 from the Sands Convention Center, Las Vegas, Nevada. Extracting the signal from the noise. It's theCUBE, covering AWS re-invent 2015. Now your host, John Furrier and Brian Grazley. Okay, welcome back everyone. We are here live in Las Vegas for AWS re-invent. This is Silicon Angles theCUBE, our flagship program. We go out to the events and extract the signal noise. I'm John Furrier, my co-host, Brian Grazley. Our next guest is Steven Powell, GM, security business at Briar-Cuda Networks. Welcome to theCUBE, great to see you. Yeah, great to see you, John, great to see you, Brian. Thank you. Briar-Cuda, one of my favorite companies at Silicon Valley, again, self-funded, great founders, great management team, great business, open source ethos from day one, making the spam firewalls, and then just grew, grew, grew, and grew. He took some funding, went public, B.J. Jenkins, CEO, former EMC-er. Just great, great success, congratulations. Thank you so much. And so you've been in the protection business, the spam firewall originally, again, back to the roots to now, fully comprehensive suite. Cloud is on the doorstep. What's next, what's happening with Briar-Cuda? Obviously, you guys are well-positioned. Give us an update on what's going on with Briar-Cuda and the Cloud and on-prem. Absolutely, so I think a big component for us has definitely been the Cloud. We're definitely seeing the markets shift. Really, as we look here at AWS re-invent, it's really been about how we protect public Clouds. We're also participating in some other areas. We're delivering a lot of our security and data protection services via the Cloud, and we're also even helping organizations better assess their use of Cloud applications. But to hear it re-invent, it's really been around public Cloud protection use cases. So, and what are those? Sure, so we really see three. The first is really around protection against threats. Our biggest seller right now in AWS is our web application Firewall. And so, it's really about organizations that are looking to protect themselves from a common category of threats at a basic level, things like SQL injections and cross-site scripting attacks. As you get into even more advanced types of attacks like layer seven distributed denial of service, as you look at session poisoning, as you look at overall web reconnaissance, cross-site request forgery, so that's certainly been a big element. And we've brought our web application Firewalls that we originally developed for on-premises networks and later for virtual networks into the public Cloud. And so you can utilize the same policy-based security frameworks, whether you're really looking at physical networks, virtual networks or Cloud. So, and the same thing is applied to our next generation Firewalls where people are doing that same thing at the packet level that they were doing at the session level. Like IPS in the Cloud. The framework allows you to tune policy depending among the environment. Is that what it basically does? You find that independent of the environment, that a lot of these threats are really the same. And so that's why there's a strong desire to make more common the policy across those frameworks. And so we provide the ability to provide centralized policy management for your web application security no matter what your deployment model is. And so, certainly as organizations have been looking to lift and shift existing applications to the Cloud. You know, this doesn't all happen at once. I think the CIO for GE came up today and talked about having 9,000 applications of which 4,000 are going to stay on-premises even three years from now. And so there's this need to provide a centralized management framework no matter where your apps are living. So that's certainly one use case there. Yeah, I mean, we've been talking for, gosh, probably the last couple of quarters we've been talking about hybrid cloud. We're obviously here. Amazon's growing like crazy. They just got into the WAF market this week. That's right. How important is it when you really look at the thing, if you're here, Andy, Jesse wants you to believe that everything's going to move into the cloud at some point, you're obviously seeing a mix of that. How important is it to have security that can kind of go anywhere? It can go on-prem, it can go into virtual environments, it can go into the cloud. Like how important is that to your customers that they've got that flexibility? You know, well, I think that one of the things that happens in our customers. So the Barracuda customer tends to be the IT guy who wears lots and lots of hats. Often those guys are in 100 to 5,000 person organizations, but it's not limited to that. We find in, for example, in government institutions or in education, very, very similar IT profiles even though there are lots more users. And so what we tend to see in our customer base is a limited ability to manage multiple projects all at the same time. There's just a limited ability to do that. So we do see that it is a journey. It's not an immediate transformation, it's really a journey. And so we see the importance there. And in fact, a lot of the use cases, the second use case that we could really talk about beyond the threat protection, really at the perimeter and that common management has been about how we provide that hybrid connectivity back to data centers. So obviously for the enterprise customer, Amazon has Direct Connect where you actually bring Direct Connection from the Amazon Cloud into your data center. However, for most customers, that's a real tough thing to do. And while Amazon provides base VPN capabilities, often what we're seeing about these new cloud applications is that you're not being constrained by the cloud. You're actually being constrained by the far end. So let's say you're the manufacturing factory floor and you've got devices that are constantly sending up data to your ERP system. Well, guess what? You may have chosen to move that ERP system up to the cloud but your manufacturing systems are not in the cloud. Those are on premises. And so, but what you have is the manufacturing plant manager who's browsing the web as well. And so what you don't want is the manufacturing plant manager watching YouTube to mess up your delivery of your data to your cloud. And that's actually where you require traffic prioritization and adaptive routing at the far end. And that's what we