Follow on Twitter
Post to Twitter
T-Mobile and Microsoft announced that a Microsoft subsidiary had suffered a "data-service disruption" that wiped out all Sidekick users' contacts, calendar entries, to-do lists, and photos. In the joint statement, Microsoft/Danger and T-Mobile said its teams were working "around the clock in hopes of discovering some way to recover this information." However, it noted that the likelihood of doing so "is extremely low." - From NewsFactor.com (Oct 12, 2009)
Google Search and Google News performance slowed to a crawl, while an outage seemed to spread from Gmail to Google Maps and Google Reader. From ComputerWorld (May 4, 2009)
It's hard to believe in this day and age that we should hear of data recovery being an issue, isn't it? Even the government has explicit input into this worrisome problem. Yet in the past six months we've seen two major Cloud Computing corporate faux pas. More correctly, here we are talking about Business Continuity or drilling down one level, Workforce Continuity.
One of my colleagues, who shall remain nameless, was aghast with these news releases and asked if it would negatively affect the push we are seeing in industry toward consumption based delivery of IT services. Specifically, if Citrix technology was associated with one such disaster as a part of the Citrix Service Provider program, would we end up with a "black eye" and thus a negative brand implication?
Ironically, when I was working on our CSP TCO/ROI calculator, the question came up about Disaster Recovery and whether or not service providers offer it as a part of their subscription/hosting business.
The next logical question is 'Do service providers also provide some form of disaster recovery for themselves?' It's one thing to back up data for the end customer, but what if the service providers' whole farm goes down? Well... this is really a great question, but as we've seen from the recent press, it may be a matter of big fish vs. small fish. For example, smaller hosting/service providers can and do back up their data using larger enterprises such as Amazon's S3. Why? The costs are relatively low and the processes relatively easy to use.
Also, because storage arrays are relatively inexpensive and technologies such automated failover are available, many smaller scale service providers opt to use their own backup and recovery systems on premise.
So one might ask, what about the big guys (Google, Amazon, Microsoft)? Who provides their data recovery systems? Well... based on the performance recorded in the press over the past few months, that appears to be a very good question. There are speculations that because large Cloud Compute companies use (very) low cost equipment (servers and storage arrays) that duplicating real-time data for instantaneous recovery is just a part of their operations. But is it really?
One of the challenges with scale is that you have to have enough compute power and storage to not only service the masses, but to provide continuity (and backup) in the event of a catastrophic failure. Will negative press such as that from Google and Microsoft's "Danger" (what a name for a DR company!) keep businesses from using service providers for their mission critical data? Anecdotally I've got to say no... at least at the SMB level because the data shows an increase in off premise IT services. But maybe Google and Microsoft need to take a closer look at how they handle these types of services, especially for the large enterprises.
I've got a question for you. When was the last time you actually tested your Business Continuity system? I mean, really tested a failure to see if your processes meet your users' expectations? Don't get caught in the news answering the question like these guys did!
There is an $8 Billion market opportunity for hosting Windows applications, but if you don't have the right marketing approach, you'll be sitting on the sidelines. Our partners, who are both Microsoft SPLA (Service Provider License Agreement) and CSPs (Citrix Service Providers) have been screaming for more marketing insight, so here it is!
I wrote a blog back in August about Marketing IT Services and this blog speaks specifically to Step 2 - "Know Thy Customer" and Step 3 - "Know Thy Marketing Approach". For Step 1 "Know Thy Product and Value" we are running a separate webinar that you can sign up for by hitting the links listed here...
| Title: | |
CSP Business Overview - Citrix Cloud Center: Infrastructure and App Services |
Date: Wednesday, October 28, 2009*
*If you can't make any of these times, you can register afterwards for the recorded session.
Under the "Know Thy Customer" heading, you've got to pick a way to get to them after you've figured out your product offering. One of the most cost effective approaches today in this market is through your website. Most service providers know this but don't spend the right resource emphasis to make it a reality. Look, 1990s marketing approaches won't work in this space and your (potential) customers are searching for ways to do business the same way they are doing all of their other research, via the web. So if you don't have the right content, or tools to monitor your sales approach, you will be stuck going door-to-door, which is the recipe for long sales cycles in a volume subscription market... not what you want!
The first question you need to ask is, "Is my site effective?" To know this you'll have to employ some kind of web analytics to get the information required to determine the effectiveness of your online campaigns and lead generation. If you want to do this on the cheap, Google has a free tool you can pick up that will show you things like "bounce rate" (people who leave your site from the top page).
The second question you should ask is, "How do I get visitors to immediately sign up for my service?" One way to do this is to provide them with an interactive tool where they can see for themselves the benefits you provide over their existing model. The CSP Marketing Team has created a great TCO/ROI tool that you can repurpose and rebrand for your site. Another way to do this is by allowing customers to trial the service without having to pay right up front. One way to accomplish this is to sign up with a billing clearinghouse/broker who will allow you to encourage "impulse buying" by your prospective customers. According to one company, "customers who use the service spend 75% more per transaction than a website's typical buyer".
Now that you've got a way to get knowledgeable about your customer and a way to allow he or she to access your services more easily let's talk about the "Know Thy Marketing Approach" for a minute.
It may seem infantile in this age of high tech, highly graphical marketing, but online selling gimmicks such as Avatars are very effective. There are companies who specialize in this marketing approach and can set you up with the tools to rapidly put these animated sales people to work for you. Buy the way, according to some experts, among virtual sales reps, female avatars produce twice as many sales as males.
You should also offer "Amazon.com-style recommendations". This may seem like expensive proposition again, but there are companies that specialize in setting up the tools for you and you'll know in just a couple of months whether or not this is worthwhile for you. One company who issues this software claims you'll see an average increase in sales of 20%.
Lastly, use Email advertising. Hear what I am saying...DON'T SPAM your customers. Rather once you have your analytics from the tools you incorporate, ask for potential customers to "opt in" to messaging from your company. You have to be careful with this approach and be very targeted with your email ads. I subscribe to five different services for marketing research and I can tell you that I'm fed up with all but one of them because they send me information that has nothing to do with my work... and so they have now been either discontinued or sent to my SPAM mail box. If you do this correctly, you could see up to 35% conversion rates on the ads you send.... if you do it incorrectly you'll not get another chance with that same customer.
Follow these steps and I can assure you that you will do better than just throwing a web site together and hoping for the best. By the way, if one of your senior people isn't personally running your electronic marketing, then you might as well just stop doing it. Research shows that there is a direct proportion of sales (or lack thereof) to the quality of the team supporting the content.
