(techno music) >> Narrator: Live from Las Vegas, Nevada. It's the Cube! Covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burress. (techno music ends) >> Hi, welcome back to the Cube, I'm Lisa Martin joined by my co-host Peter Burress And today we are at the beautiful Cosmopolitan in Las Vegas with Fortinet at their 2017 Accelerate event. We're very excited to be joined by the founder, chairman of the board, and CEO of Fortinet, Ken Xie. Ken, welcome to the Cube. >> Ken: Thank you Lisa, thank you Peter. >> It's great to have you here, your keynote was very exciting, but first I kind of want to start back with your background, did some investigating. You have a very impressive background. You started your own, and your first network security company, SIS? S-I-S? Back at Stanford in the 90's. And, then on to NetScreen, and then, just about 17 years ago, you started Fortinet. So, congratulations on that 17th year. A great event, you talked this morning in the keynote, 93 countries, over 700 partners here, there's end-users here as well. The theme of the event, No Limits, What does "No Limits" mean in today's world of information, the proliferation of mobile IOT, etc. What does that mean to you? What does that mean to your partner community, and to your customers? >> Good, thank you. First, network security was probably the only thing I know. That's all the three company, from SIS to NetScreen to Fortinet is all about. You can also see the change in the last 25-30 years in the network security space. From very low priority in IT spending, now become the top 1-2 in priority in IT spending, and a lot of data information all transfer over to internet. And our daily life, and also a lot of business have to come back over to internet. So that's making a, that's a huge opportunity going forward, and what's interesting about security space, really, this constant changing, it never stays still, and you need to keep learning, keep changing, follow the change. So that's where, today, we are now, we started guiding the surge generation, on network security. Interestingly, my two previous companies, one involved in the first generation network security, one involved in the second generation, and how we start getting in the third generation. And it's all about changing from secure, just some system, or some connection, now to secure whole infrastructure. Because what happened in the last 17 years since we started Fortinet, there's a lot of mobile devices now, everybody has, maybe multiple, and there's a lot of data go through the cloud, which not happened before, and a lot of other IOT, everything connected. So how to secure all this data, become an issue. Like, in the past, internet not that popular, you can just secure a few connections good. And now there's data everywhere. So that's where we need to keep in changing, follow the trends, secure the whole infrastructure. >> Can you expand a little bit more, you talked about the security evolution in your keynote this morning, can you expand a little bit more about the third generation of security and what that means for healthcare companies, for financial services, and some of those industries that might be at the greatest risk? >> Okay, let me go back a little bit. The first generation of mail security is very simple, just control the connection. Who can connect, who cannot, right? So that's the firewall that do the job. And then, VPN just encrypt the connection. So, make sure people not tapping the traffic because the data is very simple. There's not a variation of executable, and not a very active content. And then 17 years ago, when we started Fortinet, we see the data get much richer, there's a web data, there's active executionable data, the variance that transfer from the connection no longer floppy drive. So, just the connection no longer enough, you get infected by virus all from permanent connection, which people you know, and the sentinel, same thing, get infected by virus. So, we need to look inside the connection, the content, the application, even the user device behind, that's the second generation, but now there's, even control the connection no longer enough, because the data no longer just for the one connection, the data no longer just sit inside a company, they no longer just sitting inside a server, it's everywhere. On your mobile, in the cloud, in all connections. So, that's where we need to go to the third generation of infrastructure. Especially, you mention, in few applications, like healthcare, finance service, so you can do the banking on your mobile device now, right? You can also check your, whatever, health appointment, or record on your mobile device, which a lot of data oddly in the cloud. It's no longer in hospital, no longer in your company, anymore. So, all this needs to be secure. So that's what changing the whole landscape, just a few connections no longer enough. So you need to look at where the endpoint is, where the access is, where the connection, network still important there, and also, what's the application. Like, healthcare different than finance service different than e-commerce. And then, also the cloud IOT is other end. So it's a quite a big landscape, big architecture, big infrastructure to really pry together now. >> And one of the things I read, Peter, in your recent research is security at the premier? One of the things done back in the 90's, is no longer successful. Can you expand a little bit more upon that? >> Well, it's necessary still, you have to be able to secure, but one of the ways that I would at least generalize one of the things you said, Ken, is that the first generation of security was about securing the device and connection to the device. >> Ken: There's a trial side and trial side. >> Right, exactly. Second generation was securing your perimeter, and now we have to think about security in the data. Because a digital business is represented through its data, and it's not just going to do business with itself, it has to do business with the customers. This is a major challenge. What it means, at least from our, what our research shows, and here's the question, is that increasingly, a digital business, or a company that aspires to do more things digitally, needs to worry about how security travels with its data, how it's going to present itself. In many respects, you know, security becomes part of a company's brand. If you ask Target or anybody who's had a problem the last couple of years, security becomes a crucial element of the brand. So, as you look forward, as we move from security being a something that was, what I used to say is, the office of "no" with an IAT, to now, a feature, a huge business