Click here to close now.


@CloudExpo Authors: Elizabeth White, Yeshim Deniz, Liz McMillan, Chris Fleck, Jason Bloomberg

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, API Journal, Agile Computing, Apache, Cloud Security

@CloudExpo: Article

Cloudwashing the Cloud Brokerage

Cloud Brokerages are a hot topic - for better or worse.

Since ZapThink wrote our ZapFlash on Cloud Brokerages in April 2011, the Cloud Brokerage marketplace has exploded. Or at the very least, the noise level involving such Brokerages has reached a fever pitch, which the vendors in the space want you to think is the sound of an exploding market anyway. Regardless of your level of cynicism, however, there’s no question that Cloud Brokerages are a hot topic. But as with so many new markets, confusion reigns—in large part because such Brokerages come in so many different flavors. That being said, this market also suffers from rampant Cloudwashing, which refers to vendors (and service providers) who stick the “Cloud” label on existing offerings to take advantage of the Cloud hype. Let’s see if we can separate the steak from the sizzle and delineate how Cloud Brokerages are actually supposed to work.

Gartner: Cloudwashing Facilitator
For better or worse, many people turn to Gartner when they have questions about nascent IT markets. Gartner, however, is a vendor-driven market research firm, rather than a purveyor of vendor-independent best practices. Their research on Cloud Brokerages is a case in point. Gartner defines a Cloud Service Brokerage (CSB) as being composed of three core roles: aggregation, integration, and customization. They point out that the role of Aggregation Broker aligns with the traditional distributor role; the Integration Broker corresponds to the system integrator (SI); and the Customization Broker similarly aligns with the independent software vendor (ISV).

What’s wrong with this picture is that distributors, SIs, and in particular ISVs pay most of Gartner’s bills. So when they conduct their research, they talk to their customers and find out what kinds of CSBs they’re offering. And what do those customers say? I’m a distributor, but now I’m a Cloud Aggregation Broker! I’m an SI, but now I’m a Cloud Integration Broker! And most tellingly: I’m a software vendor, but now I’m a Cloud Customization Broker! It doesn’t really matter if any of these players have something that actually works, or even if it does, it may have little or nothing to do with the Cloud, and there’s no guarantee that any enterprise buyer will actually want what they’re peddling. But hey, it’s an emerging market, so what do you expect?

Contrast Gartner’s list of CSB roles with those from the US Department of Commerce’s National Institute for Standards and Technology (NIST). According to NIST’s Cloud Conceptual Reference Diagram, CSBs have three core capabilities: aggregation, arbitrage, and intermediation. Yes, NIST and Gartner both agree on the importance of aggregation, but that’s where the meeting of minds diverges. NIST calls for arbitrage (support for dynamic pricing in a Cloud services marketplace), but arbitrage isn’t on Gartner’s list. Why not? Perhaps because Gartner didn’t have any Cloud arbitrage vendors to interview when they did their research? Your guess is as good as ours.

As for intermediation, NIST has something quite different in mind from Cloud integration. When a Brokerage intermediates between Cloud customers and Cloud Service Providers (CSPs), the Brokerage provides a range of business-related capabilities, including assurance, consolidated invoicing, and SLA management, independent of whether the Brokerage is also providing integration capabilities between Cloud customers and CSPs. True, CSBs may end up offering integration as well, but more likely as an advanced capability that will become a reality down the road a few years. So why has Gartner included it and not intermediation? Because of the SIs, as well as the B2B integration vendors who have all Cloudwashed their offerings into Cloud Integration Brokerages.

The Two Cloud Brokerage Lifecycles
Instead of taking a vendor-centric perspective on CSBs, let’s think about how people might actually use them. There are two basic types of users for a CSB: the CSP who wishes to make its offering available in the Brokerage, and the Cloud customer who is looking for services from a CSP and is calling upon the CSB to help in some fashion. We expect such customers to be large enterprises who have several departments or divisions who wish to access Cloud services. For such organizations, the Brokerage serves to present a single face to the CSPs while supporting each department’s individual requirements for Cloud services.

To understand the role of the CSB, let’s start with the lifecycle from the CSP’s perspective:

  1. Registration – The CSP must register with the Brokerage in order to begin the enrollment process.

  2. Certification/Assessment – The CSB will assess the candidate CSPs and certify the ones that qualify to join the Brokerage.

  3. Enrollment – The CSP follows the Brokerage’s process for making its services available via the Brokerage.

  4. Negotiation – Once a customer selects the CSP through the Brokerage, the parties must negotiate a business arrangement. The Brokerage may act as an intermediary or simply hand off the negotiation to the two parties.

  5. Provisioning – The Brokerage may assist the CSP in provisioning Cloud resources for the customer.

  6. Management – Management comes in two flavors: business management, where the Brokerage handles invoicing, payments, and other business interactions on behalf of the parties; and technical management, where the Brokerage assists in SLA monitoring and other technical management tasks.

  7. Assurance – The Brokerage may provide auditing and other assurance activities on behalf of customers to insure CSPs are in compliance with required regulations and other policies.

  8. Integration – In some cases the Brokerage may act as an integration hub between CSPs and customers.

  9. Support – The CSP must support the customer, and the CSB may act as an intermediary for such support.

  10. Deprovisioning – If the customer wishes to discontinue a relationship, the Brokerage may assist with deprovisioning. This step may include delivering data to the customer, confirming customer data no longer reside in the Cloud environment, and wrapping up the business relationship. If the relationship between CSP and customer went south, the CSB may even be called upon to provide litigation support.

