The IT field is notorious for having many different acronyms. This is especially true when it comes to cloud computing. There are three prevailing cloud service models: Infrastructure-as-a -Service (IaaS); Platform-as-a-Service (PaaS); and Software-as-a-Service (SaaS). All provide a layer of abstraction to service users building application systems, according to Sridhar Vasudevan, senior principal of cloud and data center strategies at global technology firm Insight Enterprises.
Think of them as the “Baskin Robbins of cloud services for ecommerce,” added Laura DiDio, principal of research and consultancy ITIC.
Each model reduces the effort required to build applications, Vasudevan said. These models are then billed as a utility based on customer consumption and usage in a “pay as you go” or “pay for use” model, both Vasudevan and DiDio said.
“A decade ago, SaaS was the most popular of the three,” DiDio observed. “But over time, that’s changed, and PaaS is now the most popular and the service of choice because it’s a “one-stop shop.”
SEE: 10 free alternatives to Microsoft Word and Excel (TechRepublic download)
What each model does
Vasudevan boils the cloud stack down to four layers:
- Infrastructure layer – compute resources, network, storage and security
- Application stack – operating system, application server software, databases, middleware, programming frameworks, and monitoring
- Application layer – User interface, authentication and authorization, transactions and dashboards
- User layer – login, execute transactions, management
As the name implies, IaaS provides the infrastructure layer of the stack. Some examples would be: Amazon Web Services (AWS) EC2, Rackspace and Google Compute Engine (GCE), DiDio said.
“IaaS gives users cloud-based alternatives to on-premise infrastructure, so businesses can avoid investing in expensive on-site resources,” added Vasudevan.
In the IaaS model, customers can provision, manually via consoles or automated via API and code, infrastructure resources for compute instances, storage and data repositories, networks, security services and other fundamental utility services such as backup, he said. Customers can build and implement their software, including an operating system as well as custom and off-the-shelf application systems, on this infrastructure, Vasudevan said.
“They are responsible for managing and controlling everything in the cloud stack from the operating system layer and above, including operating systems, data, application stack (databases, middleware, programming language framework) security, operations [such as] monitoring, patching, etc., and governance.”
PaaS provides the application stack layer to the customer. “The application stack sits on top of the infrastructure layer to provide application layer functions as a service to the customer,” he said. PaaS services provide a development and deployment environment, including the software development framework of operating systems, development tools and programming interfaces such as .net, java, and python.
Customers also have access to database systems and business analytics in this model, Vasudevan said. “Features such as scalability, high availability, and multi-tenancy are also made available. Customer responsibility is limited to building their cloud-based application systems. The service provider takes care of infrastructure, application stack and management.”
Examples include AWS Elastic BeanStalk, Microsoft Azure, Oracle, IBM, Pivotal Cloud Foundry, RedHat OpenShift Container Platform.
SaaS is a complete application delivered as a service via a third party over the internet to the consumer, Vasudevan and DiDio said. “The service provider handles all infrastructure, application logic, application deployments, and service delivery,” he said.
Benefits, limitations, and what you need to know
In theory, PaaS, IaaS and SaaS are designed to do two things: cut costs and free organizations from the time and expense of purchasing equipment and hosting everything on-premises, DiDio said. “However, cloud computing services are not a panacea. Corporate enterprises can’t just hand everything off to a third-party cloud provider and forget about them. There’s too much at stake.”
Internal IT departments must remember what DiDio calls “the three “Cs: communication, collaboration and cooperation,” which she said are all essential for successful business outcomes and uninterrupted smooth, efficient daily operational transactions.
“When properly deployed and maintained, IaaS is highly flexible and scalable,” DiDio said. “It’s easily accessed by multiple users. And it’s cost effective.” IaaS is beneficial to businesses of all types and sizes, she said. “It provides complete and discretionary control over infrastructure… Many organizations find that they can slash their hardware costs by 50% or more using IaaS.”
However, IaaS “requires a mature operations model and rigorous security stacks including understanding cloud provider technologies,” noted Vasudevan. IaaS also “requires skill and competency in resource management.”
PaaS, DiDio said, “is the whole enchilada. It’s a platform. So organizations work with a preferred vendor like Amazon, Microsoft, Oracle, SAS, Salesforce and others to build a custom implementation that best suits their business and technology needs.”
The advantage is the ability to save time development efforts. “You don’t have to hire an internal development team that builds application code from scratch. That can take years, plus it’s costly and the business always has to worry about code errors and incompatibility issues,” DiDio said. “This is especially true for large enterprises that have specialized applications and requirements in verticals like banking/finance and healthcare.”
The limitations of PaaS are vendor lock-in in terms of features; the inability to create extreme customizations; and it is hard to migrate to another platform if required, Vasudevan said. With SaaS, there are no requirements for infrastructure deployment, software development or delivery, maintenance and operations, he said. Software accessible from anywhere on most devices, there is fixed monthly usage billing, and it requires minimal input from users.
However, SaaS makes it harder to do custom workflows and you are dependent on the provider to make improvements in features and reliability, Vasudevan said.
How to figure out what you need
To determine which model is best for you, consider the first rule before embarking on any new initiative or upgrade: “the business needs should always drive the technology purchase and not vice versa,” DiDio said. “Many organizations will have hybrid implementations–opting to keep some applications…in-house for security reasons,” she said. At the same time, an enterprise might also decide to put a mission-critical application in the cloud.
Every business must determine what its goals are and what it hopes to achieve, and then weigh this against cost and feasibility, she said.
Vasudevan lists some other considerations:
- Migrating legacy applications to the cloud requires the business analyze customized programs for suitability and retrofitting of existing architectures so that they can be integrated with new cloud services
- Some applications may not be currently suitable for the cloud and will require expensive investments to re-architect legacy architectures and/or rewrite cloud native applications
- New services must be built in the cloud to optimally use cloud models
- Organizational change management initiatives will require resource training, hiring new resources or consultants
- Transition will require the creation of new operations model and acquisition of additional tools or services