John F. Schaller

Azure Solutions Specialist

Your vision. Your cloud.

Consolidated

Managed

Virtualized

Cost Efficient

Usage-based

Self-service

Elasticity

Automation

Pooled resources

Cloud

Optimized

Data Center

+ =

Cloud Attributes

On Premise: Private CloudOff Premise: IaaS, SaaS, PaaS

Software as a Service

Applications

Data

Storage

Middleware

OS

Runtime

Servers

Virtualizations

Networking

Platform as a Service

Applications

Data

Storage

Middleware

OS

Runtime

Servers

Virtualizations

Networking

Infrastructure as a Service

Applications

Data

Storage

Middleware

OS

Runtime

Servers

Virtualizations

Networking

On-premises

Applications

Data

Storage

Middleware

OS

Runtime

Servers

Virtualizations

Networking

Customer manages Microsoft manages Shared management

Microsoft Cloud Services for Government

3

Build and innovate with choice and flexibility

Applications

Infrastructure

Management

Databases &

middleware

App frameworks

& tools

DevOps

Command Use Case

AFMIS Food Logistics

TRADOC Training Systems, Video, Web Apps, SharePoint

HQDA Web Apps, business Apps

PEO-C3T Code Repository and DevOps

USACE IoT, IaaS, Geo-Spatial

ALTESS Full Spectrum of apps/use cases

ARCYBER Cyber feed from Microsoft, Identity Mgmt, Dashboard

CIO G6 Commanders Dashboard

NETCOM Recruit a hacker and web apps

AFRICOM Web Apps

DISA Full spectrum of Apps

National Guard Backups/Storage and developing a new medical readiness app

Defense Health Medical Chart application

SouthCom VM’s/IaaS

Gov

regions

4

ExpressRoute

Locations

7

DoD

regions

2Silicon Valley

ExpressRoute,

CAPWashington D.C.

ExpressRoute, CAP

Seattle ExpressRoute

Dallas

ExpressRoute, CAP

Chicago

ExpressRoute

New York

ExpressRoute

Phoenix

ExpressRoute

ExpressRoute Documentation

ISO 27001 SOC 1Type 2

ISO 27018 CSA STARSelf-Assessment

ISO 27017 SOC 2Type 2

SOC 3ISO 22301 CSA STARCertification

CSA STARAttestation

ISO 9001GLO

BA

LU

S G

OV

Moderate

JAB P-ATO

FIPS 140-2DoD DISA

SRG Level 2

ITAR CJIS IRS 1075Section 508

VPAT

SP 800-171High

JAB P-ATO

DoD DISA

SRG Level 4

DoD DISA

SRG Level 5

HIPAA/

HITECH Act

FERPAGxP

21 CFR Part 11

FISC

Japan

PCI DSS

Level 1

CDSA Shared

Assessments

MPAA FACT

UK

GLBAMARS-E FFIECHITRUST IG Toolkit

UKIND

US

TR

Y

Singapore

MTCS

UK

G-Cloud

Australia

IRAP/CCSL

China

DJCP

New

Zealand

GCIO

China

GB 18030

EU

Model

Clauses

ENISA

IAF

ArgentinaPDPA

Japan CS

Mark Gold

China

TRUCS

Spain

ENS

Japan My

Number Act

India

MeitY

Canada

Privacy

Laws

Privacy

Shield

Germany IT

Grundschutz

workbook

Spain

DPARE

GIO

NA

L

Trust Center

38 Azure Government services authorized

FedRAMP JAB Authorized

Active Directory

API Management

App Service

Application Gateway

Automation

Azure Monitor

Azure Portal

Azure Resource Manager

Azure Service Manager (RDFE)

Backup

Batch

Cloud Services

Event Hubs

ExpressRoute

Functions

HDInsight

Intune

Key Vault

Load Balancer

Log Analytics

Media Services

Notification Hubs

Power BI

Redis Cache

Scheduler

Service Bus

Service Fabric

Site Recovery

SQL Data Warehouse

SQL Database

SQL Server Stretch Database

Storage

StorSimple

Traffic Manager

Virtual Machine Scale Sets

Virtual Machines

Virtual Network

VPN Gateway

Workflow

In-Progress FedRAMP Audit AuthorizationsAzure Information Protection

Azure Active Directory Premium

Architecture Deployment Certification Expertise

Fast track to certification and compliance of applications built on Azure

Partnership

5-step process that streamlines paperwork through templates and tools, and

allows your security professionals to focus on security—not paperwork

For latest Blueprint: https://aka.ms/azureblueprint

Azure solutions

Dev/Test

SAP on Azure

Internet of Things

RedHaton Azure

BI + analytics

Big data & data

warehouse

Backup, Archive, DR

High performance computing

Internal business

apps

Customer facing apps

We hear from our enterprise customers

“I need to consolidate vendors and require a

partner who can solve my

disaster recovery and backup needs under one

contract.”

“My infrastructure is extremely complex and

features a mix of VMware

& Hyper-V, Windows & Linux and many one-off

applications.”

“I am looking to take advantage of a hybrid deployment but it is a

complicated process to migrate workloads to the

cloud.”

