Enterprise Strategy Group | Getting to the bigger truth.TM

Posts Tagged ‘F5 Networks’

The Smart-Fat and Smart-Thin Edge of the Network

Wednesday, November 17th, 2010

Take a look at ESG Research and you’ll see a number of simultaneous trends. Enterprises are consolidating data centers, packing them full of virtual servers, and hosting more and more web applications within them. This means massive traffic coming into and leaving data centers.

Yes, this traffic needs to be switched and routed, but this is actually the easiest task. What’s much harder is processing this traffic at the network for security, acceleration, application networking, etc. This processing usually takes place at the network edge, but additional layers are also migrating into the data center network itself for network segmentation of specific application services.

Think of it this way: There is a smart-fat network edge that feeds multiple smart-thin network segments.

The smart-fat network edge aggregates lots of network device functionality into a physical device, cluster of devices, or virtual control plane. This is the domain of vendors like Cisco, Crossbeam Systems, and Juniper Networks for security and companies like A10 Networks, Citrix (Netscaler), and F5 Networks for application delivery. These companies will continue to add functionality to their systems (for example,  XML processing, application authentication/authorization, business logic, etc.) to do more packet and content processing over time. It wouldn’t surprise me at all if security vendors added application delivery features and the app delivery crowd added more security.

Once the smart-fat network edge treats all traffic, packets and content will be processed further within the data center (i.e., smart-thin network edge). This will most likely be done using virtual appliances like the Citrix VPX. Why? Virtual appliances can be provisioned on the fly with canned policies or customized for specific workloads. They can also follow applications that migrate around internal data centers or move to public clouds.

A few other thoughts here:

  1. I’m sure we’ll see new startups focused on smart-thin virtual appliances but I don’t expect them to succeed. Existing vendors will simply deliver virtual appliance form factors and dominate this business.
  2. Legacy vendors have the best opportunity here as many users will want common command-and-control for the smart-fat edge and the smart-thin edge. Nevertheless, this further network segmentation does provide an opportunity for aggressive vendors to usurp customer accounts and marketshare.
  3. Smart-fat edge systems are delivered as physical devices today but this isn’t necessarily true for the future. I can see virtual appliances with horizontal scalability running on , HP, or IBM blade servers in the future.

The smart-fat, smart-thin architecture is already playing out in cloud computing and wireless carrier networks today and I expect it to become mainstream in the enterprise segment over the next 24 months. The technology is ready today but many users have no idea how to implement this type of architecture or capitalize on its benefits. Vendors who can guide users along with knowledge transfer, best practices, and reference architectures are most likely to reap the financial rewards.

Final thoughts on Interop — and Las Vegas

Friday, April 30th, 2010

Okay, I’m back in sunny Boston after four days at Interop. I’m now convinced that no normal person should be subject to Las Vegas for more than this amount of time. Everyone I ran into yesterday was looking forward to leaving. I flew out at 2:15 and found that people with later flights were jealous. This says it all.

Enough about the fake city however. As for Interop, a lot of people thought that the 2009 downer indicated that Interop may not be around much longer. In less than a year, the buzz has returned under the guise of strong financials, more market demand, and cloud computing. Here are my final thoughts on the show:

  1. I was certainly entertained by the Xirrus booth that featured a real boxing ring with live sparring. That said, Xirrus positioned this as the Wi-Fi battle between Arrays and APs. Hasn’t this debate been settled? Personally, I think that Wi-Fi must evolve into a smart mesh that seamlessly integrates into the wired network. Aerohive seems especially innovative in this regard.
  2. I was impressed last year by 3Com’s product line and bravado but wondered if it really had the resources to impact Cisco. Now that 3Com is part of HP, those concerns go away. At the very least, Cisco margins will be impacted every time HP is in a deal but HP’s product line and resources may represent the first real Cisco challenger since Wellfleet Networks. HP’s problem? Marketing. When Cisco leads with its compelling borderless network vision, HP can’t simply respond with price/performance. What’s HP’s vision of the network in a cloud computing-based world? To challenge Cisco, it needs its own vision and thought leadership — qualities that HP hasn’t been strong with in the past.
  3. The WAN optimization market continues to flourish with Blue Coat, Cisco, and Riverbed leading the pack. To me, the next battle royale here is desktop virtualization. Which vendor will offer the best support? Too early to tell but this certainly provides a new opportunity for Citrix and it Branch Repeater product.
  4. It seems like the application acceleration market has become a two horse race between F5 and Citrix/NetScaler. I was impressed by some new feature/functionality from Brocade and also like scrappy startup A10 Networks who play the “hot box” role in this market. Of course Cisco plays in this market as well.  I need to ask my friends in San Jose for an update as the competition is aggressive and confident.
  5. Yes, Juniper wasn’t at Interop. Should we read anything into this as some people have suggested? No. Just look at Juniper’s financial results and you’ll see that the company is doing quite well. With all due respect to the folks who run Interop, it is no longer a requirement to attend industry trade shows.

