 From Las Vegas, it's theCUBE, covering InterConnect 2017. Brought to you by IBM. Hey welcome back everyone, we're here live at the Mandalay Bay in Las Vegas for theCUBE's three day exclusive coverage of IBM InterConnect 2017. I'm John Furrier, my co-host Dave Vellante, our next guest here is Greg Pepper, head of Cloud Security Architects at Checkpoint Software Technologies. You got it. Good to see you gentlemen. Welcome to theCUBE. Thanks for having me. The company is big. You're seeing compels on networks. Every company out there is buying security, so there's been a securities sprawl. But now you guys have a stock that's trading at a very high 52 week high. Congratulations. Yeah, thank you. Some people forget about us. We've been doing this for 24 years. We've been the leaders in this industry for over two decades, but sometimes we're the best kept secret in the industry. So, I'm going to leave some of those secrets here. I know you guys are publicly trades. You can't go into too much secret sauce as a public company, but what's the software secret? Obviously, relationship with IBM is part of why you're here, but what's the checkpoint secret sauce right now? Well, I think first and foremost, we've built upon a legacy for the last 20 years. We didn't just acquire technology through acquisition, duct tape and paper clips and called an architecture for our customers. We've built upon a consistent common platform building on our core strengths. I think the second thing that really differentiates us from some of the other guys you mentioned is our commitment and focus of security first. We're a security company end to end and everything we do is built off of those tenets. And especially with the growth and security in the data center, this migration to cloud, the industry's kind of come back around to software. And though for a while, we delivered hardware appliance to customers because it was a preferred consumption model, when customers go to the cloud, whether it's SoftLayer, Azure, Amazon, Google and others, we don't have hardware to bring with you. So you need a software defined security strategy to play in the cloud today. What is that software defined security strategy? What's the hottest product that you guys have that's working best? Well, everything we have builds on our core competencies of management and the gateways themselves. But these days is not enough to just be a firewall vendor. So advanced threat prevention, the ability to both prevent and detect malware from getting on the network, rather than just alerting that something bad happened, or providing additional access controls with data awareness. I don't need to plug into the network to tell you people are going to YouTube, Netflix, but what's the information about your organization that's being posted out there? Those are the interesting things that we can help differentiate and alert customers to what's going on. So the perimeter is with the cloud, all these APIs, microservices coming down the pike with cloud, that's the challenge. I mean, this whole idea of being data and secure and software focused. How do you guys play in that world and what's this focus there? Well, the biggest change is moving away from the traditional management architecture to one that's driven by code. These days, especially in the cloud to be agile with DevOps, you have to have security be able to be deployed, program, manage, and monitor all through an API. And this is something over the last few years we've enhanced our products to enable automatic deployment in the cloud providers, automatic management, and also integration with people like IBM Q-Radar in a highly automated way. So the big discussion in the last couple of years in security has been, hey, it's not enough just to dig a moat around the castle. The queen wants to leave her castle, so we've got to, security's got to be everywhere, it's got to follow the data. And also response is another major focus of discussion. We've got to shift spending there. How is that impacted? First of all, you buy that. Second of all, how has that impacted your business and your strategy? Yeah, so we definitely do agree which is why as part of our end to end security strategy, the laptops, the desktops, the mobile devices is an area of increased focus for us. We really just having the traditional perimeter alone is not adequate. The second thing we started to talk about is the ability to move into the cloud. A lot of the competitive solutions out there don't play as well in the cloud because they're dependent on proprietary hardware. So if you're a vendor that has custom ASICs, well, you don't have those ASICs when you go to the cloud. Whereas for us, our software defined security strategy, when we go to Amazon, Azure, SoftLayer and other cloud providers, 100% of our core capabilities moves along with us. Okay, so talk that through the value proposition and the customer impact. So it's more flexibility. Is it lower cost? Is it speed? Is it better response? Well, I believe the primary driver for cloud adoption is agility, not always cost savings, although in some cases that is the case. However, the ability to grow and shrink on demand. In the past, our traditional enterprise customers would consume technology for their max resources. Right, if I'm a large department store, I need to be able to handle Black Friday. Well, that's one week a year that you need that peak utilization. So that ability to scale up and scale down is one of the major things driving people to the cloud. Well, security has to have the same model. We have to be able to automatically deploy, scale up for those large scale events, but then also come back down to an average runtime use to help customers save money. How about analytics? How does that play into the security business? Yeah, I mean, look, the whole reason we exist is to give interesting information for technology to be able to chew on. Right, and the ability to provide the forensic auditing accounting for access controls and for our threat prevention, whether it's on the perimeter, in the cloud, in the core, on mobile and endpoint devices, there's a reason that for 20 years we've been the lead in the industry is because we provide the best forensics data and integration with all the mating leaders, SIM vendors out there. You have a 20-year stare with Checkpoint. Obviously, the companies evolve a lot since then. Talk about their relationship with IBM. Obviously, we're here at IBM Interconnect. What are you guys doing with IBM? Yeah, I mean, IBM's one of our best partners over the last two decades. For over 18 years now, they've been a customer, a reseller, and a managed services security partner. So there's multiple organizations within IBM that have a relationship with Checkpoint to help secure the corporate assets, customer projects that are in managed data centers, or even just purely security-managed services. One of the exciting projects that we've been working on that was demonstrated at the security booth was an automated security deployment for the hybrid cloud where the IBM team worked with us to help take security, automatically roll it out into Amazon and Azure, but also bring it into their MSS environment. Their managed security services was zero touch and they're able to provision, have it managed, monitored, and ready to rock and roll in less than 30 seconds. And they were doing that all in software. 100% in software, 100% in code, with no human intervention. All right, so take us through some of those use cases going forward. So as you go talk to customers with IBM or on your own, you're on a lot of whiteboards, I can imagine. So what are some of the whiteboard conversations you're having? The security architecture is kind of a moving train right now, what are some of the patterns you're seeing right now? Sure, well, first and foremost, there's a lot of cloud novice. It's just new for all of us. So in the walk, jog, run mentality, we all need to come up with the basic terminology and fundamentals so we can have a more advanced conversation. Once we provide the basic knowledge transfer, the second step is how can you help me lift this legacy application and move it to a cloud-centric application, yet still give me the same levels of security and visibility, because I can't go to the board and tell them, oh, we screwed up, we moved to the cloud and now our apps are not secure. So matter of fact, for our largest customers, the most critical applications will not move to the cloud unless they have a clearly defined security strategy in place. So you lay out those parameters up front and you kind of walk through it, I'd say crawl, walk, jog, run, then jog. Absolutely. Oh, how have you had it? I mean, a lot of people are kind of crawling, but now also multi-cloud is a big theme here. Yes. So now you're looking at multiple clouds and some workloads might make sense for cloud one, two, or three, depending on the workloads, but some stay on-prem. 100%. And now you've got the true private cloud trend where I'm going to have a cloud-like environment on-prem, so that's cool. Development environment looks the same as the cloud, but I got multiple clouds. How do you guys deal with the multi-cloud and this idea of being consistent on-prem and on-cloud? Well, first and foremost, being a software-defined gateway, we have unique capabilities that's the same on-premise, Amazon, Azure, Google, Softlight, and others as well. Since we're not dependent upon hardware, we have consistent capabilities across all the clouds. The second thing I want to add is from a management perspective, we've built, excuse me, tight integrations with all the data center and cloud providers. So we're able to trust Amazon, VMware, Cisco, OpenStack, Google, and others, and real-time integrate their applications and objects and metadata into our security policies, further tightening the integration and automation capabilities between those cloud providers. So you're actively working with all the clouds to integrate in tightly to manage the security, so you've become the Switzerland for... Look, we were the first of the major security vendors to both be in Amazon and Azure. We were the first to achieve Amazon security competency. We were the first to support basic things like clustering and scale set support, which has been a very common deployment in the cloud as well. We've been in this cloud game for the last seven or eight years now. As I like to joke, we've got cloud uptimes longer than some of my competitors have been in business. And Microsoft was actually down in the cloud. We've published a report today on SiliconANGLE.com. Free cloud vendors down in a week. I'll give Amazon a little bit of a week there, but it's still, I mean, you're still going to see some of these bumps in the road. But security, you can't have bumps. You got to be rock solid. Well, the thing with today in cloud, whether it's the application of servers, the storage and securities, you have to anticipate for that total failure situation. Heaven forbid what happens if an East region went down. Case in point, when Amazon had their storage outage, Netflix was not interrupted at all. Now other organizations that were only deployed in a single region were impacted. So this is where I think from an application architecture, one, we have to think beyond single region, single cloud provider. We have to anticipate the total catastrophic failure and how does our business continuity and disaster recovery work? And then security has to be an integral portion of that. We can bolt it on after the fact, it's got to be part of the foundation. Great, great