Tag Archives: Azure

Free Azure Webcasts for US Government Customers

Over the past few months I have been hosting a free 1 hour Azure webcast to help educate U.S. government employees on the features and functionality available in the Microsoft Azure cloud.   Past events included an overview of the Microsoft Enterprise Mobility suite and Azure Disaster Recovery Solutions.   Going forward I am working with Azure specialists across the U.S. to provide more great webcast events.  Below are two of the upcoming events currently scheduled:

Microsoft Azure Government Overview
Presented by Steve Read
‎2‎/‎27‎/‎2015 ‎3‎:‎00‎:‎00‎ ‎PM Eastern Standard Time
Duration: 60 minutes
Download Calendar Reminder (ICS)
Download the Event Invite

Microsoft StorSimple
Presented by Asif Khan
‎3‎/‎10‎/‎2015 ‎2‎:‎00‎:‎00‎ ‎PM Eastern Daylight Time
Duration: 60 minutes
Download Calendar Reminder (ICS)
Download the Event Invite

If you are an employee from a Federal, State, Local or Tribal government organization in the United States you are welcome to register for these free webcasts at http://slgevents.azurewebsites.net.  We do have a cap of about 200 registrants per webcast so make sure you register early to ensure your spot!   I also recommend that you keep an eye on this website as we plan to keep adding great webcasts in the future.

If you are not a U.S. government employee you can view prior webcasts which are posted on the website listed above.  I have also linked the last two webcast recordings below.

Enterprise Mobility Suite
Disaster Recovery Solutions

I am currently in the planning stages for future webcasts.  Below are a few ideas I have, however, if you have any additional thoughts for content, please reach out to me using the contact link located on the SLG Events website.

  • Azure Media Services
  • Azure Site Recovery deep dive
  • Hybrid Datacenter

Using Storage Spaces in Microsoft Azure for Increased Storage Performance

With the release of Windows Server 2012 and Windows 8.0 a new storage technology was made available called Storage Spaces.  This technology enables a virtualized storage platform that can group standard disks into storage pools.  By using the capacity in the pool, one or more virtual drives called storage spaces can be created. Storage Spaces can provide many features such as resiliency, storage tiers, write-back cache and continuous availability. 

By utilizing Storage Spaces in a Windows Server 2012 (or higher) VM hosted in Azure you can overcome some of the perceived limitations of Azure storage.   Virtual hard drives (VHD) are stored in Microsoft Azure storage as page blobs which have a maximum size of 1TB.   For basic tier virtual machines you can expect storage performance of 300 IOPS per VHD.  For standard tier virtual machines the storage performance increases to 500 IOPS per VHD.   If you take these limitations at face value it would appear that there may be some workloads that could not be deployed in an Azure virtual machine.  One such example would be a SQL data warehouse.

I mentioned that these are perceived limitations and this is because there are ways to combine VHDs with Storage Spaces to provide higher IOPS and more capacity.    The total number of VHDs that a single Windows Azure virtual machine can attach is determined by the size of the virtual machine.  For example, a standard tier A3 (large) virtual machine can have up to 8 persistent 1TB data VHDs.   All virtual machines have a 127GB disk configured for the operating system.  

With Storage Spaces we can combine all of the virtual machine data disks into a single virtual drive where data is striped across all disks.  This configuration does take a little bit of storage overhead, so although in our A3 example we could have up to 8TB of storage, the actual usable amount will be slightly less.  This striping process can also increase our IOPS from 500 for a single disk to a maximum of (8*500) or 4,000 IOPS for the A3 virtual machine.   Actual performance will vary depending on the Storage Space configuration and workloads running on the virtual drive.

For maximum performance it is recommended:

  • Ensure that resiliency is not configured for the Storage Space virtual drive
  • Configure the number of columns for Storage Space equal to the number of drives (VHDs) in the pool
  • Configure the interleave value at least as large as the I/Os of your workload.  I/Os that exceed the interleave are split into multiple stripes, which require multiple writes.   For details on this I recommend reading the Block Size and Interleave section of this article on designing Storage Spaces for performance.

In the Script Gallery hosted by Microsoft there is a demonstration PowerShell script that shows how to build out a Microsoft Azure virtual machine using Storage Spaces.  This script will build out a new virtual machine with the maximum number of data disks based on a select virtual machine size.  Once the virtual machine is built, a remote PowerShell script is started that configures Storage Spaces to provide the highest storage performance currently available for that VM size.

I recommend reviewing the script and performing your own performance tests.  By properly configuring Storage Spaces on the right sized VM you can achieve very high IOPS while also providing up to approximately 64TB of storage (based on standard G5 VM).



Storage spaces overview
Virtual Machine and Cloud Service Sizes for Azure
Azure Subscription Storage Limits
Script Center – Azure
Automate the creation of an Azure VM preconfigured for max storage performance

Getting Started with PowerShell for Azure Government

Recently Microsoft announced two new datacenters that are dedicated to U.S. government customers only.  This includes Federal, State, Local, and Tribal governments and their solution providers.  Benefits of this Government Community Cloud are:

  • Physically isolated datacenter and network
  • Data, applications, and hardware reside in the continental United States
  • Provides true geographic redundancy with datacenters located more than 500 miles apart
  • Operated by screen U.S. persons
  • Committed to meeting rigorous compliance requirements and government policies

To learn more about the Microsoft Azure Government cloud check out the latest information on the Microsoft Azure Government website.

Since the Azure Government cloud is physically isolated, there are a few additional steps that must be completed in order to connect with Microsoft Azure PowerShell:

  • add-AzureEnvironment -name “AzureGovernment” -PublishSettingsFileUrl “https://manage.windowsazure.us/publishsettings/index?client=xplat” -serviceendpoint “https://management.core.usgovcloudapi.net” -managementportalurl “http://manage.windowsazure.us” -StorageEndpoint “core.usgovcloudapi.net”
  • Set-AzureEnvironment “AzureGovernment”

Once the PowerShell environment has been setup the next step is to use the Import-AzurePublishSettingsFile cmdlet to import the settings file you saved in the first step.   After the PublishSettings file has been imported you can use the standard Azure PowerShell cmdlets to manage your Microsoft Azure Government subscription.

If you need to revert back to the Microsoft Azure public cloud you can use the command Remove-AzureEnvironment “AzureGovernment” in Microsoft Azure PowerShell.

Fixing RDP Connectivity Issue with a Windows VM in Azure

When making system changes to a Windows virtual machine running in Azure it is possible to accidentally block RDP access.  This could happen in a number of ways:

  • Making changes to Windows Firewall
  • Changes made to the registry
  • Turning off Remote Desktop

To regain RDP connectivity to your virtual machine you can use the PowerShell Set-AzureVMAccessExtension cmdlet.   Below is a sample script that shows how to use the cmdlet.  Replace the VM name and the cloud service name with the appropriate values for your environment.

Get-AzureVM –Name MyVM –ServiceName MyVMService |Set-AzureVMAccessExtension | Update-AzureVM

Once you have run the script, use the Azure Management portal to reboot the virtual machine.  Once it has restarted you should be able to use Remote Desktop to connect.

To learn more about the VM extensions check out the blog post VM Agent and Extensions – Part 1

Disaster Recovery Solutions

It is never a question of if an outage or disaster will strike your datacenter, but instead when will it occur and will you be prepared. In 2014 the Disaster Recovery Preparedness Council released their annual report on their Disaster Recovery Preparedness Benchmark Survey.  This reported provided a very scary statistic that nearly 3 out of every 4 organizations that participated in the survey are at risk of failing to recover from a disaster or an outage.    The study also indicated that “More than 60% of those who took the survey do not have a fully documented DR plan and another 40% admitted that the DR plan they current have did not prove very useful when it was called on to respond to their worst disaster recovery event or scenario.”

To address some of these concerns I have created a webcast video that outlines some of the possible solutions to enable organizations to meet their disaster recovery objectives.   You can view this webcast on YouTube using the link below:

Disaster Recovery Solutions

This webcast provides a general overview of cloud based Disaster Recovery solutions including:

  • Microsoft Azure Backup
  • Microsoft Azure Site Recovery
  • Microsoft StorSimple

Microsoft also has a great series of videos related to Microsoft Business Continuity solutions available on the Microsoft Virtual Academy website.

Enterprise Mobility Suite Overview

Earlier this month I did a one hour webcast for the Microsoft’s Enterprise Mobility Suite which you can now view using the link below.  The suite is a collection of three products offered at a very affordable price: Microsoft Intune, Microsoft Azure Active Directory Premium, and Microsoft Azure Rights Management service.  The Enterprise Mobility Suite enables organizations to manage devices, protect data, and empower users through self service identity features.

Click here to view the presentation

Azure Backup for Windows Client Operating Systems

Microsoft Azure Backup provides a simple and reliable cloud based folder and file backup solution.  The initial releases of Azure Backup supported Windows Server operating systems but with the newest update the Windows client operating systems are now supported.  Users of  Windows 7, Windows 8 and Windows 8.1 PCs can now use the simple Azure Backup agent to protect their important files.  

Microsoft Azure Backup provides the first 5GB of backup for free and each additional GB is only $0.20 per month (retail pricing).    Microsoft Azure Backup includes all of the features you would expect from a file backup solution, including:

  • 99.9% availability guaranteed
  • Efficient incremental backups
  • Secure, encrypted data at rest
  • Data encryption in-transit
  • Geo-replicated backup store

To get started with Microsoft Azure Backup you need an Azure Subscription.  To get a free trial or to learn more, visit http://azure.microsoft.com

Additional details on the recent changes to Microsoft Azure Backup can be found here.

Free Azure Conference

On October 21st, 2014, Microsoft will be hosting AzureConf, another free event for the Azure community. This event will feature a keynote presentation by Scott Guthrie, along with numerous sessions executed by Azure community members. Streamed live for an online audience on Channel 9, the event will allow you to see how developers just like you are using Azure to develop robust, scalable applications on Azure. Community members from all over the world will join known speakers such as Michael Collier, Mike Martin, Rick Garibay, and Chris Auld in the Channel 9 studios to present their own inventions and experiences. Whether you’re just learning Microsoft Azure or you’ve already achieved success on the platform, you won’t want to miss this special event.

The live event is over.  To view recordings of the event, visit: https://www.azureconf.net/

Government Solutions on Azure

Microsoft Azure provides platform as a service, infrastructure as a service, and packaged service solutions.  Below are a few examples of government solutions that can be built or utilized on Microsoft Azure.

Server Backups
A key function of any IT department is ensuring that all important systems are backed up in case of a system failure, accidental file deletion, file corruption, or a virus outbreak.  The concept of backups is very simple, however, putting a good solution in place can be challenging.  Many organizations will backup their systems to tape and then ship those tapes offsite for storage.  Unfortunately tape backup solutions are expensive and sometimes unreliable.  Recovering from tape is a very slow and time consuming process.  Worse yet, you never known for certain if you can recover files from the tape until an emergency arises.

Microsoft Azure provides an online backup solution that easily integrates into Windows Server or Microsoft Data Protection Manager.  With Microsoft Azure Backup you can be confident that your data can be quickly and easily accessed when you need it.  Microsoft Azure Backup ensures that your data is stored with 3 copies across fault zones inside of a Microsoft datacenter.  An organization can also choose geographically redundant storage where and additional 3 copies of the data is stored in a Microsoft datacenter hundreds of miles away.

Built directly into Microsoft SQL Server 2012 and higher is the ability to backup SQL databases directly to Microsoft Azure.   In the case of a major datacenter failure, the SQL databases can be mounted to a SQL database server running as a virtual machine in Azure.

The benefit of moving to Microsoft Azure for backup services is that your files and data are always available online for immediate recovery.  No longer will an organization need to wait for off-site tapes to be shipped back before recovery.  Unlike tapes, you can recover an individual file or database  without having to restore a complete backup set.  Also Microsoft Azure Backup encrypts your data prior to sending it to the Microsoft datacenter for storage.  With up to 6 copies of your data in geographically redundant datacenters you can be confident that your data will be available when you need it.

To learn more about Microsoft Azure Backup visit: http://azure.microsoft.com/en-us/services/backup/

To learn more about SQL Server backup to Azure visit: http://msdn.microsoft.com/en-us/library/jj919148.aspx

Disaster Recovery
Always a hot topic with organizations is disaster recovery.  They key is to identify what types of situations are considered a disaster for your organization.  A disaster could be a natural disaster, a datacenter disaster, a virus outbreak, or simply a deleted file. Each of these disasters would have a different plan of action based upon the needs of the organization.

As discussed in the previous section, Microsoft Azure Backup can help protect important files.  Taking this concept one step further we need to not only protect files, but also complete systems.  Microsoft Azure Site Recovery (ASR) enables organizations to protect important applications by coordinating replication and recovery of private clouds.  ASR enables you to define orchestrated recovery plans so you can be confident your systems will properly failover to your DR site.   Currently in preview, ASR also allows you to replicate your systems directly to Azure and then failover to the Microsoft datacenter when a disaster strikes.   ASR also enables quick and simple site recovery testing to ensure your DR plans will function as expected during a real disaster scenario.

During a natural disaster a government organization may need to communicate with the public quickly and reliably.   These situations can causes a significant increase in traffic to a governments website which could easily overwhelm the servers and Internet connection.  Worse yet, if the organizations datacenter is impacted by the natural disaster any communication web sites could be knocked offline.  

Microsoft Azure Websites can enable a government organization to host a disaster preparedness and communication website very economically.  During a natural disaster the website can easily scale up to meet any demand. 

To learn more about Microsoft Azure Site Recovery visit: http://azure.microsoft.com/en-us/services/site-recovery/

To learn more about Microsoft Azure Websites visit: http://azure.microsoft.com/en-us/services/websites/ 

Cloud Identity
The proliferation of software as a service applications (SaaS) within an organization can introduce challenges for the IT department.  In some cases the IT department may not even be aware of some of the SaaS applications that have been purchases and are being used by other departments with the organization.  This is sometimes called shadow IT.

To help IT better identify and manage SaaS applications, Microsoft Azure provides a solution called Cloud App Discovery.  This solution enables the IT department to discover all of the cloud apps that are being used within their organization and how frequently they are being used.   Once the IT department understands the collected information they can begin to create plans to support the services and to protect organizational data.

Organizations that are using SaaS applications face a challenge of managing identity.   This might include creating accounts in the SaaS application or managing password resets.  With Microsoft Azure Active Directory an organization has a comprehensive identity and access management cloud solution that provides a robust set of capabilities to manage users and groups and help secure access to applications.   Enabling single sign-on to a SaaS application can simplify user access to thousands of cloud applications supported by Microsoft Azure.

Included with Microsoft Azure Active Directory Premium is Azure Multi-Factor Authentication.  This solution prevents unauthorized access to both on-premises and cloud applications by providing an additional layer of authentication via a mobile app or phone.

To learn more about Cloud App Discovery visit: http://appdiscovery.azure.com/

To learn more about Azure Active Directory visit: http://azure.microsoft.com/en-us/services/active-directory/ 

Information Protection
Information protection becomes more important as organizations start to utilize SaaS applications.  As cloud services usage increases there is an ever greater chance that sensitive data could be accidentally or maliciously disclosed to unintended recipients.  Using access control lists on SaaS solutions is not enough to protect sensitive content.  

Microsoft Azure Rights Management (RMS) solution included with the Microsoft Enterprise Mobility Suite enables organizations to protect sensitive emails and files from being inappropriately shared.  If a file that is protected with RMS is leaked, an organization can be confident that the information cannot be accessed by unauthorized people.

To learn more about Microsoft Azure Rights Management and the Enterprise Mobility Suite visit: http://www.microsoft.com/en-us/server-cloud/products/enterprise-mobility-suite/ 

File Servers and Archive Storage
One constant in the world of IT is that storage requirements always increase.  A study by IDC shows that year over year organizations are seeing data growth in the range of 50%-60%.


As seen in the graph above, only a small subset of the overall stored data is considered the working set.  This is the set of files that are used on a frequent basis.  Everything else above the green line to the blue line is data that is being kept for compliance or archiving purposes only.

Not only are organizations storing more and more data locally, they are being challenged with backup and disaster recovery solutions.  The cost of tape backups and offsite storage continues to increase while budgets are being tightened. This is why organizations are looking at cloud based storage solutions to address their growing data problem. A study by Forrester shows that local SAN storage costs 4x that of cloud storage. 

Microsoft Azure provides multiple storage options to meet an organizations needs such as:

  • Azure Backup for Windows Server or SQL Server
  • Blob storage for custom applications
  • StorSimple – A hardware appliance for storage, archiving and disaster recovery

Earlier in this post I discussed how Azure Backup can be utilized for disaster recovery scenarios.  Blob storage is a platform as a service feature accessed via REST APIs that developers can use for storing files for their custom applications.   The solution I find most interesting for file storage and archiving is StorSimple.

StorSimple is a hardware device that combines the data management functions of primary storage, backup, archive and disaster recovery with seamless Microsoft Azure integration.  The StorSimple appliance uses Microsoft Azure as an automated storage tier, offloading capacity management burdens and ongoing capital costs, while providing enterprise-grade local performance for the working data set.  Using local and cloud snapshots, application-consistent backups complete in a fraction of the time needed by traditional backup systems while reducing the amount of data transferred and stored in the cloud.   Cloud and location independent disaster recovery allows organizations to recover their data from virtually any location with an internet connection, and test their DR plans without impacting production systems and applications.  Thin restore from data in the cloud enables users to resume operations after a disaster much faster than possible with physical tape, or cloud-base tape methods used with other cloud providers.

To learn more about StorSimple visit: http://www.microsoft.com/en-us/server-cloud/products/storsimple/explore.aspx

Get the free eBook Rethinking Enterprise Storage: A Hybrid Cloud Model from here: http://blog.mikehacker.net/free-e-books/