Cloud orientation and context setting
Microsoft IT history and early cloud efforts
Revised IT cloud strategy and approach
Cloud infrastructure influences and challenges
Changes to IT philosophy and investments
Additional insights and learnings
What is the cloud?
We like the definition offered by the National
Institute of Standards and Technology (NIST)
Cloud computing is a model for enabling
convenient, on-demand network access to a shared
pool of configurable computing resources (such as
networks, servers, storage, applications, and services)
that can be rapidly provisioned and released with
minimal management effort or service provider
interaction. This cloud model promotes availability
and is composed of five essential characteristics,
three service models, and four deployment models.
—National Institute of Standards and Technology
Characteristics of cloud computing
On-demand self service
Broad network access
Resource pooling
Rapid elasticity
Measured service
Delivers capacity in seconds or minutes through a specialized web interface
Supports many devices such as mobile phones, tablets, laptops, and workstations
Provides immediate access to thousands, and potentially hundreds of thousands, of servers
Allows you to effect changes immediately to save money with two scenarios:
Outside in: Threshold-based scaling (up and down) with limits
Inside out: API-based scaling (up and down) with limits
Provides you with the means to improve CPU utilization and save money with
pay by the minute, which improves operational metrics and cost accounting
Source: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
180K+ end users
This includes
servers, user PCs
and mobile devices
Windows Phone,
iOS and Android
devices
Presence in over
114 Countries
Sales team works
60% mobile
Enabling mobility
and productivity
100K+ 1.1K+
Employees
LOB apps
managed by IT
2M
150K
513
80K
20K
All new
development
and next gen
apps
Traditional apps
moving to private
cloud and Azure
IaaS
Multiple
traditional
identity
environments
Federated cloud
identity and
strong auth
model
Migrated 3K users
per month
Online sites
growing 4%
and on-prem
declining at 25%
3% Monthly Lync
call volumes
growth
30%
27K
11
1
140K
270K
7.9M
LOB apps run
on Azure PaaS
Simplification
efforts reducing
app portfolio
at 5% per year
Production
IaaS VMs
Devices hit the
Microsoft
network
Active Directory
forests
Devices sync
via EAS
Azure Active
Directory
tenancy
Site locations
Users on Office
365 Exchange
Consecutive
remote
connections
SharePoint sites
in the Cloud
Surface devices
on the network
Lync calls/month
Our journey toward cloud readiness
Application Reduction
First mover
advantage
provides:
2,490
1,667
FY08
FY09
Machine Virtualization
 Improved
ROI and
efficiency
1,443 1,355
1,290
FY10
FY11
FY12
1,200 1,105
FY13
FY14
 Relative
competitive
advantage
59%
59%
FY12
FY13
62%
49%
35%
FY10
FY11
FY14
Percentage of apps in cloud
80
50
New strategy
30
20
15
0
2010
5
1
3
2011
2012
Original projection
5
2013
Revised projection
10
2014
2015
Microsoft IT’s hybrid cloud architecture and strategy
New IT reality
Implementation
Cloud Enablement Areas
1. Connectivity
2. Security
3. Manageability
4. Identity
Workload placement
Cloud Adoption Workstreams
1. Portfolio assessment
2. Datacenter rationalization
3. Application modernization
4. Legacy migration
Top Down—Modernize app portfolio
•
•
•
Bottom Up—Vacate specific infrastructure
•
•
•
Not mission critical
Mission critical
No regulatory exposure
Regulatory exposure
Low-impact content
High-impact content
Not cross-premises
Commodity monitoring needs
Custom app integration
Moderate database sizes
Cross-premises
Complex monitoring needs
Packaged app integration
Large database sizes
32 evaluation criteria, based on six evaluation aspects
SERVICES
OUTCOMES
CLOUD
ANALYSIS
• Faster and better decisions on adoption
• Service providers anticipate cloud needs
ACCELERATE
CLOUD
GUIDANCE & ARCHITECTURE
• IT has the knowledge required
• IT has mitigation plans for inhibitors
SIMPLIFY
CLOUD
ENGAGEMENT & REPORTING
• IT is the reference customer
• IT adjusts efforts based on progress
SHOWCASE
Moving big and critical apps—It can be done!
Migrating Microsoft IT apps to the cloud
3%
Vast majority of IT applications and services
are moving to the public cloud
• 30% of apps have already migrated to Azure PaaS
• Most of the remaining applications meet requirements
to move to public cloud IaaS in Microsoft Azure
• A small population will remain in private cloud
• 3% estimated to remain on dedicated hardware
30%
67%
IaaS Eligible
PaaS Redesigned
Dedicated Hardware
Cloud
• Abstracted from physical
network and topology
• E/W to N/S traffic shift
• Tenant control of network
• Commodity, not custom
Data
• Large volumes gathered for
product engineering and sales
• Increased amount of data
sharing between entities
• Frequent data movement
Business Pressures
•
•
•
•
•
Increase agility and delivery speed
Decrease complexity and cost
Provide a consistent quality of service
Enable new and emerging markets
Support outsourcing and partnerships
Cyber Threats
• Protecting our customers – Encryption in flight and at rest,
limited admin models, multi-tenant isolation, etc.
