(upbeat music) >> Hello, everyone and welcome to this CUBE Conversation. I'm Lisa Martin. I'm excited to be joined by one of our CUBE alumni, John Maddison, the EVP of Products and the Chief Marketing Officer at Fortinet. John, welcome back to the program. Good to see you. >> Hi, Lisa. Good to be here again. >> So we last saw you at the Fortinet Championship back in September, a few months ago, but we've had the opportunity to speak a number of times this year. I've also had the chance to talk with Derek Manky, at FortiGuard Labs. There's been so much going on. Let's kind of break down some of the main challenges that enterprises are facing still. And there's four of them here that you're going to address as we wrap up 2021 head into 2022. And then let's also talk about what Fortinet sees as the solution, the cybersecurity mesh architecture. Let's go ahead and kick off with some of those challenges as we know so much has gone on throughout landscape that work from anywhere is so persistent, but what are some of the main things enterprises are facing still? >> Yeah, there's a lot, it's very dynamic right now. And you know, I've been in cybersecurity almost 20 years now and there's always been these three drivers around the infrastructure changes the threat landscape and regulatory. And I think when you look at the infrastructure changes, this work from anywhere, which is, you know, kind of the hybrid mode where I'm in the office today, it could be hopefully in the future, traveling and home. That's going to be here for some time, it seems. And so, you know, enterprises are now saying, I need a longer term strategy around that. I can't just say flip on the VPN and a bit of endpoint security. So that definitely enterprises are thinking that's going to be here for at least another couple of years. I think they're still running very fast to get the digital infrastructure in place. And so, and you're seeing network security and the application journey continuing and securing all those things. And then there's, you know, there's the threat landscape, which, you know, we've said, I think back at the PGA, we're seeing this huge increase in ransomware. And yes, there's still activity going on and trying to breach data and intellectual property and identity and credit cards. But just about every industry now is seeing attacks and it could be financial, it could be manufacturing, ransomware attacks that's continues. And then I think there's the, there's a couple of other things. There's the supply chain things which are also happening, but we're definitely I was just speaking to a customer a minute ago and they were finding a very hard to find the right skilled professionals around cybersecurity. And it kind of, it's like a hierarchy. I need to find somebody, it's hard to find somebody in IT. It's hard to find somebody in cybersecurity and IT. Is hard to find somebody in IT, cybersecurity and container. And so, you know, the more you go in depth, the harder it becomes and it's not even finding people, just retaining people as well. And so, you know, recently Fortinet committed to training another million. We've already trained to 750,000, but training another million people by 2025 in cybersecurity. >> That's outstanding. We've talked about that skills gap before in a number of conversations about all the work that 40 minutes doing, including with veterans, which is something near and dear to my heart, but the work from anywhere I wanted to talk with you about that because that presents a lot of challenges for organizations. And I was reading some stats that a significant percentage of enterprises expect that this is going to increase in 2022. How can it increase from where it is now? What are some of the things that you're seeing and how can Fortinet help customers address this persistent challenge? >> Yeah, well, I think it's increased or it's just the ratio between home and at work and travel might be changing. And again as I said, I think a lot of companies said, well, let's just put something in place now and it's going to go away. Well, it isn't going away. And so what Fortinet are looking to do, and I think it's not just one point product. It is a combination of technologies. It could be end point security. We're even looking at you know, at home networking through our own devices or our partnership with Linksys. It is looking at that zero trust architecture. It is looking at more network security, whether it be in the data center or in a cloud. I think what's important though, is two things. One is that no matter if you're on the network, off the network or traveling per se, then you need the user experience to be the same or simple. I can't just change the way I work because I'm at home versus travel versus you know, in the office. And the security needs to be consistent on those three places as well. So our goal, when we bring some of those solutions together, zero trust and endpoint and network security and policy and identity is to give the same user experience, a simple user experience and the high level of enterprise security, no matter, you know, if you're on and off the network. And those are the key. And I think today customers kind of struggle because they probably got four or five vendors in those different areas and they're trying to make them to work and it's very hard. And so that's why we, you know, we put forward a more of a platform approach per use case with doing that. >> Let's talk about some of those key use cases. And you mentioned ransomware a minute ago, and I just as of a couple of days ago, Kronos is, you know, the latest big name organization to be hit. A lot of folks concerned so many big companies and small companies rely on them. It's not going to affect, you know, the last paycheck in December, but that's a use case that Fortinet has been covering for a long time. I think when we spoke a few months ago, 2020 to 2021 ransomware was up nearly 11 fold. What are some of the things going on there and how are you guys working with customers to address that as we enter 2022? >> Yeah. Well, I definitely think you also saw the, you know, the recent vulnerability, the Log4j and that sits in a lot of systems. Now that sits in a lot of customer systems. It sits in a lot of security systems as well, by the way. So we come back to this, you know, supply chain issue. And so customers kind of accepting that this is going to be as this attack surface of the network and cloud and devices and users and whether or not the network you know, keeps continuing to expand. They're going to accept that these zero days are going to come along. They're going to, they also understand the sophistication of the threats. We're seeing a lot of activity of the threats in the reconnaissance space, and they're looking at your external attack surface and working out how they can get in. And so, I think customers are accepting that this is just getting more sophistication, there's a bigger attack surface. And so what they're looking at is to deploy some more detection capabilities, more just training of people, not to click on stuff, but you know, building infrastructure so it's segmented, long-term though the only way to defend against these ransomware attacks is to usually platform that then allows you to build automation that long-term allows you to build some contextual engine. Why, when, where, what are you doing, otherwise it's just going to be too hard, just trying to bolt together, you know, 10 or 15 products from vendors that don't get on well, none the best of times. So yeah, that's, it's long, it's a longterm architecture is the only thing that's going to work for customers. >> And for a long time, I think probably since I've known you John, Fortinet has been talking about the security fabric. Now Gartner is talking about the cybersecurity mesh architecture. Talk to me about those two. How similar is that? How leading edge was Fortinet and describe what a cybersecurity mesh architecture is? >> Well, it always takes a while for Gartner to catch up with us, but they, if I'm in a joking Gartner please except the apologies. That, you know, I think they've started to talking about this cybersecurity mesh architecture mesh. And what the saying is that, you know, these products need to talk to each other. And yes you can send things off into a central location for SIM or operational management, but really need to talk to each other and transfer exchange, threat intelligence. They need to be able to exchange policy long. They also need to be able to build automation. You know, a really good example is if our EDR system detects that your laptop has got a virus or a vulnerability, then I can, the EDR system will tell the zero trust policy manager don't allow access application. Or it could if you're on the network, you could tell the Wi-Fi, take off, take them off the network. So this automation is integration is the real long-term goal of the Gartner mesh. It's always been the long-term goal of Fortinet. Yes, we do individual products. You can buy them, but the real power long-term is to get that automation built into the platform. And as I said, even longer term start applying contextual rules, which will be super powerful in stopping, you know, attacks and breaches. >> Tremendous amount of power and capabilities that that context will provide. I was looking at some stats from Gartner and they said that by 2024, which is we're two years basically away from that organizations that do adopt this cybersecurity mesh architecture to integrate security tools, to work as a collaborative ecosystem, significant reduction in the financial impact of security incidents by 90%. That's huge and I know that you guys also have integrations with over 450 third-party technology partners as part of the security fabric. So you're ahead of the game. >> Well, it's not saying, you know, just buy from Fortinet, that's what you need to do, but it's not saying that at all. What, I think what Gartner is saying, and what we've been saying is that take a use case like work from anywhere and then build your platform, a platform for that use case. Now, what we are saying is, again, it's not saying you go from 30 products down to one, you go from 30 products down to maybe five or six platforms, but those platforms need to work together. They also need to exchange threat intelligence and policy and build automation. And so I think the platform approach, every CSO I speak to is just tired of buying another product, another product. They just want to get something that works and is automated long-term. And so the platform and the Gartner mesh. It's a slightly different concept, but something else we call convergence. Okay. So consolidation is consolidation of the vendors, but you may still have the same number of products. You still may have an end point in a zero trust and an email. Convergence is different where we bring it together and eliminating individual products. A really good example of that is SD-WAN that brings together security and application routing. And that goes back to a concept that Fortinet had since our beginning 20 years ago. And that is the original internet that we still use a lot today really has no idea who you are, what device are you using, where are you going, what application, what's the content, no clue, it just connects you. And so that leads to a lot of security being bolted on afterwards in different places. And so this convergence, we call it security different networking, where you start to integrate the security, which may be contextual, it maybe identity, maybe application running like SD-WAN, maybe content like next gen firewall. You bring those together. Now, when you do that, you face some compute challenges. And we've been one of the pioneers and building asics that allow this acceleration to bring this convergence together. But that's another area that's happening as well. It's different from consolidation, but it's bringing together that security and networking so you're not bolting things together as you go forward. >> Different from consolidation, but incredibly important to be able to reduce those silos as businesses are facing some of the challenges that you talked about, the persistence of work from anywhere, the threat landscape, the cybersecurity skills gap. >> Yeah. And you can do this convergence in different places. So you can do it at the cloud edge because you can throw a lot of compute at it. At the one edge, you probably need a asic approach, data center edge, a 5G edge. There's the LAN edge, which is the connectivity. Cause I sometimes have people go, well, let's just put all the security in the cloud, but now yes, you do need security in the cloud. You needs security from the cloud before the cloud, but there's also security needed these ages. And there's also another area that's been under huge attack now is operational technologies. So manufacturers, energy, gas, everyone is really got some physical infrastructure. Even a branch you can consider to be operational technology and they got cameras and other capabilities. So that, especially for the traditional operational technology, that's hard to open up. Because you need access, you need remote access and what's a seeing a huge amount of attacks there. In that world, you know, you've got to put the security there, physically with it to make sure you secure those components. >> What about the, from a challenge perspective John, we talked a lot in the last year, 18, 20, 22 months, I'm losing count of the acceleration of digital. What are some of the security opportunities there that provides Fortinet to help customers solve that if the acceleration is happening faster than the, some of the, you know, that their security infrastructure can keep pace. What are some of the opportunities there for you guys to help customers address that problem? >> Well, this is always been a battle between security and networking. You know, networking is gone from this 400 times faster than it was before. Security is still a lot of it's software. And so, you know, what you don't want to do is and the security team saying is say no all the time. No, don't do that project, it's too insecure. Stop doing that. No slow down on that. And that's, you know, always been an issue for security in that people think of it as a tax or a burden that slows things down. That's why I come back to this convergence. When you're building a network, the security should be inside that. Should be built and integrated. So if I'm building my one edge, which connects my building to a cloud or whatever, when I put that connectivity in there to an SD-WAN device, it should have security integrated inside it. The same effect I found building, you know, a data center or a cloud capability. So I think, you know, customers are you know, security teams can't stop the business from moving forward and building these applications wherever they may be in retail or manufacturing or healthcare. And so they just need to take a different approach to enable that speed of acceleration and to our minds having it totally integrated and converge is the only way you're going to be able to achieve the speed and the security at the same time. >> And that speed is critical as is a security. But let's talk about that cybersecurity skills gap. Something that I think I read recently is in its fifth year, we've talked about this before, but as you alluded to at the beginning of our conversation, Fortinet is very dedicated to training, lots of individuals. Talk to me about that skills gap. And you talked that it also affects people, companies being able to retain talent. How are you guys helping to address? >> Yeah, we did actually a survey a few months ago, a 2500 cybersecurity professionals. And, you know, one really revealing fact was about, I think it was about 70% said they'd had an incident because of the lack of training. Now that could be people who are just clicking on things. Okay. Versus somebody who doesn't, is not trained enough to see a threat. So I think, you know, the question going to go, but either way, the 70% of that, you know, is attributed to that breach. And so it's so, so important. And right from the start Fortinet has provided training. We provide free training to our partners, free training to our customers. I have a quite a large team that's building on the curriculum. So we supply curriculum and gear to over 450 universities and colleges. You mentioned the re-skilling of the veterans as well, over 2000. And to us, it's very important. So this commitment to get people trained because in the end there's, yeah, there's always a people part of this problem, whether it be people clicking on things or whether it be people not understanding and configuring crying, and then people having passwords of one two three or whatever. All these things, all these human things need to get, you know, we need to get educated and trained on it. So we'll continue that. I think a million's probably not enough. It's probably should be two million, but we'll try our best to get people trained as much as possible. And the other thing that I also saw in the survey was that once certified employees thought that was extremely important. It does take a lot of time. So, you know, one of our NSE 4 courses on our firewalls takes a week. It does a lot of things to learn. So one thing we're going to try and do is try and modularize a bit more so we can break it up a bit. But there's going to be a problem. It's kind of like the supply chain, the supply is not there, the people, this is right. The chips, they're not there. They're not there, you've got to try and fix it and expand the training and education of people. >> And I think that's fantastic that Fortinet has been dedicated to that for so long. Look forward to hearing how you guys, the progress that you make on that training 1 million folks. Will we see you at Accelerate in 2022? >> Yeah. Well, so Accelerate 22 is going to be a hybrid, of course. I'm actually, you can't really see here cause I've got my great office here. But in front of me is the window. I can actually see the Apple campus just over there. And this is our new campus in Sunnyvale, Silicon valley. We've got a pretty expensive training center and executive briefing center. So we're going to probably do in the morning of Accelerate 22, a live broadcast of some of the execs and some of our partners and customers, and then have some online stuff. So hybrid probably this year again. But a bit of physical presence. But yeah, we're expecting quite a few partners to, a few partners to be here, live and a few partners, obviously a lot of partners to tune in to the live broadcast. >> That's fantastic. I look forward to that hybrid event. John, great to see you as always. Thank you so much for the update and sharing what enterprises, the battles that they're facing, how Fortinet and the cybersecurity mesh can help. We look forward to seeing you in 2022. >> Thank you Lisa. Thank you. >> For John Maddison, I'm Lisa Martin. You've been watching this CUBE conversation. We'll see you next time. (lively music)

>> Narrator: From around the globe, it's theCUBE, covering Fortinet Security Summit, brought to you by Fortinet. >> Welcome back to theCUBE, Lisa Martin here live in Napa Valley at the Fortinet Championship. This is the site of kickoff to the 2021-22 FedEx Cup regular series. We're here with Fortinet and we're here with one of our distinguished alumni, John Madison, the CMO and EVP of products. John, it's great to see you in person. >> Yes, Lisa it's been a while. >> It has been a while. >> Good to be back here, live. >> I know, you're not on Zoom, you're actually right six feet across from me. >> Yep, look, yes, it's definitely physical. >> It does, talk to me about the PGA and Fortinet. What are some of the synergies? >> There's a lot. I think one of the biggest ones is the culture of the two companies. So I mean, PGA tour, I think they've donated almost $3 billion to charities over the last 15 years, 20 years and we're the same. We would definitely want to give back to the community. We want to make sure we're providing training and education. We're trying to re-skill some of the veterans, for example, over 2000, also women in technology, you may have heard one of the key notes today about that, attempts from a education and training perspective. So there's a lot of synergies between the PGA Tour, and Fortinet from a cultural perspective. >> I love that. Cultural synergy is so important but also some of the initiatives, women in tech, STEM, STEAM, those are fantastic. Give our audience a little overview of what's going on here. We've got over 300 partners and customers here. What are some of the key themes being discussed today? >> Yeah, we're going to try and keep it smaller, this event. We don't want 10,000, 20,000 people. We'll keep it smaller. So about 300 customers and partners, and what we want to do is bring together, you know, the top people in cybersecurity and networking, we want to bring in customers so they can net with each other, we want to bring the partners here. And so, what you're going to see is you can see the tech expo behind you there, where people are talking technology. Some of the keynotes focus on areas like ransomware, for example, and cyber security in different industries. So definitely it's a smaller gathering, but I think it's very focused on cybersecurity and networking. >> Well, that's such an important topic these days. You know, you and I have spoken a number of times this summer by Zoom, and talking about the threat landscape and the changes-- >> Yep. >> And the work from anywhere. When you and I spoke, I think it was in June, you said 25% we expect are going to go back to the office, 25% permanently remote and the other 50 sort of transient. Do you still think given where we are now in September that that's still-- >> Yeah, I'm going to modify my prediction a bit, I think it's going to be hybrid for some time. And I don't think it's just at home or not at home or at work or not at work, I think it's going to be maybe one or two days, or maybe three days versus five days. And so, we definitely see the hybrid mode of about 50% for the next couple of years at least. I think that, you know, ransomware has been in the news a lot. You saw the Colonial, the ransomware has increased. We did a threat report recently. Showed about a 10X increase in ransomware. So, I think customers are very aware of the cybersecurity threats. The damage now is not just sucking information out and IP, it's causing damage to the infrastructure. So definitely the, you know, the attack surface is increased with people working from home, versus in the office, and then you've got the threat landscape, really, really focused on that ransomware piece. >> Yeah, ransomware becoming a household word, I'm pretty sure even my mom knows what that is. And talking about the nearly 11X increase in, what was that, the first half of 2021? >> Yeah, over the last 12 months. And I think what's also happened is ransomware used to be a broad attack. So let me send out, and see if I can find a thousand companies. Again, you saw with the Colonial attack, it's very targeted now as well. So you've got both targeted and broad ransomware campaigns going on. And a lot of companies are just rethinking their cybersecurity strategy to defend against that. And that work from home component is another attack surface. So a lot of companies that were operational technology companies that had air gaps and people would come to work, now that you can remotely get into the network, it's again, you can attack people at home, back into the network. >> Is that a direct correlation that you've saw in the last year, in terms of that increase in ransomware and this sudden shift to working from home? >> Well, I also think there's other components. And so, I think the ransomware organizations, the gangs, could use crypto more reasonably than checks and dollars and stuff like that. So they could get their money out. It became very profitable versus trying to sell credit card data on the dark web. So you saw that component. You also saw, as I said, the attack surface be larger for companies, and so those two things unfortunately have come together, and you know, really seen an exponential rise in attacks. >> Perfect storm. Let's talk about some of your customer conversations and how they've changed and evolved in the last 18 months. Give me a snapshot of when you're talking with customers, what are some of the things that they're coming to you for help, looking for the most guidance? >> Yeah, well I think, you know, the digital innovation transformation is almost accelerated because of, you know, COVID. They've accelerated those programs, especially in industries like retail, where it becomes almost essential now to have that digital connectivity. So they can't stop those programs. They need to accelerate those programs, but as they move those programs faster, again they expand their attack surface. And so, what I'm definitely seeing is a convergence of traditional kind of networking, connectivity, and cybersecurity teams like the CIO and the CSO working on projects jointly. So whether it be the WAN connectivity, or whether it be endpoint, or whether it be cloud, both teams are working much more closely going forward. >> Synergies there that are absolutely essential. Talk to me about what you guys announced with Linksys yesterday, speaking of work from home and how that has transformed every industry. Talk to us about the home work solution powered by Fortinet. >> Yeah, well, we definitely see work from home being there for some time. And so the question is, what do you do there? So I think initially 18 months ago, what happened was companies turned on their, what they call a VPN, which gives them an encrypted access when they went from 5% to a 100% people on the VPN. I speak to customers now and they're saying, that was kind of a temporary solution. It puts an end point security there. It was kind of temporary and now I need a longer-term solution because I can see this at least 50% for the next two years, being this hybrid work from home, and some of them are saying, "Well, let's look at something. Let's try and take the best of enterprise networking and security, and then try and match that with an easy to set up Wi-Fi or routing system." So the two companies, you know, have come together with this joint venture. We're taking Linksys technology from an ease of use at home, it's very simple to set up, you can do it on an app or whatever. And then we integrate the Fortinet technology inside there from a security and enterprise networking. The enterprises can manage themselves, the enterprise component and the consumer can manage their piece. What's very important is that separation as well. So the privacy of your home network, and then to make sure the enterprise piece is secure, and then also introducing some simple, what we call quality of service. So for a business person, things like Teams or Zoom as preference over some of the gaming and downloads of the family. So I think it brings the best of both worlds: ease of use and enterprise security together. >> I'm sure the kids won't like that it's not optimized for gaming, but it is optimized for things like video conferencing which, in the last year we've been dependent on for collaboration and communication. Tell me a little bit about the tuning for video conferencing and collaboration. >> Yeah, so we announced both Zoom and Microsoft Teams, probably the two biggest apps, which I use from a work from home business perspective. And definitely if you've got a normal system at home and your kids they've been downloading something, a new game or something like that, they can just take the whole bandwidth. And so the ability to kind of scale that back and make sure the Zoom meeting or the Teams meeting is first priority, I think is very important, to get that connectivity and that quality of service, but also have that security component as well. >> Yeah, the security component is increasingly important. Talk to me about why Linksys, was COVID the catalyst for this partnership? >> Well, I think we looked at it and we have our own work from home solutions as well. I mean, our own gear. We definitely wanted to find something where we could integrate into more of a ease of use solution set. And it just so happened we were speaking to Linksys on some other things and as soon as we started talking, it was very, very clear that this would be a great relationship and joint venture and so we made the investment. Not just "here's some of our code", we made a substantial investment in Linksys and yeah, we see some other things coming in the future as well. >> Can you talk to me a little bit about what the go to market will be, how can enterprises and consumers get this? >> Yeah. So it's more of an enterprise sale. I know some people think Linksys, they think consumer straight away. For us, this is a sale to the enterprises. So the enterprises buy it, it's a subscription service. So they just pay a monthly fee and they can have different levels of service inside there as well. They will get, you know, for each employee they'll get one, two or three nodes. And then so the, so the enterprise is paying for it, which I think will help a bit and they will manage it through their system, but the consumer will get this kind of a game that's very easy to use, very high speed connectivity, mesh technology. So yes, Linksys will sell some of it as well. But I think, you know, actually Fortinet will be the major kind of go to market because of our 500,000 business customers we have out there. >> Right. And your huge partner network. >> Yes. >> So let's talk about, give me a little bit of a view in terms of the benefit that IT will get leveraging the Linksys home work solution. I imagine that centralized visibility of all the devices connected to the corporate network, even though, wherever the devices are? >> Yeah, it actually extends the corporate network. So not in this initial release, in the second release. In the first release, they can go to a cloud portal and they can manage what they can manage from an enterprise perspective. The employee can go to the same portal, but gets a different view, can manage their piece. In the second release, we'll actually have support in our management systems. So if you're an existing Fortinet customer and you've got our management systems and say you've got, I don't know, 250 sites, and you're managing some of our firewalls or SD WAN systems, You'll be able to see all the employees links as systems as well, in that same management system. But again, there's a separation of duty and privacy where they can just manage the enterprise components, not they can't see the traffic from the employees' side, from the non-business transactions. >> Good. That privacy is key there. Do you think that in a perfect world, would help quiet down some of the perfect storm that we're seeing with ransomware and this explosion, this work from anywhere, work from home, going to be persisting technologies, like what you're doing with Linksys, is going to help make a dent in that spike? >> I think it's a component. So for us, the long term strategy for users, end point, this kind of Linksys component is an element. We also feel like there needs to be a transition of VPN technology into zero trust. So you're limiting again, the access to applications versus the network. And then definitely the third component would be a technology like EDR, which is more behavioral-based versus signature-based. And so you bring all those three together. Absolutely we'll make a dent in ransomware because you're just reducing the attack surface greatly, but also scanning the technology to make sure if you see something, you can act straight away. >> And then pair that with what you guys are doing and the investment that Fortinet's been making for a while in training and helping to fill that cybersecurity skills gap, which is growing year on year. >> Yeah. I speak to a lot of CSOs and CIOs and they go "What's the latest technology? What can you do next?" I say, well, the most important thing you can do is train your people. Train them not to click on that phishing link, right? Because still our numbers are around 6% of employees click on things and it doesn't matter what company you are. And so the education and the training is the one of the core, the most basic steps. We're introducing what we call an IT awareness program as part of NSC, which allows companies to download some tools. And they'll try some phishing emails that go out there, they'll see the response, see how they can (mumbles). So I always say that the people, the social engineering is the first step to try and fix and reduce. That's the biggest attack surface you will have. >> It's getting so sophisticated and so personalized. I mean I've seen examples with training that I've done for various companies where you really have to look 2, 3, 4 times at it and have the awareness alone to know that this might not be legitimate. >> Yeah, especially when people are just clicking on more things because they're going to more places. And so you have to be very careful. You can stop a bunch of that with some rule sets. So the systems, but if they're faking the domain, spear phishing, where they know exactly the context of where the email's coming out, it's hard, but you've just got to be very, very careful. If in doubt don't click on it. >> I agree if in doubt, don't click it. Well, John, it's always great talking to you. Exciting to hear the growth of Fortinet, what you're doing with PGA tour, the synergies there, the cultural synergies and the growth in customers and partners, lots of stuff to come. Can't wait till our next conversation, which I hope is also in person. >> Yes, yes, yes, for sure. You know, I think this is a great venue in that it's- as you can see it's open, which helps a lot. >> Yeah. >> It's not far from our headquarters, just down the road there, we've committed to this event for six or seven years. And so this is our first time, but definitely we're hoping to get out a bit more as we go forward. >> Excellent. I'm glad to see to see a company like Fortinet taking the lead and you look like you're dressed for golf. You said you have meetings, but I'm going to let you go because you probably have to get to that. >> I have a few more meetings. I wish they would leave a little gap for some golf. I'll try and work one as we go forward. >> Yeah. Anyway, John, thank you for joining me, great to see you. For John Madison, I'm Lisa Martin. You're watching theCUBE from the Fortinet Championship Security Summit in Napa. (Upbeat music)

