EN-WBNR-Other-SREVM47904

.pdf

School

Covenant University**We aren't endorsed by this school

Course

ECONOMICS 51

Subject

Information Systems

Date

Dec 17, 2024

Pages

140

Uploaded by CorporalMagpiePerson616

Classified as Microsoft Confidential© Copyright Microsoft Corporation. All rights reserved.FOR USE ONLYAS PART OF MICROSOFT VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOTAUTHORIZED FOR DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.

Microsoft Azure Virtual Training DayOptimization

AgendaDAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&ADAY 2IntroductionContinuous improvement: Optimize your workloads(Part 1)Break - 10 minutesContinuous improvement: Optimize your workloads(Part 2)Break - 10 minutesDemo - Review and remediate a workload deployed in productionClosing Q&A

Overview of Optimization and FinOps as a mindsetDAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&A

Learning ObjectivesExplorethe concept and value of Azure optimizationUnderstandthe value of FinOps best practices to manage and optimize the cloudDiscoverMicrosoft guidance, products and tools to optimize your cloud investmentLearnto expedite FinOps adoption via demos of Microsoft Cost Management and Microsoft FinOps Review Assessment

Learning Objectives Understandthe business value of Azure optimization

Definition of Azure optimizationThe process of driving continuous improvementof your architecture and workloads,while also managing and optimizing cloud costs

Definition of Azure optimization The process of driving continuous improvementof your architecture and workloads,while also managing and optimizing cloud costs

The business value of optimization•Accelerated deployment of new workloads•Reliable, secure and sustainably built Azure projects•Ongoing management and optimization of cloud costsLong term gains in cloud efficiency

Microsoft guidance, products, and tools for optimizationProvenguidanceAzure Well-Architected FrameworkAzure Architecture CenterMicrosoft Cloud Adoption Framework for AzureFinOps FrameworkProductsAzure AdvisorAzure Carbon OptimizationAzure MonitorAzure Policy Microsoft Cost ManagementPower BI Pricing offersand discountsAzure savings plan for computeAzure Reserved Instances Azure Hybrid BenefitAssessmentsAzure Landing Zone ReviewAzure Well-Architected ReviewMicrosoft FinOps Review Assessment

Learning Objectives LearnFinOps best practices to manage and optimize the cloud

FinOps as a mindsetTurn your vision into actionThe content of this presentation is based on the framework guidance published by the FinOps Foundation. www.finops.org

Learning ObjectivesUnderstandwhat FinOps is and why it is importantLearnFinOps lifecycle, domains, and capabilitiesDiscoverMicrosoft products and tools to optimize your cloud investment, including Microsoft Cost Management and FinOps Review Assessment

Cloud growth forecastOrganizations continue to adopt the cloudGartner® predicts that by 202675% of organizations will adopt a digital transformation model predicated on cloud as the fundamental underlying platform.Gartner Press Release: Gartner Forecasts Worldwide Public Cloud End-User Spending to Reach Nearly $600 Billion in 2023April 19, 2023GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.75%202420252026

Managing costs is fundamentally different in the cloud CapEx ModelCentralized decisionsFixed costSlow to scaleOn-premisesCloudOpEx ModelDecentralized decisionsVariable costFast to scale

Benefits and challenges of managing costs in the cloudThe OpExModeldelivers many benefits…Cost efficiency: Pay as you goTax benefits: Deduct operating expensesFocus on core business: Outsource infrastructure managementScalability: Scale resources up or down quicklyLower TCO: Reduce maintenance, hardware, and operational costsReduced Risk: Avoid large upfront investments…but also some challengesCultural and Skill Shifts: Transitioning from CapEx to OpEx might require changes in the organization's culture and skill sets.Variable Costs: Some organizations might experience unexpected expense hikes due to the lack of governance and accountability.

Roadmap to successTo capitalize on the benefits of the cloud, organizations need to go through an organizationaland cultural transformation that enables their teams to leverage the OpEx model. To accomplish this objective, the FinOps framework provides best practices that can support this journey.FinOps framework

What is FinOps?FinOps FrameworkbyFinOps FoundationCultural PracticeFrameworkManage Cloud CostsAt its core, FinOps is a cultural practice. It’s the way for teams to manage their cloud costs, where everyone takes ownership of their cloud usage supported by a central best-practices group. Cross-functional teams in Engineering, Finance, Product, etc. work together to enable faster product delivery, while at the same time gaining more financial control and predictability.

FinOps north star principlesFinOps FrameworkbyFinOps FoundationA centralized team drives FinOpsTeams need to collaborateFinOps reports should be accessible and timelyEveryone takes ownership of their cloud usageDecisions are driven by the business value of cloudTake advantage of the variable cost model of the cloud

FinOps principles at-a-glanceFinOps FrameworkbyFinOps FoundationTeams need to collaborateWhy is this important?Cross-functional teams must create accountability based on shared experience, terminology, and goals. By eliminating silos, collaboration drives faster alignment, adoption, and innovation.Decisions are driven by the business value of cloudWhy is this important?Decisions based on business value result in efficient cloud costs balanced against the speed/performance and quality/availability of services. Everyone takes ownership of their cloud usageWhy is this important?Individual teams are empowered to manage their own cloud spending against their budget and make value-based decisions within that scope. FinOps reports should be accessible and timelyWhy is this important?Provides the visibility required to determine how your resources are performing, while trending and variance analysis help explain cost fluctuations. A centralized team drives FinOpsWhy is this important?Collaboration improves the way teams work together and solve problems. This leads to more efficient processes, increased success, and improved communication.Take advantage of the variable cost model of the cloudWhy is this important?Cloud allows the organization to quickly adapt spend to support business-critical use cases, and scale that usage for workloads when needed.

