cleaning out your it closet - spsred 2013
Post on 05-Dec-2014
429 Views
Preview:
DESCRIPTION
TRANSCRIPT
THE SMALL BUSINESS IT CLOSET
Servers on the Floor.
Space enough for one old used rack.
Soooo. How old are you, anyway?
Servers ♡ Dust.
House fan. On a box of wine.
Home AC units.
Hand crafted ventilation system.
At least it vents outside.
SMALL BUSINESSES
• No more room in the closet!
• Lease is up – what do we do now?
• SharePoint 2013 needs HOW MUCH RAM???
• External Collaboration
• Licensing headaches
LARGE BUSINESSES
• Didn’t budget for dev, test, stage, DR farms
• Lots of hardware sitting under-utilized
• IT department is an obstacle
• IT budgets getting slashed
• Licensing headaches
WINDOWS AZURE
• Infrastructure as a Service (IaaS).
• Host VMs on someone else’s hardware.
• Pay by the minute, shut them down when not in use.
• Use pre-made images, or upload your own VHDs.
• License costs are rolled into the pre-made images.
SOME GOOD CANDIDATES
• ADFS
• IRM / ADRMS
• On-Prem SharePoint
• Source Control Systems (TFS, SVN)
• LOB App Servers that don’t need to be on the LAN
NOT SO GOOD CANDIDATES
• Lync Server
• Exchange Server
• Servers that need to be on the LAN
• Site2Site IPSEC Persistent VPN Tunnel Between On-Prem and Azure
• Can define the address space in Azure (prevent conflicts with on-prem)
• A virtual extension of an office network
• Microsoft is adding new devices all the time as they test them
• Anything that supports modern IPSEC may work
• Have an open-source firewall like pfSense, Racoon, FreeBSD? Try it!
• Just announced partnership with AT&T will provide other VPN opportunities over private MPLS networks
Vendor Device Family
CISCO ASA/ASR/ISR
Juniper J Series/ISG/SSG
Watchguard All
F5 BIG-IP Series
Citrix CloudBridge MPX/VPX
Microsoft RRAS Windows Server 2012
http://msdn.microsoft.com/en-us/library/windowsazure/jj156075.aspx
• Create an Azure Virtual Network
• Setup Azure subnets and IP Addressing
• Setup the VPN
• Configure connection to local network
• Establish the gateway
• Test the connection
• Install R/W Domain Controllers + DNS
• Join to the corporate domain
• Replicate / test replication
• Setup AD Replication Site for Azure Subnets
• Install Member Servers
• ADFS / ADRMS / SharePoint Etc.
• Join to the Domain
• Ensure IaaS DNS servers are used for name resolution
• GOAL – Reduce traffic over the VPN
• Ideally only replication traffic
• Test! Test! Test!
• Take the VPN Down. Can users still use your applications?
• Use Availability Sets
• Use SQL Availability Groups
• Configure ProbePorts for EndPoints
• Don’t depend on the VPN connection, it can go down!
• Use Read/Write Domain Controllers
• Not a good idea in general
• Lots of things are broken with an RODC:
• Can’t run the configuration wizard
• Can’t create new site collections
• People Picker won’t resolve new users
• User Profile property export
• Problems w/ Managed Service Accounts with automatic password expiration
• Incoming mail services
• Prezi Presentation
• On-prem footprints present challenges for small and large businesses
• Azure IaaS can reduce on-prem footprints
• Key is the Azure Virtual Private Network
• Plan for resiliency
• Great for labs or real workloads like SharePoint
top related