 From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE Conversation. Hello everyone, welcome to this special CUBE Conversation. I'm John Furrier, host of theCUBE here in Palo Alto, California in our studios. We have a remote guest here talking about cybersecurity and all the industry trends and the recent news and announcements around Fortinet with John Madison, CMO, and Executive Vice President of Products at Fortinet. John, great to see you, welcome back to theCUBE. Great to have you back on for some commentary around what's going on in the trends and your recent news, so thanks for coming on. Thanks John, nice to see you again. So you guys had earnings, congratulations again. Another successful results, you guys are doing well. Cyber is super important and that's the top conversation. Cloud computing, cloud native, we're living in a pandemic, new things are exposed. Clearly, the environment has changed in the past four months in a major, major way. So a lot of demand, a lot of needs out there from customers. So you guys had some earnings and you also have an update on your Fortinet OS for 7.0 platform with major updates. Let's quickly hit the news real quick. What's the hot topic? Yeah, well, you're right. Things have accelerated in some ways in this cybersecurity world. And the recent SolarWinds incident that's also made people look really, really closely at their cybersecurity strategy and architecture. We announced our results yesterday for Q4. For Q4, we had over 20% product growth which is a key of course, the future growth. We also, for the full year in 2020, passed three billion in billings for the first time for the company. And we're really proud of that. We're proud for a lot of reasons with our people and our team. But also, we're not a company that goes and makes large acquisitions to boost revenue and billings growth. We've done it predominantly organically over the last 20 years. And so we're very proud of our achievement. And obviously a big thank you to our partners our employees and our customers. We also have been covering you guys for many, many years. Congratulations. Well deserved. Good products win the long game as we say on theCUBE. And that's a great testament. But now more than ever, I really want to get your thoughts because everyone that I talked to is really kind of sitting back saying, wow, look what's happened in the past three, six months in particular, a lot of sea change and both on the technical landscape, the intersection with society, obviously with cyber, you mentioned solar winds. That's been kind of hanging around. More data is coming out about how pervasive that was and how native it was for many, many, many months. So what's out there? We don't even know what's next. So this is causing a lot of people to take pause and really reevaluate their environment. Can you share your perspective and how Fortinet sees this playing out and how that you are advising your customers? Yeah, well, we're leaving compliance and regulatory to one side for now because that's also a driver of cybersecurity and focus on the two main drivers. One is the threat landscape and I hinted a bit around, you know, that supply chain attack, which affects a lot of people and in solar winds incident, they got hold or got onto a device that has privileged access across a lot of servers and applications. And that's exactly what they wanted to get to. So state sponsored APTs, there's still volume out there. We still see now ransomware doubling every six months, but that's very scary. The threat landscape around state sponsored. The other driver of cybersecurity is the infrastructure and whether that be endpoint. So as you know, people are working from home as I am for the last eight months. So there's on and off network endpoint, kind of a zero trust architecture there that people are looking towards. On the network side, we've seen these edges develop. And so whether it be the one edge, LAN edge, cloud edge, data center edge, even OT edge, those need protecting. So that's a big challenge for customers. And then also on the cloud side, where the applications have moved to cloud, but different types of cloud, multi-cloud. I've even seen building cloud recently. So that's a very, you know, adaptive area. So challenging for the customer in the, in the terms of the threats and weaponized threats, as well as the ability to cover all the different parts of the attack surface going forward. You know, it's interesting, you know, this, we've been living in a generation in the technology business around, you know, you just get a tool for that. Every hammer looks for a nail. That's the expression. Now more than everyone, you have this no perimeter environment, which we've been talking about for many, many years. That's not new. What is new is that everyone's now thinking about architectural systems approach to this and thinking systematically around the platform of what their business is. So in your announcement that you guys just released for OS 7.0, there's really some meat on the bone there. You have the secure access edge, SASE, and then the endpoint protection, which are defined categories by the analysts, but those are the areas that are super hot. Can you translate that into the architectural equation? Cause you and I were talking before we came on camera around how it's not just one thing. There's multiple layers to this. Could you break that out for us, please? Yeah, if you look at historically, and I'm now coming up to my 20th year in cybersecurity before 40 net, I work for an endpoint company. If you go back a while, I can. Between 2000, 2010, the endpoint vendors were the big cybersecurity players because endpoint was where the data was and everything else. And then over the last 10 years, the network security vendors, the next-gen firewalls have been the most important vendors out there. And it's also reflected in revenues and market cap and everything else. What we're going to see over the next 10 years is the platform. And that platform can't be just an endpoint platform. It can't be just a network security platform or just the cloud platform. Cause you're only seeing and defending and protecting a part of the overall, we call digital experience. Whether it be a device in the factory, whether it be a person dialing in from somewhere or connecting from somewhere through the network and through to the applications, you got to measure that digital experience. And so that's going to be very important to be able to provide a platform that sits across all your devices users across your whole network, including new networks like 5G and across the applications and in the cloud. So the platform to us extends across all those areas. We've