The 10 ‘hottest’ cloud technologies that matter to ‘us’ in the next two years

March 6th, 2015 by AnnMarie Jordan

Peter ffoulkes, Research Director for Servers and Cloud Computing

Internet news feeds seem to frequently try and tell us the top five, 10, or more things we need to know about on a specific day or about a specific topic. What confuses me most is who do ‘they’ think ‘we’ are, and how do they ‘know’ what matters to ‘us’? Well, the ‘us’ in this context is around 150 senior cloud computing professionals in Fortune 2000 enterprises that consume cloud computing technology and services, and what they plan to do in the next two years. The need to know most probably depends upon who you (‘Dear Reader’) are, and whether you are an enterprise consumer, a cloud enabling technology vendor, or a cloud service provider.

Where are enterprise cloud consumers investing their time, money and resources?

As the IT provider market transitions toward a cloud-driven delivery model for digital infrastructure delivery and service, the IT consumer market is adapting to the new paradigm. At the enterprise level, all of these things are in flux, but looking at the next two years, cloud platform, cloud performance management/monitoring, automated server provisioning, service catalogs and software-defined networking are the top five technologies garnering attention.


From the enterprise perspective, it is clear that the top five opportunities are related to private, on-premises cloud adoption, and that off-premises public cloud offerings, with the single exception of cloud storage services, don’t even register on the top 10.

Cloud journey exposes gaps in existing environments which require new investments

March 4th, 2015 by AnnMarie Jordan

Nikolay Yamakawa, Analyst for TheInfoPro

Many enterprises want to quickly transform their IT architectures into service-oriented, cloud-based models, but paying for it is often challenging. Cost/budget remains the most common pain point, as new challenges requiring considerable monetary investments bubble to the top.

Aging infrastructure and legacy software issues experienced the highest uptick in citations as top pain points between the studies. Aging infrastructure became the second most common pain point after cost/budget, increasing from 2% in 2H 2013 to 11% of citations in 2H 2014. Investments in up-to-date infrastructure are required for the cloud transformation. Legacy software issues that have to be resolved for cloud enablement are also becoming apparent, with the second-highest uptick in selections between the studies, increasing from 2% in the previous study to 7% now.


Despite the average and median server and virtualization budget spike in 2014, cost/budget remains the most common pain point, with 16% of selections. Decision-makers may know how to resolve some of the existing pain points, but are not always able to readily fund the efforts. Some server professionals originally planning to take the internal, on-premises cloud route may even consider getting out of private cloud and datacenter business in favor of public cloud along the way. We have seen that more enterprises consider internal cloud to be a cheaper option than public cloud, but these considerations may change as decision-makers uncover new gaps in their environments.

On a positive note, transformation to the cloud is remediating a number of other pain points, helping to justify the journey. Server professionals are improving infrastructure management and VM monitoring and management, which both dropped below 10% of selections as top pain points year-over-year. The automation component is helping enterprises to do more with less, where less personnel is required to perform certain tasks that are getting automated, contributing to a decline in insufficient resource pain between the studies.

The journey to the cloud-ready internal infrastructure continues, but there are many hard choices that server professionals will have to make along the way. Identifying pain points that can slow down the journey early on will help to construct a better roadmap to cloud-ready infrastructure and prioritize budget allocations accordingly.

Study respondents had the following commentary about the evolving pain points in their environments:

  • “Old hardware, goes hand in hand with old software. Old software running on old hardware that doesn’t lend itself to virtualization or integration, no source for it, has to be rewritten or a third party coming up with requirements, factors that limit a faster move forward to virtualization and cloud environments.” – LE, Industrial/Manufacturing
  • “Migrating apps to the cloud – most of our apps weren’t written to be scaled like that.” – LE, Telecom/Technology
  • “Old legacy infrastructure, especially old software that does not conform to modern resiliency.” – LE, Financial Services
  • “Increasing demand from the business while remaining on a fixed budget.” – LE, Financial Services
  • “Increased budget pressure, doing more with less.” – LE, Telecom/Technology
  • “All-around process – there’s a lot of confusion of roles, so we need to create a more efficient organization.” – LE, Industrial/Manufacturing


MSSP usage shift: SIEM is outsourced more often

March 2nd, 2015 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

he 2012 Information Security Study showed the most common uses among respondents of a managed security service provider (MSSP) to be intrusion detection (35%), firewall maintenance (21%), event log management (18%) and vulnerability assessment (13%). Security information event management (SIEM) was used by 7% of respondents as an MSSP service. Fast-forward to the most recent Information Security Study, and SIEM is the second-most-common use of an MSSP, at 40%. Intrusion detection has grown to 64% of MSSP users, while firewall maintenance has grown to 35%. Vulnerability management and log management have dropped in usage to 9% and 6%, respectively.


While how MSSPs are used has changed, overall usage has not changed much, moving from 37% ‘in use’ in 2012 to 38% as of the latest study. Dell (SecureWorks) has retaken the pole position in enterprises from Symantec, followed by Verizon, IBM and NTT Communications (which acquired Solutionary).

Quotes from the 2014 Wave 17 Information Security Study on MSSPs included the following:

  • “Moving away from capex, looking at software as a service, hosting, where we don’t have capital expense, moves it all into opex. Gives us some flexibility. We spend a lot on third-party services through traditional IT outsourcer organizations or MSSPs, looking to rebalance that to get more value out of the same spend. It will be reallocated, moved between vendors.” – LE, Consumer Goods/Retail •
  • “A lot of security people come from our MSSP organization. Difficult to estimate the internal folks. Plans to expand the IT security staff in 2015. Security metrics are published on a monthly basis.” – LE, Other •
  • “We have firewall monitoring. They also look at servers. We pass all the logs to them from every region in the world; they monitor for security incidents, alert us if something happens. They do not manage devices.” – LE, Other •
  • “What I would call an MSSP is a company you would call who takes your worries aware. We do outsource network risk management, patch management etc., to HP, IBM, BT and others.” – LE, Materials/Chemicals

Cloud backup gains enterprise excitement

February 27th, 2015 by AnnMarie Jordan

Marco Coulter, Vice President, TheInfoPro (a service of 451 Research)

Backup and excitement are not commonly paired. When asked about exciting backup vendors, some storage professionals bluntly say they do not get excited about backup. Pshaw, I say! With the de-duplication boom cooling off, there are still other technologies waiting in the wings. Ease of backup management remains a significant factor for excitement, with Veeam and CommVault receiving specific mentions for flexibility and simplicity. As we pointed out in How Actifio hit three markets with one technology, Actifio joined the leaders’ group this year by merging dev/test copy management into backup management.

The other newcomer here is cloud backup, now sixth-highest selection on this chart.


The idea of foisting backup onto someone else to manage seems to be exciting on its own, as there is no specific vendor or technology that is selected here. Asigra and Riverbed are mentioned.

Implementation of cloud backup does not match the excitement. There remains an age-old challenge to backup – the time it takes to create a copy of the data. Remote sites are seen as a good target for cloud backup. If you are moving the data from remote to datacenter anyway, why not just move it from remote to cloud location? Bandwidth may be the challenge to implementing cloud backup. Remote sites often receive the lowest bandwidth allocations, and some are even at the other end of satellite links. Even when caching, de-duplication and compression technologies allow backups to be taken efficiently over limited bandwidth, there is still the recovery window to be considered. What load will the cloud provider network and the enterprise’s network be under at the time of recovery?

While they have the instant appeal of taking over backup capacity management, cloud backup vendors will need to address the recovery window concerns before they will gain significant implementations in large and midsize enterprises.

