G00261698 Magic Quadrant for Cloud Infrastructure as a Service Published: 28 May 2014 Analyst(s): Lydia Leong, Douglas Toombs, Bob Gill, Gregor...

G00261698

Magic Quadrant for Cloud Infrastructure as a Service

Published: 28 May 2014

Analyst(s): Lydia Leong, Douglas Toombs, Bob Gill, Gregor Petri, Tiny Haynes

The market for cloud compute infrastructure as a service (a virtual data

center of compute, storage and network resources delivered as a service) is

still maturing and rapidly evolving. Strategic providers must therefore be

chosen carefully.

Market Definition/Description

Cloud computing is a style of computing in which scalable and elastic IT-enabled capabilities are

delivered as a service using Internet technologies. Cloud infrastructure as a service (IaaS) is a typeof cloud computing service; it parallels the infrastructure and data center initiatives of IT. Cloud

compute IaaS constitutes the largest segment of this market (the broader IaaS market also includescloud storage and cloud printing). Only cloud compute IaaS is evaluated in this Magic Quadrant; itdoes not cover cloud storage providers, platform as a service (PaaS) providers, software as aservice (SaaS) providers, cloud services brokerages or any other type of cloud service provider, nordoes it cover the hardware and software vendors that may be used to build cloud infrastructure.Furthermore, this Magic Quadrant is not an evaluation of the broad, generalized cloud computingstrategies of the companies profiled.

In the context of this Magic Quadrant, cloud compute IaaS (hereafter referred to simply as "cloud

IaaS" or "IaaS") is defined as a standardized, highly automated offering, where compute resources,

complemented by storage and networking capabilities, are owned by a service provider and offeredto the customer on demand. The resources are scalable and elastic in near real time, and metered

by use. Self-service interfaces are exposed directly to the customer, including a Web-based UI andan API. The resources may be single-tenant or multitenant, and hosted by the service provider oron-premises in the customer's data center. We draw a distinction between cloud infrastructure as a service, and cloud infrastructure as a

technology platform ; we call the latter cloud-enabled system infrastructure (CESI). In cloud IaaS, the

capabilities of a CESI are directly exposed to the customer through self-service. However, other services, including noncloud services, may be delivered on top of a CESI; these cloud-enabled

services may include forms of managed hosting, data center outsourcing and other IT outsourcing

services. In this Magic Quadrant, we evaluate only cloud IaaS offerings; we do not evaluate cloud-enabled services. (See "Technology Overview for Cloud-Enabled System Infrastructure," "Technology Overview for Cloud-Enabled Managed Hosting" and "Don't Be Fooled by Offerings Falsely Masquerading as Cloud Infrastructure as a Service" for more on this distinction.)

This Magic Quadrant covers all the common use cases for cloud IaaS, including development and

testing, production environments (including those supporting mission-critical workloads) for both

internal and customer-facing applications, batch computing (including high-performance computing

[HPC]) and disaster recovery. It encompasses both single-application workloads and "virtual datacenters" (VDCs) hosting many diverse workloads. It includes suitability for a wide range ofapplication design patterns, including both "cloud-native" application architectures and enterpriseapplication architectures.

This Magic Quadrant primarily evaluates cloud IaaS providers in the context of the fastest-growing need among Gartner clients: the desire to have a "data center in the cloud," where the customerretains most of the IT operations responsibility. Gartner's clients are mainly enterprises, midmarket

businesses and technology companies of all sizes, and the evaluation focuses on typical clientrequirements.

This Magic Quadrant strongly emphasizes self-service and automation in a standardized

environment. It focuses on the needs of customers whose primary need is self-service cloud IaaS,although it may be supplemented by a small amount of colocation or dedicated servers.

Organizations that need significant customization or managed services for a single application, or

that are seeking cloud IaaS as a supplement to a traditional hosting solution ("hybrid hosting"),

should consult the Magic Quadrants for Managed Hosting instead ("Magic Quadrant for ManagedHosting, North America," "Magic Quadrant for European Managed Hosting" and "Magic Quadrant

for Cloud-Enabled Managed Hosting, Asia/Pacific"). Organizations that do not want self-service, but

instead want managed services with an underlying CESI, should consult our Magic Quadrants for

data center outsourcing and infrastructure utility services ("Magic Quadrant for Data CenterOutsourcing and Infrastructure Utility Services, North America," "Magic Quadrant for Data CenterOutsourcing and Infrastructure Utility Services, Europe" and "Magic Quadrant for Data CenterOutsourcing and Infrastructure Utility Services, Asia/Pacific").

This Magic Quadrant evaluates only solutions that are delivered in an entirely standardized fashion

— specifically, public cloud IaaS, along with private cloud IaaS that uses the same or a highlysimilar platform. Although most of the providers in this Magic Quadrant do offer custom privatecloud IaaS, we have not considered these offerings in our evaluations. Organizations that are

looking for custom-built, custom-managed private clouds should use our Magic Quadrants for datacenter outsourcing and infrastructure utility services instead (see above).

Understanding the Vendor Profiles, Strengths and Cautions

IaaS providers that target enterprise and midmarket customers generally offer a high-quality

service, with excellent availability, good performance, high security and good customer support.Exceptions will be noted in this Magic Quadrant's evaluations of individual providers. Note that

when we say "all providers," we specifically mean "all the evaluated providers included in this MagicQuadrant," not all cloud IaaS providers in general. Keep the following in mind when reading thevendor profiles:

Page 2 of 50 Gartner, Inc. | G00261698 v All of the providers have a public cloud IaaS offering. Many also have an industrialized private cloud offering, where every customer is on standardized infrastructure and cloud managementtools, although this may or may not resemble the provider's public cloud service in either

architecture or quality. A single architecture and feature set and cross-cloud management, for

both public and private cloud IaaS, make it easier for customers to combine and migrate across

service models as their needs dictate, and enable the provider to use its engineering

investments more effectively. All the providers also offer custom private clouds, unlessotherwise noted.

v Most of the providers are oriented toward the needs of traditional IT operations, with an

emphasis on control, governance and security, and the ability to run both new applications and

legacy workloads. The providers that are oriented toward the needs of developers are noted assuch; these providers typically emphasize easy access to infrastructure for individuals who arebuilding new applications. Some developer-oriented offerings target small or midsizebusinesses (SMBs) and startups, and lack the features needed by enterprises and midmarketentities.

v Most of the providers have resilient infrastructure, achieved through redundant infrastructure in conjunction with virtual machine (VM) clustering, or the ability to rapidly detect VM failure andimmediately restart it on different hardware. They are thus able to offer very high SLAs forinfrastructure availability — sometimes as high as 99.999% (sometimes expressed as a 100%SLA with a 10-minute exclusion). Offerings without VM clustering or fast VM restart — which

provide higher levels of infrastructure availability than can be expected from a single physicalserver — are noted as lacking autorestart.

v Most of the providers have maintenance windows that result in downtime of the control plane (including the GUI and API), and may require infrastructure downtime. Some offerings can utilizelive migration of VMs, largely eliminating the need for downtime to perform host maintenance,but this does not eliminate maintenance windows in general.

v In general, monthly compute availability SLAs of 99.95% and higher are the norm, and they are typically higher than availability SLAs for managed hosting. Service credits for outages in a

given month are typically capped at 100% of the monthly bill. This availability percentage is

typically non-negotiable, as it is based on an engineering estimate of the underlyinginfrastructure reliability. Maintenance windows are normally excluded from the SLA.

v Some providers have a compute availability SLA that requires the customer to use compute

capabilities in at least two fault domains (sometimes known as availability zones or availabilitysets); an SLA violation requires both fault domains to fail. Providers with an SLA of this type areexplicitly noted as having a multi-fault-domain SLA.

v Very few of the providers have an SLA for compute or storage performance. However, most of the providers do not oversubscribe compute or RAM resources; providers that do not guarantee

resource allocations are noted explicitly. Storage performance varies considerably betweenproviders. Some providers can offer tiered storage with a solid-state drive (SSD) option.

v Many providers have additional SLAs, covering network availability and performance, customer service responsiveness and other service aspects.

