Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ahead of the Game Technical Series Sharon Bennett SMB Product Technology Advisor October 15, 2014.

Published byHarry Simmons Modified over 9 years ago

Similar presentations

Presentation on theme: "Ahead of the Game Technical Series Sharon Bennett SMB Product Technology Advisor October 15, 2014."— Presentation transcript:

1 Ahead of the Game Technical Series Sharon Bennett SMB Product Technology Advisor October 15, 2014

2 Content Marker: About this Course Content ID: AOTG-AZURE-DECK-0.1

3 Be Lean, Stay Lean with the Microsoft Cloud

4 Introduction About this Course Delivery Schedule Objectives

5 Logistics and introductions Class hours Rest rooms Meals Internet - https://cloud.holsystems.com/ModernBizhttps://cloud.holsystems.com/ModernBiz - The access code is MBVC2825 Azure Pass Presenter introduction

6 About this course Audience: IT Pros, Consultants, Partners Objectives: Identify opportunities for partners to enable small and medium size businesses (SMBs) to increase efficiency and productivity, while reducing IT operating expenses (OPEX) by implementing hybrid cloud scenarios using Microsoft Azure services and become proficient in designing and implementing Azure technologies and services for SMB customers. Topics covered: Overview of Microsoft Azure, Partner Opportunities, SMB trends, Transacting Microsoft Azure, Reselling Azure services, Azure in Open Licensing Azure Backup, Azure Storage, Azure Web Sites Azure Virtual Machine workloads – Infrastructure as a Service (IaaS) Azure Application Workloads – Platform as Service (PaaS), and Applications on Azure VMs Azure Virtual Machine Networks (VMNet) Azure Active Directory and Identity Management Level: 200-300 Duration: 8 hours

7 9:00 – 9:30 Class Introduction, Partner Opportunities, SMB Trends 9:30 – 10:00Module 1: Azure Backup, Storage and Web sites 10:00 – 10:15Hands-on Lab: Azure Backup, Storage and Web sites 10:15 – 10:30 Morning Break 10:30 – 11:15Module 2: Azure Virtual Machine Workloads 11:15 – 12:00 Hands-on Lab: Azure Virtual Machine Workloads 12:00 – 1:00 Lunch Break 1:00 – 1:30Module 3: Azure Virtual Machine Networks 1:30 – 2:00Hands-on Lab: Azure Virtual Machine Networks 2:00 – 2:15Module 4: Planning and Deploying Workloads to Azure 2:15 – 2:45Hands-on Lab: Deploying Applications to Azure 2:45 – 3:00Afternoon Break 3:00 – 4:00Module 5: Azure Active Directory, Identity Management and Office 365 4:00 – 4:30 Hands-on Lab: Azure Active Directory and Identity Management 4:30 – 5:00Wrap up and Q&A 3:15 – 3:45Module 5: SQL Server 2014 Tools and Manageability Delivery schedule

8 Module 1: Azure Backup, Storage, and Web Sites Topics Overview of IaaS and PaaS. Pricing out Consumption-Based Services. Azure Backup. Azure Storage Accounts and BLOB storage. Azure Web Sites.

9 Topics Provisioning Azure Virtual Machine Workloads. Managing Azure Virtual Machine Workloads. Sizing and Capacity. Importing Virtual Machines. Monitoring Virtual Machines. Pricing out Virtual Machines. Module 2: Azure Virtual Machine Workloads

10 Module 3: Azure Virtual Machine Network and Traffic Manager Topics Windows Azure Virtual Network (VNET). Virtual IP Addresses and Dynamic IP Addresses (VIPs and DIPs). Inbound Traffic – Software Load Balancer (SLB). Supporting multiple VNETs within a subscription. Controlling inter-VNET communications. Site-to-Site (On-premises to Azure) Communications.

11 Module 4: Planning and Deploying Workloads to Azure Virtual Machines and Servers Topics Azure SQL Server Database Service. Azure SQL Server Virtual Machines.

12 Module 5: Azure Active Directory and Identity Management Topics include: Azure Active Directory (Azure AD). Password Sync/DirSync. Office 365 integration and Single Sign-on. Third Party Cloud Services Support for Azure AD Authentication.

13 Content Marker SMB Cloud Trends and Partner Opportunities Content ID: AOTG-AZURE-DECK-0.2

14 Why the cloud? 1 2 3 4 5 Cloud Virtualization Physical server Microsoft Azure

15 The game is changing for resellers How do I support my mobile employees and keep them productive? Am I ready for a disaster? Will I lose my data? Partner role How do I ensure uptime for my applications? How do I save money on infrastructure? Do I need the cloud?

16 Partner opportunity with Microsoft cloud in SMB

17 Growing your business with Microsoft Azure Enables partners to differentiate by bundling their own IP alongside other cloud offerings. Cloud software is easier to develop, test, and take to market. Lowers the barriers to entry to offer managed services.

18 Microsoft Azure App services Network Storage Compute CachingIdentityService busMediaCDNIntegrationHPCAnalytics Virtual machinesWebsites Cloud services Mobile services SQL databaseHDInsightTables Blob storage Connect Virtual network Traffic manager Usage-based services Build applications using any language, tool, or framework. Integrate public cloud solution with the existing IT environment. 99.95% monthly SLA. Automatic operating system and service patching. An open and flexible cloud platform that enables you to quickly build, deploy, and manage solutions across a global network of Microsoft-managed datacenters.

19 Data Backup in the CloudDeploy Applications within VMsHost Websites Key Azure scenarios Provide easy, scalable data backup in the cloud A range of applications: file servers, SharePoint, SQL Server, Exchange. Encrypted backups, Global Geo- redundant datacenters. Quickly and easily provision more storage for your customers as needed. SharePointSQL Server Databases Orders Product AP Business Applications CRM Acct HR Virtual Machines Grow your business helping customers move their websites to the cloud with Microsoft Azure Quickly build, deploy, and manage websites on an open and flexible cloud platform. Offer the peace of mind from hosting on a global network of Microsoft-managed data centers.

20 Local currencies Global datacenters Global support 24 x 7 x 365 support Over 1 billion customers, 20 million businesses 90 markets worldwide 280 years of combined industry experience in infrastructure, security, product dev, and global ops Local account teams ₩ ¥ € руб $ $ £ $ Rp TL chf kr $ R $ $ Microsoft Azure

21 Content Marker: Transacting Microsoft Azure Content ID: AOTG-AZURE-DECK-1.1

22 Azure purchasing options Zero upfront, cancel anytime. No long-term commitment. Monetary Commitments starting at $500/month. Offers additional discounts and terms as part of a deeper commitment to the platform. Direct on azure.Microsoft.com Enterprise Agreement Flexibility with Volume Licensing through a familiar vehicle for SMBs. Opportunity for partners to earn margins, incentives. Open Licensing Programs

23 One Monetary Commitment SKU, available in unlimited quantities. Customers can purchase additional credit for Azure services at any time. Can be used against any Azure service* within 12 months from the date of activation. Available in countries with Open Volume Licensing program partners and that offer Azure Direct. 23 Azure in Open licensing – the details

24 Azure and Office 365 in Open – comparison SKU Structure Single SKU used for any eligible pay-as-you-go Azure ServiceUnique SKUs for each Office 365 Plan, as well as Add-ons Monetary Commitment that expires 12 months from activationCustomers pre-pay for 12 months of service Aligned to cloud channel incentives for managed partners and distributor margin (The FY15 guide will be released in June for the Global Channel Incentives Guide) All Online Services in Open follow existing business processes Leverage existing Distributor and VAR reporting constructs Single SKU provides flexible ‘building blocks’ to scale partner business or customer services. Top up and upsell opportunity for additional services. Partners drive consumption with ongoing customer engagement. Specific SKUs purchased for each service offering. Renewal motions have annual anniversary. Incremental seats added shift customer end dates. Commitment Margin Structure Business Processes Reporting Channel Impact

25 Azure in Open: setup and portal experience

26 Why Azure in Open? Low barrier of entry with no investments in complex billing systems. A consistent, familiar licensing option for cloud services along with your on- premises solutions. A flexible, consumption-based purchasing model. New opportunities to grow margins and deepen customer relationships. Capitalize on the opportunity to incorporate the cloud into your solutions and services

27 Content Marker: Microsoft Azure Overview Content ID: AOTG-AZURE-DECK-1.1

28 Module 1: Microsoft Azure overview, Azure backup, storage and web sites Microsoft Azure Overview Microsoft Azure Backup Azure Web Sites Azure Tools

29 Microsoft Azure IaaS at a glance

30 Microsoft Azure PaaS at a glance

31 Microsoft Azure VMs overview Remote workers Microsoft Azure On-premises

32 Provide scalable data backup in the cloud Data backup in the cloud overview Microsoft Azure Microsoft SQL Server

33 On-premises External workers Microsoft Azure Hosting websites in the cloud overview Grow your business – help customers move their websites to the cloud Web servers

34 On-premises Microsoft Azure Identity and access management overview Enable single sign-on between on-premises and cloud identities Windows Server Active Directory Azure Active Directory (AAD) Consumer identity providers PCs and devices Microsoft apps Third-party cloud/hosting Enable single sign-on across multiple cloud and on-premises applications with ADFS. Integrate cloud with on-premises Active Directory with Active Directory Synchronization. Create and manage identities in the cloud. Help secure access to on-premises and cloud apps with Microsoft Azure Multi-Factor Authentication. Use AAD to manage Office 365 along with other Microsoft and external cloud services.

35 Scenario: How much is your IT costing? Two servers and operating system $10,000 per server CALs $10,000 Two years of facility operating costs $10,000 On-premises backup solution with support for cloud archiving $2,800 with agents Total Costs : about $32,800 / 24 months = ~$1333.33 /month for two datacenter caliber servers month for two datacenter caliber servers. With 7 small virtual machines, this comes out to ~ $1,90.47 per virtual machine per month

36 Pricing out solutions

37 Content Marker: Demo: Microsoft Azure Cost Calculator Content ID: AOTG-AZURE-DEMO-1.2

38 Demo Azure cost calculator

39 Content Marker: Windows Azure Backup Content ID: AOTG-AZURE-DECK-1.3

40 Data protection challenges It’s expensive to protect all that data. Some data may go without protection.

41 Microsoft Azure backup Simple and reliable server backup to the cloud Reliable offsite data protection Convenient offsite protection. Safe data with geo-replication. Encrypted backups. A simple and integrated solution Familiar interface. Microsoft Azure integration. Efficient backup and recovery Efficient use of bandwidth and storage. Flexible configuration. Flexibility in recovery. Cost-effective and metered by usage.

42 When to choose Microsoft Azure backup Suitable for any workload. Already using System Center Data Protection Manager? Microsoft Azure Backup integrates easily. Small business or branch office? Microsoft Azure Backup integrates with the in-box Windows Server backup tool or you can download the free Windows Azure Backup Tool.

43 Azure Backup pricing

44 Creating the Azure Backup vault Recovery services You have no vaults create one to get started

45 Download Azure Backup agent

46 Windows 8.1 SDK to get MakeCert.exe tool

47 Making the encryption certificate  Run the following command, replacing CertificateName with the name of your certificate and specifying the actual expiration date of your certificate after -e: makecert.exe -r -pe -n CN=CertificateName -ss my - sr localmachine -eku 1.3.6.1.5.5.7.3.2 -len 2048 -e 01/01/2016 CertificateName.cer

48 Upload the certificate to the Azure Backup vault

49 Install the Windows Azure Backup agent

50 Register the server and connect to the vault

51 Start or schedule backups

52 Scenario: Simple cloud backup Contoso has invested over $2,500 in software to operate third-party backup tools Contoso pays between $100- $150 per month for online storage. Contoso’s data is backed up and encrypted on- premises, also it is encrypted over the wire during the transfer and it is encrypted in Azure Contoso is the only owner of the encryption key. Microsoft Azure Backup tool is free and supports all of the applications It’s very easy to find out what the monthly costs will be for the storage by using the Azure Calculator.

