SlideShare a Scribd company logo

Mastering the move

Trivadis, profile picture
Trivadis

Konrad Brunner discusses keys to consider when moving to next generation databases in the cloud. ARM templates are key for defining infrastructure as code and managing infrastructure together with applications. Automation is key for streamlining deployments, scaling resources, and saving money. Identities, network configuration, and application management are also important to consider for security and governance when adopting next generation databases in the cloud.

Technology
1 of 35
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Next generation databases Mastering the move Grüezi | Willkommen | Bonjour | Welcome | Velkomst Konrad Brunner Senior Consultant
About me 2 7.11.2018 • Working for Trivadis since 3 years • 30 years IT experience • from Unix to Windows • from Token Ring to Ethernet • from Java to C# • from host to client-server • from local to global • from on-premises to the cloud Next generation databases
Next generation databases3 Keys to master the move are … 7.11.2018
ARM Templates are key for ... Next generation databases4 7.11.2018 … software defined data centers (SDDC) and infrastructure as code (IAC) ■ Allows you to define complete data centers as code ■ Allows you to manage the state of your data centers in source control tools ■ Allows you to manage infrastructure together with the applications ■ Enables you to revise your state ■ Allows collaboration with partners ■ Allows you to achieve IT as a service
Automation is key to ... Next generation databases5 7.11.2018 … separate security in your datacenter ■ Allows you to streamline authorities along test, integration and production environments ■ Scripted deployments already starting when you move from test to integration ■ Allows you to work certificate based ■ Allows you to easily scale ■ Allows you to switch between regions ■ Allows you to securely integrate new resources into your existing secure infrastructure
Automation is key to ... Next generation databases6 7.11.2018 … save money ■ … by streamlining the lifetime of resources ■ Some resources in Azure you can’t just stop • SQL Database ■ The automation of the deployment and undeployment allows you to stop also these once ■ …by automating and making the deployment processes faster
Automation and ARM templates are key for ... Next generation databases7 7.11.2018 … DevOps with integrated security ■ Allows you to automate tasks in the Continuous Integration and Continuous Delivery pipelines ■ Together with Azure DevOps Services you have a fully secure and agile platform over the entire DevOps Process ■ Everything running under one single secure identity
Identities are key to ... Next generation databases8 7.11.2018 … expand your existing security to the cloud ■ Seamless integration of all resources into your existing secure infrastructure ■ Azure B2B is your friend for partner identities ■ Azure B2C is your friend for customer identities
Network is key for ... Next generation databases9 7.11.2018 … performance and stability ■ The right bandwidth ■ VPN up to 1.2 Gbps ■ Express route up to 10 Gbps ■ The best latency ■ West Europe <25ms ■ Switzerland North <5ms ■ Secure connections to your database ■ VLANs ■ Firewalls
Application Management is key for... Next generation databases10 7.11.2018 … security and governance ■ Secure the access to applications ■ Supports on- and off-boarding of users ■ Single Sign On into the entire world ■ Manage application access over the company boundaries
KeyVault is key to … Next generation databases11 7.11.2018 … enter next level of security ■ Secure store for keys, credentials and certificates ■ BYOK ■ Allows a centralized management ■ Allow the process identity access to the key vault to get secure information at runtime ■ No need to store connection strings in code or config files any more
Next generation databases12 Demo 7.11.2018
Automation Demo Next generation databases13 7.11.2018 ■ Subscription ■ AD Application ■ Azure Active Directory ■ Certificate based service principal ■ Key Vault ■ Automation Account ■ Runbook ■ Storage Account ■ Webhook POST https://github.com/TVDKoni/ARM-Base-Templates
Next generation databases14 Resource Manager and ARM templates 7.11.2018
Resource Manager Next generation databases7.11.201815 15
