Category Archives: Internet Security

F5’s Look Ahead

I’ve always admired how F5 Networks built its business. Against what seemed heavy odds at the time, F5 took the fight to Cisco Systems and established market leadership in load balancing, which subsequently morphed into market leadership in application delivery controllers (ADC).

F5 now talks about its “Intelligent Services Platform,” which “connects any user, anywhere, from any device to the best application resources, independent of infrastructure.”

To be sure, as various permutations of cloud computing take hold and mobile devices proliferate, the market is shifting, and F5 is attempting to move with it. To get a feel for how F5 sees the world, where it sees things going, and how it intends to meet new challenges, you might want to have a look at a 211-slide (yes, that many) presentation that company executives made to analysts and investors yesterday. 

By its nature, the presentation is mostly high-level stuff, but it offers interesting nuggets on markets, products, technologies, and partnerships.  

Avaya IPO? Don’t Count On It

Reports now suggest that Avaya’s pending IPO, which once was mooted to occur this month, might not take place until 2013.

Sources who claim to be familiar with the matter told Reuters and Bloomberg that Avaya has deferred its IPO because of tepid demand amid competition for investment dollars from Facebook, the Carlyle Group, and Palo Alto Networks, among others.

Reconsidering the “Nortel Option

Well, if you are generously disposed, you might believe that particular interpretation of events. However, if you are more skeptical, you might wonder whether an Avaya IPO will ever materialize. If I were making book on the matter — and I’m not, because that sort of thing is illegal in many jurisdictions — I would probably skew the morning-line odds against Avaya bringing its long-deferred IPO to fruition.

Some of you found it amusing when I mooted the possibility of Avaya pursuing the “Nortel option” — that is, selling its assets piecemeal to various buyers — but I can easily envision it happening. Whether that occurs as part of bankruptcy proceedings is another question, though Avaya’s long-term debt remains disconcertingly and stubbornly high.

Despite recent acquisitions, including that of Radvision for $230 million earlier this month, I don’t see the prospect of compelling and sustained revenue growth that would allow Avaya to position itself as an attractive IPO vehicle.

Unconvincing Narrative

No matter where one looks, Avaya’s long-term prospects seem unimpressive if not inauspicious. In its core business of “global communications solutions” — comprising its unified-communications and contact-center product portfolios — it is facing strong rivals (Cisco, a Skype-fortified Microsoft) as well as market and technology trends that significantly inhibit meaningful growth. In networking, its next-biggest business, the company’s progress has been stalled by competition from entrenched market leaders (Cisco, Juniper, HP, etc.), the rise of aggressive enterprise-networking newcomers (Huawei), and a chronic inability to meaningful differentiate itself from the pack.

According to a quarterly financial report that Avaya filed with the Securities and Exchange Commission (SEC) last month, the company generated overall revenue of $1.387 billion during the three months ending on December 31, 2011. That was marginally better than the $1.366 billion in revenue Avaya derived during the corresponding quarter in the previous year. In the fourth quarter of 2011, products accounted for $749 million of revenue and services contributed $638 million, compared to product revenue of $722 million and services revenue of $644 million during the fourth quarter of 2010.

If we parse that product revenue, Avaya’s story doesn’t get any better. The aforementioned “global communications solutions” produced $667 million in revenue during the fourth quarter of 2011, up slightly over revenue of $645 million in the fourth quarter of 2010. Those growth numbers aren’t exactly eye popping, and the picture becomes less vibrant as we turn our attention to Avaya Networking. That business generated revenue of $82 million in the fourth quarter of 2011, a very slight improvement on the $78 million in revenue recorded during the fourth quarter of 2010.

Lofty Aspirations

Avaya can point to seasonality and other factors as extenuating circumstances, but, all things considered, most neutral parties would conclude that Avaya has a mountain to climb in networking. Unfortunately, it seems to be climbing that mountain without sensible footwear and with the questionable guidance of vertiginous  sherpas. I just don’t see Avaya scaling networking’s heights, especially as it pares its R&D spending and offloads sales costs to its channel partners.

