Category Archives: Internet Security

F5’s Look Ahead

I’ve always admired how F5 Networks built its business. Against what seemed heavy odds at the time, F5 took the fight to Cisco Systems and established market leadership in load balancing, which subsequently morphed into market leadership in application delivery controllers (ADC).

F5 now talks about its “Intelligent Services Platform,” which “connects any user, anywhere, from any device to the best application resources, independent of infrastructure.”

To be sure, as various permutations of cloud computing take hold and mobile devices proliferate, the market is shifting, and F5 is attempting to move with it. To get a feel for how F5 sees the world, where it sees things going, and how it intends to meet new challenges, you might want to have a look at a 211-slide (yes, that many) presentation that company executives made to analysts and investors yesterday. 

By its nature, the presentation is mostly high-level stuff, but it offers interesting nuggets on markets, products, technologies, and partnerships.  

Avaya IPO? Don’t Count On It

Reports now suggest that Avaya’s pending IPO, which once was mooted to occur this month, might not take place until 2013.

Sources who claim to be familiar with the matter told Reuters and Bloomberg that Avaya has deferred its IPO because of tepid demand amid competition for investment dollars from Facebook, the Carlyle Group, and Palo Alto Networks, among others.

Reconsidering the “Nortel Option

Well, if you are generously disposed, you might believe that particular interpretation of events. However, if you are more skeptical, you might wonder whether an Avaya IPO will ever materialize. If I were making book on the matter — and I’m not, because that sort of thing is illegal in many jurisdictions — I would probably skew the morning-line odds against Avaya bringing its long-deferred IPO to fruition.

Some of you found it amusing when I mooted the possibility of Avaya pursuing the “Nortel option” — that is, selling its assets piecemeal to various buyers — but I can easily envision it happening. Whether that occurs as part of bankruptcy proceedings is another question, though Avaya’s long-term debt remains disconcertingly and stubbornly high.

Despite recent acquisitions, including that of Radvision for $230 million earlier this month, I don’t see the prospect of compelling and sustained revenue growth that would allow Avaya to position itself as an attractive IPO vehicle.

Unconvincing Narrative

No matter where one looks, Avaya’s long-term prospects seem unimpressive if not inauspicious. In its core business of “global communications solutions” — comprising its unified-communications and contact-center product portfolios — it is facing strong rivals (Cisco, a Skype-fortified Microsoft) as well as market and technology trends that significantly inhibit meaningful growth. In networking, its next-biggest business, the company’s progress has been stalled by competition from entrenched market leaders (Cisco, Juniper, HP, etc.), the rise of aggressive enterprise-networking newcomers (Huawei), and a chronic inability to meaningful differentiate itself from the pack.

According to a quarterly financial report that Avaya filed with the Securities and Exchange Commission (SEC) last month, the company generated overall revenue of $1.387 billion during the three months ending on December 31, 2011. That was marginally better than the $1.366 billion in revenue Avaya derived during the corresponding quarter in the previous year. In the fourth quarter of 2011, products accounted for $749 million of revenue and services contributed $638 million, compared to product revenue of $722 million and services revenue of $644 million during the fourth quarter of 2010.

If we parse that product revenue, Avaya’s story doesn’t get any better. The aforementioned “global communications solutions” produced $667 million in revenue during the fourth quarter of 2011, up slightly over revenue of $645 million in the fourth quarter of 2010. Those growth numbers aren’t exactly eye popping, and the picture becomes less vibrant as we turn our attention to Avaya Networking. That business generated revenue of $82 million in the fourth quarter of 2011, a very slight improvement on the $78 million in revenue recorded during the fourth quarter of 2010.

Lofty Aspirations

Avaya can point to seasonality and other factors as extenuating circumstances, but, all things considered, most neutral parties would conclude that Avaya has a mountain to climb in networking. Unfortunately, it seems to be climbing that mountain without sensible footwear and with the questionable guidance of vertiginous  sherpas. I just don’t see Avaya scaling networking’s heights, especially as it pares its R&D spending and offloads sales costs to its channel partners.

True, Marc Randall, who now heads Avaya Networking, has lofty aspirations for the business unit he runs, but analysts and observers (including this one) are doubtful that Avaya can realize its objective of becoming a top-three vendor. Hard numbers validate that skepticism: Dell’Oro Group figures, as reported by Network World’s Jim Duffy, indicate that Avaya has lost half of its revenue share in the Ethernet switching market since taking ownership of Nortel’s enterprise business nearly three years ago. Furthermore, as we have seen, Avaya’s own numbers from its networking business confirm a pronounced lack of market momentum.

Avaya’s networking bullishness is predicated on a plan to align sales of network infrastructure with key applications in five target markets: campus, data center, branch, edge, and mobility. The applications with which it will align its networking gear include Avaya’s own unified communications and contact center solutions, its Web Alive collaboration software, and popular business applications that it neither owns nor controls.

Essentially, Avaya’s networking group is piling a lot of weight on the back of a core business that is more beast of burden than Triple Crown thoroughbred.

Growth by Acquisition?

Perhaps that explains why Avaya is searching for growth through acquisitions. In addition to the acquisition of Radvision this year, Avaya last year acquired Konftel (for $15 million), a vendor of collaboration and conferencing technologies; and Sipera, a purveyor of session-border controllers (SBCs). The Radvision acquisition extended Avaya’s product reach into video, but it probably will not do enough to make Avaya a leader in either videoconferencing or video-based collaboration. It seems like a long-term technology play rather than something that will pay immediate dividends in the market.

So the discussion comes full circle as we wonder just where and how Avaya will manage to produce a growth profile that will make it an attractive IPO prospect for investors. I’m not a soothsayer, but I am willing to predict that Avaya will sell off at least some assets well before it consummates an IPO.

Avaya IPO? Magic 8-ball says: Don’t count on it.

