The Service Provider of Tomorrow, Part 4: SLA Segmentation

Will service provider SLAs change in a cloud world? As customers of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) providers increasingly pay for use of virtual instances rather than discrete devices, will the service level commitments to customers change?

Much will change, and much will stay the same. Details will change, the basic SLA framework will not. The first dozen years of the IaaS industry has created a clear segmentation of SLA commitments to customers that define real and practical customer needs. These marketplace requirements transcend the indusry’s shift from discrete IT devices to virtual operating instances as the core unit of service.

At the foundation of the IT infrastructure stack, the Co-location SLA has emerged as a clear definition. The co-location SLA provides uptime guarantees on data center capacity, power access and density, and Internet (or other WAN) connectivity and performance. This SLA segment will persist in a cloud-centric world.

The next layer of the stack establishes the core network and computing environment as the foundation for IT managed services. The SLA associated with Dedicated Hosting providers (often called “unmanaged dedicated hosting”) also defines a clear segment of the market. The Dedicated Hosting SLA covers provisioning and operation of the network environment (including firewalls and load balancers) within the data center, server provisioning and hardware maintenance, and operating system provisioning (but not OS support). It has now become commonplace to include provisioning and management of the virtualization layer on which OS instances are implemented. Of course, each layer of the IT infrastructure stack depends on the layer below it, so the SLA to the customer also covers these dependencies. It is important to note that the SLAs associated with Public Cloud environments – to the extent they exist today – generally do not extend any higher up the IT infrastructure stack than the Dedicated Hosting SLA. More on this later.

The Managed Hosting SLA extends further up the stack. This SLA segment covers all of the IT infrastructure described above, but also covers OS support and maintenance, storage systems, backup systems, and database clustering systems. Managed Hosting SLAs go beyond uptime guarantees by incorporating various performance guarantees such as monitoring and escalation commitments, managing daily/weekly/monthly back-up cycles, systematically patching all systems under management, and other infrastructure management tasks.

The Enterprise Hosting SLA builds upon the Managed Hosting SLA by adding security and compliance solutions to the mix. Intrusion detection and prevention systems, log management, vulnerability scanning, application scanning, application firewalls, data leak prevention, identity management, and other security and compliance solutions are addressed by Enterprise Hosting SLAs. In fact, many of the service providers focused on the Enterprise Hosting market segment – companies such as AT&T, Verizon and Savvis – have established internal MSSP (Managed Security Service Provider) business units. The Enterprise Hosting SLA draws a clear line between application and infrastructure. It is not uncommon for an Enterprise Hosting SLA document to promise “application availability” … i.e., if the app is down for any reason stemming from infrastructure failure (as opposed to faulty application code), it is counted against the SLA.

The four market segments described above – Co-location, Dedicated Hosting, Managed Hosting, and Enterprise Hosting – comprise the IaaS marketplace.

The fifth and most recent SLA segment is the PaaS segment. This segment builds upon the IaaS SLAs by adding middleware, management tools and other instrumentation, and a coherent set of APIs to present a fully-integrated platform to application developers. The PaaS model blurs the line between application and infrastructure, but provides a more complete solution for developers who want to focus purely on application functionality rather than architecture.

The diagram below illustrates the SLA segmentation established by the marketplace over the past dozen years, and shows where new public cloud services fit in.

This segmentation will persist as we continue moving into an IaaS/PaaS world dominated by cloud architectures. Ultimately, as this happens, these segmentations will start to converge. Security and compliance is at the heart of this issue. The topic of secure cloud environments is directly tied to how quickly Cloud SLAs move up this stack. They have a long way to go, but the path is clear. More on this topic in our next installment.

This is part 4 in a running series of posts by Gray Hall, CEO of Alert Logic on the future of the Service Provider industry. Gray’s experience and background give him a unique opportunity to comment and help lead what the Service Provider of Tomorrow has to do in order to be successful. Parts 1, 2 and 3 are also available here on Secure Cloud Review.