REDtalks #07 – Lori MacVittie on ‘all the words’

Struggling to keep up with all the new DevOps terminology? F5’s Lori MacVittie joins us again to discuss some of the many new, and often confusing, terms coming to us with the DevOps movement. In th…

Source: REDtalks #07 – Lori MacVittie on ‘all the words’


Keeping the data flowing in this mobile world

Keeping the data flowing in this mobile world | F5 DevCentral


It seems to me that you cannot check any technology news website these days without being bombarded by news about mobility, bring your own device (BYOD) and the arrival of 4G networks, bringing superfast internet access to millions of mobile workers across the country.


But while most users just care about getting the latest handset and being able to get a decent mobile connection when out and about, the service providers behind the scenes have a lot more to deal with. The increasing number of subscribers, the “always on” nature of today’s devices and the vast amount of data they create are causing headaches for service providers.


It’s something we know all about here at F5. As the features available to mobile users become richer and more advanced, it places additional strain on the networks. The trouble is that many of the networks and the infrastructure they run on are old, built before these superfast networks and advanced mobile devices were available.


This means that, sometimes, performance and security can be compromised. Some applications will not perform at their optimal speed if there is heavy traffic on the network while many applications from unofficial sources could pose a security threat to the user, the business and the service provider.


That’s why we believe in an application-orientated approach to security and centralised management and policy controls. This means you can tailor policies and protection for each application to each individual organisation, while centralising the management means a reduction in time and money spent on configuring policies and pushing them out.


Essentially, the key is to ensure that what goes on behind the scenes is seamless and easy to manage, so users get a fast, reliable and secure mobile service and providers don’t have to stress about ensuring they can deliver on those promises.

Our latest developments in the firewall market can help mobile service providers; click here to find out how.

The BYOD dilemma for financial firms

The BYOD dilemma for financial firms | F5 DevCentral


We have spoken a lot about BYOD on DevCentral, but it continues to be a significant issue for countless businesses! Financial firms in particular are, understandably, grappling with the trials of enabling flexible, mobile working whilst protecting their highly confidential data.


We’ve talked at length about the view that BYOD can have a huge beneficial impact on businesses and it seems that the tide of consumer devices working their way into the office is showing no signs of turning.


However, a lot of the information held by financial firms is highly sensitive, either commercially or personally, and can be used to find out private information or learn about deals which may have an effect on the market. Clearly this information leaking out of employees’ pockets is an unacceptable situation, which is why many financial organisations are seen to be stonewalling BYOD initiatives and preventing it from becoming more widespread. Unfortunately for these firms, preventing BYOD is looking like less and less of an option as employees disregard these blanket policies in order to more efficiently do their jobs.


So what solution is there for financial businesses stuck between a rock and a hard place? It’s actually surprisingly simple: embrace BYOD. That doesn’t mean to say that there should be a laissez faire attitude to employees using unmonitored and unmanaged devices; far from it. What it means is that these businesses should put detailed and comprehensive policies in place and ensure that all devices which access the systems have mobile application management software enabled on them – controlling what can be accessed, and from where, at the application level.


The BYOD policy and implementation should make clear what kinds of files are permitted on BYOD devices and have policy engines to enforce these rules. Computer Weekly has a good primer on what kinds of policies should be put in place which is worth taking a look at.


BYOD is here already and it is up to businesses to ensure that its managed effective. Fortunately, it’s something that we’re well placed to help with.

F5’s 2013 EMEA Agility Conference


F5’s Annual EMEA Agility Conference, this year taking us to sunny Monte Carlo, has now come and gone. While I have not brought the sun back with me to England, I can say I’ve brought back some great memories. There was a buzz all throughout the event greater than I’ve experienced at previous event, both in and out of F5 Networks.

As per the wrap up video: 500 customers & partners, from 37 countries, 12 breakout streams and a fantastic evening of dinner and entertainment in a restaurant with a retractable roof.


We took a lot of footage at the event which I’ll share here:


F5’s Nathan Pearce takes us on a walk through the solutions expo at F5 Agility EMEA 2013 talking with some of the exhibitors along the way.