Cheriton Sees Opportunity in Infrastructure

When I wrote my first post on this blog, way back in 2006, I assumed that technology infrastructure largely was a spent force. I expected incremental enhancements, gradual advances, but I didn’t anticipate another major boom or a significant disruption of the established order in what once had been a vibrant technology space.

While the technology industry as a whole can suffer from blinkered, willful optimism, perhaps I was afflicted by a different condition entirely. I might have been too pessimistic, too gloomy, dispirited by the technology downturn of the early 2000s and the lack of a meaningful, sustained recovery in the years that immediately followed.

By the way, when I refer to technology, I’m not talking about social networking such as Facebook. I understand that there’s a lot of technology behind the scenes at Facebook, but the customer-facing “social” phenomenon leaves me cold. I never did see the point of Facebook from a user’s perspective, though I understood how it could serve as an unprecedented data-mining machine for advertisers.

Opportunity Renewed

Fortunately, though, I was wrong about the decline and fall of infrastructure. It took a while, but a new era of infrastructure has arisen, based on virtualization, orchestration, and automation. Technological possibilities that we could only dream about more than a decade ago are now possible. In the networking realm, software-defined networking (SDN) is enabling comparatively outmoded network infrastructure to catch up with compute and, to a lesser degree, storage infrastructure as the promise of an application-driven, programmable data center comes into clearer view.

Suddenly, at long last, there’s new opportunity in infrastructure.

You don’t have to take my word for it, either. There are people who’ve designed and developed industry-leading technologies who espouse the same opinion. Some of these people are billionaires, and they’re backed their convictions with substantial sums of money, investing in technologies and companies with clear mandates to remake IT infrastructure.

Outrageously Wealthy Canuck

One of those people is David Cheriton, a billionaire who wears many hats. He is Professor of Computer Science and Electrical Engineering at Stanford University, where he researches networking and distributed systems, and he also serves as a co-founder and chief scientist at Arista Networks. He’s also an investor in startup companies. Back in 1998, one early-stage company in which he invested, along with Arista co-founder Andy Bechtolsheim, was Google.  The duo made a similar early investment in VMware, so they’ve done okay.

Born in Vancouver, raised in Edmonton, Alberta, and ranked 37th on a Wikipedia list of “richest Canadians”** — Forbes ranks him 21st among outrageously wealthy Canucks  — Cheriton recently spoke about innovation and entrepreneurship at a Churchill Club event in Silicon Valley. The event was co-hosted and organized by the Hua Yuan Science and Technology Association and also featured Ken Xie, who founded NetScreen (acquired by Juniper Networks in 2004) and is now president and CEO of unified-threat-management/firewall vendor Fortinet, a company he also founded.

In addition to his apparent knack as an investor, Cheriton has considerable firsthand experience as an entrepreneur and an innovator. Before he and Bechtolsheim combined forces at Arista Networks,  they founded Granite Systems, a Gigabit-Ethernet switching concern that was acquired by Cisco in 1996 for about $220 million in stock, back when shares of Cisco were continuously on the rise.  Subsequently, after the Google investment, Bechtolsheim and Cheriton combined forces again to found Kealia, which specialized in server technology based on AMD’s Opteron microprocessor.  That company was acquired by Sun Microsystems in 2004, providing technology included in the Sun Fire X4500 storage product.

Room for Improvement

In 2005, Cheriton and Bechtolsheiim followed up with Arista, then called Arastra, and its 10-GbE switching technology, which brings us to the approximate present and back to something Cheriton said at the Churchill Club event late last month. Noting that people tend to become preoccupied with the latest developments in social networking and mobility, Cheriton expressed his enthusiasm for infrastructure, as an investment vehicle as well as an area in which he has an abiding technical interest. As quoted in a BusinessWeek article, Cheriton said: “I think there is an opportunity to go back and say, ‘Gee, I think there’s lot of room for improvement in the infrastructure.’ ”

Reinforcing that point, he noted that technology infrastructure today is predicated on ideas that are about 30 years old. The network was the place to start the infrastructure refurbishment, Cheriton believed, and Arista Networks grew from that conviction.

But Cheriton hasn’t stopped there. He also founded a company called Optumsoft, about which not much is known. On its website, Optumsoft is described as an early-stage startup company “taking distributed computing and distributed software development mainstream.” Quoting from the website:

Recent advancements in multi-core computing systems, coupled with the ever increasing functional and performance requirements of software has created an exciting market opportunity for addressing the programmatic and architectural issues involved in modern software development. Optumsoft is addressing this growing market with a novel technology approach that is transparent, scalable, and portable, resulting in significant improvement to the development and maintenance of distributed/parallel structured software systems. Early production usage by commercial clients has validated the technology and value proposition.

Last fall, an anonymous source suggested on Quora that what Optumsoft was building related to “how to structure object-oriented RPC in a way that makes it easy to build robust systems.  The technology behind Arista’s EOS is based on some of these ideas, as was software structure at a previous startup, Kealia.  The technology includes an IDL and a C++ runtime, similar to what you’d get using CORBA.”

Nebula and Tintri

On the investment side, Cheriton and Bechtolsheim have put money into Nebula, which has venture-capital backing from Kleiner Perkins Caulfield & Byers and Highland Capital Partners. Built on OpenStack, the Nebula Enterprise Cloud Appliance is designed to provision and configure flexible, scalable cloud-computing infrastructure. Although it doesn’t say so on the Nebula website, previous reports indicated that Arista’s networking technology is included in the Nebula appliance.

According to the BusinessWeek article,  Cheriton also has a stake in Tintri, co-founded by Kieran Harty and Mark Gritter. Harty was EVP of R&D at VMware for seven years, and Gritter was one of the first of Cheriton’s employees at Kealia. They’ve assembled a PhD-laden engineering team that has developed a virtual-machine-aware storage appliance designed for virtualized environments, which the company says have been underserved by older storage technology that apparently contributes to “VM stall.”

