Cloud Services To The Rescue - Next Generation Cloud Technology Helps ServiceProviders Compete In Business Broadband For SME And Distributed Enterpriseby Paul Sidorenko, JD, September, 2011Presented at the Broadband World Forum in Paris, at“Evolving Business Models - Gaining StrategicAdvantages with Cloud Based Enterprise Services” 28 September, 12 PM, Darwin 5 Room.The ripple effects from recent global financial turmoil has confronted network service providerswith a host of short term macroeconomic assaults: broadband customers are going out ofbusiness, economic and regulatory uncertainty makes strategic planning difficult and increasedcompetition from upstart newcomers targets your bottom line. However, the long term challengefor providers of business broadband services remains the same: price erosion andcommoditization of broadband services. As broadband has shifted from being a technologicalbreakthrough to a price driven commodity, service providers have been facing a “race to thebottom” on pricing, impacting revenues, share price and overall financial performance. Intoday’s challenging market, customers, particularly those in the most price sensitive segments -SMEs and distributed enterprises - are much more likely to select their business broadbandservice from the lowest cost provider with little or no regard for brand loyalty or their length ofrelationship with their current provider. Even when these customers stay, they often demandfinancial incentives and discounts to stay with their current service provider. These challengeswill persist regardless of short term macroeconomic conditions - they are a natural consequenceof the maturation of the business broadband market.This trend has prompted some service providers to shift from market innovation to mergers andacquisitions as one way to add scale and drive growth. However, as acquisitions rarely achievetheir anticipated financial results, virtually all network service providers have focused on datacenters and the cloud as primary growth strategy to both enhance their core broadband offeringsand to create new revenue streams. For the SME and distributed enterprise market, this focus hasbeen on network security and infrastructure management services. While cloud servicesrepresent one of the most significant market opportunities to profitably deliver these services,executing effectively can be an elusive goal if the pain points, decision drivers and technologiesrequired to deliver the services profitably are not carefully considered. While the first two aregenerally, understood, the main challenge with implementing an effective cloud strategy is thetechnology used to deliver these services. Simply stated: traditional technologies for enhancingbroadband with Value Added Services are too complex, too expensive and not scaleable enoughto efficiently and profitably deliver these services. With the next generation of cloud servicetechnologies driving new efficiencies, a paradigm shift has been created where efficiently andprofitably delivering cloud services are now within reach for savvy service providers. Bystrategically employing these new technologies, they can avoid the “race to the bottom” byoffering their customers a truly differentiated broadband offering - not a commodity, but anindispensable and strategic business asset for their customer. Those that succeed will preservetheir competitive edge, increase market share, reduce customer churn and maximize average lineARPU. Those that fail to heed the market demands, do so at their peril.
Knowing Your Market - Cloud Services for SME and Distributed EnterpriseTo understand what an effective cloud strategy must deliver, it is first important to understand thepain points and decision drivers of the SME and distributed enterprise market when it comes tomanaging and securing their business networks. As smaller and highly distributed businessesincreasingly rely on the web to run applications and move information between their offices,tele-workers, travelers, trading partners and mobile users, they also face greater challenges withmanaging and justifying the cost of infrastructure required to accomplish these tasks.Maintaining disparate network, hardware, software elements are complex and the costs tomaintain, secure and manage mission critical network environments are high. While theseconcerns are not unique to SME and distributed enterprise, they are particularly relevant to thismarket segment because their reliance on cost efficiency makes them particularly sensitive to theresource commitments required to manage them properly. This is a global problem for all SME– there is no one particular geography or vertical market that is not effected.While it is not surprising that smaller businesses have to manage with less resources, it is in therealm of IT infrastructure that these companies are most typically understaffed. As a result, theiroffices and locations typically lack the expertise to manage IT infrastructure properly. However,even as they lack the expertise to manage these assets, they increasingly rely on the Internet tocommunicate, conduct commercial transactions, and interact with their customers, partners andsuppliers. They are sharing and exposing more data over the public Internet than ever before.This cycle exposes them to an ever increasing level of business risk by the very Internet theyembrace as the life blood of their commercial enterprise. Unlike larger enterprises, SMEs do notset aside capital expenses for network infrastructure in a structured manner and cannot amortizethe costs of that infrastructure across the enterprise as effectively as larger companies. Withefficient deployment of cloud services, the network service provider supplying businessbroadband to this customer is in the best position to deliver these services. Addressing these painpoints will differentiate that service and attract and retain these business broadband customers.Critical Success Factors for Cloud Security and Infrastructure ServicesWith financial, technological and resource limitations, SME and distributed enterprise customersrequire robust solutions that solve their problems but can be efficiently and profitably deliveredby the service provider. Because they typically have no IT support, the services must be highlyautomated. Because they typically have limited IT expertise, the services must be pre-integrated,comprehensive and easy to manage. Traditional methods of delivering these services - even so-called cloud services that are only backed up by a data center, fall far short of the mark when itcomes to efficient and profitable service delivery - cannot succeed without the critical successfactors that are embraced by the the new generation of true cloud services.At a high level, the most critical characteristics of true cloud services are ease of implementationand use, elasticity and scaleability. However, as one considers the real world of customerimplementation and service delivery, two critical success factors of a differentiated cloud
architecture become paramount: the ability to be flexible in implementation so that disparatecustomer requirements and environments can be accommodated and the ability to deliver theseservices in a unified and centralized manner. Service requests must have the ability to be madefrom any browser, including mobile devices. It is this lightweight, service-oriented approach thatis the hallmark of cloud computing.By employing these critical success factors, service providers looking to take tap into this largeand lucrative market will be able to deliver high volume security services efficiently andprofitably. The reason is simple: by leveraging the shared infrastructure and highly distributednature of cloud-based service delivery, all these benefits can be delivered on demand at a fractionof the cost of traditional managed services or traditional appliance-based, on premises solutions.Essential Attributes of the Cloud ModelThe following characteristics should be considered essential when implementing any cloud-based security solution: Flexible Service Delivery InfrastructureAn efficient cloud services architecture can take advantage of a wide range of service deliveryoptions in order to simplify service delivery while minimizing its cost. To reduce servicedelivery costs and increase scaleability, cloud service providers at the forefront of the technologycurve maintain the ability to provide hybrid cloud services to either manage a gateway at thecustomer premise or entirely in the cloud and deliver it as a single, integrated service. Theseproviders accomplish this by leveraging their shared back end systems with on-site hardwarethat sits at the customer’s premises in a distributed delivery model. By employing the on sitesystems to manage local processing capabilities and management tasks while the back endshared infrastructure provides software and firmware updates, systems management andmonitoring, an extraordinary level of service delivery can be achieved at minimal cost.Conversely, by offering up virtualization combined with remote access capabilities, cloudservices can be delivered to any user in any location regardless of the local IT infrastructure. End to End Service Delivery CapabilityThe scope of any cloud-based security service must encompass much more than just the basicsecurity elements - it must provide an integrated platform covering the entire networkinfrastructure requirement, including Unified Security, Remote Monitoring, Service Automationand Infrastructure Management.Any effective cloud security service must also possess tight integration with other infrastructurecomponents as a unified network management solution – this is essential. This can includeinfrastructure components including wireless LAN management, integrated switching, loadbalancing, router management, remote access and managed NAT/PAT, LAN DHCP, and WANQoS – these services must also be manageable from the Cloud.
Another key attribute of of a comprehensive cloud services platform is efficient service deliverythrough the integration & automation of the customer lifecycle. This includes integratedordering, work-in-process management, configuration & post installation support capabilitiesand help desk that are all necessary to ensure service delivery is seamless and cost effective.Customer’s must have the ability to self-service.Another key element to efficient end to end service delivery is the ability to remotely monitorand manage delivery systems and applications, including the reporting and proactive notificationsystems to ensure that services are performing optimally. These capabilities must offer the enduser both visibility & control of their environment. Automated Configuration and ManagementThe benefits of a true cloud service model go well beyond leveraging shared infrastructure. Anessential characteristic of a true cloud service includes a high level of automation, pre-integrationand ongoing system intervention that keeps things running without active user management.This can include automated provisioning templates, system-activated maintenance protocols,proactive network monitoring and implementing “keep alive” technologies that maintain systemperformance and guarantee up time. Maintaining such a persistent “self healing” environmentwithout user intervention enables the centralized cloud based asset to deliver tangible costsavings for both the service provider and the end user customer. Putting this intelligence in thecloud enhances the efficiencies of the shared back end infrastructure with an end-to-end servicedelivery wrap that truly leverages the power of the cloud and delivers a truly differentiatedservice. Centralized Management CapabilityThe next logical step after implementing a highly efficient and automated service deliveryarchitecture is delivering a centralized management environment that is easy to use. Becausecloud-based systems can aggregate and pre-integrate numerous security and infrastructureservices more efficiently, it follows that the management of these services should also beintegrated. This approach simply makes sense for a variety of reasons:• Deployment and provisioning is faster. IT administrators can pre-set deployment andprovisioning templates (if available) and manage deployment in a centralized manner, saving onsite configuration time and headaches.• Policy management is simpler. IT managers must manage security policies (e.g., whattypes of content is allowed to reach end users, what groups are allowed to view certain types ofcontent, what computers/locations may connect with other computers/locations, etc.). If securityis managed through a single interface, policy management is simpler than if administrators mustmanage policies through multiple interfaces.• It is easier to provision new users. If a new user can be added to the system andprovisioned through a single interface, administrators’ jobs are made easier. Similarly, it is easier
