For many enterprises and software vendors alike there are details that must be solved around people, process, and technology when designing your cloud strategy. One popular design that many enterprise companies are trying to achieve is to “cloud burst.” Cloud bursting is when a private cloud service allows or enables the virtual machine to burst to a public ISP (Internet Service Provider) or cloud provider. Typically enterprises will need to do this during times when their business requirements for capacity exceed what they are able to provide.
Software licensing implications of cloud bursting for software vendors
Many large enterprises have questions on the software license implications of bursting to the cloud. It is important that when you create your software licensing policies for the cloud (regardless of whether they are “perpetual” or “per-use” based) that you have a clear position on the following:
- Double dipping: If an enterprise has purchased an “all you can eat” license for a virtual machine and/or the applications that are bursted with that machine, they do not expect to have to pay a service provider license or an additional license to the ISP. The question is who do you charge? Should you charge? Most enterprises will push back if they feel they are being charged twice for the same technology and ultimately adoption may be delayed.
- Corkage fees:Many popular restaurants will allow you to bring your own wine but charge a nominal fee to cork the bottle. Perhaps software vendors could make an arrangement with “preferred” providers that enable a “corkage” fee (based on additional reporting) that enables the enterprise to have not only additional compute for test and development but also support new methods of servicing their workforce such as virtual desktops or universal clients in the Cloud.
- Licensing and tracking: Software vendors may want to request additional tracking of applications (particularly virtual) that are delivered via a third-party provider or bursted on to a third-party provider. Some software vendors are leveraging advancements in software licensing technology to bind the application to the virtual machine(server or desktop). This enables dynamic workload allocation and bursting while providing additional security not only for the software vendor but also the enterprise. Knowing what applications are being bursted, what test scenarios will be required, etc. is important for the software vendors. It is also important for the enterprise to know that the additional tests, support calls, etc. will increase the costs of goods sold for the software.
- Regulated applications: Software vendors need to understand the implications that external cloud computing has on regulated applications (personal information acts, online child protection acts) and provide guidance to implementers (specifically for those in smaller markets) on restrictions or recommendations to ensure compliance.
Implications for the enterprise
Software licensing implications for the enterprise can be significant if cloud bursting is implemented without first understanding all the potential implications that it could have on the overall business. The last thing anyone wants is an end-of-year audit that turns up significant overage or fees for service provider license agreements.
Remember the industry is on the cusp of a paradigm shift. What history has taught us is that none are fail proof and there are bound to be mistakes along the way. Questions that should be figured out:
- Software license and tracking – per user or device? What is best for your business? Meaning many software vendors provide for “per use” licensing, but you must know that at purchase. If you have 12,000 employees that have multiple systems, it may make more sense to pay “per user.” The industry norm is up to three instances per user (don’t assume – check with each software vendor). This really holds true for universal clients (virtual desktops, apps, etc). Understand how they track for non-persistent desktops or deploying a virtual application from a USB Stick to a thin client.
- Off network visibility – Ask the third-party provider what level and types of reporting are available within the third-party network to track access control and general audit requirements before implementing a third-party service. It would be a good idea to develop a checklist with your audit group or make them part of the process to ensure that the company maintains compliance across the various applications, workflows, and networks. Ask the cloud provider how they accommodate for regulations that require data to be hosted in country of origin. Let the provider know that you do not feel comfortable hosting or being dynamically moved to due to government or security restrictions that may impact your business.
- Know options for bursting – Not all platform-as-a-service providers or ISPs are the same. Some require extensive APIs or in some cases rewriting your solution completely for their platform. Understand before you leap the impact that may have on your private cloud solutions already in place or plans for bursting to gain additional capacity.
- Buyer beware – Talk to your software vendors about their policies for cloud bursting and what you are giving up before you implement it as a solution. You don’t want to find out at the end of the year that both the ISP and software vendor are expecting you to pay for the same license usage. Get clear time lines and requirements from them for reporting and restrictions. In the case of software licensing and regulations it is not better to ask for forgiveness or plead ignorance. Be straightforward from the start.
What software licensing implications have you encountered with cloud bursting?
Jeanne Morain is Director of Strategic Alliances for Flexera Software.