Gartner, Inc. | G00261698 Page 3 of 50 v Infrastructure resources are not normally automatically replicated into multiple data centers unless otherwise noted; customers are responsible for their own business continuity. Someproviders offer optional disaster recovery solutions.

v All providers offer, at minimum, per-hour metering of VMs, and some can offer shorter metering

increments, which can be more cost-effective for short-term batch jobs. Providers charge on aper-VM basis unless otherwise noted. Some providers offer either a shared resource pool (SRP)pricing model or are flexible about how they price the service. In the SRP model, customerscontract for a certain amount of capacity (in terms of CPU and RAM), but can allocate thatcapacity to VMs in an arbitrary way, including being able to oversubscribe that capacity

voluntarily; additional capacity can usually be purchased on demand by the hour.

v Some of the providers allow customers to choose arbitrary-size VMs — any combination of virtual CPUs (vCPUs), RAM and VM storage, subject to some limits. Providers that do not allow

this are explicitly noted as offering fixed-size VMs. Some providers with fixed-size VMs have avery limited range of VM sizes, while others have a wide variety of sizes and suit a broad rangeof use cases. Some providers who offer arbitrary-size VMs may enforce a maximum ratiobetween vCPUs and RAM.

v Most of the providers can resize an existing VM without needing to reprovision it; those that cannot are explicitly noted as offering nonresizable VMs. Some of the providers can resize anexisting VM without needing to reboot it.

v Most of the providers can provision a basic Linux VM within 5 minutes (although this will increase with large OS images, and Windows VMs typically take somewhat longer). Those that

cannot are noted as having slow provisioning. Most providers can do simultaneous provisioning

of multiple VMs; for example, provisioning 20 VMs will finish about as quickly as one VM. Those

that cannot are noted as such, and the degradation can be significant (some providers takeover an hour to provision 20 VMs). Nonsimultaneous provisioning has a major negative impact

in disaster recovery, instant high-scalability and batch-computing scenarios.

v Some of the providers are able to offer an option for single-tenant VMs within a public cloud

IaaS offering, on a fully dynamic basis, where a customer can choose to place a VM on a hostthat is temporarily physically dedicated to just that customer, without the customer needing tobuy a VM that is so large that it consumes the whole physical host. These VMs are typicallymore expensive than VMs on shared hosts. Providers that have this option are noted as such.

v Some of the providers are able to offer "bare metal" physical servers on a dynamic basis. Due to the longer provisioning times involved for physical equipment (two hours is common), theminimum billing increment for such servers is usually daily, rather than hourly. Providers with abare-metal option are noted as such.

v All the providers offer an option for colocation, unless otherwise noted. Many customers have

needs that require a small amount of supplemental colocation in conjunction with their cloud —most frequently for a large-scale database, but sometimes for specialized network equipment,

software that cannot be licensed on virtualized servers, or legacy equipment. Colocation is

specifically mentioned only when a service provider actively sells colocation as a stand-aloneservice; a significant number of midmarket customers plan to move into colocation and thengradually migrate into that provider's IaaS offering.

Page 4 of 50 Gartner, Inc. | G00261698 v Typically, the storage associated with an individual VM is persistent. However, some providers

have ephemeral storage, where the storage exists only during the life of the VM; if the VM goes

away unexpectedly (for instance, due to hardware failure), all data in that storage is lost.Ephemeral storage is always noted explicitly.

v All the providers offer VM-independent block storage unless otherwise noted. A few providers

allow storage volumes to be mounted on multiple VMs simultaneously, although customersmust correctly architect their solutions to ensure data integrity (just as they would with atraditional storage array).

v All the providers offer object-based cloud storage, unless otherwise noted. In many cases, this service is integrated with a content delivery network (CDN).

v All the providers have a private WAN that connects their data centers, unless otherwise noted.