Another early-stage investment that Cheriton made was in Aster Data Systems, a purveyor of a massively parallel DBMS that runs on clustered commodity servers. Already a minority owner of Aster, Teradata bought the 89% of the company it didn’t own for $263 million last year.

Cheriton has made bets on infrastructure, and he’ll likely make others. It’s an encouraging sign for those of us who gravitate to that part of the industry.

(**No, I am not on the list, but thanks for asking.)

Attack on Nortel Not an Anomaly

In my last post,, I promised to offer a subsequent entry on why public companies are reluctant to publicize breaches of their corporate networks.

I also suggested that such attacks probably are far more common than we realize. What happened to Nortel likely is occurring to a number of other companies right now.

It’s easy to understand why public companies don’t like to disclose that they’ve been the victim of hacking exploits, especially if those attacks result in the theft of intellectual property and trade secrets.

Strong Sell Signals

As public companies, their shares are traded on stock markets. Not without reason, shareholders and prospective investors might be inclined to interpret significant breaches of corporate networks as strong sell signals.

After all, loss of intellectual property — source code, proprietary product designs, trade secrets, and strategic plans — damages brand equity. Upon learning that the company in which they hold shares had its intellectual property pilfered, investors might be inclined to deduce that the stolen assets will later manifest themselves as lost revenue, reduced margins, decreased market share, and diminished competitive advantage.

Hacking exploits that result in perceived or real loss of substantial intellectual property represent an investor-relations nightmare.  A public company that discloses a major cyber breach that resulted in the loss of valuable business assets is far more likely to be met with market dismay than with widespread sympathy.

Downplay Losses

So, if public companies are breached, they keep it to themselves. If, however, a company is compelled by circumstances beyond its control to make a public disclosure about being attacked, it will downplay the severity and the risks associated with the matter.

In early 2010, you will recall, Google announced that it was subjected to a persistent cyber attack  that originated in China. It was part of larger attack, called Operation Aurora, aimed at dozens of other companies.

Some companies acknowledged publicly that they were attacked. Those companies included Adobe Systems, Juniper Networks, and Rackspace. Other companies subjected to the attacks — but which were not as forthcoming about what transpired — reportedly included Yahoo, Symantec, Northrop Grumman, Morgan Stanley, and Dow Chemical.

After the Crown Jewels

At the time of the attacks, Google spun a media narrative that suggested the attacks were designed to spy on human-rights activists by cracking their email accounts. While that might have been a secondary objective of the attacks, the broader pattern of Operation Aurora suggests that the electronic interlopers from China were more interested in obtaining intellectual property and trade secrets than in reading the personal correspondence of human-rights activists.

Indeed, McAfee, which investigated the attacks, reported that the objective of the perpetrators was to gain access to and to potentially modify source-code repositories at the targeted companies. The attackers were after those companies’ “crown jewels.”

The companies that admitted being victims of Operation Aurora all downplayed the extent of the attacks and any possible losses they might have suffered. Perhaps they were telling the truth. We just don’t know.

Transfer of Wealth

Last summer, Dmitri Alperovitch, McAfee’s vice president of threat research, provided the following quote to Reuters:

“Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors. This is the biggest transfer of wealth in terms of intellectual property in history. The scale at which this is occurring is really, really frightening.”

What Alperovitch said might seem melodramatic, but it isn’t. He’s not the only knowledgeable observer who has seen firsthand the electronic pillage and plunder of corporate intellectual property on a vast scale. For the reasons cited earlier in this post, few companies want to put up their hands and acknowledge that they’ve been victimized.

Nortel, in apparently being subjected to a decade-long cyber attack, might have been a special case, but we should not assume that what happened to Nortel is anomalous. For all we know, the largest companies in the technology industry are being violated and plundered as you read this post.

Hackers Didn’t Kill Nortel

For a company that is dead in all meaningful respects, Nortel Networks has an uncanny knack of finding its way into the news. Just as late rapper Tupac Shakur’s posthumous song releases kept him in the public consciousness long after his untimely death, Nortel has its recurring scandals and misadventures to sustain its dark legacy.

Recently, Nortel has surfaced in the headlines for two reasons. First, there was (and is) the ongoing fraud trial of three former Nortel executives: erstwhile CEO Frank Dunn, former CFO Douglas Beatty, and ex-corporate controller Michael Gollogly. That unedifying spectacle is unfolding at a deliberate pace in a Toronto courtroom.

Decade of Hacking

While a lamentable story in its own right, the trial was overshadowed earlier this week by another development. In a story that was published in the Wall Street Journal, a former Nortel computer-security specialist alleged that the one-time telecom titan had been subject to decade-long hacking exploits undertaken by unknown assailants based in China. The objective of the hackers apparently was corporate espionage, specifically related to gaining access to Nortel’s intellectual property and trade secrets. The hacking began in 2000 and persisted well into 2009, according to the former Nortel employee.

After the report was published, speculation arose as to whether, and to what degree, the electronic espionage and implicit theft of intellectual property might have contributed to, or hastened, Nortel’s passing.

Presuming the contents of the Wall Street Journal article to be accurate, there’s no question that persistent hacking of such extraordinary scale and duration could not have done Nortel any good. Depending on what assets were purloined and how they were utilized — and by whom — it is conceivable, as some have asserted, that the exploits might have hastened Nortel’s downfall.

Abundance of Clowns

But there’s a lot we don’t know about the hacking episode, many questions that remain unanswered. Unfortunately, answers to those questions probably are not forthcoming. Vested interests, including those formerly at Nortel, will be reluctant to provide missing details.

That said, I think we have to remember that Nortel was a shambolic three-ring circus with no shortage of clowns at the head of affairs. As I’ve written before, Nortel was its own worst enemy. Its self-harm regimen was legendary and varied.

