Windows Azure VPN Workshop


Published on

Presentacion en el Windows Azure VPN Workshop
en Santiago de Chile

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Speaking Points:There are numerous terms and definitions floating around in the industry for “the cloud”, “cloud computing”, “cloud services”, etc.Microsoft thinks of the cloud as simply an approach to computing that enables applications to be delivered at scale for a variety of workloads and client devices.The cloud can help deliver IT as a standardized service…freeing you up to focus on your business
  • In the last few years, we have seen an explosive growth in the use of the public cloud. While most of the initial adoption was seen by startups and smaller orgs, most of the new growth will come from larger organizations adopting the public cloud. Now you might ask what’s causing cloud adoption at such a fierce rate. There are 3 fundamentals business drivers at play here:SPEED: With minutes instead of days/weeks to procure & provision servers, the pace of innovation has dramatically increased. Reduced ‘time to develop’ & ‘time to market’ means your IT can be much more agile in servicing needs of the business units or developers. Embrace & Enable Innovation. Help your business move forward against the competition. In fact, it is the speed and agility that IT hasn’t been able to provide has resulted in what many call “Shadow IT” where business units are resorting to using credit cards to procure computing resources outside of the purview of the IT.SCALE: Cloud gives you an almost infinite set of computing resources. Your applications will enjoy massive global scale, and can easily scale up or down depending on the demand. That means, you never have to worry about running out of capacity or worry about overprovisioning. You use just enough resources for your needs - nothing more, nothing less. ECONOMICS:And of course, you’re paying only for what you use in the Cloud. This in itself saves you money for any app that has variable computing needs. For some organizations, there is also an additional benefit of changing CapEX to OpEX, which frees up capital from infrastructure investments so it can be put to other uses.
  • Slide Objectives:Describe the various computing patterns that are good for Cloud ComputingSpeaking Points:There are numerous terms and definitions floating around in the industry for “the cloud”, “cloud computing”, “cloud services”, etc.Microsoft thinks of the cloud as simply an approach to computing that enables applications to be delivered at scale for a variety of workloads and client devices.The cloud can help deliver IT as a standardized service…freeing you up to focus on your businessCover the workloads in the slide
  • Slide Objectives:Explain the three established industryterms for cloud servicesSpeaker Notes:There is a lot of talk in the industry about different terms like Platform as a Service, Infrastructure as a Service, and Software as a Service.Since PDC08 when we first announced the Windows Azure our focus has been on delivering a platform as a service offering where you can build applications. Where the platform abstracts you from the complexities of building and running applications. We fundamentally believe that the future path forward for development is by providing a platform. In fact, as you’ll see in a few minutes, we believe that there are a number of new capabilities that should be delivered as services to the platform.Notes:There is a lot of confusion in the industry when it comes to the cloud. It’s important that you understand both what is happening in the industry and how we think about the cloud. This is the most commonly used taxonomy for differentiating between types of cloud services.The industry has defined three categories of services:IaaS – a set of infrastructure level capabilities such as an operating system, network connectivity, etc. that are delivered as pay for use services and can be used to host applications. PaaS – higher level sets of functionality that are delivered as consumable services for developers who are building applications. PaaS is about abstracting developers from the underlying infrastructure to enable applications to quickly be composed. SaaS – applications that are delivered using a service delivery model where organizations can simply consume and use the application. Typically an organization would pay for the use of the application or the application could be monetized through ad revenue. It is important to note that these 3 types of services may exist independently of one another or combined with one another.
