businessday okt 2016 - microsoft o365 | azure
TRANSCRIPT
Microsoft Cloud Services - Overview
• Microsoft Data Centers• Office 365• Enterprise Mobility + Security• Azure
100+ Datacenters across 30 Regions (22 Generally Available) Worldwide
Top 3 networks in the world 2.5x AWS, 7x Google DC Regions G Series – Largest VM in World, 32 cores, 448GB Ram, SSD…
Operational
Announced/Not Operational
Central USIowa
West USCalifornia
East USVirginia
US GovVirginia
North Central USIllinois
US GovIowa
South Central USTexas
Brazil SouthSao Paulo State
West EuropeNetherlands
China North *Beijing
China South *Shanghai
Japan EastTokyo, Saitama
Japan WestOsaka
India SouthChennai
East AsiaHong Kong
SE AsiaSingapore
Australia South EastVictoria
Australia EastNew South Wales
India CentralPune
Canada EastQuebec City
Canada CentralToronto
India WestMumbai
Germany North East **Magdeburg
Germany Central **Frankfurt
North EuropeIreland
East US 2Virginia
United KingdomRegionsUnited Kingdom
Regions
US DoD EastTBD
US DoD WestTBD
* Operated by 21Vianet ** Data Stewardship by Deutsche Telekom
Classified as Microsoft General
Outlook Multi-Factor Auth New DLP Policies
Deferred Updates
1TB Cloud Storage/user + 50 GB
Mailbox
GroupsGet through your
email faster
Modern Attachments Shared Notebooks
Office 365
Worry Less Work Easier Work Together
Office Everywhere Skype Meetings
Co-authoring Planner
Classified as Microsoft General
Exchange Online
Manage your business communications across devices,share easily and securely with 50GB mailbox storage per user.
Classified as Microsoft General
OneDrive for Business
Access to all your work and files in one secure, reliable place, with 1TB of cloud storage per user.
Classified as Microsoft General
Skype for Business
Get messaging, audio and video calls, online meetings and sharing capabilities – in one app.
Classified as Microsoft General
SharePoint Online
Classified as Microsoft General
Yammer
Private message with your team, share information and organize around projects.
Classified as Microsoft General
Groups
Collaborate more effectively using a shared inbox, calendar, document library, site, and Yammer feed.
Classified as Microsoft General
Office 365 Video
Capture, share and discover videos from any device.
Classified as Microsoft General
Cross-platform experiences
Familiar, consistent experience across favorite devices makes on-the-go document creation, review and collaboration easy.
Classified as Microsoft General
Planner
Classified as Microsoft General
Bookings
Classified as Microsoft General
StaffHub – Coming Soon
Identity driven Security
ConditionsAllow access
Or
Block access
Actions
Enforce MFA per user/per app
Location
Device state
User/Application
MFA
Risk
User
Protect against User mistakes.
Azure Information Protection
Classify & Label
Protect
How do I control data on-premises and in the cloud
Monitor and Respond
Microsoft Intune
How do I prevent data leakage from my mobile apps?
LOB app protection
DLP for Office 365 mobile apps
Optional device management
Cloud App Security
Risk scoring
Shadow IT Discovery
Policies for data control
How do I gain visibility and control of my cloud apps?
Mobile Device + App Management
Managed apps
Personal apps
Personal apps
Managed appsCorporate data
Personaldata
Multi-identity policy
Personal apps
Managed apps
Copy Paste Save
Save to personal storage
Paste to personal app
Email attachment
Windows Information Protection
DOCUMENT TRACKING
DOCUMENT REVOCATION
Monitor & respond
LABELINGCLASSIFICATION
Classification & labeling
ENCRYPTION
Protect
ACCESS CONTROL
POLICY ENFORCEMENT
Overview
Information protection
Identity-driven security
Managed mobile productivity
Identity and access management
Azure Information Protection Premium P2
Intelligent classification and encryption for files shared inside and outside your organization
(includes all capabilities in P1)
Azure Information Protection Premium P1
Manual classification and encryption for all files and storage locations
Cloud-based file tracking
Microsoft Cloud App Security
Enterprise-grade visibility, control, and protection for your cloud applications
Microsoft Advanced Threat Analytics
Protection from advanced targeted attacks leveraging user and entity behavioral analytics
Microsoft Intune
Mobile device and app management to protect corporate apps and data on any device
Azure Active Directory Premium P2
Identity and access management with advanced protection for users and privileged identities
(includes all capabilities in P1)
Azure Active Directory Premium P1
Secure single sign-on to cloud and on-premises apps
MFA, conditional access, and advanced security reporting
EMS E3
EMS E5
100+ Datacenters across 30 Regions (22 Generally Available) Worldwide
Top 3 networks in the world 2.5x AWS, 7x Google DC Regions G Series – Largest VM in World, 32 cores, 448GB Ram, SSD…
Operational
Announced/Not Operational
Central USIowa
West USCalifornia
East USVirginia
US GovVirginia
North Central USIllinois
US GovIowa
South Central USTexas
Brazil SouthSao Paulo State
West EuropeNetherlands
China North *Beijing
China South *Shanghai
Japan EastTokyo, Saitama
Japan WestOsaka
India SouthChennai
East AsiaHong Kong
SE AsiaSingapore
Australia South EastVictoria
Australia EastNew South Wales
India CentralPune
Canada EastQuebec City
Canada CentralToronto
India WestMumbai
Germany North East **Magdeburg
Germany Central **Frankfurt
North EuropeIreland
East US 2Virginia
United KingdomRegionsUnited Kingdom
Regions
US DoD EastTBD
US DoD WestTBD
* Operated by 21Vianet ** Data Stewardship by Deutsche Telekom
The Big Picture
It’s Hybrid ! It’s SaaS first, then PaaS, the IaaS.