Azure Resource Manager provides Integration Component Application Lifecycle Containment – Deployment, update, delete and status Declarative solution for Deployment – “Config as Code” Grouping – Metering, billing, quote: applied and rolled up to the group Consistent Management Layer Access Control – Scope for RBAC permissions Next generation databases7.11.201816
ARM Templates can: • Ensure Idempotency • Simplify Orchestration • Simplify Roll-back • Provide Cross-Resource Configuration and Update Support ARM Templates are: • Source file, checked-in • Specifies resources and dependencies (VMs, WebSites, DBs) and connections (config, LB sets) • Parametrized input/output Instantiation of repeatable config. Configuration  Resource Group Power of Repeatability SQL - A Website Virtual Machines SQL-A Website [SQL CONFIG] VM (2x) DEPENDS ON SQLDEPENDS ON SQL SQL CONFIG 17
Next generation databases18 Azure Automation 7.11.2018
Automation key services Next generation databases19 7.11.2018 ■ Azure Active Directory ■ AD Application ■ Subscription ■ Certificate ■ Key Vault ■ Automation Account ■ Runbook ■ Storage Account ■ Webhook ■ LogicApps ■ Desired State Configuration POST
Automation Account Next generation databases20 7.11.2018 Automation Account LogicApps
LogicApps Next generation databases21 7.11.2018
Security 7.11.2018 Next generation databases22
One Identity, on-premises and in the cloud Next generation databases23 7.11.201823
Microsoft Azure Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 20+ Data Centers Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance 24
Transparency Next generation databases25 7.11.2018 ■ Security & Compliance Center ■ Service compliance reports like Azure - ISO 27001 and ISO 27018 Audit Assessment Report ■ Trust documents provided by Microsoft ■ Shared GDPR and ISO Assessments ■ Law Enforcement Requests Report → 25
Next generation databases26 7.11.2018 Network
Microsoft Azure External Connectivity Options 7.11.2018 Next generation databases27
Connectivity pricing 7.11.2018 Next generation databases28
VPN GW S2S and ExpressRoute coexistence VPN gateway allows you to have Site-to-Site (S2S) VPN connectivity to a Virtual Network that also has a gateway connected to an ExpressRoute circuit. This enables new connectivity scenarios: You can now use S2S VPN tunnel as a backup for your ExpressRoute connection. You can connect branch offices that aren’t part of your WAN to your Azure virtual networks that are also connected via ExpressRoute. You can have Point-to-Site connections to the same Virtual Network that is also connected via ExpressRoute enabling dev/test and mobile worker scenarios. 7.11.2018 Next generation databases29
Next generation databases30 7.11.2018 Other keys
Naming Convention Next generation databases31 7.11.2018 Max length hostname Max length Storage Account name Character 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Name Area D Main resources Production Environment Subscription t v d 2 0 a b a tvd20aba Resource Group t v d 2 0 a b a p r s g 0 0 1 tvd20abaprsg001 Virtual Network t v d 2 0 a b a p n g w 0 0 1 tvd20abapngw001 Virtual Machine t v d 2 0 a b a p s r v 0 0 1 tvd20abapsrv001 Storage Account t v d 2 0 a b a p s t g 0 0 1 tvd20abapstg001 Test Environment Subscription t v d 2 0 a b a t tvd20abat Resource Group t v d 2 0 a b a t r s g 0 0 1 tvd20abatrsg001 Virtual Network t v d 2 0 a b a t n g w 0 0 1 tvd20abatngw001 Virtual Machine t v d 2 0 a b a t s r v 0 0 1 tvd20abatsrv001 Dependent resources VM Public IP t v d 2 0 a b a p s r v 0 0 1 p i p tvd20abapsrv001pip VM Disk t v d 2 0 a b a p s r v 0 0 1 v h d tvd20abapsrv001vhd Vm Network Interface t v d 2 0 a b a p s r v 0 0 1 n i c tvd20abapsrv001nic VM Public IP 1 t v d 2 0 a b a p s r v 0 0 1 p i p 0 1 tvd20abapsrv001pip01 VM Public IP 2 t v d 2 0 a b a p s r v 0 0 1 p i p 0 2 tvd20abapsrv001pip02 I JHA B C E F G
Central Registries Keys, Certificates, Passwords and other stuff can have an expiry date Start manage these changes from the beginning – Information about – Expiry date – Change procedure Use KeyVault where ever possible 7.11.201832 Next generation databases
Costs 7.11.201833 Next generation databases
Fun is key for ... Next generation databases34 7.11.2018 … the future ■ Fun promotes innovation ■ Fun promotes productivity ■ Fun finds and holds talents ■ Why it makes fun? ■ It’s easy ■ It’s stable ■ It’s modern ■ It works from everywhere
Thank you Konrad Brunner Senior Consultant Tel. +41 79 960 61 49 7.11.2018 Next generation databases35