Just for starters, there was its deranged acquisition strategy, marked by randomness and profligacy. Taking a contrarian position to conventional wisdom, Nortel bought high and sold low (or not at all) on nearly every acquisition it made, notoriously overspending during the Internet boom of the 1990s that turned to bust in 2001.

Bored Directors

The situation was exacerbated by mismanaged assimilation and integration of those poorly conceived acquisitions. If Cisco wrote the networking industry’s how-to guide for acquisitions in the 1990s, Nortel obviously didn’t read it.

Nortel’s inability to squeeze value from its acquisitions was symptomatic of executive mismanagement, delivered by a long line of overpaid executives. And that brings us to the board of directors, which took complacency and passivity to previously unimagined depths of docility and indifference.

In turn, that fecklessness contributed to bookkeeping irregularities and accounting shenanigans that drew the unwanted attention of the Securities and Exchange Commission and the Ontario Securities Commission, and which ultimately resulted in the fraud trial taking place in Toronto.

Death by Misadventures

In no way am I excusing any hacking or alleged intellectual property theft that might have been perpetrated against Nortel. Obviously, such exploits are unacceptable. (I have another post in the works about why public companies are reluctant to expose their victimization in hack attacks, and why we should suspect many technology companies today have been breached, perhaps significantly. But that’s for another day).

My point is that, while hackers and intellectual-property thieves might be guilty of many crimes, it’s a stretch to blame them for Nortel’s downfall. Plenty of companies have been hacked, and continue to be hacked, by foreign interests in pursuit of industrial assets and trade secrets. Those companies, though harmed by such exploits, remain with us.

Nortel was undone overwhelmingly by its own hand, not by the stealthy reach of electronic assassins.

U.S. National-Security Concerns Cast Pall over Huawei

As 2011 draws to a close, Huawei faces some difficult questions about its business prospects in the United States.  The company is expanding worldwide into enterprise networking and mobile devices, such as smartphones and tablets, even as it continues to grow its global telecommunications-equipment franchise.

Huawei is a company that generated 2010 revenue of about $28 billion, and it has an enviable growth profile for a firm of its size. But a dark cloud of suspicion continues to hang over it in the U.S. market, where it has not made headway commensurate with its success in other parts of the world. (As its Wikipedia entry states, Huawei’s products and services have been deployed in more than 140 countries, and it serves 45 of the world’s 50 largest telcos. None of those telcos are in the U.S.)

History of Suspicion

The reason it has not prospered in the U.S. is at primarily attributable to persistent government concerns about Huawei’s alleged involvement in cyber espionage as a reputed proxy for China. At this point, I will point out that none of the charges has been proven, and that any evidence against the company has been kept classified by U.S. intelligence agencies.

Nonetheless, innuendo and suspicions persist, and they inhibit Huawei’s ability to serve customers and grow revenue in the U.S. market. In the recent past, the U.S. government has admonished American carriers, including Sprint Nextel, not to buy Huawei’s telecommunications equipment on national-security concerns. On the same grounds, U.S. government agencies prevented Huawei from acquiring ownership stakes in U.S.-based companies such as 3Com, subsequently acquired by HP, and 3Leaf Systems. Moreover, Huawei was barred recently from participating in a nationwide emergency network, again for reasons of national security.

Through it all, Huawei has asserted that it has nothing to hide, that it operates no differently from its competitors and peers in the marketplace, and that it has no intelligence-gathering remit from the China or any other national government. Huawei even has welcomed an investigation by US authorities, saying that it wants to put the espionage charges behind it once and for all.

Investigation Welcomed

Well, it appears Huawei, among others, will be formally investigated, but it also seems the imbroglio with the U.S. authorities might continue for some time. We learned in November that the U.S. House Permanent Select Committee on Intelligence would investigate potential security threats posed by some foreign companies, Huawei included.

In making the announcement relating to the investigation, U.S. Representative Mike Rogers, a Michigan Republican and the committee’s chairman, said China has increased its cyber espionage in the United States. He cited connections between Huawei’s president, Ren Zhengfei, and the People’s Liberation Army, to which the Huawei chieftain once belonged.

For its part, as previously mentioned, Huawei says it welcomes an investigation. Here’s a direct quote from William Plummer, a Huawei spokesman, excerpted from a recent Bloomberg article:

“Huawei conducts its businesses according to normal business practices just like everybody in this industry. Huawei is an independent company that is not directed, owned or influenced by any government, including the Chinese government.”

Unwanted Attention from Washington

The same Bloomberg article containing that quote also discloses that the U.S. government has invoked  Cold War-era national-security powers to compel telecommunication companies, including AT&T Inc. and Verizon Communications Inc., to disclose confidential information about the components and composition of their networks in a hunt for evidence of Chinese electronic malfeasance.

Specifically, the U.S. Commerce Department this past spring requested a detailed accounting of foreign-made hardware and software on carrier networks, according to the Bloomberg article. It also asked the telcos and other companies about security-related incidents, such as the discovery of “unauthorized electronic hardware” or suspicious equipment capable of duplicating or redirecting data.

Brand Ambitions at Risk

The concerns aren’t necessarily exclusive to alleged Chinese cyber espionage, and Huawei is not the only company whose gear will come under scrutiny. Still, Huawei clearly is drawing a lot of unwanted attention in Washington.

While Huawei would like this matter to be resolved expeditiously in its favor, the investigations probably will continue for some time before definitive verdicts are rendered publicly. In the meantime, Huawei’s U.S. aspirations are stuck in arrested development.

To be sure, the damage might not be restricted entirely to the United States. As this ominous saga plays out, Huawei is trying to develop its brand in Europe, Asia, South America, Africa, and Australia. It’s making concerted advertising and marketing pushes for its smartphones in the U.K., among other jurisdictions, and it probably doesn’t want consumers there or elsewhere to be inundated with persistent reports about U.S. investigations into its alleged involvement with cyber espionage and spyware.

