Azure 101

2. Microsoft Azure In the Enterprise Mark Franco MTC Technical Architect (TA) Microsoft Canada

3. Agenda: [ Microsoft’s Cloud Strategy] [ Overview of Azure IaaS and PaaS] [ Azure Storage Basics] [Open Discussion]

4. Agenda [ Azure IaaS and PaaS Demos] [ Azure Portals and API’s] [ Azure Resource Manager (ARM) API] [ Azure Storage] [ Azure Networking Basics] [ Azure Virtual Networks (Vnets)] [ Express Route]

5. Agenda (cont): [ Azure Network Security Mechanisms] [ Deploying Globally with Traffic Manager] [ Cloud Adoption Methodology] [ Cloud Adoption – Use Cases ] [ Azure Security Center] [ Operational Analytics - OMS)]

6. Agenda (cont): [Appendix] [ Microsoft Azure Stack (MAS)] [ Azure Service Fabric] [ Azure DEV-OPS] [ Azure described by Gartner] [Miscellaneous]

7. [ Microsoft’s Cloud Strategy]

8. Microsoft Confidential Your Private Cloud Azure Public Cloud Service Provider Cloud

9. What is Cloud Computing? NIST DEFINITION: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf 1) On demand self service 2) Broad network access 3) Resources pooling 4) Rapid elasticity 5) Measured service.

10. 10 Microsoft’s cloud environment Microsoft Cloud Infrastructure and Operations (MCIO) Consumer and small business services Enterprise services Third-party hosted services Software as a Service (SaaS) Microsoft Cloud Customers SecurityGlobal NetworkOperationsDatacenters IaaS PaaS Application Physical Certification& SecurityReliance

11. The Azure Platform HYBRID Cloud Strategy Microsoft Azure Stack (MAS) Private Cloud Security& Management SaaS (Software as a Service) O365, CRM, VSO etc… + 3rd Party SaaS Solutions Public Cloud Platform Hybrid Operations Security& Management Hybrid Operations

14. [ Overview of Azure IaaS and PaaS]

15. Hyper scale Infrastructure is the enabler 100+ Datacenters across 38 Regions (30 Generally Available) Worldwide  Top 3 networks in the world  2.5x AWS, 7x Google DC Regions  G Series – Largest VM in World, 32 cores, 448GB Ram, SSD… Operational Announced/Not Operational Central US Iowa West US California East US Virginia US Gov Virginia North Central US Illinois US Gov Iowa South Central US Texas Brazil South Sao Paulo State West Europe Netherlands China North * Beijing China South * Shanghai Japan East Tokyo, Saitama Japan West Osaka India South Chennai East Asia Hong Kong SE Asia Singapore Australia South East Victoria Australia East New South Wales India Central Pune Canada East Quebec City Canada Central Toronto India West Mumbai Germany North East ** Magdeburg Germany Central ** Frankfurt North Europe Ireland East US 2 Virginia United Kingdom RegionsUnited Kingdom Regions US DoD East TBD US DoD West TBD * Operated by 21Vianet ** Data Stewardship by Deutsche Telekom

16. Azure locations list (azure cli)

17. Azure Resource Providers (via cli)

18. Platform Services Infrastructure Services Web Apps Mobile Apps API Apps Notification Hubs Hybrid Cloud Backup StorSimple Azure Site Recovery Import/Export SQL Database DocumentDB Redis Cache Azure Search Storage Tables SQL Data Warehouse Azure AD Health Monitoring AD Privileged Identity Management Operational Analytics Cloud Services Batch RemoteApp Service Fabric Visual Studio Application Insights VS Team Services Domain Services HDInsight Machine Learning Stream Analytics Data Factory Event Hubs Data Lake Analytics Service IoT Hub Data Catalog Security & Management Azure Active Directory Multi-Factor Authentication Automation Portal Key Vault Store/ Marketplace VM Image Gallery & VM Depot Azure AD B2C Scheduler Xamarin HockeyApp Power BI Embedded SQL Server Stretch Database Mobile Engagement Functions Cognitive Services Bot Framework Cortana Security Center Container Service VM Scale Sets Data Lake Store BizTalk Services Service Bus Logic Apps API Management Content Delivery Network Media Services Media Analytics

20. [ Azure Storage basics]

21. MICROSOFT CONFIDENTIAL File Shares Supports SMB 3.0 protocol. Can be accessed like a traditional file share. Share files between multiple Virtual Machines. A single file share can be up to 5TB. Tables NoSQL storage of structured data (entities). Key/value storage. A single entity can have up to 255 properties and be up to 1MB. Queues Durable messaging. Provides asynchronous communication between application tiers and components. A single message can be up to 64KB. Blobs Block: Text or binary data (.log, .exe, .jpg, etc.). Up to 200GB. Page: Optimized for disks (.vhd). Supports random read-write. Up to 1TB. Append Blob: Writes to end of the blob (4MB max) up to 50k times (~195GB)

22. Azure Premium Storage • Consistent low latency SSD based with predictable IO throughput • Suitable for high-performance IO-intensive database workloads • Single digit milliseconds latencies • Supports up to 1 TB blob/disk size • Stripe up to 32 disks for a total of • 32TB and more than 50,000 IOPS • Premium Storage Disks work in • with DS and GS VM instance sizes

23. MICROSOFT CONFIDENTIAL Blobs 500 IOPS or 60MB/second. Basic/Standard Tier VM: 300/500 IOPS/disk. DS-Series VM w/Prem. Stg.: 5,000 IOPS/disk. File Shares 1,000 IOPS or 60MB/second (8K object size). Tables 2,000 Entities/second (1K entity size) Queues 2,000 Messages/second (1K message size).

24. [ Overview of Containers]

25. What is a container? Traditional virtual machines = hardware virtualization VM VM VM VM VM … Containers = Operating system virtualization CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER … OS

26. Windows Server Container Hyper-V Container Windows Server Container Hyper-V Container

27. Container Management System Processes Application Processes System Processes System Processes Application Processes

28. Virtual Machine Specifically Optimized To Run a Container Container Management System Processes System Processes Application Processes

29. PaaS Options in Azure

30. PaaS Options in Azure

31. [ Azure Marketplace]

32. Infrastructure Services Azure Marketplace, Partner Solutions (PAYG or BYOL) Compute Storage Networking Platform Services Security & Management Web and Mobile Media & CDN Analytics & IoTIntegration Hybrid Operations Data Compute Developer Services

33. Today 33 At WPC

34. You can build your required workload in Azure based on our extensive marketplace Microsoft Azure Azure Marketplace Sample E-commerce web siteMultichannel Marketing Application

35. Applications Clients Infrastructure Management Databases & Middleware App Frameworks & Tools DevOps PaaS & DevOps

36. Pre-integrated SaaS apps in the application gallery

37. Break

38. [ Hybrid Cloud Identity Management]

39. MICROSOFT CONFIDENTIAL

40. MICROSOFT CONFIDENTIAL Simple connection Self-service Single sign on ••••••••••• Username Windows Server Active Directory LDAP Directories 3rd Party & Custom Line-of- Business Apps Custom AppsMicrosoft Azure Active Directory

41. MICROSOFT CONFIDENTIAL Azure AD Connect (sync + sign on) Windows Server Active Directory LDAP Directories

42. MICROSOFT CONFIDENTIAL • Password Synchronization can be used as a backup *

43. MICROSOFT CONFIDENTIAL Azure AD Connect (sync + sign on)

46. MICROSOFT CONFIDENTIAL Azure AD Connect (sync + sign on)

51. [ Azure Active Directory offerings]

52. Azure Active Directory editions feature comparison

53. Azure Active Directory Offering Comparison

54. Azure MFA Offering Comparison MFA for O365/Azure Administrators Windows Azure Multi-Factor Authentication / EMS

55. Azure RMS Offering Comparison RMS for O365 Azure RMS (EMS)

56. Category Feature Exchange ActiveSync MDM for Office 365 Microsoft Intune (cloud only) Intune + ConfigMgr (hybrid) Device configuration Inventory mobile devices that access corporate applications ● ● ● ● Remote factory reset (full device wipe) ● ● ● ● Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ● Self-service password reset (Office 365 cloud only users) ● ● ● ● Office365 Provides reporting on devices that do not meet IT policy ● ● ● Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ● Root and jailbreak detection ● ● ● Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) ● ● ● Prevent access to corporate email and documents based upon device enrollment and compliance policies ● ● ● Premium mobiledevice& appmanagement Self-service Company Portal for users to enroll their own devices and install corporate apps ● ● App deployment (Windows Phone, iOS, Android) ● ● Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ● Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) ● ● Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune ● ● Remote device lock via self-service Company Portal and via admin console ● ● PC management Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ● PC software management ● ● Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop and power management, custom reporting, etc.) ● Windows Server/Linux/UNIX/Mac OS X support ● OS deployment and imaging ● Compare Microsoft Intune to MDM for Office 365

57. [ Azure Security & Compliance Certifications]

58. Approach to protect cloud infrastructure

59. Cameras / Alarms 24X7 security staff Barriers / Fencing Days of backup power Two-factor access control Secure By Design Operation Security Controls Compliance Certifications Forensics Penetration Testing Secure and Isolated VNets Inbound VNet ACLs Forced Tunneling Multiple virtual NICs Security Appliances Anti-Malware VM Security Extensions Role-Based Access Controls Encrypted VHD Boot Logging / Auditing

60. Layers of Security in Azure

61. Customer Environment Application Tier Logic Tier Database Tier Isolated Virtual Network INTERNET Cloud Access & Firewall Layer THREAT DETECTION: DoS/IDS Layer DOS/IDS Layer DOS/IDS Layer DOS/IDS Layer Clients / End Users Microsoft Azure 443 443 Azure Storage SQL Database Azure Platform • Logical isolation for customer environments and data • Centralized management via SMAPI or the Azure Portal • No internet access by default • Intrusion detection and DoS prevention measures • Customer can deploy additional DoS/IDS measures within their virtual networks • Penetration testing ExpressRoute Peer Private fiber connections to access compute, storage and more using ExpressRoute Azure Security and Compliance Secure development, operations, and threat mitigation practices provide a trusted foundation VPN Site-to-Site VPN Remote Workers Computers Behind Firewalls Enables connection from customer sites and remote workers to Azure Virtual Networks using Site-to-Site and Point-to-Site VPNs Azure manages compliance with: • ISO 27001 • SOC1 / SOC2 • HIPAA BAA • DPA / EU-MC • UK G-Cloud / IL2 • PCI DSS • FedRAMP Azure’s certification process is ongoing with annual updates and increasing breadth of coverage. Azure provides a number of options for encryption and data protection.