More Related Content

PDF
Trivadis - Microsoft Swiss Cloud Services
Trivadis
 
PDF
Trivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis
 
PDF
Database Modernization
Trivadis
 
PPTX
Microsoft Azure Stack in Tunisia
Aymen Mami
 
PPTX
Lenovo Servers and Microsoft Azure: the future of the stack
Lenovo Data Center
 
PDF
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Trivadis
 
PPTX
Xpress azure - Extension of Azure in Tunisia
Aymen Mami
 
PPTX
Building Cloud Apps using Azure SQL Database
WinWire Technologies Inc
 
Trivadis - Microsoft Swiss Cloud Services
Trivadis
 
Trivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis
 
Database Modernization
Trivadis
 
Microsoft Azure Stack in Tunisia
Aymen Mami
 
Lenovo Servers and Microsoft Azure: the future of the stack
Lenovo Data Center
 
Azure Days 2019: Business Intelligence auf Azure (Marco Amhof & Yves Mauron)
Trivadis
 
Xpress azure - Extension of Azure in Tunisia
Aymen Mami
 
Building Cloud Apps using Azure SQL Database
WinWire Technologies Inc
 

What's hot (20)

PDF
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Trivadis
 
PDF
Norway VMUG Tour - The Architecture Behind Policy-Driven Data Protection - A ...
Chris Wahl
 
PPTX
Market Trends in Microsoft Azure
GlobalLogic Ukraine
 
PPTX
Cloud Camp: Infrastructure as a service advance workloads
Asaf Nakash
 
PPTX
azure synapse analytics end-to-end solution-hands-on at 20200728
Daichi Isami
 
PDF
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
VMUG IT
 
PDF
Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas
OpenStack
 
PPTX
Enterprise Hadoop in the Cloud. In Minutes. | How to Run Cloudera Enterprise ...
Cloudera, Inc.
 
PDF
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Trivadis
 
PDF
Linux en Microsoft Azure Global Azure Lima
Germán Cayo Morales
 
PPTX
Azure synapse analytics overview elasta cloud3
Richard Conway
 
PDF
Loading Data into Azure SQL DW (Synapse Analytics)
Antonios Chatzipavlis
 
PPTX
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
PPTX
Azure Storage – Foundation for Building Secure, Scalable Cloud Applications
Microsoft Tech Community
 
PDF
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Big Data Spain
 
PPTX
What do you need to know to scale your business to China using Microsoft Azure
Asaf Nakash
 
PDF
By Popular Demand: The Rise of Elastic SQL
NuoDB
 
PPTX
Leverage Azure Blob Storage to build storage intensive cloud native applications
Microsoft Tech Community
 
PPTX
Extending On-Premise Infrastructure To Cloud
Lai Yoong Seng
 
PPTX
Azure IaaS Tanıtım - Uzun Anlatım
Mustafa
 
Azure Days 2019: Grösser und Komplexer ist nicht immer besser (Meinrad Weiss)
Trivadis
 
Norway VMUG Tour - The Architecture Behind Policy-Driven Data Protection - A ...
Chris Wahl
 
Market Trends in Microsoft Azure
GlobalLogic Ukraine
 
Cloud Camp: Infrastructure as a service advance workloads
Asaf Nakash
 
azure synapse analytics end-to-end solution-hands-on at 20200728
Daichi Isami
 
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
VMUG IT
 
Enabling OpenStack for Enterprise - Tarso Dos Santos, Veritas
OpenStack
 
Enterprise Hadoop in the Cloud. In Minutes. | How to Run Cloudera Enterprise ...
Cloudera, Inc.
 
