Today’s post brought to you by the logical fallacy “Argument By Demanding Impossible Perfection”

thoughtful_thumb[1]_thumb_thumbGenerally speaking we don't respond to competitive commentary that's purposefully antagonistic. The reasons for that vary from corporate culture to the annoying reality that responding confers upon the claims some measure of veracity that it generally does not deserve.

But even technical agitprop can raise points that need to be addressed with respect to the underlying premises upon which the arguments are made. Of late, certain claims coming from Citrix has brought these premises to the fore, and those premises deserve to be addressed.

Issue: Cloud Integration

One of the side-effects of “cloud” being such a fluid descriptor of multiple technologies is that ability of one vendor to claim another doesn’t “do” cloud or doesn’t integrate with cloud or doesn’t support cloud computing. As long as you can find one example of a vendor not supporting some facet of cloud, you can legitimately (but not logically) claim they aren’t a comprehensive “cloud” solution. Another logical marketing trick is to Demand Impossible Perfection. By setting the bar so high, you can dismiss other solutions as “falling short” of necessary features, functions, and capabilities.

This is, in part, what we have in the case of Citrix’s claims with respect to BIG-IP and cloud computing. Citrix states:

“Regardless of which type of cloud environment is constructed or used, ADCs must be ready to handle the new requirements of the cloud era. ADCs that lack these essential capabilities, such as F5 BIG-IP, do not enable IT organizations to be truly cloud ready.”

Just what are these requirements? Citrix never really specifies what those may be, but does offer three alleged examples of where it claims BIG-IP “falls short” and, in the process, argues not only by Demanding Impossible Perfection, but by Selective Observation. In several of its arguments, Citrix again simply fails to understand the technology and chooses to apply, instead, its own understanding – resulting in inaccurate claims and statements.

For example, it specifically calls out BIG-IP WAN Optimization Module (WOM) as including our "iSession feature that establishes secure tunnels between two locations” and then states “it suffers from notable limitations. First it is not supported by all BIG-IP platforms, such as F5’s VIPRION chassis systems.”

First, let’s clear up a fairly important misstatement – that of iSession being included in WOM. iSession is a feature of the core platform. This means that all modules effectively have access to this capability. iSession is the name given to a set of capabilities that allow BIG-IP to establish a secure, bridged connection between two disparate locations, including a cloud. This is very much the same as Citrix CloudBridge1, which is simply an IPSec tunneling capability that enables a bridged connection between two disparate locations. iSession is not limited to WOM, and is in fact a platform-level capability.

Citrix also correctly states that not all BIG-IP modules are available on the VIPRION hardware platform. WOM is one of these modules. This is then combined with the erroneous understanding of iSessions to claim that “not all F5 platforms support the iSessions feature in combination with global load balancing, thus preventing true user transparency and creating incompatibilities with disaster recovery solutions.”

This entire statement depends on one fact being true: iSessions is included only in a module that is also not available on VIPRION. This is simply not true, iSessions is not specific to any particular module and is in fact part of the core platform, which means it certainly is available in combination with global load balancing features found in BIG-IP Global Traffic Manager (GTM). This is Citrix employing Selective Observation, leading to a fallacious conclusion.

So let us set the record straight. BIG-IP LTM is fully capable of (and has demonstrated this capability multiple times with partners and customers) L2/3 bridging between environments (including clouds) using a combination of iSessions (F5 technology) and EtherIP. BIG-IP LTM supports asymmetric IPSec, but until we have tested and proven configurations terminating at cloud providers such as Amazon and GoGrid, we will not make claims about its support.

After reading through Citrix’s claims in this respect, its grand declarations and erroneous assumptions appear tied to a single concept: not all modules can be deployed on one VIPRION. This seems a very narrow step upon which to place a soap box, as there are many other platforms upon which modules can be deployed and, in fact, we see greater interest and deployment of symmetric VE (virtual editions) as part of a Cloud Gateway solution than we do hardware platforms. Because BIG-IP LTM VE can connect to any other BIG-IP device, physical or virtual, symmetrically we do not see the current limitations on modules with respect to VIPRION being as catastrophic as Citrix would want it to be.

The reality is that F5 has both cloud bridging and gateway capabilities, and has had them for some time. 


cloud-securityIt is noteworthy to recognize that Citrix’s discussion of cloud is very narrow, and focuses on specific connectivity, ignoring completely other aspects of cloud required to successfully integrate resources with corporate data centers such as access management and single-sign on, unified namespaces for seamless VDI access, and replication of policies across environments to ensure a consistent operational posture. 

F5 has a broad portfolio of solutions able to integrate and orchestrate not only the most basic of capabilities required to successfully use cloud computing, but more advanced capabilities involving security, availability, access management, and intelligent use of distributed resources.

Enterprise organizations and cloud providers alike rely on F5 to enable cloud computing architectures and models, to integrate resources – network, compute, and storage – and provide the strategic control required to ensure a consistent and secure user experience whether the user is a consumer or employee, local or remote, roaming or static.

Citrix’s claims with respect to F5 and cloud computing are simply fantasy, arrived at through fallacious arguments based on false premises and a very narrow definition of “cloud ready.”


Additional Resources:

1 Citrix Cloud Bridge documentation

Connect with F5:
o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1] rss[8]google

Latest F5 Information