Road show de comunidades técnicas infra - publico

4.332 visualizações

Publicada em

PPT utilizado no RoadShow Microsoft 2011 - topicos abordados incluem Cloud Computing, Azure , datacenter e demais servicos

Publicada em: Tecnologia, Diversão e humor
2 comentários
2 gostaram
Estatísticas
Notas
Sem downloads
Visualizações
Visualizações totais
4.332
No SlideShare
0
A partir de incorporações
0
Número de incorporações
2.247
Ações
Compartilhamentos
0
Downloads
0
Comentários
2
Gostaram
2
Incorporações 0
Nenhuma incorporação

Nenhuma nota no slide
  • We’re seeing a major shift in computing with the cloud. Changes in technology create opportunities and those opportunities create winners and losers. Sometimes because players don’t embrace the change or perhaps they do.if you think about the regular film industry from a camera perspective, the company that actually dominated that industry invented the digital camera technology, and they thought long and hard about whether or not they were going to actually try to bring that digital camera technology to market. And ultimately because they felt very threatened, that they felt that they would cannibalize their existing business, they decided to sit on that technology, because they couldn't ultimately see how it would expand their overall opportunities. So, other players came into the market that saw that there'd be opportunities, maybe not with film sales but with printer sales and paper sales and ink sales, and as a result the company that actually invented the technology actually lagged the market, and is in many ways only now recovering. You also think about video delivery, and you think about the bricks and mortar store where people would go and rent their videos, and you think about Netflix and how they changed the supply chain for video rental, and they just recently changed it again in terms of doing live delivery, live streaming of videos to Xbox and other game console controllers. And the companies that were stuck in brick and mortar, they're having really hard times. In fact, one of the larger ones just declared bankruptcy not too long ago. And then you think about the world of communications. When you think about the different ways that we communicated in the last few decades, the primary way was snail mail and telephone, and then fax machines came along, and that seemed really super innovative.
  • But when you think about the last five or 10 years, and think about the number of new ways that people now communicate and relate to each other, from Facebook to YouTube to web cameras to MSN Messenger and to Outlook, it really is amazing the amount of transformation that's happened, and it really tells us that there's this huge opportunity from a cloud computing perspective in the future. And while as a company we have this big existing business to protect, and it might seem that that transformation could be a threat to us, and yet in the end we believe that it will be net additive to our business, it will create only more opportunities for us, and that's why we've said many times over the past few months that we're all in.
  • As with any major technology or business transformation, it really comes down to customer needs, and the cloud is no different, that it really is special customer needs that are driving the shift, everything from reducing their capital expenditures, because in today's economic environment it's about making maximum use of your cash flow, it's really being able to focus your spend on driving your core business as opposed to just maintaining the IT infrastructure for your business.  It's about being able to come to market in a new and agile way so enabling individual departments with a company to be able to launch new things quickly. And ultimately it's about becoming a global enterprise as quickly as you can. And all this we refer to as a need to fundamentally deliver IT as a service.
  • Slide Objectives:Explain how Microsoft thinks of the cloudSpeaking Points:There are numerous terms and definitions floating around in the industry for “the cloud”, “cloud computing”, “cloud services”, etc.Microsoft thinks of the cloud as simply an approach to computing that enables applications to be delivered at scale for a variety of workloads and client devices.The cloud can help deliver IT as a standardized service…freeing you up to focus on your business
  • Slide Objectives:Explain the differences and relationship between IaaS, PaaS, and SaaS in more detail.Speaking Points:Here’s another way to look at the cloud services taxonomy and how this taxonomy maps to the components in an IT infrastructure. Packaged SoftwareWith packaged software a customer would be responsible for managing the entire stack – ranging from the network connectivity to the applications. IaaSWith Infrastructure as a Service, the lower levels of the stack are managed by a vendor. Some of these components can be provided by traditional hosters – in fact most of them have moved to having a virtualized offering. Very few actually provide an OSThe customer is still responsible for managing the OS through the Applications. For the developer, an obvious benefit with IaaS is that it frees the developer from many concerns when provisioning physical or virtual machines. This was one of the earliest and primary use cases for Amazon Web Services Elastic Cloud Compute (EC2). Developers were able to readily provision virtual machines (AMIs) on EC2, develop and test solutions and, often, run the results ‘in production’. The only requirement was a credit card to pay for the services.PaaSWith Platform as a Service, everything from the network connectivity through the runtime is provided and managed by the platform vendor. The Windows Azure Platform best fits in this category today. In fact because we don’t provide access to the underlying virtualization or operating system today, we’re often referred to as not providing IaaS.PaaS offerings further reduce the developer burden by additionally supporting the platform runtime and related application services. With PaaS, the developer can, almost immediately, begin creating the business logic for an application. Potentially, the increases in productivity are considerable and, because the hardware and operational aspects of the cloud platform are also managed by the cloud platform provider, applications can quickly be taken from an idea to reality very quickly.SaaSFinally, with SaaS, a vendor provides the application and abstracts you from all of the underlying components.
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • So, let's go ahead and answer that first question, which is about why should somebody think about putting an application on a cloud-based platform like Windows Azure, and there are some workload patterns that are particularly optimal for the cloud. This isn't to say that these are the only workloads that you should think about migrating, but these are workload examples that people can really understand. So, for example, on and off processing. Good examples of this are financial services firms that might have to do overnight calculations every single night during the business week in advance of the next business day. You can imagine that they would need a whole lot of computing resources in order to be able to do the calculations that they need, but it also means that for the other 20 hours of the day that infrastructure will sit idle. You could also think about an example of a company that's growing fast. You think about the early days of Facebook, and they were so, so popular, that there were many times along the way where they had a hard time keeping up with demand, because they literally were having to deploy servers as quickly as they possibly could. And there's quite a lot of work associated with that. There's also the notion of unpredictable bursting. The example I like to use here is there's a company in the U.S. that's called Cheeseburger.com, and they do a lot of these really funky, fun, funny websites. They never know which of those websites is going to suddenly become very popular and see a huge spike in their traffic. But the really interesting thing is that if they're able serve that traffic spike, they actually see that their new normal after that spike has come back down is actually higher than the normal workload or their normal activity before that spike occurred. And so what that tells you is that if they're not able to serve that demand, they actually could see a negative business impact, they could see a reduction in their activity after they were basically unsuccessful in being able to address that demand. And then finally predictable bursting. So, the best example of this is when we think about retail websites during the holiday season. November and December are oftentimes many, many orders of magnitude higher in terms of transaction activity than they are for the rest of the year, but they always know that that spike is going to happen at the same time every year. And the thing that really unites all of these different workload patterns is that it requires companies to actually put infrastructure in place to meet peak or estimated peak demand, and by its very nature it means that that infrastructure is going to be sitting around idle for some period of time.So, when you think about a cloud platform like the Windows Azure platform, it really gives people the opportunity to leverage a platform, leverage our infrastructure, and only pay for the infrastructure they need when they need it, so they can really meet their demand exactly on a real time basis as opposed to having to overbuild for when those peaks might come.
  • I made a comment earlier about how Microsoft is really all in relative to cloud services, and this slide is really to just be able to demonstrate that. We're making deep, significant investments relative to building out our infrastructure and our data centers. We have geo-replicated customer data to provide ultimate and business continuity. We're getting into both public and private cloud flexibility, because we know that customers want to have that level of choice.  We also are committed to ultimately providing services in an excellent way. Sometimes people I think forget that Microsoft has really been in the services business for a very long time. You think back to the early days of Hotmail or even MSN, those are fundamentally services-based businesses. They're fundamentally high scale, and I think that we've demonstrated our capability to do that, and so now we're extending that capability and that competency into really the commercial space. We know that security and compliance is important to customers. So, our existing data centers are both SAS 70 and ISO 27001 certified.  We're very committed to environmental sustainability. So, each time we look at building a new data center facility, we look at how we can reduce the energy that that facility is going to ultimately need to consume. And we have a rapid innovation model, because ultimately we're a technology company, and it's about continuing to push that technology boundary. So, what the lower part of the slide really talks to you about is it unites, it helps tell the story about how Microsoft really has a great story no matter where the customer decides to deploy their particular applications. So, at the very bottom, those are all of our more traditional on-premise applications, and then on the top part it's the corollary or the comparison to what the cloud-based application would be. And that really helps Microsoft tell the story that we have the power of choice, that we have the ability for a customer to truly decide where they want to be able to deploy, when they want to be able to deploy it, and I think that that makes us unique in the industry.
  • So, what is Windows Azure? Windows Azure is an Internet scale cloud services platform that is hosted in Microsoft data centers. So, when we say Windows Azure platform, that means very specifically that it's Microsoft's data centers and we're running that service. It provides a broad-based and powerful general development platform to be able to create both web applications, as well as line of service applications. There's many different people that can take advantage of the platform, depending on the role that they play. So, for example, developers can use existing skills that they have today and familiar tools in order to develop and quickly deploy their cloud applications. If you're an ISV or a systems integrator, you can rapidly reach new markets by being able to quickly develop those applications and deploy them, and only have to pay as you go. When you think about ISVs who may have delivered software in a more traditional way, and they think about creating software as a service, one of the big considerations is really how are they going to host that, how are they going to put the infrastructure in place to be able to provide that service to their customers, and Windows Azure gives them the opportunity to be able to just focus on developing the application but using our platform to actually deliver the service. IT managers, actually this gives them an opportunity to use Windows Azure as an extension of their existing data center facilities. So, in some cases people might think that IT professionals might view cloud computing or the public cloud as a bit of a threat to the on-premise IT environment, but the reality is it really just extends their toolkit and allows them to play a much more strategic role relative to being able to enable the business to get to market quickly. The Windows Azure platform is really comprised of three major components. First off, there's Windows Azure itself, which is compute, storage, bandwidth, connectivity, and service management. There's SQL Azure, which is the relational database capability. And there's Windows Azure AppFabric, which provides the ability to do secure connectivity between applications. And the great part about AppFabric is it allows you to do application to application connectivity, even if those applications are either on the cloud or on-premise, so you actually can create these really cool hybrid scenarios, which is really many of the scenarios that we're talking with customers about today.
  • I made a comment on the previous slide that the Windows Azure platform allows developers to use existing skills and experiences in order to be able to quickly develop new applications and deploy them on the platform, and we really do mean existing tools. So, they would leverage Visual Studio and the .NET framework if they're used to using Microsoft-based programming languages, but also we do support a number of Open Source languages like Python, Java, Ruby on Rails, and so forth. And I think that that's a really important point to make about the platform is that we really are focused on creating an open environment where people of all skills, no matter if they're Microsoft focused or Open Source focused, can still leverage the platform.
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • So, now let's talk about how you buy Windows Azure, because it is a very different product or service than Microsoft has typically offered in the past. The promise of the public cloud is it's really a pay-as-you-go model, and that is the primary way today that you would buy Windows Azure is through consumption-based pricing. It really does allow you to pay as you go and grow, and ultimately pay only for what you use. Then we talk about a subscription basis. As interesting and alluring as it is for somebody to pay as they go, we also are getting a lot of feedback from businesses that they still crave a certain amount of predictability relative to their cost on a month-to-month basis. This is because when they think about a typical on-premise infrastructure deployment, even though it might represent capital expenditures and cash outlay in advance, they still know exactly how much it's going to cost them and what the economic impact is going to be. So, we do have subscription models that allow companies to come in, make a commitment for a period of time, and in return for making that commitment we give them a substantial discount. Now, it does mean that the commitment is that the customer will pay a monthly amount whether or not the underlying resources that they pay for are used, but in return for that commitment the discount that we're providing is quite substantial. And then one of the key assets that Microsoft has it its enterprise, its existing enterprise customer base, and those enterprise customers are used to buying from Microsoft in a very specific way through their Enterprise Agreements. So, we know it's important for us to be integrated into those volume licensing channels, and very shortly we will kick off a pilot that will begin to onboard EA customers onto the Windows Azure platform through an addendum to their EA. We do have some promotional offers in the market today. There are two that we talk to people about. One is the introductory special offer. It provides a small amount of resources on a monthly basis to allow somebody to come in and just try out the platform. We also have an offer through MSDN Premium that provides a much more substantial amount of resources at no charge. The development pricing promotions, so the subscriptions that I was talking about earlier, we have even deeper discounts on a promotional basis for the next several months. Partners who are part of the Microsoft Partner Network would actually get discounts on all of their usage. We have an offer of 5 percent discount. And ultimately, our goal over time will be to integrate across more and more Microsoft programs to make it ultimately easiest to be able to get Windows Azure into the hands of customers.
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • First, from a physical perspective, Windows Azure servers reside in state of the art data centers with state of the art access control. They're completely redundant from a power supply perspective. We really focus on business continuity from a data preservation perspective. We have multiple data centers in three regions around the world, which allows us to geo-replicate data between two data centers in a region. We replicate data multiple times within a data center. We also have logical access control in that we don't allow customers to actually touch the OS itself. That's actually one thing that Windows Azure does for you is update and maintain the operating system. And ultimately we are in the process of pursuing compliance certifications for the platform itself. The data centers today are both SAS 70 and ISO 27001 certified. It is really important, though, that customers understand that they have to ultimately assess the risk of their application, and design that application to address those risks, that while over time we will continue to build out the security aspects of the platform, customers still need to take responsibility ultimately for how that application runs.Additional technical detail:The Microsoft Online Services Security and Compliance (OSSC) team manages ongoing risk analysis and security control.  The OSSC team is responsible for enabling trustworthy online services through Azure.  This team has deployed a defense-in-depth approach to security that includes regular risk management reviews, development, and maintenance of a security control framework along with ongoing efforts and collaboration with law enforcement entities around the world.  This process is not new with Azure - it has been in place since MSN was launched in 1994.  Microsoft has been maintaining the Global Foundation Services (GFS) for years, as GFS provides the foundation for MSN, Windows Live and now the Windows Azure platform.  Their practices are tried and true, and have proven successful for hundreds of millions users.Physical security, which provides for data privacy and service availability, is provided multiple perimeters, with access being more restricted at each perimeter.  A least privileged security policy is used, ensuring that only essential personnel actually get near the equipment.  Security measures include password, hardware tokens, smart cards and biometrics.Specialized hardware such as load balancers, firewalls, and intrusion prevention devices ensure the integrity and security of the cloud network.  The infrastructure actively prevents denial of service attacks and uses gateway functions on dedicated hardware to perform packet inspection and take actions such as blocking suspicious activity.  A globally redundant internal and external DNS infrastructure provides for fault tolerance while additional security controls prevent distributed denial of service attacks and protect the integrity of DNS services.  Continuous monitoring for unauthorized software and DNS zone configuration changes as well as other disruptive service events ensures a secure, reliable DNS environment.Microsoft classifies information assets to determine the strength of security controls to apply to data.  A matrix including the business impact and data sensitivity of compromised data is used to classify data.   For example, assets falling in the moderate impact category are subject to encryption requirements when they reside on removable media or when they are involved in external network transfers.  High impact data is additionally subject to encryption requirements for storage and for internal system or network transfers.  In Azure, symmetric encryption requires more than 128 bit keys while asymmetric encryption requires keys that are at least 2,048 bits long.(source: blogs.credera.com)
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • So, how reliable is the Windows Azure platform? We do have monthly Service Level Agreements that back up each of the services that we provide. When you're talking about compute, storage, database, and so forth, we talk about it from an availability perspective, so is it available for the customer to be able to access.  But we also have another SLA related to compute, which really does differentiate us from our competitors, and that is that we monitor compute instances as they're running, and when we detect that they're unhealthy, we actually initiate a corrective restart automatically within a certain period of time of detecting. And that's a really unique value prop relative to what the industry expects. You can see what the different SLA percentages are themselves. The key is that when we miss those SLAs, then we actually provide credit to the customer's bill based on the degree to which we missed the SLA. So, the initial miss would result in a 10 percent credit on the customer's bill, and if we miss the SLA by a more extreme amount, then it would be a 25 percent credit.
  • I also want to talk about our Content Distribution Network, which really speaks to our investment around performance relative to the platform.  So, a Content Distribution Network essentially allows you to put data much closer to your customers, so that when those customers access that data, it performs in a much speedier way.
  • We have 24 CDN nodes around the world, and this allows us to reach customers that are in very remote locations. So, for example, we have a node in South Africa, and that allows us to get much better performance than if a customer in South Africa were needing to go to one of the European data centers to get that same data. This slide really illustrates the degree to which we've made a significant investment in our Content Delivery Network around the world. It really is a vast geo reach. We also have 2 terabits per second of capacity that's available. So, it really does help us ensure that we're providing excellent performance in order for you to be able to get data to customers.
  • When thinking about what cloud computing means, we hear a lot of different questions from our customers. Really they want to know just what is Windows Azure, and how will it allow us or how will it allow them to scale their IT workloads and their IT infrastructure. Is Windows Azure ultimately more cost-effective than delivering their regular IT on-premise? Will Windows Azure allow me to meet my security, privacy and compliance needs, because especially in today's world that's very much of top concern to customers? How reliable and available is the platform? And then ultimately what new technology are we going to introduce, so what is our roadmap?
  • Now let's talk about the Windows Azure platform roadmap. I think one of the key things that Microsoft will continue to invest in is increasing compatibility between applications that run on the Windows Azure platform and applications that run on-premise. We know how important it is for customers to be able to have that agility, to be able to really choose when and where they run their applications. We'll also continue to integrate more deeply with System Center from a management perspective. We'll do a lot of innovation around storage. We'll continue to deploy CDN nodes around the world to provide even better reach to customers wherever they made reside. And we'll continue to innovate in terms of our business and pricing models, because we know that it's important for customers to be able to understand really how they can get the most value out of the platform.
  • The Windows Azure Appliance is just one very, very recent example of how we're going to continue to innovate in order to solve really the customer's problem. The customer wants to ultimately have the complete capability and choice to be able to deploy when and where and how they want. So, the Windows Azure Appliance allows them to get on-premise security for their data, but to get basic cloud capabilities, and allows them to get massive scale, and to be able to reduce some of that cost of ownership. And I think that's really what differentiates Microsoft is that we provide that complete choice for customers. We don't force them into an either/or proposition, because we don't fundamentally believe it will be either public cloud or on-premise, we think it will be some continuum for the foreseeable future. And I think that's a really important point to make relative to Microsoft and our competitors in the marketplace.The Windows Azure platform appliance consists of Windows Azure, SQL Azure, and a Microsoft-specified configuration of network, storage, and server hardware. It is a turnkey cloud platform that organizations can deploy in their datacenter. Service providers, governments, and large enterprises that would, for example, invest in 1,000 servers at a time, will be able to deploy the Windows Azure platform on their own hardware in their datacenter. The Windows Azure platform appliance is optimized for scale-out applications, like eBay, and datacenter efficiency across hundreds, thousands, and even tens of thousands of servers. The main benefit of the appliance is that it provides the benefits of the Windows Azure platform with greater physical control, geographic proximity, regulatory compliance, and data sovereignty. The appliance will run only on network, storage, and server hardware that meets the Windows Azure platform reference specifications. Microsoft has invested significant engineering resources to ensure that the hardware required by the appliance is optimized to enable service availability, automated management and power, cooling, and operational efficiency across tens of thousands of servers. This hardware is based on industry-standard x64 hardware in order for organizations to be able to purchase the appliance from a choice of partners.This is currently being tested with 3 partners – HP, Fujitsu and Dell, and with one customer - eBay
  • Slide ObjectiveUnderstand that Microsoft has a long history in running data centres and online applications. Bing, Live, Hotmail etc….Understand the huge amount of innovation going on at the data center levelSpeaking Points:Microsoft is one of the largest operators of datacenters in the worldYears of ExperienceLarge scale trustworthy environmentsDriving for cost and environmental efficientlyWindows Azure runs in 3 regions and 6 datacenters todayData center innovation is driving improved reliability and efficiencyPUE = Power Usage Effectiveness = Total Facility power/IT Systems Power = Indication of efficiency of DCUnder 1.8 is very good, modern cloud DCs approaching 1.2Multi-billion dollar datacenter investment700,000+ square foot Chicago and the 300,000+ square foot Dublin, Ireland data centersMicrosoft cloud services provide the reliability and security you expect for your business: 99.9% uptime SLA, 24/7 support. Microsoft understands the needs of businesses with respect to security, data privacy, compliance and risk management, and identity and access control. Microsoft datacenters are ISO 27001:2005 accredited, with SAS 70 Type I and Type II attestations.Notes:http://www.globalfoundationservices.com/http://blogs.msdn.com/the_power_of_software/archive/2008/06/20/microsoft-s-pue-experience-years-of-experience-reams-of-data.aspxhttp://blogs.msdn.com/the_power_of_software/archive/2008/06/27/part-2-why-is-energy-efficiency-important.aspx
  • “Public Cloud” A set of external computing resources that are shared with other organizationsResources are externally hosted by a 3rd party service provider and are typically dynamically provisioned and billed on a fine-grained utility computing basis Examples of Public Clouds: Exchange OnlineAmazon EC2Azure PlatformSalesforce.comGoogle App Engine3rd-party service provider providing infrastructure services (e.g., virtual machines, storage, etc.) using resources that are shared by different customersWindows Azure Platform Appliance deployed and managed by a 3rd-party service provider and is shared by different customers “Private Cloud”A set of computing resources that are dedicated to a customer (not shared with other customers) Resources may be on premises or externally hosted by a 3rd-party service providerIf the dedicated resources are hosted, this is special type of Private Cloud called “Hosted Private Cloud”Examples of Private Clouds:MSIT who could run HR, Finance, Accounting, and Business Process Applications on the same on-premise, fully virtualized, elastic, scale-out, shared infrastructure Windows Azure Appliance deployed and managed on customer premiseExamples of Hosted Private Clouds:A dedicated infrastructure hosted by a 3rd-party service provider BPOS-D-- which is a hosted instance of our Business Productivity Suite dedicated to single customer