use our next generation firewall platform for. How do you guys mix and match security schemes around the different use cases? Because that's a great argument for having that firewall product. That's right. In the Direct Connect you could go either around the internet with the IIX or VPN through the internet. But then you got security as a service. We just talked about alert logic. You're doing pretty good as security as a service. Is there going to be a blended model in security and how do you guys fit in that multi-vendor security world? Yeah, well I think that really it's based on your business. You know, as I mentioned, you can't move your manufacturing floor into the cloud. And so that forces the premises. That forces a hybrid security model. And it forces you to actually look at different scenarios but there are also opportunities. So it's a good example. In that manufacturing floor example, what businesses used to do is peg very expensive MPLS lines between that factory floor and their data center where they were hosting that ERP application. So, the internet- Yeah, they had the provision of circuit, they had to manage it, go into it. Exactly, exactly. So it turns out that the internet access from the manufacturing floor manager who was browsing the web never conflicted with it because it was separate. But now that we're talking about the cloud and we're talking about the internet, well now you can just provide lots of commodity internet to the manufacturing floor. And what's most important is that within your lines or across your lines, you have the ability to adaptively route and prioritize your traffic. And that, so it's really the business situation that actually forces things to happen. How do you protect that packet on the internet? Because that packet could be spoofed, you know, between destination and end points. Well, what's interesting is that that's what encrypted VPN tunnels are for. So, you know, encryption actually allows you to prevent that traffic from being man in the middle or spoofed because once the encryption keys are shared, you can ensure the integrity of the traffic. And that is actually what people tend to use our products for, which is not only to provide that adaptive routing, but to be able to provide that adaptive routing and traffic prioritization over a secure encrypted VPN connection. So, key use case of hybrid cloud. A lot of people know you guys. I've seen your advertisements and airports for years. I've heard you on radio commercials. We had some of the VCs here this morning saying, you know, the model in the cloud is less about selling to customers, it's more about them buying, they're consuming it differently. How do you guys have to change? I mean, people, you know, you go from sort of hardware as an offering or centric, you know, talk, reaching the customers different. Like what's changing as all this stuff changes with the cloud for you guys? Well, what's really, really interesting for us is that a lot of people think that we did hardware because we were hardware guys. And while some of us were hardware guys, that's not why we did it. We did it because what we saw was this incredible consulting industry around software integration. And what that did is that slowed down the customer's time to value. And so back when we started the company in the early 2000s, it was really about appliances being the way to speed time to value. But it turns out in the era of virtualization, virtual appliances offer you a faster time to value than hardware appliance does. And that's why so much of Barracuda's business actually shifted from shipping virtual or from shipping physical boxes to shipping virtual appliances that run on, you know, VMware, Hyper-V, Citrix, and so forth. And give you guys so much more range and product. Why are you even- And the cloud is even faster. Well, the perimeter's not secure anymore. It's perimeter less. That works for your model. It does, it does. And so what we're seeing is that the cloud actually allows us to really increase the velocity of our business. So you look at something like AWS marketplace and literally within seconds, you are adding security into your virtual network. It's incredible. Well, Steve, we really appreciate you taking the time to come on theCUBE and congratulate you on your success. Final question for you is, what's the size of your business with Amazon growing? What's the shape of it? What's it feel like? What's the anecdotal description of how you guys do with Amazon? Yeah, so what's really interesting for us in Amazon is that it's extended our reach quite a bit. Barracuda has traditionally been known for selling to bid market customers and we're continuing to do that in AWS. One of the things that's been amazing, and Andy Giasi talked about this in his presentation, was really giving the developers freedom. Well, it turns out that developers often within large organizations don't live in central IT. They often live in lines of business. And so it turns out that what we've seen is a lot of lines of business within large enterprises actually turn to the Barracuda product line. And maybe that's our branding, maybe that's our ease of deployment, and maybe it's just the fact that the cloud is a whole new world. Strato-IT has become a legitimate business practice. Yeah, absolutely, absolutely. So, and we're even seeing that now at the show, we announced our launch into GovCloud. And really what we've now begun to see is really within government institutions really at all level. Federal, state, local, even outside the United States. An increased use of the cloud. As an example, National Renewable Energy Lab, NREL, is actually utilizing Barracuda off in the public cloud today. And so I think we are moving to GovCloud is going to really help us extend out that market segment quite a bit. Steven Powell, the GM of the security business at Barracuda Networks, a leader in on-prem, hybrid, and now public cloud services for security. Congratulations on your success. Thanks for joining. The Cube will be broadcasting live in Austin, Texas at Dell World. Watch, can you watch the Cube? Look for us out there. The Grace Hopper celebration of women in computing will be there as well. First time at that event, big stage. We are here live in Las Vegas for Amazon re-invent with more coverage. Day two of three days of wall-to-wall coverage. We'll be right back after this short break.