March 24, 2017
In a hurry? You can click here to jump to the conclusion or solution.
Software and services of many corporations and organizations have moved into the cloud. We have been able to see this trend everywhere and it's still a progressive one. But what is the cloud? Can client-server software that was designed for corporate networks move to the cloud successfully? Most Blackbaud software such as The Raiser's Edge is client-server software. The primary or server-based component installs on a SQL database server. The secondary or client-based component installs on a workstation of each of the end users. It is an approach that works well in corporate networks. However, the typical corporate network is changing as more and more services move to the cloud. For any client-server software to work in the cloud, it must be deployed in such a way that the software continues to work the same way as it would on the corporate network. After all, there's no way the software can know it's in the cloud. Therefore, not any cloud hosting will do.
Only cloud hosting solutions specifically designed to work with Blackbaud software or client-server software in general are an option. This white paper will examine three different approaches for hosting Blackbaud software in the cloud by three different vendors. Vendors presented:
You'll understand the differences in each provider's services and the unique type of cloud-based environments each offers. Questions explored:
What exactly is the cloud?
Why should an organization consider hosting in the cloud?
How do the cloud service offerings of each of these vendors compare?
What key aspects should one consider for hosting Blackbaud software in the cloud?
First, let's take a step back and learn about the nebulous concept of the cloud.
VIRTUAL TECHNOLOGY SEEDS THE CLOUDThe launch of cloud computing has been brought on by server virtualization. Before server virtualization, operating systems such as Microsoft Windows were installed directly on the "bare metal" hardware of a server. Any time you wanted a new server, you had to purchase new hardware. If the server hardware failed, the server went down and had to be rebuilt or restored on new hardware. Virtualization software introduces a new layer, called the hypervisor, that sits between the hardware or host machine and the server operating system or guest machine. With it, multiple guest machines run simultaneously on a single host machine. The hypervisor handles all the details of splitting up the host machine's resources. And it fools the operating system drivers of the guest machine into thinking it's communicating directly with hardware. This was just the beginning. Hypervisor technology evolved to further abstract the hardware layer. Clusters of host machines now act as a single pool of resources to run dozens or even hundreds of guest machines. Guest machines can be migrated without disruption and while running from one host machine to another. This process can be automated so that guest machines are migrated automatically between host machines according to the load or capacity at any point in time. Server hardware has always been a commodity. With virtualization technology, those hardware commodity resources are aggregated and delivered as if they were one big server. We now no longer think about—or really care—which particular individual physical server our application is running on. Free from the physical, we just know it's running out there, somewhere in a cloud of server resources. Thus, the cloud era was born.
Public vs. PrivateJust as we have many types of clouds in the real sky such as cirrus, cumulonimbus and stratus, there are different varieties of cloud computing.
Public cloudsCloud computing started out with public cloud vendors like Amazon selling virtual server resources and storage on a self-provisioned, metered basis. It's called public because it's open to everyone for any purpose. Public cloud vendors are much like utility companies, simply charging on a metered basis for resources used. Public clouds are vast, with thousands of servers across multiple regions of the country or the world. The public cloud vendor doesn't know and doesn't care what you are running in their cloud. Public clouds are typically unmanaged, meaning it's up to you to provision and deploy everything. This takes a certain amount of expertise specific to the platform of the public cloud to understand how it all works and how to get it to work for you.
Private cloudsThere are also private clouds. Any organization that deploys virtualization technology and delivers a cloud-like service offering technically has a private cloud. Private clouds are much smaller than public clouds. They also differ from public clouds in that they are only offered to a specific niche for a particular purpose. Private clouds are typically managed meaning the provisioning and maintenance of the guest machines and the software are handled by the vendor. The most common deployments of private clouds are corporate IT departments. They deliver cloud-like services to internal departments and corporate users. Hosting service providers can also have a private cloud to deliver a specific service. For example, Beyond Nines can be thought of as a private cloud service providing hosting for nonprofits who use Blackbaud software.
Hybrid cloudsFinally, there are hybrid clouds. These are private clouds that have some public cloud component added in for redundancy or flexibility. For example, a private cloud that uses Amazon S3 storage for backups or media files would be considered a hybrid cloud.
More Types of CloudsFurther divisions among clouds exist beyond public vs. private. There are also three primary types of cloud-based computing environments:
IaaS: Infrastructure as a Service
PaaS: Platform as a Service
SaaS: Software as a Service
Let's review the three environments with examples of how hosting The Raiser's Edge would be managed in each environment.
