Comprehensive hardware procurement strategy, vendor assessment, supply chain security considerations, and cost modelling for the sovereign cloud buildout across all cooperative jurisdictions.
Estimated Initial Capital Expenditure (All Jurisdictions)
Total Initial CAPEX: $4.2 - 8.4 Billion (all jurisdictions combined)
Equivalent to ~1-3% of one year's US cloud spend ($300B). ROI achieved through avoided dependency risk.
Compute Hardware (Servers)
Server Specifications by Workload Type
| Workload Type | Typical Spec | Est. Quantity (All) | Unit Cost | Total Est. |
|---|---|---|---|---|
| General Purpose | 2x 32-core CPU, 512GB RAM, NVMe | 20,000-40,000 | $15-25K | $300M-1B |
| Compute Optimised | 2x 64-core CPU, 256GB RAM, high clock | 5,000-10,000 | $20-35K | $100-350M |
| Memory Optimised | 2x 32-core CPU, 2TB-4TB RAM | 2,000-5,000 | $40-80K | $80-400M |
| Storage Optimised | 2x 16-core CPU, 256GB RAM, 24x NVMe | 3,000-6,000 | $30-50K | $90-300M |
| GPU/AI Accelerated | 8x GPU (A100/H100 class), 1TB RAM | 500-2,000 | $200-400K | $100M-800M |
| Kubernetes Nodes | 2x 32-core, 256GB RAM, container optimised | 10,000-20,000 | $12-20K | $120-400M |
Server Vendors - Supply Chain Assessment
Dell Technologies
US - Major Hyperscaler Supplier
PowerEdge servers. Significant government experience. US ownership concern but established global supply chain.
HPE (Hewlett Packard Enterprise)
US - Enterprise Focus
ProLiant servers. Strong government contracts globally. US ownership.
Lenovo
China (HQ) - Global Manufacturing
ThinkSystem servers. Price competitive. Security vetting required for classified workloads.
Supermicro
US (Taiwan manufacturing)
Cost-effective, hyperscaler design. ODM model. Previous supply chain security concerns.
Fujitsu
Japan
PRIMERGY servers. Strong European presence. Non-US ownership, ally nation.
Atos/Bull
France (EU)
BullSequana servers. EU sovereign option. French government contracts.
Supply Chain Security Consideration
All major server vendors have complex global supply chains. True "sovereign" hardware manufacturing does not exist at scale outside US/China. Recommended approach:
- Prefer vendors with manufacturing in allied nations (Japan, EU, Taiwan, South Korea)
- Require hardware attestation and firmware verification
- Consider European vendors (Atos/Bull, Fujitsu Europe) for highest sensitivity workloads
- Accept that US vendors may be necessary for scale; mitigate through contract terms and audit rights
Storage Systems
Storage Tiers and Specifications
| Storage Tier | Technology | Est. Capacity | Cost/PB | Total Est. |
|---|---|---|---|---|
| Hot/Primary | All-flash NVMe arrays | 30-60 PB | $150-250K | $4.5B-15B |
| Warm/Secondary | Hybrid flash/HDD or QLC flash | 50-100 PB | $50-100K | $2.5B-10B |
| Cold/Archive | High-density HDD, tape | 100-200 PB | $10-30K | $1B-6B |
| Object Storage | Software-defined (Ceph/MinIO) | 50-150 PB | $30-60K | $1.5B-9B |
Recommended Approach: Software-defined storage (Ceph, MinIO) on commodity hardware reduces vendor lock-in and aligns with CloudStack architecture. Hardware vendors for underlying storage nodes follow same assessment as compute.
Storage Vendors
- Pure Storage (US) - High-performance all-flash
- NetApp (US) - Enterprise hybrid storage
- Dell EMC (US) - Full portfolio
- Huawei (China) - Price competitive; security concerns for classified
- VAST Data (US/Israel) - Modern architecture
- Software-defined: Ceph (open source), MinIO (open source) on commodity hardware
Networking Equipment
Network Infrastructure Requirements
| Component | Specification | Est. Quantity | Unit Cost | Total Est. |
|---|---|---|---|---|
| Spine Switches | 400G capable, 32+ ports | 200-400 | $50-100K | $10-40M |
| Leaf/ToR Switches | 100G/25G, 48+ ports | 4,000-8,000 | $10-25K | $40-200M |
| Border/Edge Routers | 100G+ WAN capable | 100-200 | $100-300K | $10-60M |
| Load Balancers | L4/L7, 100Gbps+ | 200-500 | $50-150K | $10-75M |
| Firewalls/NGFW | 40Gbps+ throughput | 500-1,000 | $30-100K | $15-100M |
| WAN/Interconnect | Dark fibre, DWDM | N/A | Variable | $50-200M |
Network Vendors - Supply Chain Assessment
Cisco Systems
US
Market leader. US company subject to US law. Extensive government deployment globally.
Juniper Networks
US
Strong enterprise/carrier grade. US ownership.
Arista Networks
US
Cloud-native design. Hyperscaler grade. US ownership.
Huawei
China
Price competitive. Banned in many government contexts. Not recommended.
Nokia (Alcatel-Lucent)
Finland (EU)
Carrier-grade routing. EU ownership. Good sovereign option.
Ericsson
Sweden (EU)
5G/carrier focus. EU ownership. Government experience.
Network Equipment Reality
US vendors (Cisco, Juniper, Arista) dominate the enterprise/cloud networking market. European alternatives (Nokia, Ericsson) are primarily focused on carrier/5G. Recommended approach: Accept US networking vendors for datacenter switching with contract terms requiring audit rights and no remote access without explicit authorisation. Consider open networking (SONiC, Cumulus) on white-box hardware for reduced vendor dependency.
Security Hardware (HSMs, Cryptographic Modules)
Hardware Security Module Requirements
| Component | Standard | Est. Quantity | Unit Cost | Total Est. |
|---|---|---|---|---|
| Network HSMs | FIPS 140-2/3 Level 3 | 200-500 | $50-150K | $10-75M |
| Cloud HSM Partitions | FIPS 140-2/3 Level 3 | 1,000-5,000 | $5-15K/yr | $5-75M/yr |
| Payment HSMs | PCI HSM | 50-100 | $100-200K | $5-20M |
| Code Signing HSMs | FIPS 140-2/3 Level 3 | 50-100 | $30-80K | $1.5-8M |
HSM Vendors
Thales (formerly Gemalto/SafeNet)
France (EU)
Luna HSM. Market leader. EU ownership. Strong government experience.
Entrust (nCipher)
US (acquired)
nShield HSM. Strong cryptographic heritage.
Utimaco
Germany (EU)
CryptoServer. German-owned. Strong EU sovereign option.
Recommendation: Thales (French) or Utimaco (German) for EU/UK sovereign HSM needs. Both have FIPS and Common Criteria certifications. EU ownership provides better protection from US legal reach.
Cost Allocation by Jurisdiction
| Jurisdiction | Compute | Storage | Network | Security | Total CAPEX | Annual OPEX |
|---|---|---|---|---|---|---|
| United Kingdom | $300-600M | $150-300M | $60-120M | $25-50M | $535M-1.07B | $100-200M |
| European Union | $1.5-3B | $600M-1.2B | $300-600M | $120-240M | $2.5-5B | $500M-1B |
| Canada | $250-500M | $120-250M | $50-100M | $20-40M | $440-890M | $85-170M |
| Australia | $200-400M | $100-200M | $40-80M | $15-30M | $355-710M | $70-140M |
| TOTAL | $2.25-4.5B | $970M-1.95B | $450-900M | $180-360M | $3.8-7.7B | $755M-1.5B |
Cost Context
- Initial CAPEX ($3.8-7.7B): ~1-2.5% of one year's US cloud spend ($300B)
- Annual OPEX ($755M-1.5B): ~0.25-0.5% of annual US cloud spend
- Break-even: Investment recovered through avoided dependency risk, not direct cost savings
- ROI: Cannot be calculated purely financially; strategic sovereignty value is primary driver
Emergency Procurement Approach
Week 1-2: Immediate Actions
- Activate existing government framework agreements (G-Cloud UK, EU frameworks)
- Issue emergency RFIs to pre-qualified vendors
- Identify available inventory at major suppliers (Dell, HPE, etc.)
- Direct award contracts under national security provisions
Week 2-8: Rapid Procurement
- Accelerated competitive procurement where required
- Volume commitments to secure manufacturing slots
- Logistics coordination across jurisdictions (bulk shipping, customs clearance)
- Installation teams mobilised in parallel with delivery
Supply Chain Resilience
- Multi-vendor strategy to avoid single points of failure
- Manufacturing location diversity (avoid concentration in any single country)
- Strategic spares inventory (10-15% of deployed capacity)
- Long-term maintenance and support agreements