Gartner Cuadrant
This research note is restricted to the personal use of [email protected]. Hype Cycle for Cloud Computing, 2018 Published
Views 193 Downloads 5 File size 675KB
Recommend stories
- Author / Uploaded
- Jhonatan
Citation preview
This research note is restricted to the personal use of [email protected].
Hype Cycle for Cloud Computing, 2018 Published: 31 July 2018
ID: G00340420
Analyst(s): David Smith, Ed Anderson
Cloud computing has reached the Slope of Enlightenment. The next waves of technologies building on cloud are emerging and climbing to the Peak of Inflated Expectations. This document outlines the cloud-related technologies in use and those that will become the foundation for the future of computing. Table of Contents Analysis.................................................................................................................................................. 3 What You Need to Know.................................................................................................................. 3 The Hype Cycle................................................................................................................................ 3 The Priority Matrix.............................................................................................................................5 Off the Hype Cycle........................................................................................................................... 6 On the Rise...................................................................................................................................... 7 Site Reliability Engineering (SRE).................................................................................................7 Blockchain PaaS........................................................................................................................ 9 Cloud to Edge Development Support....................................................................................... 10 Serverless PaaS....................................................................................................................... 11 Cloud Tethering........................................................................................................................ 13 Immutable Infrastructure........................................................................................................... 15 At the Peak.....................................................................................................................................17 Edge Computing...................................................................................................................... 17 Hyperscale Computing............................................................................................................. 18 Cloud Managed Services..........................................................................................................20 Cloud Service Expense Management....................................................................................... 21 Multicloud.................................................................................................................................23 Container Management............................................................................................................ 24 IoT Platform.............................................................................................................................. 26 Machine Learning..................................................................................................................... 28
This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Sliding Into the Trough.................................................................................................................... 30 API Economy............................................................................................................................30 Cloud-Native Application Architecture.......................................................................................32 Hybrid IT...................................................................................................................................33 Cloud Marketplaces..................................................................................................................35 Cloud Networking.....................................................................................................................37 Software-Defined Infrastructure................................................................................................ 39 Hybrid Cloud Computing.......................................................................................................... 39 Cloud Service Brokerage.......................................................................................................... 41 Cloudbursting........................................................................................................................... 43 Private Cloud Computing..........................................................................................................45 Cloud Management Platforms.................................................................................................. 47 Cloud Migration........................................................................................................................ 49 Integrated IaaS and PaaS......................................................................................................... 51 Cloud Center of Excellence.......................................................................................................53 Climbing the Slope......................................................................................................................... 54 Cloud Office..............................................................................................................................54 iPaaS........................................................................................................................................56 Private PaaS.............................................................................................................................58 Public Cloud Storage................................................................................................................60 SaaS Administrative ERP.......................................................................................................... 61 Application PaaS...................................................................................................................... 63 Cloud Computing..................................................................................................................... 65 Platform as a Service (PaaS)..................................................................................................... 66 Cloud-Testing Tools and Services............................................................................................. 68 Infrastructure as a Service (IaaS)............................................................................................... 69 Cloud Security Assessments.................................................................................................... 71 Entering the Plateau....................................................................................................................... 73 IaaS+........................................................................................................................................73 Software as a Service (SaaS).................................................................................................... 75 Appendixes.................................................................................................................................... 77 Hype Cycle Phases, Benefit Ratings and Maturity Levels.......................................................... 78 Gartner Recommended Reading.......................................................................................................... 79
List of Tables Page 2 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Table 1. Hype Cycle Phases................................................................................................................. 78 Table 2. Benefit Ratings........................................................................................................................ 78 Table 3. Maturity Levels........................................................................................................................ 79
List of Figures Figure 1. Hype Cycle for Cloud Computing, 2018...................................................................................5 Figure 2. Priority Matrix for Cloud Computing, 2018............................................................................... 6 Figure 3. Hype Cycle for Cloud Computing, 2017.................................................................................77
Analysis What You Need to Know Cloud computing hype continues to be high relative to other technologies, even though it is quite far along in the Hype Cycle. Much of the cloud discussion has shifted from hype to inevitable mainstream acceptance. The focus has shifted from the unrealistic promises that cloud will transform everything and the pessimistic view that it didn't deliver, to a pragmatic approach that views cloud as inevitable. The focus is now on how to do it well versus on whether to do it at all. Most organizations are becoming increasingly grounded in the practical benefits and risks of cloud computing. "Cloud first" is becoming a common description of enterprises' strategies, as cloud adoption becomes mainstream (approaching "new normal" status), including support for production applications and mission-critical operations. Cloud services are heavily favored for new application development, particularly when organizations pursue digital business outcomes. Most vendor innovations are in the cloud or at least cloud-inspired. There are ever-increasing examples of organizations achieving cloud computing benefits across different industries (including initially reluctant ones, such as finance and healthcare), organization sizes and geographic regions. Understanding the landscape of cloud service offerings, technologies and terminology is critical for organizations to establish viable cloud strategies and find success in their use of cloud service offerings. This research profiles key cloud computing technologies and concepts, and it provides guidance to IT leaders on how to leverage the growing capabilities of cloud computing. For more information about how peer I&O leaders view the technologies aligned with this Hype Cycle, please see "Emerging Technology Roadmap 2017-2018 (Large Enterprise)."
The Hype Cycle Cloud has moved beyond just disrupting IT to providing the underlying basis for most future digital disruptions and future innovations. Cloud exists on a spectrum (see "Four Types of Cloud Computing Define a Spectrum of Cloud Value") and enables the next-generation platforms upon
Page 3 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
which new IT capabilities are being built. Cloud vendors and users alike continue to stake a claim in cloud-generated growth opportunities. They sometimes exaggerate the capabilities of cloud services and their contributions to the cloud value proposition (cloudwashing), as well as misrepresent terminologies, such as "hybrid cloud," under the guise of pushing traditional onpremises infrastructure and hardware. As cloud computing becomes mainstream, many organizations find their IT environments include public and some private cloud alongside traditional IT systems. Most organizations believe hybrid scenarios will help address the challenges of these disparate environments. However, disillusionment is increasing for technologies associated with building out private clouds (cloud management platforms, private infrastructure as a service [IaaS] and private cloud itself), further driving workloads to public clouds as organizations seek the full benefits of cloud computing. We also see a few clusters of technologies appear on this Hype Cycle: ■
The next wave of cloud disruption (cloud-enabled platform services) delivering advanced capability around artificial intelligence (AI), blockchain, Internet of Things (IoT) and so forth
■
The peak (serverless, multicloud and containers), where much of the excitement is around specific approaches that are driving innovation
■
The trough (private cloud, cloudbursting and brokerage), where concepts that have generated significant excitement in past years are struggling with implementation challenges
This Hype Cycle (see Figure 1) includes innovation profiles describing different cloud models and deployment types, as well as the tools and services used to test, migrate, manage and secure cloud environments. We outline key technology and market areas to watch for future opportunities, particularly in cloud-based applications. Technologies to watch include container management, serverless PaaS, cloud networking and cloud-native application architecture. Note that many of the innovation profiles in this Hype Cycle are beyond the Peak of Inflated Expectations. The Hype Cycle includes many new (and relatively new) innovation profiles. These include edge computing, multicloud, machine learning, API economy and IoT platform. These are examples of cloud becoming critical underpinnings of next-generation disruptions. As cloud enters its second decade, it continues to evolve with new types of services and capabilities that make it the primary model for a wider range of solutions. Cloud has become the default style for just about everything in the future. If it is not cloud, it is legacy. Organizations that are finding success in their use of cloud computing not only challenge cloudrelated hype, but also apply practical assessments of cloud capabilities to recognize the organizations' desired outcomes. Pragmatism is critical when evaluating cloud services. When applied to the right scenarios, with the right management and governance, organizations can find success in realizing practical benefits, including increased agility, elasticity, scalability, innovation and, in some cases, cost savings.
Page 4 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Figure 1. Hype Cycle for Cloud Computing, 2018
Source: Gartner (July 2018)
The Priority Matrix Cloud computing is a set of dynamic, high-growth markets, which causes some cloud technologies and concepts to move through the Hype Cycle at an accelerated rate (see Figure 2). Transformational technologies and services, such as application PaaS (aPaaS), hybrid cloud computing and PaaS, are realizing increasing usage, which are accelerating their adoption. We are also seeing the rapid emerging industry of managed service providers offering professional services and "cloud managed services." Many cloud computing technologies and concepts are two to five years away from mainstream adoption. IaaS has moved into mainstream adoption, followed closely by IaaS+ and aPaaS. New technologies — including serverless PaaSs and edge computing — are building in hype and will grow to become important technology foundations for future cloud solutions over the next two to five years. The relative impact of cloud and cloud-related technologies is high and often transformational. Organizations building on a cloud foundation will embrace transformational change more quickly and effectively than organizations bound to traditional IT environments.
Page 5 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Figure 2. Priority Matrix for Cloud Computing, 2018
Source: Gartner (July 2018)
Off the Hype Cycle The market for cloud computing is dynamic, and changes occur rapidly. Cloud technologies and offerings move steadily toward maturity with only a few becoming obsolete before reaching the Plateau of Productivity. We endeavor to represent a broad view of cloud-related technologies and
Page 6 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
concepts, which means the Hype Cycle goes through a regular cycle of update, consolidation and focus. In this 2018 update, we made the following notable changes: ■
■
Removed: ■
Database PaaS has matured beyond the scope of the Hype Cycle.
■
BPaaS has been removed.
Renamed: ■
■
Software-defined anything is replaced by software-defined infrastructure.
Added: ■
Cloud tethering
■
Cloud networking
On the Rise Site Reliability Engineering (SRE) Analysis By: Lydia Leong; Christopher Little; George Spafford Definition: Site reliability engineering is a collection of systems and software engineering principles used to build and operate resilient distributed systems at scale. An SRE team applies these principles — usually in combination with DevOps and agile practices and tools — and applies them to responsibilities such as risk management, release engineering, monitoring, self-healing, incident management and problem management. An SRE team collaborates with developers to design, build, and continuously improve systems that meet service-level objectives. Position and Adoption Speed Justification: Site reliability engineering is a discipline originally created by Google, and was described in the 2016 book, "Site Reliability Engineering: How Google Runs Production Systems." It is gradually being adopted more widely, both by digital-native organizations as well as traditional enterprises. SRE emphasizes the engineering disciplines that lead to resilience, but individual organizations implement SRE in widely varying ways. Most SRE implementations represent a mature form of DevOps. SRE is intended to help manage the risks of rapid change, through the use of service-level objectives (SLOs), "error budgets," monitoring (including the converging of monitoring and QA testing), and automated rollback of changes. SRE teams are often involved in code review, looking for problems that commonly lead to operational issues (for instance, an application that does not do log cleanup and therefore may run out of storage), ensuring that the application comes with appropriate monitoring and resilience mechanisms, and that the application meets DevSecOps standards. SRE teams may also be responsible for incident management, and nearly all such teams have a strong emphasis on problem management. A key SRE discipline involves root cause analysis
Page 7 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
and prevention of future such problems through automation and continuous feedback loops. SRE also emphasizes the virtue of simplicity, and the distinction between complexity that is essential to a system's business function, and accidental complexity that should be addressed with better engineering. Because SRE requires an organization that is highly skilled at automation (and usually DevOps), has adopted the principle of infrastructure as code (which usually requires a cloud platform), has adopted resilient system engineering principles, and has applications with an agile life cycle that employs continuous integration/continuous deployment (CI/CD), it is primarily something that is adopted by highly sophisticated digital organizations, or is an end-state aspiration of enterprises that are in the midst of digital transformation. User Advice: Organizations can benefit from SRE principles even if they are not sufficiently mature, agility-focused, or large enough to adopt SRE as a primary operations model. The SRE principles for risk management, release engineering, handling service-level objectives, monitoring, automation, and self-healing can be applied to a broader range of cloud-native and digital applications. SRE also represents a useful end state of evolution for DevOps-driven operational transformations. Finally, SRE can be a useful approach to frame the continuous improvement of operations across the organization. An SRE initiative should have an executive sponsor. The pilot project should have the following characteristics: ■
The target application must change rapidly yet maintain high availability in order to maximize business value. Stakeholders should be politically friendly.
■
The pilot must demonstrate sufficient value to improve credibility and support, yet also have an acceptable level of risk, allowing the stakeholders to learn.
■
The initial SRE team must have a collaborative engineering mindset, strive to continuously learn and improve, and desire to automate tasks to reduce repetitious manual work, which is known as "toil." It is often easiest to move DevOps-skilled employees from different parts of the organization, due to the relative difficulty of hiring engineers with SRE experience. A site reliability engineer is typically a software engineer with an excellent understanding of operations, or, less frequently, an infrastructure and operations engineer with strong programming skills.
■
There must be clear SLOs that can be continuously monitored and reported against.
■
The application development team must collaborate with the SRE team to meet SLOs. Developers are responsible for a resilient architecture and reliable code. SREs should not spend more than 50% of their time on ad hoc operational activities. Any excess should go to the developers for support.
The pilot should not be followed by a general "go live"; instead, iteration should be used to evolve the state of SRE practices. The teams involved should share experiences and lessons learned. Business Impact: SRE is primarily useful to fast-moving digital businesses, due to its emphasis on the balance between the ability to change rapidly, and systems stability. The SRE approach to Page 8 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
DevOps is intended to produce systems that — despite frequent change, unpredictable customer demand and global scale — are reliable, performant and secure. For such businesses, SRE may be an essential discipline not just for achieving business objectives and maintaining operational stability, but also for controlling costs by avoiding unnecessary manual operations, and freeing up skilled personnel to work on value-added activities. Benefit Rating: Moderate Market Penetration: Less than 1% of target audience Maturity: Emerging
Blockchain PaaS Analysis By: Paul Vincent; Rajesh Kandaswamy; Yefim V. Natis Definition: Blockchain platform as a service (bPaaS) is a set of blockchain software platform services offered in the cloud by a vendor, for subscribers. Services can include some or all of the distributed ledger, node or consensus mechanisms, and other ancillary services to manage a network of distributed ledgers on the vendor's cloud infrastructure. Another term for these services is blockchain as a service (BaaS). Position and Adoption Speed Justification: bPaaS is a recent cloud service offering from enterprise cloud vendors, such as IBM, Microsoft (Azure) and Oracle, and small technology startups — such as BlockApps, BlockCypher and Wanxiang Blockchain Labs. Solutions in the market today are in the early stages of development and adoption, and mostly used for performing proofs of concept (POCs). Developers seeking to implement blockchain-based applications require specific services that span compute, application, storage and network. The cloud vendors aim to combine these services to provide enterprises with a one-stop service shop that brings the benefits of cloud elasticity and compute costs to blockchain. Each bPaaS vendor attempts to add unique elements around security, interoperability, analytics and performance, in order to differentiate their offerings, in exchange for single-sourcing and centralization of public execution and ledger storage. These offerings are new and we expect the field of competitors to grow over time. In many cases, the cloud vendor's bPaaS supports one or a few blockchain platforms. Support for different consensus mechanisms, tools, frameworks and smart contract capabilities remains limited and continues to evolve. Interoperability for distributed ledgers across competing platforms or clouds is nonexistent at this early stage of evolution. Yet, relying on one vendor for all nodes of the distributed ledger negates some of the advantages of a using a distributed ledger in the first place. The core value of a distributed ledger, which has fueled the hype and interest among many in the technology industry, is to enable decentralized/distributed open-source applications that avoid reliance on just one organization, server, data center or network. The initial versions of bPaaS trade this core value for the convenience of vendor assistance, although this trade-off is expected to be addressed by interoperability and standardization in the future. bPaaS encompasses platform services only. Over time, however, we expect other blockchain-based application and business services to become available in the cloud as blockchain SaaS.
Page 9 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Currently, the primary value of bPaaS is to "jump-start" the ability of enterprise developers to rapidly set up an initial test system or prototype — as opposed to a truly decentralized production system. Because bPaaS is dependent on a restricted perspective of blockchain, and is also affected by blockchain's immaturity, it remains "on the ramp" toward the Peak of Inflated Expectations. User Advice: Current bPaaS offerings can help jump-start your POCs, smaller projects or your experiments with blockchain technologies, as long as you are comfortable with limiting your experience to what bPaaS can provide. As blockchain technologies and bPaaS offerings evolve, we expect a wider range of options to be available — additional services and increased interoperability. Be aware that cloud providers support a limited set of platforms, yet the overall landscape of choices is large and rapidly evolving. Enterprises that avail themselves of PaaS services might consider the same vendor's bPaaS services. There are more than 100 blockchain platform choices, but cloud vendors currently support less than 10% of them. Every blockchain platform will undergo major changes during the next two to five years, rendering any choice effectively obsolete within 24 months. Enterprises should therefore avoid commitments to bPaaS for mission-critical initiatives until greater maturity occurs and platforms and services are interoperable across heterogeneous environments. Understand all aspects of the blockchain technologies you will need, and ensure they can be supported on the bPaaS offering of interest. Be extra cautious in your bPaaS decision when managing initiatives that involve multiple organizations. Business Impact: bPaaS will be attractive for enterprises for initial limited-scale experiments and POCs. Among the various types of blockchain projects, internal ones will be more suitable for such services compared with projects that span multiple entities where all parties need to agree on a common bPaaS. bPaaS offerings will need to evolve for better interoperability. If they evolve to support enterprise needs and full blockchain characteristics, they will be become an option that enterprises should evaluate as they plan infrastructure for their blockchain projects. Benefit Rating: Moderate Market Penetration: Less than 1% of target audience Maturity: Emerging Sample Vendors: Amazon Web Services; BlockCypher; Blockdaemon; IBM; Microsoft (Azure); Oracle; Wanxiang Blockchain Labs Recommended Reading: "Market Guide for Blockchain Platforms" "The Evolving Landscape of Blockchain Technology Platforms"
Cloud to Edge Development Support Analysis By: Bob Gill Definition: Cloud to edge development support describes the extension of hyperscale cloud providers' programming models, SDKs and in some cases, OS types for development and use on edge devices, such as IoT "things" and single board development platforms. Page 10 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Position and Adoption Speed Justification: While hyperscale cloud providers have exposed such capabilities for several years, the widespread availability and rapid adoption of these services on broadly supported devices such as Raspberry Pi, DragonBoard and others, along with a major marketing and investment push, has brought these platforms to the forefront. Just as edge computing and IoT continue to advance on the Hype Cycle, cloud-to-edge capabilities provide an additional boost with the technology investment of the hyperscalers, adding momentum. User Advice: We recommend enterprises evaluate the capabilities (and gaps) of the leading hyperscale providers cloud-to-edge offerings, and factor in the likelihood of very decentralized cloud solutions to augment the current centralized model. While cloud as a style of computing has never mandated centralization, the economies of hyperscale and the centralized deployments of massive compute regions has prepared for a "cloud as centralized" status quo. By extending their models to the absolute edge, the status quo may be overturned. Business Impact: By extending their platform reach to the edge, hyperscale providers allow development and deployment of integrated solutions across the gap between centralized and distributed models. While such capabilities may be targeted toward integrators and service providers, technically aggressive enterprises may experiment to gauge their capabilities to extend the centralized cloud compute model. Such SDK and OS pairings provide one solution to the thorny development issues of providing security, orchestration and directory services for potentially millions of endpoint devices. These offerings also provide the hyperscale cloud providers a mechanism for augmenting their to-date-centralized compute models, allowing for more real-time capabilities, including to devices, people and things with intermittent communications links. Whether the average enterprise actively develops such applications itself is not as important; the demonstration of extended cloud capabilities and availability of useful products will drive both cloud and edge services further into broad use. Benefit Rating: High Market Penetration: 1% to 5% of target audience Maturity: Emerging Sample Vendors: AWS; Google; Microsoft
Serverless PaaS Analysis By: Yefim V. Natis; Anne Thomas Definition: A PaaS offering delivered with serverless characteristics is serverless PaaS. Serverless is a way of delivering an IT service where the underlying resources are opaque, require no preprovisioning, and are micropriced. Function PaaS (fPaaS) is the most notable example of a serverless PaaS that layers additional constraints (event-driven triggering and limited execution time and memory), and not a part of other serverless PaaS like databases, API managers or event brokers.