IaaSIaaS refers to the most basic cloud where an infrastructure of computing resources is presented as a service to users. IaaS cloud vendors provide all the underlying resources, including servers, storage and network connectivity. The users are responsible for configuring and maintaining the operating system and any software applications such as The Raiser's Edge. Amazon EC2 is an unmanaged IaaS public cloud. It's based on the open source Xen hypervisor. To host The Raiser's Edge with Amazon EC2, you would
have the know-how to configure and use Amazon EC2.
purchase virtual servers with Microsoft Windows and/or Microsoft SQL Server pre-loaded.
have the know-how to install, configure and maintain The Raiser's Edge.
pay on a month-to-month basis for the amount of time the server is running.
PaaSPaaS is the next type of cloud. PaaS is the same as IaaS with the addition of the configuration and maintenance of the platform required for the applications software such as the operating system, databases, web servers and any other supporting components. Beyond Nines is a managed PaaS private cloud. Beyond Nines uses the market-leading virtualization platform VMware VSphere and is a VSPP (VMware Solutions Provider Partner). To host Blackbaud software with Beyond Nines, the appropriate sized servers would be determined for you based upon the products you are using and the number of users you are licensed for. Beyond Nines would then install, configure and maintain everything—including the Blackbaud software—for you. And because Beyond Nines is a PaaS cloud, options exist to add other third-party software such as
Advanced Budget Management
PaperSave and more.
Beyond Nines is a PaaS service that specializes in hosting of Blackbaud software. This provides the flexibility of a PaaS cloud but with the specialization in and management of all Blackbaud and third-party applications for you. It's hosting without the headache.
SaaSSaaS is the final type of cloud. SaaS provides everything including the application software. You don't have to install or configure anything. You just simply use the software! The disadvantage of a SaaS cloud is that it doesn't have the flexibility of the other cloud options. You can't install and add your own software. What you see is what you get. Blackbaud OnDemand is a managed SaaS private cloud. Blackbaud OnDemand is delivered using Citrix. To host The Raiser's Edge with Blackbaud OnDemand, you work with Blackbaud to determine the number of users who need access. Blackbaud then installs, configures and maintains everything—including the The Raiser's Edge—for you. However, there are only a few third-party software applications included with Blackbaud OnDemand. You don't have the option to add software not already offered as part of the managed cloud.
REASONS FOR HOSTINGNow that you have a background on cloud computing and the types of clouds you might use to host Blackbaud software, let's examine the reasons you would want to move your Blackbaud software to the cloud.
InfrastructureThe cloud provides a superior physical infrastructure. Very few organizations can invest in the physical resources required to build their own private cloud. So the questions then become
Is what you have now good enough?
Are you willing to take the risk that your data are adequately protected by a single physical server in the backroom?
And if that server is on its last leg, does it make sense to buy another one or instead to move to the cloud?
There's also the matter of backups and recovery. Are backups kept on a different server than the server being backed up?
When was the last time you tested your backups?
Remote accessWith more and more people working at flexible times and locations, workers need remote access to be productive. Remote access can be tricky if you are self-hosted. Corporate or organizational policy may not allow it. Or there may be complex technology hoops such as VPN tunnels to jump through and that don't provide the full level of capabilities needed. An ideal solution would be one that works equally well from the office as it does from remote locations. Also, keep in mind that a fast and reliable Internet connection is mandatory in order for remote access to be practical.
Personnel expertiseOf all the reasons, this is perhaps the most important. Installing, configuring and maintaining Blackbaud software take a fair amount of expertise. Most IT departments already are overwhelmed by the amount of work they have. The more Blackbaud software your organization invests in, the more complex maintaining all of it becomes. The last thing your IT staff wants to do is spend the time to learn the nuances of Blackbaud software. Often the result is that the Blackbaud software ends up poorly maintained and end users become frustrated.
CONSIDERATIONS WHEN MOVING TO THE CLOUDNow that you understand the differences between the types of clouds and in particular the types of clouds offered by the vendors covered in this white paper, you can better evaluate them. If you have decided to investigate moving to the cloud for your Blackbaud software, you'll need some criteria to compare and contrast vendors against. We will examine eight different considerations you should evaluate.