53 Content Marker: Demo: Windows Azure Backup Content ID: AOTG-AZURE-DEMO-1.4

54 Demo Microsoft Azure backup

55 Content Marker: Azure Web Sites Content ID: AOTG-AZURE-DECK-1.5

56 A powerful self service platform for developers A flexible hosting solution for IT Flexible Web hosting your way with choice of language, framework, database and platform. Scalable Scale out or up in seconds on a load balanced, always up to date, global infrastructure. Enterprise Grade Availability with support for SSL and AD DS authentication. Secure Microsoft Azure Web Sites is a scalable, secure and flexible platform for building powerful web applications to run your business, drive your brand or reach new customers. Platform as a service for the web

57 Azure Web Sites is ready for business Enterprise grade Secure with SSL Access to other Azure services

58 Azure Web Sites has access to other services Web sites

59 Load balanced Always up to dateEasily scaleEconomical Web scale, world wide

60 Azure Web Sites is load-balanced by default

61 Easily scaling of Azure Web Sites

62 Scenario: Web hosting with Azure Contoso currently has: A company intranet Several ASP.NET applications Several WordPress sites - Including a WordPress blog hosted in Internet Information Server (IIS). The sites are hosted on two web servers which are not load-balanced which causes downtime. Contoso wants to implement a BI solution with SQL Server 2014 Reporting Services but is concerned about the growing number of applications that need to be accessed remotely by users with a variety of different mobile devices. Contoso may be willing to migrate its on-premises web sites to Azure. As part of the pilot, Contoso and its Microsoft partner will work closely to create and manage a Word Press Blog, and ASP.NET website which accesses SQL Server databases in Azure as well as on-premises SQL Server data. With this new capability, Contoso can reduce the number of on-premises servers needed to develop and run production web content, as well as provide users with easy, secure access to corporate data by integrating Azure AD with on-premises AD.

63 Content Marker: Demo: Azure Web Sites Content ID: AOTG-AZURE-DECK-1.5

64 Demo Azure Web Sites

65 Content Marker: Lab 1: Azure Backup, Azure Web Sites, Azure Cost Calculator Content ID: AOTG-AZURE-HOL-1.6

66 Hands-on Lab 1 Calculating Azure costs Azure backup Azure Web Sites

67 Content Marker: Azure VM Workloads Content ID: AOTG-AZURE-DECK-2.1

68 Module 2: Provisioning and managing Azure Virtual Machine workloads Microsoft Azure VM Overview Azure VM Affinity Groups Provisioning VMs Managing and Monitoring VM Workloads

69 Azure Infrastructure as a Service (IaaS)

70 Working with Open Source

71 Contoso expects to implement 10+ new virtual machines this year As the number of workloads and hosts grow, servicing the virtual machines and hosts becomes a more complex and manual process Contoso will SAVE approximately 40 % } of the IT costs of running the on- premises servers by migrating their virtual machines to Azure. Scenario: Azure IaaS

72 PowerShell VMDK Open to all apps

73 Microsoft BizTalk Server Microsoft Dynamics AX Microsoft Dynamics GP Microsoft Dynamics NAV Microsoft Forefront Identity Manager Microsoft HPC Pack Microsoft Project Server Microsoft SharePoint Server Microsoft SQL Server Microsoft System Center Microsoft Team Foundation Server Servers supported on Azure virtual machines

74 Active Directory Domain Services Active Directory Federation Services Active Directory Lightweight Directory Services Application Server DNS Server File Services Network Policy and Access Services Print and Document Services Remote Access (Web Application Proxy) Remote Desktop Services* Web Server (IIS) Windows Server Update Services Server role support on Azure virtual machines

75 Persistent Virtual Machines with Geo- Replication Microsoft Azure Storage

76 Microsoft Azure Flexibility and portability of VHD

77 Availability sets

78 Affinity groups

79 You bring it - we run it

80 Contoso is ready to move several production workloads to Azure VMs The on-premises environment will remain unchanged to avoid the risk of downtime Once communications and access is tested, application deployment, virtual networking, and Active Directory integration testing will begin. Contoso wants to ensure a smooth transition using a phased approach of integrating Azure and on-premises IT resources Contoso will work with an experienced cloud- integration partner to create the on-premises integration with Azure IaaS services The solution will allow Contoso to expand and converge infrastructure as needed to keep up with demands and save costs. Scenario: Migrating virtual machines to Azure

81 > PowerShell Build, test, deploy

82 The Add-AzureVHD cmdlet, which is part of the Microsoft Azure PowerShell module, is required to upload the VHD The VHDX format is not supported in Microsoft Azure. You can convert the disk to VHD format using Hyper-V Manager or the Convert-VHD cmdlet. The following Windows Server versions are supported: How to Upload the VHD file to Azure

83 Getting started with VMs

84 The VM is connected to the Internet. RDP inbound is enabled by default. RDP port 3389 cannot be used. A strong password should be used. The VM has unlimited outbound network access. Who can control VM? Security considerations

85 Charge Rate by the Minute Microsoft charges for virtual machines by the minute. Prices are listed as hourly rates and are billed based on total number of minutes when the virtual machines run for a partial hour. Basic Compute Tier New tier of compute instances. Similar in configuration to the Standard tier with lower prices. Does not include load balancer and auto-scaling. Well-suited for single instance production applications, development workloads, test servers and batch processing applications that might not require these features. Standard Compute Tier This tier of compute instances provides an optimal set of compute, memory and IO resources for running a wide array of applications. These instances include both auto-scaling, load balancing, and internal load balancing capabilities at no additional cost. Internal load balancing feature is currently in preview. Virtual machine charge rates and tiers

