Microsoft Azure Cloud Services
From On-Premise to the Cloud: How to Make the Transition Smooth and Successful
Moving from an on-premise to a cloud environment can be one of the most challenging scenarios for any organization. Whether you are targeting a multi-cloud scenario (e.g. Azure, AWS, Google Cloud) or just a single cloud such as Azure, understanding the choices and implications can be a complicated and trying process. Our cloud consultants have over 12 years of experience on average with the cloud, cloud technologies and best practices. We have successfully guided numerous organizations through the process of migrating to the cloud and can do the same for you.
We have the experience and expertise to successfully migrate your organization to the cloud. We can assist you in many scenarios, but the following are the most common architectures for our customers:
Cloud-Only Architecture
One of the most efficient scenarios are green fields where you move your entire organization to the cloud. This requires careful planning and due diligence to understand your organization and the applications that you run. Full understanding of these key details and its complexities enable you to address your concerns while planning your successful move to the cloud.
Our technology specialists will work with your key stakeholders to understand your business, challenges, and current technology stack. We use tried and true methodologies throughout this process to introduce your organization to new modern cloud technologies, tools, and techniques. This will enable your organization to transition successfully into the cloud.
Hybrid Architecture (Cloud and On-Premise)
Most organizations choose to maintain an on-premise data center (scaled down) or move “net new” applications and new development to the cloud. This scenario enables an organization to move to the cloud as an incremental approach. This approach enables the organization to gently scale into the cloud, onboard new human resources gradually and re-train existing valuable resources to modern technologies while retaining their key knowledge of their existing business processes and business.
General Blue has strong experience with planning the creation of your subscriptions, setting up Azure AD, enabling MFA for your organization, syncing your on-premise directories with Azure AD.
Syncing on-premise directories requires careful planning and review of your existing identity management ecosystem. Understanding how you authenticate and authorize your users is a process that we can help you understand. As part of our process we will review your existing security controls and help you identify gaps, areas of concern, when planning for cloud deployments and migrations.
Common Questions About Cloud Computing
-
How is the cloud different from on-premise?
On-premise refers to computing resources that are physically located within an organization's own facilities. The cloud, on the other hand, refers to computing resources that are provided over the internet by a third-party provider. The main difference between the two is that on-premise requires an organization to purchase and maintain its own hardware and software, while the cloud allows organizations to rent computing resources as needed.
-
Why is the cloud more expensive for our organization?
While the cloud can be more cost-effective in some cases, it can also be more expensive in others. For example, if an organization has a lot of data that needs to be stored in the cloud, this can be more expensive than storing it on-premise. Additionally, if an organization needs to run a lot of compute-intensive workloads in the cloud, this can also be more expensive than running them on-premise.
-
What is the best application development methodology for applications on the cloud?
There are many different application development methodologies that can be used for applications on the cloud. Some of the most popular include Agile, DevOps, and Waterfall. The best methodology for a particular organization will depend on its specific needs and requirements.
-
How do we allocate our costs to a business unit or department?
Allocating costs to a business unit or department can be challenging in a cloud environment. One approach is to use tags to identify which resources are being used by which business unit or department. Another approach is to use cost allocation reports provided by the cloud provider.
-
How do we migrate from Enterprise Agreement to Microsoft Custom Agreement?
Migrating from an Enterprise Agreement to a Microsoft Custom Agreement can be a complex process. It typically involves negotiating new terms and conditions with Microsoft and updating existing contracts and agreements.
-
How do we track our spend on the cloud?
Tracking spend on the cloud can be challenging due to the dynamic nature of cloud environments. One approach is to use cost management tools provided by the cloud provider. Another approach is to use third-party tools that provide more advanced cost tracking and analysis capabilities.
-
What is the best strategy for deploying to the cloud?
There are many different strategies for deploying applications to the cloud. Some of the most popular include lift-and-shift, re-platforming, and refactoring. The best strategy for a particular organization will depend on its specific needs and requirements.