Consideration #1: Cost and TermFirst, let's look at cost. Cost can vary depending upon the complexity required for hosting your Blackbaud software. There are also one-time costs such as software licensing and professional services for data migration or setup of the servers. Let's start with a look at a simple instance of a hosting The Raiser's Edge for 10 users. Typical server requirements would include a SQL server, a terminal server and a domain controller.
Amazon EC2Hosting costs ($796/month): Amazon provides a calculator you can use to estimate your costs: http://calculator.s3.amazonaws.com/calc5.html. SQL server (Medium instance - 3.5 GB memory and 2 vCPU): $544/month. Terminal server (Medium instance - 3.5GB memory and 2 vCPU): $168/month. Domain controller (Small instance - 1.7GB memory and 1 vCPU: $84/month. One-time costs: Amazon includes a license for both Windows Server and SQL Server standard edition. Should you decide to use Remote Desktop for remote access, you'll need to purchase and install the CALs (Client Access Licenses) for that. Since Amazon is not a managed service, you will need to hire someone and pay them to install, configure, migrate and maintain everything. This cost could be substantial. Term: Amazon EC2 is on a month-to-month basis. Discounts are available for paying a year or three years in advance.
Beyond NinesHosting Costs. ($500/month) Beyond Nines flat-rate pricing is based upon the number of licensed users. For 10 users of The Raiser's Edge, following configuration is provided:
SQL server (4GB memory and 8 vCPU)
Terminal server (3GB memory and 6 vCPU)
Domain controller (1GB memory and 2 vCPU)
Also note that Beyond Nines provides more CPU compute resources than EC2 for the same amount of memory. This is important for CPU intensive applications such as SQL Server. In the example here, you get 8 vCPU instead of just 2 vCPU with Amazon.
One-time costsBeyond Nines does not include software licenses so you would need to purchase your own Micosoft software licenses for Windows Server, SQL Server and RDP CALs. Nonprofit organizations may procure licenses through TechSoup or CDW at a substantial discount so this cost is typically nominal. Beyond Nines does all the configuration, installation, migration and end- user training free of charge.
TermBeyond Nines is on a month-to-month or annual basis. Those organizations that pay a year in advance get a discount equivalent to two months of free hosting.
Blackbaud OnDemandHosting costs (unknown) Blackbaud doesn't publish pricing. The costs will be in the same ballpark as Amazon EC2 and Beyond Nines for small configurations. Larger configurations will likely be more and—in some cases much more—depending upon the complexity involved.
One-time costsBlackbaud OnDemand includes all the necessary Windows software licenses. However, Blackbaud typically does charge additional professional-service fees related to setup and migration.
TermBlackbaud OnDemand is a three-year term for most customers.
Consideration #2: Ease of UseAmazon EC2 Deployment.
Just getting a server running on Amazon EC2 takes a considerable amount of expertise in their platform. There are many a la carte options and variations in their service offering. Deciding exactly what to get and how to provision and configure it all can be very complex and time-consuming. File transfer. Windows Remote Desktop allows file system redirection so a local drive may be mapped to the remote server. While logged into your EC2 instance through Remote Desktop, you can open Windows Explorer and drag-and-drop files.
Beyond Nines Deployment
Beyond Nines installs and configures everything for you. File transfer: As with EC2, Windows Remote Desktop allows file system redirection so a local drive may be mapped to the remote server. While logged into Beyond Nines through Remote Desktop, you can open Windows Explorer and drag-and-drop files.
Blackbaud OnDemand Deployment
Blackbaud installs and configures everything for you. File transfer: Unlike EC2 and Beyond Nines, Blackbaud OnDemand doesn't permit file copy over a Citrix session. They offer a separate FTP area where files are uploaded or downloaded. So one must go outside the Citrix session, transfer the files via FTP, then return to the Citrix session and get the files from the FTP.
Consideration #3: SecurityAmazon EC2: EC2 hosting is the most risky because security with Amazon EC2 is entirely is up to you. Additional security components—such as software firewalls—are available at an extra cost. If PCI compliance is important to you (it should be), you should plan on additional costs for configuring, documenting and validating the security of the EC2 instances. Most in-house IT professionals won't have the security experience and expertise to lock down servers hosted in a public cloud.
Beyond Nines manages all aspects for security for you. Each client is placed on an isolated subnet and VLAN and on a dedicated firewall interface with their own firewall access rules. Custom firewall configuration including opening special firewall ports, restricting access by IP address and site-to-site VPN are available. Beyond Nines is PCI compliant and the datacenter is SOC2 audited. Network and application level scans by Qualys independently validate compliance.
