SlideShare ist ein Scribd-Unternehmen logo

Make IT Pro's great again: Microsoft Azure for the SharePoint professional

Als PPTX, PDF herunterladen
BIWUG
BIWUG

SharePoint Saturday Belgium 2018 session by Jussi Roine

Internet
1 von 46
Make IT Pros Great Again: Microsoft Azure for the SharePoint professional Jussi Roine| @jussiroine SharePoint Saturday Belgium 2018 #SPSBE
Platinum Gold Silver SharePint Community Thanks to our sponsors!
I help companies move securely to the cloud. Hey there, I’m Jussi! @JussiRoine
But I love virtual machines! Also, where is my C:Inetpub? Understanding Microsoft Azure Essential services Security Where to go from here? You don’t need to use them all I don’t trust the cloud Survival guide Topics
Understanding Microsoft Azure
Onsight We ❤ SharePoint farms! Load balancing & DNS App Servers and CA Distributed Cache Backend: AD, Databases, MIM Web frontends Workflow Manager Customizations Office Online Server
Microsoft Azure
Cloud service models
An alternative view
Platform Services Infrastructure Services Compute Storage Datacenter Infrastructure Application Platform Web Apps Mobile Apps API Apps Notification Hubs Hybrid Cloud Backup StorSimple Azure Site Recovery Import/Export Networking Data SQL Database DocumentDB Redis Cache Azure Search Storage Tables SQL Data Warehouse Azure AD Health Monitoring Virtual Network Express Route Blob Files DisksVirtual Machines AD Privileged Identity Management Traffic Manager App Gateway Operational Analytics Compute Services Cloud Services Batch RemoteApp Service Fabric Developer Services Visual Studio Application Insights VS Team Services Containers DNS VPN Gateway Load Balancer Domain Services Analytics & IoT HDInsight Machine Learning Stream Analytics Data Factory Event Hubs Data Lake Analytics Service IoT Hub Data Catalog Security & Management Azure Active Directory Multi-Factor Authentication Automation Portal Key Vault Store/ Marketplace VM Image Gallery & VM Depot Azure AD B2C Scheduler Xamarin HockeyApp Power BI Embedded SQL Server Stretch Database Mobile Engagement Functions Intelligence Cognitive Services Bot Framework Cortana Security Center Container Service Queues VM Scale Sets Data Lake Store Dev/Test Lab Integration BizTalk Services Service Bus Logic Apps API Management Media & CDN Content Delivery Network Media Services Media Analytics
Real-world example Migrate existing public-facing website + extranet to PaaS  Schedule: 1 month  Old infrastructure  5 Linux VMs, god knows what distro and services  Websites running Django and ”some” custom PHP and Python  Project team decided that no technology change is needed, just a facelift for UI Some notable challenges:
So, how do I actually get started with Microsoft Azure?  Azure Pass  Free activation, granting you with 130 € for testing over a 30 day period  Requires Microsoft Account  Activate through https://www.microsoftazurepass.com/  Free trial  Free activation, granting you 12 months or 170 € for testing, depending whichever comes first)  Requires a credit card for 0,01 € charge for verification  Activate through https://azure.microsoft.com/en-gb/offers/ms-azr-0044p/  Pay as you go  Normal registration with a credit card  Pay as you go, and set monthly limits  Other options: CSP and EA, special activation codes Get a subscription – it brings Azure AD with it
Required skills for an IT Pro in 2000 Install Windows XP Install Windows 2000 Server Install IIS Install SQL Server 2000 Install & configure Active Directory Install hotfixes and service packs Install other business software
Required skills in 2018  Microsoft Azure: IaaS, PaaS  ARM templates  PowerShell  Docker and Containers and Kubernetes and basically everything  Windows Server  Active Directory and Azure Active Directory  Windows 10 management  System Center and Intune and co-management  Office 365: Exchange Online, SharePoint Online, Skype for Business etc.  Security *.*  Networking  Browsers & Office clients
This is too often the reality ”Let me quickly build your datacenter” Start service Format ☁️
Real-world example: Create a website that scales indefinitely  Schedule: 3 months  Build a website that scales indefinitely  Customer wanted ”five 9’s” of SLA  Pages must load in <1 second, at all times  ”Do what you must to make it so” Great project, great challenges:
Web App (Windows) prod-web Node.js API App (Linux) prod-api API Management apimgmt Git Push Developers CSV Export, FTP UploadMaster data WebJob Parse CSV, upload to staging DB, upload to prod DB Mongo DB Staging prod-stagingdb Mongo DB (Mongo API): Production prod-backenddb OMS prod-mon End users App Insights prod-api App Insights prod-web VSTS Memcached Analytics & monitoring
Essential services
Customers expect a lot Microsoft put it rather bluntly (in a different context, but still relevant) “We’ve been putting this off for 10 years but have to do it over the weekend now” “The cloud? No, it doesn’t work for us as we have SPECIAL needs” “Everything has to remain the same” “There was a new service released in Azure last night..”
But there’s a server somewhere! I know there is!
A traditional approach to employing Azure This is the common, kind-of hybrid architecture model. Office 365 Site-to Site VPN Azure AD Connect ADFS Proxy On-premises
The heart of everything: Azure Active Directory  The core of each Azure subscription  You can have multiple AAD tenants, and you have multiple Azure subscriptions  Users, groups, licenses, permissions, apps, app proxies, domains.. all here!  Managed through Azure Portal  It’s important to understand the difference between AAD, AD and AAD Connect (and AAD DS) Identities, management and security
Core services of Azure IaaS
https://azure.microsoft.com/en-us/pricing/calculator/
Queues Reliable queues at scale for cloud services
Australia South East Australia East
Private, high b/w network connections up to 100Gbps) Predictable performance
Real-world example: Hybrid cloud with ExpressRoute  Schedule: 1 year  ExpressRoute required  Global VNet Peering required  50-100 Azure subscriptions planned  ALL activities for admins and users logged and analyzed  One amazing architect Some interesting challenges:
Load Balancer Application Gateway with WAF Traffic Manager 3rd Party Solutions from Marketplace
Secure site-to-site VPN connectivity • Connect to Azure compute from on-premises or another Azure region Secure point-to-site connectivity • POC Efforts • Small scale deployments • Connect from anywhere ExpressRoute private connectivity • Private connectivity from your on-premises data center to Azure virtual networks and PaaS Services VNet Peering within region • In-region VNet-to-VNet connectivity • Direct VM-to-VM connectivity • Peer VNets for routing and transit
Real-world example: Move 70 virtual machines to the cloud  Schedule: 2 months  ~30 VMs running Windows Server 2003, on VMware  No permissions to Azure subscriptions  10 Mbps uplink, which is saturated A few, tiny challenges:
Security and trust
Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies SQL Encryption & Data Masking Office 365 Dynamics 365 +Monitor Data Loss Protection Data Governance eDiscovery
E3E5
Active Directory Advanced Threat Analytics Firewall, proxy, VLANs etc. Microsoft Identity Manager Data Loss Prevention Threat Intelligence Secure Score Compliance Manager Connect Health Cloud App Security Network Security Group Cloud App Security Identity Protection Privileged Identity Management Azure Active Directory Conditional Access Log Analytics Security Center Azure MFA Azure Information Protection Intune Customer Key Advanced Threat Protection
We will migrate everything to Office 365 and Microsoft Azure.. but not mailboxes as we do not trust Microsoft
Getting rid of static admin roles with Azure AD Privileged Identity Management (PIM)  Instead of granting permanent admin privileges, PIM allows ad-hoc & just-in-time admin roles  Users can request for new privileges for predefined duration  Scans for fixed admin roles and changes them to temporary roles  Admin roles become non-permanent  Duration can be set from 1 hour to 72 hours  Can enforce MFA during role grant  Approval workflows for new privilege requests  Central view & management for all admins roles throughout Azure and Office 365 ”Just-in-time” administration privileges for users on request
Certifications
2 3 4 5 6 Understand Azure Active Directory Features, licenses, limitations and capabilities. Work with ease in both PaaS and IaaS You often might need both. Be vigilant with security, but keep it reasonable Utilize good practices, employ security services and make an effort. Make hybrid possible, but drive towards the cloud Many companies still need on-premises, like it or not. Create proof of concepts and use preview features You need to see and anticipate for the future. Unlearn when needed; stick to legacy when it makes more sense. No need to change your framework every week. But do not stick with Visual Basic 6 and Windows NT just because you know them well. 1 Survival guide
Get the book: http://bit.ly/azurestrategy Reference architectures: http://bit.ly/azurearc Updates: http://bit.ly/azureupdates Some great resources
#SPSBE http://spsbe.be Please rate this session!
SharePoint Saturday Belgium 2018 #SPSBE