On Premises
You
scal
e, m
ake
resi
lient
and
man
age
Infrastructure(as a Service)
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
Managed by vendor
You
scal
e, m
ake
resi
lient
& m
anag
e
Platform(as a Service)
Scale, Resilience and m
anagement by vendor
You
man
age
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Software(as a Service)
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime Scale, Resilience and m
anagement by vendor
Pizza xample Made home Take & Bake Pizza Delivered Dine Out
By using the SMB Solution Templates.
$return = new-smbazuredeployment -CustomerName gstaescsp1t -CustomerSize small -TenantDomain gstaescsp1T.onmicrosoft.com -credential $cred -sysadminpassword Abcd.1234
Networking
On Premise Network Azure Network Custom Routes
Site2Site VPN Gateway Multi-Site VPN Gateway Vnet Peering
Storage
• Locally redundant storage (LRS). Locally redundant storage maintains three copies of your data. LRS is replicated three times within a single facility in a single region. LRS protects your data from normal hardware failures, but not from the failure of a single facility.
• Zone-redundant storage (ZRS). Zone-redundant storage maintains three copies of your data. ZRS is replicated three times across two to three facilities, either within a single region or across two regions, providing higher durability than LRS. ZRS ensures that your data is durable within a single region.
• Geo-redundant storage (GRS). Geo-redundant storage is enabled for your storage account by default when you create it. GRS maintains six copies of your data. With GRS, your data is replicated three times within the primary region, and is also replicated three times in a secondary region hundreds of miles away from the primary region, providing the highest level of durability. In the event of a failure at the primary region, Azure Storage will failover to the secondary region. GRS ensures that your data is durable in two separate regions.
• Read access geo-redundant storage (RA-GRS). Read access geo-redundant storage replicates your data to a secondary geographic location, and also provides read access to your data in the secondary location. Read-access geo-redundant storage allows you to access your data from either the primary or the secondary location, in the event that one location becomes unavailable.
Storage
Azure Premium Storage delivers high-performance, low-latency disk support for virtual machines running I/O-intensive workloads. Virtual machine (VM) disks that use Premium Storage store data on solid state drives (SSDs). You can migrate your application's VM disks to Azure Premium Storage to take advantage of the speed and performance of these disks.
Back-Up
VM’s
A 0..4 BasicA 0..7 StandardD 1..4 v1D 1..5 v2
F
D 11.14 v1D 11..15 v2G
N
H
VM’s
Provisioning a VM in Azure involves more moving parts than just the VM itself. There are compute, networking, and storage elements :
• A resource group is a container that holds related resources. Create a resource group to hold the resources for this VM.
• You can provision a VM from a list of published images or from a virtual hard disk (VHD) file that you upload to Azure blob storage.
• The OS disk is a VHD stored in Azure storage. That means it persists even if the host machine goes down.
• The VM is created with a temporary disk (the D: drive on Windows). This disk is stored on a physical drive on the host machine. It is not saved in Azure storage, and might go away during reboots and other VM lifecycle events. Use this disk only for temporary data, such as page or swap files.
• A data disk is a persistent VHD used for application data. Data disks are stored in Azure storage, like the OS disk.
• Every VM in Azure is deployed into a VNet, which is further divided into subnets.
• A public IP address is needed to communicate with the VM—for example over remote desktop (RDP).
• The NIC enables the VM to communicate with the virtual network.• The NSG is used to allow/deny network traffic to the subnet. You can
associate an NSG with an individual NIC or with a subnet• Diagnostic logging is crucial for managing and troubleshooting the VM.
SQL
• Scale up with one click
• Accommodate growth and peak workloads
• Pay for what you need, when you need it
5 10 20 50 100 125 250 500 1,000 1,750 4,000
Database transaction units (DTUs)Basic Standard Premium
Intelligent Cloud
Scaleson the fly
Learns & adapts
Works in your environment
Secures & protects
Redefines multi-tenancy
• Threat detection• Anomaly detection• Self-tuning
performance• Actionablerecommendations• A virtual DBA
• One-click scale without downtime
• Pay for what you need, only when you need it
• Guaranteed resources for reliability
• In-memory OLTP and real-timeoperational analytics
• Efficient tenant scaling
• Resource & tenant administration
• Tenant isolation• Pool management
and monitoring tools
• Multiple platformsand languages
• Azure Management Portal, REST APIs, & PowerShell
• Familiar development environments—SQL Serverand Visual Studio
• High availability, data protection & business continuity
• Industry specific regulatory compliances support
• Access control for users• Protection at rest, in
motion, and in use
Business Continuity - Active geo-replication & point-in-time restore
Active geo-replication• One-click configuration • One-click failover • One-click DR drill
capabilities• Low RPO
Point-in-time restore• Automatic backups• Up to 35 days retention
Up to 4 readable secondaries
Compliance
HIPAA / HITECH
FIPS 140-2 FERPA DISA Level 221 CFRPart 11
Section 508 VPAT
European UnionModel Clauses
United Kingdom G-Cloud
SingaporeMTCS Level 3
Australian Signals Directorate
JapanFinancial Services
New Zealand GCIO
FedRAMPJAB P-ATO
ISO 27001 SOC 1 Type 1 & 2 ISO 27018 Content Delivery andSecurity Association
PCI-DSS