True, Marc Randall, who now heads Avaya Networking, has lofty aspirations for the business unit he runs, but analysts and observers (including this one) are doubtful that Avaya can realize its objective of becoming a top-three vendor. Hard numbers validate that skepticism: Dell’Oro Group figures, as reported by Network World’s Jim Duffy, indicate that Avaya has lost half of its revenue share in the Ethernet switching market since taking ownership of Nortel’s enterprise business nearly three years ago. Furthermore, as we have seen, Avaya’s own numbers from its networking business confirm a pronounced lack of market momentum.

Avaya’s networking bullishness is predicated on a plan to align sales of network infrastructure with key applications in five target markets: campus, data center, branch, edge, and mobility. The applications with which it will align its networking gear include Avaya’s own unified communications and contact center solutions, its Web Alive collaboration software, and popular business applications that it neither owns nor controls.

Essentially, Avaya’s networking group is piling a lot of weight on the back of a core business that is more beast of burden than Triple Crown thoroughbred.

Growth by Acquisition?

Perhaps that explains why Avaya is searching for growth through acquisitions. In addition to the acquisition of Radvision this year, Avaya last year acquired Konftel (for $15 million), a vendor of collaboration and conferencing technologies; and Sipera, a purveyor of session-border controllers (SBCs). The Radvision acquisition extended Avaya’s product reach into video, but it probably will not do enough to make Avaya a leader in either videoconferencing or video-based collaboration. It seems like a long-term technology play rather than something that will pay immediate dividends in the market.

So the discussion comes full circle as we wonder just where and how Avaya will manage to produce a growth profile that will make it an attractive IPO prospect for investors. I’m not a soothsayer, but I am willing to predict that Avaya will sell off at least some assets well before it consummates an IPO.

Avaya IPO? Magic 8-ball says: Don’t count on it.

Cheriton Sees Opportunity in Infrastructure

When I wrote my first post on this blog, way back in 2006, I assumed that technology infrastructure largely was a spent force. I expected incremental enhancements, gradual advances, but I didn’t anticipate another major boom or a significant disruption of the established order in what once had been a vibrant technology space.

While the technology industry as a whole can suffer from blinkered, willful optimism, perhaps I was afflicted by a different condition entirely. I might have been too pessimistic, too gloomy, dispirited by the technology downturn of the early 2000s and the lack of a meaningful, sustained recovery in the years that immediately followed.

By the way, when I refer to technology, I’m not talking about social networking such as Facebook. I understand that there’s a lot of technology behind the scenes at Facebook, but the customer-facing “social” phenomenon leaves me cold. I never did see the point of Facebook from a user’s perspective, though I understood how it could serve as an unprecedented data-mining machine for advertisers.

Opportunity Renewed

Fortunately, though, I was wrong about the decline and fall of infrastructure. It took a while, but a new era of infrastructure has arisen, based on virtualization, orchestration, and automation. Technological possibilities that we could only dream about more than a decade ago are now possible. In the networking realm, software-defined networking (SDN) is enabling comparatively outmoded network infrastructure to catch up with compute and, to a lesser degree, storage infrastructure as the promise of an application-driven, programmable data center comes into clearer view.

Suddenly, at long last, there’s new opportunity in infrastructure.

You don’t have to take my word for it, either. There are people who’ve designed and developed industry-leading technologies who espouse the same opinion. Some of these people are billionaires, and they’re backed their convictions with substantial sums of money, investing in technologies and companies with clear mandates to remake IT infrastructure.

Outrageously Wealthy Canuck

One of those people is David Cheriton, a billionaire who wears many hats. He is Professor of Computer Science and Electrical Engineering at Stanford University, where he researches networking and distributed systems, and he also serves as a co-founder and chief scientist at Arista Networks. He’s also an investor in startup companies. Back in 1998, one early-stage company in which he invested, along with Arista co-founder Andy Bechtolsheim, was Google.  The duo made a similar early investment in VMware, so they’ve done okay.

Born in Vancouver, raised in Edmonton, Alberta, and ranked 37th on a Wikipedia list of “richest Canadians”** — Forbes ranks him 21st among outrageously wealthy Canucks  — Cheriton recently spoke about innovation and entrepreneurship at a Churchill Club event in Silicon Valley. The event was co-hosted and organized by the Hua Yuan Science and Technology Association and also featured Ken Xie, who founded NetScreen (acquired by Juniper Networks in 2004) and is now president and CEO of unified-threat-management/firewall vendor Fortinet, a company he also founded.

In addition to his apparent knack as an investor, Cheriton has considerable firsthand experience as an entrepreneur and an innovator. Before he and Bechtolsheim combined forces at Arista Networks,  they founded Granite Systems, a Gigabit-Ethernet switching concern that was acquired by Cisco in 1996 for about $220 million in stock, back when shares of Cisco were continuously on the rise.  Subsequently, after the Google investment, Bechtolsheim and Cheriton combined forces again to found Kealia, which specialized in server technology based on AMD’s Opteron microprocessor.  That company was acquired by Sun Microsystems in 2004, providing technology included in the Sun Fire X4500 storage product.

Room for Improvement

In 2005, Cheriton and Bechtolsheiim followed up with Arista, then called Arastra, and its 10-GbE switching technology, which brings us to the approximate present and back to something Cheriton said at the Churchill Club event late last month. Noting that people tend to become preoccupied with the latest developments in social networking and mobility, Cheriton expressed his enthusiasm for infrastructure, as an investment vehicle as well as an area in which he has an abiding technical interest. As quoted in a BusinessWeek article, Cheriton said: “I think there is an opportunity to go back and say, ‘Gee, I think there’s lot of room for improvement in the infrastructure.’ ”

Reinforcing that point, he noted that technology infrastructure today is predicated on ideas that are about 30 years old. The network was the place to start the infrastructure refurbishment, Cheriton believed, and Arista Networks grew from that conviction.

But Cheriton hasn’t stopped there. He also founded a company called Optumsoft, about which not much is known. On its website, Optumsoft is described as an early-stage startup company “taking distributed computing and distributed software development mainstream.” Quoting from the website:

Recent advancements in multi-core computing systems, coupled with the ever increasing functional and performance requirements of software has created an exciting market opportunity for addressing the programmatic and architectural issues involved in modern software development. Optumsoft is addressing this growing market with a novel technology approach that is transparent, scalable, and portable, resulting in significant improvement to the development and maintenance of distributed/parallel structured software systems. Early production usage by commercial clients has validated the technology and value proposition.

Last fall, an anonymous source suggested on Quora that what Optumsoft was building related to “how to structure object-oriented RPC in a way that makes it easy to build robust systems.  The technology behind Arista’s EOS is based on some of these ideas, as was software structure at a previous startup, Kealia.  The technology includes an IDL and a C++ runtime, similar to what you’d get using CORBA.”

Nebula and Tintri

On the investment side, Cheriton and Bechtolsheim have put money into Nebula, which has venture-capital backing from Kleiner Perkins Caulfield & Byers and Highland Capital Partners. Built on OpenStack, the Nebula Enterprise Cloud Appliance is designed to provision and configure flexible, scalable cloud-computing infrastructure. Although it doesn’t say so on the Nebula website, previous reports indicated that Arista’s networking technology is included in the Nebula appliance.

According to the BusinessWeek article,  Cheriton also has a stake in Tintri, co-founded by Kieran Harty and Mark Gritter. Harty was EVP of R&D at VMware for seven years, and Gritter was one of the first of Cheriton’s employees at Kealia. They’ve assembled a PhD-laden engineering team that has developed a virtual-machine-aware storage appliance designed for virtualized environments, which the company says have been underserved by older storage technology that apparently contributes to “VM stall.”

Another early-stage investment that Cheriton made was in Aster Data Systems, a purveyor of a massively parallel DBMS that runs on clustered commodity servers. Already a minority owner of Aster, Teradata bought the 89% of the company it didn’t own for $263 million last year.

Cheriton has made bets on infrastructure, and he’ll likely make others. It’s an encouraging sign for those of us who gravitate to that part of the industry.

(**No, I am not on the list, but thanks for asking.)