Page 11 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Position and Adoption Speed Justification: Serverless delivery of IT services has gained broad notice after Amazon popularized its AWS Lambda function platform as a service (fPaaS). Although some associate the notion of serverless exclusively with fPaaS, the significance of serverless, as delivered by the leading vendors (including Amazon, Google and Microsoft), extends beyond functions. All PaaS capabilities can be delivered with serverless characteristics; of which some are already and most will in the future. Serverless PaaS will augment, and in some cases replace, the traditional transparent model of delivery, such as the model of Salesforce (Heroku), AWS Elastic Beanstalk or IBM Cloud Liberty for Java. Serverless PaaS can be achieved on-premises by the way of first establishing the true private cloud and then deploying one of the now-emerging open-source serverless frameworks, like Pivotal Function Service. In that case — the provider part of the organization deals with the enabling and only the subscribing part of the organization gets the serverless experience. Public or private, serverless effect can only be delivered by a cloud service that conceals and manages underlying server and container operations. As the full scope of serverless delivery of PaaS capabilities rolls out, the definition will likely be refined — relaxed in some aspects and possibly further constrained in others. For example, future serverless PaaS will support optional preprovisioning and autoscaling, offering lower costs to the applications with steady and predictable demand for resources (Azure Functions support it already); support for stateful operation will likely also be adopted (the serverless dbPaaS, like Amazon DynamoDB, of course, are stateful already). Future serverless PaaS will likely also support multidimensional SLAs related to performance and throughput, auto-adjusting of memory and CPU, AI-driven runtimes and execution. The current market dynamic already reflects these trends. Adoption of fPaaS is rapidly increasing new business applications, in new vendor renditions of fPaaS (including most recently Oracle, Pivotal and Red Hat) and the emergence of several opensource serverless programming frameworks and platforms (including OpenFaaS, Fission, Kubeless and Apache OpenWhisk). The principles of serverless are also increasingly applied beyond just the fPaaS or public cloud — other cloud services from various providers are delivered serverless, including databases (Cosmos DB FaunaDB, Amazon DynamoDB), API managers (Amazon API Gateway and Azure API Management), message and event brokers (Google Cloud Pub/Sub, Azure Event Grid) and other specialized xPaaS. fPaaS operational experience will become the foundation for the more general serverless PaaS. As fPaaS evolves beyond hype — through the inevitable disappointments and toward the Plateau of Productivity — serverless PaaS will follow, building on the fPaaS lessons learned, but also creating its own hype and disappointments before maturity. The market interest in "serverless" beyond just the fPaaS is bound to continue to increase, as fPaaS matures and its benefits become increasingly attractive. User Advice: Application leaders, CIOs, CTOs, IT leaders and planners should: ■
Use fPaaS offerings as representative of serverless PaaS to build in-house understanding of the trade-offs of the new platform delivery model, but with clear understanding that some of the constraints on design of functions (such as the event-driven model or duration of execution) are not attributes of the general serverless model. fPaaS is a special purpose example, but not the definition of serverless.
Page 12 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
When selecting platforms for cloud-native initiatives, look for platform services that closely approximate or match the serverless delivery model to achieve improved productivity, costefficiency and consistency of outcomes, but ensure that the cost implications and design constraints are not a counter-indication.
■
Avoid the serverless model if the project requires advanced and direct forms of control over application infrastructure operations, or where cost estimates are excessive.
■
Make the cloud platform selections with an effort to minimize vendor or service lock-in; increase investment in integration technology and practices — because ongoing innovations, including the increasing adoption of serverless delivery model, will continue to compel you to consider alternative options in platforms and vendors.
Business Impact: Serverless PaaS represents the true cloud-style operations for cloud platform services. Adoption of a serverless PaaS delivery model will increase productivity and efficiency of PaaS, and help to streamline development, scale operations and reduce infrastructure costs. It will create a more consistent and manageable environment for cloud applications, but the improvements will require adjustments in the practices and strategies of planning, designing and operating the PaaS-based solutions. The adjustments, in turn, will render some current cloud applications new legacy and will require some new training and tooling. Ultimately, the business experience of the "serverless IT" will feature increased scalability, reduced costs and faster times to market for IT-supported business initiatives. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Emerging Sample Vendors: Amazon Web Services; Google; IBM; Microsoft; Oracle; Pivotal; Red Hat Recommended Reading: "The Key Trends in PaaS, 2018" "Leverage Serverless Functions With Event-Driven Architecture to Create New Business Value" "Innovation Insight for Serverless PaaS" "Adding Serverless Computing and fPaaS to Your Cloud-Native Architecture Toolbox" "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2016"
Cloud Tethering Analysis By: Jay Heiser Definition: Cloud tethering is an application delivery model in which a device-based application is linked to the provider's cloud service for licensing. The provider gains greater confidence that
Page 13 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
licensing rules are followed, while customers benefit from access to new features and updates enabled through the cloud. Position and Adoption Speed Justification: The success of "thick" applications on smartphones and tablets has provided inspiration for software vendors to replace their traditional packaged desktop application approach of a serialized licensing model with a one-time installation process. Arguably, the phenomenon is relatively mature on Android and iOS devices, but it is much less prevalent with PC applications. The advantages are compelling, though. Tethering desktop applications to the vendor's cloud, which automatically updates the desktop software (as long as a credit card number is still on file), offers the potential for a near-continuous deployment of updates and fixes, and it meets vendor business goals for cash flow. To make cloud tethering more appealing to consumers, and to create a dependency on continued use of the application, application providers have explored a variety of cloud-based augmentations to the desktop "client," including cloud storage and collaboration, cloud processing and internet searching. As desktop computer usage continues to decline in favor of a mix of endpoints, including tablets, phones and web browsers, cloud-tethered applications provide the user with a single view of their application and its data, no matter what edge device they happen to be using. User Advice: For the most part, consumers will have no ability to choose whether or not to use a cloud-tethered application, and vendors that are still offering a traditional licensing model to enterprises are learning that they likely will not need to do so in the long term. At this point, the ability to choose between the old and new model is rapidly declining. Procurement professionals will be increasingly challenged to negotiate with software vendors that would prefer a totally automated sales model. Cloud tethering changes the licensing model, significantly reducing licensing violations. The relatively low cost of a single seat, and the use of credit-card-enabled subscriptions, means that the emphasis of IT staff responsible for software asset management is shifting from compliance management, financial and even performance management. The value-add mechanisms and especially the multidevice convenience enabled by cloud-tethering are encouraging greater use and variety of SaaS, which over time increases the business demand for SaaS integration or customization. The ability to support a variety of different thick and thin clients adds further complexity to the SaaS applications. Decisions to use a new SaaS app, or to introduce a new use case, should evaluate the "agility risk" — the degree to which some future form of enterprise value-add may be undesirably difficult or impossible. The seamless mixing of end-user devices inherent in cloud-tethered offerings makes it extremely difficult to prevent proprietary or regulated data from flowing from the enterprise through personal devices out to unauthorized people, home PCs or unsanctioned cloud-based collaboration. Organizations that are heavily motivated to control sensitive data should consider the use of cloud access security broker (CASB) tools to track or block data flow. A small number of SaaS collaboration applications provide encryption mechanisms, including information rights management, which can prevent access to data by unauthorized people.
Page 14 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
In many cases, the vendor's cloud is the primary or exclusive storage location. Cloud tethering increases the urgency associated with SaaS vendor risk management and cloud contingency planning. The vendors are aware that not all of their customers are permanently tethered to the internet, and have engineered some "statelessness" into their applications, but poor performance and even complete failure can occur when endpoints do not have broadband access. Maintain a registry of SaaS in use to ensure that the risks associated with the above considerations are recognized, managed and, if necessary, eliminated. Business Impact: Software tethering represents yet another reduction in IT's ability to control the use of digital assets. It is one of several aspects of public cloud computing that is reducing the need to perform many of the routine tasks traditionally performed by the IT staff, while creating needs for new forms of control and digital optimization. For the most part, the enhanced functionality enabled through an intimate relationship with the public cloud will provide capabilities that the individual and business department welcome. Benefit Rating: High Market Penetration: 1% to 5% of target audience Maturity: Adolescent Sample Vendors: Adobe; Box; Concur Technologies; Dropbox; LinkedIn; Microsoft
Immutable Infrastructure Analysis By: Lydia Leong Definition: Immutable infrastructure is an architectural pattern in which the system and application infrastructure, once instantiated, is never updated in-place. Instead, when changes are required, the infrastructure is simply replaced. Immutable infrastructure could encompass the entire application stack, in-versioned templates provisioned using API-enabled infrastructure capabilities, which are most commonly available in cloud infrastructure as a service (IaaS) or platform as a service (PaaS). Position and Adoption Speed Justification: Immutable infrastructure is typically used by organizations that take a DevOps approach to managing cloud IaaS or PaaS; however, it can be used in any environment that supports "infrastructure as code." It represents a significant change in process for traditional infrastructure and operations (I&O) organizations. It may be instantiated using native cloud capabilities, such as Amazon Web Services' CloudFormation or Microsoft Azure's Resource Manager templates; cloud management platforms (CMPs), such as RightScale; software tools, such as HashiCorp's Terraform; or the customer's own automation scripts. Some or all of an application stack will be instantiated, often in the form of virtual machine (VM) images combined with continuous configuration automation (CCA) tools — such as Ansible, Chef or Puppet — that run after the initial boot of the VM. However, in environments that use OS containers, containers may be quickly replaced, whereas VMs remain constant. Containers improve the
Page 15 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
practicality of implementing immutable infrastructure and will drive greater adoption in cloud, as well as noncloud, environments. User Advice: Immutable infrastructure is used to ensure that system and application infrastructure is accurately deployed and remains in a known-good-configuration state. It can simplify change management, support faster and safer upgrades, reduce operational errors, improve security, and simplify troubleshooting. It can also enable rapid replication of environments for disaster recovery, geographic redundancy or testing. The application stack for immutable infrastructure is typically composed of layered components, each of which should be independently versioned and replaceable. The base OS for the stack may be updated using traditional patching tools, or automatically or manually updated. Automation is then used to bundle components into artifacts suitable for atomic deployment — for example, a tool such as HashiCorp's Packer may be used to create VM images, or Docker may be used to manage container images. However, immutable infrastructure typically consists of more than just compute infrastructure. Storage, network and other resources are also provisioned as part of the atomic deployment. The scripts, recipes, and other code used for this purpose should be treated similarly to the application source code itself; this requires appropriate software engineering discipline. Some organizations that use immutable infrastructure will reprovision only when a change is made, whereas others automatically refresh the infrastructure at frequent intervals to eliminate configuration drift or the possibility of advanced persistent threats. Frequent refresh is only practical in environments with fast and reliable provisioning; thus, it benefits strongly from containers. The use of immutable infrastructure requires strict operational discipline. IT administrators should eliminate the habit of making one-off or ad hoc modifications in order to avoid configuration drift. Updates must be made to the individual components, versioned in a source-code-control repository, then redeployed so that everything is entirely consistent. No software, including the OS, is ever patched "live." Organizations that use immutable infrastructure may turn off all normal administrative access to instantiated compute resources — for example, not permitting Secure Shell (SSH) or Remote Desktop Protocol (RDP) access. IT leaders should set a hard date for when all new workloads will use immutable infrastructure if technically feasible; deadlines can be effective motivators of behavior change. Business Impact: DevOps-oriented organizations that can instantiate infrastructure via automation — typically, in cloud IaaS, PaaS or container services — should strongly consider using immutable infrastructure for continuous delivery environments. It is even more vital for continuous deployment environments. Organizations with high-security or regulatory compliance needs should also strongly consider adopting immutable infrastructure in order to continuously maintain consistent, compliant configurations without traditional patch management. Broadly, most organizations with environments that support "infrastructure as code" may be able to benefit from immutable infrastructure. IT organizations that adopt immutable infrastructure must adapt their application life cycle and operational processes around this architectural pattern. The success of immutable infrastructure depends on having the operational discipline to ensure that the infrastructure is truly immutable and disposable. Benefit Rating: Moderate Page 16 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Market Penetration: 1% to 5% of target audience Maturity: Adolescent Sample Vendors: Amazon Web Services; Fugue; HashiCorp; Microsoft; RightScale Recommended Reading: "How to Make Cloud IaaS Workloads More Secure Than Your Own Data Center" "Security Considerations and Best Practices for Securing Containers" "Comparing Three Approaches to Modern Server Automation, From Scripting to DevOps Tools"
At the Peak Edge Computing Analysis By: Bob Gill; Philip Dawson Definition: Edge computing describes a distributed computing topology where information processing is placed close to the things or people that produce and/or consume that information. Drawing from the concepts of mesh networking and distributed data centers, edge computing looks to keep traffic and processing local and off the center of the network. The goals are to reduce latency, reduce unnecessary traffic, and establish a hub for interconnection between interested peers and for data thinning of complex media types or computational loads. Position and Adoption Speed Justification: Most of the technology for creating the physical infrastructure of edge data centers is readily available, but widespread application of the topology and explicit application and networking architectures are not yet common outside of vertical applications such as retail and manufacturing. As IoT demand and use cases proliferate, the acceptance of edge computing as the topological design pattern (namely the "where" a "thing" is placed in an overall architecture) has dramatically increased interest in edge. Systems and networking management platforms will need to be stretched to include edge locations and edgefunction-specific technologies such as data thinning, video compression and analysis. User Advice: We urge enterprises to begin considering edge design patterns in their medium- to longer-term infrastructure architectures. Immediate actions might include simple trials using colocation and edge-specific networking capabilities or simply placing remote-location or branch office compute functions in a standardized enclosure (e.g., "data center in a box"). Some applications, such as client-facing web properties and branch office solutions, will be simpler to integrate and deploy, while data thinning and cloud interconnection will take more planning and experimentation to get right. We are beginning to see viable offerings from the hyperscale cloud providers in extending their programming models and management systems to edge-located devices, complementing their mostly centralized computing model with a distributed analog.
Page 17 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Business Impact: Edge computing solves many pressing issues such as unacceptable latency and bandwidth limitations given a massive increase in edge-located data. The edge computing topology will enable the specifics of IoT, digital business and IT solutions uniquely well in the near future. Benefit Rating: Transformational Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: Amazon; Apple; Google; Microsoft Recommended Reading: "Digital Business Will Push Infrastructures to the Edge" "Top 10 Strategic Technology Trends for 2018: Cloud to the Edge" "The Edge Manifesto: Digital Business, Rich Media, Latency Sensitivity and the Use of Distributed Data Centers"
Hyperscale Computing Analysis By: Lydia Leong Definition: Hyperscale computing is a set of architectural patterns for delivering scale-out IT capabilities at massive, industrialized scale. These patterns span all layers of the delivery of IT capabilities — data center facilities, hardware and system infrastructure, application infrastructure, and applications. Nonhyperscale components can be layered on top of hyperscale components, but the overall architecture is only "hyperscale" through the level where all components use a hyperscale architecture. Position and Adoption Speed Justification: Hyperscale computing is a radically transformational architecture and IT management style that demands new skills but can offer excellent economies of scale. A full hyperscale application stack consists of components that must facilitate scaling on demand, as well as the elimination of human labor for management, in favor of automation, including: ■
A massive data center designed to house scale-out hardware.
■
Hyperscale servers — traditionally, x86-based servers with minimalist designs and no hardware redundancy, which are used to deliver compute capacity along with software-defined storage and network capabilities. These servers are often custom-engineered, although vendors have begun to sell servers based on standard designs such as the Open Compute Project or Project Scorpio (in Asia).
■
Optionally, hypervisor-based virtualization (typically open-source-based, such as KVM or Xen), or "off-box" virtualization (typically using a PCI Express card).
■
An infrastructure management plane that performs resource management.
Page 18 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
A minimalist OS such as Red Hat Enterprise Linux Atomic Host or Microsoft Nano Server; a purpose-built OS such as Cumulus Linux (used for network switches); or a standard OS reduced to the essentials.
■
Optionally, OS containers with container management and orchestration.
■
Scale-out application infrastructure, architected for resilience to failure at lower levels of the stack.
■
The scale-out application, architected for resilience to failure at any level of the stack, including failure of other application components. The application is likely to be decomposed into microservices.
Each of these architectural patterns exists at different levels of maturity. It is rare for organizations to have fully implemented hyperscale computing; few have the scale of infrastructure consumption or the extensive software engineering skills needed to cost-effectively implement all the custom management software necessary. Thus it is almost solely the domain of companies such as Facebook, Google, Baidu and Tencent. However, hyperscale cloud services such as Amazon Web Services, Microsoft Azure and Alibaba Cloud have made many such capabilities available to IT buyers, who may use these services to deploy nonhyperscale or hyperscale applications. User Advice: Only the most technologically capable early adopters should consider fully implementing hyperscale computing themselves, and should only consider the purchase of hyperscale servers for massive-scale, horizontally scalable applications where all resilience can be provided by the software. HPC applications may be a good first target. However, nearly all IT organizations can benefit from the use of hyperscale cloud services. Hyperscale cloud IaaS uses hyperscale architectures at the management plane level and below for VM-based IaaS, or at the container level and below for container-based IaaS. Providers may also offer hyperscale PaaS layer services, which use hyperscale architectures at the application infrastructure level and below. Customers must write scale-out applications to take full advantage of these capabilities, but even nonhyperscale applications can benefit from the cost efficiencies of the underlying hyperscale infrastructure. IT organizations may also benefit from hyperscale-derived architectural patterns at particular layers, since these patterns often represent best practices for scalability at each of those layers. Web-scale IT derives its inspiration from hyperscale architectural patterns and should be considered as a practical alternative. Business Impact: Hyperscale computing has the potential to dramatically lower the total cost of ownership (TCO) of infrastructure and applications. However, much of this TCO reduction is due to the purpose-built nature of most hyperscale architectures, which are usually highly tailored to run a small number of applications or specific application patterns. The broader the workloads that must be supported, the lower the potential cost savings. In the near term, most organizations will not implement hyperscale computing themselves, but instead will use hyperscale cloud services. Benefit Rating: Transformational
Page 19 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Market Penetration: 1% to 5% of target audience Maturity: Adolescent Sample Vendors: Amazon Web Services; Cumulus Networks; Facebook; Google; Quanta Computer; Supermicro Recommended Reading: "Bringing Hyperscale Computing to the Enterprise"
Cloud Managed Services Analysis By: Craig Lowery; Ed Anderson Definition: Cloud managed services are IT service offerings that provide for the day-to-day management of and operational responsibility for cloud service environments. Cloud managed services generally include day-to-day monitoring and management of cloud service environments including configuration management, performance management, cost optimization, security and compliance monitoring, capacity management, financial management and governance. Cloud services brokerage is often delivered as a cloud managed service. Position and Adoption Speed Justification: Cloud managed services can meet many of the needs of organizations today. However, providers have varying levels of capability based on the specific technologies and personnel roles they use to deliver their services. The use of automation in the delivery of cloud managed services is a significant differentiator. Like end-user organizations, providers are faced with the challenges of sourcing tools and developing a skilled workforce to meet the demands of a growing, volatile market. Cloud service providers also typically provide consultative and implementation (professional) services, again with varying degrees of capability across providers. Demand for cloud managed services will continue to increase as organizations move from simple to more complex cloud use cases, often involving hybrid cloud solutions. Strong cloud managed services providers will demonstrate cloud capabilities aligned with hyperscale IaaS+PaaS providers and will embrace new technology innovations such as artificial intelligence, automation, data services, IoT and edge computing. User Advice: Organizations considering cloud managed service offerings must carefully assess providers to ensure the provider has sufficient current expertise and a track record of success. Providers typically offer cloud-related IT service offerings across the adoption spectrum from advisory services (design), implementation services (build) and managed services (run). Look for providers with capabilities across this continuum and a defined product roadmap. These attributes are present in the providers that are most likely to have a full understanding of cloud-specific requirements and therefore the most complete cloud professional and managed service capabilities. Other factors to consider: ■
Demonstrable partnerships with leading cloud providers, including partner status in cloud provider partner programs
Page 20 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Proven expertise and commitment to long-term support of your strategic cloud provider(s)
■
Certifications held by individual engineers, operators and deployment managers
■
Customer use cases demonstrating successful delivery of managed service offerings
■
Expertise in the industry, region and country associated with the target environment
■
Demonstration of innovation in delivering new capabilities beyond cloud
■
Integration of noncloud capabilities in an end-to-end visibility and management scheme
■
Investment in cloud and digital technologies consistent with market trends, such as multicloud management and hybrid cloud computing
Selecting a cloud managed services provider may create a dependency on the provider that can be difficult to sever in the event the provider cannot successfully deliver the offering. Perform a careful and thorough inspection of the services prior to making long-term commitments. Business Impact: Cloud managed services can fill a critical function in managing and operating a cloud service environment. When coupled with innovation, cloud managed services can help an organization exploit the full capabilities of the cloud for near- and long-term benefits. Most organizations will engage cloud managed services to assist with the immediate challenges of running a complex cloud environment, usually after assisting with a mass migration from an onpremises facility. In this case, the organization will recognize only moderate benefits. However, when organizations work with their providers to unlock the uniquely disruptive potential possibilities of cloud and engage in more innovative, digital processes, the outcomes can be transformative and return far greater value for the organization on its cloud computing investment. Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: 2nd Watch; Accenture; Allcloud; Cloudnexa; Cloudreach; Deloitte; DXC; Rackspace; Tata Consultancy Services Recommended Reading: "Magic Quadrant for Public Cloud Infrastructure Managed Service Providers, Worldwide" "Critical Capabilities for Public Cloud Infrastructure Managed Service Providers, Worldwide" "Use Managed and Professional Services to Improve Cloud Operations for Digital Business"
Cloud Service Expense Management Analysis By: Dennis Smith
Page 21 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Definition: Cloud service expense management (CSEM) is the practice of reviewing and reconciling the charges for services provided by external cloud service providers (CSPs). A set of vendors provide tools to answer questions such as, "Did you get what you paid for?" and "Are you paying for the right things?" Managing cloud expenses is becoming increasingly important, because, as organizations increase the number of cloud services they use, many don't understand their external cloud consumption and the associated expenses. Position and Adoption Speed Justification: The need to provide cost management within cloud deployments has become prominent as investment in public cloud resources grows and the need for expense transparency also increases. Organizational maturity regarding CSEM continues to lag. The energy associated with using external cloud resources has outpaced efforts to gain a deeper view of expenses. There is increased industry awareness of the need for this functionality as public cloud adoption has increased. Many vendors that initially provided CSEM functionality are now combining this with related functionality such as governance and/or cloud workload optimization. Initially, cloud management platforms (CMPs) did not address CSEM, but recently more CMPs have added the functionality. Additionally a number of stand-alone CSEM vendors have been acquired with their capabilities being integrated with other capabilities provided by the acquiring company (often workload optimization and governance). User Advice: IT leaders need a strong understanding of their external cloud expenses. They should deploy processes and tools to: ■
Determine who in the organization is spending money on cloud resources.
■
Ascertain whether they've gotten what they paid for — to gain an understanding of the expense, IT leaders need to know whether they received the appropriate services associated with the expenditure.
■
Obtain the best value possible — IT leaders need to track the services they need against the expenses incurred, and to determine whether there are more efficient ways of obtaining the same required services.
■
Evaluate usage for what was contracted — overprovisioning can be costly, so IT leaders need to identify whether they're using the services for which they've paid.
■
Align expenses to needs — IT leaders need to be able to interrogate the expenses incurred and to determine whether they're being properly applied to real imperatives.
If you are looking to select or have deployed a CMP tool, look to see what CSEM capabilities are provided. Do not accept your service provider's invoice at face value. Even if it's accurate, you can probably identify potential expense reductions or invest in more processing power for applications or services that create additional business value. Business Impact: CSEM has the potential to affect business services and processes across all verticals. This involves the ability to compare costs, identify waste and create more-efficient Page 22 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
spending opportunities. Treating public cloud resources in a businesslike manner — optimizing resource unitization and managing spending — will enhance IT's credibility by delivering business value in terms that business leaders understand. Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: Cloudability; CloudCheckr; CloudHealth Technologies; RightScale Recommended Reading: "How to Budget, Track and Reduce Public Cloud Spending" "Market Guide for Cloud Management Platforms" "Key Concepts in IT Financial Management: Budgeting, Funding, Transparency and Allocation" "Innovation Insight for Cloud Service Expense Management Tools"
Multicloud Analysis By: David Mitchell Smith Definition: Multicloud computing refers to the use of cloud services from multiple public cloud providers for the same purpose. It is a special case of hybrid cloud computing, which is a broader term. Hybrid cloud refers to multiple cloud services from multiple providers. It does not specify the origin of those services, but in most cases a public source and a private source are involved. Hybrid cloud, as a broad term, is subject to more hype and confusion and is more common. Position and Adoption Speed Justification: Multicloud computing can be planned or can evolve due to multiple groups in an organization making decisions to procure multiple services from different providers. An example of this is when multiple cloud providers are used as part of a high availability or redundancy or exit strategy in a planned manner. Multicloud is much more common in IaaS (and converged IaaS/PaaS) scenarios than SaaS. While it is possible for multi-SaaS environments in an organization, these would typically be stovepiped types of situations. Multicloud does not include very common situations such as using Amazon Web Services (AWS) for IaaS and Microsoft Office 365 for cloud office SaaS. Multicloud computing can provide advantages of lowering the risk of cloud provider lock-in, can specify functional requirements that a business unit may have, and can provide service resiliency and migration opportunities, in addition to the core cloud benefits of agility, scalability and elasticity. As with many cloud-related concepts, there are many variations in real-world use and scope. In this case, there are "multicloud strategies" that entail the various goals (e.g., exit strategy, portability,
Page 23 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
use of multiple providers — but don't specify details) and "multicloud solutions" (which rely on architectural principles and specific implementation details). User Advice: When using multiple cloud computing services, establish security, management, governance guidelines and standards to manage cloud service sprawl and increasing cost, and develop decision criteria to decide placement of services. Multicloud implementations will need coordination and strategy across the enterprise to identify the type of services needed and deliver the benefits of a cloud environment. IT organizations will also need training, skilled engineers, and be prepared for the additional expense. Use of a cloud management platform (CMP) and/or a cloud service brokerage (CSB) in a multicloud environment can enable organizations to implement governance and optimizations, but care must be taken to not just shift vendor lock-in to a CMP or CSB vendor. Business Impact: Multicloud provides an organization with agility and the potential of some target cost optimization opportunities. It also provides a basis to lower cloud provider lock-in and increase workload migration opportunity. Benefit Rating: High Market Penetration: 1% to 5% of target audience Maturity: Adolescent Sample Vendors: Amazon; Google; IBM; Microsoft; Oracle Recommended Reading: "A Guidance Framework for Architecting Portable Cloud and Multicloud Applications" "Hybrid Architectures for Cloud Computing"
Container Management Analysis By: Dennis Smith; Arun Chandrasekaran Definition: Container management software supports the management of containers at scale in production environments. This category of software includes container runtimes, container orchestration, job scheduling, resource management and other container management capabilities. Container management software brokers the communication between continuous integration/ continuous deployment (CI/CD) pipeline and the infrastructure via APIs and aid in life cycle management of containers. Position and Adoption Speed Justification: Interest in containers is rising sharply, due to the introduction of container runtimes, which have introduced common container packaging formats that are more easily consumable by, and useful to, application developers and those with a DevOps approach to IT operations. Container runtimes, frameworks and other management software have increased the utility of containers by providing capabilities such as packaging, placement and deployment, and fault tolerance (e.g., cluster of nodes running the application). Container management software integrates these various elements to simplify deploying containers at scale. Page 24 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Many vendors enable the management capabilities across hybrid cloud or multicloud environments by providing an abstraction layer across on-premises and public clouds. Container management software can run on-premises, in public infrastructure as a service (IaaS) or simultaneously in both for that purpose. Most common use of container is focused specifically on Linux environments, and management software follows accordingly. Native containers have been introduced to Microsoft Windows in Windows Server 2016, but still significantly lag Linux containers in every respect. Among the functionality that container management systems provide are orchestration and scheduling; monitoring and logging; security and governance; registry management; and links to CI/CD processes. Among the vendor offerings are hybrid container management software, public cloud infrastructure as a service (IaaS) solutions specifically designed to run containers, and PaaS frameworks that have incorporated integration with container management software. There is a high degree of interest in, and awareness of, containers within early-adopter organizations, particularly in North America, and significant grassroots adoption from individual developers. Consequently, containers will be used with increasing frequency in development and testing — particularly for Linux. Early adopter organizations are using container runtimes in production environments, and many IT organizations have begun to explore how such use would alter processes and tools in the future. Container management software is likely to remain an earlyadopter technology for the next year or two. User Advice: Organizations should begin exploring container technology as a means for packaging and deploying Linux applications and their runtime environments. Depending on the environment, container management tools are often deployed complementarily with continuous configuration management tools. As container integration is added to existing DevOps tools and to the service offerings of cloud IaaS and PaaS providers, DevOps-oriented organizations should experiment with altering their processes and workflows to incorporate containers. An organization may be a good candidate for exploring a cloud-native container management tool in conjunction with OS containers (as an alternative to hypervisor-based cloud management platforms), if it meets the following criteria: ■
It's DevOps-oriented or aspires to become DevOps-oriented
■
It has high-volume, scale-out applications with a willingness to adopt microservices architecture; or large-scale batch workloads
■
It's able to ensure security and isolation to enable trust between containers
■
It intends to use an API to automate deployment, rather than obtaining infrastructure through a self-service portal
Business Impact: Container runtimes make it easier to take advantage of container functionality, including providing integration with DevOps tooling and workflows. Containers provide productivity and/or agility benefits, including the ability to accelerate and simplify the application life cycle, enabling workload portability between different environments and improving resource utilization
Page 25 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
efficiency and more. Container management software simplifies the art of achieving scalability, production readiness and optimizing the environment to meet business SLAs. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Emerging Sample Vendors: Amazon Web Services; Docker; Google Cloud Platform; Mesosphere; Microsoft Azure; Pivotal; Rancher Labs; Red Hat Recommended Reading: "Answering the 10 Biggest Questions About Containers, Microservices and Docker" "Survey Analysis: Container Adoption and Deployment, 2018" "Market Guide for Container Management Software" "Market Guide for Public Cloud Container Services"
IoT Platform Analysis By: Alfonso Velosa; Eric Goodness; Benoit J. Lheureux Definition: An Internet of Things (IoT) platform is software that enables development, deployment and management of solutions that connect to and capture data from IoT endpoints. It is a suite of functional capabilities: ■
Device management
■
Integration
■
Data management
■
Analytics
■
Application enablement
■
Security
It may be delivered as a hybrid combination of edge software platform and/or cloud IoT platform as a service. Position and Adoption Speed Justification: Enterprises continue to add IoT capabilities to assets and products, seeking benefits such as asset optimization, better interactions with customers, and new business opportunities such as product as a service. The sophistication, scale and business value of these interactions call for specialized technology resources, resulting in the IoT platform. The IoT platform may be deployed in a hybrid cloud or edge fashion to meet technical or business objectives. The edge software is further distributed between the endpoints and gateways.
Page 26 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Continued vendor hype, along with culture, schedule, security and technical challenges for IoT projects, has pushed IoT platforms past the Peak of Inflated Expectations. 2018 sees many large vendors reorganizing their IoT businesses and evolving their offerings and market strategy. A further complication is the rise of embedded solutions by OEMs using them as part of existing business operations. These issues also lead us to push out the time to plateau to five to 10 years. User Advice: CIOs should factor in the following for their IoT platform strategy: ■
Project strategy: Identify the range of IoT projects for your enterprise, and segment them by their complexity and business objectives. This will help you establish a flexible, multivendor architecture. Start with smaller initiatives to build momentum, test business hypothesis and acquire implementation lessons, while limiting enterprise and career risk.
■
Skills: IoT projects will require new capabilities for your organization. Build an IoT capabilities gap analysis, a skills migration plan, and training program for your developers and business analysts. In parallel, perform an assessment of IoT skill sets within your enterprise. Plan to leverage a service partner to ramp up as you train internal resources.
■
Platform customization: Understand that an IoT platform is a starting point. No IoT platform will work straight off the shelf. Customize the platform to build a solution for your unique circumstances (for example, adding third-party security or device support or analytics to meet special needs).
■
Vendor selection: Evaluate candidate IoT platforms in terms of their fit-to-your-business objectives and technology, but expect roadmaps to evolve quickly in the fast-changing IoT market. Key criteria will be vendor capabilities to scale from proofs of concept to operationalscale deployments, vertical market expertise, their partner ecosystem and customer references.
Business Impact: There is a significant opportunity from IoT-enabled business moments to achieve greater business value. This includes making better decisions from the insights, information and data that are generated by instrumented assets, and providing better control of things distributed across the enterprise and its external stakeholders. Unfortunately, this data has been largely locked in the assets — mostly due to lack of connectivity, but also because of lack of systems and governance processes to obtain and share this data systematically. IoT platforms act as the intermediary between the "thing" and the IT and OT systems and the business processes. Therefore, they facilitate the introduction of a new potentially transformative wave of digital business innovation and digital transformation to enterprises. IoT platforms provide the middleware foundation to implement asset-centered business solutions — and are part of a broader technology solution to manage multiple IoT applications in an agile/flexible fashion. Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Adolescent
Page 27 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Sample Vendors: ABB; Atos Origin; Bosch Software Innovations; GE Digital; LTI; OpenText; Prodea Systems; relayr; Software AG; WSO2 Recommended Reading: "Magic Quadrant for Industrial IoT Platforms" "Market Guide for IoT Platforms" "Use the IoT Platform Reference Model to Plan Your IoT Business Solutions" "Predicts 2018: Expanding Internet of Things Scale Will Drive Project Failures and ROI Focus" "Implementing and Executing Your Internet of Things Strategy: A Gartner Trend Insight Report" "Architect IoT Using the Gartner Reference Model"
Machine Learning Analysis By: Shubhangi Vashisth; Alexander Linden; Carlie J. Idoine Definition: Machine learning is a technical discipline that aims to solve business problems utilizing mathematical models that can extract knowledge and pattern from data. There are three major subdisciplines that relate to the types of observation provided: supervised learning, where observations contain input/output pairs (also known as "labeled data"); unsupervised learning (where labels are omitted); and reinforcement learning (where evaluations are given of how good or bad a situation is). Position and Adoption Speed Justification: Machine learning is still one of the hottest concepts in technology, given its extensive range of effects on business. The drivers of its continued massive growth and adoption are the growing volume of data and the complexities that conventional engineering approaches are unable to handle. An increasing number of organizations are exploring use cases for machine learning and many are already in the initial phases of pilot/POC. Tech providers are adding embedded machine learning capabilities into their software. Despite the heightened interest in the technology, most organizations are still dabbling in their approaches to machine learning. Finding relevant roles and skills needed to implement machine learning projects is a challenge for such organizations. As the volume and sources of data increase, the complexity of systems will also grow and, in such scenarios, traditional software engineering approaches would produce inferior results. In the future, advances in many industries will be impossible without machine learning. User Advice: For data and analytics leaders: ■
Start with simple business problems for which there is consensus about the expected outcomes, and gradually move toward complex business scenarios.
■
Utilize packaged applications, if you find one that suits your use case requirements. These often provide superb cost-time-risk trade-offs and significantly lower the skills barrier.
■
Nurture the required talent for machine learning, and partner with universities and thought leaders to keep up to date with the rapid pace of advances in data science. Create an
Page 28 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
environment conducive to continuous education, and set explicit expectations that this is a learning process and mistakes will be made. ■
Track what initiatives you already have underway that have a strong machine learning component — for example, customer scoring, database marketing, churn management, quality control and predictive maintenance — to accelerate machine learning maturation through crosspollination of best practices. Monitor what other machine learning initiatives you could be a part of and what your peers are doing. The choice of machine learning algorithms is also influenced by the ability to explain how the algorithm arrived at a certain outcome.
■
Assemble a (virtual) team that prioritizes machine learning use cases, and establish a governance process to progress the most valuable use cases through to production.
■
Focus on data as the fuel for machine learning by adjusting your data management and information governance for machine learning. Data is your unique competitive differentiator and high data quality is critical for success of machine learning initiatives. Although the choice of fundamental machine learning algorithms is fairly limited, the number of algorithm variations and available data sources are vast.
Business Impact: Machine learning drives improvements and new solutions to business problems across a vast array of business, consumer and social scenarios: ■
Automation
■
Drug research
■
Customer engagement
■
Supply chain optimization
■
Predictive maintenance
■
Operational effectiveness
■
Workforce effectiveness
■
Fraud detection
■
Resource optimization
Machine learning impacts can be explicit or implicit. Explicit impacts result from machine learning initiatives. Implicit impacts result from products and solutions that you use without realizing they contain machine learning. Benefit Rating: Transformational Market Penetration: 5% to 20% of target audience Maturity: Adolescent
Page 29 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Sample Vendors: Alteryx; Amazon Web Services; Domino Data Lab; Google Cloud Platform; H2O.ai; IBM (SPSS); KNIME; Microsoft (Azure Machine Learning); RapidMiner; SAS Recommended Reading: "Magic Quadrant for Data Science and Machine Learning Platforms" "Critical Capabilities for Data Science and Machine Learning Platforms" "Machine Learning: FAQ From Clients" "How to Start a Machine Learning Initiative With Less Anxiety" "Five Ways Data Science and Machine Learning Deliver Business Impacts"
Sliding Into the Trough API Economy Analysis By: Paolo Malinverno Definition: The API economy is a set of business models and channels. It is based on secure access of functionality and exchange of data to an ecosystem of developers and the users of the app constructs they build. It is offered through APIs, either within a company or using the internet, with business partners and customers. Position and Adoption Speed Justification: APIs have always been everywhere, but they were rarely used by anyone other than the development group that designed them. The basic principle of the API economy is that APIs can be new products that a company offers to open new business channels, advance a digital transformation, entice an ecosystem of partners or to sell more of its traditional products. When we use a smartphone app, or book a ticket for our favorite concert, we use APIs — we live in an API economy already. As companies execute digital strategies, and smart devices consume APIs, this is only going to grow. The API economy has established itself, as a precursor of digital strategies, and the primary way to grow an ecosystem. It has now passed the Peak of Inflated Expectations, the hype is decreasing, and it is sliding quickly into the Trough of Disillusionment. Even if fewer people talk about the API economy today, everybody realizes the role of APIs in digital transformations, and the original concept of the API economy lives on. User Advice: Read "Top 10 Things CIOs Need to Know About APIs and the API Economy" and understand the following: 1.
To start an API program, you don't start from the APIs, you start from the needs of the applications consuming them.
2.
APIs are doors into your data and the functions of your IT systems: Secure them properly; once an API is out there, people will use it for purposes you never thought about.
Page 30 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
3.
Just running hackathons for fun will not get you any place (or value).
4.
You don't monetize most APIs directly, indirect is the most common model in the API economy today.
5.
Only build APIs that already have an identified consumer.
6.
APIs are at the center of modern application architectures, and API mediation enables the outside-in model for applications that the API economy is based on.
7.
Bimodal for applications needs APIs, and vice versa.
8.
Don't build it, they won't come: Enticing developers is becoming a full science, and is the basis of the value system of the API economy; create the role of API product manager to govern APIs through a life cycle.
9.
Tailor your API experiences for the consumers, but keep versions under tight control: An API management platform will allow the API to behave differently depending on the consumer.
10.
Consuming APIs will be more common than providing APIs.
