CLOUD FOCUS: F5 gets more cloud friendly
You mentioned the service provider market. Will you partner with a service provider to deliver that as a capability through them?
Yes and we have examples of that, with Rackspace [Hosting] and AT&T. They are essentially managed application delivery services. They've been successful for us and we expect that to continue.
How are the dynamics of the service provider market changing and, more important, how does your experience working with the service providers shape what you do for enterprises?
Typically, service provider has been 20% to 25% of our quarterly business, and we've been growing pretty good, growth rates in the area of 40% over the last year. One of the big drivers has been the mobile traffic requirement. We offer a high-end product called VIPRION that's a chassis-based product with massive transfer rates. We have four blades in the chassis and each blade is equivalent to the highest independent box solution we have, so we're talking about four times the performance of the standard solution in one chassis. That's been very, very popular with the service providers, specifically to steer mobile traffic, to build policies for mobile traffic and to make granular decisions based on those policies. It's the only solution out there that can cope with the growth in BlackBerries, iPhones - the smartphone type traffic growth.
If you think about the banks and the financial organizations and what they're doing now, they're all building the capability to do transactions from your smartphone. So the enterprises are going to see the same sort of traffic requirements in the data centers as the service providers are seeing today. Video's also a big driver. The service providers saw that very quickly, but the same thing is going to happen in the enterprise. We're building products for service providers that we're confident are going to be in bigger demand in the enterprise. We're starting to see that VIPRION flagship product I talked about more and more selling into the enterprise. It's traffic that really drives it, the growth in traffic and complexity.
You seem to have developed some pretty strong relationships with application providers like Microsoft, IBM, Oracle, SAP. What comes out of these partnerships? What's the fruit of that for a customer?
As releases of software are announced, like Microsoft Exchange 2010, we are tailored to optimize them. Typically the optimization is in terms of high availability, making sure that they're optimized for maximum up time. Quite often we'll build some security capability into that. I mentioned earlier an example where you can put a Web accelerator in front of SharePoint and get three to five to, sometimes, up to as much as 10 times the performance. We make the applications run better and it clearly gives us a bigger market capability.
We hear from our readers a lot of concern about how a number of different trends are affecting the security landscape: Cloud, mobility, social networking. What are you doing to help people respond to those kinds of changes?
We are doing a lot. Our security solutions come in a number of ways. We have an application security module that's called ASM - again the emphasis is on applications. In other words, we can really see what's happening and have policies built around the application. A simple example, let's say you build a policy to say that cookies can only be of a certain size or within a range of values. We can check that. We can encrypt a specific database and policy as well. We also have an iRule capability that allows our customers to program a formula that will stop a denial-of-service attack coming into a data center by diverting the data. You can easily spot denial-of-service coming from the same IP address, coming at a specific rate and not even let that hit the application. There's a whole range of stuff we do there.
Which trend is putting the most pressure on security?
Application security. That's where all the really heavy attacks can happen where, say, there's something injected into the browser. They're very sophisticated checks. You're not just looking at firewalls and saying 'Oh this is OK.' You're looking at the dynamic data that's coming into the data center, analyzing it and checking it against policies. We're convinced that's probably the biggest thing you need to be, again, application fluent.
What is the one thing that you absolutely want IT readers to know about F5? And what would be the misconception about the company that you really want to dispel?
I think that the issue about our market is it's defined as Layer 4 to 7. And the problem with that is that the definition of Layer 7 is that you're opening packets and maybe looking at some data and suddenly you've got a Layer 7 solution. We're much more application fluent than that. The fact is that we sit in these strategic control points - mission-critical control points - and can really affect the ROI for the customer both in terms of maintaining application up time, optimizing the application, reducing the capital spending on servers, reducing the bandwidth and really doing that to the highest level, the application level. We're very, very differentiated in that area. It's all about getting in front of the customer and showing them the functionality we've got within our product. We've been successful at that but we're still pretty small. Most customers when they meet us for the first time are surprised at the range of functionality but they'll realize they can save money this way or we can save effort another way in terms of the application.