Unlock the secrets of SASE and transform your network security landscape as MVR sits down with Carl Windsor, Fortinet’s Senior Vice President of Product Technology and Solutions. Windsor dissects the Secure Access Service Edge paradigm, offering a treasure trove of insights on integrating SASE with SD-WAN, reaping the benefits of simplified security deployments, and cutting operational costs. We journey through the maze of maximizing digital experiences and unravelling the true effectiveness of SASE, all while balancing the complexities of on-premises and cloud interplay.
As we explore the future currents shaping SASE solutions, Windsor brings clarity to the role of emerging technologies, from AI in managing complex SD Branch setups to the importance of consultative engagements in aligning security strategies with business goals. We touch upon the transformative impact of SD-WAN on the telecom industry and Fortinet's prowess in harmonizing technical innovation with organizational culture. Join us for an episode that not only demystifies SASE but also equips you with the knowledge to navigate the evolving network security landscape with confidence and foresight.
Unlock the secrets of SASE and transform your network security landscape as MVR sits down with Carl Windsor, Fortinet’s Senior Vice President of Product Technology and Solutions. Windsor dissects the Secure Access Service Edge paradigm, offering a treasure trove of insights on integrating SASE with SD-WAN, reaping the benefits of simplified security deployments, and cutting operational costs. We journey through the maze of maximizing digital experiences and unravelling the true effectiveness of SASE, all while balancing the complexities of on-premises and cloud interplay.
As we explore the future currents shaping SASE solutions, Windsor brings clarity to the role of emerging technologies, from AI in managing complex SD Branch setups to the importance of consultative engagements in aligning security strategies with business goals. We touch upon the transformative impact of SD-WAN on the telecom industry and Fortinet's prowess in harmonizing technical innovation with organizational culture. Join us for an episode that not only demystifies SASE but also equips you with the knowledge to navigate the evolving network security landscape with confidence and foresight.
We sit with customers, we understand the technologies, we understand what they require and we can change the roadmap very quickly to address something specifically that customers start asking for. So ask us, speak to us, tell us what you need. We will come up with the right solution. Whatever technology area it happens to be. I like to say we don't sell technology, we sell solutions.
Michael van Rooyen:Today I have the pleasure in having a discussion with Carl Windsor, the Senior Vice President of Product Technology and Solutions at Fortinet. We're catching up at Fortinet Accelerate 2024 in Las Vegas and we're going to talk all things Fortinet, but particularly around SASE. Carl, thanks for joining me at the podcast. Before we start, do you mind just spending a couple of minutes telling us a bit about your journey in the industry and your current role at Fortinet?
Carl Windsor:Yeah, thank you. Thank you for inviting me. I've had quite a long career at Fortinet. Prior to being here, though, I was working originally for a systems integrator, helping to build network tooling around data centers. I then ended up working for a data center and needed to look for a security product. That security product, after we evaluated lots of different products back in 2003, just happened to be a Fortinet. So I have a long career with Fortinet, as a customer, as a service provider, and then I joined Fortinet in 2006. And I've done various different roles, from systems engineering through to technical account management, short dabbling in sales, and then I left the dark side and moved into product management, where I am now.
Michael van Rooyen:Yeah, great, fantastic and you know spending the week at Accelerate. You know a couple of the key things that stood out for me this week, particularly a lot of discussion around SASE, a lot of discussion reaffirming the strategy for 14-inch a single vendor with single software and OT was a big topic of conversation as well. But I might just spend a bit of time on the SASE story if that's okay with you and kind of. One of the things that I've seen and you're probably dealing with quite regularly is SASE can feel a bit like a buzzword, heavy space and people think it's one product. In your view or in your summary, could you talk about some of the core benefits an organization can expect from undertaking a SASE, and all those different components of course, and do you know any suggestions on how they can measure the benefits of a SASE deployment?
