>>From the cube studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is a cute conversation. >>Everyone. Welcome to the cube conversation here from our Palo Alto studios. I'm John furrier, host of the cube. We're here with our remote crew, getting all the interviews, getting all the stories that matter during this time were all sheltering in place during the COVID crisis. We've got a great returning guest, John Madison, EVP of products and chief marketing officer. Fordanet John. Great to see you, uh, looking good with the home studio. They're getting used to it. Yeah, indeed. Good to be here again, John. Thanks for coming. I really appreciate it. We're hearing a lot about sassy, which has a secure access network adjuncts, zero trust network access. Uh, what does that all mean now these days? What does this sassy? Well, there's definitely a lot of hype around the word sassy, which is the security of the age. Uh, for us actually it confirms a strategy that we've had since the beginning of the company. >>And two important concepts. One is, uh, the coming together of, uh, networking and security. We could refer to it as security driven networking, and we've been doing it using ACX and appliances for a long time. Uh, we're now going to expand it to a cloud as well as that's one concept, again, bringing together networking and security or converging them in a way. And then the second concept is more around a platform approach. So if you look at the definition of sassy, it includes, it includes web gateway as a service you a trust Caz B, a wife, et cetera. And so bringing those together in a platform approach, we refer to it as the fabric. So we're actually really happy about those two concepts coming together. Maybe the name itself could be, could be different, but definitely the concepts and the technologies play really well to our strategy. >>Yeah, it's sassy. S a S E not two ways, not like SAS softwares of service. Wait for one noses cloud. Yeah. I tried using the full name and I've reverted back to sassy again. So short and sassy, keep it short and sweet. Um, okay, well this is a super important relevant topic for multiple reasons. One is COVID is kind of accelerated the future for everybody. And you know, we've been kind of riffing on Twitter and throughout the industry I've been calling it the big IOT, uh, experiment because the unforecasted disruption of COVID is forced everyone to work at home. So the notion of work changes workplace is now home workforce, the people, how their interaction with the networks, workloads, workflows, all changing new expectations, new experiences. This is the real deal. And the edge is where the action is. That's the big, new obvious architectural highlight here. >>Yeah, so we talked last time. I think it would just be getting this work from home, uh, element, but, um, we're still here. And I think what it says is that what is forced is that, uh, enterprises and customers need to look at their edges and they're increasing. So we always, the one edge was a new one over the last two years. As we introduced us the, when they had a data center edge, they had an endpoint edge and now you have a home edge. And so you've got to apply security as a cloud edge as well. You've got to apply security to these edges. And the key is the flexibility to apply the security you want and you need against this agent. And so we're seeing some customers right now, look at setting up mini enterprise networks to protect that home age again, in that, in the homes of their executives or developers. >>And we reported with the news. You guys had a couple of months ago around just as such been a feeding frenzy for hackers and bad actors to go after the home environment. Um, as well as the it guys who are working from home, you have the cloud consumption's shifted as well. You're seeing the cloud players doing extremely well because now you have more cloud, you have more vulnerabilities at the edge with the home. This is changing completely increasing the attacks. >>Yeah. The tack factors, you know, predominantly, still actually, you know, a lot of fishing, but then if you're on the network, that attack factor is very important. So for us, and, you know, we did an acquisition last week of opaque networks because that gave us an additional consumption model and different additional form factor. So if somebody going from the home straight into the cloud, or the pairing off a branching off an SD Wang connection straight into the cloud, we can now apply that cloud edge security throughout our sassy capabilities. And so again, the ability to have security at all, these edges has become very important going forward. So for us now we've got appliances, we've got virtual machines, we've got cloud delivery, and this is becoming very important to customers. I'm not saying, and customers are not saying they're going to go to just cloud only going forward. They're going to be hybrid. And so having those options is very important. >>You mentioned opaque networks, we reported that acquisition. Congratulations. What does that mean for Fordanet and where does that technology fit? And you mentioned software. Can you just take a minute to explain the acquisition impact Affordanet and where does the tech fit? >>Well, as I said, we've been driving a lot of this conversion, sassy conversions through our appliances. Um, but it's sometimes makes sense to put that security closer to the cloud during points or wherever. And so opaque, we really liked their model of building out these hyper hearing stations and making sure they got high-speed security there as well as edges. And