Trend Cloud Security Blog – Cloud Computing Experts

Will New Net Neutrality Policy Slow Enterprise Cloud Adoption?

Posted by Dave Asprey in Cloud-based Security, Secure Data Centers, Securing the Cloud, Security Dec 21st, 2010 | 7 responses

For the past few years, ISPs and network providers have been clashing with large online media companies like Google, Yahoo, and YouTube over the concept of Net Neutrality.  At issue is the question of whether an ISP should be able to block or slow access to some networks,  some content, or some applications, and whether that ISP should be able to charge more for access or not. Today, ISPs charge only for bandwidth, regardless of how it’s used.

The FCC just announced a compromise that allows ISPs to arbitrarily slow access to some content or to charge more for access to others.

At first blush, it’s not obvious why that is a major threat to cloud computing. But when you consider that the cloud is only as good as your access to it, it becomes something to think about. Add in the fact that telecoms own most major ISPs, have millions of square feet of data center space, and are actively building their own cloud computing offerings.

It’s not a far stretch to imagine your bandwidth provider telling you that if you want to use their cloud offering, access is free, but if you want to use a larger cloud with more features, faster performance, or better pricing, you’ll have to pay a steep toll to access it. Extending the analogy even more, your telecom could even potentially charge you a “Salesforce.com toll” or “Amazon EC2 toll” on your bandwidth.

My friend Ryan Bagnulo, Joyent’s Chief Security Officer, said it best on Twitter, “All packets are not created equally, the free packets are dropped first, welcome to the public cloud.”

Even worse, this gives your ISP license to spy on what your employees do online by opening your network packets to see what’s inside. As former VP of Technology for a vendor in the Deep Packet Inspection space, I’m certain that many ISPs already do this, but it was a questionable practice in some places. Not anymore. And SSL, the default technology for securing web traffic, doesn’t stop some techniques used for this kind of spying.

Now more than ever, it’s time to ensure that enterprises encrypt all public network traffic to the cloud. It’s becoming very apparent that security on the way to the cloud and in the cloud itself will be a major issue for enterprises this year.

  • Joe

    Well that and the fact that corporate espionage/blackmail/identity theft/… will get easier and easier with the newer tools. That will force vendors to offer “default encrypted” or even forced encryption as a marketed feature for customers who could be harmed greatly by spying. Voyeurism techniques can lead to information stealing (and selling) techniques.
    I already use the encrypted Google page to keep my ISP from selling info to telemarketers or such. Yes, they’re doing stuff that creepy.

  • http://cloud.trendmicro.com Dave Asprey

    Your points about telcos are so accurate they make me smile while I feel depressed about broadband access for cloud adoption.

    The way to get large populations to encrypt their network traffic is for the OS and app vendors to do the encryption by default. This only happens when they have an economic interest to do so…which they will have as soon as the telecoms try to decide which apps get into the toll lane or the slow lane.

  • http://blog.ibd.com Robert Berger

    Dave you should know better. Bits are not atoms. IP networks aren’t fixed connections. Costs are in steps. There is no additional cost for bandwidth until you have to do a major upgrade. And even then every time you do an upgrade the cost is about the same as the last upgrade but the thruput is double or more. You don’t need to upgrade the most expensive part of the network (fiber) just the electro optics at the ends.

    The wired / fiber oligopoly has not been having increased costs that relate to the increased prices they have been charging.

    The US telco/cablecos have stopped deploying fiber and stopped most capital expansion of plant. They are not investing but they are reaping monopoly rents. Now they are using their last mile chokepoint control to force their content down our throats and block other routes to real content.

    They require that they get to use the bulk of the last mile capacity for their content and a trickle for Internet. (See Universe, FIOS and CableTV)

    The real answer is the structural separation of Transport from Content. The same entity should not be allowed to control both.

    Last Mile transport is a Common Good that should be managed and payed for as a Common Good. The physical plant’s biggest cost component are “Rights of Way”. These have been stolen by the Carriers from citizens thru corrupt political plays. The bulk of the physical plant buildout was paid for by ratepayers when the telcos were regulated monopolies. The ratepayers should own the plant not the Telcos who again used their political leverage to steal the physical plant from the ratepayers.

    That should be the basis of taking back the physical plant as a common good. The rights of way, fiber , utility poles, conduit etc should be owned and operated by an entity that represents the common good, not Wall Street. Then that physical plant which is generally low tech (mostly men in trucks maintaining conduit, dark fiber, etc) can be financed by long term bonds and payed back by offering the capacity in an open access way to the market. Then there could be strict separation of control of transport from content.

