Overcoming Challenges in Public Sector Cloud Computing: Part 2 – Introduction to Infrastructure as a Service (IaaS)

Bookmark and Share
Dan Smith

Dan Smith

In Part 1 of this series, we discussed some of the semantics and high-level definitions around cloud computing.  We also talked about cloud computing having five key characteristics, three delivery models, and four deployment modelsWhile the first Part of this series discussed the five key characteristics seen in typical cloud deployments, Part 2 will focus on the three delivery models, with special attention paid to Infrastructure as a Service (IaaS).  These three delivery models consist of:

  1. Software as a Service (SaaS),
  2. Platform as a Service (PaaS) and
  3. Infrastructure as a Service (IaaS)

As discussed earlier, these delivery models are often confused, so we’ll attempt to set the record straight on what each offering is supposed to provide, and tie in some examples of real-life use.

Software as a Service (SaaS)

With SaaS, consumers of the service access and use applications running on a cloud infrastructure on various client devices through an interface such as a web browser.  These interface methods may also be a smartphone, ebook reader, or car navigation system – virtually any device that is connected to the internet.  In a SaaS environment, consumers do not manage or control the underlying infrastructure, network, servers, operating systems, storage, or application capabilities, with the exception of some app configuration settings.  

Most of us use SaaS on a regular basis without even recognizing it.  Some examples of typical SaaS offerings are things like web-based email through Outlook Web Access, Gmail, Yahoo or MSN Mail, Salesforce.com and many others.  Recently, some major SaaS providers have started putting much more sophisticated apps in the “cloud” – apps such as ERP and CRM systems, as well as Microsoft’s SharePoint and other collaboration tools.  For many organizations, the ability to tie in and utilize a SaaS-based model for their applications can be a great way of getting up quickly on an application managed by someone else, while really minimizing startup and administrative costs. 

For some enterprises, however, the drawback to SaaS applications is typically the level of customization they are able to have with the applications themselves.  SaaS providers typically offer their applications with limited customization to keep service levels and user experience levels high, as well as reduce the amount of overhead and administrative work they themselves have to perform to keep services running well.

Platform as a Service (PaaS)

For enterprises that require that higher level of customization, while still desiring their application be hosted in the cloud, PaaS can be a real enabler.  With PaaS, consumers deploy their apps onto hosted cloud infrastructure using programming languages and tools supported by the provider (e.g., java, python, .Net).   In this environment, consumers do not manage or control the cloud infrastructure, network, servers, operating systems, or storage, but do have nearly complete control over their apps and hosting environment configurations.

PaaS is a bit younger and as such, is seeing adoption grow at a quicker rate.  PaaS is typically gaining ground from two different customer bases – those who adopted SaaS early on and are seeking the ability to have higher levels of customization in their applications, and those who are looking to deploy new applications, but need the flexibility and granularity of control that comes along with a hosted platform.  Some examples of PaaS environments are offerings from some of the industry leaders such as Salesforce.com with their Force.com environment, Google’s App Engine, Microsoft Azure Services Platform and Amazon Web Services.  There are a number of startups and smaller providers in this space as well, and for good development environments, PaaS shows promise as a great way to host and develop applications in the cloud without having to maintain your own infrastructure. 

PaaS environments typically have other “value added” capabilities that facilitate the development cycle such as testing tools, collaboration tools, and versioning and community facilitation.  Again, these offerings can be attractive to many smaller development environments as they provide capabilities that would be expensive and time consuming to stand up themselves.  

That being said, as we discussed with SaaS, the potential drawback comes from the “bottom of the stack” – limited customization.  With PaaS, the same is true: while the outsourced/hosted development environment can be a huge value to many organizations, its underlying infrastructure and the services it provides are the responsibility of the PaaS provider.  This means that whether the costs or service levels are discrete or not, PaaS customers will be paying for the infrastructure they consume, and have little control over things like hardware standards, system availability, scalability and performance.  For most environments, this handoff of control to an external provider is just what they’re looking for.  I can’t tell you how many of our clients have told us they want to “get out of the hardware business.”  However, for many larger environments, outsourcing that much control of their infrastructure just doesn’t fit their needs across the organization, so while PaaS may be used to some extent, most of their infrastructure will remain in-house. 

Infrastructure as a Service (IaaS)

As we stated earlier, IaaS is the real focus of this conversation.  With IaaS, consumers rent processing, storage, network and other computing resources where they are able to deploy and run arbitrary software, including OS and applications.  In this environment, consumers do not manage or control the hosting infrastructure, but have control over their OS, data, apps, and select networking components.  A user’s interface with an IaaS provider is typically a web-based “control panel” where they can access their infrastructure services, get console-level access to their managed devices, and pretty much anything else they’d be able to do in their own data center. 

Since bare-metal infrastructure is one of the biggest physical assets in most data centers, it’s been one of the slower cloud computing delivery models to really take hold – but that’s starting to change.  Specifically in the public sector, many smaller organizations have found it difficult to drive the economies of scale needed to realize the benefits of IT consolidation at a higher level.  They’re often stuck with smaller projects such as a server, network, or storage consolidation effort to drive down costs.  To answer this challenge, many of the cabinet-level and other larger government agencies have been building large, centrally consolidated data centers to host applications across the enterprise.  While there are public cloud providers such as Amazon with EC2, and hybrid/community cloud providers such as DISA with the RACE program, many organizations are simply more comfortable with an internal or “private” cloud hosting environment. 

Typical IaaS programs internal to a data center consist of a number of building blocks, including:

Data Center Infrastructure

Consisting of power, cooling, battery backup, racks and environmental monitoring, as well as physical security.  For “Greenfield” environments, this is often one of the most expensive fixed costs.  The effort and cost required to build or modernize a data center can be astronomical, but at the same time, can be one of the biggest sources of efficiency in the long-term.  That being said, ROI from a physical data center modernization typically doesn’t show up for many years.  Plan on sinking some good cost here and having it payoff 5-7 years down the road.  Data center infrastructure, since it is an underlying foundation for everything else, is not discretely billed to customers, but some customers in an IaaS environment may be charged for their power consumption (which includes the cost to power the cooling systems).  This can help the IaaS provider to offset their power and cooling costs as well as some of the data center modernization costs, and can help drive IaaS consumers to lower their power utilization through virtualization and better workload management.


IaaS Network Infrastructure includes all the elements you would expect, including routing and switching, intelligent load balancing, traffic optimization and application awareness.  Most mid-size to large data centers are extending the standard network presence down to the rack level by providing high-speed top-of-rack switching for both IP and Fibre Channel connectivity.  Network environments and devices, since they support multiple tenants in this shared environment, are typically not discretely billed back to their consumers, but rather rolled into the cost foundation of the server and storage components of the architecture.


Storage is typically deployed now in multiple tiers to accommodate data with different lifecycle and performance/availability requirements.  This might consist of a highest-speed Solid State Disk (SSD) tier, a high-speed Fibre Channel disk tier, a mid-level SATA Tier, and an near-line high-speed tape or lower-speed SATA disk tier.  Each of these tiers has its own level of availability and performance service levels, and is typically priced on a “per Gigabyte (GB) per month” basis, allowing users to subscribe for planned usage or be billed after the fact for actual usage of the storage environment.


Although IaaS Server Infrastructure is usually reserved for Open Systems, mainframes have been thrown into the mix a number of times to satisfy legacy computing requirements.  The Open Systems x86 and RISC-based platforms are leveraging hypervisors and sophisticated resource management tools to maximize individual system utilization, and have grown more intelligent so that many of them often know the “best place” to run an application.  In these scenarios, the hypervisors or resource management tools will actually relocate workloads “in real time” to another server platform without them needing to be taken offline.  This benefits the service provider by making workloads portable and their infrastructure more sharable for multiple tenants, and benefits consumers by ensuring their workloads hit the promised service levels.  Server infrastructure is either subscribed to on a “per server per month” basis, with different offerings for different classes of virtual servers, or billed against a consumer’s actual utilization of resources such as CPUs, memory, network and storage. 

