What is a Private Cloud? — A Tutorial

cloud puzzleMany enterprises are starting their cloud computing journey with a private cloud. But what is a private cloud? Are they real or just “IT as we always knew it” ?

While much of the industry focus surrounding cloud computing has been on the giants in the public cloud space , companies like Amazon Web Services, Microsoft, and Google, for instance, many enterprises are eschewing these options for production workloads and instead building private clouds. But that raises the question, just what is a private cloud? And what distinguishes a private cloud from both public clouds and traditional IT as we practiced it before cloud computing arrived on the scene? Indeed, as recently as 2009, Werner Vogels, CTO of Amazon Web Services, was claiming that a “private cloud is not the cloud.” Is that true? If not, why not?

What is Privacy?

First, we need to understand privacy a bit more. In what sense is a private cloud private? There are a few ways we might be tempted to answer that question:

  1. A cloud might be private in the sense that it exists behind a security perimeter (e.g., firewall) and is only accessible from the public Internet through very carefully controlled means. Here, privacy means, “Not visible to the public Internet.”
  2. A cloud might be private if it runs only workloads from a single organization. Whereas a public cloud might place workloads from different companies in such a manner that they would share infrastructure, a private cloud would eliminate this possibility. In this case, privacy means “not shared outside the organization.”
  3. A cloud might be private if the organization that owns the infrastructure is also the one that owns the workloads running on top of it. In this sense, privacy means “everything is owned by the same organization.”

Previously, in our “What is cloud computing?” post, we looked at the NIST cloud computing definitions. According to NIST, a private cloud is defined by our definition #2. Specifically, NIST says:

Private cloud. The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.

Many people think private clouds are always operated by the enterprise and must reside in the enterprise data center, but that’s not the case. An enterprise, could, for instance, hire a consulting services company (e.g., CloudOps or Mirantis) to build and run a cloud in a service provider colo facility (e.g., Savvis, Switch, or Terremark), using leased or rented computers and storage. Any and every permutation is fair game, as long as the infrastructure is provisioned for the exclusive use of a single enterprise.

Private Cloud Types

The NIST definition for private clouds doesn’t mention anything about the which types of cloud (IaaS, PaaS, or SaaS) are applicable to private clouds. In fact they are all applicable:

  • IaaS — Many enterprises will build an initial public cloud by evolving from a basic server virtualization environment. What’s the difference between these? Fundamentally, it relates to how the cloud is exposed to users. NIST defines five essential characteristics of clouds: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. A virtualization environment will deliver or or two of these (namely resource pooling), but not the others.
  • PaaS — Some enterprises will build standard enterprise PaaS environments, providing more than simple operating system instances on demand. We’ve covered JP Morgan Chase’s efforts at rolling out a private PaaS environment before. Sometimes, enterprises will build this themselves, creating a custom environment with a specific set of components, many of which might support legacy applications and interfaces. Other times, enterprises will rely on external vendors like Apprenda or Cloud Foundry.
  • SaaS — This is a bit of an odd one. Some people have argued that there’s little difference between private PaaS and enterprise IT running software as we always knew it. But SaaS has a distinct billing aspect to it, and private SaaS will differ from old IT running software precisely in that it provides a more accurate accounting system for performing enterprise-wide charge-back or show-back.
  • Others — While all private clouds will fit into one of these three types, there are going to be specializations that might deserve their own names. Some enterprises, for instance, are having great success in running Database-as-a-Service private clouds, often based on clustered, highly available versions of Oracle or other databases.

 Why Build a Private Cloud?

For all of Werner Vogels’ statements against private clouds, almost every large enterprise I have talked to is starting their production cloud journey with a private cloud project instead of public clouds (though, to be clear, many are running PoCs and lab experiments with public clouds). The obvious question is why?

  1. Security risk — Whenever anybody polls enterprises and asks them about reasons for not moving to cloud computing, security is inevitably the #1 answer. Enterprises have a responsibility to customers, employees, and shareholders to ensure that confidential information is not compromised. Public clouds are perceived as an increased security risk. While there is evidence that suggests that public clouds are actually more secure, they do represent a major change in the IT landscape, and it’s prudent for companies to move carefully.
  2. Project risk — Many companies already have an existing server virtualization environment. Given existing capital equipment and software infrastructure, it makes sense to try to reuse that by evolving the virtualization environment into a full-fledged private cloud, reducing project execution risk by eliminating some variables from the equation.
  3. Cost — Early in the cloud era, pundits would claim that public clouds would be cheaper than traditional IT because the large public cloud providers could “buy in volume and operate at scale,” gaining enormous efficiencies over the regular enterprise IT organization. That’s certainly true for small and mid-sized companies that could never afford to build a highly available, tier 4 data center with a state of the art cloud inside. But many larger organizations already have such facilities, buy large quantities of servers and storage already, and have top-notch operations personnel on staff to run everything. Having done the analysis, many large enterprises are saying that they can operate a private cloud for as little or even less than the large public providers like Amazon, particularly for long-running workloads. Leverhawk will be publishing more about private cloud economics in future articles.