Note: I need to credit INC magazine for some of the content here. They had a great article in their February 2008 edition if you're interested.
They were once multi-billion dollar technology companies and now they no longer exist!
Well we could leave it right there and just chalk up the demise of these companies to poor economies or even to a fatal flaw in their technology. But neither of these answers would be true. In fact, in their hay-days each of these companies would have been called the darling of the industry. What Wang did for business productivity shot them to the top of the charts back in the 80's and at $3 Billion in sales with over 40,000 employees one would have thought them to be a long term contender. Wang got so overly focused on a single platform application (word processing) that by 1992 they had to file for bankruptcy.
In 1987 I was a software engineer doubling as a Systems Administrator for engineering workstations at a company called TRW (which was also a multi-billion dollar company that no longer exists). We were just migrating from DEC equipment to Sun Sparc Stations... and man did those things run fast (at the time). Sun was said to have (3) generations of workstations ready to ship but there was so much demand for their hardware the rumor was they were holding back the shipment of new technology until they gave themselves enough time to sell what was already going like hot-cakes. But hold on to that for a second while I back up to talk about DEC.
We had a gaggle of Systems Admins for the DEC VAX computers in 1983-85. DEC was crushing IBM at the time with performance/cost and shares of DEC stock were going through the roof. However, as Sun began to emerge there was a whispering on the wind about the proliferation of Sys 5 and BSD based operating systems. DEC was proprietary at the time and you had to be a PhD in VMS command line just to know how to boot a machine. With so much frenzy over Unix, DEC decided to get into the business but do it in a way that ultimately led to their demise. They had so much expertise in their own operating environment that they had to pay huge sums of money to get Unix developers on board and get their own version of Unix (called Ultrix) into market. But to pay for the development DEC came up with a scheme that ultimately put them in the ground. They decided to charge double the amount for system maintenance and software upgrades to all of the customers that had been loyal to them for years. And when Sun came out with higher performance minis and IBM fought back with their 6000 series, DEC was caught with their pants down. The net result was an exodus away from the VAX machine and no loyal customers to foot the Ultrix bill.... Good-bye DEC!
By 1990, Sun was the "Super-Hero" and they began to forge ground against the incumbents like IBM and HP. There was a huge following of Sun both in terms of performance/cost and in terms of the scientific community as Sun became known as the anti-establishment technology company sprouting forums for the enhancement of open source collaboration. So superior was their technology that the big mainframe companies tried desperately to steal their talent away. But the die-hards at Sun would have nothing of it. Besides creating the best platforms in the world, Sun had become the giant for networking with their mantra of "The Network is the Computer". Driving network development through the precursor to Internet Protocol, Sun was on a rocket ship ride. But then something odd began to happen. Sun began to fragment their development and soon the performance of their equipment was not as stellar as their focus shifted to a world of Java collaboration. They had a great run but couldn't figure out how to monetize all of their engineering efforts to create a Java enabled world. With millions of devices running Java clients, but no revenue streams, Sun began to bite the bullet... and now... swallowed by Oracle!
So now there are some new darlings on the block regarding Cloud Computing... aren't there? And Citrix is staying the course with the technology that has enabled our growth for 20 years. We just announced XenDesktop 4, which is a logical path to virtualization... both for applications and for desktops. I think we've learned from the past mistakes of others that you've got to keep doing what got you here and do it better than anyone else. And don't forget about the next generation of IT Services that are coming on like gang busters. We're in that market too!
I've been doing a lot of research of late around the future of the Cloud, what of the hype is real and where the market dominance will be for Internet based applications delivery. I read a piece by one of the analysts I follow and he gave some sage advice about not getting drawn into the herd of marketers who are using Cloud as a platform to sell anything in their portfolio by renaming it "Cloud -X". Another analyst I follow put together a great map of the differing technologies that make up Cloud Computing and one of the huge foundational pieces is that of Software-as-a-Service. In fact both of these analysts would say that SaaS is absolutely not hype and is one of the pieces of Cloud that will not only emerge, but flourish in the process.
In my research, I've been trying to assess the total number of Windows based applications that are in market today. The purpose is simple. To determine the total market opportunity in the SaaS space you first have to determine who is playing in it, what the applications are and who will subscribe to those applications. SaaS is defined as "a model of software deployment whereby a provider licenses an application to customers for use as a service on demand" and there is no distinction between Windows based applications and Web based applications.
Since Windows still enjoys over 90% market share in the operating systems realm, it also makes sense to extrapolate service offerings based on what businesses are currently using... which happens to be Windows based solutions. The difficulty in making an assessment for the total number of Windows based application in market today is nobody wants to talk about it. Microsoft got in hot water in 2000 with the DOJ because of the volume of Windows applications in market creating what was being called a "barrier to entry" for developers of other platforms. As a result, Microsoft doesn't publish this information. And the forums that support Windows developers are only microcosms of the larger eco system.
Third parties make attempts to extrapolate the total population of Windows based apps, but we don't often see real data to support it. To add to the problem, some support programs for Windows based apps are considered applications themselves. Some estimates have the total number of Windows based applications in the 100,000 range and above. In 2008, Windows Mobile apps alone totaled 18,000. Even if we take a fraction of these estimates there are still a huge number of applications to consider. For purposes of this blog, let's take a total number of 120,000 and divide that by 1/2. That would leave us with approximately 60,000. If we cull that number by another 50% to delineate only business applications we get a total of 30,000 applications. If we use an equal distribution of applications per business segment (Finance, Gov't, Healthcare, Communications and Services) we have 6,000 applications per segment.
That means that there is an opportunity for 6,000 Independent Software Vendors (ISVs) in each major business segment to expand their base by offering a different route to market. Many of these ISVs have been stifled in their growth because of their current sales motion and distribution channels. Also, servicing their existing customer base is expensive because upgrades must be done through expensive marketing, downloads and retail shrink-wrap sales. Up to now, there has only been one alternative... re-engineer and re-code to a web enabled browser based application. This is a very, very expensive approach. But what is an ISV to do? If he wants more revenue through expansion of his base of customers, is there any alternative?
Well the answer is yes but I continue to be dumb founded that more ISVs don't look to Citrix when they begin this analysis. When Terminal Services was in its infancy, Citrix was solving the problem of remote access even before the Internet reached the masses. The identical technology can be used today to solve the dilemma of ISVs in the SaaS space. Why re-code when you can host the application just as it is and give users the same experience as being loaded locally? The question is will the ISV of today be savvy enough to choose the Citrix path before spending millions on re-engineering the code? Time will tell.