  • “I don’t get excited about backups.” – LE, Energy/Utilities
  • “Veeam – you can create one backup image then do multiple types of recoveries. Very flexible and simple to use, from what I’ve seen.” – LE, Services: Business/Accounting/Engineering
  • “Cloud-based backup like Riverbed and other gateway products geared toward backup and archive [are exciting].” – LE, Education
  • “CommVault Simpana – they’re partnering well with storage vendors like NetApp.” – LE, Telecom/Technology
  • “Data Domain – I like how it handles de-dupe, and it’s a smart enough device that it can double as a NAS, help transfer data between locations, etc. Great flexibility.” – LE, Financial Services
  • “Some of the cloud solutions are interesting, but on the end of a VSAT, it’s not really an option.” – LE, Materials/Chemicals
  • “I look to vendors that have been around for a long time because I want reliability. That would be the artist known as Veritas, whoever owns them today, assume it’s the same folks. Can’t think of anybody that’s a close second.” – LE, Industrial/Manufacturing
  • “Quantum, I like the high-capacity tapes.” – LE, Industrial/Manufacturing
  • “I love Actifio, for sure. Wasn’t mature enough, but has made some strides. It’s exciting but needs to develop further.” – LE, Services: Business/Accounting/Engineering


IPv6: still a bridesmaid

February 25th, 2015 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

IPv6 continues to heavily be ‘in plan’ without going to ‘in use’ in many IT organizations; it ranked third on the latest Networking Study’s Heat Index. Issues that continue to hamper enterprise adoption include hardware support (for example, where hardware capacity or speed is affected); network application support, including monitoring; and even weak people support. Adoption will grow, being potentially in the critical path for growth of mobile connectivity and the related (if more future-reaching) ‘Internet of Things,’ and IPv4 will eventually meet its upper limit – but it remains unclear when large enterprises will make the switch.


2012 appeared to be IPv6’s major adoption year; usage had grown from 5% in 2010 to 12% that year, with 38% of enterprise networking managers reporting plans to make the switch, at least in public-facing infrastructure. Two years later, the in-use percentage has risen just a single percentage point to 13%.

Interviewee commentary provides some of the reasons why:

  • “As I’ve said before, that’s the 800-pound gorilla in the room we’ll ignore as long as we can. (For four or five years, if we’re lucky).” – LE, Energy/Utilities
  • “Somebody will have to force that. Probably your ISPs, right? When they stop serving stuff up v4, people will have to figure out v6.” – LE, Consumer Goods/Retail
  • “It’s [IPv6] been on the books for three years now, haven’t gotten funding for it. Last year they decided they were gonna do Direct Access with Microsoft, which requires IPv6, but we ended up with SSL VPNs from Cisco because we wouldn’t do the funding [for IPv6]. We tell management it’s only gonna get worse, if you want those new things.” – LE, Energy/Utilities
  • That’s interesting. I don’t wanna say it’s not on our radar, but it’s really a very tiny blip right now. We don’t have any urgency or anything like that. We’re keeping it on the radar, but as a blip pretty much. I think that [IPv6 adoption] is more on the government side right now.” – LE, Healthcare/Pharmaceuticals
  • “I looked at it [IPv6] last year, it just doesn’t seem to go anywhere. The pain is not big enough yet. Two-faceted thing, pain not big enough yet, why would I spend, just costs me more money. The other portion is technology-wise, there are not, have not been, any bridges that are really well bridging Version 4 and 6 – when you start an initiative with Version 6, you have to build parallel systems that do both, very complex. I wish there was like a v4 to 6 firewall or translation device to get in the game. [Who’s doing IPv6?] Unless you’re education or government…” – LE, Other

In the cloud, it’s interesting who you think is hot and who you choose to date

February 23rd, 2015 by AnnMarie Jordan

Peter ffoulkes, Research Director for Servers and Cloud Computing

In the cloud ‘dating game,’ things are mostly positive for enterprise cloud consumers, and for cloud technology and service providers. From the consumer perspective, the good news is that there are lots of vendors to choose from. And from the providers’ perspective, the field is wide open, especially in the private cloud sector, which is expected to account for almost half of enterprise workloads in the next two years. But for the providers, attracting interest from potential users doesn’t necessarily translate into any meaningful evaluation by them.

