Pricing Login
Interactive demos

Click through interactive platform demos now.

Live demo, real expert

Schedule a platform demo with a Sumo Logic expert.

Start free trial
Back to blog results

March 29, 2016 By Ramin Sayar

Built for the Cloud or Hosted in the Cloud – So What’s the Difference?

Have you heard of the term, “cloud washing”? It is defined as the purposeful, and sometimes deceptive, attempt by a vendor to rebrand an old product or service by slapping the buzzword “cloud” on it. Unfortunately, this practice is quite prevalent in the industry, which confuses and frustrates customers, and is picking up coverage in the media. Case-in-point: Last month, Salesforce CEO Marc Benioff called out the deceptive practice in an interview with Mad Money host Jim Cramer.

The machine analytics space is no exception in that some vendors cloud wash their products. Therefore, before making any cloud-based purchase, we encourage you to understand the difference between services that are built for the cloud — truly cloud-native— versus products that are simply hosted in the cloud (e.g., managed service).

Based on our ~ 6 years of experience in developing cloud-native platforms and applications, and based on what our more than one thousand unique paying customers are telling us, we’ve decided to simplify the confusion by providing a table of the key features and explanations.

Equal Value for all Customers, Regardless of How Much You Pay

The benefits of machine data analytics running on a multi-tenant system — that is, a system designed to equally support all customers regardless of contract or company size, are remarkable. First, a problem incurred by one customer leads to a quick resolution that benefits everyone who uses the system. Cloud-native providers are especially motivated to address issues as soon as possible to increase the platform’s value for all users, preventing problems from recurring for other customers. In essence, you get enterprise-class support even if you are a small or-medium sized business (SMB).

Second, a multi-tenant system can handle load fluctuations seamlessly by dynamically scaling resources for any single customer because resources are shared across all customers. In fact, the sharing of these resources is an inherent advantage for a couple of reasons. A native cloud-based SaaS vendor can more easily predict load needs from aggregate searches, anomaly detection, and alerts across all system users because the responsibility of managing the platform belongs to the provider, not the customer. Also, excess capacity is always available because not all customers are simultaneously at full capacity, and only a small percentage will have incidents at the exact same time. When you really need it, 10, 20, or even 100 times capacity can be available.


Technology change is the new norm as organizations develop, test, deploy, and update applications at faster and faster rates. Similarly, cloud-built machine data analytics solutions are also designed with speed and rapid deployment in mind. This means for one constant price, you get quicker access to new capabilities and realize faster time-to-value. In addition, with self-service and rapid provisioning of users, data, and applications through automated onboarding wizards, customers can easily expand usage to other users, groups and organizations. And, customers can choose what features they want or don’t want to use, and provide instant feedback to help improve the service at no additional costs.

Elasticity and Bursting

The data volume and rate of change in your environment combined with the demand for troubleshooting and analysis can cause traffic spikes and usage fluctuations that could bring your machine data analytics to a halt. Anticipating this issue, cloud-native vendors create platform architectures with dedicated, separate tiers for each log management function (e.g. ingest, index, search, alert, etc.) that scale independent of each other. This multi-tiered architecture approach distributes data processing and ensures reliable system performance because you can execute multiple tasks regardless of data bursts.

Some hosted managed service vendors may claim 10x bursting, but it comes with a price. With a license-based payment model, customers will experience lockout if their data exceeds the license’s predesignated number of bursts. If your business is experiencing greater activity than expected, being locked out from your data is the last thing you need, negatively impacting the business. Moreover, if a hosted managed vendor relies on one server or one component to do double duty – like indexing and serving data—the system can grind to a halt if you attempt to run a search while ingesting log data. This limitation of the hosted managed services can seriously hamper the service for customers, let alone their revenue goals. Even worse, some vendors intentionally deceive customers with lower price and under provisioned infrastructure and “search heads.” Once performance and user complaints occur, they require additional expenses and time to resolve. Don’t be cloud-washed. Ask how often you will be allowed to go over your license limit.


A good litmus test when evaluating cloud vendors is how seriously they take security. Is security an after thought, bolted-on, or is security enabled from the get go, as services are spun up? Do vendors live vicariously through the security attestations of their infrastructure providers, like AWS and Azure, or have they committed the resources – both in time and money – to pursue their own certifications. In Amazon’s shared security model, AWS is responsible for the infrastructure, while organizations are responsible for the security of everything else that runs on top of that infrastructure- the applications, the workloads and the data. These additional certifications are required!

At Sumo Logic, we protect customer data with security measures such AES 256-bit encryption for data at rest and TLS for encryption of data in motion. We also hold “must-have” attestations such as PCI DSS 3.1 Service Provider Level 1, ISO 27001, SOC 2 Type 2, CSA Star, HIPAA, FIPS-140, and the EU-US Privacy Shield.

Organizations are making different decisions based on the trust level they have with their service provider, and we take this very seriously investing millions to achieve and maintain on an ongoing basis, these competitive differentiators.

Too many people try to pass on as “good enough” the certifications their IAAS-provider has achieved. Don’t be fooled into comfort by these surrogate attestations.

We are starting to see regulations mandate – like PCI DSS – that organizations include a written agreement that their service providers are responsible for the security of cardholder data the service providers possess or otherwise store, process or transmit on behalf of the customer. Choosing a vendor, if not done wisely, could put your compliance and sensitive data at risk. Make sure that the cloud solutions provider you choose takes security and compliance as seriously, and possibly more serious, that you do.

Pay as You Go

Your volume of machine data and your needs will change and evolve over time. Unlike true cloud-native elastic SaaS, hosted machine data analytics solutions set log limits and, as mentioned previously, will lock searching when you exceed usage. The only way to restore service is to call support, which is time consuming and stops your organization from getting back to business as usual. For example, what if you deploy a new Web application which crashes and you turn-on debugging mode which increases your log volume? How will you quickly troubleshoot if your machine data analytics service is locked and you have to call support and waste time on the phone? Native cloud solutions’ metering and billing model eliminates the need to overbuy or overprovision capacity— just simply pay as you go for what you need. No service disruptions. Your machine data will always be stored; your machine data searching functionality will always work. It’s simple, scalable and always available.

In Summary

It is obvious that there are significant differences exist between “built for the cloud” and “hosted in the cloud.” Simply put, multi-tenant, cloud-native services are superior to single-tenant, cloud-hosted services. As such, we hope this blog was informative and helps accelerate your understanding on the subject. To learn more, and receive a checklist of questions to use when considering cloud vendors, we invite you to review the IDC whitepaper, Why Choose Multi-Tenant Cloud-Native Services for Machine Data Analytics.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.


Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Ramin Sayar

Ramin Sayar

President & CEO

As CEO, Ramin brings 20 years of industry experience as a strategic and operating leader of both small and large organizations, and has a strong track record of developing innovative products in both emerging and mature markets. Ramin joined Sumo Logic from VMware where he formulated the strategy for and built the industry’s leading private cloud management products. The Cloud Management Business Unit became the fastest growing business within VMware, with nearly $1 billion in revenue during his nearly five-year tenure. Previously, Ramin held executive roles at leading enterprises, including Vice President of Products and Strategy at HP Software, Senior Director of Products at Mercury Software, Director of Products and Solutions at TIBCO, Product Line Marketing Manager at iPlanet Software, and Product Line Marketing Manager at Netscape. He also serves on the technology and executive boards of various startup companies. Ramin holds an MBA from San Jose State University and B.A. from the University of California, Santa Barbara.

More posts by Ramin Sayar.