by Paul Sidorenko, JD, ClearPath

The ripple effects from recent global financial turmoil has confronted network service providers with a host of short term macroeconomic assaults: broadband customers are going out of business, economic and regulatory uncertainty makes strategic planning difficult and increased competition from upstart newcomers targets your bottom line. However, the long-term challenge for providers of business broadband services remains the same: price erosion and commoditization of broadband services. As broadband has shifted from being a technological breakthrough to a price driven commodity, service providers have been facing a "race to the bottom" on pricing which impacts revenues, share price and overall financial performance. In today's challenging market, customers in the most price-sensitive segments, SMEs and distributed enterprises, are much more likely to select their business broadband service from the lowest cost provider with little or no regard for brand loyalty or their length of relationship with their current provider. Even when these customers stay, they often demand financial incentives and discounts to remain with their current service provider. These challenges will persist regardless of short-term macroeconomic conditions - they are a natural consequence of the maturation of the business broadband market.  


"The long-term challenge for providers of business broadband services remains the same: price erosion and commoditization of broadband"

This trend has prompted some service providers to shift from market innovation to mergers and acquisitions as one way to add scale and drive growth. However, as acquisitions rarely achieve their anticipated financial results, virtually all network service providers have focused on data centers and the cloud as the primary growth strategy to both enhance their core broadband offerings and to create new revenue streams. For the SME and distributed enterprise market, this focus has been on network security and infrastructure management services. While cloud services represent one of the most significant market opportunities to profitably deliver these services, executing a cloud strategy effectively can be an elusive goal if the pain points, decision drivers and technologies required to deliver the services profitably are not carefully considered. While understanding pain points and decision drivers are important, the main challenge with implementing an effective cloud strategy is the technology used to deliver these services. Simply stated: traditional technologies for enhancing broadband with value-added services are too complex, too expensive and not scalable enough to efficiently and profitably deliver these services. With the next generation of cloud service technologies driving new efficiencies, a paradigm shift has been created that enables the savvy service provider to efficiently and profitably deliver cloud services. By strategically employing these new technologies, they can avoid the "race to the bottom" by offering their customers a truly differentiated broadband offering - not a commodity, but an indispensable and strategic business asset for their customer. Those that succeed will preserve their competitive edge, increase market share, reduce customer churn and maximize average line ARPU. Those that fail to heed the market demands, do so at their peril.

 Knowing Your Market -

Cloud Services for SME and Distributed Enterprise

To understand what an effective cloud strategy must deliver, it is first important to understand the pain points and decision drivers of the SME and distributed enterprise market when it comes to managing and securing their business networks. These are:

  • Lack of Resources
  • Lack of Expertise
  • Increased Business Risk
  • Lack of Capital for Network Infrastructure

As smaller and highly distributed businesses increasingly rely on the web to run applications and move information between their offices, tele-workers, travelers, trading partners and mobile users, they also face greater challenges with managing and justifying the cost of infrastructure required to accomplish these tasks. Maintaining disparate network hardware and software elements are complex and the costs to maintain, secure and manage mission critical network environments are high.

While these concerns are not unique to SME and distributed enterprise, they are particularly relevant to this market segment because their reliance on cost efficiency makes them particularly sensitive to the resource commitments required to manage them properly. This is a global problem for all SME – there is no particular geography or vertical market that is not affected. While it is not surprising that smaller businesses have to manage with less, it is in the realm of IT infrastructure that these companies are most typically understaffed. As a result, their offices and locations typically lack the expertise to manage IT infrastructure properly. However, even as they lack the expertise to manage these assets, they increasingly rely on the Internet to communicate, conduct commercial transactions, and interact with their customers, partners and suppliers. They are sharing and exposing more data over the public Internet than ever before. This cycle exposes them to an ever-increasing level of business risk by the very Internet they embrace as the life-blood of their commercial enterprise. Unlike larger enterprises, SMEs do not set aside budget for network infrastructure in a structured manner and cannot amortize the costs of that infrastructure across the enterprise as effectively as larger companies. With efficient deployment of cloud services, the network service provider supplying business broadband to this customer is in the best position to deliver these services. Addressing these pain points will differentiate that service and attract and retain these business broadband customers.

Critical Success Factors for Cloud Security and Infrastructure Services

Traditional methods of delivering value-added services - even so-called cloud services that are only backed up by a data center - typically fall far short of the mark when it comes to efficient and profitable service delivery. These services cannot add value to either the customer nor the service provider without considering the following critical success factors provided by the next generation of true cloud services:

  • Automation
  • Pre-Integration
  • Comprehensive Functionality
  • Ease of Use

With financial, technological and resource limitations, SME and distributed enterprise customers require robust solutions that solve their problems but at the same time, they must be capable of being delivered efficiently and profitably by the service provider. Because SME typically have extremely limited internal IT support and distributed enterprises don't have on site support at all locations, the solutions must be highly automated to minimize the amount of human interaction required to keep systems up and running. On the service provider end, automation minimizes the service provisioning and support resources that need to be devoted to an individual customer. Because SME and distributed enterprise each have limited on-site IT expertise, the services must be pre-integrated, comprehensive and easy to use.