86 Size CPU cores MemoryDisk sizes – virtual machine Max 1TB Disks Max. IOPS (300 per disk) A0 Shared (0.25) 768 MBOS = 127 GB, Temporary = 20 GB11x300 A111.75 GBOS = 127 GB, Temporary = 40 GB22x300 A223.5 GBOS = 127 GB, Temporary = 60 GB44x300 A347 GBOS = 127 GB, Temporary = 120 GB88x300 A4814 GBOS = 127 GB, Temporary = 240 GB88x300 Basic tier virtual machine sizes

87 Size CPU cores MemoryDisk sizes – virtual machine Max. data disks (1 TB each) Max. IOPS (500 per disk) A0Shared768 MBOS = 127 GB, Temporary = 20 GB11x500 A111.75 GBOS = 127 GB, Temporary = 70 GB22x500 A223.5 GBOS = 127 GB, Temporary = 135 GB44x500 A347 GBOS = 127 GB, Temporary = 285 GB88x500 A4814 GBOS = 127 GB, Temporary = 605 GB1616x500 A5214 GBOS = 127 GB, Temporary = 135 GB44X500 A6428 GBOS = 127 GB, Temporary = 285 GB88x500 A7856 GBOS = 127 GB, Temporary = 605 GB1616x500 A8856 GBOS = 127 GB, Temporary = 382 GB1616x500 A916112 GBOS = 127 GB, Temporary = 382 GB1616x500 Standard tier virtual machine sizes

88 Content Marker: Demo: Provision Azure VMs Content ID: AOTG-AZURE-DECK-2.2

89 Demo Provisioning and managing virtual machines

90 Content Marker: Lab 2: Azure VM Workloads Content ID: AOTG-AZURE-DECK-2.2 20 minutes

91 Hands-on Lab 2 Provision a new virtual machine Monitoring virtual machines Controlling virtual machines

92 Content Marker: Azure VM Networks Content ID: AOTG-AZURE-DECK-3.1 20 minutes

93 Module 3: Azure VM networks VMNet Overview Site-to-Site Communications Partner / Appliance Landscape VPN Support

94 Contoso has decided that migrating to Azure is a cost savings move. In addition, it will improve productivity by allowing employees to access commonly used intranet data and applications from the road using mobile devices. The next challenge is setting up virtual networking on the Azure side, and connect the on-premises users and resources to the Azure cloud. As part the pilot rollout of Azure VMs, the virtual IP Addresses (VIPs) will be set up and the Dynamic IP Address (DIPs) configured. Scenario: Virtual IP addressing in the cloud

95 Gateway Microsoft Azure Virtual Network

96 Point-to-site and Site-to-Site virtual network

97 More options for getting your virtual network started

98 Content Marker: Site to Site Connectivity Content ID: AOTG-AZURE-DECK-3.3

99 Your “virtual” branch office or datacenter in the cloud Extend your Enterprise Networks into Azure networking on- ramp for migrating existing apps and services to Windows Azure. Enables “hybrid” apps that span cloud and their premises. A protected private virtual network in the cloud Set up secure private IPv4 networks fully contained within Windows Azure. IP address persistence. Inter-service DIP-to-DIP communication. Windows Azure virtual network

100 Contoso is concerned about the complexities and IP addressing challengest of connecting Azure public cloud services with on-premises IT infrastructure. Connecting the office to the Azure public cloud to the on-premises resources is a fairly simple process that takes place on the Azure side by setting up an encrypted connection to the server using IPSEC. The process will start with a pilot for a limited number of users and resources using the existing RAS/VPN services. If the pilot is successful, Contoso will invest in a new VPN appliance that will offer better performance, monitoring, and logging. Scenario: Site-to-site connectivity

101 There are multiple ways to access a virtual machine by IP address: VIP – Virtual IP address An internet-facing IP address that is not bound to a specific computer or network interface card. The cloud service that the virtual machine sits within is assigned the VIP. You can have multiple virtual machines in a cloud service. They share the same VIP. DIP – Dynamic IP address This IP address is dynamically assigned (via DHCP) to your virtual machine by Windows Azure. You rely on DHCP – Do NOT statically configure your IP address. Even for DCs. The IP address lease directly equates to the lifetime of the virtual machine. If you create a virtual network, the virtual machine will receive its DIP from that range. IP addressing in Azure virtual networks

102 Quick Create VNet Custom Create VNet Creating a virtual network in the Management Portal

103 Securely connect to Virtual Network from anywhere. Uses VPN client in Windows operating system. Traverses firewalls and proxies. Remote workers Site-to-Site VPN Point-to-Site VPN Extending your infrastructure

104 Content Marker: Demo: Create a Virtual Network in Azure Content ID: AOTG-AZURE-DECK-1.5 10 minutes

105 Demo Azure Virtual Networks

106 Azure DNS (IDNS) You can create your own hostnames. You don’t need to configure anything. Resolves VMs by hostname within the same cloud service. Resolves VMs by FQDN within the same virtual network. Machine names are modeled explicitly and registered in the DNS service. Standard DNS lookups are supported. Bring your own DNS (BYODNS) Name resolution between cloud services. Multiple hostnames for the same virtual machine. Cross-premises name resolution. Reverse lookups (PTR). Wins and NetBIOS name resolution. User Azure DNS or bring your own DNS

107 Azure Traffic Manager Build high performing cloud applications Planning for disaster recovery Upgrade Cloud Applications seamlessly DNS-based service load balancing Direct user traffic to services running across Windows Azure datacenters based on policy:  Performance/latency  Round-robin  DR / Failover

108 1. User requests info using the company domain name. 2. The DNS RR for the company domain points to a Traffic Manager domain in Windows Azure Traffic Manager. This is done by using a CNAME record. 3. The Traffic Manager domain is part of the Traffic Manager profile that you create. You also create rules within this profile. The rules you select dictate the load balance method you want to use and what you want to monitor for health. 4. Traffic Manager processes the rules and returns the DNS name of the cloud service, which is later resolved to the IP address. 5. The User contacts the service directly, by IP address. This information is cached on the client’s computer. Thus, the client will continue to interact with the selected service until that TTL expires. How does Traffic Manager work?