-
Should we be using Azure DevOps, and is Azure DevOps right for our organization?
Azure DevOps is a powerful set of tools for managing application development and deployment in the cloud. Whether or not it's right for a particular organization will depend on its specific needs and requirements.
-
How do we integrate our existing on-premise network with Azure Virtual Networks?
Integrating an existing on-premise network with Azure Virtual Networks can be challenging. One approach is to use a VPN gateway to establish a secure connection between the two networks. Another approach is to use ExpressRoute, which provides a dedicated private connection between an organization's on-premise infrastructure and Azure datacenters.
-
How do we ensure that the cloud is safe and secure?
Ensuring that the cloud is safe and secure requires a multi-layered approach that includes physical security, network security, identity and access management, data protection, and compliance management.
-
What is the proper encryption strategy?
The proper encryption strategy will depend on an organization's specific needs and requirements. In general, it's important to encrypt data both at rest (i.e., when it's stored) and in transit (i.e., when it’s being transmitted over a network).
-
What is encryption at rest?
Encryption at rest refers to encrypting data when it’s stored in order to protect it from unauthorized access. This typically involves using encryption algorithms such as AES or RSA.
-
Can our applications be converted to the cloud?
In many cases, existing applications can be converted to run in the cloud with minimal modifications. However, some applications may require significant changes in order to run effectively in a cloud environment.
-
What is the migration strategy we should use?
The migration strategy that an organization should use will depend on its specific needs and requirements. Some common migration strategies include lift-and-shift, re-platforming, and refactoring.
-
How do we prevent unexpected costs?
Preventing unexpected costs requires careful planning and monitoring of resource usage in the cloud environment. This can include setting up alerts when usage exceeds certain thresholds, using cost management tools provided by your cloud provider such as budgets and cost analysis reporting.
At General Blue, we provide the following services:
Azure Subscription Planning
Upon reviewing your organization and determining the cloud strategy for your organization, we will step you through the process of setting up your Azure Subscription, enabling cost management strategies, setting up the proper governance within your organization to effectively manage your cloud infrastructure.
Network Planning
Creation of virtual networks, proper Network Security Group (NSG) creation, IP address space allocations, subnet creations, Azure firewall setup and Azure monitoring. Map the proper network structure to support applications, databases, web servers, application servers, FTP servers, file sharing and other applications within your organization. We will standardize your production, non-production, test, development and sandbox environments.
Cost Management
Our experience will guide you through the process of managing your Azure subscription, cost management strategies, resource tagging and other optimization strategies for reducing your Azure cloud costs.
Part of any effective cost management strategy with the Azure Cloud is understanding what Azure resources are running, what Azure resources are billed and are those Azure resources correctly sized (e.g. right sized). Monitoring is a key principle in that strategy and our experience can guide you and assist you in this process, whether it being an initial setup or as part of an ongoing business as usual process.
We will establish the governance required by your organization to effectively monitor your Azure resources and services. We setup the required Azure monitoring to monitor your subscriptions, create budgets, review your charges, alerts (e.g. email, reports) and cost analysis reporting.
Services include:
- Monitoring of Azure Resources, storage, compute, network costs, and VM utilization/usage
- Configuration of Azure Monitor
- Setting up and tracking budgets
- Creating alerts across your subscriptions
- Managing an Azure Subscription (white glove service)
Microsoft Azure Services for the whole ecosystem
Identity Management
Gathering business requirements for teams, managers and executives to ensure business needs are accurately met for enterprise security, Azure Active Directory (AAD), Microsoft Identity Management (MIM), Multi-factor Authentication (MFA), Role Based Access Control (RBAC) and Single Sign-On (SSO).
Workload Analysis
Assessment of current workloads for business applications, databases, and websites.
Network and Security
Network design and implementation for Azure Virtual Networks (VNets), Network Security Groups (NSGs) and ExpressRoute. Setup, deployment and configuration of AAD, MIM, MFA and SSO. Including Windows Server AD synchronization, self-service password management, and modern authentication (e.g. OpenId Connect) and authorization (e.g. OAuth 2.0) for your business.