Carl Windsor:Yeah, I mean, you're totally right. The whole concept of SASE is a little bit like zero trust, in that everybody thinks it's something different. So first of all you've got to understand really what you're trying to achieve and what your goals are, rather than worry about what the product's called first of all. So work out what you're trying to achieve and what your goals are. So, is it a remote access that's most important for you? Is it security, offloading security from on-prem to the cloud, and does that actually make sense for you? First of all, because there's a big discussion about moving everything to the cloud. We don't think that's the right way. We think that use it.
Carl Windsor:Putting security in the location that makes most sense is best. So if you have users at the network edge, you can look at putting security there. If you have remote users, then it makes sense to put that in the cloud, but don't have a product force the requirements that you have. So with our solution for remote access, we deliver security in the cloud. We can have thin devices that can route traffic and do security in the cloud. But for on-prem, the foundation of a SASE solution should be SD-WAN and with our SD-WAN solution we have security baked in. That's the FortiGate delivers security on and SD-WAN and all that functionality on a single device. So for us it makes sense to do security at the network edge, where the users are, and then integrate the two with a zero trust solution to connect them both together so your users that are off-site routing through sassy and then into the sd1 overlay. We think that's a better way of doing it because it allows you to keep security processing as close as possible to the users themselves.
Michael van Rooyen:Yeah, fair enough and that's a great point and a great approach to deploying it and in the experience and you get to see many customers from demonstration to innovation across many, many sectors has there been any kind of consideration on how customers are measuring the effectiveness after deployment? Is it going away from multiple tools into a standard platform? What are your kind of thoughts in that area?
Carl Windsor:SASE is all about simplification. It's about making sure that you deliver things in an OPEX-based model so that you're able to buy a solution and scale it on demand. That's one of the big benefits of SASE. The other benefits as well need to be the simplicity of management. So having one pane of glass that manages everything, that brings in all of the different technology areas from a firewalling, secure web gateway, casb all those different functions and have them managed in a very simple, easy to manage way so definitely the simplicity and the reduced operational costs are one big benefit there. There are other benefits as well, and when you bring in things like digital experience monitoring, you can then monitor performance right away from the client all the way to the cloud applications and give you visualizations of the benefit that you're getting from your SASE platform.
Michael van Rooyen:Yeah, excellent. And one of the big things is that real drive now into digital experience monitoring, into your client, right? So, single client to give you all those services. You know SSE type services, you know endpoint protection, but also digital experience monitoring is. You know, customers are really looking into that. Today Everything's in the cloud, but it's no longer in a single data center where you own and contain the infrastructure and can really diagnose it With loads moving anywhere. You know, having digital experience monitoring built in is such an advantage, right? So it's a true end to end. And off the back of that, as a senior executive within Fortinet and you get to look at lots of different product portfolios, but in the SASE space particularly, how do you envisage SASE and it has been around for a while. Gartner's talked about it for a while and the terminology came out a number of years ago. But how do you say, shape the future of network security and connectivity? And then, secondary to that, what strategic shifts can organizations expect from adopting SASE?
Carl Windsor:Yeah, I think it's a good question because everybody had a different idea of what SASE meant to them, usually based on where they'd come from in the industry. For us, sase is about the foundation of SD-WAN, together with SSE. Now we, as I said earlier, we're a little bit different because we have the ability to deliver secure SD-WAN. That's why we're market leaders in the SD-WAN space. But it's to bring in that SD-WAN and then the flexibility of deployment of the SSE functions the secure web gateway, the firewall, the next-gen firewall, the web filtering all those other functions when we're seeing the market going really is about.
Carl Windsor:For us it's first of all, flexibility. Again, I mentioned being able to choose where you deliver security but then just to turn features on, the ability to add more and more functionality as time goes by. We've already integrated digital experience monitoring, just announced as well that we're including browser isolation functionality in, and the big benefit of Fortinet here is because we've built so many of these products ourselves in-house. It gives us very good flexibility to be able to add them in turn, new functions on very rapidly and just allow customers to turn them on on demand as they need them.
