 Welcome to this special CUBE Conversation. I'm John Furrier, your host of the CUBE here in Palo Alto, California. We've got two great remote guests here having a conversation around security, security convergence with platforms around networking and security, with cybersecurity at an all-time high, the need for understanding how to manage the breaches, how to understand them, prevent them, everything in between, cybersecurity and data is the number one conversation happening in the world today. We've got two great guests, got Nirav Shah, VP of products at Fortinet and Peter Newton, senior director of products at Fortinet. The product leaders in the hottest cybersecurity company. Guys, thanks for coming on this CUBE Conversation. Thanks for having us. Thank you, John. So last month or so, I talked to John Madison about the Fortinet new release, FortiOS 7.0, as well as highlighting the convergence that's going on between the platforms around companies trying to consolidate and or manage or grow and build converting networking. And security together, you're seeing that happening in real time. Still doesn't change the underpinnings of how the internet works and how these companies are structured. But the need for security is at an all-time high. Talk about the impact to the customer. Do you guys have the keys to the kingdom here? Product group, what is the killer product? What are customers doing? Give us the overview of why there's such a big need for the security platforms right now. Yeah, absolutely, John. So if you see today's environment, we have seen working from anywhere has become normal. And as part of that, we have seen so many different network edges. At the same time, they have different devices that they're using from anywhere. So what's important is, as users have different devices, different users and applications that they're consuming from cloud, we have to make sure that we provide security across the endpoint, across all network edges, and go into the cloud compute. And for that kind of approach, you cannot have point products, provide the visibility control and management. You need to have a comprehensive cybersecurity platform which gives you security from that endpoint to the edge to the user, so that you have a simple, but effective management and have a solid security in place to get that working from anywhere in a much more better user experience way. And that's exactly what Fortinet described as a security fabric platform. You know, it's interesting, not to kind of go on a tangent here, but to illustrate the point is, if you look at all the cyber security challenges that we're facing globally, especially here in the United States, the public-private partnerships are increasing. We're seeing more public sector, commercial integration, the role of data. We've covered this on SiliconANGLE and many other CUBE interviews, especially with you guys. And there's all this kind of new approaches. Everyone's trying everything. They're buying every product that's out there. But now there's like overload. There's too much product. And the obvious thing that's becoming clear is cloud scale, the evolution of this new edge environment. And so with that becomes the importance of two trends that you guys are participating in. I want to get your thoughts on this because that's called SASE and SD-WAN. We know SD-WAN, but SASE stands for Secure Access Service Edge. That's, I think Gartner made that term up or someone made that term up, but that's a new technology. And you got SD-WAN. These are traditionally have been like edge for like branch offices now evolve now as pure network edges and then distribute a computing environment. What's so important about these two topics, Nirav? Take us through the changes that are happening and why it's important for enterprises to get a handle on this. Yeah, John. So as you said, SASE, Secure Access Service Edge, really the foundation of that topic is the convergence of networking and security. And as you mentioned, Fortinet has been doing a lot of innovation in this area, right? Six years back, we pioneered the convergence of security and networking with Secure SD-WAN. But what's happening now with the SASE is as that working from anywhere continues to remain the dominant trend, users are looking for a cloud-delivered security. And that's what Fortinet recently announced where we can provide the most comprehensive cloud-delivered security for remote users, for thin edges. You can still have any time access from any device. To give you an example, now are remote users. They are still at home or they can be branch of one user, but still have that always on threat protection with the consistent security given in a cloud. So they don't have to go any more from the branch or data center but have a direct connectivity to the cloud security before they access SASE application. That's what one of the SASE trend is. Second thing, John, we are observing is users are now, as they are going back to the hybrid workforce, they are looking for a thin edge, right? To your point of an edge, edge is still intelligent and very important, but there is an interesting architecture shift of, can I just use an intelligent networking there, move my capex to OPEX and have security in cloud? That unified security, unified policy is again becoming important. That's what SASE- Okay, so