VMware Managed Service Providers have been responsible for much of the configuration and ongoing management of their customers’ solutions. The opportunities for value-add services throughout the lifecycle of a solution have allowed providers to differentiate their offerings based on their areas of expertise. Cloud services with higher levels of automation and standardization can, in some cases, restrict opportunities to differentiate.

Using vCloud Director to offer customers direct access to manage their tenant configuration does not preclude a VMware Cloud Provider from offering additional services to provide differentiation. While it is out of scope for this document, the Role-Based Access Control (RBAC) within vCloud Director allows the granular control of access to many of the capabilities within the vCloud Director User Interface¹. However, as noted earlier, restricting customers’ ability to manage changes themselves can be seen as a shortcoming with the platform. To maximize customer benefits while maintaining the provider’s ability to differentiate, vCloud Director allows both the provider and the customer to access the solution through the same interface. This provides that changes made by either party are consistently applied, and reduces the risk of the customer adversely affecting a solution for which the provider is accountable within a Service Level Agreement.

The ability for both the provider and customer to manage the same solution is particularly useful within the networking services part of a provider service, where customers might have in-house skills to manage their business applications which reside on the provider platform, but might not have the networking or security skills to be able to set up a complex micro-segmentation distributed firewall policy. Similarly, if the customer wants to take advantage of NSX Edge load balancing, while they might understand their applications load balancing requirements, they might prefer that the service provider be responsible for procuring, installing, and managing SSL certificates for those same services.

The certificate management dialog in vCloud Director might be quite straight forward to Content Delivery Engineers who understand signing requests and revocation lists, but customers might be willing to pay for that expertise from their VMware Cloud Provider.

While the management of SSL certificates is just one example, it illustrates that simply by providing customer access to manage part of their service, the provider does not preclude offering to manage those same services for their customer. Even if a customer tries and fails to configure an element of their service themselves, the provider knows that they will be able to access the failed configuration through the same interface that the customer used and either, help the customer to remediate the error themselves, or take over and complete the deployment on the customer’s behalf. In either case, customer satisfaction is assured through offering them self-service, support service, or a managed service, as required.