Michael van Rooyen:So for us, we're in a very good position because of the number of products that we have, the fact that we've built them ourselves and then we can very quickly integrate them in a true sassy manner, rather than just feeling like everything's been bolted on through acquisition yeah, fair enough, and that was another good point I picked up this week is some instances fortinet has not really adopted acquisitions because of, possibly, the amount of complexity of trying to integrate into your platform what your platform's been designed from the ground up and sticking true to that kind of design concept from the start and and additional vendors or acquisitions, I should say to the mix can probably complicate it and you're trying to really avoid that, which I think is a great strategic move. On the back of your comments there, do you feel that customers who are adopting a SASE footprint or moving towards SASE do you feel it enables them to have more agility, scalability and competitive advantage against people who don't?
Carl Windsor:Yes, I think the answer to that is by being able to move to SASE. It opens up so many different opportunities. So it allows you to scale, it allows you to move, it allows you to integrate third parties. So if you're going through acquisitions, it's very, very flexible. But at the same time, we still need to understand that you still have the core networks, you still have the on-prem locations.
Carl Windsor:So, for us and cloud, of course, you know your cloud instances. So for us, it's all about having the flexibility to be hybrid. So if you're on-prem, you can use hardware and have appliances and a FortiGate UTM on-prem. If you're in the cloud, you can use our virtual systems and our cloud native firewalls. If you have a small site where you don't need the hardware, then you can put our extender and APs in and go for a thin edge type of solution. For us, it's about having the flexibility to deploy in the way that makes most sense, but then also be able to scale on demand and connect in new organizations that may be from acquisitions, and do that very quickly and rapidly. So, yes, definitely SASE will help with being able to turn things on rapidly and connecting rapidly, but a combination of that with the on-prem devices and zero trust, so that once you've connected users in, they can access the internal resources in the corporate networks. It's a combination of all those things that make most sense.
Michael van Rooyen:Yeah, and with the breadth of customers that you're engaging with, carl and I know that you obviously participate in a lot of demonstrations for customers and engagements with senior leaders Is there a particular type of industry that you're seeing adopt SASE Fastenalers, or is it a vertical of some sort, or is it just really spread?
Carl Windsor:That's a good question because I always, when we were originally doing the specs for building this and planning out how this was going to be, we always thought it would be the kind of mid-enterprise the people who maybe don't have the skill sets that they need or the number of heads to manage the network. We're actually seeing all kinds of organizations embrace SASE Definitely mid-market for sure, but also large enterprises, finance organizations, and I think that part of the reason is digital transformation. There are organizations that are moving very rapidly. They've adopted cloud technologies. They like this type of technology that is OPEX based, it's on demand and can scale. And because it then does allow these kind of transformations, the acquisitions, the M&A that can very quickly just bolt in these new acquisitions into a consistent security policy and the same security that they have on-prem, they get delivered in the cloud. That really resonates Simplicity and management wants security everywhere and it's all the same 40OS security everywhere.
Michael van Rooyen:And that's a fantastic point. Our organization's tagline is securely connected everything, and certainly with SASE. Our branding for SASE particularly is securely connected everywhere, which is really summing up that capability and you do touch on a good point of a wide range of customers. It was quite interesting to see at some of the sessions over the last few days quite a few educators and education institutes are on their journey to SASE as well for supporting students as well as educators yeah, we've got a great use case.
Carl Windsor:One of our largest customers actually is a group of schools and they have Chromebooks, so they use kind of proxy services for security.
Michael van Rooyen:What are you seeing in the IoT OT space? I know that's a big market but you know, are you seeing SASE blend part of a role in IT and IoT?
Carl Windsor:Absolutely, I mean OT has its own very specific set of security requirements. So we do still see a lot of on-prem requirements for OT, the fact that the FortiGate is OT aware. We understand the protocols, we understand the threats against OT devices so we can do things like virtually patch devices. So if there's a vulnerability that's out there we can virtually patch and we can protect them even though they haven't yet been updated, which may take longer in an OT environment. So that does lend itself very well to physical appliances.
