 Live from Las Vegas, it's theCUBE, covering Fortinet Accelerate 18, brought to you by Fortinet. Welcome back to theCUBE. We are live at Fortinet Accelerate 2018. I'm Lisa Martin with my co-host Peter Burris and we're excited to be joined by Mick Conrad, the VP of Product Management at Ribbon Communications. Mick, welcome to theCUBE. Well, thank you very much and it's great to be here. So tell us about Ribbon, your technology alliance as partner. Tell us about Ribbon Communications and what you guys do with Fortinet. Okay, so a few things. So Ribbon Communications, we basically are a security and cloud company in the voice and video space. So what does that practically mean? That means we sell something called a session border controller, which is a voice and video firewall, into both service providers and into enterprises. So an example would be when you make a mobile call with AT&T or Verizon or Deutsche Tell or whoever your particular service provider is, that voice session becomes an IP packet, winds its way through the network and as it's winding its way through the network, it has to be potentially encrypted, has to be protected, denial of service attacks, all of that stuff, that's what we do. Now, how does that work into what Fortinet does? We are a part of their cloud security fabric and we have the ability with a new product that we're launching or have launched this week or announced this week, it will be actually GA and available in the summer. We will be included in passing information into the security fabric. So we protect voice and video, Fortinet protects data, web, email, everything that they do very well. What we are, what this new product that we call Ribbon Protect is going to be a bridge between the voice and video world of IP communications and the data world that Fortinet works with and we're gonna be passing information and talking between those two worlds and therefore adding an extra layer of security to that. So that's how we work with them. So voice and video have some certain special communications requirements and basically you're bringing the capacity to do voice, video, security and the special requirements associated therein into the Fortinet ecosystem. Yeah, so a great example is right now in most, so let's use an enterprise as an example, right? So let's say you're a big bank, right? You know, somebody along the lines of a bank of American, I'm not saying it's Bank of America or Wells Fargo or say I'm not naming anyone, but just along those lines, big bank. You probably have a SIP trunk, which is an IP trunk and IP packets for communications coming into a data center or multiple data centers around the world and into individual branches of all your retail locations. And those are voice and video packets and your tellers or your contact center agents are picking up the phone and that's all IP audio and video or they might be using a handset. And again, that's all IP to the laptop or to the handset and they're having these conversations. You may want to encrypt those conversations. You definitely want to make sure if a contact center is up and it's doing mortgage calls, it's taking individual check requests for checking account balances that that contact center stays up. In the world of IP, especially in SIP communications, it's very easy to send a denial of service attack against, for example, a contact center and bring that down. So nothing keeps somebody from generating from a single laptop, 20 gigabytes, 30 gigabytes or petabytes worth of calls into a contact center and that will bring down the infrastructure unless you're protecting that infrastructure with a denial of service type of device. Similar, very analogous to what you would see in a DDoS device that, for example, Fortinet sells, on the data side to protect your web servers and your email servers and all the other things except on the voice side. So that's what we do. And now with Ribbon Protect, we're going to be taking all the information that we're gleaning as these ports are being open and closed and as we are getting attacked on the voice and video side, so IP address comes in. We've decided that there's a lot of bad calls coming in from that side of the fence. We blacklist that, right? We will then pass that information over to the data side of the house, right? Through the security fabric, we will pass through and then Fortinet can on their side say, hey, this is now blacklisted also. So any IP, any packets coming from that IP address that are doing something else have nothing to do with the voice and video because it's two separate networks typically will now be protected out of the bank has an added level of security. And Fortinet propagates that, cascades it throughout. Cascades it throughout their entire partner ecosystem, right? So that's what we do, and we have deep visibility into SIP. So one of the things as an example, firewalls are very good at opening and closing ports. And the default for most firewalls is port closed. Problem is with SIP, it's a phone call. Ports are typically closed. Call comes in and it's ringing, you answer. And when you answer, the UDB port has to be open so that a media stream can come through and cut through the call so you can actually have a conversation. Otherwise the packets will get blocked and there will be no conversation. You'll get one way audio or no audio. We have very good visibility into which ports are being assigned the duration of that call, right? So when somebody says, okay, bye, hang up, click and you kill that packet stream, that port will get closed automatically. A lot of firewalls don't do that. They keep the ports open because they don't know at that SIP level that a call is coming through, write this very second for Mick, open the port for