Magic Quadrant for Cloud Infrastructure as a Service

19 August 2013 ID:G00251789
Analyst(s): Lydia Leong, Douglas Toombs, Bob Gill, Gregor Petri, Tiny Haynes


The market for cloud compute infrastructure as a service (a virtual data center of compute, storage and network resources delivered as a service) is still maturing and rapidly evolving. As each provider has unique offerings, the task of sourcing their services must be handled with care.

Market Definition/Description

Cloud computing is a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using Internet technologies. Cloud infrastructure as a service (IaaS) is a type of cloud computing service; it parallels the infrastructure and data center initiatives of IT. Cloud compute IaaS constitutes the largest segment of this market (the broader IaaS market also includes cloud storage and cloud printing). Only cloud compute IaaS is evaluated in this Magic Quadrant; it does not cover cloud storage providers, platform as a service (PaaS) providers, software as a service (SaaS) providers, cloud services brokerages or any other type of cloud service provider, nor does it cover the hardware and software vendors that may be used to build cloud infrastructure. Furthermore, this Magic Quadrant is not an evaluation of the broad, generalized cloud computing strategies of the companies profiled.

In the context of this Magic Quadrant, cloud compute IaaS (hereafter referred to simply as "cloud IaaS" or "IaaS") is defined as a standardized, highly automated offering, where compute resources, complemented by storage and networking capabilities, are owned by a service provider and offered to the customer on demand. The resources are scalable and elastic in near-real-time, and metered by use. Self-service interfaces are exposed directly to the customer, including a Web-based UI and, optionally, an API. The resources may be single-tenant or multitenant, and hosted by the service provider or on-premises in the customer's data center.

We draw a distinction between cloud infrastructure as a service, and cloud infrastructure as a technology platform; we call the latter cloud-enabled system infrastructure (CESI). In cloud IaaS, the capabilities of a CESI are directly exposed to the customer through self-service. However, other services, including noncloud services, may be delivered on top of a CESI; these cloud-enabled services may include forms of managed hosting, data center outsourcing and other IT outsourcing services. In this Magic Quadrant, we evaluate only cloud IaaS offerings; we do not evaluate cloud-enabled services. (See "Technology Overview for Cloud-Enabled System Infrastructure" and "Don't Be Fooled by Offerings Falsely Masquerading as Cloud Infrastructure as a Service" for more on this distinction.)

This Magic Quadrant covers all the common use cases for cloud IaaS, including development and testing, production environments (including those supporting mission-critical workloads) for both internal and customer-facing applications, batch computing (including high-performance computing [HPC]) and disaster recovery. It encompasses both single-application workloads and "virtual data centers" (VDCs) hosting many diverse workloads. It includes suitability for a wide range of application design patterns, including both "cloud-native" application architectures and enterprise application architectures.

This Magic Quadrant primarily evaluates cloud IaaS providers in the context of the fastest-growing need among Gartner clients: the desire to have a "data center in the cloud," where the customer retains most of the IT operations responsibility. Gartner's clients are mainly enterprises, midmarket businesses and technology companies of all sizes, and the evaluation focuses on typical client requirements.

This Magic Quadrant strongly emphasizes self-service and automation in a standardized environment. It focuses on the needs of customers whose primary need is self-service cloud IaaS, although it may be supplemented by a small amount of colocation or dedicated servers. Organizations that need significant customization or managed services for a single application, or that are seeking cloud IaaS as a supplement to a traditional hosting solution ("hybrid hosting"), should consult the Magic Quadrants for Managed Hosting instead ("Magic Quadrant for Managed Hosting, North America," "Magic Quadrant for European Managed Hosting" and "Magic Quadrant for Cloud-Enabled Managed Hosting, Asia/Pacific"). Organizations that do not want self-service, but instead want managed services with an underlying CESI, should consult our Magic Quadrants for data center outsourcing and infrastructure utility services instead ("Magic Quadrant for Data Center Outsourcing and Infrastructure Utility Services, North America" and "Magic Quadrant for Data Center Outsourcing and Infrastructure Utility Services, Europe").

This Magic Quadrant evaluates only solutions that are delivered in an entirely standardized fashion — specifically, public cloud IaaS, along with private cloud IaaS that uses the same or a highly similar platform. Although most of the providers in this Magic Quadrant do offer custom private cloud IaaS, we have not considered these offerings in our evaluations. Organizations that are looking for custom-built, custom-managed private clouds should use our Magic Quadrants for data center outsourcing and infrastructure utility services instead (see above).

Understanding the Vendor Profiles, Strengths and Cautions

IaaS providers that target enterprise and midmarket customers generally offer a high-quality service, with excellent availability, good performance, high security and good customer support. Exceptions will be noted in this Magic Quadrant's evaluations of individual providers. Note that when we say "all providers," we specifically mean "all the evaluated providers included in this Magic Quadrant," not all cloud IaaS providers in general. Keep the following in mind when reading the vendor profiles:

  • All of the providers have a public cloud IaaS offering. Many also have a "cookie cutter" private cloud offering, where every customer is on standardized infrastructure and cloud management tools, although this may or may not resemble the provider's public cloud service in either architecture or quality. A single architecture and feature set and cross-cloud management, for both public and private cloud IaaS, make it easier for customers to combine and migrate across service models as their needs dictate, and enable the provider to leverage its engineering investments more effectively. All of the providers also offer custom private clouds, unless otherwise noted.
  • Most of the providers are oriented toward the needs of traditional IT operations, with an emphasis on control, governance and security, and the ability to run both new applications and legacy workloads. The providers that are oriented toward the needs of developers are noted as such; these providers typically emphasize easy access to infrastructure for individuals who are building new applications. Some developer-oriented offerings target small or midsize businesses (SMBs) and startups, and lack the features needed by enterprises and midmarket entities.
  • Most of the providers have a "reliable cloud," achieved through redundant infrastructure in conjunction with virtual machine (VM) clustering, or the ability to rapidly detect VM failure and immediately restart it on different hardware. They are thus able to offer very high SLAs for infrastructure availability — sometimes as high as 99.999% (sometimes expressed as a 100% SLA with a 10-minute exclusion). Offerings without VM clustering or rapid VM restart — which provide higher levels of infrastructure availability than can be expected from a single physical server — are referred to as "best-effort."
  • Most of the providers have maintenance windows that result in downtime of the control plane (including the GUI and API), and may require infrastructure downtime. Some offerings can utilize live migration of VMs, largely eliminating the need for downtime to perform host maintenance, but this does not eliminate maintenance windows in general.
  • In general, monthly compute availability SLAs of 99.95% and higher are the norm, and they are typically higher than availability SLAs for managed hosting. Service credits for outages in a given month are typically capped at 100% of the monthly bill. This availability percentage is typically non-negotiable, as it is based on an engineering estimate of the underlying infrastructure reliability. Maintenance windows are normally excluded from the SLA.
  • Some providers have a compute availability SLA that requires the customer to use compute capabilities in at least two fault domains (sometimes known as availability zones or availability sets); an SLA violation requires both fault domains to fail. Providers with an SLA of this type are explicitly noted as having a multi-fault-domain SLA.
  • Very few of the providers have an SLA for compute or storage performance. However, most of the providers do not oversubscribe compute or RAM resources; providers that do not guarantee resource allocations are noted explicitly. Storage performance varies considerably between providers. Some providers can offer tiered storage with a solid-state drive (SSD) option.
  • Many providers have additional SLAs, covering network availability and performance, customer service responsiveness and other service aspects.
  • Infrastructure resources are not normally automatically replicated into multiple data centers unless otherwise noted; customers are responsible for their own business continuity. Some providers offer optional disaster recovery solutions.
  • Most of the providers offer either a shared resource pool (SRP) pricing model or are flexible about how they price the service. In the SRP model, customers contract for a certain amount of capacity (in terms of CPU and RAM), but can allocate that capacity to VMs in an arbitrary way, including being able to oversubscribe that capacity voluntarily; additional capacity can usually be purchased on demand by the hour. Providers that are paid by the VM, rather than on an SRP model, are noted as such. All the providers offer per-hour metering.
  • Most of the providers allow customers to choose arbitrary-size VMs — any combination of virtual CPUs (vCPUs), RAM and VM storage, subject to some limits. Providers that do not allow this are explicitly noted as offering fixed-size VMs.
  • Most of the providers can resize an existing VM without needing to reprovision it; those that cannot are explicitly noted as offering nonresizable VMs. Some of the providers can resize an existing VM without needing to reboot it.
  • Some of the providers are able to offer an option for single-tenant VMs within a public cloud IaaS offering, on a fully dynamic basis, where a customer can choose to place a VM on a host that is temporarily physically dedicated to just that customer, without the customer needing to buy a VM that is so large that it consumes the whole physical host. These VMs are typically more expensive than VMs on shared hosts. Providers that have this option are noted as such.
  • Some of the providers are able to offer "bare metal" physical servers on a dynamic basis. Due to the longer provisioning times involved for physical equipment (two hours is common), the minimum billing increment for such servers is usually daily, rather than hourly. Providers with this option are noted as such.
  • All the providers offer an option for colocation, unless otherwise noted. Many customers have needs that require a small amount of supplemental colocation in conjunction with their cloud — most frequently for a large-scale database, but sometimes for specialized network equipment, software that cannot be licensed on virtualized servers, or legacy equipment. Colocation is specifically mentioned only when a service provider actively sells colocation as a stand-alone service; a significant number of midmarket customers plan to move into colocation and then gradually migrate into that provider's IaaS offering.
  • Typically, the storage associated with an individual VM is persistent. However, some providers have ephemeral storage, where the storage exists only during the life of the VM; if the VM goes away unexpectedly (for instance, due to hardware failure), all data in that storage is lost. Ephemeral storage is always noted explicitly.
  • All the providers offer VM-independent block storage unless otherwise noted. A few providers allow storage volumes to be mounted on multiple VMs simultaneously, although customers must correctly architect their solutions to ensure data integrity (just as they would with a traditional storage array).
  • All the providers offer object-based cloud storage, unless otherwise noted. In many cases, this service is integrated with a content delivery network (CDN).
  • All the providers have a private WAN that connects their data centers, unless otherwise noted. They offer an option for private network connectivity (usually in the form of Multiprotocol Label Switching [MPLS] or Ethernet purchased from the customer's choice of carrier), between their cloud environment and the customer's premises, unless otherwise noted. Most of the providers support the use of Internet-based IPsec VPN (virtual private networking). All the providers allow customers to have VMs with only private Internet Protocol (IP) addresses (no public Internet connectivity), and also allow customers to use their own IP address ranges, unless otherwise noted. Some providers may enforce secure access to management consoles, restricting access to VPNs or private connectivity.
  • All the providers claim to have high security standards. The extent of the security controls provided to customers varies significantly, though. All providers offer multifactor authentication, unless otherwise noted. Most providers offer additional security services. All the providers evaluated can offer solutions that will meet common regulatory compliance needs, unless otherwise noted. All the providers have SSAE 16 audits for their data centers (see Note 1), and some may have ISO 27001 audits for their cloud IaaS offering (see Note 2); audits should not be taken as indications of security.
  • Most providers offer a firewall (intrusion detection system/intrusion prevention system) as part of their offering, although a few offer only access control lists (ACLs) and a few offer no self-service network security at all; this will always be explicitly noted. All providers offer customers a self-service ability to create complex network topologies with multiple network segments and multiple virtual network interface cards (NICs), unless otherwise noted.
  • All the providers allow customers to bring their own VM images, unless otherwise noted. This allows a customer to create snapshots of existing VMs within their own internal data center, and then directly import them into the provider's cloud, rather than having to start from the provider's own VM image library. This also allows the import of VM appliances and other prepackaged VM images from independent software vendors (ISVs). All providers allow storage snapshots and have the ability to turn the snapshot into a VM image, unless otherwise noted.
  • All the providers have the ability to do bulk import and export of data on physical media, unless otherwise noted. The few providers that can cooperate with third-party off-site data-archiving services, such as Iron Mountain, to deliver them backups on physical media, are noted as such.
  • Except where noted, all the providers allow customers to create provisioning templates that group multiple resources, including compute, storage and network elements, and allow them to be provisioned as a unit. Some of the providers also have post-provisioning hooks, allowing customers to run scripts after VM provisioning is complete but before the VM is available for login.
  • All the providers offer monitoring as an option, unless otherwise noted. A few offer trigger-based autoscaling, which allows provisioning-related actions to be taken based on a monitored event. Some providers offer schedule-based autoscaling, which allows provisioning-related actions to be executed at a particular time.
  • All the providers offer self-service, front-end load-balancing, unless otherwise noted. All also offer back-end load balancing (used to distribute load across the middle and back-end tiers of an application), unless otherwise noted.
  • All the providers offer a portal and self-service mechanism that is designed for multiple users and that offers hierarchical administration and role-based access control (RBAC). However, the degree of RBAC granularity varies greatly. We strongly recommend that customers that need these features, but that want to use a provider that doesn't have strong support for them, evaluate a third-party management tool, such as Enstratius (recently acquired by Dell), RightScale and ServiceMesh.
  • All providers log events such as resource provisioning and deprovisioning, VM start and stop, and account changes, and allow customers self-service access to those logs for at least 60 days, unless otherwise noted.
  • All providers, unless otherwise noted, offer the ability to place metadata tags on provisioned resources, and to run reports based on them, which is useful for internal showback or chargeback. Some providers also offer cost control measures such as quotas (limits on what a user can provision) and leases (time-limited provisioning of resources).
  • All providers offer enterprise-class support with 24/7 customer service, via phone, email and chat, along with an account manager. Most providers include this with their offering. Some offer a lower level of support by default, but allow customers to pay extra for enterprise-class support.
  • All the providers will sign contracts with customers, can invoice, and can consolidate bills from multiple accounts. While some may also offer online sign-up and credit card billing, they recognize that enterprise buyers prefer contracts and invoices. Some will sign "zero dollar" contracts that do not commit a customer to a certain volume.
  • All the providers evaluated are believed to be financially stable, with business plans that are adequately funded. Customers should not need to worry about them going out of business. However, many of the smaller providers are likely to be potential acquisition targets; an acquisition can cause significant changes in the strategy and direction of a business, and may result in a service transition period if the merged companies consolidate their platforms.
  • Many of the providers have white-label or reseller programs, and some may be willing to license their software. We mention software licensing only when it is a significant portion of the provider's business; other service providers, not enterprises, are usually the licensees. We do not mention channel programs; potential partners should simply assume that all these companies are open to discussing a relationship. (See "Infrastructure as a Service in the Cloud Services Value Chain" for details.)
  • Most of the providers offer optional managed services on IaaS. However, not all offer the same type of managed services on IaaS as they do in their broader managed hosting or data center outsourcing services. Some may have managed services provider (MSP) or system integrator (SI) partners that provide managed and professional services.
  • All the evaluated providers offer a portal, documentation, technical support, customer support and contracts in English. Some can provide one or more of these in languages other than English. Most providers can conduct business in local languages, even if all aspects of service are English-only. Customers who need multilingual support will find it very challenging to source an offering.