so, um, we bring, we're going to bring that inside our environment, uh, update it to include some of our technology, uh, but it gives us now great flexibility, uh, of applying that security at the SD wan edge, the data center agent now without edge or longer-term roadmaps will integrate orchestration capabilities. It also includes a zero trust network access capability as well. So really when we looked at our, uh, of sassy framework, uh, we had most of the things in place. This now adds firewall as a service as well as zero trust network access, giving us the most complete sassy framework in the marketplace. >>What is the security component of the work at home? You mentioned earlier, there's more networks and companies are looking to kind of up level the capabilities. Can you give an example and take us through what that like and what companies are thinking about, because it's not just, here's some extra money for your home bandwidth, your people are working there. It's like, it's gotta be industrial strength edge. Now it's not just, um, you know, temporary and their kids are home too. So you got they're gaming, they're watching Netflix, people zooming in and doing WebExes all day long. >>Yeah, it can be as simple as putting a zero trust network access, you know, an agent on there and doing some security locally, and then going back through a proxy in a, we believe actually that it's, it can be even better than that. That can apply many enterprise security in your house through a next gen firewall, give high availability through SD wan, uh, then, you know, expand out their secure access and switching and end points. And we can do that today. I think what's going to be key going forward is as you're dealing as it, uh, teams have to deal with more of a consumer approach remotely in the homes, we're gonna have to simplify the way things get set up, such that you can easily separate out, maybe home usage from corporate enterprise users. So that will be something we'll be working on over the next 18 months. >>I mean, just the provisioning, the hardware, okay, here you go. Plug it in it. Should it be plug and play? And this is kind of back to the future of where SAS is going. I mean, the old days was plug and play was the technology. Now you've hit that concept. It has to be auto configured. You have to provision pretty quickly. What's the future of sassy in your mind. >>Yeah. And so, you know, if you think about, you know, coming back to the home usage, then people have dumbed down those routers and the security is very simplistic. So we, people can just plug and play. If you, it needs to be a bit more sophisticated. Uh, you're going to need to put some tools in place. We believe longterm that the sassy model, once you've got the platforms in place, once you've got SD wan in place, your Cosby or your sassy zero trust and longterm, you're going to need an orchestration system. That's more AI driven. So we've done a lot of work on AI around security and making sure we can see things very quickly. Um, but the longterm goal, I think will be around AI ops, AI network ops, uh, where the system and the big data systems are looking across your network, across these different components to see where there may be an issue. Maybe there's a certain length has gone down across a certain ISP. We need to bring that back up. Maybe there's a certain cure or as to an application in the cloud somewhere. So we need to change the OnRamp. Uh, so once everything's in place and you have that console and policy engine that can look across everything, and then we need to get smarter by looking at the data and the logs, et cetera, and applying some of that AI technology. >>You know, John, we've been following Fordanet as you know, for many, many years and watching the evolution of you guys as a company. And also as the industry, the new waves are coming in. Um, a lot of the stuff you're doing with the fabric and now the secure driven networking has been kind of on the playbook. So I want to get your thoughts before we get into those topics and define them and kind of unpack them. But generally customers are looking at, um, a slew of vendors out there and you have 10 of two approaches. You have a platform, and then you have the we're an application or fully full stack or SAS or something. And this there's trade offs between the two. And how should customers understand the difference? Because there's different value propositions for each platforms, more enabling out of the box, SAS or point solution can solve a particular thing, but it may not have that breadth. How should customers think about a platform approach or fabric and how should they think about the value and how to engage with that longterm? >>Yeah, I'm definitely seeing more customers look towards a platform going forward. They just can't manage all the different point solutions and you don't have to train an individual in that product. You have to have a separate management console, you have to integrate it. And so more and more I'm finding customers wanting to converge, which is the basis of sassy consolidate applications onto a platform of security applications. What's important over that platform is that the consumption model is flexible enough to be an appliance, to be a virtual machine and to be cloud delivery does as a customer's networks move and their orchestration systems move into different, more cloud, or they've got their IP enabling their factories, for example, then they need that security to be flexible. So yes, you need to be a platform as the way forward. Um, but two things. One is you need a flexible consumption