Your vision. Your cloud. - koreatechnet.com Food Logistics TRADOC Training Systems, Video, Web Apps,...
-
Upload
trinhkhanh -
Category
Documents
-
view
215 -
download
0
Transcript of Your vision. Your cloud. - koreatechnet.com Food Logistics TRADOC Training Systems, Video, Web Apps,...
John F. Schaller
Azure Solutions Specialist
Your vision. Your cloud.
Consolidated
Managed
Virtualized
Cost Efficient
Usage-based
Self-service
Elasticity
Automation
Pooled resources
Cloud
Optimized
Data Center
+ =
Cloud Attributes
On Premise: Private CloudOff Premise: IaaS, SaaS, PaaS
Software as a Service
Applications
Data
Storage
Middleware
OS
Runtime
Servers
Virtualizations
Networking
Platform as a Service
Applications
Data
Storage
Middleware
OS
Runtime
Servers
Virtualizations
Networking
Infrastructure as a Service
Applications
Data
Storage
Middleware
OS
Runtime
Servers
Virtualizations
Networking
On-premises
Applications
Data
Storage
Middleware
OS
Runtime
Servers
Virtualizations
Networking
Customer manages Microsoft manages Shared management
Microsoft Cloud Services for Government
3
Build and innovate with choice and flexibility
Applications
Infrastructure
Management
Databases &
middleware
App frameworks
& tools
DevOps
Command Use Case
AFMIS Food Logistics
TRADOC Training Systems, Video, Web Apps, SharePoint
HQDA Web Apps, business Apps
PEO-C3T Code Repository and DevOps
USACE IoT, IaaS, Geo-Spatial
ALTESS Full Spectrum of apps/use cases
ARCYBER Cyber feed from Microsoft, Identity Mgmt, Dashboard
CIO G6 Commanders Dashboard
NETCOM Recruit a hacker and web apps
AFRICOM Web Apps
DISA Full spectrum of Apps
National Guard Backups/Storage and developing a new medical readiness app
Defense Health Medical Chart application
SouthCom VM’s/IaaS
Gov
regions
4
ExpressRoute
Locations
7
DoD
regions
2Silicon Valley
ExpressRoute,
CAPWashington D.C.
ExpressRoute, CAP
Seattle ExpressRoute
Dallas
ExpressRoute, CAP
Chicago
ExpressRoute
New York
ExpressRoute
Phoenix
ExpressRoute
ExpressRoute Documentation
ISO 27001 SOC 1Type 2
ISO 27018 CSA STARSelf-Assessment
ISO 27017 SOC 2Type 2
SOC 3ISO 22301 CSA STARCertification
CSA STARAttestation
ISO 9001GLO
BA
LU
S G
OV
Moderate
JAB P-ATO
FIPS 140-2DoD DISA
SRG Level 2
ITAR CJIS IRS 1075Section 508
VPAT
SP 800-171High
JAB P-ATO
DoD DISA
SRG Level 4
DoD DISA
SRG Level 5
HIPAA/
HITECH Act
FERPAGxP
21 CFR Part 11
FISC
Japan
PCI DSS
Level 1
CDSA Shared
Assessments
MPAA FACT
UK
GLBAMARS-E FFIECHITRUST IG Toolkit
UKIND
US
TR
Y
Singapore
MTCS
UK
G-Cloud
Australia
IRAP/CCSL
China
DJCP
New
Zealand
GCIO
China
GB 18030
EU
Model
Clauses
ENISA
IAF
ArgentinaPDPA
Japan CS
Mark Gold
China
TRUCS
Spain
ENS
Japan My
Number Act
India
MeitY
Canada
Privacy
Laws
Privacy
Shield
Germany IT
Grundschutz
workbook
Spain
DPARE
GIO
NA
L
Trust Center
38 Azure Government services authorized
FedRAMP JAB Authorized
Active Directory
API Management
App Service
Application Gateway
Automation
Azure Monitor
Azure Portal
Azure Resource Manager
Azure Service Manager (RDFE)
Backup
Batch
Cloud Services
Event Hubs
ExpressRoute
Functions
HDInsight
Intune
Key Vault
Load Balancer
Log Analytics
Media Services
Notification Hubs
Power BI
Redis Cache
Scheduler
Service Bus
Service Fabric
Site Recovery
SQL Data Warehouse
SQL Database
SQL Server Stretch Database
Storage
StorSimple
Traffic Manager
Virtual Machine Scale Sets
Virtual Machines
Virtual Network
VPN Gateway
Workflow
In-Progress FedRAMP Audit AuthorizationsAzure Information Protection
Azure Active Directory Premium
Architecture Deployment Certification Expertise
Fast track to certification and compliance of applications built on Azure
Partnership
5-step process that streamlines paperwork through templates and tools, and
allows your security professionals to focus on security—not paperwork
For latest Blueprint: https://aka.ms/azureblueprint
Azure solutions
Dev/Test
SAP on Azure
Internet of Things
RedHaton Azure
BI + analytics
Big data & data
warehouse
Backup, Archive, DR
High performance computing
Internal business
apps
Customer facing apps
We hear from our enterprise customers
“I need to consolidate vendors and require a
partner who can solve my
disaster recovery and backup needs under one
contract.”
“My infrastructure is extremely complex and
features a mix of VMware
& Hyper-V, Windows & Linux and many one-off
applications.”
“I am looking to take advantage of a hybrid deployment but it is a
complicated process to migrate workloads to the
cloud.”
“I know the cloud has a number of useful services but it has
proven difficult to achieve in reality.”
Single Provider Heterogeneous Support Hybrid Built-in Unlocks Azure Services
Leverage native, first party backup and
disaster recovery from
Azure, a trusted cloud service provider
Support heterogeneous environments – Hyper-V,
VMware, Windows, Linux &
physical servers– with Azure’s cross-platform
functionality
Quickly achieve a hybrid strategy by
replicating on-premises
workloads to Azure
Azure’s availability solutions provide a
direct path to the cloud,
unlocking the innovation it delivers
The best-in-class provider for availability solutions
Protect and extend your datacenter
Disaster Recovery
Datacenter Extension
Enterprise Backup
IaaS Backup
Protect your applications from downtime by replicating to Azure
Extend your datacenter to Azure and take advantage
of the cloud services it provides
Back-up on premises data to the cloud, replace tape,
and ensure compliance
Safeguard your cloud investments by ensuring cloud VMs are protected
Azure Site Recovery Azure Backup
With two availability technologies from Microsoft Azure
When your applications have a catastrophic failure, run them in Azure or a secondary datacenter
When your data is corrupted or lost, restore your data to the original location or a new location
Source: Forrester “The State of Business Technology Resiliency Q2 2014”, May 12, 2014
Maintaining all infrastructure on-site is costly & lacks flexibility
Maintaining secure backups
Annual Cost Estimates Tape Backup ($) Cloud Backup ($)
Tape Hardware Cost (LTO-5 drive, two additional 1.5TB cartridges, five year
life cycle)520 0
On-Premises Backup/Restore Device or Appliance Cost (annualized based
on three-year life cycle, including annual maintenance cost)0 500 to 3,000
Backup Software License and Maintenance (three servers) 1,260 0
Break/Fix Maintenance Calls 1,000 0
Tape Vaulting Services 3,600 0
Administrative Cost ($20/hour) 2,400 (30 minutes/day) 240 (1 hour/month)
Cloud Backup Service (9TB/year; $0.08-$0.75/GB/ Month; no deduplication
and compression including annualized local backup/restore appliance
cost)
0 713 to 5,997
Total $8,780 $1,213 to $8,997
Azure Backup$2585!
