Planning your Microsoft Application Strategy in a Cloud Crazy World Steve Soper Senior Managing Partner
Who is AdaptivEdge Founded in June 2013 Partnered with Nth Generation for 2+ years and delivered over 20 successful projects Focused on Microsoft Silver and Cloud Productivity Competencies Capable of delivering services on all of Microsoft s core technology products Oracle, MySQL and PostgreSQL database capabilities Custom.NET and Java application development services 20+ consultants mainly located in California Experienced team able to cover a wide range of industries and market segments
Microsoft Product Expertise Exchange Active Directory SharePoint SQL Server Lync System Center Office 365 Azure Windows Server.NET Development Hyper-V Windows Desktop
Market Trends: Forces Driving Consolidation & Cloud Underutilized hardware Reduce Cap-Ex Upgrade & standardize to fewer hardware Reduce space, power and thermal needs Reduce Op-Ex Overburdened Administrators Improve Hardware Utilization Efficiency Improve Management Efficiency Lowered cost and complexity for High Availability 1990 2000 2010 Infrastructure Agility Load Balancing & Dynamic Provisioning Standardization of services
Microsoft Cloud Offerings Office 365 (SaaS) Azure AD (IDaaS) Azure (IaaS & PaaS) Dynamics CRM Online (SaaS)
What is Office 365?
STEP 1 Identity Management for Office 365. and beyond
Cloud Identity Directory & Password Synchronization Federated Identity Single identity in the cloud Suitable for small organizations with no integration to onpremises directories Single identity suitable for medium and large organizations without federation Single federated identity and credentials suitable for medium and large organizations
Cloud Identity Authorization Office 365 Admin Portal Office Activation Service Exchange Mailbox Access SharePoint/Lync/Etc Authentication Metadata Graph API Windows Azure Active Directory OAuth2 SAML-P WS-Federation Cloud Identities are isolated and independent from all on-premise or cloud-based identities Terrible experience for end users and IT Administrators alike CSV Import Spreadsheet
Directory & Password Sync Authorization Office 365 Admin Portal Office Activation Service Exchange Mailbox Access SharePoint/Lync/Etc Authentication Metadata Graph API Windows Azure Active Directory OAuth2 SAML-P WS-Federation Synchronizes Users, Groups, and Contacts to Windows Azure AD Enables users to sign-in to cloud applications using their same onpremise password. On Premises DirSync Active Directory
Federated Identity Authorization Office 365 Admin Portal Office Activation Service Exchange Mailbox Access SharePoint/Lync/Etc Authentication Metadata Graph API Windows Azure Active Directory OAuth2 SAML-P WS-Federation Users won t be challenged to enter username/password when accessing cloud applications Authentication occurs in the onpremise directory Requires an on-premises ADFS environment, presenting HA/DR challenges One way trust On Premises Active Directory Federation Services DirSync Active Directory
What is Azure AD?
