(ethereal music) >> Welcome to the special Cube Conversation. I'm John Furrier, your host of "The Cube" here in Palo Alto, California. We've got two great remote guests here having a conversation around security, security convergence with platforms around networking and security with cybersecurity at an all time high, the need for understanding how to manage the breaches how to understand them, prevent them, everything in between cybersecurity and data are the number one conversation happening in the world today. We got two great guests, we've got Nirav Shah, VP of products at Fortinet and Peter Newton's senior director of products at Fortinet. The product leaders in the hottest cybersecurity company. And guys, thanks for coming on this Cube Conversation. >> Thanks for having us. >> Thank you, John. >> So last month or so I talked to John Madison about the Fortinet new release, FortiOS 7.0, as well as highlighting the convergence that's going on between the platforms around companies trying to consolidate and or manage or grow and build, converting networking and security together. Seeing that happening in real time, still doesn't change the underpinnings of how the internet works, and how these companies are structured. But the need for security is at an all time high. Talk about the impact to the customer. Do you guys have the keys to the kingdom here, product group? What is the killer product? What are customers doing? Give us the overview of why there's such a big need for the security platforms right now. >> Yeah, absolutely John. So if you see today's environment, we have seen working from anywhere it's become normal. And as part of that, we have seen so many different network edges. At the same time, they have different devices that they're using from anywhere. So what's important is as users have different devices, different users and applications that they're consuming from Cloud, we have to make sure that we provide security across the endpoint, across all network edges, and going to the Cloud compute. And for that kind of approach, you cannot have point products provide the visibility control and management. You need to have a comprehensive cybersecurity platform, which gives you security from that endpoint, to the edge, to the user, so that you have a simple but effective management and have a solid security in place to get that working from anywhere in a much more better user experience way. And that's exactly Fortinet describes as the security fabric platform. >> It's interesting not to kind of go on a tangent here, but to illustrate the point is, if you look at all the cyber security challenges that we're facing globally, especially here in the United States, the public private partnerships are increasing. We're seeing more public sector, commercial integration, the role of data. We've covered this on SiliconANGLE and many other cube interviews, especially with you guys. And there's all this kind of new approaches. Everyone's trying everything. They're buying every product that's out there, but now there's like overload. There's too much product. And that the obvious thing that's becoming clear, as cloud-scale, the evolution of this new edge environment. And so with that becomes the importance two trends that you guys are participating in. I want to get your thoughts on this because that's called SASE and SD-WAN. We know SD-WAN, but SASE stands for Secure Access Service Edge. That's I think Gartner made that term up or someone made that term up, but that's a new technology. And you've got SD-WAN, these are traditionally had been like edge for like branch offices. Now evolve now as pure network edges than a distributed computing environment. What's so important about these two topics. Nirav take us through the changes that are happening and why it's important for enterprises to get a handle on this >> Yeah John. So, as you said, SASE, Secured Access Services Edge. Really the foundation of that topic is the convergence of networking and security. And as you mentioned, Fortinet has been doing a lot of innovation in this area, right? Six years back, we pioneered the convergence of security and networking with security SD-WAN but what's happening now with the SASE is, as that working from anywhere continues to remain the dominant trend, users are looking for a Cloud-Delivered Security. And that's what Fortinet recently announced, where we can provide the most comprehensive Cloud-Delivered Security for remote users. For thin edge. You can still, anytime access from any device. To give you an example, now, our remote users, they are still at home or they can be branch of one user, but still have that always on threat protection with the consistent security given in the Cloud. So they don't have to go anymore from the branch or data center, but have a direct connectivity to the Cloud Security before they access SaaS application. That's what one of the SASE trend is. Second thing, John we are observing is users are now, as they are going back to the hybrid workforce, they are looking for a thin edge right? To your point of an edge, edge is still intelligent and a very important but there is an interesting architectural shift of, can I just use an intelligent networking there move my CapEx to OPEX and have security in Cloud? That unified security, unified policy is again becoming important. That's what