• No results found

The Enterprise Cloud Rush

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "The Enterprise Cloud Rush"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

The Enterprise Cloud Rush

(2)

WHITE PAPER: THE ENTERPRISE CLOUD RUSH − MICROSOFT/AZURE

Table of Contents

Introduction 3

Legacy Deployment Model

3

The Cloud Takes Shape

4

Customer Scale And Objectives

4

Phase One – Segmentation And A New Perimeter

5

Figure 1 – Initial Network Overview

5

Phase Two – Connecting To The Cloud

6

Figure 2 – Updated Network Overview

5

Phase Three – System Migrations

6

Figure 3 – System Migrations

6

Phase Four – Cloud Application Extension

6

Figure 4 – Hosted Application Extension (Using ExpressRoute)

7

Final Design Highlights And Benefits

7

The Enterprise Cloud Rush − Microsoft/Azure

Prepared By:

John Jacobs – VP, Enterprise Systems Engineering, Fortinet

Praveen Lokesh – Principal Engineer, Fortinet

(3)

Introduction

Starting with the first commercial public cloud launch in 2006, it has become apparent to enterprise organizations

that moving infrastructure out of their traditional data centers has tremendous potential for savings in cost,

complexity and management. Coupled with the ability to leverage consistently-lowering costs and dynamically

scale, this move has accelerated and never looked back.

With over 120,000 employees spread around the world and an acute focus on innovation, development and

support of new intellectual property, Microsoft IT represents a prime candidate to be a leader in the public cloud

adoption. In parallel, their own service offering, Azure, offers the organization direct access to the very tools being

offered to outside enterprise customers.

If you have been in the technology industry long enough, pause for a moment and think of the first time you heard

the casual statement “Oh. That new application is hosted on that old PC under John’s desk”. Now, envision the

network and security challenges such common practices brought about and the chaos that was bound to ensue if

the best scenario came through and that new application was a roaring success.

Legacy Deployment Model

Like any large organization, applications were created by a variety of groups in the organization and the requirements varied in every size and direction. The needed processing, storage and network connectivity was addressed in a linear fashion that worked directly through physical challenges on the way to delivery:

n

n Application scope and projections

Design with consideration of other applications, backup and a disaster plan

(4)

WHITE PAPER: THE ENTERPRISE CLOUD RUSH − MICROSOFT/AZURE

Once the deployment was complete, the natural step was to start making adjustments with regard to scale and location as demand arrives.

Each of these serial processes added time, complexity, cost and introduced risk to the original intent: the deployment of applications for consumption. Layered in the design and in other phases was application security. Always a priority, but sometimes addressed as a reaction instead of a plan, it represents an evolving challenge to simultaneously scale and flex with new demands that are created, often with little regard for their partner software or supporting systems.

The Cloud Takes Shape

With focus and execution, the team at Microsoft Azure has designed and built an open, scalable global platform consisting of compute, storage and other associated network and application delivery services. Now with 19 regions spanning the globe, resources can be close to end users and as flexible as any organization requires.

Current details of Azure can be found at: http://azure.microsoft.com/en-us/

Customer Scale and Objectives

Microsoft’s Cloud properties (Azure, Office365, Bing, Dynamics, Outlook.com, etc.) have been investing in large-scale computing and network infrastructure for nearly a decade. In parallel Microsoft IT has also been growing their Enterprise Data Center facilities to serve the increasing demand for internal resources. The primary difference is the Cloud infrastructure is using commodity HW with a SW architecture purpose built for virtualization; whereas the Enterprise leans heavily on customer built HW with an “appliance first” approach to solutions.

Microsoft IT’s DC approach was the right way to build out for the Enterprise. Traditional workloads with stringent Service Level Agreements (SLAs) dictated a dedicated HW approach. While it was commonly understood this path ensured high rates of stranded/underused HW resources it was the best method to ensure business needs were met – until just recently.

Microsoft’s Cloud infrastructure – namely Azure – has crossed several milestones that allow a true Enterprise level of service within a public cloud. Now that Fortinet’s (Microsoft IT’s Firewall & Threat Prevention vendor) Azure program has launched, the last hurdle for Azure to match their Enterprise Security posture has been cleared. With Microsoft IT facing significant upgrade and growth efforts the move to migrate to the Cloud a simple economic decision. The immediate benefits to Microsoft IT are significant:

n

n Increase service velocity n

n Allow for rapid scale n

n Ensure security n

n Comply with government regulations/mandates n

n Increase visibility to both infrastructure and applications deployed n

(5)

Phase One – Segmentation and a New Security Perimeter

The initial phase started before any applications were moved with the secure segmentation of IT resources from the public cloud. This was done with their chosen security vendor in the same fashion of protecting internal property from external access. Firewalls performing web filtering, application control and IPS scan all traffic moving from inside the network to the cloud. The gateways created clear checkpoints for network traffic and subsequent application connections. Policies were applied to these new connections and manipulated when new applications are created or altered.

(6)

WHITE PAPER: THE ENTERPRISE CLOUD RUSH − MICROSOFT/AZURE

FIG 3: SYSTEM MIGRATIONS AND REDUNDANT VPN REMOVAL

Phase Two – Connecting to the Cloud

Additional hardware devices were placed at the network perimeter and mated to similar platforms at the edge of the Azure edge, connecting over Azure’s own VPN connection, known as ExpressRoute. This commercial service allows customers to connect and/or “extend” their existing data center/resources with a redundant connection via service or colocation providers. Microsoft IT uses this service just like any other customer to offer low-latency, reliable connectivity to multiple data center regions from their key campus and compute facilities.

Details regarding the Azure ExpressRoute offering can be found at the following location:

http://azure.microsoft.com/en-us/services/expressroute/

Phase Three – System Migrations

System migrations were started with those already virtualized. Those moves were simplified as a move from private to public cloud that would mirror most enterprise organizations. A baseline requirement is for applications to be virtualized before moving to shared resources. Therefore some legacy applications will be left due to their inability to migrate. While others still will live in a hybrid state with segments residing in Azure and others remaining in the hosted facility, connected via ExpressRoute, discussed below. With the ability to replicate and test in Azure before removing hosted applications, outages and downtime can be reduced or eliminated.

Phase Four – Cloud Application Extension

With ExpressRoute in place, services/applications hosted in the public cloud can be “extended” out to an ExpressRoute destination (hosted facility as seen in the diagram), where hardware devices such as firewalls, load balancers and application delivery controllers can remain for the benefit of processing intense traffic which requires dedicated chip level processing to get the expected

performance. Allowing off-site locations to host an extension to the Azure resources offers even greater flexibility and scale. This phase of extension from the public cloud has allowed for:

n

n Massive application flexibility

− Expedited execution and predictable scale

(7)

GLOBAL HEADQUARTERS

Fortinet Inc. EMEA SALES OFFICE120 rue Albert Caquot APAC SALES OFFICE300 Beach Road 20-01 LATIN AMERICA SALES OFFICEPaseo de la Reforma 412 piso 16

Final Design Highlights and Benefits

While still underway, Microsoft has already seen benefits from this new paradigm in cloud compute. In addition to those already noted involving scale and flexibility, having compute resources out of the corporate offices or managed data centers has allowed for precise asset inventory and management never before possible. Security policy can be more closely monitored and consistently applied with systems reports now generated from Azure, directly.

Enterprise organizations of every scale and design can reap the rewards of this new paradigm shift. Startups can scale at breakneck pace and mature companies can closely track, manage and refine their costs. Customers can get on to running their business while Azure takes care of running their infrastructure and core services.

FIG 4: FINAL MIGRATIONS AND HOSTED APPLICATION EXTENSION (USING EXPRESS ROUTE)

n

n Elimination or delay of the need to select new hardware platforms for application delivery services n

n Synchronization between geographic regions n

n Simple failover and disaster recovery without the need to build multiple data centers, but rather just ingress remote

References

Download now ( PDF - 7 Page - 2.61 MB )

Related documents

Love That Really Works

For instance, when a man in the context of value- adding intimacy says he loves a woman, he would only say so after he has demonstrated that word... with

We Cook: Fun with Food and Fitness: Impact of a Youth Cooking Program on the Home Environment

The family component of the WeCook program gives the whole family the ability to be involved in the program. The fact that the families only participated in the program once a

Trends in Higher Education: what’s happening in Ireland

‘Delivering Change in the Higher Education Sector’, Higher Education Leadership Conference, Dublin.. This Presentation is brought to you for free and open access by the Centre

Early Adoption Dynamics Of Private Sustainability Governance Initiatives: A Case Study Of The Marine Cultured-Pearl Industry

In consultation with marine cultured-pearl stakeholders, our research team identified three initiatives as potential industry-wide alternatives: third-party certification,

Economic sustainability as a future phenomenon: Moving towards a sustainable hotel industry

The outcomes, in the form of the need for sustainability in the Czech hotel industry, and their connection to economic performance, will serve as the basis for outlining

Children of the Holocaust : a guide to teaching Holocaust curriculum in the elementary classroom : an honors thesis [(HONRS 499)]

There are many picture story books for young children now that are either based on true stories of Holocaust survivors or based on events that happened during the Holocaust..

Australia/New Zealand General Insurance Program Activity and Implementation Report

ACORD Standards Program Activity Implementation Report Page 6 The Australia/New Zealand GI (ANZGI) Working Groups are listed below in alphabetic order:.. Joint Life and GI

Galactic cosmic ray modulation near the heliospheric current sheet

Superposed epoch analysis for all HCS crossings within the four solar cycles (orange lines) showing (a) percentage change in neutron counts, (b) plasma density, (c) magnitude of