Home > Store

Application Service Providers (ASPs): A Manager's Guide

Register your product to gain access to bonus material or receive a coupon.

Application Service Providers (ASPs): A Manager's Guide


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2002
  • Dimensions: 7-3/8" x 9-1/4"
  • Pages: 336
  • Edition: 1st
  • Book
  • ISBN-10: 0-201-72659-9
  • ISBN-13: 978-0-201-72659-6

The benefits of working with Application Service Providers (ASPs) can be compelling -- faster rollouts, lower costs, less time spent on implementation and maintenance, and a greater opportunity to focus on your organization's core competencies. Unfortunately, the risks of ASP relationships are far from insignificant. In this book, the President of ASPWatch shows IT managers exactly how to navigate the risks, and use ASPs for maximum competitive advantage. John Harney presents a complete roadmap for any IT decision-maker considering outsourcing to ASPs. He offers expert guidance for answering questions like: What costs are involved? How secure and viable is your ASP? How do you choose the right ASP? You'll learn practical criteria for identifying possible ASP partners; choosing amongst ostensibly similar ASPs; evaluating services, performance, and ROI; and negotiating service level agreements that meet your business requirements. For everyone considering or using Application Service Providers, including IT executives and managers, line-of-business managers, Web and e-business professionals, and consultants.

Sample Content

Online Sample Chapter

ASP Customer Service and Technical Support

Downloadable Sample Chapter

Click below for Sample Chapter related to this title:

Table of Contents



1. The Tangled Roots of the ASP Phenomenon.

New Technology.

New Network.

New Implementation Model.

New Network Outsourcing Model.

New Competition.

New Mergers and Acquisitions.

New Alliances.

New Value Proposition.

New Industry.

Key Concepts.

2. The ASP Coalition-No Single Vendor Can Do It All.

The ASP Hardware.

The Hardware Platform Components.

The Key Characteristics of ASP Hardware.

Types of ASP Hardware Providers.

The ASP Network.

The Network Platform Components.

The Key Characteristics of an ASP Network.

Types of ASP Network Providers.

The ASP Software.

The ASP Software Components.

The Key Characteristics of ASP Software.

Types of ASP Software Providers.

ASP Market and Application Expertise.

Infrastructure Service Providers.

ASP-Enabling Software Platforms.

Value-Added Services.

Key Concepts.

3. The ASP Hardware Platform.

Hardware Components.

Hardware Provisioning.

Server Clustering.

Load Balancing.

Web Server Caching.

Characteristics of ASP Servers.

Key Concepts.

4. The Data Center.


Data Backup.

Natural Disasters.


Updating and Testing Disaster Recovery Plans.

ASP Partner and Alternate Site Backup.

Environmental Control.

Key Concepts.

5. The ASP Network.

The ASP Network-An Overview.

Access-ASP to Broadband WAN.

The Broadband WAN.

Frame Relay.


ATM and Frame Relay Interworking.


Access-Broadband WAN to Customer.

The Local Loop-ISDN, xDSL, and Cable Modems.



Key Concepts.

6. Varieties of ASP.

Pure-Play ASPs.



Service Bureau ASPs.



Related Service Providers.

Key Concepts.

7. Security Issues for ASPs.

Determining Your Security Risks.

Types of Security Risk.

Security Techniques.



Access Control.



Audit and Accounting.

Security Equipment.



Proxy Servers.

Customer Requirements and ASP Strategy.

Appropriate Security.

Prioritizing Security Threats.

Security Tiers.

Security Policies.

Different Rules for Different Users.

Types of Confidentiality.

Security Audits.

Physical Security.

Key Concepts.

8. ASP Service-Level Agreements.

The Network SLA.

Network Availability.

Network Throughput.

Network Redundancy.

Network Equipment.

Network Scalability.

Network Peering Arrangements.

Network Delay.

Network Service-Level Corroboration.

Network Reporting.

Network Provisioning.

Network Support.

Planned Network Outages.

Unplanned Network Outages.

The Application SLA.

Application Availability.

Application Performance.

Application Redundancy.

Application Platform.

Application Scalability.

Application Security.

Customer Application Administration.

Application Monitoring.

Application Service-Level Corroboration.

Application Reporting.

Application Provisioning.

Application Support.

Planned Application Outages.

Unplanned Application Outages.

General Practices.

Key Concepts.

9. ASP Pricing Models.

The Major Types of Pricing Models.

Other Fees.

Real-World Examples of ASP Pricing Models.

Key Concepts.

10. ASP Customer Service and Technical Support.

Up-Front Customer Service.

Hosted Application Implementation.

Client Preparation.


User Policies.

Data Conversion.

Testing and Quality Assurance.


Going Live.

Routine Maintenance and Upgrades.

Technical Support.

Monitoring and Reporting.

Call Centers.

Billing and Mediation.

General Expectations.

Key Concepts.

11. Enabling Technologies for ASPs.

Virtual Private Networks.

Different Types of VPNs.

Value-Added Characteristics of Different Providers' VPNs.

Networked Storage.

Storage Area Networks.

SANs' Value Proposition.

Network Attached Storage.


Why Lease Networked Storage from an ASP?

Enterprise Portal Interfaces.




Key Concepts.

12. The ASP Channel.

The Double Channel.

SI ASP Strategies.

Hardware Vendor ASP Strategies.

ISV ASP Strategies.

Rebranding and the Value-Added Channel.

ASP Channel Winners and Losers.

Key Concepts.

13. What's Ahead for ASPs?

The Data Center of the Future.

Wide Area Storage.

The Coming Value-Added Internet.

The Microsoft Factor.

Tribal Commerce within ASP Conglomerate Communities.

Winning and Losing ASP Strategies.

The Human Factor.

Key Concepts.

Appendix A: Guide to Location of ASP Case Studies in Different Chapters.

Appendix B: xSPs (ASP-Enabling Companies).

Appendix C: Selected ASPs in Major Vertical Markets.

Appendix D: Selected ASPs Offering Major Types of Hosted Applications.

Appendix E: Defining Your Low-Level ASP Requirements.

Appendix F: ASP Organizations and Publications.



Index. 0201726599T10242001


I first heard about Application Service Providers (ASP) about three years ago from Marty Gruhn at Summit Strategies. I think I was doing an article on e-business, and she suggested I look into the value proposition of what she called Internet Application Hosting. She was hot on IAH—one of the few people who really were—and thought they would dramatically change the face of corporate computing. I followed her advice, and found ASPs so compelling that I started researching and writing compulsively about any ASP-related operations. Then ASPs and ASP-wannabes started seeing my articles and, of all things, began calling me for advice. This was a wonderful thing because I actually got to visit some data centers and talk shop with the people in the trenches.

When I was an editor of several computing magazines, software companies would bring their new programs to the magazine offices and demo them for me. That was a great part of the job because we would often actually brainstorm problems they were having like pricing strategies, the right target customer, competition and so on. With ASP hosted applications, I could actually access the application right over my Internet connection—the techies just needed to give me a user ID. Later I could go out to the data center and see the "backend" of the operation—data center, network, security, storage and so on. Very impressive—like going to the Air and Space Museum at the Smithsonian.

At the time there were only about 50 ASPs out there, the press had not become obsessed with covering the phenomenon and there were no formal organizations whatever devoted to ASPs. Indeed, many ASPs were glad for any kind of validation, guidance and marketing exposure.

By my own informal estimate, there are now between 1000 and 1500 ASP-related businesses (called xSPs in the argot of the industry) out there, and it seems several new ones turn up every week. By any measure, the overnight explosion of the ASP industry is unprecedented. But what is unusual about it is that the numerical proliferation of ASPs is also complemented by their prolific diversification. ASPs already serve most vertical markets like finance, manufacturing and health care with most major enterprise applications like e-commerce, ERP and CRM, sales automation and collaboration. They also offer a full spectrum of IT platforms and networks. Usually a new technology approach penetrates one or two vertical markets and, once established, then migrates to other markets that are most similar to those already conquered. ASPs, like other generically horizontal "consumer-oriented" technologies such as PCs and mobile phones, is inherently more democratic.

ASPs’ more democratic approach—the diversity of market focus and freedom of opportunity in the industry—might be its greatest strength. As yet, there is no 800-pound gorilla that can scoop up any promising new ASP and incorporate its winning tools and methods into its competitive arsenal. The industry is still pretty wide open—a good idea executed well can go far. But that democratic approach might also be the industry’s greatest weakness—anyone with an idea and some money can launch an ASP. The upside of such a situation is that it fosters a boom in all manner of providers. So customer organizations of all sizes in different markets can now take advantage of a truly virtual computing paradigm that cuts their costs and risks and lets them exploit powerful applications that many could not afford as installed solutions. The downside is that, because anyone can play in this game, some amateurs stumble into the fray, try to get rich quick, fail and disappoint their customers.

Because ASPs received the unavoidable hype attendant on such accelerated growth, some entrepreneurs looking for quick profits launched ASPs with business plans that proved—or will prove untenable. By my own informal count, maybe 10 to 20 ASPs have gone under for various reasons like poor business plans, dried-up funding, a bad economy and increased competition. In the wake of 2000’s dotcom flameouts on NASDAQ, any new virtual e-business plan is receiving exasperatingly close scrutiny by venture capitalists. The same goes for new e-business ventures looking for stockholders at IPO time. And computing analysts and press tend, sometimes, to focus on the dramatic disaster—because it makes for a good story— than the relatively unexciting success—even though it makes for happy customers. The result is that the same media overexposure and vendor hype that unrealistically inflated customer and investor expectations for ASPs may now have unrealistically deflated them.

I have followed IT segments like imaging/workflow, document management, knowledge management, wireless Internet access, videoconferencing, PDAs, ATM and others where the major players have not shown a profit for five years or more and whose stock performance has been dismal. But, when the market caught up with them, they could hardly handle all the business coming their way.

I cannot emphasize this enough—such is the nature of a new IT market. Experts have documented that markets go through phases as they mature—they are born, proliferate, consolidate and stratify into leaders and laggards. The ASP market is not even three years old —it has not even finished the proliferation phase. It will inevitably consolidate and stratify into established major players and many other niche ones. In the meantime, do the math—of 1000 to 1500 existing ASPs, under 20 have had problems. In my view, that’s an incredible success rate. Indeed, compared to the average recent success rate of small businesses in the U.S.—about half fail—it’s phenomenal.

Keep your eye on the long-term perspective. Gartner Group estimates that worldwide revenues of ASPs will be $25.3 billion in 2004. Meanwhile, IDC predicts worldwide revenues for the xSP market (ASPs, MSPs, MsecPs, etc.) will quadruple from $106 billion in 2000 to more than $460 billion in 2005.

The mainstreaming of virtual computing is inevitable. As the ASP industry matures, market caps will boom, major players will buy smaller niche players, financially unstable players will go out of business or get acquired, and the industry will settle into the approximate form it will maintain for many years after. In the meantime, the challenging "pull" for you, the customer, is finding a solid ASP that will give you a good deal now and be around in five years. While the competitive "push" for you is choosing a viable ASP before your competition does and undercuts your value proposition by doing things like saving lots of money on hosted IT services and getting to market faster. This is particularly true for Small-to-Medium-Size Businesses (SMBs), many of whom till now could not afford any expensive installed enterprise systems like ERP and therefore competed at a disadvantage with Global 2000 firms that could.

As with any new product, customers must perform due diligence when engaging an unknown vendor. I wrote this book to guide you through the process. I have purposely skirted granular current events like the stock performance of individual ASPs. I believe increased competition, the Darwinistic thinning of the ASP herd, and the inevitable merger and acquisition activity of major information technology and telecom vendors like Microsoft and AT&T with complementary ASPs who need cash will strengthen the ASP brand. If the big boys are smart, they’ll let their new partners do what they do best—innovate. If individual ASPs are smart, they won’t be unrealistically stubborn idealists and risk their customers’ and stockholders’ financial welfare by remaining independents with unstable cashflow. That said, I think your best buying strategy now is diligently educating yourself about ASPs’ business strategy and technology infrastructure and intelligently and exhaustively evaluating ASP candidates so you engage an ASP whose services best match your requirements and whose long-term success is most likely.

If I had to choose fundamental criteria for an ASP’s success, they would be solid management, mastery of the technology and a respectable client base. At this early stage of the industry, profitability —while important—is of secondary importance to number of clients. If an ASP has oversold itself to win clients, then its references will tell the story. Whereas numerous satisfied clients translate to cashflow now— the number one preoccupation of any new business—and profitability and solid stock valuation later.

With that in mind, this book is written for C-Level executives and managers who are considering leasing hosted services from an ASP. It introduces you to the telecom and computing climate and players that spawned the ASP movement, explains the ASP business model, and tells you in pretty fine detail what technology, security, service level conditions and customer service and tech support you should require of an ASP. I also define, and provide examples of, different types of ASPs—like Pure Play ASPs and Full Service Providers—as well as xSPs—like Infrastructure Service Providers and Management Service Providers—whose services might best suit you. I also explain the various pricing models of ASPs and suggest which ones are best for certain types of organizations according to the activities they will be performing. And I discuss the ramifications of ASPs on the traditional IT reseller channel as well as explain the new channel that ASPs offer as an alternative. I also make some educated guesses about winning and losing ASP strategies and about business and IT trends that will affect the ASP industry in the next few years.

That’s in the chapters themselves. The Appendices offer selected ASPs that I’ve organized according to what kind of xSP they are, what vertical markets they serve and what applications they host. I’ve also included a list of ASP organizations and publications that host exhaustive ASP Directories and offer current news and analysis as well as invaluable information about standards and the ASP state-of-the-art.

I would also implore you to address the pertinent questions in Appendix E, Defining Your ASP Requirements. I created these questions as a checklist you can go through with your ASP candidates to guarantee that the ASP hosted applications you will lease—as well as things like value-added services—are exactly what you need at the price you want to pay. But they also are designed to get the ASP to open up about its business partners, market strategy, channel development and other factors that will ensure their long-term success.

In fact, if I were consulting for a client who wanted to hire an ASP, I would suggest the decision-makers use the book in the following way. First, read Chapters 1-13 to make sure you understand your ASP candidates’ market positioning, ASP or xSP Type, Price Model and so on. Once you understand the industry terms, baseline features and functions and competition, you can intelligently assess each ASP’s value proposition and comparatively shop among various candidates. Next, peruse the appendices of ASPs by type, application and market. I selected these ASPs because they had a certain visibility and geographic diversity, but that is my only bias. This will give you a few vendors to call to get your feet wet. Then I’d suggest you look through the ASP directories at the various organizations and portals I list in the appendix on ASP organizations and publications. These offer an array of ASPs of every stripe that you can research to your heart’s content. I have a similar database of ASPs culled from numerous sources, so contact me if you like. Finally, go through the pertinent questions in Defining Your ASP Requirements with your top ASP candidates. This is the most important step in your selection process because at least 95% of anything you need to know about a potential ASP partner will be elicited from them by asking these questions. What you don’t know you don’t know usually comes back to haunt you later—that’s why I’ve been so comprehensive in creating this checklist.

It’s been my experience that, when a buying team uses such a methodology, it becomes very clear very quickly which candidates are untenable. Your only problem then will be how to choose the best of the best. I think you’ll agree that getting to face that dilemma is worth the price of the book. I wish you the best of luck.



AboveNet, 218
Access control, 106, 108–109, 115, 118
Accounting, 110
Achieve Online Services (AOS), 94–95, 231
Acquisition, innovation by, 11, 214, 224
ADSL Lite (G.Lite), 72–73
Advanced Encryption Standard (AES), 108
Agiliti, 94–95, 231
Aguiar, Eric, 156
Alliances, Telecom service provider, 10–11
Alternate site testing, 56
Application expertise, 24–27
    horizontal productivity, 227
    implementation of, 152–153
    security of, 135–136
    user policies on, 159–160
Application servers, 16, 36
Application service provider (ASP), 1–14
    alliances and, 10–11
    competition and, 7–9
    defining requirements for, 245–270
        ASP varieties, 251–254
        channels, 269–270
        coalition, 245–246
        customer service and technical support, 262–266
        data center, 247–249
        enabling technologies, 266–269
        future of, 270–271
        hardware platform, 246–247
        network, 249–251
        pricing models, 261–262
        security, 254–257
        service level agreements, 257–260
    ecosystems, 100–101
    enabling technologies. See Enabling technologies
    implementation model that prepared the way for, 4–5
    industry growth, 13
    in major vertical markets, 235–238
    market for, xv
    mergers and acquisitions and, 9–10
    network infrastructure that prepared the way for, 3–4
    new value proposition and, 11–13
    offering major types of hosted applications, 239–244
    organizations and publications, 273
    outsourcing model that prepared the way for, 5–7
Application SLA, 125, 126, 127, 134–137
ASP application aggregators (AAA), 91–93, 209
ASP coalition. See Coalitions
Asymmetric DSL (ADSL), 72–73
Asynchronous transfer mode (ATM), 4, 20, 75
    Frame Relay interworking, 68–69
    traffic management and shaping, 67–68
    WANs based on, 64, 65–69
AT&T, 22, 218
Audits, 110, 117
Authentication, 106–107
    user-level, 173–174
Automated disaster recovery test, 56
Availability, 52
    application, 134
    of data center, 48
    network, 127–128

B2B environment
    enterprise portals in, 184, 185, 222–223
    virtual trade exchanges in, 222, 223
Background checks, 117
Backup and recovery, 48–51, 52, 118
    ASPs’ need for, 61
    Internet’s shortage of, 2, 3
Battenberg, Jim, 133
Billing, 165–166
Biometric recognition system, 118
Brick-and-mortar (BAM) companies, 8, 197
Bridge, 69
Broadband networking, 3, 18
Business impact analysis, 50
Business model, 16, 139–140
Business service provider (BSP), 101

Cable modems, 72
    data, 113
    web server, 40
Call centers, 150, 151, 164–165, 167–168
Capacity, network, 20–21, 62
Capacity on demand (hardware), 42
Carepanion e-Commerce System, 155–159
CareTouch, Inc., 154–159, 232
Categories of ASPs, 79–80. See also specific types
Categories of service, 66
CD-R, 176
Cell, 186
Cell relay, 65–66
Channel (reseller), 195–211
    alternate ASP, 198
    consolidation of, 196–197, 210–211
    defining requirements for, 269–270
    “direct ship” phenomenon, 195–196, 208
    double ASP, 198–202
    “first-string,” 209–210
    hardware vendor ASP strategies, 205–207
    high-margin/recurring revenue dilemma, 199
    ISV ASP strategies, 207–209
    rebranding and, 209–210
    SI ASP strategies, 202–205
    tech/touch dilemma, 199
    traditional, 196
    value-added, 209–210
    winners and losers in, 210–211
Checksums, 106
Cisco, 214
Clients, preparation of, 153
Clustering, value-added, 44
Coalitions, 7, 15–33
    ASP-enabling software platforms, 31
    defining requirements for, 245–246
        characteristics of, 17
        platform, 15–18
        provider types, 18
    infrastructure service providers, 27–31, 32
    market and application expertise, 24–27
    networks, 18–23
        characteristics of, 19–22
        platform components, 18–19
        providers, 22–23
    software, 23–24
    value-added services, 31–33
    community-based, 185
    tribal, 222–227, 228
Commerce service provider (CSP), 101
Common Object Request Broker Architecture (CORBA), 221
Community-based commerce, 185
Compaq, 206
Competitive local exchange carriers (CLECs), 3, 5–7, 10, 18, 22, 210
Compression, data, 175
Concentric outsourcing, 7, 22
Confidentiality, 106, 110, 114
    data, 38
    types of, 116–117
Conglomerate communities, 222–227, 228
ConnectSite.com, 208
Consolidation, ASP industry, 214–215
Continuity, Inc., 29–31, 231
Conversion, data, 160
“Coopetition,” 11
Copper wire transmission, 70
Corio, Inc., 26–27, 121–122, 231, 232
    network service-level, 130,
    application service level, 136
Critical Technologies/FilesOnTheNet.com, 88–90, 231
Customer network link to WANs, 71
Customer application administration, 136
Customer relationship management (CRM), 7–8, 80, 166–167
Customer service, 80, 149–170. See also Technical support
    application implementation, 152–153
    client preparation, 153
    customer relationship management (CRM), 7–8, 80, 166–167
    customization, 152, 153–154
    data conversion, 160
    defining requirements for, 262–266
    general expectations, 166–169
    going live, 162
    maintenance and upgrades, 162–163
    outsourcing of, 151
    platform preparation, 153
    system sizing, 152–153
    testing and quality assurance (QA), 161
    tiered, 168
    training, 161–162
    up-front, 151–152
    user policies, 159–160
    virtual, 150, 168
Customization of hosted -service, 152, 153–154
Custom pricing examples, 146–148

    backup and recovery of, 48–51, 52, 118
    cached, 113
    eradication of old, 110
    integrity of, 109, 114
    mirroring of, 50
    security issues
        risks, 50
        theft of, 106, 114–115
        VPN and, 173–174
    theft of, 106
Database servers, 16, 36
Data centers, 19, 42, 47–57
    alternate site backup, 56–57
    availability of, 48
    backup and recovery, 48–51, 52
    defining requirements for, 247–249
    disaster recovery plans, 55–56
    environmental control, 57
    future, 216–217
    natural disasters and, 51–52
    responsiveness of, 52–55
DataCert.com, Inc., 131–134, 232
Data compression, 175
Data confidentiality, 38
Data conversion, 160
Data encryption standard (DES), 108
DataQuest, 181
Dedicated provisioning, 36–37
Delay, network, 130
Dell Computers, 196
Denial of service, 106
Denial-of-service attack, 114
Dense wave division multiplexing (DWDM), 3, 70–71, 75, 217
Digex, Inc., 18, 29–31, 231
Digital signaling rate, 62
Digital signatures, 110
Digital subscriber line (xDSL), 3, 72–73
Digital virtual display (DVD), 176
Direct-access storage device (DASD), 176–177
“Direct ship” phenomenon, 195–196, 208
Disaster planning, 118
    updating and testing recovery plans, 55–56
Disasters, natural, 51–52
Disaster Recovery Tests, types of, 55–56
“Disruptive” technology breakthroughs, 1, 213
Distributed Component Object Model (DCOM), 221
Documentum, 98, 208
Dornadula, Prasuna, 155–156, 158
Dotcom companies, 8–9, 11–12, 197, 214
    e-business infrastructures for, 228
Double channel, ASP, 198–202
Downlink, 186

E1 lines, 62
E3 lines, 62
Earthquake protection, 57
eBay, 190–192, 232
Ecosystems, ASP, 100–101
80% application services, 23
Electronic Data Interchange (EDI), 132
e-mail, outsourcing to ASPs, 183
    viruses in attachments, 109
Enabling technologies, 2–3, 171–193
    defining requirements for, 266–269
    encryption, 107–108, 173–174
        firewall-based, 174
        PC-based, 174
        router-based, 174
    enterprise portal interfaces, 184–185
    networked storage, 176–184
        network-attached storage (NAS), 177, 179–180
        providers of, 181–184
        reasons for leasing, 180–181
        SAN + NAS + HSM, 180
        SANs’ value proposition, 178–179
        storage area networks (SANs), 3, 39, 42, 177–178
    virtual private networks (VPNs), 2, 23, 75, 171–175
        types of, 173–175
        value-added characteristics of providers of, 175
        VPN-specific boxes, 175
    wireless, 4, 186–192
        analog, 186
        digital, 186
        SSPs and, 183
        third-generation (3G), 187–188
        WASPs (wireless ASPs), 188–190
        Wireless Access Protocol (WAP), 187–188
Encryption, 107–108, 173–174
    firewall-based, 174
    PC-based, 174
    private key, 108
    public key, 107–108, 109, 110
    router-based, 174
End-to-end SLA, 126, 127
Enterprise information portals, 184–185, 222–223
Enterprise JavaBeans, 206–207
Enterprise portal interfaces, 184–185, 222–223
Enterprise resource planning (ERP), 7–8, 80, 143, 145, 160, 201–202. 204–205, 207–209
Entitlement management system (EMS), 122
Environmental control, 57
Equipment, network, 128–130
Elfman, Eric, 133
“e-sourcing,” 12
Ethernet, 65

Fast packet-switching technology, 64–65
Fiber optic network, 70, 175
Fiber-channel network, 177–178, 180, 182, 184
Financial organizations, security concerns of, 115
Fire suppression, waterless, 57
Firewall-based encryption, 174
Firewalls, 111–113
“First-string” ASP channel, 209–210
Flat/flat pricing, 140, 141, 143, 144
Flat/tiered pricing, 140, 141, 142, 143, 145–146
Frame Relay, 64–65, 68–69
Full service providers (FSPs), 82–84, 228
Future for ASPs, 213–230
    data centers, 216–217
    defining requirements for, 270–271
    human factor, 228–230
    industry maturation dynamic and, 213–216
    Microsoft’s impact on, 219–222
    tribal commerce within ASP conglomerate communities, 222–227, 228
    value-added Internet, 218–219
    wide area storage, 217–218
    winning and losing ASP strategies, 227–228

G.Lite (ADSL Lite), 72–73
G2000 companies, 8, 9, 183
    tribal commerce and, 226
Gateways, 69
Generic application services, 23
Geosynchronous earth orbit (GEO) satellites, 186, 187
Glossary, 275–287

Hackers, 106
Handoff (wireless), 186
Hardware, 35–45. See also Servers
    characteristics of, 17
    components, 36
    defining requirements for, 246–247
    load-balancing, 40, 41
    platform, 15–18
    provider types, 18
    provisioning, 36–38
    server clustering, 38–39
Hardware vendor(s)
    ASP play by, 98
    channel strategies of, 205–207
Harris, Bob, 94
Healthcare industry, 154–159
Hewlett-Packard, 18, 98, 207
Hierarchical storage management (HSM), 176, 180, 182
High-margin/recurring revenue dilemma, 199
HomeBanc, 200–202, 232
Hosted Applications Development Community and ASP Certification Program (Microsoft), 221
Hosting SLA, 125, 126, 127
Human factor in ASPs’ future, 228–230

IBM, 18, 206–207, 219
IBM Global Services, 154–159, 232
Independent Software Vendor (ISV), 84–85
    ASP variety and, 87–91
Independent Software Vendor (ISV) ASPs, 98–101, 131–134
    channel strategies of, 207–209
Infrastructure service providers, 27–31, 32, 209, 228
Initial Public Offering (IPO) valuations, 214
Innovation by acquisition, 11, 214, 224
Integrators, 196–200
Integrity, data and application, 106, 109, 114
Intelligent load-balancing software, 40, 41
Interliant, Inc., 131–134, 232
International exchange carriers (IXCs), 3, 5–7, 10, 18, 22
Internet, value-added, 218–219
Internet service providers (ISPs), 3, 6, 10, 22, 210
Interstellar Outfitters (fictional e-commerce company), 216–217
Interworking (network), 67, 68–69
Intrusion detection software, 110
IP, 74–75
ISDN, 71–72

J.D. Edwards, 204–205
J.R. Abbott Construction, 204–205, 232
Jasper Design, 156
Java, 2
Juhn, Peter, 155, 158–159

Kaiser Permanente, 154
KPMG, 100

Label-based switching (MPLS), 219
Latency (in wireless networks), 73–74
Lawson Financials package, 201
Leasing rates, 139–148
    custom pricing examples, 146–148
    flat/flat, 140, 141, 143, 144
    flat/tiered, 140, 141, 142, 143, 145–146
    issues addressed in, 140
    other fees, 143–144
    per-click, 141, 142–143, 145, 146, 166
    real-world examples of, 144–148
    variable/tiered, 141, 142, 143, 166
Level3, 208
Life care industry, 154–159
Load balancing
    network, 62
    packages for, 40, 41
    Web server, 53
Local area network (LAN), 19
    ASP server connections through, 60
Local loop, 60, 71–73
Logical functionality, 16–17
Logs, security, 117
Lotus, 98, 207
Low earth orbit (LEO) satellites, 186, 187
Loyola University, 88–90
Lucas, Jeff, 156
Lucent Technologies Worldwide Services, 54–55, 231

Madeiros, Todd, 191
Maintenance (and routine upgrades), 162–163
Managed Security Providers (MSecPs), 119–122, 126, 228
Management policies for backup and recovery, 50
Management service providers (MSPs), 53, 126, 228
“Man-in-the-middle” security breaches, 109
Market evolution, 215–216
Market expertise, 24–27
Massive scalability (of ASP hardware), 17
Maturation dynamic in ASP industry, 213–216
m-commerce, 188
Mediation (billing and), 165–166
Mergers and acquisitions, 9–10
Microsoft, 207, 219–222
Microsoft Network (MSN) Explorer, 220
Microsoft Visual Studio.NET, 220
Middleware, 23
Mirroring, data, 50
Mobile broadband wireless Internet access (m-commerce), 188
Mobile devices, 73. See also Wireless -technology
Modems, cable, 72
Monitoring (and reporting), 163–164
    of application, 136
    of network, 130
Multiprotocol label switching (MPLS), 219

Natural disasters, 51–52
NaviSite, 54–55, 231
“near sourced”, 5
netASPx, 200–202, 232
Netegrity, Inc., 121–122, 232
Network(s), 3–4, 18–23, 59–77. See also Local area network (LAN); Virtual private networks (VPNs); Wide area networks (WANs)
    characteristics of, 19–22
    customer LAN-to-WAN -section of, 71
    data center LAN-to-WAN section of, 60–63
    defining requirements for, 249–251
    fiber optic, 70, 177–178
    IP, 74–75
    load balancing of, 62
    local loop, 60, 71–73
    overview, 60
    platform components, 18–19
    providers, 22–23
    service level agreement, 125–134
    wireless, 73–74, 186–192
Networked storage, 176–184
    network-attached storage (NAS), 177, 179–180
    providers of, 181–184
    reasons for leasing, 180–181
    SAN + NAS + HSM, 180
    storage area networks (SANs), 3, 39, 42, 177–178
        value proposition of, 178–179
        “WAN-ing” of, 217–218
Network-level firewalls, 111–112
Network capacity, 20–21, 61
Network peering arrangements, 130
Network quality of service, 21, 66
Network reliability, 19–20
Network scalability, 21
Network service providers, 22–23
Nonrepudiation, 110

Open Text, 100, 208
Operating systems, 23
Optical storage, 176–177
Oracle, 98, 207, 219
Organizations, ASP, 273
    application (planned and unplanned), 137
    network (planned and unplanned), 131
    concentric, 7, 22
    of customer service, 151
    of e-mail, 183
    as model for ASP, 5–7
“Overhead” information in -network data packets, 64

Packet switching, 64–65
    cell relay, 65–66
Partner coalitions, 7
Passwords, 107
Peering network, 130, 218
Per-click pricing, 141, 142–143, 145, 146, 166
Performance, 129
    of application, 135
Permanent virtual circuits (PVCs), 64–65
    background checks on, 117
    security, 118
Physical security, 118
Platform of application, 135
Portal interfaces, enterprise, 184–185
    custom (examples of), 146–148
    defining requirements for, 261–262
    usage-based, 165–166
Pricing models
    flat/flat, 140, 141, 143, 144
    flat/tiered, 140, 141, 142, 143, 145–146
    per-click, 141, 142–143, 145, 146, 166
    variable/tiered, 141, 142, 143, 166
Private key encryption, 108
    application, 136
    hardware, 36–38
    network, 131
Proxy servers, 113
Publications, ASP, 273
Public key encryption, 107–108, 109, 110
Pure-play ASPs, 81–82, 121–122

Quality assurance (QA), 161
Quality of service, 66
Qwest, 98, 207, 218

Rebranding, and the ASP channel, 209–210
Recovery, data, 48–51, 52
Recovery Time Objectives (RTOs), 47, 50
    of application, 135
    in environmental control, 57
    network, 54, 128
Redundant Array of Inexpensive Disks (RAID), 177
Regional ASPs, 227
Regional bell operating carriers (RBOCs), 3, 5–7, 10, 18, 22
Reliability, network, 19–20
Repeatable solutions, 4–5, 12
Reporting, monitoring and, 163–164
    application, 136
    network, 130
Requirements for ASP, defining, 245–270
    ASP varieties, 251–254
    channels, 269–270
    coalition, 245–246
    customer service and technical support, 262–266
    data center, 247–249
    enabling technologies, 266–269
    future, 270–271
    hardware platform, 246–247
    network, 249–251
    pricing models, 261–262
    security, 254–257
    service level agreements, 257–260
Responsiveness of data center, 52–55
Risks, security
    determining, 104–105
    types of, 105–106
Roaming (wireless), 186
Robustness of hardware, 17
Rolling upgrade, 42
Router-based encryption, 174
Routers, 69, 111
Routing equipment, 69

SAP, 98, 101
Satellites, 186–187
    of application, 135
    capacity on demand and, 42
    expandability and, 42
    of hardware, 17
    of network, 21, 130
    of software, 24
    of stand-alone vs. clustered servers, 38–39
    of Windows 2000, 216–217
Secret key security techniques, 108
Security, 103–123, 129
    access control, 106, 108–109, 115, 118
    of application, 135–136
    appropriate, 114–115
    auditing and accounting, 110
    audits, 117
    authentication, 106–107
        user-level, 173–174
    background checks, 117
    charges for, 144
    confidentiality, 106, 110, 114
        data, 38
        types of, 116–117
    customer responsibility for, 104
    data, 38
        risks, 50
        theft of, 106, 114–115
        VPN, 173–174
    defining requirements for, 254–257
    encryption, 107–108, 173–174
        firewall-based, 174
        PC-based, 174
        private key, 108
        public key, 107–108, 109, 110
        router-based, 174
    in financial organizations, 115
    firewalls, 111–113
    integrity, 106, 109, 114
    Internet, 2
    Managed Security Providers (MSecPs), 119–122, 126, 228
    physical, 118
    policies, 116–117
    proxy servers, 113
        determining, 104–105
        types of, 105–106
    routers, 111
    in small to medium-size businesses, 115
    tiers of, 115–116
Security logs, 117
Server farms, 98
    ASP, 16–17, 36
        characteristics of, 41–44
        clustering of, 38–39
        flexibility and expandibility of, 42
        LAN connection to, 60
        provisioning of, 36–38
    proxy, 113
Service bureau ASPs, 86–95
Service level agreement (SLA), 56, 125–138
    application, 125, 126, 127, 134–137
    component services addressed by, 125
    defined, 125
    defining requirements for, 257–260
    end-to-end, 126, 127
    general practices, 137
    hosting, 125, 126, 127
    network, 125–134
Service-level corroboration
    application, 136
    network, 130
Service providers(s)
    commerce (CSP), 101
    full (FSPs), 82–84, 228
    hardware, 18
    infrastructure, 27-–31, 32, 209, 228
    ISPs, 3, 6, 10, 22, 210
    Managed Security (MSecPs), 119–122, 126, 228
    Management (MSPs), 53, 126, 228
    storage, 181–184
        network, 20–21
Setup fee, 143
ShareDoc/LEGAL, 132
Shared provisioning, 36–38
Signatures, digital, 110
Simple Object Access Protocol (SOAP), 221
SiteMinder, 121–122
Sizing of system, 152–153
Small office home office (SOHO), access to ASP WAN, 71
Small to medium-size businesses (SMBs), 4, 7–8, 11
    access to ASP WAN, 71
    competition faced by, 8–9
    data conversion needs of, 160
    double channel and, 199
    Microsoft’s focus on, 220
    security concerns of, 115
    SI ASPs and, 228
    SSP use by, 182–183
Smith, Eric, 133
Software, 23–24
    ASP-enabling platforms, 31
Solbakken, Art, 204–205
Solution centers, 4–5
Staff dependencies on backup and recovery, 50
Stand-alone servers, 38–39
Storage. See also Networked storage
    charges for, 143
    wide area, 217–218
Storage area networks (SANs), 3, 39, 42, 177–178
    combined with NAS and HSM, 180
    value proposition of, 178–179
    “WAN-ing” of, 217–218
Storage centers, 182
Storage Networks, 217
Storage service providers (SSPs), 181–184
Sun Microsystems, 3, 98, 206, 219
Support. See also also Customer service; Technical support
    application, 137
    network, 131
Switched virtual circuit (SVC), 65
Switches, 69
Switching, label-based, 219
Systems integrators (SIs), 22, 23, 24
Systems integrator (SI) ASPs, 95–98
    channel strategies of, 202–205
    small to medium-size businesses (SMBs) and, 228
System sizing, 152–153