F5’s Nathan Pearce talks with Michael Pellett from Camelot at the DevCentral booth at Agility 2013 – EMEA.


F5’s Nathan Pearce sits down with former F1 World Champion Damon Hill at the F5 Agility conference in Monte Carlo, Monaco.


F1 World Champion Damon Hill took a turn at the wheel of the F5 F1 simulator. Check out how he did!


F5’s Nathan Pearce sits down with Stefaan Hinderyckx from Dimension Data at the F5 Agility EMEA conference in Monte Carlo, Monaco.


Joe Pruitt sits down with Mika Kytövaara from Santa Monica Networks at F5 Agility 2013 in Monte Carlo, Monaco.


F5’s Joe Pruitt sits down with the CEO from Payoda, Anand Purusothaman, to talk about his company and the exciting new version of the AppViewX product.


F5’s Nathan Pearce talks with Ferry Kemps from Onsight at the F5 Agility Conference in Monte Carlo, Monaco.


F5’s Nathan Pearce sits down with WebSense to discuss their product lines at F5 Agility 2013 in Monte Carlo, Monaco.


F5’s Nathan Pearce wraps things up at the 2013 F5 Agility conference in Monte Carlo, Monaco


Thanks all and see you next year!!

How was it for you? – Delivering good experience for the always-on customer

How was it for you? – Delivering good experience for the always-on customer | F5 DevCentral


It’s an undeniable fact that customers are increasingly connecting to services with expectations of an always-on, anytime, anywhere accessibility. There is a massive opportunity for businesses to engage more frequently with a switched on and interested consumer-base, but it brings the challenge of delivering the kind of seamless experience that they expect – in fact, it has been worked out that the average internet user will be put off visiting a site again if confronted with a delay of just 250 milliseconds. That’s quicker than the blink of an eye.


This means that the pressure is on for companies to deliver websites and online applications with as few delays as possible, otherwise there’s a risk that they will, quite literally, lose business. I don’t think many business leaders appreciate just how critical to the bottom line this is!


While a lot of delays suffered can be down to the connection to the end-user’s device (traditionally known as “the last mile”), there is a lot that can be done to reduce the page load speeds from the server side. For example, if you can tell that a user is accessing the site on a mobile device, high bandwidth images will be unnecessary and a mobile-friendly version of the site can, even should, be delivered instead. Time and money invested here to ensure maximum speed and availability is a solid investment in revenue.


It is something of a surprise that mobile access is so widely neglected when you consider that the latest statistics from Ofcom indicate that 39 per cent of the UK population access the internet on their mobiles. This figure is only going to get higher as smartphone penetration increases – estimated to reach 75% by 2016. It’s imperative that businesses address this shortcoming in order to boost the bottom line.


Good user experience is a key part of revenue generation and should be a top priority.


RIP SMS | F5 DevCentral


Informa recently reported that the number of messages sent using free chat apps like ‘WhatsApp’ has overtaken the number of traditional paid-for SMS messages sent. The BBC revealed that according to Ovum, more than £15bn of SMS revenue was lost in 2012 due to popularity of chat apps. When you bear in mind that the Apple app store only opened in 2008 and that WhatsApp only launched in 2009, this is quite incredible.


Free apps aren’t just muscling in on the messaging territory of mobile service providers; WhatsApp is now rumoured to be considering a voice chat function. If we can text and make calls for free on the go, what does the future have in store for mobile service providers? It seems likely that free messaging apps will follow in Skype’s footsteps by making traditionally paid-for services free for all. As communication apps continue to take their piece of the pie, mobile service providers will need to look for alternative opportunities to generate revenue. 


In addition to the revelation that free texts are overtaking their paid-for equivalents, this quarter has also revealed another first. This is the first time that smartphones have outnumbered basic phones in terms of worldwide shipments (in a total market of 418.6 million devices, 216.2 (51.6%) were smartphones). 


With smartphones becoming more and more prolific, apps are becoming an increasingly important part of our lives. And with communication services available free of charge, why would we choose to pay for our messages and calls, if we didn’t need to?

