Are you getting the most out of Azure? Learn 6 ways to get more from your Azure platform.
Join one of our top Infrastructure and Cloud consultants, Mike Balatzis to learn how to get more from your Azure platform. Mike is an information technology consultant with 18 years’ experience in Microsoft enterprise solutions, including Windows server and desktop operating systems, Exchange, and System Center Configuration Manager. In addition, Mike is an MSCE for the Private Cloud as well as a VTSP for Azure.
This webinar will cover the following important topics
•Microsoft Azure Infrastructure and Networking
•Securing Resources
•Application Storage & Data Access Strategy
•Applications in Azure
•Websites in Microsoft Azure
•Design a Management, Monitoring, and Business Continuity Strategy
2. Quick Facts
About Us
• 25th Year
• Grand Rapids &
Detroit
• 40 Staff
Approach
• Vendor
Independent
• Non-reseller
• Professional
Services Only
Partnerships
• Microsoft Gold
• Nintex
• Amazon Web
Services
• nopCommerce
• NHLS
11/24/2015 2
C D H
4. Expertise
• Microsoft SharePoint
• Development
• User Interface & User
Experience
• Business Intelligence
• Project Management
• IT and Project
Planning
• Enterprise Project
Management
• Project Management
Office
• Microsoft System
Center
• Virtualization
• Cloud Computing
• Security
Infrastructure
• Policy Development
Infrastructure
• Mobile Device
Management
• Application
Development
Mobility
• Microsoft Lync
• Microsoft Exchange
• Enterprise Voice
• Communication
Enabled Business
Process
Unified
CommunicationsCollaboration
Project
Management
11/24/2015 4
C D H
5. Collaboration & Feedback
We’ll ask for your feedback
immediately following this event.
We love questions and we love
seeing you! If you have a camera,
turn it on.
Collateral is uploaded to the meeting.
Click Ctrl+F or the paperclip in the upper right.
11/24/2015 5
C D H
6. Get Social with C/D/H
cdh.com/c-d-h-talks-tech
@cdhtweetstech
/company/cdh
/cdhtech
11/24/2015 6
C D H
7. >90,000
New Azure customer
subscriptions/month
1.5Trillion
Messages per month
processed by Azure IoT
>500Million
Users in
Azure Active Directory
777Trillion
Storage Transactions
per day
>1.5Million
SQL Databases
running on Azure
>40%
Revenue from
Start-ups and ISVs
Azure momentum
10. Azure Site Recovery: Protect VMWare and Physical Servers
in Public Preview
Azure Backup Generally Available
Azure API Management Premium simplifies high availability and
massive scale for APIs
ExpressRoute for Office 365
Azure Active Directory Dynamic Membership For Groups
Automatic Password Change for Social Media Shared Accounts
Compute-Intensive A10 and A11 Virtual Machine Instances
Remote Desktop app for Windows Phone support for Gateway
and Remote Resources
Informatica Cloud Agent availability in Linux and Windows Virtual
Machines
Azure DocumentDB Hadoop Connector
Azure HDInsight support for more VM sizes
Enterprise-Grade Array-Based Replication and Disaster Recovery
11.
12. • Region can be comprised of multiple datacenters
• Datacenters are divided into “clusters”
– Each rack provides a unit of fault isolation
Datacenter Architecture
Cluster 5Cluster 4Cluster 3Cluster 2Cluster 1
TOR
Agg
PDU
Agg Agg Agg Agg Agg
Datacenter
Routers
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
TOR
PDU
……… … ……
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Servers
Agg Agg Agg
Aggregation Routers and
Load Balancers
Cluster Network
Aggregation
Top of Rack
Switches
Racks
Power Distribution
Units
13. • CPU, memory, disk & networking resources are committed when allocating the service.
Inside a Physical Server
Physical
Server
Host Partition
Trust boundary
PDU
TOR Switch
…
Unallocated
CPUs
VMVMVM
PaaS VM Role
Instance
PaaS VM Role
Instance
IaaS VM Role
CPU CPUCPU CPUCPU CPU CPU CPU
14.
15. IP Reservation
Reserve public IP addresses from
Azure’s pool
You have control over the IP
addresses till you release them
Assign IPs to cloud services
Move IP addresses across cloud
services
Before With VIP reservation
Reserved IP
DIP1 DIP2 DIP1 DIP2
To IP
VM1 VM2 VM1 VM2
Cloud
service VIP
Cloud service
Reserved VIP
IP: <port x> DIP1:<port y> OR DIP2:<port y>
LB
LB
16. Multi-site VNet connectivity
Multiple on-premises sites connect to same
virtual network
Sites may be geographically dispersed
Connect up to 10 sites to a virtual network
securely over IPsec
Connect to multiple
on-premises locations
Before With multi-site Vnet Connectivity
VNet1
US West
VNet2
East Asia
Contoso NorthAm HQ
(10.0.0.0/16)
Contoso NorthAm HQ
(10.0.0.0/16)
Contoso East Asia
(10.3.0.0/16)
17. Cross-region VNet connectivity
For HA and DR, customers create virtual networks
in different Azure regions
Scenario: SQL AlwaysOn sync to cross-region
replicas
Connect to multiple
on-premises locations
and to other VNets
Before With multi-site and
cross-region VNet to VNet
VNet1
US West
VNet2
East Asia
Contoso NorthAm HQ
(10.0.0.0/16)
Contoso NorthAm HQ
(10.0.0.0/16)
Contoso East Asia
(10.3.0.0/16)
Virtual networks in different subscriptions can
securely communicate using private IP addresses
Scenarios: Cross-division/dept. workload
communication; B2B transactions in the cloud
20. Microsoft Azure hybrid offerings
Secure point-to-site
connectivity
• Developers
• POC Efforts
• Small scale deployments
• Connect from anywhere
Secure site-to-site
VPN connectivity
• SMB, Enterprises
• Connect to Azure compute
ExpressRoute private
connectivity
• SMB & Enterprises
• Mission critical workloads
• Backup/DR, media, HPC
• Connect to all Azure services
21. Worker Role (PaaS) Virtual Machine (IaaS)
Storage Non-Persistent Storage Persistent Storage
Easily add additional storage
Deployment Stock VHDs Build VHD directly in the cloud or build the VHD offsite
and upload
Networking Internal and Input Endpoints configured
through service model.
Internal Endpoints are open by default.
Access control with firewall on guest OS. Input
endpoints controlled through portal, service model or
API/Script.
Primary Use Stateless scale-out applications Applications that require persistent storage to easily
run in Windows Azure.
Virtual Machines: IaaS vs PaaS
23. AD On Premise and Azure
CLOUD
ON PREMISE
Active Directory
Azure Active
Directory
Exchange SharePoint LDAP LOB Apps
Exchange
Online
SharePoint
Online
Graph API Cloud Apps
27. A comprehensive cloud-based consumer directory & IAM service
For enterprises and ISVs building consumer-facing
mobile, web and PC apps
Global service that scales to hundreds of millions
of consumers
Highly available, geo-redundant service
“Bring-you-own-identity” using social ID
or creating local account new set of credentials
User friendly self-service user sign in and sign up
experience
Enterprise-grade information security and data
breach protection
28. Azure AD Domain Services is now in Public Preview – Use Azure AD as a cloud domain controller!
33. WebApp Scale – Best Practices
• Think “workloads” - Does your app fit?
• Focus on scale-out
• Be paranoid about availability – design for failure
• Know the system limits
– SLAs (multiple systems requirements, etc.)
– Handle transient failures: expect them
– Capacity limits: implement retry logic, use framework assistance
– Accommodate excess load by knowing which pieces are more critical
than others
36. Azure Mobile Services
Create mobile applications for iOS, Android and MS
Make your application work offline
Single Sign on
Access to on premises data
Social integration with Twitter, Facebook, Google, et. al.
Insight with mobile analytics
Auto-Scale to millions of devices
38. Private clouds
(Azure Stack, Hyper-V, VMware, OpenStack)
Windows
Server
(Guest)
Windows
Server
(Guest)
Windows
Server
(Guest)
Operations
Manager
Linux
(Guest)
Operations
Management Suite
42. Microsoft Azure Backup
Extending Windows Server and Windows 10 Backup into the Cloud
Reliable offsite data protection
Backups are encrypted before transmission & stored
encrypted in Microsoft Azure.
Backups are off-site, away from your datacenter,
protected by reliable Azure storage
Simple, & integrated solution
Integrates with GUIs of Windows Server Backup,
System Center DPM, and Windows 10
Efficient and flexible backup & recovery
Incremental backup transfers only delta changes to
the cloud
Supports Point-in-Time Recovery of multiple versions
of your data
Configurable data retention policies
Contoso Private Cloud
(On Premises)
Microsoft
Azure
Encrypted data sent to
Microsoft Azure
Windows Servers with the Microsoft Azure Backup
Agent installed and configured
Contoso
Backup
Vault
44. Orchestration
and replication
Microsoft Azure
Site Recovery
Primary
site
Windows
Server
Orchestration
and replication
Microsoft Azure
Site Recovery
Primary
site
Vmware/
Physical
InMage
Scout
New
Microsoft Azure Site Recovery
45. Azure Site Recovery
Components of Azure Site Recovery
•On-Premises Process Server
•On-Premises Mobility Service
•Azure Configuration
•Azure Master Target
•Replication
•Licensing – Is per protected VM
46.
47.
48. Easily manage massive numbers of databases
Gain 25% more Premium performance
Streamline business continuity for your critical applications
Enjoy near-zero maintenance through a self-managed service
Enable security and compliance-related tasks
49. Transforming Customer Business: IoT
50
The Internet of Things starts
with your things
Build on the infrastructure
you already have
Add more devices to
the ones you already own
Get more from the data
that already exists
Stop just running your business. Start making it
thrive. Start realizing the potential of the Internet
of Your Things.
Hinweis der Redaktion
Key Point: Azure continues to grow. More customers are making is a part of their solutions, either through hybrid or pure-cloud.
>85% F500 customers on MS Cloud
>3,400 apps in Azure Marketplace
30 major certifications and attestations — more than any other major public cloud provider
13B authentications supported every week by Azure cloud services
1T messages a month are processed using Event Hub
>60B ingress events per day worldwide in Even Hub
More than 70T storage objects in Azure
More than 9M transactions per second processed by Azure Storage (nearly 3x growth YoY)
1.5M SQL DBs under management in Azure / Customer usage has increased 7x YoY
2.5B logins per week process to Azure SQL DB
External Traffic / web site hits (e.g. customer traffic only)- 83.46 billion hits/month
Total Sites/Apps (customer sites only) – 664k
3.4M Developers registered with Visual Studio Online
Key Point: Azure Footprint continues to grow to support the customer growth.
Notice that we have 3 new regions in India that came online this week. Great for multi-national setups.
Key Point: To support connectivity and performance networking infrastructure continues to grow as well.
Kind of a fun view.
1.4 million miles can go 56x times around the globe
Key Point: Azure is growing! We keep saying it. What does this slide show us:
Fast innovation
Microsoft commitment to improving the platform
The need to stay current for partners.
Let’s dive very quickly into a few of the newest features that we feel have strong impact to the partner business.
How Azure builds out clusters, what a Cluster Contains. How the Racks are contained. Racks for compute/storage. Aggregate routes, PDU power, top of rack switches, highly available. Datacenter’s divided into clusters. Rack provides fault isolation.
All committed, each VM dedicated resources CPU, tied to PDU and Fabric controller. All VM’s infrastructure or PAAS leveraging same VM’s under the covers.
Azure is DCHP based, how can I make a IP reservation on VIP, VM, public address space internal address space what are scale limits. How to use the IP addresses.
True network mesh within VNET Azure. Multiple on premises and MULTIPLE Azure resources. Vnet to Vnet leverage cross site communications.
Ipsec or site to site is Ipsec over VPN does. Express route ability to do networking on their network, MPLS. Allows you to extend your network to Azure. Access the services over private network.
Ipsec gateway gives ability to do point to site and site to site. Express route gives ability for private connectivity cannot have cross region Site to Site with Express route, understand limitations.
PAAS vs IAAS, persistant need to use IAAS. PAAS more Microsoft does the work vm is supported by Microsoft.
Both look the same. Offer the same service, how different. Key differences. On premises LDAP source storing objects for network, standard LDAP queries. Cloud online versions Graph API. Azure AD is not LDAP source, cant do regular queries using LDP. Use a web service to do query. On core difference cant store computer objects, works great for user objects. ODATA is standard for graph api.
Used to sync with AD on premise, Identity bridge DirSync, AAD Sync, FIM synchronization technologies. FIM can do customization. Sync to the cloud to Azure Active directory can tie out to SAAS, federate to
AAD sync at the core, attributes sync to the cloud, watch for changes and synchronize changes to the cloud.
Announced this week at AzureCon – lots more on there about this, but this will help you better secure your cloud environments.
Key Point – New Azure AD feature – B2C – in preview now.
Lights up customer ID/signup/signin scenarios via Azure AD. Devs won’t have to write custom signup engines. Connects with Social ID providers and is customizable to the look and feel of each orgs app/site.
It gives you the ability to take any on-premises application that depends on Windows Server Active Directory and run it in Azure Infrastructure Services without having to worry about running, maintaining or patching Active Directory Domain Controller VMs. This means our customers have a ton of new options and flexibility as they plan and deploy their enterprise IT resources across on-premises and the cloud. And maybe most exciting, it gives cloud forward companies the opportunity to go "cloud only" while still getting all the benefits of Azure AD and Windows Server AD.
Key Point: VMs continue to be a huge workload in Azure today, and we keep adding more options to meet the needs.
1. New DV2 Series
2. Notice the Premium Storage has increased in performance. It can now be paired with the G Series for 80,000 IOPS and up to 32 TB per VM. Wil support high transaction workloads like SharePoint, Exchange, and Dynamics.
2. New N Series – next slide to learn more.
Mention and move to next slide
Why OMS – see next slide (hidden) for more details.
Simple -
Time to Value
Easy to Integrate
Hybrid and Open
Extend System Center
Screen shot of OMS dashboard. Emphasize that this is fully customizable, clicking on tiles will give full detail. Everything can be saved and custom queries can be used.
Call out the Win10 backup options as well.
Bring your own key – emphasize the vault!!
Azure backup is super-easy to deploy and begin using.
It works with just an agent on a Windows Server that sends data to Azure.
All data is secured and encrypted. ONLY THE CUSTOMER HAS THE KEY. W/O the key there is no access to the data.
Retention policies currently extend to 99 years if needed.
Data can be restored to the original server or others (with the key of course) if needed.
By integrating Windows Server Backup with Microsoft Azure Backup, customers can protect their important data off-site, by harnessing Microsoft Azure.
Azure Backup helps you protect important server data off-site with automated backup to Azure.
Reliable offsite data protection
Backups are encrypted before transmission and stored encrypted in Azure. These backups are off-site, safely away from your datacenter, protected by reliable Azure storage, reducing the need to secure and protect on-site backup media.
A simple and integrated solution
Manage cloud backups from the familiar backup tools in Windows Server, Windows Server Essentials, or System Center Data Protection Manager. These tools provide similar experiences configuring, monitoring, and recovering backups whether to local disk or Azure storage. Or you can use the agent software itself. After data is backed up to the cloud, authorized users can easily recover backups to any server.
Efficient and flexible backup and recovery
With incremental backups, only changes to files are transferred to the cloud. This helps ensure efficient use of storage and reduced bandwidth consumption, while enabling point-in-time recovery of multiple versions of the data. Configurable data retention policies, data compression, and data transfer throttling offer added flexibility and help boost efficiency.
Let’s see a bit more about Azure Backup.
ASR is something we’ve talked about in the past. It enables servers to use Azure as their recovery point.
Value from not maintaining a second site. Don’t pay VM Compute charges in Azure until you actually fail over.
Big news is VMWare and Physical servers can also be backed up to Azure.
