The World’s Most Complete Review of the Azure Services and the Portal


The download link is here for a Powerpoint. If you would like to see changes in this deck, let me know and I can make them.

Introduction - Part 1

  • Over a period of several weeks I have finally taken the time to fully explain Azure in the context of the Azure portal. Obviously, Microsoft has products that go beyond the portal itself.
  • The value to the reader is getting a deep understanding of exactly where all the capabilities can be found on the portal. Often we hear of the capabilities of Azure but it is rarely mapped directly to the Azure portal. By learning about Azure through the portal you will have a clear idea of where to go to get the capabilities you need. As you now, Azure is constantly evolving so this just represents a snapshot in time. I will do my best to keep this updated moving forward.

Click image for full size

slide1

Slide 1 of 143

Introduction - Part 2

  • With PaaS, as you can see from the diagram, users must manage their applications, data and their users.
  • The ultimate convenience for users is SaaS ( software as a service ).
  • This means that all users need to do is go to an a HTTP endpoint and interact with the browser.
  • Once this type of environment is set up, there is very little anybody has to do to provide functionality to users. Perhaps the best example of this would be Managed Exchange or Office 365.

Click image for full size

slide2

Slide 2 of 143

Overview of Portal - Part 1

  • This post will walk through each one of these key pillars and provide concrete descriptions of what they mean, and the power they provide to Azure users.

Click image for full size

slide3

Slide 3 of 143

Virtual Machines - Part 1

  • And as you can imagine, there a lot of options here.
  • There are various Linux distros, Windows.
  • There are also pre-configured OS’s with built in support for SQL Server or Oracle, for example.

Click image for full size

slide4

Slide 4 of 143

Web & Mobile- Part 1

  • Web and Mobile contains a lot of technology. Not only are there a lot of pre-configured web software packages (ie, PHP, WordPres, Drupal, etc), but also higher level PaaS services. Web Apps is a service, meaning that you don’t need to manage VMs and worry about security, scaling, updates, and more.

Click image for full size

slide5

Slide 5 of 143

Web & Mobile - Part 2

  • You can also enjoy continuous integration/deployment as part of the benefits.

Click image for full size

slide6

Slide 6 of 143

Web & Mobile - Part 3

  • There is also a staging endpoint that allows companies to test their web apps before going live in production.

Click image for full size

slide7

Slide 7 of 143

Web & Mobile - Part 4

  • Many companies need built-in support for a relational database. They also don’t want to spin up (provision) a VM and install SQL Server or MySQL. Luckily, as you’ll read more later, you will learn that both SQL Server and MySQL are offered as a service.
  • This dramatically simplifies management of sophisticated web sites that have a database back-end.

Click image for full size

slide8

Slide 8 of 143

Web & Mobile - Part 5

  • There are many reasons why companies might need a dedicated environment. It usually is motivated by the need for high scale and predictable performance by avoiding the “noisy neighbor“ problem. The Azure App Service is an umbrella term for both Web and Mobile technologies.

Click image for full size

slide9

Slide 9 of 143

Web & Mobile – Part 6

  • Supporting mobile apps can be a daunting task. As you can see, this is a big surface area. For starters, it covers the spectrum of mobile devices (iOS, Android, Windows). It also provides support for native and web-based/cross-platform capabilities.
  • When supporting web apps, a key challenge is authentication and push notifications. Push notifications are particularly difficult as different mechanisms for sending notifications are involved (Apple, Google, MS). Regarding identity, you often want to leverage social identities for social apps. But for enterprise or corporate settings, OAuth is the preferred token format.

Click image for full size

slide10

Slide 10 of 143

Web & Mobile - Part 7

  • A powerful capability is to abstract away back-end data stores so that the client app. This means you can leverage the same back-end across all mobile apps (iOS, Android, Windows). You can choose Node.js or .NET. You can use the TableController to expose complex domain objects to clients. It allows you to take advantage of client-side querying and offline sync.

Click image for full size

slide11

Slide 11 of 143

Web & Mobile - Part 8

  • This is about taking advantage of OAuth2 could grant flows. The goal here is to make it easy for developers to add their client application logic that authenticates users with Windows Azure active directory. Using claims-based authentication techniques like this allows you to provide access tokens for secure API calls.

Click image for full size

slide12

Slide 12 of 143

Web & Mobile - Part 9

  • The authentication flow makes it possible for mobile clients to continue to access backend services. Notice that the client first needs to access the Active Directory Authentication Library to obtain a token ( credentials ). That token can then be used to access secured API backends.

Click image for full size

slide13

Slide 13 of 143

Web & Mobile - Part 10

  • The compelling value proposition here is that, regardless of device, your backend can send one push notification and all devices (and device types) can receive the notification. Supports Apple, Google, Microsoft.

Click image for full size

slide14

Slide 14 of 143

Web & Mobile - Part 11

  • Covered elsewhere in this post.

Click image for full size

slide15

Slide 15 of 143

Web & Mobile - Part 12

  • One of the most difficult challenges for any publisher of mobile applications is user acquisition as well as user retention. Understanding the behavior of mobile users can pave the way for better improvements in user experience. In addition, being able to effectively market your users for potentially in-app purchases or marketing campaigns is also important.

Click image for full size

slide16

Slide 16 of 143

Web & Mobile - Part 13

  • Much of what enables the scenario is telemetry data that can be received from the mobile application, as well as data that can be pushed to the device. There is an integration layer that allows you to broker this conversation to your own back and, which could be SharePoint or some other content management system.

Click image for full size

slide17

Slide 17 of 143

Web & Mobile - Part 14

  • You can think of the scheduler as a cron job for the cloud. These jobs can be scheduled either for one event or on an ongoing basis or recurring schedule. Some jobs take a long time to execute. So if numerous long-running jobs are submitted by the scheduler, a queue might be needed so that one job can wait for another to complete before executing. There is even the powerful capability of a pub/sub model architecture, which is supported by Azure service bus queues.

Click image for full size

slide18

Slide 18 of 143

Web & Mobile - Part 15

  • The diagram below depicts the architecture that could take advantage of the schedulers capabilities. Imagine a scenario where a user submits a video to be encoded, which is a long-running job. The frontend interface that takes in the video for encoding could be hosted by a web role, which can host a website. The request would then be placed into a queue. The scheduler could then be using worker roles to process the queue at a desired interval. Imagine that the video will then be encoded and stored as a blob in Azure storage. A second queue could be used to record successful encoding jobs. Another worker process could potentially read the successful job queue and send out the appropriate emails that the encoding job is complete.

Click image for full size

slide19

Slide 19 of 143

Web & Mobile - Part 16

  • Application insight represents diagnostics for the cloud. A dashboard built in to the Azure portal provides a wealth of information to help you diagnose exceptions and determine where performance bottlenecks exist. Application insight supports ad hoc queries so that you could drill into specific errors and retrieve targeted information.

Click image for full size

slide20

Slide 20 of 143

Web & Mobile - Part 17

  • Imagine that you use continuous integration/ deployment approaches to application delivery. Imagine that unit tests fail and that you need to drill deeper into root cause for those failures. Also imagine that part of your deployment resides on premises, so that the ability to get insight into your application spans both the cloud and on premises. These capabilities are provided by Application Insights.

Click image for full size

slide21

Slide 21 of 143

Data + Storage - Part 1

  • The Azure Storage technologies is a fundamental pillars to the overall as your ecosystem. Across the entire Azure stack, anytime something needs to be stored, the Azure storage technology plays a key role. The three main pillars to the Azure storage system is blogs, tables, and queues. There’s also the notion of premium storage, which is high-speed storage based on SSD technology. Another key point is that the storage system can be accessed using REST http, meaning that any language or environment that’s capable of http can communicate with Azure storage. There are also various forms of replication, with triple replication being the minimum in a single data center. But there’s also the capability to replicate across regions.

Click image for full size

slide22

Slide 22 of 143

Data + Strorage - Part 1

  • Anytime you place your database outside of company firewalls, there is always the threat of compromise.
  • SQL Database comes equipped with the tools to secure your data assets.
  • It is capable of noticing attempts to access, breach, or exploit data.
  • SQL Injection attacks are also detected by the threat analysis tooling.
  • SQL DB also includes some performance tuning capabilities, leveraging the decades of MS turning experience with SQL Server includes a turning advisor that can provide guidance on tuning indexes, including recommendations for adding clustered indexes, nonclustered indexes, and indexed views.

Click image for full size

slide23

Slide 23 of 143

Data + Strorage - Part 2

  • DocumentDB is a document-based, NoSQL datastore as a service that includes a SQL and JavaScript language.
  • This offering frees you from the hassle of managing VMs either in the cloud or on-premises.
  • It includes performance guarantees as well as support for compliance.

Click image for full size

slide24

Slide 24 of 143

Data + Strorage - Part 3

  • DocumentDB is not appropriate for all scenarios.
  • The design of DocumentDB solves problems not solved by other platforms.
  • It is important to weigh the pros and cons when choosing a data platform.

Click image for full size

slide25

Slide 25 of 143

Data + Strorage - Part 4

  • SQL Data Warehouse can be provisioned very quickly, 3 to 5 minutes.
  • Can scale down as easily as easily as scaling up, making it economical to use.
  • It includes built-in auditing and threat detection, which both use machine learning to understand the patterns of your workload and serve as an alarm system to alert you of a potential breach.

Click image for full size

slide26

Slide 26 of 143

Data + Strorage - Part 5

  • The challenge of unstructured data is that is difficult to analyze through a standard query language.
  • Polybase makes it possible to query across unstructured and semi-structured data.

Click image for full size

slide27

Slide 27 of 143

Data + Strorage - Part 6

  • StorSimple is an appliance that can be run both in the cloud and on-premises, as well as a private cloud.
  • Includes military grade encryption.

Click image for full size

slide28

Slide 28 of 143

Data and Analytics - Part 1

  • Azure search goes beyond the capabilities of Elastic Search.
  • It lets you tune search results to align with business goals.
  • Take advantage of Bing and Office technologies, in development for over 16 years of development.

Click image for full size

slide29

Slide 29 of 143

Data and Analytics - Part 2

  • Azure search is well suited to support online shopping scenarios, fixing spelling errors, providing paging capabilities, and more.
  • Azure search also provides geo-spatial search support, allowing customers to search for products with geographic proximity.

Click image for full size

slide30

Slide 30 of 143

Data and Analytics - Part 3

  • Managing data is an important aspect of business workflows.
  • Properly managing corporate data represents a competitive differentiator.
  • Data sources come in many different forms and locations.
  • Data management is the foundation of business analytics, including machine learning.

