Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
amazon                   web services    Lunch and Learn SeriesDeploy, Scale and Manage yourMicrosoft Investments with AWS
Please silence your phonesYour presenter:Joe Ziegler, zieglerj@amazon.comTechnical Evangelist          @jiyosub       [   ...
• Overview           • SQL Server• Licensing          • SharePoint• Networking & • Tips & Tricks Security   [     Our plan...
• Overview         • SQL Server• Licensing        • SharePoint• Networking & • Tips & Tricks Security               4
What we assume you already          know:AWS provides pre-configured Windows AMI’s to start running fully supported Window...
Isn’t cloud Windows different?•   Full, real, licensed Windows      •   Security groups for easy-to-    Server OS         ...
What’s Big & Easy•   Web Applications        •   Windows              •   Transcoding, E    •   WebMatrix                 ...
What’s New                       Windows Free Tier•   750 hours of Amazon EC2 Linux† Micro Instance usage•   750 hours of ...
What’s NewSQL Server Standard on more host types, and now  SQL Web Edition at a lower hourly price point
What’s New            Relational Database Service (RDS)                      for SQL Server   • Point and Click     deploy...
What’s New   Elastic Beanstalk with support for .Net and Visual                         Studio • IIS 7.5 with full .net su...
Elastic Bean Stalk        12
Even more NewCloudFront support for IIS-MS 4.1 Smooth StreamingWindows HPC Cluster support http://docs.amazonwebservices.c...
• Overview      • SQL Server• Licensing     • SharePoint• Networking & • Tips & Tricks Security               14
Licensing• OEM aka Hourly                • RDS aka Terminal  Licensing via SPLA              Services •   Windows OS, SQL ...
License Mobility Requirements• Must be on active Software Assurance  •Enterprise Agreement  •Enterprise Subscription Agree...
BizSpark• Developing Software?• Privately Held?• Less than 3 years old?• Making less than $1mm USD annually?• Join BizSpark!
• Overview       • SQL Server• Licensing      • SharePoint• Networking &   • Tips & Tricks Security                 18
Security: Shared Responsibility Model     AWS              Customer• Facilities                • Operating System• Physica...
So what do you do about it?      SAS 70 Type II Audit                                                                     ...
Networking and Security • No  • Multicast, Broadcast, Anycast, IP     spoofing, Clustering  • VPC   • Statics, Routing, Ne...
Networking and Security•   AWS Credentials    •   IAM (hint: Try the policy        wizard!)        •   For your Staff     ...
Amazon Virtual Private Cloud (VPC)•   Logically Isolated Environment•   Private IP address ranges•   Ingress and Egress Ne...
The New Enterprise ITNetwork Architecture                                                  Availability Zone 1            ...
New EC2 VPC feature:Elastic Network Interface                 • Multiple                   Addresses                 • Spa...
• Overview       • SQL Server• Licensing      • SharePoint• Networking &   • Tips & Tricks Security                 26
“With AWS and 2nd Watch, we have found a much more                                            cost effective way to keep t...
SQL Server Quick and Dirty• Instance Type           • Raid0 isn’t quite what  Matters!                  you think on EC2 •...
Example:a fork-lifted app,with a fork-lifted               DB
Example:Fault-Tolerant
SQL on EC2 vs. SQL on• Do you have 3 RDS               rd party applications on  the DB host?• Windows Authorization…• Com...
• Overview       • SQL Server• Licensing      • SharePoint• Networking &   • Tips & Tricks Security                 32
Case Study – SharePoint on AWS•   SharePoint migration and consolidation    projects with Recovery.gov, Treasury.gov,    A...
A little fault-tolerance                      exercise Elastic  LoadBalancer                            How much load can ...
A little fault-tolerance                      exercise Elastic  LoadBalancer                            35%-45%SharePoint ...
A little fault-tolerance                             exerciseElastic Load Balancer                                    How ...
A little fault-tolerance                             exerciseElastic Load Balancer                                    ~80%...
• Overview       • SQL Server• Licensing      • SharePoint• Networking &   • Tips & Tricks Security                 39
CloudFormationhttp://aws.amazon.com/cloudformation/aws-cloudformation-templates/
VM Import / Export                    • VMware ESX VMDK                             * Currently for Windows OnlyImport• VM...
VM Import: Cloud Recovery (this looks a lot like a                                          Windows migration, doesn’t it?...
• Overview       • SQL Server• Licensing      • SharePoint• Networking &   • Tips & Tricks Security                 47
Further Reading• http://aws.amazon.com/microsoft/• http://aws.amazon.com/cloudformation/aws-  cloudformation-templates/• h...
Shameless Plug      49
amazon                           web serviceshttp://aws.amazon.com  Joe Ziegler, Technical Evangelist      zieglerj@amazon...
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
Deploy, Scale and Manage your Microsoft Investments with AWS
Upcoming SlideShare
Loading in …5
×