Tactical benefits of adopting FinOps1.Cost Optimization2.Increased Accountability3.Better Decision Making 4.Alignment with Business Goals 5.Continuous Improvement6.Collaboration7.Forecasting and Budgeting8.Resource Efficiency9.Cost Transparency10.Scalability11.Risk Management12.Training and Skill Development

Strategic benefits of adopting FinOpsObjective is to maximize the cloud business value.FinOps FrameworkMaximize Business ValueDrive efficiencyAccelerategrowthOptimize cloud spendOptimize cloud processesOptimize carbon emissionsImprove reliabilityImprove securityImprove sustainabilityBenefit from AI

Drive market differentiation through savingsUse caseImprove efficiency:•Optimize cloud spend by select use of commitment-based offers.•Optimize cloud processes to increase organization's accountability.Re-allocating funds to modernize or innovate:•Improve security by signing up for Microsoft Defender.•Invest in AI to create a new product.

Use caseReduce carbon emissions through FinOps best practicesClimate regulations:•European Union’s target to cut greenhouse gas emissions by at least 55% below 1990 levels by 2030 (climate neutral by 2050).•US to reduce greenhouse gas emissions by 50-52% below 2005 levels in 2030.•Greenhouse gas reporting requirements.Efficiency through FinOps:•Track carbon emission data and performance.•Optimize workloads for efficiency.•Increase accountability.•Leverage the Azure Carbon Optimization product to track carbon emissions.

Key parts of the FinOps FrameworkLifecycleMaturity ModelDomainsCapabilitiesFinOps FrameworkbyFinOps Foundation

FinOps LifecycleFinOps FrameworkbyFinOps FoundationInformVisibility & allocationsOptimizeUtilizationOperateContinuous improvement & operationsThe FinOps lifecycle is an iterative loop that is designed to support incremental changes to maximize the cloud business value. Its three-phase cycle allows organizations to optimize their operations and strategy based on actual results.

More details about the FinOps LifecycleFinOps FrameworkbyFinOps FoundationInform phaseTasks•Reporting•Anomaly Detection•Benchmarking•Cost Allocation•Accounts, Taxonomy & Tags•Forecasting & BudgetingOverviewIn the Inform phase, it is important to create and use the tags/labels, account hierarchy, and other taxonomy to allocate all costs to get a near-real-time view of your current cloud usage.Optimize phaseTasks•KPIs & Outcomes•Primary Ways to Optimize Usage•Optimize Usage•Optime Rates•Business CasesOverviewIn the Optimize phase, it is important to target, define, and document optimization opportunities; this is all about triage and prioritization.Operate phaseTasks•Organizational & Cultural Adoption•FinOps & Other Methodologies•Build a CCCEOverviewIn the Operate phase, it is important to implement the culture and connect the stakeholders who will drive value out of your cloud spend. You will spend a lot of time defining process, defining workflows, and defining responsibilities.

Maturity ModelFinOps FrameworkbyFinOps FoundationThe Crawl, Walk, Run approach•Improves operations through repetition.•Empowers teams to make small adjustments based on their learnings.•Helps the organization track improvements toward the goal of reaching the run status in each capability.

What are domains and capabilitiesFinOps domains•Areas of activity or knowledge linked to business outcomes.FinOps capabilities•Tasks or processes that allow one to meet the demands of a FinOps practice.•Functional areas of activity in support of their corresponding FinOps Domain.FinOps FrameworkbyFinOps Foundation

How each domain supports business decisionsFinOps FrameworkbyFinOps FoundationUnderstand cloud usage and costWhat are we spending on cloud and what are we using? Performance tracking and benchmarkingDoes what we’re using/spending allow us to achieve our objectives? Real-time decision makingWhat actions can I take now to better meet my objectives? Cloud rate optimizationHow can we achieve better price performance with cloud usage? Cloud usage optimizationHow can we change our usage to better meet our goals? Organizational alignmentWhat internal changes can I make to use cloud more effectively?

How domains and capabilities are groupedFinOps FrameworkbyFinOps FoundationUnderstand cloud usage and cost•Measuring unit costs•Managing shared cost•Managing anomalies•Forecasting•Data ingestion and normalization•Cost allocation (metadata and hierarchy)•Data analysis and showbackPerformance tracking and benchmarking•Resource utilization and efficiency•Measuring unit costs•Managing commitment-based discounts•Managing anomalies•Forecasting•Budget managementReal-time decision making•Measuring unit costs•Managing anomalies•Establishing a FinOps decision and accountability structure•Data analysis and showbackCloud rate optimization•Intersection of Cloud FinOps and sustainability•Managing commitment-based discounts•Data analysis and showbackCloud usage optimization•Intersection of Cloud FinOps and sustainability•Workload management and automation•Resource utilization and efficiency•Onboarding workloads•Data analysis showbackOrganizational alignment•Intersection of FinOps and TBM•Intersection of FinOps and ITAM/SAM•Cloud policy and governance•Managing shared cost•Establishing FinOps culture•FinOps education and enablement•Establishing a FinOps decision and accountability structure•Chargeback and finance integration•Budget management•FinOps and intersecting frameworks

Microsoft solutions to optimize costsAzure vs. AWS cost comparison Azure savings plan for computeAzure Reserved Virtual Machine Instances | Microsoft AzureAzure Hybrid benefitAzure is up to 5 times more cost effective than AWS for Windows Server and SQL Server.Azure savings plan for computeSave up to 65% compared to pay-as-you-go prices on select compute services2ReservationsSave up to 72% compared to pay-as-you-go prices with Azure Reserved VM Instance3FinOps capability supported:•Managing commitment-based discounts

Manage and optimize your workloadsMicrosoft Cost Management is a suite of tools that help organizations analyze, monitor, and optimize costs.FinOps capabilities supported:•Cost allocation•Cloud policy and governance•Managing shared cost•Data analysis and showback•Chargeback and finance integration•Budget management•Managing anomalies•Resource utilization and efficiency

Demo:Microsoft Cost Management

More Microsoft solutions to adopt FinOps best practices on AzureAzure AdvisorAdvisor is a free, personalized guide to Azure best practices with actionable recommendations for increasing the efficiency of your cloud investments by optimizing your resources for reliability, security, operational excellence, performance, and cost.Power BIPower BI can help you realize the value of your enterprise data and bring the insights discovered in Azure data and analytics tools to everyone in your organization.Azure PolicyAchieve organization-wide resource governance by creating policies in Azure to govern every existing or future resource deployed.Azure MonitorGain end-to-end observability for your applications, infrastructure, and network.Azure Carbon OptimizationAnalyze and gain understanding of emissions that result from Azure use, with the goal of optimizing and reducing those emissions.

Demo:FinOps Review Assessment

BreakDAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&ANext:Design for optimization: Balancing cost and growth within your cloud platform

Design for Optimization: Balancing cost and risk within your cloud platformDAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&A

Learning ObjectiveDiscoverMicrosoft guidance, products, and tools to optimize your cloud investment

Building reliable and secure systems, as a shared responsibilityEnableReliability & Security ‘in’the cloudLeverageReliability & Security‘of’the cloudCUSTOMER WORKLOADS: Architecture design principlesYourapporworkload architecture, built on the below.CUSTOMER CLOUD ENVIRONMENT: Resiliency & Security featuresOptional Azure capabilities you enable as needed in your environment —security, high availability, disaster recovery, and backup.AZURE PLATFORM: Resilient & Secure foundationCore Azure capabilities built into the platform —how the foundation is designed, operated, and monitored to ensure availability and security.

Balance comes in several formsPeopleProcessTechnologyDocumentationToolsTemplatesBestpracticesAchieve balanceControl & StabilitySpeed & ResultsAlign business, people and technology strategy.Achievebusiness goals with actionable, efficient, and comprehensive guidance.Deliverfast results with control and stability.

Microsoft Azure Well-Architected FrameworkArchitecture guidance and best practices, created for architects, developers, and solution owners, to improve the quality of their workloads, based on 5 aligned and connected pillarsReliabilitySecurityCost OptimizationOperational ExcellencePerformance Efficiencyhttps://aka.ms/WAF

Cloud Adoption Framework instills confidence within organizations to accelerate and execute adoptionProven business and technical guidance to help customers create and implement the business and technology strategies necessary to succeed in the cloud.Define strategyDefine motivations, and create a business case leveragingcloud economicsPlanCreate actionable cloud adoption plan aligned to the strategyReadyPrepare cloud environments with Azure landing zonesAdoptMigrateor InnovateDesign, build and deploy workloads to Azure SecureAutomate governance baseline and empower delegated responsibilityManageBuild operations baseline and support enterprise operationsGovernAutomate governance baseline and empower delegated responsibility

We will focus on three Cloud Adoption Framework methodologies related to optimizationProven business and technical guidance to help customers create and implement the business and technology strategies necessary to succeed in the cloud.Define strategyDefine motivations, and create a business case leveragingcloud economicsPlanCreate actionable cloud adoption plan aligned to the strategyReadyPrepare cloud environments with Azure landing zonesAdoptMigrateor InnovateDesign, build and deploy workloads to Azure SecureAutomate governance baseline and empower delegated responsibilityManageBuild operations baseline and support enterprise operationsGovernAutomate governance baseline and empower delegated responsibility

Govern: Cloud Governance

Why is governanceimportant?Control & StabilitySpeed & Results•Maintaining full compliance•Creating better cost visibility and control•Improving security posture•Being agile—to support scaleWho is responsible for monitoring? Support? And operations?Which services should be migrated to Azure?What roles & responsibilities must be defined?What security measures should I consider?What are the core processes needed for service management?How do I ensure a balance between innovation, cost, and agility?What organizational changes are needed?What key capabilities must I develop?Azure governance building blocks?

Cloud governance teamA cloud governance team evaluates and manages risk tolerance, identifies high-risk areas for business, and converts risks into governing corporate policies.Determine the necessity of a cloud governance team.Align with other teams to:•Review your company's strategy and plan templatewith members of the cloud strategy team to understand motivations, metrics, and strategy.•Review your company's cloud adoption plan template with members of the cloud adoption team to understand timelines and prioritization.•Review the operation team's operations management workbook to understand the operational requirements and commitments that have been established with the business.Establish cadence with teams that aligns with:•Release and planning cycles.•The cloud strategy team to review risks of the next wave of adoption and gauge the team's level of tolerance for risks.•Review and iterate.Cloud governance team functionsEnsures cloud-adoption risks and risk tolerance are properly evaluated and managed.Identifies risks that can't be tolerated by the business, and converts risks into governing corporate policies.

Governance methodologyhttps://aka.ms/adopt/GovEnvision an end state –and incrementally build trust and confidence.GovernDefine corporate policyBusiness risksDocument evolving business risks and the business’ tolerance for risk, based on data classification and application criticality.Policy & complianceConvert risk decisions into policy statements to establish cloud adoption boundaries.ProcessEstablish processes to monitor violations and adherence to corporate policies.Five disciplines of cloud governanceCost managementEvaluate and monitor costs, limit IT spend, scale to meet need, and create cost accountability.Security baselineEnsure compliance with IT security requirements by applying a security baseline to all adoption efforts.Resource consistencyEnsure consistency in resource configuration. Enforce practices for on-boarding, recovery, and discoverability.Identity baselineEnsure the baseline for identity and access are enforced by consistently applying role definitions and assignments.Deployment accelerationAccelerate deployment through centralization, consistency, and standardization across deployment templates.Governance funnels corporate policy changes into five actionable disciplines –enabling your organization to modernize and reach business goals.

Cost managementBased on FinOps Foundation’s best practices.Establish controls and processes to ensure proper allocation of cost across business units, implement cost guardrails, and analyze the cost of applications.Define•Enterprise Enrollment Hierarchy Process and RACI Azure Cost Management Budgets and Alerts + RACI•Cost Management RBAC ModelDefine Cost Management Policies •Tagging •Allowed VM SKUs •Allowed Storage SKUs •Allowed Networking SKUs •Allowed Database SKUsAzure tools & servicesFinOps for AzureAzure Cost Management CalculatorAzure PolicyAzure AdvisorAzure Portal

Security baselineEstablish policies to protect your network, assets, and data –residing on cloud provider platform(s).Document risks, business tolerance, and mitigation strategies related to the security of:•Data and assets:Develop clear, simple, and well-communicated guidelines to identify, protect, and monitor the most important data assets.•Network:Control and monitor any allowed communication between on-premises environment and cloud workloads.Implement these best practices for corporate policy:•Network requirements:On-premises networks must be secured against potential unauthorized access from cloud-based resources.•Hybrid identity strategies:A key factor in structuring cloud-based identity services is the level of integration required with existing on-premises identity infrastructure.•Encryption: Encryption mechanisms vary in cost and complexity, and both technical and policy requirements, and can influence decisions on how encryption is applied and how to store and manage critical secrets and keys.•Security baseline policies: Processes that manage updates to security policy based on inputs from stakeholders (e.g., initial risk assessment and planning, deployment planning and testing, and quarterly review and planning).Azure tools & servicesAzure PolicyAzure Defender for CloudAzure SentinelSubscription DesignEncryptionHybrid IdentityAzure NetworkingAzure Automation

Resource consistencyImplement the foundation for governance best practices –with correct resource organization.Define Azure Management Groups, Subscriptions models, and RACI•To reflect security, operations and business/accounting hierarchies•To group similar resources into logical collectionsDefine resource consistency roles and responsibilities•To further group applications or workloads into deployment and operations unitsDefine Resource Consistency PoliciesNaming Conventions•Tagging•Allowed Locations•Allowed Resource Types•Allowed Extensions•AuditingAzure tools & servicesAzure PolicyAzure MonitorAzure AdvisorResource Manager TemplatesResource GraphManagement Groups

Identity baselineProtect your data and assets in the cloud –implementing identity management and access control. Define Azure RBAC Model•Using RBAC can segregate duties within a team and grant only the amount of access to users that they need to perform their jobs. •Microsoft requires multi-factor authentication for key admin roles to access Azure administrative portalsDefine Azure Access Management Process and RACI•Several options are available for managing identity in a cloud environment which vary in cost and complexity. •A key factor in structuring your cloud-based identity services is the level of integration required with existing on-premises identity infrastructure.Operationalize Azure Privileged Identity Management•Cloud-based identity management is an iterative process. Azure tools & servicesRBACMicrosoft Entra IDMicrosoft Entra ID B2BMicrosoft Entra ID B2CDirectory FederationDirectory Replication

Deployment accelerationEstablish policies to govern asset configurations or deployments –manual, or automated through DevOps best practices.The DevOps practices in this discipline include:Infrastructure as code•Stand up environments in the fastest means possible.•Remove the human element and reliably and repeatable deploy every time.•Improve environment visibility and improve developer efficiency.•Store infrastructure definitions alongside application code.Continuous integration and continuous deployment•Accelerate delivery through automation.•Simple and easy to use.•Global community for actions.Azure architectural best practices that enable deployment acceleration include Azure Landing Zones, including platform landing zoned and application landing zonesDeploy and update cloud environments in a repeatable manner using composable artifactsAzure tools & servicesResource Manager TemplatesAzure PowerShellAzure CLIAzure PolicyResource Grouping & TaggingAzure DevOpsGithub –Azure Github ActionsAzure AutomationAzure Verified Modules

Evaluate your cloud readiness using Microsoft AssessmentsStrategic Migration Assessment & Readiness ToolUnderstand your organization’s preparedness to implement a cloud migration at scale.Governance BenchmarkIdentify gaps in your organization’s current state of governance and get curated guidance on how to get started. Landing Zone ReviewAssess your plan to create a landing zone to host workloads that you plan to build in or migrate to the cloud.

Manage:Cloud Management

Evolution of the IT Business ModelThe cloud is causing a paradigm shift in the function of Operations ManagementEnforce / ControlControlled & central responsibilityEnable / SupportFreedom & delegated responsibility

Cloud management for cloud adoption efficiencyEstablish management baselineDefine the criticality classifications, cloud management tools, and processes.1Define business commitmentsDocument supported workloads to establish operational commitments.2Expand management baselineMake use of the included best practices based on business commitments and operations decisions.3Advanced operations and design principlesUse a deeper architecture review to deliver on resiliency and reliability commitments.4

Methodology to enable cloud managementCloud operations disciplines1Establish management baselineManagementbaselineInventory and visibilityOperational complianceProtect and recoverAdvancedoperationsEnhanced baseline3Expand management baselinePlatform specializationWorkload specializationAdvanced operationsand design principles4Business alignmentCriticalityImpactCommitmentDefine business commitments2

Management baselineWhy do you need this?A well-guided management baseline defines a set of cloud management tools and processes required to deliver your minimum commitment to operations management.Goals for management baseline•Define the basic tools needed for managing operations around any Azure production environments•Focus on the minimum options and processes necessary instead of all the available options•Use the management baseline to apply resource consistency across different resources on the Azure platform

Business alignments and commitmentsWhy do you need this?Business alignment with cloud management is required to rethink commitments to operational management in partnership with the business.Goals for management baseline•Document the criticality and relative business value of each workload•Establish clear performance expectations and business interruption time/value metrics•Document, track, and report on commitments to cost and performance

Methodology to enable cloud management AdvancedoperationsEnhanced baseline3Expand management baselinePlatform specializationWorkload specializationAdvanced operationsand design principles4

Enhance management baselineWhy do you need this?Outline a minimum viable product (MVP) for cloud management services, referred to as a management baseline, and add common improvements to the baseline.Goals for management baseline•In addition to management baseline, improve business commitments with enhanced management baseline •Improve uptime and decrease recovery times for the entire portfolio of workloads with cloud-native tools

Enhanced baselineAdvanced operationsEvaluate common additions to the baseline that might meet business needs.•Use enhanced management baseline cloud-native operations tools and processes to extend the business commitment.•A number of mission-critical workloads might require enhancements to the management baseline for better commitment.•Enhanced baseline can be enabled to perform advanced management operations and processes such as:•Service change tracking•ITSM integration•Operations automation•Multi-cloud operations•Guest automation•Breach notificationAzure tools & servicesAzure Resource GraphIT Service Management ConnectorAzure AutomationAzure Automation Hybrid Runbook WorkerDesired State Configuration (DSC)Microsoft Defender for CloudAdvancedoperationsEnhancedbaseline

Advanced design principlesWhy do you need this?Management specialization is required to improve the design of common systems (platforms) or specific workloads to effectively minimize interruptions.Goals for management baseline•Improve the resiliency and design of business critical workloads•Detect trends and provide automated remediation•Create repeatable solutions to minimize maintenance overhead•Use advanced monitoring tools to discover incremental improvements

Workload specializationAdvanced operationsInvest in ongoing operations of a shared platform, distributing the investment across multiple workloads.•Trigger a cultural change in traditional IT build processes that focus on delivering a management baseline, enhanced baselines, and platform operations.•Apply best practices for improving the resiliency and designof a specific system with Azure Well-Architected Framework guidance and reference architecture from Azure Architecture Center.•Get the flexibility of advanced monitoring of options for monitoring performance, availability, usage, and dependencies.•Operational tasks shift to an application-development or business-unit organization.•Application insights—to get deep insights on the specific workload—are required to provide clear workload operations.Azure tools & servicesAzure Monitor logsApplication InsightsAzure AutomationAzure Well-Architected FrameworkAzure Architecture CenterWorkload operationsWorkloadspecialization

Ready:Azure Landing Zones

What are you building?Your cloud foundation supports the construction of a—HouseStadiumBridge

What are landing zonesfor?•Starting a journey based on best practices with a start-to-finish plan is a key factor for success•Creating well-designed foundations for a cloud environment will enable the safe adoption of new technologies, at pace•Using consistent, repeatable environment designs helps scaling out in a manageable way•Baking in repeatable best practices into environment deployments•Factoring your team's technical skills into environment planning

Azure landing zonesDesign areasENVIRONMENTAzure billing and Azure Active Directory tenantIdentity and access managementResource organizationNetwork topology and connectivityCOMPLIANCESecurityGovernanceManagementPlatform automation and DevOps

Azurelanding zones Set up Azure environmentsfor scale, security, governance, networking, and identityEnable migrationsand net new appsConsider all platform resources Don't differentiatebetween IaaSor PaaS

Foundations in the cloudWorkloadAssets(Resources in Azure)WorkloadWorkloadPlatform landing zoneWorkloadWorkloadWorkloadWorkloadFoundationutilitiesWorkloadPlatform foundationFoundation utilitiesApplication landing zoneApplication landing zoneWWWWWWWWWWW

Alignthe foundationto yourchosen cloud operating modelWDecentralized operationsWWWCentral operationsWWWWEnterprise operationsDistributed operationsWWWWWWWWWWWWWorkloadApplication landing zonesPlatform Landing ZoneW

Find the operating model that fits your requirementsWDecentralized operationsWWWCentral operationsWWWWEnterprise operationsDistributed operationsWWWWWWWWWWWWWhich motivation is your highest strategic priority?InnovationControlDemocratizationIntegrationWhat's the scope of your portfolio?WorkloadLanding zonesCloud platformComplex portfolioWho’s accountable for governance, security, and operations decisions?Workload teamsCentral ITCloud Center of ExcellenceMix of all three or unknown

Azure landing zone conceptual architectureWhat does it represent?✓Target end-statefor most organizations✓Scaled-out and mature environment✓Customer and partner practices for environment design across Microsoft ✓Strong foundation for management, governance, and security processes

Assess each stage of your cloud journeyStartBuild a new environmentinformed by best practices and proven architectures.Explore design areasto understand considerations and decisions for your journey.We have not deployed anything in Azure and want a start-to-finish plan based on best practices.AlignFor your existing environments—alignto the architectures and guidance of Azure landing zones.We have environments and landing zones already, but our requirements have changed, and we need to move towards a different type of architecture.EnhanceFollow best practices guidance in Secure, Manage, and Govern methodologies to continue to mature and evolve your Azure environments—and realize the value of cloud-native technologies.We have environments and landing zones already, using the CAF guidance, and want to continue improving the controls and configuration.

Azure landing zone acceleratorsFastest path to deployment Microsoft Azure portal implementation experienceBased on Azure landing zone conceptual architectureQuickly implement scaled-out governance and securityDeploy tested, best-practice configurations for key governance policies, processes, and tools

Azurelanding zone accelerators Accelerateyour customer valueWhat if we could reach customer value at pace?Typical project engagements to design and build an Azure environment can run for 3-4 months, at considerable cost.Much resource investment can be in developing implementation artifacts, implementation engineer time, and project management.In an increasingly large portion of cases, the outcomes look relatively similar (+/- a few percentages for low level customizations).

Azure landing zonesDeployment options summaryAzure landing zone portal accelerator (default option)Fastest path to the target architectureImplements environmental design practicesImplements opinionated compliance design best practicesAlternative approaches for customizationPartner landing zones•Created and customized by your implementation partner or managed service partner.•Customized to your operations and adoption plans.•Evaluated against the conceptual architecture.Bicep•Rapidly deploy environment design areas, but defer compliance design areas.•Accelerates low-risk deployments, but increases time to compliance.•Ideal for central IT and centralized operations, with controlled adoption flows.Terraform•Azure landing zone approaches are available for third-party configuration tools, like Hashicorp Terraform.

Azurelanding zonesPartnerandopen-sourceimplementation optionsPartner landing zoneValidatepartner offerUnderstand partner approaches and solutionValidate cloud operating modelReview partner solution for governance, security, and complianceReview partner design, based on design areasDeployment options for partner landing zoneAzure landing zones Terraform modulesBuild on existing Terraform skillsPath for multi-cloud operating modelsDesign Azure landing zones, based on design areasEnable the community with a set of sample reusable landing zonesDeploy workloads to AzureAzure Region 1hub-core-sechub-operationsActivity LogsSecurity CenterDiagnostics LoggingLog AnalyticsNetwork MonitoringAD AssessmentAD ReplicationAgent Health AssessmentDNS AnalyticsKey Vault Analytics

Compliance in an operational environmentWhat does this look like for you?GovernDefine business risksbased on data classification and application criticality.Convert risk decisions into policy statements to establish cloud adoption boundaries.Create policies to put guardrails in place to minimize business risks.Establish processes to monitor violations and compliance with defined corporate policies.ManageDefine criticality andrelative business value of each service.Establishclear performance expectations andbusiness interruption time/valuemetrics.Document, track,andreport on commitments tocost and performance.SecureIntegrate security insights into arisk management framework anddigital initiatives.Integrate security insights andpractices intobusiness andIT processesandintegrate security disciplines together.Ensure organization canoperate during attacks andrapidly regain fulloperational status.

Evaluate your cloud readiness using Microsoft Assessments Strategic Migration Assessment & Readiness ToolUnderstand your organization’s preparedness to implement a cloud migration at scale.Governance BenchmarkIdentify gaps in your organization’s current state of governance and get curated guidance on how to get started. Landing Zone ReviewAssess your plan to create a landing zone to host workloads that you plan to build in or migrate to the cloud.

BreakDAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&ANext:Demo –Prepare your cloud environments for ongoing optimization

Demo –Prepare your cloud environments for ongoing optimizationDAY 1IntroductionOverview of Optimization and FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&A

Demo:Prepare your cloud environments for ongoing optimization

Closing Q&ADAY 1IntroductionOverview of Optimizationand FinOps as a mindsetBreakDesign for optimization: Balancing cost and risk within your cloud platformBreakDemo - Prepare your cloud environments for ongoing optimizationClosing Q&A

AgendaDAY 2IntroductionContinuous improvement: Optimize your workloads(Part 1)Break - 10 minutesContinuous improvement: Optimize your workloads(Part 2)Break - 10 minutesDemo –Deep dive into assessing and remediating a workloadClosing Q&A

Continuous improvement: Optimize your workloads (part 1)DAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&A

Learning ObjectivesUnderstandwhen to use the Cloud Adoption Framework or the Well-Architected FrameworkDiscoverMicrosoft guidance, products, and tools to optimize workloadsLearnfrom demos how to optimize workloads with Advisor and the Well-Architected Review

Learning Objectives Understandhow to use Well-Architected FrameworkDiscoverMicrosoft guidance, products, and tools to optimize workloads

What is a workload?The term workload in the context of the Well-Architected Framework refers to a collection of application resources, data, and supporting infrastructure that function together towards a defined business goal. CacheEnd user3rd-partyAPIGovernanceComputeVaultDatabaseComputeMessage BusFile storageIdentity providerMonitoringDeveloper / OpsCode hostingDeployment pipelines

Building reliable and secure systems, as a shared responsibilityEnableReliability & Security ‘in’the cloudLeverageReliability & Security‘of’the cloudCUSTOMER WORKLOADS:Architecture design principlesYourapporworkload architecture, built on the below.CUSTOMER CLOUD ENVIRONMENT:Resiliency & Security featuresOptional Azure capabilities you enable as needed in your environment—security, high availability, disaster recovery, and backup.AZURE PLATFORM:Resilient & Secure foundationCore Azure capabilities built into the platform—how the foundation is designed, operated, and monitored to ensure availability and security.

Building reliable and secure systems, as a shared responsibility EnableReliability & Security ‘in’the cloudLeverageReliability & Security‘of’the cloudCUSTOMER WORKLOADS:Architecture design principlesYourapporworkload architecture, built on the below.CUSTOMER CLOUD ENVIRONMENT:Resiliency & Security featuresOptional Azure capabilities you enable as needed in your environment—security, high availability, disaster recovery, and backup.AZURE PLATFORM:Resilient & Secure foundationCore Azure capabilities built into the platform—how the foundation is designed, operated, and monitored to ensure availability and security.Azure Well-Architected FrameworkCloud Adoption Framework for Azure… and this is how Microsoft can help

Viewing Azure Services from different lensesP R O D U C TD O C U M E N TAT I O NW O R K LO A DP O RT F O L I O

PRODUCTDOCUMENTATION

WORKLOADA P PI N F R AD ATAReliabilityCost optimizationOperational excellencePerformance efficiencySecurityW O R K L O A D

A P PI N F R AD A T AW O R K L O A D A P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DA P PI N F R AD A T AW O R K L O A DaPORTFOLIOStrategy/PlanReady/Azure Landing ZoneAdopt: Migrate, Modernize, InnovateCompliance: Governance, Security, & Operations

Well-Architected Framework

Architect and optimize workloads for successActionable & simpleto use deep technical resources to design workloads that show results.Build workloads with confidenceusing proven best practices.Know where to focusto optimize workloads.

Azure Well-ArchitectedBuild and optimize high-performing workloadsBuild workloads with confidence in proven practices.Design high-performingworkloads using deep technical guidance.Optimizeworkloads with actionable areas of focus.ReliabilityCost optimizationOperational excellencePerformance efficiencySecurityArchitectureDesign PrinciplesTradeoffsChecklistsAzure Well-Architected FrameworkAzure Well-Architected ReviewSkillingProduct DocsAzure AdvisorArchitecture CenterPartner and Service Offers

Best practices to drive workload qualityReliabilitySecurityCost OptimizationOperational ExcellencePerformance Efficiencyhttps://aka.ms/WAF

Business requirements influence decisions about workload architecturesWhat tradeoff decisions must you make in a business context?Development/test workloadsMission-critical workloadsSecuring all workloads

The Well-Architected Framework –content flowReliabilityCost optimizationOperational excellencePerformance efficiencySecurityDesign PrinciplesRE01RE02RE03RE04RE05RE06RE07RE08RE09RE10ChecklistRecommendations…Recommendations…Recommendations…Recommendations…Recommendations…Recommendations…Recommendations…Recommendations…Recommendations…Recommendations…

WAF: Design PrinciplesReliability design principlesBuilding a reliable application in the cloud is different from traditional application development. Historically, you may have purchased levels of redundant higher-end hardware to minimize the chance of an entire application platform failing.In the cloud, we acknowledge that failures happen. Instead of trying to prevent failures altogether, the goal is to minimize the effects of a single failing component.To assess your workload using the tenets found in the Azure Well-Architected Framework, reference the Microsoft Azure Well-Architected Review.The following design principles provide:•Context for questions•Why a certain aspect is important•How an aspect is applicable to ReliabilityThese critical design principles are used as lenses to assess the Reliability of an application deployed on Azure. These lenses provide a framework for the application assessment questions.Goals of Design Principles•Help set strategic vision•Universally applicable concepts•Not “hands-on-keyboard” guidanceGoals of Design PrinciplesTitle / RoleAwarenessActivationBusiness Decision MakerSolution ArchitectWorkload OwnerEngineer

WAF: Checklists, Recommendations, and TradeoffsPillarsTradeoffsRecommendation guidesChecklistPeopleConsulting roleWorkload facing

WAF: Checklists, Recommendations, and TradeoffsChecklistOne for each pillarHigh-level recommendationsConcise and descriptiveOrdered

WAF:Checklists, Recommendations, and TradeoffsRecommendationsDepthExpert guidanceConsistent structureTradeoffsConsiderations

WAF: Checklists, Recommendations, and Tradeoffs TradeoffsConsiderations

WAF: TradeoffsTradeoffsReliability vs. costReliability vs. performanceReliability vs. ease of management

Well-Architected Review assessmentsDescription:•A free collection of self-guided assessments that reviews architectural design patterns for various workload types.•Based on the five pillars of the Well-Architected Framework.•Recommendations are links to WAF docs and product docs.•Integration with Azure Advisor ingests recommendations based on telemetry to make WAF-based recommendations more actionable.•Milestones and checklists allow customers to maintain status of remediations.•Scripts generate Azure DevOps (ADO) work items or .csv files for tracking.Use cases:•Leverage as a checklist of considerations while designing a workload and its architecture.•Perform go-live assessment as an aspect within a pre-deployment checklist.•Periodic review of an existing workload in production.

Continuous review and improvementMonitor system and understand operational healthRehearse, recover, and practice failureEmbrace continuous operational improvementMonitorImplementTriageIntegrateAssess

BreakDAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&ANext:Continuous improvement: Optimize your workloads (part 2)

Continuous improvement: Optimize your workloads (part 2)DAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&A

Learning ObjectivesUnderstandwhen to use the Cloud Adoption Framework or the Well-Architected Framework.DiscoverMicrosoft guidance, products, and tools to optimize workloads.Learnfrom demos how to optimize workloads with Advisor and the Well-Architected Review.

Learning Objectives Learnfrom demos how to optimize workloads with Advisor and the Well-Architected Review

Azure Advisor

Azure AdvisorYour free, personalized guideto Azure best practicesBest practices to set up and optimize your Azure workloadsSimple, step-by-step guidance and quick actions for fast remediationOne place to review and act on recommendations across AzureAlerts and digests to notify you about new recommendationsCostMaximize the return on your Azure investmentSecurityProtect your Azure resources from security threatsPerformanceBoost speed and responsiveness of your resourcesReliabilityIncrease uptime of your business-critical appsOperational excellenceProcess and workflow efficiency and manageability

How Advisor worksYour WorkloadsOnetoolforresourceoptimizationOurbestpracticerecommendationsYourresourceusageandconfigurationAzure AdvisorAzure Services

1000+best practice recommendations and countingExamplesCostResize or shutdown underutilized virtual machines.Reduce costs by eliminating unprovisioned ExpressRoute circuits.SecurityEnable MFA on accounts with subscription owner permissions.Install monitoring agent on virtual machine scale sets.PerformanceUpdate table statistics on your SQL Data Warehouse table to increase query performance.Add regions with traffic to your Azure Cosmos DB account.ReliabilityUse Managed Disks to improve data reliability.Enable VM Backup to protect your virtual machine data from accidental deletion.Operational excellenceCreate Service Health alerts to be notified when Azure issues affect you.Repair invalid log alert rules.

ASOS Customer Use CaseWell-Architected Framework –Cost OptimizationCostResize or shutdown underutilized virtual machines.Reduce costs by eliminating unprovisioned ExpressRoute circuits.“Our cloudcost optimization has already saved us 25 to 40 percent.It’s a different framework –a different mentality. People needed a little bit of discipline each day, and it happened very quickly, within a couple of weeks.We saw a drastic change, and teams haven’t felt the pinch they were expecting after implementing better practices. They see the long-term benefits, so the culture has changed.”- ASOS

ASOS Customer Use CaseWell-Architected Framework –OptimizationCostResize or shutdown underutilized virtual machines.Reduce costs by eliminating unprovisioned ExpressRoute circuits.“Our cloudoptimization has already saved us 25 to 40 percent.It’s a different framework –a different mentality. People just needed a little bit of discipline each day, and then it happened very quickly, within a couple of weeks. We saw a drastic change, and teams haven’t felt the pinch they were expecting after implementing better practices. They see the long-term benefits, so the culture has changed.”- ASOS

Introducing Advisor WorkbooksA video

Remediating Advisor recommendations

Advisor recommendations screenshot 4

Rely on guidance and tools throughout the workload lifecyclePre-deploymentProductionDE S IG NBUIL DTE S TMONITORMAINTAINUserDevs/ArchitectsDevOps, ISVsDevOpsArchitect/App OwnerToolsReference ArchitecturesAdvisorProcessIterationRemediationGuidanceWell-Architected ReviewAzure Architecture Center and Well-Architected FrameworkBuild workloads with confidence with proven best practicesContinuously improve workloads with actionable focus areasDesign high-performing workloads using deep technical guidance

Break DAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&ANext:Demo –Review and remediate a workload deployed in production

Demo

Demo –Deep dive into assessing and remediating a workloadDAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&A

Closing Q&ADAY 2IntroductionContinuous improvement: Optimize your workloads (part 1)BreakContinuous improvement: Optimize your workloads (part 2)BreakDemo –Deep dive into assessing and remediating a workloadClosing Q&A