The Hindu Business Line : `Made for each other? Not always'

Today's networks are still not intelligent and flexible enough, bemoans Harvinder Rajwant Singh, Country Head - India, F5 Networks. He wonders if this is because application developers and network administrators belong to two different worlds.

"Applications are not developed understanding the challenges of the networks and application developers assume that bandwidth and processing power of a server is entirely dedicated for a single application, whereas in the real world it's a shared resource for any such corporate."

Rajwant Singh's company, F5 Networks, is into `application delivery networking,' which is all about delivering applications hosted out of data centres or central locations to users, who would access it from anywhere, be it through the local network, remote offices globally over the WAN (wide area network), from a cybercaf‚ or an airport, as he explains, during a recent e-mail interaction with eWorld.

Excerpts from the interview:

What makes application delivery a tough task to manage?

The increasing number of diverse applications is difficult to manage. With evolving technologies, rapidly changing applications, and unique network requirements, it is often impossible for applications to be optimised right out of the box.

Whether the application is developed internally or by a third-party, software developers are unable to know or predict the myriad issues that will arise. This is partly because of the various conditions that can occur in IP (Internet Protocol) networks (such as Internet latency), and the fact that so many disparate users and systems are trying to communicate and utilise an application efficiently.

There are a number of obstacles and exceptions that arise, and usually they are not discovered until it is too late - after the application has been deployed.

For most organisations, managing the integration and supporting infrastructure around all of their applications is a difficult challenge. Integrating new and old systems, combined with the continuous pressure to roll out new applications, places more management stress on IT (information technology) organisations.

What is the key challenge in application delivery, and how should it be approached?

The real challenge comes when the multiple network components between the user and the application, which is served out of data centres, slows down the application. The user experience due to slow performance and downtimes of business-critical applications is not so enriching and it impacts the performance and the business output of a company.

If you're about to deploy a new application, then planning for successful delivery over the network is as important as choosing and configuring the application itself. If you have already deployed an application and are experiencing availability problems, sluggish performance, or exposure to security breaches, your need for a network-level solution is even more critical.

Application delivery networking is an approach and a suite of technologies that comprises application security, application acceleration and network availability.

It ensures that applications are always secure, fast, and available across any network.

It makes the entire network application aware. This lowers costs by streamlining and centralising management, and by eliminating the need for multiple point products.

Are there estimates of the cost impact of sluggish application delivery?

Application delivery challenges are costing organisations millions of dollars. Applications have become the lifeblood of modern businesses by connecting the workforce, partners, and customers to information and services.

For instance, enterprises we deal with report that downtime costs them up to $3.6 million an hour ($1,000 every second). But it is not only about uptime. It is also about how quickly applications can be rolled out, the performance of those applications for the end user, the cost of supporting the infrastructure, and the level of security achieved.

With more applications running at user ends, doesn't the job of the security professional become extremely tough?

Yes, security professionals are facing a huge challenge these days. Security breaches can do more than create unflattering headlines. They can bring down sites, jeopardise transactions with outside customers and partners, and cause sensitive data to be lost or compromised. Protecting enterprise data assets across dozens of applications and hundreds of servers is a huge task.

Organisations need to act especially quickly to safeguard data assets if they are facing a compliance audit, opening up applications to broader access, or using Web portal technology to manage HR (human resource), ERP (enterprise resource planning), or CRM (customer relationship management) data. Every business, though, should take measures to optimise application security and data integrity.

Are there clear metrics by which you demonstrate value for your customers? Any success stories?

Let me tell you about our work for a Fortune 1000 telecommunications company. By developing an iRule (a feature in the IP device to provide the user with control to directly manipulate and manage any IP application traffic) the telecommunications company saved $1 million and solved a phone software problem in a weekend instead of the nine months quoted by the phone's manufacturer. Our solution helped the company to improve efficiencies, availability and productivity for applications such as voice, video, data and wireless services seamlessly and transparently to customers over a common network.

You have been in the security industry for nearly a decade. Looking back, what were the significant shifts or turning points?

Over the last about 10 years many shifts have happened in the security scene. We moved from perimeter security to desktop security. Firewall technologies have moved from being software-based to hardware-based, and within the hardware-based firewall we have seen ASIC (application-specific integrated circuit) chip-based firewall capturing major mindshare purely because of performance and ability to process traffic in real time.

Intrusion detection technology is moving to intrusion prevention technology, basically from the offline to the online mode. Today, hackers are getting smarter. While the corporate world moves towards online and Web-enabled business, hackers go for application-level attack.

How effective have been the countermeasures?

Security systems and firewalls today are not smart enough nor are they designed to detect the new breed of application-layer attacks, let alone protect against them. These devices are application agnostic and simply lock or unlock an address, port, or resource. They're either all on or all off, depending on a response from signature matching.

dmurali@thehindu.co.in