(calm electronic music) >> Welcome to this CUBE Conversation with Fortinet. I'm Lisa Martin. John Madison joins me, the CMO and EVP of products. John, welcome back to the program. >> Thanks Lisa. Good to be here. >> Good to see you. So, so much has changed since I last saw you. The move to remote work caused by the pandemic led so many organizations to invest in modern networking and security technologies. And we see, you know, the rise in the threat landscape that protecting digital assets is becoming even more and more urgent because the threats are continuing to escalate. Talk to me about some of the things that you're seeing with this current threat landscape. >> Yeah. Well, it keeps changing that's for sure. You saw some recent surveys where, you know, now companies are seeing, in terms of where employees are located, you know, 25% expecting to be in the office, 25% expected to be permanently in the home. And then there's this big 50% of hybrid, which we think will move a bit more towards the office as people get back in the office. But that's going to take some time. We're actually starting to move back in the office here in Santa Clara, Sunnyvale. but it's very different in every region in the U.S and regulations and laws around the world. And so we think it's going to be very much work from anywhere. There's a bit of travel starting as well. And so this work from anywhere concept is going to be very important to customers going forward. And the ability to change the dynamics of that ratio as they go forward. >> (indistinct) This work from anywhere that over- last year overnight sort of became an absolute essential. But now, as you said, we're going to have this hybrid model of some going back, some staying home and the security and the perimeter is dissolving. When you look at supporting customers and their remote work from anywhere, their new work from anywhere model, what are some of the things that are top of mind that you're hearing from customers? >> Well, I, you know, I sometimes hear this premise is disappearing. I think in some ways it's moving to the user and the devices. And there's this concept called zero trust network access which I've said in many occasions should be zero trust application access, but they named it that way which is going to be an important technology because as I said, it kind of moves that premise then to that user and previous technology that we had VPN technology was good technology. And in fact, a lot of companies, if you go back to when the pandemic started last year, put a lot of people on the VPN technology as quick as possible and it was reasonably robust. But as we go forward, what we're going to have to do is make sure that perimeter- at that perimeter, that users only get access to the applications they're using rather than the whole network. Eventually when they're on the network you need to make sure that it's segmented so they can't go everywhere as well. And so this zero trust network access or zero trust or zero trust access, there's lots of kind of different versions of it, is going to be very important concept for users. The other piece of it, I think, is also that it needs to be more intuitive to use, as anything you kind of have users do like the VPN where you had to kind of dial in and- or bring up- you're bringing up your connection and your IPsec connection, et cetera, et cetera means that people tend not to use it. And so to make it intuitive and automatic is going to be really important. >> Intuitive and automatic. One of the things that we also saw was this massive rise in digital transformation last year, right? SAS adoption, these SAS applications keeping many of us in collaboration. So I'm thinking, you know, in that sense with the perimeter changing and the work from anywhere, this consistent, secure internet connection among users at the branch or the branch of one has to be there to keep organizations productive and safe. How is the Fortinet enabling the ZTNA- this evolution of VPN? >> Yeah. That's another piece of it. So not only are users on and off the network or traveling so that- or both, so the applications are moving. So a lot of them are moved from data centers to public cloud in the form of infrastructure or SAS. We're now seeing customers actually move some applications towards the building or building compute or edge compute. So the applications keep moving which also causes this problem. And so another function of zero trust access or ZTNA is to not care where the application is. You rely on some technology and it's called proxy technology, which allows the proxy to track where the applications are. And for us, that sits inside of our firewalls. And that makes it very flexible. And so we've been able to kind of just ramp up that proxy against the policy engine, whether it be in the data center or in the cloud, or even on your premise. Even integrated inside a branch or something like that. That's going to be very important because, as you just said, those applications will just keep moving into different areas and different zones as you go forward. >> (Lisa) And that's probably going to be permanent for a lot of organizations. So it- so they haven't renamed it zero trust application access, like you think it should be. But when organizations are looking into zero trust network access, what should- what are some of the key things that they need to be looking for and mindful of? >> Yeah, (indistinct) And so it's probably the, you know, the number one conversation they've had over the last six months. I think people initially just had to get something working. Now they're looking seriously at a longer term architecture for their access, their user access and device access. I think what I find is that something like zero trust network access is more of a use case across multiple components. And so if you look inside it, you need a client component endpoint; you need a proxy that in front of the cloud capabilities; you need a policy engine; you need to use identity-based systems. If you haven't got- if you can't get an agent on the device, you may need a NAC system. And so usually what customers find is I've got four or five current- different vendors in those areas. And cybersecurity vendors are not the best at working together, which they were, because then we do better for customers. And so trying to get two vendors to work is hard enough, trying to get five or six is really hard. And so what they're looking at over time is to say, maybe I get the minimum basic ZTNA working. And then as I go forward, for example, what they really want is this continuing posture assessment. Well, you can do that with some EDR technology, but is that EDR technology integrated into your policy engine? No. So I think what customers are saying is, let me start with the base ZTNA with maybe two vendors. And then as I go forward implement a, you know, a fabric or a platform approach to get everything working together. 'Cause it's just too hard with five or six vendors. >> Right. Is there, I'm curious if there's a shared responsibility model with customers working with different vendors; what actions and security responsibilities fall on the customer that they need to be aware of? >> Well, and it also comes back to this, you know, there's convergence of networking and security. And I've said a few times I'm definitely seeing CIOs and CSOs, security teams, and networking teams working much more closely. And especially when you've got a use case now that goes across security items and networking items and networking, the proxy has always been in the control of the networking team. Endpoint security is always been in the- you know, the security team. It's just forcing this convergence not just of the technologies itself but of the organizations inside enterprises. >> (Lisa) Well, and that's a challenging one for every organization is getting, you know, if you're talking about it in general, the business folks, the IT folks. Now this is not just a security problem. This is a problem for the entire corporation, as we just saw with the Colonial Pipeline. Ransomware is now becoming a household name. These are business-critical board-level discussions I imagine on the security side. How is Fortinet helping customers kind of bridge that gap between the biz folks and the IT folks where security is concerned? >> Yeah. You know, ransomware has been around quite a while. I think two years ago, we saw a lot of it in the schools. K-12 schools in the U.S. I think they're picking some richer targets now. The colonial one, I think there was a 4 million ransom. I think that they managed to get some of that money back. But, you know, instead of, you know, demanding $5,000 or $10,000 from a small business or a school they're obviously demanding millions from these larger companies. And you know, one of the problems with ransomware is, you know, it still relies heavily on social engineering. I don't think you can eliminate that people clicking on stuff, you know, a very small percentage still. I think what it means is you have to put some more proactive things in place, like the zero trust, like micro-segmentation, like web application file warning. All these capabilities to try and make your systems as strong as possible. So then put in detection and response systems to assume that someone's clicking on something somewhere just to help. But it's definitely the environment. You know, the threat environment. It's not really gotten more sophisticated; yes, there are still advanced threats. I fear more about those weaponized APTs and state sponsored, but there's definitely a huge volume of ransomware now going after, you know, not only, you know, meat processing factories, but pipelines and critical infrastructure as we go forward. That's the more worrying. >> (Lisa) Right. You bring up a good point about, sort of, people being one of the biggest challenges from a security perspective. Clicking on links, not checking to see if a link is bogus or legitimate. So, help me understand a little bit more how is zero trust can help maybe take some of that human error out of the equation? >> Well, because I think before, you know, when you got access, when you're off the network and you've got access to the network, you've got access to everything, okay. So once you're on the network, and I think the Colonial Pipeline was a good example where traditionally, operational technology networks, physical networks sort of separate from the IT network and they had something called an air gap. And that air gap meant you really couldn't get to it. Now when people had to be remote because of the pandemic, they started taking these air gaps. And so now we had remote access. And so again, when you- when they got that remote access and they got into the network, they could- the network was very flat and you could see everything you can go anywhere. And so that's what zero trust does. It kind of says, I kind of did the zero trust approach to you that I'm only going to allow you access to this application. And I'm going to keep checking on you to make sure you are you are who you say you are on a continuous basis. And that really provides a bit more safety. Now, I still- we still think you need to put things like segmentation in place and some other capabilities and monitoring everything else, but it just narrows the attack surface down from this giant network approach to a specific application >> Narrowing that is the right direction. How do organizations, when you're working with customers, how do they go- How do they evolve from a traditional VPN to zero trust? What are some of the steps involved in that? >> Well, I think it's, you know, what's interesting is customers still have data centers. In fact, you know, some of the customers who have legacy applications will have a data center for a long time. And in fact, what I find is even if you've implemented zero trust to a certain population, employee population, they still have VPNs in place. And sometimes they use them for the IT folks. Sometimes they use them for a specialized developers and stuff like that. And so I think it's going to be like everything, everything goes a hundred percent this way and it stays this way. And so it's going to be hybrid for a while where we see VPN technology and zero trust together. You know- our approach is that you can have both together and it's both on the same platform and it'll just gradually evolve as you go forward. >> What are some of the things you're looking forward to in the next year as this hybrid environment continues, but hopefully things start to open up more? What are some of the things that we can expect to hear and see from Fortinet? >> Well, I'm looking forward to getting out of my home office, that's for sure. >> (Lisa laughing) >> It's like I've been imprisoned here for eighteen months. >> I agree with you on that! So we'll try that. And, you know, I always thought I traveled too much before and now I'm contemplating on the travel piece. But from, you know, Fortinet's perspective, you know, our goal is to make sure that, you know, our customers can increase. We'll make sure they can protect themselves. And so we want to help them and keep working with them such that they put best practices in place and they start architecting longer-term to implement things like zero trust or sassy or some of these other capabilities. And so, you know, I think the- we've had a lot of interest with customers on these virtual sessions. I'm really looking forward to getting them back in our new building, our new executive briefing center, which we're opening up in the next few weeks. You may have more of those face-to-face and white boarding conversations with customers. >> Oh, that sounds so exciting. I agree with you on the travel front, but going from traveling a ton to none was a big challenge. But also, I imagined it'll be great to actually get to collaborate with customers again, and partners. You know, you can only do so much by Zoom. Talk to me a little bit about some of the things on the partnership front that we might be seeing. >> Yeah, our partners, you know, we're a hundred percent partner-driven company and partners are very important to us. And, you know, and that's why we always, when we introduce new technology, we work with the partners to make sure that they understand it. So for example, we provide free what they call an NSE training to all our partners. And then we also work with them very closely to put systems in their labs and the demos and make sure they can architect. And so partners are really important to us and, you know, making sure that they can provide value as part of a solution set to our customers, because customers trust them. And so we want to make sure that we work with our partners closely so they can help the customer implementing architect solutions as they go forward. >> That trust is critical. Right? I mean, we can talk about that at every event, every CUBE Conversation, the trust that an a customer has in you, the trust that you have in a partner and vice versa. That whole trust circle kind of goes along the lines with what we're talking about in terms of being able to establish that trust. So that threat landscape that's probably only going to continue to get bigger is in the trusted hands of folks like Fortinet and your partners to be able to enable those customers to narrow that threat landscape. >> Yeah, yeah. And so it could be the smallest partner to the largest service provider. We don't mind. We want to make sure that we're working with them to provide that implementation from the customers. And again, the word trust is sometimes overused, but that's what customers are looking for. >> (Lisa) So, John, point me to when our audience is some of the information that they can find on Dotcom about zero trust. What are some of the things that you think are great calls to action for the audience? >> Yeah. I mean, it depends. I think it depends on what level you want to get into where we have a bunch of assets, videos, and training but start at the very highest level, you know, why is zero trust something you need to implement? And then it goes down into more details and then even the architecture, long-term architecture and connectivity and implementation. So there's a lot of assets on Fortinet.com If you go on our training sessions, there's- all our training's free to our customers. And so you can go in all those NSE levels and look at the capabilities. So yeah, definitely it's a- it's an area of high interest from our customers. But as I say to them, it's more of a journey. Yes, you can implement something today really quickly, but will that work for you over the long-term in making sure you can take all the information from the, like I said, you know, how is the voice, the posture of that device? What is the device with an agent doing, you know, as my contextual engine integrated as well? So it's a journey for customers and, but you can start with something simple but you need to have that plan for that journey in place. >> I imagine though, John, it's a journey that is either accelerating, or with the threat landscape and some of the things that we've already talked about, is becoming an absolutely board-critical conversation. So, and on that journey, does Fortinet work with customers to accelerate certain parts of it? Because you know, these businesses have been pivoting so much in the last year and they've got to not just survive, but now thrive in this new landscape, this new hybrid work from home, work from anywhere environment and also with more threats. >> Yeah, no, it's a good point. And so, you know, even those internally are implementing it starting the most critical assets first. So let's say, you know, I've got somebody working on source code, they should be the first ones to get the zero trust implementation. I've got somebody asking from the internet to search for stuff. Maybe they're okay for now, but yeah. So you kind of prioritize your assets and users against, you know, the threat and then implement. That's why I'm saying you can roll it out across everyone as, you know, a certain version of it. But I think it's better to prioritize first the most important assets in IP and then roll it out that way. >> (Lisa) Great advice. >> Because some of- a lot of those assets are still sitting in the data center. >> Right. >> So they're not sitting in the cloud. >> Right. John, great advice. Thank you so much for joining me. Good to see you, glad all is well and that you will be able to get out of your home office. You're just days away from that. I'm sure that's going to feel great. >> Certainly is. And thank you, Lisa. >> Nice to see you. For John Madison, I'm Lisa Martin. You're watching this CUBE Conversation. (calm electronic music with piano)

(upbeat introductory music) >> Presenter: From theCUBE Studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is theCUBE CONVERSATION. >> Hi everyone, welcome to this special CUBE CONVERSATION I'm John Furrier, Host of theCUBE here in Palo Alto, California in our studios, we have a remote guest here talking about cybersecurity and all the industry trends and the recent news and announcements around Fortinet with John Madison CMO and Executive Vice President of products at Fortinet John, great to see you, welcome back to theCUBE. Great to have you back for some commentary around what's going on in the trends and your recent news. So thanks for coming on. >> Thanks John, nice to see you again. >> So you guys had earnings, congratulations again another successful results, you guys are doing well. Cyber is super important and that's the top conversation, cloud computing, cloud native, we're living in a pandemic. New things are exposed. Clearly the environment has changed in the past four months in a major, major way. So a lot of demand, a lot of needs out there from customers. So you guys had some earnings and you also have an update on your Fortinet OS67.0 platform with major updates. Let's quickly hit the news real quick. What's the hot topic? >> Yeah, well you're right. Things have accelerated in some ways in this cybersecurity world and we had the recent solar winds incident that's also made people look really, really closely at their cyber security strategy and architecture. We announced our results yesterday for Q4. For Q4 we had over 20% product growth which is the key, of course, the future growth. We also, for the full year in 2020 past 3 billion in billings for the first time for the company. And we're really proud of that. We're proud for a lot of reasons with our people and our team, but also another company that goes and makes large acquisitions to boost revenue and billings growth. We've done it predominantly organically over the last 20 years. And so we're very proud of our achievement and obviously a big thank you to our partners, our employees, and our customers. >> We also have been covering you guys for many, many years. Congratulations, well deserved good products win the long game, as we say on theCUBE, and that's a great Testament, but now more than ever I really want to get your thoughts because everyone that I talked to is really kind of sitting back saying, "Wow, look what's happened in the past three, six months in particular, a lot of sea change in both on the technical landscape, the intersection with society obviously with cyber, you mentioned solar winds that's been kind of hanging around. More data's coming out about how pervasive that was and how native it was for many months. So what's out there, we don't even know what's next. So this is causing a lot of people to take pause and reevaluate their environment. Can you share your perspective and how Fortinet sees this playing out and how that you are advising your customers? >> Yeah, well, leaving compliance and regulatory to one side for now because that's also a driver cybersecurity and focus on the two main drivers. One is the threat landscape, and I hinted a bit around that supply chain attack which affects a lot of people in solar winds incident. They got hold or got onto a device that has privileged access across a lot of servers and applications. And that's exactly what they wanted to get to. So state-sponsored ABTs, there's still volume out there. We still see now ransomware doubling every six months but that's very scary. The threat landscape around state sponsored. Now, the other driver of cybersecurity is the infrastructure. And whether that be end point. So as you know people are working from home as I am for the last eight months. So there's a on and off network, end point kind of a zero trust architecture there that people are looking towards. On the network side, we've seen these edges develop. And so whether it be the WAN edge, LANedge, Cloud Edge, data center edge even OT edge, those need protecting. So that's a big challenge for customers. And then also on the cloud side where the applications have moved to cloud, but different types of cloud, multi-cloud I've even seen building cloud recently. So that's a very adaptive area. So challenging for the customer in the terms of the threats and weaponized threats as well as the ability to cover all the different parts of the attack surface going forward. >> It's interesting, we've been living in a generation in the technology business around, you just get a tool for that. Every hammer looks for a nail, that's the expression. Now more than ever when you have this no perimeter environment, which we've been talking about for many years, that's not new. What is new is that everyone's now thinking about architectural systems approach to this and thinking systematically around the platform of what their business is. So in your announcement that you guys just released for OS67.0, there's really some meat on the bone there. You have the secure access, edge SASE and then the endpoint protection which are defined categories by the analyst. But those are the areas that are super hot. Can you translate that into the architectural equation because you and I were talking before we came on camera around how it's not just one thing there's multiple layers to this. Could you break that out for us please? >> Yeah. If you look at historically and I'm now coming up to my 20th year in cybersecurity. Before Fortinet I worked for an end point company. If you go back a while and I can, between 2000, 2010, the Endpoint Vendors were the the big cybersecurity players because Endpoint was where the data was and everything else. And then over the last 10 years the network security vendors, the next gen firewalls have been the most important vendors out there. And it's also reflected in revenues and market cap and everything else. What we're going to see over the next 10 years is the platform. And that platform can't be just an endpoint platform. It can't be just a network security platform or just the cloud platform, because you only, you're only seeing and defending and protecting a part of the overall we call digital experience. Whether it be a device in the factory, whether it be a person dialing in from somewhere or connecting from somewhere through the network and through to the applications you've got to measure that digital experience. And so that's going to be very important to be able to provide a platform that sits across all your devices users, across your whole network including new networks like 5G and across the applications and in the cloud. So the platform to us extends across all those areas. We've been building that platform on what we call our FortiOS operating system. The latest release is 7.0, which released yesterday. It obviously upgrades and extends all parts of the platform but we did major parts of the release yesterday were around SASE, which of course is the CloudEdge. So we're adding that CloudEdge to our component. We did acquire a company Opaque Networks a few months ago that's now we've integrated that technology. And then just as importantly on the access side, a zero trust network access capability for giving access per application. In fact, again, with this, I've talked a bit about in the past about all these Gartner acronyms I don't think zero trust network access is the right wording for it. It should be application access, because that's all we are going to move to. Application specific access versus just getting on the network and getting access to everything. But something that gives you context. So those are the two big things, but there's 300 plus new features across networking end point in cloud across management, inside the resource. It's a major release for us. And it gives us our customers the capability to really protect that attack surface from the end point to the cloud. >> Yeah, there's a lot of meat in there, from that release, I've got to say. but it's basically you're saying devices and users have access. That's been around. There's been tools for that. You hire people, you get some tools. Network access, it's been around. It's getting evolving. Now apps in the cloud, cloud native is a hot area. And people that I talk to, I want to get your reaction to this comment that I hear from people and customers and CXOs and developers. "Hey, we bought a tool for that. We hired a bunch of people. They mainly left, or the environment changed. We bought another tool. And then we bought a tool for that. We bought a tool for that." And then you have this kind of tool shed mentality, where they have tools that don't even have people to run them. So you have this problem there kind of tools need to be upgraded. And then you have this hot trend of observability on the app side, where now you have new data coming in on the application side, those are new tools. You got all kinds of stuff and competing for that. How do you talk to that customer? Because this is what the customer hears all this noise, all this action. They need to have it. They got to have the staff, they got to be trained up. What's going on there? What's your reaction to that? And how do you talk to customers who have this problem? Well, it's a big problem for them. Because, and by the way when I speak to a lot of customers about cloud they don't go to cloud because it's cheaper. It's not, it's actually more expensive. But they go to cloud to give them more agility because they want flexibility in the way they deploy applications as they go forward. And again, this pandemic has made a lot of companies realize they need to be more flexible in the way they deploy IT resources and faster in the way they bring up new services and applications. And so, but there's quite a few elements I say of cybersecurity and networking, which to me and to us are just features. You shouldn't be buying 40 different networking and cybersecurity vendors. You just can't staff and maintain that. And so we do see some things consolidated and converging into a single platform. We're a leader in the magic quadrant for SD WAN or a leader for network security or a visionary in WIFI. And many of the times in each of those magic quadrants, it's a different vendor or if it's the same vendor it's a different platform. For us it's the same platform in each one. And we pride ourselves in building not only best of breed capabilities, but also it's the same platform same management system, same API. And that gives the customer some capabilities in trying to manage that. What we say to customers is not a question of going from 40 vendors down to one That's no good, but go from 40 vendors down to maybe seven or eight platforms but make sure those platforms can inter-operate. They can share policy, and they can share threat intelligence. And that's why customers are looking to more of an architectural approach to cybersecurity but also they feel cybersecurity and networking are starting to converge at the same time. >> One of the biggest stories we're covering these days in 2021 besides the pandemic and how people are going to come out with a growth strategy that's secure, trusted and scalable, is the rise of the new executive in business in the enterprise where they're more tech savvy, right? You see executives like Satya and Intel. Intel, rise with the CEO of Microsoft. Andy Jassy rise up to the CEO of Amazon and you're seeing lawmakers in DC become more techie, less lawyer-oriented. So you seeing the rise of a business techie person. And I think this speaks to this holistic fabric philosophy you guys have as you talk to customers, when they look at the business impact of cybersecurity, for instance you mentioned solar winds earlier. I mean, these are deadly company killing events. This is real. So it's not just an IT problem. It's a business problem. How do you guys talk to customers, obviously that you have the security fabric and you're stitching things together? What's the conversation when you talk to customers like that? >> One interesting thing I've noticed, and I do quite a lot of customer calls each week, executive briefings and pretty early on, I noticed that both the infrastructure networking with the CIO team and the cyber security the CSO teams run on the same video call and that's got more and more as we've gone on. And I think what companies have realized is that if they want to move fast, they can't have these silos or this layering of capabilities. Then when they build something they needed to build it securely from day one and have that as a joint team. And so I don't think the teams are not merged but they're definitely working more closely. And I think the responsibility of reporting back into the board level gain is not just, it's just an IT project. Oh, by the way, we've got a security project. It's the same project. And I think that's again, points to this convergence of networking and security. >> Yeah. The silos got to be broken down. That's been a theme that's been more highlighted more than ever the benefits and the consequences of doing it or not doing it are clear to people especially at all levels of the corporation and tech. That brings up my favorite conversation. I always ask you whenever you're back on theCUBE giving me an update on what's going on with Fortinet I got to ask you how it's going with data, because data again is the consistent theme we always talk about, how we're exposing that data, how we're protecting that data, the role of data as people continue to get more data and figure out how to use machine learning how to use AI, how to democratize it all kinds of things are happening around data. What's the latest in your opinion? >> Yeah, I think there's progress, but I always say there's progress on both sides. The cyber criminals, big AI networks and machine learning just to counter what the cyber security companies are doing. I think right now we're processing hundreds of billions of events on a weekly basis. We've got the largest install base of network security out there over 500,000 customers. And so processing that event, it's going well in that we're able to determine really quickly for specific threat vectors in specific geographies that this battle good. It's about a good file. It's about a good URL. It's a vulnerability that's associated with Stevia. So we're able to kind of do use machine learning and volume against a specific application to get a good result. The key going forward for us, and I think for the whole industry is using the AI to start to discover campaigns in the wild like the solar winds ones, which is going on without anybody knowing. And that takes a lot of compute, takes a lot of threat intelligence and the AI piece needs to understand the relationship between the different elements of threat vectors, the command and controls and everything else to get you that result. I do think a couple of things. One is the cybersecurity industry, and I've said this before on this broadcast is are not walking together as they should. And sharing this threat intelligence across the industry. As soon as they find something, I actually applaud Microsoft on the solar wind side, they got information out really quickly and did well. And so we did the same. I think the industry needs to do more of that more proactively. And then I do think that, again, that I see a lot of companies cybersecurity companies claim a lot of things without any evidence that it works whatsoever. >> The world's got to call them out the consequences of not having, things work as they're advertised and or sharing them, your point about sharing. There should be some recognition for folks that are actually being fast on the sharing side. It's not like... We need our own militia against the bad guys. That's what's kind of going on here. So great stuff. I got to get your thoughts on the edge real quick. I know we talked about it briefly. You broke it down to three categories device users, network, and then apps in the cloud. The hottest topic on our recent CUBE on cloud editorial virtual event we had was the edge. And edge being industrial edge. And also, just the edge of the network with humans and users and devices. How are you seeing the current situation out there? A lot of hype, obviously the reality of that, that we're in a distributed network, the internet and the web and the cloud cloud natives coming. What's Fortinet's thoughts? What's your thoughts on how the edge is evolving and what people should pay attention to when they look at as they're architecturally planning for building out and managing and securing the edge? >> Given this a zero trust conversation on users and devices and given that people are familiar with the cloud and how they're going to use cloud. I think the network is becoming a really important very important area. And some people say, "Oh, don't worry about the network, just go to the cloud." The network is very important in providing that digital experience, but what's happening with the network is it's being stretched. It's being extended into factories. It's opening up on the winning side. You've got people now working from home. You've got that edge that used to be just the data center edge is now CloudEdge and SAS edge. And so you have to pay close attention to those edges. Now what you can't do is say, "Oh, I know we've got all those edges there. Let me overlay some security on each edge," because it's going to be different the way you deploy that in on a wifi device versus a CloudEdge. And so what you need to look towards is convergence of a capability either of the CloudEdge or the WAN edge or the LTE edge, it's got to be converged networking, and security. Otherwise it's too operationally inefficient, too complex to do. And so I think this is a really important subject and area for customers because as I said at the beginning, it provides that digital, we acquired a company called (indistinct) a few months ago, which actually focuses on the digital experience monitoring marketplace. What are users actually going through in terms of availability and quality and performance all the way from their device, all the way back into the application? I think that's very important. And the network edges have to be secured, where you can only do it through a converged solution. >> Yeah, that's a great point Architecturally, you might have a good technology or product look on paper but the complexity is the vulnerability. That's a really, really great point. John always great to have you on. Thanks for coming on, sharing the update. Before we end, I'll give you a quick minute to plug the news you had. Quickly put a plug in for the release you guys just put out around the new FortiOS 7.0 the features. What's the most important point about that release? Share, take a minute to explain. >> Yeah. FortiOS 7.0 is our big release our operating system is big news because it allows us FortiOS to sit at any edge across the network, whether it would be the one edge CloudEdge, data center edge. We've extended it into the CloudEdge with SASE in this release. We're also bringing in zero trust network access capabilities but overall it includes 300 features across the network, Endpoint in cloud. So a very important release for us and our customers and partners. >> John, great to have you on theCUBE again and get the news. You guys doing a great job, congratulations on your earnings but more importantly, congratulations on the product success and how you guys are thinking about it as a platform. That's what customers want. And you guys are continuing to do a great job there and congratulations from the news. Thanks for coming on. >> Thanks Jim. >> Again, John Furrier here inside theCUBE for CUBE Conversation getting the update on Fortinet and cybersecurity. Look for our cybersecurity coverage on SiliconANGLE.com. And of course, theCUBE's coverage continuing to talk to the thought leaders and the people making things happen, securing our networks and our cloud and deploying cloud native applications. Thanks for watching. (upbeat music)

>>From the cube studios in Palo Alto, in Boston, connecting with thought leaders all around the world. This is a cute conversation. >>Everyone. Welcome to the cube conversation here from our Palo Alto studios. I'm John furrier, host of the cube. We're here with our remote crew, getting all the interviews, getting all the stories that matter during this time were all sheltering in place during the COVID crisis. We've got a great returning guest, John Madison, EVP of products and chief marketing officer. Fordanet John. Great to see you, uh, looking good with the home studio. They're getting used to it. Yeah, indeed. Good to be here again, John. Thanks for coming. I really appreciate it. We're hearing a lot about sassy, which has a secure access network adjuncts, zero trust network access. Uh, what does that all mean now these days? What does this sassy? Well, there's definitely a lot of hype around the word sassy, which is the security of the age. Uh, for us actually it confirms a strategy that we've had since the beginning of the company. >>And two important concepts. One is, uh, the coming together of, uh, networking and security. We could refer to it as security driven networking, and we've been doing it using ACX and appliances for a long time. Uh, we're now going to expand it to a cloud as well as that's one concept, again, bringing together networking and security or converging them in a way. And then the second concept is more around a platform approach. So if you look at the definition of sassy, it includes, it includes web gateway as a service you a trust Caz B, a wife, et cetera. And so bringing those together in a platform approach, we refer to it as the fabric. So we're actually really happy about those two concepts coming together. Maybe the name itself could be, could be different, but definitely the concepts and the technologies play really well to our strategy. >>Yeah, it's sassy. S a S E not two ways, not like SAS softwares of service. Wait for one noses cloud. Yeah. I tried using the full name and I've reverted back to sassy again. So short and sassy, keep it short and sweet. Um, okay, well this is a super important relevant topic for multiple reasons. One is COVID is kind of accelerated the future for everybody. And you know, we've been kind of riffing on Twitter and throughout the industry I've been calling it the big IOT, uh, experiment because the unforecasted disruption of COVID is forced everyone to work at home. So the notion of work changes workplace is now home workforce, the people, how their interaction with the networks, workloads, workflows, all changing new expectations, new experiences. This is the real deal. And the edge is where the action is. That's the big, new obvious architectural highlight here. >>Yeah, so we talked last time. I think it would just be getting this work from home, uh, element, but, um, we're still here. And I think what it says is that what is forced is that, uh, enterprises and customers need to look at their edges and they're increasing. So we always, the one edge was a new one over the last two years. As we introduced us the, when they had a data center edge, they had an endpoint edge and now you have a home edge. And so you've got to apply security as a cloud edge as well. You've got to apply security to these edges. And the key is the flexibility to apply the security you want and you need against this agent. And so we're seeing some customers right now, look at setting up mini enterprise networks to protect that home age again, in that, in the homes of their executives or developers. >>And we reported with the news. You guys had a couple of months ago around just as such been a feeding frenzy for hackers and bad actors to go after the home environment. Um, as well as the it guys who are working from home, you have the cloud consumption's shifted as well. You're seeing the cloud players doing extremely well because now you have more cloud, you have more vulnerabilities at the edge with the home. This is changing completely increasing the attacks. >>Yeah. The tack factors, you know, predominantly, still actually, you know, a lot of fishing, but then if you're on the network, that attack factor is very important. So for us, and, you know, we did an acquisition last week of opaque networks because that gave us an additional consumption model and different additional form factor. So if somebody going from the home straight into the cloud, or the pairing off a branching off an SD Wang connection straight into the cloud, we can now apply that cloud edge security throughout our sassy capabilities. And so again, the ability to have security at all, these edges has become very important going forward. So for us now we've got appliances, we've got virtual machines, we've got cloud delivery, and this is becoming very important to customers. I'm not saying, and customers are not saying they're going to go to just cloud only going forward. They're going to be hybrid. And so having those options is very important. >>You mentioned opaque networks, we reported that acquisition. Congratulations. What does that mean for Fordanet and where does that technology fit? And you mentioned software. Can you just take a minute to explain the acquisition impact Affordanet and where does the tech fit? >>Well, as I said, we've been driving a lot of this conversion, sassy conversions through our appliances. Um, but it's sometimes makes sense to put that security closer to the cloud during points or wherever. And so opaque, we really liked their model of building out these hyper hearing stations and making sure they got high-speed security there as well as edges. And so, um, we bring, we're going to bring that inside our environment, uh, update it to include some of our technology, uh, but it gives us now great flexibility, uh, of applying that security at the SD wan edge, the data center agent now without edge or longer-term roadmaps will integrate orchestration capabilities. It also includes a zero trust network access capability as well. So really when we looked at our, uh, of sassy framework, uh, we had most of the things in place. This now adds firewall as a service as well as zero trust network access, giving us the most complete sassy framework in the marketplace. >>What is the security component of the work at home? You mentioned earlier, there's more networks and companies are looking to kind of up level the capabilities. Can you give an example and take us through what that like and what companies are thinking about, because it's not just, here's some extra money for your home bandwidth, your people are working there. It's like, it's gotta be industrial strength edge. Now it's not just, um, you know, temporary and their kids are home too. So you got they're gaming, they're watching Netflix, people zooming in and doing WebExes all day long. >>Yeah, it can be as simple as putting a zero trust network access, you know, an agent on there and doing some security locally, and then going back through a proxy in a, we believe actually that it's, it can be even better than that. That can apply many enterprise security in your house through a next gen firewall, give high availability through SD wan, uh, then, you know, expand out their secure access and switching and end points. And we can do that today. I think what's going to be key going forward is as you're dealing as it, uh, teams have to deal with more of a consumer approach remotely in the homes, we're gonna have to simplify the way things get set up, such that you can easily separate out, maybe home usage from corporate enterprise users. So that will be something we'll be working on over the next 18 months. >>I mean, just the provisioning, the hardware, okay, here you go. Plug it in it. Should it be plug and play? And this is kind of back to the future of where SAS is going. I mean, the old days was plug and play was the technology. Now you've hit that concept. It has to be auto configured. You have to provision pretty quickly. What's the future of sassy in your mind. >>Yeah. And so, you know, if you think about, you know, coming back to the home usage, then people have dumbed down those routers and the security is very simplistic. So we, people can just plug and play. If you, it needs to be a bit more sophisticated. Uh, you're going to need to put some tools in place. We believe longterm that the sassy model, once you've got the platforms in place, once you've got SD wan in place, your Cosby or your sassy zero trust and longterm, you're going to need an orchestration system. That's more AI driven. So we've done a lot of work on AI around security and making sure we can see things very quickly. Um, but the longterm goal, I think will be around AI ops, AI network ops, uh, where the system and the big data systems are looking across your network, across these different components to see where there may be an issue. Maybe there's a certain length has gone down across a certain ISP. We need to bring that back up. Maybe there's a certain cure or as to an application in the cloud somewhere. So we need to change the OnRamp. Uh, so once everything's in place and you have that console and policy engine that can look across everything, and then we need to get smarter by looking at the data and the logs, et cetera, and applying some of that AI technology. >>You know, John, we've been following Fordanet as you know, for many, many years and watching the evolution of you guys as a company. And also as the industry, the new waves are coming in. Um, a lot of the stuff you're doing with the fabric and now the secure driven networking has been kind of on the playbook. So I want to get your thoughts before we get into those topics and define them and kind of unpack them. But generally customers are looking at, um, a slew of vendors out there and you have 10 of two approaches. You have a platform, and then you have the we're an application or fully full stack or SAS or something. And this there's trade offs between the two. And how should customers understand the difference? Because there's different value propositions for each platforms, more enabling out of the box, SAS or point solution can solve a particular thing, but it may not have that breadth. How should customers think about a platform approach or fabric and how should they think about the value and how to engage with that longterm? >>Yeah, I'm definitely seeing more customers look towards a platform going forward. They just can't manage all the different point solutions and you don't have to train an individual in that product. You have to have a separate management console, you have to integrate it. And so more and more I'm finding customers wanting to converge, which is the basis of sassy consolidate applications onto a platform of security applications. What's important over that platform is that the consumption model is flexible enough to be an appliance, to be a virtual machine and to be cloud delivery does as a customer's networks move and their orchestration systems move into different, more cloud, or they've got their IP enabling their factories, for example, then they need that security to be flexible. So yes, you need to be a platform as the way forward. Um, but two things. One is you need a flexible consumption model for it. You know, clients, virtual machine and cloud. And also that platform needs to be very open. It needs to have connectors into the main orchestration systems that needs to allow people to build API and automation. So, uh, yes, you, you need a platform, but it needs to be open and it needs to be flexible. >>Great, great insight there. And that's exactly what the marketing, especially with cloud the kind of scale, second follow up question to that is how do you tell the difference between a tool camouflage is a platform. So I have a tool I want to sell you a tool, but no, it's a platform. So a lot of people are peddling tools and saying their platforms. How do you know the difference? >>Well, to me, a platform that has much greater scope across the attack surface festival, they attack factors whether that be email or application the network, the end point. So platforms not just of a specific attack back to go across the complete surface. And then also a platform is Wednesday organically built, allows those products to communicate. So then you can build automation across it. It's very hard to build automation across two or three different vendors. They have different scripts. So been able to build that automation. And then of course, on top of that, to have a single view, single visibility capability, as well as longterm applied that AI ops across it. So platform is very, very different from the, some of the tools I've seen in the marketplace. >>I want to get to your reaction to a comment that your CEO said about security driven, networking, and underscores what we've been saying for years, blah, blah, blah. He goes on in this era of hyperconnectivity and expanding networks with the network edge stretching across the entire digital infrastructure, um, networking and security have to be kind of be their, their convergence. You mentioned describe how you view hyper-connectivity and expanding networks and how the edge stretches across the digital infrastructure. What's what does that look like? Can you share your vision of that? >>Well, when you think about networking, if you go back 20 years, when you have these 10 megabit per second connections, learning, networking, and routing and switching, they haven't really changed that much over the last eight years, 20 years, they've just got a lot faster, gone to now to 400. You give us a second, but the basic functionality is the same. And so it's allowed them to go a lot faster. Um, security is very different, even though it started off with firewalling than VPN, and then next gen firewall, SSL inspection, all these functionalities IPS have been added, making a lot harder for it to keep up in the network. And so one of the fundamental principles of security and networking is bringing these two things together, but accelerating them either using a six and now cloud through our acquisition, uh, to allow those to run in a converged format. >>And that's very important because as I said, there's now more, you can look at it two ways. You can say the perimeter has expanded because it used to be a very narrow perimeter. The data center across these areas, or at the edges have formed as well. There's new edges sitting at the OT environment, sitting at the wan edge, sitting at the home mattress. I talked about seeing the cloud edge. And so the ability to apply that security in very high performance, very high quality security, not just a small sampling of security, a full enterprise stack, but those edges is going to be critical going forward. And the flexibility to apply in different ways is going to be very important. >>I think the convergence piece is totally relevant and honestly it consolidating into a platform is very key point there. Um, while I got you here, I would just like you I'd like you to define what is security driven networking and what does it mean to be security driven? So define security, driven, networking, and give an example of what it means. >>Yeah. And so I think it's, I think the one edge was one of the best examples of it. I mean, actually go before that next gen Fila was where you bought firewalling and then content inspection to go there. But I think the latest one is definitely the one edge or secure SD land where you had a networking function, which was to get the users to the right applications. And so they got this application now steering that goes out through there. Well, you also want to apply security to that because security into the wham, you've also got to protect the land. And so the ability to run a security stack there, whether it be IDs, right, patient control is very important. So getting all those networking functions, working at high speed, getting all the security functions, working at high speed, uh, is that it's the kind of the Genesis of security driven networking, and you can apply it there. We can also apply it in other places at the age, in the cloud. Now the home, uh, it's a very, very important concept, uh, to be able to run networking and security together. But high speed, >>Everyone has their own kind of weird definition of sassy, depending on when you're building your own or different analyst firms. Uh, I noticed you guys have a different take on this. Even Gartner has a different view on this. How do you guys diff differ from that, that definition and what should people be aware of when they hear that? What is the right definition? >>Yeah. You know, it's unfortunate. I mean, I think Ghana does some good work there and that they define it and I've come up with sassy, but this is like acronym soup. And, you know, I want a bit of next gen firewall on my sassy. It's just, it's just so many different terms. It confuses the customer. Then what makes it more confusing is that vendors look at their portfolio and go, Oh, sassy is a hot topic. I've got a sassy as well. And really, it should be very clear what the definition from Gardner is. It is bringing together security and networking. Now their definition is that they, uh, you should do that in the cloud, which we agree with as well, but it can only be in the cloud. The reason it's in the cloud is because not many people have got the ability to run on an appliance very fast. >>So we believe our different stairs that you should be able to run it on an appliance virtual machine in cloud. And then the second kind of differences that they've defined the components of Sassies being Estee, wagon, Cosby, firewalls, a service zero trust. We also think that the land age is very important. So we would add into that definition, that secure access of wifi and Ethan at switching as well. And so we try and point out, you know, the gun definition and we also point out where we differ and I think that's fair to the customer can make a good decision. >>I think it is fair. And I think one of the things I've been saying for years, and I love garden, I love the guys over there and gals. I just don't think that their business model is real time as much, but they ended up kind of getting it right down the road. But you brought up a good point. And again, I've been saying this for years, cloud changes Gartner's model because there's, if you have quadrants, it implies silos and implies categories. And one of the best things about cloud is it does horizontally scale. So some of the best vendors actually have multiple capabilities that might fall on different quadrants that may or may not be judged on a criteria that meets what cloud's doing. So, yeah, for instance, Asics, you mentioned right. That's in there too. You get cloud and ACX is that where they've got two different categories? You add the edge in there. If you do all three, really great as an integrated, converged and consolidated platform, you're technically awesome, but you might not fit in the quadrant. >>Yes. That's a really good point. I have this conversation with them all the time in that traditionally enterprises have a networking teams and security teams, and they've been in silos or I've had a networking team that just does switching or just this routing, just this SD wan. And I have a security team that does web gateway, and then they like to separate them all into different components. When you look inside those Nike quadrants, they're all different, even at the same vendor, the different products. And what we like to do is bring it all together. You a single operating system, a single appliance or cloud virtual machine. Sometimes it's not quite, it doesn't quite fit the model, but in the end, you're trying to do the same thing. Know, and COVID-19 >>One of the real realities that everyone's dealing with is it does expose everything and an expose. And again, it's been a disruption unforecasted, but it's not like an outage or a flood or a hurricane. If it happened and it's happening, it really puts the pressure on looking at the network. It's looking at how you can have continuous operations. How are you working with your people and workloads, workforces apps. You got to have it all there. And if you're not digitally enabled, you're going to be on the wrong side of history. This is what companies are facing every day. And they've got to come back and double down on the right project. So every CXO I talk about, that's the number one challenge I need to come out of the pandemic with a growth strategy and an architecture. That's going to allow me to take advantage of the new realities. Hey, it's really good for people to work at home. That's cool. Some people are going to continue to do that. Maybe that's normal. Maybe that's a new tactic >>And it's going to vary by industry as well. So if I'm a retail outlet, I absolutely need it 100% of the time, but those retail outlets cause people are ordering online and then they're driving up. And so it has changed the dynamics. It's for me working at home, I have to be on all the time. And so the ability to do really good, high quality networking, high availability, high IQ of as, with this integrated security across the different edges is super critical. >>I was talking with a network friend of mine. Again, we were having a few zoom cocktails and do a little social networking online. And we were like, and we've, and we've mentioned it before in the queue, but we keep coming back to the land is the new land. And meaning that it's in the old days, land was everything, everything, the local area network, and you were inside the data center, everything was great on premises. When is the new land? So if you think about it that way you go, okay, when edge I got a, now Atlanta at home, you got to SD wan and your house, of course you worked for Fournette. So it's a little bit beneficial for you, your, your, your, your geek there, but this is the new normal where it's all one network. It's not just a land link, it's a system. Can you react to that? What's your take on that? When is the new land kind of ref, >>First of all, it can't be too picky. He goes on the CMO as well. So there's no talk about the geekiness. Um, but, um, it's just, it just makes as a skip saying, it's, it's, it's making sure that wherever you may be, uh, you know, you're doing less traveling these days, but that may come back at some point or where they are at a branch office or a campus environment or wherever applications, and then moving around in different clouds, in different areas, in terms of consumption of workloads, um, wherever that's happening, you gotta be able to be flexible and applying that security to the different edges, land edge, one edge home edge data center edge. And so the ability to do that, uh, while providing high speed and connectivity, uh, is very important. And then again, as you go forward and you implement that platform approach. So not just the point product now, three or four products working together, uh, being able to apply that policy orchestration and AI ops is going to make sure that they get that user in the end. It's all about the user experience. Do I have a high quality of experience, whatever application I'm using? That's the key measurement in the end? >>You know, one observation I would have, if you look back at the whole virtualization trend, going back to the early days of VMware, that kind of enabled Amazon and kind of having a large scale kind of infrastructure, hyperconvergence really kind of collapsed everything together. And now you seeing things with Amazon, like outposts, you seeing, you know, these non premises devices, which is basically one cloud operations kind of highlights what you're saying here. And I want to get your thoughts on this because the combination of Asics with cloud, it's not a bug, it's a feature for you guys. That's a value proposition and it's kind of consistent with some of the big players like AWS. When you look at what they're doing and apprenticeships, for instance, what they're putting in the servers, having that combination of horsepower Asex with cloud is a guiding principle of the future architecture. Can you share your thoughts was also, you guys are, are announcing that and have that feature. >>Yeah, well, w another reason why I like the opaque acquisition as they were their major appearing pubs into the different cloud service providers that were using hardware and that hardware, uh, we, we can run hardware and with our Asics almost 50, a hundred times faster than equipment CPU. So I've got a firewall application I've gone on appliance. There, I may need a hundred virtual machines and, and CPU they're running the same thing. So again, we're coming back to our definition of security driven, networking in our minds. It can be basic, it can be virtual machine and it can be cloud. Now, imagine if we can take the best benefits of basic and combine that with cloud, uh, that's a great model going forward again, given that flexibility. So when people think cloud something has to run on something, it doesn't run in fresh air. So, you know, the big cloud vendors are putting in some Asex to accelerate some of the AI stuff, and we're going to use the same thing in some of our major, what we call 40 sassy. You know, our naming methodology is 40, whatever it does or going forward to provide us that performance and high availability now. Yeah. So you're always going to need some flexibility of virtual machines in certain areas, but we think the combination of both, it gives us a great advantage. Yeah. >>And there's definitely evidence that, I mean, there's a, there's kind of two schools of thought on hardware. Are you a box mover, you know, commodity general purpose, or are you using the hardware and a system architecture, acceleration has been a huge advantage, whether I've seen companies doing accelerated Kubernetes processing, you know, for clusters and some, you know, see GPS are out there. It's, it's, it's how you use the hardware. Yeah. That's the, really the key it's and again, back to the architecture. So, okay. So wrapping up, if you, if you believe that, and you look at the fabric that you guys are having out there, and as it evolves, what's the, what's the next level for 400. How do you see this going forward? You've got security driven networking, and you got the fabric. What's next? What are you guys working on the product side? >>I know you're public, you can't reveal any future earnings, but give us a taste of kind of the direction on the roadmap. I think, you know, we've got now all the, all the kind of component that underlying components of the platform in terms of the ability to apply appliances, deliver it by appliances or virtual machine or cloud. Um, we've got a very broad portfolio from endpoint, uh, all the way into, to the cloud and the networks, all those things that are in place. Obviously you always need some features here and there as you go forward and nest it when and next gen firewall, et cetera. Um, but I think the longterm, I think a goal for his nine is to, again, to apply a bit more intelligence, uh, both from a security perspective and from a network perspective, such that we can predict things, we can automatically change things. >>We can build automation and react to things much more quickly. So I think the building blocks are in place. Now. I think it's the ability to provide a bit more smarts across it, uh, which of course takes big data and very specific application programming. And I think, uh, definitely our customers are asking us about that. And we look very closely with our customers to build out that, to make sure it meets their needs going forward while it's great to see the platform continue to grow and, and fill in a holistic view of the, of the landscape from edge to throughout the enterprise. So a great strategy and thanks for the update, John Madison, the VP of product and CMR for that. John. Great to have you on. Thanks for coming on extra. Okay. This is the cube conversation here in Palo Alto studios. I'm Chad for a year hosting the cube. Thanks for watching.

from the cube studios in Palo Alto in Boston connecting with thought leaders all around the world this is a cube conversation everyone welcome to this cube conversation here in the cubes Palo Alto Studios we're here with the quarantine crew I'm John for your host we've got a great guest John Madison CMO an EVP of products of Fortinet and today more than ever in this changing landscape accelerating faster and faster certainly as this covin 19 crisis has forced business to realize a lot of the at scale problems are at hand and a lot of things are exposed in terms of problems and opportunities you have to take care of one of them security John thanks for coming on cube and looking forward to chatting about your recent event you had this week and also the updates at Florida thanks for joining me yeah it's great to be here John so more than ever the innovation strategies are not just talking points anymore in board meetings or companies there's they actually have to come out of this pandemic and operate through it with real innovation with actionable outcomes they've got to get their house in order you're seeing projects really focusing in on the at scale problems which is essentially keep the network's run and keep the sick the security fabric in place this is critical path stuff but the innovation coming out of it has to be a growth play for companies and this has been a big thing so you guys are in the middle of it we've chatted about all the four to guard stuff and all this you're seeing all the traffic you're seeing all the all the impact this work at home has forced companies to not only deal to new realities but it's exposed some things they need to double down on and things they need to either get rid of or fix fast what's your take on all this yeah you know I think it took a lot of people by surprise and the first thing I would like to do is you know spank our employees our customers and partners for the work they've done in the last six to seven weeks now what was happening was a lot of customers had built their work from home programs around a certain percentage 5% 10% 15% and that's what they scaled it for then all of a sudden you know everybody had to work from home and so you went from maybe a thousand people to 10,000 or 5,000 to 50,000 they had to scale very quickly because this had to be implemented in hours and days not weeks and months luckily our systems are able to gaile very quickly we can scale using a security processing units which offload the CPU and allow a lot of users simultaneously to access through VPN SSL VPN IPSec VPN and then we have an implementation at home ranging from a very simple Microsoft Wyant all the way to our clients all the way to even off Buda gate firewalls at home so we really did work very hard to make sure that our customers could maintain their business proposition during these times you know I want to get those work at home and I think it's a little big Sdn story and you guys have been on for a long time I mean we've talked with your you and your folks many times around st Wynn and what it means to to have that in place but this work at home those numbers are off the charts strange and this is disruption this was an unforeseen disruption it's not like a hurricane or flood this is real and we've also talked with you guys and your team around the endpoint you know the edge of the network that's the explosion of the billions of edges this is just an industry kind of inside baseball conversation and then also the immersion of the lifestyle we now live in so you have a world where it was inside baseball for this industry now every company and everyone's feeling it this is a huge issue I'm at home I got to protect myself I got data I gotta have a VPN I mean this is a reality that just wasn't seen I mean what do you guys are what are you guys doing in this area well I think it changes that this long-term architect and so you know the past we talked about there being millions of edges and people go how many billions of edges and what's happened is if you're working from home that's an edge and so the long term architecture means that companies need to take care of where their network edges are now the SEM at home they had them at the branch office they have them at the end of prize and the data center in the cloud then we need to decide know where to apply the security is it at the endpoint is it at the edges is the data center or bout an S T one is absolutely essential because every edge you'll have whether that were home now whether it be in your data center or eCampus on the cloud needs that st-1 technology and make sure you can guide the applications in a secure manner what's interesting is I actually deployed st-1 in my home here I've got two ISP connections one week I'm casting off with AT&T now that may be overkill right now for most people about putting st-1 in their homes but I think long-term homes are gonna be part of the enterprise network it's just another eight take a minute to explain the SD win I would call it the this is a mill especially this is not your grandfather's st win I mean it's changed st when is the internet I mean basically at home what does that mean if users don't know care what the products are at the end of the day they're working at home so kind of SD win has taken on a new broader scope if you will it's not just the classic SD win or is it can you take us through I mean and this is a category that's becoming much broader what's your what's your nails is there yeah again I'm not saying that you know consumers are gonna be putting SD wine in the homes right now but if I'm an executive and I rely on my communication out there are lots of meetings during the day work from home I want it to be as reliable as possible so if my one is pee goes down and I can't get on the internet that's an issue if I have to ISPs I have much higher availability but more importantly us you and I can guide the applications where I want when they want I can make sure you know my normal home traffic goes off certain direction the certain on a VLAN and segmentation policy whereas my war can be completely set out so again I you know I think SDRAM technology is important for the home long term is important for the branch for the enterprise and the data center and Earls St ones built into all up all our forty gates have sp1 you just switch it on we think it's a four essential technology going forward to drive that cloud on-ramp real quick follow-up on that for the folks in the enterprise I see the enterprise will make it easier for their customers their users who are at home so it feels consumer II invisible if you will I think that's the short-term what's what are what are you seeing your customers and prospective customers thinking when they come back or as they operate now in this new reality when they say you know what we really miss forecasted this now they have to get back to business what are they gonna do do they do more sta on I mean what's the architecture how does that get done what's the conversation like you know as this evolved for the next it's gonna slowly open up it still it's going to be a new reality for at least 12 months what's the conversation with the customer right now when it comes to going in and taking care of this so it doesn't happen again yeah what I'm doing actually actually what I'm doing a lot of virtual ABC's obviously we usually have 200 our customers that come to our corporate quarters or executive briefings and I'm doing actually more virtually and a lot of the opening conversations is they don't think they're gonna go completely Hunter's under percent back to where they were there's always going to be now a fraction of work-from-home people they may move around some of their physical location so as I said the ST when is that piece on the edge whether it be your home ranch campus or data centers gonna be there to guide the applications guide the users and devices to the right applications of wherever they may be as it could be in the cloud of communion data center it could be anywhere and then the key conversation thereafter for customers long-term architecture wise is where do I apply my security stack and the security spat consists of basic things like antivirus all right yes more detection capabilities even even response to Isis given that stack how much do I put in the edge how much do I put in my endpoint how much do I put my branch how much I put in my campus data center and cloud and then how do I maintain a policy a single policy across all of those and then now and again maybe I have to move that stack cross so that's going to be the key long term architecture question for enterprises as they move to a slightly different composition of workforce in different locations is hey I've got to make sure every edge that I have I identify and I secure when SP ran and then how do I apply the security stack cross all the diff tell great insight thanks for sharing that I want to get your take on now speaking of working at home you're also the CMO as well as the EVP of products which is a unique job because you can talk about any think when the cube we love it you had an event accelerate 2020 the folks watching go to the hashtag on Twitter hashtag accelerate 20 that's the hash tag you'll see a lot of the the pictures of the slides and some commentary I was laying down some tweets all the analysts were as well what are some of the highlights for you is a great presentation by the CEO you gave a talk and there's a lot of breakouts you had to do a digital event because you couldn't hold the physical event so you kind of had a shelter-in-place kind of and how did it go and what are some of the highlights yeah on the one side I was a bit sad you know we had or what we call accelerates arrange for this year in Barcelona and New York Mexico and San Jose we had to cancel war for them and I'm very quickly spin up a digital event a virtual event and you know we end up there's some initial targets around you know you know each of our physical events we get between two and three thousand and so we're thinking you know if we got to ten thousand this would be great we actually ended up with thirty thirty-two thousand or something like that registered and actually the percentage that showed off was even higher so we had over 20,000 people actually come online and go through our keynotes we built it so you go through the keynotes then you can go off to the painting what we call the breakouts for more detail we did verticals oh it did more technology sessions and so it's great and you know we tried our best to answer the questions online because these things are on demand we had three we had one for the u.s. one premiere and won't write back and so there was times but to get that sort of exposure to me is amazing twenty thousand people on there listening and it connects into another subject which is education and fun yet for some time as invested I would say you know my CEO says but I'll invest a bit more in education versus the marketing advertising budget now go okay okay that's that hey we'll work on that but education for us we announced a few weeks ago that education is now training is free for customers for everybody and we'd also been you know leading the way by providing free training for our partners now it's completely free for everybody we have something called the network security expert which goes from one to eight one and two of that are actually open to the public right now and if I go to the end of last year we had about two to three thousand people maybe a week come on and do the training obviously majority doing the NSC one courses you get further through to eight it's more technical last week we had over eighty thousand people we just think about those numbers incredible because people you know having more time let's do the training and finding is as they're doing this training going up the stack more quickly and they're able to implement their tools more quickly so training for us is just exploded off the map and I and there's a new reality of all the unemployment and also people are at home and there's a lot of job about the skill gap before in another cube conversation it's it's more apparent than ever and why not make it free give people some hope give them some tools to be successful there's demand yes and it's not you know it's not just them you know IT professionals are Ennis e1 is a foundational course and you'll see kids and students and universities doing it and so Ben Mars granddad's dad's doing it so we we're getting all sorts of comments and social media about the training you know our foundation great stuff has a great we'll put a plug on that when should we get that amplified for its really good stuff I got to ask you about the event one of the things I really like about the presentation was from your CEO and you gave one as well was the clarity around the vision of security and a couple of things that were notable to me was the confluence of the collision between networking and security and at the intersection of those two forces you have an accelerated integrated policy dynamic to me this is the heart of DevOps of what used to be in cloud being kind of applied to security you have data you got all kinds of new things emerging new patterns new signals that's security so you got to be you got to be fast you got to identify things so you guys are in this business that's one force and the other one was the billions of edges and this idea that there's no perimeter so it's everything's immersive so illustrate some points of validation on that from your standpoint is that how you guys are seeing it unfold in the future is that happening now can you give us a feeling for whether where we are and that those those kind of paradigms yeah good point so I think it's been happening it's happening now has been happening the future you know if you look at networking and our CEO Enzi talked about this and that networking hasn't really cheer outing and switching we go back to 2000 we had 100 mega under megabit now you have formed a gigabit but the basic function we haven't really changed that much securities different we've gone from a firewall and we add VPN then we at next-gen firewall then we had SSL inspection now we've added sd1 and so this collisions kind of an equal in that you know networking's sped ahead and firewalling is stayed behind because it's just got too many applications on that so the basic principle premise of the company of putting net is to build and bring that together so it's best of all accelerate the basic security network security functions so you can consolidate multiple functions on one system and then bring networking and security together a really good example of security where or nexium firewall where you can accelerate and so our security processing units and my analogy simple analogy is GPUs inside games where their GPU offloads CPU to allow rendering to happen very quick it's the same for us RSP use way of a network SPU and we have a Content SPU which all flows the CPU to allow a security and networking do it be accelerated work now coming to your second point about the perimeter I I'm not quite sure whether the perimeters disappear and the reason I say that is customer still goes they have firewalls on the front of the networks they have endpoint protection they have protection in the cloud so it's not that the perimeters disappeared it's just but much larger and so now the perimeters sitting across all your infrastructure your endpoints your in factories you got IOT devices you've got workloads in different powered and that means you need to look very carefully at those and give visibility initially and then apply the control that control maybe it's a ten-point security it may be SD mine at the edge it may be a compliance template in the cloud but you need visibility of all those edges which have been created with the perimeters reading across the image it's interesting you bring up a good point we always have kind of debates over beers on this on this topic you know the old model was mote you know get the castle and the gate but here the perimeter of the edge if you believe there's an edge and I do believe you find it perfectly the edge is a perimeter it's an endpoint right so it's a door into the internet so are the network so is the perimeter just an end adorn there's more doors right so or service yeah just think about it the castle would did multiple doors is the back everyone's the door there's this dozle someday and you have to define those H's and have visibility of them and that's why things like network access control know for you know zero trust network access is really important making sure you kind of look at the edge inside your way and so your data center and then it's like you powd what workloads are spinning off and what's the configuration and what's there what's from a data perspective right your recommendation and I'm a customer looking at my network I got compute I got edge devices and users I realized there's a billions of edges on my network now and the realities hit me I wasn't really being proactive on investing what do I do what's the PlayBook for me as I start to rethink that and what do I put into place how do I get going now I got to rethink it I now recognize I got full validation I got to manage this I got to do something what's your recommendation to me if I'm a customer the key to me is and I've had this conversation now for the last five years and it's getting louder and louder and that is I suppose I spend a lot of money on point solution point but even end point may have five point products on there and so they're getting to the conclusion it's just too hard to manage I can't find all the right people I get so many alerts from so many security systems I can't work out what's going on and the conversation now is how do I deploy a platform we call it the security fabric now I don't deploy that fabric across my network I'm not saying you should go from 30 vendors to one vendor that would be nice of course but I what I'm saying as you go from 30 vendors down to maybe five or six platform the platform's perform multiple functions it could be they're out there you attach a platform a designer platform just birth protector or a particular organization or part of the network and so the platform allows you then to build automation and the automation allows you to see things more quickly and react to things more quickly and do things without manual intervention the platform approach it's absolutely starting to resonate yes you've still got very very large customers who put everything into segments of a C's Exedra book most customers now moving towards a yeah I think you know as you see and again back to that collision with the end of the intersection we have integrated policies if you're gonna do any integration which is the data problem so we talk about all the time to a lot of different tools can create silos and there's a use case for that but also creates problematic situations I mean a platform gives you a much more robust capability to be adaptive to be real time to program and automate yeah it's it's it's an issue if you've got 30 vendors and just be honest it's also an issue in the industry so I mean networking the story kind of worked out how to work together you can use the same different vendor switches and routers and they roughly work together with cybersecurity they've all been deal you know built totally separately not to even work and that's why you've got these multiple layers you've got a product the security problem then this got its own analytics engine and manager then you've got a manager of managers and an analyzer of analyzers and the sim system and then a saw I mean just goes on it makes it so complex for people and that's why I think they look into something a bit more simplified but most importantly the platform must be friendly from a consumption model you must be able to do an appliance where you need to do virtual machine SAS cloud native container whatever it may be because that network has changed in those ages as those edges move you've got them to have a platform that adaptable to the consumption model require you know I had a great cartridge with Phil Quaid you see your seaso over there and we were chatting around you know this idea of I won't say customization but there's no one turnkey monolithic application it seems to these platforms tend to be enabling where the seaso trend is to have teams building ok and and and almost a customized but building software to automate to solve their use case for their outcome so enabling that is a trend we're seeing so I think you guys are on the right track there any comment on your take on this enabling platform is that something that you guys are seeing that CSIS is looking at more in-house development more use case focus because they have the data they got real-time they need to be building on a platform not told what they could do yeah I think you've always had this this network team trying to build things fast and open and the security team trying to post things down and make it more secure you know it becomes even more problematic if you kind of go to the cloud where you've got pockets a developer's kind of thing do things in the DevOps way really as fast as possible and sometimes the controls are not put in place in fact no the big as I said the biggest issue for the cloud is not so much you know malware it it's more about miss configuration that's why you're seeing the big breaches and that's more of a customer thing to do and so I think what the seaso is trying to do is make sure they apply the controls appropriately and again their job has become much harder now we've got all the multitude of endpoints that they didn't have before they've got now there when that's not just the closed MPLS network is old off different types of broadband 5 G's coming towards the end of this year next year as well the data centers may have decreased a bit but they've still got datacenter capacity and they're probably got 5 or 6 hours and 20 different SAS applications that put a deal with and they've got to deal with developers in there so it's a harder job for them and they need to melt or add those tools but come back to that single point of management great stuff John Madison CMO EVP great insight there it's almost a master class right there you laid it all out on what's going on a final question any change is what any other news updates on the four net front I know you guys got some answer I didn't see the breakouts of the session I had something else going on I think I've been walking dog and do some other things but you know being at home and to take care of things what's new what's what's out that people might have missed that's coming out of for today you're telling me you didn't have 60 hour a breakout on dedicated I don't think yeah we've you know we've have a lot going on you know we have a big R&D team here in North America and Canada and with a lot of products coming out this time of the year we bring out our 40 OS network operating system with 6.4 over 300 new features inside there including new orchestration systems for sp1 and then also we actually launched on network processor seven and the board gate already 200 F powered by four network processor sevens it's some system out there and provide over 800 gigs of fire or capacities but in bill V explain acceleration they can do things like elephant flows huge flows of data so there's always there's always new products coming out of 14 it sure those are the two big ones for this quarter you guys certainly are great interviews to talk to great a lot of expertise there final final question you know everyone every company's got their culture Moore's laws cadence of Moore's laws Intel faster cheaper smaller what's the for Annette culture if you had to kind of boil it down what's it you guys are always pushing great products out there all high quality I'll see security you got to be buttoned up and have good ops and controls but you still need to push the envelope and have stadia what's the culture if you had to kind of boil the culture down for Porter net what would it be that's always an interesting question and so the company's been going since 2000 okay the founders are still there NZ's CEO and Michael Z's the CTO and I think that one of the philosophies is that listen to the customer very closely because you can get distracted by shiny objects all over the place I want to go and do this oh yeah let's build this what about this and in the end the customer and and what they want may get lost and so we listen very closely we use you know we have a very high content of technology people who can translate the customer use case into what we should build and so I think that's the culture we have and maintain that so we're very close to our customers we've been building very quickly for them make sure it works it needs tweaking then we'll look at it again a very very customer driven always great to hear from the founders you guys had a great event accelerate 20 that's the hashtag some great highlights on Twitter some commentary there and of course go to Ford a net site to check out the replays Sean man so thanks for taking the time to share your insights here on the cube conversation I really appreciate it thank you okay it's cube concert here in Palo Alto we're bringing you all the interviews during this time we have our quarantine crew the cube is virtual we'll do whatever it takes to get the interviews out there and get the stories out there and the people behind the tech making it happen I'm John Fourier thanks for watching [Music]

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hey welcome back here ready Jeff Rick here with the cube we're in our pal 2 studios today for a cube conversation to talk about a pretty interesting topic right which is the security issue that is pervasive and needs to be baked in all over the place and combining that with networking and software to find networking which is often talked about as kind of the last area of really software-defined execution and a lot of activity around SD win so we're happy to have with us today from Fortin at John Madison he's the CMO and EVP of products for fortinet John great to see you you too and also joining us from Atlanta is Hilton styrsky he is the CIO of Crawford & Company Hilton great to see you as well so let's just jump into it big issue right Crawford & Company Hilton give us a little bit of the which you guys are and more importantly kind of what a distributed company that you are y SD win and when particularly is a pretty important piece of the equation absolutely SD wins very important to us as we look at growth so I'm a confident company we are 77 year old you asked in management's claims company we we haven't focus on restoring and enhancing lives businesses in communities in 2018 we processed about one and a half million claims they are translated into north of fifteen billion dollars in payments but more importantly when you think about the insurance space and really any highly transactional organization will go through a digital disruption and korfin and company is no difference and in particular with the culture of innovation that we have a profiling company we looking at all facets of the business to disrupt and that's our basic infrastructure all the way to the business process applications that interact with our customers and when we think about the network that's the lifeblood of our organization span in seven countries with almost 9,000 employees and NATO it touches every facet of our organization and our business and being on an innovative modern technology enables us to support the Scanlan growth that's invariably coming down the pipes in this industry thank you thanks for that summary and John over to you you know we got a lot of conferences as we go to your guys conference we go to RSA and security the topic because all these security needs to bake be baked in throughout the process it can't just be added on at the end and you guys have taken that to heart so tell us a little bit about you know your guys solution in this SD win space and how you're approaching it slightly differently yes he'll concern just about every company's going through this digital disruption and that means they really need to make sure that network is of high quality high speed can access the applications but most importantly is secure so what we do is make sure with all my networking gear and SDRAM being a specific example that security is totally integrated within that solution and you do it in a different way - right you're not just doing it with software but you've actually introduced you know a hardware component into this into this equation as well yeah well now obviously the software is still very important to make sure you can orchestrate and you've got the feature set but earlier this year we announced the the world's first sd1 ASIC which allows us to get that performance of the networking stack and security stack on a single appliance we're talking about five to 10 X performance and again allows the customer such as Crawford to run and networking and their security in that single appliance so help I'm curious from your perspective I have to say I feel sorry for CIOs cuz that you know as again we go to all these shows we walk around there's so much technology and in security specifically when you walk around RSA as the the granddaddy of all those conferences you know there's hundreds and hundreds and hundreds of vendors and I think my goodness how do you go through how do you evaluate so you know what do you do when you're looking for technology partners among this giant sea of potential opportunities and people telling you to do this that and the other you got to find a partner that's going to help you absolutely so I mean they're number of facets that come to that but first and foremost we take security and privacy not just security extremely or seriously hope it ends because of that we rely on our cyber team to help us make decisions and drive those discussion so these relationships are not just you know come about because of benefits that we see on white papers or interactions with the PIO they really are driven from our cyber organization in the indian research that they do envy attend products we're not just looking for a sexy brands name to put in our our branches in our data centers but we're really looking for a tried and tested product and it wasn't a network that really came down to our cyber team because of the integrated nature of the ESD way and the security applies it to em i'm curious in terms of the changing kind of government regulations you know ii had gdpr we've got the California Privacy Act has that impacted your you know kind of prioritization of security and privacy or has that always just been a top priority and that's just you know kind of another box to check yeah man it's always been there we haven't seen it impacted from a sigh from a networking perspective tea to date but as we think about applications we're looking for the flexibility in the application stack to adhere to GT bernini quite frankly any other regulatory control been in the insurance industry we are highly regulated and that type of scale and flexibility is something that we look to as we build new products more modern future and John to you I'm just curious you know some of the advantages of bringing these two things together to really bake the security and the SD win appliance what is that enable you to do that you couldn't do so much before well it's all about supporting the business and the applications so corporate for example you know obviously voice is very important to me they speak to a lot of people and branch offices video training their applications in the cloud and so bringing mass security and that networking together and accelerating it means they get a high quality of service to all the applications which are important to their business so what's next John what are some of the the things as you look forward and you see this this market to continuing to evolve you guys are really starting to take a real leadership position what are some of your priorities as you as you look forward and we're gonna flip the calendar here in just a few short months you know and definitely you know sd-1 an application on our appliance has exploded we just announced we're actually in the top three in terms of sd-1 benders globally what's coming next well I think what we call cloud on-ramp isn't very important where we provide specific routes and information to make sure we have even higher QoS of devices and users getting to the applications and I knew that on the land side of it was starting to roll out something called ST branch which gives you the same kind of fabric topology view control and workflow of access from Wi-Fi from Ethernet switching and we've also integrated nak network access control which gives you that visibility control of IOT devices great so I want it I want to give you the last word you know to share with your peers as they're going through this journey a lot of talk about digital transformation but when the rubber hits the road right you actually got to do do the things and do the small things that make a difference as you've gone through this and you've dealt the security you got a lot of remote branches this continuation around hybrid cloud and and distributed infrastructure what are some of the things on your top of mind and what would you share with some of your peers as they you know start to look at some of these technologies well you've got to have an open mindset and obviously like anything it's okay to fail as long as you learn from your mistakes but as we think specifically about our network and coordinate in particular I think trying to reference some of the technologies and that that requires a lot of data so you need to understand what the future looks like and provide a scale and flexible solution for our customers and John also reference Borden ACK we are in the process of deploy in that and it's all about having that single pane of glass in an integrated solution and makes it easier for a smaller supports team to manage and ultimately Triberr you and Ally investments and other parts of their company well Hilton I know we're up against it on the time I want to thank you for for taking some time out of your busy day and lovely Atlanta and sharing your story and John you know nothing but continued success to you and fortunate we've really been happy to be part of the story and share it and come to the conference's and just another step on that on that journey to success thank you thanks a lot all right thanks gentlemen all right you've been watching the cube from our Palo Alto studios thanks for watching we'll see you next time [Music]