The first bit of bad news for providers is in the public cloud IaaS market. Although AWS is the dominant IaaS vendor by a wide margin, only 8% of enterprise workloads are expected to be placed in this environment in the next two years, which represents a challenge not only for AWS, but for all IaaS vendors. The other bad news – for both consumers and vendors – is that the brutal reality of the market will result in mergers and acquisitions, and company (or divisional) failures. Choosing cloud technology or service providers is a high-risk game right now. It’s not for the faint of heart, and it requires the acceptance that there will be winners and losers.

For cloud vendors, the game’s afoot, but far from won

Perhaps the biggest surprise in this market is the difference between vendors that are considered interesting and those that are actually being evaluated for purchase or proof-of-concept projects. From the vendor interest perspective, the usual suspects – Microsoft, VMware and AWS – lead the chart, although OpenStack and its cadre of vendors – Cisco, HP, IBM, Red Hat, Rackspace and others – are more complicated to track. This should not be underestimated, and to do so could be perilous.

The standout finding from the vendor perspective is the outlook for VMware. Although neck-and-neck with Microsoft, and substantially ahead of AWS from the vendor interest ratings, when it comes to evaluation, VMware drops to third position at around one-third of the citations expressed for either Microsoft or AWS – which has to be cause for concern, not just for VMware itself, but its partner community.


Interesting as these vendor dynamics may be, they do not represent a reliable indicator of the final outcome of the cloud market vendor landscape. For cloud vendors, the game’s afoot, but the day is far from won, and changes of strategy and tactics could yield unexpected results.

Anecdotal commentary from our respondent community illustrates the disparity between cloud vendor positioning and enterprise consumer expectations:

  • “Amazon and Microsoft are really focusing on enterprises now, so both have dedicated enterprise cloud sales teams. That’s something that’s new. There’s still quite a bit of ‘the whole world’s going to cloud, why aren’t you in cloud yet?’, that type of sales pitch. When in fact, that’s not the reality. There’s a lot of good business cases today for cloud, and there’s a lot of places where cloud is inappropriate right now. So some of the sales pitches just hype it, ‘Throw everything in the cloud, it’s all wonderful,’ and that’s just not the case yet.” – LE, Utilities
  • “Vendor marketing is way ahead of what customers and clients are ready to get to. Not to single anyone out, we’re a VMware shop in many categories. We talk to them and they talk a lot about software-defined enterprise, the new – something software-defined. They say, ‘Well, you can do all these things, and we have products that do all of them.’ And we say, ‘Great. Here’s what we’re looking for.’ And you get, ‘We can do that as long as you read these 48 pages of fine print on things we can’t do.'” – LE, Services

VMware’s VVOL catches attention of enterprise storage professionals

February 20th, 2015 by AnnMarie Jordan

Marco Coulter, Vice President, TheInfoPro (a service of 451 Research)

Virtual Volume (VVOL) is a feature of VMware’s vSphere due for release in CY Q1. Enterprise interest in VVOL is high even with the product still in beta. Of VMware users interviewed, 7% are extremely likely to use the feature, with a further 19% selecting ‘very likely.’ As a comparison, Virtual SAN (VSAN), generally available since March 2014, only receives 4% of selections.


Previous attempts at ‘normalizing’ storage (yes, SMI-S, I am looking at you) basically ended up in ‘lowest common denominator’ (LCD) storage capabilities. VVOL may be different. Most of the technology in VVOL was available previously in vSphere, though it was a complex endeavor implementing Raw Device Mapping (RDM), VAAI, and a glut of other intricacies, including vendor-specific array management interfaces. VVOL is really about simplifying usage of storage within vSphere.

The devil dances in the details

VVOL avoids LCD by allowing storage vendors to build VASA providers (translation: APIs) exposing their proprietary features to the vSphere interface as provisioning criteria. You define capabilities for the actual capacity and set required policy for your VM, then vSphere plays matchmaker between the two. Sounds great, right? VVOL sounds like it offers simplification of storage, but it’s really delivering single pane of glass. The potential downside of such a feature is that it maintains current storage complexity and exposes it to a whole new audience – VM administrators. For a taste of how different the implementations of various vendors could end up, try some of the videos available on the external site

Narratives below mention performance concerns in VMware environments, which may be partially addressed by VVOL exploiting underlying array strengths. But get ready for a new term – ‘profile sprawl’ – as VM administrators create unique profiles to try and cater for all possible uses of capacity. VVOL is easier for generalists to use than the FC SANs and arrays commonly used to support VM farms. Yet ease of use can lead to chaos as effortlessly as it leads to simplicity. Before implementation, VVOL will require planning.

  • “VMware performance issues re: storage. Not getting the IOPS to meet our requirements with existing storage arrays available to this project.” – LE, Telecom/Technology
  • “I’m the most excited about VMware’s VSAN. It holds the most potential for savings across the industry. You won’t need to have an array for redundancy and performance improvements.” – LE, Financial Services
  • “Our VMware systems are all FC SAN. Almost everything is virtualized servers. …” – LE, Public Sector

VMware remains the most exciting vendor, but has the largest drop in selections

February 18th, 2015 by AnnMarie Jordan

Nikolay Yamakawa, Analyst for TheInfoPro

VMware has retained the lead as the most exciting vendor, with 28% of selections in 2H 2014, but it has experienced a seven-percentage-point drop from 35% in the prior study. Despite the largest drop in selections out of all the vendors in the study, VMware captured more than twice as many selections as Microsoft, which is the second-most exciting infrastructure software vendor, with 12% of selections. However, VMware is now only five and seven percentage points above Cisco and HP, respectively, compared to the 17 and 22 percentage-point gaps a year ago. Cisco took the title of the most exciting hardware-centric vendor with 23% of selections, followed by HP with 21%. HP had the largest increase in selections as exciting vendor between the studies, but excitement does not always translate into better customer retention because the vendor remains at an above-average vulnerability level.

The level of excitement does not directly impact a vendor’s stance in different markets, but it is an indication of change in perception trickling through the industry. VMware has built a strong position in the market, but changing market dynamics are bringing a more even playing field with the competition. Maintaining the lead may become increasingly difficult, and the drop in excitement could be the harbinger of this change for VMware.


Study respondents had the following commentary about vendors that they find exciting:

  • “It’s a more diverse market because many vendors have caught up to VMware, or at least gotten closer.” – LE, Education
  • “I like what I am hearing from HP on OpenStack.” – LE, Financial Services
  • “I like the UCS platform and the architecture [Cisco] put together to consolidate their infrastructure. That’s the main reason we looked at them, been able to implement a much tighter server network architecture and added security pieces that made us happy. Very good so far.” – LE, Industrial/Manufacturing
  • “We like 2012 Hyper-V. We like the replication and extended replication. Did I say that it is all free!” – MSE, Industrial/Manufacturing
  • “Nutanix – all one box, and I can use it for VMware, Hyper-V, and I don’t have to worry about buying expensive storage arrays.” – MSE, Education
  • “Oracle’s virtual computing appliance – it allows you to have more flexibility; it combines everything (compute, storage and networking) into one device, and is easier to provision.” – LE, Transportation

Data protection is the top mobile security issue

February 16th, 2015 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

When it comes to the twin pressures of IT consumerization – consumer mobile devices outmoding ones designed for business and BYOD (employees bringing their own mobile devices to work and expecting email, file and application access) – it is data protection that is the security manager’s main concern. Forty-two percent (42%) of security managers noted data protection, specifically protection of corporate data, as the key security concern, dwarfing options such as device ownership by employees (11%) and the variety of mobile devices (9%).