I'm willing to bet that any Windows based ISV who does adopt Citrix technology to expand his base of customers through SaaS will be miles ahead of his competition who are spending money on re-engineering instead of capitalizing on additional subscriber growth with the same code.
By the way... if you've got a better assessment of the total number of Windows Application in market today I'd love to see the comment!
Sometimes I wonder if people really connect the fact that Citrix Systems and Citrix Online are the same company. I also wonder if people understand that the same company that completely dominates the hosted application and desktop market also is the dominant player in online collaborative services. In fact Citrix Online products rank top 4 in the world among Software as a Service (SaaS) vendors. Next time you see a GoToMeeting advertisement on Fox News, Discovery or whatever your favorite TV channel is... take a good look. You'll notice at the end of each commercial a tie-in to Citrix.
Maybe one of the reasons that this connection is not readily understood is the market dynamic. Could it be organizations using GoToMeeting or GoToMyPC may not be using XenApp or XenDesktop? In fact the Online products are so easy to use, IT is rarely involved. You merely sign up for the service and start to use the meetings, webinars, and other collaborative tools.
So while I'm musing I also wondered how many service providers (or hosting companies) out there understand the value they would bring to one of their customers if they could bundle a collaboration service with other application/desktop hosting solutions. Did you know that according to many analysts collaboration is the #2 revenue generator in an $8+ Billion Market? It's just behind business grade email in terms of demand.
The service from Citrix Online is so easy that I used it the other day to give a presentation to a customer in China. That's right... I used my Internet connection from home (East Coast time was 10:00 P.M. - too late to be in the office) to do the presentation. But what was really cool was pulling my PowerPoint up using XenApp, making changes securely over the Internet 5 minutes before the meeting and then firing up GoToMeeting in four different locations on three different continents. What a business case in this new economy...Just think of all the applications your customers (SMB) have while they continue to grapple with shrinking travel budgets.
If you're in the hosting business and want to enhance your ability to service your customer, why aren't you in the Citrix Online Affiliate Program? All you have to do is sign up, plaster one of the best brands in the world on your web site and begin to collect revenues for it. Not quite ready to take the full steps to being an Affiliate but still want to make some cash? Citrix Online also pays for referrals. Sounds easy enough, doesn't it? Now you can take your million dollar business and add another couple of hundred thousand to it. Why would you not do this? I dunno?
Seems like a pretty good idea to me.
While some enterprises are still debating about the overall benefits of virtualization, Cloud Providers use virtual workloads as the de facto standard for all of their business. The question for Cloud Providers is not when to Virtualize but rather what is the best way. Can you say "Best enterprise class virtualization platform in the world for FREE!" Well that is exactly what XenServer is. And with our recent upgrades to the product there is no reason why every Cloud based service provider on the planet shouldn't be using it.
I had a conversation with an ISV who is also a Hosting Service Provider a couple of months ago (at the Microsoft Hosting Summit) who was using ESX at the time. Amazingly, he didn't know anything about Citrix. I proceeded to let him in on the technology we provide and he kept asking me over and over again, "Is this really free?" I saw him later in the day at one of the break-out sessions and he told me he had contacted his VMware rep. He said to the rep, "I've just been informed about an offering from Citrix that blows you guys away. If you can't come up with something comparable... you're out!" A great testimony to our technology and go-to-market strategy I would say.
So now that we're beyond the basics of server virtualization, it's time to talk about taking the next step and having access to the best enterprise level management tools for virtual data centers. That's right, I'm talking about Essentials for XenServer and Hyper-V. If you're a service provider looking to move up to Xen, then we've got some terrific news about some training you won't want to miss... led by our very own XenServer Architect in Readiness, Oliver Withoff. If you're interested (and by the way the training is FREE) you'll want to sign up at one of the sessions listed below...
Monday, October 5, 2009
9:00 AM - 10:30 AM EDT: https://www1.gotomeeting.com/register/228005408
2:00 PM - 3:30 PM EDT: https://www1.gotomeeting.com/register/975636224
9:00 PM - 10:30 PM EDT: https://www1.gotomeeting.com/register/126336201
Sometimes we are so focused on what the (technical) media tells us that we can lose perspective on reality and market dynamics that can (and often do) affect our businesses. Analysts are great and perform a valuable role, but they are not entrepreneurs, inventors or architects. This being the case, if we put too much stock in what they say or where the market will go, we can mislead ourselves. This could result in a false sense of direction leading us to the wrong conclusions about our roadmaps. Such is the case with Cloud Computing and mass delivery of Internet Protocol applications and services.
To set the stage let me start with the misconception that Cloud Computing has somehow been isolated to large ISPs such as Google and Amazon. We could include Microsoft in the mix but they are currently not offering a consumable solution yet. Why would we believe that these companies are the only focus of the market? What about the Fortune 100 communications companies that have already been in business for many years providing IP communications and services in mass? Isn't it possible that these are the "real" contenders in the Cloud Computing space and we keep listening to analysts tell us 'they don't belong' or large service providers are in a different segment and therefore aren't on their radar.
I have to admit I've found this to be the case. Within the large analyst firms there are specializations of expertise; IT, Virtualization, Infrastructure, Networks, and Communications to name a few. These analysts often don't communicate or collaborate with each other and as a result we get a very monolithic view of an industry. Since IT has evolved to be in every sector from Energy to Entertainment, gaining a holistic view of future offerings (Cloud Computing included) is difficult to say the least when confronting "experts" in individual sectors. All the while huge communications and entertainment companies such as AT&T, Verizon, Deutsche Telekom, and Comcast are building out massive IP networks and services that would dwarf any Enterprise, ISP or Software company.
Note that the convergence of IT services for a "utility" offering is the core definition of Cloud Computing and yet Utility type companies are not usually included as contenders in the space. I would venture to guess that companies such as AT&T for instance should be considered players in the Cloud Computing business. Wouldn't you? To prove the point, one only has to look at the offerings available in the market today and see that there is a huge potential to fulfill the promise (and demand) of Cloud Computing.
The diagram below is a depiction of the current AT&T U-verse network. Note that it is a pure Internet Protocol (IP) network and provides utility based data and communications to a mass population with Service Level Agreements (SLAs) capable of providing High Definition Video Entertainment services, IP Voice services, and Internet Applications services. AT&T has two major data centers which aggregate traffic from Video Head Ends as well as their own ISP connections and contracts to Internet asset providers such as Yahoo!. The IP traffic flows from the data center via fiber optic cable to Digital Subscriber Line Access Multiplexers (DSLAM) within a neighborhood or office complex. These DSLAMs then provide network access to the individual home or office via Very High Speed Digital Subscriber Lines (VHDSL) capable of carrying high bandwidth IP applications such as HDTV or heavily intensive graphics applications. VHDSL is an asynchronous network technology meaning there is a disparity between upstream and downstream bandwidth. However, the upstream path is still very capable of providing certain types of real-time communication and high bandwidth IP data/applications paths. 
Further, if we take a look at the AT&T U-verse home/office extension we'll note that Cisco has partnered with AT&T to provide a low cost, high speed (100 GB) combination wireline/wireless router. They have also created an extended end point Set Top Box (STB) which is really a Central Processing Unit (CPU) with both volatile and non volatile memory. Further, Microsoft is included in this partnership and has written a light version of their Operating System (O/S) called Mediaroom in order to provide a platform for services from the data center. These include custom applications that can be accessed from any PC/Mac in the world and used to control both Entertainment and Communications applications rendered either on the IPTV or on the local PC. Mediaroom resides on the STB and communicates to the data center through the Cisco router using IP. Microsoft has installations of Mediaroom in (25) major service providers around the world in every geography (including China).
Applications can be on-boarded through this network into the home/office by merely sending the code over the IP network to each individual STB in the home/office. One has to wonder will it be long before AT&T, partnering with Microsoft and Cisco begins to offer applications for home/office use over this network as well. All of the elements are already in place, being used and a billing model producing revenues. This is not the case with Google, Amazon or any other emerging Cloud provider.
Similar types of services are available from other large communications companies around the world but they do not seem to be captured as companies worthy of being on the Cloud Computing radar. Cloud Computing will evolve that is for sure and many companies will either opt out or be pushed to the side by the real contenders. However, the convergence of IP technologies and the emergence of utility based computing is much broader than just a few ISPs and the sooner all the players are brought into the mix, the better for those of us who are attempting to set future roadmaps to enable the Cloud to be real.
The recent announcement of the Terremark Cloud offering has raised significant attention especially because of the competitive pricing and EC2 like features of elastic capacity and hourly charges with no commitment. On the surface the Terremark entry price of $0.036 per hour seems very low compared to Amazon EC2 at $0.10 but it's worth picking a few examples to provide a more apples to apples comparison.
..
Not included in the comparison is the difference in storage costs which can be small or very significant depending on the circumstance. Amazon provides up to 160 GB of instance storage for a small image or 850 GB for a large included in the hourly cost. If you have only a small instance say 10GB that adds $ 2.50 to the monthly price at Terremark ( @ .25/GB ) however of you needed the 850 GB included in the Amazon Large image that would add $ 212 to the monthly Terremark costs. Also not included is bandwidth costs, however both charge the same $0.17 GB for data transfer out . ( Although Amazon charges $ 0.10/GB for data in vs Terremark $ 0.17 data in ).
Some the bigger differences will more likely depend on how the VMs are utilized. The numbers stated above assume a full month of 24x31 operation. With Amazon EC2 it's possible to save in S3 ( bundle in Amazon terms ) an instance and then shut down ( terminate ) the VM and the billing stops. With Terremark however although you can shut down the VM, the hourly charges do not stop. Only deleting the VM ends the billing, there does not appear to be an option of saving with the hourly charges turned off and allowing a new instance from the saved image to be started at a later time. This appears to be a big advantage for Amazon although I need to learn more about the Terremark offering to fully appreciate the capabilities.
Certainly economics is not the only factor in selecting a Cloud infrastructure provider. Vendor Lock-in and VM portablity often come up as concerns. Security is also a factor in regard to Cloud computing and this was a motivator for Amazons recent Virtual Private Cloud offering which provides a dedicated VPN connection from a customer premise to an isolated Cloud inside the Amazon infrastructure. I also have to admit I was impressed with a recent tour of the Terremark data center in Miami , this place was like a high tech Fort Knox when it came to security. The entire topic of Cloud security is worthy of specialized consideration not covered in this simple comparison.
Ease of use is another consideration that is worth evaluating. The Amazon Web Console is limited in function but easy to use plus includes access to many partner and community provided ( including Citrix C3 Lab ) templates that are prebuilt and ready to launch. In Amazon EC2 for example its now possible signup and launch your own XenApp server in as little a 15 minutes.
Terremark also provides a web base console that looks straight forward however I have not used it myself yet. Terramark does not provide the same portfolio of 3rd party templates however they do provide more granularity in the size of VMs and RAM plus they offer multiple versions of Windows Server.
As the options for Cloud Computing continue to expand the economic analysis of Cloud vs Premise will extend to Cloud vs Cloud, as Service Providers continue to provide dynamic cloud type offerings.
Cloud Economics 101 Part 1 - Premise vs Cloud vs Colo
Cloud Economics 101 Part 2 - Premise Plus Cloud
Cloud Economics 101 Part 3 - Amazon Reserved Pricing
.jpg)
The Amazon Web Services (AWS) announcement of the Virtual Private Cloud (VPC) offering has just made Cloud Computing more attractive to the enterprise. Most companies I talk with are interested in the "Cloud", but beyond a few SaaS apps and perhaps some dev/test they are not ready for any big change to their corporate IT infrastructure. On the other hand many of those same companies are currently or projected to be capacity limited in their own data center based on space or power limitations.
Many companies will opt to move or expand into a Co-lo (Co-location) facility which provides dedicated space, power and bandwidth. This solves the space and power problem but most of the same costs of computing are just moved to a remote facility. The expensive data center facility cost is shared among other companies but the Server, Storage and Networking are all dedicated. The promise of the Cloud and particularly IaaS (Infrastructure as a Service) like Amazon EC2 is sharing computing and facility costs, having capacity available on demand, and only paying for what is used.
The obstacles to IaaS offerings that I hear most often include security concerns and the desire keep the corporate data and or legacy infrastructure in place. Making a massive move from premise to Cloud is not desired or warranted. On the other hand enabling a Premise Plus Cloud solution in a secure fashion and using it only for expansion or overflow capacity could be appealing for many companies. Essentially this is what Amazon is offering with VPC, a dedicated secure network extending from a company data center into the Amazon Cloud with isolated VM's available on demand.
