Why you need an Azure Landing Zone
A well-designed Landing Zone is a key component of the Microsoft Cloud Adoption Framework, and vital to your public cloud environment. Find out here why a Landing Zone is important.
October 3rd, 2022
If your business uses Microsoft Azure, you also need a well-designed and structured Landing Zone. A Landing Zone is a key component of the Microsoft Cloud Adoption Framework, helping organisations to better manage and scale their public cloud environments.
What makes up a Landing Zone?
In terms of Microsoft Azure, a landing zone is a combination of multiple subscriptions within an Azure Environment. These subscriptions are already set up for all areas of the platform that may be required to support the environment, whether that’s Infrastructure as a service or Platform as a service.
You could view a Landing Zone as foundations, built on solid practice and design considerations, which you can build on, expand and scale as required. The design of these foundations will differ, and the basics can be laid out differently from one Landing Zone to the other, as there is not one single design for all types of infrastructure.
While Landing Zones can vary due to their modular design and business requirements, they usually cover certain design areas, as below:
Landing Zone Design Areas
No matter what type of deployment you are designing, be it enterprise, hybrid-cloud, or a simple, small POC (proof of concept) environment, each design area listed should be considered within a Landing Zone.
- Enterprise enrolment – have we set up a tenant that will support growth and scale? How will we license it?? CSP, EA etc?
- Identity – How are we going to control identity and access? Serious consideration should be given to how this is managed.
- Network topology and connectivity – What will our network look like now and how will this scale and grow? What design considerations, such as segregation, do we need to consider?
- Resource organization – How will we organise our resources to allow for growth without red tape? What are our needs around business areas, different teams, subscriptions? And how we implement this within management groups?
- Governance disciplines – How do we stay compliant? How do we enforce security requirements? How do we ensure our data sovereignty?
- Operations baseline – How will we manage, monitor and optimise our environment? How will we maintain visibility within our environment and ensure it operates as required?
- Business continuity and disaster recovery (BCDR) – How will we plan and design for continuity and protect our data? Have we considered the need to replicate data or provide a method of restoration? Do our proposed methods meet the RPO and RTO objectives of our organization?
- Deployment options – How will we deploy our Landing Zone and resources moving forward? Will this be a manual process? Will we consider Infrastructure as Code? What methodologies for deployment could we use?
We’ve helped several customers get their landing zone to good by deploying QuoStar’s best practise landing zone framework, which implements current governance best practises, cost management protection and parameter security. This has helped them to get to a position where they have the correct foundations build upon, future proof expansion and allow adoption and implementation of a continuously evolving best practise frameworks.
As a leading Microsoft partner, contact one of our Cloud specialists today to find out more about our services.
‘A New Era for QuoStar’
QuoStar has appointed three new senior members to its recently restructured board as part of the firm’s continued growth plans. Since the start of the year, 20 new people have joined the experienced QuoStar team, with the new additions set to bolster the company’s growth trajectory in 2022. Andrew Forder, who has nearly 20 years’ […]
Why MFA is no longer enough
It’s time to let go of the view that multi-factor authentication (MFA) provides enough security. Hackers have the means to steal passwords, hijack users’ sign-in sessions and bypass the authentication process entirely, even when MFA is enabled. Adversary-in-the-middle (AiTM) attacks may be nothing new, but the ability of criminals to bypass MFA is. What’s new? […]
Cloud adoption: Understanding and avoiding the challenges
QuoStar’s Rob Rutherford shares a few helpful hints and tips. Certain issues can arise around cloud adoption. However the risks can be mitigated when you know what to look out for. The increasing popularity of cloud services and software. There’s been a huge move onto the cloud recently, particularly around providers such as […]