Now, let’s take a look at the CSB lifecycle from the Cloud customer’s perspective:

  1. Research – The CSB must provide information to potential customers so that they can make informed decisions about Cloud options available to them through the Brokerage.

  2. Qualification – The customer enters its criteria for Cloud services into the Brokerage, and the Brokerage should only show CSPs and individual Cloud services that meet the customer’s requirements.

  3. Assessment – The CSB may assess the customer’s business or technical environment in order to gauge suitability for particular services available through the Brokerage.

  4. Selection – The customer selects services through the Brokerage.

  5. Negotiation – The Brokerage supports the ability for customers and CSPs to negotiate business terms, either by facilitating direct communication or via automated intermediation, which would typically include arbitrage capabilities.

  6. Acceptance – The customer is able to accept the business terms it selects via the Brokerage.

  7. Onboarding – The Brokerage supports the customer’s efforts to provision Cloud resources, either by facilitating direct interactions between customer and CSP or via an automated onboarding capability.

  8. Management – Management appears on both the CSP and customer lifecycles because it always involves managing the relationships between the two (both business and technical).

  9. Assurance – Assurance also involves both customer and CSP. The Brokerage may take a limited or active role. The CSB will interface with the organization’s Information Assurance organization, but the CSB’s involvement doesn’t absolve the CSP or the Cloud customer from performing their due diligence in meeting their respective security and compliance objectives.

  10. Integration – When the Brokerage acts as an integration hub.

  11. Failover – Many customers will use the Brokerage to handle switching from one CSP to another. Such failover may occur as the result of a technical problem (e.g., a denial of service attack brings down the primary CSP) or a business problem (the primary CSP no longer offers the best deal, or in the extreme case, the CSP goes out of business).

  12. Offboarding – The Brokerage may also handle wrapping up business loose ends should the customer cancel its relationship with a CSP.

The ZapThink Take
The point to listing so many steps on the two CSB lifecycles isn’t to propose a final definition of such lifecycles, of course – the market is far too young for that. If anything, they are wish lists for what we might want Cloud Brokerages to do for us, based not on Brokerage-related products and services on the market today, but rather on what people expect Cloud Brokerages to do. But as with any technical capability, what you want it to do depends upon the core business problems you’re looking to solve. In the case of Cloud Brokerages, there remains a rather diverse set of potential business drivers that is leading the marketplace to grow in a complex, messy fashion.

Not only will individual organizations’ requirements for Brokerages differ, ZapThink is also seeing divergence of requirements among industries. In particular, the US Federal Government is very interested in Cloud Brokerages, with Requests for Information from the General Services Administration (GSA) as well as the Defense Information Systems Agency (DISA). In both cases, one of the Government’s key requirements is to support fair competition among CSPs – contrary to private sector customers, who couldn’t care less about such competition, except insofar as it leads to lower prices in the marketplace.

In some ways, the Government is like any other large enterprise. It has hundreds of agencies, each of which may have dozens of individual programs, all clamoring for Cloud services. They are looking to Brokerages to support the ability for such programs to select the best CSP offering for their needs, while providing the best overall value to the Government as a whole. On the other hand, in its role of promoting the general welfare of the people of the US, it is uniquely qualified to foster competition among CSPs and Cloud vendors, leading to better quality and lower prices for everyone.

Image credit: Karen and Brad Emerson

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@CloudExpo Stories
Between the compelling mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a revolutionary model enabled by new technologies. Learn how busine...
Interested in leveraging automation technologies and a cloud architecture to make developers more productive? Learn how PaaS can benefit your organization to help you streamline your application development, allow you to use existing infrastructure and improve operational efficiencies. Begin charting your path to PaaS with OpenShift Enterprise.
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of, and Fred Yatzeck, principal architect leading product development at, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at th...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Data loss happens, even in the cloud. In fact, if your company has adopted a cloud application in the past three years, data loss has probably happened, whether you know it or not. In his session at 17th Cloud Expo, Bryan Forrester, Senior Vice President of Sales at eFolder, will present how common and costly cloud application data loss is and what measures you can take to protect your organization from data loss.
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. Migration to cloud shifts computing resources from your data center, which can yield significant advantages provided that the cloud vendor an offer enterprise-grade quality for your application.
JFrog has announced a powerful technology for managing software packages from development into production. JFrog Artifactory 4 represents disruptive innovation in its groundbreaking ability to help development and DevOps teams deliver increasingly complex solutions on ever-shorter deadlines across multiple platforms JFrog Artifactory 4 establishes a new category – the Universal Artifact Repository – that reflects JFrog's unique commitment to enable faster software releases through the first pla...
IT data is typically silo'd by the various tools in place. Unifying all the log, metric and event data in one analytics platform stops finger pointing and provides the end-to-end correlation. Logs, metrics and custom event data can be joined to tell the holistic story of your software and operations. For example, users can correlate code deploys to system performance to application error codes.
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes ab...
As-a-service models offer huge opportunities, but also complicate security. It may seem that the easiest way to migrate to a new architectural model is to let others, experts in their field, do the work. This has given rise to many as-a-service models throughout the industry and across the entire technology stack, from software to infrastructure. While this has unlocked huge opportunities to accelerate the deployment of new capabilities or increase economic efficiencies within an organization, i...
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet condit...
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete en...
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.