 Live from Las Vegas, it's The Cube, covering Fortinet Accelerate 18, brought to you by Fortinet. Welcome back to The Cube, our continuing coverage of Fortinet Accelerate 2018. We're excited to be here. I'm Lisa Martin with Peter Burris, and we're excited to talk to one of the keynotes, Big Cheese, from the main stage session this morning, John Madison. I say small cheese, I would say. SVP of products and solutions at Fortinet. Welcome back to The Cube. It's great to be here again. So, two things I learned about you when you started off your keynote. One, you're a Man City fan, Manchester City. Manchester City blue. Oh, okay. It's going through for many years. Premier League all the way. And you have the best job at Fortinet. I do indeed. Wow. That is to announce the new products, of course. So, let's talk about that. So, you talked about some exciting announcements today. Tell us about, we'll start with the security fabric. What's new there? What's going on? What's exciting? Well, the core of the security fabric is a 40OS 6.0. That's our network operating system. And that's the core of the fabric. And when we do a big release like this, there's many different features, new functionalities. Also, we have tighter integration now between all our products and the fabric. But as I said, new features as well. Things like SD-WAN has been improved. We now have probably best of breed SD-WAN and security. The fabric integration itself that's going on. We built out some new connectors for clouds. And now we have connectors for all the public clouds, all the public clouds. We have a new CASB connector, acronym city of course as usual. CASB is this cloud access security broker, API access to SaaS clouds. And so we've got that not only in its standalone form, but also very much integrated inside the fabric. We've also introduced some new 40 guard service as far as 40OS 6.0, a new security rating, which is based on a bunch of new practices or best practices that all our customers have said, this is great, great best practices. Can you put this together and apply these to our network overall? So that's just skimming the surface as I say, I think I said there's 200 plus new services. I could've stood up there for like six hours or whatever. But great new services of 6.0, big announcement for us. We just chatted with your America's channel chief, John Bove. Talk to us about- Who's an Arsenal fan by the way? Oh, what? So we beat on Sunday 3-0 in the cup final. Excellent. Just to make sure he gets this. Just to make sure he gets that internally. Okay, we'll make sure. Cut that down. Cut that down. So what are you, what excitement are you hearing in from your perspective in the channel with respect to all of the new announcements that you made today? Great feedback. So this obviously is our big channel partner event here. And what a lot of channel partners are saying is that I need to make sure I provide more of a solution to the customers. And so in the past, you know, maybe they sell a point product. It's hard to kind of keep that relationship going with that customer. But if they sell a solution, we wanted two products that's part of that solution or managed and some services as part of that. It's much stickier for the partners and gives them a much more of an architectural approach to their customer's network. And so they really like the fabric. As I said, the fabric doesn't have to be everything inside the fabric. They can be components. So what we've seen so far from a fabric component is our partners really latch onto the network plus the advanced protection plus the management or plus the access points. But they definitely prefer to sell a complete solution. It's hard for them to manage 40 different security vendors. The skill sets, the training and everything else. Now they're not saying there needs to be one security vendor, much as we would like it to be 40 net, but they need to be reduced to maybe a set of 10 or 12 and our fabric really allows them to do that. That's a key differentiator. Absolutely key differentiator. And as I said, it's very hard to build a fabric. It's a mesh network, all these products taught to each other. You can only really do that if you build those products organically, step by step alongside the network operating system. It's no good acquiring lots of bits and pieces and trying to bolt it together. It's not going to work. And so we spend a long time, 10 years building out this fabric organically to make sure it integrates. But also putting the best of read features and things like SD-WAN and Caspi. So what is a product? A product? Moving to this digital world, what is a product? A security product? Or any kind of product. As a guy who runs product management, what's a product and we'll talk about what is a security product? Yeah, I think in the past, product management used to be very focused on I've got a box that comes out or got a piece of software that comes out. These days it could be virtual machine or cloud. But it's doing a single instance. It's a single thing that it's doing inside the network from a security perspective. What we believe in is that multifunctional consolidation, multiple threat vectors. I refer to this like the digital attack surface, the digital transformation, security transformation. The biggest issue though is that digital attack surface, that's just expanded enormously. It's very dynamic. So things are coming on and off the network with spinning up, virtual machines and applications here and there. And so a point product these days just can't cope. Can't cope. And so you need solutions against specific threat vectors that are applied in a dynamic way using the fabric. But arguably it's even beyond solutions. You need to be able to demonstrate to the customer that there is an outcome that's consistent and that you will help achieve that outcome. You'll take some responsibility for it. So in many respects we move from a product to a solution to an outcome orientation. Does that resonate with you? And if so, how does that influence the way you think and the way that you're guiding four net end partners? Yes, definitely. And one of the first things they're very worried about is can they see that digital attack surface? It's very large now and it's moving around. And so their outcome, first outcome is to say, do I know my risk on my attack surface? That's the very first outcome. Is it visible? Can I see it or can I protect it or can I apply the right threat protection against that? So that outcome to them is they can see everything, protect everything. But as I said also, now they're moving into this more detection environment where you've got machine learning, artificial intelligence because you need to apply that. You know, the bad guys these days are very smart in that they know they can morph things very quickly and provide targeted attacks, zero-day attacks. We probably haven't seen it before. I hate this analogy where we say somebody has got to get infected before everyone else gets protected. That shouldn't be that way. With technologies like artificial intelligence, machine learning, we should be able to protect everybody from day one. So kind of pivoting on, you brought up the word outcome and I want to go off that for a second. When you were talking with customers and you mentioned before we went live that you visited, talked to over 300 customers last year. Who is at the table and at a customer in terms of determining the outcome we need to have? Are we talking about the CSOS team? What about folks in other organizations, operational technology departments? Who are you now seeing is in this conversation of determining this outcome? A new job role which I think has been coming for a while is the security architect. You know, two years ago I'd go into a room and there'd be the networking team on one side of the table, this InfoSec team security side on this side of the table, the CIO over here and the CSO over here and they'd be debating, I would be almost invisible in the room. They'd be debating what's going to happen because the CIO wants to build out more agile business applications. They want to move faster. The security team has got answers to the board these days and they've got to make sure everything's secure. What's their risk factor? So what I see is a new job function called the security architect that kind of straddles a bit. The networking team understands what they're building out from an SDN architecture cloud perspective but also understands the risks when you open up the network. And so the security architect provides more holistic long-term architecture view for the customer versus I've got to fix this problem right now, I've got to hold them in a bucket, I've got to fix it and then we move on to the next. They're building a system on architecture long-term and we have something called the network security expert. It's our training and education capability and we have an NSE 8. So we have about 100,000 people certified in the last two years on NSE between one and eight and about 100 people on eight because eight's a very high level, architect level across all the security technologies but we definitely see a lot of partners who want to get their people trained to NSE level eight because they would like to provide that security architect that's in the customer now but advice on what should be that holistic security architecture. So the big change to me is that the networking team and the security team have realized they can't just keep fixing things day to day. They need a more holistic long-term architecture. Let's talk about that holistic approach. So at Wikibon we talk a lot about, SiliconANGLE Wikibon, we talk a lot about how the difference between business and digital business is the role that data assets play in the digital business. I think it's a relatively interesting powerful concept but there's not a lot of expertise out there about thinking how is a data asset formed. I think security has a major role to play in defining how a data asset's structured because security in many respects is the process of privatizing data so that it can be appropriated only as you want it to. What does a security architect do? Because I could take what you just said and say the security architect is in part responsible for defining and sustaining the data asset portfolio. Yes, and so if you go back a few years there's data leakage prevention was a big area, big marketplace, DLP is the best thing. The biggest problem they did was they couldn't tag the assets. They didn't know what the assets were so when it came to providing data protection they'd go, well, what is it? I don't know where it's from, I don't know what it is. And so that whole marketplace kind of just went away. We're still there a bit but everyone's really struggling with it still. And so in the 6.0 we introduce something called tagging technology. It's inherent already inside routing systems and switching systems, SDN systems and the tagging technology allows you to look at data or devices or interfaces or firewalls from a higher level and say this is the business relationship between that device, that data and what my business objectives are. We talked about intent-based network security. And the ability long-term is to say, hey, if I've got a user and I want to add that user to this network at security level six to that application I say that and it gets translated into bits and bytes and network import and it gets translated end to end across the network. The tagging technology from our mind is the first step to be able to kind of tag interfaces and data and everything else. And once you've got that tagging done then you can apply policies at a much higher level which are data-centric and business-aware-centric. So I'm going to ask you a question related to that. So historically networks in the IT world where device was the primary citizen, right? And then when we went to the web the page became a primary citizen. Are we now talking about a world in which data becomes the primary citizen? We're really talking about networks of data. I think to some extent. Now if you look at a user today they have like maybe three or four devices. Like at students universities there's something going to those lectures they've got an iPad, their iPhone and three devices attaching there. So I think the definition of one user and one device has gone away and it's multiple devices these days. And a lot of devices attaching that no one has any clue about. So I don't think it's going to be completely data-centric because I still think it's going to be very hard to tag and classify that data completely accurately as it's moving around. So I think data is going to be a part of it. I think device is going to be part of it. I think the network itself, the applications are all going to be part of this visibility. And so in R6.0 we provide this topology map where you can see devices, users. You can see applications spin up. You can see the relationship between those things and the policies. The