  • Slide Objectives:Explain the differences and relationship between IaaS, PaaS, and SaaS in more detail.Speaking Points:Here’s another way to look at the cloud services taxonomy and how this taxonomy maps to the components in an IT infrastructure. Packaged SoftwareWith packaged software a customer would be responsible for managing the entire stack – ranging from the network connectivity to the applications. IaaSWith Infrastructure as a Service, the lower levels of the stack are managed by a vendor. Some of these components can be provided by traditional hosters – in fact most of them have moved to having a virtualized offering. Very few actually provide an OSThe customer is still responsible for managing the OS through the Applications. For the developer, an obvious benefit with IaaS is that it frees the developer from many concerns when provisioning physical or virtual machines. This was one of the earliest and primary use cases for Amazon Web Services Elastic Cloud Compute (EC2). Developers were able to readily provision virtual machines (AMIs) on EC2, develop and test solutions and, often, run the results ‘in production’. The only requirement was a credit card to pay for the services.PaaSWith Platform as a Service, everything from the network connectivity through the runtime is provided and managed by the platform vendor. The Windows Azure best fits in this category today. In fact because we don’t provide access to the underlying virtualization or operating system today, we’re often referred to as not providing IaaS.PaaS offerings further reduce the developer burden by additionally supporting the platform runtime and related application services. With PaaS, the developer can, almost immediately, begin creating the business logic for an application. Potentially, the increases in productivity are considerable and, because the hardware and operational aspects of the cloud platform are also managed by the cloud platform provider, applications can quickly be taken from an idea to reality very quickly.SaaSFinally, with SaaS, a vendor provides the application and abstracts you from all of the underlying components.
  • Slide Objectives:Provide a high level summary of Windows Azure and what it enables at a high levelSpeaking Points:Transition:Several of you are probably asking, just what is Windows Azure? Definition:From a high level, Windows Azure is Microsoft’s Cloud Computing platform.It’s designed to enable you to build, deploy, and scale your applications in the cloud. Over the last year, we’ve been focused on three core tenants with Windows Azure – which you will see reflected throughout this keynote.FlexibleThe first is to make it Windows Azure really flexible and able to handle pretty much any workload on top of it.When we introduced Windows Azure a few years ago, we pioneered the concept of Platform as a Service, by providing a set of scalable, managed services that you can advantage of as a developer [to compose applications]We continue to push that forward with a bunch of great features that you will see in a few minutesThis past year we have also enabled a concept called infrastructure as a service, which is the ability to host and scale durable virtual machines in the cloud as well.With Windows Azure’s support for infrastructure as a service, you can install Windows or Linux and more easily migrate existing applications and workloads.This combination of the ability to run both platform as a service and infrastructure as a service together ends up being a really powerful combination and makes Windows Azure super flexible. OpenWe also focused a lot this year on making Windows Azure even more open.With Windows Azure you can use your choice of operating systems, your choice of frameworks, and your choice of tools.This really opens up the most possibilities in terms of building on the platformAnother aspect of this openness is to use open protocols whenever possible. For example, we use the memcachD protocol for our Caching service, we now support the AMQP protocol for our Service Bus messaging service, and all of the managed services are exposed through simple REST-based APIs that can be called from any framework or language. This enables you to interoperate very easily with our services and integrate with what you already haveWe’ve also taken all of our SDKs for Windows Azure and released them under an Apache 2 open source license and hosted them on GitHub.SolidLastly, we’ve focused a lot during the last year on making Windows Azure a really solid platform. One that you can bet your business on and that you know will be reliable. Built in across the platform is support for redundancy and across our managed services we provide guaranteed SLAs that you can bet on and know that your applications will scale and scale reliably. SummaryWe believe the end result is truly a unique modelYou can now use both platform as a service and infrastructure as a service *together*You can now use the best of the Microsoft ecosystem and the best of the open source ecosystem *together*Enabling you to build better and more scalable solutions. Notes:Comprehensive set of services that enable you to build, host and scale applications in Microsoft datacenters Windows Azure is an open and flexible cloud platform that enables you to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters. You can build applications using any language, tool or framework. And you can integrate your public cloud applications with your existing IT environment.
  • Lets now take a look at the global scale at which Windows Azure operates.We operate in 8 global regions across different contents. 4 in US, 2 in Europe, and 2 in Asia. These are gigantic in their scale and operations and here are some of the pictures.In addition, we have 24 CDN locations across the globe.We provide support across 109 countries and in 8 languagesWe have our local teams and sales offices across the world.In addition, we have 19 countries with local currency supportKey Talking Points:To support growth in the massive demand for Windows Azure, Microsoft has developed a modular approach to building and expanding physical datacenter capacity quickly – in days, instead of weeks and monthsITPACs are pre-assembled, self-contained datacenter “pods” that contain pre-wired racks of servers, storage and networking equipment along with cooling, venting and power management.Multiple ITPACs can be quickly delivered to a datacenter site and interconnected to build and/or grow datacenter capacityBy leveraging ITPACs as building blocks for modular datacenters, not only can Microsoft quickly expand physical capacity, but existing capacity is delivered very cost-effectively – in our Gen4 datacenters, we’ve demonstrated a 1.05 PUE ( Power Utilization Efficiency) ratio – whereas traditional datacenters often have a PUE as much as 2-3x higher.Direct attendees to the links on the page for more details. If time permits during the event, you may wish to play one or both videos.Additional Nations ITPAC datacenter technology video - Generation 4.0 Data Center Vision -
  • Speaking Points:The final thing I’ll mention about Windows Azure, before we dive into the tour of services is the approach we’re taking with paying for services.This maybe different for many of you who are familiar with hosting providers and on-premises systems. With Windows Azure you pay only for what you use.There are no upfront costThere is no need to buy any up front server licenses, that’s just included in the priceLikewise if you use a SQL database, through our SQL Database feature in Windows Azure, you don’t have to buy a SQL Server license, that’s also included in the price. For compute services such as Virtual Machines and Web Sites you only pay by the hour. This gives you the flexibility to run your applications very cost effectively. You can scale up and scale down your solutions or even turn them on and off as necessary. This also opens up a ton of possibilities in terms of the new types of apps you can build
  • Can the news get even better? Yes. With the changes that we have implemented, you also get a better deal when you stop your running virtual machines. You have given us the feedback that you run a number of workloads in Windows Azure, where you need to start and stop a virtual machine often - for instance in dev and test scenarios. These machines do not need to be up and running 24x7. And, you do not want to be paying 24x7 either.It is very much like filling your car at the station. If you are not filling up your car and pumping gas into your tank , you do not want to be charged. Does not matter that you are still holding the hose in your hands. With the new changes we’ve implemented, when you stop pumping, that is when you stop your running your virtual machine, you no longer get billed. The billing and the gas meter stops there.When you are ready to start again, you can press the nozzle, and restart from where you left off. Same disks attached, same end-points configured. That easy.We are working on enabling this approach for web and worker roles as well and will have timelines to announce later in the year.We know you want a good price, a good trusted partner and a reliable service when you make your investments in the cloud. You do not want to trade-off between those elements. That is what we deliver with Windows Azure.
  • Windows Azure is a broad stack of services that runs in our datacenters globally. Think of the different services as building blocks. These services can be categorized into three classes – Infrastructure services which are lower level building blocks, Data services that provide storage and data management capabilities to apps, and App services which provide different capabilities to rapidly develop apps, scale and run apps at a global scale.
  • You can use these blocks or puzzle pieces to rapidly build apps, and then choose an Azure datacenter to run the app. Windows Azure takes care of the underlying management, and provides your app the scale it needs. This approach is what industry experts call a Platform as a Service.
  • But that is not all that you can do with Azure. Windows Azure also provides infrastructure services which allow for more hands on configuration and management similar the servers you have today. However, they’re hosted in Microsoft datacenters letting you use Azure as if you were operating your own datacenter in the Cloud. For example, you can provision VMs, give them private IP addresses, and connect to them using a VPN from your on-premises environment. Most importantly, this lets Windows Azure mimic your on-premises datacenter and run your current apps with little or no change without the expense of having to own servers of racks, cooling and building costs. Furthermore, you can connect the “datacenter” you build in the Cloud to your on-premises datacenter so the datacenter in the Cloud becomes an extension to your on-premises infrastructure. These “building blocks” lets Windows Azure to be used as an Infrastructure-a- a-service.So, you see Windows Azure offers IaaS +PaaS in one platform. IaaS provides flexibility, PaaS eliminates complexity. Use PaaS where you can, use IaaS where you need. With Azure, you can use both together or independently, and build apps of the future. That uniquely differentiates us. 
