 Live from Orlando, Florida, it's theCUBE, covering Accelerate 19, brought to you by Fortinet. Welcome back to theCUBE's continuing coverage of Fortinet Accelerate 2019, live from Orlando, Florida. Lisa Martin with Peter Burris, and we're pleased to welcome back to theCUBE one of our alumni, John Madison, the executive vice president of products and solutions from Fortinet. John, it's great to have you back on theCUBE. It's great to be here again. Lots of momentum that Fortinet is coming into 2019 with. I can't believe we're in April already. Lots of growth in revenue, product revenue was up. You guys talked about the expansion of the partner network. We've had some of your fabric ready partners on already today. You talked about this third generation insecurity, how Fortinet is uniquely delivering that. For our viewers who weren't, didn't have the opportunity to attend your keynote, kind of talk to us about that in this hybrid world, but how is Fortinet delivering this third generation? What makes you guys different? Yeah, so we talk about the third generation. Now everyone has different generations, that's fine. We call it the security-driven networking, and it's really the genesis of Fortinet for a long time in bringing together networking and security into one place. I think these days or in the past, people have built out the networks of the network layer, and they try and connect users and applications, and they go, oh, wait a minute, there's some security over here and a bit over here and over there. In our mind, start with both. Start with a security-driven networking concept, make sure it works end-to-end, and that'll be the most sophisticated, most secure application and network you can have. And what enables Fortinet to deliver this uniquely? Because a number of times today, and Ken's keynote, I think Patrice as well, I can't recall if yours, competition came up where the audience was shown the strength in numbers that Fortinet has, so what makes you guys unique in what you're delivering? Well, one of our key differentiators from the start has been making sure we can run routing stacks, sometimes today referred to as SD-WAN stacks, also security stacks in a very small footprint. And to do that, you need to spend a lot of money on what we call security processors, which go inside our appliances to make sure that runs very fast. But having said that, I definitely think customers are going to be in a hybrid world forever, for a very long time at least, in any way, where not only appliances, but also virtual machines and API security. And we also talk about this fabric concept that enables to cover the incomplete digital attack surface. So those are very important points. And we find a lot of customers now agree that they want to consolidate, they want to make it simpler. They need to move faster to this digital world. And the only way you're going to have to do that is through a consolidated approach. So let's build on this. They want to consolidate, they want to make it simpler, more common in policies and management. Now along comes the edge. What's the dynamic there? Well, what's happening is, a lot of people refer to the perimeter disappearing. Okay, and that's happening to a certain extent because data's moving into cloud, you've got different WAN implementations. But what's happening when you do that is you're creating new edges. A really good example is SD-WAN, which used to be very closed off. The WAN used to be something that connects branch offices back to the data center, and nobody got involved in that. Well, now you're opening up that WAN to different types of transport mechanism, you're creating an edge. I always refer to these edges as being created by different trust levels. There is maybe a secure trust level here, less trust here, it creates an edge. And you absolutely need to protect all those edges. But give us an example of that. So for example, when you say differentiated trust levels, my edge might be at a customer location. Is that kind of what versus my edge might be at a branch office? Is that what you mean by a different trust level? Push that concept forward. Kind of, it's more, for example, I've got a branch office and I've got one connectivity going back to my data center that's encrypted and secure, but I've also opened up connectivity at the internet. The trust level between that encrypted link and my connection to the internet is very different. The internet's open, anyone can see there. So that trust level between those two is very different and that's what creates the edge. And so therefore that becomes a key feature in how we design different edge implementations. It is, it's also a key requirement on what type of deployment mode you use. We have appliances, we have virtual machines, we have clouds, containers, APIs going forward. I'm finding that customers are still very reluctant to put software implementations of firewalls against the internet. Appliances are hardened, they run faster. Having said that, inside the cloud obviously and inside software defined data centers, virtual's fine. What are some of those customer concerns that you're hearing? Well, I think what happens is, you know, if you're putting a piece of software against the internet, it's open to all sorts of attack. It's the same as giving IP addresses to anything inside your factory, that creates an edge as well and you need to harden that edge against that threat. And how can SD-WAN help? Why is this such a crucial component of digital transformation? You know, sometimes markets are overhyped. I remember that the CASB marketplace a few years ago, it just was a feature, to be honest. I think SD-WAN is extremely important. The reason it's important is the SD-WAN controller. That controller eventually tells users and devices how to get to the applications. And so I tell customers, that investment for you is extremely important. You need to own it, you need to make sure it's flexible, you need to make sure it's secure. And so I think the SD-WAN marketplace, or one edge is the kind of larger term for it, is extremely important investment for customers. Do you anticipate that, I mean, you guys invested, you guys put forward a lot of products, made a number of different announcements. Again, going back to that notion of simplicity, that notion of consolidation. What is the breaking point for your typical IT group in terms of the complexity that they can accommodate and absorb when we start adding additional function within the overall network, especially from a security standpoint? Well, I think it's a bit broken already. They're really struggling to keep up. From our perspective, today we announced our 40OS 6.2 is our major operating system. And what we try and do is consolidate functionality as much as possible. Inside our fabric, through a single console, through a single operations capability. So it's easier for the operations people, for the security people to implement things and find information. We're also implementing automated mechanisms like security ratings, which will do a background run of best practices, for example, that make it again easier for those teams to run a full analysis of what's going on. So was it about 300 features? Roughly. Roughly three. I counted them individually. Good. We'll do a recount of that. Okay, all right. But a tremendous amount of feature addition to 40OS announced today. What are some of the things, business outcomes? Peter and I were talking about outcomes with several of our guests earlier. Business outcomes, new revenue streams, new products going to market faster. Also being able to become less reactive, maybe more proactive in terms of security threats. Can you walk us through some of the outcomes that 40Net customers can expect to achieve from some of the OS announcements and enhancements? Yeah, we already talked about one, which was the consolidation, which means they can do multiple things with the single platform. That's an important one for them. Also, some