Indulge me for a moment as I channel my inner screenwriter.

Scenario: U.K. electronics retailer. Two blokes survey the mobile phones on offer. Bloke One picks up a Huawei smartphone. 

Bloke One: “I quite fancy this Android handset from Huawei. The price is right, too.”

Bloke Two: “Huawei? Isn’t that the dodgy Chinese company being investigated by the Yanks for spyware?

Bloke One puts down the handset and considers another option.

Serious Implications

Dark humor aside, there are serious implications for Huawei as it remains under this cloud of suspicion. Those implications conceivably stretch well beyond the shores of the United States.

Some have suggested that the U.S. government’s charges against Huawei are prompted more by protectionism than by legitimate concerns about national security. With the existing evidence against Huawei classified, there’s no way for the public, in the U.S. or elsewhere, to make an informed judgment.

Revisiting the Nicira Break-In

While doing research on my last post, I spent some time on Martin Casado’s thought-provoking blog, Network Heresy. He doesn’t generate posts prolifically — he’s preoccupied with other matters, including his job as chief technology officer at Nicira Networks — but his commentaries typically are detailed, illuminating, intelligent, and invariably honest.

One of his relatively recent posts, Origins and Evolution of OpenFlow/SDN, features a video of his keynote at the Open Networking Summit, where, as the title of the blog post advertises, he explained how SDNs and OpenFlow have advanced. His salient point is that it’s the community,  not the technology, that makes the SDN movement so meaningful.  The technology, he believes, will progress as it should, but the key to SDN’s success will be the capacity of the varied community of interests to cohere and thrive. It’s a valid point.

Serious Work

That said, that’s not the only thing that caught my interest in the keynote video. Early in that presentation, speaking about how he and others got involved with SDNs and OpenFlow, he talks about his professional past. I quote directly:

“Back in 2002-2003, post-9/11, I used to work for the feds. I worked in the intelligence sector. The team I worked with, we were responsible for auditing and securing some of the most sensitive networks in the United States. This is pretty serious stuff. Literally, if these guys got broken into, people died . . . We took our jobs pretty seriously.”

It doesn’t surprise me that OpenFlow-enabled SDNs might have had at least some of their roots in the intelligence world. Many technologies have been conceived and cultivated in the shadowy realms of defense and intelligence agencies. The Internet itself grew from the Advanced Research Projects Agency Network (ARPANET),  which was funded by the Defense Advanced Research Projects Agency (DARPA) of the United States Department of Defense.

Old-School Break-In

When I heard those words, however, I was reminded of the armed break-in that Nicira suffered last spring, first reported in a Newsweek cover story on the so-called “Code War” and cyber-espionage published in July.  What was striking about the breach at Nicira, both in and of itself and within the context of the Newsweek article, is that it was a physical, old-school break-in, not a cyber attack. An armed burglar wearing a ski mask broke into Nicira Networks and made his way purposefully to the desk of “one of the company’s top engineers.” The perpetrator then grabbed a computer, apparently containing source code, and took flight.

Palo Alto constabulary portrayed the crime as a bog-standard smash and grab, but “people close to the company” and national-intelligence investigators suspect it was a professional job executed by someone with ties to Russia or China. The objective, as one might guess, was to purloin intellectual property.

The involvement of national-intelligence investigators in the case served as a red flag signaling that the crime was not committed by a crank-addled junkie hoping to sell a stolen computer. There’s a bigger story, and Newsweek touched on it before heading off in a different direction to explore cyber espionage, hack attacks, and the code-warrior industry.

Nicira’s Stealth Mode

Last month, the New York Times mentioned the Nicira break-in during the course of an article titled “What Is Nicira Up To?”.

Indeed, that is a fair question to ask. There still isn’t much meat on the bones of Nicira’s website, though we know the company is developing a network-virtualization platform that decouples network services from the underlying hardware, “like a server hypervisor separates physical servers from virtual machines.”

It’s essentially software-defined networking (SDN), with OpenFlow in the mix, though Nicira refrained assiduously from using those words in its marketing messages. On the other hand, as we’ve already seen, CTO Martin Casado isn’t shy about invoking the SDN acronym, or providing learned expositions on its underlying technologies, when addressing technical audiences.

Mystery Remains 

Let’s return to the break-in, however, because the New York Times provided some additional information. We learn that a significant amount of Nicira’s intellectual property was on the purloined computer, though CEO Steven Mullaney said it was “very early stuff, nothing like what we’ve got now.”

Still, the supposition remained that the thief was an agent of a foreign government. We also learned more about Casado’s professional background and about the genesis of the technology that eventually would be developed further and commercialized at Nicira.  Casado’s government work took place at Lawrence Livermore National Laboratory, where he was asked by U.S. intelligence agencies to design a global network that would dynamically change its levels of security and authorization.

We might never discover who broke into Nicira last May. As the Newsweek story recounted, government investigators have advised those familiar with the incident not to discuss it. Questions remain, but the mystery is likely to remain unsolved, at least publicly.

Assessing Dell’s Layer 4-7 Options

As it continues to integrate and assimilate its acquisition of Force10 Networks, Dell is thinking about its next networking move.

Based on what has been said recently by Dario Zamarian, Dell’s GM and SVP of networking, the company definitely will be making that move soon. In an article covering Dell’s transition from box pusher to data-center and cloud contender, Zamarian told Fritz Nelson of InformationWeek that “Dell needs to offer Layer 4 and Layer 7 network services, citing security, load balancing, and overall orchestration as its areas of emphasis.”

Zamarian didn’t say whether the move into Layer 4-7 network services would occur through acquisition, internal development, or partnership. However, as I invoke deductive reasoning that would make Sherlock Holmes green with envy (or not), I think it’s safe to conclude an acquisition is the most likely route.

