Cisco Subnet An independent Cisco community View more

A conversation with John McAdam of F5 Networks

Looking to the future and understanding the past in application delivery controllers

I am going to continue my series of conversations with industry CEO’s and today we have John McAdam of F5 Networks. 

1. So why don't you tell us where you think the markets are at with [application delivery controllers] to start and then, do you still see growth? You can also include your other products.

In general, the application delivery controller (ADC) market is good, but it's particularly strong and growing for F5 because we're able to provide advanced ADC capabilities-beyond simple load balancing or encryption. There are a couple of reasons for that. First, we occupy strategic control points in the data center-we are typically positioned inside the network firewall between clients and servers and very close to the applications-so we see all the traffic that passes in between. Second, our products use a full proxy architecture, which gives us something we call "application fluency"-the ability to see and understand what's happening in both the network and the applications themselves. As the application environment changes, we can adjust to network conditions and manage application access, availability, and performance in real time. This gives us a strong advantage over competitors who aren't able to provide this level of sophistication or who focus on just one aspect of traffic management such as load balancing or WAN optimization.

2. Who do you see as your biggest competitor and why?

Although they are not necessarily the biggest competitor from a technology perspective, Cisco is certainly the most pervasive. They have a long history and a strong customer base, but really, their technical approach is much different from ours.

John McAdam

3. Who do you see as your biggest technical competitor?

That would probably be Citrix but, like Cisco, their technical approach is also very different from ours. Here's a real-world example. As ADCs have become more advanced, IT organizations need to decide whether it's best to handle certain functions and services, such as authentication and authorization, in the network or in the application itself. Unlike our competitors, F5 would argue that enforcement functions like these are best done in the network. This offloads application servers and provides an extra layer of security and centralized control. It also enables an architecture that works across all applications, not just a few specific types, or those from a specific vendor.

Another example: does it make sense for an organization to implement access control services for just one specific VDI environment? We believe it's better to create an access control architecture that supports all VDI environments along with other applications, whether enterprise, unified communication, intranet, extranet, etc. It's more cost-effective, operationally efficient, and provides a better security posture to unify these tasks at the network level. I guess, from that perspective, any vendor that takes a similar approach could be considered our "technical" competitor, but as of today, I don't know of any.

4. Will we one day see [application delivery controllers] move into new markets or products?

We will be placing a lot of focus on security in the near future. It's not really a new market for us-we've been providing solid security solutions for years-but more and more, people are recognizing the depth of security protection we can provide. Again, that's based in part on the strategic position we occupy in the data center and our advanced ADC capabilities. In today's climate with many more organizations experiencing cyber attacks, we're finding an urgent need to educate customers about implementing layered application security solutions. This is particularly important in the financial services and government sectors, but it's essential now for organizations across all industries to have multilayer security strategies. Many enterprises don't realize how vulnerable they are. They're trusting their network firewalls alone to protect them, but clearly that's not enough anymore.

5. Where do you see your products expanding to next, or options you will add to the current product?

We just announced TMOS version 11, the foundation of our BIG-IP product family, which includes more than 150 new sophisticated management, scalability, and security features that enhance data center consolidation and cloud architectures. Version 11 also includes specific solutions for the service provider market. The influx of smartphones and tablets such as the iPad has created a huge opportunity for us. Our high-end VIPRION products are able to deliver the performance service providers need to handle the massive increases in mobile traffic volume they're seeing.

Conceptually, we are focused on helping organizations move toward the "dynamic data center," a model in which the network is managed as a pool of reusable resources (physical, virtual, or distributed) that can be dynamically configured and reconfigured. An application-centric approach gets customers away from managing individual devices and resources, or adopting incomplete public cloud networking models. Instead, the network becomes the "control plane" that directs the user to the appropriate resources based on policy. iApps, which we just announced in TMOS v11, is key to enabling this approach and will be pivotal for several years to come.

In fact, analysts are calling BIG-IP version 11 game-changing because it unites disparate and distributed resources, making them look like one common architecture. This gives operations, network, and application development teams a common view and a collective intelligence to withstand the most difficult IT challenges.

6. I know many customers would like to hear where your products compete with other vendors. So if you could, by product, tell us which vendor product they compete against and why they are a better value.

When it comes to a unified Application Delivery Controller platform that can contextually manage and control application delivery inside and out of the data center, our BIG-IP products and TMOS version 11 truly stand alone in the marketplace. Individual components of the unified BIG-IP system, however, do face some competition.