three minutes because he's talking to his mom. Oh, conversation's over, close the port because they don't go to that depth of information on the SIP application level. We do because that's our job. And we then pass that information and say, listen, you should be closing this port or opening this port, right? We have a lot of visibility that firewalls just don't have and now as part of the security fabric, we're going to be passing that information onward. So now we're going to have a stronger security perimeter for enterprises as well as service providers that are using the combination of our session border controllers, Ribbon Protect, the new product that's coming out and the Fortinet Panappley of products. So if I'm a CISO at a bank and we were speaking with Fortinet CISO earlier today and kind of talking about the evolution of that, we talked as well, I think with John Madison about the security architect, if I'm a CISO at a bank or a service provider, what is my material value that this technology alliance is going to give to my organization? That's a good question. So there's a couple different aspects of this, right? So let me talk about Ribbon Protect and we frame Ribbon Protect in three different value propositions. One is for telephony fraud or communications fraud. Another one is in cybersecurity threats. And the third one is network visibility. So I'm going to start with network visibility and work my way back up that chain. So there's a value proposition, not necessarily for the CISO, but for the CIO and the people running the communications network and having really good visibility into the communications network and end-to-end view across multiple different disparate items. So let me give you an example. Typical bank will have Cisco, they might have Juniper, they might also have an Avaya system when it comes to communications, they might have an old Nordtel system, they might have some cloud communications from a Vonage or a Fuse or Verizon, right? All these disparate systems all within the one CIO, all under this one CIO, right? And call comes in and nothing works. For some reason it's not routing correctly, the contact center agent doesn't know, isn't getting the calls, you know, have you ever called and you get transferred and you get dropped, right? That's the problem. And then when they try to troubleshoot that, it's very hard because there's so many disparate elements. So the first thing you need is visibility. So from a CIO perspective, this product Ribbon Protect will give you visibility into the network and that will allow you to troubleshoot and bring the network up. Then you go into the next level. So once you have visibility, so you can't provide security until you have visibility into a network. So now that you've got this end to end visibility, now let's talk about security. Two different types of security threats that our customers are seeing when it comes to communications. One is sort of robo-dialing toll fraud, right? And I would even put Denial of Service attacks sort of in there, Denial of Service attacks also go to the next level, which is cybersecurity. But robo-dialing, how many of you are getting calls all the time now? I'm getting on my mobile, literally, I get like three or four a day on my mobile phone from a different random number because they know my area code and they think if they mask it, it's a friend of mine and I'll answer the call, right? That's becoming more and more prevalent. Now think about if you're an enterprise and if you're a CISO and now you're tasked with keeping these employees productive but they're starting to get all these random calls, you're a contact center agent and we've actually had this happen to customers of ours where they picked up the phone and they were getting random garbled noise in the other hand and you're a contact center agent, your job is just sit there and you hear these like weird noises in your earphone, you hang up, next one comes in, weird noises, third one comes in, it's actually a person that is asking about their mortgage, great, that's your job. But then the next one is some where it can bring productivity way down. So there's that one area and then there's toll fraud, which is in the billions of dollars now of costs to both enterprises and service providers where people are doing things like calling Zambia or weird little countries and routing through enterprise networks. So that's another aspect of both that a CISO will be worried about. And lastly and the most important one is the cybersecurity issue. Pack it based on our service attacks across your entire system that can not only take down your web server and your email server, but also your communications, your real-time communications, but also exfiltration of data. So what we've seen is the following. A hacker comes in through the data side and understands the network topology, puts in some malware, but because they're using something from Fortinet or somebody else, they can't do anything with that information, there's no way out. But here's the SIP network, this UC network sitting in the system and it's sort of unguarded because it's not that there's no guards there in place, but the data side, I mean, if you look at everything that Fortinet and others have been putting out, that side of the fence is getting a lot of attention, right? And over the last few years, even more attention as hacks have taken place and PII has been stolen, right? But on the SIP side of the fence, that hasn't really happened as much. And so we believe that's the weakest chain right now will soon be the weakest chain and hackers will use the open ports because if you're just using a firewall, those ports are open, the range of UDP ports to make phone, to put media through is wide