For Citrix Customers this could be particularly attractive for expanding XenApp farms or centralizing new applications on XenApp without the prerequisite facility and capital costs. Customers can bring their own XenApp licensees to VPC or point back to existing license server on premise. We have been collaborating with Amazon AWS to build and test XenApp servers in VPC to validate and number of scenarios and use cases. In addition we have made dedicated Amazon Machine Image ( AMI ) templates available with XenApp 5 preinstalled and ready to launch. Citrix C3 Blueprints are also now available to assist companies that want to start to evaluate the new offering. ( Note: the service is currently in Beta )
For Citrix this announcement represents another progressive move as a leader and enabler of Cloud Computing. Amazon EC2 based on the Xen Hypervisor has already made EC2 ubiquitous with start-ups and the undisputed leader in Public Clouds, VPC with XenApp now represents a significant opportunity for Enterprise IT. The Citrix Cloud Center ( C3 ) portfolio will continue to enable IT and Cloud providers to exploit the promise of the Cloud, stay tuned..
This is a deck I used recently to explain Cloud Computing, Citrix and to demystify the C3 offering at iForum Sydney and Melbourne (May 2009). I know that this flies somewhat in the face of those who believe that the definition of cloud is completely and globally understood, but the reality is that "Cloud" is stupidly overloaded. This is my attempt to unpack cloud computing, and to illustrate which parts are most relevant to Citrix, C3 and the enterprise IT shop. Let me know what you think.
– Cheers! Michael
Here are some other important links on Citrix C3.
There are probably many scenarios that would benefit from the ability to separate XenApp servers from the data source. Unfortunately this has not been a recommended practice due to the latency incurred when moving data from one location to another. Now with the emerging availability of Private and Public Clouds and typically constrained premise space and power this capability could become even more interesting. The time to move data across the WAN securely has been the limiting factor but how about using the Citrix Repeater to accelerate the data and Access Gateway to secure it ? Yes this is possible and we wanted to provide a Proof of Concept, demo and C3 Blueprint that may be beneficial.
This demonstration was included in the Synergy session on Citrix C3 Cloud Architecture. The client laptop located in Florida is connecting over ICA/HDX to a XenApp server hosted in the EC2 Cloud in Virginia, which is pulling data from a file server located in Santa Clara Ca. As indicated in the demo when the Repeater acceleration is enabled the time to open a 5 Megabit file is about 7 seconds. A usable experience for the document delivery example. However with the acceleration disabled the time to open the same 5 Mb file grows to about 2 minutes and unacceptable experience. A 10X+ improvement from acceleration.
Certainly this configuration has limitations and may or may not apply to your situation but it may open the possibilities to solving many app delivery and data location challenges. This example can be recreated easily following the C3 Blueprint and the AMI ( Amazon Machine Image ) template available as part of the C3 Lab in EC2. This does presume you have an available Branch Repeater and Access Gateway on premise to complete the PoC. Try it out and / or let us know what challenges this type of solution may help solve.
Also check out Craig Ellrod's Cloud Bridge post that utilizes Vyatta for a full Premise to Cloud VPN.
http://community.citrix.com/blogs/citrite/craigel/2009/06/08/Cloud Bridge
Follow me @ http://twitter.com/chrisfleck
I was in Stockholm last week delivering a message on Cloud Computing. During my visit Paul Dobson (our EMEA Marcom Manager) and I had an interesting encounter with the Editor of CIO magazine (Swedish edition). It was a bit strange in that I found myself interviewing her instead of the other way around. I figured if anyone had a pulse on the industry from a CIOs perspective it might be the people who take the time to write about them. The one question that stands out to me during the conversation we had regarding Software as a Service and Cloud Computing was, "If you take Cloud Computing to its natural end state, is this the beginning of the end for CIOs as we know them today?"
Why is this question so pertinent? Because those companies who sell SaaS today are most accomplished because they sell around the IT organization, not necessarily through it. Why is Salesforce.com so successful? Is it because it has such a simple to use interface or the consolidation of information or the fact that the entire sales process from lead generation to customer management is all in one portal based package? Or is it because the end user doesn't want to rely on the age old process of building a system based on arcane IT practices that often carry with it unbelievable cycle times for deployment. Has IT really become obsolete and those of us in the industry are just afraid to admit it?
While I was in Europe I got the opportunity to speak with many companies from all sorts of market verticals. Small municipalities, large government, manufacturers, developers and education to name a few. What surprised me the most in these conversations was the general lack of understanding regarding the virtualization of applications. There seemed to be a good understanding of server virtualization but the virtualization of applications was not well understood. So I began to ponder what the future might hold in regards to how information technology is done today and how the Cloud might affect it in the future.
Combined with the research we completed for the delivery of our Citrix Service Provider program for the SMB and this anecdotal information from IT managers in the field I noticed a trend. When a company gets to be about 100 people it starts to understand the need for IT based on organic growth of the PCs and shrink-wrap software yielding an unwieldy system of Post-It notes, IT consultants and two or three general knowledge software application "experts" within the company. An IT manager is typically hired only after the need is so great that a single individual can't handle the work load. And so the vicious cycle begins.
The first IT manager is hired into a chaotic environment that is already understaffed and over budget. As the company grows so do the needs of IT yet there never seems to be enough people to do the job and legacy systems continue to grow to keep the business growing without regard to a systematic approach to providing text book Information Technology. CIOs are trained in this environment and as their career progresses they inherit the same problems at larger companies only on a bigger scale. Over and over again this process repeats itself until the entire system begins to collapse from its own legacy operational weight. The current economic conditions, although tough to stomach, have created a forcing function for CIOs and IT managers using this paradigm... change the way you do business or else.
Maybe I'm over simplifying this, but it seems to me there are only two ways to effectively "change" the way IT is done. The first is to outsource everything in the data center including the delivery of applications utilizing web based technology. The other is to virtualize the applications and the server farms to provide a much more efficient way to operate. And maybe as the Cloud becomes more secure and seamless a combination of the two. So why is there so much resistance to either or both of these approaches?
Is the Cloud the beginning of the end for CIOs? I'm not really sure we can say today because it hasn't evolved yet. But one thing is for sure, doing business the same old way just won't be tolerated any longer, either from the standpoint of the CFO or from the end user. And the Editor of CIO didn't seem to have an answer either.
What still blows me away is the lack of planning and strategic thinking around the development of a private cloud that takes all of this into consideration. I can probably count on two hands the companies who seem to be seriously looking at a Systems approach to application delivery and information technology in general.
Why is this?
Securing Web Applications with an Application Firewall
I have been working with Application Firewalls for quite a few years - many times to protect web applications published in languages and character sets that I didn't understand. Frequently, I have seen these Application Firewall deployment projects get bogged down in pursuit of the perfect policy set.