live from Orlando Florida it's the cube covering accelerate nineteen brought to you by important welcome back to the cubes continuing coverage of forty net accelerate 2019 live from Orlando Florida Lisa Martin with Peter verse and we're pleased to welcome back to the key one of our alumni John Madison the executive vice president of products and solutions from forty met John it's great to have you back on the cube it's great to be here again lots of momentum that forty minutes coming into 2019 with I can't believe we're in April already lots of growth in revenue product revenue was up you guys talked about the expansion of the partner network we've had some of your fabric ready partners on already today yeah you talked about this third generation and security how fourteen it is is uniquely delivering that for our viewers who were didn't have the opportunity to attend your keynote kind of talk to us about that in this hybrid world how is putting that delivering this third generation what makes you guys different yeah so we talk about the third generation now everyone has different generations that's fine we call it what we are the security driven networking and it's really the genesis of 14f for a long time in bringing together networking and security into one place I think these days or in the past people have built out the networks with a network layer then they try and connect users and applications I think oh wait a minute and this put some security over here and a bit over here and over there in our minds start with both start with a security driven networking concept make sure it works end to end and that will be the most sophisticated most secure application and network you can have and what enables porting that to deliver this uniquely because a number of times today and Ken's keynote I think patrice as well and i can't recall if yours competition came up where the audience was shown the strength in numbers that 14 that has so what makes you guys unique and what you're delivering what are key differentiators from the start has been making sure we can run routing stacks sometimes today referred to as st wayne stacks also security stacks in a very small footprint and to do you need to spend a lot of money what we call security processes which go inside our appliances to make sure that runs very fast but having said that I definitely think customers are gonna be in a high weight world forever for a long time at least anyway we're not only appliances but also personal machines an API security and we also talk about this fabric concept they're able to cover the complete digital attack surface so there's a very important point and we're finding a lot of customers now agree that they want to consolidate they want to make it simpler they need to move faster to this digital world and the only way you have to do that is through a consolidated approach so let's build on this they want to consolidate they want to make it simpler more common and how they in policies and management now along comes the edge what's the dynamic there what's happening is all people refer to the perimeter disappearing okay that's happening to a certain extent because data is moving into cloud you've got different one implementations but what's happening when you do that is you're creating new edges a really good example is sd1 which used to be very closed off the wound used to be something that connects branch offices back to the data center but nobody got involved in that well now you're opening up that when two different types of transport mechanism you're creating an edge I always refer to these edges as being created by different trust levels there is a may be a secure trust level here less trust here it creates an edge and you absolutely need to protect all those edges but give us an example of that so for example when you say differentiated trust levels my edge might be at a customer location is that kind of what versus my edge might be at a branch office is that what you mean by a different trust level push that concept force you know it's more for example if I got a branch office and I've got one connectivity going back to my data center that's encrypted and secure but I've also opened up connectivity to the internet the trust level between that encrypted link and my connection to the to the internet is very different the Internet's open anyone can see there so that trust level between those two is very different and that's what creates the edge and so therefore that becomes a key feature in how we design diff edge implementations it is it's also a key requirement on what type of deployment mode you use we have appliances we have virtual machines we have clouds containers API is going forward I'm finding that customers are still very reluctant to put software implementations of firewalls against the Internet appliances are harden they run faster having said that inside the cloud obviously inside software-defined data centers virtuals fine what are some of those customer concerns that you're hearing well I think what happens is you know if you putting a piece of software against the internet it's open to all sorts of attack it's the same as giving IP addresses to anything it's like a factory that creates an edge as well and you need to harm that edge against that phone how can st when helped why is this such a crucial component of digital transformation you know sometimes markets are overhyped I remember that the Cosby marketplace a few years ago it just was a feature to be honest I think sd1 is extremely important the reason it's important is the SD one controller that controller eventually tells users and devices how to get to the applications and so I tell customers that investment for you is extremely important you need to own it you need to make sure it's flexible you need to make sure it's secure and so I think the SD web marketplace or one edge is the kind of larger term for it is extremely important investment for customers do you anticipate that I mean you guys invested you guys put forward a lot of products we made a number of different announcements again going back to that notion of simplicity that notion of consolidation what is the breaking point for your typical IT group in terms of the complexity of that they can accommodate and absorb when we start adding additional function within the overall network especially from a security standpoint well I think it's a bit broken already they're really struggling to keep up from one perspective no today we announced our forty OS 6.2 is our major operating system and what we try and do is consolidate functionality as much as possible inside our fabric through a single console so there were single operations capability so it's easier for the operations people for the security people to implement things and we're also implementing automated mechanisms like security ratings which do a background run of best practices for example that make it gain easier for those cut those teams to run a full analysis of what's going on so was it about three hundred features roughly laughs I counted them individually okay good yeah well do a recount of a tremendous amount of feature addition to forty OS announced today what are some of the things business outcomes Peter and I we're talking about outcomes with several of our guests earlier business outcomes new revenue streams new products going to market faster the also being able to become less reactive maybe more proactive in terms of security cuts can you walk us through some of the outcomes that 14 that customers can expect to achieve from some of the OS announcements and enhancements yeah I already talked about one which was the consolidation which means they can do multiple things with the single platform that's an important one for them also some of those some of the cost savings around that some of the operational cost savings I think also for our partners for example they like the fact that we're keep that we keep adding services on top of that fabric they can take those services then apply them to their customers and make sure they can add value inside there as well so there's two angles to it the one is making sure our customers are better protected they can consolidate save money invest better training and then to our partners so that they can provide more value to their customers so one of the things we were talking to Ken about is the fact that you have invested in a six and security processing units and content processing units etc that are capable of accelerating the rate of which these crucial security algorithms run that opens up that creates additional capacity to add more function both for you as well as your partners are you starting to see some of your ecosystem grow faster as they better exploit that inherent power and performance that you have within your appliances and devices definitely I think we're seeing new partners come from new areas it also fragments a bit and that's why we announced this new partner initiative going forward which is a bit more customizable but I you know I do think that going forward both our customers and our partners are looking for more of an architecture approach you know again if you go back five years here's a box and off you go and there's install it and we're good and again when you saw those security threats yes we produce a point solution to fix it normal we keep moving on there now looking at architectures over the next five years a known only just cyber security architectures but networking architecture storage architectures and all coming together so we definitely need to train our partners I think here we had over fifty of our what we call networks a network security expert eight it's the highest level of architecture and half and the partners but going forward we see much more partner involvement in an architecture approach and our customers want that because they don't want to have a point solution that's out-of-date in a year's time or a new threat comes along and makes it redundant so how are you you mentioned you mentioned network security and storage what other things are starting to inform that architectural approach that you're taking it's everything now so we know the factories now are completely automated all the different utilities have IP addresses are running almost all the way down to the end point just everything has more flexibility and is more open and so definitely all of that informations bouncing around inside IOT devices inside the wires like data centers and all that data needs protecting that's the key of protecting the data and to do that again we keep saying you need to have an integrated approach to networking and security how does the customer work with 40 net and your partner ecosystem to achieve that integrated approach assuming that there's a you know an enterprise out there that's got a spectrum of hybrid multi cloud environment with a spectrum of security Point solutions pointed it you know different components of an infrastructure how do you help them on that journey of taking the many disparate security solutions and leveraging the power of cortina and your partners to get that integrated truly integrated consolidate consolidated view it's a couple of steps maybe maybe many steps the first one is customers don't want to throw everything else straight away and so what they want to do is be able to integrate and connect and so we have some of our partners here for example of fabric ready partners we have connectors we build into their platforms and orchestration systems and that's their first step once they get there they start looking across to see what they can consolidate so can they take a specific solution from this and I'm bringing inside and then eventually they start to look at the long-term architecture if they're moving apps to the cloud or they want to open up their where or they want to provide kind of SD functionality inside their branch but so it's definitely a phase approached I don't see many customers some customers would take an application and create from scratch inside the cloud they can't do that with their infrastructure they can't just completely wipe it clean start again it's definitely more of a phased approach so as you think about the phase approach and you talked we heard from we heard from the sales port side the notion that the SPS the service providers want greater customization the enterprise wants a different level of access to the core technologies so that they can do not customization not exactly I remember exactly what the term was but what degree will customers retain control over how that architecture gets implemented versus what degree is it going to get baked into the stack itself a bit of both I think you know for most customers they're running towards a digital platform and they need to own that digital platform if they give up complete control you know how do they control that their destiny going forward so they want to own the digital platform but they haven't got the resources to do everything so they'll outsource some to service providers and carriers some of the partners for example but again I keep coming back to this they want to get to a point in five years time where they've got a digital footprint it's very flexible but they also want to make sure it's very secure because as you open up that digital footprint you're opening up all these different edges inside the network and it's coherent which is the architected approach yes because if they don't have a coherent approach to doing it they don't know what the interfaces are or are not competent and that includes interfaces with partners yeah they have to look forward and say I'm gonna implement X amount in the cloud I'm now gonna have some edge compute going on here I want to shape make sure my branches have the best quality of service for these certain applications that go back to this so they look at all those parameters and then architect something from there so I know that security network security app security info security cloud security is in our imperatives for every industry but I didn't notice that the breakouts today feature I think there's a couple of vertical features healthcare financial services retail I'm just curious are those just great use cases that show the potential and the power of 14x technologies or are those industries that are either early adopters or maybe more leading-edge because they have such a tremendous amount of data that needs to be secured as their ecosystem does this yeah so the industry verticals I think I think for the very large ones they're very similar all of them have IOT that's expanding or don't want to have a flexible wand system all them I've got something some compute power and the cloud and the edge going forward so I know there's differences in industries for the very large enterprises it's the problem seems the same these huge organizations and they have all of these things going on in each trying corner I'd you come down to mid enterprise I think there's more reason to consolidate but then you see more differences in the way they approach things like a healthcare they're really focused on that healthcare kind of security of devices inside the hospitals etc education oh they need to connect in these big data banks and transfer the research information so big organizations I say pretty much the same problem midsize organizations become more relevant to a specific industry well John thank you so much for carving out some time speak with Peter and me today we appreciate that and it's exciting to see and feel the momentum that 49 is bringing into 2019 wealth I'm say inviting me our pleasure we want to thank you for your time as well for Peter Burris I am Lisa Martin you're watching the cube [Music]

>> live from Orlando, Florida It's the que covering Accelerate nineteen. Brought to you by Ford. >> Hey, welcome back to the Cube. We are live at forty nine. Accelerate twenty nineteen in noisy Orlando, Florida, and Lisa Martin welcoming to Guest to the program one you know and love Well, John Madison, the executive vice president of Products and Solutions at fourteen. That and gentle Mary, please toe also welcome Peter Jogger, the vice president of business development from Symantec. Welcome back. Welcome. >> Thank you. >> So, guys, Partnerships, symbiotic partnerships. We've been talking about partnerships all day. Now we want to talk about what's new? Fortinet and semantic. You guys just announced a couple months ago an expansive partnership. Peter, let's go ahead and start with you. You guys just like we're gonna partner to deliver the most robust and comprehensive cloud security service. Why did semantic decide to partner and collaborate with forty minutes and why now? >> Absolutely. So when we think about what our customers they're going through, they're going through a digital transformation to Billy to the cloud on DH. We wanted to make sure that we perform the best possible technology for our customers. We chose fortunate way were great partners. Actually, before this whole thing started, we looked the technology that they had to offer repaired it with what we had in our Web security service. There was a fantastic fit, and so far with the show today and accelerate, we made the right choice. >> That's always good, right to get some validation there talks to us about the from from Maybe from a customer's perspective, what were some of the drivers saying, Hey, guys, this partnership could be really beneficial for your doing part. Customers, partners and each company. Yeah, well, they think it's >> a very expensive relationship. Peter just talked about having our next year firewall inside their cloud, providing security there. There's also opportunity at the end point for sound. Full semantic is the largest endpoint hundred seventy five million or something. In points out, there were the largest network security vendor in terms of implementation. Some four million firewalls out there what customs they're saying they want their security solutions to work together there, one the end point to see the network. They want the networks to the end point one exchange information, so one of the other integration points is between the end point on our next generation firewalls providing policy exchange, providing the ability to exchange information. So if I'm a large customer and I've got a very all encompassing degree off implementation ofthe semantic endpoint separate think it's called on DH, they've got Fortinet taken. Simply connect those two together, provide a very comprehensive solution. So we get some great feedback from our customers around them. >> Talk to me a little bit more about that. Are you seeing this adoption on? You know, both semantic and forty eight have customers in every industry of many sizes, but in terms of some of the successes that you're seeing, I know this is still really early on. What are some of those that really excite you? That, like Peter, you said we've made the right choice. >> Yeah, I'll just follow on from a comment you made Whether you're a medium size customer, the largest financial customer, security is a very tough thing to solve on. What you don't do is add complexity to that problem. You also wanna make sure you don't cost as well. So the really cool thing we're doing here is through the collaboration through the integrations that John spoke about between the employment network and secure rst. One of the fabric we're actually solving those problems in very intuitive ways is seamless for the customer. It just clicks together. That's what it should be like. We don't have any complexity here, and that's you know, that's what we're doing this, right? >> Yeah, and I think, think for customers Every time they need toe, add a security solution, it makes more complex. It's more costs, more operational overhead. So if they've got existing vendors like Semantic at the end, point off a cloud security and they've got Fortinet in there for SD when our next fire war, if >> we could >> simply switch on the connectivity policy exchange threat, intelligent exchange between those two things is great for the customer because they instantly get a better solution is more secure. It's more cost effective, >> of course, customers. You mentioned you guys both mentioned a couple of words that every customer wants seamless wanted to click in kind of plug and play. Obviously, it's it's a cut ostensible undertaking to integrate your solutions talked to us since this was just announced a few months ago. Where are you in terms of integrating the technologies. I think we saw the next Gen firewall integrated into semantics. Web security service and semantics. Endpoint solutions integrated into the security fabric. Where are you guys on the faces of those integrations? >> Well, let people talk about the WSSC. >> Yes, eso I think one big yellow into this as I just mentioned Wass Web security service. We have data centers around the planet on what we're doing is we're taking the virtual Forget solutions were installing them. Now in all of our data pods Andi were in the We're starting the rollout phase this summer. Andi will be probably finished done with it as we get into the fall season around the planet and we'LL be switching that that that on and they really cool bit about This is it's going to be one single interface. The customer just simply switches on five walling i ps Next one firewall. It's completely seamless >> from a management perspective policy upside looking through one crystal ball, >> one cloud security says service. >> Yes, on the end points mourners to develop. So we have to develop this connector of our election and firewall into the end point. And we're looking probably toward the end of this port early Q three. To do that on we'LL start rolling that out across are different operating systems. >> Talk to me about part about the channel, so I know forty nine is very much dedicated to the channel we've had with a number of your partner's on. I know you've Got John both coming up next and Facebooking with him for several years. Saw a lot of statistics, a lot of revenue growth, front of growth, affording that driven by the channel. One of the main kind of pillars that was discussed in the keynotes this morning was education. Talked about technology, talked about equal system collaboration. Education. How are you guys working together to educate your joint partners? Teo. Understand that the impact potential that Fortinet and Cemented customers are about to have? >> Yeah, from a training perspective. Obviously we have our own individual training programs, and as I was saying earlier, I think one thing that's very important to customers is more of an architectural approach. I want to look at an architecture of a four or five years. I don't make sure all these pieces are integrated inside there, so one of things we do initially for something, something like this for our partners. This produced boats are fast track. A fast track is a small module. Off training was focused on hands on training off both components to make sure that all our partners understand how to integrate. How to make that work as soon as possible. Then, before I followed that up with some more detailed training on on both solutions. >> Excellent. And from a relative perspective, this is something that's going to be going global by the way it's >> gonna go fast. It's going to start next week. So and the nice thing is when we map out our channel party because semantic is a channel very channel friendly company as well. We've got some great overlap, but there's also a ton of white space there for a partner, too. So I think it's going to really help both, obviously, our fields, but also our channel partners engaged, group broader and grow deeper into opportunities, >> and we need that. Security is a pan industry challenge, as every organization now lives and successful lives in this hybrid multi cloud world, millions of connected devices every industry has to react otherwise every business in every industry. Otherwise they face going out of business. I noticed that, though, that there were a couple of tracks here. John. Some sessions focused on a couple of verticals healthcare financial services. Retail, for example. Are you expecting to see any leading edge industries joint customers that really are ripe for this integrated solution? >> Maybe. But I also think that smacked. It's got a huge footprint across all the verticals across all the segments, the same as us. And so I think initially, you'LL see some of the larger companies who have these huge footprints of M points and network security. Implement these connectors, implement the cloud security and, as you see that roll down into the segments as well. >> So we're at the event today in the last couple days. What is that? Some of the feedback been from partners, but from also and user customers. Since there's about about four thousand people here today, John, what are some of the things that you're hearing? >> Well, we've been talking to some of our customers before here, obviously on DH overwhelmingly positive feedback from the large customers I spoke to some partners to hear today as well. They really like the ability to bring together on M point leading edge endpoint solution on network solution with cloud attached to it as well. So it's not often, actually I've done a partner announcement and I've seen so much excitement, not only with some of our some of the customers, all the customers on all the partners, but also both organizations. We announced it to ourselves. Organizations were doing that with semantics later on. That's right this week and I see a lot of excitement. So I think that bodes well going forward. >> And I imagine, Peter, you're hearing similar feedback from semantics and Sol days. >> Yeah, I mean, it's just been tremendous. This show for me has cemented the fact this is gonna be a very special partnership. The feedback I've been hearing from potential customers, our own customers coming to us, who say, Hey, I've got these solutions. It's fantastic. You doing this now to our partners saying, You know, this is this is truly amazing what you're doing it is very rare. You find these two companies that could come together in a meaningful way that can actually really impact what we're all trying to do here is find the adversary. >> Yeah, I mean, you look at that. Both companies that are big companies Cyrus critic companies think semantics. Probably enterprise in the top two. Top Juan we're in the top five easy, huge companies on our footprints. From a part of perspective is a bit of overlap here and there, but not really. Which makes is exciting, I think, for our partners for both companies, I think, yes, we you know, I see these relationships where it's a local exchange or we'LL do a bit of this integration on this AP I hear this is a truly very integrate solution for both our channel partners on our customers. >> And let's talk about competition that came up a lot during the general session this morning where just a few times a few people mentioned it, you know, in past saying on giant slides with arrows pointing, No, I'm kidding, but really what? What was very clear, I think, from not only the general session this morning, but also somatic that we've heard on the Cube today is the industry leadership, the product leadership that forty nine is demonstrating, but also, you know, telephoto networks Cisco some of your other competitors where really proudly showing this is where we are in relation even so far as the number of Gardner Insight partner appearance I reviews that Fortinet has gotten vs your competitors. So let's start with you, Peter. Talk to us about the competitive advantage that Symantec sees this partnership being able to generate. >> So the the way the way we look at it, is we're going to come to market now. We're both way with love technology. I think we can agree that we're both very much technology forward, very research forward, bringing this pieces together. When you do that, you're goingto win. Andi. If you do that in a way that is highly integrated, you're going to be. The competition is going to have a clear advantage. We're going to do text a faster. We're going to respond to start faster. It's just going to show Ray very well on DH. I'm not going to appoint a particular competitors. Don't mention the name way. We're obviously very large player in industry, but way like this a lot again. We think that if you make a very big impact, so let's see where it goes >> and John any predictions on what those graphs might look like it accelerate twenty, twenty, >> twenty twenty. That's a long time away from now, but I You know what? We continue to grow as a company. We take marketshare. We're aligning with some of the big players, such a semantic in the marketplace. So those graphs definitely up until the right, is that the right direction? >> That's the right direction. And last question is, we talked a lot about data sharing on a number of our segments. Today is semantic and forty that sharing threat intelligence and if so, why? Is that a good thing? Why is that >> important? Where where she, both founders of the cyber threat, aligns the C t a way already share way did that for two years ago. At least I know we're expanding. That strong was staying with really time on the ground. Three intelligence sharing between our products between the fabrics that would happen just automatically. >> It's important that you got the global sharing through the T A, but also going for because of targeted attacks. You have the local sharing, so we'LL have global sharing with big amounts of threat intelligence and data, but at the local level between the end points on the network's puree will have threat sharing there as well. >> But this is important to do that fast Security changes by the second. If you don't react to something quickly, If you don't share the intelligence that's actionable on relevant, you may as well just give up. You're gonna be fast, responsive >> and lasting. Last question is you mentioned the word react and we talked about that a lot today, as well as how and I'll ask you both thiss Peter, we'LL start with you. How is this partnership going to enable your joint customers to eventually go from being reactive to proactive to predictive? >> They're for sure. Well, I thinks of these integrations we're working on is all about being proactive. So is an example. If we see something in our network we've seen in a corner case, we can automatically give it over Too fortunate they'LL be inoculated everywhere around the planet in every single device. Advice first. So, unfortunately, something in their network that we've never seen before we can inoculate all ofher own points. All of our customers, that's been truly proactive. That's how you get ahead. >> Yeah, it's all about showing that threat intelligence is fastest possible across much of the attack surface is possible, and that's where the relationship >> Well, guys, thanks so much for stopping by the Cuban sharing with us a little bit more about the partnership with semantic and Fortinet. We look forward to hearing what comes in this year ahead, and we'LL talk to you next year. You look, we want to thank you for watching the Cube. I'm Lisa Martin Live from Fortinet. Accelerate twenty nineteen. Thanks for watching.