Deploy, Scale and Manage your Microsoft Investments with AWS

1,960 views

Published on

The AWS Lunch and Learn Series with the topic of Deploy, Scale and Manage your Microsoft Investments with AWS as presented by Joe Ziegler

Published in: Technology
  • Be the first to comment

Deploy, Scale and Manage your Microsoft Investments with AWS

  1. 1. amazon web services Lunch and Learn SeriesDeploy, Scale and Manage yourMicrosoft Investments with AWS
  2. 2. Please silence your phonesYour presenter:Joe Ziegler, zieglerj@amazon.comTechnical Evangelist @jiyosub [ House Keeping ] 2
  3. 3. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security [ Our plan for today ] 3
  4. 4. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 4
  5. 5. What we assume you already know:AWS provides pre-configured Windows AMI’s to start running fully supported Windows Server virtual machines in the cloud in minutes
  6. 6. Isn’t cloud Windows different?• Full, real, licensed Windows • Security groups for easy-to- Server OS configure firewalls per VM • 2003, 2008, 2008r2, all via • Easily install services and our Microsoft SPLA software that you know: AD, licensing means no CAL’s ADFS, SCOM, WSUS, SQL, required Exchange, SharePoint, Media Services, etc. • SQL Server Web and Standard via SPLA as well • All the benefits of a cloud infrastructure without the…• VPC for static, secure, user- weird defined networks
  7. 7. What’s Big & Easy• Web Applications • Windows • Transcoding, E • WebMatrix Media Services ncoding • .net and IIS • ADFS • Windows HPC• • 3rd Party Cluster Microsoft Applications Enterprise • Genomics • Applications • CFD, CAD SharePoint • SAP, Sage, ES • • SQL Server RI, etc Financials • Exchange • Media • Software Dev Applications and Test • System Center
  8. 8. What’s New Windows Free Tier• 750 hours of Amazon EC2 Linux† Micro Instance usage• 750 hours of Amazon EC2 Microsoft Windows Server‡ Micro Instance• 750 hours of an Elastic Load Balancer plus 15 GB data processing*• 30 GB of Amazon Elastic Block Storage, plus 2 million I/Os and 1 GB of snapshot storage*• 750 hours of Amazon RDS Single-AZ Micro DB Instances, for running MySQL, Oracle BYOL or SQL Server (running SQL Server Express Edition)‡‡
  9. 9. What’s NewSQL Server Standard on more host types, and now SQL Web Edition at a lower hourly price point
  10. 10. What’s New Relational Database Service (RDS) for SQL Server • Point and Click deployment in minutes • Managed database with pre-configured snapshots for backup or Server, OS, and DB cloning parameters • Automatic Windows and • Vertically scale with a few SQL Server software clicks or a single API call patching • Automated backups and • Fully Managed Disk DRPlus Free Tier!
  11. 11. What’s New Elastic Beanstalk with support for .Net and Visual Studio • IIS 7.5 with full .net support auto-scaling and Elastic • Package deployable code as Load Balancer to distribute a “Microsoft Web Deploy” traffic and you’re done • Application level metrics like • Use the AWS Toolkit for request count, average Visual Studio to publish latency builds from within your IDE • Zero lock-in or lock-out, open up the hood, RDP in, change • Windows Server 2008r2 with it how you likePlus Free Tier!
  12. 12. Elastic Bean Stalk 12
