Adapting to Market Shifts: The F5 Story

For established businesses, acknowledging evolving market dynamics is crucial for survival. Failure to adapt can lead to obsolescence. F5, a company founded in the 1990s, exemplifies the ability to successfully reinvent itself repeatedly to circumvent significant disruption.

Over the past two years, F5 has actively redefined its strategic direction. This transformation has been fueled by three key acquisitions – NGINX, Shape Security, and Volterra – representing a combined investment of $2.2 billion.

The Changing Landscape of Application Management

Although F5 has a longstanding history in application management, the company recognized a fundamental shift in how applications are developed and maintained. The rise of Kubernetes, microservices, and containerization technologies are driving this change.

Simultaneously, there's a growing trend of deploying applications closer to end-users, at the edge. F5 understood the necessity of enhancing its capabilities in these areas to effectively serve its customer base.

A Strategic Acquisition Plan

Individually, the acquisitions of NGINX, Shape Security, and Volterra might appear disparate. However, collectively they reveal a cohesive strategy and a defined vision for the future of the company.

To gain insight into the rationale behind these acquisitions, we interviewed François Locoh-Donou, President and CEO of F5. The discussion aimed to uncover the underlying logic driving this period of strategic expansion.

Understanding the Acquisitions

• NGINX: Provides enhanced capabilities in application delivery and API management.
• Shape Security: Focuses on application security, protecting against bot attacks and fraud.
• Volterra: Offers a platform for distributed cloud applications and edge computing.

These acquisitions position F5 to address the evolving needs of modern application architectures and deliver comprehensive solutions for a distributed world. The company is proactively positioning itself for future growth.

Reflecting on the Past, Anticipating the Future

Established in 1996, F5 has encountered pivotal moments throughout its history, necessitating periodic market reassessments. Several years ago, the company faced such a turning point.

Having successfully transitioned from hardware appliances to virtual solutions, and subsequently from data centers to the cloud, F5 recognized the emerging trend of cloud-native architectures. Remaining competitive and ensuring long-term viability demanded adaptation.

Evolution of Application Services

“Our focus expanded beyond simply maintaining application performance to ensuring both performance and security,” explained Locoh-Donou. “Over time, we’ve evolved into a comprehensive application delivery and security provider. This transformation defines F5’s growth over the past decade and a half.”

Currently, F5 serves a customer base exceeding 18,000, primarily within key enterprise sectors including financial services, healthcare, government, technology, and telecommunications.

The company’s core mission has consistently centered on applications – their delivery and security – but a forward-looking perspective prompted a desire to operate within a contemporary framework, leading to strategic acquisitions.

Addressing Modern Application Challenges

F5 observed that applications were becoming increasingly critical to customer success, while IT departments were dedicating excessive resources to cloud connectivity and security maintenance.

Consequently, these acquisitions aimed to introduce automation into the management of modern applications, streamlining processes and reducing operational burdens.

“Looking ahead five to ten years, we envision a future where applications will be inherently adaptive,” Locoh-Donou stated. “This involves automating security, delivery, and performance, enabling a more native and automated approach.”

The Rise of Microservices and Edge Computing

The company noted a growing adoption of microservices architecture among its customers.

This shift involved moving away from monolithic applications towards smaller, containerized components, simplifying management, deployment, and updates.

Simultaneously, organizations required innovative security solutions as applications migrated from data centers to the cloud and, increasingly, to the edge.

Furthermore, managing applications at the edge necessitated a new operational paradigm.

Strategic Acquisitions for Future Growth

Recognizing the need to stay ahead of these changes, F5 pursued a strategy common among large organizations: acquiring the capabilities essential for its next phase of evolution.

Embracing a Cloud Native Approach

For organizations seeking to modernize their application management strategies, focusing on the applications server component represents a logical initial step. A significant move in this direction occurred in March 2019 when F5 completed the acquisition of NGINX for $670 million.

This acquisition was strategically motivated by F5’s desire to assist its clientele in transitioning towards contemporary methodologies, aligning with the anticipated evolution of the market. A foundational element of this shift is a container-native platform. As Locoh-Donou explained, the purchase of NGINX directly addressed the growing trend of applications being deployed in containerized environments.

Lawrence Hecht, principal analyst at Hecht Consulting, highlights how the acquisition complemented F5’s broader cloud-native objectives. “NGINX provided F5 with an established user base centered around web server technologies, alongside avenues for expansion into areas like service mesh and Kubernetes,” Hecht stated.

Initial reactions from F5 investors, as noted by Arman Tabatabai of TechCrunch, were lukewarm following the sale. However, this sentiment may have stemmed from a lack of awareness that the NGINX acquisition was merely the first phase of a larger, three-part strategy, the benefits of which would become clearer over time.

The long-term vision behind this move was to position F5 as a key player in the evolving landscape of cloud-native application delivery.

Application-Focused Security Measures

In December 2019, F5 Networks furthered its strategic vision with another significant acquisition, focusing on application security within cloud native environments. The company acquired Shape Security for a substantial $1 billion. This investment, while considerable, underscored the critical need for contemporary application security solutions.

François Locoh-Donou articulated the rationale behind this shift, stating, “Over the past 15 years, considerable attention has been directed towards endpoint and network security. However, we anticipate that application security will define the security challenges of the coming decade, as it is where the majority of value is generated and exchanged.”

This evolving landscape necessitates robust defenses against attacks targeting applications, as successful breaches can lead to substantial financial and reputational damage for F5’s enterprise clientele. Shape Security specializes in identifying and mitigating fraudulent activities and abuse within both web and mobile applications.

Locoh-Donou emphasized this point in his announcement following the acquisition. He stated, “The integration of Shape will enable us to provide comprehensive application protection, safeguarding revenue-generating and brand-defining applications throughout their entire lifecycle – from initial development to end-user interaction, encompassing the journey from code to customer.”

Shape Security’s capabilities are therefore integral to F5’s broader security strategy.

The Shift Towards Edge Computing

A crucial realization for F5 was the ongoing migration of computing processes to the edge. This necessitates bringing applications nearer to the end-user, be it a person or a sensor device. To facilitate this transition, F5 completed the acquisition of Volterra in February, investing $500 million.

Hecht emphasizes the significance of this acquisition, considering it among the most impactful of the three strategic moves. “Volterra offered a viable solution for deploying Kubernetes at the edge—simplifying the deployment of infrastructure services within edge cloud environments.”

However, the more compelling aspect, according to Hecht, was the narrative Volterra presented. The company positioned itself as providing an application delivery network, mirroring Akamai’s established role as a content delivery network (CDN).

This precise capability was what F5 sought. Locoh-Donou anticipates that applications, previously confined to data centers or public clouds, will increasingly be distributed across diverse environments, including the edge. Integrating Volterra’s technology will provide F5 with a competitive edge.

“At the edge, clients require not only content caching but also the execution of application business logic in close proximity to the user. This isn’t about running the entire application, but rather specific microservices—near the user, a sensor, or even a self-driving vehicle—to optimize the user experience,” he explained.

Combining these three acquisitions creates a comprehensive solution. It includes a web server component for cloud-native applications, robust security measures, and the capacity to deploy application segments to the edge for enhanced speed and responsiveness.

Investing over $2 billion in a relatively short timeframe to capitalize on specific technologies requires a well-defined strategy. F5 has articulated its vision and acquired the necessary components to achieve it. The company’s future success will depend on its ability to integrate these elements into a cohesive offering for its clientele in the years ahead.