Azure Days 2019: Keynote Azure Switzerland – Status Quo und Ausblick (Primo A...
Trivadis
 
Linux en Microsoft Azure Global Azure Lima
Germán Cayo Morales
 
Azure synapse analytics overview elasta cloud3
Richard Conway
 
Loading Data into Azure SQL DW (Synapse Analytics)
Antonios Chatzipavlis
 
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
Azure Storage – Foundation for Building Secure, Scalable Cloud Applications
Microsoft Tech Community
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Big Data Spain
 
What do you need to know to scale your business to China using Microsoft Azure
Asaf Nakash
 
By Popular Demand: The Rise of Elastic SQL
NuoDB
 
Leverage Azure Blob Storage to build storage intensive cloud native applications
Microsoft Tech Community
 
Extending On-Premise Infrastructure To Cloud
Lai Yoong Seng
 
Azure IaaS Tanıtım - Uzun Anlatım
Mustafa
 
Ad

Similar to Mastering the move (20)

PPTX
Designing CloudStack Clouds
ShapeBlue
 
PDF
Open vSwitch Implementation Options
Netronome
 
PPTX
HP: Implementácia cloudu s HP
ASBIS SK
 
PDF
Cisco’s Cloud Ready Infrastructure
Cisco Canada
 
PPTX
Windows azure overview for SharePoint Pros
Usama Wahab Khan Cloud, Data and AI
 
PDF
A New Way of Thinking | NATS 2.0 & Connectivity
NATS
 
PDF
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
PDF
Global Azure Bootcamp 2018 - Azure Network Security
Scott Hoag
 
PDF
Banv meetup-contrail
nvirters
 
PDF
cncf overview and building edge computing using kubernetes
Krishna-Kumar
 
PDF
Cozystack: Free PaaS platform and framework for building clouds
Andrei Kvapil
 
PPTX
SCCM on Microsoft Azure
Mohamed Tawfik
 
PPTX
Pass 2013 dantoni azure a gs
Joseph D'Antoni
 
PDF
PLNOG14: The benefits of "OPEN" in networking for operators - Joerg Ammon, Br...
PROIDEA
 
PDF
VMworld 2013: vCloud Hybrid Service: Enterprise Applications on vCloud Hybrid...
VMworld
 
PDF
The Never Landing Stream with HTAP and Streaming
Timothy Spann
 
PPTX
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Interoute
 
PPT
Monitoring IAAS & PAAS Solutions
Colloquium
 
PPTX
Azure Overview Csco
rajramab
 
PDF
Sdn primer pdf
Pooja Patel
 
Designing CloudStack Clouds
ShapeBlue
 
Open vSwitch Implementation Options
Netronome
 
HP: Implementácia cloudu s HP
ASBIS SK
 
Cisco’s Cloud Ready Infrastructure
Cisco Canada
 
Windows azure overview for SharePoint Pros
Usama Wahab Khan Cloud, Data and AI
 
A New Way of Thinking | NATS 2.0 & Connectivity
NATS
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
Global Azure Bootcamp 2018 - Azure Network Security
Scott Hoag
 
Banv meetup-contrail
nvirters
 
cncf overview and building edge computing using kubernetes
Krishna-Kumar
 
Cozystack: Free PaaS platform and framework for building clouds
Andrei Kvapil
 
SCCM on Microsoft Azure
Mohamed Tawfik
 
Pass 2013 dantoni azure a gs
Joseph D'Antoni
 
PLNOG14: The benefits of "OPEN" in networking for operators - Joerg Ammon, Br...
PROIDEA
 
VMworld 2013: vCloud Hybrid Service: Enterprise Applications on vCloud Hybrid...
VMworld
 
The Never Landing Stream with HTAP and Streaming
Timothy Spann
 
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Interoute
 
Monitoring IAAS & PAAS Solutions
Colloquium
 
Azure Overview Csco
rajramab
 
Sdn primer pdf
Pooja Patel
 
Ad

More from Trivadis (20)

PDF
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Trivadis
 
PDF
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Trivadis
 
PDF
Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Trivadis
 
PDF
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Trivadis
 
PDF
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Trivadis
 
PDF
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Trivadis
 
PDF
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Trivadis
 
PDF
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
Trivadis
 
PDF
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
Trivadis
 
PDF
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
Trivadis
 
PDF
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
Trivadis
 
PDF
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
Trivadis
 
PDF
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
Trivadis
 
PDF
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
Trivadis
 
PDF
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
Trivadis
 
PDF
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
Trivadis
 
PDF
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
Trivadis
 
PDF
TechEvent 2019: Tales from a Scrum Master; Ernst Jakob - Trivadis
Trivadis
 
PDF
TechEvent 2019: Serverless - Ist das was für mich?; Thorsten Maier - Trivadis
Trivadis
 
PDF
TechEvent 2019: Alexa, Netatmo, ZeptrionAir and Co, Home Automation with fun;...
Trivadis
 
Azure Days 2019: Azure Chatbot Development for Airline Irregularities (Remco ...
Trivadis
 
Azure Days 2019: Trivadis Azure Foundation – Das Fundament für den ... (Nisan...
Trivadis
 
Azure Days 2019: Master the Move to Azure (Konrad Brunner)
Trivadis
 
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Trivadis
 
Azure Days 2019: Infrastructure as Code auf Azure (Jonas Wanninger & Daniel H...
Trivadis
 
Azure Days 2019: Wie bringt man eine Data Analytics Plattform in die Cloud? (...
Trivadis
 
Azure Days 2019: Azure@Helsana: Die Erweiterung von Dynamics CRM mit Azure Po...
Trivadis
 
TechEvent 2019: Kundenstory - Kein Angebot, kein Auftrag – Wie Du ein individ...
Trivadis
 
TechEvent 2019: Oracle Database Appliance M/L - Erfahrungen und Erfolgsmethod...
Trivadis
 
TechEvent 2019: Security 101 für Web Entwickler; Roland Krüger - Trivadis
Trivadis
 
TechEvent 2019: Trivadis & Swisscom Partner Angebote; Konrad Häfeli, Markus O...
Trivadis
 
TechEvent 2019: DBaaS from Swisscom Cloud powered by Trivadis; Konrad Häfeli ...
Trivadis
 
TechEvent 2019: Status of the partnership Trivadis and EDB - Comparing Postgr...
Trivadis
 
TechEvent 2019: More Agile, More AI, More Cloud! Less Work?!; Oliver Dörr - T...
Trivadis
 
TechEvent 2019: Kundenstory - Vom Hauptmann zu Köpenick zum Polizisten 2020 -...
Trivadis
 
TechEvent 2019: Vom Rechenzentrum in die Oracle Cloud - Übertragungsmethoden;...
Trivadis
 
TechEvent 2019: The sleeping Power of Data; Eberhard Lösch - Trivadis
Trivadis
 
TechEvent 2019: Tales from a Scrum Master; Ernst Jakob - Trivadis
Trivadis
 
TechEvent 2019: Serverless - Ist das was für mich?; Thorsten Maier - Trivadis
Trivadis
 
TechEvent 2019: Alexa, Netatmo, ZeptrionAir and Co, Home Automation with fun;...
Trivadis
 

Recently uploaded (20)

PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Teaching material agriculture food technology
LiaRayya
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 