I have also seen many situations in which this process and application changes actually break these applications.
The NetScaler Application Firewall deployment can also be subject to these issues since the appliance provides extensive application firewall features. Even with the learning capabilities, creating the ideal set of security policies for any application can be a trial and error process that can take significant time.
In this blog, I would like to share an implementation methodology that shortens the deployment, and helps avoid breaking the applications to be protected. Experience has shown that approaching the configuration of the Application Firewall in stages is the key to timely success. This methodology is effective for all types of applications and their needs.
To alleviate the time and risk of varying degrees of policy complexity, break the task into stages. That is, separate the policy configuration into groups of ascending risk. While some may raise the point that a simplified protection policy set is not complete, it must be remembered that protection stages will build upon each other, and will be better than allowing unfiltered access while all policies are in learning or logging/warning mode.
The benefit of staging is that a basic set of policies are made operational. Then, the following stages will consist of conducting a repeatable process of "policy tightening" procedures as required by the application.
Stage I
When configuring the NetScaler Application firewall policies, start with some of the basic protections. Activating the simple, generic policies almost never produce false positives. These typically include: 
- Protect against Cross Site Scripting (XSS) attacks
- Protect against SQL Injection attacks
- Protect against Buffer Overflow attacks
- Prevent Credit Card Leakage
- Prevent access to system files
- Alter the contents of the server headers
Activating these policies will typically not break applications. As such, a small user community - with etc/hosts overrides - can be used to validate the configuration over a fairly brief validation period.
More importantly, this is a great start. These policies create security effectiveness that can typically be rated as a level seven on scale of zero though nine (you can never get to a perfect "10" in security).
Stage II
The next stage will include applying policies that require more application validation to determine the application specific relaxation adjustments ("policy overrides").
But first, don't forget to ask yourself if this application actually requires tightened policies.
If so, Stage II protections should be sequenced - Cookie Tampering prevention should be blocked first. Then, move on to blocking tampering with the values of parameter and/or hidden form fields.
Start with cookie poisoning prevention ("Cookie Consistency"). It will be likely require the least number of relaxations. This will build on the Stage I successes most rapidly.
To do this, use the learning process to identify the cookies that are legitimately altered between the response and request process. Minimally, relaxations will be required for cookies that are set and modified by third party monitoring services. Again, because of the staging, this learning can happen while the basic policies are in place and actively applying their protection mechanisms.
If further tightening is required, focus on creating policies that prevent users from tampering with the values of parameter and hidden form fields. This is achieved by activating "Field Consistency" learning in the NetScaler application firewall. Depending on the architecture of the application or a frequent use of client side scripting, these policies carry a higher risk of blocking legitimate requests. These policies thus require a more extensive learning period and associated relaxation overrides.
It should also be noted that these Stage II policies and their relaxations do have a tendency to be susceptible to producing false positives as applications change, and should be re-evaluated in conjunction with major application changes.
Stage III and Beyond
If the application is contains super sensitive information, and undergoes frequent changes, further security configuration may be required.
Stage III typically involves enforcing field formats and enforcing user navigation paths. Adding restrictions to field input types, such as date formats, and more, will require further time for learning these application attributes. Be aware that these policies will also be more likely to be sensitive to application changes.
Enabling the "Start URL" facility allows users to access only the specifically stated URL types. Due to the flexibility inherent in application architectures, however, these restrictions may require modification to include additional request types present in a particular application.
Lastly, carefully consider activating "URL Closure" to control 
the flow of access by users. Enforcement of this policy set disallows users from navigating to locations not previously offered by an application response. These policies may require significant application validation if client side scripts modify URLs, or if FLASH objects contain links.
The above policies tend to bend the needle towards the nine level and will be more likely to cause false positives during policy refinement or when the application changes. Leaving these to Stage III, however, allows continued protection afforded by the policies of Level I and Level II during the refinement, however.
Summary
Personally, when I plan my application firewall deployments, I always attack the assignment in the phases outlined above. I focus on the quick return policies first. Then I take time to consider if the sensitivities of the specific application even warrant the extra effort of going all the way to Stage III. This last question can produce some interesting answers that pit my application security ideals against the practicalities driven by the depth of my current to-do list.
And then, of course, this staged approach may be completely ignored in situations in which a specific application just suffered from an attack through a specific Level III vulnerability. Such situations may warrant overriding the staged approach and focusing on addressing the impacted vulnerability immediately.
Also, don't forget to sign on to MyCitrix and download the Application Hacking Kit and actually try some of the most common application attacks on the BadStore application!
Two days ago IBM announced the availability of 4 of their products on Amazon EC2 cloud. Check it out here.
It's another indication that cloud computing is gaining momentum. If you look closely though only virtual machines for development and demo purposes are available now. But IBM says production version is going to be supported too. The fact that IBM, the enterprise company, is trying EC2 says something. That's probably why the story has been making headline news. I am interested to know if IBM will create their competing cloud platform for enterprise in the future. What do you think?
I am not surprised with this IBM announcement since my group has been doing something similar. Chris Fleck announced unofficially the availability of popular Citrix XenApp on EC2 last week. Chris included a very informational video with step by step instructions on how to get your XenApp running in the cloud in 15 minutes. I found it very useful. I would rather prefer watching a 15 minutes video than reading a long getting started guide!
Plus the IBM getting started guides recommended EC2 command line tool. In Chris' video, he showed how to use the new Amazon EC2 GUI console. I tried Chris' method to launch IBM instances. It worked for me. So for the folks like me who prefers GUI over command line, you may find Chris video useful too even if you are only interested in trying out IBM products on EC2.
Let me know what Citrix products you would like see in Amazon EC2.
Ray
OK, actually it's 12.5 cents and it might take you a few minutes longer, but compared to the traditional methods of building/configuring servers the cost and time savings is dramatic. It is now possible to launch a pre-built XenApp image in the Amazon Web Service offering called EC2. The image includes XenApp 5.0 on Windows 2003 Server ready to run and is accessible as an Admin or user. Also included is the Citrix 2 CCU Developer license bundled into the image so you can be ready for test, dev, and demo's in minutes. In this demo image we have NOT included Secure Gateway or Access Gateway so we do not recommend this image for production environments. The actual minimum cost for EC2 with Windows Server is 12.5 cents per hour with no minimum or commitment, so you can actually run it for an hour, terminate the image and that's all you owe. In reality you will likely want to install apps, customize your image and run it for some length of time. It is also very easy to save your image after you have customized it and terminate the image so the EC2 charges stop. The associated S3 Storage cost is only 15 cents per Gig per month, again very cheap and easy. New VM instances can then be started from saved images at anytime. As you may know the magic that powers this service is based on the Xen Hypervisor and the business model that Amazon has put together makes this a very attractive solution for many scenario's, in this case starting with demos, test, dev, PoC's etc. Many thanks to Vishal Ganeriwala for putting this image together and leading the way for more to come.
