How F5 Networks built an empire on controlling the internet

Twenty years ago, some ahead-of-their-time developers in Seattle, Washington, established a company called F5 Labs to invent virtual reality. They were so ahead of their time, however, that the servers weren’t fast enough to support their technology.

Instead, their plans developed into a load-balancing algorithm, which investment banker Jeffrey Hussey managed to get his hands on. The developers went off down a different path to pursue their virtual reality dreams, blissfully unaware that Hussey was about to build what would later grow into a multibillion-dollar technology company.

Come 1997, F5 was known as ‘F5 Networks’ and Hussey had used the algorithm to launch its first product, a load balancer called BIG-IP that controlled traffic on the internet. When a server went down or became overloaded, BIG-IP could direct traffic to other servers. At the height of the dotcom bubble, this capability made F5 a hot start-up, and in 1999 the company listed on the Nasdaq stock exchange.

>See also: Busting the 7 myths of cyber security

In 2000, still riding high on the dotcom bubble, Hussey hired John McAdam to take over as CEO. Scottish-born McAdam had made a name for himself leading Sequent Computer Systems, a manufacturer of multiprocessing computer systems, prior to its acquisition by IBM. He was serving as general manager of IBM’s web server sales business when F5 poached him.

In F5’s first quarter under McAdam’s leadership, the dotcom bubble burst and the Nasdaq crashed.

‘I didn’t know it was coming,’ McAdam told Information Age at F5’s annual customer show, F5 Agility, in May. McAdam actually retired in July 2015 following a decade and a half as CEO, but was reappointed in December when his successor, Manuel Rivelo, resigned ‘for matters regarding personal conduct unrelated to the operations or financials of the company’.

McAdam may not have known it was coming, but he was at least able to see it first – 90% of F5’s customers were dotcom firms. So just months into his job he let go almost 25% of the company and set about switching its focus to the enterprise. In 2001, F5 rewrote all of its software for the new target market.

Pivotal year

It is 2002, however, that McAdam attributes as the most pivotal year in F5’s history, when the company invested in TMOS (traffic management operating system) as the foundation of BIG-IP.

TMOS is a real-time, event-driven operating system designed specifically for application delivery networking (ADN), and it is F5’s crown jewel. The company’s lack of competition in the ADN space helped drive years of solid growth, and Cisco’s exit from the market in 2012 was the cherry on the cake.

But F5 is eager to be known not only as an ADN company. In 2003, it bought SSL VPN firm uRoam, bringing capabilities for remote security encrypted access, and in 2004 it acquired web application firewall (WAF) company MagniFire Websystems. ‘We’ve been a security company for more than ten years,’ said F5’s EVP and COO Julian Eames at F5 Agility. ‘It’s almost been our best-kept secret.’

This security element to F5’s offerings, along with its application-focused business model, has meant that it has been able to ride the waves of cloud computing while other companies have struggled to adapt. It has, however, been late to the party in developing some genuinely cloud-enabled software.

When everything was on-premise, F5 positioned itself as the strategic control point able to watch everything in the data centre back and forth. Now, it wants to be that strategic control point in the cloud, and at F5 Agility it introduced new software-based solutions allowing it to provide a single point of control regardless of where the customer’s application is provided. 

‘You’ve got multiple versions of virtualisation modules sitting beside each other, and there’s no real concept of that,’ said McAdam. ‘That’s what we do – we basically see all of the traffic moving around, whether it’s within a data centre, across data centres or private or public cloud.

‘We used to call ourselves a traffic cop. So as long as we stay in that position, where we are managing that traffic, it’s hard to imagine an architecture that we wouldn’t be involved in. 

‘If you look at the cloud, we enable it. We have products and services that allow a customer to burst out to Amazon and Azure and then come back again if it’s a seasonal business.’

>See also: 4 network requirements to enable the Internet of Things

Meanwhile, when customers voice their concerns about security in a cloud like Amazon Web Services, F5 can suggest they purchase a WAF to wrap around their apps to keep them from the other apps they’ll run beside.

Soon it is also introducing two stand-alone security products – SSL Intercept and SSL Air Gap – which allow organisations to decrypt encrypted data if something needs to be seen for application reasons, and then re-encrypt it. ‘We’re pretty excited about that,’ said McAdam. ‘We have been asked to do that in certain parts of the world that we wouldn’t even contemplate.’

Application security and cloud were the clear themes of this year’s F5 Agility, and McAdam is quick to identify them when asked what he would like F5 to be known as doing five years from now.

‘The real growth – and it’s not a given – comes from making sure that as the cloud really takes off we are part of the enabling of that.’

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics