If you follow network and telecom industry news in the U.S., most of what you hear about Huawei, the Chinese maker of IT infrastructure equipment, is negative. Articles have detailed how various governments and private entities worldwide have placed restrictions on Chinese infrastructure technology in general or on Huawei in particular. The claims against Huawei range from it being a quasi-private extension of China's army to an intellectual property thief to a maker of poor-quality products.
What you rarely hear is that the 25-year-old company is the world's second-largest producer of telecom gear, generating $35.5 billion in revenue worldwide last year. Its main markets outside of China are Africa, Latin America and the Middle East, where its value proposition is to offer solid, low-cost infrastructure equipment. Almost three-fourths of its revenue comes from telecom gear, about 22% from consumer phone handsets and 5% from enterprise IT.
The negative rhetoric is so damning that it seems inconsistent with Huawei's success. Could a company with annual revenue of more than $35 billion, most of it from outside of China, be run or influenced by shadowy military figures? Would the presence of Huawei on the world stage as a respected provider of complex and critical technology be worth as much or more to the Chinese government than what could be stolen through cyber espionage performed on the back of Huawei products?
Yet it's true that Huawei's founder, Ren Zhengfei, was a major in the Chinese army, where he served with distinction, and there can be no doubt that his military experience and connections helped the company's initial success in China. And Huawei and the Chinese government haven't provided enough transparency to prove it's an independent company.
Many governments are unconvinced that the security of Huawei's products can be trusted. India, Australia, the U.S. and others have worked to ban Huawei and ZTE (a smaller, more obviously state-owned company that deals in telco equipment and handsets) from national core networks.
One key problem is understanding just who owns and controls Huawei and ZTE. The opacity around control led the U.S. House Intelligence Committee to offer edicts such as this: "Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems." The IC didn't find any wrongdoing, but it also didn't get much cooperation from Huawei. Huawei has criticized the committee for not adequately considering information it did provide.
If you're looking for a smoking gun -- either a provable case where "back doors" in Chinese networking gear have led to pilfered intellectual property, or an outage created through misappropriated command and control of the network gear -- you won't find one. Nor was it ever likely that you would. If intentional back doors exist, cybersecurity experts agree they would be made to look like poor programming.
The problem with such planned weaknesses is that they would be there for anyone to use. And a lot of this gear goes into the networks of countries that are better friends with China than they are with the U.S. So exactly how well would such back doors serve Chinese interests? Now, if the U.S. were to find different firmware in Huawei or ZTE equipment destined for Chinese markets or those of its friends than what's intended for other networks, that would amount to a smoking gun. At least it would be cause for even more vehement statements and restrictions than are in place today.
The U.S. restrictions have been so effective that Huawei management declared in late April that it was no longer interested in the U.S. market. It later clarified that it was no longer interested in the U.S. carrier market, but it would still aggressively pursue the U.S. enterprise and consumer markets.
Huawei offers enterprise products in networking, unified communications, IT infrastructure (server and storage) and security. The company is now bulking up its sales channels. It's a logical approach, but the enterprise market won't be easy pickings for Huawei.
Concerns Beyond Security
While IT buyers would have to reconcile cybersecurity concerns before they would buy Huawei equipment, there's far more to the story than that. There's the usual job of deciding if the company actually has products and services that meet enterprise needs, and our data suggests Huawei has a challenge in the U.S. on that front, too.
In our recent survey about Huawei, we asked a question that we've asked in a range of company and product-category assessments. In this survey as with our others, IT buyers say they value product reliability and performance most highly, followed by cost of operation and quality of postsales support. In Huawei's case, potential customers don't perceive its products very well against those criteria, rating them a 3.2 on reliability and 3.4 on performance on a scale of 1 to 5, where 5 is excellent. On postsales support, potential customers rated Huawei a 3. In a previous survey we conducted on data center networking providers, customers rated Cisco between 3.9 and 4.3 on reliability, performance and postsales support. Cisco's lowest score was a 3.2, on acquisition cost. Huawei scored below 3.5 on all categories except acquisition cost, where it was given a 3.9.
There are ways Huawei could improve both its customer support and transparency, and the most important would be to change how it handles bug acknowledgements and fixes. Historically, the company hasn't provided a way for customers to know that a bug has been acknowledged and fixed. So when software updates are issued, there's no easy way for customers to confirm that Huawei fixed what it said it would and didn't introduce any new bugs -- or back doors, depending on how you want to look at it.
The company has suggested that it will submit its products to rigorous testing. That's not a bad first step, but without full transparency for software updates, bugs or back doors could be introduced after testing.
The conclusion from our data is that Huawei faces a one-two punch as it tries to expand into established markets.
The most obvious strike against it is the political, military and commercial dance that goes on between the U.S. and China in the realm of cyber espionage, as that will continue to make U.S. customers squeamish when considering more strategic data communications products from Chinese companies. One-third of companies in our survey call those concerns a deal breaker, and another 37% call it a major concern.
But another very important factor is that Huawei is seen as a low-cost alternative for enterprise networking gear, and that approach has never been successful in the U.S. And the leap from telecom carriers to enterprise IT is larger than it appears. Look at it this way: If it has taken Juniper two decades to work its way into being considered a reasonable enterprise-class networking alternative to Cisco, and Nortel, Alcatel and others have never had much success, what are Huawei's chances considering its baggage?
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.