been building that platform on what we call our 40OS operating system. The latest release is 7.0, which released yesterday. It obviously upgrades and extends all parts of the platform, but we did major parts of the release yesterday, we were around a chassis, which of course is the cloud edge. So we're adding that cloud edge to our component. We did acquire a company opaque networks a few months ago that's now we've integrated that technology. And then just as importantly on the access side, a zero trust network access capability giving access per application. In fact, again, with this, I've talked a bit about this in the past about all these Garner acronyms. I don't think zero trust network access is the right wording for the application access because that's what we're going to move to application specific access versus just getting on the network and getting access to everything, but something that gives you context. So those are the two big things, but there's 300 plus new features across networking, endpoint and cloud across management inside the release. So it's a major release for us and it gives our customers the capability to really protect that attack surface from the endpoint to the cloud. Yeah, there's a lot of meat in there on that release, got to say, but it's basically you're saying devices and users have access, that's been around. There's been tools for that, you hire people, you get some tools, network access, it's been around, it's getting evolving. Now apps in the cloud, cloud native is a hot area. And people that I talk to, I want to get your reaction to this comment that I hear from people and customers and CXOs and developers. Hey, we bought a tool for that. We hired a bunch of people, they mainly left or the environment changed, we bought another tool and then we bought a tool for that, we bought a tool for that and then they have this kind of tool shed mentality where they have tools that don't even have people to run them, right? So you have that problem there, kind of tools need to be upgraded. And then you have this hot trend of observability on the app side where now you have new data coming in on the application side. Those are new tools, you got all kinds of stuff competing for that. How do you talk to that customer? Because this is what the customer hears, all this noise, all this action, they need to have it, they got to have the staff, they got to be trained up. What's going on there? What's your reaction to that? And how do you talk to customers who have this problem? Well, it's a big problem for them because, and by the way, when I speak to a lot of customers about cloud, they don't go to cloud because it's cheaper, it's not, it's actually more expensive. But they go to cloud to give them more agility because they want flexibility in the way they deploy applications as they go forward. And again, this pandemic has made a lot of companies realize they need to be more flexible in the way they deploy IT resources. I'm faster in the way they bring up new services and applications. And so, but there's quite a few elements, I say, of cybersecurity and networking, which to me and to us are just features. You shouldn't be buying 40 different networking and cybersecurity vendors. You just can't staff and maintain that. And so we do see some things consolidated and converging into a single platform. We're a leader in the magic quadrant for SD-WAN. We're a leader for network security. We're a visionary in Wi-Fi. And many of the times in each of those magic quadrants, it's a different vendor or if it's the same vendor, it's a different platform. For us, it's the same platform in each one. And we pride ourselves in building not only best of breed capabilities, but also it's the same platform, same management system, same API. And that gives the customer some capabilities in trying to manage that. What we say to customers is it's not a question of going from 40 vendors down to one. That's no good. But go from 40 vendors down to maybe seven right platforms, but make sure those platforms can interoperate. They can share policy and they can share threat intelligence. And that's why customers are looking to more of an architectural approach to cybersecurity, but also they feel cybersecurity and networking has started to converge at the same time. You know, one of the biggest stories we're covering these days in 2021, besides the pandemic and how people are going to come out with a growth strategy that's secure, trusted and scalable is the rise of the new executive in business and the enterprise where they're more tech savvy, right? You see executives like Saty Natel, Natel rise with the CEO of Microsoft, Andy Jassy rise with the CEO of Amazon. You're seeing lawmakers in DC become more techy, less lawyer oriented. So you're seeing the rise of a business techy person. And I think this speaks to this holistic fabric philosophy. You guys have as you talk to customers when they look at the business impact of cybersecurity, for instance, you mentioned SolarWinds earlier. I mean, these are deadly company killing events. This is real. So it's not just an IT problem. It's a business problem. How do you guys talk to customers? Obviously that you have the security fabric and you're stitching things together. What's the conversation when you talk to customers like that? No, one interesting thing I've noticed, and I did quite a lot of customer calls each week, executive briefings. And pretty early on, I noticed that both the infrastructure networking of the CIO team and the cybersecurity, the CISO teams were on the same video call. And that's got more and more as we've gone on. And I think what companies have realized is that if they want to move fast, they can't have these silos or this layering of capabilities. When they build something, they need to build it securely from day one and have that as a joint team. And so I don't think the teams are not merged, but they're definitely working more closely. And I think the responsibility of the reporting back into the board level again is not just, oh, this is an IT project. Oh, by the way, we've got a security project. It's the same project. And I think that's again, points to this convergence of networking and security. Yeah, the silos are got to be broken down. That's been a theme that's been more highlighted, more than ever, the benefits and the consequences of doing it or not doing it are clear to people, especially at all levels of the corporation and tech. That brings up my favorite conversations. I always ask you whenever you're back on theCUBE, giving me an update on what's going on with Fortinet, I got to ask you how it's going with data. Because data again, which is a