Format of the Vendor Descriptions

When describing each provider, we first briefly summarize the nature of the company and then provide information about its public cloud IaaS offerings (and any single-tenant offerings that are otherwise identical), in the following format:

Locations: Cloud IaaS data center locations by country, languages that the company does business in, and languages that technical support can be conducted in.

Compute, storage and network notes: Notes on the offering, including any missing core functionality or significant features, compared with the standard functionality discussed above.

Other notes: We list other capabilities of note, including important missing capabilities. We specifically note other cloud-related services, such as cloud storage (which all providers have unless otherwise noted), as well as the availability of managed services, even though those service offerings are not specifically evaluated in the context of this Magic Quadrant, because they are capabilities frequently requested by customers in conjunction with cloud IaaS. (See "Market Insight: Customers Need Hybrid Cloud Compute Infrastructure as a Service" for details.)

In the compute notes, we state the basis of each provider's virtualization technology and, if relevant, its cloud management platform (CMP). We also state what APIs it supports — the Amazon Web Services (AWS), OpenStack and vCloud APIs are the three that have broad adoption, but many providers also have their own unique API. Note that supporting one of the three common APIs does not provide assurance that a provider's service is compatible with a specific tool that purports to support that API; the completeness and accuracy of API implementations vary considerably. Furthermore, neither the use of the same underlying CMP nor API compatibility indicates that two services are interoperable. Specifically, OpenStack-based clouds differ significantly from one another, limiting portability; the marketing hype of "no vendor lock-in" is, practically speaking, untrue.

For many customers, the underlying hypervisor will matter, particularly for those that intend to run commercial software on IaaS. Many ISVs support only VMware virtualization, and those vendors that support Xen may support only Citrix XenServer, not open-source Xen (which is often customized by IaaS providers and is likely to be different from the current open-source version).

Services that use VMware's virtualization technologies are labeled as follows:

  • vCloud Datacenter Service. This service has been certified to meet VMware's globally consistent service definitions, security and regulatory compliance requirements, and requirements for availability and high performance. It is based on a prescriptive architecture intended to maximize portability between providers of vCloud Datacenter Service and a business's own VMware-virtualized data center infrastructure. Only eight providers worldwide have such a service and several of them do not yet have a significant customer base on this platform. These providers also meet the requirements for being vCloud Powered.
  • vCloud Powered. These providers are part of VMware's service provider partner program. The service is based on VMware's vSphere and vCloud Director (vCD), exposes the vCloud API, and supports the Open Virtualization Format (OVF) for image upload and download. Unless otherwise stated, these providers expose the vCD UI to customers. Because the vCD features exposed can be customized by the service provider, and the service provider typically needs to provide an array of features not included in vCD (such as monitoring), there is still significant differentiation between vCloud Powered providers. In a vCloud Powered offering with the vCD UI exposed, vCD is used to drive self-service management and provide a service catalog. vCD is a key part of VMware's strategy for driving adoption of hybrid internal-external cloud IaaS, and facilitates interoperability between VMware-virtualized infrastructures, regardless of whether they are internal to a business or offered by a service provider. vCD provides the capability to manage very complex infrastructure needs, but also requires a greater investment in training and setup time from an IT administrator in order to facilitate easier self-service for users.
  • vCloud Express. vCloud Express is a VMware-defined offering aimed at developers and small businesses, with online sign-up, credit card payment, self-service and by-the-hour service.
  • VMware-virtualized. This service uses VMware's hypervisor, but is not a vCloud Datacenter, vCloud Powered or vCloud Express service. Many such offerings are high-quality services from early, market-leading innovators; these providers typically entered the market before vCD became available and have elected to continue to develop their own technology.

We summarize all of the provider descriptions, including a comparison of their capabilities against our baseline expectation of capabilities, in tabular format in "Toolkit: Comparison Matrix for Cloud Infrastructure as a Service Providers, 2013."

Recommended Uses

For each vendor, we also provide recommendations for use. The most typical recommended uses are:

  • Cloud-native applications. These are applications specifically architected to run in a cloud IaaS environment, using cloud transaction processing (TP) principles.
  • E-business hosting. These are e-marketing sites, e-commerce sites, SaaS applications, and similar modern websites and Web-based applications. They are usually Internet-facing. They are designed to scale out and are resilient to infrastructure failure, but they might not use cloud TP principles.
  • General business applications. These are the kinds of general-purpose workload typically found in the internal data centers of most traditional businesses; the application users are usually located within the business. Many such workloads are small, and they are often not designed to scale out. They are usually architected with the assumption that the underlying infrastructure is reliable, but they are not necessarily mission-critical. Examples include intranet sites, collaboration applications such as Microsoft SharePoint, and many business process applications.
  • Enterprise applications. These are general-purpose workloads that are mission-critical, and they may be complex, performance-sensitive or contain highly sensitive data; they are typical of a modest percentage of the workloads found in the internal data centers of most traditional businesses. They are usually not designed to scale out, and the workloads may demand large VM sizes. They are architected with the assumption that the underlying infrastructure is reliable and high-performance.
  • Test and development. These workloads are related to the development and testing of applications. They are assumed not to require high availability or high performance.
  • Batch computing. These workloads include high-performance computing (HPC), "big data" analytics and other workloads that require large amounts of capacity on demand. They do not require high availability, but may require high performance.

For all the vendors, the recommended uses are specific to self-managed cloud IaaS. However, many of the providers also have managed services, as well as other cloud and noncloud services that may be used in conjunction with cloud IaaS. These include hybrid hosting (customers sometimes blend solutions, such as an entirely self-managed front-end Web tier on public cloud IaaS, with managed hosting for the application servers and database), as well as hybrid IaaS-PaaS solutions. Even though we do not evaluate managed services, PaaS and the like in this Magic Quadrant, they are part of a vendor's overall value proposition and we mention them in the context of providing more comprehensive solution recommendations.

Magic Quadrant

Figure 1. Magic Quadrant for Cloud Infrastructure as a Service
Figure 1.Magic Quadrant for Cloud Infrastructure as a Service

Source: Gartner (August 2013)

Vendor Strengths and Cautions

Amazon Web Services

AWS is a cloud-focused service provider with a very pure vision of highly automated, cost-effective IT capabilities, delivered in a flexible, on-demand manner.

Locations: AWS has groups of data centers, which it calls "regions," on the East and West Coasts of the U.S., and in Ireland, Japan, Singapore, Australia and Brazil. It also has one region dedicated to the U.S. federal government. It has global sales, including local offices where it has regions. Support is provided in English, Japanese and Portuguese. Technical account managers can also provide support in German, Hindi and Korean.

Compute: Elastic Compute Cloud (EC2) is multitenant, best-effort, fixed-size and nonresizable, paid-by-the-VM, and Xen-virtualized. Single-tenant VMs are available via Dedicated Instances. There are special options for HPC, including graphics processing units (GPUs). AWS does not have any formal private cloud offerings, though it might be willing to negotiate such deals.

Storage: VM storage is ephemeral. Persistence requires VM-independent block storage (Elastic Block Store). There is an option for SSDs, as well as storage performance guarantees (Provisioned IOPS). Object-based storage (Simple Storage Service [S3]) is integrated with a CDN (CloudFront), there is an option for long-term archive storage (Glacier), and AWS offers its own cloud storage gateway appliance.

Network: AWS offers a full range of networking options. Complex networking and IPsec VPN is done via Amazon Virtual Private Cloud (VPC). Private connectivity can be obtained via cross-connect in the data centers of select partners such as Equinix (Amazon Direct Connect); this also meets the needs of customers who require colocated equipment.

Other notes: Enterprise-grade support is extra. The SLA, which was significantly improved in June 2013, is multi-fault-domain, but does not have any exclusion for maintenance; AWS also offers continuous availability on its portal and API. AWS offers a particularly broad array of IaaS features and PaaS-like services. Notable capabilities include trigger-based and schedule-based autoscaling, database as a service (Relational Database Service [RDS]), Hadoop as a service (Elastic MapReduce), and data warehousing as a service (Redshift). We provide purchasing guidance in "What Managers Need to Know About Amazon Web Services" and a detailed technical evaluation in "Amazon Web Services (AWS): In-Depth Assessment."

Recommended uses: Cloud-native applications, batch computing, e-business hosting, general business applications, and test and development.