They offer an option for private network connectivity (usually in the form of Multiprotocol LabelSwitching [MPLS] or Ethernet purchased from the customer's choice of carrier), between theircloud environment and the customer's premises, unless otherwise noted. Providers for whichwe state "third-party connectivity is via partner exchanges" are ones where private connectivityis obtained via cross-connect in the data centers of select partners, such as Equinix; this alsomeets the needs of customers who require colocated equipment. Some carriers may also have

special products for connecting to specific cloud providers — for example, AT&T NetBond andVerizon Secure Cloud Interconnect.

v Most of the providers support the use of Internet-based IPsec VPN (virtual private networking). All the providers allow customers to have VMs with only private Internet Protocol (IP) addresses

(no public Internet connectivity), and also allow customers to use their own IP address ranges,unless otherwise noted. Some providers may enforce secure access to management consoles,restricting access to VPNs or private connectivity.

v All the providers claim to have high security standards. The extent of the security controls provided to customers varies significantly, though. All providers offer multifactor authentication

(MFA), unless otherwise noted. Most providers offer additional security services. All the

providers evaluated can offer solutions that will meet common regulatory compliance needs,

unless otherwise noted. All the providers have SSAE 16 audits for their data centers (see Note1), and some may have ISO 27001 audits for their cloud IaaS offering (see Note 2); auditsshould not be taken as indications of security.

v Most providers offer a firewall (intrusion detection system/intrusion prevention system) as part of their offering, although a few offer only access control lists (ACLs) and a few offer no self-service network security at all; this will always be explicitly noted. All providers providedistributed denial of service (DDoS) attack mitigation, unless otherwise noted.

v All the providers offer customers a self-service ability to create complex network topologies with multiple network segments and multiple virtual network interface cards (NICs), unlessotherwise noted.

v All the providers allow customers to bring their own VM images, unless otherwise noted. This allows a customer to create snapshots of existing VMs within their own internal data center, and

Gartner, Inc. | G00261698 Page 5 of 50 then directly import them via self-service into the provider's cloud, rather than having to start from the provider's own VM image library. This also allows the import of VM appliances andother prepackaged VM images from independent software vendors (ISVs). All providers allow

storage snapshots and have the ability to turn the snapshot into a VM image, unless otherwise

noted. All the providers have the ability to do bulk import and export of data on physical media,unless otherwise noted.

v Some providers allow customers to create provisioning templates that group multiple resources, including compute, storage and network elements, and allow them to be provisioned

as a unit. Some of the providers also have post-provisioning hooks, allowing customers to run

scripts after VM provisioning is complete but before the VM is available for login.

v All the providers offer self-service monitoring as an option, unless otherwise noted. A few offer trigger-based autoscaling, which allows provisioning-related actions to be taken based on a

monitored event. Some providers offer schedule-based autoscaling, which allows provisioning-related actions to be executed at a particular time.

v All the providers offer self-service, front-end load balancing, unless otherwise noted. All also

offer back-end load balancing (used to distribute load across the middle and back-end tiers ofan application), unless otherwise noted.

v All the providers offer a portal and self-service mechanism that is designed for multiple users

and that offers hierarchical administration and role-based access control (RBAC). However, thedegree of RBAC granularity varies greatly. From most to least control, RBAC can be perelement, tag, group or account. Unless stated otherwise, a provider's RBAC applies across theaccount. Providers typically predefine some roles; the ability to have customer-defined rolesoffers more control, and is noted where available. We strongly recommend that customers thatneed these features, but that want to use a provider that does not have strong support for them,evaluate a third-party management tool, such as Dell Cloud Manager (formerly Enstratius),RightScale or ServiceMesh (acquired by CSC).

v All providers log events such as resource provisioning and deprovisioning, VM start and stop,

and account changes, and allow customers self-service access to those logs for at least 60days, unless otherwise noted.

v All providers, unless otherwise noted, offer the ability to place metadata tags on provisioned resources, and to run reports based on them, which is useful for internal showback orchargeback. Some providers also offer cost control measures such as quotas (limits on what auser can provision) and leases (time-limited provisioning of resources).

v All providers offer enterprise-class support with 24/7 customer service, via phone, email and

chat, along with an account manager. Most providers include this with their offering. Some offera lower level of support by default, but allow customers to pay extra for enterprise-classsupport.

v All the providers will sign contracts with customers, can invoice, and can consolidate bills from

multiple accounts. While some may also offer online sign-up and credit card billing, theyrecognize that enterprise buyers prefer contracts and invoices. Some will sign "zero dollar"contracts that do not commit a customer to a certain volume.

