>> Live from Las Vegas, Nevada, it's theCube, covering Accelerate 2017, brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. >> Hi, welcome back to theCUBE, SiliconANGLE's flagship show, where we go out to the events, and extract the signal from the noise. Today we are in Las Vegas. I'm your host, Lisa Martin, joined by my co-host, Peter Burris. We are with Fortinet at their Accelerate 2017 event, and we're very excited to be joined by one of the keynotes today, Patriche Perche. You are the Senior Executive Vice President of Global Sales and Support. Welcome to theCUBE. >> Thank you. >> You've got a very interesting background. You've got over 20 years of experience in the IT security industry. You manage Fortinet's global sales and support organizations. As the leader of this, you've talked about it this morning in the keynote, where 700 partners are here, and users here as well, Fortinet is in 93 countries. The theme of the event: No Limits. What does that mean to you, what does that mean to your partner, and your channel community? >> Well, definitely this event is critical for us, and for our partners. You can see in the background, there's a lot of people. We have a strong representation across the world. The theme of this event is about the new challenge that we're all facing, due to the digital economy, the rise of the IoT, the rise of the virtualization, the Cloud, whether it is public or private, all those new premise for the digital economy need to be secure, so security becomes a big enabler for the future of the digital economy. Which means, for our partners, and also for customers, security needs to be embraced at a very high level, to be able to evolve their business, so that's really a critical point. We see that the overall network security came, and the cybersecurity, came to an affliction point, where, during the last 15 years, they'd been built by adding, in fact, point solutions, reacting to threats, which led to a very complex environment. We have also another major challenge, which is the skills shortage worldwide, so they cannot choose faith about this new technical challenge, so they have to find a solution where we can automate the protection and the defense, and also build more collaboration between the communities. That's all about the team of No Limits, and also the launch of Security Fabric, which provides strong coverage, so it's very broad, we can cover all aspects, whether it's IoT, virtualization, and, of course network security. It's also fed by cybersecurity regions, because you need to have those information pulled back to the device, to be able to react on time to new threats. This information, it's also very valuable for the business, because they can return on business value, and we know that digital age will be all about data value. I think it's really a very exciting moment for our partners, and we have seen that they're growing from last year. I think we added about, roughly, 16,000 partners worldwide, so we have a big, big number now. I think it's really the time to reduce the complexity, automate, elevate, of course, the knowledge, due to the skills shortage we have, that partners has as well, and be able to enable the next age of the digital economy. >> You had a panel on the General Sessions stage this morning, of CSOs from AT&T, Lazard, and Levi's, and one of the things that that panel was talking about, what you talked about, reducing complexity, is, really, we need to talk about the complexity, right? This is really critical to protect these critical infrastructures. So, from a complexity perspective, Peter, I'd love to get your thoughts on what you've heard today so far, and what Fortinet is doing with the Security Fabric to address that complexity. >> Well, there's a couple of things that I think we need to focus on, relative to complexity, and that is that the business is complex, but then, the individual elements that are intended to make business possible, are themselves, individually, complex. And I think one of the things that Fortinet's trying to do, is say, let's reduce the complexity of the security, so that that does not become a problem or barrier to the business. Because today we have data complexity, and application complexity, and security complexity, and organizational complexity, and financial complexity, and we need to find strategic and targeted ways to reduce the complexity of individual elements of that, so that we can focus more on the complexity of servicing the customer. And I think that that's a key message Fortinet's trying to bring, is, what can we do to reduce security complexity, or networking security complexity, and data security complexity, so that we can liberate more talent to focus on the business opportunities? Is that accurate? >> Yeah, that's definitely the case. We see that, as soon as we were able to reduce this complexity, we will add value to the business. If you look from any large organization on the IT, of course, the responsibility towards cybersecurity is becoming very important on that side, at C-level. And often they try to go down to the people inside, but you cannot blame the people at the level, or whatever, they click to an email where there's an attachment, because they have to do, in fact, anyway. So the complexity and the pressure that are being putting inside the organization, has to be reduced, and that's the purpose of building a system with people, knowledge, data, that can react on real-time. That's really the value of the Security Fabric we develop. >> So, it used to be that, as an ex IT guy, it used to be that the security team was the Office of No. No, you can't do that; no, we won't let you do that. And there used to be this strong trade-off between was the initiative going to be secure, and how long did it take to actually execute? I hear you saying, and I want to just confirm this, is that, now we're working on how we can collapse the time between opportunity and execution, by making security go away as a barrier. Have I got that right? >> Yeah, exactly. I think the behavior of the some of the people in charge of security in the last 10 years was... They have to face new problems, new threats, and then, typically they have both the simple solution, and then... We landed with almost 35 different vendors into the security environment, and they are not talking all together. In fact, that's just increase the complexity. They land into situation where they recognize those don't work anymore, and that's, in fact, increase, potentially, the risk, because there is so much hold on the system. The fact that the knowledge that they had, in fact, is becoming more spread across the entire organization, is also a big evolution in terms of the mentality. >> Let's build on that, Patrice, because today, most of the threats take a long to develop, they're very sophisticated. So, someone will access, or will acquire access, to a particular system, that may not be very valuable, but they'll use that to get access to another system, and they'll use that to get access to another system, and if the business doesn't have a fabric, as you say, that's cognizant, or aware, of how all of these different elements play together, then you are facilitating someone being able to move through... Not detect, as they try to move, and that increases the likelihood that a company has a problem. So, it sounds as though it's increasingly important that you think in terms of a fabric, that is capable of observing how people are getting in here, trying to get in there, and has awareness of how the different security infrastructures actually work together. >> Yeah, definitely, I think one of the critical points about security is knowing. So, you have to know whatever the people, you have to know whatever of kind device, where they are, because we know today that it's not limited to a country. Cybersecurity is about world attack, so we see a lot of attack coming from foreign countries. You have to build a system that can collect those information, react on time, and, I think, the different components, they are working together, because often the threats can come from email attachments. It can be a different approach, or a IPS attack, or DDOS attack. But because those threats are always combined in the system, so you cannot detect at the email, so potentially they will be going through the system, and result in a system that communicates all together, and you don't know that this IP address has been already flagged as potential problems, while the email is going through. It's all about having the system, they are automated, and be able to have this global view. I think this is a very important aspect, because it's not just US-centric attack, and be able to quickly provide the value to the decision maker, because we have also less people on the Security Operations Center, due to the lack of skill, the skills shortage. The information has to go to these people in a very efficient way, and already highlight the importance of the attacks, whatever they are. That's how we can really reduce the time to detect, and reduce the time to act. >> You both mentioned a skills shortage, and that was actually mentioned in the keynote of the general session this morning. Is it the expectation, of Fortinet and your partners, that it has to be technology that's going to solve for that skills shortage? >> Yeah, I think we participate also, to try to resolve part of the skill shortage. We have launched, what we call, the NSE program, which is a certification that we launched, and we had about 60,000, right now, certified engineers in the world. In fact, just last year, we had about 34,000, so it has been growing fast. But we see there is a big requirement about acquiring this knowledge, which is becoming very complex, because every month, you have a new system you attack, so you have to be trained almost ongoing. And the level of the expertise is very high, so it's not like 20 years ago, where a firewall just blocking a system, so, easy to understand, easy for an engineer to understand, like people doing networking management. Security is much more complex. That requires ongoing training and knowledge transfer, to keep the people at the highest level. >> So one of the things, Peter, you and I were talking about, is that the security conversation is a board-level, boardroom conversation. From a partner community perspective, are you seeing, within the partner and the customer base, that there is now an expectation that, we're already compromised, we've got to now limit damage? Is that a broad expectation that most companies and industries have today? >> Yeah, definitely, I think the people... The company recognize that, anyway, they are being attacked, there is an issue. The role of the CSO inside a company is becoming very important. It's a kind of business enabler. It's not just a compliance answer, where before, they was there just to check the box on SOX compliance, or SCADA. So now they have to help the other business unit managers to run the company, and to transform the company to the digital age. >> Yeah, let me build on a couple of points that are being made here very quickly. First off, going back to the question of, is technology crucial? The digital business means that there will be greater demands on the security capabilities of the business. We cannot expect most business people to become smart about security, because this is very technical, hard stuff. We have to, therefore, make that capability more productive, and