point. And by happy software, it gives you so much flexibility. I love that hybrid cloud example. But I want to get your thoughts on what you said earlier about lift and shift. That seems to be the parlance of the generation. It used to be rip and replace on the enterprise side, but that's not as easy as it is to your point. You can't just throw it to the cloud. You might have some gaps. As people look to lift and shift, which I always say is, be careful. You got to have some concerns. How do you advise your customers when you say, hey, we're lifting and shifting to the cloud? Well, for those people, I say don't bother, right? If I'm going to move the same applications and same products and processes from my private data center to the cloud, why bother? If we're not taking advantage of the agility, elasticity, automation, and all the benefits that cloud has to offer, companies should be building new cloud-ready applications for the cloud. We should not just be lifting our legacy applications and like for like, moving them to the cloud. Because we're not going to get the benefit in return on the best we can do that. And it's risky too, by the way. I would agree with you. So net new applications. No brainer. If the cloud's available, why not? Absolutely. So now let's go back to the workloads. Some clouds have better, like analytics use cases, a great cloud. Sure. Just throw IoT data into Amazon or Azure or Office 365 is Azure and Amazon gets Kinesis. Good stuff and you got Blue Mix over here. So you start to see that swim lanes of the different vendors. How do you view the differentiation between the vendors? And how do you advise customers that hey, Greg, I don't know which cloud to go to. What's your advice? Well, first and foremost, there's pros and cons to everyone's offering out. It's kind of like Red Sox Yankees, you know. Well, let's stop right there as Yankees for sure. Right? You think? Absolutely. You really think? Well, maybe not in 2017, but. Who's the Yankees? Microsoft or AWS? Really, I mean. You know, Microsoft is probably Yankees right now. Then again, for Microsoft as a Red Sox fan, I'd say, and it's a tough call. You know, Crustail is the Yankee killer. You know, you know. Anyway, let's go back to that. So what I was going to make a comment of is, look for the adjunct services behind the basics. Beyond the basic storage, compute, and networking services that everybody has as kind of table stakes. So for example, if you're someone who's a very heavy Microsoft Office 365 SharePoint user, you're using their business application suite, well, probably migration to Azure is a more natural transition. Right? People who are similarly in the Google environment and using the Google suite of applications, right? It's a benefit to moving the applications there. And to be honest, people who are purely just into the raw compute horsepower and they're probably the most mature and, you know, largest cloud platform. Well, Amazon has probably, you know, got a five year head start and the rest of the guys. So we try not to sit here and determine which of the three clouds is better, because for us, we play in all of them. And our security footprint has to be consistent across all of them. You know, I'll share with you an anecdotal use case, but one of my retail customers is building a commerce platform in AWS. But all the corporate applications are moving to Azure. And separately now, they're looking at Google for other global applications as well. So for them, they're going to be in all three cloud providers, just with different applications, finding more natural homes. Justin Youngblood was just on, he said, you know, IBM data said 70% of all organizations, 70% of the organizations have three or more clouds, right? Infrastructure clouds, right? So, back to sort of security, I mean, the market's booming. In a way, it's unfortunate that the market's booming. It's because it's such a huge problem that doesn't end. It's great for you. But you know, each year we look back at last year and say, okay, we feel more secure and we don't. So what's happening in the market? Are we finally going to get a handle on sort of how to deal with this? Or is it just always going to be this, you know, good guy, bad guy, leapfrogging sort of endless loop? Well, the big change these guys have, the bad guys are pros. This is their full-time job. They're very well-funded, trained, and able. They only have to succeed once. Well, remember, the cost of defense is exponentially higher than the cost of offense. So what it costs my banks and hospitals to secure their environment is 10 to 100 fold over what it costs the bad guys, either in the US or some other nation state, to attack those environments. I think the biggest challenge that most of our customers face, to be honest, is technology saturation. They've bought every product known to mankind. It's alley to joke. For every threat, there's an app for that. And most of our customers have bought all three of them. But then they struggle operationally with the technology. And this is more of a people-in-a-process issue than it is a product issue. There's a lot of great technology out there. Ours and other vendors as well. But if it's not implemented and maintained properly, those potentially represent the weakest state. And there's new threats emerging. Ransomware, for instance, is, to your point, they're over a man and the cost to even compare or defend against that, but they're already hacked. Now they'll pay the ransom in Bitcoin to get their stuff back. And look, it's cheaper, quicker, and faster than maybe just whack the system and try and do some forensics cleanup. Then deploy an next generation endpoint to try and detect and mitigate against ransomware, disk encryption, or other bots that may get on the endpoints themselves. I