visibility is going to be extremely important going forward and then the tagging goes along with that and then you can apply the policy. With respect to visibility I kind of wanted to chat about that a bit. In the context of customers. So one of the things that Ken talked about in his keynote was you guys have, Ken? Ken? Ken Z. Yes. That guy? I'm not joking. The guy that still slides from you in Keynote? He did. I know, I saw that. He tells me half, like two minutes before I joined that slide. That's why you have the best job. Everybody wants to copy you. So in terms of what the CEO said, that guy, that Fortinet protects 90% of the global S&P 100. There were logos of Apple, Coca-Cola, Oracle, for example. So in terms of visibility, as we look at either a giant enterprise like that or maybe a smaller enterprise where they are, you mentioned this digital tax services expanding because they are enabling this digital business transformation. They've got multi-cloud, mobile, IoT and they also have north of 20 different security products in their environment. At least, at least. So how do they get visibility across these disparate solutions that don't play together? How does Fortinet help them achieve that visibility? So they can continue to scale at the speed they need to? Well, I think today they use systems like SIM systems. We have a Forti-SIM as well, where you get, you know, you can use standard-based SIS logs and S&MP to get information up there so they can see it that way. They're using orchestration systems to see parts of it. But I think long-term, I think I speak to most customers and they say, although they're not mad at new vendors maybe for specific detection capabilities, they really want to reduce the number of vendors inside the network. You say 28, sometimes they hear 30 and 40. It's a big investment for them, but they also realize they can't maintain it long-term. And so our recommendation to customers is to, if you've got some Fortinet footprint in there, look at what's the most obvious to build out from a Fortinet perspective. Sometimes we're in the data centers, sometimes we expand into the WAN, sometimes we expand into the cloud, sometimes we'll add some advanced threat protection. We're not saying replace everything obviously with Fortinet. We're saying build out what's most obvious to you and then make sure that you've got some vendors in that which are part of our fabric alliance. We have 42 vendors now, security vendors, from endpoint to cloud to management that can connect in through those different APIs. And when we connect them through those APIs, they don't get the full fabric functionality in terms of telemetry and visibility, but they apply a specific functionality. A good example would be an endpoint vendor connecting to our sandbox. They're not quite sure about file or sent to our sandbox. We'll give them a recommendation back. As soon as we know about that, all the fabric knows about it instantly across the whole network because time is of the essence these days. When something gets hacked, it's inside the network. It's less than 60 seconds for something for the whole network. And that's why segmentation, end-to-end segmentation is still a very important project for our customers to stop this lateral movement of infections once they get inside the network. So, but very quickly, it does sound as though that notion of the security architect, this increasing complexity inside the network. And I asked the question about whether data is going to be the primary system. You get a very reasonable answer to that. But it sounds like increasingly a security expert is going to have to ask the question, how does this data integrate? How am I securing this data? And that in many respects becomes a central feature of how you think about security architecture and security interactions. Yeah, because I think people used to build the networks and bolt on security. It was an afterthought. And so I think what they're saying now is we need to the networking people and the security people to work together to build an holistic security architecture, totally integrated day one, not some afterthought that goes on there. And that's why we've been building the fabric all these years, is to make sure it's an integrated, totally integrated fabric end-to-end, segment-taking architecture, where you can also then connect in different parts of the network. It has to be built day one that way. So last question is sort of, I think we asked your CISO this, the balance between enabling a business to transform digitally at speed and scale. And I think it was, I was wondering you this morning, can't remember who that said that this is going to be the year of security transformation. Could have been that guy, that other guy that steals your slides. But how does a company, when you're talking with customers, how do they get that balance between we are on this digital transformation journey, we've got a ton of security products, how do they balance that, it's not chicken and egg, to be able to continue transforming to grow, be profitable, with underpinning this digital business with a very secure infrastructure? As I said, I think most of them have got that now. And they kind of go, they've got this five-year plan versus a one-year plan or a six-month plan on the security side. It's integrated into the network architecture plan long-term. And that's the way they're building it out. And that's the way they've got a plan to get, you look at financial organizations, they want to provide internet access at branch offices. They've got a plan to roll it out, it's safe going forward. Or they want to add broadband access to their internet, like 5G or broadband interconnection. They've got a plan for it. And so I think people are so much more aware now that when I build something out, whether it be on the data side or the network side, it has to be secure from day one. It can't be something I'll do afterwards. And I think that's the biggest change I've seen in my customer interactions is that they're absolutely essential, it's absolutely essential that they build out a secure network from day one, not an afterthought going forward. Well, we'll end it there, secure network from day one. John, thanks so much for stopping by theCUBE. Congratulations on the announcements and we hope you have a great show. Great, thanks. Thank you for watching. We are theCUBE live from Fortinet Accelerate 2018. I'm Lisa Martin with my co-host Peter Burris. Stick around, we'll be right back.