One final thought. I don’t think anyone really knows what the network will look like in a world with cloud computing, advanced mobile devices, and ubiquitous wireless broadband. In my opinion, this means that the network business is up for grabs in a way it hasn’t been in the past. This should make next-year’s Interop just as exciting — I just wish it were at the Moscone Center.

PS: Thanks to all the folks who provided feedback on my comments about Arista Networks. Clearly, I owe Jayshree a call.

RSA 2010: Cloud Security Announcements Already Dominate

Tuesday, March 2nd, 2010

It’s pouring in San Francisco, but ironically, the RSA Conference is already pointed toward clouds–in this, case cloud computing security.

There were two announcements yesterday around securing private clouds. New initiative king Cisco announced its “Secure Borderless Network Architecture,” which is actually pretty interesting. Cisco wants to unite applications and mobile devices through an “always-on” VPN. In other words, Cisco software will enforce security policies for mobile devices regarding which applications they can use and when–without user intervention. Pretty cool, but you would need a whole bunch of new Cisco stuff to make this happen.

On another front, industry big-wigs EMC, Intel, and VMware are pushing for a “hardware root of trust” for cloud computing. The goal here is to create technology that lets cloud providers share system state, event, and configuration data with customers in real time. In this way, customers can integrate cloud security with their own security operations processes and management. This is extremely important for regulatory compliance. (Note: Another reason why EMC/RSA bought Archer Technologies).

These interesting announcement probably presage a 2010 RSA Conferernce trend: “all cloud all of the time.” Since ESG Research indicates that only 12% of midsized (i.e., 100 to 999 employees) and enterprise (i.e., more than 1,000 employees) will prioritize cloud spending in 2010, all of this cloud yackety yack may be a bit over the top.

Two other announcement worth noting here:

  1. An actual leading voice on cloud computing security, the Cloud Security Alliance (CSA), teamed up with IEEE to survey users about cloud computing security. Users overwhelmingly want to see industry standards and soon. Bravo CSA and IEEE, I couldn’t agree more.
  1. I like the F5 Networks/Infoblox announcement around DNSSEC. The two companies will offer integration technology between F5 load balancers and Infoblox DNSSEC. This partnership blends the security of DNSSEC with the reality of distributed web-based apps and infrastructure. Kudos to the companies, the federal government will be especially pleased.

See you at the show!

F5 Networks Financials Tell a Bigger Market Story

Friday, January 22nd, 2010

This week, F5 Networks announced delightful Q1 financial results to Wall Street. Company revenue was up 11%, topping Wall Street estimates; the company hired nearly 100 new employees; and F5 now has a market cap in excess of $4 billion. Share price actually jumped 3% after the announcement.

These results say a lot about F5 Networks, a leader in the Application Delivery Controller (ADC) market staffed by a bunch of smart people who are also pretty fun to hang out with. In my opinion, however, these results suggest a few other market trends:

  1. Investments in data center consolidation, SOA, and web applications remain signficant. F5′s core ADC sales accounted for 93% of its total revenue. Yes, BigIP/TMOS/Viprion is F5′s strongest product set, but the numbers also suggest that purchasing in the Internet data center continues to be very strong.
  2. Big web applications are becoming ubiquitous. Enterprises are now building the type of scalable web applications that used to be the exclusive domain of folks like Amazon, eBay, Google, and Microsoft.
  3. ADCs are part of the web application infrastructure. It used to be that ADCs were thought of as load balancers in the networking domain, but no longer. With features like iRules, protocol acceleration, caching, and security, ADCs are being used to reduce business risk, improve the user experience, and enhance application business logic.
  4. ADCs and WAN Optimization are coming together. As Internet-facing applications span multiple data centers, there is a whole lot of application-layer data center-to-data center activity going on (i.e., global load balancing, file transfers, VMotion, etc.). These requirements unify ADC and WAN optimization functionality, which plays well for vendors like F5 with supercomputing-like processing capbility at the data center network edge.
  5. IT needs new networking/application specialists. F5 financial results and the whole evolution of ADC functionality suggest the need for a new IT skill set. I believe there is a growing requirement for hybrid IT specialists who understand both networking and application requirements. These people will become architects and application performance gurus — and make a ton of dough. F5 should work with application vendors like Microsoft or Oracle to create a certification program in this area.
  6. Whither Cisco? I know I’ll get some grief from San Jose, but it seems like Cisco continues to lose focus on the ADC market as it has in security. I know others like A10 Networks and Citrix are doing wel in the ADC market as well so I don’t get what’s going on. My guess is that Cisco has a next-generation product in the works, but until this hits the streets, it seems like Cisco is losing more than it is winning.