Microsoft O365 Custom Branding
Custom branding, dashboards, and MyApps for Office 365 and Microsoft Azure for your organization.
Data and Storage
Database design, development, and support for Azure SQL, Redis (In-Memory Db), Azure SQL Data Warehouse/Azure Synapse, Azure Blob Storage, Azure Data Lake(Gen2), Azure Table Storage, and Azure Storage Accounts.
Azure DevOps Planning, Administration and Process Improvement
Going to the cloud provides numerous opportunities and challenges. One of the biggest improvements with adopting Azure DevOps is the ability for your organization to speed up the development process while simultaneously improving the agility of your existing development processes within your organization.
Azure DevOps is a formidable platform providing large and small organizations reliable battle-tested services that accelerate the speed of development while increasing the security of your applications, making your deployments repeatable, reliable and error free.
We can provide the answers to your common questions about Azure DevOps and how you can best integrate it within your organization.
Will everyone in our organization be involved with Azure DevOps?
The answer to this question might surprise you but, everyone in your organization should be involved, your business stakeholders, developers, project managers, senior management, test teams, visionaries, everyone. A key to moving your organization forward with DevOps is getting everyone involved, General Blue will help you setup your Azure DevOps organizations and projects to facilitate that involvement, visibility, and transparency with the process.
What are Azure Pipelines and how do we use them?
Azure Pipelines are the heart and soul of Azure DevOps. It’s the machine that keeps your development processes moving along. Pipelines provide the steady state movement of your development engine within your organization to keep your development sprints, testing and deployments moving at lightning speed, while increasing the velocity at which your organization moves.
We have extensive experience in Azure Pipelines and can guide your organization down a path of success to enable you to incorporate not only the best practices for integrating your pipelines with Azure Git Repos, GitLab, or GitHub. Our package management experts will enable you to make your code reusable and consumed by the pipelines through the use of effective package management, we will guide you through the process of creating your private package feeds whether they be NPM or NuGet.
Our seasoned experts will provide you direction with your development processes and technology selection to get the most out of your pipeline experience.
Another key fundamental use of Azure Pipelines is for Infrastructure as Code (IaC). When moving to the cloud, one of the most important pieces is controlling your costs. IaC pipelines are an important strategy in controlling your costs enable you to spin up and spin down resources as required. There is no reason to leave your development server running 24/7 if you have an 8 to 5 staff.
IaC is much more than controlling your costs, IaC enables you to make your development processes, deployment processes controlled, secure and repeatable. Making your deployments, testing and application releases repeatably are a strong measure of the future success of your development initiatives. Choosing an IaC process and strategy for your organization is important. Are you choosing a multi-cloud scenario? Should you be considering Terraform or Azure Resource Management (ARM)?
We can assist you in the decision of those choices by reviewing your existing DevOps processes, development processes, technology stacks (e.g. C#, Java, Oracle, SQL Server).
Our experts will challenge you to move beyond your existing processes, embrace the cloud and learn the best practices you need to adapt and deliver applications for your organization on the cloud.
What’s the best practice for securing our Azure Repos?
Each Azure repository can be customized to your application and it’s security requirements. Our engineers will assist you in finding the correct branching strategy, permissions, and approval process to ensure you application is seamlessly integrated into your CI and CD pipelines. Securing branches and your pull requests will be configured based on your application requirements. We perform an intensive requirements process to understand your applications needs throughout the deployment lifecycle.
Should we be using YAML pipelines within Azure DevOps?
The answer is “Yes”. The better question is, what is the best way to implement and use YAML pipelines for your Continuous Integration (CI) and Continuous Deployment (CD) processes. How do we have Gated Releases? As part of our process, we will assist you in understanding the fundamentals such as versioning your YAML pipelines, making stages reusable across your repositories and projects.
How important is version management and Git as part of a DevOps process?
It’s probably the most critical part of your DevOps process. Our battle-tested experts will ensure you have your Git repositories setup correctly, branching policies in place and the proper governance to make your organization be a success. Whether you have Java, C#, Perl, PowerShell, SQL Server Scripts, DDL, Node, JavaScript, it’s important your repos are setup properly to not only make sure your code is safe and secure, but that your development process is effective and efficient. We will help you with your branching strategies to ensure you have properly setup your Master, Release, Development, and Feature branches.
Security with Azure DevOps, is it secure?
Securing your source code during your deployment process is mission critical to your organization. We will ensure that your Azure DevOps process is tightly integrated with Azure Active Directory and that the security policies, users and groups are properly configured.
Testing, is it an important part of Azure DevOps?
Testing should be a fundamental part of any good DevOps process and our experts will assist you with understanding Azure Test Plans, how they should be integrated with Azure Pipelines and Azure Boards. Whether or not you use Azure Test Plans, it’s likely you will need to integrate with other test platforms/products (e.g. JMeter, Selenium).
Should we be performing penetration testing? Yes, you should be. It should be part of any testing process and it should be tightly integrated with Azure Pipelines.
Can we deploy our Azure SQL Database as part of a DevOps process?
Yes, but it’s not as common as you might think. One of the less common strategies with organizations are deploying the database changes, updates, testing and upgrades as part of a DevOps process. We will setup and enable your organization to integrate your Azure Pipelines with Azure SQL deployments, migrations and application releases. Whether it is EF Core migrations, DACPAC or other migration and/or upgrade strategies, we can provide guidance and assistance in bringing your pipelines to the future.
Azure App Services
General Blue has extensive experience with Azure App Services, deployment, development, configuration and monitoring.
What are app services and how does it compare to on-premise servers?
The best way to think of App Services is as a replacement for on-premise web and application servers. The strengths of Azure App Services are the reduction in manpower for management and deployment. When running native apps built on modern cloud technologies such as asp.net core, there is no patching, software to install or weekly maintenance required for your applications to run.
How do we secure our Azure App Services?
Security is a key principal in any enterprise or business application. Azure App Services are no exception. Our development and technology staff are experts in security and will ensure we have setup Azure Vault correctly to manage your secrets, keys and certificates properly. As part of any deployment process, your secrets and keys should be removed from your build processes, enabling your applications to connect securely to the resources required to function (e.g. Azure SQL, Cosmos DB, Redis Cache, Azure Storage). We will ensure this is being done properly and we can help you manage the process as part of your on-going workflow and governance.
SSL is important for your web visitors. We will help you with the process of automating your SSL management through our SSL management platform to automate your certificate creation, management and deployment as part of an Azure DevOps Pipeline process.
Why should we use Azure App Services?
Azure App services will enable your organization to deliver new features, critical application updates, impressing your business owners and developers alike. General Blue will enable your organization to embrace Azure App Services so you can increase the velocity of application development lifecycles and improve the quality of your applications and service to your customers. Whether you use Java, .NET Core, PHP, Node.js, Ruby, or Python, you will love Azure App Services.
What is Azure Front Door and why should we use it?
Azure Front Door enables you to offload your TLS/SSL workloads, utilize applications firewalls, and reverse proxy your application servers, including Azure App Services. We have extensive experience with configuring Azure Front Door services with Azure App Services, Azure Storage and other application servers. The process can be complicated, but our experts will enable your organization to deliver the high-quality web content and applications to your customers using a global redundant entry point for your applications around the world. Part of any deployment process is purging the cache of any CDN, either through application cache busting or automation of purging the web content as part of the CI/CD process. Our processes will enable your pipelines to be properly configured to be compatible with Azure Front door, enabling seamless integration with Front Door, so you can provide your customers with a highly satisfying web experience they deserve, no matter where they are in the world.
How can General Blue help with Azure App Services?
