(upbeat music) >> Hello, everyone and welcome to this CUBE Conversation. I'm Lisa Martin. I'm excited to be joined by one of our CUBE alumni, John Maddison, the EVP of Products and the Chief Marketing Officer at Fortinet. John, welcome back to the program. Good to see you. >> Hi, Lisa. Good to be here again. >> So we last saw you at the Fortinet Championship back in September, a few months ago, but we've had the opportunity to speak a number of times this year. I've also had the chance to talk with Derek Manky, at FortiGuard Labs. There's been so much going on. Let's kind of break down some of the main challenges that enterprises are facing still. And there's four of them here that you're going to address as we wrap up 2021 head into 2022. And then let's also talk about what Fortinet sees as the solution, the cybersecurity mesh architecture. Let's go ahead and kick off with some of those challenges as we know so much has gone on throughout landscape that work from anywhere is so persistent, but what are some of the main things enterprises are facing still? >> Yeah, there's a lot, it's very dynamic right now. And you know, I've been in cybersecurity almost 20 years now and there's always been these three drivers around the infrastructure changes the threat landscape and regulatory. And I think when you look at the infrastructure changes, this work from anywhere, which is, you know, kind of the hybrid mode where I'm in the office today, it could be hopefully in the future, traveling and home. That's going to be here for some time, it seems. And so, you know, enterprises are now saying, I need a longer term strategy around that. I can't just say flip on the VPN and a bit of endpoint security. So that definitely enterprises are thinking that's going to be here for at least another couple of years. I think they're still running very fast to get the digital infrastructure in place. And so, and you're seeing network security and the application journey continuing and securing all those things. And then there's, you know, there's the threat landscape, which, you know, we've said, I think back at the PGA, we're seeing this huge increase in ransomware. And yes, there's still activity going on and trying to breach data and intellectual property and identity and credit cards. But just about every industry now is seeing attacks and it could be financial, it could be manufacturing, ransomware attacks that's continues. And then I think there's the, there's a couple of other things. There's the supply chain things which are also happening, but we're definitely I was just speaking to a customer a minute ago and they were finding a very hard to find the right skilled professionals around cybersecurity. And it kind of, it's like a hierarchy. I need to find somebody, it's hard to find somebody in IT. It's hard to find somebody in cybersecurity and IT. Is hard to find somebody in IT, cybersecurity and container. And so, you know, the more you go in depth, the harder it becomes and it's not even finding people, just retaining people as well. And so, you know, recently Fortinet committed to training another million. We've already trained to 750,000, but training another million people by 2025 in cybersecurity. >> That's outstanding. We've talked about that skills gap before in a number of conversations about all the work that 40 minutes doing, including with veterans, which is something near and dear to my heart, but the work from anywhere I wanted to talk with you about that because that presents a lot of challenges for organizations. And I was reading some stats that a significant percentage of enterprises expect that this is going to increase in 2022. How can it increase from where it is now? What are some of the things that you're seeing and how can Fortinet help customers address this persistent challenge? >> Yeah, well, I think it's increased or it's just the ratio between home and at work and travel might be changing. And again as I said, I think a lot of companies said, well, let's just put something in place now and it's going to go away. Well, it isn't going away. And so what Fortinet are looking to do, and I think it's not just one point product. It is a combination of technologies. It could be end point security. We're even looking at you know, at home networking through our own devices or our partnership with Linksys. It is looking at that zero trust architecture. It is looking at more network security, whether it be in the data center or in a cloud. I think what's important though, is two things. One is that no matter if you're on the network, off the network or traveling per se, then you need the user experience to be the same or simple. I can't just change the way I work because I'm at home versus travel versus you know, in the office. And the security needs to be consistent on those three places as well. So our goal, when we bring some of those solutions together, zero trust and endpoint and network security and policy and identity is to give the same user experience, a simple user experience and the high level of enterprise security, no matter, you know, if you're on and off the network. And those are the key. And I think today customers kind of struggle because they probably got four or five vendors in those different areas and they're trying to make them to work and it's very hard. And so that's why we, you know, we put forward a more of a platform approach per use case with doing that. >> Let's talk about some of those key use cases. And you mentioned ransomware a minute ago, and I just as of a couple of days ago, Kronos is, you know, the latest big name organization to be hit. A lot of folks concerned so many big companies and small companies rely on them. It's not going to affect, you know, the last paycheck in December, but that's a use case that Fortinet has been covering for a long time. I think when we spoke a few months ago, 2020 to 2021 ransomware was up nearly 11 fold. What are some of the things going on there and how are you guys working with customers to address that as we enter 2022? >> Yeah. Well, I definitely think you also saw the, you know, the recent vulnerability, the Log4j and that sits in a lot of systems. Now that sits in a lot of customer systems. It sits in a lot of security systems as well, by the way. So we come back to this, you know, supply chain issue. And so customers kind of accepting that this is going to be as this attack surface of the network and cloud and devices and users and whether or not the network you know, keeps continuing to expand. They're going to accept that these zero days are going to come along. They're going to, they also understand the sophistication of the threats. We're seeing a lot of activity of the threats in the reconnaissance space, and they're looking at your external attack surface and working out how they can get in. And so, I think customers are accepting that this is just getting more sophistication, there's a bigger attack surface. And so what they're looking at is to deploy some more detection capabilities, more just training of people, not to click on stuff, but you know, building infrastructure so it's segmented, long-term though the only way to defend against these ransomware attacks is to usually platform that then allows you to build automation that long-term allows you to build some contextual engine. Why, when, where, what are you doing, otherwise it's just going to be too hard, just trying to bolt together, you know, 10 or 15 products from vendors that don't get on well, none the best of times. So yeah, that's, it's long, it's a longterm architecture is the only thing that's going to work for customers. >> And for a long time, I think probably since I've known you John, Fortinet has been talking about the security fabric. Now Gartner is talking about the cybersecurity mesh architecture. Talk to me about those two. How similar is that? How leading edge was Fortinet and describe what a cybersecurity mesh architecture is? >> Well, it always takes a while for Gartner to catch up with us, but they, if I'm in a joking Gartner please except the apologies. That, you know, I think they've started to talking about this cybersecurity mesh architecture mesh. And what the saying is that, you know, these products need to talk to each other. And yes you can send things off into a central location for SIM or operational management, but really need to talk to each other and transfer exchange, threat intelligence. They need to be able to exchange policy long. They also need to be able to build automation. You know, a really good example is if our EDR system detects that your laptop has got a virus or a vulnerability, then I can, the EDR system will tell the zero trust policy manager don't allow access application. Or it could if you're on the network, you could tell the Wi-Fi, take off, take them off the network. So this automation is integration is the real long-term goal of the Gartner mesh. It's always been the long-term goal of Fortinet. Yes, we do individual products. You can buy them, but the real power long-term is to get that automation built into the platform. And as I said, even longer term start applying contextual rules, which will be super powerful in stopping, you know, attacks and breaches. >> Tremendous amount of power and capabilities that that context will provide. I was looking at some stats from Gartner and they said that by 2024, which is we're two years basically away from that organizations that do adopt this cybersecurity mesh architecture to integrate security tools, to work as a collaborative ecosystem, significant reduction in the financial impact of security incidents by 90%. That's huge and I know that you guys also have integrations with over 450 third-party technology partners as part of the security fabric. So you're ahead of the game. >> Well, it's not saying, you know, just buy from Fortinet, that's what you need to do, but it's not saying that at all. What, I think what Gartner is saying, and what we've been saying is that take a use case like work from anywhere and then build your platform, a platform for that use case. Now, what we are saying is, again, it's not saying you go from 30 products down to one, you go from 30 products down to maybe five or six platforms, but those platforms need to work together. They also need to exchange threat intelligence and policy and build automation. And so I think the platform approach, every CSO I speak to is just tired of buying another product, another product. They just want to get something that works and is automated long-term. And so the platform and the Gartner mesh. It's a slightly different concept, but something else we call convergence. Okay. So consolidation is consolidation of the vendors, but you may still have the same number of products. You still may have an end point in a zero trust and an email. Convergence is different where we bring it together and eliminating individual products. A really good example of that is SD-WAN that brings together security and application routing. And that goes back to a concept that Fortinet had since our beginning 20 years ago. And that is the original internet that we still use a lot today really has no idea who you are, what device are you using, where are you going, what application, what's the content, no clue, it just connects you. And so that leads to a lot of security being bolted on afterwards in different places. And so this convergence, we call it security different networking, where you start to integrate the security, which may be contextual, it maybe identity, maybe application running like SD-WAN, maybe content like next gen firewall. You bring those together. Now, when you do that, you face some compute challenges. And we've been one of the pioneers and building asics that allow this acceleration to bring this convergence together. But that's another area that's happening as well. It's different from consolidation, but it's bringing together that security and networking so you're not bolting things together as you go forward. >> Different from consolidation, but incredibly important to be able to reduce those silos as businesses are facing some of the challenges that you talked about, the persistence of work from anywhere, the threat landscape, the cybersecurity skills gap. >> Yeah. And you can do this convergence in different places. So you can do it at the cloud edge because you can throw a lot of compute at it. At the one edge, you probably need a asic approach, data center edge, a 5G edge. There's the LAN edge, which is the connectivity. Cause I sometimes have people go, well, let's just put all the security in the cloud, but now yes, you do need security in the cloud. You needs security from the cloud before the cloud, but there's also security needed these ages. And there's also another area that's been under huge attack now is operational technologies. So manufacturers, energy, gas, everyone is really got some physical infrastructure. Even a branch you can consider to be operational technology and they got cameras and other capabilities. So that, especially for the traditional operational technology, that's hard to open up. Because you need access, you need remote access and what's a seeing a huge amount of attacks there. In that world, you know, you've got to put the security there, physically with it to make sure you secure those components. >> What about the, from a challenge perspective John, we talked a lot in the last year, 18, 20, 22 months, I'm losing count of the acceleration of digital. What are some of the security opportunities there that provides Fortinet to help customers solve that if the acceleration is happening faster than the, some of the, you know, that their security infrastructure can keep pace. What are some of the opportunities there for you guys to help customers address that problem? >> Well, this is always been a battle between security and networking. You know, networking is gone from this 400 times faster than it was before. Security is still a lot of it's software. And so, you know, what you don't want to do is and the security team saying is say no all the time. No, don't do that project, it's too insecure. Stop doing that. No slow down on that. And that's, you know, always been an issue for security in that people think of it as a tax or a burden that slows things down. That's why I come back to this convergence. When you're building a network, the security should be inside that. Should be built and integrated. So if I'm building my one edge, which connects my building to a cloud or whatever, when I put that connectivity in there to an SD-WAN device, it should have security integrated inside it. The same effect I found building, you know, a data center or a cloud capability. So I think, you know, customers are you know, security teams can't stop the business from moving forward and building these applications wherever they may be in retail or manufacturing or healthcare. And so they just need to take a different approach to enable that speed of acceleration and to our minds having it totally integrated and converge is the only way you're going to be able to achieve the speed and the security at the same time. >> And that speed is critical as is a security. But let's talk about that cybersecurity skills gap. Something that I think I read recently is in its fifth year, we've talked about this before, but as you alluded to at the beginning of our conversation, Fortinet is very dedicated to training, lots of individuals. Talk to me about that skills gap. And you talked that it also affects people, companies being able to retain talent. How are you guys helping to address? >> Yeah, we did actually a survey a few months ago, a 2500 cybersecurity professionals. And, you know, one really revealing fact was about, I think it was about 70% said they'd had an incident because of the lack of training. Now that could be people who are just clicking on things. Okay. Versus somebody who doesn't, is not trained enough to see a threat. So I think, you know, the question going to go, but either way, the 70% of that, you know, is attributed to that breach. And so it's so, so important. And right from the start Fortinet has provided training. We provide free training to our partners, free training to our customers. I have a quite a large team that's building on the curriculum. So we supply curriculum and gear to over 450 universities and colleges. You mentioned the re-skilling of the veterans as well, over 2000. And to us, it's very important. So this commitment to get people trained because in the end there's, yeah, there's always a people part of this problem, whether it be people clicking on things or whether it be people not understanding and configuring crying, and then people having passwords of one two three or whatever. All these things, all these human things need to get, you know, we need to get educated and trained on it. So we'll continue that. I think a million's probably not enough. It's probably should be two million, but we'll try our best to get people trained as much as possible. And the other thing that I also saw in the survey was that once certified employees thought that was extremely important. It does take a lot of time. So, you know, one of our NSE 4 courses on our firewalls takes a week. It does a lot of things to learn. So one thing we're going to try and do is try and modularize a bit more so we can break it up a bit. But there's going to be a problem. It's kind of like the supply chain, the supply is not there, the people, this is right. The chips, they're not there. They're not there, you've got to try and fix it and expand the training and education of people. >> And I think that's fantastic that Fortinet has been dedicated to that for so long. Look forward to hearing how you guys, the progress that you make on that training 1 million folks. Will we see you at Accelerate in 2022? >> Yeah. Well, so Accelerate 22 is going to be a hybrid, of course. I'm actually, you can't really see here cause I've got my great office here. But in front of me is the window. I can actually see the Apple campus just over there. And this is our new campus in Sunnyvale, Silicon valley. We've got a pretty expensive training center and executive briefing center. So we're going to probably do in the morning of Accelerate 22, a live broadcast of some of the execs and some of our partners and customers, and then have some online stuff. So hybrid probably this year again. But a bit of physical presence. But yeah, we're expecting quite a few partners to, a few partners to be here, live and a few partners, obviously a lot of partners to tune in to the live broadcast. >> That's fantastic. I look forward to that hybrid event. John, great to see you as always. Thank you so much for the update and sharing what enterprises, the battles that they're facing, how Fortinet and the cybersecurity mesh can help. We look forward to seeing you in 2022. >> Thank you Lisa. Thank you. >> For John Maddison, I'm Lisa Martin. You've been watching this CUBE conversation. We'll see you next time. (lively music)

(calm electronic music) >> Welcome to this CUBE Conversation with Fortinet. I'm Lisa Martin. John Madison joins me, the CMO and EVP of products. John, welcome back to the program. >> Thanks Lisa. Good to be here. >> Good to see you. So, so much has changed since I last saw you. The move to remote work caused by the pandemic led so many organizations to invest in modern networking and security technologies. And we see, you know, the rise in the threat landscape that protecting digital assets is becoming even more and more urgent because the threats are continuing to escalate. Talk to me about some of the things that you're seeing with this current threat landscape. >> Yeah. Well, it keeps changing that's for sure. You saw some recent surveys where, you know, now companies are seeing, in terms of where employees are located, you know, 25% expecting to be in the office, 25% expected to be permanently in the home. And then there's this big 50% of hybrid, which we think will move a bit more towards the office as people get back in the office. But that's going to take some time. We're actually starting to move back in the office here in Santa Clara, Sunnyvale. but it's very different in every region in the U.S and regulations and laws around the world. And so we think it's going to be very much work from anywhere. There's a bit of travel starting as well. And so this work from anywhere concept is going to be very important to customers going forward. And the ability to change the dynamics of that ratio as they go forward. >> (indistinct) This work from anywhere that over- last year overnight sort of became an absolute essential. But now, as you said, we're going to have this hybrid model of some going back, some staying home and the security and the perimeter is dissolving. When you look at supporting customers and their remote work from anywhere, their new work from anywhere model, what are some of the things that are top of mind that you're hearing from customers? >> Well, I, you know, I sometimes hear this premise is disappearing. I think in some ways it's moving to the user and the devices. And there's this concept called zero trust network access which I've said in many occasions should be zero trust application access, but they named it that way which is going to be an important technology because as I said, it kind of moves that premise then to that user and previous technology that we had VPN technology was good technology. And in fact, a lot of companies, if you go back to when the pandemic started last year, put a lot of people on the VPN technology as quick as possible and it was reasonably robust. But as we go forward, what we're going to have to do is make sure that perimeter- at that perimeter, that users only get access to the applications they're using rather than the whole network. Eventually when they're on the network you need to make sure that it's segmented so they can't go everywhere as well. And so this zero trust network access or zero trust or zero trust access, there's lots of kind of different versions of it, is going to be very important concept for users. The other piece of it, I think, is also that it needs to be more intuitive to use, as anything you kind of have users do like the VPN where you had to kind of dial in and- or bring up- you're bringing up your connection and your IPsec connection, et cetera, et cetera means that people tend not to use it. And so to make it intuitive and automatic is going to be really important. >> Intuitive and automatic. One of the things that we also saw was this massive rise in digital transformation last year, right? SAS adoption, these SAS applications keeping many of us in collaboration. So I'm thinking, you know, in that sense with the perimeter changing and the work from anywhere, this consistent, secure internet connection among users at the branch or the branch of one has to be there to keep organizations productive and safe. How is the Fortinet enabling the ZTNA- this evolution of VPN? >> Yeah. That's another piece of it. So not only are users on and off the network or traveling so that- or both, so the applications are moving. So a lot of them are moved from data centers to public cloud in the form of infrastructure or SAS. We're now seeing customers actually move some applications towards the building or building compute or edge compute. So the applications keep moving which also causes this problem. And so another function of zero trust access or ZTNA is to not care where the application is. You rely on some technology and it's called proxy technology, which allows the proxy to track where the applications are. And for us, that sits inside of our firewalls. And that makes it very flexible. And so we've been able to kind of just ramp up that proxy against the policy engine, whether it be in the data center or in the cloud, or even on your premise. Even integrated inside a branch or something like that. That's going to be very important because, as you just said, those applications will just keep moving into different areas and different zones as you go forward. >> (Lisa) And that's probably going to be permanent for a lot of organizations. So it- so they haven't renamed it zero trust application access, like you think it should be. But when organizations are looking into zero trust network access, what should- what are some of the key things that they need to be looking for and mindful of? >> Yeah, (indistinct) And so it's probably the, you know, the number one conversation they've had over the last six months. I think people initially just had to get something working. Now they're looking seriously at a longer term architecture for their access, their user access and device access. I think what I find is that something like zero trust network access is more of a use case across multiple components. And so if you look inside it, you need a client component endpoint; you need a proxy that in front of the cloud capabilities; you need a policy engine; you need to use identity-based systems. If you haven't got- if you can't get an agent on the device, you may need a NAC system. And so usually what customers find is I've got four or five current- different vendors in those areas. And cybersecurity vendors are not the best at working together, which they were, because then we do better for customers. And so trying to get two vendors to work is hard enough, trying to get five or six is really hard. And so what they're looking at over time is to say, maybe I get the minimum basic ZTNA working. And then as I go forward, for example, what they really want is this continuing posture assessment. Well, you can do that with some EDR technology, but is that EDR technology integrated into your policy engine? No. So I think what customers are saying is, let me start with the base ZTNA with maybe two vendors. And then as I go forward implement a, you know, a fabric or a platform approach to get everything working together. 'Cause it's just too hard with five or six vendors. >> Right. Is there, I'm curious if there's a shared responsibility model with customers working with different vendors; what actions and security responsibilities fall on the customer that they need to be aware of? >> Well, and it also comes back to this, you know, there's convergence of networking and security. And I've said a few times I'm definitely seeing CIOs and CSOs, security teams, and networking teams working much more closely. And especially when you've got a use case now that goes across security items and networking items and networking, the proxy has always been in the control of the networking team. Endpoint security is always been in the- you know, the security team. It's just forcing this convergence not just of the technologies itself but of the organizations inside enterprises. >> (Lisa) Well, and that's a challenging one for every organization is getting, you know, if you're talking about it in general, the business folks, the IT folks. Now this is not just a security problem. This is a problem for the entire corporation, as we just saw with the Colonial Pipeline. Ransomware is now becoming a household name. These are business-critical board-level discussions I imagine on the security side. How is Fortinet helping customers kind of bridge that gap between the biz folks and the IT folks where security is concerned? >> Yeah. You know, ransomware has been around quite a while. I think two years ago, we saw a lot of it in the schools. K-12 schools in the U.S. I think they're picking some richer targets now. The colonial one, I think there was a 4 million ransom. I think that they managed to get some of that money back. But, you know, instead of, you know, demanding $5,000 or $10,000 from a small business or a school they're obviously demanding millions from these larger companies. And you know, one of the problems with ransomware is, you know, it still relies heavily on social engineering. I don't think you can eliminate that people clicking on stuff, you know, a very small percentage still. I think what it means is you have to put some more proactive things in place, like the zero trust, like micro-segmentation, like web application file warning. All these capabilities to try and make your systems as strong as possible. So then put in detection and response systems to assume that someone's clicking on something somewhere just to help. But it's definitely the environment. You know, the threat environment. It's not really gotten more sophisticated; yes, there are still advanced threats. I fear more about those weaponized APTs and state sponsored, but there's definitely a huge volume of ransomware now going after, you know, not only, you know, meat processing factories, but pipelines and critical infrastructure as we go forward. That's the more worrying. >> (Lisa) Right. You bring up a good point about, sort of, people being one of the biggest challenges from a security perspective. Clicking on links, not checking to see if a link is bogus or legitimate. So, help me understand a little bit more how is zero trust can help maybe take some of that human error out of the equation? >> Well, because I think before, you know, when you got access, when you're off the network and you've got access to the network, you've got access to everything, okay. So once you're on the network, and I think the Colonial Pipeline was a good example where traditionally, operational technology networks, physical networks sort of separate from the IT network and they had something called an air gap. And that air gap meant you really couldn't get to it. Now when people had to be remote because of the pandemic, they started taking these air gaps. And so now we had remote access. And so again, when you- when they got that remote access and they got into the network, they could- the network was very flat and you could see everything you can go anywhere. And so that's what zero trust does. It kind of says, I kind of did the zero trust approach to you that I'm only going to allow you access to this application. And I'm going to keep checking on you to make sure you are you are who you say you are on a continuous basis. And that really provides a bit more safety. Now, I still- we still think you need to put things like segmentation in place and some other capabilities and monitoring everything else, but it just narrows the attack surface down from this giant network approach to a specific application >> Narrowing that is the right direction. How do organizations, when you're working with customers, how do they go- How do they evolve from a traditional VPN to zero trust? What are some of the steps involved in that? >> Well, I think it's, you know, what's interesting is customers still have data centers. In fact, you know, some of the customers who have legacy applications will have a data center for a long time. And in fact, what I find is even if you've implemented zero trust to a certain population, employee population, they still have VPNs in place. And sometimes they use them for the IT folks. Sometimes they use them for a specialized developers and stuff like that. And so I think it's going to be like everything, everything goes a hundred percent this way and it stays this way. And so it's going to be hybrid for a while where we see VPN technology and zero trust together. You know- our approach is that you can have both together and it's both on the same platform and it'll just gradually evolve as you go forward. >> What are some of the things you're looking forward to in the next year as this hybrid environment continues, but hopefully things start to open up more? What are some of the things that we can expect to hear and see from Fortinet? >> Well, I'm looking forward to getting out of my home office, that's for sure. >> (Lisa laughing) >> It's like I've been imprisoned here for eighteen months. >> I agree with you on that! So we'll try that. And, you know, I always thought I traveled too much before and now I'm contemplating on the travel piece. But from, you know, Fortinet's perspective, you know, our goal is to make sure that, you know, our customers can increase. We'll make sure they can protect themselves. And so we want to help them and keep working with them such that they put best practices in place and they start architecting longer-term to implement things like zero trust or sassy or some of these other capabilities. And so, you know, I think the- we've had a lot of interest with customers on these virtual sessions. I'm really looking forward to getting them back in our new building, our new executive briefing center, which we're opening up in the next few weeks. You may have more of those face-to-face and white boarding conversations with customers. >> Oh, that sounds so exciting. I agree with you on the travel front, but going from traveling a ton to none was a big challenge. But also, I imagined it'll be great to actually get to collaborate with customers again, and partners. You know, you can only do so much by Zoom. Talk to me a little bit about some of the things on the partnership front that we might be seeing. >> Yeah, our partners, you know, we're a hundred percent partner-driven company and partners are very important to us. And, you know, and that's why we always, when we introduce new technology, we work with the partners to make sure that they understand it. So for example, we provide free what they call an NSE training to all our partners. And then we also work with them very closely to put systems in their labs and the demos and make sure they can architect. And so partners are really important to us and, you know, making sure that they can provide value as part of a solution set to our customers, because customers trust them. And so we want to make sure that we work with our partners closely so they can help the customer implementing architect solutions as they go forward. >> That trust is critical. Right? I mean, we can talk about that at every event, every CUBE Conversation, the trust that an a customer has in you, the trust that you have in a partner and vice versa. That whole trust circle kind of goes along the lines with what we're talking about in terms of being able to establish that trust. So that threat landscape that's probably only going to continue to get bigger is in the trusted hands of folks like Fortinet and your partners to be able to enable those customers to narrow that threat landscape. >> Yeah, yeah. And so it could be the smallest partner to the largest service provider. We don't mind. We want to make sure that we're working with them to provide that implementation from the customers. And again, the word trust is sometimes overused, but that's what customers are looking for. >> (Lisa) So, John, point me to when our audience is some of the information that they can find on Dotcom about zero trust. What are some of the things that you think are great calls to action for the audience? >> Yeah. I mean, it depends. I think it depends on what level you want to get into where we have a bunch of assets, videos, and training but start at the very highest level, you know, why is zero trust something you need to implement? And then it goes down into more details and then even the architecture, long-term architecture and connectivity and implementation. So there's a lot of assets on Fortinet.com If you go on our training sessions, there's- all our training's free to our customers. And so you can go in all those NSE levels and look at the capabilities. So yeah, definitely it's a- it's an area of high interest from our customers. But as I say to them, it's more of a journey. Yes, you can implement something today really quickly, but will that work for you over the long-term in making sure you can take all the information from the, like I said, you know, how is the voice, the posture of that device? What is the device with an agent doing, you know, as my contextual engine integrated as well? So it's a journey for customers and, but you can start with something simple but you need to have that plan for that journey in place. >> I imagine though, John, it's a journey that is either accelerating, or with the threat landscape and some of the things that we've already talked about, is becoming an absolutely board-critical conversation. So, and on that journey, does Fortinet work with customers to accelerate certain parts of it? Because you know, these businesses have been pivoting so much in the last year and they've got to not just survive, but now thrive in this new landscape, this new hybrid work from home, work from anywhere environment and also with more threats. >> Yeah, no, it's a good point. And so, you know, even those internally are implementing it starting the most critical assets first. So let's say, you know, I've got somebody working on source code, they should be the first ones to get the zero trust implementation. I've got somebody asking from the internet to search for stuff. Maybe they're okay for now, but yeah. So you kind of prioritize your assets and users against, you know, the threat and then implement. That's why I'm saying you can roll it out across everyone as, you know, a certain version of it. But I think it's better to prioritize first the most important assets in IP and then roll it out that way. >> (Lisa) Great advice. >> Because some of- a lot of those assets are still sitting in the data center. >> Right. >> So they're not sitting in the cloud. >> Right. John, great advice. Thank you so much for joining me. Good to see you, glad all is well and that you will be able to get out of your home office. You're just days away from that. I'm sure that's going to feel great. >> Certainly is. And thank you, Lisa. >> Nice to see you. For John Madison, I'm Lisa Martin. You're watching this CUBE Conversation. (calm electronic music with piano)

(upbeat music) >> Welcome to this CUBE Conversation, I'm Lisa Martin. I've got two guests from Fortinet with me next talking about an very interesting topic that's something that always piques my interest, cybersecurity, and some of the things going on with respect to that. Sandra Wheatley joins us the SVP of marketing, threat intelligence and influencer communications at Fortinet. Sandra, it's great to see you again. >> Thank you, Lisa. I'm delighted to be here today. >> Lisa: Good and Rob Rashotte is here as well, vice-president, global training and technical field enablement at Fortinet. Rob welcome to the program. >> Hi, great to meet you Lisa. Nice to be here. >> Likewise. So since I last saw Fortinet we've had such a challenging year as we all know, that's an understatement, but one of the things that happened so quickly was the distribution of the workforce. And there were already preexisting gaps in IT Visibility and teams being siloed, security teams being siloed as well exacerbated distinct cybersecurity skills gap. So Sandra I want to start with you. Talk to us about what's going on with the cybersecurity skills gap and how it's impacting organizations today. >> Thank you, Lisa. While the cybersecurity skills gap continues to be one of the biggest challenges facing security organizations today, as you know, the cybersecurity space is very dynamic. It's constantly changing and we saw this even through COVID with more people working from home or being educated from home. Cyber adversaries are using remote workers as a way into the enterprise network. And so security organizations today are facing a lot of complexity. They deal with billions of alerts that come in every day and a lot of these have to be managed manually and they just don't have the professionals to keep up with that. So it continues to be a big issue facing organizations. We have seen some progress about a year ago. It was estimated that we would need 4 million professionals come into the industry to close the gap. We are now at probably a little bit over 3 million. So there is progress being made but we still have a long way to go. >> Yeah, good progress there. But what I mean, one of the things that we saw so quickly was with the distribution center was suddenly, there were tons of trusted devices that were off the network perimeter where all these keep going, "Use your own device at home until we can get you something provisioned on the network." So huge challenge that was almost like a light switch for people in any industry. Rob, talk to me from your perspective the ongoing cybersecurity skills gap. What are some of the things that you were seeing through your lens? >> Yeah, well, I mean it has certainly changed our focus over the last year with the pandemic and the change in workforce and so on. And I think as a cybersecurity vendor, a lot of the times when we talk about training and the skills gap we often tend to think pretty quickly about engineers and technical training and like this has really opened up our eyes too. We need to really broaden our scope when we're talking about training and closing the skills gap, because it's a lot more than just engineers. So we've had to really focus more on really anyone sitting in front of a computer screen and ensure that programs are available for people that are working from home that need to understand, the fact that security is just as big an issue if you're working from home or working from the office. So it's really broadened our scope in terms of who we're delivering training to and within a number of our programs, actually, that has happened. When we're dealing with we have a lot of academic partners that we deliver training with them. And one thing that's happened there is we we've traditionally dealt with engineering schools within our academic partners but now we're starting to see a lot of business schools coming and talking to us about delivering training within MBA programs and so on. So that business leaders can start understand, the need to be addressing cybersecurity in the boardroom for example, not just within the it department. So it's I guess the one thing I would say is it's really broadened our scope in terms of who the audience is for cybersecurity and the skills gap is a, you know it impacts a lot of different areas in the organization. >> Yeah, you brought up a great point there that elevation of security to the board level is critical. As we saw like big spikes and things like Ransomware last year. Ransomware getting much more sophisticated kind of playing on people's concerns for buzzwords like COVID-19 for example, and I talked to a lot of organizations where security is at the board level but the talent gap is another challenge. Sandra talk to us about what Fortinet is doing from a partnership perspective to help shrink that gap. >> Well, it's interesting because if you were to do a survey of people about where the responsibility lies to train more professionals for the industry, you'll see a split about 40% of people feel like academia should be providing the training and the curriculum to bring more professionals into the industry. And then others feel like it's a mix between corporate private public partnerships. And that's something that Fortinet believes in. We are tackling this issue on multiple fronts. We recently launched our TAA initiative or our Training Advancement Agenda, and a lot of the pro programs that Rob manages are part of that agenda like our free NSE training, our security academies, but we're also working with a lot of global partners, corporate partners like Salesforce, and IBM. We're also working with the World Economic Forum on this initiative because we really believe it's a joint effort to really make a difference. And so, for example, with Salesforce we provide some of our curriculum and training for free on their training platform, the same with IBM. And we'll continue to scale these partnerships because with these partners, we can reach more people and accelerate the impact that we can have overall. >> Absolutely that ability to expand it especially as we saw such a change in the cyber threat landscape last year as you said, Sandra you've made great progress needing, you know, a deficit of 4 million folks down to 3 million, but also looking at the opportunity to try to find more folks leveraging partners and to rubs point elevating the conversation or expanding that scope. This isn't just a problem for IT and security folks. This is a challenge across the organization that the board needs to be focused on because we've seen in this rapidly changing last year organizations and enough peril in trying to pivot their businesses. And then you add on some of the cyber threats. Rob can you talk a little bit more about the TAA initiative? I know that about your Network Security Expert program NSE program, you guys also do FortiVet program. Tell us a little bit about some of those programs and maybe some of the things that you've done to broaden the scope during the last year. >> Yeah, it certainly can. I mean, there's a number of programs that make up the agenda and you know we've widened the scope in terms of the audiences that we're looking at. But also as Sandra mentioned, trying to expand our reach as ordinary, obviously we have a reach into our partners and our ecosystem, but the ecosystem of the IBM's and the world economic forums and so on go far beyond our reach. But one of the things that we were able to do as a company almost exactly a year ago, we made the conscious decision that the training curriculum that we've built, we wanted to make it available to as many people as we possibly could. So we we've made approximately 400 hours worth of cybersecurity training available to anyone that wants to sign up and take the training in self-paced format, where they want to take it, when they want to take it. So that was a big commitment on our part and that training continues to be free today and we'll keep it free until we start to see the skills gap closed but that that has resulted I guess it was about a month or two ago when we were tracking numbers that we've exceeded over a million registrations for that training, which really was validation to us that the demand for this training is massive. So that's helped us expand our reach but that training as well we're making it available for free, but we have all sorts of different types of partners who are taking that training and making it three free through their learning portals as well. So it's really expanded the reach in that way. You know, another area that we've really focused on is partnering with nonprofits who are representing underrepresented groups. So you mentioned the veterans program that's been a program we've had for quite a while now, but we've looked at that program and thought, well, you know, we can definitely replicate our efforts there and look at other groups as well and start to see how we can partner with different NGOs to really address the diversity and inclusion, within the cybersecurity industry. 'Cause, you know, I think one thing that's interesting here is because of the skill shortage, a lot of hiring managers have had to start to look at recruiting through non traditional streams. And that that can be, you know, looking at if we have policies that say, we must hire people with four year degrees. Well, maybe we want to take a look at that and see well is that really necessary for all the jobs that we're looking at? Maybe we could look at shorter programs even high school students but then also looking at underrepresented groups it is a great way for us to take a look at this skills gap in cybersecurity and align it with our diversity and inclusion initiatives, internally within our organizations and see how we can bring that to bear on problem and really start to have the same time, create a much more diverse workforce within cybersecurity while we're trying to close that skills gap. >> I love that what a great opportunity to expand upon that. I wanted to ask you just really quickly, Rob she said 400 hours of free cyber training available over a million registrations so far. You're right, that definitely shows the demand. I'm curious when we think of backgrounds we think are these, you know need to be IT folks. Is that curriculum broad enough so that somebody with a marketing degree or somebody that doesn't have a degree could kind of get in on level one and start learning their way up the security stack? >> Yeah, it is a very broad scope. When we look at the catalog, it is multiple levels. And in fact our network security expert program it's an eight level program. And the first couple of levels of that program are applicable to anyone that needs an awareness of cybersecurity and the issues. So, yeah, it's perfect. And `in fact the level one of that program is something that we've integrated into a new service offering which is our Cybersecurity Awareness Program that companies can implement internally to provide that base level of cybersecurity awareness to all of their employees. And then as you go up to level two, three, four and five, and so on, it gets more and more technical right up to the NSE level or we're talking about, you know, architects engineers are developing very large critical cyber security infrastructures. >> Lisa, you bring up a very important point that I'd like to make a comment on. There's this misconception that you need a degree in Computer Science or some other technical degree to be in cyber security. And that's absolutely not the case. In fact, half the people in cybersecurity don't have a degree in any Computer Science program, et cetera, but you know there's a lot of skillsets and backgrounds that really map well to cybersecurity. And it's a very broad industry. There was new roles coming all of the time. So I would encourage people to not let that be a barrier to getting into this industry. And in fact our Veteran's program has been extremely successful because people coming out of the defense forces have a lot of the skills that match very well to cyber security like attention to detail, situational awareness, the ability to work under pressure. So it's definitely a misconception that the industry needs to correct. >> I couldn't agree more, especially as the daughter of a Vietnam Combat Veteran and I love what you guys are doing with veterans but you're right. There's so many other skills that people have that are so transportable and transferable that, and it's such an exciting industry. I mean, we all have a million devices scattered around. I think with those new Apple tags that if I put one on my dog's collar, my dog's going to be a connected device. There's so many opportunities to learn but there's also more exposure. The more people that have different backgrounds I think just that with that thought diversity alone, organizations in any industry can benefit. Sandra talk to us about how partners are taking some of these programs and rolling them into their own to help kind of open that door wider as you say, to make sure that barrier isn't there and also get more folks aware of what they can learn. >> Yeah, the encouraging thing is I just see a lot more creativity around this issue. If you think about it, the lack of diversity in IT has been a challenge for everyone that the issue in cybersecurity is just a manifestation of that. And one of the reasons is that it's particularly cybersecurity. A lot of people don't understand how to get into the industry, or they have a lack of awareness about the different types of roles. And we see this in particular with women and young females as well as underserved minority groups. In fact, the veterans program is one way to bring more of that diversity into the industry. And if you think about it today, women make up about 24%. I think it's single digits for underrepresented groups. So we have a huge opportunity there. And I think somehow working with our partners we're doing a lot of different things. Not only are we providing our curriculum and our training and the technical support, but we're also done a lot of work around mapping roles and the steps you need to take to, to achieve those roles. So we've created that for different roles, and we've shared that with some of our training partners and they provide that information on their training platforms. We also regularly have done a lot of different podcasts and interviews with women and minorities have gone through the industry and been very successful talking about how they did that and how they got there. We're working with lots of nonprofits like Women in Cybersecurity speaking to people out there providing them the support. So it's a multi-phase approach. And I do think that private industry need to be doing things like creating entry level kinds of roles to bring more people in the industry and recruit differently. But the good news is there's a huge amount of awareness around this, and you definitely see companies doing a lot more, as well as our partners. >> Well if I could just touch on something there, well Sandra is talking about the different career roles and so on. The industry can get pretty complicated pretty quickly when we're talking about different roles. And there's a lot of buzzwords. And you know when people are looking at this and say, well, how do I even get into this industry? It sounds very technical complicated. And, you know, there are a number of different career patching tools that you can find out there around cyber security but when there's too many of those that even gets confusing. So the career paths that we've developed, we've done that in conjunction with NICE and there's an initiative called the NICE Framework which stands for National Initiative for Cyber Security Education. And so the pathways that we've developed map to that. So, you know, that's one thing I'd like to encourage other organizations to make sure that we're all following that framework so that as we're providing these career paths to people we're using the same terminology. We're using the same titles and career paths and so on. So it just makes it a little bit more understandable for people to pick a path that they want and then start their journey. >> I also think exposing students earlier in their education about cyber security is really important. In fact, we're just released a book called "Cyber Safe" and it's targeting elementary school children and their parents and making them more aware of cybersecurity, the risks, how they should behave online. It talks about cyber bullying and it also helps has guidance in there for parents. And this is a book that we're making freely available to underserved schools and it can easily be accessed online. We've had great reviews, but it's all part of our TAA efforts to educate and make people more aware about the opportunities on the industry overall. >> I love that, Sandra our SVP of marketing. Is there a URL that you can give our audience where they can find that free resource? >> Yes, you can find that I believe on our NSE training page. You can just go to fortinet.com NSE and or TAA and you will find information about how to get the book. >> Excellent so fortinet.com search TAA or NSE you'll find that information. I'm going to check that out myself 'cause maybe you know, for adult children of parents who also need some cybersecurity help I think I might check that out for myself. >> You can (indistinct) copy Lisa. >> Thank you, excellent. It's been great talking to you guys. This is such an interesting topic. I love the efforts that Fortinet is doing to close those gaps and also what you're doing to bridge that with the diversity and inclusion efforts brought out. That's a great effort, Sandra, Rob thank you for joining me today. >> Thank you, Lisa. >> Thank you, Lisa >> For Sandra Wheatley and Rob Rashotte. I'm Lisa Martin. You're watching this CUBE conversation with Fortinet. (gentle music)

(upbeat music) >> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is theCUBE conversation. >> Hey, welcome back, everybody Jeff Frick here with theCUBE coming to you from our Palo Alto studios today for a cube conversation, you know we're like six, seven, eight months into this COVID thing. We're going to be dealing with it for a while. And one of the themes we've heard about over and over as kind of a result of COVID is an increased in the attack surfaces. More people are working from home or work from anywhere. And security has only been increasing in importance. And we're excited to have somebody from the alumni group who's been on before she is Sandra Wheatley the SVP marketing threat intelligence and influencer communications at Fortinet. Sandra great to see you. >> Thank you Jeff, I'm happy to be here. >> Yeah, I think actually I misspoke. We've had a ton of great Fortinet people on we've talked to John and Ken and Phil and Tony, but actually I'm not sure that we've had you on before, so great to have you. >> No, this is my first time. >> Awesome, so let's jump into it but we're going to take a slightly different tack today and we're not going to talk about the technology as much as this other pesky little problem, which is people. And, you know we know there's a huge skills gap in tech in general right. There's tons and tons of open recs. If you go into all the big sites and then security it's even a more specific and a more acute problem. I wonder if you can tell us a little bit about kind of your perspective on this problem, being a senior executive you know, at a security company, people is a big issue. How do you guys kind of look at the problem? How should people think about it and what are we going to do about it? >> Well, Jeff, you were completely right. The Cyber security skills gap. It's one of the biggest challenges that's facing organizations today. I mean if you look at the larger landscape, cyber crime is one of the fastest growing crimes in the world, in fact by 2021, it'll cost the world about 6 trillion in total. And so tackling this issue continues to be a big problem. And it's exasperated by this the skills gap we recently did a study of Fortinet and 73% of respondents acknowledged that at least one intrusion could be attributed to the lack of skilled professionals. So it's a huge problem. We know that it would take about 4 million professionals to close that gap. And in particular with COVID, it's become even more increased. We've seen a big uptick in attacks from cyber criminals, really targeting remote workers. It's a way into the enterprise network. We've seen a resurgence of ransomware and phishing targeting that workforce. And so as this threat landscape continues to increase it's definitely a problem that cybersecurity organizations public and private partnerships really need to tackle. >> It's interesting because we talk a lot about automation and we talk about the scale of the attacks and the scale of data and you know, everything is just going so up until the right that without automation, you know you have no hope and you need some help to basically separate signal from noise. That said you still need people. And really that automation is going to hopefully get the high visibility the high priority issues to the right people. But ultimately that's an enabler for a person, not a replacement for person, for people. And it doesn't take away this tremendous need for more security professionals. And the other thing that we hear Sandra over and over right, is that security is no longer a bolt on it's no longer, you know, you just build the wall around the outside of everything, right? It's got to be baked in throughout the entire process of the product development and deployment. So the importance and kind of the reach and the breadth of security people in the influence of the building new products and shipping new products has never been greater and yet we've got this huge shortage. >> Exactly and I think you touched on it. You know, what we're hearing from our customers is that they're really using this period during COVID to really take a long-term look at their cybersecurity investments and strategy. And so you're right increasingly organizations are taking more of a platform approach to security, where they have more automation integration and AI that's one help. The other area is organizations need to be making their employees more cyber aware because it impacts everyone even employees working at home organizations. We just released InfoSec training and we offered it we made it available for free, and it really enables organizations to help educate their employees about the risk of cybersecurity and helping them to understand not to hit on the phishing email because, you know, 68% of intrusions happened as a result of careless mistakes by employees. That's a big issue, but also really making sure that we bring more professionals into the industry. I like to say, there's no job security like cybersecurity. So at the beginning of COVID, we made all of our training free and to the public in general. And I believe we had 500,000 registrations in the first six months. So that really underscores the demand for cybersecurity skills. And then organizations can also really be tapping into underrepresented of demographics, like veterans like women who make up only 14% of the workforce overall. So there was a lots of things we can be doing and working together on this problem. >> Yeah, you touched on a whole bunch of things there. So let's unpack a couple of them specifically. One of the cool things about security is that you guys do work together and that there is a big benefit from working together. So it's a great place for kind of coopetition, especially as new threats come in and you guys can share that information. So there is an interesting kind of an ecosystem that there's, you know shared basically resources against the bad guys. But you guys did a really interesting thing with Salesforce, with the world economic forum specifically to go after this problem. So where did that come from, Why Salesforce? Why world economic forum and why take you know, kind of, I guess, out of the industry approach to really addressing getting more people as cybersecurity professionals? >> Well, for dinette as a founding member of the C foresee cybersecurity forum, it was created by the world economic forum about two years ago. And right from the beginning one of the initiatives that we began working on was to reduce the skills gap. And so we started working with the world economic forum Salesforce, which is another founding member and others to tackle this problem. And so we're provide all of our training we provide our training and curriculum on the salesforce Trailhead platform. We've also entered into another partnership with IBM, where we're providing our training on there as cyber skills platform. We're working with local universities like Berkeley and others to make sure that we're getting more of the curriculum into their certifications and degree programs. Interestingly enough, one of the issues with this challenges is that there's not a lot of universities offering degrees in cybersecurity, which is really surprising. And so we're seeing a lot more uptick and interest around awareness around this area. And so it's very encouraging to see the results of some of these partnerships. >> I don't, I mean, you I'm going to tease you kind of buried the lead but so people understand what you just said. You guys basically opened up your training catalog for free, during COVID as a reaction to help basically get more people trained. Am I getting that right? >> That's completely right. We saw that this is something that can really help our customers during this time. It's something we're committed to closing and we felt this was a really impactful way to help with that issue. >> That's amazing. And I saw you in an interview with Rob Rashad I believe is his name from your team. I wonder if you can, again, share with us some of the details in terms of the numbers of people that have gone through this program. Cause he mentioned them, somebody didn't write them down this is pretty significant numbers that you guys are running through this free program. >> Yeah, so we just passed a great big milestone of 500,000 certifications. Half of those have just been this year and that program's been in place for many, many years. So there's no doubt that this is something that's in huge demand. And so we continue to offer those trainings. This was one of the reasons why we just rolled out the InfoSec training for our customers and others to educate their employees. I mean, that's one point I think we had someone registering every seven minutes. And so the response to that was excellent. And that training program has eight different modules and the curriculum in that program actually provides credits for ISC, which is a a big certification in cybersecurity and CIISSP. So, you know, it's just an invaluable training program. >> That's wild, and again, it's free all the way, not just to register for, you know, the one-on-ones, but all the way through the certification process at the end. >> Well at the end, if you want to get the actual certification that's something that you can do separately after you do the training. Although we're working with some nonprofits to help pay for those certifications so that there's no financial burden to people. >> Wow, that's tremendous. And then the other piece that you mentioned but I just want to highlight it is the opportunity to go after underrepresented groups. And you specifically mentioned that you have a program for veterans and again, it seems so logical but some people just don't get it right. Then you've got a skills shortage and you've got a talent shortage. Why not tap into those markets and of those pools of people that are under utilized because, Oh, by the way, they probably have a bunch of good qualified people in there that you can leverage. >> That's exactly right, like vets if you look at take veterans for an example, they already have a lot of the skills that really work well for cybersecurity like situational awareness. They work very well under pressure. And so we started our veterans program about two years ago. And in addition to our training we offer mentoring curriculum, resume building, interviews skills building and now at this point, trained about a thousand veterans many have had jobs on one thing that we do that's different to other programs is that we bridge those candidates to our partners and customers who are looking for talent and really closed that whole loop. So it's not just about the training, but it's also finding them as well at the end of the training once it's been completed. >> Right, that's great. I also want to touch on another thing that you do beyond just training and this comes from you published a blog on July eighth of this year talking about overcoming the cybersecurity gap skills gap. But you talked about other things beyond just the people. And I want to highlight really some attitudinal things that you suggest for people to get over this world view, cyber security as an enabler, right? Not an obstacle recognize cybersecurity is a team effort. It's not just some superstar, get the C-suite involved collaborate on cybersecurity awareness and you know, thinking about these this issue at a little broader and a more kind of macro company-wide scale versus it's just the security people's job over in the security people's corner. And that's really the best way to take care of it. >> Absolutely, and that goes back to my earlier point. I mean the insider threat continues to be the biggest vector for attacks. A lot of times it's, you know, employees hitting on a phishing email I'm sure you've seen the increase in those. And so it's really, you're right. It's more, the responsibility just doesn't lie with the folks who lead the cybersecurity organization. We all have a responsibility to be much more educated and aware. And so I think you know, the board has to get them more involved. Executive management needs to make sure that they're providing the right training and education to their employees, that they're providing mentoring that the really encouraging more employees to move into cybersecurity and become certified. So there's lots of things that organizations need to be doing that include education training. And then also making sure that you're making the right technology investments so that you have an infrastructure in place that's agile and can be flexible enough to meet the increasing demands of the threat landscape. >> Right, I just wonder if you can share some insight on the conversation that happened before you guys opened this up to be free. 