Business Impact: A platform offering APIs is the basis of a digital strategy, and companies will either use somebody else's platform (thus being part of one of more ecosystems) or build one, creating a fresh ecosystem using it. APIs provide the technical foundation to a platform business. Several business models are associated with publishing APIs (see "Choosing the Right API Pricing (and Funding) Model"). Companies gain different types of value from publishing APIs or running hackathons to build innovation and get new ideas on a platform — value that goes beyond enhancing your company image by appearing innovative. In some cases, especially when the product can be delivered electronically (for example, TV access to yesterday's final of a sporting event), companies can directly charge for API volume usage. However, the most common model in the API economy today is indirect, where a company provides free access to the APIs they publish in return for a leaner/quicker/more efficient execution of a business process (like ordering goods in a supply chain), or for increased sales of a traditional product (for instance, travel companies get more bookings if they publish APIs into their reservation systems). Benefit Rating: Transformational Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Recommended Reading: "The API Economy: Turning Your Business Into a Platform (or Your Platform Into a Business)" "Choosing the Right API Pricing (and Funding) Model" "Create the Role of API Product Manager as Part of Treating APIs as Products" "Top 10 Things CIOs Need to Know About APIs and the API Economy"
Page 31 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"A Strategic Marketing Mindset Is Essential to Externally Facing API Initiatives"
Cloud-Native Application Architecture Analysis By: Anne Thomas Definition: Cloud-native application architecture is a set of application architecture principles and design patterns that enables applications to fully utilize the agility, scalability, resiliency, elasticity, on-demand and economies of scale benefits provided by cloud computing. Cloud-native applications are latency-aware, instrumented, failure-aware, event-driven, secure, parallelizable, automated and resource-consumption-aware (LIFESPAR). Position and Adoption Speed Justification: Many organizations are adopting cloud platforms to gain agility, scalability and resiliency benefits to support their digital business initiatives. Market data clearly indicates the shift to cloud platforms: Currently, the application platform as a service (aPaaS) market is about 82% of the size of the application platform software market (where revenue predominantly comes from sales of traditional application servers). But the application platform software market is shrinking slightly, while the application platform as a service (aPaaS) market is growing rapidly (12% annually). Meanwhile, sales of cloud-enabled application platform (CEAP) software (which can be deployed on-premises on IaaS) are also starting to supplant traditional application server sales. In 2017, aPaaS and CEAP sales together exceeded traditional application server software sales. Out of necessity, organizations are starting to adopt cloud-native architecture to make the most of cloud benefits and to ensure their applications are scalable and resilient. Organizations that simply lift-and-shift traditional three-tier applications to aPaaS or CEAPs often find that they perform poorly. Most traditional applications include cloud anti-patterns, consume excessive resources, and aren't able to fail and recover gracefully. Developers must presume that cloud-based resources are not resilient, and cloud-native patterns build resiliency into the application. Developers also must adapt their application architecture to support DevOps practices that go along with cloud platforms, including self-service and automated provisioning, blue/green deployments, and canary testing. A basic set of rules known as the "twelve-factor app" ensures that applications can support these practices. User Advice: Application architecture leaders should: ■
Develop a strategy to deal with the obsolescence of three-tier client/server architecture. Retain traditional application servers for existing legacy applications, but use lightweight infrastructure and cloud-native frameworks for digital business application development projects.
■
Adopt aPaaS or CEAP to help increase agility and to obtain the capabilities required for digital business. Consider serverless options, such as function PaaS, for applications with highly variable loads.
■
Design all new applications to be cloud-native, or at least cloud-ready, irrespective of whether you currently plan to deploy them in the cloud. At some point, you will want to deploy them to a cloud platform. A cloud-ready application is one that can safely run on a cloud platform, although doesn't fully utilize cloud characteristics.
Page 32 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
If business drivers warrant the investment, rearchitect or rebuild existing applications to be cloud-native and move them to aPaaS. Rehosting legacy applications on IaaS without rearchitecture can offload your data center and may save you some money, but it probably won't deliver the agility, scalability and resiliency benefits you need. Be sure legacy applications are at least cloud-tolerant before rehosting them — meaning that they are tolerant of ephemeral or unreliable infrastructure. Otherwise, they are likely to experience stability and reliability issues.
■
Use the twelve-factor app rules and the LIFESPAR architecture principles to guide application architecture when designing a cloud-native application or when transforming an existing application for migration to a cloud.
■
Use opinionated cloud-native frameworks or high-productivity aPaaS tooling to accelerate cloud-native development.
Business Impact: Organizations want to make the most of cloud computing to support their digital business initiatives. But they can't fully exploit cloud platform benefits without cloud-native application architecture. Cloud-native architecture increases business agility by enabling DevOps teams to more effectively use cloud self-service capabilities, and to support continuous delivery of new features and capabilities. Cloud-native architecture also ensures that applications can leverage cloud autoscaling and autorecovery features to improve system performance and business continuity. Cloud-native architecture also ensures that applications are optimized for a shared infrastructure environment, thereby reducing costs through pay-for-use pricing models and denser resource utilization. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Amazon Web Services (AWS); Cloud Native Computing Foundation; Docker; Google; Mendix; Microsoft; OutSystems; Pivotal; Red Hat; Salesforce Recommended Reading: "Why You Must Begin Delivering Cloud-Native Offerings Today, Not Tomorrow" "How to Assess Your Application to Adopt Cloud-Native Architecture" "A Guidance Framework for Architecting Highly Available Cloud-Native Applications"
Hybrid IT Analysis By: Thomas J. Bittman Definition: Hybrid IT is the operational model for IT organizations that are trusted brokers for a broad range of services from external cloud providers and from their own enterprises, using cloud computing styles (private, public and hybrid), as well as traditional computing and cloud-inspired
Page 33 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
styles. Hybrid IT is an organizing principle for how IT departments provide IT services and add value to IT services provided by others. A hybrid IT organization manages multiple sourcing models that can change dynamically. Position and Adoption Speed Justification: As interest in and usage of cloud computing services have grown, enterprises are looking for ways to support that usage, but with appropriate governance. Inquiries from Gartner clients on the effective governance of cloud services have increased significantly during the past few years. Technologies to enable the brokering of cloud and noncloud services are evolving, and several of them have been acquired by major vendors. The cloud providers themselves have little interest in making cross-service migrations or integration easy, which will increase the demand for an intermediary role. As cloud computing services mature, there will be a growing need for cross-service management, integration, and aggregated hybrid cloud and IT services. Appropriate compliance and security measures will need to be put in place, and the fundamental role of the IT organization and its associated skills will need to change, i.e., there will need to be a shift from "just" a provider role to the role of provider and broker of IT services. User Advice: Hybrid IT is different from hybrid cloud. Hybrid cloud is the composition of multiple services from different providers into a single service. Hybrid IT adds value across multiple services from different providers, as well as internal technology solutions. Hybrid cloud will be useful, but relatively uncommon. Hybrid IT will be very common, because most enterprises will leverage different services from multiple providers. A successful hybrid IT effort requires the IT organization to focus on three approaches to being a broker for services: ■
Accelerating time to value — getting to the right solution quickly.
■
Adding value — customizing as needed; reducing overhead costs and effort; and managing service levels, financials, problem management, etc.
■
Protecting the enterprise — in terms of security, compliance and providers that fail.
■
Actions that help create a hybrid IT organization include:
■
Creating a core competency center on provider capabilities, best practices and internal user feedback.
■
Offering services through a central portal that provides a fast path to services and necessary service information, including single sign-on (SSO) and consolidated billing and chargeback.
■
Removing and reducing overhead efforts, such as managing financials, dealing with problem management and managing the overall provider relationship.
■
Integrating applications and data across cloud and noncloud environments.
These actions will require that new skills and organizational structures be developed in IT, focused on service orchestration, provider capabilities and best practices.
Page 34 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Business Impact: Hybrid IT can help the enterprise leverage cloud computing services faster, appropriately, more efficiently, and with managed and acceptable risk. As cloud computing use expands and matures, the requirements for security management, cross-service coordination, data sharing, service-level management and migration paths will grow to the point at which enterprises without hybrid IT will have serious competitive issues — delays in leveraging cloud providers quickly and effectively, redundant overhead costs placed on end users, inefficient use of cloud services, and cloud provider failures that directly affect the business. Some enterprises — especially smaller ones — will fill this intermediary role by outsourcing to external providers, boutique cloud integration firms and cloud system integrators (i.e., cloud service brokerages). Larger enterprises should consider this broker role as a critical core competency that enables the efficient use of IT services (internally and externally) and drives significant top-line growth through the more-competitive use of cloud services. Benefit Rating: Moderate Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: DXC Technology; Hewlett Packard Enterprise; IBM; VMware Recommended Reading: "How to Grow the Enterprise-Defined Data Center" "Hybrid IT: Delivering IT as a Provider and a Trusted Broker"
Cloud Marketplaces Analysis By: Ed Anderson Definition: Cloud marketplaces are online storefronts through which customers can find and subscribe to cloud service offerings, including IaaS, PaaS and SaaS. Cloud-related IT services offerings, such as consulting or migration services, are now appearing in some marketplaces. Cloud marketplaces are a type of cloud service brokerage, where the marketplace provider aggregates disparate cloud service offerings (often curated) and presents them as a collection of service offerings, usually through a portal, and sometimes referred to as "cloud app stores." Position and Adoption Speed Justification: Cloud marketplaces are growing in influence as a destination to find and procure cloud services, applications and service components. Cloud service providers, technology distributors, resellers, cloud service brokerage (CSB) providers and even internal IT organizations are building and delivering cloud marketplaces to their constituents. Cloud app stores, cloud service catalogs and portals are also types of cloud marketplaces, but they are typically built for consumption by a closed community of users. Providers use cloud marketplaces to highlight their own cloud service offerings and their partners' offerings, and to assert their role in the delivery of cloud services. Cloud marketplaces also reinforce the importance of the supporting cloud platform, and successful cloud marketplaces can help
Page 35 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
strengthen the competitive position of the underlying cloud platform. Cloud offerings are often built by third-party independent software vendors (ISVs). Cloud service subscribers use cloud marketplaces as a means to simplify the process of finding, purchasing and using cloud services, in addition to value-added services and applications from other complementary third-party offerings. Marketplaces can also be used to highlight preapproved or sanctioned services, which can complement cloud governance policies for approved cloud service usage. Cloud service aggregation features, such as unified billing, are often included. Cloud marketplaces are often, but not always, a type of CSB built on cloud brokerage enablement tools. CSB providers use cloud marketplaces as a form of intermediation, where additional services can be added, including integration, customization, aggregated billing and governance. Innovations in CSB will improve the capabilities of cloud marketplaces and increase the proliferation of marketplaces. As marketplaces address a broader and more specific set of end-user requirements, including simplified billing, ease of procurement of services and software, and implementation and prebuilt integration, the use of cloud marketplaces will increase. User Advice: The cloud marketplaces currently in market and in use by organizations have very different capabilities and serve different purposes. Most, including those offered by cloud service providers, are basic in their capabilities, although more sophisticated offerings have emerged in the market. The most fundamental type of marketplace is nothing more than a directory of cloud service offerings, with no value-added capabilities beyond the catalog. More sophisticated cloud marketplaces include additional services, such as authentication and authorization, metering, aggregated billing and reporting, provisioning, data management and integration, compliance, and security. Organizations should look for cloud marketplace offerings with the software and services that meet their cloud service platform requirements and value-added service needs: ■
Marketplaces of cloud services built to enhance or extend a specific cloud service offering (example: Salesforce AppExchange).
■
General-purpose marketplaces, with cloud services from different providers (example: RightScale).
■
Vertical industry marketplaces, with cloud services designed for specific vertical industry needs or use cases (example: government cloud marketplaces).
■
Marketplaces of complementary software images built for a specific cloud platform. These marketplaces are effectively software catalogs, with purchasing and delivery capabilities (example: Amazon AWS Marketplace).
Organizations should assess the benefits of value-added services offered through cloud marketplaces. Value-added services may be available as business services (such as billing, compliance, vertical industry specialization and managed services) or technology services (such as integration, monitoring, service delivering, security and customization). Working with providers in a cloud brokerage model, often through a cloud marketplace, may provide benefits that map well to the organization's cloud sourcing strategy. Internal cloud marketplaces, delivered by an internal
Page 36 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
CSB, can deliver similar benefits. Conversely, cloud marketplaces may provide a level of intermediation that may make it more difficult for the organization to interact with the cloud service or the cloud service provider. Business Impact: Third-party cloud marketplaces will be most popular with smaller organizations that benefit from the value-added capabilities of cloud marketplaces, or business units within large organizations. Larger organizations will also make use of cloud marketplaces associated with their chosen cloud platform. Organizations with sophisticated IT capabilities may establish a cloud marketplace as part of an internal CSB, designed to facilitate usage of internal and external cloud services, and to provide management and control over the organization's collection of cloud services. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: Amazon Web Services; Google; IBM; Ingram Micro; Microsoft; RightScale; Salesforce Recommended Reading: "Competitive Landscape: Public Cloud Business Application Marketplaces, 2015" "Market Insight: Cloud Marketplaces Will Disrupt Communications Service Providers' Sales Models" "Market Insight: Finding Growth Opportunities in Cloud" "Digital Disruption Profile: Cloud Computing Disrupts and Enables" "Tech Go-to-Market: Consider Cloud Platform Marketplaces as a Disruptive Alternative to Traditional Sales Models — Part 1"
Cloud Networking Analysis By: Sid Nag Definition: Cloud networking is a service offered by service providers to connect disaggregated hybrid IT and hybrid cloud environments. Cloud networking services provide robust interconnectivity between external cloud data centers and a customer's on-premises data centers. Cloud networking services typically include capabilities that address quality of service and latency, and network availability for applications that require reliable connectivity between the customer's premises and an external cloud service. Position and Adoption Speed Justification: In the next two to five years, cloud networking will be a major criteria for selection of cloud providers by 50% of enterprises. Organizations should select providers that must include cloud networking as a cornerstone of their cloud-managed services offerings as issues with network connectivity across the hybrid IT environment and multiple cloud
Page 37 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
providers data centers increase in complexity. Cloud networking also has a part in building and managing secure private networks over the public internet by utilizing global cloud computing infrastructure. In cloud networking, the traditional network functions and services, including connectivity, security, management and control, are delivered as a service in the cloud. User Advice: Users should look for cloud networking offerings that include capabilities to select the right connectivity provider whether it is a cloud provider, an exchange provider or a traditional ISP. User must also make sure that the adequate quality of service and latency and availability issues are addressed, especially for mission-critical applications that are running in the cloud. This offering should also get into issues related to dual homing, peering point selection, route advertising and other networking issues. Other capabilities to look for include rapid provisioning of MPLS, VPN and SD-WAN support for complex overlays for connecting an organization's on-premises locations into the cloud provider's data center. Furthermore, it should provide cost comparisons of selecting one connectivity provider over the other. As users move applications into the cloud, cloud networking requirements may emerge: ■
There will often be a requirement for the application running in a cloud provider's data center to interact and interoperate with other applications that still reside in the customer's data centers.
■
Cloud applications may need to interact with other applications running in a different cloud provider's cloud data center.
■
Due to governance and compliance reasons, the data associated with an application running in the cloud may still have to reside in the customer's data centers.
All of these scenarios create a need for a robust connectivity model in order to achieve optimal application performance. Business Impact: Cloud networking challenges rank among the top inhibitors to the use of public cloud services. Cloud networking challenges, which ranked among the top four challenges to the adoption of cloud, have received less attention in the industry despite being a critical element that many organizations are concerned about. It is clear that cloud interconnect architectures are important for all applications across the disaggregated hybrid cloud and hybrid IT environments. Moving forward, however, as organizations move vertical-specific mission-critical applications to the cloud, cloud interconnect architectures will become even more critical. Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Amazon Web Services (AWS); AT&T; CenturyLink; Digital Realty; Equinix; Google Cloud Platform; Microsoft Azure; QTS Realty Trust; Verizon; VMware Recommended Reading: "Market Insight: How to Seize the Cloud Networking Service Opportunity"
Page 38 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"A Tour of Gartner's Cloud Networking Research" "Utilizing Network Service Provider Direct WAN Connectivity for the Cloud"
Software-Defined Infrastructure Analysis By: Philip Dawson Definition: In 2018, software-defined infrastructure (SDI) is absorbing the broad set of softwaredefined anything (SDx) infrastructure components. SDI combines the software-defined data center (SDDC) IP. SDI also captures not only non-data-center infrastructure deployed in Mode 2 Internet of Things (IoT) applications, but also an SD Edge of edge-based adapters, monitors, gateways, appliances and machines. Position and Adoption Speed Justification: Data center infrastructure is well-covered with compute (SDC), network (SDN) and storage (SDS), but SDI also extends to non-data-center infrastructure with the use of monitors or machines that are increasingly software-defined. This is through the use of sensors and adapters that are not only hardware-focused, but also abstracted through software, becoming SDI in Mode 2 IoT and operational technology, rather than traditional, IT-driven SDI through a Mode 1 data center. User Advice: As SDI initiatives roll out, consider the integration and measurement of non-datacenter edge infrastructure. Start with and focus on core Mode 1 SDI for compute, network, storage and facilities, but consider the impact of Mode 2 SDI around the IoT, edge computing, remote office/branch office and other operational technology. Key IoT distributed verticals (such as retail, manufacturing, retail banking, distribution and utilities) are encapsulating non-data-center SDI initiatives for Mode 2 operations and functions. Business Impact: With the increase of the IoT touching edge-based operational technology, SDI will reach beyond and between SDDCs, and leverage SDx benefits and features for new multimode applications and edge endpoints. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: IBM; Intel; Microsoft; Red Hat; VMware; Wipro Recommended Reading: "IT Market Clock for Bimodal Compute Infrastructure, 2017" "Should Your Enterprise Deploy a Software-Defined Data Center?"
Hybrid Cloud Computing Analysis By: Milind Govekar; Dennis Smith; David W. Cearley
Page 39 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Definition: Hybrid cloud computing is the coordination of cloud services across public, private and community cloud service providers to create another cloud service, which is how it differs from multicloud computing. A hybrid cloud computing service is automated, scalable, elastic, has selfservice interfaces and is delivered as a shared service using internet technologies. Hybrid cloud computing needs integration between the internal and two or more external environments at the data, process, management or security layers. Position and Adoption Speed Justification: Hybrid cloud offers enterprises the best of both worlds — the cost optimization, agility, flexibility, scalability and elasticity benefits of public cloud, in conjunction with the control, compliance, security and reliability of private cloud. As a result, virtually all enterprises have a desire to augment internal IT systems with external cloud services. The solutions that hybrid cloud provides include service integration, availability/disaster recovery, cross-service security, policy-based workload placement and runtime optimization, and cloud service composition and dynamic execution (for example, cloudbursting). A hybrid cloud computing architecture enables multicloud implementations. While most organizations are integrating applications and services across service boundaries, we estimate approximately 10% to 15% of large enterprises have implemented hybrid cloud computing beyond this basic approach — and for relatively few services. This decreases to less than 10% for midsize enterprises, which mostly are implementing the availability/disaster recovery use case. While most companies will use some form of hybrid cloud computing during the next two years, more advanced approaches lack maturity and suffer from significant setup and operational complexity. Positioning on the Hype Cycle advances toward the Trough of Disillusionment as organizations continue to gain experience in designing cloud-native and optimized services, and seek to optimize their spending across on-premises and off-premises cloud services. However, this is different from hybrid IT, which is where IT organizations act as service brokers as part of a broader IT strategy and may use hybrid cloud computing. Hybrid IT services are professional services that provide cloud service brokerage (CSB), multisourcing, service integration and management capabilities to customers building and managing an integrated hybrid IT operating model. These services are provided by vendors (such as Accenture, Wipro, Tata Consultancy Services [TCS]) and other service providers and system integrators. Microsoft has launched Azure Stack and VMware has launched Hybrid Cloud Extension to support hybrid cloud implementations — mainly hybrid cloud orchestration (see "Utilizing Hybrid Architectures for Cloud Computing"). User Advice: When using hybrid cloud computing services, establish security, management, and governance guidelines and standards to coordinate the use of these services with internal (or external) applications and services to form a hybrid environment. Approach sophisticated cloudbursting and dynamic execution cautiously because these are the least mature and most problematic hybrid approaches. To encourage experimentation and cost savings, and to prevent inappropriately risky implementations, create guidelines/policies on the appropriate use of the different hybrid cloud models. Coordinate hybrid cloud services with noncloud applications and infrastructure to support a hybrid IT model. Consider cloud management platforms, which implement and enforce policies related to cloud services. If your organization is implementing hybrid IT, consider using hybrid cloud computing as the foundation for implementing a multicloud broker role and leveraging hybrid IT services and service providers to complement your own capabilities. Page 40 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Business Impact: Hybrid cloud computing enables an enterprise to scale beyond its data centers to take advantage of the elasticity of the public cloud. Therefore, it is transformational when implemented because changing business requirements drive the optimum use of private and/or public cloud resources. This ideal approach offers the best possible economic model and maximum agility. It also sets the stage for new ways for enterprises to work with suppliers and partners (B2B), and customers (B2C), as these constituencies also move toward a hybrid cloud computing model. Benefit Rating: Transformational Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: Hewlett Packard Enterprise (HPE); IBM; Microsoft; OpenStack; Rackspace; RightScale; VMware Recommended Reading: "Comparing the Approaches of Microsoft Azure Stack and 'VMware Cloud on AWS'" "Market Guide for Managed Hybrid Cloud Hosting, North America" "Utilizing Hybrid Architectures for Cloud Computing" "Solution Path for Developing Enterprise Hybrid Cloud Strategies" "I&O Leaders Must Plan for Hybrid Cloud Orchestration" "Market Guide for Cloud Management Platforms" "Cloud Adoption Is Driving Hybrid WAN Architectures"
Cloud Service Brokerage Analysis By: Gregor Petri; Sid Nag Definition: Cloud service brokers combine technology, people and methodologies to help (internal or external) organizations consume cloud services. Cloud service brokerage (CSB) is defined as an IT role and business model in which a company or internal entity adds value to one or more (public or private) cloud services. This is done on behalf of one or more consumers of that service by providing an aggregation, integration, customization and/or governance role. CSB enablers provide technology to support cloud service brokering activities. Position and Adoption Speed Justification: As cloud computing continues to become more mainstream while skills and knowledge remain scarce, the awareness of cloud brokering (either taken on internally or outsourced to a service provider) continues to increase. This has cloud services brokering moving steadily toward the Plateau of Productivity, although maybe more slowly than initially expected by some. As companies continue to formulate their cloud strategies, the role of internal IT as a cloud service broker has become a role model for many IT organizations.
