Secure Application Delivery for Service Providers: Considerations
Just as cloud computing means different things to different people, so does the term Service Provider (SP). For the purpose of this blog, I include Cloud Service Providers (CSP), Hosting providers (colocation and managed) as well as Telcos in the SP category.
I have met with many service providers (SP) in North America in the past few months. It is clear from our conversations that while secure delivery of services is one of the most critical elements for SPs to their end-customers; no less important is for the SP to deliver the services cost effectively. Cost effective delivery is a multi-faceted proposition and may include making it easy to offer differentiated services to customers to increase revenue while reducing cost of delivery, reducing upfront capital outlay and in general reducing overall IT cost through investment in DevOps practices, automation and self-service for end-customers as well as SP’s own IT staff.
With the increasing heft of a few large public cloud services (Amazon AWS, Microsoft Azure, Google Cloud Platform), and SaaS providers (like Salesforce, Google Apps, Microsoft Office365), SPs are seeking value-add service (VAS) offerings that are differentiated and strategic to increasing stickiness with customers. Simple commodity hosting (co-location, COTS application hosting) or managed services for customer premise equipment are easily transferrable to competing service providers and due to skilled resource requirements for the business, hard to expand and expensive to operate.
Many SPs now are actively capitalizing on enterprise interest and budget in adopting cloud platforms to reduce IT expenses and improving agility in IT practices. The new models that SPs are beginning to offer span public, private cloud, and enterprise datacenters and include automation and self-service.
Below are a few of the areas that SPs should consider when looking to differentiate themselves in the rapidly evolving world of managed services:
- Security: Security is a blocker for customers’ move to cloud-based deployment. SPs should be concerned with ensuring security through multi-tenant isolation between tenants. The recent ransomware attacks also highlights the need to secure against denial of service and application attacks.
- High Availability: The shift to on-demand services requires a network with 99.999% availability across clouds. Since customers do not want lock-in with one cloud provider, SP offering should allow for delivery across multi-cloud and hybrid cloud and on-premise deployment.
- Scale: SPs need to be able to onboard tenants, provision services and scale services quickly while ensuring security and availability SLAs. With self-service, cloud bursting and security value-add, SPs are looking to add value to large public cloud platforms to build value-add cloud offerings in order to distinguish themselves from low cost, commodity public cloud.
- Multi-tenancy and RBAC: In an environment where tenants may share the resources, a wrong configuration change of a single tenant may affect other tenants – severely affecting an application’s SLA and availability. Thus, SPs need solutions to separate individual customer environments as well as support role-based access control RBAC) that defines access to various services in a tenant environment.
- Automation: In addition to architecturally separating tenant instances using multi-tenant architecture, it is also important in terms of administration to have the necessary tools to automate error-prone tasks. Automation may include capabilities to offer self-service apps and tools as well as integration with orchestration tools that a customer/tenant may be using.
- Value-add services: Ease of showing value of additional offering (Big-Data Analytics, Perimeter Security, Client Acceleration, Application Security, Multi-Cloud support) and then being able to quickly provision these services not only differentiate but also adding to the revenue.
- Site license: In order to reduce upfront investments while making it feasible for SPs to cost-effectively sustain a large number of small tenants, SPs should consider a consumption-based site license that may be split across tenants and customers.
- Private label – dashboard, monitoring and configuration: SPs that want to get up and running without significant upfront investment need to look at private labeled offerings that may include onboarding, configuration, dashboards and analytics for tenant services as well as a way of test-driving and enabling value-add services.
- API support: SPs should also expect that their solutions need to integrate with other products in a customers’ network, so programmability through APIs, out-of-the-box support for automation and templates to achieve self-service is critical.
Cloud and hosting providers can differentiate themselves and create additional revenue stream by offering advanced services that address customers’ need for secure application delivery while overcoming challenges associated with simple hosting. The benefits include secure and highly available application hosting, scalability, infrastructure protection and various attack mitigation methods.
For additional details: