Long
FFIV, Short RVBD
The network equipment space had long been fascinating to
me; but after a weekend of reading I have decided that this is a highly
technical, product-cycle driven, and competitive space that is well beyond my
current knowledge base. Nonetheless, my research at least helps me somewhat
formulae Vijay’s thesis, and I hope the following piece, while not
ground-breaking, can be helpful to you.
The
trade’s rationale: Long SSL, Long ADC/Short WOC,
business-spending & software neutral. As web application proliferate, ADC’s
usage should outstrip WOC in IT spending importance; with the additional
security kicker, FFIV should outperform RVBD.
What
do FFIV and RVBD really do?
Imagine you are going on an exodus from NYC (Server in
the cloud) to your beautiful house in the Hamptons (End Device at remote
office), there are really 2 hurdles you have to go through: different
security-guarded bridges (the servers’ out-going links) and the
not-so-well-constructed roads in Long Island (the corporate Wide-Area-Network,
or WAN). The traffic is bad, you have a van with your family of 8 and bunch of
clothes, and perhaps a long and painful journey ahead. What will speed it up?
FFIV specializes in a box that helps you through the
bridges (Application Delivery Controller, or ADC), and RVBD specializes in a
box that helps you travel in Long Island faster (WAN Optimization Controller,
or WOC). ADC’s key features are load-balancing (tell you the freest bridge to
go to) and SSL & compression offloading (security checks you in advance,
throws unnecessary things away in advance, etc). While WOC’s key features
include deduplication, caching, and compression (the analogy breaks here, but
just imagine emailing someone a page-number to delete rather than emailing the
whole PowerPoint that they already have). This suite of WOC + ADC is called an
Application Delivery Network (AND), and when you replace cars and bridges with
billions of bytes to millions of links and users, the network gets congested
pretty quickly without these aids.
They
both sound nice, so why long ADC (FFIV) and short WOC (RVBD)?
- FFIV
and RVBD both hold dominant market shares (40%+) in respective products and
derive majority of their revenues and profits (70-80%+) through them.
- WOC has
2 key characteristics: (1) it requires symmetric deployment for the zip/unzip
process and (2) it performs very well on large, chunky, repetitive, and stable
data transfer, like sending an excel file internally.
- As
enterprises shift to web applications (gmail, Office 365, etc), the data being
exchanged is highly volatile, personalized, and already transferred in small
chunks. WOC does very little aid in improvement in this case. What’s more, if
this access is done via a personal device (i.e. not connected to WAN through
the WOC), the user will not see improvements in performance.
- On
the other hand, since ADC is asymmetric (only 1 box), sits directly in front of
the server, and acts as a traffic manager (load balancing & acceleration)
and security guard (SSL offloading) to all inquiries and outbound traffic, the
migration to web application with increasing use to personal devices should
only buttress this appliance’s demand. What’s more, as the tasks done on the
cloud becomes increasingly complex, it makes sense to “offload” repetitive
tasks such as security checking, compression, and acceleration to the ADC,
increasing this devices’ importance.
- In
other words, while both devices are highly desirable, if the future roll-out of
applications are in the web, the incremental bang for the IT’s buck will likely
reside on the ADC front, causing pricing pressure for the WOC.
Why
not short RVBD outright? Because the rise of business spending
lift all boats, and longing FFIV should hedge that. Additionally, shorting a
company at historically low P/Sales and P/Cash-flow does not seem too prudent.
Valuation
& Performance
RVBD: 3.5x EV / sales, 11.5 x EV/ FCF, 200 mm net debt,
historically low-end.
FFIV: 5x EV / sales, 12x EV/ FCF, 550 mm net cash,
historically low-end.
Risks
- RVBD
and FFIV are known to make uncorrelated wild moves.
- One
will also be short RVBD’s Stingray vADC technology, which leading at 27% market
share with 10 mm revenue. There is also additional upside surprise on how well
they integrate OpNet.
- FFIV
is indeed ceding market share to CTRX on both the physical and virtual front,
but hopefully the new product cycle can come to its rescue.
- Let’s
face it, neither you nor I are tech gurus. Who is to say we can foresee where
the tide leads? The unknown-unknown for putting this trade on is daunting from
a risk perspective and all I have shown you is one naïve side of the story.