Gartner: “How to Determine If Cloud Backup Is Right for Your Servers”, 13 February 2014
Maintaining secure backups of IaaS VMs
VMWare VM Backup
• Agentless Backup
• Cloud integrated
• Discovery of vCenter
• vCenter 5.5, 6.0, 6.5
support
• Folder-level Auto
protection
• Protect VMs stored on
NFS/SAN/DAS
• Available through MABS
IIS
File Server Microsoft
Microsoft
Seeding your initial backup data without network consumption.
This is great for customers who do not have a lot of bandwidth to spare
(or)
Bandwidth is costly
Value proposition:
Faster seeding of Azure Backup data
Lower bandwidth requirements
Better backup SLAs
1On-premises
3
Import ServiceAzure
5
Azure Recovery Services Vault (ARM) Customer Storage Account 4
(Classic V1)
Classic (Non-CSP) Subscription
2
• Backup data Encrypted• Hard-drive BitLocker
Encrypted
Unified Restore
experienceInstant recovery
Open and view
data before restore
Zero additional
infra or cost
• Backup health• Restore stats• Backup Items• Policy and
Recovery points
Real time
• Backup Storage
Every 24 hours
24 hour refresh
Compromised agility
Limited hardware budget
Resource contention with VMs
Realistic scale tests often challenging
Procurement delays
Your datacenter
IT admin
Provision VMs
Developers
Request VMs
65%of developers say it is too complicated and time-consuming to get development and test resources
Today’s challenges
10% Average utilization of dedicated dev-test infrastructure
Source: Business Case for Test Environment Management Whitepaper, Cognizant
Test at Realistic Scale
Replicate real-world usage scenarios in your test environment, and gain a precise view into how your application will behave in the real world.
Scalable, on-demand infrastructure supports fast and consistent dev & test
Azure
IT admin
Manage environment
Developers
Provision VMs
Use VMs
Minimize Waste & CostTest at Realistic ScaleProvision in Minutes
Provision resources in minutes, instead of days or weeks
Test at production scale, to catch and fix problems
before you release
Improve productivity with predefined images &
application services
Make realistic scale a reality in testing your mission critical applications
Your datacenter or hoster
Azure
Minimize Waste & CostTest at Realistic ScaleProvision in Minutes
Stage your pre-production environments in Azure to
secure safe rollout of new features, service updates, etc.
Azure supports Microsoft applications such as
Dynamics, Sharepoint, Exchange, SQL.
Azure Marketplace provides easy access to VM Images
from SAP, IBM, Oracle and more than 3000 others
Azure
IT admin
Manage resourcesProvision & use VMs
Developers
Business units
Pay as you go
Minimize Waste & CostTest at Realistic ScaleProvision in Minutes
Pay only by the minute for virtual machines, and
allocate them as needed to developers
Save time and money with automation and scale
Minimize waste with visibility and tight control of
computing resources. Use chargebacks to allocate costs
to internal groups.
Use familiar tools for easy provisioning, deployment and
management of dev-test environments
Azure
Dev-Test Lab
Dev-Test LabsMigrationsExpressRoute
Worry-free self-service
• Provision environments with allocated quotas and policies
• Control Costs and track project spending
Create once, use everywhere
• Create templates once and share with your team
Test easily in realistic scale scenarios
• Achieve high fidelity between dev-test and production
environments
• Deploy easily on-prem or in the cloud
Integrate with your existing tools
• Leverage pre-made plugins and APIs
• Dev-Test from preferred CL tool
• Use command line tool
Consistent application development
Azure services available on-premises
Integrated delivery experience
Azure Stack promise
Azure Functions Cloud FoundryAzure Service Fabric
Azure Container Service (ACS)
Azure App Service
Azure PaaS available on-premises: |High productivity development
Web, Mobile, and API apps
ServerlessComputing
Scalable distributed applications, deploy standalone Service Fabric clusters initially
Container management, with ACS engine support for Docker Swarm, Kubernetes, and Mesosphere DC/OS
Open source platform
Roadmap: Azure Service Fabric-as-a-Service and Azure Container Service-as-a-Service are planned to be available in CY18
Azure IaaS available on-premises: beyond traditional virtualization
Roadmap: Additional Azure consistency (New VM types, Managed Disks, storage API updates) in CY18. Windows Azure Pack Connector for Azure Stack in CY17.
Key VaultVirtual machines (VM), VM scale sets
Containers with Docker
Networking Storage
Rapid deployment with automated
scaling
Linux and Windows Server
containers
Virtual network, load balancer, VPN gateway
Blobs, tables, queues
Securely protect application keys
and secrets
Built-in Azure, no setup required
Automatically discover and monitor security of Azure resources
Gain insights for hybrid resources
Easily onboard resources running in other clouds and on-premises
Backup, Recovery and Migration
Microsoft Azure
Azure VM Backup
RBAC
Mgmt
• Recover even deleted VMs
• RBAC• Scheduled or ad-hoc backups• Encrypted in-flight & at rest• Can protect:
– Windows & Linux– Microsoft Applications
• Retention up to 99 years• Support matrix here
• Encrypted in-flight & at-rest
• On-demand compute• Heterogeneous• Scalable• Powerful automation • ExpressRoute or Public Internet
Azure Backup
Recovery
Encrypted Backup
Azure
Backup Server
(D-D), (D-C) or (D-D-C)
VMware
Hyper-V
User Machine
MS Apps
RBAC
Mgmt
Microsoft Azure
Retention up to 99 years
Tape Replacement• RBAC
• Scheduled or ad-hoc backups• LRS or GRSBackup Vault • Encrypted in-flight & at rest• Can protect:
– Hyper-V & VMware– Windows & Linux– Microsoft Applications– Client machines
• Retention up to 99 years
• Support matrix here
Public Internet
ExpressRoute Public Peering
Health Monitor
Site A Site B
Orchestrated Recovery in case of outage
Site A Replication
Replication
Recovery
Microsoft Azure
Microsoft Azure
DR
ServiceCloud
Storage
Microsoft Azure
DR
Service Cloud
Storage
Region B
Region A
Recovery
Recovery
Replication
Azure Site Recovery
Recovery
plan
Manage
Microsoft
Azure
Disaster Recovery
Datacenter Extension
Emerging strategies — Microsoft IT
Public cloud
Private cloud Private cloud datacenter
Core network services remain on premises:
• Active Directory Domain Services (AD DS)
• Domain Name System (DNS)
• Windows Server Update Services
• Microsoft System Center 2012 Configuration Manager
SaaS
Office 365, OneDrive, Yammer, Dynamics Online, ...
PaaS
New development
IaaS
IaaS virtual machines – traditional applications
Efficiency
increases
Microsoft IT’s hybrid
cloud infrastructureEven though a complete migration to the public cloud is the goal, retaining
core network services in traditional datacenters for the near future results in a hybrid cloud
Efficiency
increases
Evaluation
Process
Our adoption approachRoadmap planning
Retire it, right-size, eliminate environments
Use or convert to a SaaS
(first- or third-party) solution
Expose functionality in
existing SaaS/PaaS solution
Convert to Azure PaaS solution
Optimize for and move to
Azure IaaS virtual machine
No change,
lift-and-
shift to IaaS
Remain
on-premises
~15%
…To→ Office 365
→ SharePoint Online
→ CRM Online
→ Visual Studio Online
→ Azure Data Lake
+ Power BI
→ Best third-party SaaS
From…→ Office servers
→ Portals and SPS
→ Any relationship mgmt
→ Active Source
Control + work item type
→ Data warehouses
→ Industry standard verticals
~30%
First to move→ Basic web apps
→ Advanced portals
→ Any new solutions
→ Any re-architected
solutions
Next to move→ High I/O OLTP
→ Regulatory andhigh business impact
Hard or costly
to move→ HVA systems
→ PKI systems
→ Legacy source control
Azure IT roadmap
~35% ~10% ~5%
<5%