microsoft azure and the gÉant framework · private site-to-site connectivity ... •continuous...

Agenda

Microsoft and Linux

Microsoft Linux

Build on the platformBuild on the infrastructure

Preview

GA

Users

Developers/Researchers

Microsoft Azure

Virtual

Machines

Stateful and

stateless one-

off solutions

VM Scale

Sets

Scalable

solutions

Container

Service

Scalable,

orchestrated

Docker images

deployed into

containers

Batch

Custom High

Performance

Computing

solutions

Open

Source

PaaS

Cloud

Foundry,

OpenShift

Service

Fabric

Custom

Microservice-

based stateless

and stateful

solutions

App Service

Template based

rapid

development

web, mobile and

API solutions

Orchestrated

workflow

based

integration

solutions

LogicWeb, Mobile

& API

All the

goodness of

App Service in

a dedicated

environment

Environments

Serverlessevent driven experience

Functions

Operations DBAs and data scientists Business

OfficePowerBI

Cloud-born LOBLift-and-shift + net new on Linux Docker

Azure is about Open Source

Optimized for small production and dev/test

workloads

Deploy using Portal, CLI, or ARM

az vm create

Custom VM Image

- VPN connection over SSTP/SSL

- Connect from home or a conference using your client computer

- Typical bandwidth: < 100 Mbps

- VPN gateway connection over a Secure tunnel using IPsec

- Direct, dedicated connection between Edge Provider (e.g. Swisscom) to Azure

- High bandwith, low latency.

- S2S can be used as a secure failover for ExpressRoute.

- Connect the sites that are not part of the network but are connected through ExpressRoute.

Cloud Customer Segment and workloads

Secure point-to-site connectivityVirtual network (Point-to-Site)

• Developers• PoC Efforts• Small scale deployments• Connect from anywhere

Secure site-to-site VPN connectivityVirtual network (Site-to-Site)

• SMB, Enterprises• Connect to Azure compute• IaaS and PaaS workloads

Private site-to-site connectivityExpressRoute

• SMB & Enterprises• Mission critical workloads• Backup/DR, media, HPC• Connect to all hardware

Trust

Integrated

intelligent security

Transparency

and control

Privacy

by design

Compliance

leadership

Protect your organization, data and people

Data Encryption Points

Data in transit between

a user and the service

Protects user from

interception of their

communication and helps

ensure transaction integrity

Data in transit

between data centers

Protects from bulk

interception of data

Data at rest

Protects from physical

threat of data on a disk

End-to-end encryption

of communications

between users

Protects from interception

or loss of data in transit

between users

We work to protect your data across all communications stages.

• Unified view of security across your Azure resources• Central management of security policies• Integrated security event logging and SIEM integration

• Security policies tailored to meet your needs• Recommendations help address vulnerabilities• Rapidly deploy controls from Microsoft and partners

• Continuous analysis of security events• Microsoft threat intelligence informs analysis• Prioritized alerts provide attack insights and

recommendations for remediation

Azure Security Center Azure and GDPR

Simple and unified experienceChallenges

On premises

datacenter

Application data

Platform data

Network data

Security data

Individual

monitoring

Individual

monitoring

Individual

monitoring

Individual

monitoringHosters

Platform and

Application

monitoring tool

Security

analysis tool

Network

monitoring tool

Simple and unified experienceSolution

Hosters

Application data

Platform data

Network data

Security data

Individual

monitoring

Individual

monitoring

Individual

monitoring

Individual

monitoring

Platform and

Application

monitoring tool

Security

analysis tool

Network

monitoring tool

Security

analysis

Platform and

Application

monitoring

Network

monitoring

IT

Operational

excellence

Azure Operations Managment Suite

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Windows agents

SCOM

Linux / FluentD

Event Hub Log Stash

Sample list of log/metrics that OMS collects:

• Custom Application/Infra logs

• Windows event logs

• Window performance counters

• Security Event Logs

• IIS Logs

• ETW logs

• Azure Diagnostics

Azure Storage /

Azure Diagnostics

REST Collection API

SaaS services

O365

Operations Management Suite

• Log Analytics

• Automation

• Site Recovery

• Backup

Custom log collection

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Logs data source in Log Analytics allows you to collect events from text files on both Windows and

Linux computers. Many applications log information to text files instead of standard logging services

such as Windows Event log or Syslog. Once collected, you can parse each record in the log into

individual fields using the Custom Fields feature of Log Analytics.

https://azure.microsoft.com/en-us/documentation/articles/log-analytics-data-sources-custom-logs/

Gain immediate insight from containers

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Containers are lightweight, pared-down virtual machines that can be easily provisioned, developers

have created them sporadically as a solution to support their continuous delivery. As containers are

being used widely in production and are exploding in numbers, demand for container monitoring has

increased. A centralized approach to logging and monitoring is required. OMS Container Solution for

Linux helps with these needs.

https://blogs.technet.microsoft.com/msoms/2016/08/24/announcing-public-preview-oms-container-solution-for-linux/

Infrastructure free,

management as a

service

PowerBI integrationOn the fly metrics

aggregation

Analyze petabytes of data from the cloud

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

View designerCreate visual tiles based on searches

Assemble tiles on a dashboard

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

View Designer editing Overview Tile to show custom service’s front-end custom events and performance data

View designerCreate visual tiles based on searches

Assemble tiles on a dashboard

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Complete with metrics visualized in line charts, distributions of event levels for my service, and the amount of data getting

for both types of events. Each visualization can drill down into OMS Log search.

Powerful search Alert notification

Identify root cause with powerful search

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

Alert management

COLLECT AND INDEX DATA SEARCH AND INVESTIGATE CORRELATE AND ANALYZE VISUALIZE AND REPORT MONITOR AND ALERT

UNIFIED EXPERIENCE

lukasz.miroslaw@microsoft.com

claudia.lachat@microsoft.com

javier.cano@microsoft.com

Eligibility Criteria

Institution must be a member of SWITCH AND

2 x Master Agreement

Campus and School

Agreement (CASA)

Azure only Server and

Cloud Enrollment (SCE)

Customer enrollment

Azure only Enrollment for

Education Solutions (EES)

Customer enrollment

Microsoft Business and

Service Agreement (MBSA)

Institution must be eligible as determined

by the «Microsoft Qualified Educational

User Definition»

Link

Institution must be eligible as determined

by the «Microsoft Qualifying Government

Eligibility Definition».

Link

1

OR2

Minimum Order Requirement

▪ The minimum order requirement for EES and SCE is 1 x Azure Monetary Commitment

▪ Estimated Retail Price: CHF 1,231

Azure Monetary Commitment Explained

Make upfront

monetary

commitment

Burn meters against

that commitment

Pay Annually if no

more than 50%

beyond commitment

Pay Quarterly if more

than 50% beyond

commitment

Upfront commitment

Pay for added usage at same great rates!

GÉANT Framework Pricing Concessions (I/II)

15% Discount on all Metered SKU’s

▪ For all billing periods that occur during the Coverage Period, Microsoft grants Enrolled Affiliate a discount of 15%

off all Consumption Rates (including Overage Rates).

▪ “Coverage Period” means the period starting on start date of the EES / SCE and ending on end date of the

GÉANT framework, i.e. 31st December 2020

Note: Excludes Azure compute pre-purchase, Azure plans, Azure marketplace, Azure support plans and Promo Offers

Azure Egress Fee Waiver

▪ Internet egress charges are waived for up to 15% of total monthly Azure consumption bill.

▪ Egress cost which is more that 15% of total monthly Azure consumption bill is charged at the relevant Zone

outbound data transfers price per GB.

▪ Any incurred Data Egress charges will be discounted by 15% as a Metered SKU’s.

Note: Only Institutions using Azure Zone 1 (includes Europe West and Europe North) and Zone 2 data centers qualify

for this waiver. “Egress-as-a-service” applications such as Massive Open Online Courses (MOOC), webhosting and

media streaming are excluded.

GÉANT Framework Pricing Concessions (II/II)

Discount ExpressRoute Zone 1

▪ Microsoft will discount all ExpressRoute ‘unlimited’ SKUs with December 2016 pricing by 69.2% for all EES / SCE

under GÉANT Framework agreement in Zone 1. DE (trustee) area is included.

Note: Institutions that purchased “metered” ExpressRoute are eligible for the 15% discount on Metered SKU’s

Azure Anniversary Consumption Credit

▪ The combined consumption of Azure Monetary Commitment, Azure StorSimple Monetary Commitment and

Overage within a given year reaching the below Usage Target can be considered for the indicated Azure

Anniversary Consumption Credit

▪ Credit is automatically applied to customers Azure Enterprise portal within 30 days of anniversary

Note: Credit is not applied to a renewal, only anniversary OR extension

Usage Target CHF (Current Net Price) Azure Anniversary Consumption Credit

CHF 58,800 5%

CHF 147,000 7%

CHF 490,000 10%

Operational Considerations

Link

Link Link

Resources

https://azure.microsoft.com/de-de/ https://azure.microsoft.com/fr-fr/

https://azure.microsoft.com/en-us/pricing/calculator/#

https://www.microsoft.com/en-us/cloud-platform/operations-management-suite

https://azure.microsoft.com/en-us/pricing/hybrid-use-benefit/

https://azure.microsoft.com/en-us/services/security-center/

https://www.microsoft.com/en-us/trustcenter

https://www.microsoft.com/en-us/trustcenter/Privacy/GDPR