Carl Windsor:But then for things like remote access for accessing management systems, we're seeing a move in OT for moving some of that technology to the cloud. So then having the ability to access all of that infrastructure in a secure manner, it makes a lot of sense then to use sassy. So remote access into the network from home or whilst remote would be over sassy maybe keep the physical appliances to protect the ot devices themselves and maybe, like an energy and utilities sense that might be, the power distribution location would be protected by physical appliances. The cloud would have cloud fortigates. We'll use sd1 to connect them all together and then, with SASE being the access method, you can use technologies like ZTNA to give access remotely. So it definitely blends well. But again, I still think with OT the hybrid type of deployment really does lend itself well because of the ability to secure the devices locally and then virtually patch with things like OT yeah and you've touched on a couple of great ones there and we see that commonly as well you know not being able to deploy an agent onto devices.
Michael van Rooyen:Customers really want a lot of sensors and we know sensor data is growing.
Michael van Rooyen:I think some of the data you were sharing this week was around kind of 50 billion IoT devices.
Michael van Rooyen:Of course, a $20 or $30 device that does temperature sense centering or water level centering has no ability to have an agent on it.
Michael van Rooyen:So really that's still needed, that secure infrastructure for that network connection, whether it even just be as simple as an access point part of SASE that has the same policy.
Michael van Rooyen:You know filter rule and you did touch on a great one which we see, probably one of the big drivers in OT, whilst they're not adopting or not needing the ability to have as many remote users, but the ability to connect back in via SASE, via the cloud and then adding the zero trust, as you said, from a posture and an authentication point of view. We've seen customers look at that for having multiple contractors look after facilities which is in the same network, but they're able to say integrator, one can touch their devices via secure private access and by policy we can have another provider go to the same network but they're able to say integrator, one can touch their devices via secure private access and by policy we can have another provider go to the same network but just touch their devices. So it's really filling that use case and that whole lifecycle On the IoT side, there's some really cool use cases for SASE as well.
Carl Windsor:So if you have, for example, car power charging stations, now quite often they're offering things like guest wireless access, so while you're just sat there you can charge your car, gain wireless access. So in those kind of cases we're seeing the companies embed technology such as a thin edge device that gives 5g connectivity or wired connectivity, but then they send the traffic back to sassy so they can send telemetry back to their networks over sASE, or they can just secure the customer traffic and provide web filtering to make sure it's not being abused. So some great use cases, particularly these kind of OT IoT crossovers.
Michael van Rooyen:I haven't heard that one. We're in Australia, we're deploying a lot more charging stations and obviously electric vehicles are growing in numbers. But that's a great use case, particularly if you're thinking you're sitting in the middle of a desert type area where you're getting charged. But how do you do that right? As a connectivity, from your experience and talking to customers over the years, what are the common kind of misconceptions that customers have regarding the capabilities or limitations of SASE?
Carl Windsor:I think the biggest misconception really is about what is SASE the fact that sometimes, when SASE originally came about and everybody was talking about it, everybody claimed that their solution was SASE. Now, for us, we tried to change the definition or at least make it clear that for us it's universal SASE. That includes SD-WAN as the foundational point and it includes the core technology areas such as secure web gateway, remote access, secure private access, those kind of things. I think the misconceptions come about from the fact that the assumption is that, oh, the cloud can do everything, send everything to the cloud, and you don't need any security on-prem. We don't believe that at all, because if you've got an on-prem network, you still have requirements for things like internal segmentation. You need to protect between your departments, make sure malware isn't getting from the HR network to the developer's network.
Carl Windsor:There's lots of requirements for security on-prem. So SASE doesn't negate the need for security on-prem. So that's one of the big misnomers that we try to deal with. It's trying to educate that with Fortinet you've got to have SD-WAN, and when you have SD-WAN you've got to have security as well. That then brings us back to the point that it makes sense to put the security and the compute at the network edge, and that's exactly where Fortinet sit is being able to deliver that, and that's what gave us the Gartner Magic Quadrant. We're a good SD-WAN vendor, but we're brilliant when you add in that security function as well.
Michael van Rooyen:It's a great call out there that I think the big misconception is, as you said, two parts that we commonly see is not understanding actually what it is. We've had customers say sell me SASE or would like to buy SASE, and it's kind of as you started the beginning of this conversation, what problem are you trying to solve? Right, they have this vision because the industry has been that way for a long time. It's a product name and I'm going to buy one of those, but it's obviously a framework. And then there's other vendors, integrators and partners out there that try and say, by moving into the cloud and secure cloud, everything's going to be solved. But you know, we just touched on it, an IoT device. You can't do that right With that exact case.
Carl Windsor:Yeah, I totally agree. When people are coming to us and they're saying we want SASE, it's almost the wrong place to be starting. We say no, tell us what you need, tell us what you're trying to achieve and we'll explain what the right solution is. And quite often it is what you would normally call SASE, but sometimes it will be yeah, but you need to do that in a slightly different way to achieve your goals Almost. I think the name is a bit of a distraction. I'd much rather talk about what you're trying to achieve first and then we propose the right solution.
Michael van Rooyen:Absolutely, and even when we were mapping it out over the last 18 months in our organization for supporting customers on this journey, sd-wan was a big success to lead to it. And Even just the 40 client which provides you you know this SSE services to the cloud, you know that is really sassy already. I mean it's one part of it, but you can tick a box and say I've got sassy right, but it's not the full stack enough. Casb, you don't have a zero trust, et cetera. So I think Gardner really helped us, you know, set a new standard for where we should secure hybrid working and all that Re-education I think is happening now because people are at that, that tipping point of adopting it.
Michael van Rooyen:I'd be interested as well, carl, and when you're having chats to customers. There was two schools of thought a while ago around security is. Some were going to go single vendor because it gives us end-to-end integration and all the benefits that come with it with a single vendor. But you also have quite a few traditional security people who still think you might need dual vendor, dual stack. Are you seeing that still commonly or you still seeing a bit of a mix?
Carl Windsor:We still see that. But I think what we're starting to see more and more again is what is the outcome for using a group of security products and we build a platform, a platform of multiple products that integrate. We're not saying you have to always use those, but what we're trying to do is to take the you know plethora of products maybe an organization might have 50 plus products and to choose a group of vendors that have a platform, a platform that integrate the product. It doesn't have to be just us, it can be someone else. And the reason why we see that's the right thing to do is because the platform players like fortinet, the products intercommunicate, they share, share intelligence.
Carl Windsor:I sometimes give a couple of examples here about our fabric or our platform where, by connecting in, for example, the FortiGate, the switches, the access points and the 5G connectivity, together with the SD-WAN, which is native to FortiGate anyway, what you're getting is really a one plus one equals three kind of scenario. So you're pushing the security from the FortiGate to the switch ports. Now you could go for a third party switch vendor or third party wireless and there's plenty of them about. But by using Fortinet, traffic between the switch ports can be security checked and if we see, let's say, a piece of malware emanating from one of the switch ports to another network, we can then stop that from happening in the first place and then quarantine or move that user into a remediation VLAN.
Carl Windsor:You don't get that with standalone products. You do from a platform provider like Fortinet. So that's one of the biggest benefits that I think the fabric brings. Then we know we're not the only vendor in the game here. So if we see that malware, you might want to say, well, okay, I've also got Office 365. So you can use our SOAR technology to take the signature of that file and then go to Office 365 and look in all of the inboxes to see if that's anywhere else. A platform player like Fortinet, who one integrates their products but then has integrations with third parties, is really important.
Michael van Rooyen:That's a great point. We talk about SASE being multiple components, right? Zero Trust, casb, secure Web Gateway, sd-wan. Are you seeing and I know we talked earlier around quite a breadth of customers across different industries adopting or moving to SASE? Do you see, at this stage, customers adopting one of the services more than the other? Is it kind of everyone wanting secure web gateway or wanting one component of SASE today with the intent to obviously adopt more later? But is there kind of one that sticks out to you?
