(upbeat music) >> Live from San Francisco it's theCUBE, covering RSA Conference 2019. Brought to you by Forescout. >> Hey welcome back everybody Jeff Frick here with theCUBE, we're at the RSA Conference in Moscone in San Francisco, they finally got the conversion done it looks beautiful, it's keeping the atmospheric river out (laughs) it didn't do that last week, but that's a different story for another day. We're excited to have our very next guest he's Joe Cardamone, he's the Senior Information & Security Analyst and North America Privacy Officer for Haworth. Joe great to meet you. >> Thank you, thanks for having me. >> So for the people that don't know Haworth, give us kind of the quick overview on Haworth. >> Well Haworth is a global leader in commercial office interiors. They create seating, desks, dynamic work spaces, raise floors and movable walls. >> Okay, so really outfitting beyond the shell when people move into a space. >> That's correct. >> So what are your security, that sounds like, like mobile walls and desks and the like, what are some of the security issues that you have to deal with? >> Well obviously intellectual property is a big concern, protection of our, we call our employees members. So the protection of our employee member data is important to us, customer data, supplier data, so protection of those key data elements and our assets is a priority in my role. >> Okay, so we're in a Forescout booth, you're using their solution, you come in and Mike tells us you're connected to the network, it crawls out and tells us all the devices. How did that go? How well did it work for you guys? >> It was a fantastic experience for us to be honest with you. From the point that we deployed the ISO onto a virtual instance, about seven hours later we had gotten 97% visibility on our network. And not just data, actionable data which was really important in our use case, >> Yeah keep going, So, well I was just going to say how many surprises did you get after those hours when you got to report back? >> Oh we had quite a number. We were anticipating about 8,000 IPs we landed at about 13,000, so there was quite a bit more end points that we discovered, after implementing the product. One of the bigger pieces that we found was that our showrooms out in global sectors like Asia and Europe, had a bunch of APs that were stood up, you know some sales people thought that they wanted to plug them into a network jack and stand up their own wireless networks, we had found them and we were able to squash them pretty quickly, and that was within 24 hours of implementing the product. >> So you're expecting 8,000 you got 13,000 more than a 50% increase over what you thought? >> Quick math, correct, yes. >> I'm no quick and dirty math guy. I'm not a data scientist. >> I'm not either. >> Okay, so and then how many things did you have that were custom that needed to be added to the library? >> I'm going to say about 10 or 15 units, we have some that we produce. Haworth creates a unit called the Workwear unit which is a screen presentation casting device, and what that device does, it sits on our production network and in order for us to be able to demo that device we had to punch holes in our firewall. Very manual process, those devices move around very often and it was really hard for our IT teams to keep up with. How those devices move, how dynamic they are and you know code revisions, we're living showrooms so nothing stays in one spot at one time. The Forescout was able to very easily identify them using a couple of pieces of information that it gathered, and by using the Palo Alto Networks plugin, we were able to then dynamically punch holes through our firewall to our guest network for just those IPs, in just those services, and just those ports to enable our guests coming in who are looking to purchase the product to actually test drive it, and really have a good use with the product before purchasing it. >> So the guests that you're talking about are your customers, right? >> Our customers, correct yes. >> And when you say they wanted to test drive it, were they, do you let them go test drive it at their local office? Or are you let them drive their own content on it back at your like, executive briefing center? >> How does that mean, cause you're talking about punching a holes, right so that doesn't just happen without some thought. >> No it doesn't, exactly, and the thought was we can't sell a product if we can't demo it, and you come into Haworth, you're my guest. I want you to see the power of my product. I want you to use your laptop, your content on my screens and my space. How can we do that while protecting my digital network? And that's what the Forescout enables us to be able to do as part of our microsegmentation strategy with the Forescout. >> And then you said that that was tied to sub-functionality in a Palo Alto Networks device. >> That's correct. Like I mentioned earlier, the ability to have actionable data was one of our key points in purchasing employing the Forescout unit. We're experiencing a lot of growth, and the way we're treating our growth is, we're treating these companies like they are BYOD. We want, we're buying their brand, we're buying their ability to sell their product. They know their product, they have passion about their product. >> So these are new product lines within your guys total offering? >> Correct, yes. >> Okay. >> And what we wanted to do when we started to integrate the IT side of the world, we wanted