>> live from Orlando, Florida It's the que covering accelerate nineteen. By important, >> Welcome back to the cubes. Continuing coverage of Fortinet Accelerate twenty nineteen. Live from Orlando, Florida Lisa Martin with Peter Births and we're pleased to welcome back to the Cube. One of our alumni. John Madison, the executive vice president of Products and Solutions from Fortinet. John, It's great to have you back on The Cube >> is great to be here again. >> Lots of momentum. That fourteen that is coming into twenty nineteen with I can't believe we're in April. Already, lots of growth in revenue product revenue was up. You guys talked about the expansion of the partner network with some of your fabric ready partners on already today. You talked about this third generation and security. How fortunate is uniquely delivering that for our viewers who you weren't didn't have the opportunity to attend. Your keynote kind of talked to us about that in this hybrid world. How is supporting that delivering this third generation? What makes you guys difference? >> Yeah, so we talk about the third generation now. Everyone has different generations. That's fine. We call it the security driven networking, and it's really the Genesis ofthe forty nine for a long time in bringing together networking and security into one place. I think these days or in the past, people have built out the networks, the network layer. Then they try and connect users and applications. And they go, Wait a minute, this person security over here in a bit, over here and over there in our mind, start with both. Start with a security driven networking concept. Make sure it works end to end, and that will be the most sophisticated, most secure application and network you can have. >> And what enable supporting that to deliver this unique. Because a number of times today and Ken's key nodes, I think Patrice as well. I can't recall if yours competition came up where the audience was shown the strength in numbers that fourteen that has what makes us unique and what you're delivering. One of >> the key differentiators from the start is being making sure we can run a routing stacks. Sometimes today he referred to as ehs tea. When Stax or so security stacks in a very small footprint, and to do that, you need to spend a lot of money on what we call security processes which go inside our appliances, but to make sure that runs very fast. But having said that, I definitely think customer is going to be in a hybrid world forever for a very long time, at least anyway, where not only appliances but also virtual machines and FBI security. We also talk about this fabric concept that ables to cover the incomplete digital attack surface. So there's a very important point, and we find a lot of customers now agreed that they want to consolidate. They want to make it simpler. They need to move faster to this digital world, and anyway, you have to do that is through a consolidated >> approach. So let's build on this. They want to consolidate. They want to make it simpler, more common, and how the policies and management now along comes. Yet what's the dynamic there? >> But what's happening is that all the people referred to the perimeter disappearing. Okay, that's happening to a certain extent because data's moving into cloud. You've got different one implementations, but what's happening when you do that is to creating New Edge is a really good example, a zesty wherein which used to be very closed off. The one used to be something that connects branch offices back to the data center, but nobody got involved in that. Well, now you're opening up that when two different types of transport mechanism you're creating an edge I always refer to these edges is being created by different trust levels. There is a maybe a secure trust level here, less trust here. It creates an edge, and you absolutely need to protect all those edges. >> Would give us an example that So, for example, when you say differentiated trust levels, my edge might be at a customer location. Is that kind of what versus my edge might be in a branch office? Is that what you mean by different trust level? Push that concept for >> you know, It's more, for example, if I got a branch office and I've got one connective ity going back to my data center that's encrypted and secure. But I've also opened up connected to the Internet, the trust level between that encrypted link on my connection to the to the Internet's very different Internets open. Anyone can see they're so that trust level between those two is very different. and that's what creates the edge. >> And so, therefore, that becomes a key feature in how we design different edge implementations. It >> is. It's also a key requirement on what type of deployment Mody use have appliances have virtual machines. We have clouds, containers. AP eyes going forward. I'm finding that customers are still very reluctant to put software implementations of firewalls against the Internet. Appliances are hardened. They run faster. Having said that, inside the cloud, obviously, and inside software defined data centers virtual fine. >> Where some of those customer concerns that you're hearing >> well, I think what happens is, you know, if you putting a piece of software against the Internet, it's open to all sorts of attack. It's the same as giving I P addresses to anything. It's like a factory that creates an edge as well, and you need to harm that age against that. >> And how can Estevez When How Why is this such a crucial component of digital transformation? >> You know, sometimes markets are over hyped. I remember the Casby marketplace a few years ago. It just was a feature. To be honest, I think sd one extremely important. The reason is important is the SD one controller. That controller eventually tells users and devices how to get to the applications. And so I tell customers that investment for you is extremely important. You need to own it. You need to make sure it's flexible. Need to make sure it's secure. And so I think the SD, where marketplace or one edge is the kind of larger term for it is extremely important investment for customers. Do >> you anticipate that? I mean, you guys invested. You guys put forward a lot of products, made a number of different announcements again, going back to that notion of simplicity, that notion of consolidation. What is the breaking point for your typical group in terms of the complexity of that they can accommodate and absorbed? When we start adding additional function within the overall network, especially from a security standpoint, >> well, I think it's a bit broken already. They're really struggling to keep up from our perspective. No, today we announced our forty or sixty twos are major operating system, and what we try and do is consolidate functionality as much as possible. Inside our fabric through a single console, there was single operations capability, so it's easier for the operations people. For this critique people to implement things and find information. Ross implementing order made in mechanisms like security ratings. We should do a background run off best practices, for example, that make it again easier for those those teams to run a full analysis. What's going on? >> So was it about three hundred features roughly roughly >> accountable individually? >> Okay, good. We'LL do a recount of that, but a tremendous amount of feature addition to forty OS announced today. What are some of the things business outcomes? Peter and I were talking about outcomes with several of our guests earlier. Business outcomes, New revenue streams New product's going to market faster, the also being able to become less reactive, maybe more proactive in terms of security codes. Can you walk us through some of the outcomes that fourteen customers can expect to achieve from some of the O. S announcement in the handsome? It's already >> talked about one, which was the consolidation, which means they can do multiple things with single platform us, an important one for them. Also, some of the some of the cost savings around that's on the operational cost savings. I think also for our partners. For example, they like the fact that we're keeping that we keep adding services on top of that fabric. They can take those services, then apply them to their customers and make sure they can add value inside as well. So there's two angles to it. The one is making sure our customers are better protected. They can consolidate, save money, invest better training and then to our partners so that they can provide more value to their customers. >> So one of the things we're talking about is the fact that you have invested in a six it's and security processing units and content processing units, etcetera, that are capable of accelerating the rate at which these crucial security algorithms run. That opens up That creates additional capacity to add more function both for you as well as your partners. Are you starting to see some of your ecosystem grow faster as they better exploit that inherent power and performance that you have within your appliances and devices? >> Definitely. I think we're seeing new partners come from new areas. It also fragments of it, and that's why we announced this new partner initiative going forward, which is a bit more customizable, but but I, you know, I do think that going forward, both our customers and our partners are looking for more of an architecture approach again. If you go back five years, here's a box and off you go and install it, and we're good on again When you saw the security threats. Yes, we produce a point solution to fix the normal way. Keep moving on. They're now looking at architectures over the next five years, known only just cybersecurity architectures but Network Inc architectures, storage architectures and all coming together. So we definitely need to train our partners. I think here we had over fifty of are what we call Network's network security expert. Eight. It's the highest level of architecture and half of the partners, But going forward, we see much more partner involvement in architecture approach on. Our customers want that because they don't want to have a point solution that's out of date in a year's time or a new threat comes along and makes it redundant. >> So how are you? You mentioned you mentioned network security and storage. What other things are starting to inform that architectural approach that you're taking. >> It's everything now. So we know the factories now a completely automated all that. If utilities of I P addresses are running almost all the way down to the end point, just everything has more flexibility and more open eso. Definitely All that information's bouncing around inside I ot devices inside the wire inside data centers on all that data needs protecting. That's the key of protecting the data. And to do that again, we keep saying you need tohave. An integrated approach to networking and security >> Has the customer work with forty Net and your partner ecosystem to achieve that integrated approach. Assuming that there is a, you know, an enterprise out there that's got a spectrum of hybrid multiplied environment with the spectrum of Security point Solutions pointed it in a different components of an infrastructure. How do you help them on that journey of taking the many disparate security solutions and leveraging the power of fourteen and your partners to get that integrated, truly integrated, consolidate consolidated view? It's a couple >> of steps, maybe, maybe many steps. The first one is, oh, customers don't want to throw everything else straightaway. So what they want to do is build to integrating Connect. So we have some of our partners. Here, for example, are fabric ready partners way have connectors. We build into their platforms and orchestration systems, and that's their first step. Once they get there, they start looking across to see what they can to consolidate. So can they take a specific solution from this and I'm bringing inside? And then eventually they start to look at the long term architecture if they're moving APS to the cloud or they want to open up their wear or the one who provide kind of SD functionality inside their branch, So it's definitely a phase approached. I don't see many customers. Some customers would take an application and created from scratch inside the cloud. They can't do that with their infrastructure, the kind just completely wipe it clean. Start again. It's definitely more of a phase approach. >> So if you think about the face approach on you, talk way heard from, uh, we heard from the sales of sport side the notion that the S P s the service providers want greater customization. The enterprise wants a different level of access to the core technologies, so that they could do not customization. Not exactly remember Jack with the term was what What degree will customers retain control over how that architecture gets implemented versus what degree is going to get baked into the stack itself? A >> bit of >> both, I think, you know, for most customers, they're running towards a digital platform on. They need to own the digital powerful. If they give up complete control, how do they control that destiny going forward? So they want to own the digital platform, but they haven't got the resources to do everything. So that allows saw some to service providers and carriers. Some of the partners, for example. But I'm going to keep coming back to this. They want to get to a point in five years time, but they've got a digital footprint, is very flexible, but they also want to make sure it's very secure because as you open up that digital footprint, you opening up all these different edges. Inside the network, >> it's coherent, which is the are contested approach. Yes, because if they don't have a coherent approach to doing it, they don't know what interfaces are or are not competent, and that includes interfaces with partners. >> Yeah, they have to look forward and say I'm gonna implement X amount in the cloud. Arnot gonna have some edge compute going on here. I want to shake. Make sure my branches have the best quality of service for these certain applications that go back to this. So they would look at all those parameters and an architect, something from there. >> So we know that security network, security app, security info, security cloud security is our imperatives for every industry. But I didn't notice that the breakouts today feature. I think there's a couple of vertical features healthcare, financial services, retail. I was just curious. Are theirs just great use cases that show the potential power of forty nets technologies? Or are those industries that are either early adopters or maybe more leading edge? Because they have such a tremendous amount of data that needs to be secured as their ecosystem does this? >> Yeah. So the industry verticals, I think I think for the very large ones, they're very similar. All of them have I ot this expanding order and wanna have a flexible land system. Almost got something. Some computer power in the cloud and the edge going forward. So I know there's differences and industries. For the very large enterprises, it's the problem. Seems the same. This huge organizations, and they have all of these things going on in the right corner at you. Calm down, Toa mid enterprise. I think there's more reason to consolidate. But you seymour differences in the way the approach, things like health care that really, really focused on that healthcare kind of security of devices inside hospitals, et cetera. Education. Oh, they need to connect in these big data banks. Transfer the research information. So big organizations, I say pretty much the same problem. Midsize organizations become more relevant to the specific industry. >> Well, John, thank you so much for carving out some time to speak with Peter and need Today. We appreciate that. And it's exciting to see and feel the mo mentum the forty Niners bringing into twenty nineteen. >> Well, thanks for inviting me. >> Our pleasure. We want to thank you for your time is well for Peter. Boris. I'm Lisa Martin. You're watching the Cube

(intense orchestral music) >> Hello everyone and welcome to theCUBE Conversation here in Palo Alto, at theCUBE studios. I'm John Furrier, we're here with a special conversation with Fortinet's John Maddison, senior vice president of products and solutions with Fortinet. Welcome to theCUBE Conversation. >> Good to be here again. >> So you guys have some hard new today hitting, it's called the FortiNAC, Forti, like Fortinet, Forti, N-A-C, network access control. >> Right. >> Significant announcement for your guys, take a minute to explain the announcement. >> Yeah, so about two months ago we acquired a company called Bradford Networks. They compete, provide products in the network access control arena. Other companies in that space, so people like ForeScout or Cisco or HP. We think it's a very important space because it's going to be the foundations for IOT security. You probably heard a lot of buzz around IOT security. And there's different levels of IOT security. There's that for the enterprise, there's that for cloud, et cetera and so, for us, this is an important announcement because it gives us that added visibility now to IOT devices via the fabric. >> And the product, is it an appliance? Is it software? What's the product making? >> It's both. You can do a virtual machine version. It's also an appliance. It comes in different levels. The key for it though is the scalability because with IOT devices, we're not talking 100 devices anymore, we're talking millions of devices so what it's able to do is look across many different protocols and devices and provide that visibility of just about any device attaching to your network. >> Who's the target audience for FortiNAC? Is it the data center? Is it the cloud? Is it the remote? Where's the product actually sit? >> Well it's more by industry, so certain industries will have lots more of these types of devices attaching. So think of manufacturing for example. The medical industry as well. And so those are the real, education's another one, so it's more by vertical and it's really focused on campuses, large campuses or remote offices or even manufacturing plants where, again, these devices are attaching to your network. >> And they'll sit at the edge, monitoring what's coming in and out? Is that the purpose? >> Well that's the neat thing about it, it doesn't have to sit at the edge and see all the traffic. What it does is interrogate existing devices at the edge. It could be a switch, it could be a router, it could be an access point, and from that information it can make an assessment of what the device is attaching and then apply a policy. >> So this is part of a bigger holistic picture? We've have conversations with Fortinet in the past, a few conversations certainly around security, with cloud it's the top conversation, on premise it's the top conversation. You guys also have some complimentary products involved like the security fabric and the connectors. Does this fit into that? Take a minute to explain the relevance of how FortiNAC works with the security fabric and the connectors? >> Yeah, last time I was here I explained our fabric and so the fabric is basically something, is a set of Fortinet products, solutions in a way, that are very tightly integrated into the network or into the customer's ecosystem, and then once you've built that you then provide automation systems across for protection, detection and response. And the whole idea is to make sure you're covering what we call the digital attack surface. The digital attack surface now includes, obviously IOT devices, so gaining this visibility from FortiNAC, making sure the information is available to our fabric is crucial for us to make sure we can protect the digital attack surface. >> And for customer's the fabric is a holistic view, the NAC is a product that sits in the campuses or within the network that kind of communicates in the fabric? Is that right? >> Right. So the NAC can see all the IOT devices attaching and then it integrates back into the fabric. The fabric can then apply a policy, so the fabric can see everything now From IOT to the campus, to the WAN, to the data center, to the cloud and if, for example, those IOT devices are communicating with something in the cloud the fabric can see end to end and apply, for example, a segmentation policy, end to end, all the way through the infrastructure. >> You know what I love about having conversations with Fortinet is that you guys spark two types of conversations, use cases and then product technology conversation. This obviously is an IOT kind of product. It makes a lot of sense, you got a little SD-WAN in there. This is the top conversation around enterprises and people looking at cloud an/or looking at re-platforming around cloud operations, it's the cloud architect, it's the network architect. >> Yeah. >> These guys are really being asked to redo things, so how does the IOT fit into this? What is the product? What is the FortiNAC do for IOT from a use case standpoint and then product and technology? >> That's a good conversation because recently, maybe the last 18 months, instead of talking about a point solution, instead of talking about a specific use case, customers want to put all those use cases together and then produce a longer term, more holistic architecture. So now they have a cyber security architect, security architects as well as networking architects. And they want to look at their infrastructure, because that's the things that's changing the most right now. Sure, the threat landscape's out there and the cyber criminals are changing and stuff, et cetera but it's really that infrastructure that's changing the most because they've moving to flexible WAN systems or cloud and so they want it integrated, end to end, over a long time period. So what they want to be able to do is to automate, that's the key word, is automation. It's to make sure all these devices attaching are part of the security automation architecture and then they comply that security policy automatically to that device. >> You know one of the things that's a big trend in the industry is having network guys and people who are managing infrastructure, move from a command line interface, DLI, to automation. >> Mm. >> You mentioned that. How does the FortiNAC extend the security fabric? Because you guys essentially have that holistic view with the fabric. So now you have this IOT capability. How is that device extending the security fabric and what's the benefits to the buyer? >> Yeah, so the fabric has visibility obviously at the next generation firewall, we also have deployment of access points and switches. But obviously there are other companies with vast deployments of switches, I can name a few, and access points and so if they weren't our switches we couldn't necessarily see those devices attaching. And so what FortiNAC does, it comes in and provides us that now complete visibility. It doesn't matter if it's our infrastructure switches and APs, it can be somebody else's. FortiNAC can interrogate and talk to those devices and not only gain that visibility but if we decide there's a certain security posture we want to apply to some IOT device, we don't know what it is, we want it segmented, restrict it's access. Then the fabric can then tell the FortiNAC device to provide control and segmentation back to it. >> So they're working together? >> Working together and it gives us now complete visibility of the IOT devices. >> Let's talk about some the trends around segmentation. We heard, certainly recently at VMworld about micro segmentation's been one of the key things. A lot of top architects, both network and cloud and software are looking at micro segmentation or segmentation in general around the network. Why is it important and what are some of the use cases that you guys are seeing around segmentation? >> It's extremely important but it's a very complex problem in that even though our customer's have bought a lot of different security products from different vendors and different infrastructure, one of the things they don't always realize is they bought a lot of different orchestration systems, a lot of command and control systems and those are key in the future because those systems determine what the infrastructure looks like. You NAC system is kind of an orchestration system, allowing different devices to come on/off the network. SD-WAN has it's own orchestration system. You talked about micro segmentation, things like VMware and NSX and Cisco ACI, all the clouds have their own orchestration systems as well. AWS, Azure, and so what's interesting is none of them really talk to each other. They're more focused on looking after their part of the infrastructure. Now to do segmentation end to end you really need to have end to end orchestration across all those systems. If I want to orchestrate, as I said, that IOT communication with a select application in the cloud, I need to orchestrate all the way through those orchestration systems. >> You need an orchestration or the orchestration system that you have in the cloud. (laughing) >> You need a mother of all orchestrators in some way but I don't think that's ever going to happen and so what's going to happen, really, is your security architecture and segmentation will be specific to a platform or fabric as we're building and then your fabric has to connect into the orchestration systems to tell it what's going on within that section of the orchestration. Again, if it's a NAC system, I can just explain, I know these IOT devices are attaching, let me apply a policy to those. If I know the WAN links are a certain type then I apply that policy. >> And this is the benefit of a holistic fabric because that's kind of where it ties together, right? >> It is, so you build a holistic security fabric and then you let the different infrastructure orchestrators, like VMware, or an SD-WAN vendor or a NAC vendor, do their job, really focus on the infrastructure. >> And you guys help those guys out, big time, with the orchestration side of it? >> Well we can connect into the orchestration systems and we just use it to make sure the security component is doing well. They're more focused on making sure the infrastructure delivers the applications to the end user. >> They do their job, you do your job. >> Exactly. >> Take a minute to explain for the folks out there, explain segmentation and what it is and why is it important for networks? >> A very simple example of segmentation, a couple of years ago there was a bank that got hacked in one of the countries, I think it was the Philippines or something like that, and what they found out was that in that particular country they didn't have the same security infrastructure in place so they got in through that particular branch and came all the way back into the core network and so a very simple segmentation policy they put in place was that, I'm going to segment by countries. So I'm not going to let this country's network access the core data center, if I give it a certain trust level. Segmentation can mean physical countries. It can mean I'm going to segment my intellectual property off. I could be segmenting by functions. Don't let those sales people anywhere near the intellectual property. You can also segment by identity. So segmentation means many different things, you have to apply, I think different levels of segmentation depending on your applications. >> And this is proven, too? We've heard this in many conversations in theCUBE. We had one guy from the US government saying, "We have these critical infrastructure pieces in the United States, why would we let anyone outside the United States access it?" >> Yeah. >> That's a great example. >> I mean if you go to critical infrastructure, you're even more dangerous. I mean most of the infrastructure's been air gapped. It's been totally air gapped, you can't get at it but that's changing as more of those devices become IOT and you have to let some access that. >> And this is where IOT is a challenge that we're seeing. This is one of the problems? >> It's IOT. You know that category is often referred to these days as OT, operational technology. >> Talk about end points, we're hearing endpoints being discussed, like hey, you connect the endpoints, your endpoint strategy, network strategy. Kind of elusive for some, describe why networking the endpoints is an important feature or is it? When people think of the endpoint of the network what are they really talking about? >> Well I think it's become more important. It's interesting if you go back 10 years or so even 15 years, you have a lot of endpoint vendors. Semantics, MacAfees, Trend Micros, Microsoft, I think, is now the largest endpoint security vendor. Then you have a different set of networking vendors, ourselves and some other names out there I can't remember. But, they're totally separated and so to look at your network, give you visibility to policy and segment, you need to be able to see the endpoints and the network together. The security fabric makes sure that you can at least see the endpoint. You may not provide the full stack of security, you may leave that to your endpoint vendor still but your network should be able to see your endpoint and vice versa, and you should be able to see what's communicating between the two. >> I'd like to talk about SD-WAN, but before we go there, just to kind of close out IOT, talk about Fortinet's differentiation and advantages when you talk about convergence between IOT and access technology. >> So the base technology's NAC, network access control, which is in place there but our advantage really is now scale, we can see huge amounts of IOT devices which are attaching and then take action not only at the access level but all the way into the cloud. >> SD-WAN has become a really hot topic. It's a huge market. >> Yeah. >> It's in the billions in terms of spend, it connects devices, campuses and devices but cloud's had a big renaissance within the SD-WAN market. Talk about what's going on with SD-WAN and how the security fabric and the FortiNAC fit into that because it's not your grandfather's SD-WAN market anymore as the expression goes. >> No. Well it's in that class of everything's being software defined, fair enough. But I think this marketplace, if you go even three years ago, was dominated because all the, you've got two marketplaces. You've got what I call the retail, which is distribute enterprise, thousands and thousands inside which already went to a UTM infrastructure. And then you had the branch office, which was more connected, in fact, it just had a simple router in there, it was connected back to the data center which then would go into the internet. And so what's happened is these branch offices they need more and more access to the cloud, more cloud applications are running. You need to provider QOS against those applications and then also these large corporations have decided they don't want to pay, it's a lot of money to get certain, high quality EPLS circuits, when they can get faster circuits through DSL and other mechanisms and so they wanted more flexibility around the wide area network. >> So commodity network access which is, you know, cloud non and EPLS, were high priced, secure. You get now more cloud access, this is translating to more traffic or is it? Is that the driver in all this? >> Well that's what happens and then you get more traffic going through there, it's the same with the next gen firewall right now and people saying, "There's a refresh going, we don't know why." the reason for it