109 You can configure Traffic Manager in the Management Portal. 1. Create a Traffic Manager Profile. 2. Add endpoints. 3. Configure the DNS TTL. 4. Select the Load Balancing Method. Round Robin Performance Failover. Be sure to adjust the failover order. 5. Configure Monitoring. You can either monitor ‘/’ (default directory of the services) or create a file with the same name in each cloud service and allow Traffic Manager to perform an http(s) GET on the file. Then specify in Traffic Manager. 6. Save your changes. How do I configure Traffic Manager?

110 Content Marker: Lab 3: Create a Virtual Network in Azure Content ID: AOTG-AZURE-LAB-3.3 20 minutes

111 Hands-on Lab 3 Create and Azure virtual network Assign virtual machines Connect on-premises to Azure

112 Content Marker: Overview of Application Workloads in Azure Content ID: AOTG-SQL-AZURE-4.1

113 Module 4: Planning and deploying workloads to Azure VMs Azure AD ServiceSQL Server VMs SharePoint VMs

114

115 Content Marker: Running Active Directory on an Azure VM Content ID: AOTG-SQL-AZURE-4.2 10 minutes start time 1:30

116 Contoso is ready to start its application testing and authentication to Azure VMs and applications from devices running in- house. Deployment of a replica domain controller, a SharePoint 2010 Foundation Server, and a SQL Server 2014 Standard Edition Server Contoso users can access applications from their desktops in the office and can access the intranet website using the private IP address space used for in-house resources Once the final phase of the testing is completed, the rollout will be to integrate the on-premises AD DS environment with the Azure AD infrastructure to ensure a single sign-on experience for users. Scenario: Deploying applications

117 Business Drivers: Support for pre-requisites for existing applications, such as SharePoint. High Availability Solutions for SQL Server Databases using Always-On Availability Groups. Disaster Recovery solution for branch offices and a limited set of virtual machines. Dev/Test Workloads. Active directory on an Azure VM

118 Azure VM considerations for DCs Do not sysprep the Domain Controller From an existing physical machine P2V a physical machine and move to Windows Azure Move the Domain Controllers VHD file to Windows Azure Create the virtual machine from the VHD Starting with a new virtual machine Build a new virtual machine and replicate directory to Windows Azure

119 Azure VM considerations for DCs (cont’d.) Attach a data disk (caching turned off) Do not use D:\ ( temporary physical disk) Put logs and account DB on attached disk to avoid data loss

120 Azure VM considerations for DCs (cont’d.) IP Addressing Windows Azure VMs require use of a DHCP leased IP address. The lease is an infinite ‘dynamic’ lease, but not the same as ‘static assigned’ address that you would expect to use in and on-premises environment. The leased IP address is routable for the duration of the lease, which is determined by the life time of the service (or virtual machine). Don’t try to assign a static IP to your virtual machine. You will lose communication to it.

121 Azure VM considerations (cont’d.) Deploy DNS on the Domain Controller The Windows Azure DNS does not cover the AD DNS records needed. Register the DNS server in the virtual network.

122 Content Marker: SQL Server in Azure Content ID: AOTG-SQL-AZURE-4.3

123 Common Azure SQL Server scenarios Full production environment Development and test environments Cloud-based backup of on-premises data SQL Server Always On with cloud-based secondary's

124 In-Memory Built-In Average 10x faster for new and existing SQL Server apps. Multi-tenant Management Enterprise scale using Windows Server and effective resource management with IO Resource Governor. Scalability & Density Enterprise scale using Windows Server. Partner Opportunity & Benefit What’s New with SQL Server 2014 DBaaS services with performance and scalability

125 HA - SQL Always On Availability Groups

126 SQL backup and restore using Blob storage

127 SQL Server (IaaS) Windows Azure SQL Database (PaaS) DevelopmentMigrate Existing or Build New AppsDevelop New Apps ManagementFull ControlManaged Service CompatibilityFull SQL Server CapabilitiesBased on SQL Server Technology Shared Technology Network transport (Tabular Data Stream) SQL dialect (Transact-SQL) Data access APIs (ADO.NET, ODBC, JDBC) Development tools (SQL Server Data Tools) Management tools (SQL Server Management Studio) More Information: http://blogs.msdn.com/b/windowsazure/archive/2013/02/14/choosing- between-sql-server-in-windows-azure-vm-amp-windows-azure-sql-database.aspxhttp://blogs.msdn.com/b/windowsazure/archive/2013/02/14/choosing- between-sql-server-in-windows-azure-vm-amp-windows-azure-sql-database.aspx SQL Server versus Windows Azure SQL Database

128 Content Marker: Running SharePoint on an Azure VM Content ID: AOTG-SQL-AZURE-4.4 10 minutes start time 1:30

129 Product support SharePoint Server 2010 and 2013 supports the hosted virtualization solution of Microsoft, as well as required technologies, such as Microsoft SQL Server, when these products and technologies are deployed on the Windows Azure platform. FAST Search support Do not support Microsoft FAST Search Server 2010 for SharePoint deployments on Windows Azure. SharePoint support on Windows Azure

130 SharePoint Architecture Tips IOPS Most Important Factor Optimize SQL Server storage. Only SharePoint is on the C: drive. Scale Out Not Up Move content databases to separate SQL Servers. Move search databases to separate SQL Servers. Add more WFE for scaling SharePoint services. Add dedicated Search servers and SQL Server.

131 Single virtual machines template AD/DC/DNS WEB/APPSQL Cloud Service Virtual Network Windows Azure Web/App Tier 1 x Large (4 Cores & 7 GB) Data Tier 1 x A6 (4 Cores & 28 GB) Identity Tier 1 Small (1 Core & 1.75 GB) LB 80 20000 Admin AVET SPWEB AVSET SQL AVSET DCSET

132 Highly available template AD/DC/DNS LB WEB SQL APP 80 20000 Admin Cloud Service Virtual Network Windows Azure AVSET SPWEB AVSET SPAPP AVSET SQLHA AVSET DCSET Web Tier 2 x Large (4 Cores & 7 GB) App Tier 2 x Large (4 Cores & 7 GB) Data Tier 2 x A6 (4 Cores & 28 GB) 1 x Small (Quorum) (1 Core & 1.75 GB) Identity Tier 2 Small (1 Core & 1.75 GB)

133 Content Marker: Demo: Deploy a SQL Server Database in Azure Content ID: AOTG-AZURE-DECK-4.5

134 Demo Deploy a Database to Azure

135 Content Marker: Lab 4: Deploy a Domain Controller and SQL Server Virtual Machine Content ID: AOTG-AZURE-DECK-4.6 20 minutes

136 Hands-on Lab 4 Deploy a SQL Server virtual machine Deploy a domain controller in Azure

137 Content Marker: Azure AD Overview Content ID: AOTG-AZURE-DECK-5.1 10 minutes

138 Module 5: Azure AD and identity management Azure AD DirSync and Password Sync Third Party SaaS Support and Office 365 Integration

139 Public identity as the control point Active Directory

140 What is Azure Active Directory?

141 Cloud app discovery AD Agent Logs Active Directory Cloud App Discovery

142 *Coming soon * Single set of credentials

143 Your Directory on the cloud

144 Preintegrated SaaS apps in the application gallery

145 Centrally managed identities and access

146 A stand-alone Azure Identity and Access management service also included in Azure Active Directory Premium. Prevents unauthorized access to both on-premises and cloud applications by providing an additional level of authentication. Trusted by thousands of enterprises to authenticate employee, customer, and partner access. What is Azure multi-factor authentication?

147 How MFA works

148

149 MFA for Office 365/Azure Administrators Azure Multi-Factor Authentication Administrators can Enable/Enforce MFA to end-users Use Mobile app (online and OTP) as second authentication factor Use Phone call as second authentication factor Use SMS as second authentication factor Application passwords for non-browser clients (e.g. Outlook, Lync) Default Microsoft greetings during authentication phone calls Custom greetings during authentication phone calls Fraud alert MFA SDK Security Reports MFA for on-premises applications/ MFA Server. One-Time Bypass Block/Unblock Users Customizable caller ID for authentication phone calls Event Confirmation Azure MFA versus MFA for Office 365

150 Content Marker: DirSync and Azure AD Sync Overview Content ID: AOTG-AZURE-DECK-5.4 10 minutes

151 Directory Sync Synchronizes users, groups, and contacts to Windows Azure AD. Users will have a different password in Windows Azure AD than they have for the on-premises AD.

152 Password Sync versus Single Sign-On Password Sync Single Sign-On (ADFS) Same password to access resourcesXX Control password policies on-premisesXX Support for multi-factor authenticationX *X No password re-entry if on premisesX Authentication occurs in on-premises directoryX Client access filteringX * Limited Support

153 Preparing for DirSync From the Windows Azure Management Portal

154 Azure AD sync tool Formerly known as Dirsync, this tool has been updated to allow for the synchronization of local Active Directory passwords to Azure Active Directory. Also synchronizes users, groups and contacts. This new feature will allow for same user sign in with Microsoft cloud services such as Office 365 Education powered by Azure Active Directory since the username and the password from local AD will be synced up to Azure AD.

155 Content Marker: Demo: Installing and Running DirSync Content ID: AOTG-AZURE-DEMO-5.5 10 minutes

156 Demo Installing and running DirSync

157 Content Marker: Lab 5: Set Up Azure AD, install and run DirSync Content ID: AOTG-AZURE-HOL-5.6 20 minutes

158 Hands-on Lab 5 Set up Azure AD install and run DirSync

159 Wrap up and Q&A

160 The Benefits of Selling Azure Increase profitability with new lines of business in the cloud Deliver the right solutions and services to your customers Build and deploy quickly on a familiar platform $ The best path to capitalizing on the major new business opportunities enabled by cloud computing.

161 Why Microsoft Single vendor across clouds – private, public and hosting provider. Single point of support for infrastructure, OS, services, and applications. Tenured experience and enterprise credibility. Single vendor for Infrastructure-as-a-Service (IaaS) and Platform-as-a- Service (PaaS). SharePoint, SQL Server, and Windows Server run best on Microsoft Azure.

162 Next steps

163 Microsoft Partner Network benefits overview Subject to change…. Action Pack subscription Silver competency Gold competency Microsoft logoSilver competency logoGold competency logo Partner IncentivesCloud incentives Licensing, solution and cloud incentives Internal Use Software Up to 10 product licenses Up to 25 product licenses Up to 100 product licenses MSDN Subscriptions3 MSDN5 MSDN10 MSDN Microsoft PinpointMarketplace listingPriority listingPremier listing Partner Support Community Partner Advisory HoursVaries by subscription type20 hours50 hours Marketing Tools, Microsoft Financing, Sales Tools Active partners can download a benefits summary to understand the benefits available to them and maximize their usage. http://aka.ms/usmpnbenefits

164 Internal use rights licenses that are part of Cloud Essentials or Cloud Accelerate entitlements must be deployed by Microsoft Partner Network Integration launch in January. The end date for all Internal Use Rights will be June 30, 2014. Must sign MOSPA + CSA agreements in order to qualify for CRM Online IURS. *Please refer to the Disclosure Document for full details. Core benefits are available to all partners in all competencies.Disclosure Document for full details **Partners will be able to earn additional licenses of Microsoft Dynamics CRM Online and Windows Azure through specific competencies and competency tracks. Partners are eligible to earn an additional 20 seats of Microsoft Dynamics CRM Online by attaining either a Customer Relationship Management (CRM) competency or an Enterprise Resource Planning (ERP) competency. ***Partners can earn additional Office365 licenses by selling Microsoft Online Services. Partners are eligible to receive an additional five seats of Office 365 after selling 25 seats of Office 365 within the previous 12 months. Internal Use Rights (IUR) Core Benefits* Integrating Microsoft Online Services and Windows Azure Promoting the power of choice Cloud Service SKU Gold Benefit** Silver Benefit** MAPS Benefit*** Comments Office365 E3100 seats25 seats5 seats Each seat of O365 used in exchange for 1 on-premises Client Access License (CAL) - (SharePoint, Exchange, and Lync). CRM Online CRMOL Pro 60 seats15 seats5 seats Each seat of CRM Online used in exchange for 1 on-premises CAL of Dynamics CRM. Windows Intune Cloud Service Only 100 licenses25 licenses5 licenses Up to 5 devices per license. Each license of Windows Intune used in exchange for 1 on-premises CAL of System Center Device Manager. Azure N/A $100 Monthly Credit Azure credit is additional to existing on- premises IURs. Partners can deploy Internal Use licenses via Microsoft Online Services or on- premises software.

165 Start testing Azure now – using IURs What to Test? Azure Scenarios for SMB Why? Develop expertise now in a controlled environment using $100 of monthly Azure credits at no charge Azure Benefits through MPN (MAPS) Azure Benefits through MSDN Find out more: http://Aka.ms/azureiurhttp://Aka.ms/azureiur Where to Start? Partner Programs, Azure Technical Scenario 101s Azure 101’s Azure BackupAzure Backup – Virtual Machines – Active Directory – WebsitesVirtual MachinesActive DirectoryWebsites

166 Single, universal Action Pack subscription leading with cloud Six resource centers aligned to partner practices (partners can choose 1 or more) New benefits Internal Use Rights (IURs): including both on-premises and Cloud products and services. Technical support: Access to telephone support for pre- sales, technical, and deployment issues related to Microsoft Cloud Services. Training: access to over 2,000 training courses on selling, configuring, and implementing Microsoft products and services plus discounts on Microsoft Certified Professional exams. Developer tools: access to world-class Visual Studio developer tools to support development across Microsoft platforms, including desktop, phone, server, and Web. Bing credits: $600 Bing Ads Credit ($100 for partners, $500 for their customers) to market products, services, and solutions. Campaigns: exclusive access to Ready-To-Go Marketing Campaigns for Microsoft products and services. Microsoft Action Pack Subscription – Update

167 Ahead of the Game Technical Series Get additional hands-on technical training on building solutions for small and midsize organizations: Be Lean, Stay Lean with Virtualization and Cloud Master the key technologies for helping SMBs virtualize, and where appropriate, to deploy to the cloud. Be Lean, Stay Lean with the Data Platform Learn to leverage the power of SQL Server 2014 to deliver database solutions both on- premises and in the cloud. Be Lean, Stay Lean with the Microsoft Cloud Learn about Azure cloud solutions and reselling Azure through the Open licensing channel. Business Anywhere Gain the skills to provide solutions to SMB customers in for key mobility and remote access scenarios. Tap Your Data Goldmine Learn how to deliver powerful business intelligence solutions to your SMB customers using familiar tools.

168 Microsoft Partner Learning Paths The Microsoft Partner Learning Paths site is the key resource for all competency related training. Specifically: Sales Specialist assessments. Pre Sales Technical assessments. Technical assessments. Technical Certification courses that align to competency. For more info on the Learning Paths click here.here The Learning Paths site allows you to build learning plans for resources within your organization. Create plans by product, competency, or partner type and track your progress! Click here for a demo!here

169 Training Certifications and Accreditations Microsoft Technical Certifications Microsoft Solutions Associate (MCSA) Microsoft Solutions Expert (MCSE) Microsoft Sales Specialist Accreditation Designed for individuals, who support the initial stage of the sales process at Microsoft partner organizations, and require only a high-level overview of technical product features and benefits. Microsoft Pre Sales Technical Accreditation Designed for technical professionals, who support sales teams with value demonstrations and proof-of-concept development to close deals on solutions built on Microsoft technologies. Get more information at Microsoft LearningMicrosoft Learning Get more information on Sales Specialist training and accreditationSales Specialist training and accreditation Get more information on Pre-Sales Technical training and accreditationPre-Sales Technical training and accreditation

170 Become a Microsoft Cloud Partner When you become a Microsoft Cloud Partner, you receive a set of core benefits to help you start and build your cloud practice, including: Internal-use software rights. Tailored training. Prioritized exposure in Microsoft marketing and product directories. Members of the Microsoft Partner Network Cloud Essentials program receive monthly credits of $100 of Windows Azure at no charge. For details, visit: http://www.windowsazure.com/en-us/offers/ms-azr-0051p/

171 Provide monthly reporting and payment. Join the Microsoft Partner Network. Sign the Microsoft Business and Services Agreement. Join the Microsoft Hosting Community. Contact your SPLA-Disti for further assistance. Build your offer and start selling to customers. 123 456 Rented Virtual Servers Shared or Dedicated Disaster Recovery Rented virtual database servers Database-as-a-Service Lync, SharePoint, Exchange, Dynamics CRM, ERP, LOB apps Custom LOB apps Ecommerce sites Company websites Gaming & entertainment Windows desktops for students or call centers Mobile sales team apps Examples Service Offerings & Managed Services To become an authorized SPLA hosting provider, follow these 6 easy steps: Microsoft hosting solutions—based on one common platform (Windows Server, System Center & SQL Server) For full detail requirements, please see the SPLA Program GuideSPLA Program Guide Host your own solutions to rent out to your customers with SPLA

172 Learn more about SPLA Take advantage the momentum. Plan and expand your service offerings on Microsoft Cloud OS Download and Try: Windows Server 2012 R2, System Center 2012 R2, Windows Azure Pack.Windows Server 2012 R2System Center 2012 R2 Learn more about Cloud OS. TechNet Virtual Labs. TechNet Virtual Labs Hosting Resources on MS.COM/hosting.MS.COM/hosting Microsoft Partner Network Hosting Community. Hosting Community Build and optimize your services offerings by leveraging new capabilities Data Center and Data Platform Hosting Competency.. Technical Deployment Camp: Cloud Infrastructure and SQL Server. Hosting Days Events. Cloud OS Hosting Service Provider Programs: Hyper-V Ignite, COSN, Cloud OS Network Technical Reference Architecture. Expand your reach with investments in marketing and sales Microsoft Services Provider License Agreement (SPLA). Microsoft Services Provider License Agreement (SPLA) License Mobility through Software Assurance. License Mobility through Software Assurance Microsoft Partner Network Resources. Resources Partner Marketing Center Hosting Service Provider Campaign. Hosting Service Provider Campaign

173 Microsoft Virtual Academy Free Microsoft Training Delivered by Experts 173

174 With more than 5 million IT pros, Spiceworks is where people go to share and find info on all- things-IT. Spiceworks Free App Download the Spiceworks app to get network inventory, network monitoring, help desk software, and more! Free Community Spiceworks has all the IT resources you need to make smart IT decisions, including product reviews, vendor ratings, IT help, how- tos, and discussions. Free Career Tools Take your career wherever you want it to go by creating a portfolio, searching job listings, and browsing helpful tips and resources.

175 Ahead of the game campaign resources Leverage Server and Cloud Solutions to dramatically increase margin and keep SMB customers ahead of the game

176 Next steps

177 Summary of partner resources Ahead of the Game Marketing Content http://aka.ms/AheadoftheGame Competencieshttp://partner.Microsoft.com Microsoft Virtual Academy http://www.microsoftvirtualacademy.com/ Partner Learning Center: https://mspartner.microsoft.com/en/us/Pages /Training/partner-learning-center.aspx ISV Upgrade Support Email isvupgrade@microsoft.com with app name and name of ISVisvupgrade@microsoft.com

178

179 Appendix

180 Azure Migration Strategy

Download ppt "Ahead of the Game Technical Series Sharon Bennett SMB Product Technology Advisor October 15, 2014."

Similar presentations

Thanks to Microsoft Azure’s Scalability, BA Minds Delivers a Cost-Effective CRM Solution to Small and Medium-Sized Enterprises in Latin America MICROSOFT.

Thanks to Microsoft Azure’s Scalability, BA Minds Delivers a Cost-Effective CRM Solution to Small and Medium-Sized Enterprises in Latin America MICROSOFT.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Seize the SMB server opportunity Why you should sell Windows Server + Office 365 Deliver the Best of Both Worlds Offer freedom and flexibility with protection.

Seize the SMB server opportunity Why you should sell Windows Server + Office 365 Deliver the Best of Both Worlds Offer freedom and flexibility with protection.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
App services Network Storage Compute CachingIdentityService busMediaCDNIntegrationHPCAnalytics Virtual machinesWebsites Cloud services Mobile services.

App services Network Storage Compute CachingIdentityService busMediaCDNIntegrationHPCAnalytics Virtual machinesWebsites Cloud services Mobile services.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
4/20/2017 CL606 SMB Reseller Keynote: Winning in SMB with Cloud The year of accelerating customer acquisition David Smith General Manager, WW SMB Microsoft.

4/20/2017 CL606 SMB Reseller Keynote: Winning in SMB with Cloud The year of accelerating customer acquisition David Smith General Manager, WW SMB Microsoft.
“ Roughly one quarter of SBs and one half of MBs plan to shift their budgets to more cloud spending over on- premise spending ” -AMI Annual Recurring.

“ Roughly one quarter of SBs and one half of MBs plan to shift their budgets to more cloud spending over on- premise spending ” -AMI Annual Recurring.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Maximize Return on Engagement via Scalable Omni-Channel Online Services in the Cloud COMPANY PROFILE: XOMNI, INC. Founded in 2011 and headquartered in.

Maximize Return on Engagement via Scalable Omni-Channel Online Services in the Cloud COMPANY PROFILE: XOMNI, INC. Founded in 2011 and headquartered in.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.

PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
WHAT OUR CUSTOMERS ARE SAYING “After thorough market research and a review process, Qorus Breeze Proposals stood out from the competitors because of its.

WHAT OUR CUSTOMERS ARE SAYING “After thorough market research and a review process, Qorus Breeze Proposals stood out from the competitors because of its.
Bizfss File Sync and Sharing Solution, Built on Microsoft Azure, Allows Businesses to Sync, Share, Back Up Using Their Own Cloud Storage MICROSOFT AZURE.

Bizfss File Sync and Sharing Solution, Built on Microsoft Azure, Allows Businesses to Sync, Share, Back Up Using Their Own Cloud Storage MICROSOFT AZURE.
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.

Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.
Built on Azure, Moodle Helps Educators Create Proprietary Private Web Sites Filled with Dynamic Courses that Extend Learning Anytime, Anywhere MICROSOFT.

Built on Azure, Moodle Helps Educators Create Proprietary Private Web Sites Filled with Dynamic Courses that Extend Learning Anytime, Anywhere MICROSOFT.
Virtual Classes Provides an Innovative App for Education that Stimulates Engagement and Sharing Content and Experiences in Office 365 MICROSOFT OFFICE.

Virtual Classes Provides an Innovative App for Education that Stimulates Engagement and Sharing Content and Experiences in Office 365 MICROSOFT OFFICE.

Similar presentations

Ads by Google