to be able to keep them operating on their own. So, we're using the Forescout to be able to look into their network, and looking at a couple of key variables on their machines, say, do you meet this criteria? If you do then we're going to allow you to egress through our Palo Alto firewall using the Palo Alto Networks module on the Forescout, to be able to egress into our environment. If you don't meet that criteria, then you're just not getting in period. So we're able to provide a measure of control, trust but verify to the other networks that we have before their devices come into ours. >> So you're doing that you're adding all these, all these devices, you talk a lot about stuff that's actionable. What did you have before, or did you have anything before? What types of stuff that is actionable, how do you define actionable and I wonder if you could give a couple of examples. >> Sure that's actually really easy. When I say actionable data, I'm able to look at let's just say your laptop sitting here, with the Forescout, I can gather any multitude of data off of it, patch levels, OS levels, software installed, processes running, what switch port you're on, what wireless AP you're on, and off of all that information, I can make any number of decisions. I could move you to another VLAN, I could move you to another security group, I can tag your machine, I can send a trap to my SIM, and be able to record whatever data I need to record. In our use case, using the data that we're gathering from the affiliate networks and from the work wears we're able to then take action to say, yes this device meets our criteria, we can now send that data up into the Palo Alto and then tie it to a rule that exists to allow or disallow traffic. You know, with the fact that it's a single pane of glass, the fact that I can have my help desk go in and make decisions based on data that they're getting, based on actionable data, based on other pieces of data that are getting fed in through my environment, like indicators of compromise. I can enable my level one staff to be able to make level three decisions without giving them keys to the kingdom. Which I think is a big value with the Forescout. >> That's pretty impressive, cause that really helps you leverage your resources in a major major way. >> Correct, I'm a team of three. >> You're a team of three. >> Yes. >> (laughs) So more specifically I guess generally you know, talk about the role of automation because I don't know how many transactions are going through your system and how many pings are coming in but you said 13,000 devices just on the initial, on the initial ping, so how are you leveraging automation? What what's kind of the future do you see in terms of AI, machine learning and all these things we hear about because you can't hire you're way out of the problem, you've only got three people. >> Correct, correct right now we have limited staff but our skill set's fantastic. I'm blessed to have a team of really fantastic engineers that I work with. That being said, how the Forescout's helped us is being able to take some of the load off of them by automating tasks and some of that might be we have a machine that is not patched. We can identify that machine, put it into a group. Our servers are actually being patched by the Forescout right now, we're using that as a way to identify vulnerabilities, missing patches and then stage them into groups using the policies within the Forescout to be able to push down patches and you mentioned earlier one of the products that we had they gave us this visibility. We didn't really have anything. We had Forescout a number of years ago but we had some administration changes and we revamped our entire tool set. We came back and repurchased and re put in the Forescout in 2015, and that's where we've really been able to develop our current use cases and the strength behind the Forescout implementation that we have now. >> Right. And I'm just curious before we close are you, are you putting more IP connectivity on all of your kind of core SKUs? Are you seeing a potential benefit to put an IP address on a, on a wall, on a cube, on a desk, on all that stuff? How do you kind of see that evolving? >> I honestly see IoT being, you know, it's evolving very quickly obviously. We've got, we have IP addresses on our window blinds, you know. >> On your window blinds. >> Yeah, on our window blinds, so that they can control the amount of sunlight coming and we're LEED certified building. So we have all of these different IoT devices that control sunlight, control climate control in the building and obviously our production facilities have a lot of IoT devices as well and the Forescout helps us to be able to segment them into the correct VLANs, apply virtual firewalls, apply different changes to their own network. It gives us a lot of visibility and gives us a lot of control because of the granularity that it just natively collects. >> Right right. Well Joe, it's such a cool story you know. IP on shades that's my, that's my lesson of the day. (laughs) That it just shows that there's just so many opportunities to leverage this new technology in a very special way, but the complexity grows even faster right? >> It certainly does. >> Alright well thanks for taking a few minutes and I really enjoyed it. >> Awesome. >> Alright he's Joe, I'm Jeff, you're watching theCUBE. We're in the Forescout booth at RSA North America in Moscone Center thanks for watching we'll see you next time. (upbeat music)