of the cost savings around that, some of the operational cost savings. I think also for our partners, for example, they like the fact that we keep adding services on top of that fabric. They can take those services, then apply them to their customers and make sure they can add value inside as well. So there's two angles to it. The one is making sure our customers are better protected, they can consolidate, save money, invest, have better training, and then to our partners so that they can provide more value to their customers. So one of the things we were talking to Ken about is the fact that you have invested in ASICs and security processing units and content processing units, et cetera, that are capable of accelerating the rate at which these crucial security algorithms run that opens up, that creates additional capacity to add more function both for you as well as your partners. Are you starting to see some of your ecosystem grow faster as they better exploit that inherent power and performance that you have within your appliances and devices? Definitely. I think we're seeing new partners come from new areas. It also fragments a bit and that's why we announced this new partner initiative going forward, which is a bit more customizable. But I do think that going forward, both our customers and our partners are looking for more of an architecture approach. Again, if you go back five years, here's a box and off you go and then install it and we're good. And again, when you saw those security threats, yes, we produce a point solution to fix it and we keep moving on. They're now looking at architectures over the next five years. And not only just cybersecurity architectures, but networking architectures, storage architectures, and all coming together. So we definitely need to train our partners. I think here we had over 50 of our, what we call network security expert eights. It's the highest level of architecture and half of them are partners. But going forward, we see much more partner involvement in an architecture approach and our customers want that because they don't want to have a point solution that's out of date in a year's time or a new threat comes along and makes it redundant. So how are you, you mentioned network security and storage. What other things are starting to inform that architectural approach that you're taking? It's everything now. So the factories now are completely automated. All the different utilities have IP addresses or running almost all the way down to the endpoint. Just everything has more flexibility and it's more open. And so definitely all of that information's bouncing around inside IoT devices, inside the WAN, inside data centers, and all that data needs protecting. That's the key, you're protecting the data. And to do that, again, we keep saying you need to have an integrated approach to networking and security. How does the customer work with Fortinet and your partner ecosystem to achieve that integrated approach? Assuming that there is a, you know, an enterprise out there that's got a spectrum of hybrid multicolline environment with a spectrum of security point solutions pointed at different components of an infrastructure. How do you help them on that journey of taking the many disparate security solutions and leveraging the power of Fortinet and your partners to get that integrated, truly integrated, consolidated view? It's a couple of steps, maybe many steps. The first one is customers don't want to throw everything out straight away. And so what they want to do is be able to integrate and connect. And so we have some of our partners here, for example, our fabric ready partners. We have connectors we build into their platforms and orchestration systems. And that's their first step. Once they get there, they start looking across to see what they can consolidate. So can they take a specific solution from this and bring it inside? And then eventually, they start to look at the long-term architecture if they're moving apps to the cloud or they want to open up their WAN or they want to provide kind of SD functionality inside their branch. And so it's definitely a phase approach. I don't see many customers, some customers could take an application and create it from scratch inside the cloud. They can't do that with their infrastructure. They can't just completely wipe it clean and start again. It's definitely more of a phase approach. So as you think about the phase approach and you talk, we heard from the sales and support side, the notion that the SPs, the service providers want greater customization, the enterprise wants a different level of access to the core technologies so that they can do, not customization, not exactly, I don't remember exactly what the term was, but what degree will customers retain control over how that architecture gets implemented versus what degree is it going to get baked into the stack itself? A bit of both, I think, for most customers, they're running towards a digital platform and they need to own that digital platform. If they give up complete control, how do they control their destiny going forward? So they want to own the digital platform but they haven't got the resources to do everything. So they'll outsource some to service providers like Arias, some of their partners, for example. But again, I keep coming back to this. They want to get to a point in five years time where they've got a digital footprint that's very flexible but they also want to make sure it's very secure because as you open up that digital footprint, you're opening up all these different edges inside the network. And it's coherent, which is the architecture approach. Because if they don't have a coherent approach to doing it, they don't know what interfaces are or are not competent and that includes interfaces with partners. Yeah, they have to look forward and say, I'm going to implement XMAT in the cloud, I know I'm going to have some edge compute going on here. I want to make sure my branches have the best quality of service for these certain applications that go back to this. So they will look at all those parameters and then architect something from there. So I know that security, network security, app security, info security, cloud security is our imperatives for every industry. But I did notice that the breakouts today feature, I think there's a couple of vertical features, healthcare, financial services, retail. I'm just curious, are those just great use cases that show the potential and the power of 40 Nets technologies? Or are those industries that are either early adopters or maybe more leading edge because they have such a tremendous amount of data that needs to be secured as their ecosystem does this? Yeah, so the industry verticals, I think for the very large ones, they're very similar. All of them have IoT that's expanding. All of them want to have a flexible WAN system. All of them have got some compute power in the cloud and the edge going forward. So I know there's differences in industries for the very large enterprises. The problem seems the same. There's huge organizations and they have all of these things going on and each trying coordinate. As you come down to mid-enterprise, I think there's more reason to consolidate but you see more differences in the way they approach things. Like healthcare that really, really focused on that. Healthcare kind of security of devices inside the hospitals, et cetera. Education, oh, they need to connect in these big data banks and transfer the research information. So big organizations, I say, pretty much the same problem. Midsize organizations become more relevant to the specific industry. Well, John, thank you so much for carving out some time to speak with Peter and me today. We appreciate that and it's exciting to see and feel the momentum that 49 is bringing into 2019. Well, thanks for inviting me. Our pleasure. We want to thank you for your time as well for Peter Burris. I'm Lisa Martin. You're watching theCUBE.