Azure Cloud

  • What's the Difference Between Azure AD Premium P1 vs P2?

    Azure Active Directory

    Microsoft offers its domain management software, Active Directory, as a product in Azure services which provides all the same security features as an on-premise implementation. The Azure product can be used on its own or as a hybrid implementation with an on-premise AD structure, making it a highly valuable feature of Azure.

    Azure AD is present with all kinds of virtual and cloud services since security is an important feature in Azure. Since AAD is already functional in Azure and can be extended into an existing Active Directory structure, it's important to understand the compatibility of additional versions which may already be in use. Either as a stand-alone product or an extension to the cloud, AAD is very important for organizational security, especially with integration into Office 365 and remote user sign-on.

    The variation of tools in Azure AD replaced Dirsync and Azure AD Sync so that cloud and on-premise implementations mesh with each other seamlessly. Synchronization between the two is a key component for security as is AD Connect which is another integration tool that provides development and management of services for the use of single-user identities and single sign-on access including on-premise applications, cloud-based applications and Office 365.

    With the Azure AD services, items in Active Directory are kept synchronized so that information about resource and identity security is up-to-date. Additionally, authentication methods in a wide variation are equally available in AAD including cloud authentication with Hash Synchronization, pass-through authentication and ADFS (federated authentication). Azure AD Connect Health monitors AD resources from the Azure portal for centralized management.

    The premium additions of Azure AD are important to understand as these provide enterprise level tools for organizations in need of higher security measures, especially in Azure. While subscription services like Office 365 and Azure are automatically provided in Azure AD, these premium editions include important additional features for security and resource management. The premium versions are P1 and P2 and include these additional features to those basic in Azure AD.

    • Azure AD Premium P1 - is an enterprise level edition which provides identity management for on-premise users, remote users and hybrid users accessing applications both locally and over the cloud. This edition includes support for self-service identity, access management, administration of dynamic groups including self-service group management, as well as Microsoft Identity Manager which is a suite of on-premise identity and access management tools.
    • Azure AD Premium P2 - is an edition includes all of the features of Azure AD Premium P1 with the addition of Identity Protection and Privileged Identity Management (PIM). Identity Protection provided management of conditional access to apps and critical data. PIM enhances management of privileged accounts tied to administrative access to resources.

    A deeper dive into these editions is necessary for better understanding of available features offered in each one.

    One of the important factors in using a premium edition of AAD is dynamic group administration. IT administrators can receive many security group membership requests but the use of dynamic groups in premium editions provides for management with policies. Assigning policies to user ID's means that group memberships are included based on assigned criteria and no additional requests are necessary.

    The Premium P2 tier differs from the alternate P1 tier with added Identity Protection and Privileged Identity Management (PIM) which increase security measures to meet the toughest of expectations. Azure AD Identity Protection adds improved reporting of risk events so organizations can further assess potential vulnerabilities for all identities with the function of blocking or remediating these security risks with adaptive actions. PIM provides additional information about administrative accounts which allows for higher protection and lower risk of security breaches with this level of accounts. The Privileged Identity Management package clearly identifies Azure AD Administrators, adds a just-in-time administrative access for Office 365, provides reports about administrative access history and changes to admin assignments and sends alerts about access to privileged accounts.

    Azure AD Premium P2 is especially important in environments where a shift has occurred to mobile-based applications. In these computing environments, traditional security measures such as firewalls are ineffective for the protection of a cloud domain since there is no perimeter.

    azure AD active directory p1 vs p2

    Considering the roles individuals possess in organizations coupled with mobile factors, higher levels of security for identities becomes paramount. Regular users often access data from multiple devices on a variety of networks while making decisions about storage and sharing. Organizational IT retains less and less control of how data is protected. Additionally, privileged access can be assigned based on job title and little else while working outside specific network boundaries so that security audits are much harder to achieve with SaaS-based applications and systems. Access often is retained by users even after job changes occur.

    Both of the additional functions of Privileged Identity Management and Identity Protection included in Azure AD Premium P2 perform the necessary functions to manage the changing roles present in cloud-based environments. Identity Protection alone gathers information from the internet which offers trend material for security concerns regarding vulnerabilities and role history. Based on this information remediation recommendations are provided based on user trends which can be assessed for adjustments. Risk severity calculations are obtained for determining events such as:

    • Leaked credentials
    • Sign-ons from infected devices or suspicious activity via unknown IP addresses and unfamiliar locations
    • The nature of user lock-out events

    Suspicious log-ons can be assessed and risk-based policies applied in reaction to security breaches of credentials in addition to changing bad credentials or blocking identified attacks.

    PIM creates a workflow automated for user requests for elevated access. MFA (multi-factor authentication) is required for additional privileges after which the new access will time-out within a pre-determined time. Microsoft uses the same method with customer Office 365 subscriptions.

    PIM and Identity Protection provide additional security for IT teams to manage and account for risks with improved effectiveness, making it a step up for enterprise-class customers in need of these features. The additional protection keeps Azure customers ahead of the curve for avoiding costly, damaging intrusions while managing access with less overhead.

    To learn more about Azure Active Directory Premium editions, contact our experts at RoyalDiscount.com - Your online source for Microsoft Azure Cloud products.


  • What is Azure Active Directory?

    azure active directory

    What is Azure AD

    Active Directory is Microsoft's domain management software which controls all security functions within an organization affecting log-ins, password, accounts and security permissions to apps and data resources. Azure Active Directory is an extension for on-premises Active Directory implementations or can stand alone as a security product for Azure implementations that are not already part of a domain.

    When using any kind of virtual or cloud resources, security controls are extremely important and AAD is the foundation for providing access controls even in hybrid implementations so that an on-premise presence and a cloud presence will work together on the same AD infrastructure. This is even more important when considering use for application development and integration with Office 365 especially when used remotely.

    Microsoft provides a wide range of tools in Azure AD Connect which replaces older versions of identity integration tools such as DirSync and Azure AD Sync. With this latest version of Azure AD security and identity are synchronized when used together between the cloud and on-premise implementations. AD Connect is also an integration tool that allows for the use of single-user identities and single sign-on access (SSO) whether it's in the office, on the cloud, or using Office 365.

    Azure AD provides synchronization of user IDs, groups and other Active Directory objects so that all of these elements are present and up-to-date between the cloud and physical locations used by organizations. There are a variety of authentication methods which can be used especially in hybrid solutions. Choices can be made between such cloud authentication methods as Password Hash Synchronization or pass-through authentication and even federated authentication (AD FS). Additionally, Azure AD Connect Health allows for monitoring of Active Directory resources from a centralized location within the Azure portal.

    Editions

    As with all Microsoft products, there are a variety of editions for Azure Active Directory which provide sign-on and other security and identity needs. Subscription services to Microsoft Products like Office 365 and Microsoft Azure automatically provide for Azure Active Directory ase. This free edition of Azure Active Directory allows for management of user IDs, groups and synchronization with on-premise Active Directory implementations with all available sign-on capabilities for Azure, Office 365 and a wide range of SaaS applications including Google Apps and Dropbox among a few examples.

    There are a few different addition levels of which an organization should be aware. These are Azure Active Directory Basic, Azure Active Directory Premium P1, and Azure Active Directory Premium P2

    • Azure AD Basic - This edition is centered around cloud-based implementations for application access and self-service identity management which includes group-based access management, self-service password reset and Azure AD Application Proxy.
    • Azure AD Premium P1 - this is an enterprise level edition which provides identity management for on-premise users, remote users and hybrid users accessing applications both locally and over the cloud. This edition includes support for self-service identity, access management, administration of dynamic groups including self-service group management, as well as Microsoft Identity Manager which is a suite of on-premise identity and access management tools.
    • Azure AD Premium P2 - this edition includes all of the features of Azure AD Premium P1 with the addition of Identity Protection and Privileged Identity Management (PIM). Identity Protection provides management of conditional access to apps and critical data. PIM enhances management of privileged accounts tied to administrative access and other resources.
    • Additional versions are available in a pay-as-you-go editions such as Azure AD B2C for ID and access control of public apps. Also, Azure Multi-Factor Authentication can be implemented on a per-user or per-authentication basis.

    Benefits of Azure AD

    Azure AD provides a wide range of benefits when used in both cloud-based and hybrid implementations (where on-premise and cloud resources are used together), assisting with:

    1. Single identity creation and management of all users within an entire organization while providing synchronization of users, groups and devices via Azure AD Connect.
    2. Leverage of Azure AD's reliable HA for enterprise-class cloud presence with access management solutions.
    3. Control application security access with enforced rules-based policies that stretch across cloud-based applications and on-premise resources using Multi-Factor Authentication.
    4. Reduce support interaction and increase user productivity with the Azure AD MyApps portal to engage self-service password reset as well as manage group and application access requests.
    5. With Azure AD Application Proxy, a host of pre-integrated SaaS apps allow single sign-on access to a wide range of deployed apps within an organization.

    Additional considerations regarding synchronization, authentication and health monitoring in relation to Azure AD Connect enhance the overall benefits for organizations. Synchronization links on-premise and cloud-based resources and, in conjunction with password write-back, keeps user IDs, groups and other objects, including passwords, seamlessly up-to-date. Authentication methods with hybrid identity solutions in mind, including cloud authentication features such as Password Hash Synchronization / Pass-through Authentication or federated authentication (AD FS), provide effective security solutions. Health monitoring is available in a centralized location within the Azure portal where Azure AD Connect provides viewing of all activity.

    Intended Users

    Azure AD is a cloud-based integrated Active Directory implementation which can be used at all levels within an organization just like an on-premise AD forest structure. User-classes include the following:

    • IT administrators - with Azure AD Connect, admins can provide integration to existing Windows Server AD environments so that current on-premise resources and apps can be synchronized and managed with SaaS apps provided from the cloud. With increased security solutions, an organization can provide greater single sign on access and identity management for numerous apps hosted in cloud-based SaaS environments as well as those hosted on-premise. IT admins will find improved security over cloud-hosted resources with strengthened security, managed access control, collaborative enhancements and automated user identity lifecycle for assurance that compliance and security requirements are met.
    • App Developers - key app and SQL developers will find Azure Active Directory, no matter the edition in use, includes a wide array of tools for integration with the latest identity management solutions. SSO self-service and access control management features allow developers a wider range of options for delivery of important apps.
    • Office 365, Azure, or Dynamics CRM Online customers - tenants for these cloud-based products already use Azure AD so it can be put to use immediately with user access to cloud-base apps.

    Getting Started with Azure AD

    Administrators and developers can sign-up for 30-day trials of Azure AD to learn more about usage and implementation of the product.

    For a quick start, sign onto the Azure Portal where you can access Azure AD and create a new basic-tenant. To begin, you'll need a valid license and Global Administrator access in your portal account.

    Creation of a new tenant for Azure Active Directory can be easily and quickly achieved. Here are some instructions for a fast start at building your Azure AD environment:

    1. Sign into the Azure portal using a Global administrator account as noted above in the requirements.
    2. Select Azure Active Directory from the portal dashboard.
    3. Choose create resources.
    4. Then select identity and Azure Active Directory. At this point, the create directory page will appear.
    5. Next, enter your organizational name.
    6. Then enter the organizational domain name.
    7. Lastly, choose the country or region which should already be set to United States and then select create.

    The tenant will now be created with the domain matching the entries from the organizational and domain names.

    To further manage the tenant, especially if this is for testing purposes, deletion can be completed very easily. Simply log onto the Azure portal and select Azure Active Directory and then the name of the tenant you have created where you can select to delete the directory on the tenant page. The tenant and all associated information will be deleted if you make this choice so make sure this action is taken with care.

    Conclusion

    Azure Active Directory provides an entire organization with an impressive range of tools for internal support well as user productivity. With SSO and a variety of self-service tasks available to users, password resets and security access requests to applications and resources all can be completed without interaction with a helpdesk. Azure Active Directory also provides an extended, consistent, synchronized management apparatus into cloud-hosted resources and apps for strengthened security and delivery at improved cost.

    To learn more about Azure Active Directory, contact our experts at RoyalDiscount.com - your online source for cheap OEM, Retail & Cloud products.


  • How to Connect to Azure VM to RDP (Remote Desktop Protocols)

    azure vm rdp connection

    Azure cloud services are perfect for hosting VM's and offer ways for businesses to drive IT costs lower. The advantages of VM's cannot be minimized so creating and accessing them are very important to get up and running as soon as possible as well as gaining access to them with Remote Desktop. If you are getting started with Azure here are instructions to accomplish creation of a VM and then connect to your virtual environment.

    For anyone in need of testing VM's, Remote Desktop is part of the mix of helpful tools for using Azure hosting services or even developing a virtual footprint.

    • Everything begins with accessing the Azure Portal and creating a virtual machine. Once an account is established on Azure, it is then time to lay some foundations with testing over a remote connection.
    • Within the dashboard, build a VM by clicking on New from the menu.
    • This action will bring you to a choice of operating systems. After clicking your choice, you are then presented with a form where you will name and configure your VM.
    • Among the other settings you will choose are type of disk (SSD or HDD), the login credentials, the type of subscription, a resource group type and name, as well as the region where the VM will reside. Be aware that SSD is costlier than HDD if budget is a concern. If this is a test configuration, it may be best to stay with a HDD configuration and put your money into SSD-based VM's for your high-end server needs.
    • The next step in the process is choosing your machine type. There will be several choices based on subscription and your choice of disk types. Once you have chosen the type and the amount of vCPU and memory, you're ready to move to the next step.
    • Networking is the third step, where you will be presented with options to define your virtual network, subnet and other settings. The Auto-Shutdown feature is helpful because up-time is part of you cost in Azure. If the VM is not needed at all times, then this choice can cut costs, especially in a developmental environment. If you choose this setting you can define when the VM will be shutdown.
    • Once you complete all these steps, you are presented with a summary at which point you confirm and launch the VM creation process. After the VM build is completed, you are ready to begin working in your Azure environment. Once the VM is running, RDP (Remote Desktop) is now a primary tool to manage your virtual machine.

    However, if you first try to use the connect button, you may find that it will be grayed out. In this case, you need to configure a Network Inbound Rule which will allow connectivity to the machine (via the firewall created with the VM). Creating these rules can be very important since you may have a variety of security configurations and concerns. The main idea is to create a rule that you will be able to use for a number of different VM's. Also, regarding security, consider how many different IP addresses will be allowed to connect to your VM environment. For security purposes, the fewer addresses you allow the better, so plan appropriately.

    To access Network Inbound Rules, find Network Security Group in your Azure Portal dashboard. You may well find that applying some basic rules to your future VM's will be helpful. To complete creating the rule, you will need the port number used by RDP which is 3389. With this inbound rule now defined, you can use RDP to connect to your VM.

    When using RDP be aware that there are a number of options available. These can range from local accounts to domain logons. It will be up to you to use Azure's security to manage what accounts will have access over RDP to your VM's. Policies can be set in place which allow regular users frequent access via domain accounts over the RDP client. Accounts used for support and management can be placed in a separate policy since these may have administrative access. Other account level access can also be managed through security policies which you can create.

    Here are some quick instructions to connect with the RDP client:

    • From your Azure dashboard, click into Virtual Machines.
    • Select a VM to log onto with RDP.
    • There will be a connect symbol to click at the top of the VM page.
    • Clicking the symbol will trigger the "Connect to Virtual Machine" page from which you choose options and then click to "Download RDP file".
    • Once downloaded, click to open the file and connect (there may be a notice that the file is from unknown publisher but this is not unusual).
    • The Windows security page will appear where you will enter login credentials for the local VM or domain account you intend to use.

    Note that, unless the VM is a domain controller you will either use a local VM account or a domain user account. This means that if you are using a local account, you will enter the name of your VM as the domain name (vmname\username). Otherwise, if the VM is a domain member, you will enter the domain name and account (domain\username). In both cases there should be a password for the account being use which you already have. If your VM is a domain controller you must login with the credentials for a domain administrator account. Click "Yes" to verify connectivity and you should be logged onto your VM.

    VM's are extremely handy tools for creating virtual desktops and servers, so when you begin your Azure experience make sure you understand how to create and access them. Using security best practices will help you manage users accessing the virtual network appropriately while keeping intrusions to a minimum. Because of the nature of the VM's, RDP becomes an essential way to access them, so managing inbound rules with security groups and appropriately assigning user account security policies is most important. However, you can create and run VM's very quickly in your environment with little trouble and begin building your virtual network.

    To learn more about Azure products, RDP or RDS, contact the cloud experts at RoyalDiscount.com.


  • RDS Licensing

    remote desktop licensing (rds)

    Accessing your remote server implementations is highly important. With Microsoft server 2016, this is accomplished with Remote Desktop Services so that administrators can access and manage servers. This management is especially vital when servers exist in the cloud as virtual deployments. However, RDS is subject to licensing so let's take a look at how this process works as well as how you can implement license access to your virtual server environment. Before we get into how to setup the license server, let's discuss the types of licensing and other requirements.

    Licensing Modes and Other Concerns

    Every server comes with two Client Access Licenses (CAL) for accessing the operating system which is useful depending on the number of people who will log on your VM's. To start your RDS licensing, make sure you install the RDS role on all your servers. Next you need to make sure you have a license server installed on your network within 120 days of implementation or RDS will stop functioning. Once you have your license server installed then you must activate it and add your purchased CALs.

    With RDS licensing, there are two different modes which you can use. First is per user mode which means you must purchase a CAL for each and every person who will be using RDS to access your VM's. In this mode it does not matter how many devices are being used, but rather the number of users that are licensed. You must make sure that your CALs are added so that affected users can all log on and manage servers remotely. Using this mode, a licensed user can even use more than one device at a time since the licenses are associated with specific accounts. A server will accept any and all connections in this mode, however it is important to remember to buy the correct number of licenses and that they remain current with the agreement.

    The second mode of licensing is per device. Since licenses can be expensive, if you have a large number of people who will be accessing VM's but not constantly, then you may want to consider CALs per device. Licensing on a per device basis means that only a certain number of devices will be allowed connection via RDS at any given time. Your pool of CALs will provide the access until they are all used up, then other users will not be able to logon and will have to wait for an available CAL. But multiple users can still login from the same device if you wanted to purchase one license for a specific computer to be used for the purposes of RDS access.

    Other details to keep in mind for your Remote Desktop Services licensing are as follows:

    • CALs must be the same Windows server version as that to which the user or device will be connecting.
    • Your chosen RDS licensing server must be version 2016. Licenses for any previous versions can be hosted on Windows server 2016. The compatibility runs backward but not forward, meaning that a licensing server using Windows server 2012 could not host licenses for Windows server 2016.
    • There is no way to convert old licenses to 2016.
    • Upgrading the license server requires the need to delete the license database and then upgrade the server. This means it's better to create a new server and install the licensing role with the newest CAL version.

    Installing Remote Desktop License Manager

    Installing the Remote Desktop licensing role is a straightforward process, especially if you have installed roles on servers previously. A best practice is to install the license server on your domain, commonly done on domain controllers. Here are the instructions to follow:

    1. From Server Manager, click on the RDS node.
    2. Then click on RD licensing.
    3. Where you are logged on, click Next and Add RDS Manager
    4. Soon after you have added the role it will complete installation.
    5. Activate RD licensing by opening the Remote Desktop Licensing Manager (open Server Manager, click Tools, click Remote Desktop Services, click RD Licensing Manager).
    6. Right-click on the name of your RD license server and then left click on activate server.
    7. A wizard will appear and you will click next, then leave the next setting on "Automatic connection if the license server is connected to the Internet".
    8. Enter all the required information and any optional information that you wish to include, then click Next.
    9. Note that Start Install Licenses Wizard now will be checked by default so you can just click Next.
    10. Another welcome page will appear on which you can click Next to view the license program page where you will pick the type of license to be installed. Here you must choose the type of license which has been purchased, then click Next.
    11. Now you will be given the opportunity to enter all of the license codes which have been purchased. Once complete click Next.
    12. At this point, you will see all of the licenses by description in the right window pane when you click on the license server on the list in the left pane.

    License Management

    There are several considerations of which you should be aware for managing your licenses:

    • Any new licenses purchased must be added to the RDS license server from the Remote Desktop Licensing Manager where you will use much the same process to add them.
    • Once you have installed your license manager, if you see a yellow triangle warning beside your server you may need to add the licensing server to your active directory domain (if you have not done so already, which is a good reason to install it on a domain controller). To add the licensing server, simply right-click on your server list and select review configuration where you will have the option to add it to an Active Directory group. This action should resolve your problem. You can also confirm that your license server is correctly added to the proper AD group by using Active Directory Users and Computers (ADUC) to navigate to built-in groups and checking the subgroup for Terminal Server License Servers.
    • Otherwise there may be times when you need to migrate your CALs to another server. This is done from the Licensing Manager where you will right-click on the name of the licensing server and then select manage licenses. This action will open a wizard and you will click Next on the welcome page and then choose the first option on the Action Selection page. You can then choose that you are replacing your license server and, after clicking Next, you will enter the name or IP address of the replacement server. At this point you will be required to enter in your server key or agreement number, then confirm all the licenses you are migrating by adding all of them, then click Next. The licenses will be transferred to the new license server. If the new license server is offline, you will have to obtain the license server ID by logging onto the new server and obtaining it from the license server properties and entering the information into the wizard on your original license server.
    • You may also need to remove specific license packs from your license server. This is done by accessing the license server database with PowerShell (use the command: Get-WmiObject Win32_TSLicenseKeyPack, to see the list of license packs, then use the number of the license pack, or PackKeyID, with the command: wmic /namespace:\root\CIMV2 PATH Win32_TSLicenseKeyPack CALL UninstallLicenseKeyPackWithId [PackKeyID]). Once these series of commands are completed, you will need to rebuild the database either manually or automatically using the wizard from right clicking on the server name in the license manager. Choose manage licenses and this time in the action selection page choose the second choice for rebuild database. After you click next you will confirm that the database will be deleted after which you have the opportunity to reinstall your licenses with the wizard. Rebuilding manually means that you must stop the licensing services and rename the database file from TLSlic.edb to something like TLSlic.old, then restart the service.

    Those are the basics for understanding CALs for RDS, installing the Remote Desktop license manager and managing your CALs. To learn more about Azure Services, VM's and Remote Desktop Client access, contact our experts at RoyalDiscount.com- Your online source for cheap OEM, Retail & Cloud products.


  • SQL Server 2008 End Of Life - Backing Up to Azure

    sql support life azure

    Technology moves fast, so much so that the newest versions of software often become out of date in a matter of a few years. Older versions of Microsoft products can be daunting to manage from a support and licensing perspective. While 2008 versions of Microsoft products were innovative and new at the time, some of these products are now nearing the end of their support life. SQL Server 2008 is now several versions back so many clients are wondering what to do for their upgrades. Other SQL Server customers who still retain databases on the 2008 version may not even have decided on their precise upgrade plans. Here's the latest news from Microsoft which may assist with decisions regarding SQL Server 2008.

    Support Concerns

    Licensing and support for SQL Server 2008 was originally intended to last 10 years. We are now into that end-of-life support so what are the options for organizations still running databases on this now decade-old version?

    SQL Server 2008 brought a number of new innovations to the marketplace for databases. These new features were incredibly useful for database development at the time, so much so that many businesses have not needed to upgrade some of their databases to the newest versions. In fact, some of these clients still on the 2008 platform may not feel there is an immediate need to upgrade their databases. There may be other factors involved with such a decision such as budgetary concerns. Organizations may still be trying to determine how to upgrade their databases to the latest SQL server platform and may need more time to make all the decisions necessary.

    However, Microsoft does intend for support of SQL Server 2008 to end. This means that software and security updates will no longer be available after the support life for this product ends. While organizations are not necessarily caught flat-footed with this reality, actually completing the upgrades before the end of licensing support may well prove daunting to some organizations.

    Originally, Microsoft planned to deal with end-of-life support issues regarding products such as SQL Server 2008 with a Premium Assurance Program which was implemented last year. This program was intended to add six years of support licensing to the current ten-year limit. The intention was to provide continued compliance and security to existing databases though at an increased cost of five percent which would have maxed out at twelve percent over current licensing costs.

    Previously Existing Options

    But Microsoft has made a more recent change that affects even this Premium Assurance Program with a recent announcement. Previously, there were several options available for organizations choosing to continue using this older version of the SQL server platform. Options for SQL Server 2008 customers who wanted to remain on this version ranged from simply accepting that there would be no future security updates. The downside of this option is that databases may no longer be compliant in various industry requirements.

    Another available option has been to simply upgrade to a newer version of SQL though at some costs unless an organization already used a product assurance program. But with this option, businesses choosing to upgrade the 2008 version might face additional costs with licensing or further upgrade support while not being entirely prepared for such a change for some databases.

    The last option for current business and organizational clients of SQL Server 2008 has been to purchase a custom support license which can also be costly. This third option requires that companies provide a migration plan of some sort to Microsoft rather than keeping open-ended support available for an indeterminate amount of time when newer versions provide better solutions.

    The Latest Option: Cloud Migration with Free Security Support

    Since there are any number of detrimental effects from remaining on the 2008 SQL version, Microsoft has chosen to offer yet another option which many businesses may find extremely helpful. The recent announcement by Microsoft has been to allow product platforms like SQL Server 2008 to be migrated to Azure Cloud Services. Essentially, Microsoft is offering organizations the opportunity to remain under software support for the 2008 version until 2022 if the workload is migrated to Azure Cloud Services. The actual security support and updates are free of charge on the cloud platform and does not require that a company provide a migration or upgrade plan.

    The opportunity is quite useful for many businesses and organizations as this even allows them to use Azure stack which is Microsoft's version of the on-premise cloud system. This option is quite a flexible and useful offer for many businesses and a way for them to move into cloud computing even with this older SQL version. Microsoft is even allowing those customers who purchased the Premium Assurance Program to migrate into the Azure cloud platform on a grandfathered basis since this plan will be discontinued.

    Additional Benefits

    Now corporate and organizational customer can take advantage of Azure Cloud Services for older databases. All Azure features will be available that are relevant to SQL Server 2008. Security across the environment is consistent and provides telemetry for any intrusions. A myriad of backup features are additionally available which can also cut costs as customers look to upgrade these databases to newer versions. Workloads can be more easily managed and even scaled over the next several years while migration planning can continue.

    Additionally, the hardware for currently hosted SQL Server 2008 databases may be aging out of their lifecycles. Consequently, hardware replacement will create higher costs for new equipment, continued security and other business consistency concerns. Azure provides a less expensive way to maintain aging databases until they can be migrated to newer platform versions. Instead of struggling along with both hardware and software concerns, businesses now have the option of implementing Azure versions of their SQL databases where the hardware is no longer a concern since the cloud service keeps all of the instances up-to-date and secured. Business consistency is also addressed when migrating to Azure for this additional time period of support. Azure provides stable backup systems and support for additional security compliance needs.

    With all the additional benefits of Azure cloud services, SQL Server 2008 customers will find that implementing a workload migration to this new option can be highly beneficial as their decisions about upgrades are made over the next several years. Since the security support will remain free, there is an important savings already built into using Azure cloud services to host these older databases. Azure provides business consistency with less concern for hardware changes as well as a high level of cloud-based features which can be beneficial in assisting with upgrades to newer database platforms. Companies and organizations can easily find that their migration concerns are eased by shifting SQL Server 2008 workloads into the Azure cloud. Since Microsoft's cloud services through Azure are proven to already cut costs, Microsoft has generously offered a highly beneficial means of retaining security support for several years to come, one which is far less expensive compared to other immediate options and concerns.

    If you are currently running an outdated version of Microsoft SQL Server and want to explore options, you don't want to leave anything to chance. Contact the Microsoft licensing experts at Royal Discount - your source for all things MS SQL.


  • Microsoft Azure Cloud Security Guide

    azure cloud security

    Approaches to Security

    Anyone who's ever worked in a secure facility has developed a basic concept for what it takes to create and maintain such an atmosphere. There are any number of ways to control access to the facility using automatic gates and guards. Additionally, questions can be asked and access approved or denied based on valid need. Once an individual is granted access with in the facility, actually entering the building can also be further regulated and observed through a set of further security measures regarding doors, badges and escorts.

    Behind all of these measures are policies which have been developed and fine-tuned which provide guidance for operation of the facility. These policies are carefully developed and consistently applied in order to maintain security, even down to data access and protection. The same is true when securing data in Microsoft Azure Cloud Security. Options for securing customer information have been developed so that Azure cloud clients can rely on security facilities within their spheres of operation to maintain the confidence of data protection and mitigating unwanted access.

    Microsoft now offers a wide range of security features within its Azure cloud products which provide organizations with a high level of confidence that breaches will be minimized and any security incidents will be quickly addressed for the future. Clients can make use of Azure's tools to develop their own policies which will mitigate any intrusions and minimize the effects of those which do occur.

    Foundations of Azure Security

    Azure achieves high-end security for cloud clients by providing the following:

    • Management and control of identity and user access - Azure provides an Active Directory environment with greater control over user access to information. Multifactor authentication sign-in is available while Azure also provides greater control over authentication authorization and access control. Developers will also find tools to better integrate identity management across platforms including mobile and web apps. Authentication through Azure Active Directory can even be integrated into existing on-premise Active Directory and syncing.
    • Encryption of communications and operations procedures - Azure includes data encryption at all levels whether information is in transit or at rest. Encryption keys can be stored in vaults both on premises and in the cloud. Data can even be encrypted before it is placed into the cloud.
    • Solid networking infrastructure security - Azure hardens security networks even when communication between on-site and cloud networks are necessary. Through high-speed connections, Azure extends existing networks to the cloud using secure VPN connections while providing more design and infrastructure controls through the Azure Fabric Controller. Network Security Groups (NSG) control traffic to VM's, help secure communications between Virtual Azure Networks and implements packet filtering firewalls by default on all hosts and VM's. All datacenter locations in all regions provide a wide range of physical security and access controls to prevent breaches through such means.
    • Tools for defense against intrusion and threats - Microsoft instituted throughout all Azure regions continual monitoring, testing and prevention processes. Anything from intrusion and anomaly detection to DDoS prevention and penetration testing as well as machine learning and behavioral analytics are employed for the highest security possible. Microsoft has its own antimalware deployed to prevent intrusions into VM's and cloud services, but also supports third-party malware security solutions within subscriptions. The Azure security center serves as a main control for all client security concerns.

    Key Security Features within Azure:

    Security Center:

    From Azure Security Center you can manage all of your security needs within Azure as well as hybrid implementations between on-premise and cloud instances. This console provides a unified view of your cloud resources with discoverability across networks to on-site infrastructure, allowing for management of security and application of policies from a central location. Central management of resources including collection, analysis and search are all available in the Security Center where vulnerabilities can be found and re-mediated.

    Application Gateway:

    The Application Gateway provides application routing and load-balancing services within Azure. The Gateway is highly available and extremely scalable based on client needs. Applications, including SQL, can be protected from the most common web-based threats, vulnerabilities and exploits with a web application firewall. The Application Gateway is well integrated with other Azure services including the Azure Traffic Manager.

    VPN Gateway:

    With the use of Internet Protocol Security (IPSec) and Internet Key Exchange (IKE), Azure's VPN Gateway provides secure connectivity between more on-premise infrastructure and cloud-based resources. Point to site VPN provides VM connectivity across Azure Virtual Networks for availability even for users on the road.