  • AWS is the overwhelming market share leader, with more than five times the compute capacity in use than the aggregate total of the other fourteen providers in this Magic Quadrant. It is a thought leader; it is extraordinarily innovative, exceptionally agile and very responsive to the market. It has the richest IaaS product portfolio, and is constantly expanding its service offerings and reducing its prices. It has by far the largest pool of capacity, which makes its service one of the few suitable for batch computing, especially for workloads that require short-term provisioning of hundreds of servers at a time.
  • AWS has a very large technology partner ecosystem. Many software vendors have specially licensed and packaged their software to run on EC2, either independently or via the AWS Marketplace, which eases deployment and eliminates some of the challenges associated with licensing software to run in the cloud. Its API is supported by many third parties that provide associate management tools, and many open-source and commercial CMPs are compatible with its API. Although AWS is not directly involved in the hybrid on-premises cloud business, it has partners that can offer such solutions.
  • AWS has a diverse customer base and the broadest range of use cases, including enterprise and mission-critical applications. It is increasingly targeting the mainstream market by both broadening its technical capabilities and increasing its go-to-market partnerships with SIs (such as Capgemini, Cognizant and Wipro) that provide both application development expertise and managed services. It has obtained many security and compliance-related certifications and audits. Customers may be able to access these audits under a nondisclosure agreement, but cannot conduct their own independent audits.
  • AWS has multiple "availability zones" (AZs) within its regions. These AZs are effectively multiple data centers in close proximity to one another. AWS's services are designed to make it easier to run applications across multiple AZs; customers are responsible for architecting their applications for high availability. However, new capabilities are rolled out incrementally, region by region, so newer capabilities are not necessarily available in every region.
  • AWS is a price leader, but it charges separately for optional items that are often bundled with competitive offerings. This increases the complexity of understanding and auditing bills. Prospective customers should be careful to model the costs accurately, especially for network-related charges, and to compare the costs of reserved and unreserved capacity, as well as AWS's "spot pricing" market.
  • AWS has multiple generations of compute instance "families" — for instance, the m1, m2, and m3 families. Each of these represents different levels of performance, and you must take this into account when choosing what instance type to use, and determine which offers the lowest cost for your particular workload. When comparing AWS's performance with that of other providers, ensure that you are making an accurate, normalized comparison; do not equate an AWS EC2 Compute Unit (ECU) with a modern physical core.
  • AWS's support offerings are tiered based on the level of support that a customer purchases, rather than on a "relationship" or size-of-spend basis; the quality of support differs materially between tiers. AWS does not include enterprise-grade support by default; customers will need to buy Business tier support for this. Its Enterprise tier support offers a dedicated technical account manager and other "platinum" capabilities, providing a higher degree of support than most of its competitors offer without managed services, but it carries up to a 10% premium on the customer's overall AWS spend.
  • AWS has field sales, solutions engineering and professional services organizations, but the rapid growth of AWS's business means that sales capacity is insufficient to consistently satisfy prospective customers who need consultative sales. For better terms and conditions, customers should sign an Enterprise Agreement, which is typically a zero-dollar contract. Invoicing is available on request.


CSC is a large, traditional IT outsourcer with a broad range of data center outsourcing capabilities.

Locations: CSC has multiple cloud data centers in the U.S., as well as in Canada, Brazil, Germany, Luxembourg, the Netherlands, Switzerland, the U.K., Australia, Malaysia and Singapore. It has global sales. Support is provided in English, French, German, Italian, Spanish and Mandarin.

Compute: CSC offers a vCloud Datacenter Service, a VCE Vblock-based cloud IaaS architecture in different tenancy models — public multitenant in a CSC data center (CloudCompute), single-tenant compute with a multitenant back-end (BizCloud Virtual Private Edition [VPE]), and private single-tenant in a CSC data center or in the customer's own data center (BizCloud) — and optional managed services. It offers both paid-by-the-VM and SRP pricing. Because features are introduced into BizCloud before being rolled into CloudCompute, the latter contains a subset of BizCloud features; furthermore, it is best-effort and lacks API access. While customers can access vCloud Director if they prefer, CSC has built its own, more user-friendly portal.

Storage: Block storage is persistent and independent of the VM. There is an option for SSDs. Storage snapshots are not supported. CSC does not offer object-based cloud storage.

Network: CSC has the full range of networking options.

Other notes: Managed services are optional. CSC also has significant additional software capabilities supporting IT operations management, along with trigger-based and schedule-based autoscaling, and quotas and leases for resource management. It also offers database as a service (CloudDB) and Hadoop as a service.

Recommended uses: General business applications, test and development, cloud-enabled data center transformation.

  • Unlike most other traditional data center outsourcers, CSC has fully embraced the highly standardized, highly automated cloud model, successfully blending the benefits of a true cloud service into an enterprise-ready offering. It has a solid platform that is attractive to traditional IT operations organizations that still want to retain control, but need to offer greater agility to the business and are willing to embrace data center transformation.
  • CSC has a strong road map focused on bringing enterprise-class IT operations management (ITOM) tools, including automated managed services, to cloud IaaS. It is trying to integrate not just traditional ITOM tools, but also DevOps tools; for example, it offers Nolio's application deployment tool as part of its platform. It is also building infrastructure utility services for specific applications on top of the platform. In addition, it has begun to blend PaaS-layer services into its IaaS offerings.
  • CSC is one of the few providers to have a standardized architecture across both public and private cloud offerings, as well as a single rate card across all of these offerings — although the pricing is the same, the minimum commitments vary. CSC's pricing for infrastructure resources is very competitive.
  • CSC has developed a portfolio of cloud-related professional services, including Smart Start, a proof-of-concept program intended to help a customer achieve a "quick win" in moving an application onto IaaS, and then methodically migrating other workloads over time. In general, CSC is generous about offering trials to prospective customers.
  • Cloud computing is driving a radical reinvention of the way in which CSC delivers services, including significantly broadening the range of companies that CSC targets with its offerings. The cloud division is run as its own business unit, which gives it greater agility but also sometimes brings it into conflict with its slower-moving and more conservative parent company. At present, however, CSC is investing heavily in its cloud business.
  • Prospective CSC customers should be careful to understand the distinction between CSC's outsourcing business and its cloud offerings; in particular, they should be sure to understand what is and isn't within the scope of a particular tier of managed services. Existing CSC outsourcing customers report challenges in getting CSC to engage in cloud opportunities.
  • Although CSC has a vCloud Datacenter Service, it has been gradually reducing its dependence upon VMware, in favor of integrating best-of-breed third-party ITOM tools, as well as developing its own software. While this improves CSC's overall competitive position, it may be challenged to compete with other organizations that can invest heavily in cloud development and have their own large engineering teams.
  • CSC's focus has been on enabling traditional IT operations organizations to make the transition to cloud infrastructure, resulting in a distinctive feature set. It is trying to increase its traction with developer audiences, but will find this challenging, given the positioning of the broader CSC brand.

Dimension Data

Dimension Data is a large SI and value-added reseller. It entered the cloud IaaS market through the 2011 acquisition of OpSource.

Locations: Dimension Data has data centers on the East and West Coasts of the U.S., plus the Netherlands, Australia, Hong Kong, Japan and South Africa. Local-language sales and support is provided in 51 countries, with cloud-specialized support provided from its regional service centers.

Compute: Dimension Data offers VMware-virtualized paid-by-the-VM public cloud IaaS, as well as SRP-priced private cloud IaaS, with optional managed services.

Storage: There is persistent block storage with an optional SSD-accelerated tier, but it is not VM-independent.

Network: Dimension Data has a full range of networking options.

Other notes: There are two tiers of optional managed services, which include improved SLAs. There is no multifactor authentication. There is no colocation.

Recommended uses: E-business hosting, cloud-native applications, general business applications, and test and development.

  • Dimension Data's Managed Cloud Platform (MCP) is a single unified architecture across its public and private cloud offerings; it is one of the few providers to provide such an architecture. It is pursuing a federated model, whereby service provider partners offer MCP-based services via resale or white label, but Dimension Data provides one consistent, unified service globally. It also provides sales and marketing enablement to its OneCloud Alliance members.
  • OpSource had a long history as a SaaS hoster, and Dimension Data has retained these capabilities. Its rich suite of offerings for that market includes not only infrastructure, but also an on-demand billing platform, custom application management and help desk support. It has excellent SLAs, including 100% availability, and even stronger SLAs are available to customers who buy managed services.
  • Dimension Data has launched Cloud Software, a set of partnerships with ISVs. It offers Dimension Data-tested and -licensed software from those ISVs, on demand. Depending on the software, the price may be hourly or monthly. However, there is little software available in this model.
  • While Dimension Data's offering is VMware-virtualized, it is not vCloud Powered. Instead, Dimension Data is doing extensive software development of its own, allowing it to drive a faster pace of innovation and control it costs better. Although it is able to invest in the necessary engineering resources, and has consistently rolled out incremental improvements in a continuous delivery model, this also represents a new way of doing business for Dimension Data, which has historically been an integrator of technology, not a developer of technology.
  • Although Dimension Data has a capable basic cloud IaaS offering, it needs value-added capabilities, whether delivered through its own services or via an ecosystem of partners. It has tried to differentiate based on its network model, but such capabilities are increasingly "table stakes."
  • Dimension Data is owned by NTT Group. While NTT has deliberately chosen Dimension Data to be its most agile business, with minimal interference from the parent, Dimension Data's future ability to move quickly is likely to depend on continued support and noninterference.


Fujitsu is a large diversified technology company. It has a range of cloud IaaS offerings, including the Fujitsu Cloud IaaS Trusted Public S5 (formerly the Fujitsu Global Cloud Platform), multiple regional offerings based on a global reference architecture (Fujitsu Cloud IaaS Private Hosted, formerly known as Fujitsu Local Cloud Platform), and multiple private cloud offerings. Although Fujitsu has received vCloud Datacenter Service Provider partner status, it has not yet launched this offering.

Locations: S5 is available in data centers in the U.S. (West Coast), Germany, the U.K., Australia, Japan, and Singapore. Fujitsu has global sales, and provides support in 34 languages; the S5 portal is available in English and Japanese. The regional offerings have their own capabilities and locations, which are different from those of S5.

Compute: S5 is a multi-tenant, best-effort, fixed-size and non-resizable, paid-by-the-VM, Xen-virtualized offering; it is also available in a single-tenant version (S5 Dedicated).

Storage: Block storage is persistent and VM-independent. Although S5 has storage snapshots, snapshots cannot be used as VM images. Customers cannot import their own VM images.

Network: Although S5 supports private connectivity and private-IP-only VMs, it cannot use customer-provided IP addresses. It does not fully support complex network topologies.

Other notes: There is no metadata tagging of assets, but user quotas are supported. Managed services are optional.

Recommended uses: General business applications, and test and development.

  • Fujitsu has a long history in IT services and data center outsourcing. It has a large global sales force, is the leader in IT outsourcing in Asia/Pacific and has a strong European presence. This gives it a large existing base of captive customers into which it can sell cloud services, and it has been successful at extending existing Fujitsu relationships into cloud deals. It has very responsive support, and good account management.
  • Fujitsu is a global vendor of hardware and software, and it is developing most of its own technology for its cloud offerings, across IaaS, PaaS, and SaaS. It is leveraging its existing technology, including its ITOM software, to accelerate the pace of its cloud business. Fujitsu's Resource Orchestrator — Cloud Edition software is used to provide the visual designer used in its IaaS user interfaces, as well as significant depth of portal features.
  • Fujitsu's previous strategy of allowing its regions to pursue their own cloud strategies has enabled certain regions, such as Australia, to develop offerings tailored to the needs of their local markets, at a faster pace than Fujitsu has been able to do so as a global entity. Fujitsu has begun an "offering standardization process" intended to bring the regional offerings in line with the global ones, but it may be a few years before this is accomplished.
  • Fujitsu rolls out S5 features first in Japan, then extends them to its other regions. Furthermore, Fujitsu in Japan offers additional cloud capabilities — Japan-based organizations or projects targeted at the Japanese market should investigate what capabilities are specifically available in Japan, such as object-based storage, database as a service, and Hadoop as a service.
  • Although Fujitsu has been rapidly improving S5's capabilities, and has been highly responsive to customer requests, its feature set lags the market leaders. Its VM provisioning times are lengthy compared to other providers. It cannot meet common compliance requirements.
  • Fujitsu's previous strategy of allowing regional control means that development efforts are fragmented across the globe. As such, the private hosted service offerings may differ in each region, making it difficult for Fujitsu to capitalize fully on engineering resources and achieve economies of scale, although Fujitsu has recently strengthened its global cloud strategy and management.
  • Although Fujitsu can sell its IaaS platform on a stand-alone basis, it is most often combined with managed services or a broader outsourcing relationship.