T1 lines, 62, 71
T3 lines, 62
Tabletop tests disaster planning, 56
T carrier leased lines, 62
Technical support, 163–166. See also Customer service
    billing and mediation, 165–166
    call centers, 150, 151, 164–165, 167–168
    complexity of, 150–151
    defining requirements for, 262–266
    monitoring and reporting, 163–164
    virtual, 150, 168
Technology Services Group, 208
Tech/touch dilemma, 199
Telecom companies (as network service providers), 22–23
Telecommuters, 71–72
Testing environments for hosting applications, 161
Theft, data, 106, 114–115
Thin client computing model, 219
Three-tier computing architecture, 36
Throughput, network, 128, 129–130
Thunderstorms, data and, 51
Tiered customer service, 168
Timing out computer sessions due to inactivity, 107
Token Ring, 65
Trade exchanges, virtual, 222, 223
Traffic management and shaping, ATM, 67–68
Training, 161–162
Train-the-trainer strategies, 161–162
Transactions, virtual, 53
Tribal commerce, 222–227, 228
TripleDES, 108
Trusted business advisors (TBAs), 25
2Roam, 190–192, 232

Unisys, 216–217
Upgrade, rolling, 42
Upgrades (and routine maintenance), 162–163
Uplink (wireless), 186
Usage-based pricing models, 165–166
Usage tracking, 166
User ID, 106–107, 109
User-level authentication, 173–174
User policies, 159–160

Value-added channel -(partners), 209–210
Value-added clustering, 44
Value-added resellers (VARs), 4, 196–197, 199
Value-added reseller (VAR) ASPs, 84–86
Value-added services, 31–33
    pure-plays and, 82
    SI ASPs and, 96
    FSPs and, 82–84
Variable/tiered pricing, 141, 142, 143, 166
Vertical ASPs (VSPs), 101–102
Vertical markets, 227, 235–238
Vertical Networks, Inc., 26–27, 231
Virtual communities, 185, 222, 223
Virtual computing, 197
    mainstreaming of, xv–xvi
Virtual private networks (VPNs), 2, 23, 75, 171–175
    types of, 173–175
    value-added characteristics of providers of, 175
    VPN-specific boxes, 175
Virtual technical support, 150
Virtual trade exchanges, 185, 222, 223
Virtual transactions, 53
    in e-mail attachments, 109
    in scripts, 109

Wave division multiplexing (WDM), 70–71
Web servers, 16, 36
    caching of, 40
    load balancing of, 53
WebSphere Commerce Suite, 157
Wide area networks (WANs), 19, 60–71
    ASP broadband link to, 60–63
    ATM-based, 64, 65–69
    customer broadband link to, 71
    Frame Relay-based, 64–65, 68–69
    leased shared, 171–172
    wave division multiplexing (WDM), 70–71
Wide area storage, 217–218
Windows.NET, 220–222
Windows 2000, 219
    scalability of, 216–217
Wireless Access Protocol (WAP), 42, 187
Wireless networks, 73–74, 186–188
Wireless technology, 4, 186–192
    analog, 186
    digital, 186
    WASPs (wireless ASPs), 188–190
    Wireless Access Protocol (WAP), 42, 187–188
WorldCom, 218
World Technology Services (WTS), 204–205, 232
Write Once Read Many optical disk (WORM), 176

xDSL, 3, 71–73
xSPs, 233–234

Year 2000 (Y2K)
    conversion platform, 161


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020