FRAMINGHAM, Mass. — The two primary forms of public cloud computing, Infrastructure-as-a-Service (IaaS) and Software-as-a-Service (SaaS), are both growing dramatically in popularity. Over the last few years, the primary focus of the IaaS providers has been on offering the basic compute and storage resources required to run applications.
The primary focus of SaaS providers has been on offering enterprise applications such as CRM (customer relationship management) and ERP (enterprise resource planning), as well as on offering communications and collaboration solutions.
Recently, cloud service providers have begun offering a new class of solutions, which have historically been provided by the IT infrastructure group. In addition to the communications and collaboration, this includes network and application optimization, security, management and virtualized desktops.
We’re calling this new class of solutions Cloud Networking Services (CNS). The introduction of CNS presents the IT infrastructure group with a new challenge. That challenge is to determine which of the traditional IT services it should continue to provide itself, which ones it should acquire from a CNS provider and which should be provided as a hybrid solution.
CNS as Infrastructure Solutions
One could argue that at least some CNS solutions fall into the SaaS category and that some others are IaaS. While technology is one way to classify CNS solutions, a more compelling way is to look at how the typical IT organization is structured.
Most IT organizations have an applications organization whose primary role is to develop, acquire and maintain enterprise applications such as CRM, ERP and supply chain management.
Most IT organizations also have an infrastructure organization whose primary role is to provide, manage, secure and optimize the networks and servers that support these apps.
In almost all cases, services such as voice, collaboration, disaster recovery, management, security, optimization and virtual desktops are provided by the infrastructure organization – not the applications organization.
Based on the way that IT organizations are typically structured, CNS solutions should be considered to be the next wave of IaaS solutions.
Evaluating CNS solutions
As part of evaluating these solutions, IT organizations need to determine if the solution has eliminated, or at least minimized, the negative aspects of a public cloud solution.
Concerns about security are the primary impediment to the adoption of public cloud. Thus, evaluating the security of the CNS provider’s facilities is a critical component of evaluating a CNS solution.
As part of that evaluation, IT organizations need to determine whether the cloud provider’s implementation of a multi-tenant environment has compromised security. For example, IT organizations need to determine if the service provider can enable the IT organization to maintain compliance with the necessary corporate and regulatory standards while still leveraging the shared infrastructure model’s cost benefits and improved operational efficiency.
However, just as important is whether the solution actually provides the benefits that drive IT organizations to use public cloud computing solutions. The primary benefit of using a public cloud computing solution is lower cost.
The cost information provided by the service provider should give the IT organization all the information it needs to determine whether or not the CNS provides a compelling cost advantage.
The second most important benefit is being able to reduce the time it takes to deploy new functionality. One way for an IT organization to evaluate the agility of a cloud service provider is to identify the degree to which the vendor has virtualized their entire data centre infrastructure.
For example, have they implemented virtual networking functionality such as that provided by Vyatta [an open source network operating system]? Virtualization is important because a virtual infrastructure is notably easier to initialize, scale and migrate than a physical infrastructure is.
IT organizations have expressed more interest in VoIP and unified communications (UC) than they have in any other form of CNS, according to our research. For example, Fonality is a company that is focused on small to midsized businesses and has already delivered more than 2 billion phone calls across the cloud.
While having numerous providers can result in benefits to consumers, it also creates some challenges. These challenges include the fact that providers tend to use different names for their services, have notably different business models and offer a very wide range of functionality – everything from basic telephony to call center support to HD voice.
The primary role of a CNS that offers network and application optimization is to provide functionality similar to what is provided by premise based WAN optimization controllers. Denver-based Virtela is an example of a CNS provider that offers optimization as well as other services, including security and management.
There are three distinct use cases for this class of CNS. As with any CNS, one use case is that the CNS provides all of the promised benefits of public cloud computing. The second use case is that the utilization of this class of CNS enables an IT organization to optimize the performance of applications delivered to mobile users without having to deploy software on each mobile device. The third use case is that this class of CNS enables an IT organization to optimize the performance of other services obtained from a service provider, such as VoIP or desktop virtualization.
IBM’s recent X-Force 2010 Trend and Risk Report documents a 27 per cent increase in security vulnerabilities in 2010 vs. 2009 and stated that “Web applications accounted for nearly half of vulnerabilities disclosed in 2010.”
Given the risks associated with Web based applications, a key focus area for a security oriented CNS is to provide sophisticated Web content filtering and granular policy control that leverage dynamic rating algorithms and can accurately identify and categorize web content in real time.
Another important security concern is the rapid growth of malware. For example, a recent report from Cisco Systems Inc. identified almost 290,000 unique instances of malware on the Web in June 2011. That’s almost triple the number of unique instances of malware that Cisco found on the Web in March 2011 (105,536).
To protect against malware, a CNS should be able to identify sites or content that are either suspicious or are known to distribute malware. In order to be effective, a CNS that provides Web content filtering or malware protection needs a source of intellectual capital, such as Blue Coat’s WebPulse service, that identifies known and suspected vulnerabilities. Ideally the CNS also offers comprehensive anti-virus scanning for additional protection from any form of malware that is contained in file attachments.
Because of the breadth of what is meant by network management, it is possible to find management-focused CNSs that provide a wide range of functionality. For example, Virtela manages security products such as IPSs and firewalls. Meraki Inc. of San Fransicso manages basic networking functionality, such as routers. When evaluating any of these solutions, IT organizations need to determine how wide a range of vendor’s products the solution can manage and how much expertise the vendor has with those products.
According to the IBM report, most IT professionals view the data stored on mobile devices and how that data can be misused or lost as a serious security threat.
That view creates a marketplace opportunity for a CNS, such as the one provided by Virtela, that provides mobile device management. The need for such a service is reinforced by a recent report that concluded that many IT organizations are struggling to support the growth in mobile employees.
In contrast to popular types of cloud-based functionality such as VoIP, security and management, desktop virtualization is a topic that has received a lot of attention in the trade press, but has not been widely implemented.
Our market research data indicates that there is not much interest in a CNS, such as the one provided by Dell Inc., that offers desktop virtualization functionality. However, that could change over time.
Over the last few years, IT organizations have begun to broadly adopt SaaS and IaaS solutions and numerous market research reports indicate that the adoption of these solutions will increase significantly over the foreseeable future. However, with the exception of communications and collaboration, to date the SaaS solutions that have been adopted have largely been enterprise business applications such as CRM or ERP and the IaaS solutions that have been adopted have been basic compute and storage.
The research contained in our report indicates that the market is potentially approaching a fundamental shift in terms of how IT services are provided. The research indicates that IT organizations have a strong interest in obtaining many traditional IT services from a cloud vendor.
When evaluating these CNS solutions, the bare minimum that an IT organization needs to understand is the functionality that it provides. However, since CNS is another form of public cloud computing, IT organizations also need to determine if the CNS solution delivers on the promised benefits of public cloud computing while also eliminating, or at least minimizing, the negative aspects.
(From Network World U.S. Metzler is vice president at Ashton, Metzler & Associates, Sanibel, Fla.-based IT consultancy. He can be reached at firstname.lastname@example.org)