ADC has additional value proposition dock-up to prevent
some degree of commoditization.
WAN optimization solutions do very little to aid in the
improvement of application performance when the data being exchanged is highly volatile and already transferred
in small chunks. Web applications today are highly dynamic and
personalized, making it less likely that a WAN optimization solution will find
chunks of duplicated data large enough to make the overhead of the replacement
process beneficial to application performance. In fact, the process of
examining small chunks of data for potential duplicated chunks can introduce
additional latency that actual degrades performance, much in the same way
compression of small chunks of data can be detrimental to application
performance. Too, WAN optimization solutions require deployment in pairs which
results in what little benefits these solutions offer for web applications
being enjoyed only by end-users in a location served by a “remote” device.
Customers, partners, and roaming employees will not see improvements in
performance because they are not served by a “remote” device.
Just a stronger balance sheet and in-line valuation /
multiples
So what are you trading really?
- Long
Securities business on ADC
- Long
ADC, short WOC, kind of.
- (hopefully)
IT Expenditure neutral and software-takeover neutral.
A report on data center networking equipment says that
sales of WAN optimization gear fell in the second quarter, but application
delivery controllers were on the rise.
“Previously delayed tier 1 projects are back on track,
and enterprise spending in North America is picking up,” he said.
Fellow analyst Matthias Machowinski said that WAN
optimization hasn’t seen the same spending growth, thanks in part to a lack of
impetus from the cloud sector.
“So far cloud services have yet to become a demand
driver,” he said.
Enterprise Management Associates research vice president
Jim Frey says this disconnect also has to do with the way companies consume
these products.
“ADCs are much more closely aligned with specific
application projects and budgets, and thus when there are new applications
being rolled out (and there always are) there are new needs for ADCs,” he said
in an email to Network World.
By contrast, demands for WAN optimization gear crop up
less frequently, Frey added – and there are more alternatives available these
days.
“This is a card that you can only play once in a while,”
he said. “Also – there are alternative networking approaches that reduce the
need for traditional WAN optimization, such as using multiple public Internet
links to replace fixed/dedicated WAN links (i.e. Talari, Ecessa) or
optimized/shared network services (i.e. Akamai, Aryaka). Few such options exist for ADCs – either you
use them or you don’t.”
FFIV:
These products are typically deployed in front of web and
application servers, that
·
Balance traffic
·
Encryption and decryption
·
Screen for security
For Dummies
What
is an Application Delivery Network?
The ADN is a suite/system that provides application
availability, security, visibility, and acceleration. Gartner defines it as
WAN Optimization Controllers + Application Delivery Controllers.
WAN Optimization Controller
Sits at the branch office portion. That uses objectless
cashing techniques to reduce the number of bits that flow over the network.
Basically it cuts out duplicate data, compress data, cache, bundle, control
flow, and limit/expand width.
Application Delivery Controller
Sits at the data center end (also known as web switch,
content switch, or multilayer switch). This switch evolved from layer 4-7
switches in the late 1990s when it became apparent that traditional load
balancing techniques were not robust enough to handle the increasingly complex
mix of application traffic being delivered over a wider variety of network
connectivity options.
Major function involves (1) application acceleration
(prune, cache, buffer, and queue bits for faster and more accurate delivery +
security verification) and (2) load balancing. You can see how important this
can get (both hardware and software) if XaaS blossoms.
Symmetric
vs. asymmetric?
Asymmetric = device is only at one end, usually the data
center. Symmetric = device at both ends of the WAN, for example the data center
and one or more remote locations.
Asymmetrical data flow can, in some instances, make more
efficient use of the available infrastructure than symmetrical data flow, in
which the speed or quantity of data is the same in both directions, averaged
over time.
Consider an Internet connection in which downstream data
(from an Internet server to the subscriber) flows over a broadband satellite
downlink, while upstream data (from the end user to the server) is sent over a
twisted-pair telephone line. This is an
example of asymmetric communications.
The hardware for reception of satellite signals is simple, consisting of
a small dish antenna, an amplifier/converter, and a modem. While the downstream data might flow at 1
MBps or more, upstream data is limited to 56 kpbs (often much less). In most
Web browsing applications, this is a major improvement over a connection in
which the upstream and downstream data both must flow through the twisted pair. This is because most of the bytes come
downstream as relatively large graphics, sound, multimedia, and HTML files,
while upstream data consists mainly of new content requests by the subscriber,
which, in comparison, contain few bytes.
In this environment, it would not make sense to supply the subscriber
with the sophisticated hardware necessary for a broadband satellite uplink.
In some situations, asymmetric communications is not
satisfactory. An example is two-way,
full-motion videoconferencing, in which broadband data must flow in two
directions between two end users.
Another example is File Transfer Protocol (FTP) applications in which
the volume of upstream data is considerable.
For communications of this type, broadband cable modem, optical fiber,
or broadband wireless Internet access is available in some locations. At the time of this writing, symmetric
broadband is not generally available outside of metropolitan areas.
What
is WAN?
WAN stands for Wide Area Network. It is a network that
covers a broad area using private or public network transports. For instance,
DB uses WAN to relay data among employees, clients, buyers, and suppliers from
all across the world.
What
is load balancing?
A method to distribute workloads across multiple
computers or a computer cluster, network links, central processing units, disk
drives, or other resources. Successful load balancing optimizes resource use,
maximizes throughput, minimizes response time, and avoids overload.
Basically a good staffer at an I-Bank.
What
is TCP?
Transmission Control Protocol, TCP, provides reliable,
ordered, error-checked delivery of a stream of octets between programs running
on computers connected to a LAN, Intranet, or Internet. It resides on the
Transport Layer (layer 4). So, Application -> TCP -> IP
Due to network congestion, traffic load balancing, or
other unpredictable network behavior, IP packets can be lost, duplicated, or
delivered out of order. TCP detects these problems, requests retransmission of
lost data, rearranges out-of-order data, and even helps minimize network
congestion to reduce the occurrence of the other problems. Once the TCP
receiver has reassembled the sequence of octets originally transmitted, it
passes them to the receiving application. Thus, TCP abstracts the application's
communication from the underlying networking details.
This protocol is different from User Datagram Protocol
(UDP), where atagrams reach destination and can arrive out of order or don't
arrive at all. Is more efficient than TCP because it uses non ack. It's
generally used for real time communication, where a little percentage of packet
loss rate is preferable to the overhead of a TCP connection.
What
is IP?
IP is the abbreviation of Internet Protocol, it is the
communication protocol (system of digital rules for message exchange within or
between computers, kind of like computer language) for relaying datagrams (a
basic transfer unit for a packet-switched network)
What
is SSL?
Secure Sockets Layer is a cryptographic protocol that
provides communication security over the internet. This is done over the
Session / Presentation layer. Three years ago, SSL was all being done in
servers. Now it's typically done on the AND.
What
is SDN?
Abbreviation for Software-defined networking, SDN is an
approach to networking in which control is decoupled from hardware and given to
a software application called a controller.
When a packet arrives at a switch in a conventional
network, rules built into the switch's proprietary firmware tell the switch
where to forward the packet. The switch sends every packet going to the same
destination along the same path -- and treats all the packets the exact same
way. In the enterprise, smart switches designed with application-specific
integrated circuits (ASICs) are sophisticated enough to recognize different
types of packets and treat them differently, but such switches can be quite
expensive.
The goal of SDN is to allow network engineers and
administrators respond quickly to changing business requirements. In a
software-defined network, a network administrator can shape traffic from a
centralized control console without having to touch individual switches. The
administrator can change any network switch's rules when necessary --
prioritizing, de-prioritizing or even blocking specific types of packets with a
very granular level of control. This is especially helpful in a cloud computing
multi-tenant architecture because it allows the administrator to manage traffic
loads in a flexible and more efficient manner. Essentially, this allows the
administrator to use less expensive, commodity switches and have more control
over network traffic flow than ever before.
What
is DNS?
DNS stands for “domain name system.” Domain names are the
human-readable website addresses we use every day. For example, Google’s domain
name is google.com. If you want to visit Google, you just need to enter
google.com into your web browser’s address bar. DNS is often explained as being
like a phone book – like a phone book, DNS matches human-readable names to
numbers that machines can more easily understand.
Upon entry of an address, the computer connects to the
DNS server (mostly your ISP’s) and then connects to the website.
What
is routing?
It is the process of selecting paths in a network to send
the data through in the fastest way possible. In the internet case (packet
switching), routing directs packet forwarding through intermediate nodes. These
nodes are typically network hardware devices such as routers, bridges,
gateways, firewalls, or switches (yeah a lot of definitions. See below).
Literally, think of this as a GPS navigator.
What
is a router?
Literally, this is a device that forwards data packets
from A to B. It is connected to 2 or more data lines from different networks.
In other words, it performs the traffic directing functions on the internet.
The cable modem at your home is one (from Internet Service Provider, ISP, to
your computer), the Core Router (those big machines that handles millions or
queries at 10 Gbps or more).
What is the difference between a core router and an edge
router? Think of Core Router as your Dallas Airport, and the Edge Router as
LaGuardia. If you fly international (connecting backbone international flights)
you do Edge, if you fly local (Within LAN) you do Core.
What
is a bridge?
In fact, a bridge is like a dumb router. Bridges don't
know anything about protocols, but just forward data depending on the
destination address in the data packet. This address is not the IP address, but
the MAC (Media Access Control) address that is unique to each network adapter
card. The bridge is basically just to connect two local-area networks (LANs),
or two segments of the same LAN that use the same protocol. Routers forward
data depending on the Network address, not the Hardware (MAC) address.
What
is a gateway?
It is also called a protocol converter / translator which
basically allow information to be smoothly translated into different networks
with different protocols. Kind of link a translator in the UN.
What
is a switch?
When computers are sending packets into a central hub, the
info is blasted to all computers indiscriminately. Packets collide, and
computers need to reset (and stop and wait a random amount of time). With a
switch, however, it recognizes who the sender and receiver are and shields
other computers from getting the packet—thus prevents collision of packets.
Note that devices are identified with their MAC addresses.
Top of Rack Switch: Lol,
it literally is a switch sitting on a rack of servers.
What
is a server?
A system (Software + hardware) that responds to requests
across a computer network to provide a network service. The hardware typically
fits neatly into a slot in the rack and functions to coordinate all local and
remote sharing that is conducted throughout the facility.
What
is OSI model?
Oh boy this can of worms. This is a logical model of how
different network components are supposed to communicate. It is made up of 7
layers, with the 7th layer being closest to the user. Memorize it
this way: All People Seem To Need Dry Power (APSTNDP)
Layer 7, the application layer: This is what you see,
use, and interact with. Like Chrome, Firefox, IE, outlook, etc. Typically
error: your outlook is misconfigured.
Layer 6, the presentation layer: where the operating
system lays on. So this is Windows. Typical error: your firewall does not allow
this
Layer 5: the session layer: this deals with communication
and creates a session between your computer and another computer/server.
Typical error: their servers’ script that runs the session is not working
properly.
Layer 4: the transport layer: this deals with how much
information needs to be sent.
Layer 3: the network layer: this is where the routers
operate.
Layer 2: the data-link layer: this is where data gets
switched.
Layer 1: the physical layer: literally, where all the
physical things (cables, port, etc) are connected.
What
is MAC address?
MAC stands for Media Access Control Address. It is a
unique identifier assigned to network interfaces for communications on the
physical network segment.
What
is packet switching?
It is a method that groups all transmitted data into a
suitably sized blocks, called packets. This method features delivery of
variable-bit-rate data steams (which is sequences of packets) that queue and
buffer the packets. This method is different from circuit switching, where a
direct link is specifically established between 2 ends to transfer data directly
in a block.
What
is variable-bit-rate?
A method of encoding information, another method is
constant-bit-rate (CBR). The difference between the two methods is the
trade-off between encoding time (complexity) and final quality: Think of the
Transformer movie streamed on the internet. If done with CBR, the video is
encoded at x Mbps constantly, so while it might load faster, in the hard-core
transform/fighting scenes the quality will be more coarse. Conversely, VBR will
take longer, but you get all the details. In other words, CBR forces an artist to
make a sculpture every y seconds, while VBR has no such constraint.
What
is bit-rate?
Number of bits(literally
0 or 1, the most basic unit of digital communication)processed/conveyed
per unit of time. Think in terms of something like Mbit/s or Mbps. 8 bits = 1
byte.
What
is encoding?
Basically, a process that converts information into
transferrable symbols (bits). For example, in the ASCII language, the character
‘a’ is always 1100001
No comments:
Post a Comment