the only way to do it, is through technology. And that has become... The board is now aware of that, that the board recognizes, most boards recognize, that security in a digital world is a strategic business capability. It's tied to your brand, it's tied to your products, it's tied to the promises you're making to the marketplace. And, to your point, Lisa, they also recognize that they are constantly under attack, that there are intrusions, and the need is to limit those intrusions, by taking a system approach to it. And so, this notion of a platform is really, really crucial to delivering on what the board needs: a set of realistic, strategic security capabilities, that the business can count on. >> Yeah, definitely, and I think, you may have learned this morning, one of our customers, a big financial bank in the US, which implemented, in fact, the fabric, in fact, and it has been able to measure the reduction of internal threats, which was, one of the auditors said, "What's happened? Your system's networking?" In fact, it was the benefit of implementing the fabric. So, definitely, they recognized there is an ongoing problem inside the network, because, as we also say last year, it's no longer just the... You have to protect the perimeter. The threats come from inside, can be from employees. We also, with the fabric, we are able to create, what we call, internal segmentation, so, try to protect the data where they are, as the closest, and then also look about who is accessing to the data, and then flag to the relevant people if there is anomaly, and normal activity around those access of the data. Because as this evolution, the value is all about the data, so we have to protect the data, and that's the challenge of the system, so it's complex. That's also require collaboration. We do collaborate with cert companies, so we exchange. We're also the alliance founder for the cyber threats community. And we also expand our fabric, because we feel that the Security Fabric will be at the heart of the security strategy. And then, because security has to talk about application, about networks, you go inside all the system. So we build this fabric-ready program, and onboard a lot of other vendors, and that's the value for our customers as well, because then we can automate it, the security, and potentially the rules that need to be implemented after an attack, going to, potentially, the network device. So, it's just a team effort. I don't think that, Fortinet by themself, we can resolve the problem. It's combination of knowledge, people, other peers in the industry, and then we can really try to go against the threats that we know. Your life's always a chase. >> So, here we are, last word, giving, Patrice, to you, at Accelerate 2017. Great buzz here, you can hear and see it behind us. 700 partners here, end users. The announcement that came out today, what excites you most about this new year, this 2017, for Fortinet, and being able to help customers truly transform to a digital business, and trust their data? What's most exciting to you? >> Well, I think it's definitely, we all... There is a lot of feedback where we feel that, what we built in the last 16 years, in terms of technology, came through a very strong value proposition today. That's moving so fast, and there is only few vendor, in fact, on this standards, that they can do it; in fact, we feel that we are the only one on the security space. That's the echo I got from both the end user, but as well, the partner, you can see they are growing fast. So, yes, good promise for '17, and as you say as leader, of course we are expecting a great result. >> Excellent, Patrice Perche, thank you so much for joining. Peter, and thank you for joining as well. We thank you for watching theCUBE. We are live at Fortinet's Accelerate 2017, and we'll be right back. (electronic music)

(techno music) >> Narrator: Live from Las Vegas, Nevada. It's the Cube! Covering Accelerate 2017. Brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burress. (techno music ends) >> Hi, welcome back to the Cube, I'm Lisa Martin joined by my co-host Peter Burress And today we are at the beautiful Cosmopolitan in Las Vegas with Fortinet at their 2017 Accelerate event. We're very excited to be joined by the founder, chairman of the board, and CEO of Fortinet, Ken Xie. Ken, welcome to the Cube. >> Ken: Thank you Lisa, thank you Peter. >> It's great to have you here, your keynote was very exciting, but first I kind of want to start back with your background, did some investigating. You have a very impressive background. You started your own, and your first network security company, SIS? S-I-S? Back at Stanford in the 90's. And, then on to NetScreen, and then, just about 17 years ago, you started Fortinet. So, congratulations on that 17th year. A great event, you talked this morning in the keynote, 93 countries, over 700 partners here, there's end-users here as well. The theme of the event, No Limits, What does "No Limits" mean in today's world of information, the proliferation of mobile IOT, etc. What does that mean to you? What does that mean to your partner community, and to your customers? >> Good, thank you. First, network security was probably the only thing I know. That's all the three company, from SIS to NetScreen to Fortinet is all about. You can also see the change in the last 25-30 years in the network security space. From very low priority in IT spending, now become the top 1-2 in priority in IT spending, and a lot of data information all transfer over to internet. And our daily life, and also a lot of business have to come back over to internet. So that's making a, that's a huge opportunity going forward, and what's interesting about security space, really, this