Manny Rivelo, the newly appointed CEO of F5 Networks, speaks about life in the age of cloud and SDN, and his company’s transition to software.
Can you walk us through your resume?
I am an engineer by training and started my career with JP Morgan. From there, I joined Cisco in 1992, when it was a relatively small company, with 1,000 employees. I was there for almost 20 years, and did everything from sales to engineering to business development. Three-and-a- half years ago, I joined F5 to help with security positioning of the company. During my tenure here, I have picked up some additional responsibilities including product management, marketing, and strategy. I have been involved with the executive leadership team along with John McAdam and I spent a big chunk of my time on strategy and all those aspects because the industry is changing.
Are you a hardware or software company now?
That’s an interesting question. We were originally a hardware company because when F5 was founded in the late 90s everything was hardware. Today, although we have hardware, the value is in software. The hardware we have has special technologies designed to operate on high performance and there isn’t one feature that you can’t run in the cloud on a hypervisor.
The difference is when you are dealing with hardware platforms you can go to hundreds of gigabits of performance. Our high-end devices do over 600 gigabits of throughput and soon will do 1.2 terabytes. When you are doing just software you get 10 gigs, but, as I said, the real value is in software. If you look at our engineering organisation, which has over 1000 individuals, 90 percent of them are involved in software. However, when you need high performance, we offer specialised appliances that you can run in a chassis.
Do you support commodity hardware?
We don’t build custom ASICs and we leverage FPGAs inside our technology. But, yes, we see the trend is more towards commodity hardware. A lot of what we do in high performance is FPGA and when it becomes available on general computers, like Intel plans to initiate, we will support that so our customers will still get the same performance.
Do you think ADCs will have a role to play in SDN?
If you go back two years, everyone was confused about SDN, and it took too long to set up the network. When companies such as VMware did a lot of innovation on top of the stack, giving you an instance in a matter of minutes, the network – plumbing that connects everything – was still manual.
The SDN technology really operates at layer 2 and 3 and the impact that has on us is almost none. All we have to do is to understand the SDN protocol at Ethernet level and interface with it. SDN doesn’t address services from layer 4 to 7 and it’s a connection-less technology, similar to IP. A lot of technologies that we deal with are in layer 4-7 and are connection oriented. So, what is really happening with SDN is layer 2-3 being more agile, giving you the ability to configure networks. What we are offering is a software-defined application services architecture from layer 4 to 7.
If you disaggregate software from hardware, does it really matter what the underlying infrastructure is?
No, it could be commodity hardware and we are okay with it. We have customers that buy just virtual, hardware or a mix of both.
What is the percentage of customers that buy only software?
It’s a small percentage at the moment. What we are seeing is a hybrid architecture where you have hardware at the entrance of your data centre because you need hundreds of gigabits of performance to mitigate DDoS type of attacks. As you move further back inside the data centre, they are using software and giving every application an ADC. Because it is tied to the application, you don’t need much performance and can have specific policies per app as opposed to consolidating multiple apps on a piece of hardware with multiple policies.
Isn’t it still early days for virtual ADCs?
Yes, and it’s a growing business and is growing in the cloud. You need to bear in mind the fact that customers are still grappling with coming out of traditional IT infrastructure, moving to a more software-oriented architecture.
But integrating ADCs into virtual environments presents management complexity. Is that where your BIG IQ comes into the picture, offering single pane of glass management for both physical and virtual environments?
The intent of BIG IQ is not to be a multi-device manager for multi-vendor environments. It’s a platform that will help manage hundreds of thousands of BIG-IP installations and line rates. However, BIG IQ will talk to other third party orchestration tools, offering the capability of quickly provisioning what the enterprise wants.
What took you so long to come out with a cloud-based services delivery platform – Silverline – as some of your competitors have already been offering this? Was it the lack of use cases?
That wasn’t really the reason. We have been monitoring the market for the last couple of years and wanted to make sure we come out with something that offers differentiated value. Our vision is to align ourselves with four major footprints.
The first one is inside the private data centre, where the biggest change is SDN. So we are addressing how to provision ADCs inside software-defined data centres. The second footprint is the cloud – if you are putting your workloads out in the cloud such as AWS, Microsoft Azure and Google, we need to be inside those cloud service providers.
The third area where we are making major investments in is converged systems. You can buy a rack, which integrates compute, storage and network and get a basic infrastructure. But it doesn’t offer layer 4-7 services and is not secure or available. That’s going to be our job.
The fourth footprint is Silverline, which is all about cloud-based service delivery. You tell us where you want to run your applications, and we will have layer 4-7 services available across all kind of infrastructure – be it virtual, physical or hybrid.
Tell us a bit about your partnership with Cisco. It’s certainly hard to have imagined, given the fact you were fierce competitors five years ago.
I did. Cisco became a great partner in our ecosystem. We are complementary from a company perspective though there is some overlap on the security side, which is quite small. We are strong in DDoS mitigation and web-application firewalling, and Cisco doesn’t do either of that. The only overlap is in the basic firewall space. We are similar in culture and both companies are customer-driven. We work the same way and customers wanted us to work together.