On-Premises Process Server – This receives replication data from the Mobility Service (in-guest agent) using disk based cache. It is used to compress and encrypt data on-premises before sending it over internet/VPN/Express Route to the Master Target server in Azure, On-Premises Mobility Service – This can be pushed out automatically by the Process Server or performed manually. Essentially it is an IO splitter that takes a write to disk, holds it in memory and sends it across to the Process Server, Azure Configuration Server – This is the brains, it co-ordinates communication between all components both on-premises and in Azure. Each Configuration Server can support up to 100 source virtual machines, Azure Master Target – Receives incoming replication traffic from the on-premises Process Server. Each protected VM is added as a VHD using ‘blob’ storage., Replication – Azure Site Recovery uses streaming ‘a synch’ replication. It’s worth noting that maximum throughput is 80Mbps when using Site to Site VPN or any form of normal internet connection.
•Currently you are unable to perform test failovers. The work round is to create ‘test VM’s’ failover to Azure and then destroy them.
•You are unable to seed data into or out of Azure Site Recovery. Thought needs to be how long it will take to protect virtual machines and failback to on-premises
•Protected VM’s are limited to those supported in Azure
•Protected VM’s can only migrate within their series type e.g. A1 to A4, but they cannot move into D series.
Build SaaS applications that support massive scale
Developers building software-as-a-service (SaaS) applications can use Azure SQL Database to provide flexibility to support both explosive growth and profitable business models. For workloads with unpredictable database resource consumption, the elastic database model gives you the ability to pool resources to use among a group of databases.
Easily manage massive numbers of databases
Elastic database tools simplify building and managing applications that scale across lots of databases, so building applications against a single database or thousands of databases is just as easy using familiar T-SQL and ADO.NET programming models. You can also run centralized query operations like reporting and data extractions spanning many databases, returning a single unified result set.
Gain 25% more Premium performance
, high-throughput applications can take advantage of the latest version which delivers 25% more Premium database power. Additionally, internal tests over 600 million rows of data show up to 100x query performance improvements when applying the in-memory columnstore technology. SQL Database service tiers enable applications to easily scale up or down for predictable performance on each database.
Streamline business continuity for your critical applications
Enjoy more application continuity and protection against catastrophic events with built-in continuity options across service tiers, now with as much as 360x lower disaster recovery objectives. Active geo-replication allows you to create up to 4 readable secondaries in any Azure region and control when and where to failover
Enjoy near-zero maintenance through a self-managed service
Remove virtually all infrastructure maintenance with SQL Database, which provides automatic software patching as part of the service. Meanwhile, built-in system replicas using the quorum writes technique help deliver inherent data protection, database uptime, and system stability, which means fewer hassles for developers and architects. System replicas are automatically moved to new computers, which are provisioned on the fly as old ones fail.
Enable security and compliance-related tasks
Also, SQL Database is verified by key cloud auditors as part of the scope of key Azure compliance certifications and approvals such as HIPAA BAA, ISO/IEC 27001:2005, FedRAMP, and E.U. Model Clauses.
Transform vs. Perform – this is transformational stuff
Microsoft’s view
At Microsoft, we believe that the Internet of Things doesn’t have to be overwhelming. It starts with your things—the things that matter most to your business, the things that make your business thrive
We believe in building on the infrastructure you already have—connect the devices you already own, enhance your existing investments, tap into the data that already exists, and understand the data.
IoT isn’t about replacing technologies and systems, but rather leveraging what you have, adding on to current systems, using existing things in new ways, and innovating and optimizing so that everything works better together to generate greater results
Organizations across nearly every industry can benefit from IoT:
If you’re a retailer, think about how smarter POS terminals can increase cross-selling and up-selling
If you’re in healthcare, think about how connecting patient monitors, tablets, signage, and other equipment can streamline patient care
For MSPs, think about how sensors on the factory floor can “talk” to plant floor monitors to improve production efficiency and reduce down time
If you’re a city leader, IoT is going to help revolutionize city infrastructures around the world in the coming years. Imagine water systems, fire and police stations, medical centers, traffic and power lines – all with sensors embedded, and streaming data to deliver real-time insight on populations and infrastructure