I like this cloud-delivered security. This is a hybrid workforce you're addressing with this marketplace, that's clear. Hybrid is everywhere, hybrid cloud, hybrid workforce, hybrid events are coming. I mean, we love covering events physically, but also now virtual. Everything's impacted by the word hybrid and cloud. But talk about this thin edge. What do you mean by that? I mean, I hear, I think thin edge, I think thin clients, the old trend. What is thin edge mean? Yeah, so there are different organizations are looking at the architecture in a different way. Some organizations are thinking about having a very simple branch where it is used for modern networking technologies while security has been shifted to the cloud-delivered. What happens with this model is now they are relying more into technologies like SD-RAN on edge to provide that intelligence steering while everything in the security has been done in a cloud-compute way for both remote users and thin edge environment. Now the good news here is they don't have to worry about the security patching or any of those security capabilities. It is all done by Fortinet as they go and use the SaaS applications performance. I want to come back and drill down on that, but I want to get Peter in here in the zero trust equation because one of the things that comes up all the time with this edge discussion is network access. When you go back to the old days of computing, you had Edge log in, you'd come in, radio servers, all these things were happening for a simple paradigm. It's gotten so complicated now, Peter. So zero trust is a hot area. It's not, it's only one of the things, but it's super important. What is zero trust these days? Zero trust is indeed a very hot term because I think part of it is just it sounds great from a security standpoint. Zero trust, you don't trust anyone, but it really comes down to a philosophical approach of how do you address the user's data applications that you want to protect? And the idea of zero trust and really what's driving it is the fact that as we've been talking, people are working remotely, the perimeter of the organization has dissolved. And so you no longer can afford to have a trusted internal zone and an untrusted external zone. Everything has to be quote, unquote, zero trust. So this means that you need to be authenticating and verifying users and devices on a repeat and regular basis. And you want to, when you're bringing them on and giving them access to assets and applications, you want to do that with as granular of control as possible. So if they, the users and devices have access to what they need, but no more. And that's kind of the basic tenants of zero trust. And that's what, it's really about prioritizing the applications and data as opposed to just looking at, in my spring, someone into my network. God, the concept of zero trust is obviously hot. What's the difference between zero trust access and zero trust network access? Or as people say, ZTA versus ZTNA. I mean, is there a nuance there? I mean, what's the difference between the two? That's actually a really good question because they both have the zero trust in the name. ZTNA is actually a specific term that Gartner created or rather analysts, I should say, created 10 years ago. And it's referred specifically to controlling application to controlling access to applications. Whereas zero trust, overall zero trust access deals with both users and devices coming onto networks. How are you connecting them on? What kind of access are you giving them on the network? ZTNA is specifically how are you bringing users and connecting them to applications? Whether those applications are on premise or in the cloud. So what the NA is more like the traditional old VPN model connecting users from home or whatever. Just connecting across the network with user to app. Is that right? That's actually a really good insight. But ironically, the VPN, quote unquote, benefits of this are actually an outgrowth of the ZTNA model. Because ZTNA doesn't differentiate between when you're on network or off network, it creates a secure tunnel automatically no matter where the user is. But VPN is all just about creating a secure tunnel when you're remote, ZTNA just does that automatically. So it's a lot easier, a lot simpler. You get a hundred percent compliance. And then you also have that same secure tunnel even when you're, quote unquote, on a safe network because with zero trust, you don't trust anything. So yes, it really is leading to the evolution of VPN connectivity. So Nir, I want to get back to you on Ty that circle back to what we were talking about around hybrid. So everything's moving to the cloud. That's what people think. And cloud ops is essentially what hybrid is. So connect the dots here between the zero trust, zero trust, A and NA with the move to the hybrid cloud model. How does that, what's the difference between the two? Where's the connection point? What's the relevance for your customers and the marketplace? Yeah, I think that again goes back to that Sassy framework where ZTNA plays a huge role. Because John, we talked about when users are working from anywhere in this hybrid workforce, one of the important thing is to not give them this implicit trust, right? To the applications. Enabling that explicit trust is very important. And that is what