GoGrid is a small, independent cloud-IaaS-focused provider.

Locations: GoGrid's data centers are on the East and West Coasts of the U.S., and in the Netherlands. It has local sales in its San Francisco and Amsterdam offices. Support is officially provided only in English.

Compute: GoGrid offers fixed-size, paid-by-the-VM, Xen-virtualized IaaS in both multitenant and single-tenant variants. RAM is resizable but CPU is not.

Storage: VM storage is persistent, and there is an option for persistent, VM-independent file storage. Customers cannot import their own VM images. Object-based cloud storage is integrated with a CDN (via a partnership with Edgecast).

Network: GoGrid has a full range of networking options.

Other notes: There is no metadata tagging of assets or granular RBAC. Managed services are optional.

Recommended uses: Cloud-native applications, e-business hosting, and test and development for individuals or small teams.

  • Although GoGrid has a competitively priced, best-effort, developer-centric IaaS offering, it has broad and aggressive SLAs that include 100% availability and cover compute, storage and networking elements. It is one of the few providers that has a standard architecture across its public and private cloud offerings.
  • The GoGrid Exchange enables software vendors to license and package their software to run on GoGrid, easing deployment and eliminating some of the headaches associated with licensing software to run in the cloud. It has a unique multipartner compensation model that enables partners to build on top of each other's software stacks.
  • GoGrid's software is developed entirely in-house. This enables it to innovate quickly and to drive down its costs, but also provides significant long-term challenges to competing against providers that can devote significant resources to R&D. Enterprise customers will find that its feature set lags behind the market leaders.
  • GoGrid has its own API, which is supported by a limited number of third-party tools. GoGrid is pursuing a strategy of broader interoperability, and its future success will be dependent on ensuring that the company can partake in one or more of the emerging platform ecosystems.


HP is a large diversified technology company with a range of cloud-related products and services. Its only true cloud IaaS offering is the HP Public Cloud, although it has some cloud-enabled infrastructure services, such as the HP Enterprise Services Virtual Private Cloud.

Location: HP's Public Cloud data centers are in the eastern and western U.S. Although it has global sales, the service is offered only in English.

Compute: HP Public Cloud is a multitenant, best-effort, fixed-size, KVM-virtualized, OpenStack-based offering.

Storage: VM storage is ephemeral. There is an option for persistent, VM-independent block storage. Customers cannot import their own VM images. There is object-based storage with an integrated CDN (via a partnership with Akamai).

Network: Although private connectivity is supported, all VMs must have Internet connectivity and customers cannot use their own IP addresses. The load-balancing service is currently in private beta.

Other notes: The SLA is multi-fault-domain, but does not have any exclusion for maintenance. Multifactor authentication is not supported. There are no audit logs. The monitoring service is currently in private beta. User quotas are supported.

Recommended use: Test and development for existing HP customers, or those who specifically want to explore an OpenStack-based cloud offering.

  • HP has an ambitious and comprehensive vision of interoperable public and private cloud infrastructure, integrating HP's hardware capabilities, ITOM tools, outsourcing capabilities and partner ecosystem.
  • HP has a large global sales force and marketing budget. It has been successful at attracting a global customer base for its public cloud, despite currently having data centers only in the U.S.
  • Although HP has invested significant engineering resources into its Public Cloud over a multiyear period, its Public Cloud compute offering was not generally available until December 2012. It is therefore a new entrant, with a limited track record, and its feature set is nascent.
  • Although HP's public cloud offering is based on OpenStack, as is HP Cloud OS (the platform for HP Converged Cloud and part of the HP CloudSystem CMP), there is limited interoperability between the Public Cloud and private clouds based on HP CloudSystem. HP Public Cloud's inability to import VM images on a self-service basis means that customers cannot currently directly transfer workloads from their private cloud to HP Public Cloud, even if their private cloud is based on OpenStack.
  • HP has been willing to offer extraordinary discounts to prospective customers in order to bring them onto its Public Cloud. Such discounts may not be sustainable, so prospective customers should be cautious when evaluating the solution's long-term costs


IBM is a large diversified technology company with a range of cloud-related products and services. IBM's only true cloud offering is SmartCloud Enterprise (SCE), although it also has a cloud-enabled infrastructure service called IBM SmartCloud Enterprise+, as well as PaaS services.

Locations: SCE's data centers are in the eastern and western U.S., as well as Canada, France, Germany, Australia, Japan, Singapore and Brazil. IBM has global sales. Support for SCE is provided in English, French, German, Italian, Spanish, Japanese, Korean, Mandarin and Portuguese.

Compute: SCE is a multitenant, best-effort, fixed-size and nonresizable, paid-by-the-VM, KVM-virtualized offering.

Storage: VM storage is ephemeral. There is an option for persistent, VM-independent block storage. Although storage snapshots are supported, they cannot be used as VM images. There is no support for bulk import/export of data. Object-based storage is supported through a partnership with Nirvanix.

Network: Third-party private connectivity is not supported. Inter-data-center SCE traffic goes over the Internet, not an IBM private network. There is no network security as a service. Only front-end load-balancing is supported.

Other notes: Multifactor authentication is not supported, and RBAC is limited. There is no monitoring service and no general autoscaling service. Enterprise-grade support costs extra, and while OS support may be added to premium support, it is not equivalent to a managed service.

Recommended use: Test and development or batch computing for existing IBM customers, or those who want to use the related PaaS capabilities.

  • IBM's cloud vision encompasses public and private cloud at both the systems and application infrastructure levels. IBM's portfolio of products and services has IaaS, PaaS and SaaS elements, along with hardware, ITOM software, middleware and database software, and comprehensive consulting and outsourcing capabilities. However, IBM has not brought together these disparate elements in a way that motivates customers to use SCE instead of competing, non-IBM services.
  • IBM's PaaS, in the form of SmartCloud Application Services, can easily be used to enhance SCE's capabilities. IBM also has a software marketplace for SCE. However, in both cases, this is primarily useful for customers running IBM software on SCE, as there is very limited support for third-party software.
  • Although IBM has improved the speed of its development cycle for SCE, its feature set still lags significantly behind those of its competitors. Enterprises are likely to be especially concerned by the weaknesses in security capabilities and the inability to meet regulatory compliance requirements.
  • IBM's SLA is weak, and it excludes maintenance; IBM typically has more maintenance-related downtime than its competitors. It also has a more complicated sign-up and contracting process than most of its public cloud competitors.
  • While IBM has a stated commitment to OpenStack, SCE is not currently based on OpenStack. Moreover, on 8 July 2013, IBM acquired SoftLayer, which has its own proprietary cloud IaaS platform. This creates uncertainty about the future direction of IBM's cloud infrastructure platforms and portfolio, including the future of the SCE offering as the platforms are reconciled. Prospective customers should ask IBM about its SoftLayer integration plans.


Joyent is a small, independent service provider that is solely focused on cloud services and software.

Locations: Joyent has data centers in the eastern and western U.S., along with a data center in the Netherlands. It has local sales in the U.S. and U.K. Support is provided in English and Spanish.

Compute: Joyent offers fixed-size, paid-by-the-VM public cloud IaaS (SmartMachines), and private cloud in a variety of pricing models. The host OS is Joyent's own SmartOS, an open-source derivative of OpenSolaris, managed by the Illumos community. Customers have a choice between OS virtualization in a SmartOS Container and KVM virtualization on a SmartOS Container for Linux and Windows guests.

Storage: VM storage is persistent, but there is no VM-independent block storage. There is an SSD option. Joyent's S3-compatible object-based cloud storage (Manta) has a unique architecture designed for batch jobs that require high-performance access to large amounts of storage, with an in-place batch compute service separate from Joyent's main compute service.

Network: Joyent has a full range of networking options.

Other notes: Joyent has a single-account model, although an account can have multiple API keys. Its RBAC is very limited.

Recommended use: Cloud-native applications where visibility into application performance is crucial; batch computing on large datasets.

  • Joyent has a unique vision for cloud IaaS and is exceptionally innovative from a technology perspective. It is developing an integrated technology stack and its infrastructure offerings verge into the platform space. It is making deep investments in fundamental technologies, including its own SmartOS operating system, based on Illumos Solaris and its x86 hypervisor. Joyent's cloud uses SmartOS Containers (originally known as Solaris Zones). KVM runs natively within a container, thus providing additional security, resource control and resource visibility within the virtualization layer.
  • Joyent has a pure focus on new, cloud-native applications, including mobile applications, as well as, with its newly-launched Manta service, big data applications and massively parallel data analytics. Joyent is one of the top-five public cloud IaaS providers by VM count. It is the sponsor of Node.js, and it offers proprietary tools focused on Node.js operations within its platform.
  • Joyent places strong emphasis on application performance and it takes a holistic approach to its delivery, including integrating network-based acceleration. It has particularly deep portal-based performance analytics, which uses the DTrace framework for application instrumentation. It has an excellent cost-performance ratio.
  • Joyent intends to derive its future revenue from a mix of offering cloud services directly and selling its SmartDataCenter CMP software (including via OEM partners such as Dell), which is fully compatible with its own public cloud IaaS offering. It has launched its Global Cloud Network, a cloud federation alliance focused on mobile carriers; its strategic carrier partners include Telefonica and Bharti Airtel.
  • Joyent's feature set is strongly oriented toward cloud-native use cases, and it is highly developer-centric. It emphasizes API capabilities and the enablement of third-party tools, rather than portal capabilities of its own.
  • The unique nature of Joyent's offering makes it crucial for the company to develop an ecosystem around its platform; it must attract ISVs and third-party tools vendors, along with MSPs and SIs that can provide managed and professional services. Joyent has begun to build this ecosystem, focused on cloud-native vendors, but it is not yet mature.
  • Joyent is focused on developing its own technology, which creates long-term challenges in competing against providers with greater development resources. That said, it has chosen to focus its efforts on particular areas, leaving certain capabilities, notably enterprise management features, to partners such as Enstratius (recently acquired by Dell).


Microsoft is a large ISV with a diverse array of related technology businesses; it is increasingly focused on delivering its software capabilities via cloud services. Its Windows Azure business was previously strictly PaaS, but Microsoft launched Windows Azure Infrastructure Services (which include Virtual Machines and Virtual Networks) into general availability in April 2013, thus entering the cloud IaaS market.

Locations: Windows Azure Infrastructure Services are available in data centers on the East and West Coasts of the U.S., as well as in Ireland, the Netherlands, Hong Kong and Singapore. Microsoft has global sales, and Windows Azure support is provided during local business hours in English, French, German, Italian, Spanish, Japanese, Korean, Mandarin and Portuguese; 24/7 support is provided only in English.

Compute: Windows Azure VMs are fixed-size, paid-by-the-VM, and Hyper-V-virtualized; they are metered by the minute.

Storage: Block storage ("virtual hard disk") is persistent and VM-independent. There is no support for bulk import/export. Object-based cloud storage is integrated with a CDN.

Network: Third-party private connectivity is not supported. Inter-data-center Azure traffic goes over the Internet, not a Microsoft private network. There is no network security as a service.

Other notes: Enterprise-grade support costs extra. The SLA is multi-fault-domain, but does not have any exclusion for maintenance. There is no granular RBAC. Although audit logs are kept, they are retained for less than 60 days. The broader Windows Azure service is a full-featured PaaS offering with significant complementary capabilities, such as database as a service; the Virtual Machines are integrated into the overall offering. Trigger-based autoscaling is in beta.

Recommended use: Test and development for Microsoft-centric organizations; cloud-native applications; use as part of an overall Windows Azure solution.