Mastering the move

  • 1. Next generation databases Mastering the move Grüezi | Willkommen | Bonjour | Welcome | Velkomst Konrad Brunner Senior Consultant
  • 2. About me 2 7.11.2018 • Working for Trivadis since 3 years • 30 years IT experience • from Unix to Windows • from Token Ring to Ethernet • from Java to C# • from host to client-server • from local to global • from on-premises to the cloud Next generation databases
  • 3. Next generation databases3 Keys to master the move are … 7.11.2018
  • 4. ARM Templates are key for ... Next generation databases4 7.11.2018 … software defined data centers (SDDC) and infrastructure as code (IAC) ■ Allows you to define complete data centers as code ■ Allows you to manage the state of your data centers in source control tools ■ Allows you to manage infrastructure together with the applications ■ Enables you to revise your state ■ Allows collaboration with partners ■ Allows you to achieve IT as a service
  • 5. Automation is key to ... Next generation databases5 7.11.2018 … separate security in your datacenter ■ Allows you to streamline authorities along test, integration and production environments ■ Scripted deployments already starting when you move from test to integration ■ Allows you to work certificate based ■ Allows you to easily scale ■ Allows you to switch between regions ■ Allows you to securely integrate new resources into your existing secure infrastructure
  • 6. Automation is key to ... Next generation databases6 7.11.2018 … save money ■ … by streamlining the lifetime of resources ■ Some resources in Azure you can’t just stop • SQL Database ■ The automation of the deployment and undeployment allows you to stop also these once ■ …by automating and making the deployment processes faster
  • 7. Automation and ARM templates are key for ... Next generation databases7 7.11.2018 … DevOps with integrated security ■ Allows you to automate tasks in the Continuous Integration and Continuous Delivery pipelines ■ Together with Azure DevOps Services you have a fully secure and agile platform over the entire DevOps Process ■ Everything running under one single secure identity
  • 8. Identities are key to ... Next generation databases8 7.11.2018 … expand your existing security to the cloud ■ Seamless integration of all resources into your existing secure infrastructure ■ Azure B2B is your friend for partner identities ■ Azure B2C is your friend for customer identities
  • 9. Network is key for ... Next generation databases9 7.11.2018 … performance and stability ■ The right bandwidth ■ VPN up to 1.2 Gbps ■ Express route up to 10 Gbps ■ The best latency ■ West Europe <25ms ■ Switzerland North <5ms ■ Secure connections to your database ■ VLANs ■ Firewalls
  • 10. Application Management is key for... Next generation databases10 7.11.2018 … security and governance ■ Secure the access to applications ■ Supports on- and off-boarding of users ■ Single Sign On into the entire world ■ Manage application access over the company boundaries
  • 11. KeyVault is key to … Next generation databases11 7.11.2018 … enter next level of security ■ Secure store for keys, credentials and certificates ■ BYOK ■ Allows a centralized management ■ Allow the process identity access to the key vault to get secure information at runtime ■ No need to store connection strings in code or config files any more
  • 13. Automation Demo Next generation databases13 7.11.2018 ■ Subscription ■ AD Application ■ Azure Active Directory ■ Certificate based service principal ■ Key Vault ■ Automation Account ■ Runbook ■ Storage Account ■ Webhook POST https://github.com/TVDKoni/ARM-Base-Templates
  • 14. Next generation databases14 Resource Manager and ARM templates 7.11.2018
  • 15. Resource Manager Next generation databases7.11.201815 15
  • 16. Azure Resource Manager provides Integration Component Application Lifecycle Containment – Deployment, update, delete and status Declarative solution for Deployment – “Config as Code” Grouping – Metering, billing, quote: applied and rolled up to the group Consistent Management Layer Access Control – Scope for RBAC permissions Next generation databases7.11.201816