SASE-- >> Okay, so I like this Cloud-Delivered Security. This is a hybrid workforce you're addressing with this marketplace, that's clear. Hybrid is a everywhere, hybrid cloud, hybrid workforce, hybrid events are coming. I mean, we love covering events physically but also now virtual. Everything's impacted by the word hybrid and Cloud. But talk about this thin edge. What do you mean by that? I mean I think thin edge, I think thin clients, the old trend. What is thin edge mean? >> Yeah, so there're different organizations are looking at the architecture in a different way. Some organizations are thinking about having a very simple branch where it is used for modern networking technologies, while security has been shifted to the Cloud deliver. What happens with this model is, now they are relying more into technologies like SD-WAN on edge to provide that intelligence steering, while everything in the security is being done in a Cloud compute way for both remote users and thin edge environment. Now the good news here is, they don't have to worry about the security patching, or any of those security capabilities. It is all done by Fortinet as they go and use the SaaS applications performance >> I want to come back and drill down on that but I want to get Peter in here in the Zero Trust equation because one of the things that comes up all the time with this edge discussion is network access. I mean, you go back to the old days of computing, you had edge log in, you'd come in, radius servers, all these things were happening, pretty simple cut paradigm. It's gotten so complicated now, Peter. So Zero Trust is a hot area. It's not only one of the things but it's a super important, what is Zero Trust these days? >> Zero Trust is indeed a very hot term because I think part of it is just it sounds great from a security standpoint, Zero Trust, you don't trust anyone, but it really comes down to a philosophical approach of how do you address the user's data applications that you want to protect? And the idea of Zero Trust and really what's driving it is the fact that as we've been talking, people are working remotely. The perimeter of the organization has dissolved. And so you no longer can afford to have a trusted internal zone and an untrusted external zone. Everything has to be "Zero Trust." So this means that you need to be authenticating and verifying users and devices on a repeat and regular basis, and you want to when you're bringing them on and giving them access to assets and applications, you want to do that with as granular of control as possible. So the users and devices have access to what they need, but no more. And that's kind of the basic tenets of Zero Trust. And that's what, it's really about prioritizing the applications and data, as opposed to just looking at, am I bringing someone into my network. >> God, the concept of Zero Trust, obviously hot. What's the difference between Zero Trust Access and Zero Trust Network Access, or as people say ZTA versus ZTNA? I mean, is there a nuance there? I mean, what's the difference between the two? >> That's actually a really good question because they both have the Zero Trust in the name. ZTNA is actually a specific term that a Gardner created or other analyst I should say, created 10 years ago. And this refers specifically to controlling application to controlling access to applications. whereas Zero Trust, overall Zero Trust access deals with both users and devices coming on to networks, how are you connecting them on? What kind of access are you giving them on the network? ZTNA is specifically how are you bringing users and connecting them to applications? Whether those applications are on premise or in the Cloud. >> So what the NA is more like the traditional old VPN model connecting users from home or whatever. Just connecting across the network with user to app. Is that right? >> That's actually a really good insight, but ironically the VPN clinical benefits of this are actually an outgrowth of the ZTNA model because ZTA doesn't differentiate between when you're on network or off network. It creates a secure tunnel automatically no matter where the user is, but VPN is all just about creating a secure tunnel when you're remote. ZTNA just does that automatically. So it's a lot easier, a lot simpler. You get a hundred percent compliance and then you also have that same secure tunnel even when you're "on a safe network" because with Zero Trust, you don't trust anything. So yes it really is leading to the evolution of VPN connectivity. >> So Nirav I want to get back to you on tie that circle back to what we were talking about around hybrid. So everyone says everything's moving to the Cloud. That's what people think. And Cloud ops is essentially what hybrid is. So connect the dots here between the zero trust, zero trust A and NA with the move to the hybrid cloud model. How does that, how does it, what's the difference between the two? Where's the connection? What's the relevance for your customers and the marketplace? >> Yeah, I think that again goes back to that SASE framework where ZTNA plays a huge role because John, we talked about when users are working from anywhere in this hybrid workforce, one of the important thing is to not give them this implicit trust right? To the applications, enabling the explicit trust is very important. And that is what ZTNA does. And