F5 enters deep packet fray

If there is a market for application and content-aware switching, F5 Networks Inc. will be amongst the first know.

The Seattle-based company on Monday will introduce a new family of BIG-IP switches that now does what the company is calling “application traffic management.” F5 is the first of the well-established Web load-balancing players, including Cisco Systems Inc., Nortel Networks Corp., and Foundry Networks Inc., to upgrade its switch family to do packet inspection and decision making at the application layer.

The new switches, dubbed BIG-IP 1000, 2400, and 5100, add upon the company’s existing load-balancing switch architecture and have been designed to more deeply look into IP-based packet headers or payloads and re-direct content based on a policy engine dubbed Universal Inspection Engine (UIE).

F5 says UIE can be programmed via software called iRules, which ships with the switch and is able to identify any defined value in the header or payload of packets traversing an IP network. The iRules software lets organizations define policies that can be used specifically for Web services and mobility traffic, in other words policies that support XML, SIP, SOAP, and other protocols used to communicate over an IP-based network. Additionally the switch can recognize database queries, ODBC calls, and other application-specific applications.

“Prior to this announcement we haven’t been able to do more than HTTP,” said Eric Geisa, director of product management at F5 Networks. “Customers are asking for support of Web services and mobile applications, and until now XML traffic was invisible.”

Geisa explains the switch acts differently depending on the content of a packet and then specialized handling can be assigned. Many of the decisions are built-in to the company’s specialized ASIC-Packet Velocity, however, F5 has also introduced a software development kit that allows third-party companies to develop their own polices (or iRules) for the family of switches.

The SDK includes the BIG-IP iControl API. Once policies are written they are fed to and enforced by the UIE, explains Geisa.

F5 said the product is useful for Web services because it offloads the processing from the applications and on to an intermediary. However, they have already have competition on the Web services front. Start-ups DataPower Technology and Sarvega have introduced network devices that speed the processing and delivery of XML and SOAP traffic.

However, F5 has an advantage, points out Peter Firstbrook, senior research analyst at Meta Group.

“F5 is entering a market where they have bigger install base and much more experience,” said Firstbrook. “The start-ups don’t compete directly with these guys.”

It remains to be seen whether F5 will get competition from elsewhere. To date, Nortel, Cisco, and Foundry have not made any announcements about expanding their perspective lines to include application awareness.

“F5’s competitors in the load-balancing space are far behind,” said Firstbrook. “Cisco, Nortel and Foundry have done nothing in the past few years with [their] load balancing product lines. They won’t get too excited and will likely follow a few years behind.”

Meanwhile, RadWare and Intel spin-off Tarari are eyeing this opportunity too.

Last week RadWare announced that eBay had implemented its many devices for application switching to improve availability and performance of the company’s applications and networks.

“F5’s direction is evolutionary,” adds Firstbrook. “Don’t expect the market to rush out for this feature now, but it does make business future-proof.”