F5 CTO: ADC is more than a Load Balancer [VIDEO]

By Sean Michael Kerner | May 28, 2013 | Print this Page
http://www.enterprisenetworkingplanet.com/nethub/f5-cto-adc-is-more-than-a-load-balancer-video.html

Karl Triebes has been the CTO of F5 Networks since August 2004. Over the course of his tenure, he has seen some big changes in the networking market and has helped to oversee technical and product development at F5.

In an exclusive video interview with Enterprise Networking Planet, Triebes details why he joined F5 in the first place and what drives him and his product direction today.

The trend that drove Triebes to F5 back in 2004 was the realization that applications need network awareness and services to meet user needs. Over the last nine years, much of the industry has also shifted towards a focus on managing apps and users.

Load Balancer

F5 got its start with Load Balancer technology in 1996. While Load Balancing is still important to F5, it's now part of the feature-set that defines what an Application Delivery Controller (ADC) is all about.

"In 2004, we released a new architecture with our Traffic Management Operating System (TMOS), and it was based on the notion of having a high level TCP proxy with services wrapped around it," Triebes explained.

The TMOS approach enables scale by being able to access the content that is present in connections. With that type of access, things like SSL offload and being able to proxy services are possible. Over the years, F5 has expanded the capabilities of TMOS and added services like security on top of it.

"Load balancing is a feature of an ADC and it's important," Triebes said. "Anytime you're talking about traffic management or steering, obviously load balancing is a component of that, but it isn't what defines the product."

For Triebes, the F5 ADC is a high-performance proxy that is able to manage session-level services between clients and apps.

Linux

At the bare-metal level of TMOS is Linux.

Though F5 leverages Linux, Triebes stressed that the vendor has layered much of its own intellectual property into TMOS.

"We use Linux as the foundation, but our packet path, our proxy, and our capabilities are done in essentially a userland process that we call TMM," Triebes said. "Basically, when the system boots out of Linux, it hands over to this, and everything that happens at the data plane happens there."

F5 does not use the Linux kernel's TCP stack, either. Instead, they have their own custom built double proxy. Triebes noted that F5 also does a lot of TCP optimization to accelerate traffic.

"Linux has gotten better with its TCP stack, but it doesn't really work for the proxy-based configurations that we're doing," Triebes said. "We also need massive concurrency. On our highest-end platforms, we're close to 300 million concurrent systems."

Hardware

F5 has both hardware and software appliance versions of its ADC technology. On the hardware side, F5 uses FPGAs from Xilinx and Altera, as well as x86 CPUs from Intel.

"Really our secret sauce is our software," Triebes said. "Our hardware platforms enable our software to run at much higher performance levels."

Security

ADC technology is also now able to be used as a firewall for security applications.

Triebes noted that F5 is able to handle both volumetric DDoS type attacks that could hit a network as well as more insidious, slow-moving attacks.

By enabling security services on the ADC, F5 is executing on its appliance consolidation vision.

"Our focus is the notion of consolidation - being able to take multiple security appliances and consolidate it down to a single device," Triebes said.

Part of the consolidated approach to security is the inclusion of a Web Application Firewall (WAF) that analyzes traffic and can propose rules to automatically protect an enterprise or data center.

Overall, after nearly nine years at F5, Triebes biggest challenge is prioritization.

"There are so many interesting things we can go off to do, and I love that, and it's one of the reasons why I'm still on the job," Triebes said.
There are so many opportunities, the challenge is picking and choosing and then applying the resources, making sure we don't get diluted."

Watch the full video interview with Karl Triebes below.

Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist.