WHITE PAPER

CLOUD
THE ESSENTIAL BUYER’S GUIDE

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

©2015 Internap Corporation. All rights reserved. Internap and P-NAP are registered trademarks of Internap.
All other trademarks and brands are the property of their respective owners.
WHITE PAPER

Table of Contents

Introduction 1

Public Cloud Delivery Models 1

Key Considerations for Cloud Solutions 2

Scalability and Performance 2

Network 4

Cloud Storage 5

On-Demand, Self Service 5

Managed Services 6

Other “as-a-Service” Considerations 7

Security and Compliance 7

Cost 8

Open Source Cloud 9

Conclusion 9

Public Cloud Checklist 10

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

Introduction
When evaluating cloud solutions, how do you determine which one will best meet your requirements? Whether your
business is a startup developing cloud-native applications or a mature organization looking to adopt cloud while
leveraging legacy infrastructure, cloud can offer benefits in terms of performance, scalability and efficiency.

An understanding of your use case requirements, along with research and planning, will help avoid some common
cloud mistakes. Many organizations experience problems with scale, performance, cost control, vendor lock-in and
unsuccessful cloud migrations. By considering your current and future needs, your cloud solution can effectively evolve
to support the changing needs of your business.

The key considerations outlined in this white paper can help avoid these pain points, and provide guidance for decision
makers through the process of evaluating different cloud options. While there are many different types of cloud delivery
models, this white paper will focus on public cloud Infrastructure-as-a-Service (IaaS), including virtual and bare-metal
cloud solutions.

Public Cloud Delivery Models

Regardless of which type of cloud solution you choose, it must meet the fundamental criteria outlined by the National
Institute of Standards and Technology (NIST), U.S. Department of Commerce. By definition, a true cloud includes these
five characteristics:

• On-demand Self-service

• Broad Network Access

• Resource Pooling

• Rapid Elasticity

• Measured Service

VIRTUAL PUBLIC CLOUD IAAS

The most widely adopted cloud type is public cloud IaaS, where virtualized resources can be instantly provisioned
by users via an online portal. As a multi-tenant option, public cloud is typically the most accessible, cost-effective
cloud delivery model because it allows users to access cloud computing on a pay-as-you-go basis with no up-front
investment required.

BARE-METAL CLOUD

A second type of public cloud IaaS is bare-metal cloud, which refers to a network of bare-metal servers that can be
instantly provisioned in the same way as the virtualized resources described above. However, bare-metal servers are
not virtualized and do not include a hypervisor, which means 100% of the resource is dedicated to a single tenant.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

Bare metal is a good option for performance-sensitive or data-intensive workloads that require high disk I/O and
processing power in order to achieve optimal performance.

Key Considerations for Cloud Solutions

Whether your motivations for exploring cloud are based on scalability, efficiency, cost or other needs, consider these
factors before deploying a solution.

Scalability and Performance

Scalability and performance go hand in hand, and one should not be considered without the other. Cloud can offer
tremendous benefits in these areas and give your infrastructure the ability to handle web-scale events, traffic surges
and other viral phenomena without compromising the end-user experience.

SCALABILITY

The ability to scale refers to the number of transactions or requests that can be processed within a defined timeframe.
As one of the main benefits of cloud, scalability helps align your infrastructure with the changing needs of your
business. It allows you to accommodate expansion in the form of increased transaction volume, number of users, etc.
while still maintaining the capabilities of your application.

Several factors affect scalability of cloud solutions, including elasticity, automation and orchestration and
adequate capacity.

• Rapid Elasticity - This refers to the ability to provision resources as needed to accommodate additional
demand in service, such as a sudden traffic spike or increase in transaction volume. After the need is fulfilled,
the resources can be released to return to the previous baseline. A clear understanding of your baseline usage
is important when moving to cloud so that you can make key scaling decisions manually or automatically based
on these metrics and avoid costly over-provisioning of unused resources.

• Automation and Orchestration - The cloud provides a self-service interface to quickly provision compute
and storage resources. However, many tools exist to automate the deployment of infrastructure in response
to changes in application usage, such as CPU thresholds, traffic throughput or I/O transactions. For example,
DevOps-oriented tools, such as cloud API (Application Program Interface) integration and configuration
management, can help automate the provisioning of large numbers of servers and install the needed software
to rapidly achieve large scale - potentially to thousands of servers - in a short period of time.

• Adequate Capacity - If the ability to scale into specific geographic regions is important to your business,
make sure the cloud provider offers adequate server capacity in those regions.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

PERFORMANCE

In terms of cloud hosting, performance refers to how quickly the infrastructure environment can process a single
transaction or request. Ensuring that a cloud solution will provide the degree of performance required by your
application or workload requires a holistic view of your infrastructure. Several factors must be considered, such as
compute, storage, network and other unique aspects that influence performance within your environment.

• Compute - Based on your requirements, determine the CPU to RAM ratio needed for your application cluster
and make sure this is available from the cloud provider.

• Storage - Cloud implementations can include local volume storage or SAN-backed storage. Depending on
the type available from your provider, there may be IOPS requirements for disk access and database usage.
Some providers offer high-capacity, low-performance SATA disks or high-performance low-capacity SSDs.
Based on your requirements, evaluate whether the IOPS and throughput from SAN-backed storage is sufficient
or if the IOPS from local storage is a better fit. For portions of your application that require high-performance
disk access, such as databases, some providers are able to offer guaranteed IOPS to meet the requirements of
specific application components.

• Network - Performance is drastically affected by latency and network speed, and optimized IP can enhance
response time and ensure more reliable, consistent application performance for the end user.

HIGH-PERFORMANCE CLOUD SOLUTIONS

Applications and workloads that are performance-sensitive or data-intensive can require consistently higher levels
of performance than virtual cloud IaaS can provide at a reasonable cost. For such use cases, incorporating bare-
metal cloud options into your environment may be a good fit. Bare-metal cloud is offered on a utility basis, and when
consumed hourly similar to public cloud, it can provide higher performance for individual workloads.

Virtual public cloud offers a greater ability to scale, but with less power per unit of work. On the other hand, bare-metal
servers offer less scalability, with more power per unit of work. Using a combination of bare-metal and virtual cloud can
achieve the desired balance of performance and scalability for your applications.

Performance and scale are particularly important for big data and advertising technology use cases. Applications that
must analyze, store and process high volumes of data or transactions in 100 milliseconds or less may need higher
IOPS and throughput, faster CPUs and/or low latency connectivity to achieve optimal performance. In these scenarios,
evaluating high-performance cloud solutions should be a key consideration.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

Image 1: Scalability and Performance

Scale

Public Cloud
More
Inventory
(Deploy
On-demand)
Bare Metal Cloud

(Configure
On-demand)
Dedicated Hosting

Less
Inventory
(Order
Managed Hosting
On-demand)

Performance

SAMPLE USE CASE: ONLINE GAMING

An online gaming company that develops and publishes games for a worldwide user base must meet the challenges of
large swings in user demand. The company uses virtual cloud to support region availability and the high traffic spikes
that occur during game launches, while the majority of game servers are hosted on bare metal for optimal performance.
Using a combination of virtual and bare metal results in better utilization of server resources and more flexibility on
provisioning and setup.

Network
In addition to the above considerations, a cloud hosting solution requires adequate network capabilities in order for
applications and workloads to function optimally. This is especially important for data-intensive workloads that are
sensitive to latency.

• Public and Private Network Access - Cloud providers offer public network access over the Internet. If
your organization requires private network access, make sure your cloud provider is capable of offering private
connectivity or a VPN service. Consider using a Content Delivery Network (CDN) or DNS service to achieve
lower latency.

• North-South and East-West Traffic - North-south refers to the network traffic flowing from your application
to the end user, while east-west traffic refers to traffic between servers within your infrastructure. Optimized IP
for both of types of traffic should be considered when evaluating network capabilities of cloud providers, as this
can affect performance across all areas of your infrastructure.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

• Location - When is it important to be near your cloud? A common misconception is that the location of cloud
nodes or managed hosting facilities can drastically affect the speed and latency of your network.

When choosing a data center for physical hardware, i.e., colocation, a location near your office headquarters
is a reasonable decision, as IT staff and engineers will likely need to physically visit the facility to perform
infrastructure tasks. However, cloud services are designed to be managed through API or portal interfaces,
which mitigate the need for physical proximity.

On the other hand, cloud location is relevant regarding the geographic market or users you’re trying to reach.
For example, an organization whose primary market is located in the Northeast U.S. may prefer to establish
a cloud environment near this area to minimize latency and improve the user experience. Choosing a cloud
provider that offers low-latency Internet transit, or using additional services such as CDN and anycast DNS can
make the location of the cloud provider less important.

Cloud Storage
The way your data is stored and accessed will determine the type of storage you need. Is the data on your server
temporary, or does it need to be “always on” and readily accessible? Storage solutions can be purchased from a cloud
provider, or as a stand-alone service from another vendor.

BLOCK STORAGE - This type of storage provides disk volumes and can be local (persistent or ephemeral) or
SAN-backed (persistent).

• Persistent - A more traditional storage option that uses persistent storage for 24/7 “always-on” access to
data. Most database servers and general business applications work best with persistent block storage.

• Ephemeral - This works better for short-term, batch processing workloads, such as web server clusters or
media transcoding where the data only need to be stored for the life of the server instance.

OBJECT STORAGE - This is a scalable storage system designed to be accessed over a RESTful API instead of a
traditional file system. It works well for static assets that must be concurrently available to be accessed by multiple end
users or application components at the same time.

On-Demand, Self-Service
A core component of cloud is the flexibility and control that comes with on-demand, self-service capabilities. Cloud
providers offer different levels of management, allowing buyers to choose how much interaction they want with their
cloud. Organizations can determine whether they need high-touch managed services, self-service management, or
something in between.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

Image 2 - The relationship between infrastructure, application tools and management layers

MANAGEMENT Self Service Managed Ser vices

APPLICATION Orchestration Identity Replication Analytics Archive

Networking
COMPUTE Compute (Virtual) Compute (Bare Metal)

DATA Object Block NAS Database

LEVELS OF SERVICE

• API - While having an API may not be imperative for day-to-day use, it provides an interface for integration
with third-party tools not offered by your vendor, and support for scalability and integration with other
applications. DevOps-oriented teams will benefit from this layer of service, especially when using a platform
built from an open-source technology, such as OpenStack, as they will be able to leverage the same API-based
tools across multiple vendors and avoid lock-in.

• Portals - Provision resources without assistance from your provider with a graphical user interface to your
cloud infrastructure via a customer portal. This can be useful to traditional IT Operations staff that typically use
a variety of tools and may provision services in a more traditional manner.

• Third-Party Tools - These offer specific functionality to help manage your cloud infrastructure, such as
monitoring or customization. These tools usually require the API for integration with your service.

• Managed Services - This approach allows organizations to choose which aspects of their cloud solution
the provider will manage. These can be valuable in scenarios where a traditionally managed infrastructure
deployment is transferred to cloud services, and the IT team benefits from a vendor providing a managed,
high-touch service. Managed services can help reduce the number of engineers required to maintain the
infrastructure, and free them up to spend more time on business-critical initiatives and innovations.

Managed Services
Many traditional applications moving into the cloud for the first time may require specific services that aren’t available
in a full self-service model. For example, traditional backups where the data is archived and stored to a system can
require hands-on assistance to restore the data. Additionally, many organizations may not have the staff to take

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

advantage of the new generation of application tools, and may require additional services from the vendor to maintain a
consistent expectation of availability with the application. An example of this is monitoring and responding to an event
(such as an application outage, traffic increase, etc.), where a vendor may include a monitored system and pre-defined
communication and response policies with regard to such an event. Organizations that require this additional level of
service will need to be aware of which tools are provided for self-management and which services are offered by
the vendor.

Some examples of managed services and their self-service counterparts:

• Managed DBA - Database as a Service (DBaaS)

• Managed Backups - Instance snapshots, archival services, storage services, etc.
• Managed Monitoring - Monitoring alerts and automated responses

SAMPLE USE CASE: DISASTER RECOVERY

Cloud-based disaster recovery (DR) means replicating data or even clusters of virtual machines to the cloud.
Businesses can utilize cloud as part of an organization's DR plan without incurring the infrastructure expense
of a second physical site. By creating a cloud-based recovery site that can be used if the primary data center is
incapacitated, an organization can ensure that it never loses mission-critical applications or data.

Other “as-a-service” Considerations

“As-a-service” offerings strive to simplify the management of high-cost, high-touch features and make them easier
to use. However, in some cases, additional management can negatively impact performance and functionality. If high
performance is a requirement, be sure to discuss the impact of additional services with your cloud provider.

Other services that may simplify your transition from legacy infrastructure to cloud, or ease the management or
integration of applications include the following:

• Database-as-a-Service (DBaaS) - As an alternative to installing and managing your database on a server,

DBaaS can cost less than a “managed DBA” service, and removes management from your developers. Since
it is designed to simplify application development, DBaaS may have different performance characteristics.
For higher performance needs, self-managed and/or self-installed databases can be manually tuned to meet
specific requirements. DBaaS can include both relational database and NoSQL offerings.

• Load Balancer - Cloud-based load balancing “as-a-service” (LBaaS) can provide more flexibility and
automation, but may not offer the same breadth of features as traditional enterprise load balancer appliances.
This can be a more cost-effective approach than a hardware appliance, and can remove management from your
developers. LBaaS can be limited by cloud network throughput, but may have scaling options.

Security and Compliance

While security remains a top concern of cloud buyers, many cloud providers offer varying tools and services to meet
security requirements. It’s important to determine whether security is a consideration because of internal needs or
7

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

because of external compliance requirements. There is often overlap between the two, so the same tools may meet
both needs.

Certain applications or environments must adhere to strict compliance and location regulations. Industries such as
finance and healthcare in particular are bound by stringent policies around data management and personally identifiable
information. Security requirements will vary depending on the needs of your industry.

COMMON SECURITY CONSIDERATIONS

• User and Access Management - Many organizations have multiple individuals and teams operating
portions of their applications in the cloud. The ability to define access rules for users to grant or deny access
can be critical.

• Firewalls and Other Network Access Devices - Many environments use hardware or software firewalls
and VPN appliances to protect access to server resources or define network access policies across
application components.

• Separation of Resources (Network, Compute, Storage) - Often, applications with specific compliance
requirements need to employ dedicated hardware or single-tenant environments. These requirements may
affect your ability to use public cloud services if the appropriate segmentation is not available.

• Encryption Management Tools - Many organizations require levels of encryption for both data-in-flight
and data-at-rest, to protect data in multi-tenant environments. Tools to enable such services, such as key and
certificate management, can accelerate adoption of cloud for organizations with these security needs.

• Compliance Certifications and Vendor/Buyer Responsibilities - Organizations with specific compliance

needs, such as PCI-DSS, HIPAA, Sarbanes-Oxley, FISMA and others may require certifications or Reports
on Compliance (RoC) to determine exactly which requirements are met by the provider and which remain the
buyer’s responsibility.

• Open Source - Open source clouds may benefit from strict standards and proactive community support,
which in some cases means security vulnerability patches are deployed faster than from a cloud provider.

