Interview with John McAdam, CEO of F5 Networks, which has managed to garner nearly half of the Layer 4-7 switching market.
Cisco owns networking, right? Not when it comes to the rapidly growing Layer 4-7 switching market. There, F5 Networks has managed to garner nearly 50% market share, while Cisco's share has actually declined. John McAdam, F5's CEO, attributes the company's success to having won ownership of certain strategic control points in today's consolidated data centers. In this installment of the IDG Enterprise CEO Interview Series, McAdam talked with IDGE Chief Content Officer John Gallant about F5's efforts to make infrastructure more agile, how the company is helping IT leaders navigate the move to cloud computing, new security and mobility challenges facing enterprises and why his Seattle-based company so often beats Cisco when customers choose an application switching partner.
(Read more from the IDG Enterprise CEO Interview Series, including Q&As with Cisco CEO John Chambers, Riverbed CEO Jerry Kennelly and SAS CEO Jim Goodnight.)
F5 is described as an application delivery vendor, but that term is nebulous to some folks and it doesn't really convey all of the things that you do. You cover everything from application acceleration, wide-area network (WAN) optimization, security, policy and more. Can you crystallize F5's mission and what sets it apart from other infrastructure companies?
We see our products as occupying the strategic control points within data centers. We see all the traffic that's going between applications and between servers. Because of these strategic control points, we can do simple things like, historically, load balancing or encrypting the traffic. But then it gets much more sophisticated where we can basically provision applications and servers, we can look at the performance of specific applications. Our customers can use our products to change or add functionality without having to change thousands of pieces of software and different programs. We've got this opportunity because of the way data centers have been architected and are being architected, which is this whole concept of consolidated data centers, typically using virtualization technology without a product sitting in a data center effectively controlling traffic between the apps and between the servers and between the network.
Talk about those control points. Did you identify them as an opportunity early on or is this a position in the infrastructure that you evolved to support?
We started off with load balancing then we added encryption. In 2004, we came out with full proxy architecture. The reason that's important is that we can actually sit at the strategic control point and the application isn't aware that we're there, the user isn't aware. That gets you a lot of power. Also, we can be very application fluent. We can understand what's happening at a pretty granular level within the applications, whether it's Microsoft SharePoint or Oracle apps. Over the last few years we've been building more application fluency into the product. Three years ago if you were using our products, you may have had to deal with a whitepaper that would say, 'OK if you're running SharePoint, this is what you do to improve the performance of SharePoint'. You read the whitepaper, you made some changes to our software. Now we have application templates for specific types of solutions, and we've got a significant number of those actually. These templates [are supported] within the operating system and you tweak the parameters to optimize [the applications], to make them more secure, to make them go faster.
I want to talk about how you compete against companies like Cisco. When you win, why do you win? And when you lose, why do you lose?
I'll do the 'lose' first because it's an easy one, it's a very small proportion of the time we lose. We've actually been publishing our win rate against the competition. It's typically in the low- to mid-90% win rate. Typically when we lose against Cisco it will be because of politics, to use the phrase used by our sales force. Cisco is a great company that's got a lot of loyalty within the customer base, and some customers basically decide they want to do one-stop shopping. When we win is when customers are looking at functionality and performance. For example, I've talked about application templates. Nobody else has got that capability. I mentioned the example of SharePoint. We have the capability of increasing the performance of that by as much as 10 times. The short answer is that we win at a technology level. We have faster technology and much more feature-rich technology. I mentioned the full proxy architecture, there's nobody that's really got anything comparable to that in the marketplace. Also, we've got a tremendous service organization. Our customer [satisfaction] levels are world class. We poll our customers on a quarterly basis and we typically see scores of 9.2 to 9.6 out of 10. That's very high. We've developed a world-class sales distribution channel as well as service channel as well as having the technology leadership. (Read Cisco's top rivals.)
So Cisco obviously is at a number of the same control points you are in the network. What is it that you can do that a Cisco can't?
Well, in fact, they are not really at a number of control points. I mentioned earlier about being application fluent. To be application fluent, you really need this full proxy architecture and it needs to be sitting very close to the application. Cisco actually doesn't have that technical approach. They focus more on load balancing and just effectively managing the traffic. They do Layer 7 [switching], which means that they can open up the packets and make strategic decisions based on that. But it's very limited. Also a lot of their thrust is to sell the Layer 4-7 solution on the switch or on the router. From their perspective that's pretty good because it means they can add value to that [device], but it's not the right place in the network. You really need to be after the firewall, just before the application is ready to take the data so that you can encrypt the data, so that you can massage it. They don't really have what we would call strategic control. Switches and routers can be defined as strategic control points, but not at the application-fluent level.
What's changing in the competitive landscape today?
