 Live from Las Vegas, Nevada, it's theCUBE. Covering Accelerate 2017, brought to you by Fortinet. Now, here are your hosts, Lisa Martin and Peter Burris. Hi, welcome back to theCUBE. We are Silicon Angles flagship program where we go out to the events and extract the signal from the noise. Today, we are with Fortinet at their 2017 Accelerate event in Las Vegas. I'm your host Lisa Martin and I'm joined by my co-host Peter Burris. And we are fortunate right now to be joined by George Moore. George is the technology, excuse me, the CSO from Microsoft Azure who is a big technology alliance partner for Fortinet. George, welcome to theCUBE. Nice to have you, thank you. We're excited to have you on, you are, as we mentioned, the CSO at Azure, but you're the CSO for all of the Azure compute services. You are one of the founders of the Azure engineering team from back in 2006 and we were talking offline. You hold over 40 patents and things like secure deployment, interactive design, et cetera. You're a busy guy. I am, yes. So, one of the things that we've been talking about with our guests on the show today and a great topic that was in the general session was about really the value of data and how do businesses transform to digital businesses, the value in that data has to be critical. So, I'd love to get kind of your take on as businesses have to leverage that data to become more successful or to become successful as digital businesses, we know that the security at the perimeter is not the only thing, it needs to be with the data. So, what is Azure doing to secure the cloud for your customers and how do you help them mitigate or deal with the proliferation of mobile devices and IoT devices that they have that are connecting to their networks? No, absolutely. Digital disruption is affecting everybody and it's a huge thing that many companies are struggling to understand and to adopt their business models and to really leverage what digital can do for them and certainly the work we're doing in the public cloud with Azure helps that significantly. And as you mentioned, there's just a proliferation of devices, a proliferation of data. So, how do you have defense in-depths? You don't have perimeter-based security but you actually have defense in-depth at every level. And at its heart, it really falls down to how do you do encryption at rest, how do you secure the data encrypted? Who holds the keys for the data? What's the proliferation of the keys? How does control manage for that? But of course, if the data's encrypted, you really want to be able to do things upon it. You want to be able to compute over it. You want to do queries, analytics, everything. So, there's the question of how do you securely exchange the keys? How do you make sure that the right virtual machines are running, the right computer's running at the time to do the queries? And that's the set of controls and security models and services that we provide in Azure that makes it super easy for customers to actually use that. Well, Azure has been, Azure represents, it's called the second big transformation for Microsoft. Where the first one might have been associated with Explorer, some of the amazing things that Microsoft did to transform itself in the 1990s. And it seems to be going pretty well. How is security facilitating this transformation from a customer value proposition? Well, security is absolutely the number one question that every customer has whenever they start talking about the cloud. And so, we take that very, very seriously. Microsoft spends over a billion dollars a year on all of our security products all up. We have literally armies of people who do nothing every day but wake up and make sure that the product is secure. And that really boils down to two big pieces. One is how do we keep the platform secure from the security controls that we have ourselves and the compliance attestations and everything to make sure that when customers bring their workloads to us, they are in fact kept secure. And then second is a set of security controls we provide to customers so they can actually secure their workloads, integrate their security models with whatever they're running on-premise and have the right security models, attestations, multi-factor authentication, identity controls, et cetera, for their own workloads. And security is very context specific. Not necessarily I'm getting into a conversation industry or whatnot, but just in terms of the classifications of the services that need to be provided. We were talking a little bit about how some of the services that you provide end up being part of the architecture for other services within the Azure Cloud. Talk a little bit about how you envision security over time evolving as a way of thinking about how different elements of the Cloud are going to be integrated and come together in the role that security is going to play in making that possible and easy. We're absolutely right, I mean Azure is composed of right now 80 some odd different services and there is definitely a layering where for example my components around the compute pieces are used by the higher order services around HDN site and some of the analytic services and such. And so the security models we have in place internally for compute in turn are used by those higher order services. And the real value we can provide is having a common security, common customer facing security model for customers. So there's a common way by which they can access the control plane, do management operations upon these services, how they can access the endpoints of the services using a common identity model, a common security model, role-based access control. Again from a common perspective, logging, auditing, reporting. So all this has to be cohesive, correct and unified so that customers aren't facing this just tumultuous array of different services that speak different languages so to speak. So we're here at Fortinet Accelerate 2017. Tell us how long Microsoft, Azure and Fortinet have been working together and what are you most excited about with some of the announcements from Fortinet today? Well Microsoft and Fortinet's partnership has been going on for quite some time, specifically in the Azure space. We've been doing two different, two major thrust around integration with the Azure Security Center which is a set of services that we have within Azure that provides turnkey access to many, many different vendors including Fortinet as one of our primary partners. And then Fortinet also has all their products in the Azure marketplace so that customers can readily just in a turnkey manner use the Fortinet next generation firewalls and such as virtual machines, incorporate those directly within their workloads and have a very seamless billing model, very seamless partnership model, very seamless go to market strategy for how we jointly promote, jointly provide these services. One of the things that one of our guests was talking with us about today was really that it's an easy sell if you will at the C level to sell the value of investing in the right infrastructure to secure environments. Looking at that in correlation to the fact that there's always historically been a challenge or a concern with security when it comes to enterprises moving workloads to the cloud. I'm curious about this easy sell position that cyber security and the rise of attacks brings to seeing the adoption of more enterprise workloads. We're seeing numbers that are going to show or predicting that north of 85% of the enterprise workloads will be in the cloud by 2020. How much is Microsoft, as you're seeing the fact that cyber security attacks are becoming more and more common, hitting some pretty big targets affecting a lot of big names. How much are you seeing that as really an impetus and maybe drive that adoption higher and higher? From a reference point of view. I see that every day. I mean, I give many, many talks to the C level to