Empfohlen

Why you shouldn't probably care about Machine Learning
Why you shouldn't probably care about Machine LearningWhy you shouldn't probably care about Machine Learning
Why you shouldn't probably care about Machine Learning
BIWUG
 
Advanced PowerShell for Office 365
Advanced PowerShell for Office 365Advanced PowerShell for Office 365
Advanced PowerShell for Office 365
BIWUG
 
Deploying in a Cloud First World
Deploying in a Cloud First WorldDeploying in a Cloud First World
Deploying in a Cloud First World
BIWUG
 
Microsoft Flow in Real World Projects: 2 Years later & What's next
Microsoft Flow in Real World Projects: 2 Years later & What's nextMicrosoft Flow in Real World Projects: 2 Years later & What's next
Microsoft Flow in Real World Projects: 2 Years later & What's next
BIWUG
 
Understanding SharePoint Framework Extensions
Understanding SharePoint Framework ExtensionsUnderstanding SharePoint Framework Extensions
Understanding SharePoint Framework Extensions
BIWUG
 
The Future State of Document Management, Taxonomies and Metadata in the Cloud
The Future State of Document Management, Taxonomies and Metadata in the CloudThe Future State of Document Management, Taxonomies and Metadata in the Cloud
The Future State of Document Management, Taxonomies and Metadata in the Cloud
BIWUG
 
Mining SharePoint data with PowerBI
Mining SharePoint data with PowerBIMining SharePoint data with PowerBI
Mining SharePoint data with PowerBI
BIWUG
 
What's new in SharePoint Server 2019
What's new in SharePoint Server 2019What's new in SharePoint Server 2019
What's new in SharePoint Server 2019
BIWUG
 

Empfohlen

Why you shouldn't probably care about Machine Learning
Why you shouldn't probably care about Machine LearningWhy you shouldn't probably care about Machine Learning
Why you shouldn't probably care about Machine Learning
BIWUG
 
Advanced PowerShell for Office 365
Advanced PowerShell for Office 365Advanced PowerShell for Office 365
Advanced PowerShell for Office 365
BIWUG
 
Deploying in a Cloud First World
Deploying in a Cloud First WorldDeploying in a Cloud First World
Deploying in a Cloud First World
BIWUG
 
Microsoft Flow in Real World Projects: 2 Years later & What's next
Microsoft Flow in Real World Projects: 2 Years later & What's nextMicrosoft Flow in Real World Projects: 2 Years later & What's next
Microsoft Flow in Real World Projects: 2 Years later & What's next
BIWUG
 
Understanding SharePoint Framework Extensions
Understanding SharePoint Framework ExtensionsUnderstanding SharePoint Framework Extensions
Understanding SharePoint Framework Extensions
BIWUG
 
The Future State of Document Management, Taxonomies and Metadata in the Cloud
The Future State of Document Management, Taxonomies and Metadata in the CloudThe Future State of Document Management, Taxonomies and Metadata in the Cloud
The Future State of Document Management, Taxonomies and Metadata in the Cloud
BIWUG
 
Mining SharePoint data with PowerBI
Mining SharePoint data with PowerBIMining SharePoint data with PowerBI
Mining SharePoint data with PowerBI
BIWUG
 
What's new in SharePoint Server 2019
What's new in SharePoint Server 2019What's new in SharePoint Server 2019
What's new in SharePoint Server 2019
BIWUG
 
Don't simply deploy, transform! Build your digital workplace in Office 365
Don't simply deploy, transform! Build your digital workplace in Office 365Don't simply deploy, transform! Build your digital workplace in Office 365
Don't simply deploy, transform! Build your digital workplace in Office 365
BIWUG
 
SharePoint wizards - no magic needed, just use Microsoft Flow
SharePoint wizards - no magic needed, just use Microsoft FlowSharePoint wizards - no magic needed, just use Microsoft Flow
SharePoint wizards - no magic needed, just use Microsoft Flow
BIWUG
 
