windows azure bringing cloud to government agencies
Download
Skip this Video
Download Presentation
Windows Azure Bringing Cloud to Government Agencies

Loading in 2 Seconds...

play fullscreen
1 / 72

Windows Azure Bringing Cloud to Government Agencies - PowerPoint PPT Presentation


  • 123 Views
  • Uploaded on

Windows Azure Bringing Cloud to Government Agencies. Anthony Puca – Datacenter SSP [email protected] US Public Sector - SLG www.windowsazure.com. A little about me… . Started in technology 24 years ago as a Mainframe Librarian for AMEX Been working for Microsoft last 3 years

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Windows Azure Bringing Cloud to Government Agencies' - hedwig


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
windows azure bringing cloud to government agencies
Windows Azure Bringing Cloud to Government Agencies

Anthony Puca – Datacenter SSP

[email protected]

US Public Sector - SLG

www.windowsazure.com

a little about me
A little about me…
  • Started in technology 24 years ago as a Mainframe Librarian for AMEX
  • Been working for Microsoft last 3 years
  • Prior to MSFT, 7 years @ EMC
  • Prior to EMC, 7 years @ Avanade and Perot Systems
  • Authored books and whitepapers on Microsoft technologies
    • (2001): MOF Change Quadrant SMFs
    • (2008): “SCCM 2007 R2 Unleashed” (http://www.amazon.com/System-Center-Configuration-Manager-Unleashed/dp/0672330237)
    • (2011): SCCM 2007 Lab Deployment Guide: http://download.microsoft.com/download/1/3/A/13A161C1-2481-4E47-9771-86F55AC9F0EC/ConfigurationManager2007 Lab Deployment Guide.docx
    • (2013): Microsoft Office 365 Administration Inside Out (O’Reilly): (http://www.amazon.com/Microsoft-Office-365-Administration-Inside/dp/0735678235)
  • 2004-2010 Microsoft MVP (WMI (1) & SCOM (6))
why consider the cloud
Why consider the cloud?

Public Cloud Platform

$30

Speed

Scale

Economics

$25

$20

Market Share (in Billions)

$15

$10

$5

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

2019

2020

how does that help me
How does that help me?

Storage: always running out of disk

DR: offsite storage, servers, backup, surveillance

Burst: need more capacity

Media: create, store, distribute, to different devices, surveillance

Dev/test: validate apps and environments

Research: large compute, short window of need

Database: without the hassles

Collaboration repository

HIPAA: process and store private data

cloud services
Cloud Services

You Manage

You Manage

You Manage

    • Infrastructure
  • (as a Service)
  • On Premises
    • Platform
  • (as a Service)
    • Software
  • (as a Service)

Vendor Manages

Vendor Manages

Vendor Manages

You Manage

Applications

Applications

Applications

Applications

Data

Data

Data

Data

Runtime

Runtime

Runtime

Runtime

Middleware

Middleware

Middleware

Middleware

O/S

O/S

O/S

O/S

Virtualization

Virtualization

Virtualization

Virtualization

Servers

Servers

Servers

Servers

Storage

Storage

Storage

Storage

Networking

Networking

Networking

Networking

cloud computing patterns
Cloud Computing Patterns

Inactivity

Period

On and Off

Compute

  • On & off workloads (e.g. batch job)
  • Over provisioned capacity is wasted
  • Time to market can be cumbersome

t

Growing Fast

  • Successful services needs to grow/scale
  • Keeping up w/ growth is big IT challenge
  • Cannot provision hardware fast enough

Compute

t

Unpredictable Bursting

  • Unexpected/unplanned peak in demand
  • Sudden spike impacts performance
  • Can’t over provision for extreme cases

Compute

Predictable Bursting

t

  • Services with micro seasonality trends
  • Peaks due to periodic increased demand
  • IT complexity and wasted capacity

Compute

t

cloud computing economics
Cloud Computing Economics

TCO per Server

Physical & Virtual

Private

Public

Cloud Size (# of Servers)

Source: Microsoft

windows azure trust center
Windows Azure Trust Center

http://www.windowsazure.com/en-us/support/trust-center/

  • One location to aggregate content across Security, Privacy, and Compliance
key security and compliance features
Key Security and Compliance Features
  • Multi-factor authentication for customer and internal operations access
  • Segregation of duties through role-based group memberships configured as AD security groups
  • Internal and customer configurable software firewalls/DoS/IP filtering
  • Virtual Private IP for all customer connections based on Azure subscriptions

Authentication & Authorization

Network Security

  • Federal Risk and Authorization Management Program (FedRAMP) JAB Provisional ATO
  • ISO/IEC 27001:2005 Audit and Certification
  • SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations
  • Cloud Security Alliance Cloud Controls Matrix
  • PCI Level 1 Compliant
  • UK G-Cloud Impact Level 2 Accreditation
  • HIPAA Business Associate Agreement (BAA)
  • All data centers hosting Windows Azure data are managed by Microsoft Global Foundation Services (GFS) which are FedRAMP certified
  • Geographically distributed locations throughout the U.S.
  • Highly secured access mechanisms

Compliance Certification

Physical Security

Data Security

  • Custom developed, highly automated management system through the hypervisor
  • Custom developed monitoring and logging system
  • FIPS 140-2 validated encryption
  • Key and certificate management based on industry best practices
  • Data replication within each data center as well as solutions for geo-replication to multiple data centers
  • Tailored to meet security functionalities in a cloud service environment
    • Scalability
    • Virtual machine and customer-to-customer isolation
    • Security built into the software and focused on pre-deployment testing
data center operational energy use
Data Center Operational EnergyUse

Traditional

Modular

Offline UPS technologies can drive Electrical losses substantially down

Widening temperature range can remove chillers and drive cooling to zero

Virtualization, active power management increase IT return on investment

PUE=2.0

PUE=1.15

Source: EYP Mission Critical Facilities Inc., New York

datacenter evolution
Datacenter evolution

1989-2005

2007

2009

2012

Future

Generation 1

Generation 2

Generation 3

Generation 4

Generation 5

2.0+ PUE

1.4 – 1.6 PUE

1.2 – 1.5 PUE

1.12 – 1.20 PUE

1.07 – 1.19 PUE

Density

Colocation

Containment

Containers, PODs

Scalability & Sustainability

Air & Water Economization

Differentiated SLAs

Server

Capacity

20 year Technology

Rack

Density & Deployment

Minimized Resource Impact

Integrated

Modular

ITPACs & Colocations

Reduced Carbon Right-Sized

Faster Time-to-Market

Outside Air Cooled

Integrated System

Resilient Software

Common Infrastructure

Operational Simplicity

Flexible & Scalable

200 cloud services
200+ Cloud Services

1+ billion customers, 20+ Million Businesses, 76+ markets worldwide

innovation at enterprise scale
Innovation at enterprise scale

430B+

Windows Azure AD authentications

280%

year-over-year database growth in Windows Azure

50%

of Fortune 500 use Windows Azure

29K+

organizations already use Windows Intune

93%

of the Fortune 1000 use Active Directory

2:3

servers worldwide run on Windows Server**

46%

worldwide share:

SQL Server most widely-deployed database*

66%

of enterprise seats covered with System Center

Windows Azure runs on Windows Server 8.5T objects stored in Windows Azure

Bing runs on Windows Server 5.5B+ global queries per month

1B+Office users, 1 in 4 enterprise customers now has Office 365

* IDC Server Workloads Study 2013 ** IDC 2013 WW Server Tracker

one consistent experience
One consistent experience

Azure

Private Cloud

Private Cloud

Azure

Your Datacenter

ONE

ConsistentPlatform

ServiceProvider

Microsoft

media services
Media Services

Your Choice of Components for Building Custom Media Workflows in the Cloud

Windows Azure Media Services

FormatConversion

Analytics

Ingestion

Content Protection

On-Demand

Streaming

Live

Streaming

Encoding

Advertising

2012 london olympics
2012 London Olympics

17 days of broadcast starting July 25th

First major event broadcast live from the cloud

Content Management by deltatre via Windows Azure Media Servicesand CDN delivery by Akamai

Major platform support: Web and Mobile

  • Silverlight, iOS, Windows Phone 7, Android
  • 28 channels in Dublin, 5 in Chicago, 2 for South America
  • Each channel has backup channel

Over 2200 hours of broadcast video with DVR and Video-On-Demand support

  • 500 VMs and 3000 cores
  • Highlight reel and real-time voice-over support
olympics nbc sports
Olympics NBC Sports

Live video encoding and streaming

Web + Mobile

Over 100 million viewers in 22 countries and 4 continents

More than 100TB of storage

Over 500 Billion Storage Transactions

World Record: 2.1 million concurrent HD viewers during the USA vs. Canada hockey match

The Sochi Olympics were powered worldwide by Azure & Hyper-V

office 365 authentication redundancy through site resiliency using adfs in azure
Office 365 Authentication Redundancy through Site Resiliency Using ADFS in Azure
  • VLAN1 - One Read/Write Domain Controller for replicating users and for allowing Active Directory maintenance in Azure in the event of an outage at customer’s site
  • VLAN2 - One AD FS Server (two for local failover)
  • VLAN3 - One AD FS Proxy Server in the DMZ portion of customer’s Azure slice (two for local failover)
slide27

1

Store, backup, recover your data

Develop, test, run your apps

Develop, test, run your apps

Extend your infrastructure

Extend your infrastructure

Scenarios to get started with Windows Azure

Reach where your datacenter won’t

Reach where your datacenter won’t

slide28

Store, backup, recover your data

CloudStorage

Opportunity

Data grows exponentially(50 – 60% Annually: IDC)

SAN storage cost = 4x Cloud storage

(source: Forrester)

Capacity

However most I/O happens to the “Working Set” data

Local Storage

Time

slide29

Store, backup, recover your data

Windows Azure Storage

4 Trillion Objects

“Azure Blob storage has taken a significant step ahead of last year’s leader Amazon S3, to take the top spot”

– Nasuni 2013 Cloud Storage Report

slide30

Store, backup, recover your data

Windows Azure Storage

Highly durable and scalable

Multiple copies of your data

Financially backed SLAs

Storage for objects, tables, drives

Supports REST APIs

slide31

Store, backup, recover your data

Windows Azure Storage

Defend against regional disasters.

East DC

West DC

> 400 miles

Geo replication

slide32

Store, backup, recover your data

Simple and fast on-ramp to Azure

Active data instantly available locally

Archives less used data to Windows Azure

Recover data from any internet connection

Reduce Agency storage TCO by 60-80%

Physical or Virtual Servers

StorSimple

Your Data Center

storsimple enterprise class appliance highly available no single point of failure
StorSimple Enterprise Class ApplianceHighly Available - No Single Point of Failure
  • 1. Full MPIO Support
  • 2. Dual Controllers with Auto-failover
  • 3. Dual Power
  • 4. Dual Cooling
  • 5. RAID drives
  • 6. Hot-spare drives
  • 7. Non-disruptive software upgrades
  • 8. Certified by Microsoft & VMWare
storsimple tiered architecture ssd performance deduplication and auto tiering to cloud
StorSimple Tiered ArchitectureSSD Performance, Deduplication and Auto-Tiering to Cloud

SSD

Linear Tier

A

B

C

B

A

D

E

E

SSD

Deduplicated

SAS

Deduplicated

Compressed

C

D

E

Cloud

Deduplicated

Compressed

Encrypted

D

E

slide36

Store, backup, recover

Microsoft SQL Server

Backup and restore database to the cloud

Direct URL backup

to Azure Storage

Restore in Azure Virtual Machine

SQL Server Management Studio

Benefits

Reliable off-site data backup for SQL images

Easily restore databases using VMs

slide37

Store, backup, recover your data

Windows Azure Backup

Backup datacenter data to Windows using System Center Data Protection Manager

Backup and recover files/folders from Windows Server 2012 SP1

Your On-Premises Datacenter

  • Benefits
  • Reliable offsite data protection
  • Simple, familiar, integrated
  • Efficient backup and recovery
  • Easy set up

Windows Server 2012

Windows Server 2012 Essentials

Windows Server 2008 R2 (SP1)

System Center 2012 DPM SP1

slide38

Store, backup, recover

Store, backup, recover your data

2

Develop, test, run your apps

Develop, test, run your apps

3

Extend your infrastructure

Extend your infrastructure

Scenarios to get started with Windows Azure

Reach where your datacenter can’t

Reach where your datacenter won’t

develop test run your a pps
Develop, test, run your apps

Test and development on-premises

Limited hardware budget

Limited software licensing

Resource contention with VMs

Compromised developer agility

Realistic scale tests often challenging

IT Admin

Developers

Use VMs

Your Datacenter

Provision VMs

VMs in test/devenvironment

develop test run your a pps1
Develop, test, run your apps

Developers

IT Admin

Use VMs

Provision VMs

Test and development using Windows Azure

Manage environment

Cost effective (pay for what you use)

Improved developer agility with platform services

Ready to use gallery of images

Ship tested in realistic scale scenarios

Use existing development tools & languages

Access on-premise resources if necessary

develop test run your apps
Develop, test, run your apps

Start VMs and app development in Azure

Deploy anywhere with no lock-in

Your Datacenter,

or Your Hoster

Easy VM portability

If it runs on Hyper-V, it runs in Windows Azure

Production environment

slide42

“We needed to take a new approach and Windows Azure Virtual Machines provided the right solution for our business.”

– Andreas Hogberg,Telenor

Challenges

Benefits

  • Move from SharePoint 2007 to SharePoint 20013 across 18 different business units, spread across 12 countries
  • Quickly create a large Sharepoint farm for Dev/test within time and cost limits

Limitless resources for Dev/Test

Speed: Build a Sharepointfarm in days not weeks

Low cost, scale up and down as needed

Familiar tools and automation via PowerShell

Portability: On-premises or at Hosteras needed

slide43

Store, backup, recover your data

Store, backup, recover your data

Test drive your apps

Develop, test, run your apps

3

Extend your infrastructure

Extend your infrastructure

Scenarios to get started with Windows Azure

4

Reach where your datacenter won’t

Reach where your datacenter won’t

extend your infrastructure
Extend your infrastructure

Windows Azure

Windows Azure Infrastructure Services

Virtual Machines with on-demand scale & compute

Spin up and tear down in minutes, no hardware provisioning

Connect with on-premises Active Directory and domains

Integrates Windows Azure Virtual Networks

Use what you know, manage with System Center

Integrates with Azure Platform, Apps, and Storage Services

Virtual Network

Active Directory

SharePoint

SQL Server

Internet

Your Datacenter

slide45

Store, backup, recover your data

Store, backup, recover your data

Test drive your apps

Develop, test, run your apps

3

Extend your infrastructure

Extend your infrastructure

Scenarios to get started with Windows Azure

4

Reach where your datacenter won’t

Reach where your datacenter won’t

reach where your datacenter won t
Reach where your datacenter won’t

Websites with global reach

  • Build websites with global scale
  • Built-in support for open web frameworks
  • Managed by Microsoft
  • Improve performance with Traffic Manager

Windows Azure Websites

get started
Get Started

http://WindowsAzure.com

slide48

HYBRID CLOUD

SAMPLE ARCHITECTURES

High Availability / Disaster Recovery

Hybrid Storage

IaaS / PaaS

Identity / Access Management

Multi Factor Authentication

SharePoint (Dev/Test, Recovery, Continuity)

Database (Dev/Test, Recovery, Continuity)

hybrid cloud scenarios
Hybrid Cloud Scenarios

Hyper-V Recovery Manager

Site A

Site B

Health Monitor

Hyper-V Replica

System Center

Virtual Machine

Manager

System Center

Virtual Machine

Manager

Manage

Recovery

plan

AD

AD

Orchestrated Recovery in case of outage

SQL

SQL

StorSimple – Cloud Storage

Exchange

Exchange

De duplicated, Compressed & Encrypted

Windows Azure Backup (<1TB)

Most

Active Data

on SSD

Automation

Policies

  • Benefits
  • Consolidates primary, archive, backup,DR thru seamless integration with Azure
  • Cloud Snapshots
  • De duplication
  • Compression
  • Encryption
  • Reduces enterprise storage TCO by 60–80%

De duplicated

Encrypted Backup

VPN

2 up to 20 TB

SQL

VPN

Encrypted Backup

Recovery

Warm data on SAS Local Tier

StoreSimple

Cloud

Integarted

Storage

Application

Servers

De duplicated

& Compressed

Exchange

Windows Backup

SC Data Protection Manager

Recovery

File Server

100 up to 550 TB

hybrid cloud scenarios1
Hybrid Cloud Scenarios

Archiving

  • Live Backups, Archives, and Disaster Recovery
  • Dramatic Cost Reduction
  • No Changes to Application Environment

File / Application

Servers

StorSimple Cloud Storage

De duplicated, Compressed & Encrypted

SharePoint

Most

Active Data

on SSD

De duplicated

VPN

Encrypted Backup

Warm data on SAS Local Tier

StoreSimple

Archive Data

De duplicated

& Compressed

Recovery

  • Benefits
  • Consolidates primary, archive, backup, DR thru seamless integration with Azure
  • Cloud Snapshots
  • De duplication
  • Compression
  • Encryption
  • Reduces enterprise storage TCO by 60–80%

Encrypted

Policies

Automated

Archiving - StorSimple – Cloud Storage

  • SharePoint storage on StorSimple + Azure
  • StorSimple SharePoint Database Optimizer
  • Improved performance & scalability

Deduplicated, Compressed & Encrypted

Most

Active Data

on SSD

Automation

Policies

  • Benefits
  • Consolidates primary, archive, backup,DR thru seamless integration with Azure
  • Cloud Snapshots
  • De duplication
  • Compression
  • Encryption
  • Reduces enterprise storage TCO by 60–80%

Deduplicated

Virtual Environment

File shares

  • File share with integrated data protection
  • All-in-one primary data + backup + live archives + DR with de-duplication & Compression

2 up to 20 TB

  • Control Virtual Sprawl
  • Cloud-as-a-tier
  • Offload storage footprint
  • VMware Storage DRS Storage pools
  • Virtual Machine Archive
  • Regional VM Storage

Currently in use

VPN

Encrypted Backup

Warm data on SAS Local Tier

StoreSimple

Cloud

Integarted

Storage

Application

Servers

Deduplicated

& Compressed

Sporadic use

Recovery

Archived for Retention

File / Application

Servers

Hyper-V or

vSphere

100 up to 550 TB

hybrid cloud scenarios2
Hybrid Cloud Scenarios

Windows

Azure AD

Infrastructure as a Service (3-Tier highly available example)

VPN

Tier 1

Tier 2

Active Directory

HDInsight

(Hadoop)

Virtual Machines

Mobile

Service

Web Site

VHD

Platform as a Service (Connected Devices)

Windows

Azure SDK

VPN

SharePoint

Developers

Windows Azure

CDN

Storage

BLOB

Storage

Table

Users

Windows Azure

Cache

INGRESS NODES

ANALYTICS NODE

CONSUME

Tier 3

Storage

Queue

Filter / Analyze / Aggregate

Availability Set

Availability Set

Collect / Decode

Reporting / BI

Availability Set

Record

Notification Hub

On Premises

Analytics

& Reporting

Analytics

& Reporting

SQL

Azure

SQL

Azure

Azure

Storage

Azure

Storage

Azure

Storage

Load Balancing

Load Balancing

Auto

Scaling

Auto

Scaling

Worker Roles

Auto

Scaling

Auto

Scaling

Worker Roles

Connected Devices

hybrid cloud scenarios3
Hybrid Cloud Scenarios

Windows Azure Active Directory

Windows Azure AD - Cloud Authentication

User attributes are synchronized using DirSyncincluding the password hash, Authentication is completed against Windows Azure Active Directory

Encrypted Synchronization

Multi-Factor Authentication can be configured through Windows Azure

Microsoft apps

Custom LOB apps

ISV/CSV apps

DirSync with password hash sync

3rd party clouds/hosting

PCs and devices

Windows Azure AD - Federated Authentication

Active Directory

Active Directory

Active Directory

AD

AD

AD

User attributes are synchronized using DirSync, Authentication is passed back through federation and completed against Windows Server Active Directory

DirSync

Multi-Factor Authentication can be configured through the AD FS integration with Windows Azure

AD FS

Consumer identity providers

hybrid cloud scenarios4
Hybrid Cloud Scenarios

SharePoint Development / Test

VPN

Admin

Windows Azure Multi-Factor Authentication

Active Directory

Active Directory

  • Built-in
  • SDK for integration
  • Strong multi Factor Authentication
  • Real Time Fraud Alert
  • Reporting, Logging & Auditing
  • Enables compliance with NIST 800-63 Level 3, HIPAA, PCI DSS, and other regulatory requirements

AD

.NET, Java, PHP, …

ADFS / SAML

On Premises

Applications

Cloud Apps

Corporate devices

BYOD / Personal devices

Remote Users

Multi-Factor

AuthenticationServer

Multi-Factor

AuthenticationServer

sql server hybrid cloud scenarios

SQL Backup tool for legacy

Manual Console Backup

Managed Backups

SQL Server Hybrid Cloud Scenarios

SQL Development

Management Portal

Publish

Compare

Sync

Import / Export

Register / Unregister

VPN

SQL Backup/Recovery

Management Portal

SQL Backup tool for legacy

Manual Console Backup

Managed Backups

VPN / Encrypted Data

SQL Business Continuity

Disaster Recovery

Primary

Asynchronous Commit

Secondary

Backup

Availability Groups

Periodic Snapshots

Geo Replication

VPN

Dispersed Teams

Powering BI Apps

Console 2014 / Scripts 2012

potential next steps
Potential Next Steps

Explore potential scenarios - Center of Excellence

Architectural Design Session - Microsoft Technology Center

Define and build a proof of concept (At MTC or customer lab)

Setup Quick Test Scenarios

Disaster Recovery, Test/Dev or Storage for Azure

Setup High Business Impact Test Scenarios

SQL, SharePoint, Web, File share

getting started with virtual machines
Getting Started with Virtual Machines

Multiple options toget started…

Management Portal

>_

Scripting

(Windows, Linux and Mac)

REST API

azure demo
Azure Demo

Login

I have previously set up an Azure Account.

http://manage.windowsazure.com/

Also see

http://www.windowsazure.com/en-us/

azure demo1
Azure Demo

Click #1

Click “+NEW”

azure demo2
Azure Demo

Click #2

Click VIRTUAL MACHINE

Click #3

Click FROM GALLERY

http://manage.windowsazure.com/

azure demo3
Azure Demo

Click #4

Choose a Server Operating System

Click Windows Server 2012

azure demo4
Azure Demo

Click #5

Input a desired VM Name

Click Next (right arrow)

azure demo5
Azure Demo

No Clicks Yet

Input a desired DNS Name

Choose the Geo Location of the Microsoft Datacenter where you want your VM(s) to be located

azure demo6
Azure Demo

Click #6

I have chosen EAST US as my Geo Location

Click Next (right arrow)

azure demo7
Azure Demo

Choose an Availability Set

Click #7 to Provision the New VM

FINISHED

azure demo8
Azure Demo

Now the Provisioning Process Starts

My New Virtual Machine, hosted in Windows Azure’s United States-based Datacenter(s) is being provisioned.

azure demo9
Azure Demo

My New VM is Done

Now my VM is accessible through RDP

azure demo10
Azure Demo

Click Once on Your VM to Monitor it

azure demo11
Azure Demo

This is a view of the default Azure-based VM Monitor Dashboard

how it works select from image gallery
How it WorksSelect from Image Gallery

Virtual Machine booted. Changes direct-writeto blob storage

Log in to

Windows Azure

Management Portal

The image is copied to

your blob storage account

Create new VM from image gallery

how it works bring your own custom vhd
How it WorksBring your own custom VHD

Virtual Machine booted. Changes direct-write to blob storage

Create a Virtual Machine by attaching to disk

Create your own VHD

Upload image to blob storage

ad