• Protecting ourselves – Strong authentication, edge controls,
internal sub-segmentation, attestation/auditing
• Detection versus prevention philosophy (active/passive)
Mobile
• Productivity from anywhere
• Devices “always connected”
• Network path between source
and destination not controlled
• Demand for rich experiences
Social
• People hop between personal
and professional identities
• Personal devices contain
corporate data and vice-versa
• Unmanaged apps/services
Modern Devices
• Proliferation of networked devices in the corporate
environment – BYOD, IoT, etc.
• Many operating systems, personal applications/data, and noncorporate identities
• Wireless connectivity – WLAN, cellular, etc.
Network Ecosystem
•
•
•
•
IPv4 address depletion
IPv6 enablement – Clients IPv6 only; Services dual-stack
Security requirements are driving network design changes
Service level rationalization/standardization - Availability,
capacity, performance, etc.
IT infrastructure past – Network centric
Microsoft Azure
Hybrid Cloud Edge
(Far)
Office 365
Emerging Cloud
Services
Pure Cloud Edge
Internet Connected Offices
Distributed
Internet Edge
Home Offices
PUBLIC INTERNET
Mobile
New Internet Edge
O365 Default
Route
Cloud Storage
Edge
Modern Devices
MSFT Internet
(DMZs and Direct Peerings)
Hybrid Cloud Edge
(Near)
Traditional
Internet Edge
MSFTOPEN
Inbound Corp Edge
Microsoft Corporate
Intranet
High Security Edge
High Value Assets
IT infrastructure present
Mobile
Devices
Microsoft Azure
Public Services
Home/Remote Users
Microsoft Azure
Private Services
Office 365
Azure MSEE
INTERNET
To Azure Compute,
Database, Mobile, Storage,
Visual Studio Online, etc.
IT Customer/
Provider Edge
L3 Multipoint VPN
Default Route
Internet
Peering
Exchange
Provider
Peering
Edge Security
Internet
Peering
Edge Security
Server Internet Edge
Edge Security
Cloud Private
Edge
User Internet Edge
(Default Route)
Datacenter
Core
Datacenter
LANs
Office Building
Campus
On-Premises Datacenter
IT infrastructure permutation (interim)
Microsoft Azure Private Services
Public Internet
Azure MSEE
IT Customer/
Provider Edge
Cloud Private Internet Edge
(Managed Outbound,
Secure Inbound)
Edge Security
External
Service
Endpoints
L3 Multipoint VPN
Load Balancers
Azure Private Routes
Exchange
Provider
Peering
Scoped Internet Route
Exchange
Provider
Peering
Internet
Peering
Secure NAT
Egress
Extranet Frontend
Edge Security
Edge Security
Datacenter Core Network
Corporate Datacenters
Corporate to
Extranet
Policy
Boundary
Extranet Datacenters
IT infrastructure prospective (future)
Partner Location
Remote Office
Home Office
Emerging/
Future Cloud
Services
Microsoft
Office 365
Microsoft
Azure
Public Internet
Remote Services
(Inbound)
Intranet Services
(Bidirectional)
Internet Services
(Outbound)
Cloud Public Services
(Outbound)
Enterprise Access
Wired
Wireless



Remote
Cloud Private Services
(Bidirectional)
Enterprise Services
 Integration
Authorization
 Security
Connectivity
 Support
Identity
Enterprise
Transport
Clients and Devices
On-Prem Datacenters
On-Prem Labs
Services POPs
Recommended - http://msdn.microsoft.com/en-us/library/dn568099.aspx
Traditional way
Cloud/Modern way
Network latency sensitive and
connections fragile
Designed for a specific
physical topology
Network latency tolerant
and connections resilient
Cloud federated and
portable identities
Scale-up services
Assume local connectivity
Scale-out services
Assume Internet connectivity
Stateful services
Service tier composition
Stateless services
Client tier composition
Failover Clustering for
high-availability (HA)
Maintenance inhibited (Dependency
on single instance)
Scale-out application
instances for HA
Migrate users between instances
to perform maintenance
XML serialization
Open connections (Synchronous)
JSON serialization
Fan out DB queries
SOAP interfaces
Chatty
RESTful interfaces
Chunky
Hardware dependencies for BC/DR
No caching
Hardware independent BC/DR
Optimized caching
Inside-out monitoring
(Infra-oriented)
Single DB queries
Outside-in monitoring
(Service-oriented)
Decoupled communication
(Asynchronous)
Reliant on geographic location
Single DB tables
Independent of geographic location
Sharded tables
On-premises directory authentication
Manual operations (ITOps)
Designed for a logical topology
Scripted operations (DevOps)
Cloud opportunities and realizations
1.
Moving to the
cloud is both a
business and
technical
decision
2.
One size does
not fit all
3.
Take advantage
of the
opportunity
to redesign
4.
Look at all
environments
for cost savings
5.