Many enterprises are starting their cloud journey with a private cloud, reducing risk and gaining some experience before they use public clouds. Private clouds come in all flavors, IaaS, PaaS, and SaaS. They can be owned and run in your own enterprise data center or located in a 3rd party data center and run by external operations companies. The prime characteristic of a private cloud is that it contains workloads from a single organization.


  1. Good overview, although I’d argue that the litmus test is in the infrastructure architecture, and platform + app devops philosophy.

    Note that Cloudscaling is not a services company, nor a consulting company, although that’s its history. For more than a year, Cloudscaling has been a product company, selling an OpenStack-powered elastic cloud infrastructure called Open Cloud System. Version 2.5 was announced last week, in fact. They sell services in support of that product, but they do not build custom clouds anymore.

    • Dave Roberts says:

      While I agree that the infrastructure architecture and overall usage philosophy can determine the value received from a private cloud, I would disagree that’s part of the litmus test of whether a cloud is in fact a private cloud or not.

      Good point on Cloudscaling. I removed them from the list of consulting services providers. I knew that they had moved on and morphed into a product company, but mentally I’m stuck in 2011. :-)

  2. In my experience over the past 10+ yrs the primary drivers for building a private cloud start with existing investments. No CIO is going to walk into the CEO’s office and tell him “Hey, know that several million we’ve spent over the past few years to build a new data center and refresh our technology? Well, I was wrong. We’re moving to the cloud and you can sell all that stuff”. How do I know? Because I’m quoting a Fortune 25 CIO from 2010 and I’ve heard the same or similar comments from another 20 CIO’s in candid conversations. It’s a tremendous barrier to get over. The winning argument to date has been that cloud isn’t about Capex vs Opex (capital is too cheap), or capital preservation (again, too cheap), it’s about asset management. Once you gain an asset three things happen. First you have to service it which is expensive. Second it attracts other assets in support of it (backup, disaster recovery, high availability, eCommerce, mobility, security, features and functions, integration points, etc.). Third, the asset’s mass results in friction keeping you from progressing it’s capabilities; everything becomes a compromise. While you still own the assets of what you build in a public cloud, you not only free yourself from the underlying hardware asset base, but you also adopt better solutions (web services integration, services, distributed databases, etc.) which keep the assets independent and simplify the adoption of new capabilities. And having helped clients with the challenge in the past, so far I have not seen an internal private cloud (real cloud, not VMWare mass virtualization, but even then there’s no clear cut winner), that has a lower TCO than public cloud.

    • Dave Roberts says:

      Brian, Yes, I think you’re spot-on. There’s a huge temptation to “evolve” the current system to cloud eventually. You’re right that CAPEX is way too cheap right now, with the Fed holding interest rates at near 0%. I think that’s one reason that CIOs are consistently saying that public clouds aren’t cheaper for long-running workloads. They can easily finance the gear for nothing and while Amazon is efficient, it isn’t such a huge gain at the scales of a large F500 enterprise as to make it interesting. Finally, yes, the asset management argument is the right one, coupled with business agility (which really speaks to the “asset mass” point).

      • Jawed Khan says:

        Well I agree with Brian on asset attracting assets in case of on premise datacentres .. what about similar challenges with colud environment- Vendor lockin, cost/price predicability over time, increased Internet reliance and cost – in Middle East Internet is not cheap and not efficient as well- good bandwidth not available or prohibitantly expensive.

        • Dave Roberts says:

          Jawed, you’re making a great point. All technologies attract each other (“CAPEX and OPEX gravity” ?), where spending in one area forces you to spend in another. The upshot is that none of these choices are simple and straightforward; they are all multivariate. As you rightly point out, a reliable, high-bandwidth, inexpensive Internet connection is required for some clouds (particularly public). If that is a constraint, you’ll have to look at other options. That’s one reason that cloud computing took so long to take off, for instance. We’ve known the principles behind cloud computing (resource sharing, etc.) for decades, but it wasn’t until after the Internet boom in the 1990s that we got reliable, high-speed connectivity to a sizable portion of businesses (a commercially interesting portion, might be a better way to put it), at an affordable price point. Once that constraint was lifted, we saw an explosion of cloud companies. For instance, you couldn’t have created Salesforce.com in the mid-1990s. The connectivity wasn’t good enough.

  3. I’m looking for opinions on the hybrid cloud where you try to leverage the best of both worlds (private/public). From my point of view (technical) this model is a sweet spot for minimizing risk, maximizing flexibility and optimizing cost. The notion of extending your private cloud with the public cloud (or vice versa!) seems something worth considering.

    • Dave Roberts says:

      Valery, I’m currently writing another article on hybrid cloud. Look for it here, soon.

Speak Your Mind