ZTNA does. And the interesting thing about Fortinet is we provide all of this part of our 40 OS and users can deploy anywhere. So as they're going through the cloud delivered security they can enable ZTNA there so that we make sure this user at what time, which application they are accessing and should we give them that access or not. So great way to have ZTNA, Sassy, everything in one unified policy and provide that anytime access for any device with the trust in place. Okay, real quick question to you is what's the difference between Sassy, secure access service edge and SD-WAN real quick? Yeah, so SD-WAN is one of the core foundation element of Sassy, right? So far we talked about the cloud delivered security which is all important part of a security of the service. Sassy has another element which is a networking as a service where SD-WAN plays a foundation role. And John, that's where I was saying earlier that the intelligent edge modern technology that SD-WAN provides is absolutely necessary for a successful Sassy deployment, right? If users who are sitting anywhere if they can't get the right application steering before they provide the cloud delivered security then they are not going to get that user experience. So having the right SD-WAN foundation in that edge working in a tandem with the cloud delivered security makes a win-win situation for both networking and security team. So Peter, I want to talk to you last night I was on a chat on the clubhouse app with some cybersecurity folks and, you know they don't talk in terms of, I got ZTNA and I got some Sassy and SD-WAN. They're talking mostly about just holistically their environment. So can you just clarify the difference? Was this completely confusing between ZT, Zero Trust network access, ZTNA versus Sassy because it's kind of the same thing but as I know it's nuanced but is there a difference there? People get confused by this when I hear people talking because like they just throw jargon around and they say, oh, we Zero Trust, we're good. What does that even mean? Yeah, we get a lot of that when talking with customers because the two technologies are so complementary and similar they're both dealing with security for remote workers. However, Sassy is really dealing with that kind of firewall in the cloud type service where that remote user gets the experience and protection of being behind a firewall. ZTNA is about controlling the application and giving them that secure tunnel to the application. So they're different things. One's kind of that firewall in a service, securing a service, even networking in a service. But, and ZTNA is really about how do I have the policies no matter where a user is to give them access to specific applications and then give them a secure tunnel to that application. So very complimentary, but again, they are separate things. What's the landscape out there with competitive because is there products, I mean, you guys are product folks will get the product question. Is it all kind of in one thing? Do people, is this bundled in? Do you guys have a unique solution? Some people have it, they don't. What's the marketplace look like from a product standpoint? So John, that starts back to the platform that we talked about, right? Fortinet always believes in not to develop a point product, but to do an organic development which is part of a broader platform. So when we look at the thing like SASE, which required a really enterprise-grade networking and security stack, Fortinet has organically developed them. SDVAN, we are a leading vendor with a Gartner Magic Fund and leader there. Network Firewall, including whether they deploy it on cloud, on-prem or a segmentation, we are a leader there. So when you combine both of them and ZTNA, which is part of it, there is only handful of vendor you will see in the industry who can provide that consistent security, networking and security together and have that better user experience from a single management. So clearly there's a lot of buzz John about a lot of vendors talk about it, but when you go to the details and see this kind of unified policy of networking and security, Fortinet is emerging as a leader. Well, I always like talking to the experts, like you guys on this topic and we get into the conversations around the importance under the hood. You know, SASE, SDVAN, we've been covering that for a long time and now with Zero Trust becoming such a prominent architectural feature in cloud and hybrid, super important under the hood. At the end of the day though, I got to ask the customer's question, which is, you know, what's in it for me? I care about breaches. I don't want to be breached. The government's not helping me over the top. I got to defend myself. I have to put resources in place. It's expensive and nevermind. If I get breached, the criticality of that alone is a risk management discussion. These are huge table. These are huge stakes. The stakes are high. So what I care about is, are you going to stop the breaches? I need the best security in town. What do you say to that? Yeah, this goes back to, in the beginning we talked about consistent certified security, right John? So yes, a sassy model is interesting. Customers are going to move to cloud, but it's going to be a journey. Customers are not going cloud first day one. They are going to take a hybrid