Page 6 of 50 Gartner, Inc. | G00261698 v All the providers evaluated are believed to be financially stable, with business plans that are

adequately funded. Customers should not need to worry about them going out of business.However, many of the smaller providers are likely to be potential acquisition targets; anacquisition can cause significant changes in the strategy and direction of a business, and mayresult in a service transition period if the merged companies consolidate their platforms.

Furthermore, small IaaS businesses within large vendors may be subject to turmoil if the vendorchanges its overall cloud strategy.

v Many of the providers have white-label or reseller programs, and some may be willing to license their software. We mention software licensing only when it is a significant portion of theprovider's business; other service providers, not enterprises, are usually the licensees. We donot mention channel programs; potential partners should simply assume that all these

companies are open to discussing a relationship. (See "Infrastructure as a Service in the CloudServices Value Chain" for details.)

v Most of the providers offer optional managed services on IaaS. However, not all offer the same

type of managed services on IaaS as they do in their broader managed hosting or data centeroutsourcing services. Some may have managed services provider (MSP) or system integrator(SI) partners that provide managed and professional services.

v All the evaluated providers offer a portal, documentation, technical support, customer support

and contracts in English. Some can provide one or more of these in languages other than

English. Most providers can conduct business in local languages, even if all aspects of serviceare English-only. Customers who need multilingual support will find it very challenging to sourcean offering.

Format of the Vendor Descriptions

When describing each provider, we first briefly summarize the nature of the company and then

provide information about its public cloud IaaS offerings (and any single-tenant offerings that areotherwise identical), in the following format: Locations: Cloud IaaS data center locations by country, languages that the company does

business in, and languages that technical support can be conducted in.Compute, storage, network and security notes: Notes on the offering, including any missing core

functionality or significant features, compared with the standard functionality discussed above.Other notes: We list other capabilities of note, including important missing capabilities. We

specifically note other cloud-related services, such as cloud storage (which all providers have, unless otherwise noted), as well as the availability of managed services, even though those service

offerings are not specifically evaluated in the context of this Magic Quadrant, because they are

capabilities frequently requested by customers in conjunction with cloud IaaS. (See "Market Insight:Customers Need Hybrid Cloud Compute Infrastructure as a Service" for details.)

In the compute notes, we state the basis of each provider's virtualization technology and, if relevant, its cloud management platform (CMP). We also state what APIs it supports — the Amazon Web

Gartner, Inc. | G00261698 Page 7 of 50 Services (AWS), OpenStack and vCloud APIs are the three that have broad adoption, but many

providers also have their own unique API. Note that supporting one of the three common APIs does

not provide assurance that a provider's service is compatible with a specific tool that purports to

support that API; the completeness and accuracy of API implementations vary considerably.Furthermore, neither the use of the same underlying CMP nor API compatibility indicates that two

services are interoperable. Specifically, OpenStack-based clouds differ significantly from oneanother, limiting portability; the marketing hype of "no vendor lock-in" is, practically speaking,untrue. For many customers, the underlying hypervisor will matter, particularly for those that intend to run commercial software on IaaS. Many ISVs support only VMware virtualization, and those vendorsthat support Xen may support only Citrix XenServer, not open-source Xen (which is oftencustomized by IaaS providers and is likely to be different from the current open-source version). Services that use VMware's virtualization technologies are labeled as follows:

v vCloud Datacenter Service. This service has been certified to meet VMware's globally

consistent service definitions, security and regulatory compliance requirements, and requirements for availability and high performance. It is based on a prescriptive architecture

intended to maximize portability between providers of vCloud Datacenter Service and abusiness's own VMware-virtualized data center infrastructure. Only 10 providers worldwide

have such a service and most of them do not yet have a significant customer base on thisplatform. These providers also meet the requirements for being vCloud Powered.