Attack on Nortel Not an Anomaly

In my last post,, I promised to offer a subsequent entry on why public companies are reluctant to publicize breaches of their corporate networks.

I also suggested that such attacks probably are far more common than we realize. What happened to Nortel likely is occurring to a number of other companies right now.

It’s easy to understand why public companies don’t like to disclose that they’ve been the victim of hacking exploits, especially if those attacks result in the theft of intellectual property and trade secrets.

Strong Sell Signals

As public companies, their shares are traded on stock markets. Not without reason, shareholders and prospective investors might be inclined to interpret significant breaches of corporate networks as strong sell signals.

After all, loss of intellectual property — source code, proprietary product designs, trade secrets, and strategic plans — damages brand equity. Upon learning that the company in which they hold shares had its intellectual property pilfered, investors might be inclined to deduce that the stolen assets will later manifest themselves as lost revenue, reduced margins, decreased market share, and diminished competitive advantage.

Hacking exploits that result in perceived or real loss of substantial intellectual property represent an investor-relations nightmare.  A public company that discloses a major cyber breach that resulted in the loss of valuable business assets is far more likely to be met with market dismay than with widespread sympathy.

Downplay Losses

So, if public companies are breached, they keep it to themselves. If, however, a company is compelled by circumstances beyond its control to make a public disclosure about being attacked, it will downplay the severity and the risks associated with the matter.

In early 2010, you will recall, Google announced that it was subjected to a persistent cyber attack  that originated in China. It was part of larger attack, called Operation Aurora, aimed at dozens of other companies.

Some companies acknowledged publicly that they were attacked. Those companies included Adobe Systems, Juniper Networks, and Rackspace. Other companies subjected to the attacks — but which were not as forthcoming about what transpired — reportedly included Yahoo, Symantec, Northrop Grumman, Morgan Stanley, and Dow Chemical.

After the Crown Jewels

At the time of the attacks, Google spun a media narrative that suggested the attacks were designed to spy on human-rights activists by cracking their email accounts. While that might have been a secondary objective of the attacks, the broader pattern of Operation Aurora suggests that the electronic interlopers from China were more interested in obtaining intellectual property and trade secrets than in reading the personal correspondence of human-rights activists.

Indeed, McAfee, which investigated the attacks, reported that the objective of the perpetrators was to gain access to and to potentially modify source-code repositories at the targeted companies. The attackers were after those companies’ “crown jewels.”

The companies that admitted being victims of Operation Aurora all downplayed the extent of the attacks and any possible losses they might have suffered. Perhaps they were telling the truth. We just don’t know.

Transfer of Wealth

Last summer, Dmitri Alperovitch, McAfee’s vice president of threat research, provided the following quote to Reuters:

“Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors. This is the biggest transfer of wealth in terms of intellectual property in history. The scale at which this is occurring is really, really frightening.”

What Alperovitch said might seem melodramatic, but it isn’t. He’s not the only knowledgeable observer who has seen firsthand the electronic pillage and plunder of corporate intellectual property on a vast scale. For the reasons cited earlier in this post, few companies want to put up their hands and acknowledge that they’ve been victimized.

Nortel, in apparently being subjected to a decade-long cyber attack, might have been a special case, but we should not assume that what happened to Nortel is anomalous. For all we know, the largest companies in the technology industry are being violated and plundered as you read this post.

Hackers Didn’t Kill Nortel

For a company that is dead in all meaningful respects, Nortel Networks has an uncanny knack of finding its way into the news. Just as late rapper Tupac Shakur’s posthumous song releases kept him in the public consciousness long after his untimely death, Nortel has its recurring scandals and misadventures to sustain its dark legacy.

Recently, Nortel has surfaced in the headlines for two reasons. First, there was (and is) the ongoing fraud trial of three former Nortel executives: erstwhile CEO Frank Dunn, former CFO Douglas Beatty, and ex-corporate controller Michael Gollogly. That unedifying spectacle is unfolding at a deliberate pace in a Toronto courtroom.

