3Com aims to lead in converged networking

CEO Bruce Claflin is more than ready to take on rivals after bagging security company TippingPoint and seeing the company's joint venture with Huawei take off.

newsmaker SINGAPORE--When 3Com CEO Bruce Claflin came onboard to helm the company in January 2001, the tech bubble had just burst. The networking equipment manufacturer was grappling with changing market conditions that saw it exit the high-end enterprise networking market and spin off its handheld business, then known as Palm Computing.

Under Claflin's charge in the last five years, 3Com has sprung back into the high-end market in a highly-profiled joint venture with leading Chinese networking supplier Huawei Technologies, and boosted its security offerings across its networking portfolio with the acquisition of TippingPoint.

Now that it has also made research and development (R&D) investments in voice over Internet Protocol (VoIP) technology, the company is gunning to assume a leadership position in the market for secure, converged networks.

Claflin shares with ZDNet Asia the motivations behind the joint venture with Huawei and the TippingPoint acquisition, and why he has gone on a hiring spree in China.

Early this year, you purchased TippingPoint for US$430 million. How does the acquisition tie in with 3Com's overall strategy?
The company's focus is exclusively on the enterprise, and we're building out what we believe would be a leadership position in secure, converged networks. To deliver on this promise, we've made several major investments.

In terms of products, we have the joint venture with Huawei. In security, we have TippingPoint. We have also made large, internal investments in VoIP in terms of R&D. Assuming that our products is robust and competitive, you then need an effective sales and marketing support capability to bring that to customers and we've been upgrading this as well. So we have four big bets to help us achieve our vision.

Just last month, 3Com unveiled new products that integrate TippingPoint's intrusion prevention system (IPS) with its networking equipment. Your competitors such as Alcatel, Nortel and Cisco have similar plans to integrate security with networking. What's your take on the reason for this trend?
If you think about the networks that we've all built over the last 20 years, all we've really done is to open up the packet, see where it's going to go, send it there and then confirm that it got there. But if you need to build security in, then you need to open that packet up and learn everything about it and compare what you've learnt to a set of filters and instructions so that you can determine as to whether or not this is good traffic or bad traffic.

Could it be potentially dangerous when you expose data packets to outside elements?
No, the way we've designed it such that it sits completely inside your network. And so if you think about TippingPoint does, it's an inline (IPS) system which sits right inside your own network.

Think of it as: Dirty traffic goes in and clean traffic goes out. That's what it does, and it looks at every packet, compares it to literally thousands of filters and instructions, determines that the packet is clean and sends it out. And it does that at line speed, which is what's really remarkable. You can build a security device that will inspect the packet but that slows the traffic down. Or you can build a fast device that doesn't really look much at the packet.

What we've been able to do is create deep packets that look at every packet that comes through, and (push them through) those filters and have no degradation on performance--that's what makes Tipping Point unique. And we're leveraging that technology broadly now throughout our product lines.

How does security play a part in delivering VoIP networks?
Today, most of the packets (delivered over networks) are data. In the future, most may be voice. The way security products work is (by being) agnostic--you can look at and clean a packet whether it's voice or data, and do it at line speed. This issue of line speed is fundamental to a converged world.

Again, let's go back to the data world. Let's say I sent you an e-mail, and a few packets get lost and reconstructed, and we lose 10 milliseconds. You and I won't even notice it. We couldn't tell. Let's say there's a bottleneck somewhere in the network and the first e-mail I send you gets there in five seconds and the next one gets there in 10, we don't care. But in a voice world, that's death.

The other thing that's different is in a data world, the vast majority of traffic is not mission critical--I send you that e-mail, odds are it's not critical to the enterprise. In the voice world, even if the traffic is not mission-critical, it has to have the same standards.

Let me give you a real-life example. We were deploying VoIP in our headquarters and I was making a phone call to my wife to tell her what time I was coming home. Midway through our conversation, the call got dropped. I was mad as hell and I called the CIO because my tolerance to losing a voice call was zero. In the data world, we have a different level of tolerance.

So if you want to build a converged network, it must be secure. It must operate at line speed and it must be 99.999 percent available. And that's easy to say but hard to do. These are the kinds of problems we're solving with technology.

In terms of maintaining or making available the quality of service and security for voice, could that be potentially costly for businesses to do in terms of maintenance and implementation?
Yes it could. The promise of convergence is compelling and exciting, but the risks, if you don't do it properly, are devastating. And CIOs understand this. They know they need to build converged networks, but they're not going to build it unless they know they have a secure environment. And the number and types of devices that are going to connect to the network are going to grow exponentially, and they're almost all going to be portable.

So you, as the CIO try to build a secure environment, but how do you keep it secure when thousands, if not millions of devices are popping in and out of your network everyday? This is a huge issue, and the only way you can do it is to build in a capability, which is this idea of deep-packet inspection, so that you can filter your traffic and make decisions about whether or not it should even be on your network, let alone how it should be handled.

