SlideShare uma empresa Scribd logo
1 de 42
©2018 Zscaler, Inc. All rights reserved.
Accelerate the Migration to
Microsoft Azure with Zscaler
Private Access
Sean Dastouri
Senior Cloud Architect, Microsoft Azure
Lisa Lorenzin
Director, Emerging Technology Solutions, Zscaler
©2018 Zscaler, Inc. All rights reserved.
©2018 Zscaler, Inc. All rights reserved.
Tons of Azure platform innovation
©2018 Zscaler, Inc. All rights reserved.
Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
Breaking down the Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
Assess your applications, data, and infrastructure
©2018 Zscaler, Inc. All rights reserved.
Azure Migrate (now generally available)
https://aka.ms/azuremigrate
©2018 Zscaler, Inc. All rights reserved.
Assessment guidance: Using Azure tools with third party
tools
©2018 Zscaler, Inc. All rights reserved.
The Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
Migration strategies: Rehost application (i.e., lift & shift)
©2018 Zscaler, Inc. All rights reserved.
Confidently lift & shift Windows Server to Azure
©2018 Zscaler, Inc. All rights reserved.
Confidently lift & shift SQL Server applications to Azure
©2018 Zscaler, Inc. All rights reserved.
Azure Database Services for MySQL and
PostgreSQL
©2018 Zscaler, Inc. All rights reserved.
The Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
Migration strategies: Refactor application (i.e.,
repackaging)
©2018 Zscaler, Inc. All rights reserved.
Migration strategies: Rearchitect application
©2018 Zscaler, Inc. All rights reserved.
Azure container technologies
https://aka.ms/azuredevebook
https://aka.ms/modernizeappeboo
k
https://aka.ms/microservicesebook
©2018 Zscaler, Inc. All rights reserved.
The Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
Migration strategies: Rebuild application
©2018 Zscaler, Inc. All rights reserved.
Build new apps using Azure Functions (serverless)
©2018 Zscaler, Inc. All rights reserved.
Serverless application platform components in
Azure
©2018 Zscaler, Inc. All rights reserved.
Azure Cosmos DB transforms how you build new cloud
applications
Table API
©2018 Zscaler, Inc. All rights reserved.
The Azure migration journey
©2018 Zscaler, Inc. All rights reserved.
: Stay secure, well managed, and cost-efficient
after your move
Optimize
©2018 Zscaler, Inc. All rights reserved.©2018 Zscaler, Inc. All rights reserved.
The IT world has evolved…
but app access hasn’t
©2018 Zscaler, Inc. All rights reserved.
Network and application transformation
Applications are moving to the cloud
Connections are following
the path of least resistance
Users are leaving
the corporate network
Headquarters
Hub and Spoke Architecture
? ??
©2018 Zscaler, Inc. All rights reserved.
Internal apps on
public cloud providers
Internal apps in
data center
Site-to-site VPN
Inbound Gateway
DDoS
Global LB
FW / IPS
RAS (VPN)
Internal FW
Internal LB
VPN
BOSTON
VPN
MADRID
Legacy remote access impedes cloud and mobility
Risk is introduced by placing users
on network
Complexity of ACLs and firewalls
makes remote access difficult to
manage
Users become frustrated with VPN
Months spent on just getting
infrastructure set up
©2018 Zscaler, Inc. All rights reserved.
HQ
EMEA
Branch
APJ
Branch
Branch
Branch
Branch Branch BranchBranch
Home, Coffee Shop Airport, Hotel
SaaS Open Internet IaaS
Cloud and mobility break network security
The Internet is Your New Corporate NetworkHow do you secure a network you don’t control?
“GE will run 70 percent of its
workload in the cloud by 2020”
Jim Fowler, CIO
“The Internet will be our new
corporate network by 2020”
Frederik Janssen, Head of Infrastructure
“Office 365 was built to be accessed
via direct Internet connection”
©2018 Zscaler, Inc. All rights reserved.
Common Challenges of Cloud Adoption
1. Legacy technology lacks ability to provide cloud-like user experience
2. Takes months to implement, slowing app migration efforts
3. Requires additional appliances to be purchased and deployed
4. Setting up site-to-site VPN for traffic to traverse
5. Connecting employees to cloud means access to the network
©2018 Zscaler, Inc. All rights reserved.
How mobile users feel with
current experience
©2018 Zscaler, Inc. All rights reserved.
Zscaler Private Access
Secure Access to Internal Applications on Azure
©2018 Zscaler, Inc. All rights reserved.
Zscaler enables secure IT transformation to the cloud
Internet and VPN Gateway
Ext. FW / IPS
URL Filtering
Antivirus
DLP
SSL
Sandbox
Global LB
DDoS
Ext FW/IPS
RAS (VPN)
Internal FW
Internal LB
SaaSOpen Internet
External
APPS
Data CenterIaaS
Internal
Internal (cloud or data center)
Connect a user to an authorized
private app (not network)
Fast and secure policy-based access to apps and services over the Internet
Any device, any location, on-net or off-net
External (open Internet or SaaS)
Nothing bad comes in,
nothing good leaks out
Zscaler
Internet Access
Zscaler
Private Access
HQMOBILE
BRANCHIOT
©2018 Zscaler, Inc. All rights reserved.
Zscaler Private Access – fast, secure access to internal apps
Z-APP
2
Innovative design
Z-Brokers – secure user to app connection
Cloud Policy engine - define user app access rights
1
Z-APP – request access to app
Okta – single sign-on authentication
2
Z-Connectors – sits in front of apps -
outbound-only connection
3
Zscaler cloud brokers a secure connection
between the Z-Connector and Z-App
Z-CONNECTORS
3 3
1. Users are never on your network
2. Apps are invisible – never
exposed to the Internet
3. App segmentation without
network segmentation
4. Use Internet as a secure network
without remote access VPN
Built for zero-trust access
to internal applications
1 Z-Brokers
Private cloud /
on-premise
data center
©2018 Zscaler, Inc. All rights reserved.
Enterprise benefits
CostExperience Security Simple
• Direct access to apps in Azure
• No need for VPN
• Cloud-like experience
• Users never on network
• No lateral movement
• Visibility into user activity
• Simple implementation
• Access from any device
• Less network complexity
• No appliances
• Less inbound service spend
• Optimize bandwidth use
USE CASES Cloud
Migration
RAS / VPN
Replacement
Secure Partner
Access
M&A and
Divestitures
©2018 Zscaler, Inc. All rights reserved.
Azure and ZPA are strategically aligned
“Zscaler helps to simplify the enterprise journey to Microsoft Azure for both
public and hybrid environments…Zscaler Private Access gives users the
choice and the benefit of secure connectivity...”
Yousef Khalidi, Corporate Vice President, Azure Networking, Microsoft
©2018 Zscaler, Inc. All rights reserved.
©2018 Zscaler, Inc. All rights reserved.
• Fast and secure access
• Direct-to-cloud experience
• Enable a cloud-first strategy
• Accelerated Azure adoption
• Local breakouts
• Simple to implement
Benefits of ZPA and Azure together
©2018 Zscaler, Inc. All rights reserved.
Azure Active Directory Marketplace
ZPA and Azure – available on Marketplace
©2018 Zscaler, Inc. All rights reserved.
Step 1:
Configure User Auth
20 MINUTES
5 Minutes
Add ZPA as a new Service
Provider (SP) within
Azure AD
5 Minutes
Assign ZPA to test users
within AD, select SAML
attributes to send
5 Minutes
Import IdP’s metadata into
ZPA admin console
5 Minutes
Test user authentication
and SAML attributes
1 2
3 4
5 Minutes
Configure connector
provisioning keys via ZPA
Setup Wizard
5 Minutes
Deploy ZPA Connector
package from Azure
Marketplace
10 Minutes
Configure Connector
networking and network
security policies
5 Minutes
Verify and test Connector
health, access to DNS,
routing to internal apps
1 2
3 4
10 Minutes
Configure Z-App rraffic
forwarding policy and app
profile
5 Minutes
Download and deploy Z-
App on user devices
1
2
25 MINUTES
Step 2:
Deploy Connector
Step 3:
Install Zscaler App
15 MINUTES
ZPA in Azure deploys quickly and easily
©2018 Zscaler, Inc. All rights reserved.
Cloud-based security
The access users want,
with the security you need
1. Secure access to apps in
datacenter & Azure
2. Authorized access to specific apps
3. Fast and seamless experience
4. Optimized bandwidth use
HQON-THE-GO BRANCHES
Secure remote access to internal apps in hybrid environments
©2018 Zscaler, Inc. All rights reserved.
Enabling App Transformation with ZPA
MAN was undertaking a massive cloud adoption
but needed a better way to provide remote
access to internal applications.
Benefits of ZPA
• Faster, better experience for end users
• Reduced attack surface, remote users not on-net
• Granular application access control, globally
• Easily manage app access across AVNs
• Increased performance of resources
• Increased visibility into apps & activity
©2018 Zscaler, Inc. All rights reserved.
Thank you
Get hands-on with Zscaler Private Access at www.zscaler.com/zpa-interactive
Experience Users Want. Security You Need.

Mais conteúdo relacionado

Mais procurados

Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerAnkit Dua
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudZscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler
 
The secure, direct to-internet branch
The secure, direct to-internet branchThe secure, direct to-internet branch
The secure, direct to-internet branchZscaler
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Zscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?Zscaler
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app   copySchneider electric powers security transformation with one simple app   copy
Schneider electric powers security transformation with one simple app copyZscaler
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud worldZscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chZscaler
 
Office 365 deployment
Office 365 deploymentOffice 365 deployment
Office 365 deploymentZscaler
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureZscaler
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will loveZscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
SD-WAN plus cloud security
SD-WAN plus cloud securitySD-WAN plus cloud security
SD-WAN plus cloud securityZscaler
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threatsZscaler
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trustZscaler
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudZscaler
 

Mais procurados (20)

Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacks
 
The secure, direct to-internet branch
The secure, direct to-internet branchThe secure, direct to-internet branch
The secure, direct to-internet branch
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app   copySchneider electric powers security transformation with one simple app   copy
Schneider electric powers security transformation with one simple app copy
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
 
Office 365 deployment
Office 365 deploymentOffice 365 deployment
Office 365 deployment
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will love
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
 
SD-WAN plus cloud security
SD-WAN plus cloud securitySD-WAN plus cloud security
SD-WAN plus cloud security
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threats
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
 

Semelhante a Migration to microsoft_azure_with_zscaler

Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Zscaler
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Amazon Web Services
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Amazon Web Services
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarThousandEyes
 
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays
 
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...PROIDEA
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerZscaler
 
Accelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAccelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAmazon Web Services
 
What is ThousandEyes Webinar
What is ThousandEyes WebinarWhat is ThousandEyes Webinar
What is ThousandEyes WebinarThousandEyes
 
Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxCloudera, Inc.
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE AWS Chicago
 
De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.itnewsafrica
 
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxNetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxSurendran Naidu
 
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Amazon Web Services
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...Amazon Web Services
 

Semelhante a Migration to microsoft_azure_with_zscaler (20)

Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
 
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
apidays LIVE New York 2021 - Simplify Open Policy Agent with Styra DAS by Tim...
 
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
PLNOG 22 - Sebastian Grabski - Is your network ready for application from the...
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 
Accelerating Your Cloud Innovation
Accelerating Your Cloud InnovationAccelerating Your Cloud Innovation
Accelerating Your Cloud Innovation
 
What is ThousandEyes Webinar
What is ThousandEyes WebinarWhat is ThousandEyes Webinar
What is ThousandEyes Webinar
 
Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptx
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE
 
De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.De-Witt Tromp- Introduction to Zero Trust & SASE.
De-Witt Tromp- Introduction to Zero Trust & SASE.
 
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxNetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
 
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...
Implementing Multi-Region AWS IoT, ft. Analog Devices (IOT401) - AWS re:Inven...
 

Mais de Zscaler

Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinarZscaler
 
Top 5 mistakes deploying o365
Top 5 mistakes deploying o365Top 5 mistakes deploying o365
Top 5 mistakes deploying o365Zscaler
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZscaler
 
Top reasons o365 deployments fail
Top reasons o365 deployments failTop reasons o365 deployments fail
Top reasons o365 deployments failZscaler
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?Zscaler
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough? Zscaler
 

Mais de Zscaler (6)

Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinar
 
Top 5 mistakes deploying o365
Top 5 mistakes deploying o365Top 5 mistakes deploying o365
Top 5 mistakes deploying o365
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
 
Top reasons o365 deployments fail
Top reasons o365 deployments failTop reasons o365 deployments fail
Top reasons o365 deployments fail
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
 

Último

Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteMavein
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Shubham Pant
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxnaveenithkrishnan
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSedrianrheine
 
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)Internet 2.0 Conference
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024Jan Löffler
 
Discussing Potential of Submarine Cables Causing Internet Blackout in Ghana
Discussing Potential of Submarine Cables Causing Internet Blackout in GhanaDiscussing Potential of Submarine Cables Causing Internet Blackout in Ghana
Discussing Potential of Submarine Cables Causing Internet Blackout in GhanaDesmond Israel
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsRoxana Stingu
 
Test Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationTest Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationUiPathCommunity
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfmchristianalwyn
 
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...Aligning Testing Objectives with Overall Project Goals for Successful Outcome...
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...Anju21552
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 

Último (13)

Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a Website
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptx
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
 
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)
Internet 2.0 Conference (Event Information Deck | Dec'24 - Mar'25)
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
 
Discussing Potential of Submarine Cables Causing Internet Blackout in Ghana
Discussing Potential of Submarine Cables Causing Internet Blackout in GhanaDiscussing Potential of Submarine Cables Causing Internet Blackout in Ghana
Discussing Potential of Submarine Cables Causing Internet Blackout in Ghana
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
 
Test Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationTest Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_Presentation
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
 
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...Aligning Testing Objectives with Overall Project Goals for Successful Outcome...
Aligning Testing Objectives with Overall Project Goals for Successful Outcome...
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
 

Migration to microsoft_azure_with_zscaler

  • 1. ©2018 Zscaler, Inc. All rights reserved. Accelerate the Migration to Microsoft Azure with Zscaler Private Access Sean Dastouri Senior Cloud Architect, Microsoft Azure Lisa Lorenzin Director, Emerging Technology Solutions, Zscaler
  • 2. ©2018 Zscaler, Inc. All rights reserved.
  • 3. ©2018 Zscaler, Inc. All rights reserved. Tons of Azure platform innovation
  • 4. ©2018 Zscaler, Inc. All rights reserved. Azure migration journey
  • 5. ©2018 Zscaler, Inc. All rights reserved. Breaking down the Azure migration journey
  • 6. ©2018 Zscaler, Inc. All rights reserved. Assess your applications, data, and infrastructure
  • 7. ©2018 Zscaler, Inc. All rights reserved. Azure Migrate (now generally available) https://aka.ms/azuremigrate
  • 8. ©2018 Zscaler, Inc. All rights reserved. Assessment guidance: Using Azure tools with third party tools
  • 9. ©2018 Zscaler, Inc. All rights reserved. The Azure migration journey
  • 10. ©2018 Zscaler, Inc. All rights reserved. Migration strategies: Rehost application (i.e., lift & shift)
  • 11. ©2018 Zscaler, Inc. All rights reserved. Confidently lift & shift Windows Server to Azure
  • 12. ©2018 Zscaler, Inc. All rights reserved. Confidently lift & shift SQL Server applications to Azure
  • 13. ©2018 Zscaler, Inc. All rights reserved. Azure Database Services for MySQL and PostgreSQL
  • 14. ©2018 Zscaler, Inc. All rights reserved. The Azure migration journey
  • 15. ©2018 Zscaler, Inc. All rights reserved. Migration strategies: Refactor application (i.e., repackaging)
  • 16. ©2018 Zscaler, Inc. All rights reserved. Migration strategies: Rearchitect application
  • 17. ©2018 Zscaler, Inc. All rights reserved. Azure container technologies https://aka.ms/azuredevebook https://aka.ms/modernizeappeboo k https://aka.ms/microservicesebook
  • 18. ©2018 Zscaler, Inc. All rights reserved. The Azure migration journey
  • 19. ©2018 Zscaler, Inc. All rights reserved. Migration strategies: Rebuild application
  • 20. ©2018 Zscaler, Inc. All rights reserved. Build new apps using Azure Functions (serverless)
  • 21. ©2018 Zscaler, Inc. All rights reserved. Serverless application platform components in Azure
  • 22. ©2018 Zscaler, Inc. All rights reserved. Azure Cosmos DB transforms how you build new cloud applications Table API
  • 23. ©2018 Zscaler, Inc. All rights reserved. The Azure migration journey
  • 24. ©2018 Zscaler, Inc. All rights reserved. : Stay secure, well managed, and cost-efficient after your move Optimize
  • 25. ©2018 Zscaler, Inc. All rights reserved.©2018 Zscaler, Inc. All rights reserved. The IT world has evolved… but app access hasn’t
  • 26. ©2018 Zscaler, Inc. All rights reserved. Network and application transformation Applications are moving to the cloud Connections are following the path of least resistance Users are leaving the corporate network Headquarters Hub and Spoke Architecture ? ??
  • 27. ©2018 Zscaler, Inc. All rights reserved. Internal apps on public cloud providers Internal apps in data center Site-to-site VPN Inbound Gateway DDoS Global LB FW / IPS RAS (VPN) Internal FW Internal LB VPN BOSTON VPN MADRID Legacy remote access impedes cloud and mobility Risk is introduced by placing users on network Complexity of ACLs and firewalls makes remote access difficult to manage Users become frustrated with VPN Months spent on just getting infrastructure set up
  • 28. ©2018 Zscaler, Inc. All rights reserved. HQ EMEA Branch APJ Branch Branch Branch Branch Branch BranchBranch Home, Coffee Shop Airport, Hotel SaaS Open Internet IaaS Cloud and mobility break network security The Internet is Your New Corporate NetworkHow do you secure a network you don’t control? “GE will run 70 percent of its workload in the cloud by 2020” Jim Fowler, CIO “The Internet will be our new corporate network by 2020” Frederik Janssen, Head of Infrastructure “Office 365 was built to be accessed via direct Internet connection”
  • 29. ©2018 Zscaler, Inc. All rights reserved. Common Challenges of Cloud Adoption 1. Legacy technology lacks ability to provide cloud-like user experience 2. Takes months to implement, slowing app migration efforts 3. Requires additional appliances to be purchased and deployed 4. Setting up site-to-site VPN for traffic to traverse 5. Connecting employees to cloud means access to the network
  • 30. ©2018 Zscaler, Inc. All rights reserved. How mobile users feel with current experience
  • 31. ©2018 Zscaler, Inc. All rights reserved. Zscaler Private Access Secure Access to Internal Applications on Azure
  • 32. ©2018 Zscaler, Inc. All rights reserved. Zscaler enables secure IT transformation to the cloud Internet and VPN Gateway Ext. FW / IPS URL Filtering Antivirus DLP SSL Sandbox Global LB DDoS Ext FW/IPS RAS (VPN) Internal FW Internal LB SaaSOpen Internet External APPS Data CenterIaaS Internal Internal (cloud or data center) Connect a user to an authorized private app (not network) Fast and secure policy-based access to apps and services over the Internet Any device, any location, on-net or off-net External (open Internet or SaaS) Nothing bad comes in, nothing good leaks out Zscaler Internet Access Zscaler Private Access HQMOBILE BRANCHIOT
  • 33. ©2018 Zscaler, Inc. All rights reserved. Zscaler Private Access – fast, secure access to internal apps Z-APP 2 Innovative design Z-Brokers – secure user to app connection Cloud Policy engine - define user app access rights 1 Z-APP – request access to app Okta – single sign-on authentication 2 Z-Connectors – sits in front of apps - outbound-only connection 3 Zscaler cloud brokers a secure connection between the Z-Connector and Z-App Z-CONNECTORS 3 3 1. Users are never on your network 2. Apps are invisible – never exposed to the Internet 3. App segmentation without network segmentation 4. Use Internet as a secure network without remote access VPN Built for zero-trust access to internal applications 1 Z-Brokers Private cloud / on-premise data center
  • 34. ©2018 Zscaler, Inc. All rights reserved. Enterprise benefits CostExperience Security Simple • Direct access to apps in Azure • No need for VPN • Cloud-like experience • Users never on network • No lateral movement • Visibility into user activity • Simple implementation • Access from any device • Less network complexity • No appliances • Less inbound service spend • Optimize bandwidth use USE CASES Cloud Migration RAS / VPN Replacement Secure Partner Access M&A and Divestitures
  • 35. ©2018 Zscaler, Inc. All rights reserved. Azure and ZPA are strategically aligned “Zscaler helps to simplify the enterprise journey to Microsoft Azure for both public and hybrid environments…Zscaler Private Access gives users the choice and the benefit of secure connectivity...” Yousef Khalidi, Corporate Vice President, Azure Networking, Microsoft
  • 36. ©2018 Zscaler, Inc. All rights reserved.
  • 37. ©2018 Zscaler, Inc. All rights reserved. • Fast and secure access • Direct-to-cloud experience • Enable a cloud-first strategy • Accelerated Azure adoption • Local breakouts • Simple to implement Benefits of ZPA and Azure together
  • 38. ©2018 Zscaler, Inc. All rights reserved. Azure Active Directory Marketplace ZPA and Azure – available on Marketplace
  • 39. ©2018 Zscaler, Inc. All rights reserved. Step 1: Configure User Auth 20 MINUTES 5 Minutes Add ZPA as a new Service Provider (SP) within Azure AD 5 Minutes Assign ZPA to test users within AD, select SAML attributes to send 5 Minutes Import IdP’s metadata into ZPA admin console 5 Minutes Test user authentication and SAML attributes 1 2 3 4 5 Minutes Configure connector provisioning keys via ZPA Setup Wizard 5 Minutes Deploy ZPA Connector package from Azure Marketplace 10 Minutes Configure Connector networking and network security policies 5 Minutes Verify and test Connector health, access to DNS, routing to internal apps 1 2 3 4 10 Minutes Configure Z-App rraffic forwarding policy and app profile 5 Minutes Download and deploy Z- App on user devices 1 2 25 MINUTES Step 2: Deploy Connector Step 3: Install Zscaler App 15 MINUTES ZPA in Azure deploys quickly and easily
  • 40. ©2018 Zscaler, Inc. All rights reserved. Cloud-based security The access users want, with the security you need 1. Secure access to apps in datacenter & Azure 2. Authorized access to specific apps 3. Fast and seamless experience 4. Optimized bandwidth use HQON-THE-GO BRANCHES Secure remote access to internal apps in hybrid environments
  • 41. ©2018 Zscaler, Inc. All rights reserved. Enabling App Transformation with ZPA MAN was undertaking a massive cloud adoption but needed a better way to provide remote access to internal applications. Benefits of ZPA • Faster, better experience for end users • Reduced attack surface, remote users not on-net • Granular application access control, globally • Easily manage app access across AVNs • Increased performance of resources • Increased visibility into apps & activity
  • 42. ©2018 Zscaler, Inc. All rights reserved. Thank you Get hands-on with Zscaler Private Access at www.zscaler.com/zpa-interactive Experience Users Want. Security You Need.

Notas do Editor

  1. Confluence of migration triggers/catalysts [including outsourced datacenter contract expirations, integrating acquisitions, urgent capacity needs, software and hardware refresh, end of support, security threats (e.g., Spectre), compliance (e.g., GDPR), Need to deliver applications faster]
  2. We’ve delivered lots of innovation recently, both in the Azure platform and migration tools/services Data heavy – balance better between workload types. Put future stuff as well.
  3. Technical (e.g., Networking) | Process (e.g., DevOps) | People (e.g., cloud 101 skills)
  4. Replace – consider for completeness. [Azure Migrate discovers for O365?] Let’s talk about the various paths along your migration journey.   It all starts with discovering your on-prem applications, data, and infrastructure, assessing them for migration readiness and determine the mix of tactics that you will use during the move – ranging from simple lift and shift to various levels of modernization during migration (i.e., refactor, rearchitect, rebuild). And then once in Azure, how do you keep your workloads optimized continuously (e.g., security, monitoring, backups, opex spends).   Note: In some cases you might just retire the workload or replace it with a SaaS solution – we won’t cover those aspects in detail here
  5. Limit to 3 terms?
  6. Timing precision? Hit ISV assessment tools upfront in the deck. Using both in combination.
  7. What’s Microsoft’s guidance on how to pick Microsoft tools and ISV tools? Not vs. it is AND Our goal is to help deliver customer requirements and get to Azure consumption ASAP vs. worry over what tool was used. That said, we see a few situations where MSFT tools may be appropriate: Kick the tires Customer likes the convenience and comfort of using MSFT Azure tools Some capabilities like ASR are sufficiently mature – they even integrate with ISV tools like Cloudamize, TCOLogic etc. ISV tools when Broader requirement set – e.g., physical, Hyper-V End to end integration
  8. Azure services Compute: VM, VM Scale Sets
  9. Azure RIs can save customers up to 67% on Windows Server workloads compared to 3 year AWS Standard RIs
  10. Check # savings Azure SQL Database is the intelligent, fully-managed relational cloud database service that provides the broadest SQL Server engine compatibility, so you can migrate your SQL Server databases without changing your apps. Accelerate app development and make maintenance easy and productive using the SQL tools you love to use. Take advantage of built-in intelligence that learns app patterns and adapts to maximize performance, reliability, and data protection. As a fully-managed service, Microsoft operates SQL Server for you and ensures availability and performance. Features that come with SQL Database include, but are not limited to: provisioning and resizing (w/ Azure Portal experience), built-in auto HA (99.99%), automatic backup, point-in-time-restore (database-level), and active geo-replication. Because Microsoft assumes much of the daily maintenance, administration and infrastructure costs, your IT organization can quickly realize cost and operational benefits that you may not have otherwise experienced with your on-premises or hosted solution. In fact, a study by IDC found that organizations who modernized their databases from SQL Server to SQL Database realized up to a 406% ROI over five years.1 In addition to the benefits of a fully-managed service, SQL Database also provides key benefits in some specific areas: It has built-in intelligence that helps you dramatically reduce the costs of running and managing databases and maximizes both the performance and security of your application. SQL Database provides breakthrough productivity and performance to meet the demands of today’s apps. Each database is isolated from each other and portable, each with its own service tier with a guaranteed performance level. SQL Database provides different performance levels for different needs, and enables databases to be pooled to maximize the use of resources and save money. You can adjust performance with minimal downtime to your app. Dynamic scalability enables your database to transparently respond to rapidly changing resource requirements and enables you to only pay for the resources that you need when you need them. In-memory technologies provide real-time business insight with up to 30x improved throughput and latency and up to 100x faster queries and reports. It will provide the ability to seamlessly lift and shift your SQL Server data to the cloud to a managed instance with a full SQL Server programming surface area that removes the need to re-architect your apps, saving you time and resources. SQL Database combines the operational and financial benefits of a managed service with a financially-backed SLA and business continuity tools to protect the lifeblood of your business, your data. SQL Database also offers a Azure Hybrid Benefit for SQL Server that maximizes the investments you’ve made in on-premises licensing by providing discounted rates in the cloud. We’ll talk about that more momentarily. 1The Business Value of Microsoft Azure SQL Database Services, IDC, March 2015
  11. Azure Database for MySQL provides fully managed enterprise ready community MySQL database as a service for service for app development and deployment. Being community MySQL allows you to easily lift and shift to the cloud and use languages and frameworks for your choice. On top of that you get built-in high availability and capability to scale in seconds, helping you easily adjust to changes in customer demands. Additionally, you benefit from the unparalleled security and compliance, including Azure IP advantage, as well as Azure’s industry leading reach with more datacenters than any other cloud provider. All this with a flexible pricing model so you can choose resources for your workload with no hidden cost. Languages and Frameworks of your choice Being based on the community-editions of MySQL, PostgreSQL and MariaDB mean you can use the existing development languages frameworks and tools you already use for your apps. In addition, Azure Database Services are deeply integrated with Azure Web Apps to provide a streamlined provisioning and management experience for common frameworks (like WordPress, Drupal, Joomla) and languages (PHP, Node.js, Ruby) to provide a best-in-class PaaS experience. Scale in Seconds with built-in HA Azure Database Services are built upon the same service fabric framework that has been powering SQL Database for years. Unlike an VM-based PaaS offering like AWS RDS, Azure Database Services do not have the overhead a full VM stack has (e.g.; Linux OS + DB). Running on in a secured container implementation (SQLPAL, a very light-weight SQL OS), Azure Database Services can provision a new server in seconds in the event that a primary server hangs or crashes whereas in a traditional VM-based implementation the entire Linux (or Windows) OS stack has to bootstrap before the DB service loads. This means the entire experience of a failover can happen in as little as 30-45 seconds – and most importantly WITHOUT the need for a replica. AWS RDS requires deployment in Multi-AZ in order to achieve 99.95% SLA, which doubles your costs as you have 2 DB servers running at all times. With Azure Database Services, no replicas are needed which means no additional cost, or maintenance, by the customer. Additionally, this HA infrastructure enables the ability for Azure Database Services to scale performance on the fly. When a customer needs to scale-up for workload spikes, by simply changing a slider in the portal, a new server is provisioned at a higher performance level and the previous server’s DNS name and storage is connected to the new instance. Scaling can take a little time as 20 seconds meaning customers can scale performance, up or down, with little/no downtime to the application. Secure and Compliant “Secure by default” is the standard for any Azure service, meaning elements such as SSL encryption between the database and application are turned on by default. Additionally, all data at-rest is encrypted by default in Azure storage using AES 256 bit encryption. And since Azure Database Services are using OSS database engines, the Azure IP Advantage means that customers do not have to worry about litigation using an OSS product in Azure. Microsoft provides indemnification for any OSS first party workload in Azure. Industry-leading global reach With more regions across the globe than any other public cloud provider, Azure offers the ability to have the most globally distributed MySQL, PostgreSQL or MariaDB-based application in the world.
  12. Guideline: If you make minimal changes, App Service is a good destination for .NET apps. Azure services Compute: App Service, Azure Container Service (AKS), Service Fabric   Data: Azure SQL Database Managed Instance, Azure Database Service for PostgreSQL, Azure Database Service for MySQL and Azure Cosmos DB Land DevOps and Docker
  13. Azure services Compute: App Service, AKS, ACI, Service Fabric, Azure Functions   Integration: API Management, Logic Apps, Event Grid and Service Bus   Data: Azure SQL Database Managed Instance, Azure Database Service for PostgreSQL, Azure Database Service for MySQL and Azure Cosmos DB Land DevOps
  14. Research shows almost all enterprise customers are only deploying single container app AKS renaming doublecheck – consider flipping?
  15. Azure services Compute: App Service, AKS, ACI, Service Fabric, Azure Functions   Integration: API Management, Logic Apps, Event Grid and Service Bus   Data: Azure SQL Database Managed Instance, Azure Database Service for PostgreSQL, Azure Database Service for MySQL and Azure Cosmos DB  Land DevOps  
  16. .NET, Java, Node.js. Python are the supported languages. Not every language Abstraction of servers: Complete freedom from thinking about provisioning, maintaining or scaling any server or infrastructure aspects Event-driven/instant scale: Ability to handle any volume of traffic without explicit configuration handle sudden jump from 0 execution to tens of thousand of executions seamlessly Micro-billing: Paying only for what you use You pay only for the amount of time your code runs and the amount of resources it consumes during that period Never pay for idle capacity
  17. Lets talk about what really makes up MSFT’s Serverless platform: At the center of the Serverless platform, is our compute offerings: Azure Functions and Azure Logic Apps. Azure Functions is an event based Serverless compute experience that helps you accelerate your development. Logic Apps is a powerful orchestration tool. It enables building a Serverless app in minutes – by orchestrating multiple functions using a visual workflow tool. Say you have your apps up and running using Serverless. Congratulations! You now need to collect intelligence from different apps across platforms to take actions upon. There are a few essential components which we think are core to building Serverless applications are: Data/ Storage –Functions has triggers and bindings with Azure document DB and Azure Blob storage ** Triggers: Triggers are event responses used to trigger your custom code. They allow you to respond to events across the Azure platform or on premise. ** Bindings: Bindings represent the necessary meta data used to connect your code to the desired trigger or associated input or output data. Messaging such as queues and topics using Azure Service Bus and Azure Event Hubs Integration – that includes core LOB apps and SaaS apps integration via Azure Logic Apps. Intelligence on data and sentiment/ predictive analysis using Cognitive services and Machine learning Conversation as a service – how do we equip developers to build apps that offer an end-to-end experience for their end users – Azure Bot Service offers a Serverless interactive bot experience. More, developers are spending more time writing code that allows them to add huge business impact with Serverless. MSFT offers numerous development tools such as IDE Support for Visual Studio in functions and Logic Apps, enables local development (vs web browser coding environment), visual debugging capability, all with your tools of choice. Lastly, I also want to highlight top scenarios and use cases for Serverless: Real-time Stream analytics: Customers can use Functions to feed real-time streams of data from application tracking into structured data and store it in SQL online. SaaS event processing: Customers can use Functions and Logic Apps to analyze data from an excel file in Onedrive and perform validation, filtration, sorting and convert data into consumable business charts Web app architecture: Used a lot in creating targeted marketing collaterals – when a customer clicks on a webpage, it triggers a webhook, that uses a function to create an ad that matches the customer profile and displays a completed webpage. Real-time bot messaging: When customers send a message to a chatbox, Functions calls Cortana analytics to generate appropriate answers and sends a response back. //from before: Customers have different paths to build a Serverless app – start by building the distributed application components using functions by leveraging the numerous templates and declarative bindings Or Start with the workflow and orchestration of Serverless application using Azure Logic Apps. The visual designer enables developers to quickly and easily author, edit and visualize orchestration of multiple functions and workflow.
  18. Only Microsoft Azure Cosmos database delivers a truly globally distributed database service Azure Cosmos: Puts your data where your users are –wherever they are. Easily handles multi-model data as well as your favorite APIs And offers multiple, well-defined data consistency levels   Using Azure Cosmos DB’s fully managed database service with turnkey consistency models, you can now build and deploy new global apps faster than ever