 from San Francisco, it's theCUBE. Covering RSA Conference 2019, brought to you by Forescout. Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at the RSA Conference in Moscone in San Francisco. They finally got the conversion done. It looks beautiful, keeping the atmospheric river out. Didn't do that last week, but that's a different story. For another day, we're excited to have our very next guest. He's Joe Cardamone. He's a senior information and security analyst and North America privacy officer for Hayworth. Joe, great to meet you. Thank you, thanks for having me. So for the people that don't know Hayworth, give us kind of the quick overview on Hayworth. Well, Hayworth is a global leader in commercial office interiors. They create seating, desks, dynamic workspaces, raised floors and movable walls. Okay, so really outfitting beyond the shell when people move into a space? That's correct. So what are your security, that sounds like mobile walls and desks and the like, what are some of the concerning issues that you have to deal with? Well, obviously intellectual property is a big concern. Protection of our, we call our employees members. So the protection of our employee member data is important to us, customer data, supplier data. So protection of those key data elements and our assets is a priority in my role. Okay, so we're in the four-scout booth. You're using their solution. You come in, Mike tells us, you connect it to the network, it crawls out and tells us all the devices. How did that go? How well did it work for you guys? It was a fantastic experience for us, to be honest with you. From the point that we deployed the ISO onto a virtual instance, about seven hours later, we had about 97% visibility on our network. And not just data, actionable data, which was really important in our use case. Yeah, keep going. So I was just going to say, how many surprises did you get after those hours when you got the report back? We had quite a number. We were anticipating about 8,000 IPs. We landed at about 13,000. So there was quite a bit more endpoints that we discovered after implementing the product. One of the bigger pieces that we found was that our showrooms out in global sectors like Asia and Europe had a bunch of APs that were stood up. Some salespeople thought that they wanted to plug them into a network jack and stand up their own wireless networks. We had found them. We were able to squash them pretty quickly. And that was within 24 hours of implementing the product. So you were expecting 8,000. You got 13,000. So more than a 50% increase over what you thought. Quick math, correct, yes. Yeah, yeah. I'm not a quick and dirty math guy. I'm not a data scientist. Okay, so, and then how many things did you have that were custom that needed to be added to the library? I'm going to say about 10 or 15 units. We have some that we produce. Hayworth creates a unit called the Workware Unit, which is a screen presentation casting device. And what that device does, it sits on our production network. And in order for us to be able to demo that device, we had to punch holes in our firewall. Very manual process. Those devices move around very often. And it was really hard for our IT teams to keep up with how those devices move, how dynamic they are, and code revisions. We're living showrooms. So nothing stays in one spot at one time. The four scout was able to very easily identify them using a couple of pieces of information that it gathered. And by using the Palo Alto Network's plug-in, we were able to then dynamically punch holes through our firewall to our guest network for just those IPs and just those services and just those ports to enable our guests coming in who are looking to purchase the product to actually test drive it and really have a good use with the product before purchasing it. So the guests that you're talking about are your customers, your potential customers, right? And when you say they wanted to test drive it, do you let them go test drive it at their local office or you let them drive their own content on it back at your executive briefing center? How does that mean? Because you're talking about punching holes. So that doesn't just happen without some thought. Exactly. And the thought was is we can't sell a product if we can't demo it. And you come in to Hayworth, you're my guest. I want you to see the power of my product. I want you to use your laptop, your content on my screens and my space. How can we do that while protecting my digital network? And that's what the Fourscout enables us to be able to do as part of our micro segmentation strategy with the Fourscout. And then you said that that was tied to some functionality in a Palo Alto Networks device. That's correct. Like I mentioned earlier, the ability to have actionable data was one of our key points in purchasing and deploying the Fourscout unit. We're experiencing a lot of growth and the way we're treating our growth is we're treating these companies like they are BYOD. We want, we're buying their brand. We're buying their ability to sell their product. They know their product. They have passion about their product. So these are new product lines within your guys' total offering? Correct. Yes. And what we wanted to do when we started to integrate the IT side of the