Service providers need to find alternative ways to make revenue; rather than calls and texts, they should shift their focus to data. Securing and managing the data on our mobile devices is likely to become more of a priority as the uptake of smartphones and tablets continues to skyrocket. 


Context is something that has come up in several of our blog posts and this is one incident where it plays a truly crucial role. In order to remain competitive in this changing market, mobile service providers need to understand context; offering intelligence that allows them to deliver the right data to the right user at the right time, quickly and securely. Understanding what kind of data it is, who is accessing it, from which network, and from which device is key to its secure delivery. Once they understand that, mobile operators can build new products and services in order to keep their customers happy.  


While we may have a long way to go before the SMS is obsolete, any mobile service provider that chooses to ignore the threat posed by the arrival of free chat apps is going to get left behind. Apps and free chat apps in particular are about making data and communication accessible to all. Understanding context will empower service providers to build new revenue streams and secure an advantage over the competition. 

Plan for the war, not the for battle: managing mobile devices

Plan for the war, not the for battle: managing mobile devices | F5 DevCentral


Ancient Chinese General Sun Tzu’s relevance to Internet Security continues to impress me. Famous for his documented military tactics in ‘The art of War’, Tzu stated, “Know thine enemy and know thy self; in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal.”. Countless times have I reflected on this statement when considering the many different aspects of technology security. Today’s focus will be on mobility.


Despite all the doom and gloom stories, mobility isn’t evil. Personally, I think its a great idea and should be promoted. It is an enabler that keeps me working during situations that I would have previously deemed ‘down time’. In fact, this post is being written on a tablet on the train somewhere in the English countryside. Mobility is great but, as Uncle Ben said to Peter Parker in Stan Lee’s Spiderman, “With great power comes great responsibility!”. Bringing us to the security element of mobility.


Security is about compromise. The best way to secure data is to ensure that no-one has access to it. But then what’s the point of that data – Schrödinger’s cat anyone? So, architecturally, we start with zero access and then work back from there until, eventually, we have data that is reference-able by the desired audience – we have implemented calculated risk. And with it the complexity added to the data’s security by the technologies wrapped around it.


As important as many vendors will tell you their security boxes are its important not to lose focus on what it is we are trying to protect – the actual data. Concentrating on the technologies and devices around the data is a good way to lose sight of the original goal, a great way to add unnecessary complexity and leave the data itself open to danger. And this problem is big in terms of where the data could end up – refer previous post: “Data theft: 9,751 phones stolen last month“.


Slashdot post “Popular Android Anti-Virus Software Fooled By Trivial Techniques” brought to my attention a great example of fighting the battle instead of the war. Anti-virus is a tactical solution and, in this case, was circumvented to provide access to data. If the security solution protected the apps and their individual data stores as entities in their own right – protected themselves even from the host operating system – then the data remains safe.


Sun Tzu told us to fight the war, not the battle – to not lose sight of what the security solution should be protecting. Are you fighting tactical security battles or are you winning the data protection war?

Network load-balancing: Failing at the speed of light

Network load-balancing: Failing at the speed of light | F5 DevCentral


The way in which applications fail is not binary – either on or off in state. Applications can fail to deliver data quickly, accurately, securely or appropriately for the requesting device. Network load balancing alone delivers no protection against these types of delivery failure. This significant limitation is due to a lack of appreciation of context in regard to:


  • the performance of remote networks beyond the data centre
  • unexpected application behaviour
  • the capability of the end user device
  • real time, end user experience analytics


Network performance

The slowest segment of data’s journey between server and a remote device is typically the last mile of delivery – the network connected directly to the end user technology. This is increasingly so for mobile devices however, irrespective of the medium, wireless or fixed-line, end-to-end performance management is a critical step toward a positive end user experience. The effect of poor performance caused by networks beyond the hosting data center are amplified by the inefficiencies of web applications and their protocols. Web applications are often developed in sterile lab environments lacking the difficulties of real world application access. Consequently, behavioural testing in these labs return acceptable results that are not mirrored in production environments. In the case of interactive applications, where data is received from and pushed to the data centre, the impact of minor latency becomes significantly increased.