  13. 13. Even more NewCloudFront support for IIS-MS 4.1 Smooth StreamingWindows HPC Cluster support http://docs.amazonwebservices.com/AWSEC2/latest /WindowsGuide/ConfigWindowsHPC.html2 New Instances: m1.medium instances, cc2.8xlargeinstance
  14. 14. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 14
  15. 15. Licensing• OEM aka Hourly • RDS aka Terminal Licensing via SPLA Services • Windows OS, SQL Server • SAL via 3rd Party SPLA Web and Standard Edition • BizSpark• License Mobility aka • Or the golden rule… Talk BYOL to your Microsoft Rep! • Sharepoint, SQL Server, Lync, System Center, Exchange, Dyna mics CRM
  16. 16. License Mobility Requirements• Must be on active Software Assurance •Enterprise Agreement •Enterprise Subscription Agreement •Open Value Agreement •Open License (with SA option) •Select Plus (with SA option)• For Licensed apps, need appropriate CALs• No migration for 90 days
  17. 17. BizSpark• Developing Software?• Privately Held?• Less than 3 years old?• Making less than $1mm USD annually?• Join BizSpark!
  18. 18. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 18
  19. 19. Security: Shared Responsibility Model AWS Customer• Facilities • Operating System• Physical Security • Application• Physical Infrastructure • Security Groups• Network Infrastructure • OS Firewalls• Virtualization • Network Configuration Infrastructure • Account Management
  20. 20. So what do you do about it? SAS 70 Type II Audit Encrypt data in transit ISO 27001/2 Certification Encrypt data at rest PCI DSS 2.0 Level 1-5 Protect your AWS Credentials HIPAA/SOX Compliance Rotate your keys FISMA Moderate Infrastructure Application Secure your OS and applications FEDRamp / GSA ATO Security SecurityHow we measure that our How can you secure your infrastructure is secure application and what is your responsibility? Services Security What security options and features are available Enforce IAM policies to you? Use MFA, VPC, Leverage S3 bucket policies, EC2 Security groups, EFS in EC2 Etc..
  21. 21. Networking and Security • No • Multicast, Broadcast, Anycast, IP spoofing, Clustering • VPC • Statics, Routing, Network ACL + Security Group, Ingress/Egress • VPN • Direct Connect
  22. 22. Networking and Security• AWS Credentials • IAM (hint: Try the policy wizard!) • For your Staff • For your Applications • MFA • Secure Delete!• Instance Credentials • Keypairs • Passwords
  23. 23. Amazon Virtual Private Cloud (VPC)• Logically Isolated Environment• Private IP address ranges• Ingress and Egress Network Access Control• Elastic IP addresses and Internet Gateway• Hardware encrypted VPN connections or Direct ConnectWizard-based setup 10G’s DirectConnect Amazon Virtual Corporate Location Private Cloud Data Center
  24. 24. The New Enterprise ITNetwork Architecture Availability Zone 1 10G DirectConnect Corporate Location NAT Instance PrivateData Center VPN Gateway Subnet Customer Gateway Internet Gateway Public Subnet Amazon VPC Availability Zone 2 CorporateHeadquarters S3 SQS/SNS/SES SWF Elastic SimpleDB DynamoDB Beanstalk AWS RegionBranch Offices
  25. 25. New EC2 VPC feature:Elastic Network Interface • Multiple Addresses • Span Subnets • Attach/Detach • Public or Private
  26. 26. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 26