Decade of Hacking

While a lamentable story in its own right, the trial was overshadowed earlier this week by another development. In a story that was published in the Wall Street Journal, a former Nortel computer-security specialist alleged that the one-time telecom titan had been subject to decade-long hacking exploits undertaken by unknown assailants based in China. The objective of the hackers apparently was corporate espionage, specifically related to gaining access to Nortel’s intellectual property and trade secrets. The hacking began in 2000 and persisted well into 2009, according to the former Nortel employee.

After the report was published, speculation arose as to whether, and to what degree, the electronic espionage and implicit theft of intellectual property might have contributed to, or hastened, Nortel’s passing.

Presuming the contents of the Wall Street Journal article to be accurate, there’s no question that persistent hacking of such extraordinary scale and duration could not have done Nortel any good. Depending on what assets were purloined and how they were utilized — and by whom — it is conceivable, as some have asserted, that the exploits might have hastened Nortel’s downfall.

Abundance of Clowns

But there’s a lot we don’t know about the hacking episode, many questions that remain unanswered. Unfortunately, answers to those questions probably are not forthcoming. Vested interests, including those formerly at Nortel, will be reluctant to provide missing details.

That said, I think we have to remember that Nortel was a shambolic three-ring circus with no shortage of clowns at the head of affairs. As I’ve written before, Nortel was its own worst enemy. Its self-harm regimen was legendary and varied.

Just for starters, there was its deranged acquisition strategy, marked by randomness and profligacy. Taking a contrarian position to conventional wisdom, Nortel bought high and sold low (or not at all) on nearly every acquisition it made, notoriously overspending during the Internet boom of the 1990s that turned to bust in 2001.

Bored Directors

The situation was exacerbated by mismanaged assimilation and integration of those poorly conceived acquisitions. If Cisco wrote the networking industry’s how-to guide for acquisitions in the 1990s, Nortel obviously didn’t read it.

Nortel’s inability to squeeze value from its acquisitions was symptomatic of executive mismanagement, delivered by a long line of overpaid executives. And that brings us to the board of directors, which took complacency and passivity to previously unimagined depths of docility and indifference.

In turn, that fecklessness contributed to bookkeeping irregularities and accounting shenanigans that drew the unwanted attention of the Securities and Exchange Commission and the Ontario Securities Commission, and which ultimately resulted in the fraud trial taking place in Toronto.

Death by Misadventures

In no way am I excusing any hacking or alleged intellectual property theft that might have been perpetrated against Nortel. Obviously, such exploits are unacceptable. (I have another post in the works about why public companies are reluctant to expose their victimization in hack attacks, and why we should suspect many technology companies today have been breached, perhaps significantly. But that’s for another day).

My point is that, while hackers and intellectual-property thieves might be guilty of many crimes, it’s a stretch to blame them for Nortel’s downfall. Plenty of companies have been hacked, and continue to be hacked, by foreign interests in pursuit of industrial assets and trade secrets. Those companies, though harmed by such exploits, remain with us.

Nortel was undone overwhelmingly by its own hand, not by the stealthy reach of electronic assassins.

U.S. National-Security Concerns Cast Pall over Huawei

As 2011 draws to a close, Huawei faces some difficult questions about its business prospects in the United States.  The company is expanding worldwide into enterprise networking and mobile devices, such as smartphones and tablets, even as it continues to grow its global telecommunications-equipment franchise.

Huawei is a company that generated 2010 revenue of about $28 billion, and it has an enviable growth profile for a firm of its size. But a dark cloud of suspicion continues to hang over it in the U.S. market, where it has not made headway commensurate with its success in other parts of the world. (As its Wikipedia entry states, Huawei’s products and services have been deployed in more than 140 countries, and it serves 45 of the world’s 50 largest telcos. None of those telcos are in the U.S.)

History of Suspicion

The reason it has not prospered in the U.S. is at primarily attributable to persistent government concerns about Huawei’s alleged involvement in cyber espionage as a reputed proxy for China. At this point, I will point out that none of the charges has been proven, and that any evidence against the company has been kept classified by U.S. intelligence agencies.

