...can withstand two simultaneous datacentre failures. Then it figured out what it needed to do was build a cloud to run Amazon.com. Then it realised: "Oh gosh, we can sell this too."
Citrix focuses its enterprise efforts on its free Xen hypervisor and OpenStack. Photo credit: Coolcaesar/Wikimedia Commons
That was to its advantage, but also to its disadvantage because [Amazon developers] were not familiar with the virtualisation needs of the enterprise — there's no concept of virtualisation fault tolerance.
It offers geographic diversity, enormous connectivity and, therefore, it is a bastion of defence against attacks; it doesn't give a blink when Anonymous throws a 10Gbps denial-of-service attack.
What about Google's efforts with Google App Engine (GAE)?
Amazon's advantage there is it started with the nuts and bolts — which is compute, network and storage — so it can build sticky services and emerge with a platform that's very sticky. With RDS [Relational Database Service], for a single API call, you get a gigabyte database with a 15-day rollback and huge granularity, and all you pay for is storage. That is hugely sticky.
[AWS is] building infrastructure components that are lower level than the PaaS [platform-as-a-service] level, which are incredibly rich and very, very sticky. Therefore it's winning the hearts and minds of people who want to build big web apps.
GAE does not have a fundamentally compelling reason to go and do it — it's just a place to run a service.
What would consolidation mean for the cloud sector?
You wonder whether there will be consolidation as more telecoms pick up enterprise-focused infrastructure-as-a-service plays.
If you talk about enterprise customers adopting cloud, their concern is security, security, security, by a long shot. If you look at the emerging cloud players, the biggest challenge [is] their ability to secure the customer's workload. Where a start-up cloud might struggle to provide sufficient proof that its offerings were secure, a large carrier might have more heft with that process.
AWS is building infrastructure components that are incredibly rich and very, very sticky. It's winning the hearts and minds of people who want to build big web apps.
What about security?
Security is one of the areas where virtualisation is going to have a profound effect. VMware is now a security vendor. All of these VMs [virtual machines] and such are on the same server, [so] the right place to implement security is on the server.
The first step has been to get the security vendors to re-vector their offerings to be infrastructure specific and not end-point specific. Running security per VM does not scale well, so that's important. [It's] now going to market — certainly McAfee and Trend Micro are in the market.
Step two is very interesting, [given] we have not seen a credible hypervisor-specific offering in security. For Xen, we have been working with McAfee and others, and within the year you will find the Xen hypervisor providing security to the VMs hosted on it.
We are moving away from finding the bad guys — the blacklisting approach is basically failing. [Instead, we will check] that the code that is running has not changed since it was signed.
Granular whitelisting down to the object level and the page level within the hypervisor is certainly something the hypervisor will assist with, and that is something you will see in the coming year.
It seems to me that enterprises will demand that their storage is encrypted at all times in the cloud, and that it is encrypted and decrypted on the fly, and that the keys are held by the enterprise.
We're moving down that path, it's absolutely correct to say that security-as-a-component of infrastructure is a big change coming.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.