'Cause it's clearly, it's a move to do the right thing. It's a move to you know, to respond to the community that's suffering and it's something that you guys could do you had at your disposal, but I'm sure there was some naysayers in there they're saying "No, we can't give this away. This is super valuable stuff." How, you know how did you kind of make that decision to move forward? And I'm curious how it's kind of played out over time now that you've basically, as you said increased your exposure and people that are trained and you know, I'm sure a lot of positive, you know kind of second order benefits that you really didn't plan on when you were just trying to make a decision to help the community. >> Well, this was a decision that came from the top. Our CEO has always been committed to training. I mean, this is why we even started the program which our NSE program is one of the most robust in the industry. And so it's something that the founders have always been committed to. It's something that we've invested in. So there really wasn't any obstacles to doing this. This was something that everyone jumped on board with. The other thing is we really wanted to help our customers during this time. And we felt that this was one really meaningful way. We could help them by providing this training for free. And making sure that they have the talent that they need to really address all of the, you know, the expanding attack surface. But we were surprised by the demand and the response that was outstanding, right from the get-go. And so while we, you know, we've talked about this being offered to the end of the year we haven't really made any plans to change that. And so that it may continue beyond the end of the year because the demand is so great and the results have been so positive. >> Right. And I'm just curious, do you have in the training and I didn't go through exhaustively through the whole list of all the courses, but beyond just the professionals do you have all the basic training just for employees? I just don't click on the link. You know, it's so funny. I was at, I think it was RSA. One of the keynotes was a, a Cisco executive and she said you know, we tell people not to click links but that's what we do all day long. We click links, that's what we do, it's part of our job. And, you know, it's such a a weird behavior to tell people not to do. And I'm still confused how SurveyMonkey gets people to click on SurveyMonkey links but that's a different conversation for another day but I mean, are you offering the whole suite? And I just love to get your perspective as a security executive, when you talk to clients how to think about things beyond just the obvious you know, don't click on phishing emails and, you know, tighten up everything, but you know, more kind of high level how to think about security in this increasingly complex and dangerous world, if you will. >> Yeah, well, the training program has eight modules. It goes from the most basic training to the most advanced training. So our NSE one and two are really more about educating people about the threat landscape the threats out there, what it looks like the most basic emphasis security awareness around what you should do and what you should be looking out for. And all of our employees afforded that take that training. We take up to NSE 4, that's, something that's mandated. And so at the very basic level all organizations should be leveraging those modules for their employees and for individuals who are just interested at large. And then it really advances very quickly after that. And it's the most advanced, you know, it covers, you know cloud, the whole attack surface, AI, threat intelligence. And actually, as I mentioned earlier, provides credits for some of that top cybersecurity certifications in the industry, especially at the level of CSO. So it's very broad, it's extremely robust. And addition to those modules we also have what we call fast track training and that's really utilized by our customers and partners. And that's more focused on specific technology areas. It's very condensed, it may be a day or two days. And the demand for that has been phenomenal. So that's been another program we added about two years ago. That's been very well received. >> Wow, well, good for you guys. Good for you guys for making a proactive move in a very positive way to help your customers and help the community at large. It's just great to see, these are just tough times. They're going to be tough times for a little while longer. So, you know, it's nice that you have resources available that you're able to make to make available to the larger community. And I'm sure it's nothing, but goodness will come from it. So good move by you guys. And I'm sure there's a lot of tangential benefits as well. >> Thank you Jeff. >> Well, thank you Sandra for sharing the story and great to meet you and expand our our community over on the fourth tenet side, we've had a lot of great guests over the year so it was great to great to have you on as well. >> Thank you very much. We really appreciate all the support. >> Absolutely, thank you. All right, so go out and get your free training. Go to fortinet.com and sign up and you too could be a security expert, or at least as far as you want to go all the way up to certification. I'm Jeff, she's Sandra you're watching theCUBE. Thanks for watching, we'll see you next time. (upbeat music)

>> Narrator: Live from Orlando, Florida. It's theCUBE... covering Accelerate '19. (electronic music) Brought to you by Fortinet. >> Welcome back to theCUBE. We are at Fortinet Accelerate 2019 in Orlando, Florida. I'm Lisa Martin with Peter Burris. We've been here all day talking with Fortinet executives, with partners, really understanding the evolution of cybersecurity and how they are helping customers to combat those challenges to be successful. We're pleased to welcome back to theCUBE alumni John Bove, the VP of North America's channel for Fortinet. John welcome back to the program. >> Thanks for having me, great to see you both again. >> Likewise, so, so much going on today, some news coming out. The keynote this morning started with a lot of electricity around Fortinet's industry leadership, product leadership, there was a lot of growth numbers shared >> John: Yup >> There's also a lot of people here about close to four thousand. >> John: Close to four thousand people, yup. >> And you saying that a good percentage of that is partners, forty countries represented. What are some of the things from your perspective, that you've observed today, in terms of the reaction from the channel to all of this news coming out. >> Yeah so first off, the heritage of this event really was a partner conference going back to its infancy and you know as Fortinet continues to grow and our customer profile continues to you know, move up market, we've now invited customers. So it's really great the synergy that we have. We've got a number of partners with their customers coming to meetings and meeting with executives, and so it's just really fantastic. You know relative to the announcements about the partner program, we've seen really positive feedback. I think the program was introduced about a decade ago and it really was time for a refresh, and so, what we've done is, we want to bring a program to our partner community that, allows them to engage with us in how they see fit, and then we want to build the go to market that's a little bit more in tune with the market that exists here, as we're moving into the year 2020 and beyond. So we're really assimilating a reseller, MMSP and Cloud as types of partner go to markets, and organizing that all underneath the Fortinet partner program umbrella. We'll also be introducing a consultancy track because we want to insure that the assets within the network security expert program are available to those consultants that are working with customers on their journey to the Cloud, for instance, or through this digital transformation. And then finally we're introducing what we're calling a competency focus. So as Fortinet continues to grow as a company there's a number of competencies that we feel if we enable partners appropriately they're going to be able to benefit from. They're going to build a stronger business around the Fortinet Security Fabric. So, we're going to focus on SD-WAN, we're going to focus on Fabric, we're going to focus on Data Center, operational technologies and then S.A.C., because we do think, you know, S.A.C. operations, is an area, that cybersecurity and the number of tool sets are introduced, it's an area that we need to grow into as a company as well. >> Lots going on. >> Lot's going on, yes. >> So as you consider some of the challenges that your partners face, we talked a little bit about this with Patrice, partners, throughout the industry are hurting as they try to transition from a more traditional hardware to whatever's going to be the steady state, >> John: That's right >> with the Cloud and the Edge having such an impact. Education is crucial. You not just get your customers educated about how cybersecurity works, but your partners need to be increasingly educated so they can find those opportunities, niches, stay in business, help you engage, how's that playing out? >> My number one initiative as the channel leader is to drive partner competency and preference. And so, going back to competency, if we can build partner competencies, they're going to build a healthier, more margin rich business around the Security Fabric, which then, selfishly, is going to lead them to delivering more preference around Fortinet. But there's no doubt, it's a changing dynamics. Business models are changing on the fly. We're seeing evolution of VAR to MSP, and MSP to MSSP, and we are laser focused on capitalizing that. Our FortiSIEM technology for instance is, I really view as a Beachhead technology for us to go capitalize that MSP market in the mid-market. I think that the evolution of consumption to more of a consumption model away from a transactional acquisition, also lends itself to new and innovative programs that need to be delivered. In fact with our North American distributors, in the past six months, we've introduced hardware as a service, to reduce, you know, to position things as an operational expense, which may be more in tune with how customers are purchasing today, and we've introduced FortiSIEM for MSSP. The evolution of VAR to a service provider can be very capital intensive, and so one of the things that we've done with our hardware as a service and FortiSIEM for MSSP, we've really tried to reduce the cost of the entry point, and drive more day one margin opportunity for those partners. >> Let me build on that if I may Lisa, so Ken and Mike have done a pretty phenomenal job of steering Fortinet into the future and anticipating some of the big changes that have occurred. You guys have therefore pretty decent visibility into how things are going to play out, and are now large enough that your actually participating in making the future that >> Right >> Everybody else is thinking about. When you introduce a product, I mean, it takes a period of time for your partners to get educated, to up-skill, to really set themselves up to succeed in this dynamic world. Are you introducing educational regimens, competency tests, providing advice and council about the new competencies they're going to need, in anticipation to some of these, some of the roadmap of the, to the future that you see? >> Yeah, so two things I'll touch on there is you know, the NSC program has been wildly successful program for ... >> Peter: No what does NSE stand for? >> Network Security Expert so it's a training course where for a partner and you've got new team members coming on board, the NSE113 really enables them of how to position, you know, Fortinet, and what the challenges are in a network in a cybersecurity environment today. With the elements four through eight being more technical. We've seen over 200,000 certifications being adopted globally, so, I think, part of the visionary capabilities that Michael and Ken have, is they've incorporated the education piece of it, and so carrying that along, and so as we do introduce new products, it's built into the NSE modules. I'll point to one of the most successful things we did in 2018 was called Fast Tracks, and so we've basically taken the NSE content and put it into consumable two hour, hands on, technical labs for our partners and customers. We had a goal in 2018 to hit about a thousand people going through the Fast Track program, we hit over eight thousand people. So, we know that there is a thirst for knowledge out there and the company's done a really good job, through the NSE program, the Network Security Expert Program, through out Network Security Academy Program, and through our Fast Tracks to drive that necessary enablement. >> Peter: That's very exciting. >> Yeah I know absolutely, I mean, it's a fantastic time to be at Fortinet, its a fantastic time to be a Fortinet partner, and I think with the announcements that we made today, we're really trying to set our partners up for success, and help them build a all encompassing business around the Security Fabric. It's a very noisy industry out there. There's a lot of point based solutions that, that lack the integration and really you need an integrated set of solutions in this, you know, expanding digital footprint that customers are faced with. >> So when we talk about education and I'm glad that you guys brought that up, that was a big topic, it was a pillar that Ken talked about, that Patrice talked about as well, it was one of the core pillars that was talked about at the World Economic Forum that was just a couple of months ago. So as we talk about education and educating your partners, I'd like to kind of flip that and ask how are your partners educating you on, these are the trends and concerns and the issues that we're seeing in the market today, to help influence the direction of Fortinet's technology? >> Yup, you know it's funny that you say that, I've been in partner meetings all day today, and it's great I get to spend, I don't think I've ever been this popular and definitely not in high school or college, but in spending time with partners and understanding their challenges it's good to see that our focus on the competency and preference and providing consumption modeling, fits to exactly the challenges that they're faced with, because VARS will tell you that the transition from being a reseller to an MSP can be very, very expensive. And so, with FortiSIEM for MSSP and the as of service offerings, we're reducing that. And so, there are , they're resonating to that. But the other thing is, for the mid-market customer, the Security Fabric alleviates the need for the Cyber skills gap, right? We can't hire fast enough, and so, by depending upon the broad integrated and automated posture that this Fortinet Security Fabric allows, it really allows partners and customers to overcome some of the challenges, just from a head count standpoint. And I think that the NSE program also does a very good job of filling that gap as well. >> So the partner used to mean, these are the, for that group of customers, who our direct sales organization can't make money on, we will give them to partners, or the very, very large, for a very, very large company that's owned by Accenture or owned by Dimension Data, or something like that, >> Yup >> We'll work with them and deliver it. And that kind of middle was kind of lost. But even today, that Loewen, that idea of segmenting purely on the basis of how big they are, is problematic because there's a lot of small companies happening because of this digital transformation they're going to very rapidly grow into some very, very big footprints. >> Absolutely >> So how is that line between what Fortinet does, what the partner does, what the customer does, to achieve these outcomes, starting to shift? >> We're going to be introducing an ecosystem based approach. It's called Partner to Partner Connect, and it is to actually do that very thing. For those partners that may be in the mid-market, that need those expertise, we're going to allow partners to create almost a marketplace of service offerings so they can fill their gaps and they can build meaningful practices, leveraging what Fortinet is doing, but also leveraging somewhat some of our other partners are doing. We're seeing this immediately done with our distribution partners, in North America, and we're going to be introducing the Partner to Partner Connect later this year, and accessible through our Partner Portal. >> And those competencies that are associated with the NSE and the education, then become part of those Partner to Partner brands >> John: Absolutely >> Which makes it easy for those partners to be more trustworthy of whatever accommodations they put together to serve customers. >> Yup, I'll give you an example. So, we're also going to be announcing tomorrow afternoon in our North America breakout session, a Cloud Channel Initiative, and so our goal with this Cloud Channel Initiative, is to allow partners to build meaningful security and networking businesses in the public Cloud. We're going to utilize blueprints for reference architectures, we're going to align with education and certification, and then we're going to guide them through enablement to go to market. That's one of the things also we released this week was the NSE7 for public and private Cloud. So again, as we introduce new technologies and we introduce new opportunities, we're also aligning that to education as well, so the partners can be self service, because the better job a partner does is developing that competency , then the more services rich they're going to be able to deliver to the end customer themselves. >> What are some of your expectations in terms of FY19, I know this is a 20% year on your growth that Fortinet as a company achieved last year, I imagine a good amount of that was driven and influenced by the channel, but as this momentum continues to grow, as we saw this morning, and we've heard throughout this show today, what are some of your expectations about growing the number of partners in the programs that you talked about, like by the end of this year? >> Yes, we recognize, you know, first of all we appreciate our partners so much, and we want to ensure that we are enabling their business we're absolute in active recruitment mode. You know, we're currently going through recruitment and reactivation campaigns with partners that we want or maybe have done business with us before. We see we're coming off of a quarter in which we set a record for the most deal registrations and so that's really the metric in which we look for partner impact. They bring us an opportunity, we give them additional margin and we protect them. So, Q1, fiscal Q1 for us, was our largest deal registration quarter we've ever had. And in 2018 we saw a 52% increase in closed opportunities through our deal registration program. So the impact of the North American Channel is absolutely being felt and we're really excited about the new partner program and what it's going to allow us to do as we expand more into the MSP market, more into the Cloud market, and then hopefully go enable that whole consultancy layer that's out there as well, to help customers on their journey. >> So in terms of your session tomorrow, 'Transforming Your Profitability with Fortinet's Tailor Made Programs,' you mentioned some of the new announcements, what are like the top three take aways that attendees from that session are going to walk away with? >> Well it's going to be, we want to drive partner initiated revenue, we want to do that through competency development, through Widespace account penetration, and through meaningful investments that allow our partners to scale their business. >> Lisa: Lot of momentum, John thank you so much for visiting with Peter and me on theCUBE this afternoon, we can't wait to hear what great news you have next year. >> I look forward to it, thank you both. >> Excellent, our pleasure. For Peter Burris, I'm Lisa Martin, you're watching theCUBE. (electronic music)