  • 17. ARM Templates can: • Ensure Idempotency • Simplify Orchestration • Simplify Roll-back • Provide Cross-Resource Configuration and Update Support ARM Templates are: • Source file, checked-in • Specifies resources and dependencies (VMs, WebSites, DBs) and connections (config, LB sets) • Parametrized input/output Instantiation of repeatable config. Configuration  Resource Group Power of Repeatability SQL - A Website Virtual Machines SQL-A Website [SQL CONFIG] VM (2x) DEPENDS ON SQLDEPENDS ON SQL SQL CONFIG 17
  • 18. Next generation databases18 Azure Automation 7.11.2018
  • 19. Automation key services Next generation databases19 7.11.2018 ■ Azure Active Directory ■ AD Application ■ Subscription ■ Certificate ■ Key Vault ■ Automation Account ■ Runbook ■ Storage Account ■ Webhook ■ LogicApps ■ Desired State Configuration POST
  • 20. Automation Account Next generation databases20 7.11.2018 Automation Account LogicApps
  • 23. One Identity, on-premises and in the cloud Next generation databases23 7.11.201823
  • 24. Microsoft Azure Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 20+ Data Centers Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance 24
  • 25. Transparency Next generation databases25 7.11.2018 ■ Security & Compliance Center ■ Service compliance reports like Azure - ISO 27001 and ISO 27018 Audit Assessment Report ■ Trust documents provided by Microsoft ■ Shared GDPR and ISO Assessments ■ Law Enforcement Requests Report → 25
  • 26. Next generation databases26 7.11.2018 Network
  • 27. Microsoft Azure External Connectivity Options 7.11.2018 Next generation databases27
  • 28. Connectivity pricing 7.11.2018 Next generation databases28
  • 29. VPN GW S2S and ExpressRoute coexistence VPN gateway allows you to have Site-to-Site (S2S) VPN connectivity to a Virtual Network that also has a gateway connected to an ExpressRoute circuit. This enables new connectivity scenarios: You can now use S2S VPN tunnel as a backup for your ExpressRoute connection. You can connect branch offices that aren’t part of your WAN to your Azure virtual networks that are also connected via ExpressRoute. You can have Point-to-Site connections to the same Virtual Network that is also connected via ExpressRoute enabling dev/test and mobile worker scenarios. 7.11.2018 Next generation databases29
  • 30. Next generation databases30 7.11.2018 Other keys
  • 31. Naming Convention Next generation databases31 7.11.2018 Max length hostname Max length Storage Account name Character 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Name Area D Main resources Production Environment Subscription t v d 2 0 a b a tvd20aba Resource Group t v d 2 0 a b a p r s g 0 0 1 tvd20abaprsg001 Virtual Network t v d 2 0 a b a p n g w 0 0 1 tvd20abapngw001 Virtual Machine t v d 2 0 a b a p s r v 0 0 1 tvd20abapsrv001 Storage Account t v d 2 0 a b a p s t g 0 0 1 tvd20abapstg001 Test Environment Subscription t v d 2 0 a b a t tvd20abat Resource Group t v d 2 0 a b a t r s g 0 0 1 tvd20abatrsg001 Virtual Network t v d 2 0 a b a t n g w 0 0 1 tvd20abatngw001 Virtual Machine t v d 2 0 a b a t s r v 0 0 1 tvd20abatsrv001 Dependent resources VM Public IP t v d 2 0 a b a p s r v 0 0 1 p i p tvd20abapsrv001pip VM Disk t v d 2 0 a b a p s r v 0 0 1 v h d tvd20abapsrv001vhd Vm Network Interface t v d 2 0 a b a p s r v 0 0 1 n i c tvd20abapsrv001nic VM Public IP 1 t v d 2 0 a b a p s r v 0 0 1 p i p 0 1 tvd20abapsrv001pip01 VM Public IP 2 t v d 2 0 a b a p s r v 0 0 1 p i p 0 2 tvd20abapsrv001pip02 I JHA B C E F G
  • 32. Central Registries Keys, Certificates, Passwords and other stuff can have an expiry date Start manage these changes from the beginning – Information about – Expiry date – Change procedure Use KeyVault where ever possible 7.11.201832 Next generation databases
  • 34. Fun is key for ... Next generation databases34 7.11.2018 … the future ■ Fun promotes innovation ■ Fun promotes productivity ■ Fun finds and holds talents ■ Why it makes fun? ■ It’s easy ■ It’s stable ■ It’s modern ■ It works from everywhere
  • 35. Thank you Konrad Brunner Senior Consultant Tel. +41 79 960 61 49 7.11.2018 Next generation databases35