Carl Windsor:Yeah, I think the one that is quite popular is secure private access. So you know they've got a network, maybe they've got an SD-WAN from Fortinet, but they have applications that they want to secure. I think a lot of organizations have started to move to the model that their applications are located somewhere, like in the data center, their data center, in the cloud, maybe lots of different places, but their day-to-day working network could be anywhere. You could be in Starbucks, you could be at home, you could be on-prem, but treat the network almost as just an insecure network. But then the applications they want to allow you to access through that secure private access connection.
Carl Windsor:For me that's one of the largest areas on the sassy side, because we're talking about sassy, we're also talking about sd1, the other area that I think we see a huge amount of growth in and we've just been put into the gartner, into the leaders quadrant, for this is the secure access layer. So going from SD-WAN at the site to adding in the switches, the APs and the 5G connectivity, so to deliver what we call SD branch. So that's all kind of part of the universal unified SASE solution.
Michael van Rooyen:How do you see SASE evolving over the next few years and what impact will that have on by the tech industry, but also for customers?
Carl Windsor:I think really what we're going to see now is a maturing of the industry. We think we're pretty well ahead of the curve here because we've got the connectivity methods, which are the on-prem. We've got the clients working from home can connect in, we've got the secure remote access solutions, we've got thin edges, so we've got a very mature connectivity into the platform. I think we're well ahead there. We're also quite mature on the other side, which is CASB, ztna and all of those functions. So I think there's a little bit of a catch-up in the industry for everybody to mature to the same level of functionality, the scalability, the numbers of data centers of kind of where people have traditionally sort of battled it out and we're in a similar space there.
Carl Windsor:One different differentiator, though, of us against the competition is now we do have a kind of hybrid model where we own our own data centers and we do use GCP where we're not in any specific location. We do think that's kind of giving us a little bit of an edge because we control the price point, we control the performance of the data centers, so it does give us some benefits. So I think that's one area we've got a little bit of benefit Over the coming years I think we're going to look for. There's going to be more and more technology coming into the SASE stack more functionality, different areas, the cloud management functions. So I definitely think there's growth to be had there. And then things like billing models as well how to simplify billing models, so bringing in maybe the on-prem components into an OPEX-based model. I think is going to be a network as a service kind of method.
Michael van Rooyen:And just to getting close to wrapping up, off the back of that one particularly, do you see any emerging technologies or trends and I know that you follow that closely with your role that you believe it will significantly impact the future of deployments of SASE solutions?
Carl Windsor:I think one of the biggest areas that may have some impact are going to be just the huge adoption of cloud applications. I mean, that's one of the biggest drivers anyway, but I think we're seeing that grow more and more and that's moving more and more. I speak to some customers, particularly in the finance industry, and they can have upwards of 9,000 applications. I think I think the biggest I've ever seen was over 10,000 applications. The move of those applications to the cloud is really what's going to drive the industry. Ztna as well, the Zero Trust, adopting a Zero Trust methodology Everything that we do now is based on Zero Trust methodologies.
Carl Windsor:So I think those two together are probably going to be the biggest drivers coming up. So definitely those two sort of segments will be driving decisions that we're making going forward. Obviously, there's always other technologies that Fortinet have within our portfolio that we're adding in, like we've done with browser isolation, but things like, you know, privilege access management for access into certain resources, our WAF capability, for if you're exposing internal resources Now, I can see all of those would be in areas that just become a standard part of the SASE portfolio at some point. Yeah, I can see all of those would be in areas that just become a standard part of the SASE portfolio at some point.
Michael van Rooyen:Yeah, that's some great examples and we've talked a lot about the benefits of SASE. The key drivers are customers, but you know, I know that you obviously spend a lot of time talking to senior executives internally, but also with customers. What are the leadership qualities that are essential to drive the adoption of SASE? How would you suggest that the drivers are to adopt it, as well as extending that to more of a security-centric culture within an organization?