(upbeat music) >> Live from Las Vegas, it's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. >> Welcome back to theCUBEs continuing coverage of Fortinet Accelerate 2018. I'm Lisa Martin here in Las Vegas with my co-host Peter Burris and we're excited to welcome a Cuba alumni back to theCUBE, please welcome Eric Kohl, the VP of Advanced Solutions from Ingram Micro. Welcome back! >> Thank you, thanks for having me back. Excited to be here. >> Yes, we're very excited. So tell us, what's new? We talked to you last year at this event, what's new and Ingram? Tell us about your role there and the things that are all exciting Ingram Micro. >> Yeah, brand-new for me. I'm in my 20th year at Ingram Micro. I lead our security practice for Ingram Micro U.S. and I have responsibility for sales, vendor management, strategy and execution on behalf of our manufacturer partners. It's a ever evolving space. It's such a great space to be in, I love watching the news every day. You know there's going to be some big logo but just as much fun as I have watching those, that's some of these small breaches that you don't hear about and it's just fascinating. So much more exciting than virtualization. (laughs) >> Some might argue with that. So tell us about the partnership that you guys have with Fortinet. How has that evolved over your time there? >> Yeah so been at Ingram for 10 and I've been working with Fortinet for, I'm sorry I've been at Ingram for 20 and been with Fortinet for over 10, back to when we signed the contract together. Just a very great partnership. They're our security partner of the year, last year. Good friends, excited to see John Bove back leading channels back to Fortinet and you know, we both invest in each other's success and so I think that's pretty unique. Huge investment for them here, having an event like this. Not every company does it but to bring everybody together where you can have security conversations get on the same page, it's extremely valuable, huge investment, and we're proud to be a sponsor. >> I'd love to chat about a little bit of the evolution that you've seen at Fortinet in the last 10 years as we look at, you mentioned breaches. I mean, there were some very notable things that happened in 2017. How have you seen the evolution from them on a security transformation standpoint as it relates to your customers and digital transformation. >> Yeah, so I mean it's something that we see every day from you know, as you know we sell to and through partners but you know, one thing obviously is their breath of solutions has expanded. But you know, also things that partners are asking us today is how is this technology being consumed? And in the face of digital transformation, that's a huge value point because ultimately we want to help our partners to architect, recommend the right technology to solve that business problem and then how do you want to consume it? How does your want to your client want to consume that? So I think that's one of the biggest kind of trends that we're seeing right now. >> So as you think about where you've come from to where you are and we'll talk a little bit about where you think might go, what were the stories you told about security 10 years ago? And how are they different from the stories you're telling about security today? >> I would say it's changed from my perspective because at Ingram, we have never ever been a services company like we are today. And so what I mean by that is, we wrap our services, partner services around the Fortinet solution to make it stronger. 10 years ago I would say we are living more in the traditional distribution role of hey, how do we get a box from here to there? Certainly channel enablement, we've been doing that for a long time but our offering of services to help drive demand is incredibly strong. You know, we work with Fortinet for example, on their threat assessment program and we have an engineer that can go and help. Our partners understand to do that, it's a huge partner ecosystem and so we've got to help them with all those channel enablement efforts. >> What are some of the biggest security challenges that you're hearing, say in the last year or so through the channel, that your partnership with Fortinet can help address? >> You know, it's all around complexity and that as you have likely heard that the shortage of folks that can get out and do some of these services have limitations. There's incredibly high demand for services, you know we're serving a channel ecosystem of roughly 12,000 companies that are buying security technology from us, all with varying degrees of capability and so we've really got to help them understand, hey, how can we help you deploy these services, etc. >> So as you imagine then the steps associated with helping the customer, the roles and relationships between Fortinet, Ingram, and your partners also must be evolving. So how is, as a person responsible for ensuring that that stays bound together in a coherent way for customers, how are you seeing that changing? >> Well you know, look it's a three-legged stool. (laughs) It's us, it's Fortinet and that's our partner community and we're reliant on each other to go and be successful in the market. Look, we couldn't be as great as we are working with our Fortinet channel ecosystem if we didn't have the support of Fortinet, the investments they make, the team that they have wrapped around our business, the team we've put in place wrapped around their business so that's kind of what I'm seeing there. >> They shared a lot of momentum not only in the keynotes this morning but also a number of the guests that we've had on the show today in terms of what Fortinet achieved last year. 1.8 billion in billing, nearly 18 thousand new customers acquired, a lot of momentum, a lot of numbers, I love that theme of the event today. So if we look at some of the things that were shared by Kenzie this morning for example, like I mentioned that the customer numbers and even talking about what they're doing to protect 90% of customers in the global S&P 100 and showed some some big brands there. Tell us a little bit about the partnership and how you're leveraging the momentum of what Fortinet is able to do in terms of capturing customers. How does that momentum translate and really kind of maybe fuel Ingram and what you're able to do? >> Well look, I mean there's incredible demand in security today. There was a slide that they showed this morning and I think it was the perfect storm. I like to call the security space a beautiful disaster. It's a mess, it's complicated, it's scary, the threat attacks are you know new and different and they're never going to stop but it again comes back to hey, how do we work together to kind of harness this? How do we go and there's a great partner community here, lots of our friends are here but they can't all be here. So we want to be able to help take that message out to our channel partners that were not here. Things like that. >> What are some of, oh sorry, go ahead Peter. >> I was going to say so Ingram, Ingram itself has changed. You said you've now, are now introducing security or you're introducing more services. So how is that.. How is security leading that charge to move from a more of a product and a distributor to now services? Is security one of the reasons why Ingram is going in that direction? >> It's one of them. I joked on virtualization but there's a lot of services that we can wrap around and I think, obviously there's a high demand of services and we will lead with Fortinet services and solutions where we can. We want our partners to lead with theirs but really we've hired people to go out do assessments. We have a partner ecosystem where, hey I can't get down to New Mexico to do an install. We have a partner network where they can tap into that and make sure that everything is installed correctly, all the features are turned on. You think about all these breaches that happen in the news, it's not that they didn't have the technology, they missed an alert or they didn't have it all deployed. We want to be able to help our partners solve for that. >> Along the partnership front, what are some of the things that excite you about the Fabric-Ready Partner Program and the announcements they've made today? >> Yeah, love it. Look Fortinet has built comprehensive end-to-end solutions within their Fortinet, I'm sorry, for their Fabric ecosystem but they've also recognized that they can't do it all alone and so they've introduced a lot of partners into that. And so what's exciting for me, leading our security category is, hey how do we bring new partners into our ecosystem too? Because it is a differentiator for Ingram to be able to provide multi-vendor solutions. To have somebody you can go to to say, how does SentinelOne work with for Fortinet Fabric? Those types of things, those conversations are happening all the time. >> Another thing that was announced today was what they're doing with with AI. Tell us a little bit about that and how are you seeing what they're going to be able to do with AI as an advantage for your partners and customers. >> Again the artificial intelligence, machine learning, it all goes back to making the technology easier to use. I still think, you think intelligence and I think back to the human factor. Some of these big breaches, look the threat actors are going to get in but how you recover from a breach, I think if we could inject some artificial intelligence into some of these companies that haven't figured out how to successfully pivot. You know paying your hacker a hundred thousand dollars to keep quiet is not the answer but I think that some of these machine learning things are going to make it easier. It's going to be easier to manage the alerts that are happening every day. So anything that helps eliminate, as they said today, the enemy of security is complexity. Things that help to discover these threats and remediate against them, all good stuff for our partners. >> On the enablement side, when we were talking with the channel chief, John Bove, earlier today and talking about sort of this long history of partner focused culture at Fortinet. Tell us about that in terms of the enablement that you're able to glean from them and then pass on to your channels in terms of selling strategies, marketing to, marketing through. What are some of the things that-- >> Look, we have an amazing team. John Bove, Curt Stratton, the folks that really spent so much time working with Ingram and then we've built an amazing team. I think we have 12 people from our company here at this event to make sure we're making the most out of it but you know. If you heard, we're at The Cosmo. They have Secret Pizza, have you been there? Have you heard about it? >> Lisa: No, Secret Pizza? >> Yeah, it's amazing, it's pretty good, okay. (laughs) >> You didn't bring any, I noticed that but continue. >> I didn't but it's secret not-so-secret pizza but we have some secret not so secret weapons. Jenna Tombolesi an NSE 7. She's one of the highest certified engineers on the planet and she works for Ingram Micro helping to technically enable some of our partners. We've got a guy by the name of Will The Thrill Sharland and The Thrill is out talking to partners every single day, helping them to be more profitable, trusted security advisors helping them through anything you can imagine from a channel enablement perspective. And then just huge teams of people that we go to serve this big market together. >> Are you seeing any vertical specificities? When Ken was sharing some slides this morning, they were talking about, they showed some verticals from a kind of market share perspective but I'm curious some of the verticals that kind of come to mind where security is concerned that maybe are a little bit more elevated than some of the others in terms of risk or health care education and financial services. Maybe Fed, SLED, are you seeing any verticals in particular, maybe those that are really going to be kind of having to be leading-edge, where security transformation is concerned? >> They have to be. Think about health care and when they're big ransomware attack hit last year. There's guys on CNN saying, they had to postpone my surgery because ransomware head. I mean that's life-and-death stuff there but I don't think there's any vertical that's immune to what's going on today. So I think you know regardless of your vertical, you have to be prepared, you have to choose the right technology, and choose the right partner to help you implement it. >> If you imagine where Ingram's going to go with this relationship, what kinds of things are you looking to be able to do as a consequence of great strong partnership with Fortinet. >> Look, the way that companies want to consume technology is changing in the space of digital transformation. Once we work with Fortinet and the partner to recommend the right technology and I mentioned this, like how do you want to consume it? Is it public cloud, is it AWS, or Azure? We have an answer for that today is that hey, it's on premise but I need some creative financing to help close this deal to solve a budget constraint. We have an answer for that. There's several variations of that but however that technology wants to be consumed, we have an answer together. So I think that's a testament to the strength of our relationship. >> And I think one of the words that I saw in, at least one of the press releases, was adaptability. Adaptability of some of the technologies and even John Madison was kind of talking about how customers can go, I've got 20-plus security products, how do I start this Fabric? And that word adaptability kind of jumped out at me as how do you enable adaptability when your customers, through the channel, have so many technologies in place and how does Fortinet help that adaptation? >> I would say they're placing bets like we are on top partners that are going to lead with that technology. They've got to go be the experts in that field and really start driving that. Events like this help get everybody on the same page, understand the new offerings. I mentioned Jenna, she was locked in a room all day yesterday all excited about all these things. She's been running around all day but look we've just got to help the channel understand what the new technologies are, what are the new offerings, and hey, how do we go solve that customer problem together. >> So are there any particular new approaches or tactics or techniques that you're using to get the channels to understand better? >> I don't think that there's anything necessarily new. We're all driving towards the same common goal. Having a security conversation today is easier than ever before so you know, I think we're we're going to continue doing what we've been doing. It's been very successful for us but that's, you know. >> What are some of the things, kind of wrapping up here, that you're looking forward to throughout the rest of 2018? We're kind of still in the first quarter calendar, some big announcements from your partner here today. What are some of the things that excite you at Ingram about the year of 2018? >> Look, it's a market that's that's really ripe right now and I think that when you talk about their new technologies, when you talk about the machine learning, there's a lot of these things happening out there. It's just look, we've got a huge market. The potential is unlimited and I think one area where we're really going to drill down this year is down market, down SMB in mid market because they need enterprise grade technology and Fortinet delivers that and has a history of delivering that. So I think we're going to double click down there together this year and John and his team have been great around putting some programs together for us to go and tackle that together. >> Excellent, well we thank you so much Eric for stopping by theCUBE again. >> Yes and I'll bring pizza next time. >> Please do. >> All right. >> Yes and maybe some beverages so we don't have dry throats. >> Of course, yes. >> So we wish you and Ingram the best of luck in this next year and we look forward to talking to you next year, if not sooner. >> Sounds good. Great, thank you. >> We want to thank you for watching theCUBE's continuing coverage of Fortinet Accelerate 2018. For Peter Burris, I'm Lisa Martin, after the short break we'll be right back. (upbeat music)

(upbeat electronic. music) >> Announcer: Live from Las Vegas, it's theCUBE covering VMworld 2017 brought to you by VMware and it's Ecosystem partners. >> Hi, I'm Stu Miniman here with Keith Townsend and you're watching theCUBE's broadcast of VMworld 2017. One of our guests earlier this week called this set the punk rock set and one of my guests here in a preview said that this is going to be the battle of the baldies (laughter) so I'm really happy to bring two leaders of two of the hottest topics being discussed this week, welcoming back to the program Dom Delfino of course representing NSX and Security at NSBU and Lee Caswell from the vSAN Team. Gentlemen, thanks so much for joining us. >> Stu, how are you, buddy? >> I'm doing phenomenal. Dom, are you making network great again, yet? >> It's fantastic again now. We're making network fantastic again. >> Yeah and I expected you to show up a little more bling because we were talking Silicon Valley. Your group is reaching the three commas of a billion dollars. >> Dom: That's right. >> So let's start there, NSE when it was bought a few years back, over a million dollars. SDN was something that we all in the networking world was talking about and things have changed. I don't hear SDN talked at this show, it's real customers, real deployments, pretty good scale. The interconnected fabric if you will for VM's cloud strategy. >> Yep, absolutely. So Stu, these major transformational shifts in the industry take time, right? You know, you're not going to undo what you've done for the last 25, 30 years in a month or a quarter or a year and I think what you saw initially was adoption of NSX or automation of network provisioning. Then what you saw second to that was microsegmentation as a defense in depth strategy for our customers and now you see the multi data center moving into the hybrid cloud. vRNI is a service, NSX is a service, App Defense, layering additional security capabilities on top of that and as our production customers sort of adopted it in the beachhead methodology operationalized it, you see additional follow on adoptions. We've got one customer running 18 data centers on NSX today so this is becoming more and more mainstream and as you look at our approach moving forward in terms of where we are and the software defines us in our journey, how that connects to our strategy for VMC on AWS or VMC on Blue Mix. You saw Agredo Apenzeller yesterday demonstrate crossed into Microsoft Azure. When was the last time you thought you'd see that at VMworld, huh? >> Hey Lee, I got to bring you in here. (laughter) It's funny, I've lived in the storage world. >> I thought this was a storage show. >> And now we're tech people throwing all these acronyms. >> I know, they're so excited. >> And you know because come on, NSX is not simple. Who's the one that's saving customers money so that they can buy all of these? >> NSX is a great value, but vSAN pays for the ride, right? >> Here we go, right? >> They do. We'll happily accept it. >> I mean, we're consolidating storage in a way that basically brings back the magic of consolidation, right? The first time you consolidated, people called it magic because you consolidated servers, bought shared storage and had money left over, right? Now we're doing the same thing again, right, with now storage, right? What's interesting is is this is a huge career path gain for the virtualization administrator. >> Wow, so talking about being disruptive, vSAN. You know, I've got to rib you guys a little bit at the dodge ball tournament benefiting Unoria, the vSAN team lost to the Dell EMC team, so. >> Can you imagine? And did you see how valiant we were? >> Dom: You guys fall hard. >> You fall hard. (laughter) >> You looked like you could have used a little youth on that team, by the way, Lee. >> So a lot of competition, you walked the show floor. >> Lee: Yeah. >> This, we usually call this storage world. I think it's fair to say it's HCI world now. >> Lee: It's amazing, right? >> How is vSAN fitting into the larger ecosystem? >> You know, we announced, Pat said we have over 10,000 customers now, right? And yet VMware has hundreds of thousands of customers right? So we're just getting started here and what you're finding is the two assets to bring to this party are a hypervisor or a server. >> Keith: Right. >> Right, you don't have either one of those, it's going to be very difficult because if you go back and you'll appreciate this, right? You remember a Type 2 hypervisor? >> Yep, vaguely. I almost wrote about it, like wait, they don't even exist anymore, do they? >> Well, Workstation still, right? If you start thinking, right, that was a hypervisor