Azure

Best practices to modernize and optimize your cloud infrastructure

By October 26, 2021 November 29th, 2021 No Comments

As organizations continue to adopt a more cloud-focused strategy for myriad reasons, such as the need to equip themselves with new means of collaboration for a remote workforce, IT leadership often focuses on two areas of innovation: modernization and optimization.

Microsoft is uniquely positioned to offer holistic modern solutions across the entire infrastructure: servers, whether on-prem, edge, hybrid, or cloud; services, like containers, functions, serverless compute, and PaaS offerings; client endpoints through the Microsoft 365 cloud; and identity management.

Based on our experiences helping customers make the most of their Microsoft investments, we’ve identified key steps to help organizations transform to the cloud. In this post, we’ll explore some of them.

Migrate legacy on-prem systems to Azure

Many organizations still have Windows Server and SQL Server versions 2008 or 2008 R2 running on-prem. Running unsupported software is particularly dangerous because it exposes the attack surface to vulnerabilities that might otherwise be mitigated through periodic software updates.

Microsoft offers solutions for organizations that can’t modernize these systems to a supported version. A key strategy is to migrate these servers to Azure. Rehosting these 2008/R2 workloads in Azure provides Extended Security Updates (ESUs) at no additional costs. ESUs provide critical security updates for legacy Microsoft products past the end of support.

Rehosting in Azure also allows legacy on-prem hardware to be decommissioned and the underlying Microsoft software licenses with active Software Assurance to be repurposed for Azure Hybrid Benefits. We strongly advise customers that choose to keep legacy versions on-premises to acquire ESUs on-prem. Customers with active Software Assurance on Windows Server and SQL Cores are eligible to acquire these ESUs. The cost is typically 75% of the on-premises base license annually. One note: for products like Windows Server Datacenter and SQL Enterprise editions, on-prem ESUs may be cost-prohibitive.

Use Azure App Service

For Windows Servers running legacy Internet Information Services (IIS) workloads, there are ways to modernize where Microsoft takes care of the maintenance and operation of VMs and the networking infrastructure. Through Azure App Service, a PaaS offering, you can easily build and host web apps, mobile back ends, RESTful APIs, and other automated business processes. A major benefit from using App Services over rehosting Azure VMs running Windows Server is the included global scaling (up or out) with high availability and enhanced security and compliance.

Move to Azure SQL Managed Instances

Modernizing SQL to Azure SQL Managed Instances allows organizations to minimize IT overhead and shift their focus to more value-added work. As a PaaS offering, you’re able to offload the maintenance of the underlying operating system and SQL database instance engine to Microsoft, allowing your DBAs to focus on what’s important: the critical business data in the databases. With backwards compatibility to 2005, Azure SQL Managed Instance has the broadest SQL Server engine compatibility, which means existing apps can be modernized at scale without worrying about performance changes or application incompatibilities.

Enhance productivity and security with Microsoft 365

Optimizing and modernizing your IT environment shouldn’t be limited to just the server infrastructure—organizations should look at adopting enhanced productivity and security for their client-side through the offerings of Microsoft 365 (M365). For example, many organizations are still running legacy client and Office software such as Windows 7 and Office 2010. Certain (M365) user subscription licenses allow users to have access to the latest Windows 11 version as well as the latest Office suite applications (Microsoft 365 Apps for Enterprise or Business) for Windows, macOS, and mobile devices (e.g., iOS, Android, and Windows Mobile).

Go virtual with Azure Virtual Desktop

Organizations looking to move away from traditional client deployments can also look to adopt Azure Virtual Desktop (a rebranding of Windows Virtual Desktop) or Windows 365 Cloud PC. Azure Virtual Desktop is Microsoft’s flexible cloud VDI platform that securely delivers virtual desktops and remote apps. Unlike traditional on-prem VDI, Microsoft manages the underlying infrastructure as well as the gateway, broker, load balancer, and diagnostics. Complementing Azure Virtual Desktop is Windows 365, which is a software as a service (SaaS) offering that lets you stream personalized dedicated Windows 10 or 11 desktops with predictable per-user pricing to any device. Windows 365 is a “Cloud PC” geared for hybrid workers and organizations seeking a simpler alternative to other desktop virtualization technologies. Organizations with a smaller headcount and/or IT staff who may not have VDI expertise are prime candidates for Windows 365.

Get a hub for collaboration with Microsoft Teams

Officially retired July 31, 2021, Skype for Business Online has been replaced with Microsoft Teams. Teams, which Microsoft dubs as “the hub for teamwork”, combines online meetings, chat, calling, file sharing, collaboration, app integration, and more into a fluid, similar experience across client devices, mobile, web, and Teams meeting rooms.

As most of the world went into lockdown due to the COVID-19 pandemic, organizations small and large looked to Teams for their secure business communication and collaboration needs. We regularly hear from clients who have started to realize unexpected hard cost savings. They are decreasing office space leases, reducing their on-prem footprint (such as the hardware, upgrades, and maintenance to support an on-premises solution), and seeing fewer travel and entertainment expenses. Combined with Office 365 and Enterprise Mobility and Security, and optionally, Windows 11, Microsoft 365 has become the best-in-class solution for any type of user within your organization.

Optimize your Azure investment with Azure Health Check

Regardless of where your organization is at in terms of cloud adoption, Inviso understands that efficiently adopting and optimizing Azure Services may be an ongoing challenge. Despite the numerous benefits Azure offers, many organizations are starting to realize that their Azure operating costs may be higher than they anticipated or that unexpected roadblocks may have begun to surface. Sometimes this is a consequence of having performed a quick lift and shift to the cloud without having gone through a thorough rationalization of the on-premises estate or perhaps not having established best practices to clearly define management processes and governance guardrails in advance. Other times, organizations may find the gamut of Azure services intimidating, and lack the skills, knowledge, or personnel for effective adoption and utilization of these cloud services.

To decrease your overall cloud operating costs while maintaining a secure, resilient, and performant cloud architecture, you need to ensure that your organization is built upon a solid operational foundation grounded in sound principles and practices.

This is where Inviso’s Azure Health Check can help.

Based on Microsoft’s Azure Well-Architected Framework, Inviso’s Azure Health Check encompasses all five pillars of architectural excellence: Reliability, Security, Cost Optimization, Operational Excellence, and Performance Efficiency. Designed to run across four weeks, Inviso’s Azure experts will work with you to:

  • Conduct a holistic analysis of your current Azure environment and identify gaps
  • Align the findings to best practices within each pillar
  • Present findings and insights based on our analysis, along with specific recommendations and next steps

Schedule an Azure Health Check

Inviso’s Azure experts simplify and ease the process for you to realize the most value out of your cloud transformation journey. We offer proven processes, industry-leading specialists, and a deep, long-standing partnership with Microsoft. Contact us to learn more and schedule your Azure Health Check at info@invisocorp.com.

Kevin Chinn

Author Kevin Chinn

More posts by Kevin Chinn