Office of the CTO

Multi-cloud strategies are taking hold in the enterprise. But those strategies come with a formidable challenge—how to securely manage workloads across multiple cloud providers.

Observability, aka Monitoring 2.0, is a significant step forward in this technology journey for operators and digital business as they strive to understand and stabilize the relationship between user experience and business outcomes. But it’s only half the battle, and the other half involves analytics and automation.

The explosive growth of automation and digitization along with a trend toward hybrid work models will accelerate the momentum away from IP-based security toward identity-based access strategies.

As business approaches a default-digital model, it necessarily relies more and more on data. Eliminating bias in that data will be a critical step in ensuring that decisions based on that data will lead to the best outcome possible for customers and the business.

Savvy CIOs know that the interface is just that: a means to a much more comprehensive digital experience that crosses functional and organizational boundaries. With most organizations firmly entrenched in the second phase of digital transformation—digital expansion—the need to digitize the entire enterprise architecture should be clearly rising as an inevitability.

Most organizations employ automation with infrastructure as code but still retain control over deployments. Looking forward, we’ll see more of an event-driven approach, where the trigger itself is automated based on an event. This is a significant part of what will make applications adaptive in the future—the ability to react to automatically to events and adapt location, security, and capacity to meet service-level objectives.

It should be no surprise that just as the emergence of cloud gave us cloud-native applications, edge is driving a set of edge-native applications. These applications, however, will not reside solely at the edge. Simultaneously, new architectural patterns are emerging that take advantage of applications residing in the cloud and data center.

The path that application delivery has taken over the last 20 years is a story of convergent evolution. More specifically, this era has seen the development of multiple delivery technologies that—when looked upon in hindsight—have revealed themselves to be the initial, nascent evolutionary steps towards what is becoming the application edge.

Let’s say your cat has wandered off. You can’t find them anywhere and tasty treats are not working their magic today. Then imagine that you could leverage the video doorbells in your neighborhood—i.e., idle compute and processing power from endpoints and nodes at the edge—to find them.

Cloud computing has long sought to remove the need to deal with infrastructure, with APIs and drag-and-drop configuration tools to help keep those adverse to the network and infrastructure from getting their hands dirty. But we can't just ignore it either, or its profile as a key attack target.

Cybercriminals targeting the financial services sector are focusing more of their attacks on application programming interfaces (APIs). At the same time, different development teams working on multiple applications often use disparate tool sets, pointing to the increasing importance of industry standards. F5 works closely with financial services customers worldwide to implement and secure the APIs driving open banking.

User, within the context of the application domain, has always referred to the entity that interacts with an application. Just as shifts in application architectures drive changes in the technologies that deliver and secure them, shifts in the definition of user have driven changes in where apps are deployed.

Digital transformation and the associated data generation are threatening to overwhelm the systems and companies that rely on data to create value. Accordingly, organizations are looking for more efficient, modern computing architectures that can support multi-tenancy and deliver applications at data center scale with all the necessary levels of performance and security.

Like Greek and Roman gods, multiple manifestations of the same persona are evident throughout many mythologies. At the core, each incarnation is a new face to an existing persona. A similar reality is true in the digital world; what we call “applications” can often be considered as incarnations of existing functionality.

We are living in an unprecedented time. Technology innovations routinely disrupt existing business models, and in some cases, completely replace existing industries—continuously and fundamentally changing the way we live and interact with each other. This post identifies three areas where AI is currently having a major impact on the enterprise.

The first in a series of blogs that looks at application-related technologies whose tide will be coming in during the next few years, especially as we evolve toward a more fully dispersed application delivery fabric and the emergent role of the edge. We’ll begin by examining where we are today (and the paths taken so far).

The fight for anti-racism in support of our friends, family, and coworkers of Asian and Pacific Islander ancestry is part of a much bigger battle. We are fighting for a world that is radically inclusive—where we, as a global community, don’t just tolerate differences, we celebrate them.

While there’s a tendency to focus on applications that directly implement a customer experience, every business domain will see the rise of applications that ultimately become critical to their digital presence. These applications, then, become the modern equivalent of a monolith.