At a higher level, the most critical characteristics of true cloud services are ease of implementation and use, elasticity and scalability. However, as one considers the real world of customer implementation and service delivery, two additional critical success factors of a differentiated cloud architecture become paramount: the ability to be flexible in implementation so that disparate customer requirements and environments can be accommodated and the ability to deliver these services in a unified and centralized manner. Service requests must have the ability to be made from any browser, including mobile devices. It is this lightweight, service-oriented approach that is the hallmark of the new paradigm of true cloud services.

By employing these critical success factors, service providers looking to tap into this large and lucrative market will be able to deliver high volume security services efficiently and profitably. The reason is simple: by leveraging the shared infrastructure and highly distributed nature of cloud-based service delivery, all these benefits can be delivered on demand at a fraction of the cost of traditional managed services or traditional appliance-based, on premises solutions.

Essential Attributes of the Cloud Model

The following characteristics should be considered essential when implementing any cloud-based security solution:


The most significant aspect of a true cloud model is multi-tenancy. Multi-tenancy remains the characteristic that delivers the greatest economic advantage and is the cornerstone of the new paradigm of efficient cloud services. Multi-tenancy is an architecture in which a single instance of a software application serves multiple customers (tenants). Tenants may be given the ability to customize some parts of the application, such as the view, login or management permissions in the user interface, but they cannot customize the application's code. Multi-tenancy is the fundamental basis for the improved economics of true cloud services because software development and maintenance costs are shared across the customer base. It can be contrasted with single-tenancy, an architecture in which each customer has their own version of the software and updates must be proactively managed by the customer or its service provider. With a multi-tenancy architecture, the provider only has to make updates once and that change propagates out to all users immediately. With a single-tenancy architecture, the provider has to touch multiple instances of the software in order to make updates.

Flexible Service Delivery Infrastructure

An efficient cloud services architecture can take advantage of a wide range of service delivery options in order to simplify service delivery while minimizing its cost. To reduce service delivery costs and increase scalability, cloud service providers at the forefront of the technology curve maintain the ability to provide hybrid cloud services that can both manage a gateway at the customer premise or entirely in the cloud and deliver it as a single, integrated service. These providers accomplish this by leveraging their shared back end systems with on-site hardware that sits at the customer's premises in a distributed delivery model. By employing the on site systems to manage local processing capabilities and management tasks while the back end shared infrastructure provides software and firmware updates, systems management and monitoring, an extraordinary level of service delivery can be achieved at minimal cost. Conversely, by offering up virtualization combined with remote access capabilities, cloud services can be delivered to any user in any location regardless of the local IT infrastructure.

End to End Service Delivery Capability

The scope of any cloud-based security service must encompass much more than just the basic security elements - it must provide an integrated platform covering the entire network infrastructure requirement, including Unified Security, Remote Monitoring, Service Automation and Infrastructure Management.

Any effective cloud security service must also possess tight integration with other infrastructure components as a unified network management solution – this is essential. This can include infrastructure components including wireless LAN management, integrated switching, load balancing, router management, remote access and managed NAT/PAT, LAN DHCP, and WAN QoS – these services must also be manageable from the cloud.

A key attribute of a comprehensive cloud services platform is efficient service delivery through the integration and automation of the customer workflow lifecycle. This includes integrated ordering, work-in-process management, configuration & post installation support capabilities and help desk that are all necessary to ensure service delivery is seamless and cost effective.

Another key element to efficient end-to-end service delivery is the ability to remotely monitor and manage delivery systems and applications, including the reporting and proactive notification systems to ensure that services are performing optimally. These capabilities must offer the end user both visibility & control of their environment.

Finally, customers must have the ability to self-service. This is essential both for the customer who requires the ability to manage and monitor their IT infrastructure in real time and for the service provider that must keep service and support calls to a minimum.

Automated Configuration and Management

The benefits of a true cloud service model go well beyond leveraging shared infrastructure. An essential characteristic of a true cloud service includes a high level of automation, pre-integration and ongoing system intervention that keeps things running without active user management.

This can include automated provisioning templates, system-activated maintenance protocols, proactive network monitoring and implementing "keep alive" technologies that maintain system performance and guarantee up time. Maintaining such a persistent "self healing" environment without user intervention enables the centralized cloud based asset to deliver tangible cost savings for both the service provider and the end user customer. Putting this intelligence in the cloud enhances the efficiencies of the shared back end infrastructure with an end-to-end service delivery wrap that truly leverages the power of the cloud and delivers a truly differentiated service.

Centralized Management Capability

The next logical step after implementing a highly efficient and automated service delivery architecture is delivering a centralized management environment that is easy to use. Because cloud-based systems can aggregate and pre-integrate numerous security and infrastructure services more efficiently, it follows that the management of these services should also be integrated. This approach makes sense for a variety of reasons:

  • Deployment and provisioning is faster. IT administrators can pre-set deployment and provisioning templates and manage deployment in a centralized manner, saving on-site configuration time and headaches.
  • Policy management is simpler. IT managers must manage security policies (e.g., what types of content is allowed to reach end users, what groups are allowed to view certain types of content, what computers/locations may connect with other computers/locations, etc.). If security is managed through a single interface, policy management is simpler than if administrators must manage policies through multiple interfaces.
  • It is easier to provision new users. If a new user can be added to the system and provisioned through a single interface, administrators' jobs are made easier. Similarly, it is easier and more efficient to manage existing users when policies need to be updated, or if a user is assigned a new role and their profile must be updated.
  • More granular control is available. Management through a single interface can provide more granular control over policies than if multiple interfaces and systems must be managed. Similarly, system monitoring and reporting functions can be more accurately managed when done through a single interface.
  • Content is managed in one repository. Managing content in a single repository can make life easier for administrators than if separate repositories must be managed.
  • Overall costs are lower. When multiple products or functions are procured from a single vendor, there are synergies that can be realized if security and network infrastructure is sourced and managed in a coordinated fashion, reducing the overall cost of managing the infrastructure, including training, maintenance, upgrades and support.
  • Coordinated management can provide a better roadmap for future services. Coordinated management can position an organization for easier and faster provisioning of future services as these become available. For example, a customer of security functions from a single vendor can implement an email and network policy more easily than if the policy must be implemented in multiple vendors' security systems.

Unique Challenges for the Service Provider

Service providers have traditionally struggled with delivering affordable managed services into the small business segment yet recognize that cloud services are the way to bridge the affordability gap for this underserved market segment. One key attribute to building a successful cloud services offering into this market segment is to cover all of their customer constituents within a single unified solution all managed from the same portal. Hardware must be managed from the cloud for corporate & larger branch office locations while virtual gateways residing in the cloud must be leveraged for smaller branch offices, home workers & telecommuters. Finally, mobility management must be fully integrated into this environment to manage mobile users that require security and access to corporate resources in the cloud or at corporate locations.


In an era of shrinking IT budgets and rapid technological evolution, business customers are looking to manage their network security as inexpensively as possible and are quick to embrace new technologies that can drive their security costs down. These challenges are compounded by the increasing commoditization of broadband services and make decisions on how to approach this market extremely important to the service providers that need to differentiate their services from the competition. The highly distributed nature of small and distributed enterprises and their limited IT budgets require that service delivery costs and logistics be minimized and simplified, respectively, if cloud-based services are to be delivered in an efficient and profitable manner. Moreover, the constantly evolving technologies leveraged to deliver cloud services make the choice of technologies and service delivery partners a critical one for service providers.

Service providers looking to leverage cloud technologies to deliver services profitably must make some careful decisions up front in order to avoid expensive and irreversible pitfalls. By leveraging the efficiencies of automation, shared infrastructure and pre-integration, a service provider can deliver security and network infrastructure at extremely low, predictable costs. By leveraging centralized service delivery, management and virtualization of network infrastructure, the service provider can deliver a more robust, lower cost security and infrastructure solution in every respect as compared to on-premise, traditionally managed or multi-vendor counterparts with much more predictable service and ownership costs – particularly with regard to minimizing start up and integration costs. Finally, service providers need to consider the option that gets them to market quickly and profitably and the new cloud services paradigm accomplishes this in every respect.

To identify the best plan to market, service providers also need to consider the practical aspects of customer use cases and implementation. These include the ability to be flexible in implementation to accommodate customer requirements and delivery of these services in a unified and centralized manner. Above all, the following critical success factors must be employed in any coherent cloud services strategy:

  • A multi-tenancy architecture that delivers the greatest economic advantage; • A flexible service delivery architecture;
  • A configuration and management system that includes a high level of automation, pre-integration and ongoing system intervention;
  • A centralized management environment that is easy to use;
  • An end to end service delivery capability that is tightly integrated with other service delivery and infrastructure components.

To learn more about ClearPath VSP, visit us at

Posted by Janine E. Mooney, Associate Editor