model for it. You know, clients, virtual machine and cloud. And also that platform needs to be very open. It needs to have connectors into the main orchestration systems that needs to allow people to build API and automation. So, uh, yes, you, you need a platform, but it needs to be open and it needs to be flexible. >>Great, great insight there. And that's exactly what the marketing, especially with cloud the kind of scale, second follow up question to that is how do you tell the difference between a tool camouflage is a platform. So I have a tool I want to sell you a tool, but no, it's a platform. So a lot of people are peddling tools and saying their platforms. How do you know the difference? >>Well, to me, a platform that has much greater scope across the attack surface festival, they attack factors whether that be email or application the network, the end point. So platforms not just of a specific attack back to go across the complete surface. And then also a platform is Wednesday organically built, allows those products to communicate. So then you can build automation across it. It's very hard to build automation across two or three different vendors. They have different scripts. So been able to build that automation. And then of course, on top of that, to have a single view, single visibility capability, as well as longterm applied that AI ops across it. So platform is very, very different from the, some of the tools I've seen in the marketplace. >>I want to get to your reaction to a comment that your CEO said about security driven, networking, and underscores what we've been saying for years, blah, blah, blah. He goes on in this era of hyperconnectivity and expanding networks with the network edge stretching across the entire digital infrastructure, um, networking and security have to be kind of be their, their convergence. You mentioned describe how you view hyper-connectivity and expanding networks and how the edge stretches across the digital infrastructure. What's what does that look like? Can you share your vision of that? >>Well, when you think about networking, if you go back 20 years, when you have these 10 megabit per second connections, learning, networking, and routing and switching, they haven't really changed that much over the last eight years, 20 years, they've just got a lot faster, gone to now to 400. You give us a second, but the basic functionality is the same. And so it's allowed them to go a lot faster. Um, security is very different, even though it started off with firewalling than VPN, and then next gen firewall, SSL inspection, all these functionalities IPS have been added, making a lot harder for it to keep up in the network. And so one of the fundamental principles of security and networking is bringing these two things together, but accelerating them either using a six and now cloud through our acquisition, uh, to allow those to run in a converged format. >>And that's very important because as I said, there's now more, you can look at it two ways. You can say the perimeter has expanded because it used to be a very narrow perimeter. The data center across these areas, or at the edges have formed as well. There's new edges sitting at the OT environment, sitting at the wan edge, sitting at the home mattress. I talked about seeing the cloud edge. And so the ability to apply that security in very high performance, very high quality security, not just a small sampling of security, a full enterprise stack, but those edges is going to be critical going forward. And the flexibility to apply in different ways is going to be very important. >>I think the convergence piece is totally relevant and honestly it consolidating into a platform is very key point there. Um, while I got you here, I would just like you I'd like you to define what is security driven networking and what does it mean to be security driven? So define security, driven, networking, and give an example of what it means. >>Yeah. And so I think it's, I think the one edge was one of the best examples of it. I mean, actually go before that next gen Fila was where you bought firewalling and then content inspection to go there. But I think the latest one is definitely the one edge or secure SD land where you had a networking function, which was to get the users to the right applications. And so they got this application now steering that goes out through there. Well, you also want to apply security to that because security into the wham, you've also got to protect the land. And so the ability to run a security stack there, whether it be IDs, right, patient control is very important. So getting all those networking functions, working at high speed, getting all the security functions, working at high speed, uh, is that it's the kind of the Genesis of security driven networking, and you can apply it there. We can also apply it in other places at the age, in the cloud. Now the home, uh, it's a very, very important concept, uh, to be able to run networking and security together. But high speed, >>Everyone has their own kind of weird definition of sassy, depending on when you're building your own or different analyst firms. Uh, I noticed you guys have a different take on this. Even Gartner has a different view on this. How do you guys diff differ from that, that definition and what should people be aware of when they hear that? What is the right definition? >>Yeah. You know, it's unfortunate. I mean, I think Ghana does some good work there and that they define it and I've come up with sassy, but this is like acronym soup. And, you know, I want a bit of next gen firewall on my sassy. It's just, it's just so many different terms. It confuses the customer. Then what makes it more confusing is that vendors look at their portfolio and go, Oh, sassy is a hot topic. I've got a sassy as well. And really, it should be very clear what the definition from Gardner is. It is bringing together security and networking. Now their definition is that they, uh, you should do that in the cloud, which we agree with as well, but it can only be in the cloud. The reason it's in the cloud is because not many people have got the ability to run on an appliance very fast. >>So we believe our different stairs that you should be able to run it on an appliance virtual machine in cloud. And then the second kind of differences that they've defined the components of Sassies being Estee, wagon, Cosby, firewalls, a service zero trust. We also think that the land age is very important. So we would add into that definition, that secure access of wifi and Ethan at switching as well. And so we try and point out, you know, the gun definition and we also point out where we differ and I think that's fair to the customer can make a good decision. >>I think it is fair. And I think one of the things I've been saying for years, and I love garden, I love the guys over there and gals. I just don't think that their business model is real time as much, but they ended up kind of getting it right down the road. But you brought up a good point. And again, I've been saying this for years, cloud changes Gartner's model because there's, if you have quadrants, it implies silos and implies categories. And one of the best things about cloud is it does horizontally scale. So some of the best vendors actually have multiple capabilities that might fall on different quadrants that may or may not be judged on a criteria that meets what cloud's doing. So, yeah, for instance, Asics, you mentioned right. That's in there too. You get cloud and ACX is that where they've got two different categories? You add the edge in there. If you do all three, really great as an integrated, converged and consolidated platform, you're technically awesome, but you might not fit in the quadrant. >>Yes. That's a really good point. I have this conversation with them all the time in that traditionally enterprises have a networking teams and security teams, and they've been in silos or I've had a networking team that just does switching or just this routing, just this SD wan. And I have a security team that does web gateway, and then they like to separate them all into different components. When you look inside those Nike quadrants, they're all different, even at the same vendor, the different products. And what we like to do is bring it all together. You a single operating system, a single appliance or cloud virtual machine. Sometimes it's not quite, it doesn't quite fit the model, but in the end, you're trying to do the same thing. Know, and COVID-19 >>One of the real realities that everyone's dealing with is it does expose everything and an expose. And again, it's been a disruption unforecasted, but it's not like an outage or a flood or a hurricane. If it happened and it's happening, it really puts the pressure on looking at the network. It's looking at how you can have continuous operations. How are you working with your people and workloads, workforces apps. You got to have it all there. And if you're not digitally enabled, you're going to be on the wrong side of history. This is what companies are facing every day. And they've got to come back and double down on the right project. So every CXO I talk about, that's the number one challenge I need to come out of the pandemic with a growth strategy and an architecture. That's going to allow me to take advantage of the new realities. Hey, it's really good for people to work at home. That's cool. Some people are going to continue to do that. Maybe that's normal. Maybe that's a new tactic >>And it's going to vary by industry as well. So if I'm a retail outlet, I absolutely need it 100% of the time, but those retail outlets cause people are ordering online and then they're driving up. And so it has changed the dynamics. It's for me working at home, I have to be on all the time. And so the ability to do really good, high quality networking, high availability, high IQ of as, with this integrated security across the different edges is super critical. >>I was talking with a network friend of mine. Again, we were having a few zoom cocktails and do a little social networking online. And we were like, and we've, and we've mentioned it before in the queue, but we keep coming back to the land is the new land. And meaning that it's in the old days, land was everything, everything, the local area network, and you were inside the data center, everything was great on premises. When is the new land? So if you think about it that way you go, okay, when edge I got a, now Atlanta at home, you got to SD wan and your house, of course you worked for Fournette. So it's a little bit beneficial for you, your, your, your, your geek there, but this is the new normal where it's all one network. It's not just a land link, it's a system. Can you react to that? What's your take on that? When is the new land kind of ref, >>First of all, it can't be too picky. He goes on the CMO as well. So there's no talk about the geekiness. Um, but, um, it's just, it just makes as a skip saying, it's, it's, it's making sure that wherever you may be, uh, you know, you're doing less traveling these days, but that may come back at some point or where they are at a branch office or a campus environment or wherever applications, and