    Market based entities can rent dark capacity then light and offer services on top of that. It would be a true marketplace vs. an oligopoly of a regional telco or cableco.

    We won’t have any issue of net neutrality of artificial scarcity as market forces and technology will route around any such attempt since there would no longer be physical chokiepoints owned by a small number of politically powerful entities.

    • Dave Asprey

      Robert, that’s one of the best-reasoned arguments about bandwidth and economics I’ve seen. The New York Times should reprint it (maybe with that “Dave you should know better part! :) ) Thank you.

      It’s true that the cost of doubling network capacity is a lot less when the fiber is already in the ground, but those devices on the ends are pricey, and telcoms don’t want to invest until they have to.

      It’s in our interests as enterprises or consumers who want to use public clouds to let the telcoms get away with low cost metered access, so those who use a lot of bandwidth and force a faster upgrade cycle pay a little more. The new Net Neutrality regulations don’t even help that.

      If I was @werner at Amazon or @benioff at Salesforce.com, I’d be pouring lobbying dollars out like water, trying to make sure my customers will be able to get to my cloud in a couple years. This could get ugly.

      I stand by my assertion that encrypting your traffic so your ISP can’t see what it is will help to slow the rate at which ISPs spy and charge for application level access.

      • http://blog.ibd.com Robert Berger

        Pure Metered Internet doesn’t make sense unless you are trying to extract monopoly rents. It has no relation to the cost. If we wanted to have a sensible dynamic charging model that mapped to real cost, then we need congestion based pricing.

        Congestion based pricing maps to where the costs collides with TCP/IP. Costs of bandwidth are flat and paid for by the original deployment of Internet Infrastructure. Its the sunk costs. They don’t go up based on usage. Until there is congestion. If there is ongoing congestion, or more likely points of ongoing congestion, that is when there needs to be investment. So if you have dynamic pricing where people get charged to have their packets go ahead when there is congestion, then there could be feedback to improve the infrastructure based on real costs.

        But then you get into the problem of how to implement it (both the technical how, but probably more costly is the practical how of getting it out in the field, educating the market, etc). Hal Varian who is now the Chief Economist of Google wrote some great papers on Internet Congestion Based Pricing in 1994 (http://deepblue.lib.umich.edu/bitstream/2027.42/50464/1/Pricing_the_Internet.pdf)

        In ether case the cost of metering and all the layers of business practices, collection, etc, could exceed the cost of just upgrading the infrastructure.

        Plus as we’ve seen in the history of Monopoly Telecom, if the same entity controls the content and the transport, we get artificial scarcity. See AT&T charging monthly fees for a Princess Telephone or DTMF instead of pulse dial. The later lowered their costs but they charged for it anyway. This is the dream of the Telcos. They want metered pricing, force us to have no choice but to take their content, restrictions (remember Carterphone)

        And there is no guarantee (and lots of historical precedence) that if we did allow the Telcos/Cablecos to force Meter Pricing that they would increase their spending on infrastructure.

        The “Baby Bell”, Southwestern Bell was able to accumulate a cash after divestiture, by increasing rates and not investing anything in infrastructure. They went on to roll up Ameritech, Pacific Bell, Cellular One and AT&T to become the new, meaner, tech free and investment free AT&T that dominates much of the telco sphere now with that mentality.

        All the telcos/cablecos have pretty much stopped investing in roll outs or upgrades of physical plant even though large swaths of the US has Internet access of less than a Megabit or so. They are now just sitting back collecting monopoly rents, giving their management bigger paychecks and bonuses and causing the US to fall further and further behind in the fundamental Common Good of high bandwidth Internet.

        Oh and I agree with you on encryption. But not sure how to get large populations to do that…. Does that mean we should encourage all websites to use https? Have Youtube be encrypted? Make the bittorent protocol default to encrypted?

  • Marc

    That the Internet will become a metered utility is inevitable–and just. Packet prioritization is also proper. The issues are, will these necessities be (ab)used to selectively discriminate against “non-native” content, and to erect artificial barriers to entry? The answer is ‘yes’. Content never wanted to be “free,” it wanted to be “freed,” necessitating a monetization strategy. But the ISPs are primarily interested in unjustly or undeservedly profiting from other people’s content. Some call that piracy.

    • Dave Asprey

      @Marc – You’re right. Metering is not a problem and it is fair. Use more bandwidth, pay more for it, just like water, electricity, or french fries. Even prioritization is ok with me (I was a product manager for a prioritization product!) as long as it’s done on an application type basis, regardless of content or destination.

      This flavor of network neutrality sucks for the reason you expressed – ISPs will abuse it to extract a toll from content they don’t own and didn’t create. Kind of like the RIAA… :)