Our experts can provide you out of the box solutions for application development, best practices or outsource your application development with cost effective resources. We have the proven track record on Azure App Services to either guide your organization or develop modern web-based applications. To get started, contact General Blue today. One of our technology experts will contact you with a no-hassle experience. We will start by understanding your needs, goals and milestones for success. We will discuss with you our process and recommend how we can help your organization succeed. We are the best at what we do and proud of our success within the industry.
Azure SQL DBA and Development Services
At General Blue, we have on average DBAs with over 15 years of on-premise and cloud DBA experience. Our Azure SQL DBAs have extensive experience with performance tuning, relational database design, deployment (pipeline experience) and application development experience.
It’s on the cloud. Is relational database design important?
Yes, one of the key concepts in cost management on the cloud is performance. The more performant an application performs (or database for that matter), the more cost effective your organization’s deployment on the cloud will be. For example, poor performing queries, large inserts or updates will have a direct impact on your DTU or IO performance on Azure SQL. While it might be tempting to scale up the resources to resolve your performance issues, it will have a direct impact on your costs.
Is data modeling important with Azure SQL?
Yes, data modeling and the database design is critical with Azure SQL. A key aspect of any successful application is the data modeling and database design. It’s the foundation for the application. As we work with business users and stakeholders, we will design your database using our proprietary tools to create you a robust, performant and highly scalable design, exceeding any in-house database design effort. Our technology is designed specifically to be highly performant and scalable when paired with Azure SQL.
How to secure Azure SQL and how can we help?
Securing Azure SQL is important to your organization. The first place to start is the Authentication and Authorization. We highly recommend that Azure SQL be secured using Azure AD, and that no connection strings are stored in your applications. We also recommend that you Vault all credentials, usernames, passwords, etc. As part of any deployment process, make sure no credentials are being stored in your pipelines.
To the second part of the question, we will work with you to understand the data within your organization and its security requirements whether it be for regulatory or government requirements such as HIPAA (Health Insurance Portability and Accountability Act), BAA (Business Associate Agreement), EU Model Clauses and/or to comply with corporate policies and data protection standards. We will help you review your data, determine your encryption at rest options, data masking and data de-identification strategies. We have the expertise to integrate these fundamentals within your organization to protect your business and your customers’ data.
How can General Blue help with Database Design and Development?
Our experts have extensive experience not only with database design, but also with proper development practices for Azure SQL. Some of the most important aspects are proper relational design, denormalization for performance, index creation, sharding your databases, or knowing when to use Azure Storage vs. Azure SQL. Our development DBAs and developers can properly design your Azure SQL databases and data access layers (e.g. NHibernate, EF Core) to properly use the Azure SQL databases.
To get started, contact General Blue today. One of our technology experts will contact you with a no-hassle experience to understand your needs and goals. We will discuss with you the processes and recommend how we can help your organization succeed.
Azure Cost Management
Our team of experts have over 10 years with Azure cost management. We provide comprehensive cost management services for your Azure Subscriptions.
Services include Azure resources review and optimization strategies for reducing your Azure cloud costs.
The monitoring services we provide include monitoring your subscriptions while creating budgets, reviewing your charges, and providing you with alerts and cost analysis reporting.
Services include:
- Monitoring of VM Usage
- Configuration of Azure Monitor
- Setting up and tracking budgets
- Creating alerts across your subscriptions
- Managing an Azure Subscription (White Glove Service)
We create policies and provide the governance for your organization to manage your Azure subscriptions effectively to prevent cloud over-spend.
As part of the process, we will not only track your spend, but we will show you opportunities for cost savings, such as the modernization of your applications, automation of your IaC pipelines, development pipelines, reduction in the data movement between on-premises and Azure regions and optimization of Azure storage.
How can General Blue help with our cost management in Azure?
Our experts can provide you out-of-the-box solutions for cost management and cost saving on Azure Subscriptions, Azure App Services, Azure SQL and network management. We have the proven track record with the gamut of Azure Resources/Services and can guide your organization in management of the cost as well as management of your Azure Subscription. Contact us to request additional information for a no-hassle experience speaking with our knowledgeable experts to determine if we can provide you the assistance you require, please contact us.