Cost
Cost is no longer the main driver of cloud adoption. In years past, the cloud was touted as a more cost-effective option
than hardware-based solutions, and while this is typically true for SaaS applications, at the IaaS level, the main benefits
of cloud are scalability and ease of use.

The metered usage cost structure of cloud services improves ease of use, and cloud expenses are categorized as an
operational expense (OPEX) instead of a capital expense. Allocating cloud services as OPEX makes infrastructure costs
more predictable and offers organizations better cost control. Some providers offer discounts for advance payment of
monthly cloud services.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

However, some cloud costs are difficult to calculate, such as provisioned IOPS and interzone transfers. To accurately
determine the cost of a cloud service, be sure to clarify what is metered and what isn’t; for example, some providers
charge per request instead of metering only storage and transfer, which can result in unexpected costs.

Determining whether hourly or monthly billing is best depends on your requirements. For testing purposes, short-
term batch processing needs, or burst requirements, hourly billing is typically more economical. For more predictable
baseline requirements, monthly billing can be more cost-effective.

Open Source Cloud

Officially marked by the creation of the OpenStack project in 2010, open source cloud strives to offer cloud computing
on standard hardware, making it accessible to a global community of developers. As with all open source software and
computing platforms, the overall goal is to encourage innovation and openness.

While open source considerations are more relevant for developers seeking to build their own cloud, there can be
advantages of choosing a provider with open source cloud services.

Organizations that already have an open source environment should consider compatibility with current software
and hypervisors, such as VMware and Hyper-V, and choose a provider with technology that aligns with the
organization’s vision.

An open source cloud platform offers several benefits, including:

• No Vendor Lock-In - If portability and interoperability are important, using an OpenStack API can make it
easier to switch to another OpenStack provider versus a different proprietary system.

• Open Source Community - The global network of developers in collaboration with users results in rapid
development via crowdsourcing and a strong developer community. Open source cloud solutions typically
include more documentation and features than what a single service provider can develop and support.

• Standards - The OpenStack community has established an expectation of consistency that allows users to
more easily integrate their cloud services with tools already in use. For example, OpenStack offers broad API
support such as the Horizon portal, which serves as a cloud management dashboard.

Conclusion
As providers race to meet the fast-growing needs of the IT and developer community, the process of comparing cloud
solutions has become increasingly complex. By having a clear understanding of your use case and asking the right
questions when evaluating service providers, you can establish the right cloud solution to meet your needs today and in
the future.

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM

WHITE PAPER

Public Cloud Checklist

As you evaluate cloud providers, the checklist below will help make sure you ask important
questions before making a decision.

Are hosts dedicated to one tenant, or shared among other tenants?

How quickly and easily can I scale my infrastructure?

Compute How easily can I automate my infrastructure provisioning? Can this be done
via portal or API access?

What instance sizes and CPU-to-memory ratios do you offer for virtual
machines? Are bare-metal offerings available?

How is console access given?

Console Access
Who is authorized (besides client) to access?

How exactly is customer traffic segmented from seeing each other?

How easy is it to create/manage network segments (e.g. vlans) on your

Networking particular resource pool?

What networking speeds are offered or guaranteed between hosts, virtual

machines or services (such as compute to block storage)?

Where is data physically located? Is it on a host or a shared appliance?

Data Storage What types of physical drives are available? SSD, SATA, etc.

What type of storage is offered? Object or block?

How do I manage access to my portal or API?

Do you offer audit reports on your datacenter (e.g., SOC2)?

Compliance/
Controls Do you have a Report on Compliance for specific infrastructure requirements
such as PCI-DSS?

What logging data is available related to access controls?

Do you bill on a strict utility/metered basis (i.e., hourly)? Are there volume
discounts? Are contract commitments available, or required?
Costs What resources do you meter? For example, regarding object storage, do you
meter just storage and transfer, or access/requests also? Some providers
charge per request.

Support and What support options are available?

Management What management services are available?

INTERNAP.COM | 877.843.7627 | CONTACTSALES@INTERNAP.COM