  • Microsoft has a vision of infrastructure and platform services that are not only leading stand-alone offerings, but also seamlessly extend and interoperate with on-premises Microsoft infrastructure (rooted in Hyper-V, Windows Server, Active Directory and System Center) and applications, as well as Microsoft's SaaS offerings. Its vision is global, and it is aggressively expanding into multiple international markets.
  • Microsoft has built an attractive and easy-to-use UI that will appeal to Windows administrators and developers. The IaaS and PaaS components within Windows Azure feel and operate like part of a unified whole, and Microsoft is making an effort to integrate them with Visual Studio and System Center.
  • Microsoft's brand, existing customer relationships and history of running global-class consumer Internet properties have made prospective customers and partners confident that it will emerge as a market leader in cloud IaaS. The number of Azure VMs is growing very rapidly. Microsoft customers who sign a contract can receive their enterprise discount on the service, making it highly cost-competitive. Microsoft is also extending special pricing to Microsoft Developer Network (MSDN) subscribers.
  • Windows Azure Infrastructure Services are brand-new and consequently lack an operational track record. The feature set is limited and the missing features are ones that are critical to most enterprises. Many features are in "preview" (beta), or "coming soon," and it is not always obvious to the customer which features are still in preview. Although Microsoft has a generally good uptime record with Azure PaaS components, it will be challenged to scale its IaaS business rapidly.
  • Microsoft is in the midst of a multiyear initiative to make its on-premises software "cloud first," rather than trying to scale software originally built for on-premises single-enterprise use. It now faces the challenges of getting its core infrastructure technology to operate at cloud scale, managing that infrastructure at cloud scale, and facilitating the ability of customers to move toward more highly automated infrastructure.
  • Microsoft has just begun to build an ecosystem of partners around Windows Azure Infrastructure Services, and does not yet have a software licensing marketplace. Furthermore, it has little in the way of enterprise Linux options. Consequently, the offering is currently very Microsoft-centric and appeals primarily to .NET developers.


Rackspace is an independent Web hoster with a long track record of leadership in the managed hosting market. It is one of the founders of OpenStack. Its Rackspace Private Cloud business provides traditional commercial open-source support and professional services around it. In addition to its public cloud IaaS offerings, Rackspace can support custom OpenStack-based private clouds in its own data centers or in customer data centers. It also owns numerous related businesses; some, such as SaaS email, are part of Rackspace itself, while others, such as Jungle Disk, are subsidiaries.

Locations: Rackspace Cloud Servers are located in data centers in the central and eastern U.S., the U.K. and Australia. However, accounts are region-specific; Europe is a separate region from the rest of the world. Rackspace has sales in the U.S., along with London, Amsterdam, Hong Kong and Sydney. Support is officially provided only in English.

Compute: Rackspace Cloud Servers is a multitenant, best-effort, fixed-size, Xen-virtualized, OpenStack-based public cloud IaaS offering.

Storage: VM storage is persistent, but there is also optional persistent VM-independent block storage. There is an option for SSDs. There is object-based storage (Cloud Files) with an integrated CDN (via a partnership with Akamai). Customers cannot import their own VM images.

Network: Private connectivity requires use of the RackConnect service. Cloud Servers cannot use customer-provided IP addresses. Use of many networking features, such as network ACLs, requires Cloud Networks to be enabled for the account, or requires RackConnect. Inter-data-center Cloud Servers traffic goes over the Internet, not a Rackspace private network.

Other notes: There is no multifactor authentication or RBAC. There is no support for provisioning templates. Full audit logs are not kept. Significant additional capabilities include database as a service and a PaaS offering (Cloud Sites). Managed services (at the guest OS level) are optional. We provide a detailed technical evaluation in "Rackspace Public Cloud: In-Depth Assessment."

Recommended uses: Hybrid hosting where cloud IaaS is supplementary to a primarily dedicated infrastructure; and test and development for individual developers and small teams, where simplicity and ease of use are crucial.

  • Rackspace has a large base of existing managed hosting customers into which it can sell cloud services. Although most such customers currently opt for VMware-virtualized dedicated servers rather than using Cloud Servers, and Rackspace does not offer the full range of its managed services on Cloud Servers, the RackConnect hybrid offering is attractive to both existing and new customers who want the greater predictability and potentially lower costs associated with a blend of dedicated and on-demand capacity.
  • Rackspace Cloud Servers is an easy-to-use service with excellent customer support. It has one of the lowest entry price points, making it attractive for initial experimentation with cloud IaaS.
  • Rackspace has outstanding marketing. It has been instrumental in evangelizing OpenStack as a key future infrastructure ecosystem (competing against Amazon, Microsoft and VMware). Its "open cloud" message resonates with buyers. However, Cloud Servers has limited interoperability with other OpenStack-based clouds, and its inability to import VM images means that customers cannot directly transfer workloads from other OpenStack-based clouds.
  • Rackspace has made a number of acquisitions, such as the portfolio of companies that were part of Exceptional, that are intended to enhance its cloud capabilities and rapidly expand the number of developers it employs. Rackspace still faces significant challenges integrating these acquisitions into a cohesive whole.
  • Rackspace Cloud Servers is a developer-centric, best-effort IaaS, with limitations that are likely to frustrate enterprise customers. Although it has the second-largest market share in public cloud IaaS, it has appealed primarily to small businesses seeking a replacement for low-cost mass-market hosting. Although it has enabled Rackspace to introduce service enhancements at an improved pace and expand third-party management tool support, Rackspace's feature set still lags behind those of the market leaders.
  • Rackspace is focused on a hybrid cloud strategy, for customers who want OpenStack both in their internal data centers and in Rackspace data centers, with a managed services emphasis. Increasingly, it will compete against large IT outsourcers that are moving down-market with lighter-weight managed services offerings facilitated by cloud-enabled infrastructure and inexpensive, offshore labor.
  • Rackspace has relinquished control over OpenStack, which is now under the stewardship of the independent OpenStack Foundation, of which Rackspace remains a platinum sponsor. OpenStack's evolution may not necessarily align closely with Rackspace's needs; it is possible that OpenStack could succeed without this leading to Rackspace's success, and indeed, that its success could enable others to compete more effectively against Rackspace.
  • Rackspace is currently in a transitional stage in which it is running two public cloud IaaS technology platforms simultaneously — the previous proprietary platform derived from its acquisition of Slicehost, and the new OpenStack-based platform launched in August 2012. Some features are available on only one of these platforms. Previous customers will be transitioned to the new OpenStack control plane, but will not need to migrate their VMs.
  • Rackspace has a diverse set of cloud-related businesses and will be challenged to manage the broad range of demands upon its management team and its engineering resources. It must devote significant resources to OpenStack development, while also investing in its own proprietary, differentiated capabilities. It must now compete against companies that can make substantially larger investments in development and partnerships, and that have existing customer relationships and very large global sales forces.


Savvis, a CenturyLink company, is a Web hoster with a long track record of leadership in the hosting market. It has a broad suite of offerings, including colocation, managed hosting and data center outsourcing. It has both public and private cloud IaaS offerings under the Symphony brand, as well as a public cloud IaaS offering, SavvisDirect, that is sold through CenturyLink.

Locations: The Symphony Virtual Private Data Center (VPDC) public cloud offering is available in East and West Coast U.S. data centers, along with Canada, Germany, the U.K., Hong Kong and Singapore. SavvisDirect is available on the East and West Coasts of the U.S., as well as the U.K. Savvis's private cloud offerings are available in a broad range of data centers globally. Savvis has global sales, and business is conducted in local languages, but support is officially offered only in English.

Compute: Symphony VPDC is a multitenant, paid-by-the-VM, vCloud Powered offering; it offers both Savvis's own portal and the option to use vCD. Other Symphony offerings are VMware-virtualized, with varying pricing models. SavvisDirect is a multitenant, paid-by-the-VM, Xen-virtualized offering based on CA's AppLogic; it does not expose an API to customers, although it is a developer-centric offering.

Storage: Symphony VPDC storage is persistent, and there is an option for VM-independent block storage; customers can opt for third-party off-site data archiving. SavvisDirect storage is persistent but there is no VM-independent block storage option, it does not support storage snapshots, customers cannot import their own VM images, and there is no support for bulk import/export.

Network: Symphony VPDC has a full range of networking options. SavvisDirect lacks support for private connectivity, VMs with private-only IP addresses and back-end load-balancing.

Other notes: Symphony VPDC supports both quotas and leases. Managed services for the guest OS layer are optional in Symphony VPDC and SavvisDirect. The full range of managed services are available in Savvis's private cloud IaaS offerings. Savvis also offers database as a service. CenturyLink acquired AppFog, a PaaS provider, in June 2013; it will be added to Savvis's portfolio of cloud services.

Recommended uses: General business applications, enterprise applications, and test and development.

  • Savvis, together with CenturyLink, has a compelling and distinctive vision of application-fluent infrastructure that spans network, compute and storage capabilities. Savvis already has a very broad, multitiered IaaS product portfolio that can address a diverse range of customer needs, and a well-established track record of delivering enterprise cloud services for production and mission-critical needs. It has a particular emphasis on broad and deep security features.
  • Most Web hosters do not offer their managed hosting customer portal to self-service, cloud-only customers. Savvis is one of the few that does. Its customer portal has one of the most comprehensive feature sets in the hosting industry and is, consequently, exceptional for the cloud IaaS market.
  • While Savvis is increasingly focused on using the cloud as a means to enter the data center outsourcing market, it nevertheless has a competitive feature set for self-service, and successfully blends the self-service and managed services models across a hybrid solution portfolio. The existing Savvis base of managed hosting and colocation customers, along with the CenturyLink customer base, provides Savvis with cross-selling opportunities.
  • Savvis has an extremely diverse product portfolio, with multiple types of single-tenant and multitenant IaaS. This can be confusing to prospective customers, and it can be difficult to decide which solution or combination of solutions is right for one's needs. It also proliferates narrow "point" solutions, rather than creating a unified platform that can be used to deliver a variety of flexible solutions.
  • Savvis has chosen to split its midmarket and enterprise solutions (under the Symphony brand), which primarily target traditional IT operations buyers, from its small business solutions (under the SavvisDirect brand), which primarily target developers. However, because many midmarket entities and enterprises initially adopt cloud IaaS through their development organization, this creates a potential mismatch of solutions.
  • Savvis has chosen to develop much of its own technology, or obtain it through acquisitions, although it is also leveraging commercial software. It must make very large investments in order to realize its vision, and will need to compete against highly capable engineering organizations at competing vendors. It also needs to build a compelling ecosystem of partners.
  • Customers indicate that the quality of customer service is declining across Savvis's lines of business, including the cloud IaaS business. While this is primarily of concern to customers engaging Savvis for managed services on top of a cloud IaaS platform, it also impacts customer account management and cloud technical support.


SoftLayer is an independent Web hoster with a focus on SMBs. It was acquired by IBM in July 2013, but the two providers are considered entirely independently in this Magic Quadrant.

Locations: SoftLayer has multiple data centers in the U.S., along with data centers in the Netherlands and Singapore. Its sales locations are similar to its data center locations. It officially offers support only in English.

Compute: SoftLayer's cloud IaaS offering is CloudLayer; it is paid-by-the-VM, Citrix-Xen-virtualized, and available as a single-tenant or multitenant offering. There is an option for single-tenant VMs within SoftLayer's multitenant public cloud. There is also an option for "bare metal" (nonvirtualized) servers, by the hour.

Storage: Storage is persistent and VM-independent block storage is available. Customers cannot import their own VM images, and bulk import/export is not supported. There is OpenStack object-based storage with an integrated CDN (via a partnership with Internap).

Network: SoftLayer supports a full range of networking options.

Other notes: SoftLayer has an extensive dedicated server business. Managed services are available, but are not a focus for SoftLayer.

Recommended uses: E-business hosting, general business applications, self-managed hybrid hosting, batch computing and large-scale use cases such as gaming where bare metal is desirable.