on a guest, right? And so what happened though, as soon as these XI came out, right, integrated the compelling performance advantages, the resource utilization and then the idea that hey, I got a common management through vCenter, right? That's what's playing right now is users are trying to find leverage and scale, how do I do that and that's where we've just seen a massive adoption of ECM. >> Alright, one of the reasons we brought the two of you together though is because while peanut butter and chocolate are great on their own, the cloud foundation. >> Dom: I have the whole sandwich now, Stu. >> Yes, yes, so you know Cloud Foundation, NSX might be the interconnective fabric between all of them. Cloud Foundation is that solution, there's a whole business unit, put that together and drive that, so talk about how you feed that solution, how that changes the way you think about it. >> Probably the most interesting thing and I've only had the vSAN team for six months but I think the most interesting thing for me and vSAN is it scales downmarket very well as well, so we have massive enterprise customers, right, who have large global deployments of vSAN but you can take vSAN, put it on three nodes and see value out of that, right? And I think when you look at, you know, this is the year of cloud reality I'm calling it now, Stu, right? That's what's happened here this weekend at VMworld. When you look at that I think the most fundamental thing the customers are taking out of this week is my private cloud has to be as good as the public cloud offering, okay? Now if you're a Fortune 1,000 customer you certainly have a lot of resources, a lot of talent, a lot of expertise, a lot of history, and potentially a lot of budget to throw at that problem. But if you're a mid-market customer, right? And you look at I need to build a private cloud that's fast and easy, right? Which was the two primary reasons to adopt public cloud, you have a good place to start with Cloud Foundation and I think it's just the beginning so you get vSphere, you get NSX, you get vSAN, and you get SDDC Manager to do life cycle management, certainly you could layer vRealize on top of that for automation, orchestration, provisioning and self service as well and it really allows everybody to start to take advantage of the capabilities that only existed in the major cloud providers before on-prem and their own data center so I think as you look at Cloud Foundation and I'm working very closely with John Gilmartin on this, moving forward, it is going to become the basic foundational element, pun intended, right, for many of the VMware offerings moving forward as we turn into next year, that we'd look at this very closely and we have a lot of plans as that being the base to build off of in terms of how we help our customers get to this private cloud. >> Lee, I need to hear your perspective because some of this Cloud Foundation, there's got to be some differences when you talk about some of the deployment models whether where I'm doing it, how I'm doing it, VMC, the VMware managed cloud I guess on AWS, VMware on AWS something getting a lot of buzz. You know, everybody's digging into to it. What's it do today, what's it going to do in the future? >> Well, you know I thought it was really impressive when Andy Jassy got up and basically said, "We've been faced with a minor choice." Customers want these to be integrated, right? And the second day was Google, right? Talking about how we're taking developer tools, right, and making them common, so that element. Now storage people think that the strategic engagement with the cloud is about data, right? >> Stu: Right. >> Putting a VM in the cloud, I mean that's a credit card transaction, but once you put your first byte of data into the cloud, now you take on sovereignty issues, you think about performance and where you're going to get guaranteed ihovs out of it. You start thinking about how am I going to move that data? It's not fast or free or as anyone who has emailed a video knows, right, so you start thinking that it's the data elements and now what's really powerful and we saw some of this in the demos in general session. Once you have a common data structure, we call it dSAN, right, all the way from the edge into the data center of virtual private cloud then into the public cloud, now I've got the opportunity to have this really flexible fluid system, right? All virtualized, it's so powerful, right? About how I can manage that and we think, it'll be interesting, does the virtualization administrator then become the cloud administrator, right? >> So then, let's expand that one, vSAN everywhere. vSAN in the AWS, vSAN in vCAN, vSAN in my own data center. How do I protect that data? That seems just, is this where NSX comes in? How do I protect that data? >> Can we let Lee talk the security first? >> Where's the security, is the security in vSAN? >> Cause I know Dom >> We'll let Lee go first and then I'll correct him, okay? (laughter) >> Well, I mean you start with a security like encryption on the data, right? I mean one of the things why vSAN's so portable is because there is no hardware dependency. I mean, we're using like all, we support all different servers, there's no proprietary cards or anything, right, to stick in these servers so we can go run that software wherever. Now, we're also then as a result doing software encryption with our latest release on 6.6 software encryption allows us to use common key management partners, right, and so we use those partners including iTrust, Vales, FlowMetric, and others and now you can have key management regardless of where your data resides, so we start there but then what customers say really quickly, right, is if I start moving something, they say, "NSX help me out, right?" >> So I think Lee took to a very critical part of it, the ability to encrypt that data at rest and you know, as it transits, there's really three elements to this, it's the data itself, which we say that 6.6 introduced, right, the ability to encrypt that data, microsegmentation and upcoming DNE to both protect and encrypt that data while it's in flight and now if you look at that App Defense strategy, right, it's to secure that data while it's being processed as well at the host level up at the application layer, so I think Stu this just continues to be a huge challenge for our customers. Particularly with the breeches, we saw what happened with Wannacry, with Pedia, with non-Pedia, the different versions of that, Electric Blue and all. >> Stop, you know, your boss who's on theCUBE on the other set right now said, "As an industry, we have failed you." Pat Gelson gave the keynote, so when we're solving it, you know we're going to have like next year I expect both of you to have this all fixed. >> One of these, you asked like with all the HCI enthusiasts that are out there in many companies, you know, how do we differentiate? Well, part of it is this is not just a drop in a little box, right, someplace, right? This is how do you go and modernize your data center, basically tie into the complete software stack and regardless of the timing in which you're going to go and deploy that, right, if you're going to deploy the full stack today, that's a VMware cloud foundation, awesome, if you want to go start with vSAN, great, and then add in other pieces, or you can start with NSX. In any event, the common management is the piece that we really think is going to go and set us apart, right, as a part of it's an infrastructure play, not just a point component. >> So? >> Hold on I want to let Don finish. >> Stu, I think three years ago if we sat down here and told you you're going to encrypt your software defined storage, in software, no hardware requirements, I probably would have said I was nuts for saying that and you definitely would have said I was nuts for saying that so this is critical and we are hyper-focused on solving this problem and what customers have to recognize is that you have to make some foundational architectural changes in order to fix this problem and if you don't it's not going away, it's only going to get worse. >> So, I took a peep in at FUTURE:NET. First off, VMware does an awesome job of this conference within a conference. >> Isn't it fun? >> It is fun, a little bit over my head at times, which we have to be getting that same reaction from the CIOs that this stuff even when we're taking stuff that we know very well, Vmware or vSphere, starting with that, adding on vSAN, again the conversation, Dom, we can encrypt at both network and compute and storage? That's a little deep, but now we're talking about this crosscloud conversation that FUTURE:NET is most definitely addressing. How is that conversation going with customers? Are they finally starting to get their arms around the complexity of the situation? >> Absolutely Keith, because when you look at our multi-data center functions of NSX that we introduced back in NSX 6.2 at VMworld two years ago, three years ago, I'm getting long in the tooth here, so I can't remember times anymore. Those were the foundational elements for the components of crosscloud today so many customers who started the NSX journey with one use case and one data center and expanded it horizontally and then down through a number of use cases and then across to another data center are already taking advantage of those crosscloud functionalities from private data center to private data center. Now we've just taken them and extended them into Google Cloud, Azure, and AWS as well. So the customers who've been on this journey with us from the beginning have seen this step by step and it doesn't really seem like a big leap to them already. Now obviously if you haven't been on that journey it seems like you know, hey can you guys really do this and yeah, we've been doing it from private data center to private data center, now we're just bringing that capability to public data center and certainly the partnership with Amazon is a tremendous help to that as well. >> Yeah, when customers are buying into these solutions, and I know you like to look at it as a platform, so let's look out a little bit. I want you to talk a little bit about what we should expect from the future, if it makes edge computing kind of IoT is a big one, I have to expect that both of you have a play there, so? >> I guess I'll touch on that in two pieces so you sort of see us extending this up a little bit initially with PKS with pivotal container services, with Kubernetes on BOSH and the ability to do rolling upgrades and NSX is embedded in that solution, right, it's not a built-on offering, it's natively part of that for all the reasons that we talked about earlier and we see a lot of opportunities as it relates to edge computing, right, and I think this is something that, wasn't it file computing like seven years ago, Stu? >> Your former employer was one that was pushing that. >> Dom: Oh okay, yeah what happened to that? >> Yeah I have heard it come back from data center to cloud. >> I'm just needling you Stu, we didn't need to get into that. >> But you know, terminology does matter, but I hear your point. >> So I think A. IoT is the biggest security challenge that we face, right? >> Stu: Yep. >> That's number one. If you think it's bad now it's about to get a lot worse with the wholesale adoption of IoT. I think that when you look at the remote office, the branch office, what's going on with the transition with wide area networking right now, I think there's a tremendous opportunity there. Clearly we have a play where you can provide sort of a branch in a box with our technology but I think there's a lot of things you'll see coming from us in the near term as far as innovation that we can do there to really enhance edge computing as it relates to IoT and certainly our user computing platform with Horizon Air of the Legacy AirWatch venture, is an important part of securing those edge devices as well. >> Lee? >> On the vSAN side, this week we announced the HDI Acceleration Kit and that's basically a way to take advantage of single socket servers, right? And one of the things we're seeing for bandwidth reasons and economics you don't want to have everything centralized so the ability, particularly in an IoT environment, but also in retail or robo, if you've got hundreds of stores there's no way to put a sandbox and a fiber channel switch in separate storage and scale that, right? So what we're doing is we've got a very cost-effective license, right, incredible where you can get with hardware now, you can go and drop in a three node fully configured vSAN plus vSphere for under 25K. Drop it in, now you've got a virtualized environment, unlimited VMs, this sort of thing where we're helping basically bring the accelerating the adoption using HDI of enterprise modern infrastructure outside the data center. >> So last question around customer adoption and again, assessments of this model. The push, I think 816Z said that the edge is going to eat loud computing. Where do you guys see in the real world, the ground, is it a push towards the cloud or is it this combination of doing? >> In my experience, right and this is like an accordion, right, it goes in, it goes out it goes in, it goes out, why? Well it goes in and out based on economics and bandwidth. Right, so you start looking and saying, now until HDI came out, it just wasn't really feasible to put enterprise infrastructure at the edge, right? >> Keith: Right. >> So things were centralized, right? Well now, right, now we start distributing again, right? The cloud is an example of more centralized, right? But I think we're going to see both, right? And you're going to see this what's particularly interesting right now is right, the new advances in media, CPUS, low-latency networks makes it possible to use these I call it the serverization of storage, but really it's a serverization of the modern data center, right, and which by the way is common to how clouds are built. >> But does that mean the overall IT management or complex, as I build it out that control plane. >> I'll give you an example from this morning. I was meeting with one of the largest banks, right? And they were looking at HDI, they've used a lot of stance ORKS in the past and do you know what he asked at the end? "Could you give me the ORK charts of customers "in my scale who are using HDI?" >> Stu: Yeah. >> Because I want to go figure out how I hyper-converge my team. We'll never be fast until we go and get teams that are working more closely together where they start from the VM level and then they look at the network attributes and the storage attributes and the compute attributes. That's going to speed up everything. >> And I think Lee is 100% spot on there and every customer I've talked to this week, you have to make the transition to an infrastructure team, not a network team, a storage team, a security team, you're an infrastructure team, and this is why the app developers have been going around you, right? And this is why you have Shadow IT, it's because they want fast and simple and they don't want to have to deal with four different people, right? They don't want to have to deal with a serialization of a deployment that they're left waiting for the lag for and I think in terms of the edge computing, I think you related it to one of the conversations by Andreessen Horowitz. I think that might differ a little bit in the consumer space and in the enterprise space as well so it may be the case in the consumer space that it erodes some functionality from the cloud, particularly on the IoT side of things as well, driverless cars and things of that nature where it makes sense that if you get disconnected that you still need to have some computing capacity so you don't crash, right Lee? Crashing is not good. But I think the behavioral change, the people change, the mindset change is much more challenging than the technological change. Everything you haven't done before seems complicated until you actually do it, right? >> Alright well, we talked a lot to customers. Actually some of that organizational change is helping them to tackle things like those new architectures. Security is one that is I've been leaving it for too long and now absolutely front of the table. Don Delfino, Lee Caswell, always a pleasure to catch up with both you. >> Always a pleasure. >> Hope it lived up to your expectations that we brought the heat. Keith Townsend, I'm Stu Miniman. You're watching theCUBE, back with lots more coverage here from VMworld 2017. Thank you for watching the CUBE. (light electronic music)

>> [Announcer] Live, from Silicon Valley, it's The Cube Covering Mobile World Congress 2017. Brought to you by Intel. >> [John] Welcome back, everyone. We are here live in Palo Alto, California for a special two days of Mobile World Congress. We're on day two of wall to wall coverage from eight a.m. to six p.m. Really breaking down what's happening in studio and going to our reporters and analysts in the field. We'll have Pete Injerich coming up next and we're going to get on the ground analysis from the current analysis, now with global data. But next we have a segment where, I had a chance this morning early in the morning my time top of the morning Tuesday in Barcelona which was hours ago, I had a chance to speak with Caroline Chan and Dan Rodriguez. I wanted to get their opinion on what's happening and I asked Caroline Chan, "What's the biggest story coming out of Mobile World Congress?" This is what she had to say: >> [Caroline Chan] So last year this time, the people coming in asked a lot of questions about 5G technology. Is it real? Can we really pull it off? You know, 3G, 4G, it's a little bit ho-hum. But this year, I would say when I look around, not just in Apple, everybody else is good. I'm also hoping to, people talk about it as a faithful, I went to a panel last night with Orange, and AT&T, and Telefonica. I think the conversation switched from will there be a 5G to solutions. So, I look around in our booth and next door in Verizon there's a lot of cars, autonomous driving. We had network 5G enable smart city, it's in our homes, It becomes from technology to solution, and then in the last discussion about this iteration of 5G, there was an announcement about the 5G in our loan, Whole bunch of talk about acceleration. It's really becoming how can we quickly get out there. And then the other thing I've read is about AI. How does AI now because 5G becomes an enigma. AI and the cloud, there's all these analytics, so 5G can actually now be able to bring that into the cloud. So AI becomes a buzzword. I just read the SAT CTO Was all NWC live TV at the venue, I talked about AI and 5G transforming the mobile industry, so it really becomes much more of a solution oriented. >> [Dan] No, I can't agree with Caroline more there. Tremendous amount of excitement around 5G as well as network transformation in the show and the two things are really becoming linked. So Caroline mentioned a few of the use cases out there on 5G, so again, lots of autonomous driving, lots of smart home, lots of smart city. I personally had a great time hanging out in our smart home demonstration earlier, but I think the key linkage of all those use cases is that the network needs to become more intelligent, more flexible, and definitely more agile to be able to support this wide variety of use cases. And we're seeing it being really echoed back by not only operators, but a lot of the OES and telecommunication equipment factors, really rallying behind NSE and truly the path to 5G. >> [John] Take a minute, guys, to explain the 5G revolution and why it's not just an evolution from 4G. What's the difference? What is the key enabler of 5G and what is Intel have that's different now than it was before. >> [Caroline] So you imagined 3G is all about getting better voice and also a little bit of SMS, and 4G is a literal 3G on steroids. Now 4G has all these, you can go on the internet and download all kind of things. 5G takes that to the next level. So 2G, 3G, and 4G is about network building for the masses If you think about it it's like a general network. So when you build it and somebody vertical says I want to make this my private network for my enterprise it's a best effort basis, so either too hot or too cold. So what that means is it operates under a wirenut either giving you way too much, unable to recuperate your investments or if it gives you not enough, you wind up with a bad user experience. 