constant changing, it never stays still, and you need to keep learning, keep changing, follow the change. So that's where, today, we are now, we started guiding the surge generation, on network security. Interestingly, my two previous companies, one involved in the first generation network security, one involved in the second generation, and how we start getting in the third generation. And it's all about changing from secure, just some system, or some connection, now to secure whole infrastructure. Because what happened in the last 17 years since we started Fortinet, there's a lot of mobile devices now, everybody has, maybe multiple, and there's a lot of data go through the cloud, which not happened before, and a lot of other IOT, everything connected. So how to secure all this data, become an issue. Like, in the past, internet not that popular, you can just secure a few connections good. And now there's data everywhere. So that's where we need to keep in changing, follow the trends, secure the whole infrastructure. >> Can you expand a little bit more, you talked about the security evolution in your keynote this morning, can you expand a little bit more about the third generation of security and what that means for healthcare companies, for financial services, and some of those industries that might be at the greatest risk? >> Okay, let me go back a little bit. The first generation of mail security is very simple, just control the connection. Who can connect, who cannot, right? So that's the firewall that do the job. And then, VPN just encrypt the connection. So, make sure people not tapping the traffic because the data is very simple. There's not a variation of executable, and not a very active content. And then 17 years ago, when we started Fortinet, we see the data get much richer, there's a web data, there's active executionable data, the variance that transfer from the connection no longer floppy drive. So, just the connection no longer enough, you get infected by virus all from permanent connection, which people you know, and the sentinel, same thing, get infected by virus. So, we need to look inside the connection, the content, the application, even the user device behind, that's the second generation, but now there's, even control the connection no longer enough, because the data no longer just for the one connection, the data no longer just sit inside a company, they no longer just sitting inside a server, it's everywhere. On your mobile, in the cloud, in all connections. So, that's where we need to go to the third generation of infrastructure. Especially, you mention, in few applications, like healthcare, finance service, so you can do the banking on your mobile device now, right? You can also check your, whatever, health appointment, or record on your mobile device, which a lot of data oddly in the cloud. It's no longer in hospital, no longer in your company, anymore. So, all this needs to be secure. So that's what changing the whole landscape, just a few connections no longer enough. So you need to look at where the endpoint is, where the access is, where the connection, network still important there, and also, what's the application. Like, healthcare different than finance service different than e-commerce. And then, also the cloud IOT is other end. So it's a quite a big landscape, big architecture, big infrastructure to really pry together now. >> And one of the things I read, Peter, in your recent research is security at the premier? One of the things done back in the 90's, is no longer successful. Can you expand a little bit more upon that? >> Well, it's necessary still, you have to be able to secure, but one of the ways that I would at least generalize one of the things you said, Ken, is that the first generation of security was about securing the device and connection to the device. >> Ken: There's a trial side and trial side. >> Right, exactly. Second generation was securing your perimeter, and now we have to think about security in the data. Because a digital business is represented through its data, and it's not just going to do business with itself, it has to do business with the customers. This is a major challenge. What it means, at least from our, what our research shows, and here's the question, is that increasingly, a digital business, or a company that aspires to do more things digitally, needs to worry about how security travels with its data, how it's going to present itself. In many respects, you know, security becomes part of a company's brand. If you ask Target or anybody who's had a problem the last couple of years, security becomes a crucial element of the brand. So, as you look forward, as we move from security being a something that was, what I used to say is, the office of "no" with an IAT, to now, a feature, a huge business capability that can liberate new opportunities, how is Fortinet having that conversation with businesses about the role that security plays in creating the business opportunities? >> Yeah, that's where we, today we just promoted recorded security fabric, right? So that's where, because the data is, like you said, everywhere, no longer, there is just a trial side and trial side, you just want to make sure the data in the trial side. Now, even if it's in the trial side, like inside the company, there's all different ways you can connect all sides, and the data no longer stays inside company, they go out to the cloud, they go out to your mobile device, you need to bring home. So, that's where we need to look at, and data, like you say, is so important for all the company business there. So we need to see how the data flow, and how this information, how this infrastructure actually handles data, so that's why we need to apply all