consistent theme, we always talk about how we're exposing that data, how we're protecting that data. The role of data as people continue to get more data and figure out how to use machine learning, how to use AI, how to democratize it, all kinds of things are happening around data. What's the latest in your opinion? Yeah, I think there's progress, but I always say there's progress on both sides. The cyber criminals, big AI networks and machine learning just to counter what the cyber security companies are doing. I think right now we're processing hundreds of billions of events on a weekly basis. We've got the largest in store base of network security out there, over 500,000 customers. And so processing that event is going well in that we're able to determine really quickly for specific threat vectors and specific geographies that this battle good, it's a battle good file, it's about a good URL, it's a vulnerability that's associated with a severe. So we're able to kind of use machine learning and volume against a specific application to get a good result. The key going forward for us, and I think for the whole industry, is using the AI to start to discover campaigns in the wild like the SolarWinds ones, which is going on without anybody knowing. And that takes a lot of compute, takes a lot of threat intelligence and the AI piece needs to understand the relationship between the different elements of threat vectors, the command and control and everything else to get you that result. I do think a couple of things, one is the cybersecurity industry, and I've said this before on this broadcast, is I'm not walking together as I should and sharing this threat intelligence across the industry as soon as they find something. I actually applaud Microsoft on the SolarWinds side, they got information out really quickly and did well. And so we did the same. I think the industry needs to do more of that more proactively. And then I do think that, again, I see a lot of companies, cybersecurity companies claim a lot of things without any evidence that it works whatsoever. Yeah, they call them out. I mean, the world's got to call them out, the consequences of not having the things work as they're advertised and or sharing. Your point about sharing, there should be some recognition for folks that are actually being fast on the sharing side. It's not like, we need our own militia for against the bad guys. That's what's kind of going on here. So great stuff. I want to get your thoughts on the edge real quick. I know we talked about it briefly, broke it down to three categories, device users, network, and then apps in the cloud. The hottest topic in our recent Cubon Cloud Editorial virtual event we had was the edge. And edge being industrial edge and also just the edge of the network with humans and users and devices. How are you seeing the current situation out there, a lot of hype obviously, the reality of that, that we're in a distributed network, the internet and the web and the cloud. CloudNate is coming. What's Fortinet's thoughts? What's your thoughts on how the edge is evolving and what people should pay attention to when they look at, as they're architecturally planning for building out and managing and securing the edge? You know, given there's a zero trust conversation on users and devices, and given that people are familiar with the cloud and how they're going to use cloud, I think the network is becoming a really important, very important area. And some people say, oh, don't worry about the network, you know, just go to the cloud. The network is very important in providing that digital experience. But what's happening with the network is, it's being stretched, it's being extended into factories, it's opening up on the one side, you've got people now working from home, you've got that edge that used to be just the data center edge is now cloud edge and SAS edge. And so you have to pay close attention to those edges. And what you can't do is say, oh, well let's, I know I've got all those edges there, let me overlay some security on each edge because it's going to be different the way you deploy that on a WiFi device versus a cloud edge. And so what you need to look towards is convergence of a capability either at the cloud edge or the WAN edge or the OT edge. It's got to be converging networking and security. Otherwise it's too operationally inefficient, too complex to do. And so I think this is a really important subject and area for customers because as I said at the beginning, it provides that digital, we acquired a company called Panopter a few months ago which actually focuses on the digital experience monitoring marketplace. What are users actually going through in terms of availability and quality and performance all the way from their device all the way back into the application. I think that's going to be very important. And the network edges have to be secured but you can only do it through a convert solution. You know, that's a great point. You know, architecturally you might have a good technology or product look on paper but the complexity is the vulnerability. That's a really, really great point. John, always great to have you on. Thanks for coming on, sharing the update. Before we end, I'll give you a quick minute to plug the news you had. Quickly put a plug in for the release you guys just put out around the new OS 7.0, for the OS 7.0, the features. What's the most important point about that release? Share, take a minute to explain. Yeah, 40 OS 7.0 is our big release our operating system is big news because it allows us 40 OS to sit at any edge across the network whether it be the one edge, cloud edge, data center edge we've extended it into the cloud edge with Sassi in this release. We're also bringing in zero trust network access capabilities, but overall it includes 300 features across the network, endpoint and cloud. So a very important release for us and our customers and partners. John, great to have you on theCUBE again and get the news. You guys doing a great job. Congratulations on your earnings but more importantly, congratulations on the product success and how you guys are thinking about as a platform. That's what customers want and you guys are continuing to do a great job there and congratulations on the news. Thanks for coming on. Thanks, John. Okay, I'm John Furrier here inside theCUBE for a CUBE conversation and getting the update on Fortinet and cybersecurity. Look for our cybersecurity coverage on siliconangle.com and of course the CUBE's coverage continuing to talk to the thought leaders and the people making things happen securing our networks and our cloud and deploying cloud native applications. Thanks for watching.