Download - Connect your datacenter to Microsoft Azure
Welcome to Cloud Era
CONNECT YOUR HOME LAB TO MICROSOFT AZURE
MOHAMED FAIZAL AND MATT HITCHCOCK
DATA CENTER
ABOUT US
PowerShell MVP
Community Leader for Community Leader for
Microsoft Azure MVP
Mohamed Faizal Matt Hitchcock
Thank you to our sponsors
TODAY SCHEDULE
HYBRID SCENARIOS
Extend Infrastructure to the cloud
Data Processing in
the cloud
Access data & apps in your data center
Integrate services from On-Premises
Processing across cloud
& On-Premise
WHY HYBRID CLOUD?
Your IT can benefit from public cloud
• Pay-per-use, scalability, elasticity
You cannot move all to a public cloud
• Existing investments, legal constraints etc.
Hybrid = best of both
• Run in public cloud and your own data center
A Unified Cloud Strategy
Compute/storage/network Compute/storage/network
Management Portal/APIManagement Portal/APIManagement Portal/API
• flexible development
• unified management
• common identity
• integrated virtualization
• complete data platform
* Not meant to be a comprehensive list of all services, for a complete list please visit azure.microsoft.com
APP SERVICES
NETWORKING & AUTOMATION SERVICES
COMPUTE SERVICES DATA SERVICES
SO WHAT IS HYBRID …
On Premises Private Cloud
AutomationHealth Monitoring
Site-to-Site VPNPoint-to-Site VPN
Express Route
Azure
Web
Site
web
roles
worker
roles
Virtual
Machines
Azure
Mobile
Services
TFS or
VS Online +
GIT
Azure
AD
Multi-Factor
Auth
Azure
Cache
Access
Control
BizTalk
Services
Media
Services
Service
Bus
Notification
Hub
Scheduler
SANStorage Spaces/SMB
Server Group #1 Server Group #2
VIRTUALIZATIONCOMPUTE,STORAGE &
NETWORKING
Physical Infrastructure (Servers/Storage/Networking
DEVICES & FACILITIES
NETWORKING, COMPUTE, STORAGE, APP SERVICES,
AUTOMATION, DISASTER RECOVERY, DEV, TEST, UAT, etc.
… as a SERVICE
StorSimpleCloud Integrated Storage
Azure Site
Recovery
StorSimple
Virtual
Appliance
Backup
Service
Gallery
OS images
VHD VHD data
disk
MySQL
database
SQL
Database
SQL
Data
Sync
HDInsight
(Hadoop)
storage
queue
storage
blob
storage
table
Virtual
network
Automation CDNAvailability
Set
Azure load
balancer
Auto-
scale
Traffic
Manager
File ServerExchangeActiveDirectory
My SQL OracleLOB AppCommercial
AppSQL
APPLICATIONS &SERVICES
JEE App .NET App
System Center 2012 R2
Provisioning
Monitoring
Automation & Self Service
Application Insight
IT Service Management
HYBRID NETWORKING OFFERINGS
Secure point-to-site connectivity
• Developers• POC Efforts• Small scale deployments• Connect from anywhere
Secure site-to-site VPN connectivity
• SMB, Enterprises• Connect to Azure compute
ExpressRoute private connectivity
• SMB & Enterprises• Mission critical workloads• Backup/DR, media, HPC• Connect to all Azure services
HYBRID CLOUD SCENARIOS
Infrastructure as a Service (3-Tier highly available example)
Availability Set
Load Balancing
AutoScaling
Tier 1
Availability Set
Tier 2
AutoScaling
SharePoint
Availability Set
Tier 3
AzureStorage
SQLAzure
Analytics& Reporting
VPN
VPN
Web Site
MobileService
HDInsight(Hadoop)
Storage BLOB
StorageTable
StorageQueue
Virtual Machines
VHD
Windows Azure Cache
Windows Azure CDN
MicrosoftAzure AD
Notification Hub
Users
MicrosoftAzure SDK
Developers
On Premises
Microsoft Azure
HYBRID CLOUD SCENARIOS
Platform as a Service (Connected Devices)
Connected Devices
Collect / Decode
Load Balancing
AutoScaling
Worker Roles
INGRESS NODES
Filter / Analyze / Aggregate
ANALYTICS NODE
AutoScaling
Worker Roles
AzureStorage
Record Reporting / BI
CONSUME
AzureStorage
SQLAzure
Analytics& Reporting
Microsoft Azure
HYBRID CLOUD SCENARIOS
Development / Test (SharePoint)
VPN
Remote UsersAdmin
HYBRID CLOUD SCENARIOS
Azure Backup File Server
SQL
Exchange
Recovery
Encrypted BackupVPN
Windows BackupSC Data Protection Manager
Microsoft Azure
Azure Site Recovery
System Center
Virtual Machine
ManagerRecoveryplan
Health Monitor
System Center
Virtual Machine
Manager
Site A Site BHyper-V Replica
Orchestrated Recovery in case of outage
Manage
Site B
System Center
Virtual Machine
Manager
Site AReplication
Recovery
Microsoft Azure
Microsoft Azure
HYBRID CLOUD SCENARIOSEnterprise Mobility Suite
• Hybrid Identity Management
• Mobile Device Security& Management
• Mobile Application Management
• Strong Authentication & Access based Information
ProtectionMicrosoft Azure Active Directory
Consumer identity providers
PCs and devices
Microsoft apps
3rd party clouds/hosting
ISV/CSV appsCustom LOB apps
Encrypted Synchronization
Microsoft Azure AD
Microsoft Azure Multi-Factor Authentication
ADFS / SAMLMulti-Factor
AuthenticationServer
Cloud AppsMulti-Factor
AuthenticationServer
Corporate devices
On Premises
Applications
BYOD / Personal devices
.NET, Java, PHP, …
• Built-in• SDK for integration• Strong multi Factor Authentication• Real Time Fraud Alert• Reporting, Logging & Auditing• Enables compliance with NIST 800-63
Level 3, HIPAA, PCI DSS, and other regulatory requirements
Microsoft Azure AD
SQL SERVER HYBRID CLOUD SCENARIOS
SQL DevelopmentPublishCompareSyncImport / ExportRegister / Unregister
Management Portal
VPNDispersed Teams
Microsoft Azure
SQL Backup/Recovery
SQL Backup tool for legacyManual Console BackupManaged Backups
Management Portal
VPN / Encrypted Data
Microsoft Azure
SQL Business ContinuityPrimary SecondaryAsynchronous Commit
Console 2014 / Scripts 2012
VPN
BackupAvailability GroupsPeriodic SnapshotsGeo Replication
Disaster Recovery
Powering BI Apps
Microsoft Azure
SAP on Microsoft Azure
On-PremisesVPN Device
SAP (Dev / Test / UAT)Windows Server & SAP (C:)
Shared Pool (D:)
Windows Server (C:)
Shared Pool (D:)
SQL Server (E:)
.vhd file
.vhd file
.vhd file
.vhd file
.vhd file
SQL Server
Virtual Network
Blob Storage
On-Premises
On-PremisesServers
SAP certificationsMicrosoft Azure is certified for the following SAP products, with full support from Microsoft and SAP. http://azure.microsoft.com/en-us/campaigns/sap/
SAP ProductGuest
Operating System
RDBMSVirtual
Machine Types
SAP Business Suite Software WindowsSQL
ServerA5
SAP Business All-in-One WindowsSQL
ServerA5
SAP NetWeaver Application Server ABAP 1 Windows
SQL Server
A5
SAP HANA Developer Edition (including the HANA Client software
comprised of SQLDBC, ODBO (Windows only), ODBC, AND JDBC drivers), HANA Studio, and HANA
Database) 2
SUSE, Linux N/A A7, A8
Azure VPNGateway
1 Only NetWeaver 7.00 and later SAP releases of NetWeaver are supported for deployment in Azure. 2 Customers can try SAP HANA Developer Edition on Azure using the SAP Cloud Appliance Library.
THE BIG (NETWORK) PICTURE
Internet Clients
On premises Datacenter
AzureVirtual Network
Frontend Connectivity
Load-balanced and direct IPs
ACLs & DDoS protection
Traffic Manager & Azure DNS
Virtual Networks
Flexible multi-tier topologies
Backend Connectivity
Secure Internet cross premises VPN connectivity
ExpressRoute – direct connectivity
FORCED TUNNELING
“Force” or redirect customer Internet-bound traffic to an on-premises site
Auditing & inspecting outbound traffic from Azure
Needed by many scenarios for critical security and IT policy requirements
Virtual Network
Backend10.3/16
Mid-tier10.2/16
Frontend10.1/16
VPN GW
Internet
On Premises
S2SVPNs
Forced Tunneledvia S2S VPN Internet
GATEWAY ENHANCEMENTS
High Performance Gateway• Better throughput
• More S2S tunnels
• Pricing
• $0.49 per gateway hour
• Data transfer & VNet traffic rates unchanged
No Encryption option• Better throughput for Vnet-to-Vnet
within Azure
• Intra-/Inter-region Vnet-to-Vnet traffic stays within Microsoft networks, not Internet
PFS Support for IKE• Compliance requirements & better
security
Operations Logs• Visibility into critical gateway events
Gateway SKU ExpressRouteThroughput*
S2S Throughput*
MaxTunnels
Default 500 Mbps 100 Mbps 10
Performance 1000 Mbps 200 Mbps 30
NETWORK SECURITY GROUPS (NSG)Enables network segmentation & DMZ scenarios
Access Control List• Filter conditions with allow/deny
• Individual addresses, address prefixes, wildcards
Associate with VMs or subnets
ACLs can be updated independent of VMs
Virtual Network
Backend10.3/16
Mid-tier10.2/16
Frontend10.1/16
VPN GW
Internet
On Premises 10.0/16
S2SVPNs
Internet
MULTIPLE NICS IN AZURE VMS
Multiple NICs enable virtual appliances in Azure
MAC/IP addresses persist through VM life cycle
Separate frontend-backend traffic, and management-data planes
Up to 4 NICs per VM
Azure Virtual Machine
NIC2 NIC1 Default
Internet
10.2.2.2210.2.3.33 10.2.1.11
VIP: 133.44.55.66
WAN
CUSTOMERS WANT AZURE ON THEIR NETWORK
WAN
EXPRESSROUTE PARTNERS
Publicinternet
Microsoft Azure
Publicinternet
Microsoft Azure
FOR MORE INFORMATION
• Introduction to Microsoft Azure Networking Technologies and What's New
• Designing Hybrid Scenarios with Microsoft Azure
• Architecting Effective Cloud Adoption Strategies
• How to Develop a Successful Hybrid Cloud Strategy
EVALUATE THIS SESSION
There will be other prizes including Bluetooth devices,
Office 365 subscriptions, Xbox Live subscriptions and more!
Win…