open. It has to be, otherwise it won't work. And so they can exfiltrate data through that, right? So they use some other means to find the topology of the network, get in and then they can pass data out through that, right? And it might look like a good media stream like a video call and we've actually seen examples where people have sent video and embedded underneath that data inside the video. And they piggyback it, right? So you're going to see the, so the value to the CISO is, listen, if you're concerned about people finding a different way into your network, you're protected against, or you think you're protected against malware, you're protected against email, you're protected against web server attacks. Well, have you really thought about the UC side? So if I'm a CISO, I should be really worried about securing that side of my fence because I haven't been worried about it for the last three or four years. And there's been an increase in attacks on that, or increasing amount of attacks on that side of the fence, right? And then there's these other values that of Urban Protect that hit other aspects of the IT chain, right? So we believe that there's a sort of three value, core value propositions, two that really affect the CISO, and one that's more of a CIO issue. Well, look, once a port's open, it's open. Correct, yeah. And video envoys do have characteristics that if a device is set up to introspect it and understand it, then it can recognize it. But as you said, your general purpose firewall typically is not looking at that. And you want, you don't want to introduce an entirely distinct and separate management platform and pain if you don't have to. So the CISO gets to see the same pain while the CIO gets to ensure that voice and video happens without being hit. Works, yes. And at the same time that the CISO is getting the pain that they need so they have some visibility into what's going on with it. Exactly, and that's the entire purpose of this product, right? And it meshes, we believe, it meshes nicely with what Fortinet's talking about in that they have their FortiGuard artificial intelligence product that they've been talking about and how it's detecting what's going on in the network and millions of nodes and features and really actually quite sophisticated stuff. I just sat through an entire presentation on it. We are doing the same thing with Ribbon Protect where we have an artificial intelligence layer that would sit inside the company, but it's specifically looking at the communications pathways. What's normal communications? What's abnormal communications? What's normal packet flows on the communication side? And abnormal communication flows. And putting two and two together and doing machine learning, similar analogous things to what they're doing on the data side and on the virus malware detection side is what we're doing on the communication side. And putting, again, putting together our own database. Again, similar to what they have where they have a database and they apply that database of known bad, known good to their, to their, and we're doing the same thing. And then we're going to share that information into the, into the Fortinet fabric. So you're really collaborating and it sounds like complimentary technology. Complimenting. Yeah. The customer benefits from, we've got about a minute left but I'd love for you to share maybe at a super high level an example of a joint Fortinet Ribbon customer that where the CIO and the CISO are being very happy with the technologies that you were delivering. So I can't, I can't name any names, unfortunately, but we are talking with a large service provider right now that is very enamored of Fortinet and uses them extensively on the, on the data side to provide services to their customers. Meaning, so as a service provider, you're providing data and managed services to your enterprise customers, right? And they also use us today to provide voice services to those same, to secure, to secure voice services to the same set of customers. And so now what we're talking about is marrying the two and us sending data to, to Fortinet. And what is getting the service provider very excited is to be able to offer a differentiated service to their enterprise customer base. Something that the other service providers can't because they either aren't using Fortinet and, or aren't using us, right? They need, they need somebody that is using both, right? And this, this particular one is, happens to be using both of us. So we can put Ribbon Protect into their environment, into their network and it'll start sharing the information. And what that will be, allow them to do is market to their customers at a higher level of security and even to the point where they might be able to go out and say things like the most secure voice video system out, you know, in the world today. Yeah, they're bringing, they're expanding the scope of a common security footprint and thereby allowing a new class of services to be provided to whether CISO or CIO. And they view it as a differentiator for themselves. That's exactly what I was thinking. Which is why, you know, so when they're talking to the CISO or the CIO why should you use us versus the other three guys you're probably talking to right now? Well, here's one reason. Oh yeah, there's probably a few others but here's at least one reason. Differentiation, a key fundamental for digital transformation. Well, Mick, Michaela, thank you so much for joining us on theCUBE, you're now a CUBE alumni. Thank you very much, happy to be an alumni. Excellent. We want to thank you for watching theCUBE's continuing coverage of Accelerate 2018. I'm Lisa Martin for my co-host Peter Burris. Stick around, we've got great interviews coming up next.