then moving around in different clouds, in different areas, in terms of consumption of workloads, um, wherever that's happening, you gotta be able to be flexible and applying that security to the different edges, land edge, one edge home edge data center edge. And so the ability to do that, uh, while providing high speed and connectivity, uh, is very important. And then again, as you go forward and you implement that platform approach. So not just the point product now, three or four products working together, uh, being able to apply that policy orchestration and AI ops is going to make sure that they get that user in the end. It's all about the user experience. Do I have a high quality of experience, whatever application I'm using? That's the key measurement in the end? >>You know, one observation I would have, if you look back at the whole virtualization trend, going back to the early days of VMware, that kind of enabled Amazon and kind of having a large scale kind of infrastructure, hyperconvergence really kind of collapsed everything together. And now you seeing things with Amazon, like outposts, you seeing, you know, these non premises devices, which is basically one cloud operations kind of highlights what you're saying here. And I want to get your thoughts on this because the combination of Asics with cloud, it's not a bug, it's a feature for you guys. That's a value proposition and it's kind of consistent with some of the big players like AWS. When you look at what they're doing and apprenticeships, for instance, what they're putting in the servers, having that combination of horsepower Asex with cloud is a guiding principle of the future architecture. Can you share your thoughts was also, you guys are, are announcing that and have that feature. >>Yeah, well, w another reason why I like the opaque acquisition as they were their major appearing pubs into the different cloud service providers that were using hardware and that hardware, uh, we, we can run hardware and with our Asics almost 50, a hundred times faster than equipment CPU. So I've got a firewall application I've gone on appliance. There, I may need a hundred virtual machines and, and CPU they're running the same thing. So again, we're coming back to our definition of security driven, networking in our minds. It can be basic, it can be virtual machine and it can be cloud. Now, imagine if we can take the best benefits of basic and combine that with cloud, uh, that's a great model going forward again, given that flexibility. So when people think cloud something has to run on something, it doesn't run in fresh air. So, you know, the big cloud vendors are putting in some Asex to accelerate some of the AI stuff, and we're going to use the same thing in some of our major, what we call 40 sassy. You know, our naming methodology is 40, whatever it does or going forward to provide us that performance and high availability now. Yeah. So you're always going to need some flexibility of virtual machines in certain areas, but we think the combination of both, it gives us a great advantage. Yeah. >>And there's definitely evidence that, I mean, there's a, there's kind of two schools of thought on hardware. Are you a box mover, you know, commodity general purpose, or are you using the hardware and a system architecture, acceleration has been a huge advantage, whether I've seen companies doing accelerated Kubernetes processing, you know, for clusters and some, you know, see GPS are out there. It's, it's, it's how you use the hardware. Yeah. That's the, really the key it's and again, back to the architecture. So, okay. So wrapping up, if you, if you believe that, and you look at the fabric that you guys are having out there, and as it evolves, what's the, what's the next level for 400. How do you see this going forward? You've got security driven networking, and you got the fabric. What's next? What are you guys working on the product side? >>I know you're public, you can't reveal any future earnings, but give us a taste of kind of the direction on the roadmap. I think, you know, we've got now all the, all the kind of component that underlying components of the platform in terms of the ability to apply appliances, deliver it by appliances or virtual machine or cloud. Um, we've got a very broad portfolio from endpoint, uh, all the way into, to the cloud and the networks, all those things that are in place. Obviously you always need some features here and there as you go forward and nest it when and next gen firewall, et cetera. Um, but I think the longterm, I think a goal for his nine is to, again, to apply a bit more intelligence, uh, both from a security perspective and from a network perspective, such that we can predict things, we can automatically change things. >>We can build automation and react to things much more quickly. So I think the building blocks are in place. Now. I think it's the ability to provide a bit more smarts across it, uh, which of course takes big data and very specific application programming. And I think, uh, definitely our customers are asking us about that. And we look very closely with our customers to build out that, to make sure it meets their needs going forward while it's great to see the platform continue to grow and, and fill in a holistic view of the, of the landscape from edge to throughout the enterprise. So a great strategy and thanks for the update, John Madison, the VP of product and CMR for that. John. Great to have you on. Thanks for coming on extra. Okay. This is the cube conversation here in Palo Alto studios. I'm Chad for a year hosting the cube. Thanks for watching.