By Zac Smith

Like most things related to the Internet, Web hosting has evolved rapidly as a service and become a part of nearly every major business' budget.  From small, corporate Web sites to rich media social networks, each and every online presence requires Web hosting services. 

If you're an IT manager, you've most likely had to contract or solicit Web hosting services or purchase the requisite hardware, software and professional expertise to host in house. With the increased complication of mission-critical Web sites, media-rich content and high availability demands, more and more IT managers are looking to outsource their in-house hosting operation or migrate to a hosting provider more suitable to their existing business requirements. 

Due to the evolution of the marketplace and introduction of new delivery methods, supportable technologies and expected responsibilities, the vendor selection, contract negotiation and areas of concern for the IT manager deserve state-of-the-union overview.

Common Terms and Services

All industries contain specific jargon and the hosting world is no different!  Some common and not so common terms include:

• Hosting: Providing Internet-accessible services, such as email, Web pages, downloads via always-on computing networks.
• Dedicated Hosting: Providing accessible hosting using hardware dedicated for a specific customer installation, e.g. servers, switches, and storage arrays, etc.
• Shared Hosting: Providing hosting services on a shared platform.
• Virtualized Hosting: Utilizing virtualization technologies as an abstraction from the hardware platform to offer a dedicated hosting environment and efficiently allocate resources on a shared platform.
• Bandwidth: Usage of Internet Protocol (IP) Transit to deliver content from the hosting infrastructure to the end-user. Billed in various methods to be discussed later.
• IP Addresses: Public or Private address space following RFC XXXX.
• Load Balancing: Using hardware or software to distribute connections or load processing across multiple hosting platforms for performance and failover capabilities.
• Content Delivery: Specified service for the delivery of content, most often media files such as images, text files, videos, etc.  Often distributed across a network of servers for high-quantity delivery.
• Streaming: Live or “on-demand” download of video or audio files.
• Geographic Failover: Service that provides failover in times of maintenance, data corruption, unavailability, etc of the primary hosting environment to a geographically diverse location.
• Datacenter: Purpose-built facility for maintaining a proper environment for hosting infrastructure, telecom connections and physical resources (cooling, power, humidity, etc).
• Disaster Recovery: Plans and resources related to providing full or partial service in the event of a disaster in the primary hosting environment.
• Firewall: The use of a hardware or software appliance to restrict access to hosting infrastructure based on port, request type, originating IP address, etc.

Changes in Hosting Services; Global Delivery

Web 2.0 services, community-driven content, global access to Internet connections, faster connections, rich media, video, software-as-a-service—these are all buzz words that have, effectively caused massive shifts in not only the mechanics of providing hosting services, but also the economics and underlying business rules, regulations and economies of scale that affect your hosting RFP. 

Content hosted in a single location facility in the United States, might leverage a content delivery network that delivers your bits from dozens of countries worldwide.  “Cloud” based services such as Amazon’s EC2 and S3 offerings are being utilized by the developer community and could be part of your solution set, however these services introduce a new set of questions that IT managers must answer.  Integrated Software-as-a-Service offerings very well may tie the uptime and security of your hosting environment to 3^rd parties.

The rapid introduction of new services look benign, but certainly bring to the table questions that must be addressed both in the RFP, hosting company selection, contract and SLA negotiation and business review processes of the IT manger.

Preparing your Hosting RFP

Describing your hosting needs will always be unique to your situation—the application you run, the OS environment you choose, your operation needs, availability requirements, etc.  As such, the following list of suggestions is meant to be broad and should be treated as questions to ask yourself when preparing any RFP or discussing your needs with a potential vendor.

• Collocation or Hosting Services: Many people confuse collocation as hosting and vice versa.  The primary difference is that in a collocation environment, the client is responsible for providing and supporting the hosting hardware.  In a hosting environment the responsibility for providing and support hardware is the vendor’s responsibility.
• Managed or Unmanaged: Does your organization have the staff or consultants available to manage the complete hosting stack?  If so, unmanaged, raw infrastructure might be your best option. We call this “ping and power”, where a provider is simply giving solid infrastructure (servers, switches, etc), controlled environments and network connectivity.  Managed services on top of your hosting hardware can be as basic as applying OS patches to as complex as managing your application and all of its dependencies. 
• Dedicated or Shared Infrastructure: Decide up front what areas of your deployment you want on dedicated-to-you hardware.  Make sure to specify to any provider where you would be interested in shared platforms that could benefit you on the cost and management side.
• Regulatory Requirements: Is your organization subject to any regulatory requirements, such as PCI-DSS (Payment Card Industry Data Security Standards), HIPAA or SAS70?  If so, your host or collocation provider will need to be deeply involved in any compliance efforts.  Many providers are not physically able to service certain compliance efforts and shared infrastructure can bring many questions into the discussion.
• Specific OS or Applications: Specify what operating system, application-support software, databases, etc., you will be operating in your hosting environment.  Not all hosts support or even offer all options. 

Vendor Selection and Capabilities

Once you have a complete set of objectives for your hosting environment, you can develop a list of vendors from which you can solicit price quotes, opinions and proposals. Excellent resources for hosting providers are available online and through common research agencies. Some suggestions include:

• WebHostingTalk.com: Expect to find a lively discussion and wide variance in priorities, opinions and social chatter on this popular forum.
• Blogs: Many blogs cover the hosting and datacenter world including Data Center Knowledge.
• Research Reports: There are a few small but highly respected research firms that sell detailed industry information.  The leading example is Tier 1 Research. Most larger research firms also have reports on hosting providers (Yankee Group, etc).
• Self Search: Find the host of businesses you respect or share similar needs.  You can generally do this by performing a trace route on a domain or looking up the WHOIS records of its IP Address.

Prepare a solid overview of your objectives and schedule a time to speak with a sales engineer from each company from whom you will be soliciting a quote.  Although you may wish to compare “apples to apples,” most companies offer sufficiently different hardware, network options, and add-on services that you’re going to need to speak with each one to fully understand how your objectives work within their set of services and the value of what you’re being offered in a final proposal.

Once you do receive a proposal, you need to pay special attention to the following points:

• Price: You’ll need to compare relative pricing between providers.  Variances in billing methods for things like bandwidth (95 percent billing, GB transferred, capped port, etc), differences in hardware, service levels, etc., can all dramatically affect the price of a solution. Pay attention to the details.
• Company Size: As with all service-based companies, you’ll be looking for a balance of size that fits your requirements. Smaller companies may offer personalized service, but stretch to support you in a 24/7/365 manner. On the other hand, large operations might be too processed or limit the scope of your interaction with any dedicated personnel.
• Location: Where would your deployment be located? More than one location?  Does proximity matter to you or your users?
• MSA: A common way to define the contract and business processes in the hosting world is through the use of a “Master Services Agreement.” This will contain the majority of the legal verbiage and should also detail things like payment processes, termination, length of the contract, rights, warranties, etc.  Read these carefully and contract a lawyer familiar with Internet law or (even better!) hosting contracts, to assist you.
• SLA: The “Service Level Agreement(s)” will tie financial penalties to your provider.  Some SLAs have “teeth” with real penalties and some are simply marketing documents that result in very little to you as a customer.  Although it’s often the case that money can’t make up for downtime, it can align your interests with those of your provider, so that there are financial incentives to invest in their services to prevent outages, downtime, etc that could leave them liable for SLA credits.
• Regulatory Experience: If you’re subject to specific regulatory requirements, ask for any necessary documents or sample case studies in advance.  Make sure that your chosen provider can actually deliver on their part of any regulatory review, requirement or business process.  Don’t hesitate to ask for reference with similar requirements that your provider has assisted.
• Company Culture: Although not something you can see written down on paper, attempt to gauge the company culture of where you’ll be hosted. Do they seem to enjoy working with their customers or loathe it? Give the technical support number a call and see what happens. It can’t hurt to know the technical side (where you’ll spend most of your time as a client!) before signing any contracts.
• Breadth of Services: Does the vendor provide or partner with others to provide services beyond what you’re contracting for?  As you grow or things change within your hosting environment, a complete set of services could help you save money, time and headache.
• Contract Terms: The hosting industry offers everything from daily to multi-year contracts.  When you negotiate on the length of a contract, keep in mind that pricing is a two-way street. Providers have been known to raise short-term contract pricing after customers have gotten “settled.” As migrating hosting infrastructure is a complex process, make sure that you find the right balance between future-proofing yourself and ensuring stable and consistent pricing.

Wrap Up Points

Contracting hosting services can be as complex as your requirements or as simple as an online sign up form. Think about what you need and then work to educate yourself on vendors before approaching them.  The large number of online hosting forums, blogs and review Web sites will give you a large (and somewhat entertaining) set of data to sift through for any providers that seem to fit your requirements. Then, talk to the sales engineers at those companies and explain clearly your objectives and how a hosting company’s service offerings relate back to your needs, budget and business processes.  

Happy hunting!

Zac Smith is president of Voxel dot Net.