Here is a VideoTip to walk you through every step ( also available at our VideoTip site http://citrix.utipu.com/app/tip/id/6236/ )
Step 1.
Go to http://aws.amazon.com and get an account with EC2
Step 2.
Go to http://console.aws.amazon.com to access the AWS management console
Step 3.
Setup Security Groups per the video
Step 4.
Find the publicly listed XenApp Amazon Image, Right click and Launch
( citrix-c3-lab/XenApp5.0_32bit_v1.4.manifest.xml )
Step 5.
Enter the IP address provided into your browser http://xx.yy.zz.tt; and you are ready to go !
( ID: administrator, PW: Citrix123, Domain: CTXSLic1 )
Tip : When saving " Bundling " your AMI image remember to register it so you can relaunch it.
| Do you plan to get your own XenApp Server in the Cloud ? | Choose |
|---|---|
| If it's really this cheap and easy, I am definitely going to try it. |  |
| No, I don't trust the cloud for anything .. | |
Prediction #1: The iPhone goes Enterprise
- The iPhone will gain rapid adoption in the Enterprise driven by user demands including executives, road warriors, and knowledge workers asking for access to the apps they need ( including windows apps ) from anywhere. IT will increasingly support the effort based on new improved security capabilities and productivity gains ( including for themselves 
).
| .. | Choose |
|---|---|
| I am in IT and we will support the iPhone in 2009 ! ( I need the Citrix Receiver now... ) | |
| Blackberry reigns in the Enterprise, no change for '09 ... | |
Prediction #2: Corporate issued laptop model will be challenged
- Companies looking to provide access to day extenders without the full expense and maintenance of a company laptop will increasingly adopt application delivery infrastructure like XenApp that can provide safe IT hosted application access from un-trusted personal PC's. In addition, companies will begin to pilot the BYOC ( Bring Your Own Computer ) model for knowledge workers seeking personal choice while reducing IT expense and support costs.
| .. | Choose |
|---|---|
| We already are saving significant $$ by enabling safe access from home PC's | |
| We are planning to allow controlled access ( via Citrix ) from home PC's in 2009 | |
| Status quo, corporate laptop access or none at all. | |
Prediction #3: Virtual Desktops grow beyond a niche
- Improvements in user experience capabilities of VDI solutions combined with the reduced support cost model will drive increased adoption of VDI beyond the initial niche deployments.
| .. | Choose |
|---|---|
| We are moving from VDI pilots and special use cases to broader deployment | |
| VDI is not ready for the masses, we will wait and see | |
Prediction #4: IaaS Cloud Providers are no longer just for web startups
- The recent Windows offering by Amazon will validate the IaaS ( Infrastructure as a Service ) model as a viable platform for companies small and large looking to add test and targeted production capacity without capital and facility costs.
| .. | Choose |
|---|---|
| We have started to use Cloud VM's or Storage for test and plan broader use in '09 | |
| What is IaaS ? No way are we putting anything in the cloud... | |
| Not sure, need to try it first | |
Prediction #5: Netbooks drive Servers, Clouds and Linux clients
- The rapid adoption of Netbooks based on low cost and light weight convenience will increase the desire to run server hosted apps ( Web and Windows ). A significant number of the new mini laptops will be used for occasional use vs a primary PC which makes maintaining local apps and synchronizing data problematic. This in turn will help break the traditional model of running Windows apps installed on PCs and laptops.
| .. | Choose |
|---|---|
| We are getting more and more requests for access from Netbooks, all they need is Citrix and a browser. | |
| Netbooks are just toys for kids ... ( small & big ) | |
Agree / disagree ? what are your predictions ?
Also seen at Sys-Con Cloud Computing Computing Journal
One of the most requested features from Service Providers and Enterprises is IP Address Management (IPAM). I can't tell you how many times I have listened to customers ask for a platform that manages IP Addresses effectively on a large scale, even to the point of managing disparate classes and subnets. What happens when two companies merge, do you munge spreadsheets or do you have this software yet? It's not only the software that is unique but that it runs as a XenServer VM in Para-Virtualized mode, meaning it is high-performance. Even better is these run in linux.
Nixu Software specializes in software designed for DNS, DHCP and IP address management. To run Nixu Products in a virtual machine environment, simply download the ISO installation media from their website and boot up a new virtual machine. The installation media auto-installs the entire server stack.
Unlike traditional computing appliances that require specific hardware to run on, Nixu Products provide a quick and cost-efficient way to migrate and consolidate core network services such as DNS and DHCP to virtualized computing environments. By streamlining tedious network and system management routines, Nixu Products offer exceptional availability and ROI.
Here are some of the Highlights of using NIXU DNS and DHCP in a XenServer VM:
- Centralized IP Address Management
- Merge/Join IP Blocks
- Split IP Blocks
- Subnets in use – report
- Subnets free – report
- Addresses in use – report
- Addresses free – report
- Runs in XenServer as a VM, optimized for Para-Virtualization
- Supports pv-ops
- Supports IPv6
- Uses secure communication between secondary name servers, using keys
- Role based administration
- Assign subnets to administrative domains
- Supports BIND syntax
- For the BIND junkies
- Has a configuration checker
- Automated installation and maintenance reducing management overhead
- Centralized management of all nameservers
- Hardened design for security
WATCH this video tip:
Download the Nixu / XenServer Integration Guide.
Read about Nixu Software here.
Read about Citrix XenServer 5.0 here.
Download Citrix XenServer 5.0 here.
Tap into the power of AppExpert!
Virtualize your servers, desktops, applications; the benefits are clear, it's a question of when not if - sure get that. Virtualization is not an end point, but an enabler of a more flexible and efficient compute environment - ok get that too. Ultimately virtualization must enable IT to contribute to better business results. What about other parts of the IT infrastructure beyond servers, clients and applications? Are we evolving to having islands of virtual clients and servers connected via a static network infrastructure? See this post in Archimedius for more on this theme.