the security, not just in the network side, also from access part, authentication part, to the endpoint part, to the IOT, to the cloud. So, that's all need to be working together. A lot of times you can see there's one part probably very secure, working well, but then there's other part not communicating with each other, maybe belong to different company, maybe it's totally different part of the device that don't communicate. So, that's where the fabric give you some much broader coverage, make sure different part covers, communicate together, and also the, also make sure they are fast enough. Don't slow down the infrastructure, don't slow down your connect efficiency. And then the third part really, you also need to be automated, handle a lot of threat protection there, because you can like, detect intrusion from your sent box, or from your endpoint, now how to communicate to network device, which they can study how to have all this attack. So, all of this has to be working together, starting at more infrastructure planar. >> So businesses today are looking for companies that can demonstrate that they are rock-solid in that first generation, that connection, that transaction, rock-solid on the perimeter, trading partners want to make sure that your perimeter security is really, really good, you still have to, you be able to have that, but increasingly that you can put in place policies and security elements and capabilities that can move with the data. I'd even say that you're not just securing your data, you're securing your business' value. >> Exactly, because, like you say, the data keeping moving around, and everywhere now. So now we also need to follow the data because all the value's in the data, so you need to follow the data, secure the data, protect the value. >> Yeah, that's what we regard digital business, we say it's essentially the recognition by businesses today, that how they use data differentially creates sustained customers is crucial to their strategy. And you want to be able to say, oh, new way of using data, but then the security professional, through that fabric, needs to be able to say, got it, here's how we're going to secure it, so that it sustains its value and it delivers its value in predictable ways. >> Yes, and knows to protect all this value. >> And one other thing, and this is very important, I know you talk about intent-based security, and we've talked about the notion of plastic infrastructure, that the lag between going after that new opportunity and then being able to validate and verify that you are not sacrificing security is a crucially important test of any security vendor's proposition to its customers today. >> Ken: Yes. >> So how is Fortinet stepping up to be a leader in collapsing that time between good business idea, validated security approach to executing? >> Because right now we talk about infrastructure. In the past it's only a system or there's a platform, which all kind of own kind of since inside box, right? So, now you have multiple box across different infrastructure, and a lot of times, the business intention not quite reflect, because business also keeping changing daily, but you don't see the infrastructure changing that quick. >> Peter: Mm-hmm. >> That's your talk about intended base, elastic base, networking, all these kind of things. So, how to follow the business change, how to have the scalability, and also how to make sure the infrastructure is the best-fit for the data need. So that's where, the same thing for security, and security also follow the infrastructure, so result all these automated, result is intent-based, like if you still have the old infrastructure, and you apply some security there, they may not follow the data efficiently. So that's, both part has to working together. Automated and also make sure they can follow the change. The other part, also, you also need to react very quickly. Somehow, you detect the intrusion from one part of infrastructure, so how to apply that one quickly to the whole infrastructure. That's also important because today there's a business policy, there's a device configuration policy, it's two different language. How to make two different language communicate, translate to each other, quickly react to each other, that's how the intent, how the elastic network has to be working together. >> So, in this age of hyperconnectivity that you talked about, being in this third generation of security, the network conversation, the security conversation are no longer separate. It's critical, to your point, Peter, about data bringing value, it's essential that organizations, like Fortinet, ensure or help enable a business to have that digital trust. With that said, and what you've talked about with the Fortinet security fabric, and why enterprises need that, what's kind of the last things that you'd like to leave us and our viewers with today? >> I'd say that lot of value in the data, and now, because data everywhere, lot in the mobile, in the cloud, and still in the server, and you need to protect the whole infrastructure. Follow the data, protect the data, and fabric's the best solution to do that, right? So you have a much broader coverage, a much powerful compared to system in the power form, and also lot of automated change needed to make sure the fabric adopt to what the data flow is. >> Fantastic. Well, Ken Xie, CEO, founder and chairman of the board for Fortinet, thank you so much for joining us on the Cube today. >> Thank you, Lisa and Peter. >> Best of luck with the rest of the No Limits conference, and we look forward to having more of your colleagues on the show. Peter, thanks for your commentary. >> Peter: Excellent. >> Thank you for watching the Cube, we'll be right back. (techno music)