Cloud Service Models

Cloud computing delivers IT resources over the internet using three primary service models that define what the provider manages versus what the customer controls
Each model shifts responsibility boundaries - understanding these boundaries is crucial for network engineers designing hybrid infrastructures
Service models follow a stack approach: IaaS provides the foundation, PaaS adds development tools, SaaS delivers complete applications

Provider manages: Physical hardware, virtualization layer, networking infrastructure, storage systems
Customer manages: Operating systems, middleware, runtime environments, applications, data
Most flexible model - gives network engineers full control over virtual network configuration
Examples: Amazon EC2, Microsoft Azure VMs, Google Compute Engine
Use cases: When organizations need custom network topologies, specific OS configurations, or legacy application support
Network considerations: Customer configures VPCs (Virtual Private Clouds), subnets, routing tables, security groups, and VPN connections

Provider manages: Everything in IaaS plus operating systems, middleware, runtime environments
Customer manages: Applications and data only
Development-focused model - abstracts infrastructure complexity while providing development frameworks
Examples: Google App Engine, Microsoft Azure App Service, Heroku
Use cases: Rapid application development, microservices architectures, when teams lack infrastructure expertise
Network considerations: Limited network customization - provider handles load balancing, auto-scaling, and basic security

Provider manages: Complete technology stack from hardware to application
Customer manages: User access, data input, and configuration settings within the application
Consumption model - users access fully-functional applications via web browsers or APIs
Examples: Office 365, Salesforce, Google Workspace, Cisco Webex
Use cases: Standard business applications, when minimal IT overhead is desired
Network considerations: Focus shifts to bandwidth planning, Quality of Service (QoS), and secure internet connectivity

Model	Customer Control	Provider Responsibility	Network Flexibility	Use Case
IaaS	High	Hardware + Virtualization	Full (VPCs, routing, firewalls)	Custom environments, legacy apps
PaaS	Medium	Infrastructure + Platform	Limited (managed load balancing)	Application development
SaaS	Low	Everything except data	Minimal (connectivity only)	Standard business applications

Multi-tenancy: Multiple customers share the same infrastructure while maintaining data isolation
Elasticity: Automatic scaling of resources based on demand (differs from scalability which is manual)
API (Application Programming Interface): Programmatic interface for managing cloud resources
VPC (Virtual Private Cloud): Isolated virtual network environment within public cloud infrastructure
Hybrid Cloud: Combination of on-premises infrastructure with public cloud services

Notes

Service models are not mutually exclusive - organizations typically use multiple models simultaneously (e.g., IaaS for custom apps, SaaS for email)
Network latency becomes critical in cloud architectures - consider proximity of cloud regions to users when designing solutions
Security responsibility follows the service model: IaaS requires more customer security configuration, SaaS shifts most security to provider
Cloud networking often uses SDN (Software-Defined Networking) principles - traditional networking concepts apply but implementation differs
For CCNA context: Focus on how traditional networking concepts (VLANs, routing, NAT) translate to cloud virtual networking
Cost implications: IaaS offers most control but requires most management overhead; SaaS has predictable costs but less customization
Always verify which networking features are available - cloud providers may limit certain protocols or configurations (e.g., broadcast traffic, custom routing protocols)