Microsoft Azure guide for IT professionals

Cloud - An IT pro's guide to Microsoft Azure

Whether you’re considering cloud or are already utilising cloud services it’s likely you have heard of Microsoft Azure. This guide provides you with a high-level overview of the different applications, benefits and the potential drawbacks which you need to be aware of when considering Azure.

What is Microsoft Azure?

Microsoft Azure is Microsoft’s public cloud computing platform. It was introduced in October 2008 as Windows Azure but was later rebranded as Microsoft Azure in April 2014. It provides a range of cloud services, including those for compute, analysis, storage and networking, as well as cloud-based versions of enterprise Microsoft solutions such as Active Directory and SQL Server.

The platform is designed to allow businesses to have a way to easily build and manage customised applications and other services, which are then deployed on an enterprise-grade data centre that’s supported or managed by Microsoft.

As of November 2018, Azure is generally available in 54 regions around the world.

Microsoft Azure Regions

What services does Microsoft Azure provide?

The directory of Azure services is growing all the time so for the most up to date information it is recommended that you check their website. Below we have broken the services down into key types.

  • Compute – Including virtual machines, cloud apps, containers, batch schedules and APIs
  • Networking – Provision private networks, load balancing, VPN gateways, manage traffic and monitor network performance.
  • Storage – Includes cloud storage, blob storage, queue storage, file storage and disk storage as well as cloud backup and recovery.
  • Web and Mobile – These services allow you to do things like create and deploy cloud apps for web and mobile, automate access and use of data, build cloud APIs, send phs notifications and deliver content virtually to all devices
  • Containers – Including container registry, container instances, and service fabric and container server
  • Databases – These services include managed SQL database and managed MySQL database as a service, data transformation and movement and Azure Cosmo DB.

Examples of Microsoft Azure products

  • Data & Analytics – Among others things, these services allow you to build, deploy and manage predictive analytics solutions, create interactive data visualisation and manage data transformation,
  • AI and Cognitive Services – Includes a range of APIs such as emotion recognition, facial detection, computer vision and speech conversion.
  • Internet of Things – These services help users to capture, monitor and analyse IoT data from sensors and other devices.
  • Enterprise Integration – Enables users to connect cloud environments and automate the access and use of data.
  • Security and Identity – Manage Azure deployment, schedule and run jobs and create automation. Identify and respond to security threats,
  • Developer Tools – Collaborate with other users, create environments and detect, triage and diagnose issues within web apps and services.
  • Monitoring and Management – Monitor, manage, analyse and automate your Azure resources.

What are the benefits of Microsoft Azure?

  • Fast – Azure is fast to deploy, operate and scale.
  • Easy Transition – Typically easier to use “out-of-box” and more user-friendly. This, alongside the fact that Azure virtual machines integrate with other Microsoft products, generally makes the transition to cloud infrastructure smoother.
  • Security – Microsoft holds a number of security accreditations including ISO/IEC 27018, iso 27001, ISO 9001, Cloud Security Alliance (CSA) STAR Self-Assessment, ITAR, HIPAA and the HITECH Act, FEDRamp and IRS 1075. With Azure, you also have complete control of the collection, access, use and distribution of your company data, as well as complete visibility and control over data storage and access.
  • Development – Microsoft regularly adds new features and solutions to Azure’s directory.
  • Agile – Enables businesses to develop, test, feedback and retry when developing applications without expensive outlay or complicated infrastructure.
  • Global Reach – Azure is currently available in 38 global regions, with a further 4 planned.
  • Scalable – Microsoft Azure can typically be leveraged for any size business, from a start-up right up to enterprise level organisation.
  • Flexible – Like other cloud service providers, Azure offers the ability to instantly provision computing resources on demand.
  • Fully Integrated – Contains many elements beyond storage, including a unified delivery pipeline, IoT integrations and a development environment. Azure is also closely integrated with other Microsoft tools such as SharePoint, Office 365 and Outlook.
  • Protected – Azure has regional and global fail over options, hot and cold standby models as well as rolling reboot capabilities.
  • Compliant – For tightly regulated industries like financial services, Azure is compliant with regulations.
  • Deployment – You can deploy Azure anywhere, whether that’s your own data centre or a single model to deploy on-premise and to the cloud.
  • Reduced IT Costs – Helps you to reduce costs typically associated with expanding infrastructure.

Potential drawbacks of Microsoft Azure

Many consider Microsoft to be one of the top three public cloud platform providers, alongside Google and Amazon. However, that doesn’t mean their platform is perfect.

Downtime

Azure does have a reputation for being difficult to manage, but one of the biggest issues is downtime. CloudHarmony reported that, during the course of 2017, Azure experienced a total of 740 minutes of downtime, compared to Amazon Web Services which experienced 205 minutes and Google which experienced a total of 11 minutes.

Microsoft has experienced several significant periods of downtime throughout 2018. Back in June, Microsoft’s Azure cloud went down for eleven hours, affecting customers in North Europe, due to an underlying temperature issue in one of the datacentres in the region. Microsoft also experienced a further lengthy outage in September when a severe lightning storm in the San Antonio area disrupted the power supply to the data centre in the region and knocked the cooling systems offlines, damaging a ‘significant amount’ of equipment. The issues affected anyone with workloads in the South Central US data centre as well as customers worldwide who were using Active Directory and Visual Studio Team Services, for more than 24 hours. However, no data was lost during this period as engineers decided to prioritise preserving customer data instead of moving customers over to another data centre, which could of results in the loss of some data, according to a report from Microsoft.

Although the amount of downtime looks shocking, it is important not to take these findings completely at face value. Microsoft has previously stated that the reason their average downtime can look disproportionate is due to the fact that they operate in such a high number of regions across the world, far more than other providers. They argue that when looking at average uptime across regions Azure reliability is “in line with that of the other cloud providers measured”.

Management

Azure also requires a certain level of management, including patching and server monitoring, to ensure optimal performance. It may be “user-friendly” and easy to set up, but at a management level, it requires some expertise to ensure that all parts work together efficiently. Of course, one way to obtain this level of expertise – and simultaneously reduce the burden of management – is to engage with a managed service provider who has experience in managing and operating cloud infrastructures.

Conclusion

For many businesses, cloud computing is a perfect tool for moving a business forward. Providing access to advanced technologies and infrastructure without the associated cost of on-site resources. Deciding which cloud platform is right for you comes down to your needs. Although the cost of using the cloud is a big concern, that alone shouldn’t inform your decision making. Many providers offer a free trial so you can experience what each platform is like hands-on.

Another option to consider is to opt for a private managed cloud. With this approach, you receive all the benefits of the public cloud, such as agility, scalability and efficiency, but with greater levels of security, control and flexibility as you will have a dedicated, single-tenant environment. Furthermore, choosing a reputable third-party provider to manage your cloud environment removes the burden of responsibility for hardware and data centre operations, allowing businesses to focus on the applications which run their operations.

Images from Microsoft

Threats and solutions to the end of Windows Server 2003 support

end of windows server 2003 support

Generally, you haven’t moved away from Windows Server 2003 because a critical and extremely complex piece of internal software relies on it, or due to budget constraints. There are a few other reasons, but chances are that you are simply being negligent and putting your business at risk for the sake of saving a few £s. If you are ignoring the end-of-support warning due to financial concerns, then you are playing a dangerous game. In fact, if you are unfortunate, a savage enough attack could cripple your business or even put it under – and that’s not scare-mongering.

You will notice a few security vendors stating that they can protect you whilst you still run Windows Server 2003, but generally, this isn’t really the case as the weak link often comes in a process or a person. Also, if they were all so good we wouldn’t have any viruses or exploits, would we?

So, if you are in a difficult situation, where do the real threats lie?

  • The server faces the Internet directly, i.e. many hosting companies give a customer a server with a live Internet address (IP) on it. The customer then installs a software firewall on top of the Windows 2003 operating system.
  • The server indirectly faces the Internet, i.e. it’s connected through some sort of physical/virtual firewall, i.e. the server is acting as a web server, client portal, FTP server, etc. Even if the firewall has advanced intrusion prevention the risk is significant.
  • The server is not accessed from the outside world but initiates communications,e.g. it is a Terminal Server/Citrix server, proxy server, etc. The threat comes from the server hitting a website with malicious code and fires an exploit that compromises that server and the LAN/WAN it sits on.
  • The server sits on an open LAN with other network devices, such as PCs, laptops and other servers. Although these other machines may not be able to be infected – they can still potentially pass on ‘an infection’ to an unprotected Windows 2003 server.
  • The server has other devices plugged into it at times, i.e. USB storage devices. The risks are lower here but still real.

There are other risks but these are the main ones and the most significant. Over the coming months, the risks to Windows Server 2003 are going to be pretty large as hackers and the like hold back exploits until the support ends. The flames will burn brightly for say 6-9 months and then slowly taper off as the easy prey has been picked off and the bandits look for new pickings.

If you have left it too late to switch from Windows Server 2003 then what are the key things you can do to protect your environment?

  • Don’t connect it to the Internet directly or indirectly.
  • Segregate it via the normal LAN via a VLAN and/or a firewall device.
  • Any connections to it from internal pass through an intrusion protection firewall.
  • Don’t plug any external devices into it.
  • Plan to migrate services from Windows Server 2003.

The important thing to do is plan to protect services as soon as possible, then get your plan ready. Depending on the size of your environment, it’s unlikely to be a straightforward task, so you should probably start planning now or bring in a consultant quickly. You need to take a number of factors into account as a bare minimum. Here a few generic ones to get you thinking about the implications.

The implications

  • Will your existing hardware support new operating systems and/or software?
  • Do your IT staff need training to roll-out and manage the new operating systems and/or software?
  • How will you overcome any compatibility issues?
  • Will your other applications work on the new operating systems and/or software?
  • Will your 3rd party application vendors support their applications on a new platform?
  • How long will it take to test everything?
  • Will you need to train other employees to use the new operating systems and/or software?
  • What resource will you need to roll out the new operating systems and/or software?
  • How long will it take to roll the new software out?
  • What are your other options? Could you go thin-client? Could you go to the cloud?
  • What do you need to budget for?

If you’ve been avoiding a move due to expense then remember that everything can be turned into an OpEx. This does help financing and budgeting immensely. You can go for a fully managed cloud, your own private cloud, or simply replace servers and software in-house. You can also finance development work and consultancy and wrap it into a monthly payment.

Running Windows Server 2003 past the end of support will likely leave you open to regulatory issues. It will also leave you open to a lot of issues from an insurance perspective should a breach happen. Also, how about the embarrassment of your breach in the press? I know I’ve been quite strong in my views here on a bit here, but this has been on the radar for years, there is no excuse.

Not taking action now is simply like knowing the spare bedroom window won’t close properly. Chances are at some point someone’s coming through it.

Robert Rutherford – CEO of QuoStar

NEXT>> 8 security mistakes legal firms make

QuoStar gets gold partner green lights from Microsoft

quostar is a microsoft gold partner

For the third year running, Bournemouth and London based IT Services provider QuoStar has achieved a full flush of Green Lights in a recent Microsoft Gold Partner Customer Satisfaction Index survey.

Microsoft Gold Partners are judged on a number of criteria in five key performance areas that measure customer satisfaction. TNS, one of the world’s largest market research companies, administers the survey independently, on behalf of Microsoft.

TNS talked to QuoStar’s clients to determine the level of satisfaction. The survey generates a score in each area, which is compared to the average for all Gold Partners. A higher than average score results in a green light on the Microsoft ‘Dashboard’. QuoStar achieved all five green lights.

Currently, participation in the Microsoft customer survey is voluntary. However, QuoStar has been happy to engage since becoming a Gold Partner. “We had no hesitation in signing up for it from our very first year after securing Gold accreditation back in 2006. It’s right that they talk to our clients; now we know it was our customers who decided we’d made the grade again,” says a delighted Rob Rutherford, CEO of QuoStar.

Its importance is not lost on the QuoStar team. “For a start, it helps us understand and act on customer satisfaction and loyalty information, and to remain competitive by benchmarking our industry performance,” Rutherford explains. “Had the survey picked up any weaknesses or areas of customer dissatisfaction, we’d be able to put things right immediately. As it didn’t, it shows us that we’re delivering what our clients want, which hopefully makes it important to them as well.”

Microsoft states that Gold Certified Partners “…represent the highest level of competence and expertise with Microsoft technologies and have the closest working relationship with Microsoft.”. Rutherford and his team see participation by customers as an advantage that ensures QuoStar maintains this ‘highest level of competence’.

Microsoft’s five key performance areas are NSAT (Net Satisfaction Rating ), customer segmentation, revenue impact, customer loyalty and overall performance. They have now decided to mandate the survey for Gold Partners every year, something that Rutherford looks forward to. “I’m keen to see how some of our so-called competitors measure up,” he added wryly.