Many companies use network accessible software, to provide online shopping tools, mobile apps and other software that is stored and executes on a server or computer that is remote to the actual user. In some cases, access is via a web browser on a user computer, in some a dedicated local client such as local software or an application that executes on a mobile phone provides access or the portal for access. In the mobile scenario, the mobile application may perform some functions whereas the remote software may perform others. In certain cases, software routines are distributed between multiple locations and servers or devices. Some of these applications are considered Software as a Service (SaaS). Others are simply web based programs.
These software programs provide many advantages over locally installed software. Updates to the software and product offerings can often be accomplished without requiring that the end users install updates or physically use a fresh installation disk or even download a fresh copy of the software. This allows companies to easily change functionality, color schemes, and provide software updates, bug fixes, security enhancements and other benefits in a way that in many cases immediately results in all users having access to the most up-to date software.
This in turn allows customer/technical support to provide support for a single version of the software/application or at least a single version within each operation system environment, ie. Windows, Mac, iOS, Android etc.
Many of the software programs discussed above use a number of servers, storages and other types of computing resources to operate. This has led to hosted services providers to focus on the business of renting server space and computing power so that the actual owner of the application does not need to maintain a collection of servers and storages for each of their applications. These services are sometimes referred to in the industry as Platform-as-a-Service (PaaS) or Infrastructure-as-a-Service (IaaS). In this case, the host provider will allow the software application owner to install their software on its servers and will charge based on computing power/resources reserved or used by the software. The billing models of these hosts are often very complicated and difficult for developers and product designers to understand.
These pricing models are also changing as providers compete to offer advantageous pricing. Application's needs may also vary depending on customer profile, or even as applications evolve and scale past their initial configurations which may have been suitable at the onset, but may no longer be the ultimate fit over time.
As but one example Amazon AWS offers server usage on demand and adjusts the amount of computing power available to a particular application based on the amount of usage thereof. As usage increases, the bill for the hosted services increases. In some cases, the increased usage is simply due to more users interacting with the application(s). In other cases, the increased usage is un-necessarily increased due to re-designs of the software and certain features thereof.
Because developers and product designers are often updating software applications on a regular basis, the computing load that is used up by the software may change. For example, added features may require more processing power, more bandwidth, a faster storage (lower access time) or other computing power metric in order to operate efficiently and effectively. This may lead to more resources being reserved for the software application and therefore added expense, but it is difficult to accurately quantify what software changes cause which processing power requirements to change. In another example, an application which was initially about ¾ reporting and ½ processing may evolve over time to have ¾ reporting as these are added and enhanced. The profile initially thought of to deliver the application may no longer be the most suitable.
As but one example, a developer may decide to update a software program to check the time or date every minute whereas previous versions checked every hour. Although this change does not individually amount to much change on a minute by minute basis, the amount of network bandwidth used to ping a remote server to check the time is now 60 times larger. This added bandwidth may be un-necessary in some cases where it is not crucial to check time on such a regular basis. In other scenarios, for example a sporting event timing system, checking time may be crucial for accuracy and precision. When the software update includes updates and changes to many features, it can be difficult to tell what sections of new code or the interaction with other parts of the software cause a higher requirement of bandwidth. It is even more difficult to correlate these changes to a cost structure to determine whether the updates are worth the added cost. The difficulty with current systems is that it is not possible to have a good understanding of how updates, changes or new versions impact computing resource/power and network bandwidth usage.
As another example, sometimes users increase substantially over a short period of time. In some cases, this is due to widespread publicity that drives users to particular websites, mobile apps etc.
As yet another example, the increase in usage could be due to a malicious attack on the software application, for example a Denial of Service (DOS), Distributed Denial of Service (DDOS) or Address Resolution Protocol storm (ARP Storm). These attacks are un-wanted from a security standpoint but they also substantially increase computing resource/power and bandwidth usage leading to more costs.
In yet another example it is increasingly popular to use the hosting providers for short computing problems. The infrastructure setup has become so efficient that it is possible to spin up instances of computing resources in minutes or even seconds and pay for these by the minute or hour. In some cases, rather than having a machine sitting idle (and vulnerable to attacks for example) it is desirable to simply spin up an instance on demand. This computing on demand may be triggered by an IT person that wants to do a test on a new piece of software where the IT person provisions a server/instance for this test. It can also be a production software program which spins up an instance at the end of the month when there are many calculations to perform. In other cases the demand may be an instance that is spun up when an end user presses requests to run a report that requires additional computing power and the underlying system/software spins up a server to service the request.
In some of the scenarios above, the computing resources are again dynamically created and vary month to month depending on end user actions and activity. Someone that is paying for a usage based service may be surprised by the amount of usage at the end of the month.
Further, since the services are spun up on demand, it is difficult for traditional tools that look and sniff out active servers to recognize and detect these transitory services and machines. Again leading to possible bill shock.
Finally, some providers allow for spot bidding or auctions on these on-demand spinning up of resources.
Creative hackers with system knowledge may also maliciously try to fire off these expensive requests in an attempt to drive up service costs or give denial of service attempts at an enterprise with such elements.
It is therefore desirable to provide a system that enables management of hosted software by allowing transparency in understanding how changes, updates, changes in user profile, revisions or even new implementations result in increased computing resource/power usage and therefore added expense. It is still further desirable to notify expense managers or billing departments how expenses relating to hosted software may be impacted due to these changes, updates, revisions and new implementations. It is further desirable to provide a system that enables software application owners to have better insight into when there are substantial user increases and if any of those increases relate to malicious attacks such as DOS, DDOS and ARP Storms. It is yet further desirable to notify security teams/developers and/or expense/billing departments to when increased usership is occurring and if such increase is due to a malicious attack so that appropriate action can be taken. It is yet further beneficial for system administrators to map the available billing models over the available service providers to find the optimal service provider both for the immediate needs and the applications needs as they evolve over changing conditions.