Spark the future.May 4 – 8, 2015

Chicago, IL

Evolve your Network Infrastructure for Microsoft Azure ConnectivityGanesh SrinivasanMicrosoft Azure Networking

BRK2481

Connecting to the Microsoft Cloud – ExpressRoute

Hybrid scenarios in Azure

Office 365 services and ExpressRoute

Hybrid connectivity design considerations

Microsoft IT and ExpressRoute

Agenda

OPTIMIZED DATA CENTERWell Managed Infrastructure & Applications

CLOUDService OrientedThe

Evolution

Silo-ed Efficiency Host / Collocate

Legacy Application Cost Reduction Re - platform

Legacy / Silo Application NewRequirements

Re - write

Additional Functionality Innovate Expand

New Functionality Scalability Burst out

Cloud Native Application Cloud Capability Cloud Service

Expanding Legacy Platforms

To Modernizing Workloads

Silo-ed Architectures

App 1

ExpansionExpansionExpansion

App 2

Expansion

Expansion

App 3

Expansion

Managing Platforms

Managing Services

On PremisesLegacy

App 1

Silo-edArchitectures

On PremisesPrivate Cloud

LeveragedInfrastructure

App 2

LeveragedInfrastructure

Off PremisesIaaS – SaaS -

PaaS

Services

ServiceOriented

App 3

IdentityApplicationDataOSVirtualizationHWStorageNetwork

Unix Linux

MainframeWindows

X

Owningcompute storag

enetwor

k

ConsumingApp

Resource silo #1

App Resource

silo #2

App Resource

silo #3

* Not meant to be a comprehensive list of all services, for a complete list please visit azure.microsoft.com

APP SERVICES

NETWORKING & AUTOMATION SERVICES

COMPUTE SERVICES DATA SERVICES

So what is Hybrid …

On Premises Private CloudAutomationHealth Monitoring

Site-to-Site VPNPoint-to-Site VPN

Express Route

Azure Web Site

web roles

worker roles

Virtual Machine

s

Azure Mobile

Services

TFS or VS Online

+ GIT

Azure AD

Multi-Factor Auth

Azure Cache

Access Control

BizTalk Services

Media Services

Service Bus

Notification Hub

Scheduler

SANStorage

Spaces/SMB

Server Group #1 Server Group #2

VIRTUALIZATION

COMPUTE,STORAGE &

NETWORKING

Physical Infrastructure (Servers/Storage/Network

ing

DEVICES & FACILITIES

NETWORKING, COMPUTE, STORAGE, APP SERVICES, AUTOMATION, DISASTER RECOVERY, DEV, TEST, UAT, etc.… as a SERVICE

StorSimpleCloud Integrated Storage

Azure Site

Recovery

StorSimple

Virtual Appliance

Backup Service

GalleryOS images

VHD VHD data disk

MySQL database

SQLDatabas

e

SQL Data Sync

HDInsight (Hadoop)

storage queue

storage blob

storage table

Virtual network

Automation CDNAvailability Set

Azure load balancer

Auto-scale

Traffic Manager

File ServerExchangeActiveDirectory

My SQL OracleLOB App Commercial App SQL

APPLICATIONS &

SERVICES JEE App .NET App

System Center

Provisioning Monitoring

Automation & Self ServiceApplication InsightIT Service Management

Hybrid

Hyper-scale

Enterprise

Grade

Connecting to the Microsoft Cloud

The Microsoft Network

85 iXP

4400+ CONNECTIONS TO 1695 NETWORKS

1.4 M

MILES OF FIBER IN OUR DATA CENTERS

4 X

WRAP THE EARTH IN NORTH AMER FIBER

15 B

MICROSOFT CLOUD INVESTMENT

Connectivity Options and Hybrid OfferingsCloud Customer Segment and

workloads

Secure site-to-site VPN connectivity

• SMB, Enterprises• Connect to Azure

compute

Secure point-to-site connectivity

• Developers• POC Efforts• Small scale

deployments• Connect from

anywhere

ExpressRoute private connectivity

• SMB & Enterprises• Mission critical workloads• Backup/DR, media, HPC• Connect to all Azure

services

Internet Connectivity

• Consumers• Access over public IP• DNS resolution• Connect from anywhere

Cloud on your WANTraffic flows directly from customer WAN to MicrosoftReduces complexityLower latency, higher bandwidth and higher availability

Microsoft

WAN

Corp HQ

Branch office 1

Branch office 2

Public internet

Connectivity choices: Internet or Private

IPsec VPN over InternetEncrypted data traverses Internet to reach AzureLimited bandwidth and higher availability