IT personnel must adapt to roles and
grow skills relevant to the cloud
“Evolution of the IT Pro”
Automation and
curtailing investment
in traditional services
will free up resources
Freed resources
can evolve toward
new skills
“Pioneers” of the new
era will bring others
along, accelerating
skills transformation
Commoditized skills
“The IT Pro’s Dynamic Operations Role Within DevOps”
Strategic skills for the new era
Rethinking core IT functions to remain relevant
Function
Traditional Way
Modern Way
Administration
Centralized
Decentralized
Compliance
Control
Verify
Service Levels
Singular
Selectable
Standards
Decreed
Defined
Support Agreements
Fixed
Flexible
Microsoft
Azure
Dynamics
Online
Centralized IT
Functions
• Fundamentals
• Compliance
• Management
• Sourcing
• Support
Office 365
Private Cloud
Visual Studio
Online
Hosted
Cloud
New and radically different
traffic patterns
Need for hybrid drives
proliferation of edges
Lack of control and visibility
to cloud network use
Inter-organization
dependencies without aligned
priorities
Legacy policies and solutions
are often not practical or
possible
Customized and tightly
coupled app and infra
architectures
Reluctance to abandon
existing processes and tools
Immature security partner
ecosystem and technology for
Azure
Lack of documentation and
understanding of many apps
Fear of failure and the
unknown
Increasingly Internet-facing
presence
Parallel development conflicts
and duplication
Show people how they fit in
with cloud
Discourage “all or nothing”
attitudes
Reward positive change and
smart risks
Limit legacy investment ASAP
Direct all/most new
investment to cloud
Reallocate, reassign, retrain,
and reuse still viable
resources
Demonstrate the value of
agility and flexibility
Translate IT requirements
from solutions to capabilities
Shift preference from cost
savings to cost avoidance
Do not seek absolute parity
or perfection
Start with areas of maximum
value for minimal investment
Encourage adoption at the
stage of “good enough”
Date/Time/Location
Speaker
Title
Monday
1:30pm – 2:45pm
E353
Brian Harry
DevOps as a strategy for business agility (FND2702)
Monday
3:15pm – 4:30pm
N426
Ganesh Srinivasan
Evolve Your Network Infrastructure for Microsoft Azure Connectivity
(BRK2481)
Monday
3:15pm – 4:30pm
S103
Kathleen Wilson
Niels Nijweide
Azure Operations: Enabling IT Organizations to Leverage Microsoft Azure
(BRK3475)
Tuesday
5:00pm – 6:15pm
N427
Matthew Kerner
Jeffrey Cohen
Azure Network and Datacenter Infrastructure: Enterprise quality at Cloud
Scale (BRK2462)
Wednesday
9:00am – 10:15am
S502
Yu-Shun Wang
Understanding Network Virtual Appliances (BRK2460)
Thursday
3:15pm – 04:30pm
S106
David Chappell
Microsoft Azure for Enterprises: What and Why? (BRK1451)
Date/Time/Location
Speaker
Title
Monday
1:30pm – 2:45pm
S106
David Lef
Turning the Infrastructure Inside Out and IT Practices Upside
Down: Microsoft IT's Cloud Adoption
Thursday
3:15pm – 4:30pm
S401
David Johnson
Alfredo Mogollan
Kimmo Forss
The Microsoft IT Portals Journey, On-Premises to Office 365
Thursday
5:00pm – 6:15pm
E450
Robert Van Winkle
How Microsoft IT Deploys Windows 10
Friday
10:45am – 12:00pm
S104
Chris Slemp
The Microsoft Enterprise Social Journey: How We Did It
Friday
12:30pm – 01:45pm
Laura Hunter
How Microsoft IT Manages Identity in a Hybrid Cloud World
Date
Location
Time
Title
Monday
Microsoft on
Microsoft
Theater
12:35pm – 12:55pm
IT Showcase: How Microsoft Does IT
6:50pm – 7:10pm
How IT Orgs Can Help Drive Office 365 Adoption
7:20pm – 7:40pm
Is Your Culture on a Collision Course with Open Collaboration?
7:50pm – 8:10pm
Who Moved My Provolone?
How the Cloud is Reshaping the Fabric of Microsoft IT
Tuesday
12:05pm – 12:25pm
Accelerate Adoption and Increase Employee Productivity
Wednesday
11:35am – 11:55am
Microsoft IT on Getting Ready for Windows 10 Deployment
2:50pm – 3:10pm
Enterprise IT and the Cloud Provider Networks:
Where Do They End, and Where Do They Start?
Office Theater
11:35am – 11:55am
Microsoft IT on SharePoint Adoption and Governance
Microsoft on
Microsoft
Theater
11:35am – 11:55am
5 Things IT Pros Need to Know About Power BI
12:05pm – 12:25pm
Building a Cloud Roadmap
2:50pm – 3:10pm
15 Windows 10 and Office 365 Tips in 15 Minutes
Thursday
microsoft.com/ITShowcase
http://aka.ms/CloudArchitecture







http://myignite.microsoft.com
© 2015 Microsoft Corporation. All rights reserved.