The State of Application Delivery 2017: Security with a
High Probability of Cloud
Lori MacVittie, 2017-10-01
TL;DR Our third annual State of Application Delivery report is now available. Organizations report high interest in
security, migration to cloud, and increasing reliance on application services.
Forrest Gump, offering his especial brand of unexpected wisdom to a nurse in the eponymously named 1994 movie,
said, “My mama always said you can tell a lot about a person by their shoes, where they going, where they been.” It turns
out that the same thing can be said for app services; you can tell a lot about an organization by the app services it uses
and plans to use, including where it’s going.
Some of the most compelling insights come directly from asking organizations not just what app services they use, but
where they want to use them and in what kind of form factor. Do they prefer containers? Or are they sticking with virtual
appliances? Just how important is app performance right now, and what’s the state of adoption for app services that
make apps go faster, like HTTP/2?
We asked a lot of questions, and we got a lot of answers. By asking over 2000 respondents across the globe and in
every corner of IT about their plans for apps and cloud, app services and security, and what they really think about
programmability-driven trends and technologies like DevOps and SDN, we discovered
where organizations will be going in 2017.
And we’re pleased to say that 2017 is shaping up to be the year of safer apps
delivered via cloud computing.
Forecast: Safer, Smarter, and Cloudy
Strategically, cloud in all its forms – private, public, and SaaS – dominates the
technologies every organization believes will have an impact in the next two to five
years. To wit, 1 out of 5 respondents expect to deliver over 50 percent of their apps from the cloud by 2017.
Appropriately, then, they’re putting their money where their strategy is. The top three investments align with perception of
strategic impact, and they all point to cloud.
It was no surprise, then, to see growing
preferences for public cloud
deployment of the now average 14 app
services organizations rely on to deliver
applications whether they might live.
Without exception, we see increasing
interest in deployment of app services
in cloud environments.
Overwhelming, security dominates
those app services with DDoS mitigation (30%), DNSSEC (29%), and web application firewall (WAF) services (29%)
topping those being planned for deployment in the next year.
With a lack of available talent cited as problematic for both hybrid cloud implementations (23%) and overall security efforts
(34%), app services can help fill the skills gap that impedes innovation and business momentum. That’s likely why we
found that twenty-five percent (25%) of respondents preferred to deploy DDoS protection/mitigation as a service. Such
models, particularly for security, relieve the pressure on existing security staff by providing expert, managed services and
simultaneously providing an architecturally compatible model for apps deployed on-premises and off, in public and
topping those being planned for deployment in the next year.
With a lack of available talent cited as problematic for both hybrid cloud implementations (23%) and overall security efforts
(34%), app services can help fill the skills gap that impedes innovation and business momentum. That’s likely why we
found that twenty-five percent (25%) of respondents preferred to deploy DDoS protection/mitigation as a service. Such
models, particularly for security, relieve the pressure on existing security staff by providing expert, managed services and
simultaneously providing an architecturally compatible model for apps deployed on-premises and off, in public and
colocation cloud environments.
With a growing number of app services supporting and securing the apps behind the digital economy, it was no surprise
to see a lot of growth in the use of automation and orchestration tools and frameworks most often associated with
DevOps. Many organizations have reached an operational tipping point. Throwing more people at the problem of scale
and speed is no longer an option. Diminishing returns is kicking in. Organizations are, therefore, turning to automation
and orchestration with great enthusiasm.
While DevOps remains low on the strategic radar, automation and orchestration are without a doubt growing in
importance and practical use across IT. All frameworks and tools saw increases in adoption, and subsequently we saw
significant growth in the importance all roles place on templates and APIs (programmability) year over year. Templates
saw the greatest growth, leaping from 22% who thought them important in 2016 to 52% in 2017. A similarly impressive
growth rate in the use of OpenStack may be the key to the sudden prominence of template-based programmability.
As to why respondents are embracing programmability with DevOps and SDN, the answer is not, as you might expect,
time to market. Consistently respondents tagged operational scale and costs as more important than getting out the
door faster. Except for those who admitted to being driven by a C-level mandate (6%) and the 2% whose bonuses relied
on upon adoption.
But before I wind up replicating the entire report, I’ll just close with the key findings for this year’s State of Application
Delivery report:
1. The need for app services is increasing.
Three-fourths of respondents have 10 or more services deployed–up from 60 percent who reported 10 or more
services in 2016. The average organization is planning 17 deployments in the next 12 months.
2. Cloud fu is important.
With one out of five respondents planning to have more than half of their applications in the cloud by 2017, and
four out of five adopting multi-cloud environments, organizations are expanding cloud computing deployments in
the face of a continuing gap in related skills.
3. Security services boost confidence.
Globally, organizations with the most confidence in their ability to withstand an attack have expanded beyond a
simple perimeter approach to security. Many plan to deploy DDoS mitigation, DNSSEC protection, and a web
application firewall in the next year.
4. DevOps has gone operational.
Scalability and operating expense reduction are the top two drivers for the interest in DevOps and programmability.
This scale is necessary to thrive in the digital economy.
More Inside and Yet to Come
There’s a lot more in the full report (you can get that right now, if you haven’t already) including a closer look at
automation and orchestration practices and DevOps perceptions, security insights into which app services have the
most impact on organizational security confidence, and where, exactly, organizations plan to deploy a variety of
enterprise applications. Spoiler alert: it’s definitely some kind of cloud.
And we’ll be following up with even more details and insights that go deeper into each of the key findings in the coming
weeks.
So grab the report and some coffee, kick back, and read on.
f5.com/SOAD
f5.com/SOAD
F5 Networks, Inc. | 401 Elliot Avenue West, Seattle, WA 98119 | 888-882-4447 | wwww.f5.com
F5 Networks, Inc.
Corporate Headquarters
[email protected]
F5 Networks
Asia-Pacific
[email protected]
F5 Networks Ltd.
Europe/Middle-East/Africa
[email protected]
F5 Networks
Japan K.K.
[email protected]
©2017F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5
trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no
endorsement or affiliation, express or implied, claimed by F5. CS04-00015 0113