    Azure DDoS Protection:

    Monitoring is always on for the Azure DDoS protection, providing adaptive tuning, application layering, complete integration with all of Azure's security features and analytics. Protection is simplified with immediate monitoring of all cloud resources to mitigate all detected attacks. Azure's DDoS protection also works through layers three through seven to counteract common threats such as SQL injections. This feature also includes alerts and telemetry reports for better understanding of any attempted attack and how to mitigate vulnerabilities against web applications. Microsoft even uses service credits as a protection against resource costs incurred from documented attacks.

    Key Vault:

    With cloud services, encryption keys are very important and Key Vault provides effective and secure storage of highly accessible keys which can be linked to applications for simple, high performance protection. The Key Vault covers passwords, secrets and policies which can be applied to cloud resources with the easy creation and migration of new vaults in a matter of minutes without the need for provisioning delays. Certificate provisioning for SSL/TLS achieves fast enrollment and automatic renewal from public CA sources.

    Azure Information Protection:

    All data can be protected with Azure's Cloud Services including tracking and monitoring of behaviors to block intrusion activities. Information can be classified through policies in such management categories as automatic, recommended or controlled by users. Protection can be extended no matter how it is shared or stored. Share controls can be passed even to customers and enacted in Microsoft Office with recommendations available for data handling for users.

    Azure Active Directory:

    Complete identity management is available in Azure Active Directory where resources can be safeguarded by intelligence driven security policies. Azure AD is highly integrated with Office 365 and enables a higher level of productivity with security and management centralized. With one identity, users can access available applications through a web-based portal along with web application availability for on-premise and mobility access.

    Azure Advanced Threat Protection:

    Threats continue to mount regularly so Microsoft's Azure's security also includes advanced threat protection. Azure Advanced Threat Protection adds the power of cloud resources to effectively detect and investigate intrusions and threats. Device, user and resource usage is monitored to determine any security anomalies for fast insight and response. The security measures improve responses to attacks and leverage Microsoft's Windows Defender Advanced Threat Protection for attack remediation

    Conclusion

    Delving a bit deeper into these security categories, it becomes clear that Microsoft has created its cloud environment with security as a top goal. However, it is important to remember that security is an ongoing role in which cloud customers have, and must, retain a role. Merely possessing a cloud presence does not remove the responsibility from the organization to follow best practices and determine policies which must be applied and followed using the available tools in Azure Cloud Services.

    To learn more about Azure Cloud Security, contact the Certified Microsoft professionals at RoyalDiscount.com - your online resource for all things Cloud.


  • Azure SQL DB vs Amazon RDS

    amazon sql db vs rds

    Cloud computing business customers now have new advantages which can be leveraged against on – premise systems. Companies can now implement additional infrastructure through cloud consoles without lengthy hardware procurement. Large investments of capital for IT projects are no longer a hurdle with cloud-based technology. Database as a Service (DBaaS) is now the important factor for applications in the business community.

    With the cloud in mind, it is important to understand the differences between major providers such as Amazon RDS and Microsoft Azure SQL. Both of these offerings can be surprisingly similar and different at the same time. Here is an exploration of what you can expect between the two.

    Intended market

    Microsoft Azure SQL is clearly intended for enterprise class business applications of 5 GB or less. There are more details to Azure SQL than targeted customers so what may seem limiting but  this is actually more than meets the eye.

    Amazon RDS admittedly targets a wider range of business customers. However, the Amazon offering does have its own limitations and drawbacks when all factors are considered.

    Platform

    Microsoft's cloud-based DBaaS product was designed for the cloud specifically in mind. As such, Azure SQL runs natively as a service on the Microsoft cloud platform and leverages the cloud specifically because of this design.

    Amazon RDS does not run natively on the cloud platform and is instead cloud capable. Most applications which were developed in MySQL will likely run without problems in Amazon RDS. But there is a big difference between the two in this respect.

    Deployment

    Azure SQL server database instances are not actually individual virtual servers. Since Azure SQL runs as a service natively on the cloud, these database instances are logical containers provisioned and customized for the customer's needs. This leverages cost and performance on the part of Microsoft and only the customers databases are hosted in these instances. This is based on a multi-tenant hardware architecture which does not allow for specific server level customization. Instead of focusing on hardware, Microsoft's DBaaS product focuses on cloud performance to fully leverage the intended advantages of cloud computing as previously noted. Microsoft focuses on only charging for what a customer needs, so sharding is advocated through the use of elastic pools and databases are therefore limited to 10 GB so that performance and cost can be achieved.

    Azure RDS also works on multi-tenant architecture which is the key element of cloud-based computing. However, RDS uses EC2 instances for its relational database services. This design allows RDS to allocate compute resources to databases while provisioning storage capacity separately. Since RDS charges storage separate from compute, there is a different cost to be factored versus Microsoft Azure SQL. The RDS standard level provides up to 6 TB of storage, and while RDS does not provide automatic resizing, Amazon's Aurora does scale automatically in 10 GB increments up to a total of 64 TB.

    Performance

    Not only are Microsoft Azure SQL and Amazon RDS different in terms of deployment, they are also different in approaches to performance.

    Microsoft Azure SQL includes storage units price, charging for different tiers and performance levels. While services do allow for a database size of 1 TB and up to 2.9 TB total storage elastic pools, it is important to remember that Microsoft advocates the use of sharding with elastic pools in order to achieve performance and cost goals. Since SQL database on Azure is tiered, each level is suited to different workloads and broken down into further different performance levels ranked by Microsoft's Database Transaction Units (DTU). It is with DTU and elastic pools that Microsoft customers can address performance at cost. With the elastic pools, fluctuations in workload are shared over collective resources for hosted databases and can be spread across a single customer's databases for maximum utilization that also reduce costs.

    Amazon Relational Database Services works on the EC2 concept. Database instances are allocated to compute resources with storage provisioned separately. As mentioned earlier, RDS charges separately for storage and compute so that cost is approached very differently. To achieve improved query performance, Amazon RDS allows for added replicas in its supported read-only horizontal scaling. In this way, performance is achieved. However, in comparison to Microsoft Azure SQL, there are fewer tiers and separate pricing for storage and compute. It is more likely that an Amazon RDS customer may switch to improved database instances and not use the full amount of resources.

    Scaling

    Microsoft Azure SQL includes storage in its tiered pricing and performance levels. While it seems limiting that Microsoft allows for a limit of only 10 GB per database, it reduces the likelihood of performance issues from a single bloated database server. For this reason, Azure SQL is highly scalable and very price sensitive. With the latest introduction of elastic pools, Microsoft's concept of sharing databases means that growth and performance with cost in mind is as highly available as Azure itself.

    Amazon RDS, as mentioned previously, charges separately for storage and compute. It is very easy to scale the size of a database on the Amazon platform. Aurora as a database product is easily scalable in automatic increments, making RDS single database growth easy to achieve.

    Conclusion

    Perhaps the best way to approach making choices between Microsoft Azure SQL and Amazon RDS as cloud-based database platforms is to actually measure performance. Since each platform measures performance differently, it may be important for prospective customers to use free offerings of these products in tandem with third-party performance measurement tools in order to clearly measure and compare corresponding resource performance for identical databases.

    Additionally, it is also important to keep in mind what technologies are in use in a particular organization. Amazon is not a software developer, so they offer a wider variety of database engines including Microsoft SQL server. Meanwhile, Microsoft Azure SQL is a specific product from the software developer, so they offer it exclusively as a DBaaS product.

    It is reasonable to expect that organizations which already use other database products than Microsoft SQL Server may well find Amazon RDS friendlier to their specific needs. On the other hand, organizations which are already Microsoft houses will find that Azure SQL will suit their needs best. However, it is important to consider how cost and performance are achieved on each platform and whether it suitably meets budgetary goals.


  • Azure VMs: 7 Reasons to Switch to Azure Virtual Machines

    Azure VMs: Pricing, Licensing & Features

    Azure storage and VM volumes provide the incredibly useful platform many businesses choose today for cloud solutions. Highly available, well-maintained and adaptable - all with cost in mind, Azure makes VM infrastructures easier than ever to improve business profitability with lower overhead. Azure VM servers can be brought online in minutes and configured for maximum business growth. Here's why businesses look to Azure's platform for VM infrastructure:

    1. OS Flexibility

    Operating systems are chosen with business need in mind. No longer do many businesses operate a single operating system on their servers. With VM servers now a staple of IT environments, Azure's flexible OS offerings make implementation of variable VM infrastructures easier than ever to accomplish. Azure VMs now support more than Windows Server, including Linux, IBM, Oracle, SQL Server, and SAP. Extending data center effectiveness is a breeze with all the choices available from Azure VMs making virtualization an unequaled IT investment for many business organizations.

    azure vm computer

    2. Resource Scalability

    All businesses are concerned with the cost of IT hardware. Scaling hardware can be difficult with budget constraints, especially with costly servers. Starting new projects and implementations can be challenging due to high costs. Arrival of high-end equipment can delay IT progress even further, let alone damaged shipments

    With Azure VMs, scalability creates a nimbler business model. Servers can be put into production in minutes rather than weeks, so development teams can complete requirements of testing and staging of new applications without delays from hardware.

    With a few developed image templates, even large projects can be underway in far less time than it takes to order, deliver and rack servers Scaling is fast and efficient while adhering to organizational goals and policies.

    3. Flexible VM Pricing

    Azure pricing is based on subscriptions which can be adjusted at need. No longer do companies need to waste time counting total cost with licenses or specialized equipment. Azure VMs are cost-efficient and easily maintained, reducing cost of ownership far below that of physical servers.

    Based on subscription need, the number of Azure VMs can easily be increased or decreased. A temporary need for additional VMs no longer requires years of financial commitment due to asset life-cycle. A temporary VM can be created and removed without the long-term consequences that physical servers require, especially when considering the cost of support. This reality is especially important when special application requirements call for faster, more powerful computing resources. The cost of the server is no longer spread out over five years but, instead, costs only for what the business needs for a specific time, meaning a drastic savings for companies and their IT commitments.

    Using Reserved Instances for VM in Azure can also reduce cost further. While these reserved instances require some commitment, they can be canceled or shifted as needed, unlike physical servers which are assets that stay on financial books for years and can only be disposed of at a loss. Reserved instances create virtual assets that can be shifted and changed as needed at costs that are even lower than pay-as-you-go plans. Combined with scalability and operating system flexibility, Azure VMs completely change the foundation of a company's IT resources.

    4. Reduction in Overhead & Costs

    IT organizations no longer need a commitment to larger employee support staffing. Budgets are reduced and more stable, creating higher profitability. Streamlined IT staffing no longer burdens the company, allowing for improved support margins and higher productivity. VMs ease the effects of such financial bottlenecks and Azure provides all the benefits of this relief with far fewer headaches for corporate management.

    5. Increased Security

    Azure puts a premium on security at all levels and VMs are no different. Azure Resource Manager ensures companies control access to VMs. Meanwhile, backup or failover goals are easily achieved with Azure Backup or Azure Site Recovery. Safe, well-maintained datacenters with encrypted connections ensure far better up-time and recovery in the event of site outages.

    azure virtual machine secured

    7. Ease of Use

    With templates, Azure VMs can be put into production far faster than with conventional servers. Customers can create their own templates and maintain them or make use of standard ones on Azure Resource Manager. New VMs can be available in minutes rather than weeks creating a nimble IT business model all businesses can enjoy. Development plans are much simpler, especially with migration and planning tools available in Azure Resource Manager making implementation far faster than ever so companies can relieve all internal bottlenecks whether they be support or budgetary in nature.

    7. The Benefits of Azure

    Microsoft's cloud platform has grown and widened in usefulness in recent years, rivaling or surpassing that of competitors. Azure provides a solid VM platform with a wide range of server offerings to satisfy all levels of need. Redundancy and business consistency make VM infrastructure even more effective than ever. Data centers with a wide-range of products complete with high-availability and many related offerings present even the largest of customers with the necessary options for VM infrastructure whether companies need general-use computing, memory optimized VMs, as well as burstable and compute optimized VMs.

    Add SQL instances with the latest features as well as backup and recovery options created for any business class in mind and Azure VMs become a prized asset in an era of increased competition. The latest of the Azure cloud is maintained, patched and secured, leaving management assured of business consistency.

    VMs are now the foundation of cost-efficient IT business models. Microsoft Azure VM instances are a widely used, effective cloud-based model every business can use to achieve lower costs, higher profits, better security, and business consistency while creating a nimble business environment. Find the right VMs for any budget and needs to begin creating a more robust IT infrastructure with Azure and its wide range of VMs.

    To learn more about Azure VMs, contact our experts at  RoyalDiscount.com - your online source for cheap OEM, Retail & Cloud products.


  • The Definitive Guide To Microsoft Azure

    microsoft azure transferring files

    What was once called Windows Azure is now known as Microsoft Azure and if you like to keep up-to-date with current tech-related news, you have probably heard the name a lot. Perhaps though, you have heard about it but have no idea what it actually is. In this post, our definitive guide to Microsoft Azure, we will outline the basics and some important specifics about Microsoft Azure, lifting the lid on what it is used for and why it is important.

    What Then Is Microsoft Azure?

    Microsoft Azure is the computing giant's cloud computing service which in a very similar way to both Google's Cloud Platform and Amazon Web Services, otherwise known as AWS.

    Now before you think you know what we mean when we say Cloud Computing, it's worth pointing out we don't mean that very open-to-interpretation term that is tagged on to every and any consumer service that stores your data and personal data on a remote server somewhere in America.

    Microsoft Azure is actually cloud computing in the form of a service designed for anyone from big organisations and companies to individual users who want to benefit from it.

    In the past, it was normal for organizations and companies to handle the hosting of their own infrastructure. So a company would have its own hardware that handled its own server, be it a web or email server. If it required more power, the company would need to purchase more hardware. The company would also need to pay for a solid internet connection for its customers to use and an individual to take care of hardware administration. As an alternative, many web hosting companies offer hosting for business services using their server hardware inside their own data centres, at cost.

    Cloud computing however, works in something of a different way though. Instead of running your own hardware or paying to use hardware in another company's data centre, you essentially pay to access a directory of resources provided by Google, Amazon, or in this case, Microsoft.

    This gives you the option to host whatever you want, whether it is user directories, virtual machines, servers for storing files, databases, email servers or web servers.

    If you need further computing resources, there is no need to buy new hardware, because as and when you need it, the 'cloud' can share with you the hardware and assigning the work automatically. You only pay for the amount of resources you require and not a set amount of hardware servers, stored away somewhere.

     

    How You Can Use Microsoft And Why You Might Want To

    When you use cloud computing via Microsoft Azure, it costs less upfront. There is no need to spend a lot of money, for instance, on setting up your own data centre, filling it with the necessary hardware and then hiring a workforce to run it. There is also never a risk of paying too much for more hardware than you require and likewise, there is no risk on buying not enough or not having the resources you require.

    Rather you just host the resources you require in the cloud through Microsoft Azure. You pay for what you use, when you use them. When you require more, it can be set up to automatically expand to take on the greater demand. Whereas, if you do not need quite as much, you won't be paying for resources you aren't using.

    This is why everything from an organisation or business's public access websites to their mobile app services to their company email server are being held via cloud computing.

     

    azure cloud hosting

     

    What Can You Do With Microsoft Azure?

    On its website, there is a full directory consisting of numerous services available for you to use, including backups, file storage, databases, full virtual machines and web and mobile app services.

    The reason its name was changed from Windows Azure to Microsoft Azure when it was developed and expanded to handle more than Windows. In fact, you are able to run both Linux and Windows virtual machines with Azure, as you require.

    When you start to browse through the directory of services, you will be see you can use Azure to do just about anything. Anything you need to do that Azure can't do directly, you can create a Linux or Windows virtual machine to host and use whatever software you need. If you wanted or needed to, you could host a Linux or Windows desktop in the cloud using a virtual machine and set up a remote connection to it. This is just another example of how you can use cloud computing resources.

    In the next part of our post we will now take a look at some more of the specifics of Azure and how it can be used. We will cover:

    • Azure Backup
    • Azure VM
    • Azure Active Directory
    • SQL In Azure
    • Major Benefits Microsoft Azure Brings To Businesses

    Azure Backup

    As the name suggests, Azure Backup is a service that enables you to protect or backup data into Microsoft's cloud. This service can be used therefore to replace any existing off-site or on-site backup facilities you may already have with a solution based in the cloud that is not only affordable, but secure and reliable.

    This service offers various components that you can download and use either in the cloud or on an appropriate server or computer. The particular agent or component you use will depend on the what you need to backup or protect. All of the available components of Azure Backup can be used for backing up data into a vault for Recovery Services within Azure.

    Why Would You Backup With Azure?

    Normal solutions for backup have developed to use the cloud merely as a static storage location in in a similar way to tapes and disks or an endpoint. Although this is a simplistic approach it is also restrictive and therefore translates to an inefficient and rather expensive backup solution because it doesn't make use of any underlying cloud platform.

    Further to this, other backup solutions are expensive as you end up paying a lot for storage that is not useful for you or storage that is the wrong kind. Also, they are inefficient as they do not provide you with the amount or kind of storage you require or administrative tasks involved with running them take up too much time.

    Azure Backup, on the other hand, delivers key benefits such as:

    • Auto Storage Management
    • Unlimited Scaling
    • Multiple Storage Options
    • Unlimited Data Transfer
    • Data Encryption
    • Application-Consistent Backup
    • Long-Term Retention

     

    azure portal

     

    Azure Active Directory

    Azure AD or Azure Active Directory is cloud-based identity and directory management service. It is a combination of application access management, advanced identity governance and core directory services. Azure Active Directory also provides a comprehensive and platform based on standards that allows developers to offer access control for applications based on central rules and policy.

    Azure AD for IT administrators provides an easy and cost-effective solution for business partners and employees to access numerous SaaS applications in the cloud via an SSO or single-sign on. Applications such as Concur, DropBox, Salesforce.com and Office365.

    Azure AD for developers of applications, enables you to focus your attention on building your applications by making it simpler and quicker to create integrations world-class identity management solutions utilized by literally millions of individuals and organizations throughout the world.

    With Azure Active Directory, there is also a whole identity management capability suite that includes:

    • Security monitoring and alerting
    • Rich auditing
    • Application usage monitoring
    • Role-based access control
    • Privileged account management
    • Self-service group management
    • Self-service password management
    • Device registration
    • Multi-factor authentication

    What Are Azure Virtual Machines?

    Azure Virtual Machines or Azure VM gives you the versatility to virtualise a wide array of computing solutions, such as data centre extensions, application running, development and testing. It gives the freedom of open source software that has the configuration you require. Consider this like another rack in your data centre, that gives you the ability to deploy a specific application not in the weeks it took in the past, but in mere seconds.

    You Get More Choice

    When it comes to Azure VM it's all about the range of choice you have. You can choose either Windows or Linux and then can choose whether you want it to be in the cloud on the premises or both.

    Scaled To What You Require

    A Combination of supercomputer performance with the cloud's scalability. Scale it from either one virtual machine to thousands. You can easily scale worldwide, to be closer to your customers, thanks to the increase in regional Azure data centres.

    SQL Azure

    You may have heard of SQL Azure - it is an important part of Windows Azure and is a services suite that provides data services web services infrastructure and hosted computing. This component of Azure, combines cloud computing service functionality with an SQL Server's complete relational database functionality. This is service is hosted from Microsoft data centres across the world.

    This is normally a good option when you require the services of a database. However, there are few aspects of business that SQL Azure would be particularly useful for:

    Collaborating - SQL Azure can be used to help establish a hub for collaboration, by storing your data in the cloud. In order to share information access across various boundaries within organisations, from one branch office to another etc. When you make use of hosted services, you can keep your data safe and secure, while eliminating roadblocks on the network.

    Scale - One of the biggest advantages of cloud computing is being able to add infrastructures when required. This makes it easier for you to scale up and expand or scale down the capacity of an application as and when it is necessary. Which is especially useful when there are dramatic changes to hosted application peak usage.

    Consolidation - As the relational database functionality need increases and starts to trickle down to specific work groups and departments, it can be a challenge to database sprawl internal management. With SQL Azure you can consolidate simplified management, turn-key provisioning with work group and departmental databases, to enable administrators can meet the needs of departments much easier.

    Hosted Applications - If you have already started using Windows Azure to host various workloads, it will be easy to integrate workloads of hosted relational databases. It can also assist in maximizing performance of applications by decreasing the volume of traffic on the network.

    Cost-Effective - It depends on the workloads you want to install, but cloud computing offers a PAYG model that may be the most effective approach in terms of expense.

    Major Benefits Microsoft Azure Brings To Businesses

    Now that we have discussed a little more about Microsoft Azure, it is worth understanding the actual benefits it can give businesses.

    Microsoft Azure Is Very Fast In All The Important And Best Ways

    In any business, speed is crucial and is generally seen as a advantage over competition. Azure benefits businesses in speed in three specific ways -

    • Deployment Speed
    • Operation Speed
    • Scalability Speed

    Even the most experienced and successful cloud providers would find it virtually impossible to compete against a business with all three functions firmly in place.

    Microsoft Azure Helps Increase Business Agility

    Businesses that make use of Azure have faster cycles for deployment than those using solutions on-premises. This enables them to become more iterative and benefit from greater amounts of responsive feedback while they develop applications.

    This then provides them with the opportunity to explore technology outcomes in a way that will suit the objectives of their business.

    In terms of finances – these cycles enable a measure of suitability without a complex infrastructure set up or outlay that costs too much.

    Business agility, we are sure you can see, is about failing faster, but growing quicker, rather than only maintaining standards.

     

    azure hosting security

     

    Your Global Reach Can Be Matched By Azure

    If your clients need data capabilities built for a worldwide scale, it can be hard if you are just relying on traditional data centres. In this regard Azure offers a huge advantage in that it can adapt to coincide with the utilisation and performance requirements of your business. This then reduces the necessity for a team to monitor behaviours and rather, focus on your business objectives.

    From the point of view of users, their experience will always be great and how great it is will not be determined by their location.

    While there is an argument that smaller organisations are the only kinds of businesses that can exploit this scale. This is not strictly true. BP, for example, only recently utilised this functionality of Azure as a migration driver.

    The Integration Development Environment

    Along with what we have already stated Azure benefits from Visual Studio – the leading development environment in the world. Which really is a game-changer. This means the dramatic reduction in the learning curb that comes with using a new platform. This is great in two important ways:

    It helps you to avoid a skill mismatch

    Enables teams to be deployed quickly and to learn while they work on a project or task.

    As part of this integration, Azure shows the willingness of it to adapt to what developers need. From a day to day perspective, developers are who benefit the most from Azure.

    The Full Integration Delivery Pipeline Provided By Azure

    When trying to show the true benefits of using Azure that Google and AWS don't provide,, it is more about the whole package rather than just the storage.

    So when you look at Azure from the perspective of architecture, you need a unified delivery pipeline. When it comes to Azure, this is:

    • Source control
    • Unit testing
    • Integration testing
    • Delivery
    • Go live tools

    Along with this, many could argue that it would benefit businesses to make use of specific tools from a variety of different providers. Ensuring greater ease of use for the majority of providers through APIs etc. Although, when it comes to fears regarding issues of integration and improved continuity, you are in a better position when all the tools you are using are all in the same place.

    When it comes to future updates though, Azure does this in a way that is still of benefit to others in their pipeline. This ensures that there is going to be long-term success.