For basic, core ADC capabilities such as load balancing and application availability, Cisco and Citrix are our closest competitors, but each has less than 20 percent of the market compared to our nearly 45 percent. Our full-proxy TMOS architecture gives us a big advantage because it lets us combine many functions on a single platform and manage application traffic in ways that aren't possible with other vendors' solutions.

BIG-IP Application Security Manager (ASM), our award-winning web application firewall (WAF), competes with Imperva, but ASM is far more than most standard network firewall solutions, which are often blind to layer 7 attacks. It protects against web 2.0 application attacks as well as layer 7 denial of service, brute force, and Slowloris, and web scraping attacks-and these are just a few of the advanced features ASM is recognized for.

Our ARX file virtualization product remains unique in the data management market and presents an innovative way for enterprises to manage their data growth. The primary competitor is really the existing manual processes that many organizations still have in place. We demonstrate to our customers, day-in and day-out, how ARX can help them realize capital and operational cost savings in their storage infrastructure.

7. Do you see consolidation in the marketplace or more companies starting up in this space?

I think there will always be consolidation among smaller companies that offer point solutions, but F5 is focused on building a strong and growing independent company. Advanced feature ADCs are becoming "must-haves" in the data center, so I think we'll see more large enterprises trying to expand their reach by incorporating ADCs into their offerings, but I don't see a lot of room for startups simply because they would be years behind in terms of technology.

8. What new verticals, segments do you see F5 moving into within the next few years?

We already have a very horizontal play across most industry segments, but you'll see a stronger focus on financial services, healthcare, and government. We're also stepping up our efforts in the service provider market, which faces unique and challenging requirements. Our high-end VIPRION products can handle the massive increases in traffic volume these companies are experiencing and deliver the levels of performance they need. We also provide a way for service providers to transition gradually to IPv6, which is critical for them right now as their IPv4 addresses run out and IPv6-only devices begin to flood the market.

9. Let's talk about the cloud, what is F5 doing in the cloud now?

We're doing a lot with cloud right now. Our vision is to make the cloud a seamless extension of the local data center, and we're helping organizations achieve that vision with solutions for application delivery, security, and storage. The two most difficult challenges customers face with cloud deployments are managing and controlling applications in a dynamic environment, and integrating this new computing model into their existing, static data center environments. We believe organizations should have the same level of control and security in the cloud-whether public or private-that they have in traditional data center environments, otherwise, what good is the cloud? With our BIG-IP products, customers can apply the same configurations, access, and security policies they use in their traditional environments to the applications they deploy in the cloud. The end-goal is to deploy, manage, and control applications transparently, regardless of where those applications reside.

We've also just introduced a virtual edition of our Application Security Manager (ASM), our web application firewall that I mentioned earlier. Now, customers can deploy this virtual edition very quickly, whether in the data center or the cloud. Policies are automatically updated and shared across multiple implementations-physical and virtual-so IT no longer has to manually update policies on every device. With this virtual edition, our customers can keep the application security policy as close to the application as possible, even as it moves around and between data centers and clouds.

Storage is also an important component of cloud deployments, and with our ARX and ARX Cloud Extender products, customers can include the cloud as part of their tiered storage implementation. ARX makes all cloud-based storage appears to the administrator as a local storage tier, and users have easy access to files regardless of where the storage is located.

10. How are you helping large cloud providers manage their product by using yours?

With our ADC solutions and the infrastructure management tools that we provide, cloud providers such as Rackspace can manage and dynamically scale their infrastructures based on application, user, and customer demand. They can create secure, hybrid clouds-environments that combine managed hosting services with on-demand cloud services. When all traffic is routed through an F5 device, for example, cloud providers can isolate individual customer traffic and transparently move it between portions of the cloud-enabled infrastructure. They can scale out cloud services as demand increases and, in turn, scale back those services when they're no longer needed. It's classic cloudbursting at the provider level-complete with data isolation and automatic provisioning and de-provisioning. Every end-customer wants it, but few cloud providers can deliver it.

11.  Let's talk green, many companies talk about it but they really don't do it. Can you tell us [where] F5 is going in the green space and how customer can save money with your products?

That's a great question because organizations often overlook the application delivery network in their green initiatives. First, by offloading functions like SSL processing, authentication and authorization, compression, and TCP multiplexing from application and web servers, we improve server utilization-enough that customers can significantly consolidate servers. Also, our unified platform combines many ADC functions such as WAN optimization, application security, and load balancing, for example, on a single device. So, our solutions not only help customers consolidate their servers but also their network devices, which cuts both capital and operating expenses when you factor in reduced power and cooling costs.