is, when you're in your office you're more than likely communicating with the cloud versus your local databases and so the same for the branch office, there's more traffic going through there, it's more encrypted, they want flexibility, they want HA modes, if that goes down now, you've got a big productivity problem with your employees there. And so this whole market sprung from nowhere only three or four years ago and is already in, as you say, in the billions of dollars. There's a lot of acquisition's already happened, consolidation. In our mind it's very important but what's just a important as all those elements is security. If I open up my branch office now to an internet connection, I need best of breed securities on that device and so we've been building SD-WAN, what I call core functionality, for some time, inside our fabric. It's quite a natural integration now of security into that. In fact some recent tests we did with SS Labs, we got highly recommended, for not only the SD-WAN features but that core security. Today SD-WAN vendors will say, well I'll just go and get some security solution from somewhere and bolt it on or attach it on, provide it through the cloud and that's fine but longterm, again, if you come back to that coordination, that orchestration, across two different systems, it's going to become hard. >> And the other complicating factor in this, aside from the infrastructure component, is that a lot of the SAS applications that people are buying, whether it's shadow IT or just off the shelf, or there's Dropbox or any of these services that are SAS based, cloud based, that's creating less of a perimeter. >> Yeah, when it all comes back, technology called CASB is providing that interface into that world through APIs and it all comes back to making sure that all your mechanisms of protection, detection, control are available to all your systems. If I've got some SD-WAN device somewhere and I need to check where this is going, I can use my application database or if I need to check if I'm going to this cloud, I use my CASB API. And so it comes back to a platform approach, a fabric approach. >> John, what's the SD-WAN approach for Fortinet? How do you guys do it? Why should people care? What's the differentiation? Why Fortinet for SD-WAN? What's the approach? >> Integrated in one word. That is, you don't need two boxes, you don't need two VMs, you don't need a box plus a cloud, it's all integrated on the system, best of breed SD-WAN functionality, best of breed tested by third party security which allows you then to have a much more cost effective solution. I think our TCO in the test as a 10th, or a 100th of some of the leading vendors outside there because you're bringing two vendors together and it's gets very costly. >> Alright, I'm going to put you on spot, I'm going to put my cynical hat on. So you're saying integrate security with SD-WAN? I'm going to say, hey, why not just keep it separate? Why integrate? >> Because the two functions need to work together. Where's the firewall going to go? Is it going to go in the cloud or is it going to go here? Who decides on the policy? If something happens, segmentation, who's deciding on segmentation policy? Usually two different companies, they don't really talk apart from maybe, there's an API leak in the security capabilities but to our mind, again, it comes back to that end to end segmentation and that's what a lot of the, I would say, the larger infrastructure vendors are trying to do. I want infrastructure all the way to devices being added, through my campus, through my SD-WAN, data center and cloud and if you've got multiple vendors, again, all over the place, there's no way you're going to be able to coordinate that. >> Alright, so I'll put my IT practitioner hat on. Okay, so I get that, so probably less security manual risk for human error, but I really want to automate. My goal is to automate some of these IT functions, get better security end to end, does this fit that requirement? >> Yeah, so from an automation perspective, we're building in some tools of our own but what we're finding more and more is that from an IT, as you said, they've gone out and built some dev ops capability. Ansible's a good example there. So what we're doing is making sure that, in fact, a lot of our partners and our SEs have already built these scripts and put them on GitHub, well now Microsoft Hub or whatever you want to call it. So we're taking those in and we're QAing them, making sure they're a high quality and then making them available to our customers and our partners through there. So this dev ops world, especially with cloud moving so fast, has become very important and to us it's a very important area we want to make available to our partners and customers. >> One of the things that's talked about a lot is SSL inspection, is that important? What do you guys do there? >> I think it's extremely important in that, a lot of enterprises have switched it off. The reason they switched it off is because when you switch it on it almost kills your performance. There was a recent, again an SS Labs test that was doing next gen firewall testing for SSL and some vendors' performance decreased by 90% and basically it was useless, you had to turn it off. A lot of enterprises want to switch it on. To switch it on, you need a system that has the performance capabilities. I think we decreased around 15%. The law of physics say you've got to decrease in some way but 15%'s a lot better than 90%. And you've got to switch that on because otherwise it's just a giant hole in your firewall. >> John, talk about the cloud because cloud now has multiple tracks to it. Used to be straight public cloud. Obviously on premise is this hot hybrid cloud, multi cloud is the center of the controversies, it's been validated. We see Amazon Web Services announcing something with VMware validation that you're going to start to see an on premises and cloud and some cloud native, born in the cloud companies will be out there. How do you guys extend the security fabric for those two cloud use cases? How does the Fortinet products scale to the cloud? >> Yeah, two good points. Again, a few years ago, I'd ask customers about cloud and say, "Yeah we're going to takes some steps in AWS." Now it's I've got four clouds, what's the next cloud I'm going to put inside there? I've got global clouds around the world. It's kind of interesting that there is this mad rush and it's still going on into public cloud but then I still see some people trying to do hybrid cloud and put some stuff inside their data centers. Some customers don't want that data leaving, regardless. Some people can't move mainframe applications out there so there's always going to be a hybrid world for some time but the key is multi cloud security in that, more than likely, your AWS security systems are not going to work inside a Google cloud, are not going to work inside your Azure cloud, are not going to work inside some of the data center pieces. And so hybrid cloud and multi cloud security Are really important, so for us the ability to support all those clouds, and it's not just saying, well I can put my firewall VM inside AWS. There's a whole set of deep integrations you need to do, to make sure you're inside their automation systems, you can see visibility, there's a lot of practices around compliance, et cetera, so it's actually a big task for each of us to make sure that we're compliant across the set of functions for each of those clouds. >> My final question is going to be around customer impact. If we zoom out, look at the marketplace and I'm a CIO or CXO, I'm a big time, busy enterprise architect or CIO, I'm so busy, I've got all this stuff going on, why Fortinet? Explain to me why are you important in my world? What should I be thinking about? What are some of the opportunities and challenges that I might face? What should I look at? I want to go to the cloud as much as possible because there's some benefits there. I want on premises to be as seamless as possible to the public cloud. I want rock solid security. I want to have the ability to use SAS apps. >> Right. >> Have programmable networks and have a great development team building top line revenue for my business. How can you help me? >> Is that all? (laughing) I think CIOs and CXOs are happier dealing with less vendors. The trouble is with some very large vendors, they just slow down the development side. I think what we bring to the table and by the way we're not the third largest cyber security company out there, what we try and bring is a broad approach, a broad product set so you can have different things from us as well at integrate into your current set but we try to keep very agile and fast with our developments because otherwise you'll fall behind the infrastructure, you'll fall behind the cyber threats. You know, GDPR, for example, over the last year, you've got to keep up with that. What we bring to the table is now a reasonably large company, we're five and a half thousand employees. A very large R and D budget, we try and move very fast. A large product set, all integrated through our fabric but again, we try and stay as agile and as fast moving as possible. Where we can't do it organically, we try and do it organically so our system integrate very well, where we can't do it, then we'll go and make smaller acquisitions, Bradford Networks was an example of that for IOT but I think we're building now a much better relationship with the CIO and CXO level and becoming one of their strategic partners going forward. >> Talk about the community that you guys have built because I've noticed, and I've seen you guys, certainly over the past couple years, that RSA I think a year and half, two years ago, you're working with a lot of industry partners. It's not just Fortinet by themselves, you work within the industry itself. >> Yeah, because people are building their ecosystem and they've made some decisions and hey want you to integrate inside those so we have about 50 partners now where they use our API to provide integration so they built our API and although we've mentioned FortiNAC today, we have APIs, for example, for ForeScout and other NAC vendors so if they've chosen that specific vendor, then we're fine, we'll integrate that inside our fabric. Will it have the level of integration that we have? Probably not, but at least you can see, have visibility, for example. I think the technology we've been building in the last year or so is something called fabric connectors which is a much, much deeper integration into the platforms so we have connectors for VMware NSX, for Cisco ACI, for AWS, and this provides a two way communication and that two way communication is important for one word, and that's automation. So once you can see things, once you direct policy backwards then you can start stitching together these objects and provide that end to end automation. >> Final question for you, a lot of the leading enterprises and businesses out there that are using technology to build digital business, whether it's from developers all the way down under the hood into the network, are all betting on multi cloud. Clearly that's obvious to us and that's pretty much being picked up by mainstream now. So early adopters that are leading the charge are multi cloud. If I'm betting on multi cloud, why Fortinet? Why should I be working with you guys? >> Because we're committed to supporting all those clouds. And as I said, it's no easy task to support, I think we support six clouds now, to go through all the different items and integrations across that, we're committed to that. We've got probably the most expansive integration across the most security products inside the industry and we'll continue to do that going forward. >> John, thanks for spending the time. John Maddison, senior vice president products and solutions at Fortinet here inside the special CUBE Conversation with the big news today, the FortiNAC new product integrating with the security fabric, IOT, SD-WAN, cloud solutions for multi cloud and IT. As automation comes down the road really fast, we're here in theCUBE bringing it to you. I'm John Furrier, thanks for watching. (intense orchestral music)

>> Announcer: Live from Las Vegas. It's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. (upbeat music) >> Welcome back to theCUBE. Our continuing coverage of Fortinet Accelerate 2018. We're excited to be here. I'm Lisa Martin with Peter Burris, and we're excited to talk to one of the Keynotes the big cheese from the main stage session this morning, John Maddison. >> I say, small cheese I would say. >> SVP of Products and Solutions at Fortinet. Welcome back to theCUBE. >> It's great to be here again. >> So two things I learned about you when you started off your Keynote. One you're a Man City Fan, Manchester City. >> Manchester City Blue. >> Okay. >> Through and through, for many years. >> Premier League all the way. And you have the best job at Fortinet. >> I do indeed. >> Wow. >> That is to announce the new products of course. >> So let's talk about that. So you talked about some exciting announcements today. Tell us about, start with a Security Fabric. What's new there, what's going on, what's exciting? >> Well the core of the Security Fabric is FortiOS 6.0, that's our network operating system. That's the core of he Fabric and when we do a big release like this, many different features, new functionalities. Also we have tighter integration now between all our products in the Fabric. Bus, as I said, new features as well. Things like SD-WAN has been improved, we now have probably estimate of breed SD-WAN security. The Fabric integration itself is going on. We built out some new connectors with cloud. Now we have connectors for all the public clouds. All the public clouds. We have a new CASB connector, acronym city, of course, as usual, CASB is cloud access security broker, API access the SaaS clouds. And so we've got that not only in it's standalone form but also very much integrated inside the Fabric. We've also introducing some new FortiGuard service as part of FortiOS 6.0, a new security rating which is based on a bunch of new practices or best practices that all our customers have said this is great best practices, can you put this together and apply these to our network overall. That's just skimming the surface as I say, I think I said there's 200 plus new services I could have stood up there for like six hours or whatever. But great new services are 6.0 big announcement for us. >> We just chatted with your America's Channel Chief Jon Bove, talk to us about. >> Who's an Arsenal fan by the way. >> What. >> And we beat him Sunday three nil in the Cup final. >> Excellent. >> Just to make sure you get this. >> I'm sure. >> Write that down. >> Jot that down. >> So what excitement are you hearing in, from your perspective, in the channel with respect to all of the new announcements that you made today? >> Great feedback, so this obviously is a big channel partner event here. You know what a lot of channel partners are saying is that I need to make sure I provide more of a solution to the customers. In the past, you know maybe they sell a point product, it's hard to kind of keep that relationship going with that customer. But if they sell a solution with one or two products that's part of that solution or managed and some services as part of that, it's much stickier for the partners and gives them a bit more of an architectural approach to their customers network. They really like the Fabric as I said. The Fabric doesn't have to be everything inside the Fabric, they can be components. It's what we've seen far from a Fabric components. Our partners really latched on to the network plus the advanced threat protection, plus the management or plus the access points. But they definitely prefer to sell a complete solution. It's hard for them to manage 40 different security vendors, the skill sets, the training and everything else. Now they're not saying there needs to be one security vendor, much as we would like it to be Fortinet, but they need to be reduced to maybe a set of 10 or 12 and really, our Fabric allows them to do that. >> That's a key differentiator. >> Absolutely key differentiator and as I said, you know it's very hard to build a Fabric. It's a mesh network, all these products talk to each other. You can only really do that if you build those products organically, step-by-step, alongside the network operating system. It's no good acquiring lots of bits and pieces and trying to bolt it together, it's not going to work. We spent a long time, 10 years, building out this Fabric organically to make sure it integrates but also putting the best of breed features and things like SD-WAN and CASB. >> What is the product? In this digital world what is a product? >> A security product? >> Any kind of product. As a guy who runs product management, what's a product, can we talk about what is a security product? >> I think in the past you know product management used to be very focused on I've got a box that comes out, or I've got a piece of software that comes out, these days it could be virtual machine or cloud, but it's doing a single instance, there's a single thing that it's doing inside, inside the network from a security perspective. What we believe in is that multifunction, now consolidation, multiple threat vectors I refer to this that like the digital attack surface. The digital transformation, security transformation. The biggest issue though, is that digital attack surface. That's just expanded enormously, it's very dynamic. Things are coming on on off the network was spinning up virtual machines and applications here and there. A point product these days just can't cope, can't cope. You need solutions against specific threat vectors that are applied in a dynamic way using the Fabric. >> But arguably it's even beyond solutions. You need to be able to demonstrate to the customer that there is an outcome that's consistent and that you will help achieve that outcome, You'll take some responsibility for it. In many respects, we move from a product to a solution, to an outcome orientation. Does that resonate with you and if so, how does that influence the way you think and the way that you're guiding Fortinet and partners? >> Yes, definitely. You know one of the first things they're very worried about is you know can they see that digital attack surface. It's very large now and it's moving around. Their outcome, first outcomes to say, do I know my risk on my attack surface? That's the very first out. Is it visible, can I see it, or can I protect it or can I apply the right threat protection against that. That outcome to them is they can see everything, protect everything, but as I said also, now they're moving into this more detection environment. Where you've got machine learning, artificial intelligence because you need to apply that. The bad guys these days are very smart in that they know they can morph things very quickly and provide you know targeted attacks, zero-day attacks, we probably haven't seen it before. I hate this analogy where we say somebody else got to get infected before everyone else gets protected. It shouldn't be that way. With, you know, with technologies like artificial intelligence, machine learning, we should be able to protect everybody from day one. >> Kind of pivoting on, you brought up the word outcome, and I want to go off that for a second. When you're talking with customers and you mentioned, I think, before we went live that you visited, talked to over 300 customers last year. Who is at the table, at a customer, in terms of determining the outcome we need to have? Are we talking about the CSO's team, what about folks in other organizations, operational technology departments. Who are you now seeing is in this conversation of determining this outcome. >> A new job role which I think been coming for a while, it's the security architect. Two years ago, I'll go into a room and there would be the networking team on one side of the table, this InfoSec team security side, on this side of the table, the CIO over here and the CSO over here and they be debating. I would be almost invisible in the room. They'll be debating what's going to happen because you know the CIO wants to build out more agile business applications, wants to move faster. The security team has got to answer to the Board these days, and they got to make sure everything's secure. What's their risk factor? And what I see is a new job function called the security architect, that kind of straddles a bit the networking team, understands what they're building out from an SDN, architecture, cloud perspective, but also understands the risks when you open up the network. The security architect provides more holistic, long-term architecture view for the customer, versus, I've got to fix this problem right now I've got a hold of a bucket, I've got to fix it, then we move on to the next. They're building a system on architecture long term. We have something called a Network Security Expert, it's our training education capability. We have an NSC eight, we have around 100 thousand people certified in the last two years on NSC between one and eight. And about 100 people on eight, because eight's a very high level architect level across all the security technologies. But we definitely see a lot of partners who want to get their people trained to NCE level eight because they would like to provide that security architect that's in the customer now, that advice on what should be that holistic security architecture. The big change to me is that the networking team and the security team have realized they can't just keep fixing things day to day, they need a more holistic long-term architecture. >> Let's talk about that holistic approach. At Wikibon we talk a lot about SiliconANGLE Wikibon, we talk a lot about how the difference between business and digital business is the role that data assets play in the digital business. I think it's a relatively interesting, powerful concept, but there's not a lot of expertise out there about thinking how is a data asset formed. I think security has a major role to play in defining how a data assets structured because security in many respects is the process of privatizing data so that it can be appropriated only as you want it to. What does the security architect do? Because I could take what you just said and say the security architect is in part responsible for defining and sustaining the data asset portfolio. >> Yes and you know, if you go back a few years, there's data leakage prevention was a big area, big marketplace, DLP is the best thing. Their biggest problem that they did was they couldn't tag the assets. They didn't know what assets were so then when it came to providing data protection they go well, what is it, I don't know where it's from, I don't know what it is. And so that a whole marketplace kind of just went away. We're still there a bit, but everyone's really struggling with it still. The 6.0 introduced something called tagging technology. It's inherent already inside routing systems and switching systems, SDN systems. The tagging technology allows you to look at data or devices or interfaces or firewalls from a higher level and say this is the business relationship between that device, that data and what my business objectives are. We talked about intent based network security and the ability long term is to say, hey, if I've got a user and I want to add that user to this network at security level six to that application, I say that, then it gets translated into bits and bytes and network comport and then gets translated end-to-end across the network. The tagging technology from my mind is the first step in a to be able to kind of tag interfaces and data and everything else. Once you've got that tagging done then you can apply policies as a much higher level which are data centric and business aware centric. >> I'm going to ask you a question related to that. Historically, networks in the IT world were device was the primary citizen right. Then when we went to the web the page became a primary citizen. Are we now talking about a world in which data becomes the primary citizen we're really talking about networks of data? >> I think to some extent. If you look at the users today, they have like maybe three or four devices. Because students, universities, there's something on with those lectures, they've got an iPad, their iPhone, three devices attaching there. I think the definition of one user and one device has gone away and it's multiple devices these days. And you know a lot of devices attaching that no one has any clue about. I don't think it's going to be completely data centric because I still think it's very very hard to tag and classify that data completely accurately as it's moving around. I think tends to be a part of it, I think devices going to be part of it, I think the network itself, the applications, are all going to be part of this visibility. In our 6.0 we provide this topology map where you can see devices users. You can see applications spin up, you can see the relationship between those things and the policies, the visibility is going to be extremely important going forward and then the tagging goes along with that and then you can apply the policy. >> With respect to visibility, I wanted to chat about that a little bit in the context of customers. One of the things that Ken talked about in his keynote was. >> Ken? >> Ken. >> Ken Xie. >> Yes. (laughing) >> Ken who? >> That guy? The guy that steals slides from you in keynotes. >> He did as usual. >> I know, I saw that. >> Tells me like two minutes before tells me John, I need that slide. (Peter laughing) >> That's why you have the best job. Everybody wants to copy you. In terms of what what the CEO said, that guy, that Fortinet protects 90% of the global S&P 100. There were logos of Apple, Coca-cola, Oracle, for example. In terms of visibility, as we look at either, a giant enterprise like that or maybe a smaller enterprise where they are, you mentioned this digital tax surface is expanding because they are enabling this digital business transformation, they've got cloud, multi-cloud, mobile, IoT, and they also have 20, north of 20, different security products in their environments. How did they get visibility across these disparate solutions that don't play together. How does Fortinet help them achieve that visibility, so they can continue to scale at the speed they need to? >> Well I think they use systems like SIM systems we have a Forti SIM as well where you can use standard base sys logs and SNMP to get information up there so they can see it that way. They're using orchestration systems to see parts of it, but I think long term, I think I speak to most customers they say, although there's specific, new vendors maybe for specific detection capabilities, they really want to reduce the number of vendors inside their network. You say 20, I sometimes I hear 30 and 40. It's a big investment for them. But they also realize they can't maintain it long term. Our recommendation to customers is to, if you've got some Fortinet footprint in there, look at what's the most obvious to build out from a Fortinet perspective. Sometimes we're in the data centers or sometimes we expand into the WAN and sometimes we expand into the cloud. Sometimes we'll add some advanced threat protection. We're not saying replace everything obviously with Fortinet, we're saying build what's most obvious to you and then make sure that you've got some vendors in that which are part of our Fabric alliance. We have 42 vendors now, security vendors, from end point to cloud to management that can connect in through those different APIs. And when we click them through those APIs they don't get you know the full Fabric functionality in terms of telemetry and visibility but they apply a specific functionality. A good example would be an endpoint vendor connecting through our sandbox not quite sure about files, entered our sandbox we'll give them a recommendation back. As soon as we know about that, all the Fabric knows about it instantly across the whole network because time is of the essence these days. When something gets hacked, it's inside a network. It's less than 60 seconds for something for the whole network. That's why segmentation, interim segmentation, is still a very important project for our customers to stop this lateral movement of infections once they get inside the network. >> But, very quickly, it does sound as though that notion of the security architect, this increasing complexity inside the network and I asked the question about whether data is going to be the primary decision, you get a very reasonable answer to that. But it sounds like increasingly, a security expert is going to have to ask the question how does this data integrate? How am I securing this data? And that, in many respects, becomes a central feature of how you think about security architecture and security interactions. >> Yeah but I think people used to build a network and bolt on security as an afterthought. I think what they're saying now is we need for the networking people and security people to work together to build a holistic security architecture totally integrated day one, not some afterthought that goes on there. That's why we know, we've been building the Fabric all these years to make sure it's a totally integrated Fabric end-to-end segmentation architecture where you can also then connect in different parts of the network. It has to be built day one that way. >> Last question, is sort of, I think we asked your CSO this, the balance between enabling a business to transform digitally at speed and scale. I think it was one of you this morning, that said that this is going to be the year of security transformation. Could've been that guy, that other guy, that you know, steals your slides. But how do how does a company when you're talking with customers, how do they get that balance, between we are on this digital transformation journey. We've got a ton of security products. How do they balance that? It's not chicken and egg to be able to continue transforming to grow profit, you know be profitable, with underpinning this digital business with a very secure infrastructure. >> As I said, I think most of them got that now. They kind of go, they've got this five-year plan versus a one-year plan or a six-month plan on the security side. It's integrated into the network architecture plan long term and that's the way they're building it out and that's the way they've got a plan to get, you know, you look at financial organizations who want to provide internet access or branch offices. They've got a plan to roll it out, that's safe going forward, or they want to add broadband access to their internet, like 5G or broadband interconnection, they've got a plan for it. I think people are much more aware now that when I build something out whether it be on the data side on the network side, it has to be secure from day one. It can't be something I'll do afterwards. I think that's the biggest change I've seen in my customer interactions is that they absolutely, essential is absolutely essential that they build out a secure network from day one, not an afterthought going forward. >> Well, we'll end it there, secure network from day one. John, thanks so much for stopping by theCUBE, congratulations on the announcements and we hope you have a great show. >> Great thanks. >> Thank you for watching, we are theCUBE, live from Fortinet Accelerate 2018. I'm Lisa Martin with my co-host Peter Burris. Stick around, we'll be right back.