CSO, CEOs, et cetera. And I can say in many industries like the banking industry, the financial sector, 18 months ago, banks did not have any interest in public cloud. It was just like, thank you, we have no interest in cloud. But recently there's been this dawning realization that Azure and the public cloud products are in fact, in many cases, more secure than what the banks and other financial industry sectors can actually provide themselves. Because we're providing huge amounts of investments from an on an ongoing basis that we can actually provide better security, better integrated security than what they can afford on premise. And so as a result, we're seeing this now literally stampede of customers coming to us and saying, okay, I get it. You can actually have a very, very highly secure environment. You can provide security controls that go well above and beyond whatever I could do on premise. And it's better integrated than what I could ever pull together on premise. One of the reasons for that is because of the challenge of finding talent. And you guys can find a really talented person, bring them in, and that person can build security architectures for your cloud that then can be served, that can be used by a lot of different customers. So what will be the role of, or how will this need for talent in the future? What will be the role for how people engage your people, clients people engage your people to ensure that that people side moves forward? And how do you keep scaling that as you scale the cloud? Right. Well, certainly people are always the bottleneck in virtually every industry and specifically within the computing space. And what we really see and the value we're seeing from customers is that the people that they had previously on premise who are working to secure the base level common infrastructure are now freed, that they don't have to do that work. They can do other interesting things at the application level and move their value add further up the stack, which means they can innovate more rapidly, they can add more features more quickly, because they're not having to worry about the lower level infrastructure pieces that's secured by Azure. And so we're seeing this dawning realization that we're moving into this new golden age where there's higher degree of agility with respect to innovation happening at the application level. Because remember applications have to be, if you're having a compliant workload, if you're having PCI compliance within the credit card industry, for example, you have to have the entire application and its infrastructure part of the compliance boundary. So that means when you're building that app, you have to give your auditors the complete stack for them to pass that. If you're only having to worry about this much as opposed to that much, then the amount of work that you can do, the amount of integration, the amount of agility, the amount of innovation you can do at that level is many orders of magnitude higher. So we really see that the value that a lot of customers are having here is that their talented people can be put to use on more important higher order business related problems as opposed to lower level sort of infrastructure level issues. Well, let's talk about that for a second, because one of the things that we see within our research is that the era of cloud as renting virtual machines is starting to transition as people start renting applications or applications as services that they themselves can start putting together. So, and partly the reason why that's exciting is because it will liberate more developers. It brings more developers into the process of creating value in the cloud. But as they do that, they now have visibility or they're going to be doing things that touch an enormous set of resources. So how do you make security easier to developers in Azure? Well, the key is that we can do high degrees of integration at the low level between these various services. It goes back to that issue of cascading of your stuff up into the other Azure services. Absolutely, I mean, think about it. We have, we saw on top of a mountain of information. We can, we have analytics and log files that know about virtually everything is happening in the cloud. And we can have machine learning, we can have intelligence, we can have machine intelligence and such that can extract signals from noise that would otherwise be impossible to discover at a single, from a single customer's perspective. Even if you have a low and slow attack by some sort of persistent individual, the fact that they're trying the slow and slow attack means that we are able to pull that signal out and extract that information that would not be really physically possible or economically possible for most companies to do on-premise. So does this get embedded into some of the toolkits that we're going to use to build these next generation cloud-based apps? It gets embedded in the toolkits, but also it gets embedded at the set of services like the Azure Security Center. I mean, a single pane of glass that's integrated with the products from Fortinet and others where the customer can go and have a single view across all their workloads running within Azure and get comprehensive alerts and understanding about the analytics that we're able to pull out and provide to those customers. So what's next? Well, I mean, security's an ever-evolving field and there's always, the bad guys are always trying new things. So the work that's really happening is, a lot of the innovation's happening is within the analytics, machine learning space around being able to pull more log files out, being able to do refining the algorithms and basically being able to provide more AI to the logs themselves that we can provide integrated alerts. Like for example, if you have the kill chain of an individual coming in, attacking one of your product and then using that to do lateral mobility to other products within your other services within your product, we can pull those together in a common log. We can show to customers, here's the sequence of events that this one individual did across three or four or five different services. You have top-level visibility and we can give you then guidance to say, if you insert separation of duties between these two individuals, then you could have broken that kill chain. So we can do proactive guidance to customers to help them secure their own workloads, even if they necessarily, initially we're not deployed in a necessarily most secure manner. So George, we just have a couple of minutes left but I'd love to get your perspective. You shared a tremendous amount of the accomplishments that Azure has made in public cloud and in security. What are the opportunities for partners to resell Azure services? Absolutely, I mean partners are, Microsoft has historically always worked incredibly well with partners. We have a very large partner ecosystem. I think it's the biggest. It is the biggest, exactly. I mean, okay, I don't want to brag too much, but yes. And we see specifically in the security space that partners are increasingly, around 40% of their revenue increasingly is coming from cloud-based assets, cloud-based cells. And so we're setting up the necessary partner channels and partner models where we can make sure that the reseller channels and our partners are an integral part of our environment and they can get the necessary revenue shares and we can give them the leads and how the whole system evolves. So absolutely, we believe that partners are first and foremost to our success and we're making deep, deep, deep investments in the partner programs to make that possible. Well, George, we wish you and Microsoft as your continued success, as well as with your partnership with Fortinet. We thank you so much for taking the time to join us on theCUBE today. Thank you. And for my co-host, Peter Burris, I'm Lisa Martin. Stick around, we'll be right back on theCUBE.