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
NCCOMMS
 
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
NCCOMMS
 
O365Con18 - New Era of Customizing - Olli Jaaskelainen
O365Con18 - New Era of Customizing - Olli JaaskelainenO365Con18 - New Era of Customizing - Olli Jaaskelainen
O365Con18 - New Era of Customizing - Olli Jaaskelainen
NCCOMMS
 
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermottO365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
NCCOMMS
 
Design and Implement Azure Web Apps
Design and Implement Azure Web AppsDesign and Implement Azure Web Apps
Design and Implement Azure Web Apps
Ayush Rathi
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis JugoO365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod GevaO365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
NCCOMMS
 
Workflow Best Practices:Five (or More) "Do"s and "Don't"s
Workflow Best Practices:Five (or More) "Do"s and "Don't"sWorkflow Best Practices:Five (or More) "Do"s and "Don't"s
Workflow Best Practices:Five (or More) "Do"s and "Don't"s
SPC Adriatics
 
SPS Gulf : SharePoint 2013 Cloud Business App
SPS Gulf : SharePoint 2013 Cloud Business AppSPS Gulf : SharePoint 2013 Cloud Business App
SPS Gulf : SharePoint 2013 Cloud Business App
Usama Wahab Khan Cloud, Data and AI
 
O365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
O365Con18 - Modern News Publishing with SharePoint - Maarten EekelsO365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
O365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
NCCOMMS
 
Teams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom ConnectorsTeams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom Connectors
Daniel Laskewitz
 
Path to Microsoft 365 Enterprise Administrator
Path to Microsoft 365 Enterprise AdministratorPath to Microsoft 365 Enterprise Administrator
Path to Microsoft 365 Enterprise Administrator
Suhail Jamaldeen
 
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
NCCOMMS
 
Model Driven PowerApps
Model Driven PowerAppsModel Driven PowerApps
Model Driven PowerApps
BIWUG
 
O365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
O365Con18 - Microsoft Graph, a Walk-through - Adis JugoO365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
O365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
NCCOMMS
 
Power Automate and Graph API - How they work together
Power Automate and Graph API - How they work togetherPower Automate and Graph API - How they work together
Power Automate and Graph API - How they work together
Suhail Jamaldeen
 
What's in SharePoint land 2016 for the end user
What's in SharePoint land 2016 for the end userWhat's in SharePoint land 2016 for the end user
What's in SharePoint land 2016 for the end user
SPC Adriatics
 
Azure functions
Azure functionsAzure functions
Azure functions
The Incredible Automation Day
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
Peter Selch Dahl
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
Vignesh Ganesan I Microsoft MVP
 

Weitere ähnliche Inhalte

Was ist angesagt?

Teams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom ConnectorsTeams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom Connectors
Daniel Laskewitz
 

Was ist angesagt? (20)

Don't simply deploy, transform! Build your digital workplace in Office 365
Don't simply deploy, transform! Build your digital workplace in Office 365Don't simply deploy, transform! Build your digital workplace in Office 365
Don't simply deploy, transform! Build your digital workplace in Office 365
 
SharePoint wizards - no magic needed, just use Microsoft Flow
SharePoint wizards - no magic needed, just use Microsoft FlowSharePoint wizards - no magic needed, just use Microsoft Flow
SharePoint wizards - no magic needed, just use Microsoft Flow
 
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
O365Con18 - Flowverload, Introducion to Flow - Ahmad Najjar
 
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
O365Con18 - Customizing SharePoint and Microsoft Teams with SharePoint Framew...
 
O365Con18 - New Era of Customizing - Olli Jaaskelainen
O365Con18 - New Era of Customizing - Olli JaaskelainenO365Con18 - New Era of Customizing - Olli Jaaskelainen
O365Con18 - New Era of Customizing - Olli Jaaskelainen
 
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermottO365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott
 
Design and Implement Azure Web Apps
Design and Implement Azure Web AppsDesign and Implement Azure Web Apps
Design and Implement Azure Web Apps
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis JugoO365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
 
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod GevaO365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
O365Con18 - Bridge Over O365 Gaps and Enhance User Satisfaction - Nimrod Geva
 
Workflow Best Practices:Five (or More) "Do"s and "Don't"s
Workflow Best Practices:Five (or More) "Do"s and "Don't"sWorkflow Best Practices:Five (or More) "Do"s and "Don't"s
Workflow Best Practices:Five (or More) "Do"s and "Don't"s
 
SPS Gulf : SharePoint 2013 Cloud Business App
SPS Gulf : SharePoint 2013 Cloud Business AppSPS Gulf : SharePoint 2013 Cloud Business App
SPS Gulf : SharePoint 2013 Cloud Business App
 
O365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
O365Con18 - Modern News Publishing with SharePoint - Maarten EekelsO365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
O365Con18 - Modern News Publishing with SharePoint - Maarten Eekels
 
Teams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom ConnectorsTeams Nation - Extend The Power Platform With Custom Connectors
Teams Nation - Extend The Power Platform With Custom Connectors
 
Path to Microsoft 365 Enterprise Administrator
Path to Microsoft 365 Enterprise AdministratorPath to Microsoft 365 Enterprise Administrator
Path to Microsoft 365 Enterprise Administrator
 
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
 
Model Driven PowerApps
Model Driven PowerAppsModel Driven PowerApps
Model Driven PowerApps
 
O365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
O365Con18 - Microsoft Graph, a Walk-through - Adis JugoO365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
O365Con18 - Microsoft Graph, a Walk-through - Adis Jugo
 
Power Automate and Graph API - How they work together
Power Automate and Graph API - How they work togetherPower Automate and Graph API - How they work together
Power Automate and Graph API - How they work together
 
What's in SharePoint land 2016 for the end user
What's in SharePoint land 2016 for the end userWhat's in SharePoint land 2016 for the end user
What's in SharePoint land 2016 for the end user
 
Azure functions
Azure functionsAzure functions
Azure functions
 

Ähnlich wie Make IT Pro's great again: Microsoft Azure for the SharePoint professional

Azure Overview Csco
Azure Overview CscoAzure Overview Csco
Azure Overview Csco
rajramab
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
Nojan Emad
 
RightScale Webinar: Get Your App To Azure
RightScale Webinar: Get Your App To AzureRightScale Webinar: Get Your App To Azure
RightScale Webinar: Get Your App To Azure
RightScale
 

Ähnlich wie Make IT Pro's great again: Microsoft Azure for the SharePoint professional (20)

Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
 
Análisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la informaciónAnálisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la información
 
An Overview of Windows Azure
An Overview of Windows AzureAn Overview of Windows Azure
An Overview of Windows Azure
 
15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event
 
Azure from Rookie to DevStart
Azure from Rookie to DevStartAzure from Rookie to DevStart
Azure from Rookie to DevStart
 
Katpro Technologies- Azure Portfolio
Katpro Technologies- Azure PortfolioKatpro Technologies- Azure Portfolio
Katpro Technologies- Azure Portfolio
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdfData & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
Data & Analytics ReInvent Recap [AWS Basel Meetup - Jan 2023].pdf
 
Azure Overview Csco
Azure Overview CscoAzure Overview Csco
Azure Overview Csco
 
GAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on LabGAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on Lab
 
Microsoft Azure webcast - MSP Egypt
Microsoft Azure webcast - MSP EgyptMicrosoft Azure webcast - MSP Egypt
Microsoft Azure webcast - MSP Egypt
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptx
 
Agile IT: Filling in the Gaps in the Azure vs. AWS debate
Agile IT: Filling in the Gaps in the Azure vs. AWS debateAgile IT: Filling in the Gaps in the Azure vs. AWS debate
Agile IT: Filling in the Gaps in the Azure vs. AWS debate
 
RightScale Webinar: Get Your App To Azure
RightScale Webinar: Get Your App To AzureRightScale Webinar: Get Your App To Azure
RightScale Webinar: Get Your App To Azure
 
Microsoft Azure For Solutions Architects
Microsoft Azure For Solutions ArchitectsMicrosoft Azure For Solutions Architects
Microsoft Azure For Solutions Architects
 
[4] dt mark deakin
[4] dt mark deakin[4] dt mark deakin
[4] dt mark deakin
 
2014.10.22 Building Azure Solutions with Office 365
2014.10.22 Building Azure Solutions with Office 3652014.10.22 Building Azure Solutions with Office 365
2014.10.22 Building Azure Solutions with Office 365
 

Mehr von BIWUG

Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
BIWUG
 
The business and end user guide into the new and modern SharePoint
The business and end user guide into the new and modern SharePointThe business and end user guide into the new and modern SharePoint
The business and end user guide into the new and modern SharePoint
BIWUG
 
Extend your development skills set using MS Graph
Extend your development skills set using MS GraphExtend your development skills set using MS Graph
Extend your development skills set using MS Graph
BIWUG
 
Introduction to Microsoft Flow and Azure Functions
Introduction to Microsoft Flow and Azure FunctionsIntroduction to Microsoft Flow and Azure Functions
Introduction to Microsoft Flow and Azure Functions
BIWUG
 
Best practices for managing and operating your SharePoint farms
Best practices for managing and operating your SharePoint farmsBest practices for managing and operating your SharePoint farms
Best practices for managing and operating your SharePoint farms
BIWUG
 
Rethinking Document Management in Office 365
Rethinking Document Management in Office 365Rethinking Document Management in Office 365
Rethinking Document Management in Office 365
BIWUG
 
Upgrading from Full Trust Code to Add-In Model and SharePoint Framework
Upgrading from Full Trust Code to Add-In Model and SharePoint FrameworkUpgrading from Full Trust Code to Add-In Model and SharePoint Framework
Upgrading from Full Trust Code to Add-In Model and SharePoint Framework
BIWUG
 

Mehr von BIWUG (19)

Biwug20190425
Biwug20190425Biwug20190425
Biwug20190425
 
Working with PowerShell, Visual Studio Code and Github for the reluctant IT Pro
Working with PowerShell, Visual Studio Code and Github for the reluctant IT ProWorking with PowerShell, Visual Studio Code and Github for the reluctant IT Pro
Working with PowerShell, Visual Studio Code and Github for the reluctant IT Pro
 
Global Office 365 Developer Bootcamp
Global Office 365 Developer BootcampGlobal Office 365 Developer Bootcamp
Global Office 365 Developer Bootcamp
 
Deep dive into advanced teams development
Deep dive into advanced teams developmentDeep dive into advanced teams development
Deep dive into advanced teams development
 
Modern collaboration in teams and projects with Microsoft 365
Modern collaboration in teams and projects with Microsoft 365Modern collaboration in teams and projects with Microsoft 365
Modern collaboration in teams and projects with Microsoft 365
 
Connect SharePoint Framework solutions to APIs secured with Azure AD
Connect SharePoint Framework solutions to APIs secured with Azure ADConnect SharePoint Framework solutions to APIs secured with Azure AD
Connect SharePoint Framework solutions to APIs secured with Azure AD
 
Cloud First. Be Prepared
Cloud First. Be PreparedCloud First. Be Prepared
Cloud First. Be Prepared
 
APIs, APIs Everywhere!
APIs, APIs Everywhere!APIs, APIs Everywhere!
APIs, APIs Everywhere!
 
New era of customizing site provisioning
New era of customizing site provisioningNew era of customizing site provisioning
New era of customizing site provisioning
 
Microsoft Stream - Your enterprise video portal unleashed
Microsoft Stream - Your enterprise video portal unleashedMicrosoft Stream - Your enterprise video portal unleashed
Microsoft Stream - Your enterprise video portal unleashed
 
Transforming your classic team sites in group connected team sites
Transforming your classic team sites in group connected team sitesTransforming your classic team sites in group connected team sites
Transforming your classic team sites in group connected team sites
 
Teams - There's no place like home
Teams - There's no place like homeTeams - There's no place like home
Teams - There's no place like home
 
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
 
The business and end user guide into the new and modern SharePoint
The business and end user guide into the new and modern SharePointThe business and end user guide into the new and modern SharePoint
The business and end user guide into the new and modern SharePoint
 
Extend your development skills set using MS Graph
Extend your development skills set using MS GraphExtend your development skills set using MS Graph
Extend your development skills set using MS Graph
 
Introduction to Microsoft Flow and Azure Functions
Introduction to Microsoft Flow and Azure FunctionsIntroduction to Microsoft Flow and Azure Functions
Introduction to Microsoft Flow and Azure Functions
 
Best practices for managing and operating your SharePoint farms
Best practices for managing and operating your SharePoint farmsBest practices for managing and operating your SharePoint farms
Best practices for managing and operating your SharePoint farms
 
Rethinking Document Management in Office 365
Rethinking Document Management in Office 365Rethinking Document Management in Office 365
Rethinking Document Management in Office 365
 
Upgrading from Full Trust Code to Add-In Model and SharePoint Framework
Upgrading from Full Trust Code to Add-In Model and SharePoint FrameworkUpgrading from Full Trust Code to Add-In Model and SharePoint Framework
Upgrading from Full Trust Code to Add-In Model and SharePoint Framework
 

Kürzlich hochgeladen

Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
@Chandigarh #call #Girls 9053900678 @Call #Girls in @Punjab 9053900678
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
ellan12
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Neha Pandey
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
soniya singh
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
sexy call girls service in goa
 

Kürzlich hochgeladen (20)

GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 

Make IT Pro's great again: Microsoft Azure for the SharePoint professional

  • 1. Make IT Pros Great Again: Microsoft Azure for the SharePoint professional Jussi Roine| @jussiroine SharePoint Saturday Belgium 2018 #SPSBE
  • 3. I help companies move securely to the cloud. Hey there, I’m Jussi! @JussiRoine
  • 4. But I love virtual machines! Also, where is my C:Inetpub? Understanding Microsoft Azure Essential services Security Where to go from here? You don’t need to use them all I don’t trust the cloud Survival guide Topics
  • 6. Onsight We ❤ SharePoint farms! Load balancing & DNS App Servers and CA Distributed Cache Backend: AD, Databases, MIM Web frontends Workflow Manager Customizations Office Online Server
  • 10. Platform Services Infrastructure Services Compute Storage Datacenter Infrastructure Application Platform Web Apps Mobile Apps API Apps Notification Hubs Hybrid Cloud Backup StorSimple Azure Site Recovery Import/Export Networking Data SQL Database DocumentDB Redis Cache Azure Search Storage Tables SQL Data Warehouse Azure AD Health Monitoring Virtual Network Express Route Blob Files DisksVirtual Machines AD Privileged Identity Management Traffic Manager App Gateway Operational Analytics Compute Services Cloud Services Batch RemoteApp Service Fabric Developer Services Visual Studio Application Insights VS Team Services Containers DNS VPN Gateway Load Balancer Domain Services Analytics & IoT HDInsight Machine Learning Stream Analytics Data Factory Event Hubs Data Lake Analytics Service IoT Hub Data Catalog Security & Management Azure Active Directory Multi-Factor Authentication Automation Portal Key Vault Store/ Marketplace VM Image Gallery & VM Depot Azure AD B2C Scheduler Xamarin HockeyApp Power BI Embedded SQL Server Stretch Database Mobile Engagement Functions Intelligence Cognitive Services Bot Framework Cortana Security Center Container Service Queues VM Scale Sets Data Lake Store Dev/Test Lab Integration BizTalk Services Service Bus Logic Apps API Management Media & CDN Content Delivery Network Media Services Media Analytics
  • 11. Real-world example Migrate existing public-facing website + extranet to PaaS  Schedule: 1 month  Old infrastructure  5 Linux VMs, god knows what distro and services  Websites running Django and ”some” custom PHP and Python  Project team decided that no technology change is needed, just a facelift for UI Some notable challenges:
  • 12. So, how do I actually get started with Microsoft Azure?  Azure Pass  Free activation, granting you with 130 € for testing over a 30 day period  Requires Microsoft Account  Activate through https://www.microsoftazurepass.com/  Free trial  Free activation, granting you 12 months or 170 € for testing, depending whichever comes first)  Requires a credit card for 0,01 € charge for verification  Activate through https://azure.microsoft.com/en-gb/offers/ms-azr-0044p/  Pay as you go  Normal registration with a credit card  Pay as you go, and set monthly limits  Other options: CSP and EA, special activation codes Get a subscription – it brings Azure AD with it
  • 13. Required skills for an IT Pro in 2000 Install Windows XP Install Windows 2000 Server Install IIS Install SQL Server 2000 Install & configure Active Directory Install hotfixes and service packs Install other business software
  • 14. Required skills in 2018  Microsoft Azure: IaaS, PaaS  ARM templates  PowerShell  Docker and Containers and Kubernetes and basically everything  Windows Server  Active Directory and Azure Active Directory  Windows 10 management  System Center and Intune and co-management  Office 365: Exchange Online, SharePoint Online, Skype for Business etc.  Security *.*  Networking  Browsers & Office clients
  • 15. This is too often the reality ”Let me quickly build your datacenter” Start service Format ☁️
  • 16. Real-world example: Create a website that scales indefinitely  Schedule: 3 months  Build a website that scales indefinitely  Customer wanted ”five 9’s” of SLA  Pages must load in <1 second, at all times  ”Do what you must to make it so” Great project, great challenges:
  • 17. Web App (Windows) prod-web Node.js API App (Linux) prod-api API Management apimgmt Git Push Developers CSV Export, FTP UploadMaster data WebJob Parse CSV, upload to staging DB, upload to prod DB Mongo DB Staging prod-stagingdb Mongo DB (Mongo API): Production prod-backenddb OMS prod-mon End users App Insights prod-api App Insights prod-web VSTS Memcached Analytics & monitoring
  • 19. Customers expect a lot Microsoft put it rather bluntly (in a different context, but still relevant) “We’ve been putting this off for 10 years but have to do it over the weekend now” “The cloud? No, it doesn’t work for us as we have SPECIAL needs” “Everything has to remain the same” “There was a new service released in Azure last night..”
  • 20. But there’s a server somewhere! I know there is!
  • 21. A traditional approach to employing Azure This is the common, kind-of hybrid architecture model. Office 365 Site-to Site VPN Azure AD Connect ADFS Proxy On-premises
  • 22. The heart of everything: Azure Active Directory  The core of each Azure subscription  You can have multiple AAD tenants, and you have multiple Azure subscriptions  Users, groups, licenses, permissions, apps, app proxies, domains.. all here!  Managed through Azure Portal  It’s important to understand the difference between AAD, AD and AAD Connect (and AAD DS) Identities, management and security
  • 23. Core services of Azure IaaS
  • 25.
  • 26. Queues Reliable queues at scale for cloud services
  • 28.
  • 29. Private, high b/w network connections up to 100Gbps) Predictable performance
  • 30. Real-world example: Hybrid cloud with ExpressRoute  Schedule: 1 year  ExpressRoute required  Global VNet Peering required  50-100 Azure subscriptions planned  ALL activities for admins and users logged and analyzed  One amazing architect Some interesting challenges:
  • 31. Load Balancer Application Gateway with WAF Traffic Manager 3rd Party Solutions from Marketplace
  • 32. Secure site-to-site VPN connectivity • Connect to Azure compute from on-premises or another Azure region Secure point-to-site connectivity • POC Efforts • Small scale deployments • Connect from anywhere ExpressRoute private connectivity • Private connectivity from your on-premises data center to Azure virtual networks and PaaS Services VNet Peering within region • In-region VNet-to-VNet connectivity • Direct VM-to-VM connectivity • Peer VNets for routing and transit
  • 33. Real-world example: Move 70 virtual machines to the cloud  Schedule: 2 months  ~30 VMs running Windows Server 2003, on VMware  No permissions to Azure subscriptions  10 Mbps uplink, which is saturated A few, tiny challenges:
  • 35. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies SQL Encryption & Data Masking Office 365 Dynamics 365 +Monitor Data Loss Protection Data Governance eDiscovery
  • 36. E3E5
  • 37. Active Directory Advanced Threat Analytics Firewall, proxy, VLANs etc. Microsoft Identity Manager Data Loss Prevention Threat Intelligence Secure Score Compliance Manager Connect Health Cloud App Security Network Security Group Cloud App Security Identity Protection Privileged Identity Management Azure Active Directory Conditional Access Log Analytics Security Center Azure MFA Azure Information Protection Intune Customer Key Advanced Threat Protection
  • 38. We will migrate everything to Office 365 and Microsoft Azure.. but not mailboxes as we do not trust Microsoft
  • 39.
  • 40. Getting rid of static admin roles with Azure AD Privileged Identity Management (PIM)  Instead of granting permanent admin privileges, PIM allows ad-hoc & just-in-time admin roles  Users can request for new privileges for predefined duration  Scans for fixed admin roles and changes them to temporary roles  Admin roles become non-permanent  Duration can be set from 1 hour to 72 hours  Can enforce MFA during role grant  Approval workflows for new privilege requests  Central view & management for all admins roles throughout Azure and Office 365 ”Just-in-time” administration privileges for users on request
  • 41.
  • 43. 2 3 4 5 6 Understand Azure Active Directory Features, licenses, limitations and capabilities. Work with ease in both PaaS and IaaS You often might need both. Be vigilant with security, but keep it reasonable Utilize good practices, employ security services and make an effort. Make hybrid possible, but drive towards the cloud Many companies still need on-premises, like it or not. Create proof of concepts and use preview features You need to see and anticipate for the future. Unlearn when needed; stick to legacy when it makes more sense. No need to change your framework every week. But do not stick with Visual Basic 6 and Windows NT just because you know them well. 1 Survival guide
  • 44. Get the book: http://bit.ly/azurestrategy Reference architectures: http://bit.ly/azurearc Updates: http://bit.ly/azureupdates Some great resources

Hinweis der Redaktion

  1. Azure also provides infrastructure services which allow for more hands on configuration and management similar the servers you have today. However, they’re hosted in Microsoft datacenters letting you use Azure as if you were operating your own datacenter in the Cloud. For example, you can provision VMs, give them private IP addresses, and connect to them using a VPN from your on-premises environment. Most importantly, this lets Windows Azure mimic your on-premises datacenter and run your current apps with little or no change without the expense of having to own servers of racks, cooling and building costs. Furthermore, you can connect the “datacenter” you build in the Cloud to your on-premises datacenter so the datacenter in the Cloud becomes an extension to your on-premises infrastructure. These “building blocks” lets Azure to be used as an Infrastructure-a- a-service. So, you see Azure offers IaaS +PaaS in one platform. IaaS provides flexibility, PaaS eliminates complexity. Use PaaS where you can, use IaaS where you need. With Azure, you can use both together or independently, and build apps of the future. That uniquely differentiates us.  When to use? For whom? 2. IaaS is for current investments, and future-proofing, current market dynamics, why we did IaaS (Lock in) Saving tons of money Forced to Higher Agility Here is your transition your work (Business Enabler, changes), optimize services, value to the business is much greater (IT Pro) Infrastructure as a Service: Control, flexibility, familiarity Existing apps Starting point; On-ramp to public cloud 4. Platform as a Service More benefits (cost, scale, speed) Differentiation New app development Cloud-native apps
  2. Why this Slide: It shows we have a very broad platform. It about BOTH IaaS and PaaS, that these work together. It shows that we continue to lead in world class IT capabilities and that there’s really nothing missing. Key Points: We have already seen how the Azure Platform is IaaS + Pass – but I want you to understand that this is a huge number of capabilities – IT building blocks if you will. Every one of these blocks you provision anytime, self-service anywhere in the world 24x7. You pay for what you use, you can get more or less anytime and you can fully automate everything… DON’T spent too much time on this slide – you are going to DEMO (aren’t you!!!)… DON’T go through each block… Transition to NEXT Slide: Make the build go backwards to show JUST IaaS and then you will go to the demo to show it.
  3. Joonas
  4. Joonas
  5. Joonas
  6. Joonas
  7. Joonas
  8. Taking a deeper look at some of the key services that constitute Azure IaaS. We will go into a little bit more detail into each of these services The four core technologies are Compute, Network, Storage and Management Compute: Virtual Machines is no different from the Virtual Machines you run on premise We will go into the concept of Availability sets that provides you better availability on the platform. Create available solutions. 99.95% - VM Scale sets, for autoscaling. VM extensions – custom run scripts Network: Virtual network similar to on-prem allow VMs to connect on a private network in the cloud. It provides an isolated and secure environment for your applications. We have different types of connectivity – IPSec VPN or ExpressRoute (private network on a telecom provider, highest level of security) Bring your own network to Azure, most of the networking technologies you are familiar with are available on Azure There are different ways to connect to Azure such as VPN, ExpressRoute that we will talk about We will also talk about features like Load balancing, DNS What does Traffic manager do – distribute traffic Storage: Azure Storage offers different sets of storage services for various business needs. Some of them being disks connecting to a VM or Blob storage for unstructured data VMs connect to Disks – there are different options Standard or Premium disks based on whether you want higher throughput and lower latency We have object storage for your storage needs. We recently launched also Cool storage if you don’t need frequent access   Management Management across the these various foundational services. Some of the services including portal, AD, MFA, Keyvault, marketplace. Security AD for identity management ARM management, powerful - templatized
  9. Compute Options VM with resources per workload Series of compute to solve different problems Series designed for problem solving Entry Level: A – dev/test, try it out: Ideal for testing and development, Burstable: B – workloads are unpredictable workloads (burstable), credits based General Purpose: D – GP and mix of CPU vs Storage, DB, webservers. Balanced CPU-to-memory ratio. small to medium databases, and low to medium traffic web servers. Compute Optimised: F-ratios are optimised: More CPU than memory. High CPU-to-memory ratio. Good for medium traffic web servers, network appliances, batch processes, and application servers. Memory Optimised: High memory-to-CPU ratio. Great for relational database servers, medium to large caches, and in-memory analytics. G – memory optimised, more memory up to 32 Proc Storage optimised: L – storage: local SSD and local IO, persistent SSD Graphics Intensive: N- Graphics processing Nvidia HPC: H- HPC, Genomes, lots of compute power Hana – SAP workloads for appliances
  10. Availability Single VM – backed by premium: 99.9% SLA Availability Sets – intra data center availability, 2 or more VMs are distributed across multiple racks in a DC. 99.95% Availabiltiy Zone – physical replication in each DC. 99.99% Region Pairing – multi region, eg: patch to one region, one region brought up in a pair during recovery. Self build. Not  
  11. Data stored in a storage service For apps: Tables and Queues. Table – large amounts of data more for developers For infra: Blobs, Files, disks Blobs – VM. Blob storage supports both standard and premium storage, with premium storage using only SSDs for the fastest performance possible. Disks – managed disk with access control, premium SSD or standard. VHDs in containers like folders Files – file share as a service. Azure File Sync – local to Auze file share. Azure file sync. Tables - schemaless key/value store Queues - Azure Queue service is used to store and retrieve messages
  12. Virtual network Azure virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure. Azure Virtual Network provides an isolated and secure environment to run your virtual machines and applications. You can use your private IP addresses and define subnets, access control policies, and more. With Virtual Networks, you can treat Azure just as you would your own datacenter. Traffic between Azure resources, whether in a single region, or in multiple regions, stays in the Azure network. Intra-Azure traffic does not flow over the Internet. For example, within Azure, traffic for VM-to-VM, storage, and SQL communication traverses only the Azure network, regardless of the source and destination Azure region With Virtual Network, you can easily extend your on-premises IT environment into the cloud, much the way that you can set up and connect to a remote branch office. You have multiple options to securely connect to a Virtual Network—you can choose an IPSec VPN or a private connection using the Azure ExpressRoute service. Within a virtual network, you can choose to run a variety of network virtual appliances—WAN optimizers, load balancers, and application firewalls—and define traffic flows, allowing you to design the network with a greater degree of control. Azure VPN Gateway connects your on-premises networks to Azure through site-to-site VPNs, much the way you’d set up and connect to a remote branch office. The connectivity is secure, using industry standard protocols: Internet Protocol Security (IPsec) and Internet Key Exchange (IKE). Point-to-site VPN lets you connect to your virtual machines on Azure virtual networks from anywhere, whether you are on the road or working from your favorite café, managing your deployment, or doing a demo for your customers. With Azure DNS, you can host your DNS domains in Azure. Manage your DNS records using the same credentials and billing and support contract as your other Azure services. Seamlessly integrate Azure-based services with corresponding DNS updates, streamlining the end-to-end deployment process. Azure ExpressRoute lets you create private connections between Azure datacenters and infrastructure on your premises or in a colocation environment. ExpressRoute connections don't go over the public Internet. They offer more reliability, faster speeds, and lower latencies, and higher security than typical Internet connections. It is your private network isolated from other virtual networks in the Azure cloud infrastructure. You can launch VMs, select its IP range, create subnets, network setting and security groups Subnet is a range of addresses assigned to your Virtual network Connectivity: You can connect your virtual network to your own corporate data center using an IPSec hardware VPN connection. It is a secure bridge between your existing IT infra and Azure cloud using an encrypted VPN connection All communications for VMs running within your virtual network and outside is routed through the VPN connection With user defined routes and VPN gateways– you can route all traffic to and from the internet and VPN gateway Network ACLs (Access control list) – allow and deny rules, full control of traffic You can reserved IP addresses Load balancing for higher availability
  13. We let you privately connect with our datacenters using the ExpressRoute service. Up to 10Gbps b/w and less than 5ms latency connections.  24 ExpressRoute locations worldwide, and a massive partner ecosystem supporting us This lets you put Azure datacenters on your own private networks 
  14. Joonas