Not to be left behind in the dust of server virtualization, network interconnects are also marching toward being enabled in dynamic virtual environments. Case in point is HP's recent introduction of its Virtual Connect Flex-10 technology, a new component in HP's Virtual Connect architecture. Flex-10 enables you to add 4x more NICs to each server blade without more hardware. In addition to supporting oodles of connections and NICS, Flex-10 provides the ability to dynamically adjust bandwidth for each network connection on the fly. With HP Flex-10 technology, you choose how many NICs are on each server and can adjust the bandwidth of each NIC in increments of 100 Mb.
This HP Flex-10 product is an example of how it is not just servers that can be virtualized and illustrates how the days of static infrastructure will soon be over. HP product details are posted here. Seems those HP hardware folks have some cool few new virtualization solutions to share beyond their XenServer based virtualization solutions. I'm now wondering how long before those virtualized server workloads are able to talk intelligently with the network infrastructure to automate and optimize the cloud ....?
As described in part 1 of this blog series, the cloud is not the answer for every enterprise or every workload. This is true based on the current economics even without considering additional factors like security, control and SLA's. On the other hand the economics do point out a major cloud advantage when it comes to short term or variable workloads. ( pointed out by Michael Keen and Billy Marshal as well ) Perhaps this is not very surprising to many, but it does help to look at the numbers to put it in perspective. The largest Intrinsic cost advantage of the Cloud is the ability to share infrastructure among multiple customers ( i.e. Multi-Tenancy and/or Multi-Instance ). This comes into play when many customers have variable workloads that are not likely to overlay at the same time. A Cloud infrastructure can load balance this workload on-demand significantly reducing the cumulative infrastructure required to support N number of customer workloads.
A Premise only solution will typically deploy the infrastructure required to accommodate the anticipated peak demand plus a factor of safety. As a result excess capacity is built into every deployment even if it is rarely ( or never ) utilized. This formula gets very expensive for many scenarios such as implementing a redundant DR solution across multiple data centers or a retailer building infrastructure to accommodate the Christmas shopping season but paying for it all year. As noted in the Cloud 101 example however, when a premise based is well utilized it can be the most cost effective solution to stay with especially if the on-site facilities can accommodate the anticipated growth.
The following Premise Plus Cloud scenario provides an optimized view of where a fully utilized premise infrastructure is used for constant predictable workloads and the Cloud is used for the variable workload. To put some simple numbers to it based on the original example, let's assume that the constant workload is roughly equal to 5 Quadcore server capacity. The variable workload on the other hand peaks at 160% of the base requirement, however it is required only about 400 hours per year, which could translate to 12 hours a day for the month of December or 33 hours per month for peak loads such as test or batch loads. The cost for a premise only solution for this situation comes to roughly 2X or $ 15,600 per year assuming existing space and a 20% factor of safety above peak load. If on the other hand you were able to utilize a Cloud for only the peak loads the incremental cost would be only $1,000. ( Based on Amazon EC2 )
| Premise Only | |
|---|---|
| $ 15,600 | Annual cost ( 2 x 7,800 from Part 1 ) |
| Premise Plus Cloud | |
|---|---|
| $ 7,800 | Annual cost from Part 1 |
| $ 1,000 | Cloud EC2 - ( 400 x .8 x 3 ) |
| $ 8,800 | Annual Cost Premise Plus Cloud |
As noted for this example the server cost of using a Premise Plus Cloud solution could save as much as 44%. This does not factor in many costs that either the Premise only scenario or Premise Plus Cloud would face but those costs vary according to the situation. So the challenge is how to identify variable workloads that can be placed in the Cloud or split between premise and cloud. The CSP ( Cloud Service Provider ) must also provide the proper infrastructure and remote administration to enable corporate IT to control and manage applications and images in the extended cloud as a virtual private network of their own. Economics aside, the CSP also needs to address the SLA's and security concerns that corporate IT has identified as prerequisites for adoption. Given the intrinsic cost savings possible as portrayed in this example, there is little doubt that CSP's will fill the gaps and the industry will move to Premise Plus Cloud solutions.
There is an interesting debate going on over on the Google cloud computing group that also helps point out some of the appropriate use cases for cloud computing. The example used is a simple comparison of Amazon EC2 vs. purchasing a set of servers for development purposes ( I have added some additional costs and scenarios below ) This example also assumes the servers fit in existing space and either environment would be managed by existing staff.
| |
Purchase - on Premise |
|---|---|
| $ 15,000 |
Quad-Core Servers ( 5 x 3,000 each ) |
| $ 750 |
1/2 Rack + Gigabit Switch |
| $ 15,750 |
Total Hardware cost |
| $ 5,800 |
Annual amortized cost, 5% over 3 years |
| $ 0 |
Assuming no incremental real estate cost |
| $ 2,000 |
Annual power & AC cost |
| $ 7,800 |
Total annual cost on premise |
| Purchase - at Colo |
|
|---|---|
| $ 8,000 |
Colo fee's; 1/2 Rack + power + bandwidth |
| $ 5,800 |
Annual amortized cost |
| $ 13,800 |
Total annual cost at Colo |
| Cloud |
|
|---|---|
| $ 35,040 |
24x365x5 Amazon EC2 ( $.80 per high CPU Server instance hour ) |
| $ 8,320 |
40 hours x 52 weeks |
| $ 688 |
40 hours x 4.3 weeks |
On the surface it's apparent that EC2 is significantly more expensive if the set up is utilized 24x7x365, even a 40 hour week yields a slightly higher cost. So where is all the savings ? What's all the hype about ? This simple example does point out that the Cloud is not always a more cost effective solution it really comes down to what is the particular use case and alternative costs. For example if there is no space available or the existing space has reached the power limits of the facility ( a more common occurrence ). That means that the likely scenario is finding a Colo facility to provide space power and bandwidth. Depending on location and bandwidth usage this could easily cost $8,000+ per year plus additional remote administration hardware and service fees, effectively increasing the annual cost of purchased equipment to near $ 14,000. Although this option is still less than Amazon if utilized 24x7x365, it now is significantly more than the cost of the 40 hour week at EC2 which may be reality for a development environment. And if you only need the setup for a month of dev or testing Amazon becomes a no brainier.. put on your credit card !
What both examples point out are the fact that there is no single answer. In fact the right answer for many companies might be premise plus cloud. In order for this to work for a single workload however a seamless connection would be required, recognizing this has led to the Citrix Cloud Bridge based on our WANScaler acceleration technology. In fact, Citrix is in the unique position to be able to assemble the prerequisite technologies that make the C3 Citrix Cloud Center an optimized solution for many scenarios.
There are many other pro's, con's and hidden costs of each option, I am interested to hear what the community has considered regarding Cloud economics and/or other factors.