Blackbaud OnDemand: Blackbaud manages all aspects for security for you. Clients are placed on a shared network and no custom firewall configuration is available. Blackbaud OnDemand is PCI compliant and the datacenter is SOC2 audited.
Consideration #4: FlexibilityAmazon EC2: Resources: Amazon EC2 offers different sized instances such as small, medium, large and very large. Each comes with a fixed amount of RAM, vCPU and storage. It's not possible to configure something in- between—say a medium and a large. So if you need more than a medium but not quite enough for a large, you're stuck getting the large. You are able to change instance types on the fly with a simple reboot being the only thing that is required to add additional resources. Third-party software: You can install any software including Blackbaud software, custom plugins and third-party software.
Resources: Beyond Nines offers a guaranteed amount of server resources needed to do the job. Each client's servers are first configured with a set amount of resources based upon their expected usage. However, should it be required, more resources will be added to the client server instances at no additional charge. This way users are assured that system performance is truly elastic and if needed, will grow to meet the required demand over time. Third-party software: Beyond Nines can install any third-party software or custom plugins for you.
Blackbaud OnDemand: Resources: With Blackbaud OnDemand, you're not paying for resources; you're paying to use the service. It's not possible to pay extra to get a faster instance with more resources. What you see is what you get. Third-party software: Additional custom plugins or third-party software cannot be added. You only get what already comes with the service.
Consideration #5: Backup and RestoreAmazon EC2: SQL backup: You are responsible for configuration and maintenace of SQL databases. File-by-file: You are responsible for adding, configuring and maintaining backup software.
Server image backup: You can take server snapshots. There is no management interface for automating this, but it's possible to use third-party software or scripting tools to setup automated server snapshots. Beyond Nines: SQL backup: Beyond Nines configures SQL database backups for you. Typically this involves weekly full database backups and hourly transaction log backups. If needed, the database can be restored to within one-hour increments. File-by-file: Beyond Nines uses backups software from Veeam to backup all files on a daily basis and retain them for 14 days. Files that are accidentally deleted can be restored by opening a ticket with support. Server image backup: Each client server is backed up on a daily basis and retained for 14 days. In case of a major problem with the server such as a misconfiguration or failed update, the entire server image can be restored.
Blackbaud OnDemand: SQL backup: Blackbaud configures SQL database backups for you. Typically this involves weekly full database backups and transaction log backups every 15 minutes. If needed, the database can be restored to within 15-minute increments. File-by-file: Blackbaud backs up all files on a daily basis. Files that are accidentally deleted can be restored by opening a ticket with support. Server image backup: Since clients are within a shared hosting environment, there is no concept of a server image backup for a single client. Clients who wish to migration off Blackbaud OnDemand can request a SQL database backup and any individual files.
Consideration #6: Disaster RecoveryAmazon EC2: EC2 hosting has the infrastructure to support Disaster Recovery. However, the details of the configuration necessary to do so would be fairly complex. If Disaster Recovery is important to you (it should be), you should plan on additional costs for configuring, documenting and validating a Disaster Recovery plan. Most in-house IT professionals won't have the experience and expertise to implement Disaster Recovery in a public cloud.
Beyond Nines: Beyond Nines manages all aspects for Disaster Recovery for you. Beyond Nines has datacenters in Seattle and Dallas with Disaster Recovery failover between the two. Beyond Nines uses Veeam Backup and Replication to backup all virtual machines daily to a local deduplication storage appliance from Exagrid. The Exagrid appliance replicates these backup data to a second Exagrid appliance at the other datacenter location. Both environments are configured to run all virtual machines for all clients, if required. Beyond Nines' Disaster Recovery plan includes quarterly testing to ensure it remains valid and no items are overlooked. Beyond Nines Disaster Recovery provides a 24-hour RPO (Recovery Point Objective or maximum data loss) or and 24-hour RTO (Recovery Time Objective or maximum downtime).
Blackbaud OnDemand: Blackbaud does have multiple datacenters around the country and Blackbaud OnDemand includes Disaster Recovery in their marketing literature. However, Blackbaud doesn't publish its Disaster Recovery Plan and its RPO and RTO are unknown.
Consideration #7: Transparency and MonitoringAmazon EC2: System monitoring: EC2 provides a feature called CloudWatch that provides detailed system monitoring of your EC2 instances such as CPU usage, memory utilization and network usage. SQL server monitoring: Software for application monitoring of SQL server would need to be procured, installed and configured separately. External monitoring: Software for external monitoring would need to be procured and configured separately.
