Of all the lasting effects of Edward Snowden’s leaks, there’s one photo that leaves a particularly strong mark. In it, US federal government employees in t-shirts and blue jeans are seen intercepting network equipment from Cisco at a shipping facility. The feds in the photo, their faces obscured, were reprogramming the machines to spy on people’s activities.
The image captured a deeply held paranoia within Silicon Valley’s biggest Internet companies: in an era of increasingly sophisticated nation-state hacking, how can we trust that network infrastructure isn’t compromised before it’s dropped off at the company loading docks?
This fear has created a sense of urgency for Apple, Google, Facebook and other technology giants that have been devising their own alternatives to Cisco, which controls more than half of the market for network equipment.
After the photo was published, Cisco filed a public complaint with the White House, arguing that spying by the National Security Agency was hurting US companies. Cisco said it doesn’t work with governments on back doors for its products and maintains tight checks on its processes and supply chain to assure customers of their security.
While Cisco’s dominance isn’t in danger of slipping any time soon, the industry’s creeping concerns over cybersecurity have created an opening for new businesses and equipment-design skunkworks inside large companies.
In the three years since the Snowden leaks, networking software and equipment startups raised US$6,4bn, a 47% increase over the prior three years, according to researcher CB Insights. “We’ve lost confidence in the vendors in the wake of the Snowden revelations, and that is a weakness and an opportunity,” said John Kindervag, a vice president at market analysis firm Forrester Research.
One company that’s benefiting is SnapRoute, which was founded by a former manager of Apple’s global data centre network. The start-up makes a cheaper, simpler network switch than the ones Cisco sells. And unlike most switches, it’s open-source, allowing customers to look for bugs, performance glitches or back doors that might allow a government to peek inside.
SnapRoute plans to announce a $25m round of funding on Tuesday from AT&T, Microsoft, Lightspeed Venture Partners and Norwest Venture Partners. The start-up counts Facebook among its customers.
Facebook is also a founding member of the Open Compute Project, which develops and shares open-source data centre designs. It launched the project in 2011 after revealing details about a data centre it built in Prineville, Oregon using only Facebook-designed servers, power supplies and backup systems.
Google, Apple, Goldman Sachs and Microsoft are now members. So is Cisco. It’s playing along with a potential competitor because Cisco CEO Chuck Robbins has said the company needs to be “part of every technology discussion that our customers want to have”.
The high cost of traditional networking products was the main reason for Amazon.com’s investment into creating its own equipment. “It was cost that caused us to head down our own path,” James Hamilton, vice president and distinguished hardware engineer for Amazon Web Services, said at a conference in November. “Networking gear is really expensive.”
Besides looking to save a lot of money on premium equipment, companies are placing a higher value on transparency. Cisco guards its code and designs, making them difficult to repair when things break. Bloomberg Businessweek reported in September that a Web hosting company filed for bankruptcy protection after a series of Cisco switches failed and a major customer left, while Cisco worked for months on a fix. Cisco has declined to comment on that case, saying only that it tries to fix problems quickly.
By 2020, spending on open-source and self-built switches and other network technologies will account for at least 20% of the global data centre market, up from less than 2% last year, according to researcher Gartner. Big Switch Networks, Cumulus Networks, Pluribus Networks and SnapRoute are among the companies cultivating a niche that’s putting pressure on leaders Cisco and Juniper Networks and their proprietary code, said Naresh Singh, an analyst at Gartner.
The giants are already under pressure from software-based networking alternatives like SnapRoute’s, and the adoption of open-source tools from mega users, such as Facebook and Goldman Sachs, poses an even bigger threat to their businesses, Singh said. Cisco said some companies baulk at using open-source network equipment, citing maintenance “complexity and hidden costs”.
SnapRoute founder Jason Forrester said the idea for his start-up came from a key discovery he and his colleagues at Apple made when they began designing their own networking software and switches. Forrester (no relation to the market research firm) left Apple in 2015 but declined to talk in detail about his work there. “Switching wasn’t as hard as Cisco and others led customers to believe,” he said at SnapRoute’s offices in an industrial part of Palo Alto, California, located 16km from Apple’s campus.
Switches from SnapRoute are $30 000 to $40 000 cheaper than comparable brand-name models, Forrester said. And whereas switches from Cisco and other big suppliers can have tens of millions of lines of code, SnapRoute’s has just 22 000, he said. This means fewer features, so SnapRoute may not be an attractive option for some companies. But the simpler code makes it easier for customers to sift through in search of hidden spying devices. — (c) 2017 Bloomberg LP
- Reported with assistance from Ian King