world, we wanted to be able to keep them operating on their own. So we're using the Fourscout to be able to look into their network and looking at a couple of key variables on their machines say, do you meet this criteria? If you do, then we're going to allow you to egress through our Palo Alto firewall using the Palo Alto Networks module on the Fourscout to be able to egress into our environment. If you don't meet that criteria, then you're just not getting in, period. Right. So we're able to provide a measure of control, trust but verify, to the other networks that we have before their devices come into ours. So you're doing that, you're adding all these devices. You talk a lot about stuff that's actionable. What did you have before or did you have anything before? What types of stuff is actionable? How do you define actionable? And I wonder if you could give a couple of examples. Sure, that's actually really easy. When I say actionable data, I'm able to look at, let's just say, your laptop sitting here with the Fourscout, I can gather any multitude of data off of it. Patch levels, OS levels, software installed, processes running, what switch port you're on, what wireless AP you're on. And off of all that information, I can make any number of decisions. I can move you to another VLAN, I can move you to another security group, I can tag your machine, I can send a trap to my SIM and be able to record wherever data I need to record. In our use case, using the data that we're gathering from the affiliate networks and from the workwares, we're able to then take action to say, yes, this device meets our criteria, we can now send that data up into the Palo Alto and tie it to a rule that exists to allow or disallow traffic. With the fact that it's a single pane of glass, the fact that I can have my help desk go in and make decisions based on data that they're getting, based on actionable data, based on other pieces of data that are getting fed in through my environment like indicators of compromise, I can enable my level one staff to be able to make level three decisions without giving them keys to the kingdom, which I think is of big value with the four scout. That's pretty impressive, because that really helps you leverage your resources in a major, major way. Correct, I'm a team of three. You're a team of three. Yes. So more specifically, I guess generally, talk about the role of automation because I don't know how many transactions go into your system and how many pings are coming in, but you said 13,000 devices just on the initial ping. So how are you leveraging automation and what's kind of the future do you see in terms of AI and machine learning and all these things we hear about because you can't hire your way out of the problem. You only got three people. Correct, correct. Right now we have limited staff but our skillset's fantastic. I'm blessed to have a team of really fantastic engineers that I work with. That being said, how the four scouts helped us is being able to take some of the load off of them by automating tasks and some of that might be, we have a machine that is not patched. We can identify that machine put into a group. Our servers are actually being patched by the four scout right now. We're using that as a way to identify vulnerabilities, missing patches and then stage them into groups using the policies within the four scout to be able to push down patches and you mentioned earlier where the products that we had that gave us this visibility, we really didn't have anything. We had four scout a number of years ago but we had some administration changes and we revamped our entire tool set. We came back and repurchased and re-put in the four scout in 2015 and that's where we've really been able to develop our current use cases and the strength behind the four scout implementation that we have now. Right, and I'm just curious where we close. Are you putting more IP connectivity on all of your kind of core SKUs? Are you seeing a potential benefit to put an IP address on a wall, on a cube, on a desk, on all that stuff and how do you kind of see that evolving? I honestly see IoT being, it's evolving very quickly obviously. We have IP addresses on our window blinds. On your window blinds? Yeah, on our window blinds so that they can control the amount of sunlight coming and we're a lead certified building so we have all these different IoT devices control sunlight, control climate control in the building and obviously our production facilities have a lot of IoT devices as well and the four scout helps us to be able to segment them into the correct VLANs, apply virtual firewalls, apply different changes to our network. It gives us a lot of visibility and gives us a lot of control because of the granularity that it just natively collects. Right, well Joe, it's such a cool story. IP on shades, that's my lesson of the day that it just shows that there's so many opportunities to leverage this new technology in a very special way but the complexity grows even faster, right? It certainly does. All right, well thanks for taking a few minutes and really enjoyed it. Awesome. All right, it's Joe, I'm Jeff, you're watching theCUBE. We're in the four scout booth at RSA North America in Moscone Center. Thanks for watching, we'll see you next time.