Tuesday, March 31, 2015

Hybrid Cloud Resources

If you are trying to figure out how to take advantage of the distributed computing power of the cloud but aren't sure if you have to abandon or re-factor your existing on-prem infrastructure, the hybrid cloud is for you.

Yes, you need to start with good documentation about your infrastructure and key applications.  You need to know where the people you are serving are connecting from most often (Internet, local network, etc) and how you would like them to authenticate... and as you start pulling this information together you can start to see how building a hybrid cloud can help you put resources in the best place for your users or customers to access and how ease access issues with synchronized log-on credentials with Azure Active Directory.

To help with getting you started, my fellow friends and Evangelists pulled together 15 posts over the last few weeks to get you started, including 6 step-by-step guides

I have two posts in the series:
For more general information about Azure, I have an Azure page where I list out links to information that's been hand to me. I really hope you find this stuff useful. There is a lot to learn, but a bunch of great ways to make it work for you.

Thursday, March 19, 2015

Remote Desktop Services in Azure or Azure RemoteApp?

As IT Professionals, we often have a lot of projects on our plates, as do the people we support in our businesses.  These days, remote access to work resources isn't a bonus, it's a requirement.  How do you make sure employees have access to the work resources they need while keeping them secure?

One common solution that's been used for a while now is Remote Desktop Services.  Formerly known as Terminal Services, RDS provides a rich desktop or application experience and has evolved a lot since its debut in NT 4.0.  One of the most useful features of RDS in recent years has been RemoteApp. RemoteApp enables you to make programs that are accessed remotely through Remote Desktop Services appear as if they are running on the end user's local computer. Instead of being presented to the user in the desktop of the Remote Desktop Session Host (RD Session Host) server, the RemoteApp program is integrated with the client's desktop.

When it comes to implementing Remote Desktop Services within Azure, you have two choices:

  1. Implement a full infrastructure like you would do on-prem, with a Session Host, Web Access and Broker server roles. This gives you full control from the OS up and is a potential option if you are looking to lift-and-shift your existing RDS infrastructure into the cloud.
  2. Customize an image to use with Azure RemoteApp.

For that first option, simply lifting and shifting the RDS servers to Azure can give you some quick benefits. In many cases your RDS users are coming from outside your corporate network, thus moving those servers to Azure would relieve your on-prem network connect of that traffic load.  Plus Azure gives you the ability to scale up or scale out with ease - allowing you to adjust to any change in workload without incurring additional CAPEX costs for hardware.

For a great step-by-step guidance on building you own RDS infrastructure in Azure, I encourage you to read Keith Mayer's comprehensive posts Part I and Part 2 of RDS on Azure.

Now for that second option, customize an image to use with Azure RemoteApp, I suggest considering using a customized image because chances are you use more applications than just the Microsoft Office Suite. (If you happen to use just Office 365, there is an image for that already!)  You also have two choices to make within Azure RemoteApp - cloud only or hybrid.  With a cloud collection the data and applications are held in Azure, with no connection to your on-prem network.  With a hybrid collection the data and applications are still hosted in Azure, but also lets users access data and resources stored on your local network. 

With either customized option, you are responsible for the management and maintenance of that image, however that is still less maintenance than managing and maintaining all the servers required for a traditional RDS infrastructure. Plus, Azure Remote app handles all the scaling needs based on the number of subscribers you authorize.

Combine that with the fact that Azure RemoteApp is supported on Windows, Windows RT, as well as on the Remote Desktop apps for Mac, iOS, and Android, and you've got a robust way to let users access resources from any device.

To get started with RemoteApp on Azure, you will need an image which isn't trivial.  If you want to do the hybrid collection you will also need to consider how to sync your on-prem directory to Azure AD, this roadmap can help.  There is also an easy to implement trial that just includes 30 days of Office 2013 Professional Plus, but that trial can't be converted to a production RemoteApp installation after the trial ends.

So what is right for your organization? Only you can say.  But I have my short list of things I'd move to Azure and RDS would be right up there with SharePoint deployments. Hybrid collections provide the most complete experience since user will be able to access on-premises resources like they can with RDS you provide on-prem now.  But cloud collections provide an easy way to isolate your deployment, which could meet at audit requirement or limit access for a specific set of workers.

If you already have a VNET in place with Azure, lifting and shifting RDS might be what you are most comfortable with.  At this writing, RemoteApp can't use an existing VNET, but you can connect the RemoteApp VNET to an existing one if need be.  For more information about Azure RemoteApp, I highly recommend starting with the online documentation.

Tuesday, March 17, 2015

Live Virtual Event Coming Soon on Security & the Cloud

A Look Ahead: Security & the Cloud Virtual Event is streaming LIVE Wednesday, March 25th.  

Industry thought leaders, Microsoft experts and other Microsoft customers will share their perspectives on what’s next for security and the cloud.  Virtual attendees will have access to behind the scenes interviews and the opportunity to download related session materials, take polls, share ideas, ask questions to experts and speakers through live chat and Twitter.

Agenda Highlights:
·       What is the current cybersecurity landscape? Gartner Research Vice President Lawrence Orans will discuss the current state of cybersecurity and analyze trends going forward.
·       Explore real-world approaches. Tom Flanagan, VP of Technology at Alain Pinel Realtors, and Steve Novoselac, Director of Digital Technology for Trek Bicycle Corp., will discuss their experiences with migrating to the cloud and share best practices.
·       Get an insider’s view on fighting cybercrime. David Finn, Executive Director of the Microsoft Cybercrime Center, shows us what Microsoft does today to deter cybercriminals.
·       It’s all about Windows 10! Stephen Rose, Senior Product Marketing Manager for US Windows and Devices and a former IT Pro, will discuss Microsoft’s next-generation operating system and its security features.

·       Learn how to move ahead with the cloud. The cloud provider market is crowded and the process of moving to the cloud can sometimes be daunting. Microsoft’s Dennis Garcia, Assistant General Counsel, will tell you how to choose a trusted cloud provider and share tips and tricks that will make your transition to the cloud successful. 
Register now so you don't forget!

Monday, March 16, 2015

More Online Training!!

Since it's Monday, it seems like a great day to tell you about some more free online training that's coming up from the Microsoft Virtual Academy.
I know how it's hard to find time during the work week, so if you miss the live online times, the on-demand streaming is usually available about 3 weeks after.

Friday, March 13, 2015

Azure Storage Redundancy Options

There are a lot of components that make Azure tick and storage is a big one.  Azure has four types of storage - blobs, files (in preview), table and queue.  Every storage account you create in your subscription has the ability to contain all four types.  In addition to those types, you can pick from four redundancy options:

  • Locally Redundant Storage (LRS)
  • Zone Redundant Storage (ZRS)
  • Geographically Redundant Storage (GRS)
  • Read-Access Geographically Redundant Storage (RA-GRS)

Locally Redundant Storage (LRS) is the  cheapest storage option you can select and the end result will be three synchronous copies of your data within a single datacenter.  The SLA offered is 99.9% availability for read and write functions.  LRS is a good choice for data if you have compliance requirement that dictates your data remain in a specific location.

Geographically Redundant Storage (GRS) is the big brother of LRS.  Data is copied three times within a single datacenter, plus multiple asynchronous copies to a second datacenter hundreds of miles away.  This results in six copies of your data.  By default when you create a storage account, it will be GRS.  You can see what secondary location would be used for your redundant copy in the configuration settings of your storage account.  The alternative copy provides protection against a major datacenter outage or disaster, however you don't have control as to when the secondary copy is made available for access.

Read-Access Geographically Redundant Storage (RA-GRS) is the cool twin of GRS.  It’s the same as GRS, but you have the ability to access the secondary datacenter copy for read access whenever you like.  When you activate RA-GRS, you'll be given a second endpoint URL for access to that copy. Because if this, the SLA for read functions increases to 99.99%.

If you create a storage account with any of the three choices above, you can easily change it after the fact within the storage configuration settings. 

Finally, there is Zone Redundant Storage (ZRS).  Similar to LRS, but the three copies of data are stored across multiple datacenters within or across regions.  It's more durable than LRS and more economical than GRS, but is an option for block blobs only. There is no option to change from ZRS storage to the other options and you will see a warning that ZRS if for blob storage only.  Block blobs are used for VM storage as well as documents, videos, backups - any unstructured text or binary data -  but you can't use the same storage account for table or queue storage.  Still this a great option if you are looking for a little extra durability due to outage, but don't need the full on redundancy offered by GRS or RA-GRS.  Storage accounts used for testing purposes would be good use of ZRS.

In addition to these regular "spinning disk" storage options, you can also try out Azure Premium Storage (in Preview). Premium Storage gives you high-performance, low-latency support for I/O workloads running on Azure VMs.  These persistent disks are backed by SSD.  However, you need to have a premium storage account which can only be created using the Preview Portal and it's currently only in limited regions.  Learn more about Premium Storage here.


If you need to know more about the specific pricing for Azure Storage you can visit the pricing page. Your total cost will depend on several factors, not just the redundancy option you pick.  As you look at the hybrid cloud scenarios for storage, you'll find that the cloud won't be the best location for ALL your data, but storing some data in the cloud can be cheaper than expanding storage devices you already own.  Also, if you missed yesterday's series post on Azure Backup Solutions, check it at http://aka.ms/HybridCloudforITPro.