    Azure Solves The Problem of Recovery Disasters

    If you have a business that has a worldwide footprint, you may need a solution that coincides with your need to transfer data on a global scale. Along with this, the CSOs have a stronghold to maintain so that disaster recovery capabilities are considered, including objectives for recovery points and locations for fail-overs. Azure has this covered.

    They do this by having:

    • Fail-over options on a global and regional level
    • Standby models both cold and hot
    • Capabilities for rolling reboots

    All of these can be worked with straight from the box. Which puts them far ahead of the standard options available from on-premises platforms.

    Although the topic of data recovery may not always be considered the most important business decision, a company could face disastrous legal implications if they are separated from their data at all for even just a day.

    Flexible Expenditure

    Although it is perceived to be cheaper than using private cloud computing, Azure isn't really. This is not a problem, though. One particular advantage of computing in the cloud with Azure is you're able to test band new solutions and how they impact, in a cost-effective way. Once you have finished this, you are then able to scale the areas that give the best outcomes for your business in a very tactful way.

    Increase Your SQL Databases' Return On Investment - While your costs may increase, your ROI is likely to improve, while decreasing the amount you pay for resources that are inefficient. When you choose to make changes to revenue models or experience differences from season to season, you only need to adapt things in your Azure Portal. Your CFO will see this as a success in the long-term.

     

     

    Using Azure To Become Securer

    One of the most important and impactful parts of Azure's security is the facility for seamless and secure logging on and off for users. Whether that is with regards to business to consumer or business to business.

    Users have easy access to all relevant platforms without having to remember complicated passwords, using Azure SSO. By doing this, you are able to decrease the chance for hackers to access important accounts, while enabling controls that are device and location specific.

    Azure Can Help You Meet Compliance Regulations

    Taking the bigger picture into consideration, organizations do not want to consider that solutions they choose or their data is meeting policies based on locations or meeting industry standards.

    It is likely that you would rather focus in on the outcomes of business.

    The heritage of Microsoft enables them to provide platforms suiting this requirement constantly, and have taken on all the heavy lifting. Particularly within sectors such as finance, which with data policies and GDPR, they have been able to establish solutions that give great scope with maintaining the sovereignty

    You Can Deploy Azure Absolutely Anywhere

    Unlike other cloud providers, such as Amazon Web Services for instance, that try to push of a future where cloud-first is a way of life in business, others consider it to be more appropriate to adopt a more hybrid model.

    Microsoft built the Azure Stack offering, with the above in mind, as a way to ensure their customers and clients benefit from all of the different benefits we have mentioned above and Additionally to practices and patterns. This is done while making use of wide array of providers of proven hardware for all their requirements on-premises.

    Moving forward, as a business you can select exactly where you want your data to reside. The change can actually be a lot easier than you suggest when choosing to press on with Azure.

    For more information on Microsoft Products or Services, contact our team at Royal Discount. Your source for Microsoft software and licensing. Reach our azure licensing desk directly at 1-877-292-7712.


  • Top 5 SQL in Azure Database Features

    sql in azure database
    SQL in Azure excels with the presentation of Microsoft's industry-leading database product. New features from the latest versions of SQL Database Server are also implemented in the Azure product with even greater results than single-server implementations - with all the advantages Azure offers. Here are five reasons SQL in Azure can improve business databases in an environment where online availability of database-driven products can make all the difference when compared to competitors.

    1. Scalability and Resource Management with Elastic Pools

    Scalability monitors alert you to the need of growth or retraction with ease all with cost in mind. Performance drives rising or shrinking needs and, thus, cost. Single databases can move into higher service levels without waiting or downtime. Larger databases can be moved into pools for best performance. Elastic performance pools allow for rising and falling demand based on the business-intelligent heuristics. Databases managed in an elastic pool can be set to minimum and maximum performance counters that ensure no single instance hogs resources, ensuring that all databases are able to perform. Elastic pools automatically adjust to expected changes in workloads based on the intelligent optimization from performance tuning. The pool performs in balance around the learned cycles of fluctuation for best operation combined with cost efficiency.

    Four workloads available in Azure SQL databases allow for creation of a robust, yet flexible application environment.  Basic, Standard, Premium and Premium RS each allows for growth of databases without downtime as your database needs increase or decrease. If resource needs change rapidly, database resources adjust to meet these changes which allows Azure customers to pay only for what is needed.

    Small, single Azure SQL database instances can be blended with elastic pools to meet growing needs with cost always in mind. Databases can be mixed and matched depending on workloads, even moved into and out of elastic pools for constant cost efficiency which equals savings for businesses. Reporting from Azure and access through the Azure portal provide instant information and access for business management.

    Determination of database changes and needs are achieved with Azure SQL Database monitoring and tools. The built-in performance monitoring and alerts provide actionable information for financial decisions regarding databases both large and small. Database Transaction Units (DTU) and elastic DTU provide specific information upon which to base business decisions.

    2. Performance Tuning

    Azure SQL Database service provides a built-in intelligence which learns database patterns. Such telemetry information informs business management of adaptation options of database resources for constant performance tuning coupled with best business decisions. Azure customers always know how their databases are performing.

    Automatic performance tuning is now the new staple of database management. Tools and monitors always adjust for changes and alert owners of necessary needs points of attention. Development resources are maximized while management of SQL resources are highly automated.

    Newer batch processing features such as interleaved execution, batch mode memory grant feedback and batch mode adaptive joins further add to Azure in SQL's enhanced performance features. This new tuning enhancement employs both the learning and adaptive models for increased performance, with the interleaved execution addresses multi-statement table-valued functions.

    3. Security

    Advanced security adds additional layers of protection including audit logs, data encryption (both at rest and in motion), data-masking to non-privileged users, row-level security and compliance certification. Security also provides high levels of authentication with Active Directory integration. Keys can even be stored within Azure for ease of access.

    Adaptive threat detection is available with SQL in Azure presenting a new layer of security that identifies any harmful intrusion attempts. Suspicious activity is always marked with recommendations offered to mitigate breach attempts within the database.

    4. Business Consistency Features

    With Azure SQL Database service is ways available with its responsive SLA-based support system which keeps all resources up at all times. Available across a wide range of datacenters, the service is patched, secured and backed up. Business continuity concerns are met with a range of option including active geo-replication, and failover groups.

    Automatic backups are performed in full, differential and transaction logs while allowing for point-in-time restores over the retention of the automatic backup. High performance and load balancing are achieved with the use of failover groups which can take advantage of geo-replication among a number of Azure data centers.

    Software agents, tapes and hardware are by-passed for highly available and flexible backups including failovers for maximum availability. Companies find yet another way to reduce cost while ensuring database availability.

    5. Scalability of Azure SQL Database

    As with all products in the Azure cloud platform, cost efficiency is further enhanced with scalability. Azure customers can easily forecast, budget and adjust cost based on reporting. Databases can be adjusted as necessary with cost in mind. Increases in demand are never a hassle since databases can be assigned more resources through telemetry reports from efficient monitors - all presented in the Azure Resource Manager

    Bonus features at your fingertips:

    Azure Key Vault Integration with SQL Server IaaS VMs - encryption keys can now be stored in Azure, eliminating additional management costs and support overhead.

    V12 Portability - migration strategies are a thing of the past as SQL in Azure provides the ability to move databases across the cloud, off it or into such services as IaaS and Paas.

    Query Store - database metrics are stored in this handy location for access to performance. With the Query Store, historical data about databases can be compared for additional information necessary for management decisions.

    Polybase in the Cloud - allows for joining Azure Blob Storage to SQL Server tables for non-relational queries across cloud implementations.

    Azure SQL Database provides all the latest features of the database server engine with all the features of Azure mingled into a highly useful product for best performance, lowest cost, and flexible scalability. Comprehensive business consistency from backups and security coupled with development tools, alerts and monitors add more than worthy value. To learn more about Microsoft Azure SQL Database, contact our experts at RoyalDiscount.com - the Microsoft Licensing and Cloud experts. Get answers - Call today at 1-877-292-7712.


  1. 1
  2. 2
  3. 3