an SSL connection, how are you going to have a date? A leakage policy, right? Maybe your policy is no P I information should leak out. No source code should leak out. How can you make sure that an engineer is not dropping something in this folder, which is sinking to Google Drive or drop box in an in an SSL tano, Right. How do you prioritize mission Critical business applications like office 3 65 over streaming media, Right. So for step two, crafting good policy is 100% real time visibility. And that's what happens when you adopt the Siskel a network. You can see what any user is doing anywhere in the world within seconds. And once you have that kind of visibility, you can start formulating policies, both security and otherwise that strike a good balance between business productivity that you want to achieve without compromising security. >> That's the policy's been 10 more net. You can also end that decisions. >> Yes, right. So, for example, you can you can have a more relaxed social media policy, right? You can say Well, you know, everyone is allowed access, but they can. Maybe streaming media is restricted to one hour a day. You know, after hours, or you can say, I want to adopt um, storage applications in the clothes here are some sanctioned APS These other raps were not going to allow right. You can do policies by users, by locations by departments, right? And once you have the visibility, you can. You can be very, very precise and say, Well, boxes, my sanction story, Jap other APS are not allowed right and hear other things that a particular group of users can do on box. Or they cannot do because we were seeing every transaction between the user on going to the destination and as a result, begin, you know, we can enable the enterprise administrator to come up with very, very specific policies that are tailored for that. >> You said something really interesting. I'm gonna ask you one more question, but I'm gonna make a common here. And that common is that the power of digital technology is that it can be configured and copied and changed, and it's very mutable. It's very plastic, but at the end of the day it has to be precise, and I've never heard anybody talk about the idea of precise and security, and I think it's a very, very powerful concept. But what are what's What's the scale are talking about in our say this year. >> Well, we're going to talk about a bunch of very interesting things. First, we'll talk about the scale of private access. This is a new offering on the scale of platform. We believe that VP ends have become irrelevant because of all the discussions we just had, um, Enterprises are treating their Internet as though it was the Internet, right? You know, sort of a zero trust model. They're moving the crown jewel applications to either private cloud offerings are, you know, sort of restricting that in a very micro segmented way. And the question is, how do you access those applications? Right? And the sea skill immortal is very straightforward. You have a pervasive cloud users authenticate to the cloud and based on policies, we can allow them to go to the Internet to sites that have been sanctioned and allowed. We make sure nothing good is leaking out. Nothing bad is coming in, and that same cloud model can be leveraged for private access to crown jewel applications that traditionally would have required a full blown vpn right. And the difference between a VPN and the skill of private access is VP ends basically give you full network access keys to the kingdom, right? Whether it's a contractor with, it's an employee just so that you could access, you know, Internet application. You allow full network access, and we're just gonna getting rid of that whole notion. That's one thing we're gonna stroke ISS lots of cloud white analytics, As I mentioned, you know, we process 30,000,000,000 transactions a day. To put that in perspective, Salesforce reports about four and 1 30,000,000,000 4 1/2 to 5,000,000,000 transactions. They're about three and 1/2 1,000,000,000 Google searches done daily, right? So it is truly a tin Internet scale. We're blocking over 100,000,000 threats every day for, ah, for all our enterprise user. So we have a very good pulse on you know what's what's an average enterprise user doing? And you're going to see some interesting cloud? Wait, Analytics. Just where we talk about a one of the top prevalent Claude APs, what are the top threats? You know, by vertical buy by geography, ese? And then, you know, we as a platform has emerged. We started off as a as a sort of a proxy in the cloud, and we've added sand boxing capabilities. Firewall capabilities, you know, in our overall vision, as I said, is to be that entire security stack that sits in your inbound and outbound gateway in that DMC as a pure service. So everything from firewall at layer three to a proxy at Layer seven, everything from inline navy scanning right to full sand. Boxing everything from DLP to cloud application control. Right? And all of that is possible because, you know, we have this very scalable architecture that allows you to to do sort of single scan multiple action right in that appliance model that I describe. What ends up happening is that you have many bumps in the wire. One of the examples we use is if you wanted to build a utility company, you don't start off with small portable generators and stack them in a warehouse, right? That's inefficient. It requires individual maintenance. It doesn't scale properly. Imagine if you build a turbine and ah, and then started your utility company. You can scale better. You can do things that traditional appliance vendors cannot think about. So we build this scalable, elastic security platform, and on that platform it's very easy for us to add. You know, here's a firewall. Here's a sandbox. And what does it mean for end users? You know, you don't need to deploy new boxes. You just go and say, I want to add sand boxing capabilities or I want to add private access or I want to add DLP. And it is as simple as enabling askew, which is what a cloud service offering should be. >> Right. So we're >> hardly know software. >> So we're talking about we're talking about lower cost, less likelihood of human error, which improves the quality, security, greater plasticity and ultimately, better experience, especially for your non employees. Absolutely. All right, so we are closing up this particular moment I want Thank you very much for coming down to our Pallotta studio is part of our coverage on Peter Boris. And we've been talking to the scanner amidst, huh? Thank you very much. And back to Dio Cube.