Cloud Computing or Lipstick on a Pig?

Since the introduction of the term, "cloud computing," we have seen many different definitions of the term and explanations of what it is.  Orange Business live has had several posts on the subject.  Once you've read cloud computing ... as explained to my grandparents and Cloud computing - a definition, you will have a good sense of what cloud computing is.  The term's many definitions have made it an easy target for abuse.  Well, you can put the "cloud" moniker (lipstick) on a legacy service (pig) but it's still a legacy service.

So how do you know if you are looking at a true cloud service?  The National Institute of Standards and Technology identifies five essential characteristics of cloud computing: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.  These provide a good basis for evaluating whether or not a service is a true cloud service.

Let's look at a comparison of two similar services that can both reside "in the cloud," yet one is not a cloud computing service.  Orange Business offers two web security services, Managed Web Security (MWS) and Web Protection Suite (WPS).  Both perform essentially the same functions.  Both services allow for web requests to be redirected to the service from anywhere to any one of several sites that will filter and scan the traffic.  Both services can be contained outside of the customer's facilities, accessible via the WAN or Internet, thus being "in the cloud."

Despite the similarities, if we consider the five essential characteristics, we find considerable differences.  MWS is a fully vendor-managed solution.  All changes are done via a change request.  It is not on-demand, self-service.  Broad network access is a feature of the service, but each site that can deliver the service incurs additional cost.  The web security appliance used in MWS is dedicated to a single customer.  It does not pool resources.  Scaling the capacity of the service may require the replacement of an appliance with a more powerful model so rapid elasticity is not always possible.  It is a measured service in the sense that resource usage is monitored, but using those measures to control resource use is done by the vendor, not automatically.  So, while MWS has some characteristics of a cloud service, it cannot be considered a true cloud service.  This does in any way detract from the fact that it is an excellent, very effective service.  It simply means that it is not a cloud computing service.  In fact, the same characteristics that make it not a cloud service are specifically required by some customers.

We see a very different picture with WPS.  Changes are done in a secure web portal directly by the customer, on-demand, self-service.  Broad network access is available to over 15 data centers across the globe and it costs the same whether you access only one or all 15.  It is a multi-tenent service, pooling resources amongst many customers.  As demand increases, resources are automatically allocated without human intervention.  WPS is indeed a true cloud service, as it meets all five of the essential characteristics.

So, we see a clear distinction between two similar services, one being a cloud computing service and one that is not.  However, there are many legacy services that vendors have put lipstick on to make them sound like cloud computing.  I am not such a purist that I'd reject any service as cloud computing that does not meet all five essential characteristics.  If a service meets four of the five, I may accept that as a cloud service.  Or maybe it's time to coin a new term.   Sort-of-cloud computing, almost-cloud computing, pretty-much cloud computing, or close-enough cloud computing come to mind.  Which is your preference (or do you have a better one)?

Eliot Leibowitz

Eliot is an experienced information security expert with over thirty years of experience in the design and implementation of information security systems. He has gained knowledge and experience in a wide range of technologies, which have enabled him to provide true end-to-end data communications consultancy. Eliot has had extensive exposure to global internetworking environments including fortune 500 companies in the financial, pharmaceutical, air transport, hotel, chemical, food processing, manufacturing, and consulting services industries. He has been involved in many aspects of global projects, ranging from training end-users to designing and implementing portions of organizations’ global internetwork infrastructure.