Page 41 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
The area related to cloud services brokering that has, however, grown the fastest over the last few years is the segment of third-party managed service providers (MSPs). These MSPs offer addedvalue services for cloud migration and managed services on top of cloud infrastructure. (For details, see "Magic Quadrant for Public Cloud Infrastructure Managed Service Providers, Worldwide.") Providers come from a wide variety of backgrounds, including system integration, managed hosting and full-service outsourcing, which compete with pure-play startups. Providers of CSB-enabling technologies include dedicated cloud brokerage platforms, cloud management platforms with embedded brokering capabilities, and a wide variety of cloud management point solutions. We have seen a significant wave of acquisitions of these enablement companies by a variety of (managed) service providers. User Advice: In the area of SaaS, providers of cloud services tend to focus on a narrow set of functionality (for example, expense management, HR support, CRM, big data analysis, office productivity, or file storing and sharing) at an enormous scale. The result is that enterprises will use multiple cloud services from numerous SaaS providers. Meanwhile, we see in the infrastructure area that the preference for multicloud cloud strategies continues to increase. In this multivendor environment, your organization needs to find the right balance. In some cases, your organization can take on the role of an internal service broker to provide multiple cloud services to both internal and external customers via a brokerage enablement platform/app store. And for some other cases, your organization can turn to the app store or marketplace of an external cloud services broker. Consider outsourcing the CSB role to an external service provider if you lack the requisite CSB skills and capabilities, or when an external provider can best meet your time-to-deployment or risk management requirements. Make sure to assess potential CSB provider maturity at the commercial and technical level (see "Essential Provider Selection Criteria to Use When Outsourcing the CSB Role"). Consider an internal CSB role when brokering is perceived as a required internal core competency. Examples are when you want full unilateral control over cloud consumption, or you are responsible for delivering IT services across a hybrid combination of public and private clouds (see "Internal CSB Role Is Emerging Within IT Organizations"). Give preference to CSB providers or CSB technology enablers that have a roadmap indicating the broad understanding of the emerging role of the CSB as the enterprise strategic intermediary for cloud consumption. Business Impact: Although internal IT has embraced the cloud services broker term, external providers by and large still shy away from using the "broker" label. Instead, they prefer terms such as "cloud integrator" or "cloud managed service provider." They continue to struggle to find the right business model for monetizing their value-added brokering activities, and the impact of cloud service brokering on the industry will be significant. New pure-play brokering service providers are emerging, while large traditional system integrators and hosting providers are repositioning themselves as brokers instead of trying to compete against
Page 42 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
rapidly growing hyperscale cloud providers. Distributors, value-added resellers, independent service providers and OEMs are redefining their business models in context of the new cloud service reality. Communications service providers and emerging new players (such as banks and financial institutions) are entering the cloud service brokering market with small- or midsize-businessfocused offerings. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Adolescent Sample Vendors: Accenture; AppDirect; Cloudnexa; Cognizant; ComputeNext; DXC Technology; Hewlett Packard Enterprise (HPE); Ingram Micro; Rackspace; RightScale Recommended Reading: "Adapting IT to Become the Broker of Cloud Services" "Market Guide for Cloud Service Brokerage" "Competitive Landscape: Cloud Service Brokerage" "Magic Quadrant for Public Cloud Infrastructure Managed Service Providers, Worldwide" "Critical Capabilities for Public Cloud Infrastructure Managed Service Providers, Worldwide" "Forecast: Cloud Consulting and Implementation Services, Worldwide, 2017-2022" "Market Insight: Top 10 Things 'To Do' to Seize the Cloud Service Brokerage Opportunity" "How to Select a Cloud Management Platform for Brokering Hyperscale Cloud Providers" "A CIO Primer on Cloud Services Brokerage" "Exploiting MSI and CSB Roles to Effectively Manage Complex Hybrid IT Services Environments"
Cloudbursting Analysis By: Ed Anderson Definition: Cloudbursting is the use of an alternative set of public or private cloud services as a way to augment and handle peaks in IT system requirements at startup or during runtime. Cloudbursting can span on-premises private cloud with public cloud, and may cross cloud providers or resource pools within a single provider. Typical use cases for cloudbursting include the expansion of IT resources across internal data centers, external data centers, or between internal and external data centers. Position and Adoption Speed Justification: The notion of cloudbursting is based on the idea of "bursting" out of an internal data center to an external cloud service (usually infrastructure as a
Page 43 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
service (IaaS) or platform as a service (PaaS)) when additional computing capacity is needed. Cloudbursting can be implemented as a type of autoscaling, implemented across service environments. Although cloudbursting includes any scenario where cloud services are utilized in an on-demand fashion when additional capacity is required, cloudbursting could also include scenarios where less critical resources are moved to a cloud service in order to free up internal capacity for critical on-premises workloads. Today, cloudbursting is often a manually initiated process, but over the next two to three years, cloudbursting may become automated through the use of triggers and service governor technology for the following roles: ■
A provisioning time placement role
■
A runtime movement role
■
A runtime expansion role
The provisioning time placement role is the easiest to implement and requires the least governance insight because services are placed based on available capacity and policy. The runtime movement role is harder, may require some downtime and will be less common because moving services between cloud environments and across different providers is often quite complex. The runtime expansion role requires applications to be specifically written or adapted to cloudbursting, such as scale-out web architectures or batch-computing jobs that can disperse the work in parallel across distributed data centers. Most applications have storage and database architectures that cannot be easily adapted to geographically dispersed data centers. Likewise, networking challenges, including latency, can make cloudbursting unfeasible. Barriers to cloudbursting usage include the lack of cross-cloud provider API standards, inadequacy of application instrumentation, root cause analysis and management tools, latency between data centers, security and networking configuration and automation, and incompatible application architectures. While penetration in large organizations is 5% to 20%, the number of services that make use of actual cloudbursting is small and is focused on the more stateless web or application tiers, and less so on the more complex and often stateful data tier. The rising interest in multicloud architectures has elevated interest in cloudbursting as a means to leverage cloud capacity and capabilities across cloud environments. Although interest in multicloud environments is growing, the challenges of implementing cloudbursting remain difficult for most types of applications, particularly complex applications. User Advice: Cloudbursting is often cited as one of the primary use cases for hybrid cloud or multicloud environments. In practice, cloudbursting remains an aspirational notion for most organizations because of the practical difficulties in implementing cloudbursting. When considering the use of cloudbursting, it is prudent to take a pragmatic approach, recognizing the challenges associated with an operating environment that assumes cloudbursting capabilities. Select workloads and applications that are conducive to scale-out execution using parallel and distributed processing models.
Page 44 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Do not assume that cloudbursting will become a broadly viable approach for workload portability and expansion across cloud services, even when hyped technologies such as "containers" are used.
■
Assess which applications will get value from cloudbursting and whether they meet the technical criteria and constraints for implementation such as whether they are designed to be distributed, will not be impacted by network latency, and have appropriate application instrumentation.
■
Account for cloudbursting in the IT service architecture of workloads with highly variable demand to take advantage of extending cloud services across cloud environments to meet fluctuating resource demands. Recognize that implementation will require development and integration skills to enable bursting (for example, security, Internet Protocol addressing and provisioning) as well as to trigger the increase or decrease in capacity, and to write the automation to perform the implementation.
■
Implement robust network connectivity and reliable transport between cloud service environments where cloudbursting will occur.
■
Carefully evaluate the financial implications of the dynamic movement of workloads; there may be significant costs associated with storage and networking.
Business Impact: Cloudbursting has the potential to reduce the overall cost of running cloud services by dynamically provisioning additional capacity on-demand, and potentially from different providers to meet the needs of workloads with variable resource demands. It enables the use of cloud services to address capacity overflow for on-premises or cloud-based systems. Benefit Rating: High Market Penetration: Less than 1% of target audience Maturity: Adolescent Sample Vendors: Amazon Web Services; Dell; Google Cloud Platform; Hewlett Packard Enterprise; Joyent; Microsoft; OpenStack; RightScale; Scalr; VMware Recommended Reading: "Cloud Computing Primer for 2018" "I&O Leaders Must Plan for Hybrid Cloud Orchestration" "2018 Planning Guide for Cloud Computing" "Market Guide for Public Cloud Container Services"
Private Cloud Computing Analysis By: Thomas J. Bittman
Page 45 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Definition: Private cloud computing is a form of cloud computing used by only one organization, or one that ensures an organization is completely isolated from others. As a form of cloud computing, it has full self-service, full automation behind self-service and usage metering. It does not have to be on-premises, or owned or managed by the enterprise. Position and Adoption Speed Justification: Private and public cloud computing are at opposite ends of the "isolation" spectrum. As public cloud providers have offered virtual private cloud, dedicated instances, and dedicated hosts, the gap between private and public has become a spectrum of isolation choices. Organizations that build a private cloud service are emulating public cloud computing providers to acquire similar benefits — mainly agility, mainly for new cloud-native applications, mainly for business value and growth. This can be for infrastructure as a service (virtual machines or containers), platform as a service, or in some situations, software as a service. The use of third parties for cloud computing (private and public) has been growing rapidly. The ongoing cost and complexity of building a true private cloud can be extreme, and the rationale for building your own has been declining. This term is also used to describe a very different trend, where traditional infrastructures that are being modernized with virtualization, some automation, and some self-service — leveraging only some valuable attributes of cloud computing, but applying them to existing applications with traditional infrastructure requirements. However, because these are different trends, Gartner does not include this form of modernization in our definition of private cloud. But when the goal is IT efficiency or modernization for existing applications, these "just enough cloud" architectures can be beneficial (but that's not covered in this profile). User Advice: ■
Evaluate third-party options first. These include hosted private cloud, managed services, virtual private cloud alternatives, or public cloud.
■
Choose your private cloud strategy based on the necessary return on investment or business goals: If business growth or business value for new applications, consider a true cloud architecture; if IT efficiency or IT modernization for existing applications, choose cloud-inspired technologies and methods to implement surgically. Just-enough cloud is often enough.
■
Focus on business and application needs first, don't start with the technology. One technology architecture and operational model cannot support all of the application needs of a typical enterprise. Either build multiple architectures and operational models, or leverage third-parties.
■
Focus on services that fit the cloud model — standard, high-volume and self-service; those that require agility, horizontal scalability; and usages that might be short-lived.
■
Consider the long-term roadmap for your private cloud services. Build with the potential to integrate, interoperate or migrate to public cloud alternatives at the appropriate time.
■
Manage the scope of work — start small, and broaden based on the business case.
Page 46 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Build expertise in managing multiple architectural and operational models, and multicloud — this is more valuable to an enterprise than expertise in building a single cloud architecture.
Business Impact: Cloud computing enables agility that an enterprise can use to react quickly to business requirements in functionality or scale. Due to economies of scale, cloud computing can also improve efficiency and lower costs. However, because leveraging a true cloud computing architecture requires applications and operational models designed for cloud computing, the cost of transformation for existing applications does not always justify the investment. True private cloud computing is used when enterprises aren't able to find cloud services that meet their needs in terms of regulatory requirements, functionality or intellectual property protection. True private cloud computing is almost always purpose-built for a specific set of new applications, and their success can be measured in revenue or market share. When the primary goal of a private cloud is IT efficiency, businesses can reduce costs and improve overall operational efficiency for their existing application portfolios by leveraging cloud technologies where appropriate, and adding manual or custom intervention, or customized changes as needed to support those applications. However, enterprises need to recognize that these are two different goals, with different architectures, and trying to do them in a single architecture usually achieves none of the goals well. Being bimodal, based on business and application needs makes the most business sense. Benefit Rating: High Market Penetration: More than 50% of target audience Maturity: Mature mainstream Sample Vendors: Apprenda; BMC; Hewlett Packard Enterprise; IBM; Microsoft; Pivotal; Red Hat; VMware Recommended Reading: "When Private Cloud Infrastructure Isn't Cloud, and Why That's Okay"
Cloud Management Platforms Analysis By: Dennis Smith; Padraig Byrne; Colin Fletcher Definition: Cloud management platforms (CMPs) enable organizations to manage private, public and multicloud services and resources. Their specific functionality is a combination of provisioning and orchestration; service request management; inventory and classification; monitoring and analytics; cost management and resource optimization; cloud migration, backup and disaster recover; identity, security and compliance. This functionality can be provided by a single product or a set of vendor offerings with some degree of integration. Position and Adoption Speed Justification: While the CMP market is continually changing, vendors and enterprise customers are getting a better feel for where such tooling can and cannot be used. Vendors are still being challenged with evolving customer requirements (for example,
Page 47 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
interfacing with multiple public clouds and cost transparency with workload optimization to remediate cost overruns). At the same time, major market consolidation will continue during the next few years. For example, many vendors that initially targeted cost management have been acquired as this functionality is becoming a part of basic CMP functionality. The same is occurring with cloud migration vendors. Additionally many long-standing vendors are introducing nextgeneration products, often targeting holes that their previous products had. Some of the core CMP functionality is also being combined (for example, monitoring and analytics with cost management and resource optimization). The ability to serve both application developer and I&O personas is key. This requires that CMPs be linked into the application development process without imposing workflow that inhibits agility while also allowing infrastructure and operations (I&O) teams to enforce provisioning standards. Organizations have an increasing need to address multicloud requirements, and, in some cases, they want to become internal cloud service brokers (CSBs) and manage public services that were previously acquired — often by lines of business (LOBs) outside the I&O organization — and have become difficult to manage operationally. User Advice: As CMP market volatility increases, IT organizations must: ■
Consider CMP vendor's viability along with evaluating features.
■
Consider native cloud services as an option versus CMPs if you favor depth with an individual cloud provider versus depth across different cloud providers.
■
Augment, swap out or integrate additional cloud management or traditional management tools for many requirements, because no vendor provides a complete cloud management solution.
■
Standardize, because deriving value from your CMP will depend heavily on the degree of standardization offered by the infrastructure, software and services.
■
Set realistic expectations on deployment times, as mature organizations implement CMP in a relatively short period (one to two years); however, less mature organizations may require two or more years to design effective, repeatable, and automatable standards and processes.
■
Plan for new roles, such as cloud architects and cloud service brokers (CSBs), including developing skills in the infrastructure and operations organization, financial management and capacity management.
Business Impact: Enterprises will deploy CMPs to increase agility, reduce the cost of providing services and increase the likelihood of meeting service levels. Costs are reduced and service levels are met because CMP deployments require adherence to standards, as well as increased governance and accountability. Desirable IT outcomes include: ■
Policy enforcement (e.g., on reusable standard infrastructure components)
■
Reduced lock-in to public cloud providers, although at the cost of CMP vendor lock-in which can slow innovation
■
Enhanced ability to broker services from various cloud providers and to make informed business decisions on which providers to use
Page 48 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Ongoing optimization of SLAs and costs
■
Management of SLAs and enforcement of compliance requirements
■
Accelerated development, enabling setup/teardown of infrastructure that mimics production, resulting in lower overall infrastructure costs and higher quality
Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Cisco; Red Hat; RightScale; Scalr; VMware Recommended Reading: "IaaS Cloud Management Tool Selection Methodology" "Market Trends: Multicloud Usage Will Drive Cloud Management Platform Growth" "Magic Quadrant for Cloud Infrastructure as a Service, Worldwide"
Cloud Migration Analysis By: Lydia Leong Definition: Cloud migration is the process of planning and executing the movement of applications or workloads from on-premises infrastructure to external cloud services, or between different external cloud services. Position and Adoption Speed Justification: The process of cloud migration requires: ■
Setting business objectives for the migration
■
Determining what workloads can be moved to an external cloud service (or moved from one such service to another)
■
Planning how to best migrate those workloads
■
Executing the migration
■
Learning to operate in the new cloud model
The tools for actually executing workload discovery and movement are relatively mature. However, most organizations lack the expertise to appropriately plan and execute a migration. Migration service providers — typically public cloud infrastructure managed service providers (MSPs) that can provide other managed and professional services in addition to the migration-related services — can help guide customers through this process, but MSP experience and capabilities vary widely. Furthermore, organizations often struggle with the transformational aspects of cloud operations, which can result in technically successful migrations that fail to meet business objectives.
Page 49 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
User Advice: Organizations should objectively evaluate their ability to conduct a cloud migration on their own, versus leveraging an MSP. While customers sometimes migrate to SaaS without the assistance of an MSP, almost all successful large-scale migrations to IaaS and PaaS are done in conjunction with an MSP. Most MSPs target hyperscale integrated IaaS and PaaS providers, such as Amazon Web Services and Microsoft Azure. When these providers are used, workloads are typically migrated to a mixture of their IaaS and PaaS offerings. Experienced MSPs can help IT leaders think through their objectives and determine what the end state looks like from a technical and organizational perspective. They have a well-structured "migration factory" process, and can provide the strong project management and technical staff needed to execute a migration in a timely fashion. Enterprise architecture and technology leaders typically guide the selection of an MSP, and oversee the migration effort. I&O leaders that elect to perform their own migration should consider purchasing cloud migration tools; this can decrease the time, effort and cost of the migration, compared to manual efforts or writing your own scripts. These tools can also aid in moving workloads between cloud providers, or from a cloud provider back on-premises, although these use cases are rarely seen. I&O leaders must clearly define their use cases and understand that vendor strengths will vary, as well as ensure that the migration tools selected are consistent with their existing management software (such as a cloud management platform or backup/archiving tool). Application leaders should also consider what approach is best for modernizing an existing application. A rehosting without modification might be easiest, but it might bring fewer benefits than replatforming, refactoring, rebuilding, or replacing the application. Business Impact: Relatively few organizations have fully completed large-scale "all in" cloud migrations — migrations that allow the organization to close down most or all of its data centers — as such migrations typically take two to three years for midsize organizations and five years or more for enterprises. A complex SaaS implementation can take up to a year. However, migrating a single application can be accomplished in days or weeks, depending on the application's complexity. Furthermore, many organizations that migrate applications to IaaS, with the help of an experienced MSP, are able to accomplish the majority of the migration within the first nine months. The organizations that achieve the greatest cost savings with infrastructure migration typically have high degrees of standardization, or are willing to adopt greater standardization in order to significantly lower labor costs via automation. Many organizations realize significant agility benefits, especially the benefits of greater self-service and developer empowerment. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Accenture; CloudEndure; Cloudreach; Racemi; Rackspace; RiverMeadow; Veeam; Zerto Recommended Reading: "Getting Help Implementing Cloud IaaS" "Choose the Right Approach to Modernize Your Legacy Systems" Page 50 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"Developing a Public Cloud IaaS Adoption and Migration Framework" "Building the Right Justification for Moving to the Cloud" "A High-Level Framework for Planning Your Migration to Public Cloud Services"
Integrated IaaS and PaaS Analysis By: Lydia Leong; Yefim V. Natis Definition: Integrated infrastructure as a service (IaaS) and platform as a service (PaaS) (also known as IaaS+PaaS, or integrated cloud platform services) is the business and technology arrangement where IaaS and PaaS capabilities are offered as a unified portfolio of services. The degree of integration may vary, but includes the use of a single self-service portal and catalog, shared identity and access management, a single integrated low-latency network context, unified security, and unified billing. Position and Adoption Speed Justification: IaaS and PaaS are naturally complementary, causing IaaS providers to expand into PaaS and the more ambitious PaaS providers expand into IaaS, natively or through partnerships. Integrated approaches allow users to combine different models of system and application infrastructure within a unified environment. IaaS and PaaS represent a continuum, and an increasing number of capabilities in the market have characteristics of both. Within that continuum reside options that offer different balances between the responsibilities of the provider and the responsibilities of the customer, as well as the degree of transparency in the implementation. Furthermore, a greater degree of automated management is being introduced into both IaaS and PaaS. Today, most integrated IaaS+PaaS providers focus on high-control capabilities, such as compute instances (VMs, OS containers, or bare-metal servers) and other infrastructure resources that may have some form of automated management, or cloud software infrastructure services (typically middleware services with varying degrees of automation). However, high-productivity application PaaS is likely to become an important part of these service portfolios as well. Offering both IaaS and PaaS as a unified service allows the provider to offer multiple intermediate options in an integrated manner, simplifying the selection and facilitating efficient use for the customers. Most customers that use a hyperscale integrated IaaS+PaaS provider, such as Amazon Web Services or Microsoft Azure, have adopted a blend of the provider's IaaS and PaaS capabilities; IaaS resources are typically supplemented with cloud software infrastructure services. Indeed, the availability of this broad portfolio of services is a key aspect of choosing a strategic cloud platform provider. The complexity and level of investment required to offer a full, integrated portfolio of multifunctional PaaS and IaaS services will likely limit the vendor options in this market to a handful of megavendors. Some of the megavendors will form ecosystems, allowing smaller PaaS specialists to be included in this market. However, the maturity of this technology will be primarily dependent on the capabilities of the megavendors.
Page 51 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
User Advice: CIOs, CTOs, IT leaders and planners: ■
Combine IaaS and PaaS capabilities in both cloud-native and legacy migration projects to expand your design and deployment options. In some cases, this may involve using capabilities from multiple cloud providers.
■
Consider integrated IaaS+PaaS providers to be long-term application platforms. They should be managed as such, with appropriate attention to potential application portability issues.
■
When looking at the combined use of IaaS and PaaS, carefully examine capabilities, benefits, and risks of all candidate services separately. Do not assume that all services of the provider are of the same maturity, functional completeness or quality of service.
■
Evaluate the degree of business and technology integration between IaaS and PaaS services. It can range from minimal to seamless, and can produce substantial differences in operations and costs of the project.
■
When considering a smaller specialist PaaS provider, give extra credit to those that are multicloud and, therefore, can be colocated with multiple larger suites of IaaS+PaaS capabilities.
Business Impact: ■
A well-functioning combination of IaaS and PaaS will offer enterprises a more natural, flexible and comprehensive ramp-up path to cloud computing and, consequently, will increase the rate and scope of adoption of cloud by mainstream IT.
■
The integration of IaaS and PaaS allows customers greater flexibility to come into a cloud environment, with the balance of control and ease of use that suits their needs at the time, and to shift that balance in either direction as their needs evolve.
■
Vendors also benefit from IaaS+PaaS — those coming from IaaS and those specialized in PaaS increase their customer value proposition and ability to compete when covering the broader set of capabilities. Because only the largest vendors are able to offer their own implementations of both IaaS and PaaS, the increasing popularity of IaaS+PaaS will contribute to the trend of PaaS market consolidation.
Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Amazon Web Services; Google Cloud Platform; Microsoft Azure Recommended Reading: "Technology Insight for Integrated IaaS and PaaS" "Not Just PaaS: Know and Use the Cloud Platform Continuum"
Page 52 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Cloud Center of Excellence Analysis By: Lydia Leong Definition: A cloud center of excellence (CCoE) is a central IT team, under the supervision of an enterprise architecture and technology innovation leader, that is focused on providing cloud strategy, best practices, and governance for the organization as a whole. Position and Adoption Speed Justification: A CCoE is usually the most effective way for most organizations to achieve organizationwide cloud governance. It is focused on providing cloud best practices — preferably expressed not just in documentation, but also templates and other infrastructure-as-code mechanisms — as well as serving as an internal cloud consulting practice that delivers cloud architecture and recommended solutions. It also partners with the sourcing team to provider cloud vendor management, including cloud service expense management. The CCoE achieves success by ensuring that the "path of least resistance" for cloud use is also the path that is well-governed and meets the organization's security and regulatory compliance requirements. Although it is responsible for developing and enforcing cloud computing policies, it primarily influences, rather than controls. Many organizations that have adopted cloud services have created a CCoE, but most such CCoEs are not yet mature. Most cloud migration service providers strongly recommend that customers create a CCoE, and will assist customers in doing so. CCoEs are typically small, and depend on educating and influencing the architects and other technical professionals throughout the organization who are actually implementing the use of cloud services. The CCoE helps guide an organization's cloud journey, as cloud use grows within an organization, and the organization understands the best practices for cloud usage that are specific to its business needs. In most cases, the CCoE, governance approach, and best practices must evolve with the business and its cloud use. User Advice: A CCoE should be led by a chief cloud architect, and staffed by cloud architects. Typically, these architects have: ■
An enterprise architecture background
■
An excellent understanding of application development
■
A practical understanding of operations
■
Some knowledge of cloud services
■
A strong knowledge of the business
■
Good relationships with business as well as IT management
The chief cloud architect typically also leads a cross-functional cloud computing policy committee that contains representatives from the business; technical end-user teams (such as the application development teams); infrastructure and operations; and sourcing, security, compliance, risk management, and legal teams. Some organizations hire an individual contractor with very strong knowledge of their primary cloud services to lead their CCoE, but such an individual needs an
Page 53 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
enterprise architect partner who has very strong knowledge of the business and the necessary cross-functional relationships. Do not understaff the CCoE, since this can be a major threat to its influence and success. If the organization has a rapidly growing number of cloud projects, it may be wise to open head count for CCoE architects well in advance of demand, since there is significant competition for this skill set. A CCoE frequently chooses governance tools and sets policies, but is often not responsible for operating those tools, and may not be responsible for implementing the policies. In organizations that utilize significant self-service — especially decentralized organizations — the CCoE must maintain strong developer relations in order to both evangelize existing best practices, as well as to continuously collect best practices from these teams. The CCoE frequently facilitates knowledge sharing between these technical end-user teams. Business Impact: The CCoE is the hub of the cloud community within an organization, and it must build and foster that community. It is a critical part of helping the organization mature its use of cloud computing. The CCoE holds together the disparate ways that an organization might adopt cloud computing, through its centralization of cloud knowledge, best practices and common tools, as well as its active outreach throughout the organization. The CCoE function may also be closely aligned to the internal cloud service brokerage (CSB) function. Nearly all organizations that use cloud services can benefit from a CCoE. In smaller organizations, the CCoE function may be performed by a single cloud architect. A single CCoE can serve both modes of bimodal IT, but will likely have different best practices for each mode; and the most successful CCoEs are typically more focused on business agility than cost reduction. Benefit Rating: High Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Recommended Reading: "Preparing the In-House IT Organization for Public Cloud" "Analyzing the Role and Skills of the Cloud Architect"
Climbing the Slope Cloud Office Analysis By: Jeffrey Mann Definition: "Cloud office" refers to a collection of the most broadly used suites of SaaS-based personal productivity, horizontal collaboration and communication tools. The suites generally include email, IM, file sharing, conferencing, document management and editing, search and discovery, and collaboration. Microsoft Office 365 and Google G Suite are the primary examples. The broad term "cloud office" is a general term. The name "Microsoft Office" refers to a specific set of products.
Page 54 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Position and Adoption Speed Justification: The cloud office technology profile has advanced quickly along the Hype Cycle as enterprise adoption grows and the technologies become well understood. While progress is steady with approximately 30% to 40% of enterprises having made the move, the scale and volume of cloud office projects can lead to frustration. Migrations can prove difficult and some organizations fail to realize all of the potential value that these suites can provide. Microsoft and Google have been investing heavily to attract enterprises to their cloud office offerings, and they are responsible for most of the enterprise deployments. Other vendor offerings include IBM Connections Cloud, Amazon WorkDocs/WorkMail/Chime and Zoho Office Suite. Enterprises are making the move because of general preference for cloud deployments and the desire to reduce costs, redeploy IT staff, drive simplicity and provide more functionality to users. Vendors provide their most attractive new features — such as mobile apps, content discovery tools and artificial intelligence — from cloud deployments only. User Advice: For digital workplace leaders: ■
Be realistic about compliance and legal concerns. Do not assume that there is a rule preventing you from moving to a cloud office supplier without first investigating the matter by working with legal counsel. Gartner finds that many assumptions about legal restrictions are due to unnecessarily wide interpretations.
■
Look beyond a "like for like" deployment that focuses only on recreating previous on-premises functionality from the cloud. Although this can be a good initial step, investigate the unique capabilities of cloud office suites to improve digital dexterity, efficiency and innovation.
■
Plan specific efforts to address user adoption by focusing on user change management. It is usually not obvious how to use the new capabilities to increase effectiveness. Employees will benefit from assistance and guidance, perhaps from more advanced colleagues, as a part of the digital dexterity initiative.
■
All organizations must take a position on cloud office deployment, even if it is a decision not to move, or not to move yet. An active decision is better than delay.
■
Look to cloud office suites as a source for continuous innovation in a form that is relatively easy to adopt. Innovations like every day AI, cross-tool integration, and better meetings are likely to come from cloud office products.
■
Ignore self-serving vendor migration pressures, but develop plans based on enterprise requirements and strategies.
Business Impact: The wide scope of cloud office workloads (especially email) means that this technology will potentially affect everyone in the organization. These suites support a wide variety of styles of collaboration including video, conversational, and social as well as the more conventional email and IM. While overall adoption is in the 30% to 40% range, most organizations have made a plan or specifically decided to put off making a move, which will be difficult to avoid in the longer term.
Page 55 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Amazon; Google; IBM; Microsoft; Zoho Recommended Reading: "Office 365, G Suite or Other Cloud Office Initiatives Primer for 2018" "Maximize the Value of Office 365 or G Suite by Making It Part of a Digital Workplace Program" "Use a People-Centered Approach to Manage Cloud Office Migration for Business Value" "Implementing Microsoft Office 365: Gartner Survey Results and Analysis, 2018" "Checklist for Microsoft Office 365 or Google G Suite Migration Planning"
iPaaS Analysis By: Massimo Pezzini Definition: Integration platform as a service (iPaaS) is a cloud service that supports application, data and process integration requirements, usually involving a combination of cloud-based, onpremises, mobile and IoT endpoints. iPaaS delivers a mix of capabilities typically found in classic integration software and, increasingly, in API management platforms. IT departments and lines of business leverage these capabilities to develop, manage and execute integration processes — increasingly in the context of hybrid integration platform strategies. Position and Adoption Speed Justification: iPaaS offerings are primarily used for SaaS and cloud-data integration, but increasingly also for API publishing and management, mobile app integration, data management and Internet of Things (IoT) scenarios. A growing number of organizations have also adopted iPaaS as a complement to, or replacement for, traditional integration platform software to support on-premises application, data and B2B integration projects. This often happens in the context of an integration strategy that aims at hybrid integration platform (HIP) and self-service delivery models to support a range of integration personas (such as integration specialists or ad hoc and citizen integrators). Tens of thousands of organizations, of all sizes and in all vertical industries and geographies, have so far adopted iPaaS offerings, therefore providers' revenue is skyrocketing (close to 70% growth in 2017). The market includes many specialist players (Dell Boomi, Jitterbit, SnapLogic, Workato) as well as established integration providers (Informatica, Software AG, TIBCO Software). The iPaaS offerings of megavendors (IBM, Microsoft, Oracle, SAP and now also Salesforce) are having a significant impact on the market, primarily via cross-selling to established clients. iPaaS functionality is available as stand-alone offerings, but also often as an "embedded" feature in a variety of cloud services. This will favor adoption, although it may result in some duplication of technology for organizations with multiple, uncoordinated buying centers.
Page 56 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Driven by the explosion of innovative and time-constrained digital business initiatives, and pushed by the marketing machines of the megavendors, iPaaS adoption will continue to grow quickly both in SMBs and large organizations. Barriers to this adoption will include: ■
Growing market fragmentation
■
Bifurcation between enterprise iPaaS providers (broad use-case coverage) and domain-specific iPaaS players (focused on verticals, or ecosystems), which may create confusion in the market
■
The dubious viability of some pure-play providers
User Advice: Compelling iPaaS value propositions include ease of use (expected to further improve via the recent introduction of AI, ML and NLP techniques), fitness with cloud-centric integration requirements, self-service via cloudstreams (prepackaged integrations), and lower entry and IT operation costs. iPaaS's greater flexibility and range of functionality than with traditional integration platforms also appeals to prospects. Application leaders responsible for modernizing their integration infrastructure should position iPaaS as: ■
The integration platform of choice for midsize organizations moving to the cloud and for "greenfield" integration initiatives
■
A quick-win approach to well-defined use cases, typically via the tactical adoption of domainspecific iPaaS offerings
■
An opportunity to enable application developers, SaaS administrators or even business users to occasionally perform integration tasks in a self-service fashion (ad hoc and citizen integrators)
■
A viable option for a variety of "adaptive" integration projects with low budgets, severe time constraints, and informally defined and incrementally formulated requirements
■
A complement to traditional integration platforms for a wide range of integration scenarios, via the adoption of enterprise iPaaS offerings — increasingly in the context of HIP strategies and to support bimodal approaches to integration
Application leaders should, however, think strategically but act tactically in their iPaaS acquisitions, because market changes are likely to happen during the next three to five years (if not earlier) as it progressively moves toward saturation. Many of the current providers will be acquired; retrench into narrow, more defensible niches; reposition; or simply go out of business. Business Impact: The use of iPaaS offerings will help application leaders to: ■
Support the any-to-any, pervasive integration challenge posed by digital transformation initiatives; typically, as a complement to a broader HIP
■
Reduce the time to value for new cloud services, via faster integration
■
Increase business process efficiency
■
Integrate faster and more easily with business partners
Page 57 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Enable business innovation through API publishing, mobile apps, IoT integration and other emerging use cases such as robotic process automation, event-stream processing and digital integration hub architectures
Through iPaaS, the state-of-the-art application and data integration technology previously used only by large organizations, is now also affordable for midsize businesses — enabling them to improve the quality and agility of their business processes. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Dell Boomi; IBM; Informatica; Jitterbit; Microsoft; MuleSoft; Oracle; Scribe Software; SnapLogic; Workato Recommended Reading: "Magic Quadrant for Enterprise Integration Platform as a Service, Worldwide" "Technology Insight: Enterprise Integration PaaS"
Private PaaS Analysis By: Yefim V. Natis; Paul Vincent Definition: A private platform as a service (PaaS) is a type of PaaS that offers exclusive access to a customer organization. Private PaaS may be established on-premises or hosted on a public IaaS by the customer organization (self-managed). It can be managed by a service provider (providermanaged), typically as an isolated-tenancy (dedicated) rendition of a public PaaS available from the same provider. PaaS framework software products are designed as supporting technology to set up a private selfmanaged PaaS. Position and Adoption Speed Justification: "Private PaaS" is a name that has been often attributed — incorrectly — to simply a deployment of a PaaS framework software, like Pivotal Application Service or Red Hat OpenShift Container Platform, or a less-opinionated container management software, like Mesosphere DC/OS or Pivotal Container Service. Container management on-premises is a progressive development for most organizations, it delivers greater agility and efficiency to the organization's IT. But it does not automatically deliver the cloud benefits associated with PaaS — standardization, separation of concerns, elastic scalability and self-service. Private PaaS is associated foremost with the separation of providers of services and the subscribers. There must exist a platform operations team that is independent of the development team that subscribe to the platform services. In a self-managed environment, both the operations and the development teams belong to the same organization. In the provider-managed scenario the operations and the development teams are different companies (the provider and the customer). In both scenarios, a portal must isolate the two sides (the operations and development teams) and the
Page 58 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
provider does not offer any customer-specific services, only a standard list, available equally to all qualified subscribers. Such organizational discipline is hard to enforce in most self-managed deployments; the provider-managed option is more likely to deliver true cloud PaaS experience in a private context. Growing popularity and production experience of organizations with PaaS framework and container management software have led most organizations to a more realistic understanding of what outcomes and experiences are available with that technology and the associated necessary investments. Some organizations have succeeded in establishing the firm separation of the providers and subscribers of the PaaS capabilities. Others have simply settled on the better operation IT environment. The greater sense of reality for self-managed private PaaS and the increasing use of the provider-managed (dedicated) private PaaS — both lead to overall increasing maturity of private PaaS deployments, advancing it toward the Plateau of Productivity. User Advice: Application Leaders, CIOs, CTOs, IT leaders and planners should: ■
Plan private PaaS initiatives in the knowledge that true cloud outcomes are not achieved through technology alone, but require changes to the IT organization, its culture, processes, policies and operations.
■
Where feasible, choose public cloud services; recognize that establishing a private PaaS is not a trivial exercise — it will require a lot more effort, skill and experience than subscribing to a public PaaS service.
■
When determined to establish a private PaaS environment, understand that taking the providermanaged (dedicated) private PaaS approach is more likely to deliver the desired cloud outcomes.
■
Recognize that software that is suitable for enabling a private PaaS environment is also suitable for building a modern, continuous DevOps environment. Distinguish between these two objectives and understand their priorities to make the most of the technology available and avoid unnecessary costs and disappointments.
Business Impact: Private PaaS offers access to some of the benefits of cloud computing for organizations that are concerned about public cloud maturity, security and quality of service, or the vendor lock-in. It positions these organizations for gradual transition to hybrid and public application platform options. Thus, private PaaS accelerates cloud adoption by the more-conservative mainstream enterprises. It also opens the customer organizations to potential multicloud presence to reduce vendor lock-in. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Docker; IBM Cloud Dedicated; Mesosphere; Oracle Dedicated Compute Classic; Pivotal; Red Hat
Page 59 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Recommended Reading: "How Private PaaS Can Begin to Transform Your IT" "2018 Planning Guide for Cloud Computing" "Market Guide for Cloud Management Platforms" "The Key Trends in PaaS, 2018" "Not Just PaaS: Know and Use The Cloud Platform Continuum" "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2016"
Public Cloud Storage Analysis By: Raj Bala Definition: Public cloud storage is IaaS that provides block, file and/or object storage services delivered through various protocols. The services are stand-alone, but often are used in conjunction with compute and other IaaS products. The services are priced based on capacity, data transfer and/or number of requests. The services provide on-demand storage and are self-provisioned. Stored data exists in a multitenant environment, and users access that data through the block, network and REST protocols provided by the services. Position and Adoption Speed Justification: Public cloud storage is a critical part of most workloads that utilize public cloud IaaS, even if it's often invisible to end users. In fact, the default volume type used for virtual machines on some providers is SSD-based block storage. Unstructured data is frequently stored in object storage services for high-scale, low-cost requirements, but end-users are often unaware of the underlying storage type being used. However, the market for public cloud storage is becoming less invisible to end users as cloud providers begin offering more traditional enterprise brands with data management capabilities of storage systems found on-premises. User Advice: Do not choose a public cloud storage provider based simply on cost or on your enterprise's existing relationship with the provider. The lowest-cost providers may not have the scale and operational capabilities required to become viable businesses that are sustainable over the long term. Moreover, these providers are also unlikely to have the engineering capabilities to innovate at the rapid pace set by the leaders in this market. Upheaval in this market warrants significant consideration of the risks if organizations choose a provider that is not one of the hyperscale vendors, such as Alibaba, Amazon Web Services, Google and Microsoft. Many of the Tier 2 public cloud storage offerings that exist today may not exist in the same form tomorrow, if they exist at all. Utilize public cloud storage services when deploying applications in public cloud IaaS environments, particularly those workloads focused on analytics. Match workload characteristics and cost requirements to a provider with equivalently suited services. Business Impact: Public cloud storage services are among the bedrock that underpins public cloud IaaS. Recent advances in performance as it relates to these storage services have enabled Page 60 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
enterprises to use cloud IaaS for mission-critical workloads in addition to new, Mode-2-style applications. The security advances allow enterprises to utilize public cloud storage services and experience the agility aspects of a utility model, yet retain complete control from an encryption perspective. Benefit Rating: High Market Penetration: More than 50% of target audience Maturity: Mature mainstream Sample Vendors: Alibaba Cloud; Amazon Web Services; Google; IBM; Microsoft; Oracle; Rackspace; Virtustream Recommended Reading: "Magic Quadrant for Public Cloud Storage Services, Worldwide" "Magic Quadrant for Cloud Infrastructure as a Service, Worldwide"
SaaS Administrative ERP Analysis By: Mike Guay Definition: SaaS administrative ERP focuses on financial management, human capital management (HCM) and indirect procurement. Some organizations deploy administrative ERP capabilities as a corporate "backbone," which some industries augment with industry-specific functionality. SaaS (cloud) administrative ERP does not include remote hosting, where ownership remains with the customer, or private cloud. In postmodern ERP strategies, SaaS administrative ERP can be supported either using solutions from multiple vendors or a single-vendor suite. Position and Adoption Speed Justification: Public cloud SaaS is now the preferred deployment model for new HCM, finance and indirect procurement capabilities across industries and organization sizes. Gartner predicts that, through 2020, SaaS HCM and financial revenues will continue to grow at 7% annually. Currently, organizations of all sizes are adopting a strategic approach to sourcing all their administrative ERP capabilities as SaaS. In the last few years, there has been an increase in adoption of SaaS core financial management applications by organizations with revenues in excess of $1 billion. Organizations with revenues in excess of $5 billion are still early adopters, but SaaS is the preferred option when replacing these capabilities, even in these organizations. Vendors like Oracle and Workday are aggressively marketing their SaaS administrative ERP suites, while the maturity of solutions from specialist vendors across all aspects of administrative ERP continues to grow. User Advice: ■
Organizations need to make decisions about cloud deployment options in the context of their overall postmodern ERP strategy (see "Adapt Your ERP Strategy to Support a Digital Platform").
Page 61 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
When adopting SaaS applications, organizations need to build the necessary processes and skills for quality assurance and adoption of new features that come with the frequent automatic updates. This means reducing and managing customizations and preparing the user community (see "Adapting Your IT Strategy for a Cloud-Dominated Business Application Environment")
■
Organizations need to educate users about the benefits of a standardization approach. Adopting the standardized capabilities in SaaS administrative ERP solutions requires a shift in the mindset of many business users, especially when they have used highly customized applications. Identify key decision makers and influencers from finance, HCM and procurement, and support these changes.
■
SaaS vendors make much of the "low cost" of public cloud offerings. However, total cost of ownership (TCO) for public cloud administrative ERP has not been proven to be lower than that for on-premises and hosted alternatives. It is therefore important to undertake a detailed TCO analysis spanning at least two renewal cycles (often six to 10 years) to provide a clear estimation of subscription and support costs, as compared with alternatives.
■
Moving administrative ERP capabilities to the public cloud will require new integration skills and technologies to support feeder systems linked to HCM, financials and procurement (see "How to Create an Integration Strategy That Supports Postmodern ERP").
Business Impact: Public cloud SaaS administrative ERP offers the opportunity to standardize business processes, reduce customization and improve operating efficiencies. Organizations will also have the opportunity to "reset" administrative processes and adopt new ways of working, supported by a new generation of SaaS applications coupled with process best practice templates from system integrators and vendors. Moving to the public cloud also makes it easier to adopt the new functionalities required to support new regulatory requirements, because vendors can deliver these more rapidly than with an onpremises model. This can be of significant benefit to administrative functions, especially those within finance and HR. Benefit Rating: Moderate Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Acumatica; Epicor Software; FinancialForce; Microsoft; Oracle; Sage; SAP; Ultimate Software; Unit4; Workday Recommended Reading: "Finance Moving to the Cloud: The Steps to Take and the Benefits You Can Expect" "How and Why to Move HCM to the Cloud" "Key Steps to Moving Your Procurement and Sourcing to the Cloud" "Magic Quadrant for Cloud HCM Suites for Midmarket and Large Enterprises"
Page 62 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"Magic Quadrant for Cloud Core Financial Management Suites for Midsize, Large and Global Enterprises" "Magic Quadrant for Procure-to-Pay Suites" "Application Leaders Must Deal With Hybrid Reality: Staffing and Skills for the Cloud-Based Application Organization"
Application PaaS Analysis By: Paul Vincent; Yefim V. Natis Definition: An application platform as a service (aPaaS) is a cloud platform service that offers application development and deployment environments. There are high-productivity and highcontrol types of aPaaS. Some are multifunction, embedding services like databases. Others focus on programming code environments and rely on other specialized PaaS (xPaaS) for additional services. Position and Adoption Speed Justification: The aPaaS market is served by all the cloud megavendors and many independents. The megavendors, such as Amazon Web Services, Microsoft and Salesforce, are pursuing megaPaaS strategies and moving to complete their coverage of high-control and high-productivity aPaaS. Independent vendors offer specialized or multifunction capabilities. Some aPaaS have evolved from on-premises development platforms or cloud SaaS, and there is increasing support for hybrid on-premises and multicloud options. The largest aPaaS vendor is Salesforce, which supports a SaaS plus PaaS model and high productivity plus high control. It is the No. 1 aPaaS vendor by some margin (with revenue of $1.8 billion in 2017), the No. 2 for PaaS, and the No. 3 for application infrastructure and middleware. Salesforce is continuing to grow fast in the aPaaS sector through training programs and its app store ecosystem. Other megavendors were late to the aPaaS market, especially for high-productivity aPaaS. It is no coincidence that the independents are mostly thriving in the high-productivity sector traditionally overlooked by legacy platform vendors. The aPaaS market achieved a compound annual growth rate of over 20% over the past three years. This contrasts with the traditional platform middleware market's compound annual decline of 1.6%. The maturation of aPaaS technologies marks the beginning of mainstream de facto usage by enterprise and departmental IT teams. Enterprise adoption of aPaaS offerings in general is increasing and steadily moving toward the Plateau of Productivity, with cloud-native capabilities replacing traditional on-premises monolithic application technology. There are competitive threats to high-control aPaaS from self-assembled container-based platforms, PaaS frameworks and serverless function PaaS (fPaaS): aPaaS in general has yet to shift to the serverless model that will provide opacity of underlying infrastructure and maturity. Today, the combination of high-control and high-productivity aPaaS fulfills the majority of requirements for new and modernized applications.
Page 63 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
User Advice: Application leaders, CIOs, CTOs, IT leaders and planners should: ■
Use cloud-native platforms, including aPaaS, as strategic platforms for all new and modernized applications. Although aPaaS is still evolving, avoiding it risks limiting agility and innovation, as the familiar "legacy" platforms of past decades are inelastic. aPaaS offerings provide cloud-first, cloud-native best practices, and should be the primary components of a hybrid application platform portfolio.
■
Consider both high-control and high-productivity aPaaS for appropriate use cases. High-control aPaaS is suitable for mesh app and service architecture (MASA) and high-performance miniservices and microservices, as opposed to "bare bones" container infrastructure as a service (cIaaS) offerings. High-performance aPaaS is suitable for more common enterprise use case patterns and where three-month delivery schedules are more important than specialized services or extreme performance. Blend both types for maximum flexibility in terms of technologies, development skills and speed of application delivery.
■
Consider cloud-enabled application platforms or PaaS frameworks, such as Cloud Foundry and OpenShift, as alternatives to aPaaS where high-control hybrid, multicloud or edge application services are desired.
■
Augment or replace high-control aPaaS with fPaaS when they require variability in compute resources and are not concerned with infrastructure for professional coders' applications. They should, however, note that fPaaS is still a new platform type.
■
Favor strategic providers that offer integrated access to, and management of, high-productivity and high-control aPaaS capabilities, as well as other specialized xPaaS, SaaS and/or IaaS (as required across projects).
■
When planning aPaaS-centered initiatives, give special consideration to integration needs. Webscale IT will demand continuous change, extension and integration. Vendor reliability in terms of backward-release compatibility should also be assessed.
Business Impact: Public aPaaS changes the model of IT software engineering from full-stack responsibility to a focus on the business content of applications. This, in turn, encourages a shift in IT organization, processes, skills and culture from infrastructure-centric to business-centric. The benefit of adopting aPaaS to replace traditional on-premises development and production management of applications is at least moderate. It may be high or even transformational when used in conjunction with, or in support of, agile and associated methodologies. In these cases, aPaaS gives IT teams new time-to-market advantages and ready access to cloud-native technologies. Benefit Rating: Moderate Market Penetration: 5% to 20% of target audience Maturity: Early mainstream Sample Vendors: Google; Kony; Mendix; Microsoft; Oracle; OutSystems; Quick Base; Salesforce; SAP; ServiceNow
Page 64 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Recommended Reading: "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2016" "Market Guide for Application Platforms" "Magic Quadrant for Enterprise High-Productivity Application Platform as a Service" "Establish Guidelines for Selecting Cloud Platform Services" "The Key Trends in PaaS, 2018"
Cloud Computing Analysis By: David Mitchell Smith Definition: Cloud computing is a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using internet technologies. Position and Adoption Speed Justification: Cloud computing is a very visible and hyped term, and has passed the Trough of Disillusionment. Cloud computing remains a major force in IT. Every IT vendor has a cloud strategy — although many aren't cloud-centric, and some are better described as "cloud inspired." Although users are unlikely to completely abandon on-premises models, there is continued movement toward consuming more services from the cloud and enabling capabilities not easily done elsewhere. Much of the focus is on agility, speed and other non-costrelated benefits. "Cloud computing" continues to be one of the most hyped terms in the history of IT. Its hype transcends the IT industry and has entered popular culture, which has had the effect of increasing hype and confusion around the term. In fact, cloud computing hype is literally "off the charts," as Gartner's Hype Cycle does not measure amplitude of hype (that is, a heavily hyped term such as "cloud computing" rises no higher on the Hype Cycle than anything else). Although the peak of hype has long since passed, cloud still has more hype than many other technologies that are actually at or near the Peak of Inflated Expectations. Variations, such as private cloud computing and hybrid approaches, compound the hype, and reinforce that one dot on a Hype Cycle cannot adequately represent all that is cloud computing. Some cloud variations (such as hybrid IT and now multicloud environments) are now at the center of where the cloud hype currently is. User Advice: User organizations must demand clarity from their vendors around cloud. Gartner's definitions and descriptions of the attributes of cloud services can help with this. Users should look at specific usage scenarios and workloads, map their view of the cloud to that of potential providers, and focus more on specifics than on general cloud ideas. Understanding the service models involved is key. Vendor organizations should focus their cloud strategies on more specific scenarios and unify them into high-level messages that encompass the breadth of their offerings. Differentiation in hybrid
Page 65 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
cloud strategies must be articulated. This will be challenging, as all are "talking the talk," but many are taking advantage of the even broader leeway afforded by the term. "Cloudwashing" should be minimized. Gartner's Cloud Spectrum can be helpful. Adopting cloud for the wrong reasons can lead to disastrous results. There are many myths surrounding cloud computing as a result of the hype (see "The Top 10 Cloud Myths") for details and advice. Business Impact: The cloud computing model is changing the way the IT industry looks at user and vendor relationships. Vendors must become providers, or partner with service providers, to deliver technologies indirectly to users. User organizations will watch portfolios of owned technologies decline as service portfolios grow. Potential benefits of cloud include cost savings and capabilities (including concepts that go by names such as "agility," "time to market" and "innovation"). Organizations should formulate cloud strategies that align business needs with those potential benefits. Agility is the driving factor, most of the time. Benefit Rating: Transformational Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Amazon; Google; IBM; Microsoft; Oracle; Red Hat; Salesforce; SAP Recommended Reading: "Cloud Computing Primer for 2018" "The Top 10 Cloud Myths" "Four Types of Cloud Computing Define a Spectrum of Cloud Value"
Platform as a Service (PaaS) Analysis By: Yefim V. Natis; Paul Vincent Definition: Platform as a service (PaaS) is a type of a cloud offering that delivers application infrastructure (middleware) capabilities as a service. Gartner tracks multiple types of PaaS (xPaaS), including, among many more, application platform as a service (aPaaS), integration PaaS (iPaaS), API management PaaS (apimPaaS), function PaaS (fPaaS), business analytics PaaS (baPaaS), IoT PaaS and database PaaS (dbPaaS). PaaS capability can be delivered as a provider-managed or self-managed, multitenant or dedicated. Position and Adoption Speed Justification: The time of rampant hype and confusion about the promise and nature of PaaS is behind us, although some confusion remains, brought about by the blurring boundaries between PaaS on one hand and IaaS and SaaS on the other. Mainstream users have been gaining real value from PaaS deployments and a growing number of organizations are making long-term plans for PaaS projects, replacing their reliance on on-premises and IaaS+
Page 66 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
initiatives and seeking new relationships with megaPaaS vendors. The increasing maturity of PaaS offerings overall, the fast-improving execution by IT megavendors (including Microsoft, Amazon Web Services [AWS], Google, SAP, Salesforce, IBM and Oracle), the growing market acceptance of the smaller xPaaS innovators (including Dell Boomi, Mendix, Kony, Informatica, Pegasystems, OutSystems, StereoLOGIC, C3C IoT and many others), the momentum of SaaS and IaaS introducing PaaS to more organizations, the emerging born-on-the-cloud xPaaS capabilities (such as fPaaS) that are inherently cloud-only — all of these trends are increasing customers' confidence and advancing adoption of PaaS overall toward the Plateau of Productivity. Some specific xPaaS categories have already reached the maturity of mainstream adoption, including aPaaS, iPaaS, dbPaaS and others. User Advice: Application Leaders, CIOs, CTOs and IT leaders and planners: ■
Build new business software utilizing PaaS offerings to gain expertise in cloud-native experience, to take advantage of the continuous innovation common to cloud environment, to gain high quality of service, including high availability, disaster recovery and security, and to be prepared for the next wave of business and technology innovation that will mostly be cloudnative and often cloud-only.
■
Look beyond just the application development using aPaaS. A mature PaaS can provide application platform, integration, event processing and stream analytics, IoT, business process management, portal, database management, in-memory data grids, business analytics, contextual data discovery, and other middleware services. The PaaS market can be as diverse in functionality as the traditional platform and middleware market, and it can support a broad variety of project types.
■
When public cloud is not an acceptable option, consider the provider-managed (dedicated or local) virtual private PaaS ahead of the self-managed private. Self-managed private PaaS is often too hard to carry out, for organizational and cultural reasons. The provider-managed virtual private PaaS can be a suitable alternative.
■
Choose comprehensive PaaS (megaPaaS) providers when looking to consolidate some cloud business relationships, but avoid exclusive commitments to retain the technical and business ability to incorporate PaaS capabilities of multiple providers.
■
To build a dependable platform strategy and reduce vendor lock-in, consider PaaS for initiatives that build on your commitments to SaaS or IaaS providers — in preference to embedded platform features.
Business Impact: The relationship between the vendors and their customers changes dramatically with transition to the cloud, where the vendors shift from just the role of the manufacturers of software to that of active facilitators of their customer's platform operations. Responsibilities, costs, skills, organization and culture of enterprise IT (and business operations) undergo a transformation. IT vendors and users that delay strategic adoption of cloud platform technology, architecture and organization, are at risk of losing loyalty of their customers. Customers that delay adoption of cloud platform services (PaaS), will find themselves with expensive vendor lock-in and chaotic handling of their hybrid technology environment.
Page 67 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Benefit Rating: Transformational Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Amazon Web Services; Dell Boomi; Google Cloud Platform; IBM Cloud; Mendix; Microsoft Azure; Oracle Cloud Platform; OutSystems; Salesforce Platform; SAP Cloud Platform Recommended Reading: "The Key Trends in PaaS, 2018" "Innovation Insight for Platform-as-a-Service Suites (MegaPaaS)" "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2016" "Not Just PaaS: Know and Use the Cloud Platform Continuum"
Cloud-Testing Tools and Services Analysis By: Joachim Herschmann; Thomas E. Murphy Definition: Cloud-testing tools and services involve the use of cloud technology to support testing from or in the cloud. This includes cloud-based lab management, service virtualization, on-demanddelivered testing tools and device clouds. This term also covers support for large-scale load and performance tests, strong technology coverage (e.g., middleware, message formats, security protocols) and the ability to work across applications using a mixture of technologies. Position and Adoption Speed Justification: Cloud-testing solutions have become commonplace in performance and load testing, including performance monitoring. In addition, cloud-based solutions for functional, usability and user experience testing, as well as cross-browser, crossplatform and mobile testing, have gained strong traction in the market. The demand created by mobile-first and omnichannel delivery initiatives has created a strong demand for web, mobile web and mobile device testing options in the cloud. This includes visual testing, such as comparisons of how applications render on different end-user devices and browsers. In many cases, cloud-testing tools supplement existing on-premises testing solutions. But the balance continues to shift as larger parts of DevOps toolchains are delivered from the cloud. The cloud model has become widely accepted and is fast becoming an integral part of the software delivery pipeline. Cloud-based testing solutions are both accelerating the adoption of automated testing and becoming integral parts of testing tool portfolios. User Advice: Several use cases exist for these products. However, primary consideration should be based on lab scalability and the ability to match production use scenarios in a realistic way. For companies looking to control the costs of lab setup and maintenance of tool licenses, cloud-testing tools and services provide good choices. They are especially relevant in cases where the use of testing tools is seasonal. They are also a good option for companies that lack tools and rely on manual testing, enabling these companies to move to automation and best-practice behavior.