capability that can liberate new opportunities, how is Fortinet having that conversation with businesses about the role that security plays in creating the business opportunities? >> Yeah, that's where we, today we just promoted recorded security fabric, right? So that's where, because the data is, like you said, everywhere, no longer, there is just a trial side and trial side, you just want to make sure the data in the trial side. Now, even if it's in the trial side, like inside the company, there's all different ways you can connect all sides, and the data no longer stays inside company, they go out to the cloud, they go out to your mobile device, you need to bring home. So, that's where we need to look at, and data, like you say, is so important for all the company business there. So we need to see how the data flow, and how this information, how this infrastructure actually handles data, so that's why we need to apply all the security, not just in the network side, also from access part, authentication part, to the endpoint part, to the IOT, to the cloud. So, that's all need to be working together. A lot of times you can see there's one part probably very secure, working well, but then there's other part not communicating with each other, maybe belong to different company, maybe it's totally different part of the device that don't communicate. So, that's where the fabric give you some much broader coverage, make sure different part covers, communicate together, and also the, also make sure they are fast enough. Don't slow down the infrastructure, don't slow down your connect efficiency. And then the third part really, you also need to be automated, handle a lot of threat protection there, because you can like, detect intrusion from your sent box, or from your endpoint, now how to communicate to network device, which they can study how to have all this attack. So, all of this has to be working together, starting at more infrastructure planar. >> So businesses today are looking for companies that can demonstrate that they are rock-solid in that first generation, that connection, that transaction, rock-solid on the perimeter, trading partners want to make sure that your perimeter security is really, really good, you still have to, you be able to have that, but increasingly that you can put in place policies and security elements and capabilities that can move with the data. I'd even say that you're not just securing your data, you're securing your business' value. >> Exactly, because, like you say, the data keeping moving around, and everywhere now. So now we also need to follow the data because all the value's in the data, so you need to follow the data, secure the data, protect the value. >> Yeah, that's what we regard digital business, we say it's essentially the recognition by businesses today, that how they use data differentially creates sustained customers is crucial to their strategy. And you want to be able to say, oh, new way of using data, but then the security professional, through that fabric, needs to be able to say, got it, here's how we're going to secure it, so that it sustains its value and it delivers its value in predictable ways. >> Yes, and knows to protect all this value. >> And one other thing, and this is very important, I know you talk about intent-based security, and we've talked about the notion of plastic infrastructure, that the lag between going after that new opportunity and then being able to validate and verify that you are not sacrificing security is a crucially important test of any security vendor's proposition to its customers today. >> Ken: Yes. >> So how is Fortinet stepping up to be a leader in collapsing that time between good business idea, validated security approach to executing? >> Because right now we talk about infrastructure. In the past it's only a system or there's a platform, which all kind of own kind of since inside box, right? So, now you have multiple box across different infrastructure, and a lot of times, the business intention not quite reflect, because business also keeping changing daily, but you don't see the infrastructure changing that quick. >> Peter: Mm-hmm. >> That's your talk about intended base, elastic base, networking, all these kind of things. So, how to follow the business change, how to have the scalability, and also how to make sure the infrastructure is the best-fit for the data need. So that's where, the same thing for security, and security also follow the infrastructure, so result all these automated, result is intent-based, like if you still have the old infrastructure, and you apply some security there, they may not follow the data efficiently. So that's, both part has to working together. Automated and also make sure they can follow the change. The other part, also, you also need to react very quickly. Somehow, you detect the intrusion from one part of infrastructure, so how to apply that one quickly to the whole infrastructure. That's also important because today there's a business policy, there's a device configuration policy, it's two different language. How to make two different language communicate, translate to each other, quickly react to each other, that's how the intent, how the elastic network has to be working together. >> So, in this age of hyperconnectivity that you talked about, being in this third generation of security, the network conversation, the security conversation are no longer separate. It's critical, to your point, Peter, about data bringing value, it's essential that organizations, like Fortinet, ensure or help enable a business to have that digital trust. With that said, and what you've talked about with the Fortinet security fabric, and why enterprises need that, what's kind of the last things that you'd like to leave us and our viewers with today? >> I'd say that lot of value in the data, and now, because data everywhere, lot in the mobile, in the cloud, and still in the server, and you need to protect the whole infrastructure. Follow the data, protect the data, and fabric's the best solution to do that, right? So you have a much broader coverage, a much powerful compared to system in the power form, and also lot of automated change needed to make sure the fabric adopt to what the data flow is. >> Fantastic. Well, Ken Xie, CEO, founder and chairman of the board for Fortinet, thank you so much for joining us on the Cube today. >> Thank you, Lisa and Peter. >> Best of luck with the rest of the No Limits conference, and we look forward to having more of your colleagues on the show. Peter, thanks for your commentary. >> Peter: Excellent. >> Thank you for watching the Cube, we'll be right back. (techno music)