Gartner s Magic Quadrant for IDaaS
Public Identity as the control point Active Directory
Azure AD Editions FREE BASIC PREMIUM Directory as a Service User and Group Management Device registration Directory Objects 1 500 K Unlimited Unlimited End User Access Panel SSO for SaaS Apps 10 Apps / User 2 10 Apps / User 2 Unlimited Directory Synchronization User-based Access Management and Provisioning Basic Security Reports Logon/Access Panel Branding Customization -- Group-based Access Management and Provisioning -- Self-Service Password Reset for Cloud Users -- Secure Remote Access and SSO to on-premises web applications -- Self-Service Password Reset for Users w/ writeback to on-premises directories -- -- Self-service group management for cloud users -- -- Multi-Factor Authentication (for cloud and on-premises applications) -- -- Advanced Usage and Security Reports -- -- Connect Health -- -- Cloud App Discovery -- -- Microsoft Identity Manager User CAL -- -- Service Level Agreement -- 99.90% 99.90%
Writeback Capability ( DirSync ) Self-Services Password Reset with Writeback Writeback capability enables password resets to be persisted back to on-premises Server AD A feature of the Azure Active Directory DirSync Tool Only available in Azure AD Premium
STEP 2 Evaluating Office 365 for: Exchange SharePoint Lync (SfB)
Exchange Considerations Exchange Online has full feature parity with Exchange 2013 on-premise Hybrid configuration highly desired in order to allow for seamless pilot migration, validation and mailbox migrations whatever pace desired Hybrid configuration may be needed as a permanent solution May require permanent hybrid for on-premise application or devices that have desired Exchange-specific integration PSTs and/or other archives will have to be re-ingested to Exchange or require a third party tool to migrate Public Folders still a challenge to migrate and validate Dynamic DLs have to be created manually Nearly all organizations will need on-premise mail relay for servers, devices, printers, faxes, etc. Exchange Online messaging hygiene will need to be reconfigured and may not be as intuitive as the current on-premise solution
SharePoint Considerations SharePoint Online does NOT have 100% feature parity with on-premise: Limitations on domains and URLs (no Alternative Access Mapping or AAM) No Custom Site Definitions or Provisioning No Full-Trust Solutions No Central Administration No PerformancePoint Services No Unattached Content Database Recovery No SSRS Integration Mode No on-premise search index No self-service site creation No host header site collections Many/most 3 rd party solutions are not available on the Office 365 platform Custom developed solutions cannot be easily ported to Office 365 Hybrid configuration is really federated search Office 365 well suited for Extranets & external access
SfB (Lync) Online Considerations Skype for Business Online does NOT have 100% feature parity with onpremise: No Application and Desktop Sharing Archiving No Persistent Chat No QoS or CAC No AOL/Yahoo Federation or XMPP (used by GoogleTalk) No public meetings with static IDs PSTN Dial-In Conferencing in technical preview, will be generally available in late 2015 Cloud PBX with PSTN in technical preview, will be generally available in late 2015 with the ability to use on-premise phone lines for inbound/outbound dialing Hybrid configuration mainly used for migration but could be leveraged for different user groups that require different features/functionality No integration with existing on-premise IP-PBX
Office 365 Designed for Hybrid New migration wizard helps streamline setup Exchange admin portal supports user management across online and on-prem Identical EAC for Exchange Online and Exchange 2013 Easily manage enterprise features for on-prem and cloud Exchange users
The Case for Hybrid The Enterprise Conundrum Office 365 is attractive It saves me $$ I always have the latest and greatest collaboration, email and UC tools Allows me to focus on my core business, not IT Microsoft can run applications like SharePoint more reliably and efficiently than I can I can easily scale up/down according to demand I can more easily work with customers, partners outside of my company But my business is run on-premises I have existing investments (customized SharePoint deployments with a lot of data and settings, custom solutions, LOB systems, etc) I can t do everything in the Cloud that I can do on-premise I want to protect my sensitive data by keeping it close
STEP 3 Beyond Office 365 Azure for IaaS & PaaS
Microsoft Azure Best for Hybrid Cloud
Datacenter Azure Portability
Hybrid Cloud: Datacenter Transformation Build a software-defined foundation Automate and secure your infrastructure Extend to the cloud on demand Microsoft Azure Windows Server Microsoft System Center
Hybrid Cloud Needs Unified Management
System Center
Cloud service delivery Aligning the needs of business and IT Application development and deployment IaaS PaaS Management and automation
Azure Pack for cloud service delivery
Summary Cloud is inevitable and it will be a multicloud provider world Cloud Identity Management is a critical element for anything aas Hybrid Cloud is the most realistic, flexible and effective strategy for true Cloud adoption that guarantees ROI Hybrid Cloud can only be accomplished via true Datacenter Automation with consistent tools
Time to Upgrade!! Important Extended Support End Dates Windows 2003 (7/14/2015).NET 4/4.5/4.5.1 (1/12/2016) SQL Server 2015 (4/12/2016) Why worry about end of support? Lack of patches/updates No fixes for security vulnerabilities Lack of support Inability to leverage modern cloud options Compliance Issues
Thank You for Your Time and Please Come Visit Our Booth! Steve Soper Senior Managing Partner ssoper@adaptivedge.com