Carl Windsor:I think the first thing really is to understand what you're trying to achieve. Don't just follow the kind of standard I need SASE. It quite possibly is SASE that you want, but really you need to define exactly what you want to achieve, because not all SASE vendors are the same. Not all SASE vendors do things in the same way. First of all, document exactly what you're trying to achieve, what your goals are, what the success criterias will be, and let that drive how you deliver. Could just be a SASE solution, but with the flexibilities that Fortinet have of delivering a hybrid solution in the cloud on-prem, that Fortinet have of delivering a hybrid solution in the cloud on-prem, we can always come up with a solution that delivers what you need, not just ticks a box for yes, it's SASE and that's what I think I need. So definitely let your requirements drive the solution rather than the other way around.
Michael van Rooyen:And I suspect, sase aside, knowing that you've been dealing with cyber for quite a long time, that would probably be the same advice you would give technology leaders navigating you know complexity of security networking, including SASE. Overall, that would be the same sort of advice that you give customers.
Carl Windsor:Yeah, absolutely. I mean one thing Fulton and I like to do is sit and understand customer requirements, talk to the customer, understand what they're trying to achieve. We do this a lot. I'm on the product management side. We sit with customers, we understand the technologies, we understand what they require. Side, we sit with customers. We understand the technologies, we understand what they require and we can change the roadmap very quickly to address something specifically that customers suddenly change and start asking for Ask us, speak to us, tell us what you need, we will come up with the right solution. Whatever technology area it happens to be. I'd like to say we don't sell technology, we sell solutions. It really comes back to that.
Michael van Rooyen:Whilst it seems quite simple, you know, the ability to have an engagement with the customers to really tease out what they're trying to achieve, right, that consultative step I think sometimes missing out on industry, which is really a key, fundamental you keep saying, which is what problem are you trying to solve? What don't you know about? Even visibility is a good one, right? People don't have enough visibility on what's on the network and you need to start at the grassroots on those sorts of things. And one final question before we wrap up and this is not a SASE specific question, it's a more generic question for the guest Can you tell me about your biggest technology change or shift in industry that you've personally been involved with or you've seen as the biggest shift in our industry?
Carl Windsor:Oh, that's a good question. I've seen several shifts since I've been in the security industry. There's a very big change. It was a big change in the industry but wasn't that much of a deviation from what Fortinet was already doing, and that was SD-WAN.
Carl Windsor:Sd-wan had a massive impact on, obviously, telcos because they went from MPLS to broadband. Some people sort of grabbed that with both hands and said, well, ok, that now means I can sell more broadband connections, but it was at the kind of cost of some of the MPLS revenues. But for Fortinet it wasn't a massive change because we were already doing we used to call it link load balancing, and then we'd added additional functionality. We were already doing SD-WAN. So that was a big change in the industry Before us. Actually it was a relatively minor kind of tweak to what we were already doing.
Carl Windsor:But the big big changes obviously around right now is AI and how AI can help us, and some of the things that we've announced here and some of the technologies we've got coming down the line are going to make massive changes with regards to automating configuration, giving recommendations and then just being able to. I mentioned SD Branch earlier, which consists of your FortiGage, your SD-WAN APs, switches, 5g, sometimes having the skill sets to manage all of those technology areas can be a little bit tricky. With AI you can just use natural language queries to say why couldn't Carl connect to the Office 365 at 9am this morning? And we'll parse the logs, we'll identify and say well, it was rf interference or it was a problem with the application.
Michael van Rooyen:The things that ai is going to bring to us are just huge yeah, look, I completely agree, and closing comment would be one of my earlier interviews we talked a lot about and you've kind of touched on it again is that, you know, english is really going to be the new programming language, right, being able to structure questions correctly, and obviously there's a lot of discussion about prompt engineering, right. So it's definitely an interesting world we're in today, carl, I really appreciate the time, particularly on how busy you are with Accelerate. So thanks for having the chat. Brilliant to be here, thank you, thanks.