  • SoftLayer is a thought leader in automated, highly standardized infrastructure services, provisioned on demand. It has an excellent portal that offers integrated management across all its offerings. However, SoftLayer's breadth of capabilities has not grown as quickly as companies that have been able to make broader and deeper engineering and partnership investments.
  • CloudLayer has a particularly clean service composition, with a range of options that can be added on a per-instance, paid-by-the-hour basis, including aspects such as the type of monitoring and the automated response to a failure detected by monitoring. Instances can be VMs or dedicated servers, and SoftLayer emphasizes that bare-metal physical servers can be managed with the same elasticity as VMs. SoftLayer is highly cost-competitive, especially when combining bare-metal dedicated servers and CloudLayer resources.
  • CloudLayer has an array of paid-by-the-hour, per-instance security options, including the option to integrate with third-party authentication (such as Verisign Identity Protection). SoftLayer also offers free vulnerability scanning and payment card industry (PCI) compliance scans (in partnership with McAfee).
  • SoftLayer is strongly focused on self-service for SMB customers. However, its capabilities are an excellent match for organizations that need very large amounts of self-service infrastructure. Consequently, it has begun to attract large-scale enterprise deals that need more consultative sales, a deeper level of support and greater flexibility from the service provider. The acquisition by IBM will bring enterprise sales capabilities, including channel capabilities, to the SoftLayer business, as well as the higher-level IBM managed services.
  • Although SoftLayer has historically targeted technology businesses, it has principally targeted IT administrators, rather than developers. It now has active developer outreach efforts, but its proprietary API has not gained widespread third-party tool support.
  • SoftLayer was acquired by IBM on 8 July 2013. Although IBM has announced a general directional intent to continue to support and enhance SoftLayer's technologies, and has begun sales and marketing integration, the SoftLayer business is very different from IBM's existing cloud infrastructure business, and reconciling the two will take time.

Tier 3

Tier 3 is a small, independent service provider focused solely on cloud services. In addition to its cloud IaaS offering, it has Web Fabric, a CloudFoundry-based PaaS. It is responsible for Iron Foundry, the .NET extension of Cloud Foundry.

Locations: Tier 3 has multiple data centers in the U.S., Canada, the U.K. and Germany; some of these locations are in partnership with Peer 1 Hosting. It has U.S. sales, and relies on partners for international sales. Support is officially provided only in English.

Compute: Tier 3 offers multitenant, paid-by-the-VM, vCloud Powered cloud IaaS. However, it does not expose vCD; instead, it has its own portal.

Storage: Block storage is persistent, VM-independent, and integrated with rolling backups and disaster recovery options. An SSD option is available. Third-party off-site data archiving is supported. Object-based storage is integrated with a CDN (via partnerships with Internap and Limelight Networks).

Network: Tier 3 supports a full range of networking options.

Other notes: There is no multifactor authentication. Both quotas and leases are supported. There is both trigger-based and scheduled autoscaling, and the autoscaling can resize VMs without rebooting (where supported by the OS). It has a sophisticated self-service OS patching capability. Managed services are optional..

Recommended uses: E-business hosting, cloud-native applications, general business applications, and test and development.

  • Tier 3 combines an excellent, highly differentiated set of features on a well-engineered platform with an easy-to-use self-service portal. It is one of the few services with both cloud-native capabilities that are attractive to developers and the governance and management features needed by large enterprises. Although it is a vCloud Powered offering, its core architecture and software platform contain substantial custom engineering of its own. Tier 3 has an innovative and ambitious road map, and it is agile in responding to customer requests. It can offer a "premium" tier of VMs that are automatically replicated into a second data center — a unique feature.
  • Tier 3 has a scriptable templating feature called Cloud Blueprints that can be used to provision complex, multi-data-center infrastructure configurations incorporating VMs, network elements and applications. For instance, one of its provided Blueprints can provision highly available Microsoft Exchange Server using data availability groups. It has a marketplace for Blueprints.
  • Tier 3 is becoming a hypervisor-agnostic provider and intends to provide a unified interface to clouds that are built using multiple different CMPs. It is emphasizing white-label and reseller capabilities, and the ability to federate between different Tier 3-based clouds.
  • Although Tier 3's offering is vCloud Powered, it does not expose the vCD UI. Consequently, customers do not receive the full extent of vCD's self-service capabilities. However, Tier 3 offers many additional features that are not part of vCD, and it is trying to strategically reduce its dependence on VMware.
  • Tier 3 has limited brand awareness, marketing budget and sales capacity. It will be challenged to grow its business in an increasingly noisy, crowded market, and its global expansion will be highly dependent on partners.
  • Tier 3 is a small but innovative service provider with a pure cloud IaaS business, which makes it a highly attractive target for acquisition. Although Tier 3 has a capable, leading-edge feature set, it will be challenged to match the engineering resources available to the market leaders, and therefore challenged to maintain its platform lead.

Verizon Terremark

Verizon Terremark encompasses Verizon's data center, cloud and security businesses. Its Enterprise Cloud brand encompasses multiple VMware-virtualized offerings — the standard Enterprise Cloud (public cloud from the original Terremark), Private Edition (public cloud with single-tenant compute), Managed Edition (formerly the Verizon Computing as a Service public cloud offering), Express Edition (vCloud Express-based paid-by-the-VM public cloud) and Public Sector Edition (U.S. federal government community cloud).

Locations: The Enterprise Cloud is available in multiple data centers in the U.S., as well as the Netherlands, the U.K. and Brazil. Terremark has global sales. Support is officially provided only in English.

Compute: The Enterprise Cloud is available in both single-tenant and multitenant variants, including single-tenant compute with a multitenant back-end. It is VMware-virtualized. Both paid-by-the-VM and SRP billing models are available. Bare-metal servers, on daily metering, are available in the Managed Edition.

Storage: Block storage is persistent and VM-independent. Although storage snapshots are supported, they cannot be used as VM images (but VM images can be copied directly into the image catalog). There is no object-based cloud storage.

Network: Terremark has a full range of networking options.

Other notes: Only the Managed Edition has a monitoring service. Managed services are bundled with the Managed Edition, but are not otherwise an option.

Recommended uses: General business applications, and test and development.

  • Terremark, via the standard Enterprise Cloud service, is the market share leader in VMware-virtualized public cloud IaaS. It has the longest track record in the market for enterprise-class public cloud IaaS. It can address hybrid hosting use cases via the Enterprise Cloud Managed Edition, which bundles in managed services but has fewer self-service capabilities.
  • Terremark is developing a next-generation, unified platform that will launch in late 2013. This new platform will enable Terremark to address a much broader range of use cases, and consolidates its development efforts onto a single hypervisor-neutral platform.
  • The acquisition of CloudSwitch gives the company a tool that can be used to facilitate migration from, and interoperability with, other cloud environments, including AWS. It is using management talent acquired from CloudSwitch to drive its future strategy.
  • Until Terremark launches its new unified platform, customers must be careful to match the service they choose to their particular use case. They should also be aware that while Terremark is continuing to enhance existing offerings, its engineering focus has shifted to the new platform. Terremark's competitive differentiators have eroded over time as competitors have caught up and, in some cases, surpassed it in feature development.
  • Terremark needs to deliver more than a capable cloud IaaS platform and associated network services in order to realize its cloud ambitions. It needs complementary value-added capabilities, along with a compelling ecosystem of partners.
  • Although Terremark has always done a significant amount of software development, rather than being wholly reliant on VMware, it is staking its future success on rapid innovation driven by agile development. This is an unusual strategy for a company owned by a telecom carrier, and it is highly dependent on Verizon's willingness to interfere minimally with management.


Virtustream is a small, independent service provider focused solely on cloud services. In addition to its cloud IaaS offering, it sells the software for its platform, which is called xStream.

Locations: Virtustream has data centers on the East and West Coasts of the U.S., and in the U.K. It has sales in the U.S., along with London and Dubai sales offices. Support is officially provided only in English.

Compute: xStream is hypervisor-neutral. It is offered in both single-tenant and multitenant variants; it can support single-tenant VMs in its public cloud.

Storage: Block storage is persistent and VM-independent. While storage snapshots are supported, they cannot be used as VM images. Third-party off-site data archiving is supported.

Network: Virtustream supports a full range of networking options, although it does not have back-end load-balancing.

Other notes: Quotas are supported. Although Virtustream supports audit logs, it retains those logs for less than 60 days. Managed services are optional.

Recommended uses: Enterprise applications, general business applications, e-business hosting and cloud-native applications.

  • Virtustream's founders have backgrounds in VMware and SAP consultancies, as well as system integration, and the company has a strongly consultative approach, as well as particular expertise in SAP. Its cloud is targeted primarily at production applications, but in an unusual approach, it is targeting both traditional enterprise workloads, including ERP applications, as well as cloud-native applications. It has been successful at winning large-scale enterprise deals, particularly those focused on SAP and that require managed services capabilities.
  • Virtustream has developed its own cloud platform technology, and uses a single unified architecture across public and private offerings, both within its own data centers and within customers' data centers. Although much of its infrastructure is VMware-virtualized, it can also support other hypervisors, and it is compatible with the AWS API. It has divided its portal into an administrative UI and an end-user UI, to address some ease-of-use issues.
  • Virtustream's micro-VM technology enables it to charge for resources consumed, rather than resources allocated, and to offer policy-based service-level management and application performance SLAs. It has focused on meeting enterprise security and compliance needs, and has some unique capabilities, such as support for Intel's Trusted Execution Technology (TXT) and trust framework.
  • Although Virtustream supports a solid set of self-service features, it primarily targets complex, mission-critical applications where it is likely that the customer will purchase professional services assistance for implementation, and managed services on an ongoing basis.
  • Virtustream is a compelling and unique provider for particular enterprise application use cases, but it is better suited to implementations where an environment will be carefully and consultatively tuned for the needs of particular applications, rather than general-purpose environments where workloads are deployed without oversight.
  • Virtustream is a small but innovative service provider, and may be an attractive target for acquisition. Its strategy will require it to attract and retain significant engineering talent as well as application expertise. It will be challenged to grow its brand awareness and to manage the lengthy sales cycles that will be common in its targeted use cases.

Vendors Added and Dropped

We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant or MarketScope may change over time. A vendor appearing in a Magic Quadrant or MarketScope one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. This may be a reflection of a change in the market and, therefore, changed evaluation criteria, or a change of focus by a vendor.


  • HP
  • IBM
  • Microsoft


  • Bluelock: Bluelock no longer meets the inclusion criteria for market presence. It is, however, a very capable U.S.-based vCloud Datacenter Service provider with a solid track record of successfully serving production use cases, including complex, mission-critical needs.
  • Dell: Dell has withdrawn its vCloud Datacenter Service public cloud IaaS offering from the market. At present, Dell is encouraging customers to use its Dell Cloud Partner Program for these services.
  • OVH: OVH does not meet the inclusion criteria for business and technical capabilities. It is a France-based provider that primarily targets SMBs, with a paid-by-the-VM, VMware-virtualized public cloud IaaS offering, as well as a particularly innovative vCloud Datacenter Service private cloud that offers economics and flexibility comparable to those of a public cloud.

Inclusion and Exclusion Criteria

To be included in this 2013 Magic Quadrant, vendors had to demonstrate the following, as of May 2013:

  • Market participation. They must sell public cloud IaaS as a stand-alone service, without the requirement to use any managed services (including guest OS management), or to bundle it with managed hosting, application development, application maintenance, or other forms of outsourcing. They may, optionally, also sell a private version of this offering that uses the same architecture but is single-tenant.
  • Market traction and momentum. They must be global providers, with no more than 85% of their cloud IaaS business in their home region. They must be among the top 15 providers by Gartner-estimated market share for the relevant segments (public and standardized private cloud IaaS, excluding small deployments of one or two VMs).
  • Business capabilities relevant to Gartner clients. They must offer the public cloud IaaS service globally, be able to invoice, offer consolidated billing, and be willing to negotiate customized contracts. They must have 24/7 customer support (including phone support).
  • Technical capabilities relevant to Gartner clients. The public cloud IaaS service must be suitable for supporting production workloads, whether enterprise or cloud-native. Specific service features must include:
    • Data centers in at least two metropolitan areas, separated by a minimum of 250 miles, on separate power grids, with SSAE 16, ISO 27001, or equivalent audits.
    • Real-time provisioning (small Linux VM in 10 minutes).
    • The ability to scale an application beyond the capacity of a single physical server.
    • An allowable VM size of at least eight vCPUs and 24GB of RAM.
    • An SLA for compute, with a minimum of 99.9% availability.
    • The ability to securely extend the customer's data center network into the cloud environment.
    • Access to a Web services API.

