Iaa S Paa S Saa S Cloud Ready

  • Slides: 29
Download presentation

Iaa. S Paa. S Saa. S Cloud Ready Customer Network Connectivity Common strategy, common

Iaa. S Paa. S Saa. S Cloud Ready Customer Network Connectivity Common strategy, common infrastructure investments, differentiated setup Customers (IT professionals) build their own solutions Customers (users) consume finished applications Focused on customer specific solutions within an organization’s boundaries Focused on pre-built user collaboration experiences within and across organization boundaries Location specific (virtual datacenter) cloud experience – customer decides where to put it Highly distributed (not location specific) cloud experience across many apps – gravitates where the users are Tenant concept is at the (virtual) infrastructure and network level BYON (Bring/Build Your Own Network) in the cloud Tenant concept at the application level. Cloud network is pre-build and optimized for collaboration and global reach Design and customize your own network within Iaa. S Understand align with Saa. S network

aka. ms/o 365 ip

aka. ms/o 365 ip

WAN Egress & Security Stack Customer Network POP Service Front Door Microsoft Global Network

WAN Egress & Security Stack Customer Network POP Service Front Door Microsoft Global Network

DNS WAN Egress & Security Stack Customer Network POP Service Front Door Microsoft

DNS WAN Egress & Security Stack Customer Network POP Service Front Door Microsoft Global Network

AS 8075 35+ datacenters 100+ locations 2500+ networks @ 150+ peering locations WAN Egress

AS 8075 35+ datacenters 100+ locations 2500+ networks @ 150+ peering locations WAN Egress & Security Stack Customer Network POP Service Front Door Microsoft Global Network

AS 8075 Miami, FL ISP Orlando, FL Service Front Door Estimated User to Front

AS 8075 Miami, FL ISP Orlando, FL Service Front Door Estimated User to Front Door RTT (EXO example) Washington DC ~25 ms ISP San Francisco, CA San Jose, CA Seattle, WA ISP Customer Network ~65 ms ~5 ms Service Front Door Seattle, WA Microsoft Global Network Service Front Door * Data at rest remains within tenant specific geo/compliance boundary ~85 ms

“Every different way we ran our Exchange performance test scenario, going to Microsoft network

“Every different way we ran our Exchange performance test scenario, going to Microsoft network as quickly as you can was the best thing you can possibly do. ” Gary Steere CTO @ GSX Solutions

4 3 ISP Service Front Door 1 ISP Service Front Door ISP Customer Network

4 3 ISP Service Front Door 1 ISP Service Front Door ISP Customer Network 2 Service Front Door Microsoft Global Network Service Front Door * Data at rest remains within tenant specific geo/compliance boundary

WAN http: //trustoffice 365. com Broad and expanding set of security, privacy and compliance

WAN http: //trustoffice 365. com Broad and expanding set of security, privacy and compliance features Compensating Overhead /Cost, Complexity, Latency/ Content Gateways B&I RW Proxy Consider the scale vector Differentiate Office 365 traffic when needed [e. g. outbound vs. inbound] Bypass high impact duplicate network security layers for features and outcomes provided natively by Office 365 Check with your network/security vendor for support of automatic Office 365 traffic identification and whitelisting Strong encryption in transit (TLS), DDOS protection, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), Advanced Threat Protection (ATP), Customer Lock Box, Advanced Security Management, Anti-Virus, Secure Score, Threat Intelligence, Advanced Data Governance, Regional Data Residency, Conditional Access, Tenant Restrictions, Activity APIs, Customer Controlled Keys, Vulnerability Scanning, Intrusion Detection, Encryption at Rest, Zero Standing Rights, Certifications ( ISO, SOC, FEDRAMP, FISMA, . . ), Go-local and Sovereign Clouds, e. Discovery, Regulatory Hold, Audit Logs, Next Gen Privacy B&I RO Proxy … Proxy/SWG O 365 AFW/NGFW L 4&DNS FW Level of trust Generic Internet Site Verifiably Trusted Application

ISP Service Front Door ! ISP 3 rd Party Iaa. S/Security Cloud Customer Network

ISP Service Front Door ! ISP 3 rd Party Iaa. S/Security Cloud Customer Network Service Front Door Microsoft Global Network Office 365 Service Front Door

ISP SD-WAN Edge MPLS SD-WAN Edge Customer Network 2 ISP 3 Service Front Door

ISP SD-WAN Edge MPLS SD-WAN Edge Customer Network 2 ISP 3 Service Front Door SWG Service Front Door LTE ISP 1 Service Front Door Microsoft Global Network Office 365 Service Front Door

Exchange Online Availability 2017 100 99. 95 99. 9 Jan Feb Mar 99% 99.

Exchange Online Availability 2017 100 99. 95 99. 9 Jan Feb Mar 99% 99. 99% May Jun Jul Aug 99% 99. 99% Apr 99. 99% End-to-end: 99. 95% 99. 99% End-to-end: 99. 99%

Identify and differentiate Office 365 traffic using Microsoft published endpoints data Egress Office 365

Identify and differentiate Office 365 traffic using Microsoft published endpoints data Egress Office 365 data connections as close to the user as practical with matching DNS resolution Avoid network hairpins and optimize connectivity directly into the nearest entry point into Microsoft’s network ISP ISP aka. ms/o 365 ip Microsoft Network Assess bypassing proxies, traffic inspection devices and duplicate security which is available in Office 365 Microsoft Network

Proxy Office 365

Proxy Office 365

Office 365 “Front Door” Customer Wide Area Network Office 365 “Front Door”

Office 365 “Front Door” Customer Wide Area Network Office 365 “Front Door”

New 3 rd-party SWG Office 365 Front Door New 3 rd-party SWG Customer Wide

New 3 rd-party SWG Office 365 Front Door New 3 rd-party SWG Customer Wide Area Network New 3 rd-party SWG

kryvkin@microsoft. com jeff@microsoft. com

kryvkin@microsoft. com jeff@microsoft. com

https: //myignite. microsoft. com/evaluations https: //aka. ms/ignite. mobileapp

https: //myignite. microsoft. com/evaluations https: //aka. ms/ignite. mobileapp

OnPrem OnPrem Iaa S Paa S Saa SOnPrem OnPrem Iaa S Paa S Saa S
Saa S Paa S Iaa S B BringSaa S Paa S Iaa S B Bring
Saa S Workloads Iaa S Services Saa SSaa S Workloads Iaa S Services Saa S
Ensure Cloud Security in Iaa S Paa SEnsure Cloud Security in Iaa S Paa S
ACCENTURE CLOUD MIGRATION AGENDA Iaa S Paa SACCENTURE CLOUD MIGRATION AGENDA Iaa S Paa S
2 Virtualization 2 Google Cloud Paa S Iaa2 Virtualization 2 Google Cloud Paa S Iaa
Cloud computing Iaa S l l l IaaCloud computing Iaa S l l l Iaa
EKER AHMET PAA eker Ahmet Paa d 1841EKER AHMET PAA eker Ahmet Paa d 1841
Biochimie vtrinaire PAA 1140 4 crdits 091798 PAABiochimie vtrinaire PAA 1140 4 crdits 091798 PAA
Being Ready Mentally ready Physically ready Provisionally readyBeing Ready Mentally ready Physically ready Provisionally ready
VM Role Paa S Virtual Machine Iaa SVM Role Paa S Virtual Machine Iaa S
Azure Batch Paa S HPC Pack Iaa SAzure Batch Paa S HPC Pack Iaa S
Going OnDemand Iaa S Paa S or SolutionGoing OnDemand Iaa S Paa S or Solution
Azure Iaa S Differentiation Azure Iaa S CoreAzure Iaa S Differentiation Azure Iaa S Core
Iaa S VM Operations Iaa S VM akaIaa S VM Operations Iaa S VM aka
Saa Petrovi Paa Interact District Chair Interakt kluboviSaa Petrovi Paa Interact District Chair Interakt klubovi
Saa S Software as a Service Paa SSaa S Software as a Service Paa S
Amazon Saa S Daa S Simple DB PaaAmazon Saa S Daa S Simple DB Paa
Guidelines to integrate Paa S and Saa SGuidelines to integrate Paa S and Saa S
CLOUD TO CLOUD BACKUP CLOUD TO CLOUD BACKUPCLOUD TO CLOUD BACKUP CLOUD TO CLOUD BACKUP
300 cloud 300 cloud 300 cloud 300 cloud300 cloud 300 cloud 300 cloud 300 cloud
Saa S What is Saa S Imagine aSaa S What is Saa S Imagine a
Saa S Economics Understanding the Saa S CashSaa S Economics Understanding the Saa S Cash
NEW HAMPSHIRE SCHOLARS College Ready Work Ready ReadyNEW HAMPSHIRE SCHOLARS College Ready Work Ready Ready