v vCloud Powered. These providers are part of VMware's service provider partner program. The

service is based on VMware's vSphere and vCloud Director (vCD), exposes the vCloud API, and supports the Open Virtualization Format (OVF) for image upload and download. Unless

otherwise stated, these providers expose the vCD UI to customers. Because the vCD features

exposed can be customized by the service provider, and the service provider typically needs to

provide an array of features not included in vCD (such as monitoring), there is still significantdifferentiation between vCloud Powered providers. In a vCloud Powered offering with the vCD

UI exposed, vCD is used to drive self-service management and provide a service catalog. vCD

is a key part of VMware's strategy for driving adoption of hybrid internal-external cloud IaaS,and facilitates interoperability between VMware-virtualized infrastructures, regardless ofwhether they are internal to a business or offered by a service provider. vCD provides the

capability to manage very complex infrastructure needs, but also requires a greater investment

in training and setup time from an IT administrator in order to facilitate easier self-service forusers.

v vCloud Express. vCloud Express is a VMware-defined offering aimed at developers and small

businesses, with online sign-up, credit card payment, self-service and by-the-hour service.

v VMware-virtualized. This service uses VMware's hypervisor, but is not a vCloud Datacenter,

vCloud Powered or vCloud Express service. Many such offerings are high-quality services from early, market-leading innovators; these providers typically entered the market before vCDbecame available and have elected to continue to develop their own technology.

Page 8 of 50 Gartner, Inc. | G00261698 We summarize all of the provider descriptions, including a comparison of their capabilities against

our baseline expectation of capabilities, in tabular format in "Toolkit: Comparison Matrix for CloudInfrastructure-as-a-Service Providers, 2014." We provide a detailed list of evaluation criteria in "Evaluation Criteria for Cloud Infrastructure as a Service." Our "Critical Capabilities for Public Cloud Infrastructure as a Service" provides a use-

case-focused technical evaluation of the public cloud IaaS offerings of the included providers.

Recommended Uses

For each vendor, we also provide recommendations for use. The most typical recommended uses are:

v Cloud-native applications. These are applications specifically architected to run in a cloud IaaS

environment, using cloud transaction processing (TP) principles.

v E-business hosting. These are e-marketing sites, e-commerce sites, SaaS applications, and

similar modern websites and Web-based applications. They are usually Internet-facing. They

are designed to scale out and are resilient to infrastructure failure, but they might not use cloudTP principles.

v General business applications. These are the kinds of general-purpose workloads typically

found in the internal data centers of most traditional businesses; the application users are

usually located within the business. Many such workloads are small, and they are often notdesigned to scale out. They are usually architected with the assumption that the underlyinginfrastructure is reliable, but they are not necessarily mission-critical. Examples include intranetsites, collaboration applications such as Microsoft SharePoint, and many business processapplications.

v Enterprise applications. These are general-purpose workloads that are mission-critical, and they

may be complex, performance-sensitive or contain highly sensitive data; they are typical of a

modest percentage of the workloads found in the internal data centers of most traditionalbusinesses. They are usually not designed to scale out, and the workloads may demand largeVM sizes. They are architected with the assumption that the underlying infrastructure is reliableand capable of high performance.

v Development environments. These workloads are related to the development and testing of

applications. They are assumed not to require high availability or high performance. However, they are likely to require governance for teams of users.

v Batch computing. These workloads include high-performance computing (HPC), "big data"

analytics and other workloads that require large amounts of capacity on demand. They do not require high availability, but may require high performance.

For all the vendors, the recommended uses are specific to self-managed cloud IaaS. However,many of the providers also have managed services, as well as other cloud and noncloud services

that may be used in conjunction with cloud IaaS. These include hybrid hosting (customers

sometimes blend solutions, such as an entirely self-managed front-end Web tier on public cloud

Gartner, Inc. | G00261698 Page 9 of 50 IaaS, with managed hosting for the application servers and database), as well as hybrid IaaS-PaaS

solutions. Even though we do not evaluate managed services, PaaS and the like in this Magic

Quadrant, they are part of a vendor's overall value proposition and we mention them in the contextof providing more comprehensive solution recommendations.

Magic Quadrant

Figure 1. Magic Quadrant for Cloud Infrastructure as a Service

Source: Gartner (May 2014)

Page 10 of 50 Gartner, Inc. | G00261698