62. Azure Compliance The largest compliance portfolio in the industry HIPAA / HITECH FedRAMP JAB P-ATO FIPS 140-2 FERPA DISA Level 2 ITAR-readyCJIS21 CFR Part 11 IRS 1075 Section 508 VPAT ISO 27001 PCI DSS Level 1SOC 1 Type 2 SOC 2 Type 2 ISO 27018Cloud Controls Matrix Content Delivery and Security Association Shared Assessments European Union Model Clauses United Kingdom G-Cloud Singapore MTCS Level 3 Australian Signals Directorate Japan Financial Services China Multi Layer Protection Scheme China CCCPPF New Zealand GCIO China GB 18030 EU Safe Harbor ENISA IAF

63. Microsoft Cloud Compliance Certifications and Attestations asof01/15/15

64. Customers in the Microsoft Government Cloud US Department of Agriculture State of Texas Environmental Protection Agency State of Alabama Health and Human Services State of New York Health and Human Services Los Angeles County Department of Labour San Bernardino County Sheriff US Department of Commerce City of Chicago

65. Example Security solution

66. [ Azure Portals and APIs]

67. Azure Management Portals Current Management Portal New Management Portal MW1

68. Slide 67 MW1 Michael Washam, 2015-01-19

69. Azure IaaS/PaaS – Two Architectures Service Management (“classic”) ASM Azure Resource Manager(“New”) ARM Cloud Services Affinity Groups Synchronous VM Deployments Scripted Automation Monolithic Network and VM Configuration No Cloud Services No Affinity Groups Resource Groups (Logical Containers) Asynchronous VM Deployments Scripted or Declarative Deployments Granular API – manage individual components directly

70. [ Azure Resource Manager (ARM) API]

72. AZURE RESOURCE MANAGER API

74. Azure Templates can: • Ensure Idempotency • Simplify Orchestration • Simplify Roll-back • Provide Cross-Resource Configuration and Update Support Azure Templates are: • Source file, checked-in • Specifies resources and dependencies (VMs, WebSites, DBs) and connections (config, LB sets) • Parametized input/output Instantiation of repeatable config. Configuration  Resource Group SQL - A Website Virtual Machines SQL-A Website [SQL CONFIG] VM (2x) DEPENDS ON SQLDEPENDS ON SQL SQL CONFIG

75. Azure Resource Manager templates Self-service Declarative Templates IaaS + PaaS resources RBAC on API/Portal Custom Tagging Centrals Audits RESOURCE GROUP

76. PaaS Options with ARM Stack

77. PaaS Options with ARM Stack

80. 2) Code Repository 1) Developers 3) Build 4) Test 5) Deploy to Cloud 6) Monitor and Improve Contoso App Azure

82. [ Azure IaaS & PaaS demos]

83. [ Azure Subscription Management]

84. MICROSOFT CONFIDENTIAL Enterprise Enrollment Account Account Department Department Account Subscription Subscription Subscription Subscription

85. MICROSOFT CONFIDENTIAL Accounts

86. MICROSOFT CONFIDENTIAL AZURE RESOURCE Service Management API Resource Manager API Cores per subscription 10,000 Global 10,000 Regional (x 17 regions) Co-administrators per subscription 200 Global, with no RBAC model Unlimited: AAD groups can recursively contain other groups; full RBAC security model. Storage accounts per subscription 100 200 (by contacting support) Hosted Service per subscription 200 Unlimited (deprecated) Virtual networks per subscription 100 Global 1,000 Regional (x17 regions) Local networks per subscription 500 Global Unlimited Reserved IPs per subscription 100 Global 600 Regional (x17 regions) VNets per ExpressRoute Circuit 10 Global N/A (no support for ER with new API) Hosted service certificates per subscription 400 Global Unlimited: secrets are now stored in Regional Azure Key Vaults Affinity groups per subscription 256 Global Deprecated Resource Groups per subscription 500 Global 500 Virtual machines per deployment 50 per deployment 100 per deployment Input Endpoints 150 per cloud service 600 Load Balancers per subscription per region, with each LB supporting 65,000 connections https://azure.microsoft.com/en-us/documentation/articles/azure-subscription-service-limits

88. [ Azure Storage]

89. MICROSOFT CONFIDENTIAL File Shares Supports SMB 3.0 protocol. Can be accessed like a traditional file share. Share files between multiple Virtual Machines. A single file share can be up to 5TB. Tables NoSQL storage of structured data (entities). Key/value storage. A single entity can have up to 255 properties and be up to 1MB. Queues Durable messaging. Provides asynchronous communication between application tiers and components. A single message can be up to 64KB. Blobs Block: Text or binary data (.log, .exe, .jpg, etc.). Up to 200GB. Page: Optimized for disks (.vhd). Supports random read-write. Up to 1TB. Append Blob: Writes to end of the blob (4MB max) up to 50k times (~195GB)

90. MICROSOFT CONFIDENTIAL Blobs 500 IOPS or 60MB/second. Basic/Standard Tier VM: 300/500 IOPS/disk. DS-Series VM w/Prem. Stg.: 5,000 IOPS/disk. File Shares 1,000 IOPS or 60MB/second (8K object size). Tables 2,000 Entities/second (1K entity size) Queues 2,000 Messages/second (1K message size).

91. MICROSOFT CONFIDENTIAL http|https://storageaccountname.blob.core.windows.net/ Container 1 (/VHDs) VHDs • /Win2k12- datacenter.vhd Container 2 (/Logs) /Log1.log Container 3 (/Public) /Photos • /Pic1.jpg /Videos • /MyVideo.mp4

92. MICROSOFT CONFIDENTIAL http|https://storageaccountname.table.core.windows.net/TABLENAME/ lastname2 Entity1 • Partition Key=LASTNAME1 • Key=userid • Att1 = value Entity2 • Partition Key=LASTNAME1 • Key=userid • Att1 = value • Att 2 = value • Att 3 =value Entity3 • Partition Key=LASTNAME2 • Key=userid • Att1 = value • Att 3 = value • Att 6 = value

93. MICROSOFT CONFIDENTIAL http|https://storageaccountname.queue.core.windows.net/QUEUENAME/ Queue (Order Processing) Order1 Order2 OrderN…

94. MICROSOFT CONFIDENTIAL http|https://storageaccountname.files.core.windows.net/ Share name 1 (archive) /Folder • /File1.docx • /foldera • /file2.pptx /folder • /folder • Files Share name 1 (S Drive) /Folder • /File1.docx • /foldera • /file2.pptx /folder • /folder • files

95. [ Azure Networking Basics]

97. Comparing Network Architectures

98. Azure Components

99. Using the External Load Balancer (Classic) Endpoint VM1 Public Port: 80 Local Port: 80 Protocol: TCP Name: HTTP LBSetName: LBHTTP Endpoint VM2 Public Port: 80 Local Port: 80 Protocol: TCP Name: HTTP LBSetName: LBHTTP

100. Load Balancer - ARM Configure the load balancer directly instead of configuring endpoints on each virtual machine. • Front end IP configuration • Backend Address Pool • Load Balancing Rules • Probes • Inbound NAT Rules

101. [ Azure Virtual Networks]

102. Internal Load Balancing with Virtual Networks Virtual Network Address Space: 10.0.0.0/16 On Premises 192.168.0.0/16 Active Directory Replication Access on-premises resources Access intranet over hybrid connection https://spintranet Map to: 10.0.0.100 Set Internal Load Balancer IP New-AzureInternalLoadBalancerConfig http://spintranet Hybrid Connection

103. Hardware VPN or Windows RRAS Virtual Network WFE App VPN Gateway • Extend on-premises to the cloud securely (IPSec) • On-ramp for migrating services to the cloud • Use on-prem resources in Microsoft Azure (monitoring, AD, etc.) • IPSec (IKEv1 and IKEv2) SQL DC/DNS Site-to-Site VPN connect Virtual Network

104. Virtual Network to Virtual Network Connect Virtual Networks Across Azure Regions or Subscriptions West US East US INTERNET IPSEC

105. Multi-Site Virtual Networks Secure IPSEC

106. Example network customer case - 1

109. [ Express Route]

111. ExpressRoute - What is it? ExpressRoute provides a private, dedicated, high-throughput network connection from a customer to Microsoft. WAN

112. ExpressRoute circuits and routing domains Logical representation of connectivity between your WAN and Microsoft

114. Nor Microsoft nor Customer can control performance here

116. Different bandwidth Different latency

117. ExpressRoute Location

118. ExpressRoute Location Microsoft- owned Customer buys these links

119. ExpressRoute Location Whole link covered by customer-controlled business agreements

120. ExpressRoute Location 1. Microsoft sells access to its back- bone via dedicated x-connects 2. ER provider sells x-connects and colo space 3. ER reseller sells connectivity from customers’ premises and ER exchange locations

121. ExpressRoute Location 1. Microsoft sells access to its back- bone via dedicated x-connects 2. ER provider sells ER access as IP or Ethernet service

122. Express Route Technical Overview • Direct connect to your infrastructure hosted in an Azure Virtual Network) bypassing the public Internet (Private Peering) • Direct connect to Office 365 and Microsoft Azure Services such as SQL Database and Microsoft Azure Storage (Public Peering)

123. Up to 6 BGP sessions VRF VRF Customer’s network

124. • • •

125. ER-enabled colocation Facility ER-enabled colocation Facility

126. ER-enabled colocation Facility

127. ER-enabled colocation Facility #1 ER-enabled colocation Facility #2

128. ER-enabled colocation Facility VNET Gateway NVGRE Layer-3 switch Subnet-11 Subnet-12 Azure VNET #1 GW Subnet1 VNET Gateway NVGRE Layer-3 switch Subnet-21 Subnet-22 Azure VNET #2 GW Subnet2

129.           Customer’s network ExpressRoute Circuit Partner Edge Traffic to public IP addresses in Azure Traffic to Virtual Networks Traffic to Office 365 Services Microsoft Edge

130. Quality of Service (QoS) • Voice, video, data transfers need to be treated differently • Voice and video sensitive to latency and jitter • Classify traffic and tag with appropriate DSCP value • Separate queue each traffic class Best effort Video and interactive Voice

131. Connect Your Network to Azure ExpressRoute Connectivity Options

133. ExpressRoute Pricing Plans • https://azure.microsoft.com/en-us/pricing/details/expressroute/ • Egress is $0.025 per GB for Zone 1, $0.05 per GB for Zone 2, and $0.14 per GB for Zone 3 • Zone 1= US/Europe, Zone 2 = Asia/Pacific, Zone 3 = Brazil • Office 365 Requires Premium Add-On Circuits Bandwidth Metered Data - Port Only Unlimited Data All Zones Zone 1 Zone 2 Zone 3 50 Mbps $55 $300 $610 $872 100 Mbps $100 $575 $1,230 $1,300 200 Mbps $145 $1,150 $2,300 $3,220 500 Mbps $290 $2,750 $5,200 $5,200 1 Gbps $436 $5,700 $8,700 $8,700 2 Gbps $872 $11,400 $17,400 $17,400 5 Gbps $2,180 $25,650 $41,000 $41,000 10 Gbps $5,000 $51,300 $82,000 $82,000

134. • New and Existing customers using ER for O365/SfB and CRMOL • Azure customers Bandwidth Current Premium Add-On Price New Price for Premium Add-On All Zones Zone 1 Zone 2/3 50 Mbps $3,000 $75 $100 100 Mbps $3,000 $100 $175 200 Mbps $3,000 $150 $300 500 Mbps $3,000 $400 $800 1 Gbps $3,000 $750 $1,450 2 Gbps $3,000 $1,500 $2,250 5 Gbps $3,000 $3,000 $3,000 10 Gbps $3,000 $3,000 $3,000

135. ExpressRoute Providers WAN

136. Express Route Connectivity providers Geopolitical region Azure regions ExpressRoute locations North America East US, West US, East US 2, Central US, South Central US, North Central US, Canada Central, Canada East Atlanta, Chicago, Dallas, Las Vegas+, Los Angeles, New York, Seattle, Silicon Valley, Washington DC, Montreal+, Toronto South America Brazil South Sao Paulo Europe North Europe, West Europe Amsterdam, Dublin, London Asia East Asia, Southeast Asia Hong Kong, Singapore Japan Japan West, Japan East Osaka, Tokyo Australia Australia Southeast, Australia East Melbourne, Sydney India India West, India Central, India South Chennai, Mumbai

137. Azure Subscriptions quotas Resource Default Limit ExpressRoute circuits per subscription 10 ExpressRoute circuits per region per subscription for ARM 10 Maximum number of routes for Azure private peering with ExpressRoute standard 4,000 Maximum number of routes for Azure private peering with ExpressRoute premium add-on 10,000 Maximum number of routes for Azure public peering with ExpressRoute standard 200 Maximum number of routes for Azure public peering with ExpressRoute premium add-on 200 Maximum number of routes for Azure Microsoft peering with ExpressRoute standard 200 Maximum number of routes for Azure Microsoft peering with ExpressRoute premium add-on 200 Number of virtual network links allowed per ExpressRoute circuit see table in next page ExpressRoute Limits The following limits apply to ExpressRoute resources per subscription.

138. Azure Subscription quotas Number of Virtual Networks per Express Route Circuit Circuit Size Number of VNet links for standard Number of VNet Links with Premium add-on 10 Mbps 10 Not Supported 50 Mbps 10 20 100 Mbps 10 25 200 Mbps 10 25 500 Mbps 10 40 1 Gbps 10 50 2 Gbps 10 60 5 Gbps 10 75 10 Gbps 10 100

139. [ Azure Network Security Mechanisms]

140. Typical On-premises Infrastructure

141. Example Azure Cloud Infrastructure

142. Extending On-premises to Azure

143. Extending On-Premises to Azure (Cont.)

144. Network Security Groups (NSGs) • Network security group (NSG) contains a list of Access Control List (ACL) rules that allow or deny network traffic to your VM instances in a Virtual Network. • NSGs can be associated with either subnets or individual VM instances within that subnet. • When a NSG is associated with a subnet, the ACL rules apply to all the VM instances in that subnet. • In addition, traffic to an individual VM can be restricted further by associating a NSG directly to that VM.

145. NSG Limits Description Default Limit Implications Number of NSGs you can associate to a subnet, VM, or NIC 1 This means you cannot combine NSGs. Ensure all the rules needed for a given set of resources are included in a single NSG. NSGs per region per subscription 100 By default, a new NSG is created for each VM you create in the Azure portal. If you allow this default behavior, you will run out of NSGs quickly. Make sure you keep this limit in mind during your design, and separate your resources into multiple regions or subscriptions if necessary. NSG rules per NSG 200 Use a broad range of IP and ports to ensure you do not go over this limit.

146. Build a DMZ using NSGs

147. Build a DMZ using NSGs & a Firewall

148. User Defined Routes (UDRs) • For most environments you will only need the system routes already defined by Azure. However, you may need to create a route table and add one or more routes in specific cases, such as: • Force tunneling to the Internet via your on-premises network. • Use of virtual appliances in your Azure environment. • In the scenarios above, you will have to create a route table and add user defined routes to it. You can have multiple route tables, and the same route table can be associated to one or more subnets. And each subnet can only be associated to a single route table. All VMs and cloud services in a subnet use the route table associated to that subnet. • Subnets rely on system routes until a route table is associated to the subnet. Once an association exists, routing is done based on Longest Prefix Match (LPM) among both user defined routes and system routes. If there is more than one route with the same LPM match then a route is selected based on its origin in the following order: • User defined route • BGP route (when ExpressRoute is used) • System route

149. Build a DMZ using NSGs, UDR & A Firewall

150. Build a DMZ using NSGs, UDR & a Firewall Firewall Rules =>

151. [ Deploying Globally with Traffic Manager]

152. Traffic Manager – DNS Based Load Balancer Three Load Balancing Algorithms Performance, Round Robin, Fail Over Map your domain name to yourservice.trafficmanager.net with CNAME contoso.com -> contosotm.trafficmanager.net Map cloud service URLs in global data centers to Traffic Manager Profile. contosoeast.cloudapp.net contosowest.cloudapp.net Built in HTTP Health Probes for High Availability

153. Performance Traffic Manager determines fastest route for the client and returns IP for the appropriate cloud service.

154. Round Robin Traffic Manager returns IPs in a round robin fashion regardless of client location.

155. Failover Traffic Manager always returns the IP address of the primary cloud service unless it fails a health check.

156. [ Cloud Adoption Methodology ]

157. * Not meant to be a comprehensive list of all services, for a complete list please visit azure.microsoft.com APP SERVICES NETWORKING & AUTOMATION SERVICES COMPUTE SERVICES DATA SERVICES Azure Cloud Adoption On Premises Private Cloud AutomationHealth Monitoring Site-to-Site VPN Point-to-Site VPN Express Route Azure Web Site web roles worker roles Virtual Machines Azure Mobile Services TFS or VS Online + GIT Azure AD Multi-Factor Auth Azure Cache Access Control BizTalk Services Media Services Service Bus Notification Hub Scheduler SAN Storage Spaces/SMB Server Group #1 Server Group #2 VIRTUALIZATION COMPUTE, STORAGE & NETWORKING Physical Infrastructure (Servers/Storage/Networking DEVICES & FACILITIES Moving forward in the journey StorSimple Cloud Integrated Storage Azure Site Recovery StorSimple Virtual Appliance Backup Service Gallery OS images VHD VHD data disk MySQL database SQL Database SQL Data Sync HDInsight (Hadoop) storage queue storage blob storage table Virtual network Automation CDNAvailability Set Azure load balancer Auto- scale Traffic Manager APPLICATIONS & SERVICES Provisioning Monitoring Automation & Self Service Application Insight IT Service Management System Center 2012 R2 Public Cloud

158. Commodity workloads move to SaaS 1 New development and modern applications move to PaaS 2 Existing applications move to IaaS 3 Three-phased approach Microsoft IT already takes advantage of its SaaS offerings with employees using Office 365, Yammer, and OneDrive. The company also uses Dynamics Online. New applications are optimized for cloud computing. Focus is on functionality rather than infrastructure. Existing applications are moved to IaaS virtual machines using one of two approaches:  Lift and shift—existing virtual machines are shifted to the cloud.  Build in the cloud—applications are prebuilt in Azure and traditional methods are used to backup and restore data. SaaS Your application files (source code, Dlls,etc.) Azure Worker Roles Azure Web Roles Your PaaS application Azure PaaS Azure IaaS Your virtual network Cloud Service Active Directory & DNS Cloud Service Your Line of Business application Example Cloud Adoption Approach

159. Strong dependency for Success Cloud Adoption Cycle - Methodology Architectural Design • Application / Workload Architectural Design • Compute, Storage, Networking, Applications Services • Identity • Security • Networking / Connectivity • Compliance • Data Archival • DevOps • Build • Test • Configure • Deploy • Measure Consumption • Monitor / Manage • Scale • Common Process • Patterns & Practices Triggers • New Application Project / Business Initiative • Tech Refresh • Workload Capacity Growth • Hosting • Enhanced SLA • High Availability / Disaster Recovery • Lower Operational Costs Needs • Discovery of capabilities • Selection of potential scenarios: • App/Workload Consolidation • Disaster Recovery / Backup • Storage / Archiving • Cloud Identity • Content Delivery • Media Hosting • Databases • BI • Web Hosting • Infrastructure Hosting • E-Commerce • HPC Build • Pilot Architecture • Checklist: Identity, Security, Networking, Compliance, DevOps • Test • Validate with Data • Validate Scaling and Resiliency • Service Management • Self Service • SLA • Scaling • Resiliency • Cost evaluation Objectives Scenarios Build Deploy Deploy • Deployment guidance • Deployment resources & team • Promotion to production with Identity, Security, Compliance and DevOps considerations • Continuous Enablement • Cloud cost management • Cloud Reference Model and Standard Setting

160. IaaS (VMs) PaaS (on VMs) Deployment Packages (Cloud Services) Desired State Config Template Driven Managed PaaS Services Classic Enterprise Management Tools Managed Services Content & Code Continuous Integration Auto-Scaling, Update, etc. SaaS Managed Applications Multi-Tenant Services Public, High-Scale Services Granular Pricing • Virtual Machines • Virtual Networks • Virtual Disk Storage • Site Recovery Services • VMs with JSON template deployment • Azure Cloud Services • Azure ServiceFabric • Config Extensions such as Chef, Puppet, or PS DSC • Hadoop on VMs via Horton Works Template • Container Orchestration • Web App Services including API, Logic, and Mobile Apps • ServiceBus & Queues • Event Hub, IOT Hub • Stream Analytics • Azure SQL Database, DW • HDInsight (Managed Hadoop) • Machine Learning, AzureML • Application Insights • Operational Insights / OMS • Key Vault • Table Storage, DocDB, … • & many more • Office 365 • Azure Active Directory • Azure Rights Management • Azure MFA • Azure Remote App • Mobile Engagement • PowerBI • CRM Online • Visual Studio Online • Etc. Managed Service Level - SLA Time-to-Market Impact

161. New IT Workload Hybrid Cloud Mindset

162. 32 Evaluation Criteria Items Based on 6 Evaluation Aspects Maximize Benefits A simple Rehost (IaaS) of a workload typically provides less benefits than replacing the workload with a cloud offering (SaaS)…

163. Low-impact content High-impact content Not cross-premises Cross-premises No regulatory exposure Regulatory exposure Not mission critical Mission critical Low monitoring needs High monitoring needs Custom app integration Packaged app integration Medium database storage Large database storage Workload Migration Precedence

164. Top Down Emphasis on modernizing applications • Where should the application live? Paas? IaaS? SaaS? • Are there network or workload dependencies? Bottom Up Emphasis on environment rationalization • Understand hardware inventory and network topology • Are there workload dependencies? • Adhere to business compliance requirements Opportunistic Evolve applications to Azure • Migrate applications in the course of other projects • Convenience and efficiency Strategic / Evaluative Tactical / Cost-effective On-the-fly / Flexible Migration Emphasis

165. Business Considerations •TCO – true cost of workload •Redundant •Business Critical •Financial impact •Dev •Test •New Technical Considerations • Workload architecture • OS, Web, and DB platform? • CPU, Disk, Memory requirements? • Complexity • Capacity GRC Considerations • SLA • Compliance • Sensitive data • Performance • Security Workload Considerations

166. PaaS / SaaS • Investment applications that receive further investment • Build application to leverage the modern cloud • Use code analysis tools to determine build/migration cost • Commodity applications can run in SaaS New ApplicationsNew Applications Existing ApplicationsExisting Applications IaaS • Sustain applications that will not receive further investment • Can the application run in Cloud? Re-architect for PaaS or SaaS Re-architect for PaaS or SaaS Lift and shiftLift and shift Target to run in PaaS or SaaS Target to run in PaaS or SaaS Workload Migration Path On Premise On PremiseOn Premise • Applications that must stay on premise

167. Application Analysis IaaS Migration Plan Cloud Adoption Framework Cloud Adoption Decision Framework Server Technical Assessment Application Roadmap (PaaS / SaaS) Right sizing Business Factors Remediation Drives Cloud IaaS migration decisions Azure IaaS (Rehost) On-Prem IaaS (Retain / Retire) Hybrid Deploy  Move Application to Azure  Application Remains On-Prem Application Dependencies  Identify Technical Blockers  Hard Blockers  Potential Blockers  Evaluate servers against Blockers  Remediate Potential Blockers Lift and Shift (IaaS) Migration

168. [ Cloud Adoption – Use Cases ]

169. Front-End Access • Dynamic/Reserved PublicIP addresses • Direct VM access, ACLs for security • Load balancing • DNS services: hosting, traffic management • DDoS protection Virtual Network • “Bring Your Own Network” • Segment with subnets and security groups • Control traffic flow with User Defined Routes Backend Connectivity • ExpressRoute for private enterprise grade connectivity • VPN Gateways for secure site-to-site connectivity • Point-to-site for dev / test Native Azure security • Network Isolation • Network Security Groups • User Defined Routing • Network VirtualAppliance ExpressRoute Exchange Provider or WAN Provider Main Corporate Site Site 2 .. N Customer’s connection Traffic to public IP addresses in Azure Traffic to Virtual Networks Traffic to Office 365 Services and soon CRM Online Microsoft Edge Partner Edge Private WAN Corporate Network Scale-out SDN services (WAN, DDOS, Load Balancer, Virtual Networks, ACLs) Load Balancing Auto Scaling SQL Azure Analytics & Reporting Web Site Remote Site Public Internet Load Balancing Auto Scaling Network Security Groups VMs Database

170. RBAC / Identity & Access Management Microsoft Azure Active Directory Consumer identity providers Encrypted Synchronization Azure AD On-premises Windows Server Active Directory Azure Public Cloud, Your Apps, 2500+ popular SaaS apps Public cloud Standards Bases Integration: • OAuth2 & OpenID Connect • SAML • WS-Federation • REST based Graph API • SCIM • FIDO Cloud HR Conditions Allow access Block access ACTIONS Enforce MFA per user/per app Location (IP range) Device state User group User Risk Identity Driven Security Multi Factor Authentication NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT Azure Active Directory Identity Protection (Preview) • Consolidated view to examine suspicious user activities and configuration vulnerabilities • Remediation recommendations Brute force attacks Leaked credentials Infected devices Suspicious sign-in activities Configuration vulnerabilities

171. Subscription Management Subscription trusts one directory Microsoft Azure AD Active Directory User Groups Apps Devices Graph API Roles - Global Admin - User Admin - Etc. Identity management & Authentications App Support Team Virtual Machine Contributor and Website Contributor Development Team Virtual Machine Contributor and Website Contributor Network & Security Team Virtual Network Contributor and Virtual Machine Contributor Database Management Team SQL Server Contributor and SQL Security Manager Dev Subscription Test Subscription Production Subscriptions Platform Team Owner Storage & Backup Team Storage Account Contributor Partitions, Subscriptions, resource groups or resources. Permissions Inherited downstream ARM API APPLICATION Per application policy , Client type, (Native apps, web apps) OTHER Location (IP Range), Risk Profile (future) DEVICES Is Domain Joined, Is Compliant, Platform type (IOS, Android, Windows) USER / GROUP ATTRIBUTES User identity, Group memberships, Auth Strength  Allow  Enforce MFA  Block

172.  Task automation and configuration management framework  Command-line shell and associated scripting language built on the .NET Framework  Full access to COM and WMI, enabling administrators via WS-Management and CIM enabling management of remote Linux systems and network devices + Automation as a Service • An orchestration service in Azure to • automate repetitive or long-running processes Script Authoring Environment • Uses PowerShell Workflows • Combination of PowerShell 4.0 and WF • Uses Integration Modules, very similar to PowerShell Modules Scheduling and Monitoring • Execute scripts on a schedule • Review execution status on a dashboard + • Deploy- Automate initial deployments and upgrades using templates • Manage - Access control, policies, auditing and tagging support management post- deployment • Monitor - Monitor related resources as a group

173. Azure Usage API – retrieve resource usage data, along with resource tags and resource metadata. • Azure Role-based Access Control • Hourly or Daily Aggregations • Instance metadata provided (includes resource tags) • Resource metadata provided • Usage for all offer types Azure RateCard API – retrieve list of resources available for an Azure offer, along with the associated pricing details. *For enterprise customers use EA Portal Pricing Sheet • Azure Role-based Access Control • Support for Pay-as-you-go, MSDN, Monetary commitment, and Monetary credit offers (EA not supported) Azure Portal Sample Partner Offerings: Enterprise Portal PowerBI https://azure.microsoft.com/en-us/blog/announcing- the-release-of-the-azure-usage-and-billing-portal/ Azure Billing Portal • Registration website • Dashboard website • SQL Database • Storage Queue • Scheduled daily pull • Continuous pull • Power BI Dashboard to display the results

174. Private or hosted third-party cloud, Rackspace, etc. WINDOWS WINDOWS WINDOWS WINDOWS Public cloud Azure or AWS Simplified guest and workload management, both on-premises and in the cloud Microsoft Operations Management Suite On-premises with System Center WINDOWS HYPER-V WINDOWS VMWare WINDOWS

176. Quickly find and monitor system connectivity Automatic dependency discovery and mapping for servers and processes, live & historical Actions to support data export and launch into Log Analytics with context Easily identify critical systems and view live, Interactive dependency maps across Windows and Linux systems Automatically discovers every connection for every process in the target system

177. Detect, triage, and diagnose issues in your web apps and services Outside-in monitoring • URL pings and web tests from 16 global points of presence Observed user behavior • Real user monitoring for deeper diagnostic insights Developer traces and events • Whatever the developer would like to send to Application Insights Observed application behavior • No coding required – service dependencies, queries, response time, exceptions, logs, etc. Infrastructure performance • System performance counters Sources of Telemetry Exceptions and performance diagnostics Interactive data analytics Azure Diagnostics Proactive Detection DevOps and Application Lifecycle Management

178. Backup, Recovery and Migration Microsoft Azure Azure VM Backup RBAC Mgmt • Recover even deleted VMs • RBAC limited initially • Scheduled or ad-hoc backups • Encrypted in-flight & at rest • Can protect: • Windows & Linux • Microsoft Applications • Retention up to 99 years • Support matrix here • Encrypted in-flight & at-rest • On-demand compute • Heterogeneous • Scalable • Powerful automation • ExpressRoute or Public Internet Azure Backup Recovery Encrypted Backup Azure Backup Server (D-D), (D-C) or (D-D-C) VMware Hyper-V User Machine MS Apps RBAC Mgmt Microsoft Azure Retention up to 99 years Tape Replacement • RBAC limited initially • Scheduled or ad-hoc backups • LRS or GRSBackup Vault • Encrypted in-flight & at rest • Can protect: • Hyper-V & VMware • Windows & Linux • Microsoft Applications • Client machines • Retention up to 99 years • Support matrix here Public Internet ExpressRoute Public Peering Health Monitor Site A Site B Orchestrated Recovery in case of outage Site A Replication Replication Recovery Microsoft Azure Microsoft Azure DR Service Cloud Storage Microsoft Azure DR Service Cloud Storage RegionB RegionA Recovery Recovery Replication Azure Site Recovery Recovery plan Manage Microsoft Azure Disaster Recovery Datacenter Extension

179. The Most Common Pattern for Disaster Recovery On premises SQL database (generic) IaaS SQL Database Microsoft Azure Virtual Machines continuous sync server VHD only in disaster event Azure Site Recovery Traffic Manager switch over only in disaster event A DR pattern that works in the public cloud with providing the best RTO, RPO and costs. Keep storage up to date (RTO, RPO) and boot infrastructure only in DR event (costs).

180. Operations Security Assurance HIPAA/ HITECH CJISSOC 1 201220112010 SOC 2 FedRAMP P-ATO FISMA ATO UK G-Cloud OFFICIAL 2013 2014 2015 ISO/IEC 27001:2005 CSA Cloud Controls Matrix PCI DSS Level 1 AU IRAP Accreditation Singapore MCTS ISO/IEC 27018 EU Data Protection Directive CDSA Security and Compliance Secure Access & Isolation Access via VPN or Express route Network, Storage, SQL Isolation, Intrusion detection & DoS prevention RBAC & Access Control RBAC, Least Privilege / Just-in-Time (JIT) Access Active Directory, Two Factor Authentication Vulnerability Scanning, Security Logs Security Development Lifecycle Operations Security Assume Breach, Incident Response Encryption & Data Protection Data Segregation, Protection At-rest and In-transit Encryption in Transit & at Rest, Key Vault Service Data Residency, Redundancy, Destruction Ongoing Compliance Certification cloud services independently validated through certifications and attestations, as well as third-party audits Azure has the largest compliance portfolio in the industry

181. Introducing

186. Microsoft Dev Ops - Ecosystem Develop Build Test Deploy Environments Monitor and Learn Processes Dev/Test Production / Stage

187. Heterogeneous Dev Ops Ecosystem Build Test Deploy Environments Monitor and Learn Processes Dev / Test Production / Stage Develop Configuration

188. IaaS, PaaS, Microservices Virtual Machines VM ScaleSets Autoscale VMs for high availability IaaS PaaS App Service Azure Container Service Docker Swarm Orchestration Swarm Compose, Marathon DC/OS Cloud Services Service Fabric Other Clouds On Premises Private cloud Public Cloud

189. Azure is an open cloud, and a rich eco-system

190. Hybrid Cloud Scenarios StorSimple Cloud Storage File Shares Disaster Recovery • Disaster Recovery • Dramatic Cost Reduction • No Changes to Application Environment Application Data • Storage volumes with integrated data protection • All-in-one primary data + backup + live archives + DR with de-duplication & Compression Policies AutomatedEncrypted SharePoint • SharePoint storage on StorSimple + Azure • StorSimple SharePoint Database Optimizer • Improved performance & scalability Currentlyin use Sporadicuse Archivedfor Retention Hyper-Vor vSphere • Control Virtual Sprawl • Cloud-as-a-tier • Offload storage footprint • VMware Storage DRS pools • Virtual Machine Archive • Regional VM Storage Virtual Environment SQL Server • Storage for Tier 2 – 3 SQL Databases • Integrated Backup, Restore & Disaster Recovery StoreSimple Archive Data Benefits • Consolidates primary, archive, backup, DR thru seamless integration with Azure • Cloud Snapshots • De duplication • Compression • Encryption • Reduces enterprise storage TCO by 60–80% Warm data on SAS Local Tier Most Active Data on SSD Encrypted Backup Recovery De duplicated De duplicated & Compressed De duplicated, Compressed & Encrypted VPN Microsoft Azure Virtual StoreSimple Appliance in Azure Physical & Virtual Appliances

191. SQL Server Hybrid Cloud Scenarios SQL Development Publish Compare Sync Import / Export Register / Unregister Management Portal VPN Dispersed Teams Microsoft Azure SQL Backup/Recovery SQL Backup tool for legacy Manual Console Backup Managed Backups Management Portal VPN / Encrypted Data Microsoft Azure SQL Business Continuity Primary SecondaryAsynchronous Commit Console 2014 / Scripts 2012 VPN Backup Availability Groups Periodic Snapshots Geo Replication Disaster Recovery Powering BI Apps Microsoft Azure

192. Web Apps Azure AD Application Proxy Connectors HTTP LOB App Windows Server AD/ADFS Multiforest DirSync/AADSync/password writeback On Premise User Remote User Azure AD Premium Azure Right Management Service Cloud App Discovery Custom sing-on experience Users see and launch cloud apps Developer Develop secure cloud apps Using ADAL and Graph API

193. Mobile Apps Mobile Apps iOS Android Windows Phone Websites Service Bus Relay HTML 5 App WCF Services On Premises Notification Hub Autoscale Service Instances Store App Data SQL DB, Table Storage and 3rd party data stores available in the Azure Store Authenticate Active Directory, Facebook, Twitter, Microsoft, Google Send Push Notification to Every Device Windows Phone (MPNS) iOS (APNS) Android (GCM) Windows Store (WNS)

194. Media Services MEDIA CREATION PROCESS DELIVER CONSUME Reach your audience Caching Content encryption/decryption Dynamic packaging iOS, Android, Windows, XBOX UPLOAD ENCODE PACKAGE ENCRYPT CONTENT MONITOR ENCODE AD PROCESS Content Delivery Network (CDN) Media Services Streaming Service Delivery of Multiple Formats To virtually any device Pre Recorded Media Live Streaming Events Live & On Demand Streaming with integrated CDN Content Protection Encoding, Packaging, and Indexing Cloud Upload & Storage Player Clients

195. API MANAGEMENT Monetize digital assets Transform product to platform Create content channels Drive Internal agility Publishing access to this data as an API allows organizations to monetize these existing assets E.g. Fantasy Data, ESPN, US News & World Reports, New York Times Exposing core product functionality as an API introduces licensing and ecosystem opportunities E.g. Salesforce, Bluegarden, SpeakToIt Enable IT or developers quickly build apps without spending months customizing existing systems across agencies E.g. MSIT Allow third-party content syndication on partner websites Creates opportunities for new digital distribution channels E.g. Washington Post, Wellmark AZURE API MANAGEMENT Publisher portal Proxy Developer PortalDevelopers Apps Publisher/Admin Can be hosted anywhere and authored in any language on any platform.

196. APIML STUDIO Data -> Predictive model -> Operational web API in minutes Recomme ndations Basket Analysis Customer Churn Prediction Text Analytics Anomaly Detection Azure ML Apps

197. SAP on Microsoft Azure On-Premises VPN Device Virtual Network .vhd file .vhd file .vhd file .vhd file .vhd file SAP (Dev / Test / UAT) Windows Server & SAP (C:) Shared Pool (D:) Windows Server (C:) Shared Pool (D:) SQL Server (E:) SQL Server Blob Storage On-Premises On-Premises Servers Azure VPN Gateway SAP CERTIFICATIONS SAP HANA Supported OS Azure Offerings SAP HANA Developer Edition (including the HANA client software comprised of SQLODBC, ODBO-Windows only, ODBC, JDBC drivers, HANA studio, and HANA database)1 SUSE Linux Enterprise A7, A8 HANA One SUSE Linux Enterprise DS14_v2 (upon general availability) SAP S/4HANA SUSE Linux Enterprise Controlled Availability for GS52 SAP HANA on Azure (Large instances) upon general availability Suite on HANA, OLTP SUSE Linux Enterprise SAP HANA on Azure (Large instances) upon general availability HANA Enterprise for BW, OLAP SUSE Linux Enterprise GS5 for single node deployments SAP HANA on Azure (Large instances) upon general availability SAP NetWeaver certifications Guest Operating System RDBMS Virtual Machine Types SAP Business Suite Software Windows, SUSE Linux Enterprise SQL Server, Oracle2, DB2, SAP ASE3 A5 to A11, D11 to D14, DS11 to DS14, GS1 to GS5 SAP Business All-in-One Windows, SUSE Linux Enterprise SQL Server, Oracle2, DB2, SAP ASE3 A5 to A11, D11 to D14, DS11 to DS14, GS1 to GS5 SAP BusinessObjects BI Windows N/A A5 to A11, D11 to D14, DS11 to DS14, GS1 to GS5 SAP NetWeaver1 Windows, SUSE Linux Enterprise SQL Server, Oracle2, DB2, SAP ASE3 A5 to A11, D11 to D14, DS11 to DS14, GS1 to GS5 1Customers can try SAP HANA Developer Edition on Azure using the SAP Cloud Appliance Library. 2Contact your Microsoft or SAP account manager for more information. 1Only NetWeaver 7.00 and later SAP releases of NetWeaver are supported for deployment in Azure 2Oracle Database 11g R2 Patchset 3 (11.2.04 ), Single Instance. Certified on Windows Server only. 3SAP Adaptive Server Enterprise 16

198. Cortana Intelligence Suite Transform data into intelligent action Intelligence Dashboards & Visualizations Information Management Big Data Stores Machine Learning and Analytics CortanaEvent Hub HDInsight (Hadoop and Spark) Stream Analytics Data Sources Apps Sensors and devices Data Intelligence Action People Automated Systems Apps Web Mobile Bots Bot Framework SQL Data WarehouseData Catalog Data Lake Analytics Data Factory Machine Learning Data Lake Store Blob Store Cognitive Services Power BI

199. Azure IoT Suite

200. Devices Device Connectivity Storage Analytics Presentation & Action Event Hub SQL Database Machine Learning App Service IoT Hub Table/Blob Storage Stream Analytics Power BI Service Bus DocumentDB HDInsight Notification Hubs External Data Sources 3rd party Databases Data Factory Mobile Services Data Lake* BizTalk Services { } (*) service in Preview

201. Big Data Flow for an IoT Scenario Collection Cloud gateways (web APIs) Messaging System Kafka/RabbitMQ/ ActiveMQ Event hubs Transformation Apache Storm on HDInsight Machine Learning Stream Processing Storage adapters Long-term storage Apache HBase on HDInsight DocDB MongoDB Azure SQL DB Azure Search Presentation Excel Client Dashboards Event hub Search and query Applications Web and social Devices Sensors Field gateways Data producers

202. Devices Azure IoT Suite Remote Monitoring What you get with remote monitoring preconfigured solution Back end systems and processes C# simulator Event Hub Storage blobs DocumentDB Web/Mobile App Stream Analytics Logic Apps Azure Active Directory IoT Hub Web Jobs Power BI

203. Microsoft Cognitive Services - democratizing intelligence Computer Vision API Distill actionable information from images Video API Analyze, edit, and process videos within your app Face API Detect, identify, analyze, organize, and tag faces in photos Emotion API Personalize experiences with emotion recognition Bing Speech API Convert speech to text and back again, and understand its intent Speaker Recognition API Give your app the ability to know who's talking Custom Recognition Intelligent Service Fine-tune speech recognition for anyone, anywhere Bing Spell Check API Detect and correct spelling mistakes within your app Language Understanding Intelligent Service Teach your apps to understand commands from your users Web Language Model API Leverage the power of language models trained on web-scale data Linguistic Analysis API Easily parse complex text with language analysis Text Analytics API Detect sentiment, key phrases, topics, and language from your text Entity Linking Service Contextually extend knowledge of people, locations, and events Recommendations API Provide personalized product recommendations for your customers Knowledge Exploration Service Add interactive search over structured data to your project Academic Knowledge API Explore relationships among academic papers, journals, and authors Bing Web Search API Connect powerful search to your apps Bing Autosuggest API Give your app intelligent autosuggest options for searches Bing Image Search API Bring advanced image and metadata search to your app Bing Video Search API Trending videos, detailed metadata, and rich results Bing News Search API Link your users to robust and timely news searches

204. // A different way to architect

205. // Data in the enterprise exits on silos CRM Order Mgmt Billing Order Tracking Data Warehouse Shipment Tracking Operations Reporting & Analysis Manipulating data today to provide value is complex

206. Lambda Architectures and Polyglot Persistency AvailabilitySet Big Data / Real-timeSelf Service Analytics Azure Storage SQL Azure Analytics & Reporting HDInsight (Hadoop) Notification Hub AvailabilitySet Billing Auto Scaling Billing DB Storage Table Connected Devices Collect / Decode Load Balancing Auto Scaling Worker Roles INGRESSNODES Filter / Analyze/ Aggregate ANALYTICS NODE Auto Scaling Worker Roles Stream Reporting / BI Customer Order / Shipping Tracking Azure Storage SQL Azure Analytics & Reporting Microsoft Azure LAMBDA ARCHITECTURE is a data-processing architecture designed to handle massive quantities of data by taking advantage of both batch- and stream-processing methods. a POLYGLOT PERSISTENCE DATABASE is used when it is necessary to solve a complex problem by breaking that problem into segments and applying different database models. It is then necessary to aggregate the results into a hybrid data storage and analysis solution.

207. Azure Data Platform VPN Gateway Cloud Gateway EventHub ExpressRoute SQL Data Sync Data Management Service Data Factory Logic Apps Virtual Machines Worker Role Stream Analytics Azure Data Catalogue Azure Batch On-Premises VPN Device On-Premises File Data IOT Transactional Data HadoopSQL Device Data Log Data Apps Stream Data iOS/Android MPLS Enterprise Data MPP/APS Data Management Gateway DocDB storage blob storage table storage queue MySQL Database Azure SQL Data Warehouse HDInsight (Hadoop) Azure Data Lake Azure SQL Database 3rd Party Others Machine Learning PowerBI Cortana Intelligence Suite

208. Hybrid Cloud Scenarios StorSimple Cloud Storage File / Application Servers Archiving • Live Backups, Archives, and Disaster Recovery • Dramatic Cost Reduction • No Changes to Application Environment File / Application Servers File shares • File share with integrated data protection • All-in-one primary data + backup + live archives + DR with de-duplication & Compression Policies AutomatedEncrypted SharePoint • SharePoint storage on StorSimple + Azure • StorSimple SharePoint Database Optimizer • Improved performance & scalability Currentlyin use Sporadicuse Archived for Retention Hyper-Vor vSphere • Control Virtual Sprawl • Cloud-as-a-tier • Offload storage footprint • VMware Storage DRS Storage pools • Virtual Machine Archive • Regional VM Storage Virtual Environment SQL Server • Storage for Tier 2 – 3 SQL Databases • Integrated Backup, Restore & Disaster Recovery StoreSimple Archive Data Benefits • Consolidates primary, archive, backup, DR thru seamless integration with Azure • Cloud Snapshots • De duplication • Compression • Encryption • Reduces enterprise storage TCO by 60–80% Warm data on SAS Local Tier Most Active Data on SSD Encrypted Backup Recovery De duplicated De duplicated & Compressed De duplicated, Compressed & Encrypted VPN Microsoft Azure

209. Azure Data Platform VPN Gateway Cloud Gateway EventHub ExpressRoute SQL Data Sync Data Management Service Data Factory Logic Apps Virtual Machines Worker Role Stream Analytics Azure Data Catalogue Azure Batch On-Premises VPN Device On-Premises File Data IOT Transactional Data HadoopSQL Device Data Log Data Apps Stream Data iOS/Android MPLS Enterprise Data MPP/APS Data Management Gateway DocDB storage blob storage table storage queue MySQL Database Azure SQL Data Warehouse HDInsight (Hadoop) Azure Data Lake Azure SQL Database 3rd Party Others Machine Learning PowerBI Cortana Analytics Suite

211. Need Real time behavioral fraud prevention for a Bank’s mobile banking app The Solution: Lambda architecture that we presented to a Tier 1 FSI Bank, for real time behavioral fraud prevention for their mobile banking app. We use static data from the static and model build architecture to build the real time engine Real time behavioral fraud prevention for their mobile banking app Large Bank

212. Need: Struggling to match customer demand with staffing levels in store to ensure the highest level of customer service but also to manage costs during off peak periods. The Solution combines data sources from ERP (SAP) Point of Sale (Retalix) and Payroll (Payglobal) all located on premises and copying the data to the cloud using ADF, then importing into Azure SQL. The customers Productivity team have developed a data model which calculates optimal staffing based on 15 minute interval data, this uses over 200 factors from the data in the algorithm. Using PowerApps, store owners can see their sales budget and enter sales forecast, based on regional factors, which is then processed through the model to give a new staff allocation model. Reports on the data are then published via PowerBI to allow the store owners to explore the data further. Customer Demand Match to Staffing and Shifts for Retail Large Retail Company

213. Competitive Pricing Intelligence Rental car company Manage rate reference data with two daily jobs: (1) Stream Analytics job writes latest rate per product to SQL DB stage table daily. (2a) Daily Data Factory job runs SQL DB stored proc to upsert stage to target master table, then (2b) exports master rate table to csv in Blob Storage, replacing previous (yesterday’s) copy. Rate change detection in continuously running job: Another Stream Analytics job joins Event Hub stream to rate reference data (csv) from Blob Storage to detect whether each incoming quote is a rate change. Only rate changes are written to rate change table in same SQL DB. PowerBI displays time-series of changes for real-time monitoring. Predict competitor reaction rate changes by time and magnitude ($): SQL query calculates elapsed times between our and competitor’s changes. Export csv for Azure ML. Build and deploy predictive ML model in Azure ML.

214. Dynamically shipping routes change system Land & Sea shipping company Blob Storage HD Insight Blob Storage Data Lake SQL DW Power BI Data Factory Input Raw Data Extraction Extracted Data Storage Query Layer Output  Shipment data  Vessel schedules  Key words  News & Weather from web Event Hub Stream Analytics Key words Mobile App The current situation does not allow a customer to change the selected route for a shipment, that has the potential to delay shipments due to disruptions along the selected route. The solution allows the company and its customers to change a specific route based on disruptions along the current route. I.e. change from sea shipping to land shipping, due to a weather, or threat conditions (typhoon, terror attacks, etc) along the route.

215. Loyalty Program for Retail Large WW Retail Company company THE SOLUTION CONTAINS: • dynamic customer segmentation • personalized e- couponing and marketing • real-time stock information • and more Multi device (mobile, web, store access points) Application which lets the retailer to “personalize” customer transactions Customer get highly valuable services such as personalized coupons/marketing, real-time stock information for each store/product combination,

216. Need: Struggling to match customer demand with staffing levels in store to ensure the highest level of customer service but also to manage costs during off peak periods. The Solution combines data sources from ERP (SAP) Point of Sale (Retalix) and Payroll (Payglobal) all located on premises and copying the data to the cloud using ADF, then importing into Azure SQL. The customers Productivity team have developed a data model which calculates optimal staffing based on 15 minute interval data, this uses over 200 factors from the data in the algorithm. Using PowerApps, store owners can see their sales budget and enter sales forecast, based on regional factors, which is then processed through the model to give a new staff allocation model. Reports on the data are then published via PowerBI to allow the store owners to explore the data further. Customer Demand match to Staffing and Shifts for Retail Large Retail Company

217. Need: Feedback in the form of surveys is gathered from Call center, survey systems and the website. Currently the data is aggregated and analysed manually. There is no analysis on Social Media sentiment or feedback gathering. Sentiment and topics need to be scored to be surfaced in intuitive and compelling dashboards that enables staff to understand what drives a positive customer sentiment outcome. Business Impact Improved time to value. The feedback forms are automatically processed by the solution reducing operator effort and surfacing sentiment data. Ease of future expansion. The solution deploys a batch reporting pipeline that can be easily expanded to other customer touchpoints (ie Twitter, Facebook, Google+, YouTube) and real-time transactional feeds. Deep Analytics. The solution allows machine learning to mine for insight such as correlations between sales/marketing and sentiment, and identify which customer characteristics relate to having a positive experience with the travel services. Customer Feedback and Social Media Sentiment Aggregation and Reporting Online Travel Agency

218. Need: Need for a document store to archive customer records that contain PHI (Protected Health Information) and PII(Personally Identifiable Information) data. • Store documents in encrypted format. • Associate meta data to the documents. Some of the meta data is PHI and PII and therefore it needs to be encrypted. • Search and retrieve the documents based on the meta data fields. Solution • Java based Web Application/Front End - Authentication, User interface and the ability to Search, Retrieve and Download documents. • Azure Blob storage: For storing documents as well as the custom meta data. The PHI and PII meta data will be encrypted before storing in blob storage. We are exploring two options for encrypting the documents: • Java Application pre-encrypts the document before it stores in the blob storage. • Use the native encryption capabilities of blob storage. This is the preferred option. • Azure Search: Used to index the meta data and search documents based on meta data. For non- encrypted meta data, standard Azure search with all of its capabilities will be used. For the encrypted meta data, the exact match feature of Azure search will be used. PHI and PII Customer Record Encrypted Archiving with Search Large Healthcare provider THE CORE BENEFIT OF THIS APPROACH IS BASICALLY THE CORE BENEFIT OF AZURE ITSELF. THE MINIMAL AMOUNT OF WORK THAT WAS NEEDED TO ENABLE COMPLEX FEATURES LIKE ELASTIC STORAGE, ENCRYPTION AND SEARCH ENGINE CAPABILITIES.

219. What would you do with Call center audio files?

220. Financial Services Call center solution architecture

221. Financial Services Call center solution architecture PoC component interaction

222. Callcenter analytics

223. How do you manage and record police response?

224. IoT Law Enforcement Officer POC Unholstering a Weapon turns on the body camera, status if the policer is logged (GPS, car light bar, trunk, doors) Allow easy creation of Officers (IOT Devices), which includes activating/deactivating devices. • Each Officer has long/lat coordinates which get randomized with a city radius. Every 2 seconds the officer gets a new location. • Simulate Sending 4 types of events (can be expanded or more). When a button is clicked it sends a IOT message from a simulated IOT Device. • Weapon Unholstered • Body Warn Camera Activated • Police Car Light Bar Activated • Police Car Trunk Opened • Each Event can be clicked independently which will send a IOT Message to IOT Hub. • Website has a AutoMode which will simulate random events from the above devices to be sent to IOT Hub. • IOT Messages are sent to a Cold Path which uses Document DB and SQL Server (I use both to show flexibility). • PowerBi connects to DocumentDB and visualizes the officers events (includes plotting Long/Lat on Map) • A hot path which reports officer events in real-time to a Bing Map using Bing API and SignalR. • 1-N people can have the map open and all see the same events occurring. SignalR sends the same messages to all devices who have the map displayed. • You can click on the map event dashboard and zoom into the officers location.

225. IoT Law Enforcement Officer POC Unholstering a Weapon turns on the body camera, status if the policer is logged (GPS, car light bar, trunk, doors) http://iotofficer.azurewebsites.net/ 2-3 Days to build this POC

226. [ Azure Security Center]

227. Introducing

231. Operational Analytics

232. How OMS was born System Center Operations Manager Management packs Product/Custom Knowledgebase System Center Advisor Runs in the cloud Operational Insights New portal Stronger OpsMgr connection Azure Automation Azure Site Recovery Azure Backup Backup to Azure from your existing on premises virtual machines Operations Management Suite

233. OMS Components for LOGS analytics

234. Azure Automation

235. Azure Backup

236. Azure Site Recovery (ASR)

237. OMS Security

238. MICROSOFT CONFIDENTIAL Gather raw machine data Apply logic, visualization a nd data acquisition rules Provide Assessments Recommendations, Forecast, Trends Machine Data Solution Packs Explore Data from the Portal

239. MICROSOFT CONFIDENTIAL Microsoft Azure Operational Analytics Portal Your Environment ‘multiple’ mgmt groups

242. OMS Solutions pre-requisites OMS Solutions - Data type Platform (OS) Direct Agent SCOM agent Azure Storage SCOM required? SCOM agent data sent via management group Collection frequency AD Assessment Windows Yes Yes No No Yes 7 days AD Replication Status Windows Yes Yes No No No 5 days Alerts (Nagios) Linux Yes No No No No on arrival Alerts (Zabbix) Linux Yes No No No No 1 minute Alerts (Operations Manager) Windows No Yes No Yes Yes 3 minutes Antimalware Windows Yes Yes No No Yes hourly Capacity Management Windows No Yes No Yes Yes hourly Change Tracking Windows Yes Yes No No Yes hourly Change Tracking Linux Yes No No No No hourly Configuration Assessment (legacy Advisor)Windows No Yes No Yes Yes twice per day ETW Windows No No Yes No No 5 minutes IIS Logs Windows Yes Yes Yes No No 5 minutes Network Security Groups Windows No No Yes No No 10 minutes Office 365 Windows No No No No No on notification Performance Counters Windows Yes Yes No No No as scheduled, minimum of 10 seconds Performance Counters Linux Yes No No No No as scheduled, minimum of 10 seconds Service Fabric Windows No No Yes No No 5 minutes SQL Assessment Windows Yes Yes No No Yes 7 days SurfaceHub Windows Yes No No No No on arrival Syslog Linux Yes No No No No from Azure storage: 10 minutes; from agent: on arrival System Updates Windows Yes Yes No No Yes at least 2 times per day and 15 minutes after installing an update Windows security event logs Windows Yes Yes Yes No No for Azure storage: 10 min; for the agent: on arrival Windows firewall logs Windows Yes Yes No No No on arrival Windows event logs Windows Yes Yes Yes No Yes for Azure storage: 1 min; for the agent: on arrival Wire Data Windows (2012 R2 / 8.1 or later) Yes Yes No No No every 1 minute

244. Introducing Operations Management Suite SaaS management offering that works with any cloud Private clouds (Azure Stack, Hyper-V, VMware, OpenStack) Windows Server (Guest) Windows Server (Guest) Windows Server (Guest) Windows Server (Guest) Linux (Guest) Operations Management Suite

245. Hybrid and Heterogeneous Starting the journey | Modern management Operations Management Suite System Center foundation Introducing Operations Management Suite

246. OMS Hybrid management capabilities • Azure and third-party cloud operations monitoring • Cloud workload and virtual machine monitoring • Office 365 monitoring • DevOps integration and cloud- based application monitoring • Backup in Azure or to Azure • App-consistent recovery points • Integrated workflows for backup, recovery, and monitoring • Azure and third-party cloud workflow management • Rich automation and workflow consistency • Replication and recovery to Azure • Continuous health monitoring

247. Custom Dashboard   

248. Solution Packs    

249. Alert Management Expose your integrated System Center Operations Manager alerts  Web based Alert visualization  Integrated search for deeper analysis  Common alert queries Solution Packs

250. Capacity planning Plan for future capacity and trends using historical data  VM utilization and efficiency  Compute projection  Storage utilization Solution Packs

251. Active Directory Assessment Using best practices and data collection, identify potential issues  Security and Compliance  Availability and business continuity  Performance and security  Upgrade, migration and deployment Solution Packs

252. SQL Server Assessment Using best practices and data collection, identify potential issues  Security and Compliance  Availability and business continuity  Performance and security  Upgrade, migration and deployment  Operations and monitoring  Change and configuration Solution Packs

253. SQL Server Assessment Using best practices and data collection, identify potential issues  Security and Compliance  Availability and business continuity  Performance and security  Upgrade, migration and deployment  Operations and monitoring  Change and configuration Solution Packs

254. Change tracking Track every change on your system across any environment  Configuration type change  Software changes  Application changes  Windows Service changes Solution Packs

255. Backup and recovery dashboard    

256. Security context Quick view of security positon across your enterprise  Active threats  Patch status  Software changes  Service changes  Critical and warning alerts Security Solution Pack

257. Collect security related events and perform forensic, audit and breach analysis.  Security posture  Notable issues  Summary threats Security and audit

258. Thank you

261. [ Microsoft Azure Stack (MAS) ]

262. MICROSOFT CONFIDENTIAL Cloud Infrastructure Extensible Service Framework End User Experiences Guest Workload Resources (IaaS + PaaS) Unified App Model Virtual Machines (Linux or Windows) Websites (.NET, PHP, Python … ) Virtual Networks Service Fabric Clusters Storage Blobs

263. MICROSOFT CONFIDENTIAL ARM Layer RP Layer Fabric Control Layer Hardware Layer Dual socket Intel E2660v4, 256 GB, Boot SSD, 10 or 12 HDD + SSD 1 Gb BMC and 10 Gb Switch Service Fabric Replicated Collections Azure Stack Architecture Overview Hyperconverged Storage spaces direct cluster

264. Infrastructure Services Platform Services Legend Orange Line = Core for GA Green Line = Foundational for GA Pink Line = Additional Services for GA Star = In preview at Azure Stack GA What's included in Azure Stack TP1

265. Integrated Systems Do-it-yourself Reference Architecture Faster time to value More Customization Speed & Standardization Robust platform for iterating on Azure services rapidly Updated frequently (once a month) with validated updates

266. Integrated Systems – data tells a story

267. Azure Infrastructure IaaS PaaS Admin spaceExternal File Share A On-premises Backup Target Tenant space Cloud backup service Azure Site Recovery LRS blob replica, blob snap

268. [ Azure Service Fabric]

269. Azure Service Fabric High-control distributed computing framework

270. A platform for reliable, hyperscale, microservice-based applications Azure Windows Server Linux Hosted Clouds Windows Server Linux Private Clouds Windows Server Linux Microservices Actor programming model Service FabricHigh Availability Hyper-Scaling Hybrid Operations High Density Rolling Upgrades Stateful services Low Latency Fast startup & shutdown Container Orchestration & lifecycle management Auto Replication & Failover Load balancing Self-healingData Partitioning Automated Rollback Health Monitoring Placement Constraints

271. Application Loose coupling Independent update Independent scale Independent partitioningBusiness Logic Web Data Microservices

272. Application Manages deployment Manages scaling Manages updating Manages partitioning/replication

273. Application Manages deployment Manages scaling Manages updating Manages partitioning/replication

274. MicroservicesApplication Loose coupling Independent update Independent scale Independent partitioningBusiness Logic Web Data

275. [ Azure Dev-Ops]

276. Build Agents Build Controller Continuous integration buildmachines Software configuration management Git - distributed ‘p2p’ workflow TFVC - centralized ‘working copy’ workflow Release Management Server Team Foundation Server developmentand testingclients Visual Studio • Ultimate • Premium • Professional other TFS proxy firewall internal remote external Release management Release Management Client X Deployment Agents targetmachines integration environment integration testing deployment package Deployment Agents targetmachines user acceptance testing environment acceptance testing Visual Studio • Test Professional Visual Studio Online Deployment Agents targetmachines staging environment staging Deployment Agents targetmachines production environment production Visual Studio Online Visual Studio • Ultimate [elastic build] [load test] System Center Operations Manager Client Monitor {new features} Diagnose (and Learn){defects} {approval workflow} {deployment sequence} Hybrid Application Insights Web Visual Studio Online (usage) performance availability (only for public facing/exposed web applications) laaS laaS laaS Microsoft ALM & DevOps

277. ALM framework

278. Open Source Ecosystem Configuration Alerting Monitor

279. Service Manager

280. Considerations … we should be thinking in new ways ReleaseAgile Record Adjust Accept Dev #1 Dev n Release Accept Feedback Review Track Incorporate Yes No SCRUM Sprints APPLICATION LIFECYCLE MANAGEMENT INFRASTRUCTURE  100% virtualisation  100% automation  Support for multiple diverse workloads  Full end-to-end high-availability  Sub-system scale-out  Storage  Networking  Compute  Cost to serve reduction  Removal of middleware  Hardware platform agnostic  Just in time provisioning ARCHITECTURAL MODELS

281. [ Azure described by Gartner]

282. A look inside Gartner Magic Quadrants… • Microsoft leads in core cloud technologies, IaaS, PaaS, Private and Public Clouds • Microsoft leads in 19 Gartner MQ’s (and a Visionary or Challenger in 17 others) What do others say..? Magic Quadrant for Cloud Infrastructure as a Service Worldwide (May 2015) *Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Topic Area Magic Quadrant Last Release Microsoft Amazon Application Development Application Development Life Cycle Management Feb-15 Leader Business Applications Business Intelligence and Analytics Platforms Feb-15 Leader Software Infrastructure Client Management Tools May-15 Leader Software Infrastructure Cloud Infrastructure as a Service May-15 Leader Leader Business Applications CRM Customer Engagement Center Apr-15 Leader Software Infrastructure Data Warehouse Database Management Systems Feb-15 Leader Challenger Software Infrastructure Enterprise Application Platform as a Service Mar-15 Leader Business Applications Enterprise Content Management Oct-15 Leader Software Infrastructure Horizontal Portals Sep-15 Leader Application Development Integrated Software Quality Suites Aug-14 Leader Software Infrastructure On-premises Application Integration Suites Jul-14 Leader Software Infrastructure Operational Database Management Systems Oct-15 Leader Leader Software Infrastructure Public Cloud Storage Services Jun-15 Leader Leader Business Applications Sales Force Automation Jul-15 Leader Software Infrastructure Secure Email Gateways Jun-15 Leader Business Applications Social Software in the Workplace Oct-15 Leader Communications Equipment Unified Communications Aug-15 Leader Software Infrastructure Web Conferencing Dec-15 Leader Software Infrastructure x86 Server Virtualization Infrastructure Jul-15 Leader LEADER Magic Quadrant for Public Cloud Storage Services (June 2015) Magic Quadrant for Enterprise Application Platform as a Service (March 2015) Magic Quadrant for X86 Server Virtualization Infrastructure (July 2015) Magic Quadrant for Operational Database Management Systems (Oct 2015) LEADER LEADER LEADER LEADER Magic Quadrant for Business Intelligence and Analytics Platforms (Feb 2015) LEADER

Azure 101

Azure 101

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados(20)

Similar a Azure 101

Similar a Azure 101(20)

Último

Último(20)

Azure 101