However the mobile security problem is described, for the majority (91%) the solution at present is mobile device management (MDM). While the specifics of the major MDM vendor offerings differ, making the definition of MDM itself both vague and inclusive, VMware (via AirWatch), MobileIron and Good Technology are taking the enterprise share that used to belong to RIM as the move from BlackBerry devices to a variety of employee-owned devices continues.

Quotes from the 2014 Wave 17 Information Security Study on mobile security included the following:

  • “We know we need it, gathering information, looked at many solutions, haven’t found what we need yet. We need it to integrate with our environment and our multifactor authentication. SecureOff is looking the most promising, but frankly they aren’t really geared [for our needs]; they don’t care that’s it’s a mobile device. They’re missing significant pieces, from our perspective. We wanna be able to make a device a brick, unusable. If a device has a locator chip, we’d love to be able to find it and get it back and lock it so they can’t use it. Worthless if stolen; you can turn it into a brick, so it is literally just a paperweight.” – LE, Industrial/Manufacturing
  • “[Re: decline in spending:] Good is a good, solid product, but the way our people need to get their work done, it’s got too many limitations. You can export stuff from the container, it breaks the rules, a lot of extra work. They’ve poisoned the well for a lot of other people. Microsoft ActiveSync is not real good, but it’s getting much better than it used to be, plus mobile devices like the new Apple iOS 7 has a lot more security built in. Between the two and some other polices, we might be able to get by without an MDM. Or we hope Good makes their product more appealing.” – LE, Other
  • “But it doesn’t cover the other mobile devices that employees are bringing and that we allow on the Wi-Fi connection. About half [of devices connecting are BlackBerry].” – MSE, Transportation
  • “Enforcing security controls on the mobile devices – it inherently influences the user experience.” – LE, Financial Services
  • “We don’t know what’s on it. Lack of visibility of content. [What do you think is on there?] Probably confidential information. And once on a mobile device, you could upload to shared storage, cloud storage. How would you know? If they’re on the desktop, you might have the opportunity [to know]. Web filtering could block that. AV? Virtually nonexistent [on mobile devices]. That’s another issue. Android – it’s open source. Android is much more heavily attacked than Apple iOS.” – LE, Services: Business/Accounting/Engineering

Little growth in CMDB, but still a vendor shakeup

February 12th, 2015 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

Although configuration management database (CMDB) usage didn’t grow much overall in the enterprise in 2014, a shakeup of the vendor landscape occurred nonetheless. SolarWinds steadily outpaced HP, but it was ServiceNow that leapt from 5% to 12% in use, to take pole position in the category. A CMDB is fundamentally a data store where IT assets are the entities, and change management is enabled by understanding the relationship and especially the interdependencies between these IT assets, as well as maintaining a record of how they change.


The use of CMDBs has steadily risen, from 50% at interviewed enterprises in 2009, to 59% in use today. Homegrown methods of maintaining a CMDB are still prevalent, showing up at 7% of enterprises, while BMC, HP, SolarWinds and ServiceNow all show projected growth for new installations moving into 2015. Of those enterprises with a CMDB in place, 18% plan to increase spending on their solution in 2015.

  • “ServiceNow replaces four nonintegrated systems for 2015 total rollout.” – LE, Consumer Goods/Retail
  • “HP provides this in their HP Service Management Suite.” – LE, Energy/Utilities
  • “Working on that now. Just because we had several different tools doing the job that this one vendor [ServiceNow] could provide everything all together. Just an enhancement of the service that we can provide.” – LE, Materials/Chemicals
  • “Outsourced to Atos, but they are switching from CA to BMC Remedy.” – LE, Services: Business/Accounting/Engineering