Beyond Nines: System monitoring: Beyond Nines uses PRTG from Paessler to provide system monitoring such as CPU usage, memory utilization and network usage at no additional charge. Each client is provided with a web application login where this information can be viewed and reported against. SQL server monitoring: Beyond Nines also users PRTG to provide SQL application monitoring such as locks per second, batch requests per second and cache hit ratio. These data are also available using the same web application login. External monitoring: Beyond Nines uses Pingdom for independent monitoring of uptime of client services. Clients can receive uptime reports directly from Pingdom on a daily, weekly and/or monthly basis. If the service guarantee offered by Beyond Nines is not verified by Pingdom, a credit is due the client.
Blackbaud OnDemand: System monitoring: Blackbaud OnDemand doesn't provide system monitoring capabilities available to clients. SQL server monitoring: Blackbaud OnDemand doesn't provide SQL application monitoring capability available to clients. External monitoring: Blackbaud OnDemand doesn't provide external monitoring service capabilities available to clients. They do send emails to users when there is a problem with the service.
Consideration #8: SupportAmazon EC2: Updates: With EC2, you're on your own. You'll to need to plan to find someone with the expertise to maintain and update all aspects of EC2 as well as configure and maintain the operating system, SQL server and Blackbaud software.
Blackbaud software support: Clients can call or email Blackbaud for support related to Blackbaud software.
Beyond Nines: Updates: Beyond Nines manages all updates to the operating system, SQL Server and the Blackbaud software for you. Beyond Nines will coordinate changes with you ahead of time and make sure updates and patches are installed according to your needs.
Blackbaud software support: Clients can call or email Blackbaud for support related to Blackbaud software and call or email Beyond Nines for support related to the hosting environment. If you're not sure if your issue is specific to Beyond Nines or with Blackbaud software, call Beyond Nines and they will contact Blackbaud on your behalf, if needed, to resolve the matter.
Blackbaud OnDemand: Updates: Blackbaud manages all updates to the operating system, SQL server and the Blackbaud software for you. Blackbaud will notify you ahead of time when the updates will occur, but does not coordinate scheduling of updates with clients. Updates are mandatory. Blackbaud software support: Clients can call or email Blackbaud for support related to Blackbaud software or the OnDemand hosting environment.
SummaryEC2 is a viable option if you have considerable in-house expertise in EC2 and Blackbaud. You would need to plan for having ongoing resources devoted to maintaining the hosting instances. Beyond Nines provides everything you need to host your Blackbaud services in the cloud and at a price that is considerably less or at least on par with the other services. Since Beyond Nines manages all the installation and updates, so you don't need to have a dedicated resource for that. Additionally, Beyond Nines offers a high level of security, includes disaster recovery and additional features including detailed monitoring are also included at no additional charge. Blackbaud OnDemand is an option if you want to stick with a single vendor, don't have a need for flexibility and transparency, or don't mind paying a higher price and signing for a longer term. If you or a member of your team has questions about how to better support, maintain or host your Blackbaud software and data, please contact Beyond Nines. We'll be happy to answer any questions regarding the content of this white paper as well as discuss your organization's specific situation and challenges. We really are rooted in your success! Beyond Nines is an independent provider of hosting and professional services specializing in Blackbaud products. Beyond Nines is neither supported nor endorsed by Blackbaud, Inc. Keep in mind that every sytem has its advantages and disadvantages. It really depends on your specific requirements what system is the most suitable to your company. That's why it's a good idea to have extensive communication with our sales department first before deciding on what system to use.
ConclusionCloud web hosting can be found almost everywhere but, and this sounds unbelievable, there are exceptions to this rule. Some hosting providers are behind and, for one reason or another, their system is not in the Cloud. Our web hosting provider Linux Hosts Inc, was one of the first companies that moved its system to the Cloud which has been benefiting its customers since 2003. Results are among others much lower pricing, more security, very fast loading web sites, 99.99 percent uptime and much faster/better technical support. It's for these reasons that we would like to invite you to click the banner at the top of this page. Last but not least we would like to emphasize that the information in this whitepaper is not waterproof because Cloud Hosting and the Internet are constantly changing. If you need more information, you can also watch the video below about Cloud Computing. Thanks for reading!
Best regards from Dick Detering.