>> Narrator: Live from Las Vegas, Nevada, it's The Cube, covering Accelerate 2017. Brought to you by Fortinet. Now, here's your host, Lisa Martin. >> Hi, welcome back to The Cube. We are Silicon Angle's flagship live streaming program, where we go out to the events and we extract the signal from the noise, and we bring it right to you. We are in beautiful Las Vegas with Fortinet. Today, or this week is their Accelerate 2017 event, and we've been excited to be chatting with a lot of their folks and technology partners. Today we are joined by two gentlemen from Fortinet. First, we have John Maddison. You are the Senior Vice President of Products and Solutions. >> Indeed. >> Lisa: Hey John. >> Hi. >> Lisa: Thanks for joining us. We've got Joe Sykora who is the Vice President of America's Channels. >> Thanks Lisa. >> So guys, a lot of exciting stuff going on today. I wanted to give the viewers here who haven't had a chance to meet you guys yet, what you're both doing. John, you have a veteran. You're a veteran of over 20 years experience at telecom >> At least. >> At least 20 in IT infrastructure, security industries, you've lived in Europe and Asia and the U.S. and worked in those. Joe, you oversee quite a big channel of over 7400 America's partners and the entire channel strategy. So you guys are kind of busy. >> A little bit. >> Joe, you're probably pretty proud of this. You were named, in 2015, by CRN as one of the 50 Most Influential Channel Chiefs. >> Yes I was. >> Did you get like a button or hat? >> No, I think it's a t-shirt. >> Oh, t-shirt. >> Absolutely. >> Outstanding, so speaking of t-shirts, I have no segue there, wanted to understand, we've been talking to a lot of your folks today, as I mentioned. We talked to your CEO who was talking about this third generation of security and kind of where we are today with that. And then we talked to Drew, the CFO, who was really talking about the criticalness of trusting data. With the announcement today, maybe John I'll throw this to you, the announcement today of the new products and technologies, how are they going to continue to facilitate or enable your customers, direct or indirect to be able to trust their data? >> Yeah, so we announced the fabric last year. Today, we announced our operating system Fi.6, which is extension of the fabric. We also announced something called intent-based network security, which is the next generation of network security that Ken Xie, our founder, talked about. And then we also announced, the third thing is our new security operations solution, which brings together several products for the infosec world. So I think all of these come together to make sure that we're continuing the effort to make sure our customers are safer, that they can integrate the fabric into their infrastructure and obviously, that's very important to their brand. >> That was going to be one of the things I was going to talk about is are you seeing that you're making a difference in the brand of a customer? We were talking, before we started today, and a lot of you are familiar with some of the the big breaches, I mean, breaches are a common, daily occurrence, but when when they start happening in brands it's the consumers know who aren't in technology becomes a suddenly, can I trust this particular brand where I normally go and buy household products. So it sounds like the announcements today are really next generation leading you guys to continue to be able to deliver, not just that comfort level that your customers need in terms of we can trust our data, but also helping them improve their brand so that their customers trust their brand. >> Exactly and so, you know, the fabric has expanded in that we've expanded it across multiple now attack vectors so what used to be really focused on the core network, we can now cover email, we can now cover the web, endpoint and also, you can see some of our partners around here, we've also expanded our fabric-ready so the fabric here has several APIs, multiple APIs that allow different partners to connect into it. And so, we haven't announced it totally yet but we've got six new partners, some big companies like Cisco and HBE, actually joining our fabric-ready program to be part of the fabric. So we can cover the entire infrastructure of any company. >> Fantastic, so speaking, we'll get to that in a minute but one of the topics that's also come out today, as we've seen the evolution of security from perimeter based security in the 90s to you know, web security, cloud security. Moving towards 2020 and the fact that it's 2017, a little scary, we're pretty close to that and we're seeing this explosion and proliferation of mobile devices, of IOT devices, lot of lack of security there. As we get to that point, one of the other themes that we're hearing a lot about here today is that there is a gap in terms of of resources. What is Fortinet doing to help bridge that gap, that your customers are facing? Where it comes to, specifically, network security programs? >> So one of the programs we launched again, a couple of years ago was the Network Security Expert program, NSE, in 2016, we had over 30,000 certificates issued on NSE. It's probably one of the largest security programs, 'cause one of the big issues for customers and our partners is just the skills gap, cybersecurity. We also, actually, use a lot of those materials and assets and give them to Universities who are starting to do their programs as well. That's really essential for our partners to be trained at the lowest level in terms of the basics, but also, we've had about 40 people take part in our Network Security Eight architecture program. You can see them, these are the pins, actually, we have, which are NSE one to seven, but the NSE eight are the red ones and there's about 40 now of what we call security solution architects, who can go into companies and look at their complete infrastructure and give them an update in terms of security. >> Excellent, so want to touch on the channel, for a moment. Ken talked about the security fabric architecture, you mentioned that it was launched last year. What has been the reaction of the channel? >> Oh, it's been absolutely great. It's about mid-year last year's when we announced that. Embraced by the channel, in fact, CRN named it the security product of the year, for 2016. >> Lisa: Oh, fantastic, congratulations. >> Very proud of that. And that's actually the feedback of the channel partners. It resonates. It's creating new opportunities for our partners. Combine that with the training that John just talked about, I mean, they're armed to really just go out there and help solve all those end user programs, problems. >> Thank you, and sorry for interrupting. What are some of the main pain points that you're hearing through the channel, that customers are experiencing as we start to see big attacks have become more and more prevalent, the Dyn attack recently, DdOS being common types of attacks. As more and more things, like critical infrastructures are becoming plugged into corporate networks, and more mobile and more IOT, what are some of the pain points that your customers are experiencing, and how are they, looking to resolve and mitigate some of the challenges that they have leveraging the security fabric architecture? >> Sure, well attacks are going to happen, right. We know they're going to happen. It's how fast can you react to those attacks. And the fabric actually enarms our partners to just have intelligence on what is actionable and what's not actionable. So we're tryin' to automate that. Some of the future stuff that we're going to be doing later in the year is going to even enable them more. But it's all about simplifying it for our partners to react to what needs to be reacted to. >> Are you seeing, from an industry perspective, we were talking with Derek Menke, excuse me, about healthcare really being at the top of the at risk from an industry perspective. But in the general session today, there was a CSO panel and there was Verizon was there, Levi's was there, as well as Lazard. We saw Telefonica throughout the event today, the Steelers. Are you seeing through the channel, and maybe this is a question for both of you, are you seeing particular industries at more risk coming to you through your customers' needs or is it fairly agnostic from a security perspective? >> Yeah, I think on the channel side, obviously, everyone's at risk, right. So I think it's the value of those of the incidences is really more highlighted. So when Derek talks about healthcare, for example, dealing with people's lives is important along with you health records. So that's much more valuable than say, at the Steelers, not being able to get on the guest wifi. So I think everyone's at risk. All of our channel partners have different verticals that they go after, and it's all the same, it really is. >> Yeah, I would say the risk is pretty broad across every vertical, I mean, yes healthcare, the healthcare records are extremely valuable, but also the financial industry. You've also got industrial controls systems, for example. You've also got retail and so, I think every vertical, every industry is taking security very, very seriously. And back to your previous question about how is the fabric helping partners, I think, previously, they had to kind of stitch together a lot of point solutions themselves. I think with the fabric, it gives them an architecture or a framework. It could be mostly Fortinet gear. It could be Fortinet plus some of their other partners. It helps them put that in place across the entire infrastructure. >> You bring up a good point, John, that that was brought up a number of times today and that is the role of the CSO now being, you know, kind of think, is that guy or girl at the lead of the digital army? But that person is inheriting, we were seeing a couple of different reports, North of 25 different security technology, really kind of a patchwork environment. In that kind of situation, where now security is a board level conversation, how is Fortinet direct, and through the channel, helping that CSO? Is that a key buyer for you that you're helping to figure out, I've got this patchwork here, how do I build it into a fabric or a fabric around it? >> What we've seen, what I've experienced in the last 10 plus years in security is, I'd often go into a room and there'll be the network security people on one side of the table, and the security people on the other side of the table with the CSO and the CIO and I think, that gradually over the last three years, I've seen more cooperation. So now, when we have briefings with customers and partners, you'll see both teams together. You'll see a new role inside customers called the Security Architect, that's looking holistically longer term over the security architecture. And one of our announcements today around the security operations center is to do, just do that, bring together the SOC and the infosec world, together with the network security world. We did a demo today on stage showing that bringing together our Forti SIM, our Forti analyzer with our fabric to bring those two worlds together, because as Joe says, you know, there's a report done by Verizon on the breach report that says, within 60 seconds, you can be compromised. You've got basically 60 seconds to stop that threat and so speed is very important. So giving our partners this ability to bring together a fabric, with Fortinet gear, with our partners' gear, that provides very fast protection is very important. >> Excellent, one of the things, too, that I found interesting today was learning about what FortiGuard Labs is doing. I read over the weekend what Derek Menke's team published, the 2017 predictions. Really quite frightening. And he was on the show earlier and saying, that they're already seeing a number of these things already in play. How much more intelligent malware is getting, and the pervasiveness of the threats there. How are some of the new technologies announced today, maybe enhancing or what FortiLabs is doing from a threat intelligence perspective, is that something that was part of? >> Yeah, that's a really important area. I think the vendor community needs to do better in sharing the threat intelligence. I think, today, it's in pockets, but I think long term, it's absolutely essential that threat intelligence get shared across the whole community because, with some of the new threats coming, the machine to machine threats, the scale and the speed's going to be even more. You saw the Dyn attack last year on Ddos. That's going to be small compared to some things coming up. So I think, longer term, the fabric across the infrastructure, and then the security vendors getting together and sharing that threat intelligence so you've got a bigger view of the attack surface is absolutely essential to stop the new type of threats. >> Exactly, and as that attack surface is growing by the day. So last question, before we wrap up here, give you guys both a chance to answer. At the beginning of your fiscal year, here we are in January, what are you most excited about for the channel in 2017, for example? >> Sure, opportunity, right. For our channel partners, we've got probably one of the strongest channel partners just the overall. We're aligning, realigning with our field teams, so just the resources that all of these partners have. I think the opportunity's great, the market's great, like you said, you open up anything now, and you see, okay, it's been infiltrated, it's been hacked. So I think we're all going to have a really good 2017. >> Fantastic, John, what about you? What are you most excited for? >> I was most excited about this interview, actually, that's what I was looking forward to. >> Wow, fantastic, we'll close there. (laughter). >> No, I think it's obviously, rolling out more of our technology, integrating more of our partners, training more of our partners and helping them with their customers. >> Fantastic, well the buzz and the momentum here and also, the passion for both yourselves and your roles and your peers and your colleagues is really palpable. So I want to thank you both for joining us on the Cube today. >> Thank you. >> And we wish you the best of luck at the rest of the event. >> Thanks Lisa. >> Alright, for John and Joe, I'm Lisa Martin. You've been watching the Cube, but stick around, we'll be right back.

>> Narrator: From around the globe, it's theCUBE, covering Fortinet Security Summit brought to you by Fortinet. >> Welcome to theCUBE. I'm Lisa Martin. We are live at the Fortinet Championship, the PGA Tour Kickoff to the 2021-2022 FedEx Regular Season Cup. And this is so exciting to be here with Fortinet, to be at an in-person event, and to be talking about a very important topic of cybersecurity. One of our alumni is back with me, Sandra Wheatley is here, the SVP of Marketing, Threat Intelligence, and Influencer Communications at Fortinet. Sandra, it's great to see you. >> You too, Lisa. Thank you for having me. >> This is a great event. >> Yeah, it's awesome, yeah. >> Great to be outdoors, great to see people again, and great for Fortinet for being one of the first to come back to in-person events. One of the things I would love to understand is here we are at the PGA tour, what's the relationship with Fortinet and the PGA Tour? >> Well, first of all, I think the PGA tour is an amazing brand. You just have to look around here and it's extremely exciting, but beyond the brand, there's a lot of synergies between the PGA tour and Fortinet CSR initiatives, particularly around STEM, diversity inclusion, as well as veterans rescaling. And so some of the proceeds from the Fortinet Championship will go to benefit local nonprofits and the local community. So that's something we're very excited about overall. >> Lisa: Is this a new partnership? >> It is a new partnership and we will be the Fortinet Championship sponsor for about the next five years. So we're looking forward to developing this partnership and this relationship, and benefiting a lot of nonprofits in the future. >> Excellent, that's a great cause. One of the things, when you and I last saw each other by Zoom earlier in the summer, we were talking about the cybersecurity skills gap. And it's in its fifth consecutive year, and you had said some good news on the front was that data show that instead of needing four million professionals to fill that gap, it's down to three, and now there's even better news coming from Fortinet. Talk to me about the pledge that you just announced to train one million people in the next five years. >> Absolutely, we're very excited about this. You know, Fortinet has been focused on reducing the skills gap for many years now. It continues to be one of the biggest issues for cybersecurity leaders if you think about it. You know, we still need about 3.1 million professionals to come into the industry. We have made progress, but the need is growing at about 400,000 a year. So it's something that public and private partnerships need to tackle. So last week we did announce that we are committed to training a million professionals over the next five years. We're very excited about that. We're tackling this problem in many, many ways. And this really helps our customers and our partners. If you really think about it, in addition to the lack of skills, they're really tackling cybersecurity surface that's constantly changing. In our most recent FortiGuard's threat report, we saw that ransomware alone went up 10 times over the last year. So it's something that we all have to focus on going forward. And this is our way of helping the industry overall. >> It's a huge opportunity. I had the opportunity several times to speak with Derek Manky and John Maddison over the summer, and just looking at what happened in the first half, the threat landscape, we spoke last year, looking at the second half, and ransomware as a service, the amount of money that's involved in that. The fact that we are in this, as Fortinet says, this work from anywhere environment, which is probably going to be somewhat persistent with the attack surface expanding, devices on corporate networks out of the home, there's a huge opportunity for people to get educated, trained, and have a great job in cybersecurity. >> Absolutely, I like to say there's no job security like cybersecurity, and it is. I mean, I've only been in this industry about, I'm coming up on six years, and it's definitely the most dynamic industry of all of the IT areas that I've worked in. The opportunities are endless, which is why it's a little bit frustrating to see this big gap in skills, particularly around the area of women and minorities. Women make up about 20%, and minorities are even less, maybe about 3%. And so this is a huge focus of ours. And so through our Training Advancement Agenda, our TAA initiative, we have several different pillars to attack this problem. And at the core of that is our Network Security Expert Training or NSC training and certification program. We made that freely available to everybody at the beginning of COVID. It was so successful, at one point we we're seeing someone register every five minutes. And that was so successful, we extended that indefinitely. And so to date, we've had about almost 700,000 certifications. So it's just an amazing program. The other pillars are Security Academy Program, where we partner with nonprofits and academia to train young students. And we have something like 419 academies in 88 countries. >> Lisa: Wow. >> And then the other area that's very important to us is our Veterans Program. You know, we have about 250,000 veterans every year, transfer out of the service, looking for other jobs in the private sector. And so not only do we provide our training free, but we do resume building, mentoring, all of these types of initiatives. And we've trained about 2,000 veterans and spouses, and about 350 of those have successfully got jobs. So that's something we'll continue to focus on. >> That's such a great effort. As the daughter of a Vietnam combat veteran, that really just hits me right in the heart. But it's something that you guys have been dedicated for. This isn't something new, this isn't something that is coming out of a result of the recent executive order from the Biden administration. Fortinet has been focused on training and helping to close that gap for a while. >> That's exactly true. While we made the commitment to train a million people on the heels of the Biden administration at Cybersecurity Summit about two weeks ago, we have been focused on this for many years. And actually, a lot of the global companies that were part of that summit happened to be partners on this initiative with us. For example, we work with the World Economic Forum, IBM, and Salesforce offer our NSC training on their training platforms. And this is an area that we think it's really important and we'll continue to partner with larger organizations over time. We're also working with a lot of universities, both in the Bay Area, local like Berkeley, and Stanford and others to train more people. So it's definitely a big commitment for us and has been for many years. >> It'll be exciting to see over the next few years, the results of this program, which I'm sure will be successful. Talk to me a little bit about this event here. Fortinet is 100% partner driven company, more than 300 or so partners and customers here. Tell me a little bit about what some of the interesting topics are that are going to be discussed today. >> Sure, yeah, so we're delighted to bring our partners and customers together. They will be discussing some of the latest innovations in cybersecurity, as well as some of the challenges and opportunities. We are seeing, you know, during COVID we saw a lot of change with regards to cybersecurity, especially with remote working. So we'll discuss our partnership with LYNX that we just announced. We'll also be talking about some of the emerging technologies like CTNA, 5G, SASE, cloud, and really understanding how we can best help protect our customers and our partners. So it's very exciting. In addition to our Technology Summit, we have a technology exhibition here with many of our big sponsors and partners. So it's definitely going to be a lot of dynamic conversation over the next few days. >> We've seen so much change in the last year and a half. That's just an understatement. But one of the things that you touched on this a minute ago, and we're all feeling this is is when we all had to shift to work from home. And here we are using corporate devices on home networks. We're using more devices, the edge is expanding, and that became a huge security challenge for enterprises to figure out how do we secure this. Because for some percentage, and I think John Maddison mentioned a few months ago to me, at least 25% will probably stay remote. Enterprises have to figure out how to keep their data secure as people are often the weakest link. Tell me about what you guys announced with LYNX that will help facilitate that. >> Well, we're announcing an enterprise grade security offering for people who are working remotely. And the nice thing about this offering is it's very easy to set up and implement, so consumers and others can easily set this up. It also provides a dashboard for the enterprise, IT organization to, they can see who's on the network, devices, everything else. So this should really help because we did see a big increase in attacks, really targeting remote workers. As cyber criminals try to use their home as a foothold into the enterprise. So we're very excited about this partnership, and definitely see big demand for this going forward. >> Well, can you tell me about the go-to market for that and where can enterprises and people get it? >> Well, we're still working through that. I know you'll talk with John later on, he'll have more details on that. But definitely, we'll be targeting both of our different sets of customers and the channel for this. And I definitely think this is something that will, it's something that enterprises are definitely looking for, and there'll be more to come on this over the next few months. >> It's so needed. The threat landscape just exploded last year, and it's in a- >> Sandra: Yeah, absolutely. >> Suddenly your home. Maybe your kids are home, your spouse is working, you're distracted, ransomware, phishing emails, so legitimate. >> Sandra: They do. >> Lisa: But the need for what you're doing with LYNX is absolutely essential these days. >> Sandra: Yeah, these threats are so sophisticated. They're really difficult. And the other thing we did in addition to LYNX was as we got into COVID, we saw that, or the most successful organizations were really using this as an opportunity to invest for the longterm in cybersecurity. We also saw that, and this continues to be the case that, the insider threat continues to be one of the biggest challenges, where an employee will accidentally hit on a phishing email. So we did roll out an infosec awareness training, and we made that free for all of our customers and partners. So we're trying to do everything we can to really help our customers through this demanding time. >> Lisa: Right, what are some of the feedback that you're hearing from customers? I'm sure they're very appreciative of the education, the training, the focus effort from Fortinet. >> Sandra: Absolutely, it's definitely huge. And more and more we're seeing partners who want to work with us and collaborate with us on these initiatives. We've had a really positive response from some of the companies that I mentioned earlier, some of the big global names. And we're very excited about that. So we feel like we have some key initiatives on pillars, and we'll continue to expand on those and bring more partners to work with us over time. >> Lisa: Expansion as the business is growing amazingly well. Tell me a little bit about that. >> Sandra: Yeah, I think, in our last quarter we announced our largest billings growth for many, many years. And so, Fortinet, we're been very fortunate over the last few years, has continued to grow faster than the market. We now have half a million customers, and I think our platform approach to security is really being adopted heavily. And we continue to see a lot of momentum, especially around our solutions like SD-WAN. I think we're the only vendor who provides security in SD-WAN appliance. And so that's been a key differentiator for us. The other thing that's increasingly important, especially with the rollout of 5G is performance. And, you know, Fortinet, from the very beginning, created its own customized ASX or SPU, which really provides the best performance in security compute ratings in the industry. So all of this is really helping us with our growth, and we're very excited about the opportunities ahead. >> Lisa: And last question, on that front, what are some of the things that you're excited about as we wrap up 2021 calendar year and go into 2022? >> Sandra: Well, this been very exciting year for Fortinet. And I think we're in a great position to take advantage of many of the different growth areas we're seeing in this new and changing space. And, you know, we're all on board and ready to take advantage of those opportunities, and really fire ahead. >> Lisa: Fire ahead, I like that. Sandra, thank you so much for joining me today, talking about the commitment, the long standing commitment that Fortinet has to training everybody from all ages, academia, veterans, to help close that cybersecurity skills gap. And such an interesting time that we've had. There's so much opportunity, and it's great to see how committed you are to helping provide those opportunities to people of all ages, races, you name it. >> Sandra: Thank you, Lisa, I really appreciate it. >> Lisa: Ah, likewise. For Sandra Wheatley, I'm Lisa Martin. You're watching theCube at the Fortinet Championship Security Summit. (soft bright music)