For all of my 25+ years in IT, the "software vs. hardware" debate has raged on. During that time, their benefits were mutually exclusive. In many instances, software gave us total flexibility, but hardware gave us reliability and performance. As with most things in life, there were tradeoffs. Now, though, it appears that virtualization is coming to the rescue -- again -- with the concept of virtual appliances. Perhaps you can have it all, after all.
At least in theory, a virtual appliance gives you the flexibility of a software-based approach, as well as the plug-and-play benefits usually associated with stand-alone appliances. I can't decide if this is "hard software" or "soft hardware," but a virtual appliance brings many of the benefits of both.
First and foremost, the appliance -- and by extension, the virtual appliance -- leaves component integration up to the vendor. For example, if the service being deployed stores log information in a relational database like MySQL, the base operating system and that component are loaded and tested by the vendor.
That might sound simple but typically it is not. For starters, given the modular approach that vendors take in building systems (and this is the way it should be done), it is quite common for many building blocks to be required to build a finished system. If you take the software route, you, the user, are responsible for loading all of the prerequisite building blocks. That can be quite time-consuming and rife with possible errors should the components not be loaded in the proper order. When you take the virtual appliance route, those environmental responsibilities become someone else's concern.
If you take the traditional hardware route, you generally are stuck with whatever base platform you purchased. It isn't often that vendors will swap out old appliances for new ones at no or minimal charge. Give that most appliances are meant to be "black box" devices -- not to be tinkered with by the buyer -- it's also not usual or customary to offer extensive in-place hardware upgrades of key components, such as CPU or RAM. Thus, the platform ultimately can become your greatest limitation. The vendor might get to a point where the software and firmware upgrades that provide new functions can't run on the platform that you purchased. Then, your only option might be a forklift upgrade.
Once again, a virtual appliance does away with these particular limitations and concerns. Because the hardware is virtual, the vendor can provide you with a new, fully integrated machine as a downloadable image you can boot and run. Because other potential constraints -- CPU, disk, RAM -- are virtual as well, your appliance can get instant benefits from any hardware upgrades to the physical machine. And again, because each appliance is virtual, one physical system can run multiple virtual appliances.
Any drawbacks? Well, I'm always concerned about performance. For in-line appliances, such as intrusion-prevention devices or firewalls, dedicated hardware always has been the best way to assure high throughput and minimal latency. In the past, many of these appliances had specially designed hardware that would accelerate particular functions, for example, deep packet inspection. Today, however, we are seeing multiple, multicore CPU systems taking on many of the jobs done in the past by dedicated hardware. In addition, new-generation systems take a hypervisor approach to communicate directly with underlying hardware. Still, there is nothing like actual numbers to put performance concerns to rest.