Page 68 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Integrate cloud-based testing tools into an agile delivery pipeline to further accelerate development and testing of applications. Consider cloud-delivered, scalable and automated on-demand test labs as part of a DevOps strategy. Full success requires that testing organizations also develop mature change management and testing practices. For performance testing, consider whether there are readily available machines that have already been purchased. These may be easier and less expensive for smaller-scale internal testing that doesn't require a heavy load. Here, it's important to understand the costs and benefits of in-house provisioning versus the cloud. It is crucial to clearly define the objectives of moving a particular testing project to the cloud. Business Impact: Moving test labs to use a virtualized infrastructure in private and public clouds can reduce the cost of management, hardware, software and power. At the same time, it can be the crucial element that is needed to reach the goal of continuous delivery. Hosted tools increase the ability to run more tests more frequently, which reduces production errors and system failures. Cloud-based software provides more flexible billing and capacity, which must be balanced against usage profiles. This flexibility is viable for all organizations, regardless of the development methods they use. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: CA Technologies; Experitest; IBM; Microsoft; Neotys; Perfecto; Sauce Labs; SmartBear; SOASTA; Testbirds Recommended Reading: "Build Continuous Quality Into Your DevOps Toolchains 2018" "Adopt a 'Shift Left' Approach to Testing to Accelerate and Improve Application Development" "IT Market Clock for Application Development, 2017"
Infrastructure as a Service (IaaS) Analysis By: Lydia Leong Definition: Infrastructure as a service (IaaS) is a standardized, highly automated offering in which computing resources owned by a service provider, complemented by storage and networking capabilities, are offered to customers on demand. Resources are scalable and elastic in near real time and metered by use. Self-service interfaces, including an API and a graphical user interface (GUI), are exposed directly to customers. Resources may be single-tenant or multitenant, and are hosted by the service provider or on-premises in a customer's data center. Position and Adoption Speed Justification: Cloud IaaS is a mainstream technology that can be used to host most workloads, including mission-critical enterprise applications. Customers must
Page 69 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
still pay careful attention to selecting an appropriate provider, architecture and security controls, and are responsible for proper governance. The best use of IaaS is transformational, where it can offer significant benefits in business agility, operations quality and cost. IaaS is frequently used to improve developer productivity and agility, and can facilitate continuous integration/continuous deployment (CI/CD), and the use of "infrastructure as code," including immutable infrastructure. IaaS is increasingly used as a general substitute for data center infrastructure, and may drive improved operations, efficiency and cost savings. In this context, it is typically used to host traditional business applications, and may even host complex enterprise applications, such as ERP. Although growth of the market outside of the U.S. has been slower — non-U.S. competitors have been much weaker, with immature and limited offerings, and regulatory and data-sovereignty requirements may require keeping data and processing in-country — global demand is robust. NonU.S. adoption continues to accelerate as the market leaders open data centers in more countries. User Advice: The cloud IaaS provider market has bifurcated. Hyperscale integrated IaaS and PaaS providers dominate the market, and a single vendor (Amazon Web Services) holds a commanding market share lead. The nonhyperscale providers have largely been relegated to specialized scenarios — primarily scenarios that require deep support for legacy technologies, or that have specific location requirements that cannot be met by a hyperscale cloud provider. In general, the hyperscale providers offer a broad range of capabilities, and can meet enterprise requirements for availability, performance, security, regulatory compliance, service and support. The other providers also generally offer high-quality services, though these services are more limited in scope. Businesses can safely adopt these services. The risks are not significantly greater than with other outsourced hosting approaches, assuming the cloud services used match the service levels and security needs of the applications. Most enterprises have begun to adopt IaaS strategically — and have a broad range of workloads on IaaS, including production applications. Public cloud IaaS now represents more than 15% of overall workloads. Midmarket businesses are the most likely to believe that IaaS will replace nearly all of their data center infrastructures during the next five years. Most businesses have at least piloted IaaS, but those that have not done so should begin with new applications. Both public multitenant and private single-tenant offerings are available; however, the distinction between public and private cloud IaaS is blurring. The most cost-effective clouds are highly standardized and use a shared capacity pool. There are hybrid public/private cloud offerings — enabling "cloud bursting" for on-demand capacity and business continuity — however, this technology is likely to remain confined to narrow niches. In most cases, there are no technical barriers, and few contractual or business barriers, to using cloud IaaS for a virtualizable x86-based application. Instead, IT leaders should ask themselves whether cloud IaaS is the best possible solution for an application. In many cases, organizations should consider using both IaaS and PaaS, preferably from a cloud provider that offers integrated IaaS and PaaS, rather than IaaS alone.
Page 70 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Business Impact: Cloud computing infrastructure services are broadly advantageous for IT organizations. The cost benefits, driven primarily by automation, are particularly significant for small and midsize businesses (SMBs). Larger enterprises benefit primarily from greater flexibility and agility, although they can potentially also achieve cost reductions. The benefits of IaaS have been driven primarily by the developer empowerment that comes from self-service, the flexibility offered by on-demand infrastructure, and the quality and efficiency of automation. Over time, system management tasks have become increasingly automated, leading to more-efficient infrastructure management. Organizations that simply "lift and shift" workloads to the cloud will reap limited cost and efficiency benefits, compared with those that use IaaS to drive IT transformation. The metered-by-use attribute of these services will result in more-efficient use of capacity, and their self-service nature will empower employees outside IT operations. This will improve developer productivity and make it easier for business buyers to obtain infrastructure. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Alibaba Cloud; Amazon Web Services; Google (Cloud Platform); IBM; Microsoft (Azure); Oracle; Skytap; Virtustream Recommended Reading: "Technology Insight for Cloud Infrastructure as a Service" "Technology Insight for Integrated IaaS and PaaS"
Cloud Security Assessments Analysis By: Jay Heiser; Khushbu Pratap Definition: The buyers and sellers of public cloud services need standardized ways to assess provider security and continuity. Formal assessments are performed by independent evaluators, that are authorized by an authentication body to use published control standards and process guidelines to evaluate service provider security posture, and publicly share their findings. Position and Adoption Speed Justification: Every globally active Tier 1 cloud service provider (CSP), such as Amazon Web Services (AWS), Box, Dropbox, Google, Microsoft, Salesforce and Workday, has completed several formal third-party security assessments. Approximately half of the growing number of Tier 2 cloud service providers have also undertaken at least one formal security assessment (although rapid growth in the number of midsize CSPs continues to make this a difficult estimation). Customer data from cloud access security broker vendors suggests that half of all SaaS traffic is flowing to assessed vendors.
Page 71 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Formal evaluation is becoming a standard for CSPs that wish to provide services to enterprise customers. Gartner anticipates that within several years, virtually all Tier 1 and 2 CSPs, representing virtually all strategically significant providers, will successfully complete and maintain a cloud security assessment. User Advice: Cloud service buyers that desire useful levels of assurance for cloud service security and reliability for the least cost and effort should use CSPs that have been verified through a standards-based, third-party evaluation. By a significant degree, ISO/IEC 27001 and SOC 2 are the two most widely recognized and available standards-based formal evaluations being used by cloud service providers. Although they are not yet widely applied, Gartner anticipates that a growing number of cloud security assessments will include evaluation of controls from the ISO/IEC 27017 cloud security standard, and the ISO/IEC 27018 cloud privacy standard, which will ensure that the assessment process addresses cloud-specific security concerns. Organizations handling credit card data must use services that have successfully undergone a Payment Card Industry Data Security Standard (PCI DSS) evaluation, and U.S. federal agencies should be using services that have undergone the Federal Risk and Authorization Management Program (FedRAMP) evaluation process. In all cases, higher levels of assurance can be attained by requesting a copy of the detailed findings report from the third-party evaluator and thoroughly reviewing it against the specific needs and risks of your use case. If a formal third-party evaluation is not available from a service provider, then the buying organization should at least ensure in writing that the CSP is meeting a minimum expected set of controls. Ask for a complete response to one of the published cloud risk questionnaires. De facto standard templates available from Shared Assessments, the Cloud Security Alliance and the U.S. FedRAMP program. These are constructed in the form of yes-no questions; however, in critical use cases, much more detailed risk assessment information can be obtained by replacing the binary "Do you?" with "How do you?" This approach cannot provide the level of rigor and assurance typical of a formal third-party evaluation. Most Cloud Application Security Broker (CASB) tools include a Cloud Application Discovery capability that scores the risk relevance of cloud service providers, and several Security Ratings Service vendors also provide scores indicative of estimated CSP security posture. While the full accuracy of these scoring mechanisms remains an open question, they are being used by a growing number of Gartner clients to help determine the security acceptability of CSPs that have not undergone a formal third-party evaluation. Do not automatically assume that all cloud services must meet the same security standards. Tier 3 cloud service providers are typically not being used in strategically important ways, so their lack of formal security assessment is usually acceptable. Business Impact: The impracticality of conducting a resource-intensive manual risk assessment process has historically inhibited the cloud computing market, and it is becoming awkwardly obvious that questionnaires take too much effort to provide too little risk-relevant information. The use of formal cloud risk evaluation is proving increasingly beneficial in reducing the market friction caused by concerns over security and the current lack of transparency, and it serves as a signal to prospects that the provider intends to continue investing in security. Formal security assessments
Page 72 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
allow cloud buyers to concentrate on the functional aspects of the available services, without having to waste time in fruitless exercises to determine whether the CSP is "secure" or not. Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Coalfire; Deloitte; EY; KPMG; PwC; Schellman Recommended Reading: "Inform Your Cloud Service Choice With Provider Maturity" "Market Guide for Organization Security Certification Services" "How to Evaluate Cloud Service Provider Security"
Entering the Plateau IaaS+ Analysis By: Yefim V. Natis; David Mitchell Smith Definition: IaaS+ is a platform deployment model where application infrastructure (platform) software is deployed on an infrastructure as a service (IaaS), including instance IaaS and container IaaS. In contrast to PaaS, here the cloud provider does not take ownership of the layers above IaaS and does not manage the quality of service, versioning and administration of the application platform software. IaaS may be offered with preinstalled, but not managed, application infrastructure, forming the instances of IaaS+ or container IaaS+. Position and Adoption Speed Justification: IaaS+ is often presented as PaaS because it deceptively offers some of the same application infrastructure capabilities (such as application platforms, DBMS or integration). But IaaS+ does not deliver the PaaS experience, cost patterns or productivity. It is not PaaS, though "not PaaS" may be exactly what customers need when full control of the technology stack is the objective, such as for hosting legacy applications in the cloud or seeking assured multicloud portability. IaaS+ can be the preferred choice for the high-control projects that look for access to the underlying technology infrastructure and are equipped for the challenge. It may also be the first-choice option for projects that seek to migrate existing on-premises software to the cloud with minimal disruption, or for those planning for multicloud deployments, especially in the case of independent software vendors (ISVs). As more users have gained experience with both PaaS and IaaS+ models, it has become evident that, for mainstream customers, the increased productivity and consistency of outcomes of PaaS outweighs the added control and familiarity of IaaS+. At the same time, the improving understanding of the reality of IaaS+ allows those that truly need the extra control to begin to
Page 73 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
choose IaaS+ for its true merits. Thus, use of IaaS+ is solidifying in its specialized use cases (assured multicloud, "lift and shift," unique technical requirements). The confusion between the two approaches is mostly in the past. This trend is gradually bringing IaaS+ toward the Plateau of Productivity. User Advice: For application leaders, CIOs, CTOs, IT leaders and planners: ■
Choose IaaS+ when you want to maximize control over your application infrastructure, such as for DBMS, application and integration platforms, and when you are prepared to maintain the required in-house expertise.
■
Choose IaaS+ when retaining on-premises software and skills, or when hybrid and multicloud deployment are high priorities.
■
Choose IaaS+ for development and test of applications intended for production deployment onpremises to reduce the costs and to expedite production delivery of the applications.
■
Choose a container IaaS+ when looking to utilize the agility and efficiency of OS containers and delegate container orchestration and management, while retaining control of the application infrastructure.
■
Choose a PaaS if you are looking for reduced complexity or increased productivity of provisioning, management and administration for IT projects.
■
Plan for applications developed and deployed with the use of IaaS+ to achieve their ROI targets within the next two to three years, enabling you to re-evaluate the choice between IaaS+ and PaaS in the future.
Business Impact: For many organizations, use of IaaS+ serves as the initial step toward PaaS. It is the least disruptive means of initial cloud adoption by established IT organizations. Its limited platform efficiency and productivity are balanced by a greater degree of control over the operating environment and greater portability with the on-premises skills and software (compared with PaaS). Some advanced users take advantage of the extra levels of control in IaaS+ and build advanced solutions, including some new PaaS capabilities. Others use IaaS+ for development and test of applications targeted at on-premises deployments and for migration of existing software offpremises. ISVs and some others use IaaS+ to assure multicloud portability of their applications. Benefit Rating: Moderate Market Penetration: 20% to 50% of target audience Maturity: Early mainstream Sample Vendors: Amazon Web Services; CenturyLink; Google (Cloud Platform); IBM (Cloud); Microsoft (Azure); Oracle (Cloud Platform); Rackspace Recommended Reading: "The Key Trends in PaaS, 2018" "Technology Insight for Integrated IaaS and PaaS"
Page 74 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"Not Just PaaS: Know and Use the Cloud Platform Continuum" "Platform as a Service: Definition, Taxonomy and Vendor Landscape, 2016"
Software as a Service (SaaS) Analysis By: Jay Heiser Definition: SaaS is an application model in which the software is owned, delivered and managed by the provider. It uses a pay-for-use or subscription model, with a consistent version of the application simultaneously offered to multiple customers. SaaS is overwhelmingly delivered through a multitenant public cloud model, although some applications are available as a single-tenant or onpremises version. Position and Adoption Speed Justification: With almost 20 years of steadily increasing significance, SaaS has established itself as the normal delivery model for many application types, including CRM and HCM. Preferring the cash flow benefits of subscription over licensing, almost all application vendors have expressed an intent to make SaaS their primary, and usually exclusive, delivery model. Although a significant minority of enterprise customers still questions the appropriateness of a multi-tenant public cloud delivery model, virtually all organizations are making significant use of SaaS today. However, SaaS has not been established as the norm for all forms of software, including highly strategic applications such as ERP for manufacturing operations. SaaS as a concept should be considered as having reached the Plateau of Productivity, but the transition toward cloud-based application services is still arguably at its midpoint. The utilization of SaaS, and the maturity of many existing offerings, will continue to evolve rapidly for at least another 10 years. User Advice: SaaS should be a first preference when considering new application capabilities, unless there are specific reasons not to such as concern for data residency requirements or complex integration requirements. If you want to help your organization make the most effective use of SaaS, you should use the following practices: ■
Give up on the idea that the IT department will control application choice and usage. IT can no longer be fully in charge of the organization's digital destiny, and instead will increasingly be in the role of internal consultant or broker for applications that are the primary responsibility of the lines of business.
■
Treat SaaS as the first and preferred option for application capabilities, but prepare your organization for changes in business processes as a result.
■
Embrace standard SaaS offerings, even if it means giving up some capabilities.
■
Build a culture of continuous improvement to take advantage of upgrades while minimizing negative impact. Updates of SaaS applications will occur, and you will not have control over them.
■
Develop policies and processes to govern the entire SaaS application life cycle, from approval through operations to obsolescence.
Page 75 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
■
Create a SaaS competency center to centralize and share SaaS-specific knowledge and practices for procurement, negotiation, provisioning, use, support, continuity and customization.
Business Impact: The one-size-fits-all model of SaaS represents a form of discipline that is almost impossible to emulate within an IT department that is inevitably pressured into countless modifications and changes that escalate software costs. SaaS does not require a capital investment in hardware and licenses, which further reduces its initial costs. In subsequent years, however, SaaS may be more expensive than traditional software offerings because the operating expense remains consistent over time. Future demands to customize or integrate SaaS applications are usually more expensive than comparable modifications of traditional software, and may be impossible. SaaS is a perfect choice for organizations that do not have the IT resources to deploy and maintain on-premises software. This is prevalent in small or midsize businesses, as well as in large enterprises with limited capabilities in their IT departments or business units. SaaS enables companies or business departments to get to live-deployment status more quickly, especially when deploying less complex applications. On an ongoing basis, SaaS provides more agility for making changes through self-service interfaces and greater innovation because SaaS providers deliver ongoing enhancements through the service. SaaS is also a great option for organizations to test or experiment with new ideas that may or may not be fully implemented or continued. The downside of SaaS is that usage tends to sprawl, with organizations paying for a larger set of services and seats than are necessary. Unfortunately, the best practices for the control of SaaS, and the associated toolset, remain relatively immature. Benefit Rating: Transformational Market Penetration: More than 50% of target audience Maturity: Early mainstream Sample Vendors: Box; Dropbox; Google; Microsoft Office 365; Oracle; Salesforce; ServiceNow; Slack; Workday Recommended Reading: "How to Plan for Resiliency in the Cloud" "SaaS SLAs: Reduce Risk and Improve Service by Negotiating These Key Terms" "Toolkit: Minimize SaaS Risk and Cost by Efficiently Negotiating Optimal Contract Terms and Conditions" "Market Trends: The Transformative Impact of SaaS on the Software Market" "Developing Your SaaS Governance Framework" "5 Preparation Steps to Optimize SaaS Negotiations" "Toolkit: Agile SaaS Acquisition Using Gartner's Triage Methodology" "Guide to Gartner's Research on SaaS Security"
Page 76 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"Magic Quadrant for Cloud Access Security Brokers" "Competitive Landscape: Software Asset Management Tools"
Appendixes Figure 3. Hype Cycle for Cloud Computing, 2017
Source: Gartner (August 2017)
Page 77 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Hype Cycle Phases, Benefit Ratings and Maturity Levels Table 1. Hype Cycle Phases Phase
Definition
Innovation Trigger
A breakthrough, public demonstration, product launch or other event generates significant press and industry interest.
Peak of Inflated Expectations
During this phase of overenthusiasm and unrealistic projections, a flurry of well-publicized activity by technology leaders results in some successes, but more failures, as the technology is pushed to its limits. The only enterprises making money are conference organizers and magazine publishers.
Trough of Disillusionment
Because the technology does not live up to its overinflated expectations, it rapidly becomes unfashionable. Media interest wanes, except for a few cautionary tales.
Slope of Enlightenment
Focused experimentation and solid hard work by an increasingly diverse range of organizations lead to a true understanding of the technology's applicability, risks and benefits. Commercial off-the-shelf methodologies and tools ease the development process.
Plateau of Productivity
The real-world benefits of the technology are demonstrated and accepted. Tools and methodologies are increasingly stable as they enter their second and third generations. Growing numbers of organizations feel comfortable with the reduced level of risk; the rapid growth phase of adoption begins. Approximately 20% of the technology's target audience has adopted or is adopting the technology as it enters this phase.
Years to Mainstream Adoption
The time required for the technology to reach the Plateau of Productivity.
Source: Gartner (July 2018)
Table 2. Benefit Ratings Benefit Rating
Definition
Transformational
Enables new ways of doing business across industries that will result in major shifts in industry dynamics
High
Enables new ways of performing horizontal or vertical processes that will result in significantly increased revenue or cost savings for an enterprise
Moderate
Provides incremental improvements to established processes that will result in increased revenue or cost savings for an enterprise
Low
Slightly improves processes (for example, improved user experience) that will be difficult to translate into increased revenue or cost savings
Source: Gartner (July 2018)
Page 78 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
Table 3. Maturity Levels Maturity Level
Status
Products/Vendors
Embryonic
■
In labs
■
None
Emerging
■
Commercialization by vendors
■
First generation
■
Pilots and deployments by industry leaders
■
High price
■
Much customization
■
Second generation
■
Less customization
■
Maturing technology capabilities and process understanding
■
Uptake beyond early adopters
■
Proven technology
■
Third generation
■
Vendors, technology and adoption rapidly evolving
■
More out-of-box methodologies
Mature mainstream
■
Robust technology
■
Several dominant vendors
■
Not much evolution in vendors or technology
Legacy
■
Not appropriate for new developments
■
Maintenance revenue focus
■
Cost of migration constrains replacement
■
Rarely used
■
Used/resale market only
Adolescent
Early mainstream
Obsolete
Source: Gartner (July 2018)
Gartner Recommended Reading Some documents may not be available as part of your current Gartner subscription. "Understanding Gartner's Hype Cycles" "Cloud Strategy Cookbook" "Cloud Computing Primer for 2018" "Four Types of Cloud Computing Define a Spectrum of Cloud Value" "Amazon on the Gartner Cloud Spectrum: Leveraging Pure Cloud Leadership" "Predicts 2018: The Cloud Platform Becomes the Expedited Path to Value" "Critical Capabilities for Public Cloud Infrastructure as a Service, Worldwide"
Page 79 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
"Market Definitions and Methodology: Public Cloud Services" "Magic Quadrant for Cloud Infrastructure as a Service, Worldwide"
Page 80 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].
This research note is restricted to the personal use of [email protected].
GARTNER HEADQUARTERS Corporate Headquarters 56 Top Gallant Road Stamford, CT 06902-7700 USA +1 203 964 0096 Regional Headquarters AUSTRALIA BRAZIL JAPAN UNITED KINGDOM
For a complete list of worldwide locations, visit http://www.gartner.com/technology/about.jsp
© 2018 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner's prior written permission. It consists of the opinions of Gartner's research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see "Guiding Principles on Independence and Objectivity."
Page 81 of 81
Gartner, Inc. | G00340420 This research note is restricted to the personal use of [email protected].