Vendors Considered, but Not Included

This Magic Quadrant is global in scope, but most of the providers are based in the U.S. This is a reflection of the way the market is evolving. The market has matured more quickly in the U.S. and the bulk of revenue comes from U.S.-based customers and flows to U.S.-based companies — U.S.-based IaaS providers typically derive 20% or more of their revenue from customers outside the U.S. However, all the providers in this Magic Quadrant offer their services on a global basis, and generate a minimum of 15% of their revenue outside their home region; most have at least one data center in North America, Western Europe and Asia/Pacific.

Significant European-based providers not in this Magic Quadrant include Arsys, CloudSigma, Colt, Gigas, Orange Business Services, OVH and Skyscape Cloud Services. Providers with significant presence in the Asia/Pacific region that are not in this Magic Quadrant include Datapipe, NTT and Tata Communications.

Two offerings that are currently in beta, and therefore could not be included in this evaluation, may be of considerable interest to many prospective customers. They are:

  • Google Compute Engine (GCE). Although Google has previously introduced a PaaS offering (Google App Engine), it is still in the midst of the beta ("open preview") of its IaaS offering. GCE's model is most similar to Amazon EC2's, and we believe that it will initially primarily serve ephemeral workloads (such as batch computing); as it grows more capable, the next-most-common use case will be cloud-native applications that do not need infrastructure resilience.
  • VMware vCloud Hybrid Service (vCHS). VMware has previously participated in the cloud IaaS market solely by enabling its service provider partners. It is currently in the midst of a beta ("vCHS") for its public cloud IaaS offering, which competes directly against them, and is sold both directly to customers and through VMware's partner channel. vCHS is a full-featured offering with more functionality than is offered by a vCloud Datacenter Service. VMware's strategy is to emphasize easy interoperability with existing on-premises VMware deployments, including the ability to move workloads easily between internal data centers and vCHS.

In the evaluations for this Magic Quadrant, we considered a variety of interesting cloud IaaS providers that did not meet the criteria for inclusion. The more distinctive ones include:

  • CloudSigma, which has a very capable platform, along with a unique pricing model with five-minute billing increments and programmatically accessible, demand-based, dynamic pricing.
  • FireHost, which specializes in managed, compliant cloud solutions, especially for PCI.
  • NaviSite, a Time Warner Cable Company, which has a broad and innovative feature set, and is one of the most capable platforms for enterprise applications.
  • Peer 1 Hosting, whose Zunicore cloud IaaS offering has HPC options, including nVidia GPUs in "bare metal" physical servers.
  • ProfitBricks, which emphasizes high-performance infrastructure, and offers some of the largest available VM configurations.

We excluded PaaS providers from this Magic Quadrant, even though some businesses may use PaaS in a very IaaS-like manner. PaaS offerings do not allow customers to obtain raw VMs that can be loaded with arbitrary OSs, middleware and applications, which is a requirement for being considered as IaaS. For PaaS providers, see "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2012."

Evaluation Criteria

Ability to Execute

Gartner analysts evaluate technology vendors on the quality and efficacy of the processes, systems, methods or procedures that enable IT providers' performance to be competitive, efficient and effective, and to positively affect revenue, retention and reputation. Ultimately, technology providers are judged on their ability to capitalize on their vision, and on their success in doing so.

We evaluated vendors' Ability to Execute in this market by using the following criteria:

  • Product/Service: Service providers were evaluated on the capabilities of their cloud IaaS offering to support the four use cases being evaluated. We evaluated the breadth and depth of the feature set, self-service capabilities, automated system management and suitability to run a broad range of workload types. This criterion is important to buyers who want to purchase the most capable, feature-rich service.
  • Overall Viability (Business Unit, Financial, Strategy, Organization): Providers were evaluated on the success of their cloud IaaS business, as demonstrated by current revenue and revenue growth since the launch of their service; their financial wherewithal to continue investing in the business and to execute successfully on their road maps; and their organizational commitment to this business, and its importance to the company's overall strategy. This criterion is important to buyers who prefer to purchase services from large vendors with ample financial resources, or from vendors that have a position of market leadership and are continuing to invest aggressively in the business, or who are concerned about their long-term strategic investment in a particular vendor.
  • Sales Execution/Pricing: Providers were evaluated on their ability to address the range of buyers for IaaS, including developers and business managers, as well as IT operations organizations; adapt to "frictionless selling" with online sales, immediate trials and proofs of concept; provide consultative sales and solutions engineering; be highly responsive to prospective customers; and offer value for money. This criterion is important to buyers who value a smooth sales experience, the right solution proposals and competitive prices.
  • Market Responsiveness and Track Record: This market is evolving extremely quickly and the rate of technological innovation is very high. Providers were evaluated on how well they have historically been able to respond to changing buyer needs and technology developments, rapidly iterate their service offerings, and deliver promised enhancements and services by the expected time. This criterion is important to buyers who value rapid delivery of cutting-edge capabilities.
  • Marketing Execution: Providers were evaluated on their mind share and brand awareness in the market; their ability to convey marketing messages based on their ability to deliver real business value, not empty hype or misleading "cloudwashing;" and the clarity and accuracy of their marketing messages, compared with their actual service offering. This criterion is important to buyers who prefer to buy from well-known vendors.
  • Customer Experience: Providers were evaluated on the quality and responsiveness of their account management and technical support; the ease of use of their self-service functionality; the capabilities of their customer portal (additional functionality such as monitoring, reporting and trouble ticketing); the usefulness of their documentation and customer communications; the quality of their SLAs; the ease of doing business with them; and overall customer satisfaction. This criterion is important to buyers who value the aspects of the vendor relationship and capabilities beyond the IaaS platform itself.
  • Operations: Providers were evaluated on their ability to meet their goals and commitments, including their track record of service delivery; the quality of their response to outages; and their ability to meet timelines that are communicated to customers and to the market. This criterion is important to buyers who want a reliable, predictable service experience.

Our evaluation of a service provider's Ability to Execute remains similar to that of the 2012 Magic Quadrant. We have, however, significantly raised our expectations of a provider's feature set, reflecting an overall significant improvement in capabilities across the market. A side effect of this is that many providers that used to have differentiating capabilities no longer do, as others have added the same capabilities; since providers are rated relative to one another, this has flattened the Product/Service scores across the market. We have also heavily increased the weighting of Overall Viability, reflecting our belief that even though some providers can accomplish great things with relatively few resources, long-term success in this market will require substantial investment, as well as the ability to attract an ecosystem.

Table 1. Ability to Execute Evaluation Criteria



Product or Service


Overall Viability


Sales Execution/Pricing


Market Responsiveness/Record


Marketing Execution


Customer Experience




Source: Gartner (August 2013)

Completeness of Vision

Gartner analysts evaluate technology vendors on their ability to articulate logical statements convincingly about current and future market direction, innovation, customer needs and competitive forces, as well as how they map to Gartner's position. Ultimately, technology providers are assessed on their understanding of the ways in which market forces can be exploited to create opportunities.

We assessed vendors' Completeness of Vision in this market by using the following criteria:

  • Market Understanding: Providers were evaluated on their understanding of the wants and needs of three different buying constituencies in this market — enterprises, midmarket businesses and technology companies of all sizes — both currently and in the longer term as the use of IaaS matures. This criterion is important to buyers who value a provider's understanding of the market's evolution and broader business trends, which impact a provider's ability to plan a successful long-term strategy.
  • Marketing Strategy: Providers were evaluated on their ability to articulate their position in the market and their competitive differentiation, and to communicate these messages clearly and consistently, both internally and externally. This criterion is important to buyers who believe that providers should have a clear focus and direction.
  • Sales Strategy: Providers were evaluated on their understanding of the buying centers for the market, and the way that these different buying centers want to engage with sales, as well as their strategy for adapting their sales force, online channel and partner channels to the IaaS market. This criterion is important to buyers who value a provider's ability to grow its business over the long term.
  • Offering (Product) Strategy: Providers were evaluated on the breadth, depth, quality and differentiation of their service road maps, as relevant to the four use cases under evaluation, with an emphasis on self-service, automated IT operations management and overall feature set. This criterion is important to buyers who want a provider who will lead the market in service capabilities.
  • Business Model: Providers were evaluated on their overall value proposition and their strategy for providing solutions for the use cases under consideration, not just raw infrastructure elements. This included evaluating how IaaS fits into their broader product portfolio and product strategy. This criterion is important to buyers who view IaaS as part of an integrated set of solutions from a particular provider.
  • Vertical/Industry Strategy: Providers were evaluated on their ability to offer targeted services for particular vertical markets, such as government, biotech, media and entertainment, and retail. This includes sales and marketing to such verticals, their ability to meet specialized compliance needs, and vertical-specific solutions. This criterion is not directly important to most buyers, except to the extent that a provider has a vertical-specific offering that is relevant to them.
  • Innovation: Providers were evaluated on the level of investment in the future of their business, and the quality of those investments, whether financial or human capital; this includes aspects such as the deployment of engineering resources, investments in new technology, mergers and acquisitions, and partnerships and alliances. This criterion is important to buyers who care about leading-edge capabilities, and the strength of a provider's ecosystem.
  • Geographic Strategy: Providers were evaluated on their ability to expand their offering beyond their home region, serving the needs of multinational businesses, as well as adapting their offerings to other geographies. In particular, this included their strategy for international sales and support, as well as their data center footprint and internationalization efforts. This criterion is important to buyers who want to use a global vendor.

Our evaluation of Completeness of Vision remains similar to that of the 2012 Magic Quadrant. However, we have significantly increased our expectations for the breadth and depth of a provider's vision. We believe that a comprehensive vision must encompass the ambition to run any workload, at any time, anywhere in the world, with the appropriate availability, performance, security and isolation — including the ability to self-service all of the compute, storage, network, and management capabilities necessary — in cooperation with an ecosystem of supporting partners.

Table 2. Completeness of Vision Evaluation Criteria

Evaluation Criteria


Market Understanding


Marketing Strategy


Sales Strategy


Offering (Product) Strategy


Business Model


Vertical/Industry Strategy




Geographic Strategy


Source: Gartner (August 2013)

Quadrant Descriptions


Leaders distinguish themselves by offering an excellent service and having an ambitious future road map. They are likely to excel in a particular use case, and can serve a broad range of use cases, although they do not excel in all areas, may not necessarily be the best providers for a specific need, and may not serve some use cases at all. They have a track record of successful delivery, significant market share and many referenceable customers.


Challengers are well-positioned to serve current market needs. They deliver a good service that is targeted at a particular set of use cases, and they have a track record of successful delivery. They may have significant market share, and are likely to have many referenceable customers. Nevertheless, they are likely to be making significant investments in the business, with long-term plans that may enable them to become market leaders, but the scope of their short-term ambitions is not as broad.


Visionaries have an ambitious vision of the future, and are making significant investments in the development of unique technologies. Their services are still emerging, and they have many capabilities in development that are not yet generally available. While they may have many customers, they do not yet serve a broad range of use cases well.

Niche Players

Niche Players may be excellent providers for the use cases in which they specialize, but may not serve a broad range of use cases well, or have a broadly ambitious road map. They may be relatively new entrants to this market, or may not yet have gained significant market share. Some may have solid leadership positions in other markets that are adjacent to this market, but are still in the relatively early stages of developing capabilities in cloud IaaS.


When people think about "cloud computing," cloud IaaS is often one of the first things that comes to mind. It's the "computing" in cloud computing — on-demand compute, storage and network resources, delivered on-demand, in near-real-time, as a service. There has been tremendous hype about these services, but there are a number of use cases for which cloud IaaS delivers excellent business value. Although the market is immature, it is evolving rapidly; it is beginning the journey up the Slope of Enlightenment on Gartner's "Hype Cycle for Cloud Computing, 2012." Unfortunately, there is a great deal of market confusion and many providers articulate their offerings poorly. Therefore, care should be taken when sourcing these services.