There's not been a significant change over the last few years. If you go back three years ago, Cisco - in particular - was much more competitive against us. But we have gained significantly in market share. The best way, in my opinion, to look at the market is to look at the Gartner Magic Quadrant. That shows you all the competitors and the only sort of technology competitor we have is Citrix, from when they acquired the NetScaler solution. But we think from a feature point of view and from a performance point of view that we've really got them outclassed as well. We've enjoyed a situation over the last two or three years where we've had a big technology advantage and not much competition. Hence the 90+% win rate I was talking about.
How are you building on your strengths? What capabilities and functions do you need to add?
We continue to build more and more into our TMOS (Traffic Management Operating System) platform. In the last release, for example, we added access policy management, which allows you to do things like single sign-on. In Version 10 of TMOS we added about 130 new functions. So we see every sale as increasing [our presence at] the strategic control points because that's the way the architecture of the data centers is shaping up. The servers are more and more commodity and more and more intelligence is done at that application layer of the network. We basically want to own that infrastructure part of the data center.
Can you give me a couple of examples of key capabilities that you need to add or that you're working to add?
Probably the biggest area for us is that we're adding a sophisticated cluster, multi-approach processing. We call it Virtual Cluster Multi-Processing. Along with very sophisticated management, which allows customers to basically look upon a whole data center as one virtual IP address, our products can work together in clusters. It gives you the ability to control traffic from one single point in the data center and across data centers globally. Imagine the scenario where your applications are maybe slowing up or it's a time of day that people aren't using specific servers, say on the East Coast vs. the west. You can just move these applications. You can move all the power. You can do security all from a single point. In other words, we're effectively taking the vast strategic control and putting it in one place and it's absolutely global. It's a big effort to do that. The initial phase of that is coming in Version 11 of our product which will be out this year.
John would you ever stretch beyond the market you're in today? Would you look, through acquisitions, at complementing your current offerings?
Yes, and we've done that. We've done, I think, four acquisitions. The initial acquisition we did was based on secure access and that's been very successful. We also acquired a small company that had an application firewall solution so that [moved] us into the security market in quite a big way. By the way, that's a big driver of our business today with things like denial-of-service attacks. We keep systems running even in major attacks like that. Then we acquired WAN optimization capability and we've added that as a solution to the product. Then we did a fairly sizeable acquisition, from our perspective, where we looked at file virtualization. Our products sit in front of file servers and we manage and optimize files across the file server base. Looking forward, we think telecommunications is a big opportunity for us. It's about 25% of our business now. We're always looking to see if there is anything that's synergistic that fits in our product stack and can increase our addressable market. So the short answer is yes, we keep looking.
At Interop in 2010 you had a big push around supporting cloud called the Dynamic Services Model. What is DSM?
Dynamic Services Model is this concept of being able to dynamically see what's happening in the network at the application level. And I always emphasize that because that's very hard to do. It's really the whole concept of the strategic control point. We know what's happening in the solution and we know what's happening in the application. That allows you to provision things online, it allows you to move users from one data center to the other based on policies. It allows you to have a policy for access, policies for security as well. It's very dynamic in nature, and not just within the data center and not just within a pool of servers, but across data centers.
How does DSM make cloud better or more possible?
First of all we view the whole cloud concept as really an extension of the larger concept of data center consolidation - companies taking as many as 100 data centers and reducing them down to, say, 10. They do that using virtualization technology to optimize the number of servers, reduce the number of actual servers but increase the number of virtual servers, effectively commoditizing the server world. You can also build your solutions in the cloud. And the solutions may be as simple as, say, pools of servers, or infrastructure as a service or software as a service.
You don't have to have them within the data center, you can have them in the cloud. What we're seeing is definitely that the first move is typically infrastructure as a service. For your whole organization globally, you have a private cloud of infrastructure that might be more servers, more disk capability. Let's say that you have all these files that you've been storing in your data center and you're storing them on pretty expensive storage devices, typically the NAS storage devices from companies like EMC. The chances of you accessing that data are pretty small but you can't delete it for compliance reasons. Or you've built some policies that say if we haven't accessed these files for the last eight months, there's less likelihood of accessing them so we want to put them in much less expensive storage in the cloud. And that can be private or public. Our products have policies that allow you to do that, totally transparently so you don't need to change any software, the user doesn't need to know that the files are not sitting near them, that they may be within the private cloud rather than on your storage within the data center.
This is very, very significant for public clouds where you can basically have software versions of our solution within the public cloud that can be spun up as needed. You can have hardware functions that work in concert with a software function as a hybrid. That goes back to this Virtual Cluster Multiprocessing I was talking about. We have the ability to be almost an arms dealer in the public cloud with products that do what we do in the data center. Let's say you're a business. You don't want to buy servers, you don't want to buy the application and you want to use the public cloud. Our products sit within the public cloud and as you add more users or you ask for more performance, our products actually do a lot of the provisioning from the cloud to do that for you.