Click image for full size

slide31

Slide 31 of 143

Data and Analytics - Part 4

  • Real-time streaming allows companies to make business decisions in real-time.
  • Being able to analyze and aggregate streamed events using a SQL-based language is powerful.

Click image for full size

slide32

Slide 32 of 143

Data and Analytics - Part 5

  • Stream Analytics is optimized to take in unstructured and semi-structured.
  • ured data and transform/aggregate it and place inside of Azure SQL Database, IOT Hub, or standard Blob Storage.

Click image for full size

slide33

Slide 33 of 143

Data and Analytics - Part 6

  • HDInsight is more than just Hadoop as a Service.
  • It also includes Spark, R, HBASE, and Storm.
  • Support for PowerBI and Excel for viewing results from analysis.

Click image for full size

slide34

Slide 34 of 143

Data and Analytics - Part 7

  • HDInsight packages up a number of important data analytics packages.
  • Hadoop is perhaps the most well-known and is offered here is a service, so that cluster management is automated.
  • It supports all the typical constructs you would find in the traditional Hadoop offering, such as support for map reduce in the distributed file system.

Click image for full size

slide35

Slide 35 of 143

Data and Analytics - Part 8

  • Apache Spark is another open source cluster computing framework originally developed out of Berkeley’s AmpLab.
  • It provides an interface for programming entire clusters with implicit data parallelism and fault-tolerance.
  • One of its core innovations is known as the resilient distributed dataset (RDD), which is a read only multi-set of data items that gets distributed over the cluster of the machines automatically in a fault-tolerant fashion.

Click image for full size

slide36

Slide 36 of 143

Data and Analytics - Part 9

  • R isa programming language suited to statistical computing and graphics.
  • It is used primarily by statisticians and data mining.
  • It includes linear and line linear modeling, as well as support for classical statistical tests, timeseries analysis, and more.
  • It supports the linking of C and Fortran code for computationally intensive tasks and performance.

Click image for full size

slide37

Slide 37 of 143

Data and Analytics - Part 10

  • Hbase features include compression, and in-memory operation.
  • Tables and age base can work directly with MapReduce jobs in Hadoop.
  • It supports the Java API, as well as having a restful interface.
  • A sister project known as Apache Phoenix provides an SQL layer on top of HBASE.

Click image for full size

slide38

Slide 38 of 143

Data and Analytics - Part 11

  • Apache Storm makes it easy to process unbounded streams of data in real-time.
  • It’s simple to use and can be supported by any programming language.
  • Supports a great variety of use cases, such as real-time analytics, perpetual machine learning, etc.
  • It’s known for its high performance and ease-of-use.

Click image for full size

slide39

Slide 39 of 143

Data and Analytics - Part 12

  • Data Lake is geared towards making big data analytics easier, supporting data of any size.
  • It comes with the universal query language, known as U-SQL.
  • One of its strengths is that it supports fast and easy scale up and scale down, which ultimately leads to lower cost analytic workloads.
  • It comes with the built-in ability to identify performance bottlenecks, making it easier to tune queries.

Click image for full size

slide40

Slide 40 of 143

Data and Analytics - Part 13

  • It is built on top of YARN, which is a type of resource negotiator, making it possible to take advantage of Hadoop beyond just a batch oriented processing system, supporting such capabilities as interactive and real-time streaming.

Click image for full size

slide41

Slide 41 of 143

Data and Analytics - Part 14

  • A universal querying language supported, making it possible to query across many different types of data stores.
  • SQL is traditionally used against structured data.
  • But U-SQL allows you to build out extensions and therefore support unstructured data sources.
  • Much of this came out of work from the academic field.

Click image for full size

slide42

Slide 42 of 143

Data and Analytics - Part 15

  • Azure Machine Learning Studio is an innovation that allows you to graphically design and build machine learning algorithms through drag-and-drop techniques.
  • This can accelerate the experimentation necessary to discover features that have predictive value.
  • One of the problems that it solves is transforming data so that I can be appropriately analyzed.

Click image for full size

slide43

Slide 43 of 143

Data and Analytics - Part 16

  • One of the more interesting capabilities is the fact that Web services are automatically created.
  • This makes it possible for the rest of an organization to take advantage of the machine learning algorithm without requiring the data scientist to be a web developer.
  • PowerBI and other tools can leverage the web services that are created.

Click image for full size

slide44

Slide 44 of 143

Internet of Things - Part 1

  • We now begin the section called, “the Internet of things.”.
  • It turns out that we spoke already about five of the pillars that make up this category of software and services.
  • On the next slide will explore “Stream Analytics Job”.

Click image for full size

slide45

Slide 45 of 143

Internet of Things - Part 2

  • As you can see from the diagram, stream analytics can be used to process information from many sources using a SQL like language.
  • Web jobs allow you to continuously or periodically run a stream analytics algorithm.

Click image for full size

slide46

Slide 46 of 143

Internet of Things - Part 3

  • Event hubs are often compared to Kafka.
  • But Events hubs offer a very powerful capability in that they are a managed service.
  • It’s often necessary to scale up and scale down on demand when performing data ingestion activities.
  • It supports the very powerful and flexible pattern of publish/subscribe.

Click image for full size

slide47

Slide 47 of 143

Internet of Things - Part 4

  • Service bus is also known as Azure messaging.
  • It is an umbrella term that includes (1) event hubs (2) messaging (3) relay.
  • The Relay as a very unique offering from Microsoft.
  • It enables socket communication through firewalls without the explicit opening of ports.
  • Some have described this as “Skype in a box.”.

Click image for full size

slide48

Slide 48 of 143

Internet of Things - Part 5

  • Beyond just data ingestion, the service bus supports a powerful messaging infrastructure.
  • It is highly scalable and provides a fundamental building block cloud-based applications.
  • You can also think of it as an advanced queue service hosted in the cloud.

Click image for full size

slide49

Slide 49 of 143

Networking - Part 1

  • In this next section we are going to talk about networking.
  • Networking is a significant topic as it spans the many forms of cloud computing, such as public, private, and hybrid clouds.

Click image for full size

slide50

Slide 50 of 143

Networking - Part 2

  • Azure employs a software defined network (SDN).
  • But it leverages many of the traditional concepts of hardware-based networking.
  • In the diagram below you can see that different portions of the network have been broken up into subnets.
  • You will also note that the ability to route traffic and block ports is supported.

Click image for full size

slide51

Slide 51 of 143

Networking - Part 3

  • The ability to build out virtual private networks is ideal for hybrid scenarios.
  • Connecting customers to partners to public cloud as an essential networking need.
  • Both point to site and site to site networking is directly supported.

Click image for full size

slide52

Slide 52 of 143

Networking - Part 4

  • Gateways can be used to support various virtual networks.
  • Azure data centers can be connected through this capability on a worldwide basis, allowing a company to view a series of networks as a single giant network.
  • Virtual networks can exist both on premises or in the cloud ( private and public ).

Click image for full size

slide53

Slide 53 of 143

Networking - Part 5

  • Network security groups (NSGs).
  • NSGs contain a list of Access Control List (ACL) rules that allow or deny network traffic to your VM instances in a Virtual Network.
  • NSGs can be associated with either subnets or individual VM instances within that subnet.
  • When a NSG is associated with a subnet, the ACL rules apply to all the VM instances in that subnet.
  • Traffic to an individual VM can be restricted further by associating a NSG directly to that VM.

Click image for full size

slide54

Slide 54 of 143

Networking - Part 6

  • The example below illustrates connecting two different Azure data centers through a gateway device.
  • Site to site virtual networking simplifies the connectivity between global data centers.

Click image for full size

slide55

Slide 55 of 143

Networking - Part 7

  • Often times companies do not want to expose their traffic on the Internet.
  • The preferred their own private connection point between the various network locations.
  • They may want to bridge there on premises network to Azure and avoid packets traveling on the Internet.

Click image for full size

slide56

Slide 56 of 143

Networking - Part 8

  • The benefits extend beyond just data privacy.
  • There may be compliance issues where this is necessary.
  • There may also be performance requirements.
  • Finally, if large amounts of data are being transferred between the cloud and on premises, ExpressRoute might offer an economical alternative.

Click image for full size

slide57

Slide 57 of 143

Networking - Part 9

  • The amount of connectivity partners is an ever-growing list.

Click image for full size

slide58

Slide 58 of 143

Networking - Part 10

  • Traffic manager makes a lot of sense for companies that have a global footprint.
  • It can help with data center failure as well as response time for client connections to the cloud.

Click image for full size

slide59

Slide 59 of 143

Networking - Part 11

  • Traffic manager allows companies to route requests intelligently across a global cloud architecture.

Click image for full size

slide60

Slide 60 of 143

Networking - Part 12

  • Traffic manager support service health monitoring and maintains a list of response times between different locations so that client connections to the cloud are optimized for latency.

Click image for full size

slide61

Slide 61 of 143

Networking - Part 13

  • Gateways allow you to connect various virtual networks, even across continents.
  • They also play a crucial role in hybrid scenarios where private or on premise data centers need to connect to the cloud seamlessly.

Click image for full size

slide62

Slide 62 of 143

Networking - Part 14

  • IPSec tunnels ensure secure communication.
  • You can choose from Site to site or point to site networking connection types give you the flexibility you need.
  • The VPN gateway is responsible for encapsulating and encrypting all outbound traffic.
  • Upon receipt that traffic is decrypted and routed on the internal network.

Click image for full size

slide63

Slide 63 of 143

Networking - Part 15

  • Thinking more broadly you can also consider multi-networks as well as virtual to virtual networks.

Click image for full size

slide64

Slide 64 of 143

Networking - Part 16

  • A networking connection supports three different connection types.
  • VNET to VNET (2) site to site with IPSEC (3) ExpressRoute.

Click image for full size

slide65

Slide 65 of 143

Networking - Part 17

  • Network security groups give you control over how traffic gets routed through your network.
  • You can allow or deny packets to travel through explicit ports, both for inbound as well as outbound traffic.

Click image for full size

slide66

Slide 66 of 143

Networking - Part 18

  • The Application Gateway allows IT administrators to route traffic appropriately.
  • The support for layer 7 load-balancing provides a more sophisticated way to route traffic than layer for load balancer’s because network traffic packets are read and analyzed before routing.

Click image for full size

slide67

Slide 67 of 143

Networking - Part 19

  • As you can see from the diagram, the application gateway makes it possible to route traffic to the appropriate networks based on the request content.
  • This allows you to route traffic to the most appropriate endpoints to manage those packets.

Click image for full size

slide68

Slide 68 of 143

Networking - Part 20

  • Based on the OSI model you can see the difference between layer 4 and layer 7 load-balancing.
  • Application level load balancing is appropriate for long-running TCP connections as well as routing to the same back-end virtual machines.

Click image for full size

slide69

Slide 69 of 143

Networking - Part 21

  • DNS translates or resolves websites or service name to IP addresses, essentially providing name resolution.
  • A DNS zone is used to host DNS records for a specific domain.
  • For example, ,”contoso.com” they contain several DNS records, such as “mail.contoso.com” and “www.contoso.com”.

Click image for full size

slide70

Slide 70 of 143

Networking - Part 22

  • This is a layer 4 load balancer.
  • Layer 4 load balancer’s do not inspect network packets to route them appropriately.

Click image for full size

slide71

Slide 71 of 143

Networking - Part 23

  • The Azure load balancer may just balance traffic across a bunch of line of business servers.

Click image for full size

slide72

Slide 72 of 143

Networking - Part 24

  • Load balancer is can live in the DMZ or on a separate internal network.
  • The diagram below depicts that the load balancer may see request from the Internet and route those request to the appropriate web proxies.
  • The traffic may get routed from there to DNS servers or to additional internal load balancers.

Click image for full size

slide73

Slide 73 of 143

Networking - Part 25

  • Internal load balancer do not have public facing endpoints.
  • Internal load balancers can be accessible by on premises networks with the assumption that a site to site or point to site virtual network is in place.

Click image for full size

slide74

Slide 74 of 143

Networking - Part 26

  • You can control the way IP traffic flows across your network through the use of route tables.
  • Routing tables are relevant both at the subnet as well as a virtual network level.
  • They also play a role in routing traffic from the Internet or on premise locations.

Click image for full size

slide75

Slide 75 of 143

Networking - Part 27

  • They may be used in conjunction with IP forwarding appliances, as seen in the diagram below.
  • The front end network may route packets to a network appliance before they are forwarded to a backend network.
  • This type of architecture is common for anti-malware scenarios.

Click image for full size

slide76

Slide 76 of 143

Networking - Part 28

  • Route tables allow you to directly control where packets are routed, despite where packets are originally intended for routing.
  • The Barracuda firewall product in the Azure Marketplace leverages these capabilities.

Click image for full size

slide77

Slide 77 of 143

Networking - Part 29

  • Local network gateways enable you to interact with on premises virtual private networks represented in the Gateway manager.
  • Local network gateways typically refer to your on premises location.
  • You specify the on premises network by which Azure can refer to it, as well as the address space prefix for the local network gateway.

Click image for full size

slide78

Slide 78 of 143

Media + Content Delivery Networks (CDN) - Part 1

  • Focused on providing broadcast quality video and streaming format large audiences on the most popular mobile devices.
  • Features include accessibility, distribution, and scalability.

Click image for full size

slide79

Slide 79 of 143

Media + Content Delivery Networks (CDN) - Part 2

  • Supports all the best known encoding formats.
  • Also supports transcoding, the ability to encode on-the-fly to target a specific device.

Click image for full size

slide80

Slide 80 of 143

Media + Content Delivery Networks (CDN) - Part 3

  • Includes support for the entire workflow of video production and delivery.
  • Integrated with content delivery networks.
  • Capable of delivering adaptive bitrates the most popular streaming formats (MPEG DASH, HLS, Smooth Streaming, HDS).

Click image for full size

slide81

Slide 81 of 143

Media + Content Delivery Networks (CDN) - Part 4

  • Encoding tasks are charged according to the size of the output and gigabytes.
  • Capable of generating thumbnails, trimming videos, creating overlays, and more.
  • Based on REST APIs that enable you to securely upload, store, encode and package video or audio content for both on-demand and live streaming delivery to various clients (for example, TV, PC, and mobile devices).

Click image for full size

slide82

Slide 82 of 143

Media + Content Delivery Networks (CDN) - Part 5

  • Supported by global Content Delivery Network (CDN) footprint to provide a great user experience for video delivery.

Click image for full size

slide83

Slide 83 of 143

Media + Content Delivery Networks (CDN) - Part 6

  • Full support for load balancing across content delivery networks, supporting either Akamai or Verizon.
  • Reduces load times, saves bandwidth, and increases responsiveness.
  • Protected from distributed denial of service attacks.
  • Real-time analytics provide insight on how video assets are being cached and delivered.

Click image for full size

slide84

Slide 84 of 143

Enterprise Integration - Part 1

  • A variety of technologies make up the Enterprise Integration portal offerings.
  • As your Logic Apps allow you to create business processes and workflows visually.
  • Easily integrate across disparate systems, including Salesforce, Office 365, Twitter, Dropbox, and more by leveraging connectors that are available from the marketplace.
  • Avoid being forced to migrate on premises systems to the cloud by connecting to them using Logic App technologies.

Click image for full size

slide85

Slide 85 of 143

Enterprise Integration - Part 2

  • It’s really about B2B capabilities and supporting industry standards Electronic Data Interchange (EDI) standards including EDIFACT, X12, AS2.
  • Integrate your existing BizTalk technologies and seamlessly connect them to numerous SaaS applications, including Salesforce and SharePoint online.

Click image for full size

slide86

Slide 86 of 143

Enterprise Integration - Part 3

  • A visual design tool makes it easy to develop and understand business workflows.
  • Integration with Visual Studio allows you to build a logic using a designer.

Click image for full size

slide87

Slide 87 of 143

Enterprise Integration - Part 4

  • A large library of standard connectors, as well as B2B connectors dramatically simplify integrating applications.
  • Integrate on premises, private data center, and public data center applications.

Click image for full size

slide88

Slide 88 of 143

Enterprise Integration - Part 5

  • API management allows you to publish your APIs to either external or internal consumers.
  • Secure and protect your APIs and leverage the built-in analytics to gain insight into usage and health.
  • Supports any technology stack, not just Azure.
  • Capable of monetizing APIs by supporting both subscription and metered billing.

Click image for full size

slide89

Slide 89 of 143

Enterprise Integration - Part 6

  • Enterprise workflows require the management of various artifacts, such as schemas, maps, certificates, partners, and agreements.
  • Schemas and maps define the orchestration and message format and business workflows.

Click image for full size

slide90

Slide 90 of 143

Enterprise Integration - Part 7

  • Integration account supports the management of these important artifacts.
  • Essential for seamlessly enabling business-to-business communications defining the message and the format among business partners.
  • Useful for designing, deploying, and maintaining B2B applications.

Click image for full size

slide91

Slide 91 of 143

Enterprise Integration - Part 8

  • Acts as a bridge, providing quick and secure data transfer between on premises data and cloud-based services, including Power Bit, MS Flow, Logic Apps, and more.
  • It is installed on an on premises computer running 64-bit Windows operating systems and is left running all the time.

Click image for full size

slide92

Slide 92 of 143

Enterprise Integration - Part 9

  • Various data sources are added to the gateway from within the Power BI service.
  • Another example is a logic app needing to connect to on premises data through the On premises Data Gateway .

Click image for full size

slide93

Slide 93 of 143

Enterprise Integration - Part 10

  • Microsoft Flow supports a wide variety of connectivity options.
  • The gateway installer download can be found here http://go.microsoft.com/fwlink/?LinkID=820931.
  • The gateway runs as a Windows service.
  • The gateway creates an outbound connection to Azure Service Bus. It communicates on outbound ports: TCP 443 (default), 5671, 5672, 9350 thru 9354. The gateway doesn't require inbound ports.

Click image for full size

slide94

Slide 94 of 143

Enterprise Integration - Part 11

  • A simple, powerful and extensible cloud-based immigration service for supporting business-to-business enterprise application integration.
  • Out-of-the box, cloud to on-premises and line-of-business application integration for SAP, Oracle EBS, SQL Server, and PeopleSoft.
  • It lets you connect with any HTTP, FTP, SFTP, or REST data source.
  • You can route messages by using various Azure artifacts such as Service Bus queues, Topics, SQL Database, and Blob storage.

Click image for full size

slide95

Slide 95 of 143

Enterprise Integration - Part 12

  • Hybrid connections let you connect Azure websites or agile mobile services to any on premises resource, based on either TCP or HTTP.
  • Useful if you want to take your cloud-based websites and mobile applications and connect them to on premises resources behind your firewall, as is the case in the diagram below, where we connect to Microsoft SQL Server.

Click image for full size

slide96

Slide 96 of 143

Security and Identity - Part 1

  • A comprehensive multitenant identity management service.
  • Abstract the complexities of OATH tokens and single sign-on.
  • Easily integrates with popular SaaS applications with just a couple of clicks.

Click image for full size

slide97

Slide 97 of 143

Security and Identity - Part 2

  • A fully hosted identity management service in the cloud, but with integration support for on premises Active Directory, including ADFS.

Click image for full size

slide98

Slide 98 of 143

Security and Identity - Part 3

  • Easily allow your on premises or cloud hosted applications integrate seamlessly with well-known applications that benefit from a single sign-on experience.
  • Allow users to sign and once the travel across an entire set of partners and identity systems.

Click image for full size

slide99

Slide 99 of 143

Security and Identity - Part 4

  • Supports single sign-on thousands of popular SaaS applications.

Click image for full size

slide100

Slide 100 of 143

Security and Identity - Part 5

  • Support the mobile devices of employees in a secure fashion.
  • Ensure that employees conform to security standards and compliance guidelines.

Click image for full size

slide101

Slide 101 of 143

Security and Identity - Part 6

  • Streamline the registration of employee mobile devices.
  • Robust support for Windows, Android, and iOS.

Click image for full size

slide102

Slide 102 of 143

Security and Identity - Part 7

  • Support corporate email systems on employee mobile devices in a secure fashion.

Click image for full size

slide103

Slide 103 of 143

Security and Identity - Part 8

  • An automated enrollment process for various employee-owned devices.

Click image for full size

slide104

Slide 104 of 143

Security and Identity - Part 9

  • An effective and easy to implement method of increasing security.
  • A second layer security system that requires an employee to enter a one-time passcode.
  • Helps protect employee accounts from hackers and website hijackers.

Click image for full size

slide105

Slide 105 of 143

Security and Identity - Part 10

  • The diagram below illustrates the workflow for multifactor authentication.

Click image for full size

slide106

Slide 106 of 143

Security and Identity - Part 11

  • Out-of-the-box learning algorithms to detect anomalies.
  • React in real time to thwart compromises in security.

Click image for full size

slide107

Slide 107 of 143

Security and Identity - Part 12

  • A consolidated view into risk events.
  • Used internally for over a decade at Microsoft – now released to the world.
  • Protect against sophisticated phishing attacks.
  • Block access to company resources through breaches of low privilege user accounts.
  • Actively engage in remediation or mitigation actions.

Click image for full size

slide108

Slide 108 of 143

Security and Identity - Part 13

  • Detects six risk event types using various heuristic rules.
  • Calculates user risk levels.
  • May recommend such things as a password reset.
  • May require multifactor authentication.

Click image for full size

slide109

Slide 109 of 143

Security and Identity - Part 14

  • Primarily geared towards monitoring the health of on premises identity infrastructure and synchronization services.
  • Monitors a wide variety of identity components, especially useful for hybrid scenarios.
  • Provide the single dashboard to validate robust, healthy security systems.

Click image for full size

slide110

Slide 110 of 143

Security and Identity - Part 15

  • Based on the work Microsoft conducts every day and applying state-of-the-art machine learning to analyze over 10 TB of behavioral and contextual data every day.
  • Get visibility into Azure AD administrators.
  • Get reports about administrator activity to audit Azure AD security events.

Click image for full size

slide111

Slide 111 of 143

Developer Services - Part 1

  • Azure Team Project lets you choose your version control provider, whether that’s TFS or GIT.
  • Choose from among various process templates ( scrum, agile, CMMI ).

Click image for full size

slide112

Slide 112 of 143

Developer Services - Part 2

  • Allows you to take advantage of the cloud quickly spin up and spin down development and test environments.
  • Built-in support for automated shutdowns for cost minimization.

Click image for full size

slide113

Slide 113 of 143

Developer Services - Part 3

  • Increase your deployment velocity to your customers.
  • Increase customer and developer satisfaction through higher degrees of automation in your CI/CD pipeline.

Click image for full size

slide114

Slide 114 of 143

Visual Studio - Part 1

  • Easily provision developer and testing machines with Visual Studio preinstalled.

Click image for full size

slide115

Slide 115 of 143

Visual Studio - Part 2

  • Set up automation workflows and pipelines for repeated or scheduled tasks.
  • Streamline operations and reduce errors.

Click image for full size

slide116

Slide 116 of 143

Management - Part 1

  • Automate the backing up of important virtual machines and physical servers.
  • Avoid expensive downtime, lost data, applications, and configurations.

Click image for full size

slide117

Slide 117 of 143

Management - Part 2

  • Different from Azure automation because it allows you to invoke actions by calling HTTP endpoints or posting a message to a queue on any schedule.
  • Azure automation is more about the execution of Powershell-based workflows.

Click image for full size

slide118

Slide 118 of 143

Management - Part 3

  • Allows you to collect and analyze data generated by your cloud resources and even on premises environments.
  • Provides an integrated searching custom dashboard.
  • The core component is the OMS repository hosted in Azure.
  • A single data store makes it easy to identify root cause to operational errors.

Click image for full size

slide119

Slide 119 of 143

Management - Part 4

  • Everything from failed logins to average website response times is supported.
  • Identify missing system updates and the malware status across all your Windows server instances.

Click image for full size

slide120

Slide 120 of 143

Management - Part 5

  • Encrypt and store authentication keys, storage account keys, data encryption keys, .pfx Files, and passwords.
  • Streamlined key management processes.
  • Free developers from having to maintain separate keys for development, testing, and production.

Click image for full size

slide121

Slide 121 of 143

Management - Part 6

  • An application proxy service that provides protection, monitoring and lifecycle management for websites and applications.

Click image for full size

slide122

Slide 122 of 143

Intelligence - Part 1

  • Incorporate powerful algorithms into your code.
  • Supported in a variety of devices, including iOS, Android, and Windows.

Click image for full size

slide123

Slide 123 of 143

Intelligence - Part 2

  • Vision and speech recognition are among the most difficult problems in computer science to solve.
  • Leverage APIs to take advantage of these capabilities to incorporate functionality that has been historically very challenging.

Click image for full size

slide124

Slide 124 of 143

Intelligence - Part 3

  • Allow users to interact with an application by voice.
  • Customize a set of user intentions that are relevant to your application.
  • Leverages active learning to continually improve language recognition.

Click image for full size

slide125

Slide 125 of 143

Intelligence - Part 4

  • Take advantage of the vast amount of academic knowledge and incorporate it into your applications.
  • Incorporate industry specific auto complete to search text boxes.

Click image for full size

slide126

Slide 126 of 143

Intelligence - Part 5

  • Improve the searching capabilitiesof your applications through auto suggest, image search, news search, video search, and Web search.
  • Leverage the vast amount of information that Microsoft collects through Bing search.

Click image for full size

slide127

Slide 127 of 143

Intelligence - Part 6

  • The beginning step to leveraging Azure Machine Learning studio.
  • Machine learning workspace serves as a repository for key assets when developing machine learning algorithms.

Click image for full size

slide128

Slide 128 of 143

Intelligence - Part 7

  • At the end of the day machine learning is about taking action today based on predictions for tomorrow.
  • Make better business decisions based on empirical data.

Click image for full size

slide129

Slide 129 of 143

Intelligence - Part 8

  • Often times predictive models are solid in an organization.
  • Exposing predictive models as a web service in an automated fashion allows different parts of an organization take advantage of the capabilities.

Click image for full size

slide130

Slide 130 of 143

Docker Containers - Part 1

  • The Azure container service democratizes distributed computing platforms.
  • It simplifies the creation and management of large clusters based on Docker Swarm and DC/OS.
  • Distributed computing and containerization is sweeping the IT landscape.

Click image for full size

slide131

Slide 131 of 143

Docker Containers - Part 2

  • The Azure container service currently supports both DC/OS and Docker Swarm.
  • However, it is also possible to take advantage of these technologies outside the confines of the azure container service.
  • The next generation of Docker Swarm is Docker data center and is available as a separate offering outside of the Azure Container Service.

Click image for full size

slide132

Slide 132 of 143

Docker Containers - Part 3

Click image for full size

slide133

Slide 133 of 143

Docker Containers & Orchestration + Distributed Computing - Part 1

  • Running containerized workloads has a long history stretching over three decades.
  • Docker did not invent this technology but merely standardized it and democratized it through open source.

Click image for full size

slide134

Slide 134 of 143

Docker Containers & Orchestration + Distributed Computing - Part 2

  • Google and Sun Microsystems provided a great deal of engineering in this space.

Click image for full size

slide135

Slide 135 of 143

Docker Containers & Orchestration + Distributed Computing - Part 3

  • Cloud computing is relatively young, having started in 2005 with software as a service from Salesforce.
  • Infrastructure as a Service and later Platform as a Service became popular.
  • Today, there are three main public cloud providers of any significance (1) Microsoft (2) AWS (3) Google.

Click image for full size

slide136

Slide 136 of 143

Docker Containers & Orchestration + Distributed Computing - Part 4

  • Containerization is simply a way to package up an application with its dependencies.
  • A more challenging problem is running containerized workloads at scale on large clusters.
  • Providing service discovery, health monitoring and recovery, and scaling up and down is one of the more challenging aspects of running containerized workloads.

Click image for full size

slide137

Slide 137 of 143

Docker Containers & Orchestration + Distributed Computing - Part 5

  • There are a number of players in this space today.
  • AWS offers the most proprietary and nonportable solution out there.

Click image for full size

slide138

Slide 138 of 143

Docker Containers & Orchestration + Distributed Computing - Part 6

  • This ecosystem is a complex.
  • There are a variety of ways to run containerized workloads.
  • For example, the Service Fabric from Microsoft also runs containers.
  • It solves many of the same problems as the Azure Container Service.

Click image for full size

slide139

Slide 139 of 143

Docker Containers & Orchestration + Distributed Computing - Part 7

  • There is still a need for virtual machines.
  • Products like Puppet and Chef are still necessary to manage individual hosts.
  • What customers really want is the ability to check in their source code and then rollout their applications into production with the minimal amount of effort.

Click image for full size

slide140

Slide 140 of 143

The Future of Computing - Part 1

  • At the end of the day it’s about getting applications into production as frequently and predictably as possible.
  • It’s also about minimizing the cost of running an application in a cluster.

Click image for full size

slide141

Slide 141 of 143

Azure Compliance - Part 1

  • Azure invests heavily in compliance.
  • It will always be an ongoing challenge to support and seek out new certifications.

Click image for full size

slide142

Slide 142 of 143

Hopefully, you got a lot of value out of this massive presentation - Part 1

  • Thanks for viewing.

Click image for full size

slide143

Slide 143 of 143

MetaTags

The World’s Most Complete Review of the Azure Portal, Bruno Terkaly bterkaly@Microsoft.com Principal Software Engineer Mobile/Cloud/Startup/Enterprise , Deck Built By:, Value proposition across Cloud, Customer Responsibility, Microsoft Responsibility, On-Premises, IaaS, PaaS, SaaS, Networking, Hardware, Physical Security, Operating System, Middleware, Virtualization, Data, Applications, Users, The Azure Portal, Understanding Azure through the portal, Virtual Machines, Web + Mobile, Data + Storage, Data + Analytics, Internet of Things, Networking, Media + CDN, Enterprise Integration, Security + Identity, Developer Services, The Azure Portal, The Azure Portal, The Azure Portal, Web Apps as a Service, Supports .NET, Java, PHP, Node.js, and Python, Built-in autoscale and load balancing, High availability with auto-patching, Continuous deployment with Git, TFS, GitHub, and Visual Studio Team Services, Supports WordPress, Umbraco, Joomla, and Drupal, Deliver both web and mobile apps for employees or customers using a single back end., The Azure Portal, Web Apps as a Service, Built-in staging, Roll-back, Testing-in-production, Performance testing capabilities, High availability, Geo-distributed deployments, Monitor all aspects, Runs many Microsoft properties, The Azure Portal, Web Apps as a Service + SQL, MySQL in-app enables developers to run the MySQL server side-by-side with their Web application within the same environment, which makes it easier to develop and test PHP applications that use MySQL., SQL Server as a Service (SQL DB), MySQL Server as a Service (in Preview), The Azure Portal, An App Service Environment is a Premium service plan option of Azure App Service , App Service Environments are ideal for application workloads requiring:, Very high scale, Isolation and secure network access (Dedicated Compute), It provides a fully isolated and dedicated environment for Web Apps, Mobile Apps, and API Apps, The Azure Portal, Highly scalable, Globally available, Build native and cross platform apps, iOS, Android, and Windows apps, Cross-platform Xamarin or Cordova (Phonegap) apps, Connect to your enterprise systems, Add corporate sign on in minutes, Connect to your enterprise on-premises or cloud, Build offline-ready apps with data sync, Push Notifications (any device) to millions in seconds, Choose from a list of identity providers, Azure Active Directory for enterprise authentication, Social providers like Facebook, Google, Twitter and Microsoft Account, Support for OAuth 2.0, The Azure Portal, An abstraction layer to various data stores, The Azure Portal, Authentication Flows, The Azure Portal, Authentication Flows, The Azure Portal, Push to any device, The Azure Portal, Already covered, The Azure Portal, It is about increasing app usage and user retention, Collect real-time analytics that highlight users’ behavior, Measure and act on analytics using single dashboard, Create dynamic segments based on collected data, Create marketing campaigns/push notifications targeting specific segments, Send personalized out-of-app notifications, polls, and in-app notifications with rich HTML, Integrate and automate with CRM/CMS/IT systems using open-platform APIs, Find SDKs for all major platforms—iOS, Android, Windows, Windows Phone, The Azure Portal, It is about increasing app usage and user retention, Fully Automated CMS, The Azure Portal, Scheduler - Run your jobs on simple or complex recurring schedules, Call services inside or outside of Azure, Run jobs on any schedule—now, later, or recurring, Count on it to work reliably, even during unexpected failures, Use Azure Storage queues for long-running or offline jobs, Invoke web service endpoints over HTTP/HTTPS, Invoke Azure Service Bus queues and topics, The Azure Portal, Scheduler – Can process queue and kick off workflow with Search Worker, Scheduler, The Azure Portal, Proactively detect issues through email and webhook alerts, Easily diagnose exceptions and web app performance issues, Perform root cause analysis with ad-hoc queries and full-text search, The Azure Portal, Integrate with DevOps processes using Visual Studio Team Services, Monitor web apps hosted on Azure, other cloud services, or on-premises servers, Get started with Visual Studio or monitor existing apps without re-deploying, The Azure Portal, REST-enabled, Storage that is scalable, durable, and highly available, Azure Storage also provides the storage foundation for Azure Virtual Machines, Blobs - can be any type of text or binary data, such as a document, media file, Table - stores structured datasets and is a NoSQL key-attribute data store, Queue - provides reliable messaging for workflow processing, Delivering petabytes of storage for the largest scenarios, Storage is available in more regions than other public cloud offering, Multiple copies—either in a single region or globally, Client and server-side data-at-rest encryption, Support allowing you to delegate limited access rights to data, The Azure Portal, Learn and adapt dynamically with your app, Protect against threads Automatically tune, Threat and anomaly detection, Built-in behavioral analysis, Real-time alerts, Configurable threat policy, Audit log, Performance Tuning, Tracks each query duration, and frequency, Measure resource utilization, SQL Advisor for tuning, Drop and create indexes, Parameterize queries to avoid constant recompilation, The Azure Portal, Guaranteed low latency, 99% read/write performance guarantees, Less 10 ms latencies on reads less, 15 ms latencies on writes for at least 99% of requests, Leverages solid state drives, Served locally distributed globally, Achieve limitless scale - millions of requests per second, Automatically replicates all of your data to any number of regions worldwide, Powerful programming model, Query using familiar SQL and JavaScript syntax, Easy to use key-value data, No need to manage schema or secondary indice, Define your business logic in Javascript, Supports stored procedures, triggers, and user-defined functions, Data Consistency and Compliance, Strong, bounded staleness, session, eventual consistency, ISO 27001, HIPAA, EU Model Clauses, JSON based data store as a service (DaaS), The Azure Portal, JSON based data store as a service (DaaS), …, Replica-set, …, …, US-East, US-West, N Europe, Partitions, Partition set, Local distribution, Global distribution, Grid Partitioning – horizontal based on hash/range and vertical across regions, Each partition made highly available via a replica set, The Azure Portal, SQL Data Warehouse is targeted for OLAP workload, Built upon an MPP architecture, Queries are parallelized, Can scale up and down, Pay for compute power as you need it, Analytical workload, low concurrency needs, The Azure Portal, SQL Data Warehouse is targeted for OLAP workload, Leverages universal query language - Polybase, Polybase directly integrated into PowerBI, Enable queries across relational and non-relational (Hadoop - unstructured and semi-structured), Uses SQL/T-SQL syntax to add structure to unstructured data, Can leverage Azure Blobs, Tables, HDFS data, The Azure Portal, Customer Data Center , Azure Data Center , StorSimple Manager, Internet, Azure-based Applications, StorSimple Cloud Appliance, StorSimple Virtual Array , Hyper-V, Linux, VMware, SAN, NAS, iSCSI, Hyper-V, Linux, VMware, SAN, SAN, Smaller Enterprise Environment, StorSimple: On-premises & in the cloud, StorSimple connects Hyper-V, VMware and Linux servers to Azure Storage (no application modification), Enterprise, Hybrid , NAS or SAN storage, Local or tiered volumes, Automated offsite data protection using cloud snapshots, Highly efficient, location independent disaster recovery, Consolidated storage & data management, Data mobility for enterprise data, Reduce storage costs 40 to 60 %, StorSimple Physical, The Azure Portal, Cloud search service for web and mobile app development, Get your search indices up and running quickly, Easily scale up and down as needed, Connect search results to business goals with great control over search ranking, Leverage Microsoft’s deep knowledge of natural language processing, Load and update automatically with integrated indexers, Easily add geo-spatial search to your app, Reduce complexity with a fully managed service, The Azure Portal, Leverage knowledge of Bing and Office, Tune search results, Build ranking models to tie search results to business goals, Supported data sources include Azure SQL DB, SQL running on IAAS VMs, and Document DB, The Azure Portal, Create, schedule, orchestrate, and manage data pipelines, Use best tool for processing step (Hadoop, Machine Learning, Custom code), Ingest data from multiple on-premises and cloud sources easily, Visualize, monitor, and manage your entire network of data pipelines at a glance to identify issues and take action, Easily understand when data arrived, where it came from, and how and when it’s ready for processing., The Azure Portal, Real-time stream processing in the cloud, Perform real-time analytics for your Internet of Things solutions, Stream millions of events per second, Get mission-critical reliability and performance with predictable results, Create real-time dashboards and alerts over data from devices and applications, Correlate across multiple streams of data, Use familiar SQL-based language for rapid development, The Azure Portal, Logic Apps There are many connectors across the cloud and on-premises to quickly integrate across services and protocols., Describe the desired transformation with SQL-based systems, Stream Analytics is integrated out-of-the-box with Azure Event Hubs to ingest millions of events per second, Detects anomalies, transforms incoming data, triggers an alerts, Displays this real-time data in your dashboard, The Azure Portal, HDInsight (more than Hadoop/PaaS), A managed Apache Hadoop, Spark, R, HBase, and Storm cloud service made easy, A Data Lake service, Scale to petabytes on demand, Crunch all data—structured, semi-structured, unstructured, Develop in Java, .NET, and more, Skip buying and maintaining hardware, Spin up Apache Hadoop, Spark, and R clusters in the cloud, Use Excel or your favorite BI tool to visualize Hadoop data, Connect on-premises Hadoop clusters with the cloud, The Azure Portal, Apache Hadoop, Spark, R, HBase, Storm, Apache Hadoop is an open-source software framework for distributed storage and distributed processing of very large data sets on computer clusters built from commodity hardware, Apache Hadoop consists of a storage part, Storage is based on Hadoop Distributed File System (HDFS), Apache Hadoop consists of a processing part, Processing part called MapReduce, Hadoop splits files into large blocks, It distributes them across nodes in a cluster, To process data, Hadoop transfers packaged code for nodes to process in parallel, The Azure Portal, Apache Hadoop, Spark, R, HBase, Storm, Apache Spark is an open source cluster computing framework, Provies interface for programming entire clusters, Includes implicit data parallelism and fault-tolerance, Architecture centered on a data structure called the resilient distributed dataset (RDD), RDDs are a read-only multiset of data items distributed over a cluster of machines, They are fault tolerant, Spark SQL is the query language, Spark Streaming provides real-time analytics, MLlib is a Machine Learning Library, GraphX for distributed graph processing, The Azure Portal, Apache Hadoop, Spark, R, HBase, Storm, R is a programming language and software environment for statistical computing, The R language is widely used among statisticians and data miners, Used for developing statistical software and data analysis, R scripts use MapReduce and Spark to run distributed computations, The Azure Portal, Apache Hadoop, Spark, R, HBase, Storm, Apache HBase is an non-relational, distributed database, It is modeled after Google's BigTable and is written in Java, Runs on top of HDFS (Hadoop Distributed Filesystem), Provides a fault-tolerant way of storing large quantities of sparse data, Sparse data is small amounts of information caught within a large collection of empty or unimportant data, HBase features compression, in-memory operation, and Bloom filters on a per-column basis, The Azure Portal, Apache Hadoop, Spark, R, HBase, Storm, Apache Storm is a distributed stream processing computation framework, It uses custom created "spouts" and "bolts" to define information sources and manipulations to allow batch, distributed processing of streaming data, A Storm application is designed as a "topology" in the shape of a directed acyclic graph (DAG) with spouts and bolts acting as the graph vertices, Edges on the graph are named streams and direct data from one node to another, The topology acts as a data transformation pipeline, Like MapReduce with the main difference being that data is processed in real time as opposed to in individual batches, Storm topologies run indefinitely until killed, The Azure Portal, Data Lake Store (preview 8/2016), A hyper-scale repository for big data analytics workloads, An Apache Hadoop® Distributed File System for the cloud, No fixed limits on file size, No fixed limits on account size, Unstructured and structured data in their native format, Massive throughput to increase analytic performance, High durability, availability, and reliability, Azure Active Directory access control, The Azure Portal, Data Lake Analytics - Analyze any kind of data of any size, Develop faster, debug and optimize smarter, Use U-SQL: simple, familiar, and extensible (explained on next slide), Pay only for the processing power that you use, Built on YARN, designed for the cloud, Dynamically provisions resources and lets you do analytics on exabytes of data, Takes away the complexities normally associated with big data, YARN is a software rewrite that decouples MapReduce's resource management and scheduling capabilities from the data processing component, enabling Hadoop to support more varied processing approaches and a broader array of applications (interactive querying, streaming), The Azure Portal, Use U-SQL: simple, familiar, and extensible, U-SQL is a new language from Microsoft for processing big data, U-SQL allows you to run your queries in a distributed manner, U-SQL is built on the learnings from T-SQL, ANSI-SQL & Hive and a SQL syntax with C# extensibility, U-SQL can process data from several data sources such as Azure Data Lake Store, Azure Blob Storage, Azure SQL Database but also from other data stores built on HDFS, The Azure Portal, Azure Machine Learning Studio gives you an interactive, visual workspace to easily build, test, and iterate on a predictive analysis model, You drag-and-drop datasets and analysis modules onto an interactive canvas, connecting them together to form an experiment, which you run in Machine Learning Studio, The Azure Portal, Azure Machine Learning Studio gives you an interactive, visual workspace to easily build, test, and iterate on a predictive analysis model, You drag-and-drop datasets and analysis modules onto an interactive canvas, connecting them together to form an experiment, which you run in Machine Learning Studio, Microsoft Azure Machine Learning Studio is a collaborative, drag-and-drop tool you can use to build, test, and deploy predictive analytics solutions on your data, Machine Learning Studio is where data science, predictive analytics, cloud resources, and your data meet, Machine Learning Studio publishes models as web services that can easily be consumed by custom apps or BI tools such as Excel., Developing a model like this is an iterative process, The Azure Portal, Already discussed, The Azure Portal, Stream Analytics makes it easy to set up real-time analytic computations on data streaming from devices, sensors, web sites, social media, applications, infrastructure systems, and more., With a few clicks in the Azure portal, you can author a Stream Analytics job specifying the input source of the streaming data, the output sink for the results of your job, and a data transformation expressed in a SQL-like language, Web Jobs are background jobs that can be run in three ways: on demand, continuously, or on a schedule., cmd, .bat, .exe , .ps1, .sh, .php, .py, .js, .jar, The Azure Portal, Event Hubs, Cloud-scale telemetry ingestion from websites, apps, and devices, Log millions of events per second in near real time, Connect devices using flexible authorization and throttling, Use time-based event buffering, Get a managed service with elastic scale, Reach a broad set of platforms using native client libraries, Pluggable adapters for other cloud services, Azure Event Hubs is a highly scalable publish-subscribe service that can ingest millions of events per second and stream them into multiple applications, The Azure Portal, Service Bus (aka, Azure Messaging), Cloud enhanced communication services that decouple senders and receivers from each other to enable hyper-scale reliable integration and data exchange, Event Hubs, Relay, Messaging, A distributed, partitioned, replicated commit log service that provides the functionality of a messaging system, but with a unique design, Publish-subscribe enterprise messaging with rich features like sessions, transactions, duplicate detection, scheduling, and poison detection, Nothing like it!, Like MQ as a Service, Like Kafka as a Service, Live socket connection that works through firewalls without VPN providing request-reply and one way cloud projections of existing services, The Azure Portal, Service Bus (aka, Azure Messaging), Pure PaaS offering with no administrative costs for hardware, software, or system administration, Easily supports hybrid scenarios where some assets are outside the Azure cloud, Scales to a million events per second, Features of Service Bus Messaging, Scheduled delivery, Poison message handling, ForwardTo, Defer, Sessions, Batching, Auto-delete on idle, OnMessage, Duplicate detection, Filters, Actions, Transactions, The Azure Portal, The Azure Portal, Important Concepts in the world of Software Defined Networking, Subnets, IP addresses, Azure load balancers, Network Security Group (NSG), The Azure Portal, The Azure Networking Stack allows you to control:, IP address blocks, DNS settings, Security policies, Route tables, You can:, Segment your VNet into subnets, Connect the virtual network to your on-premises network using one of the connectivity options available in Azure, You can use Point to Site or Site to Site (IP Sec Security), The Azure Portal, How default routes work from one VM to another, From within the same subnet., From a subnet to another within a VNet., From VMs to the Internet., From a VNet to another VNet through a VPN gateway., From a VNet to your on-premises network through a VPN gateway, The Azure Portal, NSGs contain a list of Access Control List (ACL) rules that allow or deny network traffic to your VM instances in a Virtual Network, NSGs can be associated with either subnets or individual VM instances within that subnet, When a NSG is associated with a subnet, the ACL rules apply to all the VM instances in that subnet, Traffic to an individual VM can be restricted further by associating a NSG directly to that VM, Network security groups (NSGs), The Azure Portal, The Azure Portal, Azure ExpressRoute lets you create private connections between Azure datacenters and infrastructure on your premises or in a colocation environment, It is about more reliability, faster speeds, lower latencies, and higher security than typical Internet connections , The Azure Portal, Service providers can use MPLS to improve quality of service (QoS) by defining a pre-determined path that a packet can follow., Allowing service providers to define how certain types of traffic can flow on private or public networks reduces traffic latency, jitter, downtime, and packet loss., Multiprotocol Label Switching (MPLS), The Azure Portal, Suitable for scenarios like :, Periodic data migration, Replication for business continuity, Disaster recovery, High-availability strategies, Transferring large amounts of data, Moving large virtual machines between your Dev-Test environment in Azure and your on-premises production environment., The Azure Portal, Geo-route incoming traffic to your app for better performance and availability, The Azure Portal, Improve app availability with automatic failover, Increase your app’s responsiveness, Enable smooth cloud migration, Distribute your app traffic equally or with weighted values, A/B test new deployments, Seamlessly combine on-premises and cloud systems, The Azure Portal, Includes built-in endpoint monitoring and automatic endpoint failover, Your apps are resilient to endpoint failure, including Azure region failures, Makes regular requests to each endpoint and then verifying the response, Failed endpoints are no longer included in DNS responses, The Azure Portal, A collection of resources that are used to send network traffic between virtual networks, The Azure Portal, Can also route traffic between Azure and on-premises locations, They are used for Site-to-Site, Point-to-Site, and ExpressRoute connections, Can also send traffic between multiple virtual networks within Azure (VNet-to-VNet), The Azure Portal, Virtual to Virtual, Site to site, Point to site, Multi-network, The Azure Portal, A VPN connection securely connects two Azure virtual networks, or a virtual network and your local network using Internet Protocol security (IPsec), Also used to connect a virtual network to an ExpressRoute circuit, Traffic between the two networks is encrypted by one gateway and decrypted by the other, to protect data when transmitted via the Internet., The Azure Portal, We talked about this previously, A Network security group (NSG) contains a list of Access Control List (ACL) rules that allow or deny network traffic to your VM instances in a Virtual Network, The Azure Portal, Microsoft Azure Application Gateway provides an Azure-managed HTTP load-balancing solution based on layer-7 load balancing., Application load balancing enables IT administrators and developers to create routing rules for network traffic based on HTTP., The Azure Portal, Scalable, highly-available HTTP load balancing, Cookie affinity for cross-session-state sharing, 99.9% uptime SLA for multi-instance gateways, Management through Azure APIs, Support for both public and private web sites, SSL offload for better utilization, fabrikam.com, Videos, Images, contoso.com/images/, App, Gateway, fabrikam.com, VM Scale Set, contoso.com/video/, Application Gateway acts as a reverse-proxy service, terminating the client connection and forwarding requests to back-end endpoints, The Azure Portal, Azure load balancer work at Layer 4 working at the transport level (TCP/UDP), Azure Application Gateway is based on layer 7, HTTP layer 7 load balancing is useful for:, Applications that require requests from the same user/client session to reach the same back-end virtual machine, Examples of these applications would be shopping cart apps and web mail servers., Applications that want to free web server farms from SSL termination overhead., Applications, such as a content delivery network, that requires multiple HTTP requests on the same long-running TCP connection to be routed or load balanced to different back-end servers., The Azure Portal, A DNS zone is used to host the DNS records for a particular domain, For example, the domain "contoso.com" may contain a number of DNS records, such as "mail.contoso.com" (for a mail server) and "www.contoso.com" (for a web site), Those would all be placed into a DNS zone, Azure DNS provides hosting for Internet-facing, public DNS domains, The Azure Portal, Azure Load Balancer delivers high availability and network performance to your applications. It is a Layer 4 (TCP, UDP) load balancer that distributes incoming traffic among healthy instances of services defined in a load-balanced set., The Azure Portal, Azure Load Balancer operates at Layer 4, It operates at the intermediate transport layer, which deals with delivery of messages with no regard to the content of the messages, So targeted routing for video or for images is not supported, Layer 4 load balancers simply forward network packets to and from the upstream server without inspecting the content of the packets, The Azure Portal, Databases, DNS Servers, App Servers, Internal Load Balancer, Load Balancer, Internet, On Premises, Web Proxy, DMZ, Virtual Network (VNET), Site to Site, Point to Site, ExpressRoute, Internal and External Load Balancers, The Azure Portal, Databases, DNS Servers, App Servers, Internal Load Balancer, Load Balancer, Internet, On Premises, Web Proxy, DMZ, Virtual Network (VNET), Site to Site, Point to Site, ExpressRoute, Internal and External Load Balancers, The Azure Portal, System routes to define how IP traffic flows. System routes control the flow of communication in the following scenarios:, From within the same subnet, From a subnet to another within a VNet, From VMs to the Internet, From a VNet to another VNet through a VPN gateway, From a VNet to your on-premises network through a VPN gateway, The Azure Portal, You can configure Azure Route Tables (UDR), User defined routes are preferred over the default system routes, When multiple routes match the destination, the more specific route is used, Internet, VNET 1, FrontEnd, Backend, , VM Appliance, IP Forwarding, VM Appliance, IP Forwarding, VM 1, VM 2, User-Defined Route, User-Defined Route, Useful because:, Intrusion Prevention System (IPS), Network Access Control, Application Control , Anti – Malware , The Azure Portal, Intercept packets to your virtual network with a virtual appliance, This allows you to receive and forward packets that are not addressed to the intended VM, User defined routing in our VNET allows us to re-direct the routing through an appliance, such as a Barracuda NG Firewall., The Azure Portal, Azure Local Network Gateway specifies the initial address prefixes for the on-premises network, The Azure Portal, Video is the new currency and audiences demanding content on their own devices, Video typically involves huge capital investment, It is time-consuming with a need for high scale and high availability, H.264, HLS, MP4, MP4, MP4, AVI, AVI, DASH, Azure Media Services, The Azure Portal, H.264, HLS, MP4, MP4, MP4, AVI, AVI, DASH, Azure Media Services, Cloud services for premium video workflows, Studio-grade encoding at cloud scale, One player for all your playback needs, Greater discoverability and accessibility of media through media intelligence, Content protection and encryption delivered by AES and PlayReady, On-demand and live video streaming with integrated Content Delivery Network capabilities, Broad ecosystem of value-added partners, The Azure Portal, Live Ingest, Azure Live Encoding, Azure Media Services Live, Azure Media Services On Demand, Live, MPEG 2 TS, Multi bitrate MP4, DASH/HLS/ Smooth, Live Event, Azure CDN, BROWSER, Cloud Upload & Storage, Encoding & Media Intelligence, Content Protection, Live & On Demand Streaming with integrated CDN, Player Clients, The Azure Portal, Input Container/File Formats, Media Encoder Standard, Media Encoder Premium Workflow, Adobe® Flash® F4V, Yes, Yes, MXF/SMPTE 377M, Yes, Yes, GXF, Yes, Yes, MPEG-2 Transport Streams, Yes, Yes, MPEG-2 Program Streams, Yes, Yes, MPEG-4/MP4, Yes, Yes, Windows Media/ASF, Yes, Yes, AVI (Uncompressed 8bit/10bit), Yes, Yes, 3GPP/3GPP2, Yes, No, Smooth Streaming File Format (PIFF 1.3), Yes, No, Microsoft Digital Video Recording(DVR-MS), Yes, No, Matroska/WebM, Yes, No, QuickTime (.mov), Yes, No, Many encoding formats, The Azure Portal, Content Delivery Network, Secure, reliable content delivery with broad global reach and rich feature set, Accelerated performance and improved availability, Global coverage with massive scalability, Simplified experience to enable CDN from multiple providers, A rich set of API and developer tool, No commitment, pay for your use, single billing and support, Different packages available from basic to advanced features, The Azure Portal, Atlanta, GA, Philadelphia, PA, New York, NY, Miami, FL, Washington DC, Boston, MA, Denver, CO, Chicago, IL, Dallas, TX, Los Angeles, CA, San Jose, CA, Seattle, WA, São Paulo, Brazil, Rio de Janeiro, Brazil, Quito, Ecuador, Barranquilla, Colombia, Medellin, Colombia, Buenos Aires, Argentina, Copenhagen, Denmark, Helsinki, Finland, London, UK, Stockholm, Sweden, Warsaw, Poland, Amsterdam, Netherlands, Frankfurt, Germany, Paris, France, Vienna, Austria, Madrid, Spain, Milan, Italy, Tokyo, Japan, Osaka, Japan, Batam, Indonesia, Jakarta, Indonesia, Hong Kong, Kaohsiung, Taiwan, Seoul, South Korea, Singapore, Bangalore, India, Chennai, India, Delhi, India, Mumbai, India, Muscat, Oman, Melbourne, Australia, Sydney, Australia, Global footprint, Azure Content Delivery Network offers choices from Akamai and Verizon, You can load balance across CDNs, Standard features for Content Delivery Network customers include functionality you’re already familiar with, including integration with a number of origin types, query strings caching, custom domain name support, Premium features include all of the functionality of Standard, plus a rule-based content delivery engine, advanced HTTP reports, and real-time statistics., The Azure Portal, All designed to bridge protocol and data mismatches between systems, The Azure Portal, Logic Apps simplify integrations and workflows in the cloud, There is a visual designer to model and automate your process, It is workflow based with a series of steps, The Azure Portal, The Azure Portal, API/Web App , HTTP, RSS , Azure Blob , Response , Salesforce , Azure, Instagram , SendGrid , Functions , MailChimp , Service Bus , Box , Mandrill , SFTP , CRM Online , Nested, SharePoint , Delay , Logic App , Slack , Dropbox , Office 365, SMTP , Facebook , Outlook , SparkPost , FTP , Office 365, SQL , GitHub , Users , Translator , Google Drive , Office 365, Trello , Google Sheets , Video , Twilio , Google Tasks , OneDrive , Twitter , Google, OneDrive for, Webhook , Calendar , Business , Wunderlist , HTTP , Outlook , Yammer , HTTP Swagger , Project Online , YouTube , HTTP, Query , Request , Recurrence , Library of Standard Connectors, XML validation , XML transform , Flat file encode , Flat file decode , AS2 decode , AS2 encode , X12 decode , X12 encode , EDIFACT decode , EDIFACT encode , Enterprise Integration Pack B2B Connectors, The Azure Portal, API Management, Publish, manage, secure, and analyze your APIs in minutes, Publish APIs to external and internal consumers, Create consistent and modern API gateways for existing backend services hosted anywhere, Secure and protect them from abuse and overuse, Gain insights into usage and health, The Azure Portal, An integration account is an Azure account that allows Enterprise Integration apps to manage artifacts including schemas, maps, certificates, partners and agreements , These artifacts can then be used in Logic apps to build B2B workflows. , Before you can use the artifacts in a Logic app, you just need to link your integration account to your Logic app., The Azure Portal, An XML schema defines the structure of a class of XML instance messages. Because this type of schema uses XML Schema definition (XSD) language to define the structure of an XML instance message, Maps are used in orchestrations, An integration account is an Azure account that allows Enterprise Integration apps to manage artifacts including schemas, maps, certificates, partners and agreements , The Azure Portal, An on-premises data gateway, Acts as a bridge between on-premises and Azure, Connect more securely and in a managed way, Respond more quickly to changing business, Be flexible, Support hybrid cloud, No need for a firewall port opening, Support for encryption and certificates, The Azure Portal, Connect on-premises to:, Power BI, Business analytics tools to analyze data and share insights. Monitor your business and get answers quickly with rich dashboards available on every device, Microsoft Flow, A flow connects your web services, files, and cloud-based data, Logic Apps, Logic Apps simplify integrations and workflows in the cloud, PowerApps services, Applications for Windows, iOS, and Android mobile devices, Connect these mobile apps to Twitter, Office 365, Dropbox, and Excel, The Azure Portal, Microsoft Flow, A flow connects your web services, files, and cloud-based data, Azureblob, Box, Common Datamodel, Dropbox, Dynamics, Excel, Facebook, GoogleTasks , Instagram, Mailchimp, Mandrill, Microsoft Translator , Office365, Office365 Users , Rss, Salesforce, Sendgrid, Sendmail, Servicebus, Sftp, Sharepointonline, Todoist, Trello, Twilio, Twitter, Visualstudioteamservices, Wunderlist, Yammer, Ftp, Github, Google Calendar , Google Drive, Google Sheet , Office365 Video , Onedrive, Onedrive Forbusiness , Outlook, Projectonline, Slack, Smartsheet, Smtp, Sparkpost, Sql, The Azure Portal, BizTalk Services, Seamlessly integrate the enterprise and the cloud, Get started quickly with Hybrid Connections, Extend on-premises systems to the cloud for hybrid integration, Proven in production—EDI, B2B, Partner, EAI, IOT, Integration partners add industry and integration expertise, BizTalk Hybrid Connections, Hybrid Connection Manager, Microsoft SQL Server, Other published resources, Corporate Network, The Azure Portal, Web Sites, App Services Mobile Services, Hybrid Connections are a feature of Azure BizTalk Services, Connect Web Sites or App Services to on-premises resources behind your firewall, The Azure Portal, Azure Active Directory (Azure AD) is a multi-tenant cloud based directory and identity management service, Focus on building your application, not on identity management, Supports sign-on (SSO) access to thousands of cloud SaaS Applications like Office365, Salesforce.com, DropBox, Concur, and more., The Azure Portal, Azure Active Directory (Azure AD) is a multi-tenant cloud based directory and identity management service, Includes:, Multi-factor authentication, Device registration, Self-service password management, Self-service group management, Privileged account management, Role based access control, Application usage monitoring, Rich auditing, Security monitoring and alerting, The Azure Portal, On-premises, Azure Active Directory, Azure Active Directory Marketplace Partners, Implement SSO across an entire set of partners and identity systems, Active Directory Marketplace, Instantly configure your favorite SaaS cloud applications with single sign-on (SSO), Easily Implement Single Sign On with 1000’s of companies, The Azure Portal, Windows Server Active Directory, Other directories, Simple Connection, Self Service, Single Sign On (SSO), Username, Box , Google Apps , Citrix , Jive , Citrix GoToMeeting , Office 365 Exchange Online , myday , Office 365 , Concur , Office 365 SharePoint Online , Docusign , Netsuite , Dropbox for Business , Salesforce , Dynamics CRM Online , Salesforce Sandbox , Facebook at Work , ServiceNow , 1000’s more, How to enforce conditional access, The Azure Portal, Azure Active Directory Device Registration, Intune Mobile Device Management (MDM), This allows you to create conditional access rules that enforce access from devices to meet your standards for security and compliance, Corporate and Personal Device Management, Protecting sensitive information, +, How to enforce conditional access, The Azure Portal, Azure Active Directory Device Registration, Intune Mobile Device Management (MDM), +, Enable Azure AD Device Registration in the Azure Portal, This will allow mobile devices to discover the registration service, This is done by looking for well-known DNS records, Supported devices include Windows 10, Windows 8.1, Windows 7, Android and iOS, How to enforce conditional access, The Azure Portal, Azure Active Directory Device Registration, Intune Mobile Device Management (MDM), +, Intune closely with Azure Active Directory (Azure AD) for identity and access control, and Azure Rights Management (Azure RMS) for data protection, Secure on-premises email accessed by mobile devices and web based apps, The Azure Portal, Device Enrollment, To manage devices that run iOS, Mac OS X, Android, or Windows Phone, you must enroll them., The Azure Portal, Multifactor authentication is a method of authentication that requires the use of more than one verification method, It adds a critical second layer of security to user sign-ins and transactions, It supports a variety of authentication mechanisms, such as phone call, text message, or mobile app notification, The Azure Portal, Protected resource, Second authentication method, Phone call, Text message, Mobile application, Login with username and password, Receive a code or verification from second authentication method, Enter code, Access Resource, 1, 2, 3, 4, 5, The Azure Portal, A service that provides a view into risk events and potential vulnerabilities, Used internally at Microsoft for over a decade – now made available as a service to enterprise customers, It is about detecting anomalies in real time, Proactively prevent compromised identities by leveraging adaptive machine learning algorithms and heuristics, The Azure Portal, Automatically block or offer adaptive remediation actions that include password resets and multi-factor authentication enforcement , Sending notifications for risk events, Investigating risk events using relevant and contextual information, Providing basic workflows to track investigations, The Azure Portal, Allows you to remotely monitor your on premises identity infrastructure and synchronization from Azure, Helps ensure a reliable connection to Office 365 and other online services, Monitors the health of AD FS, and Azure AD connect servers, also known as Sync engine, Also monitors Active Directory Domain Controllers, The Azure Portal, Set up alerts to know when AD FS and AD FS proxy servers are not healthy ( supports email notifications ), View usage trends for AD FS that can be used for capacity planning, Analytics include apps, users, network location, etc., Reports for AD FS such as Top 50 users with bad Username/Password attempts, The Azure Portal, Provides visibility into users who have privileged access to Azure active directory, Enable on-demand and just-in-time administrative access to Microsoft online services, like Office 365 and Intune, Get reports about administrator editing and usage history, Receive alerts about access to privileged roles, The Azure Portal, Team project allow you to automatically build and deploy Azure web apps or cloud services, You can connect your Visual Studio project to Azure and configure publishing to staging by integrating source control, Continuous integration can be set up so that a build is triggered after each check in the source code, Once the build is complete you can browse to your site’s URL and view your deployment in the staging environment, The Azure Portal, Quickly provision development and test environments, Set up automated shutdowns to minimize the cost of a running virtual machine, Quickly create virtual machines by leveraging reusable templates, Supports both Windows and Linux environments, The Azure Portal, Set up an environment where the last good build of your application is already installed, Automate your release pipeline by leveraging your preferred continuous integration tool, Eliminate the delays associated with creating and managing development and testing environments, Scale up or scale down your load testing by provisioning multiple test agents, The Azure Portal, Easily provision a virtual machine with various versions of Visual Studio installed, Various versions of Visual Studio are available, along with various Azure SDKs, The Azure Portal, Automate the manual, long-running, error-prone, and frequently repeated tasks that are commonly performed in a cloud and enterprise environment, Automate with Runbooks or desired state configuration , A runbook is simply a set of tasks that make up an automated process, Examples include starting a virtual machine or creating a log entry, Runbooks can also be chained, Goals might include such things as truncating a SQL Server database, Logic Apps have been discussed previously, The Azure Portal, Supports the orchestration and automation of replication from on premises virtual machines and physical servers to Azure, This includes Hyper-V virtual machines, physical servers, and VMware virtual machines, Virtual machines must be located on the Hyper-V host server, Many apps have built-in application aware replication, such as SharePoint, Exchange, Dynamics, SQL Server, Active Directory, and more (Oracle, SAP, IBM, Red Hat), The Azure Portal, Run jobs on simple or complex recurring schedules, Services can be inside or outside of Azure, Leverage Azure storage cues for long-running or off-line jobs, Invoke web service endpoints with HTTP/HTTPS, Examples include:, Gathering data from a twitter feed, Taking off routine backup jobs, Other application maintenance tasks, The Azure Portal, Investigate and fix incidents quickly, Gain deeper insight into your on premises and cloud resources, Effortlessly collect, store, and analyze log data, Rapidly develop actionable insights using inbuilt intelligence, The Azure Portal, Determine your missing updates, View failed logins, Average website response time, Average HTTP request time by client IP address, The Azure Portal, Safeguard cryptographic keys in minutes, Decouple applications from secret keys, Increase security and control over keys and passwords, Use FIPS 140-2 Level 2 validated HSMs, Secured with FIPS 140-2 Level 2 validated HSMs (hardware and firmware), Microsoft does not see or extract your keys, Monitor and audit key use, Levarage Azure HDInsight for additional analysis and threat detection, The Azure Portal, An Application Proxy service for internet facing web sites and applications, It protects, monitors, and provides lifecycle management, Logs web traffic to Azure storage, Provides some common analytics, Supports the ability to connect with business analytics and Excel, Construct ad hoc application analytics queries, Supports A/B testing, Source code available at http://sg.codeplex.com/, The Azure Portal, Cognitive Services API, A very large and comprehensive technology that integrates vision, speech, language, knowledge, and search APIs into your app, Vision, Identify objects/faces and measure emotions for images and videos, Speech, Convert from text into text with speech, Language, Use the power than linguistics to understand context in language, Knowledge, Find knowledge And use it inside your applications using academic papers, journals, and authors, Search, Leverage all the power of Bing within your applications, The Azure Portal, Cognitive Services API, A very large and comprehensive technology that integrates vision, speech, language, knowledge, and search APIs into your app, Vision, Identify objects inside of images, Measure emotions and human faces, Detect and identify faces and photos, Analyze, edit, and process videos, Speech, Convert to speech and back to text, Understand intent in speech and text, Use speech as a means of authentication, The Azure Portal, Cognitive Services API, A very large and comprehensive technology that integrates vision, speech, language, knowledge, and search APIs into your app, Language, Detect and correct spelling mistakes within your app, Language Understanding Intelligent Service (LUIS), Teach your apps to understand commands from your users, Easily parse complex text with language analysis, Detect sentiment, key phrases, topics, and language from your text, Leverage the power of language models trained on web-scale data, The Azure Portal, Cognitive Services API, A very large and comprehensive technology that integrates vision, speech, language, knowledge, and search APIs into your app, Knowledge, Explore relationships among academic papers, journals, and authors, Contextually extend knowledge of people, locations, and events, Add interactive search over structured data to your project, Provide personalized product recommendations for your customers, The Azure Portal, Cognitive Services API, A very large and comprehensive technology that integrates vision, speech, language, knowledge, and search APIs into your app, Search, Give your app intelligent autosuggest options for searches, Bring advanced image and metadata search to your app, Link your users to robust and timely news searches, Trending videos, detailed metadata, and rich results, Connect powerful search to your apps, The Azure Portal, The Machine Learning Workspace contains 3 tabs:, DASHBOARD - Allows you to view workspace usage and information, CONFIGURE - Allows you to manage access to the workspace, WEB SERVICES - Allows you to manage web services that have been published from this workspace, Once you have a workspace, you can begin working in ML Studio, The Azure Portal, Once you have a workspace, you can begin working in ML Studio, Microsoft Azure Machine Learning Studio is a collaborative, drag-and-drop tool you can use to build, test, and deploy predictive analytics solutions on your data, To develop a predictive analysis model, you typically:, Use data from one or more sources, Transform and analyze that data, Utilize data manipulation and statistical functions, Generate a set of results, The Azure Portal, Once you have developed an experiment in Machine Learning Studio, you can deploy the experiment as a web service hosted on Azure, This is a powerful capability because it means that it is very easy to allow other members of your organization to leverage the predictive analytics components to build, Historically, there is friction when taking an experiment and making it available more broadly to other users, The Azure Portal, Azure Container Service (ACS) provides a way to simplify the creation, configuration, and management of a cluster of virtual machines that are preconfigured to run containerized applications, The Azure container service is based on open source software., In terms of cluster management ( a.k.a., orchestration), two technologies are supported:, DC/OS from Mesosphere, Docker Swarm from Docker, The Azure Portal, Both DC/OS on Azure or Docker Datacenter our marketplace offerings. Docker datacenter can be thought of as the next generation software to Docker Swarm., Additional topics, The next few slides take a deeper dive into the world of containerization and cluster management., The technologies presented are highly relevant to Azure in general, but do not map one-to-one to the portal experience, as has been the case for the previous slides., 1979 2000 2001 2004 2005 2006 2007 2008 2011 2013 2013 2014 2016, chroot, FreeBSD Jails, Linux VServer, Solaris Containers, OpenVZ, Process Containers, Control Groups, LXC, Warden, LMCTFY, Docker, Rocket, Windows Containers, Container Wars, 1979 — chroot, To provide an isolated disk space for each process, 2000 — FreeBSD Jails, Like chroot but included additional process sandboxing features for isolating the IP address, filesystem, users, networking, etc., 2006 — Process Containers (predessor to cgroups), Implemented at Google for limiting, accounting, and isolating resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes. , 2008 — LXC, The first, most complete implementation of Linux container manager. Implemented using cgroups and Linux namespaces, 1979 2000 2001 2004 2005 2006 2007 2008 2011 2013 2013 2014 2016, chroot, FreeBSD Jails, Linux VServer, Solaris Containers, OpenVZ, Process Containers, Control Groups, LXC, Warden, LMCTFY, Docker, Rocket, Windows Containers, Container Wars, 1979 2000 2001 2004 2005 2006 2007 2008 2011 2013 2013 2014 2016, chroot, FreeBSD Jails, Linux VServer, Solaris Containers, OpenVZ, Process Containers, LXC, Warden, LMCTFY, Docker, Rocket, Windows Containers, SaaS/IaaS/PaaS Wars, Control Groups, SalesForce, AWS RackSpace, Azure Google App Engine AWS Beanstalk Heroku, PaaS, GoGrid, SaaS, IaaS, PaaS, IaaS, OpenStack, NASA+RackSpace, PaaS, Cloud Foundry, PaaS on EC2, PaaS, Pivotal, Cloud Foundry/EMC, 1979 2000 2001 2004 2005 2006 2007 2008 2011 2013 2013 2014 2016, chroot, FreeBSD Jails, Linux VServer, Solaris Containers, OpenVZ, Process Containers, Control Groups, LXC, Warden, LMCTFY, Docker, Rocket, Windows Containers, Cluster Orchestration Wars, The battle between Docker, Mesosphere, Mesos, Kubernetes, OpenShift, CoreOS, etc, 1979 2000 2001 2004 2005 2006 2007 2008 2011 2013 2013 2014 2016, chroot, FreeBSD Jails, Linux VServer, Solaris Containers, OpenVZ, Process Containers, LXC, Warden, LMCTFY, Docker, Rocket, Windows Containers, Cluster Management Wars, Control Groups, Amazon EC2 (2010), Mesos (2009), Docker Swarm (3/2015), Azure Container Svc (2016), Deis (2013), Kubernetes (2014), OpenShift (2011), So many options…., There are many ways to run a container., OpenStack, Container, run, ACS, Docker Swarm, run, DC/OS (Mesos), Container, Container, OpenStack, Container, Container, Docker Swarm, Kubernetes, Mesos, Service Fabric, How does this all fit together? , OpenStack (ACS/Azure, EC2, etc), To manage compute, networking, storage, security, multi-tenancy through virtualization, Puppet, Chef, Salt, Ansible, To manage individual hosts, Cluster Orchestrators (Mesos, Kubernetes, Swarm), To manage scaling, failure recovery, cluster utilization, What companies really want to do?, Set up a workflow Developer commits code to a staging branch The CI server (which can also run inside Mesos) builds a docker image using the new freshly compiled binary The CI server updates the Marathon REST API to launch a deployment of the docker image, Set up a workflow Developer commits code to a staging branch The CI server (which can also run inside Mesos) builds a docker image using the new freshly compiled binary The CI server updates the Marathon REST API to launch a deployment of the docker image, Then let the cluster orchestration layer worry about: scaling failure recovery price/performance optimization , HIPAA/, HITECH, FedRAMP JAB P-ATO, FIPS 140-2, FERPA, DISA Level 2, ITAR-ready, CJIS, 21 CFR Part 11, IRS 1075, Section , 508 VPAT, ISO 27001, PCI DSS Level 1, SOC 1 Type 2, SOC 2 Type 2, ISO 27018, Cloud Controls, Matrix, Content Delivery and, Security Association, Shared Assessments, European , Union Model Clauses, United Kingdom G-Cloud, Singapore MTCS Level 3 , Australia Signals Directorate, Japan Financial Services, China Multi Layer Protection Scheme, China CCCPPF, New Zealand , GCIO, China GB 18030, EU Safe , Harbor, ENISA IAF, Benefit from relentless business commitment, Bruno Terkaly bterkaly@Microsoft.com Principal Software Engineer Mobile/Cloud/Startup/Enterprise


Comments (0)

Skip to main content