  27. 27. “With AWS and 2nd Watch, we have found a much more cost effective way to keep the lights on for a critical part of our infrastructure while reducing the risk of IT resources getting distracted from our core business strategies.” David Barbieri, SVP and CIO Business BenefitsInfra Cost Comparison ~58% savings! • Big savings over existing infrastructure • Faster network speedsAWS Cloud Infrastructure • Improved load times • Already planning future migrations Old Infrastructure SW Apps: • SharePoint 2010 • SQL Server 2008 • Umbraco CMS
  28. 28. SQL Server Quick and Dirty• Instance Type • Raid0 isn’t quite what Matters! you think on EC2 • m1.xlarge /= m2.xlarge • Snapshots!• IO Throughput • ENI for HA is, well, important• Cluster Compute for non-HPC: DB on CC• EBS /= SAN
  29. 29. Example:a fork-lifted app,with a fork-lifted DB
  30. 30. Example:Fault-Tolerant
  31. 31. SQL on EC2 vs. SQL on• Do you have 3 RDS rd party applications on the DB host?• Windows Authorization…• Complex Replication Topologies• Manual update/patch control
  32. 32. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 32
  33. 33. Case Study – SharePoint on AWS• SharePoint migration and consolidation projects with Recovery.gov, Treasury.gov, Army Corp of Engineers and others• Team leveraged existing Windows skills and tool sets• Microsoft License Mobility program to license server applications on AWSSW Apps:• SharePoint 2010• SQL Server 2008 Infrastructure Cost Comparison• Forefront 60%-70% savings! AWS Cloud Infrastructure Old Infrastructure
  34. 34. A little fault-tolerance exercise Elastic LoadBalancer How much load can you safely put on each instance?SharePoint SharePoint EC2 EC2Instance #1 Instance #2
  35. 35. A little fault-tolerance exercise Elastic LoadBalancer 35%-45%SharePoint SharePoint EC2 EC2Instance #1 Instance #2
  36. 36. A little fault-tolerance exerciseElastic Load Balancer How about now? SharePoint SharePoint EC2 EC2 Instance 1-5 Instance 6- 10
  37. 37. A little fault-tolerance exerciseElastic Load Balancer ~80% SharePoint SharePoint EC2 EC2 Instance 1-5 Instance 6- 10
  38. 38. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 39
  39. 39. CloudFormationhttp://aws.amazon.com/cloudformation/aws-cloudformation-templates/
  40. 40. VM Import / Export • VMware ESX VMDK * Currently for Windows OnlyImport• VMware ESX VMDK • VMware ESX OVA images • Microsoft Hyper-V• Citrix Xen VHD VHD images • Citrix Xen VHD file• Microsoft Hyper-V formats VHD imagesExport 45
  41. 41. VM Import: Cloud Recovery (this looks a lot like a Windows migration, doesn’t it?) Server 2008 Boot Data Volume Drive C: D: Amazon EBS Snapshots VMware ESX VMDK Citrix Xen VHD Availability Zone #1Microsoft Hyper-V VHD VM Import service
  42. 42. • Overview • SQL Server• Licensing • SharePoint• Networking & • Tips & Tricks Security 47
  43. 43. Further Reading• http://aws.amazon.com/microsoft/• http://aws.amazon.com/cloudformation/aws- cloudformation-templates/• http://media.amazonwebservices.com/AWS_Microsoft _Platform_Security.pdf• http://awsmedia.s3.amazonaws.com/SharePoint_on_A WS_Reference_Architecture_White_Paper.pdf• http://media.amazonwebservices.com/AWS_RDBMS_ MS_SQLServer.pdf 48
  44. 44. Shameless Plug 49
  45. 45. amazon web serviceshttp://aws.amazon.com Joe Ziegler, Technical Evangelist zieglerj@amazon.com Please Fill out the @jiyosub Feedback Form 50

×