F5 Connection

Why? Well, Dell already has partnerships that cover Layer 4-7 services. F5 Networks, the leader in the application-delivery controllers (ADCs), is a significant Dell partner in the Layer 4-7 sphere. Dell and F5 have partnered for 10 years, and Dell bills itself as the largest reseller of F5 solutions. If you consider what Zamarian described as Dell’s next networking priority, F5 certainly fits the bill.

There’s one problem. F5 probably isn’t selling at any price Dell would be willing to pay.  As of today, F5 has a market capitalization of more than $8.5 billion. Dell has the cash, about $16 billion and counting, to buy F5 at a premium, but it’s unlikely Dell would be willing to fork over more than $11 billion — which, presuming mutual interest, might be F5’s absolute minimum asking price — to close the deal. Besides, observers have been thinking F5 would be acquired since before the Internet bubble of 2000 burst. It’s not likely to happen this time either.

Dell could see whether one of its other partners, Citrix, is willing to sell its NetScaler business. I’m not sure that’s likely to happen, though. I definitely can’t envision Dell buying Citrix outright. Citrix’s market cap, at more than $13.7 billion, is too high, and there are pieces of the business Dell probably wouldn’t want to own.

Shopping Not Far From Home?

Who else is in the mix? Radware is an F5 competitor that Dell might consider, but I don’t see that happening. Dell’s networking group is based in the Bay Area, and I think they’ll be looking for something closer to home, easier to integrate.

That brings us to F5 rival A10 Networks. Force10 Networks, which Dell now owns, had a partnership with A10, and there’s a possibility Dell might inherit and expand upon that relationship.

Then again, maybe not. Generally, A10 is a seen as purveyor of cost-effective ADCs. It is not typically perceived as an innovator and trailblazer, and it isn’t thought to have the best solutions for complex enterprise or data-center environments, exactly the areas where Dell wants to press its advantage. It’s also worth bearing in mind that A10 has been involved in exchanges of not-so-friendly litigious fire — yes, lawsuits volleyed back and forth furiously — with F5 and others.

All in all, A10 doesn’t seem a perfect fit for Dell’s needs, though the price might be right.

Something Programmable 

Another candidate, one that’s quite intriguing in many respects, is Embrane. The company is bringing programmable network services, delivered on commodity x86 servers, to the upper layers of the stack, addressing many of the areas in which Zamarian expressed interest. Embrane is focusing on virtualized data centers where Dell wants to be a player, but initially its appeal will be with service providers rather than with enterprises.

In an article written by Stacey Higginbotham and published at GigaOM this summer, Embrane CEO Dante Malagrinò explained that his company’s technology would enable hosting companies to provide virtualized services at Layers 4 through 7, including load balancing, firewalls, virtual private networking (VPN),  among others.

Some of you might see similarities between what Embrane is offering and the OpenFlow-enabled software-defined networking (SDN). Indeed, there are similarities, but, as Embrane points out, OpenFlow promises network virtualization and programmability at Layers 2 and 3 of the stack, not at Layers 4 through 7.

Higher-Layer Complement to OpenFlow

Dell, as we know, has talked extensively about the potential of OpenFlow to deliver operational cost savings and innovative services to data centers at service provides and enterprises. One could see what Embrane does as a higher-layer complement to OpenFlow’s network programmability. Both technologies take intelligence away from specialized networking gear and place it at the edge of the network, running in software on industry-standard hardware.

Interestingly, there aren’t many degrees of separation between the principals at Embrane and Dell’s Zamarian. It doesn’t take much sleuthing to learn that Zamarian knows both Malagrinò and Marco Di Benedetto, Embrane’s CTO. They worked together at Cisco Systems. Moreover, Zamarian and Malagrinò both studied at the Politecnico di Torino, though a decade or so apart.  Zamarian also has connections to Embrane board members.

Play an Old Game, Or Define a New One

In and of itself, those don’t mean anything. Dell would have to see value in what Embrane offers, and Embrane and its backers would have to want to sell. The company announced that in August that it had closed an $18-million Series-financing round, led by New Enterprise Associates (NEA). Lightspeed Venture Partners and North Bridge Ventures also took part in the round, which followed initial lead investments in the company’s $9-million Series-A funding.

Embrane’s product has been in beta, but the company planned a commercial launch before the end of this year. Its blog has been quiet since August.

I would be surprised to see Dell acquire F5, and I don’t think Citrix will part with NetScaler. If Dell is thinking about plugging L4-7 holes cost-effectively, it might opt for an acquisition of A10, but, if it’s thinking more ambitiously — if it really is transforming itself into a solutions provider for cloud providers and data centers — then it might reach for something with the potential to establish a new game rather than play at an old one.

No Word on Avaya’s Long-Pending IPO

Like many other prospective public offerings, Avaya’s pending trick-or-treat IPO would appear to be in suspended animation. The company and its agents wanted to get the deal done this year, but there’s been no word on whether it will go ahead before the sands in 2011’s hourglass run down.

Avaya signaled its intentions and filed the requisite paperwork in June, but then economic conditions worsened. Here’s an excerpt from a post I wrote about the pending IPO when all the leaves were still on the trees:

“We don’t know when Avaya will have its IPO, but we learned a couple weeks ago that the company will trade under the symbol ‘AVYA‘ on the New York Stock Exchange.

Long before that, back in June, Avaya first indicated that it would file for an IPO, from which it hoped to raise about $1 billion. Presuming the IPO goes ahead before the end of this year, Avaya could find itself valued at $5 billion or more, which would be about 40 percent less than private-equity investors Silver Lake and TPG paid to become owners of the company back in 2007.”

Making Moves While Waiting for Logjam to Clear

Speaking of Silver Lake and TPG, they must feel a particular urgency to get this deal consummated.  As mentioned in my previous post, they want to use the proceeds to pay down rather substantial debt (total indebtedness was $6.176 billion as of March 31), redeem preferred stock, and pay management termination fees to Avaya’s sponsors, which happen to be Silver Lake and TPG.  That’s plenty of incentive.

The lead underwriters for the transaction, when it eventually occurs, will be J.P. Morgan, Morgan Stanley, and Goldman Sachs & Company.

Avaya hasn’t been sitting on its hands while waiting to go public. The company acquired SIP-security specialist Sipera, a purveyor of session border controllers (SBC) and unified-communications (UC) security solutions, early this month. It followed that move with the acquisition of Aurix, a UK-based provider of speech analytics and audio data-mining technology.

Financials terms were not disclosed regarding either transaction.

Attention Shifts to Cavium After Broadcom’s Announced Buy of NetLogic

As most of you will know by now, Broadcom announced the acquisition of NetLogic Microsystems earlier this morning. The deal, expected to close in the first half of 2012, involves Broadcom paying out $3.7 billion in cash, or about $50 per NetLogic (NETL) share. For NetLogic shareholders, that’s a 57-percent premium on the company’s closing share price on Friday, September 9.

Sharp Premium

The sharp premium suggests a couple possibilities. One is that Broadcom had competition for NetLogic. Given that Frank Quattrone’s investment bank, Qatalyst Partners, served as an adviser to NetLogic, it’s certainly possible that a lively market existed for the seller. Another possibility is that Broadcom wanted to make a preemptive strike, issuing a bid that it knew would pass muster with NetLogic’s board and shareholders, while also precluding the emergence of a competitive bid.

Either way, both companies’ boards have approved the deal, which now awaits regulatory clearance and an approbatory nod from NetLogics’ shareholders.

In a press release announcing the acquisition, Broadcom provided an official rationale for the move:

Deal Rationale

“The acquisition meaningfully extends Broadcom’s infrastructure portfolio with a number of critical new product lines and technologies, including knowledge-based processors, multi-core embedded processors, and digital front-end processors, each of which offers industry-leading performance and capabilities. The combination enables Broadcom to deliver best-in-class, seamlessly-integrated network infrastructure platforms to its customers, reducing both their time-to-market and their development costs.”

Said Scott McGregor, Broadcom’s president and CEO:

“This transaction delivers on all fronts for Broadcom’s shareholders — strategic fit, leading-edge technology and significant financial upside. With NetLogic Microsystems, Broadcom is acquiring a leading multi-core embedded processor solution, market leading knowledge-based processors, and unique digital front-end technology for wireless base stations that are key enablers for the next generation infrastructure build-out. Broadcom is now better positioned to meet growing customer demand for integrated, end-to-end communications and processing platforms for network infrastructure.”

“Today’s transaction is consistent with Broadcom’s strategic portfolio review process and with our focus on value creation through disciplined capital allocation while delivering best-in-class platforms for customers in the fastest growing segments of the communications industry.”

Sensible Move for Broadcom

Indeed, the transaction makes a lot of sense for Broadcom. Even though obtaining NetLogic’s technology for wireless base stations undoubtedly was a key business driver behind the deal, NetLogic addresses other markets that will be of value to Broadcom. Some of NetLogic’s latest commercial offerings are applicable to data- plane processing in large routers, security appliances,  network-attached storage and storage-area networking, next-generation cellular networks, and other communications equipment. The deal should Broadcom bolster its presence with existing customers and perhaps help it drive into some new accounts.

NetLogic’s primary competitors are Cavium Networks (CAVM) and Freescale Semiconductor (FSL). Considering Broadcom’s strategic requirements and the capabilities of the prospective acquisition candidates, NetLogic seems to offer the greatest upside, the lowest risk profile, and the fewest product overlaps.

Now the market’s attention will turn to Cavium, which was valued at $1.51 billion as of last Friday, before today’s transaction was announced, but whose shares are up more than seven percent in early trade this morning.

Limits to Consumerization of IT

At GigaOm, Derrick Harris is wondering about the limits of consumerization of IT for enterprise applications. It’s a subject that warrants consideration.

My take on consumerization of IT is that it makes sense, and probably is an unstoppable force, when it comes to the utilization of mobile hardware such as smartphones and tablets (the latter composed primarily and almost exclusively of iPads these days).

This is a mutually beneficial arrangement. Employees are happier, not to mention more productive and engaged, when using their own computing and communications devices. Employers benefit because they don’t have to buy and support mobile devices for their staff.  Both groups win.

Everybody Wins

Moreover, mobile device management (MDM) and mobile-security suites, together with various approaches to securing applications and data, mean that the security risks of allowing employees to bring their devices to work have been sharply mitigated. In relation to mobile devices, the organizational rewards of IT consumerization — greater employee productivity, engaged and involved employees, lower capital and operating expenditures — outweigh the security risks, which are being addressed by a growing number of management and security vendors who see a market opportunity in making the practice safer.

In other areas, though, the case in favor of IT consumerization is not as clear. In his piece, Harris questions whether VMware will be successful with a Dropbox-like application codenamed Project Octopus. He concludes that those already using Dropbox will be reluctant to swap it for a an enterprise-sanctioned service that provides similar features, functionality, and benefits. He posits that consumers will want to control the applications and services they use, much as they determine which devices they bring to work.

Data and Applications: Different Proposition

However, the circumstances and the situations are different. As noted above, there’s diminishing risk for enterprise IT in allowing employees to bring their devices to work.  Dropbox, and consumer-oriented data-storage services in general, is an entirely different proposition.

Enterprises increasingly have found ways to protect sensitive corporate data residing on and being sent to and from mobile devices, but consumer-oriented products like Dropbox do an end run around secure information-management practices in the enterprises and can leave sensitive corporate information unduly exposed. The enterprise cost-benefit analysis for a third-party service like Dropbox shows risks outweighing potential rewards, and that sets up a dynamic where many corporate IT departments will mandate and insist upon company-wide adoption of enterprise-class alternatives.

Just as I understand why corporate minders acceded to consumerization of IT in relation to mobile devices, I also fully appreciate why corporate IT will draw the line at certain types of consumer-oriented applications and information services.

Consumerization of IT is a real phenomenon, but it has its limits.

What Cisco and Huawei Have in Common

Cisco and Huawei have a lot in common. Not only has Huawei joined Cisco in the enterprise-networking market, but it also has put down R&D roots in Silicon Valley, where it and Cisco now compete for engineering talent.

The two companies have something else in common, too: Both claim their R&D strategies are being thwarted by the US government.

Cisco Hopes for Tax Holiday

It’s no secret that Cisco would like the Obama Administration to deliver a repatriation tax holiday on the mountain of cash the company has accumulated overseas. The vast majority of Cisco’s cash — more than $40 billion — is held overseas. Cisco is averse to bringing it back home because it would be taxed at the US corporate rate of 35 percent.

Cisco would prefer to see a repatriation tax rate, at least for the short term, of a 5.25-percent rate. That would allow Cisco, as well as a number of other major US technology firms, to bring back a whopping war chest to the domestic market, where the money could be used for a variety of purposes, including R&D and M&A.

Notwithstanding some intermittent activity, Cisco’s R&D pace has decelerated.  Including the announced acquisition of collaboration-software vendor Versly today, Cisco has announced just four acquisitions this year. It announced seven buys in 2010, and just five each in 2009 and 2008. In contrast, Cisco announced 12 acquisitions in 2007, preceded by nine in 2006 and 12 in 2005.

Solid Track Record

Doubtless the punishing and protracted macroeconomic downturn has factored into Cisco’s slowing pace of M&A activity. I also think Cisco has lost some leadership and bench strength on its M&A team. And, yes, Cisco’s push to keep money offshore, away from US corporate taxes, is a factor, too.

Although Cisco is capable of innovating organically, it historically has produced many of its breakthrough products through inorganic means, namely acquisitions. Its first acquisition, of Crescendo Communications in 1993, ranks as its best. That deal brought it the family of Catalyst switches, a stellar group of executive talent, and eventual dominance of the burgeoning enterprise-networking market.

Not all Cisco acquisitions have gone well, but the company’s overall track record, as John Chambers will tell you, has been pretty good. Cisco has a devised cookbook for identifying acquisition candidates, qualifying them through rigorous due diligence, negotiating deals on terms that ensure key assets don’t walk out the door, and finally ensuring that integration and assimilation are consummated effectively and quickly.  Maybe Cisco has gotten a bit rusty, but one has to think the institutional memory of how to succeed at the M&A game still lives on Tasman Drive.

Acute Need for M&A

That brings us to Cisco’s overseas cash and the dilemma it represents. Although developing markets are growing, Cisco apparently has struggled to find offshore acquisition candidates. Put another way, it has not been able to match offshore cash with offshore assets. Revenue growth might increasingly occur in China, India, Brazil, Russia, and other developing markets, but Cisco and other technology leaders seem to believe that the entrepreneurial innovation engine that drives that growth will still have a home in the USA.

So, Cisco sits in a holding pattern, waiting for the US government to give it a repatriation tax holiday. Presuming that holiday is granted, Cisco will be back on the acquisition trail with a vengeance. Probably more than ever, Cisco needs to make key acquisitions to ensure its market dominance and perhaps even its long-term relevance.

Huawei Discouraged Repeatedly

Huawei has a different sort of problem, but it is similarly constrained from making acquisitions in the USA.  On national-security grounds, the US government has discouraged and prevented Huawei from selling its telecommunications gear to major US carriers and from buying US-based technology companies. Bain Capital and Huawei were dissuaded from pursuing an acquisition of networking-vendor 3Com by the Committee on Foreign Investment in the United States (CFIUS) in 2008. Earlier this year, Huawei backtracked from a proposed acquisition of assets belonging to 3Leaf, a bankrupt cloud-computer software company, when it became evident the US government would oppose the transaction.

Responding to the impasse, Huawei has set up its own R&D in Silicon Valley and has established a joint venture with Symantec, called Huawei Symantec, that structurally looks a lot like H3C, the joint venture that Huawei established with 3Com before the two companies were forced to go their separate ways. (H3C, like the rest of 3Com, is now subsumed within HP Networking. Giving HP’s apparent affinity for buying companies whose names start with the number 3 — 3Com and 3Par spring to mind — one wonders how HP failed to plunder what was left of 3Leaf.)

Still, even though Huawei has been forced to go “organic” with its strategy in North America, the company clearly wants the opportunity to make acquisitions in the USA. It’s taken to lobbying the US government, and it has unleashed a charm offensive on market influencers, trying to mitigate, if not eliminate, concerns that it is owned or controlled by China’s government or that it maintains close ties with the China’s defense and intelligence establishments.

Waiting for Government’s Green Light

Huawei wants to acquire companies in North America for a few reasons.  For starters, it could use the R&D expertise and intellectual property, though  it has been building up an impressive trove of its own patents and intellectual property. There are assets in the US that could expedite Huawei’s product-development efforts in areas such as cloud computing, data-center networking, and mobile technologies. Furthermore, there is management expertise in many US companies that Huawei might prefer to buy wholesale rather than piecemeal.

Finally, of course, there’s the question of brand acceptance and legitimacy. If the US government were to allow Huawei to make acquisitions in America, the company would be on the path to being able to sell its products to US-based carriers. Enterprise sales — bear in mind that enterprise networking is considered a key source of future growth by Huawei — would be easier in the US, too, as would be consumer sales of mobile devices such as Android-based smartphones and tablets.

For different reasons, then, Cisco and Huawei are hoping the US government cuts them some slack so that each can close some deals.