Systems Management

Managing a multi-tenant environment requires a good tool set for monitoring and managing the environment itself as well as networks, servers, storage and applications.  While basic monitoring tools will get certain aspects of the job done, IaaS providers typically leverage high-end tools to reduce to increase the intelligence of the environment and keep the cost of systems administration and hands-on management to a minimum.  With most modern management tools, routine processes and workflows can be scripted to take advantage of sophisticated automation capabilities and shorten the amount of time needed to perform regular maintenance activities.  Since systems management tools serve multiple customers just like the data center infrastructure itself and the network infrastructure, it typically gets paid for out of a common pool and is a component of each consumer’s price.  Consumers may find themselves paying directly for management agents on their IaaS provided systems if they want a higher degree of information from their systems such as application monitoring or other system-specific data.

Information Security

One of the primary reasons for not moving into a shared or multi-tenant environment has been information security.  Prospective consumers of IaaS environments are frequently concerned that with someone else managing security, their risk increases, and their ability to manage that risk decreases.  To compensate for this perceived risk, many IaaS providers have made significant investments in processes and tools to support asset management, log management, vulnerability management and remediation, as well as intrusion detection and prevention systems and network forensics.  By implementing these tools around individual consumer’s processes and requirements, IaaS providers today can accommodate even the most strict information security requirements while still keeping their costs low.  As with systems management capabilities, information security costs from IaaS providers are typically built into their individual service offerings. 

In Closing…

Standing up an environment that provides this collection of capabilities, then reducing the costs down to some sort of “per unit” service charge can be an absolute nightmare.  The complexity and sophistication that goes into the pricing and service levels is nothing short of insane in most cases.  Part 4 of this series will discuss how to understand (and limit) your organization’s requirements, and how to do so in a way that helps to prescribe the underlying components of the infrastructure to best communicate your requirements to potential IaaS providers.

Our next discussion (Part 3), will focus on the four deployment models for Cloud Computing, and how to identify the best fit for your environment.  Since most of our clients fit best into one specific deployment, the private cloud, we will spend the bulk of the conversation there, and discussing how to best start discussions with a private cloud provider.

Over the next several weeks, I will discuss the remaining 5 parts in this series on cloud computing.

Part 3 – Cloud Computing Deployment Models

Part 4 – Understanding (and Limiting) Your Organization’s Requirements

Part 5 – Building the Private Cloud

Part 6 – Managing Cloud Services

Part 7 – Adding Services to the Cloud

What are your thoughts on the series so far?

Dan Smith

Govplace Dirctor of Professional Services

Tags: , , ,

Mr. Smith has been designing and integrating enterprise IT solutions exclusively for the public sector for more than 10 years. He has experience with a broad range of enterprise IT applications, technologies, and integration approaches. Mr. Smith holds extensive expertise around data center server and storage architectures, enterprise IT consolidation, and application-specific IT infrastructures. He has supported numerous customers in consolidation efforts which have resulted in significant cost savings to the government and delivered increased operational efficiencies. Mr. Smith also holds a wide variety of architect-level IT certifications and qualifications with many leading IT developers and manufacturers. In his current role, Mr. Smith manages the Program Management and Systems Engineering functions of Govplace’s Federal Professional Services organization, which has a focus on Performance-Based Contracting, Enterprise Program Management, Security & Information Assurance, and COTS Infrastructure Integration.

One Response to “Overcoming Challenges in Public Sector Cloud Computing: Part 2 – Introduction to Infrastructure as a Service (IaaS)”

Contact Us Request a Consultation