5G fundamentally changes this. Why does it change in the standard itself that's undergoing in the 3G PP. As you have a different type of schedule with them, you must predict the different use cases. For example, if you're doing a mission cryptic IOG versus a massive connector IOG, you get a different protocol. You strip out some of the heavy amount of signaling that is typically needed for mission critical for something that's just there like smart city, like traffic light changes, that kind of information you don't need that to generate a whole bunch of bandwidth. So you see something with a different, natively different in the protocol itself so that's a fundamental shift from the mindset that we always had. So that is technology enabled. And the second thing is that the network today, thanks to all the network transformation journey that everybody is on, it's much softer and flexible, it moves away from a single part purse, a belt, power to something that is much more flexible, such that you can enable something like the network driving So a prize for enhanced mobile program for ARPR would be different from something for autonomous driving. So it makes the network fundamentally different, the interface itself is much more flexible for different types of applications, and then not to mention that we have different types of spectrums on the traditional 3 GHz to 6 And now two millimeter waves we open up a whole swathe of the spectrum to allow for a much, much bigger bandwidth and things like camera applications. It really changed the game. >> [Dan] Thanks, Caroline. So I think at a high level, what Caroline was pointing out is that the wide variety of use cases with 5G will stretch and pull the network in all sorts of directions. Essentially, there will be different use cases that require blatant fact network speed, but maximum amounts of bandwidth, but some use cases also require very low latency. So when you think about all the variety of use cases, the best way to truly insure you're meeting the user experience and also delivering the right economic value for the industry is to move to more intelligent and a flexible network. And as Caroline mentioned, it is going to be software-defined. And when you think about some of the products that we're investing in, and the status in our group for networking of course you think about our Intel Xeon processors. These processors can be found in a number of servers around the globe, and customers are using these for a variety of virtual network functions, really everything ranging from the core network to the access network to newer use cases such as virtual TV. In this bit, we did announce some additional products that will be made available later in the year. This is the Atom C3000 series as well as the Xeon D1500 network series. Both of these are SoC, and when you think about 5G, you do think about the mix of centralized and distributed to plan it, and you think about that network edge becoming smarter, so these types of SoCs are very critical because they provide excellent performance density at the right power level so you can have a very intelligent edge of your network. >> [John] Great point. Just to follow up on that, it's interesting, we had a conversation yesterday in The Cube around millimeter waves, CBMA, all the different types of wireless, and I think what's interesting is you have some use cases where you have a lot of density and some cases where you need low latency, but you also have an internet of things. A car, for example, you could say, we were discussing a car is essentially going to become a data center on wheels, where mobility is going to be very important and might not need precise bandwidth per se, but in more mobility in some cases you'll need more bandwidth. And also as an internet of things comes on, whether they're industrial devices that the notion of a phone being provisioned once and then being used is not the same use case as, say, IOT, which you could have anything connected to a network, these devices are going to come on and offline all the time, so there's a real need for dynamic networks. What is Intel's approach here, because this seems to be the conversation that most people are talking about that's happening under the hood, that's the true enabler around bringing out the real mobile edge. >> [Caroline] The couple things that we're doing, number one we use a concept called flex term, flex core which is a server-based platform that works on a variety of technologies applied to it lots of these real time visualizations, dynamic resource sharing and reconfigurations, we're able to support what you just described and provide a flex support team for different types of scenarios. And then the other thing that builds into the 5G support network Splicing allows you to splice up to the pairs of light resources for a variety of cases, Including the coarse part of it, so for example, HP here in this room is demonstrating what looks a server, walks like a server and is a server and it has the RAM, virtual PC, it has orchestration, it has mobile edge computing, it's really become a network in a box. So the fact is the ultimate freedom to support the service providers and enterprises and to apply all the 5G to different scenarios. >> [John] The final question, guys, is market readiness through partners and collaboration. Intel obviously is the leader, Intel Inside who was the main story we've been hearing at Mobile World Congresses end to end, fortunately a great piece with Intel CEO talking about the end to end value in the underlying architecture, it all runs on Intel, it works better, it brings up the notion of market readiness in the ecosystem. What are you guys doing to make the ecosystem robust and vibrant, because Intel can't do it alone, you're going to need partners. Thoughts on how you guys are accelerating it, and really the market readiness for 5G and just timing in your mind when all the fruit comes off the 5G tree, if you will. >> [Caroline] We started with the trials this year, so 2017 we're going to be able, we're working closely with partners, like Ericsson, Nokia, and Cisco and we should be seeing early performance coming up and I really think the wide spread of commercial publicly is more like 2019, 2020 timeframe because of some of the standardization, would you say? >> [Dan] Yeah, so that's a great summary, Caroline. I think the key thing that we're really seeing at Mobile Congress and things that we're investing in, diverse as you mentioned. It definitely takes a village to pull off this network transformation and the movement to 5G, and I think the great thing is about the network size is the network is becoming much more pliable, more software to find, more resilient, more agile, and it's out there to find. You can really invest in many of these innovations we've been discussing today now. So we're seeing a lot of folks start investing in Flex-Core, Network in a Box, mobilized computing, et cetera, so you transform your network now, utilizing network function virtualization, and then you have a sturdy foundation when all the 5G use cases come online in the next years. >> [John] Guys, final question. What power demos are you showing? You guys usually have great demos on the floor, Mobile World Congress, lot of glam, lot of flair at the show. >> [Dan] Great question. We have a number of super demos here, we have a smart and connected home, which showcases all sorts of intel, wireless technology out of the gateway as well as other devices we're showing a smart city, as you know, with 5G, and its lightening fast speeds to pass the lower latencies. It's truly going to change the urban landscape. And we're also showing augmented virtual reality in a few different demonstrations and one definitely caught my eye and I was pretty excited about it. In our Flex Ren demo, we were showcasing augmented virtual reality, actually viewing a skier going downhill and it was pretty exciting. I had a great time, I can't wait to when, in a few years when 5G is out there and I can use augmented virtual reality to watch a number of sporting events ranging from college football to my favorite sport, which is surfing. >> [John] What's next for 5G? How are you guys going to roll this out, what's the big plans post Mobile World Congress? >> [Caroline] Like I mentioned, we have trial plans with our partners through 2017, and then we're also participating in the Winter Olympics showcase, again through our customers. There's activities happening in China now, so I think we can be in a lot of places. You can see us in 5G. >> [John] Winter Olympics, expect to get the downloads and all the video in real time on 4K screens, thank you very much. (laughs) We expect to see some good bandwidth on the Olympics, I'm sure. >> [Dan] Hey thanks, John, this was great. >> [Caroline] Thanks, bye! >> [John] Thank you. Caroline Chan and Dan Rodriguez, from Barcelona, calling in with all the details, I'm John Furrier, we'll be back with more live coverage from the Mobile World Congress after this short break.

>> Narrator: Live from Las Vegas, Nevada, it's The Cube, covering Accelerate 2017. Brought to you by Fortinet. Now, here's your host, Lisa Martin. >> Hi, welcome back to The Cube. We are Silicon Angle's flagship live streaming program, where we go out to the events and we extract the signal from the noise, and we bring it right to you. We are in beautiful Las Vegas with Fortinet. Today, or this week is their Accelerate 2017 event, and we've been excited to be chatting with a lot of their folks and technology partners. Today we are joined by two gentlemen from Fortinet. First, we have John Maddison. You are the Senior Vice President of Products and Solutions. >> Indeed. >> Lisa: Hey John. >> Hi. >> Lisa: Thanks for joining us. We've got Joe Sykora who is the Vice President of America's Channels. >> Thanks Lisa. >> So guys, a lot of exciting stuff going on today. I wanted to give the viewers here who haven't had a chance to meet you guys yet, what you're both doing. John, you have a veteran. You're a veteran of over 20 years experience at telecom >> At least. >> At least 20 in IT infrastructure, security industries, you've lived in Europe and Asia and the U.S. and worked in those. Joe, you oversee quite a big channel of over 7400 America's partners and the entire channel strategy. So you guys are kind of busy. >> A little bit. >> Joe, you're probably pretty proud of this. You were named, in 2015, by CRN as one of the 50 Most Influential Channel Chiefs. >> Yes I was. >> Did you get like a button or hat? >> No, I think it's a t-shirt. >> Oh, t-shirt. >> Absolutely. >> Outstanding, so speaking of t-shirts, I have no segue there, wanted to understand, we've been talking to a lot of your folks today, as I mentioned. We talked to your CEO who was talking about this third generation of security and kind of where we are today with that. And then we talked to Drew, the CFO, who was really talking about the criticalness of trusting data. With the announcement today, maybe John I'll throw this to you, the announcement today of the new products and technologies, how are they going to continue to facilitate or enable your customers, direct or indirect to be able to trust their data? >> Yeah, so we announced the fabric last year. Today, we announced our operating system Fi.6, which is extension of the fabric. We also announced something called intent-based network security, which is the next generation of network security that Ken Xie, our founder, talked about. And then we also announced, the third thing is our new security operations solution, which brings together several products for the infosec world. So I think all of these come together to make sure that we're continuing the effort to make sure our customers are safer, that they can integrate the fabric into their infrastructure and obviously, that's very important to their brand. >> That was going to be one of the things I was going to talk about is are you seeing that you're making a difference in the brand of a customer? We were talking, before we started today, and a lot of you are familiar with some of the the big breaches, I mean, breaches are a common, daily occurrence, but when when they start happening in brands it's the consumers know who aren't in technology becomes a suddenly, can I trust this particular brand where I normally go and buy household products. So it sounds like the announcements today are really next generation leading you guys to continue to be able to deliver, not just that comfort level that your customers need in terms of we can trust our data, but also helping them improve their brand so that their customers trust their brand. >> Exactly and so, you know, the fabric has expanded in that we've expanded it across multiple now attack vectors so what used to be really focused on the core network, we can now cover email, we can now cover the web, endpoint and also, you can see some of our partners around here, we've also expanded our fabric-ready so the fabric here has several APIs, multiple APIs that allow different partners to connect into it. And so, we haven't announced it totally yet but we've got six new partners, some big companies like Cisco and HBE, actually joining our fabric-ready program to be part of the fabric. So we can cover the entire infrastructure of any company. >> Fantastic, so speaking, we'll get to that in a minute but one of the topics that's also come out today, as we've seen the evolution of security from perimeter based security in the 90s to you know, web security, cloud security. Moving towards 2020 and the fact that it's 2017, a little scary, we're pretty close to that and we're seeing this explosion and proliferation of mobile devices, of IOT devices, lot of lack of security there. As we get to that point, one of the other themes that we're hearing a lot about here today is that there is a gap in terms of of resources. What is Fortinet doing to help bridge that gap, that your customers are facing? Where it comes to, specifically, network security programs? >> So one of the programs we launched again, a couple of years ago was the Network Security Expert program, NSE, in 2016, we had over 30,000 certificates issued on NSE. It's probably one of the largest security programs, 'cause one of the big issues for customers and our partners is just the skills gap, cybersecurity. We also, actually, use a lot of those materials and assets and give them to Universities who are starting to do their programs as well. That's really essential for our partners to be trained at the lowest level in terms of the basics, but also, we've had about 40 people take part in our Network Security Eight architecture program. You can see them, these are the pins, actually, we have, which are NSE one to seven, but the NSE eight are the red ones and there's about 40 now of what we call security solution architects, who can go into companies and look at their complete infrastructure and give them an update in terms of security. >> Excellent, so want to touch on the channel, for a moment. Ken talked about the security fabric architecture, you mentioned that it was launched last year. What has been the reaction of the channel? >> Oh, it's been absolutely great. It's about mid-year last year's when we announced that. Embraced by the channel, in fact, CRN named it the security product of the year, for 2016. >> Lisa: Oh, fantastic, congratulations. >> Very proud of that. And that's actually the feedback of the channel partners. It resonates. It's creating new opportunities for our partners. Combine that with the training that John just talked about, I mean, they're armed to really just go out there and help solve all those end user programs, problems. >> Thank you, and sorry for interrupting. What are some of the main pain points that you're hearing through the channel, that customers are experiencing as we start to see big attacks have become more and more prevalent, the Dyn attack recently, DdOS being common types of attacks. As more and more things, like critical infrastructures are becoming plugged into corporate networks, and more mobile and more IOT, what are some of the pain points that your customers are experiencing, and how are they, looking to resolve and mitigate some of the challenges that they have leveraging the security fabric architecture? >> Sure, well attacks are going to happen, right. We know they're going to happen. It's how fast can you react to those attacks. And the fabric actually enarms our partners to just have intelligence on what is actionable and what's not actionable. So we're tryin' to automate that. Some of the future stuff that we're going to be doing later in the year is going to even enable them more. But it's all about simplifying it for our partners to react to what needs to be reacted to. >> Are you seeing, from an industry perspective, we were talking with Derek Menke, excuse me, about healthcare really being at the top of the at risk from an industry perspective. But in the general session today, there was a CSO panel and there was Verizon was there, Levi's was there, as well as Lazard. We saw Telefonica throughout the event today, the Steelers. Are you seeing through the channel, and maybe this is a question for both of you, are you seeing particular industries at more risk coming to you through your customers' needs or is it fairly agnostic from a security perspective? >> Yeah, I think on the channel side, obviously, everyone's at risk, right. So I think it's the value of those of the incidences is really more highlighted. So when Derek talks about healthcare, for example, dealing with people's lives is important along with you health records. So that's much more valuable than say, at the Steelers, not being able to get on the guest wifi. So I think everyone's at risk. All of our channel partners have different verticals that they go after, and it's all the same, it really is. >> Yeah, I would say the risk is pretty broad across every vertical, I mean, yes healthcare, the healthcare records are extremely valuable, but also the financial industry. You've also got industrial controls systems, for example. You've also got retail and so, I think every vertical, every industry is taking security very, very seriously. And back to your previous question about how is the fabric helping partners, I think, previously, they had to kind of stitch together a lot of point solutions themselves. I think with the fabric, it gives them an architecture or a framework. It could be mostly Fortinet gear. It could be Fortinet plus some of their other partners. It helps them put that in place across the entire infrastructure. >> You bring up a good point, John, that that was brought up a number of times today and that is the role of the CSO now being, you know, kind of think, is that guy or girl at the lead of the digital army? But that person is inheriting, we were seeing a couple of different reports, North of 25 different security technology, really kind of a patchwork environment. In that kind of situation, where now security is a board level conversation, how is Fortinet direct, and through the channel, helping that CSO? Is that a key buyer for you that you're helping to figure out, I've got this patchwork here, how do I build it into a fabric or a fabric around it? >> What we've seen, what I've experienced in the last 10 plus years in security is, I'd often go into a room and there'll be the network security people on one side of the table, and the security people on the other side of the table with the CSO and the CIO and I think, that gradually over the last three years, I've seen more cooperation. So now, when we have briefings with customers and partners, you'll see both teams together. You'll see a new role inside customers called the Security Architect, that's looking holistically longer term over the security architecture. And one of our announcements today around the security operations center is to do, just do that, bring together the SOC and the infosec world, together with the network security world. We did a demo today on stage showing that bringing together our Forti SIM, our Forti analyzer with our fabric to bring those two worlds together, because as Joe says, you know, there's a report done by Verizon on the breach report that says, within 60 seconds, you can be compromised. You've got basically 60 seconds to stop that threat and so speed is very important. So giving our partners this ability to bring together a fabric, with Fortinet gear, with our partners' gear, that provides very fast protection is very important. >> Excellent, one of the things, too, that I found interesting today was learning about what FortiGuard Labs is doing. I read over the weekend what Derek Menke's team published, the 2017 predictions. Really quite frightening. And he was on the show earlier and saying, that they're already seeing a number of these things already in play. How much more intelligent malware is getting, and the pervasiveness of the threats there. How are some of the new technologies announced today, maybe enhancing or what FortiLabs is doing from a threat intelligence perspective, is that something that was part of? >> Yeah, that's a really important area. I think the vendor community needs to do better in sharing the threat intelligence. I think, today, it's in pockets, but I think long term, it's absolutely essential that threat intelligence get shared across the whole community because, with some of the new threats coming, the machine to machine threats, the scale and the speed's going to be even more. You saw the Dyn attack last year on Ddos. That's going to be small compared to some things coming up. So I think, longer term, the fabric across the infrastructure, and then the security vendors getting together and sharing that threat intelligence so you've got a bigger view of the attack surface is absolutely essential to stop the new type of threats. >> Exactly, and as that attack surface is growing by the day. So last question, before we wrap up here, give you guys both a chance to answer. At the beginning of your fiscal year, here we are in January, what are you most excited about for the channel in 2017, for example? >> Sure, opportunity, right. For our channel partners, we've got probably one of the strongest channel partners just the overall. We're aligning, realigning with our field teams, so just the resources that all of these partners have. I think the opportunity's great, the market's great, like you said, you open up anything now, and you see, okay, it's been infiltrated, it's been hacked. So I think we're all going to have a really good 2017. >> Fantastic, John, what about you? What are you most excited for? >> I was most excited about this interview, actually, that's what I was looking forward to. >> Wow, fantastic, we'll close there. (laughter). >> No, I think it's obviously, rolling out more of our technology, integrating more of our partners, training more of our partners and helping them with their customers. >> Fantastic, well the buzz and the momentum here and also, the passion for both yourselves and your roles and your peers and your colleagues is really palpable. So I want to thank you both for joining us on the Cube today. >> Thank you. >> And we wish you the best of luck at the rest of the event. >> Thanks Lisa. >> Alright, for John and Joe, I'm Lisa Martin. You've been watching the Cube, but stick around, we'll be right back.