  • So we’ll start off by just talking about the landscape, some of the challenges that you may be facing and then we’ll look at the solutions to those challenges.Okay, so, what we’re looking at here is this a typical “enterprise” – we’ll call it “organizational boundary” – you’ve got assets that are built within your enterprise, you may have databases, services, web services and applications that are built and always intended to be run within the domain – the security domain of your organization, behind your firewall, protected from intruders– however, you may have branch office which are part of your organization but are not part of the same security domain, so they’re geographically dispersed and not able necessarily to connect directly to your network. As well you may have partners in the same, kind of scenario, where they need to share, call your web services to do to B2B work to be connected in that way. Additionally, you may very well be building new cloud applications that extend rather than replace your current applications. These applications may need to depend on some of these services back inside the firewall to – to implement the functionality of that website, so an example there would be – let’s say you’re a retailer and you’re building a sort of a promotional site out in the cloud. You may have the catalog content, the browsing, looking for the product in that application but when the user actually buys, you need to call back to a service running behind your firewall to fulfill that order. Additionally, more and more mobile applications, maybe your own users, your sales force, your sales team as they’re out – outside your firewall may need to access some of those resources as well as you may have customer scenarios where you need to provide access from mobile devices into these services, so, ideally, you would be able to just connect right in and use those services. However, currently, the firewall, although it’s obviously got its purposes, also provides a challenge and it’s actually a challenge, organizationally to open up holes in the firewall to allow these kind of scenarios to be used. It is technically possible but most security teams are very reluctant to do that. So one big scenario is having existing assets and services that we would like to expose out through our firewall to that external applications and that’s a challenge and we’ll look at the solution later. The second big area has to do with security and specifically identity. You’re probably using something like Active Directory and you’ve got all your user identities there and that controls the access of your users to your internal assets, however with this new cloud, you may very well now be building applications that are running in the cloud but they’re intended to service your internal users – they’re not necessarily going have the same access directory domain, so how do you provide access? How do you grant access to those resources running in the cloud? And you want an easy way, without having to add each user individually, you’d like to be able to establish a trust boundary from your active directory to the cloud application. The third big area has to do with database replication. You’ve got data onsite, you may have related databases running in the cloud or in branches or partners and, ideally, you would like to keep that data in sync as it’s changed in one place, have that be reflected to the other place. Again, that’s technically possible with – you can write code to do that but, again, you’re dealing with firewalls, you may be dealing with different technologies and that can be a challenge. The fourth area is network connectivity. You may have cloud applications that need to directly access a database, i.e. there is no web service providing access to the data. Going the other way you may want an administrator inside your firewall to be able to connect to an Azure resource (Web Role, Worker Role, VM Role, etc.). Basically these are scenarios where you’ve got some challenges, where you’ve got code inside and/or users and you would like to be able to connect them seamlessly and the current technology is just making that difficult. So as we’ve discussed and the Windows Azure platform provides solutions for these four areas.
  • So we see challenges in these 4 areas. We are going to go into more detail on each and look at the services provided in Windows Azure Platform that address them.You’ve got Identity, messaging, data, and network connectivity in both on-premises and cloud environments. The Windows Azure platform has Access Control, Service Bus, Data Sync, and Connect which are technologies that can help bridge each of these areas between the two environments.
  • Key message: only Microsoft provides a private cloud platform that supports the bridges between IaaS and PaaS.You’ll want to make this transition for lower costs and improved availabilityOver the next 2 years we’ll be filling these gaps in 5 areasEvery 6 months Azure refreshes their platform – and tightens the linkages between Windows Server on premises and Azure off-premises DMR: Are we sure “network topology” is the right term?
  • Customer traction –(July 2010 – Source Corp. Cloud Computing Pitch doc) BPOS – Nokia, Aviva, GSK, Vodafone Spain; Azure – Aer Lingus, Daimler / Mercedes-Benz More than 50% of the Fortune 500 now have Microsoft Online ServicesMS Online: > 1m paying customers in 36 countries / regions WWBING 59 Markets – 41 languages (Source: Bill Spencer MSFT PRINCIPAL BUSINESS MANAGER, US-SEARCH PM)Windows Live Hotmail More than 355 million active accounts worldwide (Source: comScore WW July 2010)The world’s largest web-based email service and is used in nearly every country in the world. 59 markets and 36 languages Windows Live MessengerMore than 303 million active accounts worldwide (Source: comScore WW July 2010) The #1 most used free instant messaging service in the worldUp to 9.4 billion messages sent a day (Source: Microsoft internal data, as of March 201076 markets and 48 languages  Windows Live Photo Gallery Install base of over 352 million of the current version since the release in January 2009. (Source: comScore WW July 2010) Windows Live Photos (on SkyDrive)Reach more than 56 million users worldwide (Source: comScore WW July 2010) Windows Live Mail Install base of over 349 million of the current version since the release in January 2009. (Source: comScore WW July 2010)Windows Live IDsMore than 500 million active Windows Live IDs. (Source: Microsoft internal data, as of April 2010) MobileWindows Live SMS services, such as Hotmail alerts and Messenger IM-> SMS are available in more than 30 markets. Windows Live for Mobile clients is available in over 150 markets.Windows Live mobile web services, incl. Messenger, are available in more than 50 markets today.The developer program initiated a number of years ago has enabled us to have more than 200 mobile operators and thousands of devices globally. (Source: Microsoft internal data, as of April 2010)  
  • Travel application.Development – how to support the various identity providersManagement – how to leverage existing AD repository rather than creating new accounts and passwordsOkay so now that we’ve seen how it works, let’s go back and look at that original challenge, that original architecture we’re trying to achieve and see how Access Control can really help provide what we’re looking for. First of all Access Control is able to accept the trust relationship with the Active Directory Federation Services and so in one fell swoop, in a sense, the admin is able to grant access to our application to all of the users as we desired. In addition we can support. Access Control allows us to support all of these internet identities and then because the application just trusts the Access Control Service, the developer only has to write ht application once, to look for the set of credentials he’s looking for. Access Control handles the trust relationships between all of these identity providers and mapping of the credentials.
  • AppFabric Access Control allows you to easily locate and connect cloud services, hosted assets and non-permits applications, so think of it as a registry, a sort of internet service bus that runs in the cloud, you register your services there, they can be discovered by other people, connected to, and one of the big things it does is it allows you to navigate the firewall boundaries, securely and simply and we’ll look at how it does that without requiring your firewall administrator to open a hole in the firewall, to then securely and simply register those services, and allow them to be called by outside parties.Lastly it’s written in inoperableways, and supports all the standard protocols
  • AppFabric Access control can be done and is being done today but it can seemvery challenging. Many people are very cautious around launching this on a broad scale and opening up the firewall ports to allow that, most people are reluctant without understanding more of the details, so let’s look at a little more detail in Fabric Service Spots, which helps to solve that cloud of connectivity.
  • ACS centralizesSingle code base (WIF)Easily federate with on-prem AD Support for broad range of identity providers and protocolsOkay, so let’s take a look just a little deeper. We saw some of what Access Control does; let’s now talk a little bit about how this works. You know Application 1 and Application 2 want to talk to each other, they’re behind firewalls and we don’t want to have to open up specific ports, so what happens is each application will initiate out. Most firewalls allow you to make – to initiate a call out to the internet over HTTP, so the applications are going to initiate out and register on the service spots, that they have pre-arranged, ahead of time, a certain name space where they are going rendezvous and so by them both initiating out through the firewall, they establish that connection of the service bus and from that point on they can send each other messages back and forth, that connection is kept alive and the firewalls are happy with that. Now this is all secured through Access Control, which we looked at before, so it’s not like just anybody can walk up and call your service and do things they shouldn’t, you’re still securing this through Access Control.