The common use cases for cloud IaaS are development and testing environments; high-performance computing and batch processing; Internet-facing websites and Web-based applications (which may or may not have architectures specifically designed for the cloud); and non-mission-critical internal business applications. Furthermore, some organizations now run mission-critical business applications on cloud IaaS, although this is less common.

Initially, most businesses choose use cases that are peripheral to their organization's IT needs, but, over time, adopt cloud IaaS for mainstream business applications as well, including mission-critical applications, mirroring the past decade's adoption pattern of virtualization in the data center. Many businesses, especially in the midmarket, will eventually migrate away from running their own data centers in favor of relying primarily on infrastructure in the cloud. Gartner's 2013 CIO Priorities Survey indicates that 28% of CIOs expect to source all critical applications and operations via the cloud by 2016, and 55% expect to do so by 2020 (see "Hunting and Harvesting in a Digital World: The 2013 CIO Agenda").

Although, at present, sourcing cloud IaaS is typically a tactical decision, many organizations are also looking for long-term strategic partners. However, we believe that the market is too immature for strategic choices to be made at this stage, and we recommend that prospective customers focus on finding the cloud provider that matches their specific use case, and probably their anticipated use cases for the next year. In many cases, businesses may have to use multiple cloud IaaS providers to meet the needs of diverse use cases.

Market Overview

Cloud IaaS is computing resources, along with associated storage and network resources, offered to the customer via self-service in a highly automated way, on-demand and in near-real-time. In IaaS, the provider manages the data center facilities, hardware and virtualization, but everything above the hypervisor layer — the OS, middleware and application — is managed by the customer, or is an add-on managed service from the provider or another third party. This market is wholly separate and distinct from cloud PaaS and SaaS.

Cloud IaaS is owned, built and operated by a service provider, but it may be delivered on-premises within a customer's data center or hosted in the provider's data center. It may be "public" (multitenant) or "private" (single-tenant), although, in practice, there is no consistency in the application of these labels to varying degrees of resource isolation, and most hosted offerings use some degree of shared resources in services labeled "private."

Cloud IaaS is not a commoditized service, and even providers with very similar offerings and underlying technologies often have sufficiently different implementations that there is a material difference in availability, performance, security and service features. See "Evaluating Cloud Infrastructure as a Service" and its related reports to understand the range of options available in this market.

What Types of Workload Are Being Placed on Cloud IaaS?

There are three broad categories of customer need in cloud IaaS:

  • The hosting of a single application, or a closely related group of applications
  • A VDC that will serve a broad range of different workloads
  • Batch computing

Hosting is the most common need. For instance, a media company with a marketing microsite for a movie, a software company offering SaaS and a retailer needing a lightweight version of its e-commerce site for disaster-recovery purposes are examples of customers with hosting needs that can be fulfilled by IaaS. These are generally production applications, although there is some test and development as well. Some of these customers have mission-critical needs, while others do not.

Customers with a broad range of unrelated workloads are less common, but are growing in importance, particularly in the midmarket, where IaaS is gradually replacing or supplementing traditional data center infrastructure. The VDC is typically used very similarly to the organization's internal virtualization environment — primarily for less mission-critical production applications, or test and development environments — but is increasingly being used to run more mission-critical applications.

The least common need, but one that nevertheless generates significant revenue for the small number of providers that serve this portion of the market, is batch computing. For these customers, IaaS serves as a substitute for traditional HPC or grid computing. Customer needs include rendering, video encoding, genetic sequencing, modeling and simulation, numerical analysis and data analytics. Other than the need to access large amounts of commodity compute at the lowest possible price, with little concern for infrastructure reliability, these customers typically have needs very similar to those of VDC customers, although some HPC use cases benefit from specialized hardware such as GPUs and high-speed interconnects.

What Key Market Aspects Should Buyers Be Aware Of?

Cloud IaaS is not a commodity. Providers vary significantly in their features, performance, cost and business terms. Although in theory, cloud IaaS has very little lock-in — a VM is just a VM, in the end — providers are increasingly seeking to offer additional value-added capabilities to customers, such as monitoring, automated service management and orchestration. The more you use those capabilities, the more value you will receive from the offering, but the more you will be tied to that particular service offering.

Hybrid cloud is not yet a reality. While it is relatively straightforward to move VM images from one cloud to another, truly hybrid multicloud scenarios are rare. The tools to enable true "single pane of glass" management and seamless movement across infrastructure platforms are not mature, and there are significant differences in cloud IaaS implementations, even between providers using the same underlying CMP. Note that the claim that an ecosystem is "open" has nothing to do with actual portability.

One size does not fit all. As the IaaS market matures, clarity is emerging about the range of different customer needs. Workloads vary in their availability and performance needs, and in the general complexity of the overall application infrastructure. Customers vary in the importance that they place on security, customer service and ease of use. Customers also vary in how much they want to manage themselves, versus how much they want the IaaS provider to manage for them. While some providers are beginning to address differentiated customer needs in a targeted fashion, most service providers still take a "one size fits all" approach, which can make it difficult to determine if a particular provider is the right one for a particular set of business and technical needs.

IaaS can be used to run a broadening range of workloads. Service providers are moving toward infrastructure platforms that can offer physical (nonvirtualized) and virtual resources, priced according to the level of availability, performance, security and isolation that the customer selects. This allows customers to run both "cloud native" applications that have been architected with cloud transaction processing principles in mind (see "From OLTP to Cloud TP: The Third Era of Transaction Processing Aims to the Cloud"), as well as to migrate existing business applications from their own virtualized servers in internal data centers into the cloud, without changes.

Public and private cloud IaaS are converging. Service providers are increasingly using dynamic physical and logical isolation mechanisms to create "private" infrastructure within a shared, multitenant capacity pool. This allows for economies of scale, while enabling customers to meet a broader range of security and compliance requirements. See "Best Practice: Evaluate Isolation Mechanisms in Public and Private Cloud IaaS" for details on this convergence and how to choose the level of isolation you need. We believe that, over time, the leading providers will offer a single, highly flexible platform across both their own data centers and customer data centers. As a result, this Magic Quadrant covers not only public cloud IaaS, but standardized private cloud IaaS as well.

Buying centers for IaaS are diverse. The early adopters in the IaaS market were developers. As the market matures, developers remain an important audience, because a great deal of IaaS adoption is business-led — driven by business managers who hold the budget, need greater agility and have shorter time frames than IT operations is able to accommodate, and who therefore turn to application developers and enterprise architects for a solution. This is particularly true for the single-application, "hosting" side of the market. IT operations is, however, increasingly involved in IaaS sourcing, and is likely to be the primary buying center for multiple-application needs. IaaS providers vary in their ability to target these different buying centers. Furthermore, most providers focus on either a developer audience or an IT operations audience, and their feature set and style of service are oriented accordingly.

Customers do not usually save money by using cloud IaaS. While many customers first investigate using IaaS to achieve cost savings, most customers buy IaaS to achieve greater business agility or access infrastructure capabilities that they do not have within their own data center. IaaS can drive significant cost savings when customers have short-term, seasonal, disaster recovery or batch-computing needs. It can also be a boon to companies with limited access to capital and to small companies, especially startups, that cannot afford to invest in infrastructure (see "Cloud Computing Can Be the Singular Solution for at Least Five Use Cases" for details). For larger businesses with existing internal data centers, well-managed virtualized infrastructure and efficient IT operations teams, IaaS for steady-state workloads is often no less expensive, and may be more expensive, than an internal private cloud. While provider efficiencies will increase over time, and automated managed services will substantially drive down the cost of infrastructure management, the state of technology has not yet advanced to that point.

The software-defined data center is the center of a partner ecosystem. Programmatic (API) access to infrastructure is crucial, as it enables customers, as well as third parties, to build management tools for their platforms, and to enable applications to take maximum advantage of the infrastructure environment. Providers need to foster rich ecosystems of capabilities. While the leading providers are likely to build a substantial number of capabilities themselves, partners will extend the range of their capabilities, provide overlays for complex multivendor heterogeneous environments, and add "stickiness" to these platforms by offering tight integrations between applications, middleware and infrastructure.

The cloud IaaS market is more similar to a software market than to traditional IT services markets. To deliver greater value to customers, cloud IaaS providers must improve the quality and efficiency with which customers can manage their infrastructure. They must find ways to reduce the burden of operational chores such as patch management and backups. While manual managed services are frequently used to substitute for automated offerings, efficiency demands automation instead of operators. In the long term, leadership in the cloud IaaS market will require the ability to provide a range of ITOM capabilities to customers. Some of these capabilities have historically been part of enterprise ITOM software from vendors like BMC Software, CA, HP and IBM. Some will be new, "DevOps"-oriented capabilities. Some will be new forms of automation, analytics and insight, and "smart" infrastructure capabilities that take advantage of the unique perspective offered by the delivery of integrated compute, storage and networking resources. Consequently, providers are in a race to deliver features, and the "winners" are likely to be those that are highly innovative and that have the most resources to invest in breadth and depth of capabilities development.

Providers' size and scale matter. While scale does impact operational efficiency to some degree, more importantly, it impacts engineering efficiency — the ability to leverage an investment in developers as well as partner capabilities across as large a customer base as possible. Software requires a large upfront investment, but each incremental customer adds comparatively little cost, and software markets tend to become "winner takes all" arenas, where a small number of vendors command dominant market share. Scale also matters because the ability to deliver a broad range of integrated capabilities will become increasingly crucial. A provider's size, its existing customer relationships, and the strength of its brand have an enormous impact on its ability to gain market share and traction, especially on a global basis. Furthermore, the solutions ecosystem is likely to consolidate around a small number of market leaders.

The gap between the market share leader and the rest of the market is widening. Many providers have solid offerings that encompass the most fundamental capability in this market — the ability to provision VMs rapidly on-demand, coupled with storage and an Internet connection. But most are finding it challenging to move beyond this point. Customer expectations are increasing, use cases are broadening, and many providers have neither the ambition nor the resources to compete across the full breadth of the addressable market.

There are many providers, but they vary widely in quality. There are many competitors in the market; new entrants continue to launch offerings and existing providers are expanding the market segments they serve. Many providers are more interested in managed services than in the highly automated, self-service market, and consequently the quality of their technology and their investment in engineering varies greatly. Moreover, many of the newer market entrants are very large IT companies with considerable sales reach, which has enabled them to take market share rapidly. Yet these companies do not necessarily have superior offerings. Indeed, many of the better providers are actually smaller, highly innovative companies. Many providers will find it challenging to execute well in this rapidly evolving market. Most providers are able to deliver a basic offering — with reasonable availability, performance and security, and good customer support — but many have limited differentiation and value-add beyond the ability to provision resources quickly. Therefore, significant due diligence must be performed to evaluate providers thoroughly.


  • Over 2,000 Gartner client inquiries in 2012 and 2013
  • Service provider interviews and product demonstrations in 2012 and 2013
  • Surveys of more than 75 cloud IaaS providers in 2012 and 2013
  • Customer references from the service providers in 2012 and 2013
  • Hands-on trials of service offerings in 2012 and 2013
  • Public information, such as U.S. Securities and Exchange Commission filings, press releases, vendor websites and community support forums

Note 1

Statement on Standards for Attestation Engagements (SSAE) 16 — that is, Service Organization Control (SOC) 1. See "SOC Attestation Might Be Assurance of Security … or It Might Not."

Note 2
ISO 27001

International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001. See "Security Research Roundup for ISO 27001 Compliance."

Evaluation Criteria Definitions

Ability to Execute

Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.

Overall Viability: Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products.

Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.

Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness.

Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.

Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.

Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.

Completeness of Vision

Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision.

Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.

Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.

Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.

Business Model: The soundness and logic of the vendor's underlying business proposition.

Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.

Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.

Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.