Microsoft

WAN

Corp HQ

Branch office 1

Branch Office 2

Public internet

ExpressRouteMicrosoft

WAN

Corp HQ

Branch office 1

Branch office 2

Public internet

ExpressRoute provides a private, dedicated, high-throughput network

connection to Microsoft

Security

Lower cost

Predictable performance

High throughput

ExpressRoute and Microsoft Clouds

Customer’s network

Customer’sconnection

Partner Edge

Traffic to public IP addresses in AzureTraffic to Virtual Networks

Traffic to Office 365 Services

Microsoft Edge

ExpressRoute Sites and Partners

AtlantaChicagoChicago (Gov Cloud)DallasLANYSeattleSilicon ValleyWashington DCWashington DC (Gov Cloud)*

Sao Paulo

AmsterdamDublin*London

Chennai*Hong KongMumbai*Melbourne*Osaka*SingaporeSydneyTokyo

ExpressRoute PartnersExchange Provider Network Service Provider

Exchange

Publicinternet

Customer site

Microsoft

Customer site 1

Customer site 2

Customer site 3

WANPublic

internet

Microsoft

Hybrid Scenarios in Azure

Dev/test lab BI/big data

Media Productivity apps

Storage, backup, and recovery

Hybrid apps

Dev/test lab BI/big data

Media Productivity apps

Storage, backup, and recovery

Hybrid apps

Azure Site Recovery and Azure Backup

Datacenter

Microsoft Azure

Cloud Bursting

DisasterRecovery

DevTest

Migration

ApplicationAnalytics

Long-term Retention

Backup

Azure Backup

Azure Site Recovery

Azure Site RecoveryRelated sessions

• Azure Site Recovery: Microsoft Azure As a Destination for Disaster Recovery

• Protecting Your VMware and Physical Servers by Using Microsoft Azure Site Recovery

• Managing Storage with Microsoft System Center Virtual Machine Manager: A Deep Dive

• Best Practices for Deploying Disaster Recovery Services with Microsoft Azure Site Recovery

• End-to-End Azure Site Recovery Solutions for Small & Medium Enterprises

• Best Practices for Disaster Recovery for Azure Applications

• Microsoft Azure Migration Roadmap• Migrating to Microsoft: VMware to Hyper-

V and Microsoft AzureESX/

Physical

vCenter

Hyper-V

VMM

On-premises

Hoster Site

Branch Office

ESX/Physical

vCenter

Hyper-V

VMM

ESX/Physical

vSphere

Hyper-V

VMM

ESX/Physical

vCenter

Hyper-V

VMM

On-premises

Hoster Site

Branch Office

ESX/Physical

vCenter

Hyper-V

VMM

ESX/Physical

vSphere

Hyper-V

VMM

StorSimple

Enterprise SAN storage

Inline de-dupe, compression &

automatic tiering

Automated offsite data protection using

cloud snapshots

Highly efficient, location independent

disaster recoveryConsolidated storage

and data management

Data mobility for enterprise data

Applications in Physical or Virtual Servers

StorSimple Hybrid Storage Array

Customer Data Center

Azure Data Center

Linux File Server

VMware Server

Windows File Server

StorSimple Manager

iSCSI

Internet

Azure-based Applications

iSCSI

StorSimple Virtual Appliance

Primary Storage

Archival Storage

Disk-based Backup

Remote Replication

Tape backup and DR

StorSimple

Primary Storage

Archival Storage

Disk-based Backup

Remote Replication

Tape backup and DR

StorSimple

Storage on-premises and compute in Azure

Exchange provider facility

Azure Compute, high-perf storage on-premises

Customer cage

Considerations• Available in ExpressRoute Exchange provider

locations only (not Network Service Provider flavor)

• Price/Performance different from Azure storage• SI might need to be engaged

ExpressRoute

When this makes sense• Compliance• Storage performance (IOPs etc.)• If Azure doesn’t offer desired storage type

(e.g. for SQL clustering etc.)

Dev/test lab BI/big data

Media Productivity apps

Storage, backup, and recovery

Hybrid apps

A Typical Hybrid Deployment

ExpressRoute

Site-to-site

VPN

Internet connectivity

A Typical Hybrid Deployment – SharePoint FarmGanesh Srinivasan

Enable Availability on Demand for SAN-based Hyper-V workloads

Protect Tier 1 Hyper-V workloads to Azure, and benefit from the performance characteristics achieved by placing NetApp storage in an Equinix datacenter

Azure ExpressRoute connectivity to improve throughput between storage and Azure compute.  ASR’s Replication to Azure functionality is used to replicate the OS drives of the Hyper-V workload

ASR’s Array-Based Replication functionality is used to mirror data between on-premises and NetApp Private Storage

Azure Site Recovery + NetApp

Dev/test lab BI/big data

Media Productivity apps

Storage, backup, and recovery

Hybrid apps

Collect and load big dataRelated Sessions

BRK2557-Harnessing the Power of Hadoop: Cloud Scale with Microsoft Azure HDInsight-Lance Olson

BRK2567-Advanced Analytics: Navigating Your Way There-Andrew Brust

BRK3555-Real-Time Analytics at Scale for Internet of Things-Asad Khan; Nishant Thacker

BRK2550-Big Data for the SQL Ninja -Scott Klein

BRK2576-Planning your Big Data Architecture on Azure-Brian Mitchell

BRK3556 - Optimizing Hadoop using Microsoft Azure HDInsight - Rashim Gupta

Interactive

RelationalData

Streamingdata

AutomatedServer logfiles

Azureblob

HDInsight

1001

Dev/test lab BI/big data

Media Productivity apps

Storage, backup, and recovery

Hybrid apps

Azure RemoteApp

Persistent user data

(50GB per user)

Identity options

Authentication

RDP

On-premises network

Subject to IT policy via GP, System Center, or other enterprise management tools

DirSync

User

Elastic runtime

Session hosts

Azure VPNCustom template image

Maintained via Azure Portal

Corporate AppsCorporate apps

Azure Active Directory

LOBFiles

Domain Joined

Azure RemoteApp

Windows Server Active Directory

Related Sessions

• Fundamentals of Microsoft Azure RemoteApp Management and Administration

• Will My App Work on Microsoft Azure RemoteApp

Office 365 And ExpressRoute

ExpressRoute and Office 365

WAN

Corp HQ

Branch office 1

Branch office 2

Public internet

Microsoft Cloud

ExpressRoute

Office 365 Timelines and PartnersLaunch Partners

Other providers soon to follow

LocationsAll Microsoft Regions

General AvailabilityQ3 CY 2015

Supported WorkloadsExchange Online & Exchange Online Protection

SharePoint Online, OneDrive for Business, Office 365 Video, Delve

Skype for Business Online (formerly Lync Online)

Office Online

Power BI and Project Online

Global calling based on Microsoft PSTN offers

Global calling using existing telephony infrastructure

Complete On-Premises PBX replacement for Enterprises of all sizes

Skype For Business Enterprise Voice

Hybrid Scenario Design Considerations

Picking connectivity mode and provider model

Security and Routing Domains Optimizing availability, global connectivity

and performance Quality of Service (QoS)

Planning for hybrid deployments

Picking the right Connectivity Model

ExpressRoute — Provides customer choice and includes access to

all Microsoft Cloud services

Connect via an encrypted link over public internet

Customer Site

Internet / VPN Gateways

Internet-based connectivity

Publicinternet

Microsoft Cloud

Peer at an ExpressRoute location, an Exchange Provider facility

Exchange provider

ExpressRoutepartner location

Publicinternet

Customer Site

Microsoft Cloud

Connection from WAN provided by Network Service Provider. Azure becomes another site on the customer’s WAN.

Network service provider

Customer Site 1

Customer Site 2

Customer Site 3

WAN

Internet

Microsoft Cloud

ExpressRoute Partners

Routing Domains and IsolationInternet

Core Network

Extranet

Internet edge

Customer’s premises

ExpressRoute Circuit

Azure Extranet / Public Peering

Azure Private Peering

Microsoft Peering

Microsoft Cloud

!=

Azure Extranet / Public and Private Peering

Contoso

Exchange

AD/DNS

IIS ServersSQL Farm Proxy/Internet edge

ExpressRoute Circuit

Direct internet trafficCross PremisesInternet bound

Azure service access

Contoso virtual networks/VMs

Azure public services

AD/DNS

Internet

Monitoring

Routing policy is customerchoice

Azure Virtual Network

Virtual Appliances - Firewalls, IDS/IPS, VPNsSecure your virtual networks in Azure

DMZ

IDSIPS

Internet

Cross-premises connectivity

Security at the on-premises edge

ExpressRoute

Availability and Performance

Global Connectivity (ExpressRoute Premium add-on)

• Reach any Microsoft region from any continent with ExpressRoute premium add-on

• Traffic carried over the Microsoft core network• You choose the optimal path – traffic through NSP or through the

Microsoft core network

ExpressRoute

WAN OptimizationSome applications benefit from WAN optimizers

Rich application layer telemetry

Voice, video, data transfers need to be treated differently

Voice and video sensitive to latency and jitter

Classify traffic and tag with appropriate DSCP value

Separate queue each traffic class

Quality of Service

Best Effort

Video and Interactive

Voice

Compliance Certifications

ISO/IEC 27001

HIPAA(Healthcare)

European Union Model Clause

FedRAMP

PCI DSS L1 version 3SOC 1 SOC 2

Criminal Justice Information System

China Multi Layer

Protection Scheme

FIPS 140-2

United Kingdom G-Cloud

Life Sciences GxP Family Educational Rights and Privacy Act

SingaporeMulti-Tier Cloud

Security

Global

United States

Regional ChinaCCCPPF

ISO / IEC 27018

Australian Signals Directorate I-RAP

Assessment

Cloud Security AllianceCloud Security Matrix

Datacenter extension reference architecture diagram

Save time by downloading and using the interactive diagram today from http://aka.ms/derad.