and more efficient to manage existing users when policies need to be updated, or if a user isassigned a new role and their profile must be updated.• More granular control is available. Management through a single interface can providemore granular control over policies than if multiple interfaces and systems must be managed.Similarly, system monitoring and reporting functions can be more accurately managed whendone through a single interface.• Content is managed in one repository. Managing content in a single repository can makelife easier for administrators than if separate repositories must be managed.• Overall costs are lower. When multiple products or functions are procured from a singlevendor, there are synergies that can be realized if security is sourced and managed in acoordinated fashion, reducing the overall cost of managing the infrastructure.• Coordinated management can provide a better roadmap for future services. Coordinatedmanagement can position an organization for easier and faster provisioning of future services asthese become available. For example, a customer of security functions from a single vendor canimplement an email and network policy more easily than if the policy must be implemented inmultiple vendors’ security systems. Multi-TenancyThe most significant aspect of a true cloud model is multi-tenancy. Multi-tenancy remains thecharacteristic that delivers the greatest economic advantage. Multi-tenancy is an architecture inwhich a single instance of a software application serves multiple customers (tenants). Tenantsmay be given the ability to customize some parts of the application, such as the view, login ormanagement permissions in the user interface, but they cannot customize the applications code.Multi-tenancy is the fundamental basis for the improved economics of cloud services becausesoftware development and maintenance costs are shared across the customer base. It can becontrasted with single-tenancy, an architecture in which each customer has their own version ofthe software and updates must be proactively managed by the customer. With a multi-tenancyarchitecture, the provider only has to make updates once and that change propagates out to allusers immediately. With a single-tenancy architecture, the provider has to touch multipleinstances of the software in order to make updates.Unique Challenges for the Service ProviderService Providers have traditionally struggled with delivering affordable managed services intothe small business segment yet recognize that cloud services are the way to bridge theaffordability gap for this underserved market segment. One key attribute to building a successfulcloud services offering into this market segment is to cover all of their customer constituentswithin a single unified solution all managed from the same portal. Hardware must be managedfrom the cloud for corporate & larger branch office locations while virtual gateways residing inthe cloud must be leveraged for smaller branch offices, home workers & telecommuters.
Mobility management must be fully integrated into this environment to manage mobile users thatrequire security and access to corporate resources in the cloud or at corporate locations.ConclusionIn an era of shrinking IT budgets and rapid technological evolution, business customers arelooking to manage their network security as inexpensively as possible and are quick to embracenew technologies that can drive their security costs down. These challenges make decisions onhow to approach this market extremely important to the service providers that service smallbusiness customers. The highly distributed nature of these customers and their limited ITbudgets require that service delivery costs and logistics be minimized and simplified,respectively, if cloud-based services are to be delivered in an efficient and profitable manner.Moreover, the constantly evolving technologies leveraged to deliver cloud services make thechoice of technologies and service delivery partners a critical one for service providers.Service providers looking to leverage cloud technologies to deliver services profitably mustmake some careful decisions up front in order to avoid expensive and irreversible pitfalls. Byleveraging the efficiencies of automation, shared infrastructure and pre-integration, a serviceprovider can deliver security and network infrastructure at low, predictable costs. By leveragingcentralized service delivery, management and virtualization of network infrastructure, the serviceprovider can deliver a lower cost security solution in every respect as compared to on-premise,traditionally managed or multi-vendor counterparts with much more predictable service andownership costs – particularly with regard to minimizing start up and integration costs. Finally,service providers need to consider the option that gets them to market quickly and profitably.In selecting the correct path, service providers also need to consider the practical aspects ofcustomer use cases and implementation. These include the ability to be flexible inimplementation to accommodate customer requirements and delivering these services in aunified and centralized manner. Above all, the following critical success factors must beemployed in any coherent cloud services strategy:• A multi-tenancy architecture that delivers the greatest economic advantage;• A flexible service delivery architecture;• A configuration and management system that includes a high level of automation, pre- integration and ongoing system intervention;• A centralized management environment that is easy to use;• An end to end service delivery capability that is tightly integrated with other service delivery and infrastructure components