  • Lets look deeper into the challenges and solutions for Application-layer Connectivity and Messaging
  • Here are a couple of main interaction patterns that we wanted to focus on here and look at how you would use these and some of the situations and just solve some of the challenges we looked at, so first of all it’s just exposing existing services. You’ve got a web service you want to access across the internet; you want to publish it and allow bi-directional communication, what we looked at before. So those are two basic patterns that we’ll look at, so the first solution, again, is trying to consume the service out to – through the firewall – to a broad set of applications. The service cost provides a solution to that by being a common endpoint that all the different parties can securely initiate and communicate to, as we looked at, so the service itself first initiates out through, makes that connection, registers on the service bus, and then all of the other options, whether it be branch or partner or cloud application, or mobile applications, can send messages to the service bus, again, secured through Access Control Service and, at that point, the connections can flow.
  • Each application initiates its own outbound connection through the firewall to the service bus (outbound http traffic is allowed by most firewalls). The connection is kept alive and used for inbound communication. Endpoints in the service bus are secured through Access Control.So how does it work?Traverse NAT/Firewall – Each App initiates outbound connectionExchange messages between loosely coupled applicationsSupport for a variety of messaging patternsMessage buffering for loosely connected applications
  • Lets look into specifics on the challenges and solutions for Data Synchronization
  • Okay so we’ve looked at security, we’ve looked at connectivity; now let’s look at federated data. It’s similar problem that we have in the services where we have data spread across but it needs to be correlated, it needs to be synchronized
  • Okay, so what you’ve done is Data Sync and it’s going out to a database, it’s going to a cloud, you’ve got other data that’s on premises and it looks like it’s replicated, is that right? Yeah, and so what you’ve got here is instead of actually exposing your all-premise assets, you’re able to use the Data Sync to take the all-premise assets, place them in a cloud in a common location, which then your partner, you branch office, perhaps other cloud applications, or even mobile users, will then be able to access, as opposed to going directly into your own premise database, which needs to remain secure and so, in essence, this is creating another portal, or another access for you to connect to another access point, or your users to gain valuable information without exposing some confidential and sensitive components.
  • Lets look into specifics on the challenges and solutions for Data Synchronization
  • Another Connectivity/Security option available in Windows Azure.Example Scenarios:Access to Windows Azure role instances (VM’s) for remote administration and debuggingDistributed application – Windows Azure roles require access to on-premises resources (SQL, SharePoint, Web, Active Directory, Legacy system etc.) or vice-versaDomain-join Windows Azure roles – enable authentication to on-premises resources, Group Policy managementManage Windows Azure VM’s using existing on-premises infrastructure (SCOM, Active Directory Group Policy etc.)Direct corpnet access to Windows Azure Roles (not via external VIP)
  • Road show de comunidades técnicas infra - publico

    1. 1. RoadShow de ComunidadesTécnicas<br /><Sua Cidade 00/00><br /><Profissionais de Infraestrutura><br />
    2. 2. Conheça o Time Técnico IT Pro<br />Fabio HaraIT Pro Evangelist<br />Microsoft Brasilwww.fabiohara.com.brtwitter.com/fabioharafabioh@microsoft.com<br />
    3. 3. Microsoft Innovation Center<br />www.microsoft.com/mic/default.aspx<br />
    4. 4. Comunidade Técnica<br />Microsoft Influencers<br />Agradecimentos<br />
    5. 5. Acompanhepelo Twitter<br />#msroadshow<br />
    6. 6. Agenda<br />
    7. 7. Cenário – AdventureWorks<br />“Estou gastando muita energia com os servidores “ <br />“Está muito caro fazer upgrade dos meus servidores“ <br />“Todo mês os usuários reclamam de vírus nos e-mails“<br />“Minha equipe de TI perde muito tempo dando manutenção no ambiente de rede ao invés de trabalhar em novos projetos de melhoria"<br />“Quero uma ambiente de rede que seja fácil de atualizar e gerenciar”<br />“Toda vez que para um servidor a empresa vira um caos"<br />
    8. 8. Solução Proposta - Infraestrutura<br />
    9. 9. Desafio<br />“O que é Cloud Computing?”<br />“O que é Windows Azure?”<br />“O que é o BPOS?”<br />“O que é Nuvem Pública? O que é Nuvem Privada?”<br />“Onde está a nuvem? Como é a sua segurança?”<br />
    10. 10. Agenda<br />O que é a Nuvem?<br />NuvemPública e NuvemPrivada<br />Plataforma Windows Azure<br />Benefícios<br />RecursosImportantes<br />
    11. 11. Ontem<br />Hoje<br />GrandesMudanças: Oportunidades e Riscos<br />
    12. 12. Aprendendo com o Passado<br />
    13. 13. Necessidades dos ClientesestãoDirecionandopara a Nuvem<br />Reduzirdespesas com capital<br />Manterfoco no que é o principal da empresa<br />Agilidadeparaosdepartamentos<br />Globalização<br />“TI<br />comoServiço”<br />
    14. 14. Evolução da Computação<br />ComputaçãoTradicional<br />ComputaçãoVirtualizada<br />ComputaçãoemNuvem<br />PrivadaPública<br />
    15. 15. Mas… o que é nuvem????<br />
    16. 16. ComputaçãoemNuvem<br /> O conceito de computação em nuvem (em inglês, cloud computing) refere-se à utilização da memória e das capacidades de armazenamento e cálculo de computadores e servidores compartilhados e interligados por meio da Internet<br />http://pt.wikipedia.org/wiki/Cloud_computing<br />
    17. 17. Porquê “nuvem”????<br />
    18. 18. A nuvemnãopossui forma definida. Existemnuvensgrandes e pequenas. Uma nuvempodeaumentar, diminuir e atémesmomudar de lugar<br />
    19. 19. E o quêisso tem a ver com TI????<br />
    20. 20. A analogia é a mesmapara TI<br />Uma aplicaçãonanuvem é acessadapela Internet, em datacenters espalhadospelomundo.<br />Vocêpodecriarumaaplicaçãoqueaumenteoudiminua a quantidade de instâncias (servidores) alocados, de forma bem simples<br />Vocêpodeescolheremqual datacenter no mundovairodarsuaaplicação<br />Vocêpodecriarumaaplicaçãoque use umainstância com maioroumenorcapacidade<br />
    21. 21. Hummm, entendi. Mas vocêvaidemonstrarissonaprática, certo?<br />
    22. 22. Ahh, agora sim!<br />
    23. 23. TI comoServiço (IT as a Service)<br />“SaaS”<br />SOFTWARE<br />como SERVIÇO<br />“PaaS”<br />PLATAFORMA<br />como SERVIÇO<br />“IaaS”<br />INFRAESTRUTURA<br />como SERVIÇO<br />
    24. 24. ServiçosnaNuvem<br />Infraestrutura<br />(comoServiço)<br />Plataforma<br />(comoServiço)<br />Infra Tradicional<br />Software<br />(comoServiço)<br />VocêGerencia<br />Applications<br />Applications<br />Applications<br />Applications<br />VocêGerencia<br />Data<br />Data<br />Data<br />Data<br />Runtime<br />Runtime<br />Runtime<br />Runtime<br />GerenciadopeloFabricante<br />Middleware<br />Middleware<br />Middleware<br />Middleware<br />VocêGerencia<br />GerenciadopeloFabricante<br />GerenciadopeloFabricante<br />O/S<br />O/S<br />O/S<br />O/S<br />Virtualization<br />Virtualization<br />Virtualization<br />Virtualization<br />Servers<br />Servers<br />Servers<br />Servers<br />Storage<br />Storage<br />Storage<br />Storage<br />Networking<br />Networking<br />Networking<br />Networking<br />
    25. 25.
    26. 26. O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascargas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    27. 27. O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascargas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    28. 28. Cargas de TI Ideaispara Cloud<br />“CrescimentoRápido“ <br />“Ligado e Desligado“ <br />Inactivity<br />Period <br />Compute <br />Compute <br />Average Usage<br />Usage<br />Average<br />Time <br />Time <br />On and off workloads (e.g. batch job)<br />Over provisioned capacity is wasted <br />Time to market can be cumbersome <br />Successful services needs to grow/scale <br />Keeping up w/growth is big IT challenge <br />Complex lead time for deployment<br />“DemandaInesperada“ <br />“DemandaPrevista“ <br />Compute <br />Compute <br />Average Usage <br />Average Usage <br />Time <br />Time <br />Unexpected/unplanned peak in demand <br />Sudden spike impacts performance <br />Can’t over provision for extreme cases <br />Services with micro seasonality trends <br />Peaks due to periodic increased demand<br />IT complexity and wasted capacity <br />
    29. 29. A Plataforma Microsoft<br />Produtividade<br />Segurança<br />Produtividade<br />Segurança<br />Gerenciamento<br />WebCRM<br />Produtividade<br />DB<br />BI<br />CRM<br />
    30. 30. Online<br />Serviços na Nuvem Oferecidos<br />PRODUTIVIDADE<br />COLABORAÇÃO<br />APLICAÇÕES DE NEGÓCIOS<br />PLATAFORMA<br />GERENCIAMENTO<br />ARMAZENAMENTO<br />COMUNICAÇÕES<br />On-Premise<br />SERVIÇOS COMPROMETIDOS <br />COM EXCELÊNCIA<br />INVESTIMENTOS PROFUNDOS EM INFRAESTRUTURA<br />>$2B investidosem infrastructure para Cloud<br />Replicaçãogeográfica de dados de clientes<br />Flexibilidadeparanuvempublica e privada<br />Comprometimentos com SLAs<br />Infraestruturaemconformidade com SAS 70 e ISO 27001:2005<br />Comprometimento com sustentabilidadeambiental<br />Modelorápido de inovação<br />
    31. 31. O que é Windows Azure?<br />Windows Azure é umaplataforma de serviçosemnuvemescalável via internet hospedadaem Datacenters da Microsoft pelomundoprovendoumaplataformasimples, confiável e robustapara a criação de serviços e aplicações web. <br /><ul><li>Desenvolvedoresutilizamconhecimentos e ferramentasexistentesparadesenvolveraplicaçãoespara a nuvem
    32. 32. ISVse Integradores de Softwarerapidamentealcançam o mercado e pagamnamedidaquenecessitam
    33. 33. Gerentes de TIobtémacesso a um novo conjunto de recursossemadicionarcomplexidade
    34. 34. Empresas de todosostamanhosrapidamenterespondem as necessidades de mudanças das empresas</li></li></ul><li>A Plataforma Windows Azure<br />LINGUAGENS DE PROGRAMAÇÃO DE PROPÓSITO GERAL<br />PLATAFORMA como um SERVIÇO<br />Compute<br />Storage<br />Management<br />CDN<br />App Fabric<br />Marketplace<br />Relational data<br />Management<br />
    35. 35. O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascarsgas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    36. 36. Modelos de AquisiçãoparaPlataforma Windows Azure<br />Assinatura<br />LicenciamentoAdicional<br />Consumo<br />“PaguepeloUso e Crescimento”<br />“Comprometimento“<br />“AquisiçãoCoordenada” <br />PlanejadoparaFuturo<br />Disponível Agora<br />Disponível Agora<br />Descontosparaaquisição<br />Previsibilidadeparapagamentos<br />Barreirabaixaparautilização com grandeflexibilidade<br />Otimizadoparaelasticidadenanuvem<br />Experi~enciacentralizada de aquisição<br />Introduçãoparadescontosem volume<br />Ofertas<br />Promocionais<br />PreçoparaDesenvolvimento<br />Integração com <br />Programas<br />DescontoparaParceiros<br />
    37. 37. O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascarsgas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    38. 38. ProvendoSegurança com a Plataforma Windows Azure<br />FISICA<br />CONTINUIDADE<br /><ul><li>Multiplos datacenters emlocalidadesgeográficasdiferentes
    39. 39. Usuáriospodemescolherumaunicalocalidadeou geo-distribuída
    40. 40. Dados armazenadossãoreplicadosmúltiplasvezes
    41. 41. Desenhadopara backup e restauraçãoatravés de checkpoints
    42. 42. Localizadoem datacenters da Microsoft com osultimosrecursos de segurançadisponíveis
    43. 43. Fontes de energiaredundantesatravés de fornecedoresdistintos (tanto de bateriaquantogeradores de diesel de backup, controladores de temperatura e supressão/prevenção de incêndios)</li></ul>LOGICA<br />CONFORMIDADE E CERTIFICAÇÃO<br /><ul><li>Microsoft estáemconformidade com padrõesrelevantes e obrigaçõesregulamentórias
    44. 44. Certificação de indústria é parte principal do Roadmap do Windows Azure
    45. 45. Clientessãoresponsáveispelasegurança e conformidade dos seusserviços e aplicações
    46. 46. Windows Azure é otimizadoparaacesso via nuvemsemacessoadministrativopara guests ouaplicações
    47. 47. Aplicações e usuáriosnãoatualizam o SO</li></li></ul><li>O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascarsgas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    48. 48. ConectividadeComputacional<br />Dsiponibilidade de Barramento de Serviços e controle de acesso<br />Monitoração de Instâncias e Correção<br />Disponibilidade de Database<br />Disponibilidade de Armazenamento<br />Barramento de serviços e pontos de controle de acessoterãoconectividadeexterna<br />Requisições de operação de mensagensserãoprocessadas com sucesso<br />Serviço de storage serádisponível e alcançável(conectividade)<br />Suasrequisições de Storage serãoprocessadas com sucesso<br />Content Delivery Network (CDN) melhora a performance e disponibilidade<br />Database é conectávelatravés de um gateway de internet<br />Todososdatabases serãomonitoradoscontinuamente<br />Todas as regrasrodandovãosercontinuamentemonitoradas<br />Se umaregranãoestárodandoentãoiremosiniciar a correção de estado<br />Seusserviçosestáconectado e alcançável via web. Regras de internet com conexãopública tem regras de conexãopública<br />>99.9%<br />>99.9%<br />>99.9%<br />>99.95%<br />SLA Mensal<br />>99.9%<br />
    49. 49. VisãoGeral do Windows Azure CDNPermitequeclientesentreguemconteúdos de Nodes (nós) próximosaosusuáriosfinais<br />Cliente<br />Azure Storage<br />ECN NODE…<br />ECN NODE 2 - TOKYO<br />ECN NODE 1 - LONDON<br />PermiteCDN para<br />Azure storage<br />www.customer.com<br />Windows Azure<br />Self-service portal<br />Direcionaparamelhorexperiência de usuário, alcance global, crescimento de engajamento<br />e maiorretorno<br />EDGE CACHING SERVERS<br />EDGE CACHING SERVERS<br />EDGE CACHING SERVERS<br />
    50. 50. Windows Azure Content Delivery Network (CDN)<br />Microsoft tem umavastarede de datacenters pelomundo<br />Região da América do Norte<br />Região Europa<br />Região Asia Pacífico<br />Dublin, IE<br />London, GB<br />Stockholm, SE<br />Amsterdam, NL<br />Chicago, IL<br />Seoul, KR<br />Seattle, WA<br />Newark, NJ<br />Paris, FR<br />Zurich, CH<br />Tokyo, JP<br />Bay Area, CA<br />Los Angeles, CA<br />Ashburn, VA<br />Vienna, AT<br />Hong Kong, HK<br />Miami, FL<br />San Antonio, TX<br />Taipei, TWN<br />Singapore, SG<br />São Paulo, BR<br />Sydney, AU<br />Acima de 2 terabits porsegundo de capacidadedisponível com índice de 99.95% <br />
    51. 51. O que as pessoasquerem saber…<br />O que é Windows Azure, e comovai me permitirescalarminhascarsgas de trabalhoem TI?<br />O Windows Azure tem customaisefetivo do que a minhainfraestrutura local de TI?<br />O Windows Azure permiteatenderminhasnecessidades de Segurança, Privacidade e Conformidade?<br />O quanto é confiável e disponível a plataforma Windows Azure?<br />Qual é o Roadmap da Plataforma Windows Azure?<br />
    52. 52. Roadmap da Plataforma Windows Azure<br />Presente<br />Futuro<br />
    53. 53. Windows Azure Appliance<br />Serviço Azure no seu datacenter<br />Windows Azure e SQL Azure<br />On Premises / Hosters<br />Desenhadoparaescalamassiva e multi-localidades<br />Idênticoao hardwarenos Datacenters com Windows Azure<br />Entregueatravés de parceiros de hardware<br />ControleFísico – ProximidadeGeográfica<br />ConformidadeRegulatória<br />
    54. 54. DataCenters do Windows Azure<br />Região da América do Norte<br />RegiãoEuropéia<br />Região da Ásia/Pacífico<br />N. Europe <br />N. Central – U.S. <br />W. Europe <br />S. Central – U.S. <br />E. Asia<br />S.E. Asia<br />6 datacenters distribuídosem 3 continentes<br />Simplesmenteselecioneseu datacenter de escolhaquandoestiverimplantandoumaaplicação<br />
    55. 55. NuvemPública vs. NuvemPrivada<br />NuvemPública<br />NuvemPrivada<br />A nuvempúblicarepresentaosprincipaisatributoscomo self-service, compartilhada, escalável/elástica e baseadaemutilização<br />A nuvempúblicarepresentaosprincipaisatributoscomo self-service, compartilhada, escalável/elástica e baseadaemrecursosdedicados<br />Empresa<br />Serviço<br />Departmento<br />TI<br />Empresa<br />Provedor de Nuvem<br />Serviço<br />Serviço<br />Serviço<br />Serviço<br />Serviço<br />Serviço<br />
    56. 56. É verdadeque a nuvemvaiacabar com o emprego do profissional de infraestrutura?<br />
    57. 57. Parceiro<br />Sync<br />Sync<br />Sync<br />Sync<br />Sync<br />Cloud App<br />FuturosDesafios dos Profissionais de Infraestrutura<br />
    58. 58. PlataformaWindows Azure<br />Empresa<br />Identity<br />Access Control<br />Application-layer <br />Connectivity & Messaging <br />Service Bus<br />Data Synchronization<br />SQL Azure Data Sync<br />Network Connectivity<br />Windows Azure Connect<br />Slide 48<br />
    59. 59. Serviços Microsoft paraNuvemPública e Privada<br />Plataforma de servidores<br />Plataforma de serviços<br />Windows Azure<br />Windows Azure Platform Appliance<br />MicrosoftCloud<br />Datacenter Tradicional<br />NuvemPúblicaouPrivada<br />NuvemPúblicaouPrivada<br />Ferramentas de Gerenciamento<br />System Center<br />Ferramentas de Desenvolvimento<br />Visual Studio<br />Federação de Dados<br />SQL Azure Data Sync<br />Modelos de Programação e Aplicação<br />.NET Framework e AppFabric<br />Modelo de SegurançaFederada<br />AppFabric Access Control Service<br />IdentidadeFederada<br />Active Directory<br />Rede<br />Windows Azure Connect<br />
    60. 60. Cenário das Demonstrações<br />20% físico<br />80% virtual<br />Gerenciandouma TI Dinâmica<br />Armazenamento<br />Processamento<br />Rede<br />
    61. 61. RecursosImportantes<br />Passo1- Windows Server 2008 R2<br />Aprendamaissobre Windows Server 2008 R2<br />http://bit.ly/instalewin2008r2<br />Passo2- AprendaVirtualização<br />http://bit.ly/instaleprivatecloud<br />http://bit.ly/vmwareaprendams<br />Passo 3- Saibamaissobre Cloud e Virtualização<br />http://bit.ly/msdnazure<br />http://bit.ly/technetvirtualizacao<br />Passo4- Tire suasdúvidas com outros especialistas<br />http://bit.ly/forumvirthttp://bit.ly/forumbpos<br />
    62. 62. Cloud Computing paraProfissionais de TI<br />Office Web App<br />Photosynth<br />Windows Intune<br />System Center Advisor<br />Monitoração de Aplicação no Azure<br />Remote Desktop no Azure<br />Windows Phone 7<br />Demo!<br />
    63. 63. Cloud Computing paraProfissionais de TI<br />Conheça por dentro de Datacenter<br />De Cloud Computing da Microsoft<br />Apresentação<br />
    64. 64. Chicago Datacenter Tour.<br />
    65. 65. Microsoft’s Huge Global Scale 24x7<br />
    66. 66. Chicago vs. traditional datacenters<br />
    67. 67.
    68. 68. 700,000 square feet<br />
    69. 69. Largest knowncontainer datacenter in the world<br />
    70. 70. Scalable and modulardesign first floor<br />
    71. 71. 1.22 PUE<br />Reduced waste and carbon footprint<br />
    72. 72. Flexible & Agile: One day installationfor contained compute capacity<br />
    73. 73. Up to 2,400 servers per container<br />
    74. 74. Plus standard colocation rooms on the second floor deploying tens of thousands of servers<br />
    75. 75. Water side economizers = greater efficiency<br />
    76. 76. 30 mega watts today, 60 future<br />
    77. 77. Back-up generators <br />for power <br />
    78. 78. Cloud Infrastructure Security <br /><ul><li>FISMA ATO
    79. 79. ISO 27001:2005 Accreditation
    80. 80. SAS 70 Type I and II Attestations</li></li></ul><li>Ready for Your Services in Chicago<br />
    81. 81. Como foiResolvido?<br />
    82. 82.
    83. 83. Desafio<br />“Todo mês os usuários reclamam de vírus nos e-mails”<br />“Outro dia parou o correio eletrônico e todo mundo ficou ligando para o suporte ”<br />“Meus usuários querem acessar seus e-mailsde qualquer lugar, até pelo celular”<br />“O servidor de correio eletrônico fica lentotoda vez que preciso fazer varredura de vírus”<br />“Meu servidor de arquivos está cheio de dados duplicados (e até triplicados)”<br />“O pessoal de vendas está gastando muito com ligações telefônicas e viagens”<br />
    84. 84. Business Productivity Online Suite<br />Demo!<br />
    85. 85. Como foiResolvido?<br />
    86. 86. RecursosImportantes<br />Passo1- Cloud Power<br />Conheça as soluções de ComputaçãoemNuvem<br />http://bit.ly/cloudbrasil<br />Passo2- Online Services<br />http://bit.ly/bposbrasil<br />Passo 3- Saibamaissobre Cloud e Virtualização<br />http://bit.ly/msdnazure<br />http://bit.ly/technetvirtualizacao<br />Passo4- Tire suasdúvidas com outros especialistas<br />http://bit.ly/bposforum<br />
    87. 87.
    88. 88. Desafio<br />“Tenho muitos servidores que ficam ociosos na maior parte do mês”<br />“Gostaria de ter uma infraestrutura dinâmica” <br />“Lentidão em servidor é sempre uma dor de cabeça”<br />“Toda vez que tenho que atualizar o hardware é uma dor de cabeça enorme”<br />“Tenho certeza que o pessoal de desenvolvimento pediu um servidor muito acima do necessário só para dizer que o sistema nunca ficará lento”<br />
    89. 89. Private Cloud<br />Demo!<br />Microsoft Hyper-V<br />System Center Virtual Machine Manager 2008 R2<br />Self-Service Portal 2.0<br />
    90. 90. Como foiResolvido?<br />Partner Software Technology<br />Armazenamento<br />Rede<br />Processamento<br />
    91. 91. RecursosImportantes<br />Passo1- Cloud Power<br />Conheça as soluções de ComputaçãoemNuvem<br />http://bit.ly/cloudbrasil<br />Passo2- AprendaVirtualização<br />http://bit.ly/instaleprivatecloud<br />http://bit.ly/vmwareaprendams<br />Passo 3- Saibamaissobre Cloud e Virtualização<br />http://bit.ly/msdnazure<br />http://bit.ly/technetvirtualizacao<br />Passo4- Tire suasdúvidas com outros especialistas<br />http://bit.ly/forumbpos<br />
    92. 92.
    93. 93. Desafio<br />“Não existe migração: preciso reinstalar toda a maquina para migrar do Windows XP para Windows 7”<br />“Gostei do Windows 7, mas ainda tenho programas que só funcionam no Windows XP”<br />“Está saindo muito caro atualizar todas os desktops da minha empresa”<br />“O pessoal do suporte leva mais de 8 horas para reinstalar uma maquina. Enquanto isso o usuário fica parado”<br />“Para mim o Windows 7 só tem uma interface nova, nada mais de novo”<br />
    94. 94. Windows 7<br />Demo!<br />Virtual Desktop InfrastructureMicrosoft Deployment Toolkit 2010<br />XP Mode<br />App-V<br />
    95. 95. Como foiResolvido?<br />Virtual Desktop Infrastructure<br />Microsoft Deployment Toolkit 2010<br />DirectAccessGerenciamento de EnergiaProblem Step RecorderBranchCacheNAPBitLocker<br />Virtual PCXP Mode<br />
    96. 96. RecursosImportantes<br />Passo1- Windows 7<br />Conheça o produto e seusrecursos<br />http://bit.ly/conhecawindows7<br />Passo2- Aprendamaissobre Windows 7<br />http://bit.ly/examewindows7<br />http://bit.ly/instalewindows7<br />Passo 3- Saibamaissobre Windows 7<br />http://bit.ly/technetwindows<br />http://bit.ly/technetvirtualizacao<br />Passo4- Tire suasdúvidas com outros especialistas<br />http://bit.ly/forumwindows7<br />
    97. 97.
    98. 98. Cloud App<br />Active Directory<br /><ul><li>Usuário– Nãoquercontasdiferentesparaacessaraplicativos
    99. 99. Desenvolvedor– Nãoquerescrevercódigoparasuportarvariosprovedores de identidade
    100. 100. Administrador– Querintegrarfacilmenteo acesso das aplicações com as identidades do Active Directory</li></ul>Desafios com Identidades<br />
    101. 101. O que é:<br /><ul><li>Baseadoem Claims, é um serviço de gerenciamento de autorizaçãoporfederação</li></ul>O quefaz:<br /><ul><li>Simplifica a autorização de acesso do usuário entre organizações e provedores de ID
    102. 102. Realizatransformação entre Claims paramapemaentos de identidades com níveis de acesso</li></ul>Usadopara:<br /><ul><li>Segurançanacomunicação do AppFabricService Bus
    103. 103. Segurançaparaserviços web
    104. 104. Segurançaparaaplicações web</li></ul>AppFabric Access Control<br />
    105. 105. Como Funciona<br />3. Mapeia input claims <br />para output claims baseadonasregras<br />de controle de acesso<br />1. Define regras de controle de acesso<br />Controle de Acesso<br />4. Retorna token <br />(recebe output claims)<br />0. Estabelece trust via troca de chaves<br />2. Requisitatoken<br />(envia input claims)<br />6. Processa<br />token<br />SeuServiço<br />Cliente<br />5. Enviamensagem<br />com token<br />
    106. 106. Soluções de Identidade: Cloud Single Sign-on com Access Control<br />AC<br />ADFS 2.0<br />Active Directory<br /><ul><li>Usuário– PodeusarseuProvedor de Identidade de preferência
    107. 107. Desenvolvedor– Escreve um conjunto de códigoparasuportarmultiplosprovedores de identidade
    108. 108. Administrador– Garanteacessoparatodososusuários do Active Directory, estabelecendo Trust entre Active Directory e o Access Control</li></li></ul><li>PlataformaWindows Azure<br />Empresa<br />Identity<br />Access Control<br />Application-layer <br />Connectivity & Messaging <br />Service Bus<br />Data Synchronization<br />SQL Azure Data Sync<br />Network Connectivity<br />Windows Azure Connect<br />Slide 91<br />
    109. 109. Partner<br />Desafios de Conectividade das Aplicações:Extender alcance de Assets SOA Assets através de Cloud<br />Cloud App<br />
    110. 110. Barramento de Serviço<br />Como Funciona<br />Envia<br />Recebe<br />Recebe<br />Envia<br />App 1<br />App 2<br /><ul><li>Traverse NAT/Firewall – CadaApp iniciauma outbound connection
    111. 111. Troca de mensagens entre aplicações
    112. 112. Suporteparaumavariedade de patterns de mensageria
    113. 113. Message buffering paraaplicaçõesconectadas</li></li></ul><li>PlataformaWindows Azure<br />Empresa<br />Identity<br />Access Control<br />Application-layer <br />Connectivity & Messaging <br />Service Bus<br />Data Synchronization<br />SQL Azure Data Sync<br />Network Connectivity<br />Windows Azure Connect<br />Slide 94<br />
    114. 114. SQL Azure Data Sync (CTP)<br />Movimentação de Dados<br />Cloud  cloud<br />Infraestrutura Local cloud<br />Obtendo dados ondevocêprecisa<br />Sync SQL Azure instances<br />Sync SQL Server to SQL Azure<br />Sync offline apps to SQL Azure<br />Permite geo-replicação de dados<br />SQL Azure<br />Sync<br />
    115. 115. SQL Azure Data Sync (CTP)<br />SQL Azure Database<br />AGORA<br />Sync<br />Sync<br />Data Sync Service For SQL Azure<br />EscritóriosRemotos<br />Lojas<br />Sync<br />Sync<br />Sync<br />Sync<br />Sync<br />FUTURO<br />On-Premises (Headquarters)<br />
    116. 116. PlataformaWindows Azure<br />Empresa<br />Identity<br />Access Control<br />Application-layer <br />Connectivity & Messaging <br />Service Bus<br />Data Synchronization<br />SQL Azure Data Sync<br />Network Connectivity<br />Windows Azure Connect<br />Slide 97<br />
    117. 117. Virtual Network<br />Windows Azure Connect (CTP)<br /><ul><li>Provêconectividadetransparente entre o Windows Azure e recursoslocais da suainfraestrutura, usandosegurançabaseadaemIP (IPSec)
    118. 118. Conectando com recursos da nuvemparapropósitosadministrativos</li>

    ×