In the secure networking computing space, your competitors are not sitting still either. Why would a customer choose you over, say, Cisco?
Think about competitors and two vectors. The first is how broad is their product line, from the low-end, which is the very niche and targeted, to high-end, which is very broad. Second, think about how open it is to an industry standard. Is it low, meaning it's proprietary or is it very open, like an industry standard? In that regard, we have an extremely broad product line, and we're completely open and interoperable. Cisco is proprietary and closed, with a broad product line. Everybody, with the exception of Cisco and 3Com, plays in a subset of the enterprise market. And the big difference between Cisco and us is that we're open and (operate based on) industry standards and they're proprietary. Let me give you some examples.

If you have a Cisco network, one of the real problems you'll have as CIO is that it is highly at risk of security attacks. It's a known fact that Cisco lost control of one of their source codes. It has been widely distributed, and that's probably why they sued Huawei…they thought Huawei might have seen it, they lost control. If you're a Cisco shop today, the best solution to protect your vulnerabilities is TippingPoint. TippingPoint works on 3Com networks, Cisco networks and Enterasys networks. That's what I mean by open standards. As another example, we sold some very large VoIP deployments last year. A vast majority of them are running on Cisco switches and routers. We don't care, we're agnostic. If you buy a Cisco voice solution, you'd better buy the handsets, and Cisco switches and Cisco routers, because they have a proprietary protocol that you have to use if you buy their technology.

Speaking of Huawei, the joint venture has been operating for a year and a half now, what has it wrought so far for 3Com?
We've been very encouraged by the progress we're making. In its first full year of operations, it did US$260 million in revenue. The vast majority of that came from China and it represented a substantial market share gain. The venture has allowed 3Com to substantially expand the product line that we sell. We have a full line of core switching products, a full line of routers, none of which we had before we did the venture.

And strategically, we're building a very large and talented pool of engineering talent in China that we'll be able to leverage over the years. In fact, if you look at 3Com in the Asia-Pacific including our joint venture, two years ago we had about 300 people here and now we have close to 3,000. We have almost 2,000 engineers in China alone right now. To give you a perspective, that's more engineers than three of our nearest competitors combined.

Our CFO came to me and said: "You know, if this slowdown is as deep and pervasive as we think it could be, we could be out of business in a year."

You came onboard in 2001 and during this time, 3Com has seen quite a few transitions. And in February this year, the company laid off 11 percent of the workforce. How did that happen and how did you cope with it?
Back when I first became CEO, it was an interesting time. If you look at 3Com in the late 90s, during the height of the bubble, there were all these companies that were enjoying these enormous market caps and profitability. Their stock was going through the roof and 3Com wasn't…3Com was struggling.

When I became CEO, that was literally the day (the tech bubble) was bursting. And I'll never forget when I'd been on the job for two weeks and our CFO came to me and said: "You know, if this slowdown is as deep and pervasive as we think it could be, we could be out of business in a year." And I was (shocked), because we had at that time a billion and a half dollars in cash. But he showed how quickly we could be out of business, if this was a deep and prolonged downturn, which it was.

And so, much of my first two years in the company was basically, shoring up the balance sheet, taking costs out, reducing headcount, selling assets, getting rid of all debt and building up a very strong and highly-liquid balance sheet. We were successful. We were able to get rid of all of our debt, and have about US$1.4 billion to US$1.5 billion in cash.

Roughly two years ago, we were convinced that the bubble bursting had largely reversed, and markets were improving. We were convinced that we had stabilized the business and we began to put the focus on growth and investment. And that's when we did the joint venture, and that's when we put our investment in VoIP, and now Tipping Point. And so the first two years of my tenure was essentially about surviving, and the most recent two years have been about thriving, investing and growing.

We've been nett-adding people for the last two years. Including our joint venture (with Huawei), 3Com has roughly over 4,000 people, and two years ago, we would have been 2,000.

So you're right, there are parts of the business that we've taken down, but (looking) at the aggregate, we've been growing substantially.

But one could argue that's because labor is China is cheap.
I wouldn't want to do this investment in China just for (it being) cheap. Cheap goes away quickly. There was a famous book written by Michael Porter, I think he called it Competitiveness Among Nations. Where you have the most competitive markets, you have the most competitive supplier base. China is becoming one of the most competitive markets in the world. I'm convinced that it will also be a place with some of the best suppliers, and so we're one of the first Western companies to really invest in R&D in China.

Everyone went there for low-cost manufacturing, but we're there for engineering talent. And I'm betting that the quality of engineering over time will be as good as any other market in the world. It isn't today, but I think it will be, and it has nothing to do with cost.