12. Right now we are at 10gbps, moving to 40gbps and beyond. Where do you see F5 moving to and how fast?

F5's ADC was the first in the marketplace to support 10 Gbps interfaces and will be the first in the marketplace with a 40 Gbps interface when we ship the new Centaur blades for the VIRPRION 4400. The VIPRION 2400 was also designed to support 40 Gbps interfaces with a native 40 Gbps per slot bandwidth to the fabric. We are already working on our next generation of VIPRION, which will be released sometime in the next 36 months. It will support both 100 Gbps and 40 Gbps interfaces and provide greater than 100 Gbps layer 7 performance per blade.  

13. Could you one day see every data center having an F5 application delivery controller?

Absolutely, and ideally, that's where we're headed as we try to help enterprise IT groups meet their escalating traffic and security challenges, achieve the levels of scalability they need, embrace cloud deployments and, at the same time, consolidate more of their infrastructure on fewer devices.

14. What is the one question when meeting with potential customers that you get the most and why?

This is an easy one! CIOs and IT executives always ask me "How can my IT department become more agile and save money by moving applications to the cloud, yet still maintain the same level of control, security, and service that our business units require?" It's difficult for IT to maintain control of mission-critical applications when they don't control the infrastructure. With F5, then can maintain control over the application delivery infrastructure, regardless of where an application lives or which business unit is pushing that app into the cloud. And that's what every CIO wants to know-that their business processes won't be interrupted when they move mission-critical apps to the cloud.

15. Many vendors I talk to bring up customer purchasing terms, many have moved from 15-30 days to 60-90 days. Do you think this is getting out of hand or is the power in the customer hands?

Our terms have been and still are net 30 days to net 45 days for domestic customers. Terms for international customers range from net 30 days to net 120 days. Neither of these has changed for F5; we're still adhering to the same terms and conditions that we have had for the past several years.

16. Do you see F5 doubling in sales within 5 years?

We do not give specific growth guidance beyond a quarterly view. Having said that, our run rate in recent quarters indicates we're capable of achieving that $1B annual milestone, and we expect to maintain aggressive hiring for the foreseeable future to ensure our continued growth. If we maintain the growth we have seen in the recent past, then the math definitely indicates that doubling in 5 years is very achievable.

17. What is the biggest misconception about F5 that people believe or hear?

The biggest misconception is that F5 makes load balancers. That's certainly where we began more than a decade ago, but with some of the features I've already mentioned like our full proxy architecture and application fluency, we have helped pioneer the advanced ADC market. It's a matter of getting in front of customers and demonstrating to them the functionality of our products. Our solutions can dramatic improve ROI in countless ways-by keeping applications up and running, improving performance and bandwidth utilization, reducing CapEx and OpEx by offloading servers and enabling consolidation, and perhaps most important of all, protecting applications and data from cyber attacks across their entire infrastructure.   

18. It has been a while since we have seen some head to head testing against your competitors, when will we see more?

In general, we believe testing is not very objective when a vendor pays a third party to test their product against a competitor's, so we don't do that. Instead, we do our own performance testing, but what distinguishes us from others is that we make our testing methodology, device configurations, definitions, factual data, real-world scenarios, and performance guidelines completely transparent and available to anyone who wants it. We back that up by operating a real-world performance lab where customers can see test results based on their own application-specific scenarios.

Typically we test alongside other products that are comparable in terms of price, performance, and the timeframe in which they were released. In 2010, we did some extensive testing of our VIPRION chassis-based and mid-range products against other vendors' similar offerings. As always, our overriding goal is to help customers make the most informed buying decisions possible.

19. If you could partner with one company right now to expand your product line or sales, who would it be and why?

We have a very wide selection of partners today, both in terms of our global channel partners and technology relationships. Perhaps there is room for expanding our portfolio with organizations that are competitors today but could be partners in the future. I am not going to single out a specific company.

20. IPad, iphone or android? What do you own?

iPad and iPhone

21. What kind of songs are on your mp3 player?

A lot of sixties stuff (The Who, Rod Stewart, Beatle etc) plus recent hits.

22. Being an executive like myself you have to have a release. Mine is golf or my handheld satellite radio. What is yours?

Golf, gym, traveling, watching soccer, and time with the family (not in that order!).

23. Fly, drive or train; which would you take the most if you had the chance?

Definitely not drive. Probably the train, but I mainly fly.

24. In the movie Almost Famous, what was the name of the bus they traveled in? Name of the song playing when they showed that bus name in the movie?

Okay, I had to use "Bing" on this one ...

You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies