3. Cloud Computing Value Proposition
• Pay for what you use
• Quick setup
• Safety
• Scalability
• Redundancy
• High availability
• Reliability
• Focus on concept
4. Microsoft Azure: Market Share
Canalys’ Senior Analyst De Leon said Microsoft’s
incredible growth was due to its ability to convert its
enormous enterprise client base into Azure
customers. Many leading enterprise vendors are
already building on Azure Stack, Microsoft’s
upcoming, on-premises private cloud solution, to
offer hybrid solutions to their customers.
https://www.canalys.com/newsroom/cloud-service-
providers%E2%80%99-battle-drives-worldwide-
cloud-infrastructure-market-42-q1-2017-0
7. Low Priority Virtual Machines (In development)
Borrow and take advantage of unused capacity of
Azure compute at a much lower price, 60% to 80%
discount
However, they can reclaim these VMs at any given
moment due to higher priority allocations
Ideal for interrupt tolerant workloads (Web services,
testing, containers platforms, batch jobs, etc.)
Interrupted tasks automatically return to On-
Demand when necessary and will opportunistically
revert back to Low-priority VM when appropriate
9. Multiple IP addresses on Network Interface Cards (NIC)
More than one (and up to 250) private and public IP addresses are able to be allocated to each NIC
All the private IP addresses will support platform-native features like Network Security Groups (NSGs) and User
Defined Routes (UDRs)
This feature allows hosting multiple websites or services with different IP addresses and SSL certificates on a
single server
Through this feature, micro-services on VMs will be able to use distinct IP addresses, and to benefit from native
functions like NSGs and UDRs without depending on an overlay network
11. Nested virtualization
Available on Dv3 and Ev3 virtual machine sizes. Support expansion to more VM sizes is expected in the coming
months
Allows creating a virtual machine inside a virtual machine
The nested environment provides great flexibility supporting your needs in various areas such as development,
testing, customer training, demo, and more
The nested virtual machine hosts will be used to replace physical Hyper-V hosts, and the individual testing
engineer will have full control over the Hyper-V functionality on their own assigned host in Azure
Allows creating a Hyper-V container with Docker
12. Azure Network Watcher
Simplifies the monitoring and diagnosing of your Azure network
Enables you to take remote packet captures on an Azure Virtual Machine, gain insights into your network traffic
using flow logs, and diagnose VPN Gateway and Connections
14. Managed Disks
When scaling up, you put too many disks in a storage account and potentially exceed the scalability targets of the
storage account (20,000 IOPS, for example), resulting in the VMs being throttled
Managed Disks handles the storage account creation/management in the background
Ensures that the disks of VMs in an Availability Set are sufficiently isolated from each other to avoid single points
of failure (in case each of the storage accounts created for an availability set coincidently share the same fault
domain)
With managed disk snapshots, you can back up your managed disks at any point in time
Easy upgrade from standard to premium
16. Azure virtual machines—announcing large disk sizes up to 4-TB
This extends the maximum size of the disks, for both Premium and Standard storage, from 1,024-GB to 4,095-
GB, and enable customers to add four times more disk storage capacity per virtual machine
This also introduces two new disk sizes in P40 (2-TB) and P50 (4-TB) for both managed and unmanaged
Premium Disks, as well as S40 (2-TB) and S50 (4-TB) for Standard managed disks
17. Azure storage—larger block blobs
The introduction of larger Block Blobs increases the maximum file size from 195 GB to 4.77 TB
This increases the maximum allowable block size from 4 MB to 100 MB, while maintaining support for up to
50,000 blocks committed to a single Blob
This size increase only applies to Block Blobs, and the maximum size of Append Blobs (195 GB) and Page Blobs
(1 TB) remains unchanged
Larger Block Blobs are supported by REST API version 2016-05-31 and later
The increased blob size better supports a diverse range of scenarios, from media companies storing and
processing 4K and 8K videos
18. Azure archive storage (In development)
Archive Storage will be a low-cost cloud storage option for data that's archived and rarely accessed. It will be
highly durable and secure, enabling scenarios such as archiving data that could require it for many years like
medical reports, compliance documents, and exchange mails
Archive storage will offer life-cycle management capabilities of moving between archival, and hot and cool
storage
19. Storage Service Encryption (SSE)
Provides encryption at rest automatically for managed and
unmanaged disks (only blobs and file storage, excluding tables and
queues)
Encryption using 256-bit AES encryption
Available on all redundancy levels (LRS, ZRS, GRS, RA-GRS)
All encryption keys are stored, encrypted, and managed by Microsoft
20. Azure Site Recovery (ASR) between Azure regions (In preview)
Supports the failover of virtual machines
running on the Azure IaaS platform
Create recovery plans and test failovers
between regions, and replicate applications to
any other region without having to deploy
additional software or appliances
21. Azure backup—enhanced security
Secure backups and recover data using cloud backups if production and backup servers are compromised, eithe
on-premises or in Azure
Built on three principles – Prevention (requiring security PIN), Alerting (Email notification) and Recovery (retains
deleted backup data for 14 days)
22. Azure Backup instant file recovery (In preview)
Provides a writeable snapshot of a cloud-based recovery point, which could
be quickly mounted as iSCSI-based recovery volumes. You'll be able to
simply browse through the files using your regular file explorer and copy
them to the destination of your choice
You'll be able to open application files such as SQL and Oracle directly from
cloud recovery-point snapshots as if they are present locally, and attach them
to live instances without having to first restore them
The same feature for Azure Linux VM backups in preview
23. Azure Backup for Windows Server system state (In Preview)
Seamless, secure backups of your Windows Server System State directly to Azure
No need to provision any on-premises infrastructure
Provide a snapshot of your system state including files, active directory settings, and
certification services stored in Azure
25. Azure DevTest Labs
Provides developers and testers a self-service sandbox environment to quickly create and use pre-provisioned
VMs and images (customized by IT Admins and assigned an operation policy per users and per lab)
Solve usual production delays while maintain cost and operation control
28. Azure mobile app
Stay in touch with your Azure resources, quickly diagnose and fix issues, and
even run commands
Available on iOS and Android, soon on Windows
29. Azure App Service Web App on Linux (In preview)
Build applications in a Linux containers for supported application stacks
(Node.js, PHP, .Net Core, Ruby)
31. Azure SQL Database elastic pools
Enables databases to be pooled to maximize the use of resources and save money
You allocate performance resources to a pool rather than an individual database, and pay for the collective
performance resources of the pool rather than for single database performance
Pooled databases consume but don’t exceed the limits of the pool, so your cost remains predictable even if
individual database usage doesn’t
32. Cloud Computing Value Proposition
Azure Cosmos DB (available)/ MySQL (in preview) /PostgreSQL (in preview)
Those fastest growing open source database engines that are being widely embraced by developers are now
offered as a 1st class (by Microsoft) database as a service solution
No need to worry about managing the operating system and database patching, perform manual database
backups, orchestrate recovery, etc.
The differentiating factor is the value added features provided by Azure such as monitoring, backup, SLA,
scalability, pricing, multi-API, etc.
34. Azure Analysis Services
An enterprise grade OLAP engine and BI modeling platform, offered as a fully managed PaaS with the scale
and benefits of the cloud
Transform data into actionable insights with In-memory querying over massive and complex datasets.
Built on the proven analytics engine in Microsoft SQL Server 2016 Analysis Services
37. Azure Role-Based Access Control (RBAC) (In preview)
Enables fine-grained access management by granting only the amount of access users need to perform their jobs
Assign RBAC role to users, groups, and applications at a certain scope (subscription, a resource group, a single
resource)
A role assigned at a parent scope also grants access to the children contained within it.
38. Azure Active Directory pass-through authentication (In preview)
Enables users to login to cloud resources
by validating their password against their
on-premises local Active Directory without
storing passwords or even password
hashes in the cloud, which might be a
security or compliance policy requirement
for their organization
No need to modify corporate network
infrastructure or install products such as
AD FS or similar third-party federation
solutions
40. Azure Active Directory B2C
A comprehensive identity management solution for your consumer-facing applications
Easily integrated to any platform and accessible from any device
Highly available global service, supports hundreds of millions of consumer identities
Allows Azure Multi-Factor Authentication in your consumer-facing applications
With minimal configuration, Azure AD B2C enables your application to authenticate:
Social Accounts (such as Facebook, Google, LinkedIn, and more)
Enterprise Accounts (using open standard protocols, OpenID Connect or SAML)
Local Accounts (email address or username and password)
41. Azure managed applications (In preview)
Managed Applications provide a powerful new way for Managed Service Providers (MSPs) and Independent
Software Vendors (ISVs) to sell managed services to Microsoft customers
It enables MSPs and ISVs to deliver turnkey solutions, managed by the partner, through the Azure Marketplace
This means that the customers don’t have to invest in building the application specific domain knowledge, which
would have been needed to service these applications. It enables customers to automatically acquire application
updates without having to worry about troubleshooting and diagnosing issues with the application
It enables vendors to bill customers using Azure's billing system and use templates to manage the lifecycle of
deployed applications
Managed applications are self-contained and sealed for the customer. This means that the resource group where
the resources will be provisioned are “locked” for the customer. As a result, customers cannot delete or make
changes to the resources in this resource group
43. Azure Security Center
Helps you prevent, detect, and respond to security threats by offering increased visibility into and control over
the security of your Azure deployments
Our security research and data science teams are constantly monitoring the threat landscape and adding new
or enhancing current detection algorithms. Azure Security Center customers benefit from these innovations as
algorithms are continuously released, validated, and tuned
Define policies for your Azure subscriptions according to your company’s cloud security needs, tailored to the
type of applications or sensitivity of the data in each subscription. Use policy-driven recommendations to guide
resource owners through the process of implementing required controls—take the guesswork out of cloud
security.
46. Azure Monitor
Provides base level infrastructure metrics and logs for most services in Microsoft Azure in a central source
Provides all the vital monitoring telemetry including platform- and service-level metrics and logs, giving you the
ability to configure alerts to take intelligent actions on that data
1 Password synchronization with single sign-on.
2 Pass-through authentication and single sign-on.
3 Federated single sign-on with AD FS.
4 AD FS can be integrated with your enterprise PKI to allow sign-in using certificates. These certificates can be soft-certificates deployed via trusted provisioning channels such as MDM or GPO or smartcard certificates (including PIV/CAC cards) or Hello for Business (cert-trust). For more information about smartcard authentication support, see this blog.
1 Password synchronization with single sign-on.
2 Pass-through authentication and single sign-on.
3 Federated single sign-on with AD FS.
4 AD FS can be integrated with your enterprise PKI to allow sign-in using certificates. These certificates can be soft-certificates deployed via trusted provisioning channels such as MDM or GPO or smartcard certificates (including PIV/CAC cards) or Hello for Business (cert-trust). For more information about smartcard authentication support, see this blog.