  15. LB – Layer 4: TCP/UDP, diagnostics, GP, health Web Application Firewall – stateful LB (round robin), or user goes back to same server for state, block attacks if VMs behind ATM – DNS distribution system, multiple endpoints to distribute DNS resolution to endpoints, closest endpoint by number of hops Third party solutions for LB and FW (eg: F5)
  16. Joonas
  17. STATIC SLIDE VERSION (No Animations) The Microsoft Cybersecurity Reference Architecture (https://aka.ms/MCRA) describes Microsoft’s cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help you better utilize it.     How to use it We have seen this document used for several purposes by our customers and internal teams (beyond a geeky wall decoration to shock and impress your cubicle neighbors :-) Starting template for a security architecture - The most common use case we see is that organizations use the document to help define a target state for cybersecurity capabilities. Organizations find this architecture useful because it covers capabilities across the modern enterprise estate that now spans on-premise, mobile devices, many clouds, and IoT / Operational Technology. Comparison reference for security capabilities - We know of several organizations that have marked up a printed copy with what capabilities they already own from various Microsoft license suites (many customers don't know they own quite a bit of this technology), which ones they already have in place (from Microsoft or partner/3rd party), and which ones are new and could fill a need. Learn about Microsoft capabilities - In presentation mode, each capability has a "ScreenTip" with a short description of each capability + a link to documentation on that capability to learn more. Learn about Microsoft's integration investments - The architecture includes visuals of key integration points with partner capabilities (e.g. SIEM/Log integration, Security Appliances in Azure, DLP integration, and more) and within our own product capabilities among (e.g. Advanced Threat Protection, Conditional Access, and more). Learn about Cybersecurity - We have also heard reports of folks new to cybersecurity using this as a learning tool as they prepare for their first career or a career change. As you can see, Microsoft has been investing heavily in security for many years to secure our products and services as well as provide the capabilities our customers need to secure their assets. In many ways, this diagram reflects Microsoft massive ongoing investment into cyber security research and development, currently over $1 billion annually (not including acquisitions).   What has changed and why We made quite a few changes in v2 and wanted to share a few highlights on what's changed as well as the underlying philosophy of how this document was built. New visual style - The most obvious change for those familiar with the first version is the simplified visual style. While some may miss the "visual assault on the senses" effect from the bold colors in v1, we think this format works better for most people. Interactivity instructions - Many people did not notice that each capability on the architecture has a quick description and link to more information, so we added instructions to call that out (and updated the descriptions themselves). Complementary Content - Microsoft has invested in creating cybersecurity reference strategies (success criteria, recommended approaches, how our technology maps to them) as well as prescriptive guidance for addressing top customer challenges like Petya/WannaCrypt, Securing Privileged Access, and Securing Office 365. This content is now easier to find with links at the top of the document. Added Section headers for each grouping of technology areas to make it easier to navigate, understand, and discuss as a focus area. Added Foundational Elements - We added descriptions of some core foundational capabilities that are deeply integrated into how we secure our cloud services and build our cybersecurity capabilities that have been added to the bottom. These include Trust Center - This is where describe how we secure our cloud and includes links to various compliance documents such as 3rd party auditor reports. Compliance Manager is a powerful (new) capability to help you report on your compliance status for Azure, Office 365, and Dynamics 365 for General Data Protection Regulation (GDPR), NIST 800-53 and 800-171, ISO 27001 and 27018, and others. Intelligent Security Graph is Microsoft threat intelligence system that we use to protect our cloud, our IT environment, and our customers. The graph is composed of trillions of signals, advanced analytics, and teams of experts hunting for malicious activities and is integrated into our threat detection and response capabilities. Security Development Lifecycle (SDL) is foundational to how we develop software at Microsoft and has been published to help you secure your applications. Because of our early and deep commitment to secure development, we were able to quickly conform to ISO 27034 after it was released. Moved Devices/Clients together - As device form factors and operating systems continue to expand and evolve, we are seeing security organizations view devices through the lens of trustworthiness/integrity vs. any other attribute. We also re-organized the Windows 10 and Windows Defender ATP capabilities around outcomes vs. feature names for clarity. We also reorganized windows security icons and text to reflect that Windows Defender ATP describes all the platform capabilities working together to prevent, detect, and (automatically) respond and recover to attacks. We also added icons to show the cross-platform support for Endpoint Detection and Response (EDR) capabilities that now extend across Windows 10, Windows 7/8.1, Windows Server, Mac OS, Linux, iOS, and Android platforms. We also faded the intranet border around these devices because of the ongoing success of phishing, watering hole, and other techniques that have weakened the network boundary. Updated SOC section - We moved several capabilities from their previous locations around the architecture into the Security Operations Center (SOC) as this is where they are primarily used. This move enabled us to show a clearer vision of a modern SOC that can monitor and protect the hybrid of everything estate. We also added the Graph Security API (in public preview) as this API is designed to help you integrate existing SOC components and Microsoft capabilities. Simplified server/datacenter view - We simplified the datacenter section to recover the space being taken up by duplicate server icons. We retained the visual of extranets and intranets spanning on-premises datacenters and multiple cloud provider(s). Organizations see Infrastructure as a Service (IaaS) cloud providers as another datacenter for the intranet generation of applications, though they find Azure is much easier to manage and secure than physical datacenters. We also added Azure Stack capability that allows customers to securely operate Azure services in their datacenter. New IoT/OT section - IoT is on the rise on many enterprises due to digital transformation initiatives. While the attacks and defenses for this area are still evolving quickly, Microsoft continues to invest deeply to provide security for existing and new deployments of Internet of Things (IoT) and Operational Technology (OT). Microsoft has announced $5 billion of investment over the next four years for IoT and has also recently announced an end to end certification for a secure IoT platform from MCU to the cloud called Azure Sphere. Updated Azure Security Center - Azure Security Center grew to protect Windows and Linux operating system across Azure, on-premises datacenters, and other IaaS providers. Security Center has also added powerful new features like Just in Time access to VMs and applied machine learning to creating application whitelisting rules and North-South Network Security Group (NSG) network rules. Added Azure capabilities including Azure Policy, Confidential Computing, and the new DDoS protection options. Added Azure AD B2B and B2C - Many Security departments have found these capabilities useful in reducing risk by moving partner and customer accounts out of enterprise identity systems to leverage existing enterprise and consumer identity providers. Added information protection capabilities for Office 365 as well as SQL Information Protection (preview). Updated integration points - Microsoft invests heavily to integrate our capabilities together as well as to ensure use our technology with your existing security capabilities. This is a quick summary of some key integration points depicted in the reference architecture: Conditional Access connecting info protection and threat protection with identity to ensure that authentications are coming from a secure/compliant device before accessing sensitive data. Advanced Threat Protection integration across our SOC capabilities to streamline detection and response processes across Devices, Office 365, Azure, SaaS applications, and on Premises Active Directory. Azure Information Protection discovering and protecting data on SaaS applications via Cloud App Security. Data Loss Protection (DLP) integration with Cloud App Security to leverage existing DLP engines and with Azure Information Protection to consume labels on sensitive data. Alert and Log Integration across Microsoft capabilities to help integrate with existing Security Information and Event Management (SIEM) solution investments.   Feedback We are always trying to improve everything we do at Microsoft and we need your feedback to do it! You can contact the primary author (Mark Simos) directly on LinkedIn (https://aka.ms/markslist) with any feedback on how to improve it or how you use it, how it helps you, or any other thoughts you have.  
  18. Joonas
  19. Joonas