approach where security is required in a segment, in an edge and on the cloud. And that's where having a solid security in place is a number one requirement. And when you look at the history of Fortinet over the last 20 years, how we have done with our Fortiga labs, our threat intelligence, and ability for us to protect over 450,000 customers, that's a big achievement. And for us to continue to provide that security, but more importantly, continue to go out and do a third party certification with many organization to make sure no matter where customers are deploying security, it is that same enterprise grade security deployment. And that's very important that we talk up to our users to make sure they validate that. Peter, weigh in on this, customers don't want any breaches. How do you help them with the best security? What's your take on that? Well, to reiterate what Naral said earlier, we really believe that security is a team sport and you do need best in class products at each individual element, but more importantly, you need those products to be talking together. So the fact that we have industry leading firewalls, the fact that we have industry leading SD-WAN, we've got industry leading products to cover the entire gamut of the endpoint hallway, email application, cloud, all these products, while it's important that they're third party validated, as Naral was mentioning, it's more important that they actually talk together. They're integrated and provide automated actions. Today's cybersecurity moves so fast, you need that team approach to be able to protect and stop those breaches. You guys have a great enterprise grade solution. I got to say, I've been covering you guys for many years now and you guys have been upfront, on the data aspect of it with four to guards. And I think people are starting to realize now that data is the key value proposition. It's not a secret anymore. Used to be kind of known to people inside the ropes. So congratulations. I do know that there's a lot of action happening. I want to give you guys a chance to at the end of this conversation now, to just do a, put a plug in for four to net because there's more people coming into the workforce now, post pandemic, young people with computer science degrees and other degrees that want to go into career with cybersecurity. Could you guys share both your perspective on for the young people watching or people re-skilling what opportunities there are from a coding standpoint and or from say an analyst perspective. What are some of the hot openings? Cause there are thousands and thousands of jobs. Give a quick plug for four to net and what openings you guys might have. Well, certainly in the cyber industry, one of the major trends we have is a workplace shortage. There are not enough trained professionals who know about cybersecurity. So for those who are interested in retooling or starting their career, cybersecurity is an ongoing field that's going to be around for a long time. I highly encourage those interested, come take a look at four net. We offer free training. So you can start from knowing nothing to getting becoming certified up to a security architect level and all that training is now available for free. So it's a great time to start, great time to come into the industry. The industry needs you. Any particular errors Peter, you see that's like really, really jumping off the page. Well, as it's hybrid, so knowing cloud, knowing the on-prem, knowing the traffic, knowing the data on the applications, there's just so much to do. Nirav, you're the head of product, you got all probably a ton of openings, but seriously, of young people trying to figure out where to jump in, what are the hot areas, where can people dig in and get retrained and or find their career? Yeah, no, I think to reiterate what Peter said, the program that Portugut has built, NSC123, which is free available is a great foundation because that actually goes into the detail of many topics we touched upon. Even though we are talking about SDVAN, SAS, ZTNA, fundamentally, these are the networking and security technologies to make sure users are able to do the right work and with the user experience. And that will be really helpful to the young people who are looking to learn more and go into this area. So highly encouraged to take those training, reach out to us, we are there to provide any mentorship, anything that is required to help them in that journey. Anything, jump off the page in terms of areas that you think are super hot that are in need? Certainly, this convergence of networking and security. There is a growing need of how and what the Zero Trust is and how the security is applied everywhere. Definitely, that's a topic of mind for a lot of our customers. And that's an area, it's a good thing to gain more knowledge and utilize it. Neeraj and Peter, thank you for coming on. You guys are both experts and the leaders at Fortinet, the product team, the need for security platform is an all-time high, consolidating tools into a platform. More tools are needed, new tools coming. So I'm expecting to have more great conversations as the world evolves. Certainly the edge is super important. Thanks for coming on, appreciate it. Thanks for having us. Okay, keep conversation on security here in the Palo Alto Studios, I'm John Furrier. Thanks for watching.