Procuring Cloud Services: Lessons from the

Internet2 NET+ Program
Jerry Grochow (Internet2) • Jill Schunk (Indiana University) • Jack Suess (UMBC)

What is Internet2 NET+ all about?

Founded
In 1996 by research universities to take selfresponsibility for providing a data
networking environment that would not
otherwise exist, or exist as and when the
community of scholars needed it

Mission
Accelerating
Research &
Education
through
Innovation

Develop and deploy advanced network
applications and technologies,
accelerating the creation of tomorrow’s
Internet

Today’s Community


R&E member institutions, affiliates,
agencies, etc..
Rich and complex regional network
community
Global NREN community

Today’s Goals


Enable new generation of applications
Re-create leading edge R&E network
capability
Transfer technology and experience
to the global production Internet

3

Services
…community members acting for the
community…
to define a new generation of valueadded services
4

What is






Services all about?

Defining a new generation of value-added services by
working with existing cloud service providers
Leveraging the Internet2 R&E Network and InCommon
Developing solutions that meet performance, usability,
and security requirements
Providing a single point of contracting and provisioning
Leveraging community scale for better pricing and terms
Providing a strategic partnership with service providers
Driving down the costs of provisioning and consuming
cloud services

5

Cloud Computing: NIST
Framework

Cloud Carrier
* http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

Arbitrage
Arbitrage

Aggregation
Aggregation

Intermediation
Intermediation

Cloud
Auditor

Service
Layer
Control
Layer
Resource
Layer

Broker

Privacy
Privacy

Tuned to
community
needs and
validated by
the
community

Service
Orchestratio
n
Service

Security
Security

Cloud
Consum
er

NET+
Servic
es
Cloud Portfoli
Broker o

Cloud Provider
Cloud
Cloud Service
Service
Management
Management

The entire
connected
Internet2
Community

Includes both
commercial and
community
providers

Users of the
Internet2 R&E
Network and partner
networks are the
Internet2
Community

6

GET INVOLVED
IN THE

Sponsored by
Community
Members

NET+ SERVICE LIFECYCLE

Designed by
participating
campuses,
providers and
Internet2

Subscription by
Community
Members,
Regional and
Global partners

All delivered at global scale, tailored to R&E needs,
and
benefitting all participating institutions
7

What are the issues in procuring cloud
services?
- Jill Schunk, CPM, AssocVP, Procurement Services,
Indiana University

- Jack Suess, CIO, University of Maryland – Baltimore
County

Challenges of Procuring Cloud Services
Business Process: Current NET+ process does not align with
historical purchasing process (e.g. RFPs)
Risk Management: “Click-through” agreements present
challenges to university purchasing and procurement policy
Price and Terms Variability: services subject to unexpected
increases; utilization discounts vary dramatically
Pilots and Trials: in some states, using a free trial of a service
excludes that service from competitive consideration
And others…

Challenges of Contracting for Cloud Services
State Requirements: Many state laws require public posting and
competitive process for all major acquisitions
Standard T&Cs: university purchasing and procurement policy
typically have terms that don’t maximize cloud value, or take
account of cloud issues (e.g. data security, termination clauses, …)
Compliance: with FERPA, HIPAA, ITAR, others…
Price and Terms Negotiation: similar campuses receive
dramatically different pricing and terms
Confidentiality: vendor wants to keep things “secret” so do you
don’t know what terms other schools are getting
And others…

Community Cloud Cultural Challenges
Every [campus/network/country] thinks it can do better than
the others—but we can’t succeed by going it alone
Service provider sales effort is usually “divide and conquer”
Service providers need their own executive sponsorship to
make the changes necessary
Schools still feel a need to customize legal agreements to
focus on individual school or state requirements and priorities
Procurement policies and laws vary considerably and are
based on pre-cloud concepts
Cloud security/privacy still evolving—but we can’t afford to
wait for perfection

Key Ways NET+ Contracting Can
Support Procurement
Community based due diligence
Improves risk management by vetting service
providers, standard and beneficial contract terms
Ensures fair treatment in the market (no hidden
clauses for “other” universities)
Reduces costs of administration
Leverages purchasing power of the entire
community
Provides competitive options as the number of
providers in each portfolio services category
increases
12

AUDIENCE DISCUSSION: What are
the ways that procurement can be
accomplished?

What are the various approaches to
procuring cloud services?