the interesting thing about Fortinet is we provide all of this part of FortiOS and users can deploy anywhere. So as they are going to the Cloud-Delivered Security, they can enable ZTNA there so that we make sure this user at what time, which application they're accessing and should we give them that access or not. So great way to have ZTNA, SASE, everything in one unified policy and provide that anytime access for any device with a trusting place. >> Okay, real quick question to you is, what's the difference between SASE, Secure Access Service Edge, and SD-WAN? Real quick. >> Yeah, so SD-WAN is one of the core foundation element of SASE, right? So far we talked about the Cloud-Delivered Security, which is all important part of the security of the service. SASE is another element, which is a networking and a service where SD-WAN plays a foundation role. And John that's where I was saying earlier that the intelligent edge modern technology that SD-WAN provides is absolutely necessary for a successful SASE deployment, right? If users who are sitting anywhere, if they can't get the right application steering, before they provide the Cloud-Delivered Security, then they are not going to get the user experience. So having the right SD-WAN foundation in that edge, working in tandem with the Cloud-Delivered Security makes a win-win situation for both networking and security teams. >> So Peter, I want to talk to you. Last night I was on a chat on the Clubhouse app with some cybersecurity folks and they don't talk in terms of "I got ZTNA and I got some SASE and SD-WEN, they're talking mostly about just holistically their environment. So could you just clarify the difference 'cause this can be confusing between Zero Trust Network Access ZTNA versus SASE because it's kind of the same thing, but I know it's nuance, but, is there a difference there? People get confused by this when I hear people talking 'cause like they just throw jargon around and they say, "Oh, with Zero Trust we're good. What does that even mean? >> Yeah, we get a lot of that when talking with customers because the two technologies are so complimentary and similar, they're both dealing with security for remote workers. However sassy is really dealing with that kind of firewall in the Cloud type service, where the remote user gets the experience and protection of being behind a firewall, ZTNA is about controlling the application and giving them that secure tunnel to the application. So they're different things one's kind of that firewall and service, security and service, even networking in a service. But ZTNA is really about, how do I have the policies no matter where our user is, to give them access to specific applications and then give them a secure tunnel to that application? So very complimentary, but again, they are separate things. >> What's the landscape out there with competitive because has there products, I mean you guys are product folks. You'll get the product question. Is it all kind of in one thing, is this bundled in? Do you guys have a unique solution? Some people have it, they don't. What's the marketplace look like from a product standpoint? >> Yeah. So John, that starts back to the platform that we talked about, right? Fortinet always believes in not to develop a point product, but doing organic development which is part of a broader platform. So when we look at the thing like SASE, which required a really enterprise grade networking and security stack, Fortinet has organically developed them SD-WAN, we are a leading vendor, for the Gartner magic quadrant leader there, network firewall, including whether they deployed on Cloud, on-prem or a segmentation. We are a leader there. So when you combine both of them and ZTNA is part of it, there is only handful of vendor you will see in the industry who can provide the consistent security, networking, and security together and have that better user experience for the single management. So clearly there's a lot of buzz John, about a lot of vendors talk about it. But when you go to the details and see this kind of unified policy of networking and security, Fortinet is emerging as a leader. >> Well I always like talking the experts like you guys on this topic. And we get into the conversations around the importance under the hood. SASE, SD-WEN, we've been covering that for a long time. And now with Zero Trust becoming such a prominent architectural feature in Cloud and hybrid, super important under the hood. At the end of the day though, I got to ask the customers question, which is, "what's in it for me? "I care about breaches. "I don't want to be breached. "The government's not helping me over the top. "I got to defend myself. "I have to put resources in place, it's expensive, "and nevermind if I get breached." The criticality of that alone, is a risk management discussion. These are huge table. These are huge stakes and the stakes are high. So what I care about is are you going to stop the breaches? I need the best security in town. What do you say to that? >> Yeah this goes back to the beginning. We talked about consistent certified security, right John. So yes a SASE model is interesting. Customers are going to move to Cloud, but it's going to be a journey. Customers are not going Cloud first day one. They are going to take a hybrid approach where security is required in a segment, in an