There's a ferocious battle going on in the software-defined networking market between one-time allies VMware and Cisco.
To shed light on their respective SDN strategies, CRN US spoke with Steve Mullaney, former CEO of Nicira who is stepping aside as general manager of VMware's Network and Security Business effective 30 September, and Ishmael Limkakeng, vice president of product management for Cisco's Application Centric Infrastructure.
The separate interviews with the two executives offer a rare glimpse into a sharply divergent technology path the two companies are taking.
Is Cisco taking a hardware-defined approach vs VMware's software approach?
Steve Mullaney, VMware: We say, 'Fix it in a software-defined way'. Cisco says, 'Fix it with ASICs and a hardware-defined way'. What is great about that is what if Cisco came out with almost exactly the same way that we said? We would be screwed because customers would listen to their pitch and then listen to our pitch and then they would go, 'I can't tell the difference. It sounds the same.'
What is your response to Mullaney's claims that ACI is a "hardware-defined" solution?
Ishmael Limkakeng, Cisco: The hardware-defined or software-defined [argument] is sort of beside the point. At the end of the day, customers have a problem they are trying to solve. And the problem that is resonating with our customers is how do we help them deploy their applications more effectively, more efficiently, turn them up, spin them down, in the best operational manner that they can. I think we are seeing that our customers like the comprehensive solution.
The specific[s of] hardware-defined or software-defined - I mean, I don't know that that is something customers necessarily spend a lot of time worrying about.
What is the key difference between Cisco and VMware SDN?
Steve Mullaney, VMware: [For Cisco], ASICs are the key. That is the key [difference]. What is great about that is [we] are very different. What ends up happening is it becomes a profession of faith. What do you believe? Within 10 minutes, a customer knows: 'I am going the VMware way' or 'Nope, I trust Cisco. I trust my ASICs. I have been doing it that way for 20 years. I am going to go that way'.
Then we go okay, that's fine. That is not the way the world is going. But that's okay, you can go that way. The worst thing is if Cisco [approached] software-defined exactly [as we do], we would be screwed because the customer would go, 'I can't tell the difference.' And when they can't tell the difference, they pick the incumbent.
So what is the key difference between Cisco and VMware SDN?
Ishmael Limkakeng, Cisco: NSX is fundamentally a software-based overlay and is completely separated from the underlying hardware, which is really interesting if you have a purely virtual environment and relatively small scale. Then you're fine. But in real customer production environments, there are always both physical and virtual workloads, there are very frequently multi-hypervisor environments, and you have to be able to fit into those real-world situations.
What is the danger for customers of the ACI approach to software-defined networking?
Steve Mullaney, VMware: Cisco is actually aggressively pricing the hardware, which I think is fantastic. That shows the trend which says the money is going out of the hardware and it is going into software. That is happening. So guess what? Cisco is not really a software company. And I am not talking routing protocols. They are not a distributed systems computing software company. VMware is. Nicira was. Cisco is hardware, and you program the hardware. You might write some management platforms. And you might write some firmware and routing protocols. But that stuff has been done for 25 years.
What are the application benefits of ACI vs NSX?
Ishmael Limkakeng, Cisco: I think that what you have with ACI, if you think about a customer and a customer environment, they have physical and virtual environments, physical and virtual workloads, they have probably a variety of different security devices, load balancers, management and operations systems - I think ACI excels at bringing all those pieces together, whether it's physical or virtual, and bringing it together to solve in a comprehensive way.
Is there a difference between VMware as a software company and Cisco as a hardware company?
Steve Mullaney, VMware: As things move more toward software, who do you think is going to come out with better software - a software company or a hardware company? I know where I would bet.
We don't have to roll around in the mud because we know the outcome. Why do I want to roll around in the mud? It is just going to make me get all dirty and distracted. So we just elevate it. We just stay out of it. As [VMware CEO] Pat Gelsinger says: 'Cisco needs us to lose. We don't need Cisco to lose.'
We don't hate Cisco. They hate us because of what we could end up doing to their franchise. But we just shrug our shoulders and say, 'That is the way the world is going. So get over it.'
What is your response to Mullaney's claims that Cisco is not a software company?
Ishmael Limkakeng, Cisco: At the end of the day, we are trying to solve the problems for customers, whether it's hardware, software or whatever the technology.
I will tell you that, from an overall business standpoint, we have always had a tremendous software component in our engineering. I don't have this [number] at my fingertips, but if you look at the headcount from an engineering standpoint, we have always had more software engineering than hardware engineering.
And from a business standpoint, you heard [Cisco development and sales president] Rob Lloyd speak about this and [Cisco CEO] John [Chambers] speak about this: The direction for the company, as a whole, not just this area in particular, is to increase the amount of business that is purely related to software business and software business models.
What is the difference when you add new functionality with Cisco ASICs vs VMware software?
Steve Mullaney, VMware: Cisco is going to say, 'Well, it is not in that ASIC.' Well, when is it going to be in that ASIC? 'Two years.'
Okay. Well, then, what happens after two years? 'Well, then, after two years you rip that line card out.' Now you are probably going to need a new backplane, probably some new power supplies.
It is pretty good for me because I get to just replace it with all kinds of stuff, and that is how I make my money with infrastructure. If that is how you are making your money in infrastructure, you can't do anything other than a hardware-defined world. What is Cisco going to say, 'Yeah, they're right? We are going to promote software-defined and the hardware is generalised?'
Does Cisco's focus on the ASIC make it tougher to add new functionality to ACI?
Ishmael Limkakeng, Cisco: ACI delivers value at the software layer, the system layer, all the way down to the ASIC. The way I would look at it is we use the best of both merchant silicon and custom ASICs, and the combination of that allows us to deliver anything that competitive solutions can offer because we do make use of the merchant silicon and we can innovate on top of that.
So, our capability in ASICs and our breadth with our customer base, I think, gives us an advantage of being able to bring innovation to market faster because we get to leverage what exists in the industry and go beyond that. That is our strategy from that standpoint.
What are the cost considerations customers face in the VMware vs. Cisco SDN battle?
Steve Mullaney, VMware: I won't give you names, but many, many people actually will use the capex avoidance of buying more Cisco gear to pay for our stuff. So they say, 'Cisco tells us we have to upgrade; I have got to get rid of the Nexus I just bought two years ago. Now I have to go get the 9000 and the ACI chip and as long as I do all of that, everything will be fine.' And even though it is cheap, the pain of retrofitting and ripping out gear, I haven't met an IT person yet who wants to do that. It is painful.
What are the cost considerations customers face in the VMware vs. Cisco SDN battle?
Ishmael Limkakeng, Cisco: I think you are going to find that NSX is much, much more expensive… whether it's their price-per-socket pricing model or their VM-per-month pricing model. If you take that and compare it to ACI, ACI is significantly more cost-effective and more functional. And you will see analogies of this where people compare NSX but leave out the cost of the compute that the NSX controller and gateways, etc. are running on, and it leaves out the cost of the underlying networking - whether it's Cisco's or somebody else's, there is a network there.
So, when you do that comparison, you are going to find that NSX is prohibitively expensive.
Next: security and competition