Procurement Approaches Used by Internet2 NET+
Schools
School-based selection process leading to NET+ Service
Provider (may involve an RFP responded to by SP)
“NET+ First” based on completeness of Service Validation
process and benefit of Internet2 membership
Sole source based on special features, contract terms, pricing
approach and pricing of NET+ offering
School-based RFP process with requirements based on
Service Validation process
Other (e.g. Internet2 NET+ as an “excluded entity”)

Proposed Procurement Approaches
Member benefit (NET+ Services at no additional cost to
Internet2 members)
Sole source based on special features, contract terms, pricing
approach and pricing of NET+ offering
Representative school-based RFP process (only one
responded to by NET+SP) with disclosure of all information
State-specific representative school-based RFP process (only
some states responded to by NET+SP) with disclosure of all
information and acceptance of other state RFP process
School-based RFP process (NET+SP may or may not respond)

Pros and Cons
Type of
Procurement

Pros and Cons

Member Benefit: No overhead, no additional cost
Sole Source: Some overhead, no additional cost

Representative RFP: Long time frame, more overhead
State-specific representative RFP: Even more overhead, only some NET+
services
Most overhead, fewer NET+ services
School-based RFP:

Initial effort but then fast, no further
School-based exemption or other
overhead
process:

FINAL THOUGHTS:
- What issues are you facing in
procuring cloud services?
- How are you approaching them?
- How can NET+ help?
For more information:
netplus@internet2.edu

Help Us Improve and Grow
Thank you for participating
in today’s session.
We’re very interested in your feedback. Please take
a minute to fill out the session evaluation found within
the conference mobile app, or the online agenda.

Procuring Cloud Services: Lessons from the
Internet2 NET+ Program
Jerry Grochow (Internet2) • Jill Schunk (Indiana University) • Jack Suess (UMBC)

ADDITIONAL INFORMATION ON
Internet2 NET+

What is Internet2 NET+ Services
all about?

A partnership to provide a portfolio of
solutions for Internet2 members and other
higher ed organizations that are costeffective, easy to access, simple to
administer, and tailored to the unique, shared
needs of the community.

22

Internet2 NET+ Cloud Services by
the numbers
Over
$200,000,000

In estimated operating
benefit for Research and
Education across
institutions adopting NET+
services to date

300+
Member
300+
institutions

Member
participating in
institutions
building business
participating in
models, ensuring
building business
federated
models, ensuring
access, security,
federated
accessibility,
access, security,
performance &
accessibility,
delivery
performance &
delivery

3,500+

Research and Education
Institutions across the
US that can utilize most
NET+ cloud services

50
Services
50
proposed for

Services
validation by
proposed for
Internet2
validation by
member
Internet2
campuses for
member
inclusion in
campuses for
generally
inclusion in
available
generally
Internet2 NET+
available
portfolio
Internet2 NET+
portfolio

23

How Internet2 NET+ Providers are
Selected:
ALWAYS Sponsored by Internet2
Member Campus

Can the services scale at least nationally?

Can it be delivered over global R&E
networks?

Will the provider adopt R&E federated
identity standards?

Will the provider develop a business
model that scales globally and serves
significant portion of community?

Will the provider support common,
community contracting terms and
conditions (negotiate once, use many
times)?

And commit to community’s Security,
Privacy, Compliance, and Accessibility
needs?
Will the provider work with community to
meet unique R&E needs today and into

24

Explore

Research
Incubator

Less than
50 reach
Service
Validation

Service
Validation

Evaluation

Timeline variable 30–360+ days

Develop

The Internet2 NET+ Lifecycle

Internet2 NET+ Service
Validation (SV)
Assessment of the service for inclusion in the catalogue,
applying a consistent process, and determining how best to
make it available at scale to the entire higher education
community:
• SV Group is led by the Sponsoring institution and
Internet2 and Includes:

Service Provider

Sponsoring University and 5-7 University
Participants

SV participants represent

The Community

Apply a consistent process to assess the service
for inclusion in the catalogue

Determine how to make it available at scale to the
entire R&E community
26

NET+ Service Validation
Components
• Business
Functional Assessment
o Legal: customized
Review features and functionality
agreement using NET+
Tune service for research and education community
community contract
Technical Integration
templates
Network: determine optimal connection andooptimize
service
Business
modelto
use the Internet2 R&E network
o Define pricing and value
Identity: InCommon integration
proposition

Security and Compliance

Deployment

Security assessment: Cloud Controls Matrix o Documentation
FERPA, HIPAA, privacy, data handling
o Use cases
Accessibility
o Support model

27

Service Validation Team: ~60 FTE
Network Engineers CISO or Security SMEs

Identity Architects

Accessibility SMEs

Procurement SMEs

Functional SMEs

Legal SMEs

Program Manager

Apply
communitydeveloped
NET+
standards

Greater
than 90
reach
General
Availability

Timeline variable 45–180 days

Deploy

Develop

The Internet2 NET+ Lifecycle

NET+ Contracting: Additional
Benefits

Influences industry to develop services more useful to
the Research and Education community
Encourages competition among service providers on
direct value of services
Encourages collaboration within the community
Provides an opportunity for each member of the
community to contribute to expansion of service
offerings
Encourages a strategic relationship between the
community and service providers
Provides a basis for long-term collaboration on R&D

30

NET+ Procurement Analysis Worksheet
Provides key contractual information in less than 10 pages
Highlights the differences between Service Provider “standard
educational” (non-NET+ offering) to NET+ offering
All dimensions of Service Validation (about 40 items)
For your use in assessing the Service Validation

31