Nonetheless, innuendo and suspicions persist, and they inhibit Huawei’s ability to serve customers and grow revenue in the U.S. market. In the recent past, the U.S. government has admonished American carriers, including Sprint Nextel, not to buy Huawei’s telecommunications equipment on national-security concerns. On the same grounds, U.S. government agencies prevented Huawei from acquiring ownership stakes in U.S.-based companies such as 3Com, subsequently acquired by HP, and 3Leaf Systems. Moreover, Huawei was barred recently from participating in a nationwide emergency network, again for reasons of national security.

Through it all, Huawei has asserted that it has nothing to hide, that it operates no differently from its competitors and peers in the marketplace, and that it has no intelligence-gathering remit from the China or any other national government. Huawei even has welcomed an investigation by US authorities, saying that it wants to put the espionage charges behind it once and for all.

Investigation Welcomed

Well, it appears Huawei, among others, will be formally investigated, but it also seems the imbroglio with the U.S. authorities might continue for some time. We learned in November that the U.S. House Permanent Select Committee on Intelligence would investigate potential security threats posed by some foreign companies, Huawei included.

In making the announcement relating to the investigation, U.S. Representative Mike Rogers, a Michigan Republican and the committee’s chairman, said China has increased its cyber espionage in the United States. He cited connections between Huawei’s president, Ren Zhengfei, and the People’s Liberation Army, to which the Huawei chieftain once belonged.

For its part, as previously mentioned, Huawei says it welcomes an investigation. Here’s a direct quote from William Plummer, a Huawei spokesman, excerpted from a recent Bloomberg article:

“Huawei conducts its businesses according to normal business practices just like everybody in this industry. Huawei is an independent company that is not directed, owned or influenced by any government, including the Chinese government.”

Unwanted Attention from Washington

The same Bloomberg article containing that quote also discloses that the U.S. government has invoked  Cold War-era national-security powers to compel telecommunication companies, including AT&T Inc. and Verizon Communications Inc., to disclose confidential information about the components and composition of their networks in a hunt for evidence of Chinese electronic malfeasance.

Specifically, the U.S. Commerce Department this past spring requested a detailed accounting of foreign-made hardware and software on carrier networks, according to the Bloomberg article. It also asked the telcos and other companies about security-related incidents, such as the discovery of “unauthorized electronic hardware” or suspicious equipment capable of duplicating or redirecting data.

Brand Ambitions at Risk

The concerns aren’t necessarily exclusive to alleged Chinese cyber espionage, and Huawei is not the only company whose gear will come under scrutiny. Still, Huawei clearly is drawing a lot of unwanted attention in Washington.

While Huawei would like this matter to be resolved expeditiously in its favor, the investigations probably will continue for some time before definitive verdicts are rendered publicly. In the meantime, Huawei’s U.S. aspirations are stuck in arrested development.

To be sure, the damage might not be restricted entirely to the United States. As this ominous saga plays out, Huawei is trying to develop its brand in Europe, Asia, South America, Africa, and Australia. It’s making concerted advertising and marketing pushes for its smartphones in the U.K., among other jurisdictions, and it probably doesn’t want consumers there or elsewhere to be inundated with persistent reports about U.S. investigations into its alleged involvement with cyber espionage and spyware.

Indulge me for a moment as I channel my inner screenwriter.

Scenario: U.K. electronics retailer. Two blokes survey the mobile phones on offer. Bloke One picks up a Huawei smartphone. 

Bloke One: “I quite fancy this Android handset from Huawei. The price is right, too.”

Bloke Two: “Huawei? Isn’t that the dodgy Chinese company being investigated by the Yanks for spyware?

Bloke One puts down the handset and considers another option.

Serious Implications

Dark humor aside, there are serious implications for Huawei as it remains under this cloud of suspicion. Those implications conceivably stretch well beyond the shores of the United States.

Some have suggested that the U.S. government’s charges against Huawei are prompted more by protectionism than by legitimate concerns about national security. With the existing evidence against Huawei classified, there’s no way for the public, in the U.S. or elsewhere, to make an informed judgment.