edge and on the Cloud. And that's where having a solid security in place is a number one requirement. And when you look at the history of Fortinet, over the last 20 years, how we have done, with our FortiGuard Labs, our threat intelligence and ability for us to protect over 450,000 customers, that's a big achievement. And for us to continue to provide that security but more importantly, continue to go out, and do a third-party certification with many organization to make sure no matter where customers are deploying security, it is that same enterprise grade security deployment. And that's very important that we talk to our users to make sure they validate that. >> Peter would weigh in on this. Customers don't want any breaches. How do you help them with the best security? What's your take on that? >> Well, to kind of reiterate what Nirav said earlier, we really believe that security is a team sport. And you do need best in class products at each individual element, but more importantly you need those products we talking together. So the fact that we have industry leading firewalls, the fact that we have industry-leading SD-WAN, we've got industry leading products to cover the entire gamut of the end point all the way email application, Cloud, all these products while it's important that they're, third-party validated as Nirav was mentioning, it's more important that they actually talk together. They're integrated and provide automated actions. Today's cyber security moves so fast. You need that team approach to be able to protect and stop those breaches. >> Well, you guys have a great enterprise grade solution. I got to say, I've been covering you guys for many years now and you guys have been upfront, out front on the data aspect of it with FortiGuards. And I think people are starting to realize now that data is the key, value proposition is not a secret anymore. Used to be kind of known for the people inside the ropes. So congratulations. I do know that there's a lot action happening. I want to give you guys a chance to at the end of this conversation now to just put a plug in Fortinet because there's more people coming into the workforce now. Post pandemic, young people with computer science degrees and other degrees that want to go into career with cybersecurity, could you guys share both your perspective on for the young people watching or people re-skilling, what opportunities there are from a coding standpoint, and or from say an analyst perspective. What are some of the hot openings? 'cause there are thousands and thousands of jobs give a quick plug for Fortinet and what openings you guys might have. >> Well, certainly in the cyber industry, one of the major trends we have is a work place shortage. There are not enough trained professionals who know about cybersecurity. So for those who are interested in retooling or starting their career, cybersecurity is an ongoing field. It's going to be around for a long time. I highly encourage those interested, come take a look at Fortinet. We offer free training. So you can start from knowing nothing to becoming certified up to a security architect level, and all those, all that training is now available for free. So it's a great time to star, great time to come into the industry. The industry needs you >> Any particularly areas, Peter you see that's like really jumping off the page. >> Well, it's hybrid, knowing Cloud, knowing on-prem, knowing the traffic, knowing the data on the applications, there's just so much to do. >> You're the head of product, you've got all, probably a ton of openings but seriously young people trying to figure out where to jump in, what are the hot areas? Where can people dig in and get retrained and or find their career? >> Yeah, no, I think to reiterate what Peter said, right? The program that Fortinet has built, LSE one, two, three which is free available, is a great foundation. Because that actually goes into the detail of many topics we touched upon. Even though we are talking about SD-WAN, SASE, ZTNA, fundamentally these are the networking and security technologies to make sure users are able to do the right work in the user experience. And that will be really helpful to the young people who are looking to learn more and go into this area. So highly encouraged to take those training, reach out to us. We are there to provide any mentorship, anything that is required to help them in that journey. >> Anything jump off the page in terms of areas that you think are super hot, that are in need. >> Certainly there's convergence of networking and security. There is a growing need of how and what is Zero Trust is? and how the security is applied everywhere. Definitely that's a topic of mine for a lot of our customers, and that's an area, it's a good thing to gain more knowledge and utilize it. >> Nirav and Peter, thank you for coming on. You guys are both experts and the leaders at Fortinet, the product team. The need for security platform is an all time high consolidating tools into a platform. More tools are needed and there's new tools coming. So I'm expecting to have more great conversations as the world evolves. Certainly the edge is super important. Thanks for coming on, appreciate it. >> Thanks for having us. >> Okay, Cube Conversation on security here in the Palo Alto studios. I'm John furrier. Thanks for watching. (ethereal music)