Unexpected application behaviour

Unforeseen errors occur during application run-time. For example, uncaught exceptions, as they are referred to in programming terminology, occur when an application reaches a state that was unexpected by the developer. They make their way into applications via a number of means – inexperienced developers, oversight from pressure to release functionality quickly, bugs in API’s (application programming interfaces), to name just a few – and they typically result in an application crash. Unfortunately, requesting of developers to not make mistakes isn’t a viable solution. Such a symptom is a consequence of the human element in computing. The resulting experience for end users can range from meaningless or confusing application error messages to long delays ending with a session timeout and a web browser error. The cost to the enterprise is loss of business and damaged reputation.


Device capability

Optimal application responses for laptops, tablets and smartphones are not alike. For example, Apple’s IOS, the operating system found on iPhone’s and iPad’s, cannot consume web applications developed with Adobe’s Shockwave Flash. Nor can they interpret web applications developed in Microsoft’s Silverlight. The application delivery network must concern itself with the unique requirements of a growing list of end user device types and ensure the devices are connected to the appropriate service. Failing to do so leads to poor end user experience – errors, confusion and disappointment.


Real time analytics

Analytics provide enterprises with operational visibility. However, unless that visibility is derived from real time behaviour, includes detailed application and end user device information, then the data is of little use. Only end user experience related analytics can be used to measure successful application delivery. The analytics must include performance, operating system and web browser versions, network and application responsiveness, to be useful in determining service levels.


With a broad range of devices to support and varying remote network connectivity problems, IT departments must deliver access from anywhere and on any device securely, fast & always available, 24 hours a day. Solving todays application delivery issues requires intelligence in the network, delivering:


  • Application awareness: Total insight into how the application is supposed to look on the wire
  • User awareness: The ability to see which users are trying to access what application, from which devices.
  • Resource awareness: The intelligence to tie all the pieces of the application delivery infrastructure together to provide real-time visibility into the entire Application Delivery Network.


There is little strategic about the unintelligent forwarding of packets form device to device as performed by network load balancers. Gartner’s Mark Fabbi shares this view, “Cisco’s move limiting Application Control Engine development shows that the time for stand-alone load balancers has passed. IT leaders should focus on leveraging more advanced application delivery controller features to improve application deployments.”

Big data is booming, but context is king

Big data is booming, but context is king | F5 DevCentral


The big data phenomenon is something that we at F5 Networks have been banging on about for a while now – after all the network plays such a vital role in ensuring businesses really get the most out of big data by letting that information flow freely.


One of the drums we have been constantly beating is that context is king; analysing big data is one thing but applying context to it, by tying together information from multiple sources, is the best way of really understanding it.


A report from the team at Gartner recently revealed that 42% of IT leaders have already invested in big data technology, or are planning to do so over the next 12 months. Interestingly the report added that a better understanding of big data – such as what it actually is and the benefits it can bring to an enterprise – will continue to drive adoption of these analytical technologies.


An article on Computer Weekly said the report went on to state that: “Organisations are becoming aware that big data initiatives are critical because they have identified obvious or potential business opportunities that cannot be met with traditional data sources, technologies or practices.”


It’s great that businesses are identifying where big data can improve their decision making but as we keep saying that is just one step of the process. For a business to achieve decent return on investment (RoI) from its big data initiative there are many other aspects to consider.


One of the most important is getting the right infrastructure in place to ensure all that data can get from where it resides to where it needs to be without any hiccups. Many of the services that will be collecting the data – such as social media sites, CRM systems and so on – and the platforms to analyse them are hosted in the cloud.


This means application delivery becomes more important than ever; it helps all that traffic flow around the network, getting it from where it originates to where it’s analysed and finally to where those insights are acted on. That’s how to get the best out of big data, and where IT bosses should focus at least some of their energy when looking into big data technologies.


As big data matures from a massively-hyped buzzword into a technology that can actually benefit businesses it is vital that companies don’t ignore the context of all the data they are collecting and analysing. The best way to do that is to ensure the right applications are allowed to work as they should. That is the best way to ensure truly user-centric information in the era of big data.