Watch the 45 minute walkthrough video at http://aka.ms/derad-video.

Mouse hovers expose detailed information about each object.

Finding all the information to learn how to extend your on-premises datacenter infrastructure to Azure can be time-consuming.

Mouse clicks on most objects open detailed design or implementation articles about them.

Includes cross Azure subscription and virtual network connections, as well as connecting them to an on-premises network.

ExpressRoute and MSIT

165k+ Users on Office 365 Exchange110+

Modern Apps Delivered

300k System Center managed devices

180k+Users

37kMSIT Servers in On-Prem Data Centers

The Microsoft IT Environment

717Site locations (114 countries)

11%LOB apps run in SaaS or PaaS today

1.2m+Devices hit the Microsoft network 270k

SharePoint Sites in the Cloud

1,300+LOB apps managed by IT

4.5m Remote connections/ month

90kMSFT employees on Yammer

80%LOB apps in Azure in 5 years

160kManaged Windows 8.1 Systems

200k+Unique devices connect to wireless/day

Enterprise First & Best Program

95%In the Cloud, WAP and Azure, in 5 years

21,470Wireless Access Points

2,302Routers

22gbSustained Internet Traffic

7,241Ethernet Switches

12,055Total Managed Network Devices

939SAN Switches

288Firewalls

131Load Balancers

>24M ft2Wireless Coverage

519Wireless Controllers

49,152Strands of Dark Fiber (Puget Sound Campus)

600Managed Circuits

10IT Datacenters

Network Infrastructure Services

IaaS

124PaaS AppsIn Azure

3.5GbsSustained Hybrid TrafficTo Azure

6,000+Azure VMs

3Azure RegionsUsed withExpressRoute

SaaS

445ExpressRouteCircuits to Azure

Commodity

Apps / Svcs

LegacyApps

NewApps PaaS

The Microsoft IT Azure Adoption Story

The Microsoft IT Network

Supported Azure Regions with our Provider Edge (PE) routners

MSIT Data Center with Layer 3 connection to our PE routers

Layer 3 Links

Layer 3 Network

SummaryHybrid Scenarios

ExpressRoute

Related Sessions Azure

Platform Vision and Strategy Overview: Bringing Microsoft Azure to Your Datacenter

Mark Russinovich and Mark Minasi on Cloud Computing Microsoft Azure Regional Strategy: Availability, DR,

Proximity, and Residency Getting Started with Microsoft Azure IaaS Taking a Deep Dive into Microsoft Azure IaaS Capabilities

Networking An Overview of Microsoft Azure Networking Capabilities Introducing Microsoft Azure DNS Azure Network and Datacenter Infrastructure: Enterprise

quality at Cloud Scale Understanding Network Virtual Appliances Virtual Networking and Security in Microsoft Azure Unleashing Microsoft Azure Networking APIs Hybrid Partnerships: Enabling On-Premises Scenarios in

Microsoft Azure Evolve Your Network Infrastructure for Microsoft Azure

Connectivity Office 365

ExpressRoute for Office 365 and other Network Connection Options

Azure Site Recovery and Backup Azure Site Recovery: Microsoft Azure As a Destination for Disaster

Recovery Protecting Your VMware and Physical Servers by Using Microsoft

Azure Site Recovery Managing Storage with Microsoft System Center Virtual Machine

Manager: A Deep Dive Best Practices for Deploying Disaster Recovery Services with

Microsoft Azure Site Recovery End-to-End Azure Site Recovery Solutions for Small & Medium

Enterprises Best Practices for Disaster Recovery for Azure Applications Microsoft Azure Migration Roadmap Migrating to Microsoft: VMware to Hyper-V and Microsoft Azure

RemoteApp Will My App Work on Microsoft Azure RemoteApp Fundamentals of Microsoft Azure RemoteApp Management and

Administration

BigData Harnessing the Power of Hadoop: Cloud Scale with Microsoft Azure

HDInsight Advanced Analytics: Navigating Your Way There Real-Time Analytics at Scale for Internet of Things Big Data for the SQL Ninja Planning your Big Data Architecture on Azure Optimizing Hadoop using Microsoft Azure HDInsight

Visit Myignite at http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above.

Please evaluate this sessionYour feedback is important to us!

© 2015 Microsoft Corporation. All rights reserved.