Congratulations to F5 for its innovation, focus, and sales execution. Others should take notice: new Internet data centers are clearly where the action is.

Kudos to 60 Minutes, F5 Networks, and HP

Wednesday, November 18th, 2009

It’s tough to blog from the road so I’ll make this brief with a few noteworthy “atta boys” I’ve been thinking about.

1. Huge kudos to the CBS News Magazine 60 Minutes for its November 8 segment titled, “Sabotaging the System.” This piece described how hackers could launch a cyber attack and take down critical infrastructure like the power grid.

I can’t tell you how many people came up to me afterward and asked me if this story was true (note: “of course it’s true,” I replied). In my recent visit to Washington DC, other security and technology professionals said the same thing. I give 60 Minutes a ton of credit for exposing a very serious issue that average citizens need to be aware of. Exposing these problems can only put pressure on businesses and policy makers to fix them. Incidentally, this was 60 Minutes’ second story related to information security. Obviously, someone at CBS gets it.

2. Kudos to F5 Networks for its recently announced support for DNSSec. Why the kudos? Federal government agencies are trying to do two things simultaneously. First, they are trying to create new web-based e-government applications to increase online services for citizens and promote transparency. At the same time, the feds are under intense pressure to improve security with technologies like DNSSec. F5 recognized that these two goals could end up blocking each other and thus derail both efforts. To overcome this, F5 added DNSSec support in Big-IP. Federal IT gets a one-stop-shop for application acceleration and DNSSec while F5 should get lots of phone calls and sales from within the Beltway.

3. Kudos to HP on its ProCurve ONE support announcement. Here’s the thing: The 3Com announcement could become a huge distraction and thus usurp the effectiveness of historical programs like ProCurve ONE. Rather than let this happen, HP bolstered its ProCurve ONE marketing programs, messaging, and educational material within days of the 3Com announcement. This should reassure technology partners (like F5, McAfee, and Riverbed), channel partners, sales people, and customers that HP wants to build a networking ecosystem, not a proprietary portfolio of HP/3Com products for every networking need.

Gotta go, feel free to add to my list.

HP & 3Com, My Two Cents

Thursday, November 12th, 2009

Rumors of a networking acquisition have been flying around HP for years — I’ve heard the names Brocade, Extreme, Force10, and even Juniper thrown about. HP indeed followed this logic, but zigged with 3Com instead of zagging with one of these others.

Why 3Com? With the H3C and TippingPoint portfolios, HP got a far broader product line than it could have elsewhere. What’s more, H3C high-end switches and routers could be extremely disruptive as they could attack Cisco’s profit margin which could really hurt even if Cisco wins business.

All told, I really like this move but HP has some work to do. Here is my list of opportunities and challenges for HP moving forward:

Opportunities:

  1. TippingPoint is an IPS/IDS leader and one of the elite players in the enterprise and service provider space. HP should use TippingPoint as a Trojan Horse to penetrate enterprise accounts. HP should also continue to invest in security as lots of dollars will continue to be spent in this area alone.
  2. Everyone is talking about the data center and HP has a very strong portfolio of servers, storage, and networking. That said, HP would be wise to use its extensive distribution and enterprise customer base to sell 3Com core routers and switches too. HP should also double-down on a service provider vertical marketing strategy.
  3. EDS should be incented to bundle 3Com into every big deal possible. There may be some big opportunities in the Federal space although H3C sales to government agencies may be difficult.
  4. With 3Com and ProCurve, HP could lock down SMB sales. This should be a high priority. Yes, enterprise sales are the ultimate goal, but HP should spend ample time on the SMB space in order to prevent any incursion here.
  5. HP should focus on ProCurve One partners. 3Com brings a lot but not all networking needs. HP needs a broader security portfolio, WAN optimization, and Application Delivery Controllers. HP should assure partners like F5 and Riverbed that the 3Com purchase means more business for everyone and follow this message with real programs and commitments. As for security, HP should now look for a security management vendor like ArcSight, LogLogic, LogRhythm, Nitro Security, or SenSage to complement TippingPoint.
  6. HP should solidify its FCOE messages as it now has every incentive to push Ethernet for everything.
  7. Select opportunities by geography and industry. While HP has a vast global presence, specific geographies and industries will be a much easier target than a broad horizontal go-to-market strategy. HP should focus on emerging markets as 3Com has done especially well there. As for industries, HP should concentrate on those that have been hit hard by the recession (State and local government, education, housing, etc.) and those in the midst of massive network upgrades (life sciences, telecommunications, media, healthcare, financial services). Strong vertical marketing will sell networking and lots of other equipment.

Challenges:

  1. HP cannot assume that its storage and server field staff can sell networking. It needs to establish a killer enterprise networking salesforce. Many Cisco staffers are looking for new challenges so I would start there.
  2. HP needs to rationalize its networking portfolio soon as it can’t support a multitude of devices, operating systems, and channels effectively. To do this, HP needs to figure out its end-of-life and support strategy and also articulate a clear roadmap to customers.
  3. As previously mentioned, HP must lock up partners, not scare them away.
  4. HP must become an enterprise networking vendor and not a data center-only player. If it only focuses on the data center, it will miss lots of other business opportunities.

In my opinion, the opportunities outnumber the challenges for HP. In the meantime, Cisco is likely pooh-poohing this merger externally but extremely concerned within the posh walls in San Jose.

The Cisco Squeeze

Monday, November 2nd, 2009

Cisco Systems (CSCO) has long had a unique competitive position in the enterprise market. In the glory days of the mainframe, IBM still competed with HDS and Amdahl, but Cisco has had the enterprise networking market to itself for a number of years.

This monopoly seems to be at its greatest risk ever — ESG calls this market phenomenon the Cisco squeeze. Think of Cisco in the middle of a big triangle with the competition closing in on Cisco from three distinct fronts:

1. Innovation. Juniper’s (JNPR) Trio chipset and 3-D architecture set a new plateau for networking performance that Cisco can’t match. Yes, this is probably a bigger threat in the service provider market than the enterprise, but large enterprises like DISA and NYSE are buying into Juniper innovation. Beyond Juniper, companies like F5 Networks (FFIV), Citrix (CTSX), and Riverbed (RVBD) are out innovating Cisco in strategic areas as well. Finally, small enterprises are looking longer at innovative and affordable alternatives like Extreme Networks (EXTR), Force10, and even 3Com (COMS) to get better end-to-end functionality at a lower price point.

2. Commodification. While aggressive innovators hurt Cisco at the high margin data center and core network, commodification hurts Cisco at the edge. The best example here is HP. Low-cost edge and wiring closet switches with lifetime warranties are increasingly “good enough” for many Cisco customers. If history repeats itself and the low end scales to eat the high end, HP (HOQ), Dell (DELL), and other commodity networking vendors will continue to gain share at Cisco’s expense.

3. Server vendors. With its introduction of UCS (aka: California), Cisco effectively alienated major partners Dell, HP, and IBM (IBM). Publicly each of these companies say that they will continue to work with Cisco but privately they are mobilizing the troops. Both Dell and IBM now OEM networking equipment from Brocade (BRCD)and Juniper while HP is bolstering its ProCurve offerings with new products and partners. The rumor is that HP will no longer pay its sales reps commission on selling Cisco gear — that will certainly change selling behavior.

Cisco is a huge successful company with good products, great support, and some of the best sales and marketing in the industry. It also has done a great job diversifying into new areas like Telepresence, consumer electronics, unified messaging, and yes, even servers. Cisco is a machine that will continue to flourish but it clearly faces greater competitive and market pressures today than ever before.

Here are a few things I’ll be watching for over the next few quarters:

1. Layoffs or budget cuts in sales, marketing, or field support. This will tell me that margins are eroding, existing field skills are no longer useful, or Cisco is losing strategic battles.

2. “Back to basics” messages from John Chambers. If the ever-visionary Cisco CEO starts speaking to Wall Street in cliches like, “we took our eye off the ball,” or “we need to get back to basic blocking and tackling,” things are way worse than most people think.

3. Big acquisitions. If Cisco goes out and buys an F5 Networks, Riverbed, or ArcSight (ARST), it tells me that internal innovation can no longer keep up with the market.

4. Server deals. If Cisco wins large UCS deals, everything else will come along for the ride. If not, everything else will be challenged.

5. HP. If HP develops or acquires high-end networking equipment and new enterprise boss Dave Donatelli can instill an EMC-like sales culture at HP, Cisco will have its hands full.

Innovation, comodification, and competition are at the heart of the tech industry. Most industry leaders face these challenges from day one but Cisco through a combination of skill, luck, and lack of true competitors was able to tap dance around these pressures for a long time but no longer. Over the next few years, Cisco will be challenged like never before. It will certainly be interesting to see how it all unfolds.

Search
© 2010 Enterprise Strategy Group, Milford, MA 01757 Main: Fax:

Switch to our mobile site