almost feel like the mitigation, I mean, you've got to have perimeter security, obviously, and continue to invest in that. But I feel like you're never going to stop somebody from penetrating your organization. What's the average status? On average, the company is penetrated for 200 and whatever, end days before they know, 220, 250, whatever number you want. So there's got to be more investment in remediating, responding, managing that complexity. And so I guess the answer to my earlier question was, well, not anytime soon, we're going to have to continue to invest in new approaches, new methodologies to deal with this inundation of data, which isn't going to subside, right? Well, but part of it too is in the past, most of the security controls that companies invested in, they put at the perimeter. So they're overprotected on the perimeter, but now the attacks are coming in through the side door, spear phishing attempts. Or internally. You know, they're coming in from laptops or mobile devices that leave the organization and come back in. And since most customers lack internal segmentation, a very small infection becomes a very big problem very quickly. So a lot of our customers now are trying to figure out, how do I take what I've done in the perimeter and treat my data center or my campus as untrusted? Segment in silo and create smaller fault isolation domains, said heaven forbid there's a breach or an outbreak, it's contained to a smaller sub-zone, rather than, you know, look at the target situation, which came in from an HVAC vendor, moved into a payment system, and then exfiltrated millions of credit card records. And or, not or, but and techniques to allow the response to focus on the things that matter. And like you said, organizations CISOs are inundated with technology and they don't know necessarily which threats to go deal with, right? They've got so much data and to the extent that they can narrow down those high value threats, you know, that's going to help solve the problem. That's why I was asking the question about analytics before. Well, that's where I think the partnership with IBM is so important for us, right? Cause both, you know, what they do with Watson and big data analytics and Q-Rator as well, it's one thing to just create a bunch of alerts. But for most customers, that's a lot of noise. Give me the interesting bits of information. I don't care about these 10 million alerts over the last week. One of the most critical things that my team needs to address right now. And those are the things that collectively, IBM and Checkpoint help us. So how about the competitive landscape? You guys are kicking butt, you know, you're well over a billion, what, $1.7 billion company, right? A little more of it, yeah. A little more than that. Almost a $20 billion market cap, which you said earlier, John. Stock's almost at an all time high. So obviously compete with Palo Alto. You compete with HPE, with Arcite a little bit. That acquisition, they sort of, you know, that's... You know, they ingest some of their core products that were competitive, like Tipping Point. Yeah, right. You know, they've kept some of their Arcite and other big data analytics. They drive service and storage and services out there. But they're as much a partner as they are a competitor out there. I mean, I would say the usual competitive suspect, some of the guys you mentioned, some of the big route switch vendors like Assisco or Juniper out there. Right, and actually we're in the endpoint in mobile space as well, which brings in the semantic and McAfee and Kaspersky. And so, right. Okay, so what's your big differentiation? So I think first and foremost is that we have an enterprise management solution that goes from the mobile to the endpoint, to the cloud, to the network. We do it all through a singular console. Right, we have the most scalable security platform in the marketplace today. And to be honest, we have the best security solution out there, both in terms of the effectiveness, as well as the manageability. And you're profitable and you're growing. I'm going to throw that in. We've been profitable since day one. Great, thanks for coming on theCUBE. Really appreciate it. Give you the final word on the segment is Outlook going forward. I'll say all the cloud vendors, you work with them all. All trying to be enterprise ready. Yes. And they're all with the enterprise cloud. Amazon is now the enterprise cloud. Google was flaunting it at Google Next. They got some work to do. IBM certainly is in the enterprise. Oracle's in the enterprise. Microsoft's in the enterprise. So enterprise readiness and the next few years as security evolves, what are the key table stakes that the cloud guys need to continue to work on, continue to invest in, continue to innovate? I think the first thing, and this is across all technology, not just cloud, is that interoperability is the new best of breed. All of our customers are going to have a couple of trusted partners. No one enterprises single vendor end to end. But we have to be able to play nicely in the sandbox. So whether it's working with Cisco or McAfee or Microsoft or Symantec, if I don't work well with the other investments my companies and customers have invested in, they're not going to have me around for very long. Yeah, and that's the truth. The multi-cloud world and workloads will fit best because the SaaS also defines some of these big cloud vendors as well. So Microsoft SaaS's Office 365, if you have Microsoft, that's going to be some things for you. Greg, thanks so much. Appreciate it, great commentary. We check point, software technology, talking security, head of architecture here. Greg Pepper, thanks for joining us. This is theCUBE, more live coverage here. Day three coverage from theCUBE after this short break.