Juniper CEO: We're Uniquely Positioned To Be SDN Winner

Juniper Networks has had better years, but CEO Kevin Johnson says the company is on good footing in 2013 and ready to prove its doubters wrong.

To wit, Juniper's slimmer following a restructuring, more pragmatic about how it needs to address key new product areas like its QFabric data center system and well-positioned to take advantage of what, to Johnson, is a major industry inflection point specific to software-defined networking (SDN).

Johnson joined CRN earlier this week before the start of Juniper's Global Partner Conference in Las Vegas to talk through Juniper's strategic priorities this year. Excerpts of the discussion follow.

Every company has an SDN strategy now. You're talking to CEOs, folks who actually have to buy this stuff. Are they ready for this conversation?

Sponsored post

Well, certainly in the discussions I have with our larger service provider customers, it's very relevant. That's the core of our business, and it has to do with reducing cycle time on deployment of new services for customers. Our ability to do that -- to bring to a significant installed base of our routing infrastructure new software evolutions -- is very important. That's a discussion happening at the most senior levels of the large service provider customers.

On the enterprise side, it's also an important discussion at the CIO level within an IT organization. I think it has to do with the fact that they've virtualized most, if not all, of their applications, and if they're looking at a dynamic data center, the next opportunity they have is to look at the way the networks are architected. It is a big topic and on the minds of our customers, and on our minds as well.

From a hype-cycle perspective, are we going to see a similar vector with SDN to cloud where 2-3 years ago, customers were told they were going to move there, then the POCs began, then the sales?

We're in the hype cycle certainly. It's consistent with how a paradigm shift plays out in that the entire industry is full of enthusiasm and optimism around what a new technology can do; then you have to separate the hype from the substance, and then it takes engineering work plus a journey. You have to go and invent things and try things, and what happens is the industry starts to converge on a set of things that are real and impactful for customers.

I think we're going through that now. The hype cycle, frankly, started about a year ago. We're well into it now, and what you see from us, as a company, is that we've been very thoughtful about not just participating in the hype. We wanted to make sure we had clear substance and a clear view of what we were going to do with our engineering resources. So what we've been working on for the last nine months has had our engineering leaders defining the unique value proposition where this kind of technology can have most impact.

NEXT: Carriers And SDN

The partnering strategy will be so key to that, especially with so many of the SDN startups that, even if they have shippable product, aren't really articulating partner programs.

We have over 1,000 partners here at the Global Partner Conference, and the primary objectives we have are to number one, educate them on our vision and view of what we define software-defined networking as, so they can be prepared for where we're going as a company.

It's important they know that so they can be attuned and take that forward. 2013 will be a year with product in the market; we're on a path to having some of our systems products and software assets reach at least a technical beta in 2013. Depending on where those go, there will be product in 2013. So this is the year when we have to educate them on how to be successful with our work in this area.

To be clear, though, we're not talking about an entirely new set of products. We've been talking about software in the domain of networking with Juniper for years, and this is an evolutionary path using your current product set.

It is absolutely an evolutionary step. You look at the progress we've made, and it's things like we have an entire router services business with software licenses that run on the routers. With the process that Bob [Muglia, Juniper software executive vice president,] is outlining, we're running those on x86 cards or running them on x86 servers attached to the routers, or even on x86 servers running the cloud. Much of this is how our vision for network systems become platforms.

In the past, those services were basically in a business model where they were sold as an embedded part of the system. It's much more flexible, moving forward, to leverage x86 processors for those services and turn them on in network equipment or turn them on in the cloud.

There's also a thought that network systems are going to go away. Well, no, things don't magically get connected -- the systems are still very important, as are the investments we're making in custom silicon. We still believe there are many areas in the network where the volume of traffic and performance characteristics require custom silicon for many years to come. So, our investment in the domain of the network will span the silicon, to the systems, to the architecture we bring to market.

How are the service providers coming at that architecture, specifically? For them, the network services themselves are the product they're selling.

No doubt. They have billions in infrastructure, so there's a way to enable an SDN approach that uses many of the same industry protocols and for which they don't have to rip our existing infrastructure. It'll be very complementary to what they've invested in already. You have to look at the solution holistically: It's not a separate thing; it's a core set of services embedded in a router. But now, we're dis-aggregating those services between the routing platform and the application. That gives those service providers maximum flexibility.

They're looking for ways to reduce cycle time, deploy services fast and do it in a way that reduces their operating expense. Much of that operating expense comes in the time it takes to test and physically deploy and leverage these things. Software automation allows them to speed time to market and reduce their overall OpEx to deploy services.

Do you think SDN will drive a major product refresh cycle or will it be more gradual, incremental updates via software?

It'll be that evolutionary thing, I think. It's not going to drive a massive need to do upgrades in the infrastructure. As long as the infrastructure uses industry-standard protocols, SDN is leveraging that. There are some software pieces that are going to have to be built, and that's what we've been building, in part through acquisitions.

NEXT: Juniper's Competitors

Thanks to virtualization, software in the data center and all these things we keep talking about, is your competitive mix going to shift at all? I know you get asked often if, for example, VMware is now a competitor. Is this paradigm shift going to change who the players are?

I don't know if it will change who the players are. It'll be an opportunity for the emergence of some startups who will maybe fill some of the niche gaps. But, I consider VMware a partner. We're not in the hypervisor business, and they have a lot of software that automates the provisioning of virtual machines. That's not a business we're going to be in. We've committed to things like VXLAN, and I'd like to make sure our software assets dovetail nicely with theirs.

There will be those innovators that are clear about where they're going and what they're building and how they're going to build it. These are the companies that separate hype from substance and execute against a road map in a thoughtful way. Any time there is an inflection point like this one, there is an opportunity for winners and losers. We're uniquely positioned to be one of the winners in this inflection point, and it's up to us to drive it forward.

Does SDN strike you as an inflection point that will create opportunities for major share shifts, much like, say, VoIP did?

I think things like VoIP continue to reinforce the shift to IP packet-switched networking. Video distribution, for example, drives more shift to IP packet switch technology because it needs that.

I think about it this way. TCP-IP was a standard protocol that developed in the mid-70s and then was adopted by IBM, AT&T, DEC and others in the 80s. That was an inflection point. Another inflection point over the last 20 years or so was the concept of separating the forwarding plane and building custom silicon into the control plane in routers. That was driven by [Juniper CTO and founder] Pradeep Sindhu and Juniper. Without that disruption, routers couldn't handle the traffic growing at so rapid a rate.

SDN is potentially another inflection point in this evolution. You're separating the control plane from the forwarding plane, and it's not just what you can do there; it's about the services plane and the management plane and how software automates things that haven't been as automated as they need to be in the networking industry. SDN will have its most significant impact by enabling new services and reducing the operating expense it takes to run these services and their networks.

NEXT: Partners And SDN

Getting back to the partners and how they sell SDN and software with Juniper, you have plenty of partners who can sell licenses and do integration. But far fewer are the number of partners, particularly VARs, who have real development expertise and can run the business of programming the network. Have we reached a point where they need to get in on that?

For partners that have expertise selling products and systems and hardware, they are going to have to build some muscle around software licensing. We're going to help them with that, and our Software Advantage licensing approach we're announcing here is going to educate partners on how to do that. We want to make that an easy skill set: not only how to configure and price and sell systems components, but also how to configure and price and sell software licenses as well. That's an important thing for them to build.

Certainly these services that partners bring to market have to do with managing these networks. Having to do command-line interfaces to program network devices is just archaic at this point. When it comes to developing software, the strategy we're on is that anyone can develop it, and it'll run on an x86. Juniper's JunosV App Engine will allow it to run on any operating system you want. So if there's a developer in Linux, or Windows, or Java, you can write to any system you want. It'll be all part of the base of software we can enable.

We've made a lot of progress beyond this concept of just running Junos APIs. We've dramatically simplified the ability to write software. Not all partners will write software, but that will be part of how some of them sell the solution they architect.

It seems like there's an emerging gulf between Juniper partners that have invested and developed that software practice and those who haven't. FishNet Security, for example, one of your biggest partners, has its FireMon business, which uses technology that was developed in Junos. Will all your partners need to do this?

I don't think they'll all need to do that. They can participate in systems and software solutions without needing to be in the business of writing custom software. There is not a requirement for every partner to learn that, and certainly we'll take them down the path of how to use and leverage the SDN tools.

What we've seen from a lot of the tier-one technology companies, many of whom you partner or compete with, is this stack-up, where they want to sell the hardware and software and the storage and network -- everything needed to attack converged infrastructure. Cisco's doing it, HP's doing it, Oracle's doing it. If you're not doing it, do you get boxed out?

I don't think so. Customers have specific needs, and for the companies you mentioned, they need to decide if they're offering a proprietary stack or an open stack. We decided to build to OpenStack, as have several of the companies you've mentioned. We see a unifying concept in OpenStack that allows for innovation using a common interface and a common set of protocols.

I think that's the right approach for the industry and the right approach for us to be supportive of that. That's the direction we're going. We don't really get into the compute layer; we're not getting into storage. But, we're going to continue to be a pure-play, high-performance networking company. We're going to do that and participate with innovators in other layers of the stack.

NEXT: Juniper's QFabric Challenges

Your CFO said during a December conference that you'll end up having spent your usual $1 billion in R&D again for 2012. Where does most of that spend go?

The way we think about it is in terms of the three businesses we have: our routing business, our switching business and our security business. Underpinning each of those businesses is the investment we make in custom silicon, and on top of that is the way we innovate on systems that allow customers to take advantage. Those systems have a long and useful life, and we enhance them from time to time.

About half of the company's employees are engineers. Of those engineers, 85 percent of them are software engineers. So if I think about R&D resource deployment, some of it is software related to Junos and to the routing protocol. Some of it is in security. Some of it is investment now going into the SDN concept and in areas like Junos Space. Each business we have has a silicon, systems and software component to it.

You've admitted recently that the customer ramp-up with QFabric was slower than expected. What has to change about your approach?

There are three things that I think are contributors here. One, there was a set of software features that customers had asked us for and that were just delivered in the last six months. Some of those had to deal with high availability, some with customers wanting to do things with the interconnect, others with multi-tasking. It was a set of software features that took us a while to develop, so that slowed some adoption.

Second, the assumption we had with QFabric was that customers would want to architect a data center using one large fabric -- a large interconnect. What we found was that many customers liked the concept of QFabric but were concerned that a single fabric in the data center would be a single fault domain. So, with the M-series QFabric -- the microfabric as some refer to it -- there is a change in price point and capability, and since we've introduced that, we've seen a number of customers that have deployed the microfabric to multiple domains of their data center. Fox Sports and Yahoo Japan are examples of these customers.

The third thing is that in some cases, the hype around software-defined networking has caused customers to slow down and try to put a value on what does SDN mean. In many ways, QFabric is implemented with SDN concepts: The director is the software that runs outside the box that provides the control to the interconnect. But, it needs to do so with proprietary [technology]; there are not industry-standard protocols than can do some of the things that QFabric does today.

So, what we see today is customers that need to have high-performance access to what the compute [portion] is doing. Fox Sports is an example of that. They have a lot of video that needs to be edited, so the compute has to have rapid access. That's a perfect case for QFabric.

Overall, QFabric continues to grow, and we continue to enhance the feature set for our customers, including how to use SDN complementary to QFabric.

Those customer care-abouts in the software features, they weren't things you could have known ahead of time? QFabric was in development for so long.

Some things we knew, and that it would take time. Some of them were customer feedback, so it was a mix.

Is QFabric a success?

I think it is a success on many levels. We took an innovative approach to doing the data center in a different way and we delivered that. Customers are getting great benefits. Would we like to see faster growth? Yes, we would. The company has learned a tremendous amount from our innovation and QFabric that is now going to help us with SDN. That's something we have that's unique to Juniper: We have a single network operating system, a single software base to build upon. These are the unique assets that will help us going forward.

NEXT: Juniper's Security Setbacks And Restructuring

[Juniper Software EVP] Bob Muglia told me a few days ago that Juniper is acknowledging that it's fallen behind in enterprise security. How do you get your mojo back there?

Here's how I think about the business. Our switching business, through Q3 of 2012, has grown 19 percent year-on-year. We're taking share and growing. That switching fabric business is a healthy business, and five years ago we didn't have that business. It's now more than about $700 million a year. Our entry into switching, we did organically, and at the time, many folks in the industry said you should acquire someone. We built that business organically, though, and it's growing 19 percent year-over-year.

And, look at our routing business. The MX platform is just a workhorse. That's a flagship product of the company. And in addition to that, we've expanded on the high end, with the PTX converged super core, and then there's the ACX, which moves us into the access layer. Now, the total addressable market for routing declined in 2012, mostly due to macro. We felt that, no doubt. But since Q4 of 2011, sequentially we have grown share; look at the Infonetics data. Our routing business is generating a lot of profits for the company, and that's a place customers depend on us.

So, we're healthy with switching and healthy in routing. Then there's security, which I break into two businesses: service provider and enterprise. On the service provider side, I think we've got a very strong business and a solid set of differentiators. In some cases, your ability to handle scale is what it comes down to.

The place where we've lost a little bit of focus is in enterprise security. Back in 2007 and 2008, when we were porting a lot of features from the [NetScreen] ScreenOS code to Junos, we allowed some competitors to get in. But, with Bob [Muglia] and Nawaf [Bitar, Juniper's senior vice president and general manager, Security Business unit], we've changed the management team, and they're on the path of closing gaps. One gap was manageability; we were still using command-line interface. Now, we've got a very solid capability there. We've pushed beyond firewalls into areas like AppSecure, and we're doing some interesting things with [2012 content security acquiree] Mykonos. We're getting back there in enterprise; we're a year and a half into that effort. We've got more work to do. But, we've made monumental progress in the past year, and I think you'll hear it in what the partners say.

You've had some significant turnover lately and some of that's natural with a restructuring. But, a lot of VP and EVP-level exits is concerning. Should we be concerned?

There were several objectives in our restructuring, and they had to do with improving focus, enabling more agility, where in some cases we had too many layers of management and business units doing similar kinds of work, and [being] more efficient.

We eliminated a number of VP-level jobs. We took out layers of management and consolidated groups, and that eliminated jobs. These are good people, and we did have to make those decisions for the right reason and for the company going forward.

People would look at things like Stefan [Dyckerhoff's] decision to become a venture capitalist. He still works for me, not in an operations role but more in kind of a staff role while he's doing his venture capital thing. We're respectful of his decision and his contribution to the company. But, it also highlights that we have a really deep bench. We pop [new Executive Vice President, Platform Systems] Rami Rahim in, and our customers all know Rami and our engineers all now Rami. So, we're not missing a beat.

Another piece of this is broad attrition. Any time in Silicon Valley when you have a hot topic like SDN and you have a company like a Nicira that starts up and then goes for $1.2 billion so rapidly ... well, when was the last time you saw the hype in Silicon Valley around something having to do with networking? There are many benefits to being in Silicon Valley, including access to engineering talent. That's great. In other cases, there are places where you get a push in startups and people wanting to do that, and yeah, we've had some of that.

At the end of the day, we've made the right set of decisions for our company. They are never easy decisions. We had to cut the work force by about 500 employees, and many of those were managers, and many of those were senior managers -- good people whose contributions we appreciate. We made a set of thoughtful decisions. We've got world-class engineering talent and a clear vision for how we're going to execute.