  • When we announced general availability of infrastructure services, we have re-iterated our commitment to make the power of AND work for our customers. We have more than one view of the world, it is cloud AND on-premises and we continue to deliver on that theme. Case in point is Point-to-Site VPN.It allows you to setup virtual private network (VPN) connections between individual computers and a virtual network in Windows Azure. We built this capability based on customer requests and learnings from a preview feature called Windows Azure Connect. Point-to-Site VPN greatly simplifies setting up secure connections between Windows Azure and client machines, whether from your office environment or from remote locations. Using Point-to-Site VPN enables some new and exciting ways to connect to Windows Azure that are not possible from other cloud providers. Here are a few examples:You can securely connect to your Windows Azure environment from any location. You can connect your laptop to a Windows Azure test and development environment and continue to code away while sipping coffee at an airport café!Small businesses or departments within an enterprise who don’t have existing VPN devices and/or network expertise to manage VPN devices can rely on the Point-to-Site VPN feature to securely connect to workloads running in Windows Azure virtual machines.You can quickly set up secure connections to Windows Azure even if your computers are behind a corporate proxy or firewall.Independent Software Vendors (ISVs) wanting to provide secure access to their cloud apps can leverage the Point-to-Site VPN feature to offer a seamless application experience.
  • Windows Azure VPN Workshop

    1. 1. Windows Azure VPN Workshop
    2. 2. Cloud Computing Patterns
    3. 3. kr $ £ $ kr chf € руб ₩ ¥ TL $ Rp $ R $ $
    4. 4.    
    5. 5. vpn
    6. 6. Pop Quiz! Q.1 VPN stands for… a) Virtual Public Network b) Virtual Private Network c) Virtual Protocol Network d) Virtual Perimeter Network
    7. 7. Pop Quiz! A.1 VPN stands for… b) Virtual Private Network VPN stands for "Virtual Private Network" or "Virtual Private Networking." A VPN is a private network in the sense that it carries controlled information, protected by various security mechanisms, between known parties. VPNs are only "virtually" private, however, because this data actually travels over shared public networks instead of fully dedicated private connections.
    8. 8. Pop Quiz! Q.2 What are the acronyms for the 3 most common VPN protocols?
    9. 9. Pop Quiz! A.2 3 most common VPN protocols are… • PPTP • L2TP • IPsec PPTP, IPsec, and L2TP are three of today's most popular VPN tunneling protocols. Each one of these is capable of supporting a secure VPN connection.
    10. 10. Pop Quiz! Q.3 What does IPsec stand for?
    11. 11. Pop Quiz! A.3 IPsec = Internet Protocol Security !
    12. 12. Pop Quiz! Q.4 What is the main benefit of VPNs compared to dedicated networks utilizing frame relay, leased lines, and traditional dial-up? a) better network performance b) less downtime on average c) reduced cost d) improved security
    13. 13. Pop Quiz! A.4 The main benefit of VPNs is… c) reduced cost The main benefit of a VPN is the potential for significant cost savings compared to traditional leased lines or dial up networking. These savings come with a certain amount of risk, however, particularly when using the public Internet as the delivery mechanism for VPN data.
    14. 14. Pop Quiz! Q.5 In VPNs, the term "tunneling" refers to a) an optional feature that increases network performance if it is turned on b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit c) the method a system administrator uses to detect hackers on the network d) a marketing strategy that involves selling VPN products for very low prices in return for expensive service contracts
    15. 15. Pop Quiz! A.5 In VPNs, the term "tunneling" refers to… b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit
    16. 16. Azure Network On Premise Network 192.168.0. 0/16 IP: 192.168.X.Y GW: 1 190.196.17 .12 192.168.0. 111 6 138.91.14 5.3
    17. 17. Left OpenSwan VM Internal IP: Subnet: Elastic IP: internet Rigth Virtual Getway Internal IP (VM): Subnet: Getway IP: