BLOG

The State of Application Delivery 2017: Security with a High Probability of Cloud

Lori MacVittie Miniatur
Lori MacVittie
Published January 10, 2017

TL;DR Our third annual State of Application Delivery report is now available. Organizations report high interest in security, migration to cloud, and increasing reliance on application services.


Forrest Gump, offering his especial brand of unexpected wisdom to a nurse in the eponymously named 1994 movie, said, “My mama always said you can tell a lot about a person by their shoes, where they going, where they been.” It turns out that the same thing can be said for app services; you can tell a lot about an organization by the app services it uses and plans to use, including where it’s going.

Some of the most compelling insights come directly from asking organizations not just what app services they use, but where they want to use them and in what kind of form factor. Do they prefer containers? Or are they sticking with virtual appliances? Just how important is app performance right now, and what’s the state of adoption for app services that make apps go faster, like HTTP/2?

We asked a lot of questions, and we got a lot of answers. By asking over 2000 respondents across the globe and in every corner of IT about their plans for apps and cloud, app services and security, and what they really think about programmability-driven trends and technologies like DevOps and SDN, we discovered where organizations will be going in 2017. 

cloud-first-soad-2017

And we’re pleased to say that 2017 is shaping up to be the year of safer apps delivered via cloud computing.

Forecast: Safer, Smarter, and Cloudy 

Strategically, cloud in all its forms – private, public, and SaaS – dominates the technologies every organization believes will have an impact in the next two to five years. To wit, 1 out of 5 respondents expect to deliver over 50 percent of their apps from the cloud by 2017. Appropriately, then, they’re putting their money where their strategy is. The top three investments align with perception of strategic impact, and they all point to cloud.

top three investments soad 2017

It was no surprise, then, to see growing preferences for public cloud deployment of the now average 14 app services organizations rely on to deliver applications whether they might live. Without exception, we see increasing interest in deployment of app services in cloud environments.

Overwhelming, security dominates those app services with DDoS mitigation (30%), DNSSEC (29%), and web application firewall (WAF) services (29%) topping those being planned for deployment in the next year.

With a lack of available talent cited as problematic for both hybrid cloud implementations (23%) and overall security efforts (34%), app services can help fill the skills gap that impedes innovation and business momentum. That’s likely why we found that twenty-five percent (25%) of respondents preferred to deploy DDoS protection/mitigation as a service. Such models, particularly for security, relieve the pressure on existing security staff by providing expert, managed services and simultaneously providing an architecturally compatible model for apps deployed on-premises and off, in public and colocation cloud environments.

With a growing number of app services supporting and securing the apps behind the digital economy, it was no surprise to see a lot of growth in the use of automation and orchestration tools and frameworks most often associated with DevOps. Many organizations have reached an operational tipping point. Throwing more people at the problem of scale and speed is no longer an option. Diminishing returns is kicking in. Organizations are, therefore, turning to automation and orchestration with great enthusiasm.

While DevOps remains low on the strategic radar, automation and orchestration are without a doubt growing in importance and practical use across IT. All frameworks and tools saw increases in adoption, and subsequently we saw significant growth in the importance all roles place on templates and APIs (programmability) year over year. Templates saw the greatest growth, leaping from 22% who thought them important in 2016 to 52% in 2017. A similarly impressive growth rate in the use of OpenStack may be the key to the sudden prominence of template-based programmability.

As to why respondents are embracing programmability with DevOps and SDN, the answer is not, as you might expect, time to market. Consistently respondents tagged operational scale and costs as more important than getting out the door faster. Except for those who admitted to being driven by a C-level mandate (6%) and the 2% whose bonuses relied on upon adoption.

But before I wind up replicating the entire report, I’ll just close with the key findings for this year’s State of Application Delivery report:

  1. The need for app services is increasing. 
    Three-fourths of respondents have 10 or more services deployed–up from 60 percent who reported 10 or more services in 2016. The average organization is planning 17 deployments in the next 12 months.
  2. Cloud fu is important.
    With one out of five respondents planning to have more than half of their applications in the cloud by 2017, and four out of five adopting multi-cloud environments, organizations are expanding cloud computing deployments in the face of a continuing gap in related skills.
  3. Security services boost confidence. 
    Globally, organizations with the most confidence in their ability to withstand an attack have expanded beyond a simple perimeter approach to security. Many plan to deploy DDoS mitigation, DNSSEC protection, and a web application firewall in the next year.
  4. DevOps has gone operational. 
    Scalability and operating expense reduction are the top two drivers for the interest in DevOps and programmability. This scale is necessary to thrive in the digital economy.

More Inside and Yet to Come

There’s a lot more in the full report (you can get that right now, if you haven’t already) including a closer look at automation and orchestration practices and DevOps perceptions, security insights into which app services have the most impact on organizational security confidence, and where, exactly, organizations plan to deploy a variety of enterprise applications. Spoiler alert: it’s definitely some kind of cloud.

And we’ll be following up with even more details and insights that go deeper into each of the key findings in the coming weeks.

So grab the report and some coffee, kick back, and read on.

f5.com/SOAD