Office 365: why it scores over on-premise software


It's no surprise that Microsoft is making a huge push to sign SMBs and enterprises up to the Office 365 service. Cloud computing is, as we all know, a major facet of Microsoft's desired future; while generic server and storage provision forms a major part of the service offering, the company now wants its customers to branch into the cloud for its applications too.

Office 365: a brief introduction

Office 365 is, basically, a collection of Microsoft applications hosted in the cloud. The company refers to it, pretty accurately actually, as “the online companion to Office”; the six building blocks it comprises are hosted email, hosted calendars, web conferencing, web versions of Office applications, file sharing and corporate websites.

The facilities you get depend on the plan you pay for. At the basic level is the hosted email service for $48 per annum per user. The “small business” plan labelled P1 adds, for another $24 per annum, instant messaging and VC, plus file sharing, website hosting and viewing (but not editing) of Office documents.

Going up a notch, plan E1, at $96pa, is the starting point for enterprises, as it gives 24x7 technical phone support, SharePoint and Active Directory synchronisation. Finally plan E3, at $240pa per user, adds voicemail, email archiving and unlimited storage, and full Office apps. P1 is the only plan that has a user limit; the ceiling of 50 users sits it firmly in the small business realm.

Office 365 is managed via a web portal which is, it has to be said, extremely comprehensible and straightforward to use. In fact the only tricky aspects of using Office 365 come in the enterprise-level offerings when you have to deal with the integration between your internal systems and the Office 365 cloud. The main aspects you need to deal with are DNS, firewalls and directory synchronisation.

DNS is required if you're going to be using the Lync messaging and VC service. Although all you're really doing is adding some SRV (service) records, this can be something of a faff if your DNS is hosted by a third party and database management is done through a portal because SRV record management can often clunky and takes a bit of working around.

Directory Synchronisation is achieved using Active Directory Federation Services (ADFS), which means you'll need Windows Server 2003 R2 or later. What you're basically doing is providing the cloud service with a read-only copy of the pertinent aspects of your Active Directory structure in order that your internal users can authenticate against the cloud servers.

The firewall aspect's pretty obvious: any sensible organisation won't, by default, have rules permitting arbitrary access to the Office 365 servers on the required ports. There's nothing difficult about this, though – just look up the current port list on Microsoft's Web site and implement it on your firewall. One quick caveat: as hosting services change, your firewall rules need to keep up and you won't be actively notified by Microsoft when this happens, so keep an eye on their support portal to make sure you keep up.

Neither of these steps is particularly onerous, though, and you'll soon be connecting to the Office 365 services without really thinking about it.

Office 365 versus on-premise

To understand whether you should be going for an on-premise offering or a cloud offering, we'll look at each of the components and discuss how well (or otherwise) it's suited to cloud operation.

Web site hosting

Let's be honest: you probably don't really give a stuff about website hosting. Perhaps there's a small chance that you might want to drive a part of your site using Active Directory for user logins, but there will be few organisations that consider this feature as a clinching factor for signing up to Office 365.

We mentioned earlier that Office 365 is termed “the online companion to Office”, and it's in the web applications that htis applies most. The message is clear: you're not going to use the cloud-based version of the basic Office apps (Word, Excel, etc) in place of the desktop versions – they're there as a supplement to them. So the cloud version integrates nicely with the desktop version, and being a hosted offering you have the obvious bonus of being able to share docs with colleagues and work on them via the web wherever you are. The vast majority of organisations will, however, be perfectly content with the desktop-based applications and will use the web alternatives sparingly, if at all.

File sharing

The file sharing aspect of Office 365 is actually rather more than the name on the tin suggests. It's SharePoint-driven, so it gives you all the functionality you'd expect from a SharePoint site: collaboration, file versioning and check in/out, blogs, wikis and searching within files across directory structures.

Office 365 features

The file sharing aspect of Office 365 is therefore the first area in which you can choose between an on-premise offering and the cloud service. A on-premise solution has all the advantages of a typical in-house system: it's close to your users, and security isn't an issue so long as your firewall rules are up to scratch.

You do, however, need a reasonable amount of server power to drive it, both in the front-end servers and in the back-end systems that underpin it such as SQL Server (for data storage), storage hardware and backup systems. SharePoint's a hugely flexible system but in practice you can't run it on puny hardware so the potential investment in hardware is non-trivial.

Web conferencing

If file sharing is the first potential area for considering a cloud offering instead of an on-premise one, web conferencing is quite the opposite – that is, one has to wonder why you wouldn't just use an external service anyway instead of bothering with an internal system. Hosting a reliable, scalable web conferencing system internally is relatively straightforward for small organisations, but if you're reasonably large and you use the service as a genuine business tool you need to be able to rely on it. So that means resilient inbound Internet feeds, hardware that scales to conferences with potentially dozens of participants and a level of Internet bandwidth that can support these many, many participants for not just text messages but also voice, video and desktop sharing.

For web conferencing on anything but a trivial scale, then, the question isn't whether to host it internally or externally but is really which external offering to go for.

Email and calendaring

We'll deal with these last two together because most of us are so used to them being automatically linked anyway – so an Outlook user will generally use it for both email and calendar functions, and a Notes user will normally do the same. Email functionality has three aspects: getting email in and out of the organisation, storing that email somewhere, and letting users interact with the email system to send and receive messages.

Getting email in and out of the organisation is relatively straightforward on the surface – you need an Internet connection and some MX (Mail eXchanger) records in your DNS. Of course, life's seldom that simple and in the case of email your main concern is malware – primarily viruses. You can run anti-malware software on your mail server (it's actually a good idea to run at least two or three different vendors' offerings, to be sure that your system can recognise new attacks as early as possible into their existence), or you can take the approach that an increasing number of organisations do these days and use an external anti-malware service to cleanse your email before it arrives (and preferably to do a similar action on outbound messages, just to be sure you're not sending infections outbound). To send and receive email you'll need mail servers – preferably a resilient cluster to ensure maximum uptime.

Storing email is pretty simple: the mail servers mentioned above need storage. Even in a relatively small enterprise of, say, a thousand or so users the storage requirement for email can easily be measured in terabytes, which although not a totally alien concept with today's hard disk technology is still a significant sum (not least with regard to the price tag). You'll also have to think about backing up the huge mail files that you're storing, and with an eye on compliance you'll be needing to store messages for a significant time – potentially a few years – which although you can do it using offline or semi-offline storage is still a significant task.

Allowing the users to interact with the email servers via their desktop mail clients or a browser-based mail client is a pretty straightforward task. And even though browser-based clients are popular, users really do prefer having a full-blown client on their desktop – and will continue to do so for a while (though it can't be denied that with HTML 5 and other current browser technologies it's becoming more and more possible to make a web application behave like a desktop app with regard to niceties such as drag-and-drop).

An entirely on-premise offering therefore needs some pretty expensive components: server hardware, storage hardware, malware inspection capabilities and an appropriate Internet connection.

The requirement for Internet connectivity will never go away, of course, but since many people already outsource the malware inspection, why not just outsource the hosting of all the email? The hardware requirement vanishes (instead you rent space on servers run by an organisation that benefits from the economy of scale of buying servers by the vanload rather than in ones and twos), the malware inspection is dealt with for you, and the storage aspect works on exactly the same cost benefit as the server hardware.

The one thing you will have to spend more money on is the Internet connection, entirely because of user perception. The occasional outage in an Internet connection on an on-premise setup won't affect the users' ability to interact with the mail server and they may not even notice if emails are delayed by a few minutes, but in a hosted service it'll cause a “Host not accessible” when they hit “Check Mail” and the trouble tickets will start to roll in.

The way to go

If you want to do web conferencing and/or email/calendaring, it's hard to justify an on-premise solution at all. It requires hardware, software, maintenance contracts, bags of bandwidth (particularly for web and video conferencing) and even if you have an existing on-premise solution that you're looking to upgrade you have to consider that it won't be so long before the hardware approaches the end of its life and needs a refresh: for anything but a small system that will have a significant price tag.

Are there risks with the Office 365 approach? In theory yes, but that's not really any more true than with an on-premise system.

There's the obvious issue of hardware reliability, but with the magnitude of Microsoft's hosting setup service outages are less likely than with a modest in-house system. Firewalling isn't really an issue because if you want to host Web conferencing or email in-house you have to open the relevant TCP and UDP ports to “allow all” anyway. And because in the enterprise-level products you're using ADFS to present a read-only subset of your user details there is a theoretical risk of someone ripping off and decrypting your passwords, but with two-level authentication and a sensibly enforced password policy this risk soon becomes acceptable.

And what about the traditional Office applications such as Word, Excel and the like? Well, since Microsoft openly admits that Office 365 is really just a companion for its desktop products, it's clear that they realise people won't really want to move entirely to a Web-based application offering. And why would they – it makes far more sense to provide a few web-centric functions to an already ubiquitous desktop suite than it does to encourage people to stop buying the latter!

Office 365 takes away the costs of hardware, software, maintenance contracts, support staff and their training costs and gives you a service with a fixed per-user-per-year cost that makes running it and scaling it to a growing user base no harder than simply hitting “Create User” and letting someone else worry about the performance.

Quite frankly, it's something of a no-brainer. Stick with Office on the desktop. Use Office 365 for your email and web conferencing. Job done.