>> Live from Las Vegas, Nevada, it's theCube, covering Accelerate 2017, brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to theCUBE, SiliconANGLE's flagship show, where we go out to the events, and extract the signal from the noise. Today we are in Las Vegas. I'm your host, Lisa Martin, joined by my co-host, Peter Burris. We are with Fortinet at their Accelerate 2017 event, and we're very excited to be joined by one of the keynotes today, Patriche Perche. You are the Senior Executive Vice President of Global Sales and Support. Welcome to theCUBE. >> Thank you. >> You've got a very interesting background. You've got over 20 years of experience in the IT security industry. You manage Fortinet's global sales and support organizations. As the leader of this, you've talked about it this morning in the keynote, where 700 partners are here, and users here as well, Fortinet is in 93 countries. The theme of the event: No Limits. What does that mean to you, what does that mean to your partner, and your channel community? >> Well, definitely this event is critical for us, and for our partners. You can see in the background, there's a lot of people. We have a strong representation across the world. The theme of this event is about the new challenge that we're all facing, due to the digital economy, the rise of the IoT, the rise of the virtualization, the Cloud, whether it is public or private, all those new premise for the digital economy need to be secure, so security becomes a big enabler for the future of the digital economy. Which means, for our partners, and also for customers, security needs to be embraced at a very high level, to be able to evolve their business, so that's really a critical point. We see that the overall network security came, and the cybersecurity, came to an affliction point, where, during the last 15 years, they'd been built by adding, in fact, point solutions, reacting to threats, which led to a very complex environment. We have also another major challenge, which is the skills shortage worldwide, so they cannot choose faith about this new technical challenge, so they have to find a solution where we can automate the protection and the defense, and also build more collaboration between the communities. That's all about the team of No Limits, and also the launch of Security Fabric, which provides strong coverage, so it's very broad, we can cover all aspects, whether it's IoT, virtualization, and, of course network security. It's also fed by cybersecurity regions, because you need to have those information pulled back to the device, to be able to react on time to new threats. This information, it's also very valuable for the business, because they can return on business value, and we know that digital age will be all about data value. I think it's really a very exciting moment for our partners, and we have seen that they're growing from last year. I think we added about, roughly, 16,000 partners worldwide, so we have a big, big number now. I think it's really the time to reduce the complexity, automate, elevate, of course, the knowledge, due to the skills shortage we have, that partners has as well, and be able to enable the next age of the digital economy. >> You had a panel on the General Sessions stage this morning, of CSOs from AT&T, Lazard, and Levi's, and one of the things that that panel was talking about, what you talked about, reducing complexity, is, really, we need to talk about the complexity, right? This is really critical to protect these critical infrastructures. So, from a complexity perspective, Peter, I'd love to get your thoughts on what you've heard today so far, and what Fortinet is doing with the Security Fabric to address that complexity. >> Well, there's a couple of things that I think we need to focus on, relative to complexity, and that is that the business is complex, but then, the individual elements that are intended to make business possible, are themselves, individually, complex. And I think one of the things that Fortinet's trying to do, is say, let's reduce the complexity of the security, so that that does not become a problem or barrier to the business. Because today we have data complexity, and application complexity, and security complexity, and organizational complexity, and financial complexity, and we need to find strategic and targeted ways to reduce the complexity of individual elements of that, so that we can focus more on the complexity of servicing the customer. And I think that that's a key message Fortinet's trying to bring, is, what can we do to reduce security complexity, or networking security complexity, and data security complexity, so that we can liberate more talent to focus on the business opportunities? Is that accurate? >> Yeah, that's definitely the case. We see that, as soon as we were able to reduce this complexity, we will add value to the business. If you look from any large organization on the IT, of course, the responsibility towards cybersecurity is becoming very important on that side, at C-level. And often they try to go down to the people inside, but you cannot blame the people at the level, or whatever, they click to an email where there's an attachment, because they have to do, in fact, anyway. So the complexity and the pressure that are being putting inside the organization, has to be reduced, and that's the purpose of building a system with people, knowledge, data, that can react on real-time. That's really the value of the Security Fabric we develop. >> So, it used to be that, as an ex IT guy, it used to be that the security team was the Office of No. No, you can't do that; no, we won't let you do that. And there used to be this strong trade-off between was the initiative going to be secure, and how long did it take to actually execute? I hear you saying, and I want to just confirm this, is that, now we're working on how we can collapse the time between opportunity and execution, by making security go away as a barrier. Have I got that right? >> Yeah, exactly. I think the behavior of the some of the people in charge of security in the last 10 years was... They have to face new problems, new threats, and then, typically they have both the simple solution, and then... We landed with almost 35 different vendors into the security environment, and they are not talking all together. In fact, that's just increase the complexity. They land into situation where they recognize those don't work anymore, and that's, in fact, increase, potentially, the risk, because there is so much hold on the system. The fact that the knowledge that they had, in fact, is becoming more spread across the entire organization, is also a big evolution in terms of the mentality. >> Let's build on that, Patrice, because today, most of the threats take a long to develop, they're very sophisticated. So, someone will access, or will acquire access, to a particular system, that may not be very valuable, but they'll use that to get access to another system, and they'll use that to get access to another system, and if the business doesn't have a fabric, as you say, that's cognizant, or aware, of how all of these different elements play together, then you are facilitating someone being able to move through... Not detect, as they try to move, and that increases the likelihood that a company has a problem. So, it sounds as though it's increasingly important that you think in terms of a fabric, that is capable of observing how people are getting in here, trying to get in there, and has awareness of how the different security infrastructures actually work together. >> Yeah, definitely, I think one of the critical points about security is knowing. So, you have to know whatever the people, you have to know whatever of kind device, where they are, because we know today that it's not limited to a country. Cybersecurity is about world attack, so we see a lot of attack coming from foreign countries. You have to build a system that can collect those information, react on time, and, I think, the different components, they are working together, because often the threats can come from email attachments. It can be a different approach, or a IPS attack, or DDOS attack. But because those threats are always combined in the system, so you cannot detect at the email, so potentially they will be going through the system, and result in a system that communicates all together, and you don't know that this IP address has been already flagged as potential problems, while the email is going through. It's all about having the system, they are automated, and be able to have this global view. I think this is a very important aspect, because it's not just US-centric attack, and be able to quickly provide the value to the decision maker, because we have also less people on the Security Operations Center, due to the lack of skill, the skills shortage. The information has to go to these people in a very efficient way, and already highlight the importance of the attacks, whatever they are. That's how we can really reduce the time to detect, and reduce the time to act. >> You both mentioned a skills shortage, and that was actually mentioned in the keynote of the general session this morning. Is it the expectation, of Fortinet and your partners, that it has to be technology that's going to solve for that skills shortage? >> Yeah, I think we participate also, to try to resolve part of the skill shortage. We have launched, what we call, the NSE program, which is a certification that we launched, and we had about 60,000, right now, certified engineers in the world. In fact, just last year, we had about 34,000, so it has been growing fast. But we see there is a big requirement about acquiring this knowledge, which is becoming very complex, because every month, you have a new system you attack, so you have to be trained almost ongoing. And the level of the expertise is very high, so it's not like 20 years ago, where a firewall just blocking a system, so, easy to understand, easy for an engineer to understand, like people doing networking management. Security is much more complex. That requires ongoing training and knowledge transfer, to keep the people at the highest level. >> So one of the things, Peter, you and I were talking about, is that the security conversation is a board-level, boardroom conversation. From a partner community perspective, are you seeing, within the partner and the customer base, that there is now an expectation that, we're already compromised, we've got to now limit damage? Is that a broad expectation that most companies and industries have today? >> Yeah, definitely, I think the people... The company recognize that, anyway, they are being attacked, there is an issue. The role of the CSO inside a company is becoming very important. It's a kind of business enabler. It's not just a compliance answer, where before, they was there just to check the box on SOX compliance, or SCADA. So now they have to help the other business unit managers to run the company, and to transform the company to the digital age. >> Yeah, let me build on a couple of points that are being made here very quickly. First off, going back to the question of, is technology crucial? The digital business means that there will be greater demands on the security capabilities of the business. We cannot expect most business people to become smart about security, because this is very technical, hard stuff. We have to, therefore, make that capability more productive, and the only way to do it, is through technology. And that has become... The board is now aware of that, that the board recognizes, most boards recognize, that security in a digital world is a strategic business capability. It's tied to your brand, it's tied to your products, it's tied to the promises you're making to the marketplace. And, to your point, Lisa, they also recognize that they are constantly under attack, that there are intrusions, and the need is to limit those intrusions, by taking a system approach to it. And so, this notion of a platform is really, really crucial to delivering on what the board needs: a set of realistic, strategic security capabilities, that the business can count on. >> Yeah, definitely, and I think, you may have learned this morning, one of our customers, a big financial bank in the US, which implemented, in fact, the fabric, in fact, and it has been able to measure the reduction of internal threats, which was, one of the auditors said, "What's happened? Your system's networking?" In fact, it was the benefit of implementing the fabric. So, definitely, they recognized there is an ongoing problem inside the network, because, as we also say last year, it's no longer just the... You have to protect the perimeter. The threats come from inside, can be from employees. We also, with the fabric, we are able to create, what we call, internal segmentation, so, try to protect the data where they are, as the closest, and then also look about who is accessing to the data, and then flag to the relevant people if there is anomaly, and normal activity around those access of the data. Because as this evolution, the value is all about the data, so we have to protect the data, and that's the challenge of the system, so it's complex. That's also require collaboration. We do collaborate with cert companies, so we exchange. We're also the alliance founder for the cyber threats community. And we also expand our fabric, because we feel that the Security Fabric will be at the heart of the security strategy. And then, because security has to talk about application, about networks, you go inside all the system. So we build this fabric-ready program, and onboard a lot of other vendors, and that's the value for our customers as well, because then we can automate it, the security, and potentially the rules that need to be implemented after an attack, going to, potentially, the network device. So, it's just a team effort. I don't think that, Fortinet by themself, we can resolve the problem. It's combination of knowledge, people, other peers in the industry, and then we can really try to go against the threats that we know. Your life's always a chase. >> So, here we are, last word, giving, Patrice, to you, at Accelerate 2017. Great buzz here, you can hear and see it behind us. 700 partners here, end users. The announcement that came out today, what excites you most about this new year, this 2017, for Fortinet, and being able to help customers truly transform to a digital business, and trust their data? What's most exciting to you? >> Well, I think it's definitely, we all... There is a lot of feedback where we feel that, what we built in the last 16 years, in terms of technology, came through a very strong value proposition today. That's moving so fast, and there is only few vendor, in fact, on this standards, that they can do it; in fact, we feel that we are the only one on the security space. That's the echo I got from both the end user, but as well, the partner, you can see they are growing fast. So, yes, good promise for '17, and as you say as leader, of course we are expecting a great result. >> Excellent, Patrice Perche, thank you so much for joining. Peter, and thank you for joining as well. We thank you for watching theCUBE. We are live at Fortinet's Accelerate 2017, and we'll be right back. (electronic music)