IBM Cloud Satellite is designed to bring cloud services to where clients’ data already resides—and help them bridge to where they want to go. This aligns with F5’s ambitions for Edge 2.0 and our vision of distributing applications—at the data center, in the public cloud, and at the edge—to help assure a seamless, consistent, and secure user experience.

QUIC has broad industry support and the potential to be the basis of most applications that deliver business value over the internet. Anyone delivering applications over the internet should start thinking about how their operations should change to reflect the new threats and opportunities that these protocols bring.

F5’s completion of its acquisition of Volterra marks the beginning of the next phase of edge computing, ushering in the Edge 2.0 era. We envision that in the Edge 2.0 era, digital business in every industry sector will adopt edge computing platforms to deliver applications and to process and analyze data. The edge platform will be an essential component of the user experience for all digital services.

It's no surprise that we all have at least a few devices in our homes that can and do connect to the Internet. What's surprising is that most of us—and most businesses, too—don't include the "IoT" as part of digital transformation. They should because digitizing products is absolutely a part of the business journey.

The payoffs of a well-constructed data architecture go beyond operational process. The benefits extend into strategic operational efficiencies, deeper business insights, and the ability to reach adjacent business opportunities, all executed in a more agile manner.

Whether we’re talking digital transformation, application architectures, or the importance of telemetry in maintaining a digital business, the soon-to-be-released results of our annual survey help shape F5's understanding of the market and strategic decisions. This year, we gave respondents a bit more latitude in providing freeform answers. They did not disappoint.

We recently crested the third wave of cloud. Concurrently, the pandemic has shifted a lot of enterprise attitudes. One has been the approach to remote work. Another is that toward public cloud. In fact, just about every survey out there now says the market is full steam ahead on cloud migrations—but, while certainly related, an important distinction exists between cloud migration and cloud adoption.

Gaming accounts and microtransactions are valuable enough to have become substantial targets for hackers. Given that these accounts—like those in other industries—can be used across platforms (website, console, mobile phone), they can pose lucrative opportunities with multiple attack vectors for those savvy enough to go after them.

Whether through a mobile app using APIs to interface with an existing monolithic mainframe app or via message queues that connect Slack to a traditional client-server based customer service application, the task facing enterprise IT today is not merely to transform monoliths to microservices, but to make microservices talk to monoliths.

As organizations ramp up their generation of data and seek to extract business value from it, analytics and automation powered by AI and ML will certainly be on the table as technologies put to the task. These are exactly the type of workloads that will benefit from optimized infrastructure, and yet they are the ones least likely to be able to take advantage of it today. 

A thoughtful and deliberate data strategy is fundamental to enabling the quality and cost-effectiveness of the most important business workflows. Further, when the workflows are instrumented to transmit their observed data exhaust to a collection and analysis infrastructure, the workflows themselves can be continuously analyzed and improved, resulting in constantly adaptive and optimized business workflows.

While it's true that 2020 has seen different DDoS attack patterns emerge, what is also true is that DDoS attacks at the infrastructure layer are still DDoS attacks. They are what we might call "traditional" attacks. What is changing are targets and opportunities that come with a distributed workforce, along with considerations around 5G and Edge computing.

There's a big difference between knowing something's wrong and knowing what to do about it. Only after monitoring the right elements can we discern the health of a user experience, deriving from the analysis of those measurements the relationships and patterns that can be inferred. Ultimately, the automation that will give rise to truly adaptive applications is based on measurements and our understanding of them.

The industry saw nearly 250,000 attempts of credit card fraud in 2019. That breaks down to about one attempt every two minutes. Detecting fraud today requires a correlation of data, collected from as many points in the digital workflow as possible, and the ability to analyze it at speeds far greater than manual data processing can offer.

The central problem with measuring site performance today can be summed up as: "We don't measure the cost of slow. We measure the cost of downtime." Humans tend to work toward what they're measured on. This is not a new concept and, in fact, it's one of the tenets of DevOps and the reason the methodology includes a shift in measurements toward what matters most. Today, that means more than just available—it means fast and reliable too.

While SaaS is not really all that new, what is new is the range of activities being commoditized and packaged as SaaS. All manner of business functions are joining CRM, SFA, productivity, and communications as SaaS offerings. And we anticipate that organizations will quickly jump at the chance to offload the operation of such software to a provider.

Despite changes in architectures and location, security problems do not change. Customers still need to protect applications, ensure availability, and defend against DDoS attacks. Application security is just a bigger challenge now due to the expanding attack surfaces and vulnerabilities.

There are two walls in the delivery path for applications. The first (which has been the cause of much friction) is between development and production. And while DevOps methodologies have begun to break down this wall, the other—the one between production and delivery to consumers—is not so easily breached.

In the three phases of digital transformation, the first phase is all about automation. The focus on digitizing of workflows in phase two will ultimately offer business a path forward to the third phase, where data-driven services will generate actionable insights that improve efficiency, reduce process friction, and increase both productivity and profits.

First confined to the data center, Application Performance Monitoring (APM) has become increasingly context-driven around web-based user experiences. Today, it isn't enough to identify what went wrong after the fact. Businesses need to identify where trouble might occur before it happens.

There is an ebb and flow to technology cycles. Its inevitability is extant in many theories, such as the S-curve of innovation and a certain well-known analyst firm's hype cycle. Cloud is subject to these same waves. We've seen two very strong cycles over the past ten years, and it appears that a third wave is beginning to crest.

Data comes from a variety of sources across the code-to-customer path. Applications. Platforms. Application services. Infrastructure. Devices. All are capable of emitting data that can be turned into business value by the right solution. The elephant in the room during any discussion on the use of data is, of course, privacy.

The first step in a discussion about data architecture is to define what the concept of “data architecture” encompasses. Unsurprisingly, the answer turns out to be nuanced—it is layered and multifaceted. To help ground the discussion, it is useful to start by thinking about it in terms of the journey of collected telemetry data.

Digital payments have become as common as cash used to be. Shutdowns due to the COVID-19 pandemic have only accelerated the rate consumers rely on such services. But it has also accelerated digital payments on the corporate side. After all, businesses still have accounts payable and receivable whether they're open to the public or not.

Today, F5 offers the most comprehensive application services along the code to customer path. For the future, we are doubling down on application telemetries and analytics to help our customers discover insights about their applications, business flows, and user experiences. As we build out our cloud analytics capabilities, we'll further leverage ML/AI to help our customers to improve their business services. 

It should be no surprise that as there evolves a new generation of application architectures that a new generation of load balancing accompanies it. Since the birth of load balancing, just before the turn of the century, the technology has moved in a predictable pace, which means it is time for innovation.

Amid this pandemic, the systems processing unemployment claims in many U.S. states found themselves in peril. Developed using COBOL, the systems faced overwhelming demand, prompting urgent calls for those proficient in a programming language dating back to 1959. In parallel, many applications driving contemporary digital transformation efforts are microservices-based. These apps, like their COBOL forebears, are likely to be so critical that they, too, may still be running in 50 or 60 years.

An insertion point is an architecturally distinct location in the code to customer data path at which it makes sense to add functionality that is often outside the purview of development or operationally more efficient. Insertion points include the client, infrastructure, and the app itself. So, what we're looking for are app services that are both operationally and cost efficient at the point of insertion; in this case, we're focused on the app server (platform) itself.

The dominance of video and SaaS traffic today is, in part, why remote access services are being overwhelmed. In parallel, the rise of telemedicine during this pandemic is increasing and along with it, live video traffic. One way to increase capacity and improve performance for remote users is to update your remote access configuration to reflect the modern makeup of application traffic.

"Data is the new oil" or "Data is the grease of the digital economy." If you're like me, you've probably heard these phrases, or perhaps even the more business school-esque phrase "data exhaust monetization," to the point of being clichés. But like all good clichés, they are grounded in a fundamental truth, or in this case, in a complementary pair of truths.

Are we just using telemetry because it sounds sexier than data? Ultimately both data and telemetry are organized bits of information. To use them interchangeably is not a crime. But the reality is that, if you want to be accurate, there is a difference. And that difference will become increasingly important as organizations march into the data economy.