Revisiting the Nicira Break-In

While doing research on my last post, I spent some time on Martin Casado’s thought-provoking blog, Network Heresy. He doesn’t generate posts prolifically — he’s preoccupied with other matters, including his job as chief technology officer at Nicira Networks — but his commentaries typically are detailed, illuminating, intelligent, and invariably honest.

One of his relatively recent posts, Origins and Evolution of OpenFlow/SDN, features a video of his keynote at the Open Networking Summit, where, as the title of the blog post advertises, he explained how SDNs and OpenFlow have advanced. His salient point is that it’s the community,  not the technology, that makes the SDN movement so meaningful.  The technology, he believes, will progress as it should, but the key to SDN’s success will be the capacity of the varied community of interests to cohere and thrive. It’s a valid point.

Serious Work

That said, that’s not the only thing that caught my interest in the keynote video. Early in that presentation, speaking about how he and others got involved with SDNs and OpenFlow, he talks about his professional past. I quote directly:

“Back in 2002-2003, post-9/11, I used to work for the feds. I worked in the intelligence sector. The team I worked with, we were responsible for auditing and securing some of the most sensitive networks in the United States. This is pretty serious stuff. Literally, if these guys got broken into, people died . . . We took our jobs pretty seriously.”

It doesn’t surprise me that OpenFlow-enabled SDNs might have had at least some of their roots in the intelligence world. Many technologies have been conceived and cultivated in the shadowy realms of defense and intelligence agencies. The Internet itself grew from the Advanced Research Projects Agency Network (ARPANET),  which was funded by the Defense Advanced Research Projects Agency (DARPA) of the United States Department of Defense.

Old-School Break-In

When I heard those words, however, I was reminded of the armed break-in that Nicira suffered last spring, first reported in a Newsweek cover story on the so-called “Code War” and cyber-espionage published in July.  What was striking about the breach at Nicira, both in and of itself and within the context of the Newsweek article, is that it was a physical, old-school break-in, not a cyber attack. An armed burglar wearing a ski mask broke into Nicira Networks and made his way purposefully to the desk of “one of the company’s top engineers.” The perpetrator then grabbed a computer, apparently containing source code, and took flight.

Palo Alto constabulary portrayed the crime as a bog-standard smash and grab, but “people close to the company” and national-intelligence investigators suspect it was a professional job executed by someone with ties to Russia or China. The objective, as one might guess, was to purloin intellectual property.

The involvement of national-intelligence investigators in the case served as a red flag signaling that the crime was not committed by a crank-addled junkie hoping to sell a stolen computer. There’s a bigger story, and Newsweek touched on it before heading off in a different direction to explore cyber espionage, hack attacks, and the code-warrior industry.

Nicira’s Stealth Mode

Last month, the New York Times mentioned the Nicira break-in during the course of an article titled “What Is Nicira Up To?”.

Indeed, that is a fair question to ask. There still isn’t much meat on the bones of Nicira’s website, though we know the company is developing a network-virtualization platform that decouples network services from the underlying hardware, “like a server hypervisor separates physical servers from virtual machines.”

It’s essentially software-defined networking (SDN), with OpenFlow in the mix, though Nicira refrained assiduously from using those words in its marketing messages. On the other hand, as we’ve already seen, CTO Martin Casado isn’t shy about invoking the SDN acronym, or providing learned expositions on its underlying technologies, when addressing technical audiences.

Mystery Remains 

Let’s return to the break-in, however, because the New York Times provided some additional information. We learn that a significant amount of Nicira’s intellectual property was on the purloined computer, though CEO Steven Mullaney said it was “very early stuff, nothing like what we’ve got now.”

Still, the supposition remained that the thief was an agent of a foreign government. We also learned more about Casado’s professional background and about the genesis of the technology that eventually would be developed further and commercialized at Nicira.  Casado’s government work took place at Lawrence Livermore National Laboratory, where he was asked by U.S. intelligence agencies to design a global network that would dynamically change its levels of security and authorization.

We might never discover who broke into Nicira last May. As the Newsweek story recounted, government investigators have advised those familiar with the incident not to discuss it. Questions remain, but the mystery is likely to remain unsolved, at least publicly.