“I know the cloud has a number of useful services but it has

proven difficult to achieve in reality.”

Single Provider Heterogeneous Support Hybrid Built-in Unlocks Azure Services

Leverage native, first party backup and

disaster recovery from

Azure, a trusted cloud service provider

Support heterogeneous environments – Hyper-V,

VMware, Windows, Linux &

physical servers– with Azure’s cross-platform

functionality

Quickly achieve a hybrid strategy by

replicating on-premises

workloads to Azure

Azure’s availability solutions provide a

direct path to the cloud,

unlocking the innovation it delivers

The best-in-class provider for availability solutions

Protect and extend your datacenter

Disaster Recovery

Datacenter Extension

Enterprise Backup

IaaS Backup

Protect your applications from downtime by replicating to Azure

Extend your datacenter to Azure and take advantage

of the cloud services it provides

Back-up on premises data to the cloud, replace tape,

and ensure compliance

Safeguard your cloud investments by ensuring cloud VMs are protected

Azure Site Recovery Azure Backup

With two availability technologies from Microsoft Azure

When your applications have a catastrophic failure, run them in Azure or a secondary datacenter

When your data is corrupted or lost, restore your data to the original location or a new location

Source: Forrester “The State of Business Technology Resiliency Q2 2014”, May 12, 2014

Maintaining all infrastructure on-site is costly & lacks flexibility

Maintaining secure backups

Annual Cost Estimates Tape Backup ($) Cloud Backup ($)

Tape Hardware Cost (LTO-5 drive, two additional 1.5TB cartridges, five year

life cycle)520 0

On-Premises Backup/Restore Device or Appliance Cost (annualized based

on three-year life cycle, including annual maintenance cost)0 500 to 3,000

Backup Software License and Maintenance (three servers) 1,260 0

Break/Fix Maintenance Calls 1,000 0

Tape Vaulting Services 3,600 0

Administrative Cost ($20/hour) 2,400 (30 minutes/day) 240 (1 hour/month)

Cloud Backup Service (9TB/year; $0.08-$0.75/GB/ Month; no deduplication

and compression including annualized local backup/restore appliance

cost)

0 713 to 5,997

Total $8,780 $1,213 to $8,997

Azure Backup$2585!

Gartner: “How to Determine If Cloud Backup Is Right for Your Servers”, 13 February 2014

Maintaining secure backups of IaaS VMs

VMWare VM Backup

• Agentless Backup

• Cloud integrated

• Discovery of vCenter

• vCenter 5.5, 6.0, 6.5

support

• Folder-level Auto

protection

• Protect VMs stored on

NFS/SAN/DAS

• Available through MABS

IIS

File Server Microsoft

Microsoft

Seeding your initial backup data without network consumption.

This is great for customers who do not have a lot of bandwidth to spare

(or)

Bandwidth is costly

Value proposition:

Faster seeding of Azure Backup data

Lower bandwidth requirements

Better backup SLAs

1On-premises

3

Import ServiceAzure

5

Azure Recovery Services Vault (ARM) Customer Storage Account 4

(Classic V1)

Classic (Non-CSP) Subscription

2

• Backup data Encrypted• Hard-drive BitLocker

Encrypted

Unified Restore

experienceInstant recovery

Open and view

data before restore

Zero additional

infra or cost

• Backup health• Restore stats• Backup Items• Policy and

Recovery points

Real time

• Backup Storage

Every 24 hours

24 hour refresh

Compromised agility

Limited hardware budget

Resource contention with VMs

Realistic scale tests often challenging

Procurement delays

Your datacenter

IT admin

Provision VMs

Developers

Request VMs

65%of developers say it is too complicated and time-consuming to get development and test resources

Today’s challenges

10% Average utilization of dedicated dev-test infrastructure

Source: Business Case for Test Environment Management Whitepaper, Cognizant

Test at Realistic Scale

Replicate real-world usage scenarios in your test environment, and gain a precise view into how your application will behave in the real world.

Scalable, on-demand infrastructure supports fast and consistent dev & test

Azure

IT admin

Manage environment

Developers

Provision VMs

Use VMs

Minimize Waste & CostTest at Realistic ScaleProvision in Minutes

Provision resources in minutes, instead of days or weeks

Test at production scale, to catch and fix problems

before you release

Improve productivity with predefined images &

application services

Make realistic scale a reality in testing your mission critical applications

Your datacenter or hoster

Azure

Minimize Waste & CostTest at Realistic ScaleProvision in Minutes

Stage your pre-production environments in Azure to

secure safe rollout of new features, service updates, etc.

Azure supports Microsoft applications such as

Dynamics, Sharepoint, Exchange, SQL.

Azure Marketplace provides easy access to VM Images

from SAP, IBM, Oracle and more than 3000 others

Azure

IT admin

Manage resourcesProvision & use VMs

Developers

Business units

Pay as you go

Minimize Waste & CostTest at Realistic ScaleProvision in Minutes

Pay only by the minute for virtual machines, and

allocate them as needed to developers

Save time and money with automation and scale

Minimize waste with visibility and tight control of

computing resources. Use chargebacks to allocate costs

to internal groups.

Use familiar tools for easy provisioning, deployment and

management of dev-test environments

Azure

Dev-Test Lab

Dev-Test LabsMigrationsExpressRoute

Worry-free self-service

• Provision environments with allocated quotas and policies

• Control Costs and track project spending

Create once, use everywhere

• Create templates once and share with your team

Test easily in realistic scale scenarios

• Achieve high fidelity between dev-test and production

environments

• Deploy easily on-prem or in the cloud

Integrate with your existing tools

• Leverage pre-made plugins and APIs

• Dev-Test from preferred CL tool

• Use command line tool

Consistent application development

Azure services available on-premises

Integrated delivery experience

Azure Stack promise

Azure Functions Cloud FoundryAzure Service Fabric

Azure Container Service (ACS)

Azure App Service

Azure PaaS available on-premises: |High productivity development

Web, Mobile, and API apps

ServerlessComputing

Scalable distributed applications, deploy standalone Service Fabric clusters initially

Container management, with ACS engine support for Docker Swarm, Kubernetes, and Mesosphere DC/OS

Open source platform

Roadmap: Azure Service Fabric-as-a-Service and Azure Container Service-as-a-Service are planned to be available in CY18

Azure IaaS available on-premises: beyond traditional virtualization

Roadmap: Additional Azure consistency (New VM types, Managed Disks, storage API updates) in CY18. Windows Azure Pack Connector for Azure Stack in CY17.

Key VaultVirtual machines (VM), VM scale sets

Containers with Docker

Networking Storage

Rapid deployment with automated

scaling

Linux and Windows Server

containers

Virtual network, load balancer, VPN gateway

Blobs, tables, queues

Securely protect application keys

and secrets

Built-in Azure, no setup required

Automatically discover and monitor security of Azure resources

Gain insights for hybrid resources

Easily onboard resources running in other clouds and on-premises

Backup, Recovery and Migration

Microsoft Azure

Azure VM Backup

RBAC

Mgmt

• Recover even deleted VMs

• RBAC• Scheduled or ad-hoc backups• Encrypted in-flight & at rest• Can protect:

– Windows & Linux– Microsoft Applications

• Retention up to 99 years• Support matrix here

• Encrypted in-flight & at-rest

• On-demand compute• Heterogeneous• Scalable• Powerful automation • ExpressRoute or Public Internet

Azure Backup

Recovery

Encrypted Backup

Azure

Backup Server

(D-D), (D-C) or (D-D-C)

VMware

Hyper-V

User Machine

MS Apps

RBAC

Mgmt

Microsoft Azure

Retention up to 99 years

Tape Replacement• RBAC

• Scheduled or ad-hoc backups• LRS or GRSBackup Vault • Encrypted in-flight & at rest• Can protect:

– Hyper-V & VMware– Windows & Linux– Microsoft Applications– Client machines

• Retention up to 99 years

• Support matrix here

Public Internet

ExpressRoute Public Peering

Health Monitor

Site A Site B

Orchestrated Recovery in case of outage

Site A Replication

Replication

Recovery

Microsoft Azure

Microsoft Azure

DR

ServiceCloud

Storage

Microsoft Azure

DR

Service Cloud

Storage

Region B

Region A

Recovery

Recovery

Replication

Azure Site Recovery

Recovery

plan

Manage

Microsoft

Azure

Disaster Recovery

Datacenter Extension

Emerging strategies — Microsoft IT

Public cloud

Private cloud Private cloud datacenter

Core network services remain on premises:

• Active Directory Domain Services (AD DS)

• Domain Name System (DNS)

• Windows Server Update Services

• Microsoft System Center 2012 Configuration Manager

SaaS

Office 365, OneDrive, Yammer, Dynamics Online, ...

PaaS

New development

IaaS

IaaS virtual machines – traditional applications

Efficiency

increases

Microsoft IT’s hybrid

cloud infrastructureEven though a complete migration to the public cloud is the goal, retaining

core network services in traditional datacenters for the near future results in a hybrid cloud

Efficiency

increases

Evaluation

Process

Our adoption approachRoadmap planning

Retire it, right-size, eliminate environments

Use or convert to a SaaS

(first- or third-party) solution

Expose functionality in

existing SaaS/PaaS solution

Convert to Azure PaaS solution

Optimize for and move to

Azure IaaS virtual machine

No change,

lift-and-

shift to IaaS

Remain

on-premises

~15%

…To→ Office 365

→ SharePoint Online

→ CRM Online

→ Visual Studio Online

→ Azure Data Lake

+ Power BI

→ Best third-party SaaS

From…→ Office servers

→ Portals and SPS

→ Any relationship mgmt

→ Active Source

Control + work item type

→ Data warehouses

→ Industry standard verticals

~30%

First to move→ Basic web apps

→ Advanced portals

→ Any new solutions

→ Any re-architected

solutions

Next to move→ High I/O OLTP

→ Regulatory andhigh business impact

Hard or costly

to move→ HVA systems

→ PKI systems

→ Legacy source control

Azure IT roadmap

~35% ~10% ~5%

<5%