Wednesday, January 20, 2016

Should Cisco Buy NetApp?

Right now NetApp is worth only $6.9 Billion! With a recession likely in 2016, the market valuation of NetApp will only go lower, making it a good target for acquisition.

As a stand alone Data Storage vendor, NetApp is at cross roads. The revenue from its traditional data storage array is falling at double digit rates. Its main competition - EMC is going private via acquisition by Dell. Hard Disk based data storage devices are in their twilight years - which is the main stay for NetApp.

In short, the future does not look bright for NetApp as an independent publicly traded company. Any investor can buy out NetApp and milk out the cash from business. At $6 Billion valuation, NetApp is primed for a takeover.

Across the silicon valley is Cisco. 2015 had been a very good year to Cisco. The sales of its UCS blade servers has propelled Cisco into becoming 4th largest server vendor. Though Cisco, along with EMC created VCE - which is a market leader in converged infrastructure, Cisco faces severe head winds in its core business. Adding to the business challenge, Cisco exited VCE business venture and EMC is being bought over by DELL. The Flexpod product line is also seeing strong head winds by new types of hyper converged infrastructure - Nutanix, Simiplivity and others.

At this juncture, it makes business sense for Cisco to buy a storage vendor will add teeth to its UCS server business and compete aggressively in converged infrastructure markets. With NetApp buying SolidFire - an all Flash storage vendor can help Cisco position UCS better in market.

Cisco is also at cross roads

In 2016, Cisco will have to decide if it wants to remain as an equipment provider or become a Cloud Service provider and remain as center of IT world.

For a long time, Cisco has served as a bell weather for the IT industry. Cisco provided the key networking devices which enabled the Internet and eCommerce world.

Now, with Cloud Service providers such as AWS, Microsoft Azure, Google etc., - the need to build enterprise scale data centers is becoming less important. Many companies are embracing  cloud service providers for all their IT infrastructure and are not building data centers. To Cisco's discomfort, the leading cloud service providers are not buying Cisco gear!

The cloud service providers are fundamentally challenging Cisco's business model.

So the question is: Should Cisco buy NetApp?

Cisco can buy a storage vendor and integrate its UCS with a data storage & its ACI enabled Nexus range of switches. This will enable Cisco to offer end-to-end solution for datacenters.

In my opinion, (its my opinion and it in no way reflects EMC's opinion) Cisco must buy a storage vendor - but not a standalone pure storage vendor like NetApp. Buying NetApp would be a retrograde move in terms of technology, as it does not give any technological benefit to Cisco. Just doing an integration between UCS servers and NetApp storage system does not add value to its customers.

Instead, Cisco should look ahead and buy companies that can truly add technological advantage to its servers. Cisco did buy Whiptail - a server flash storage vendor, but the integration did not go well.

Ideally, Cisco should buyout new technology company which can provide:

1. Ultra Fast Server Flash Storage, which will make its servers blazing fast.
2. OpenStack distribution for server virtulization and server attached commodity storage
3. Hadoop & BigData tools company which can run on UCS+FlashStorage+OpenStack
4. Cloud Service Provider

NetApp does not bring any new technology to Cisco's armory. Cisco currently gets the same technology from NetApp via partnerships.

So, Cisco should look at acquiring new & emerging technology companies that can help redefine UCS Servers as a hyper converged infrastructure. Something like ScaleIO or Nutanix - but can do more than just storage.

Historically, Cisco has been very good at buying technology companies which are developing new, promising technologies and nurturing them into major sellers. For example, UCS, Nexus, ACI, Meraki - were all in startup phase when Cisco acquired them.

Cisco needs to choose if it wants to remain as a major vendor of enterprise IT. And if Cisco wants to remain as a major vendor of enterprise IT, it must become a cloud service provider.

Finally, My Answer

Buying NetApp will be a good financial decision. NetApp can generate far more cash than its current net worth. So from a pure financial transaction point of view, buying NetApp will add financial value to Cisco's shareholders.

From technology point of view, buying NetApp is like buying 2000 model car in 2016! NetApp does not give Cisco any technological advantage and will not help Cisco transform its equipment business. Acquiring a older technology and spending time/energy to integrate it with it business will not help Cisco build a new generation technology.

In short, Cisco can buy NetApp for the financial value - but not for the technology. Ideally, if Cisco buys NetApp, Cisco must continue to run NetApp as a separate business entity and not merge it with its core server or network business.

Wednesday, December 23, 2015

Cisco Enhances Network Security & get itself a great deal!

Today, Cisco announced it has completed the acquisition of Lancope, Inc., which provides network behavior analytics, network visibility, and security intelligence to protect enterprises against today's advanced threats.

With this acquisition, Cisco can improve its network security offerings from offering firewalls to a more active data flow analysis based network security which can provide real time security analysis, incident reporting and response.

Given the fact that most enterprises have a global foot print and the network connects them together, having an active network security monitoring solution will help enterprises in a big way.

With Cisco backing Lanscope's security products - these products can grow to about $2-3 Billion dollars in revenue over next 3-5 years.

See more at:

Cisco Acquires Lancope: Great Fit, Great Deal

Cisco goes deep into network security with Lancope acquisition

Leadership communication - 8 Practices that deliver Results!

Often in organizations, people get promoted to leadership roles and I have seen many people struggle with internal communications in their new role. Especially at times when an organization undergoes rapid changes, leaders fail to communicate well within their own organization.

Recently, the topic of leadership communication came up a discussion point and here is what I had to say about it and I decided write it.

Essentially in uncertain times, leaders will have to step up their internal communications. This is more true when the organization is rapidly growing or  when it is being acquired or when there is a major reorganization happening. Over the course of discussion, there were eight points that were captured and is worth sharing.

1. Be the first to communicate!
2. Be visible to all
3. Use modern Media
4. Tell it all - both good and bad news
5. Be empathetic & tough at the same time
6. Talk about reality and immediate next steps
7. Keep everyone focused on the goals
8. Encourage Feedback and answer tough questions

1. Be the first to communicate!

At times of  rapid change, it is best for leaders to step-up  and take a lead in all internal communications. Leaders must be the first to communicate to their whole group. In today’s global world, the group could be spread over multiple locations, so it may be prudent to communicate initially over e-mail first and then follow it up with a group meetings or town hall meetings. 

2. Be Visible to all

Leaders make a great impression by being among the team and people. There is a saying: “Great leaders lead from the front.”  Likewise when it comes to communication, leaders must walk and talk to people personally. If the organization is spread across multiple locations, then leaders must travel around to rally the folks, talk to them in person. For front line folks, it is not enough to see an e-mail or a poster or a picture. Joining them in person make a profound impact. Several military generals - Robert Lee, Napoleon, Patton etc. earned great respect and could command over people due to this simple & yet effective communication technique.

In my past organization at Open-Silicon, I had seen few great leaders  - Dr. Naveed Sharwani and Dr. Satya Gupta (founders) would take extra effort to talk to all departments - be it sales or marketing and R&D labs. 

3. Use Modern Media

Communication technology has changed enormously in the last decade. So use all the latest technology to spread your message. For example, make a video recording and share that over internal social media or Intranets, For meetings use video conference rather than just teleconference,  In addition to emails, use blogs to communicate. Some organizations have even created mobile apps to communicate with employees.

One good example of leadership communication is Narendra Modi, Prime Minister of India. His use of video, radio, social media and even holographic broadcasting of his speeches led to his election victory. If a politician can use modern media, then all leaders in technology companies must be able to do even better.

4. Tell it all - both good and bad news

Too many leaders try to hide company problems from their employees and public and opt to tell only the good news. Another mistake leaders make is to sugar coat bad news or give a positive spin to an obvious bad news. But all this will fail as employees can read through the message and leaders create a bad impression for themselves.

The best strategy is to tell it all. Both good news and bad news upfront. People are smart and will understand. Hiding bad news will only exacerbate the situation. 

5. Be empathetic & tough at the same time

When leaders tell both bad and good news, leaders will have to be empathetic to each individual fates and yet take the tough actions at the same time. One of  the best example in history would be General James Longstreet’s instruction to Major General Pickett in the Battle of Gettysburg. General Lee had ordered Pickett’s men to attack union troops on cemetery ridge. Longstreet knew the futility of this assault, and yet he instructed Pickett and Pettigrew to attack. Longstreet’s commanders knew that the fatalities will be very large in this assault and yet executed the orders.

Unlike military generals, business leaders do not face this type of life and death situations, yet many fail in this aspect.

6. Talk about reality and the immediate next steps

When facing bad times or good, good leaders should  describe the situation and then talk about the steps than need to be taken.  This will help in establishing the basis for taking the necessary steps and leader’s credibility will increase and people will follow them.

During the dotcom bubble burst in 2000, I was at Intel and Greg Barett the CEO of Intel announced a layoff, but first he explained the situation to everyone and then listed out the steps - which included layoffs, and renewed focus on developing new technologies. Intel launched “One Generation Ahead” program in that downturn and since then, AMD has never been able to catch up.

The ability to articulate the current situation in clear terms and then defining the next steps will energize the entire organization and move them in the right direction.

7. Keep everyone focused on the goals

When things are changing rapidly - say for example the company is going through a merger or a split or getting acquired or just being reorganized, employees tend to lose focus on the future goals. The air of uncertainty masks and obscures the main objectives and people often delay execution of plans or delay making decisions. Its natural instinct for people to wait for clarity, and in the mean time the organization flounders.

Leaders must then step up their communication to keep everyone focused on the goals and keep driving the organization towards the goals. This will keep people busy and not get distracted  & waste time.

8. Encourage Feedback and answer tough questions

Its human nature to cringe at tough questions. Leaders are often no different. Many leaders don’t like tough questions. Such leaders insist on people asking questions ahead of time before the major meeting or try to deflect the question on someone else or say “I will answer this later”.

This tactic does not work. Instead walk in the front and answer the tough questions in front of everyone. If the question points towards the leadership mistakes, be open to accept past mistakes and apologize and/or talk about corrective steps.

Closing Thoughts

Leadership is a learned skill, and leadership communication is no different. One needs to just walk out of the comfort zone and walk in the front to lead. This would mean being straightforward and dealing with tough situations. Leaders are first judged on how they deal with tough situations and are measured on the success. If a leader cannot handle tough situation, then there will no success. And the best way to deal with tough situation is to communicate and communicate well with all stake holders. For successful leadership, communication skills is just as important as decision making skills. 

A Three-Step Product Commercialization

Launching a new product is one of the most of the core activities a product manager must do. Launching a product is both costly and risky for any business, and that’s why specialists – called as product managers are brought in.
In order to take a product idea into a successful product, there are several stages of development. Customer requirement, use cases and value to customers has to be identified – and often this is the easy part. Then comes the tougher part – how to commercialize the product. 
Launching a new software product has become very complex. The notion of what denotes a ‘product’ and what denotes a ‘service’ is getting rapidly blurred. In addition, the commercial & monetary aspect of software is incredibly complex. The options run from pay-per-use models or annual license fee or one time license fee or even freeware.
The complexity of pricing and commercialization can make anyone go crazy. 
In this article, I will go over a simplified 3 step plan for product commercialization. Going through this will help you identify and access the business risk & help develop better plans.
Step-1: Create a purchase process map
Step-2: Get a Beta Customer
Step-3: Analyze all sales deals.
Pricing of the software has major impacts on several aspects of productization: Packaging, Distribution, After-sales support, marketing and lifecycle planning. It is therefore very important to incorporate the product commercialization plan right at product design stage. (See: Building World Class Products)

1. Create a purchase process map
As part of product design, one needs to think on how any customer will buy this product. I call it as a purchase-process-map which details every aspect of the buying process. Product Purchase-process-map is a very powerful tool that will help gain deeper insights on what the customer really wants to buy and how you can develop a product around it.
Start with customer research that provides great insight into customers' needs and identifies the factors that motivates customer to buy. Once customer motives are known, you can develop a sales & marketing strategy for the product. 
The first step in developing a purchase-process-map is to get an answer to “WHO” questions:
·        Who orders the product?
·        Who inventories the product?
·        Who will use the product?
·        Who influences the decision to buy?
·        Who controls the budget?
·        Who will dispose of the product?
Learning about all the players who have influence over the purchase is very important. When selling complex enterprise products, companies use dedicated Account managers or Account teams whose main focus is to work out the customer purchase maps and then sell products. So, when developing new products, it will be good to have representatives from sales or account teams who understand customers. 
The purchase-process map must be as accurate as possible and it explains the customer buyer-behavior. Do not make the mistake of assuming that you know the buying patterns of customers based on similar products purchased by customers. Always base your product purchase map on facts and not assumptions.
For example, a software company did a voice of customer research and identified a need for unified data center resource management software. However, the purchase-process map revealed that there were no real users of this product as customer operations were still distributed with servers, network and storage being managed by separate teams and no single team or member was looking at the entire data center infrastructure. Identifying this problem helped to avoid developing a new product. Instead, the company was able to cobble up different software tools and offer it as suite. This learning saved several millions of dollars in development costs and at least one year of development time. 

2. Get a beta customer commitment
Traditionally, beta customers are used for product testing. But Beta customers are also very useful in developing financial aspects of the product. It is best to co-develop a product with a real customer and they can provide valuable feedback on the financial aspects of the purchase process.
In many cases, Beta customers expect a big discount on the purchase price, they can provide inputs on various monetization schemes such as:
1.    Paying for using the unit – one time license fee.
2.    Paying for annual license fee including support
3.    Paying for installation of the product
4.    Software is free, but customer pays for support.
5.    Software is free, but is supported by advertisements
6.    Software is free, but developer can collect & use customer data

Beta customers can also help in product marketing & sales by:
·        Agreeing to give written analysis of the product
·        Agreeing to endorse the product
I have worked on several new product development projects with customer and in most cases, customer was very much interested in developing a monetization model for the product. In one instance, customer helped develop the product and also defined the product cost.   
3. Analyze all sales deals  
Initial sales of the new product must be analyzed against the purchase-process-map. For every item in in the purchase-process-map, there must be a corresponding sales or marketing activity. The review verifies whether each of the sales and marketing strategy actually delivers. This also helps to identify weak links in the marketing program that needs to be corrected. 
Analyzing sales deals is very important for new products. Failing to address key customer needs can impede the product adoption process. Identifying issues early in product launch will help keep up sales momentum.
Remember that if sales efforts stalls, and sales reduce, distributors and sales team will simply turn their attention to other products. Sales team will not analyze why the product is not selling. Once the momentum is lost, it is much harder and more costly to get the new product back on track. To ensure success, review all initial sales deals and periodically review deals to identify any roadblocks that could jeopardize the new product introduction.

Closing Thoughts
The stakes are high with every new product introduction. The company reputation and product manager’s reputation is on the line. The best way to see a product’s success is to follow this three step process and incorporate this into product launch plan and sales strategy.    
Remember addressing product issues early on and eliminating product adaption barriers, you will be setting up the path for success and build products with a healthy revenue stream.
Use this 3 step plan for product commercialization. Going through this will help you identify and access the business risk & help develop better plans.
Step-1: Create a purchase process map
Step-2: Get a Beta Customer
Step-3: Analyze all sales deals.
Remember addressing product issues early on and eliminating product adaption barriers, you will be setting up the path for success and build products with a healthy revenue stream.

Juniper's Software Security Problem and What We can learn from it?

Recently, Juniper was in the news for a wrong reason: FBI is investigating Juniper for a security hole in its Netscreen Firewall products. 

FBI is investigating on a security hole - i.e., someone had put  "unauthorized code" inside Netscreen Firewall - a security equipment sold by Juniper Networks.

While this investigation goes on, there is a major learning for all product companies. Adding some "unauthorized code" into the product is a regular technique used by various government agencies. Few years ago,  NSA had done a similar thing - put code on Cisco network equipment, which prompted John Chambers, then the CEO of Cisco, to write an open letter to President Obama asking Obama to stop the NSA from hacking into Cisco's equipment.

In February 2015, Kaspersky labs found out that NSA had created spyware hidden in the hard drive firmware of more than dozen of the largest manufacturers brands in the industry, including Samsung, Western Digital, Seagate, Maxtor, Toshiba and Hitachi. See: NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware

Given the extent of reach and power NSA and other governmental agencies have, it would be wise to assume that majority of computer equipment could have "unauthorized code"!

How does such "unauthorized code" get into the system?

According to information revealed by Edward Snowden, hacking into hardware is relatively easy for agencies like NSA. NSA has a special department to handle this - called as TAO: Tailored Access Operation Unit. TAO intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they're delivered. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.

What can be done about it?

Since the "unauthorized code" is added during the transit, the original manufacturer has no idea that the software inside the device has been compromised. The customer also has no idea of what's inside the box.

As the experts at TAO can do a good job, there will be no physical signs of tampering on the physical boxes.

There are several ways to avoid such hacks. (but there is no perfect plan) This calls for vendor to provide a greater level of transparency to the customer.

1. Ship Hardware only - without any firmware in the device.

All physically shipped products are shipped without any software or data storage drives/memory.
Equipment vendors can then provide another copy of the firmware via secure channel. In an extreme case, customer physically walks into a vendor location and get a copy of the firmware in a disc, which is then installed on the device.

2. Vendor provides CRC checksum details, code size, time stamps and other details to customer 

Equipment vendor also provides loads of meta data about the compiled firmware. Details such as CRC checksum, code size, code time stamps for the golden image is shared with customer. Customers can then check their equipment and embedded code to see if anything has changed.

3. Customer can insist on Open source software only

Several governments are now insisting on using open source software - which engineers from customer side can validate, compile and install on the hardware.

The other option for the customer to insist on vendor to provide the source code. Customer then can validate, compile and install on the hardware.

All this calls for greater transparency by the vendor and a change in product shipment & deployment - which adds to the final cost of the product.

How to detect and catch such "unauthorized code"?

The burden on detecting and catching such "unauthorized code" lies on the end customer. Customers of computer systems have much to lose, hence they must step-up their internal software security practices.

Many customer have instituted a software security assurance program - but this program must also include firmware and hardware.

EMC has a software product called Network Configuration Manager (NCM) to ensure that the network devices are running on authorized code.

Network Configuration & Compliance Management tool, can be used to regularly check all equipment for any changes to the underlying firmware and warn if any irregularities are found. NCM can also be used to remediate infected devices and change the firmware to the known "Golden Image" which is a customer validated version.

Network Configuration & Compliance Management tool can be used to automatically check several thousands of devices simultaneously, do regular compliance audits, report any violations and even do automated remediation steps.

In addition to network device configuration, customer will have to constantly monitor network traffic to detect any "Unauthorized Data Movement". Here again there are tools such as RSA's Envision and Lanscope's StealthWatch System.

Tools can help - but remember that organizations like NSA has a long reach and even RSA's security code has been hacked by NSA. See: Alleged NSA Dual_EC_DRBG backdoor 

Closing Thoughts

Information Security is a major problem. When governments are hacking basic network devices and hardware such as hard drives, the burden of information security lies squarely on customer's shoulders. Customers should be vigilant, demand greater transparency and implement tools and processes to catch any security violations.

Today, there are software tools to help in network security and compliance. Customer have to use tools to the best possible extent, demand greater code level transparency and implement a robust security assurance program. (And then keep your fingers crossed!)