Gartner Blog Network

Yes, Cloud Offerings Can Have an On-Premises Element

by Neil MacDonald  |  May 25, 2012  |  4 Comments

One of the common misconceptions that I run into is that a public cloud services provider can’t have an on-premises element to their offering and that having this footprint somehow “breaks” the cloud model.

The root of this misconception lies in equating cloud to a location. Cloud is a computing style, not a location.

There are already cloud-based services providers that use an on-premises element to their architecture. For example, Qualys provides security as a service (vulnerability management) using an on-premises physical or virtual appliance to launch the local scanning from. Using the on-premises appliance, significant amounts of bandwidth are preserved as well as providing network connectivity into an organization’s internal networks to perform its scanning services.

So, how is this Cloud? Remember cloud is a computing style. The key is how the appliance is managed by the cloud provider and, more importantly, not managed by the enterprise consuming the service. The on-premises element is just a “black box” to the enterprise. In most cases, they shouldn’t have to pay for or provision the appliance footprint, even if it is a physical piece of hardware. The appliance is just a part of the overall service delivery. Further, the enterprise shouldn’t have to install software on it or perform updates. Essentially, it should be a “lights out” footprint — everything should be handled by the cloud services provider.

Why would an on-premises footprint be important? Multiple reasons:

  • To provide network connectivity (e.g. VPN) into protected locations in the enterprise’s internal network, systems and information
  • To reduce bandwidth consumption for scanning related services (vulnerability management, dynamic application security testing, etc)
  • To improve performance and reduce bandwidth requirements through intelligent caching, compression and other bandwidth optimization techniques
  • To keep large datasets local for local processing and analysis – again primarily to save bandwidth costs
  • To keep sensitive data local
  • To keep regulated data local (e.g. geolocation requirements)

The latter two are becoming increasingly important as more critical business information, systems and processes move to the cloud. I’m sure there are more requirements that you could add to the list.  The takeaway is to expect more cloud-services providers to offer on-premises extensions of their architectures to address specific usage requirements.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: cloud  cloud-security  

Tags: cloud-security  virtual-appliances  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Thoughts on Yes, Cloud Offerings Can Have an On-Premises Element

  1. Matt says:

    Another example is Trend Micro’s SecureCloud where data in the public cloud (e.g. AWS) is encrypted and the keys are stored either on-premise or with a third-party but not with the cloud provider.

  2. Neil MacDonald says:

    @Matt, good point and one to add to the list ( a subset of one of the existing list – ie “keep sensitive data local”)

    “* To keep encryption keys used in the cloud local ”

    This has the benefit of keeping the keys out of direct control of cloud administrators


  3. Andre Christ says:

    Interesting thoughts on the further development of cloud computing. I just don’t see how it is practicable for software providers. Offering cloud services combined with an on premise approach will increase the effort for software providers severely without generating direct revenue. Particularly I’m interested how providers will be able to maintain on premise appliances. If I think about how company networks and data centers are secured, it won’t be that simple to let a bunch of providers onto your premise (security, audit, governance etc.). What do you think?

  4. Neil MacDonald says:

    @Andre –

    True if you think of physical appliances, but 90% of what I am describing will be in the form of virtual appliances – just software that plugs into a VMM. See this


Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.