By Mark Perry, Head of Architecture
19th May, 2021
Through 2021 businesses shifted priorities to enable remote work. Now, as COVID-19 seems to be in the rearview, organisations are once again taking advantage of cloud computing innovation and maximising their existing on-premises investments. Relying on an effective multi-edge hybrid approach is even more important today than it has ever been.
Since its inception, Microsoft Azure has been hybrid by design. Azure has provided customers consistency and flexibility in meeting business needs and empowering innovation. This is one of the many reasons customers globally, and here in Australia, trust their workloads and businesses to run on Azure.
The purpose of this blog is to discuss TAS’ Managed Hybrid Azure offering. To begin with, I will set the scene by answering some foundational questions…
What is hybrid cloud computing?
Hybrid cloud computing combines public cloud computing and private cloud, or on-premise computing, allowing resources, data and applications to be shared across the environment while delivering seamless access transparently to users for consumption. Hybrid cloud computing allows for more deployment options and allows for greater flexibility to scale computing resources.
Why do organisations leverage a hybrid cloud approach?
Organisations embrace a hybrid cloud computing approach for several reasons; meeting regulatory requirements, meeting data sovereignty requirements, maximising on-prem technology investments, addressing low latency workloads, addressing edge workloads, and strengthening resilience and business continuity. Adopting a hybrid cloud also provides businesses with greater flexibility by moving workloads between cloud solutions as business needs and costs dictate. Hybrid cloud provides a foundation that enables the adoption of cloud services with little or no disruption to the business.
What are the characteristics of a successful hybrid cloud strategy?
A successful hybrid architecture provides a unified way to manage, secure and govern IT resources across on-premises, public cloud and edge environments. Running a hybrid also means enabling consistent technology choices and architectures across environments to easily move applications and data where you need to and manage it holistically.
What is the TAS Managed Hybrid Azure?
TAS Managed Hybrid Azure Cloud computing service includes several key components, namely:
- A comprehensive, secure Azure baseline or what we refer to as our “Virtual Data Centre” has been refined from years of experience deploying securely managed technology stacks for customers in highly regulated industries. The Virtual Data Centre forms a blueprint that comprises the key components needed to run, monitor, secure, and report on the customer workloads managed in Azure. The Virtual Data Centre is completely developed, deployed and managed through our modern DevSecOps capabilities.
- A set of Azure products and tools required to meet our customers’ strict governance requirements specifically designed and implemented to meet the needs of highly regulated industries, such as Financial Services and Government. TAS mitigates compliance, security, and disaster risks through a comprehensive architectural framework and managed service offering, ensuring requirements continue to be met throughout the lifecycle of the customer’s solution.
- Connectivity between public and private cloud resources is delivered through a secure, highly available, carrier diverse network backbone, allowing seamless access to sensitive data and applications located in the TAS data centres and Azure.
- Day to day management of the customer-owned Azure tenancy and resources, allowing access to cloud features such as consumption-based billing, scalability and flexibility
- Underpinning our managed Azure solution, we have built a robust managed security practice, consisting of the integration of cloud-native security tools such as Microsoft Sentinel, Defender and Security Center, built on top of our Azure DevOps delivered security baseline. Security is only as good as the process that underpins it. The TAS Hybrid Azure security services are supported by our in-house security operations, with the capability to monitor and respond to threats and security incidents in real-time.
- The combination of public cloud resources, managed services, customers, and third-party vendors relies on a strong, clearly defined shared responsibility model. TAS has a proven history of supporting shared responsibility models that allow us to take care of the pain and complexity that often comes out of managing shared responsibility, most importantly ensuring no gaps or uncertainty exist.
Why should customers consider TAS Managed Azure?
There are many benefits to moving to the cloud, but the main consideration for TAS customers is security. Innovations in modern payment services, such as NPP (New Payments Platform) and Open Banking, require additional layers of protection against malicious attacks. Azure, along with the TAS managed service, offers cost-effective options for these specific workloads. Examples of these include:
- Web applications protection through products such as Azure Web Application Firewalls (WAF).
- Azure DDoS Protection provides advanced DDoS mitigation capabilities against network attacks.
- Data at rest encryption providing data protection for stored data.
- Advanced threat detection and remediation through Defender, Security Center and Sentinel.
How do you get there?
Although public cloud technologies offer many advantages, private cloud is still required for some workloads which are not suited to public cloud or will not run on public cloud. TAS has therefore designed the TAS Managed Hybrid Azure Cloud offering, leveraging the best of the our private cloud and the Microsoft Public Cloud, hosting core solutions that are not public cloud ready securely in the TAS Private Cloud while offering customers the opportunity to migrate supporting workloads and deploy new cloud-ready solutions to Azure.
TAS’ Cloud Migration Methodology
To enable our customers to achieve the best results in their cloud adoption journey, TAS has developed a cloud migration methodology that includes five key steps:
- The first step is to understand your business requirements, working closely with you to map out a target end state that will meet your business expectations. From there, we gain visibility of your existing environment through running migration readiness toolsets against your workloads. Other activities include network assessments, customer key resource interviews, service maps and, of course, leveraging all our current knowledge of your environment and similar environments from our existing service management blueprints.
- After discovery is completed, we analyse the data collected to drive key migration decisions. We perform detailed assessments of the workloads at this stage and discuss potential options to deliver the optimal end state and the migration phases required to get there; this includes detailed interoperability assessments with other connected services and suppliers.
- Key discussions on cloud rationalisation approaches are held, or put simply, we present simple-to-understand recommendations on the most effective way to transition and run your workloads in the cloud including, whether to:
- Rehost (lift and shift “as-is” from current state to Public Cloud)
- Refactor (leveraging PaaS services to replace some or all of the traditional IaaS services in use)
- Re-architect (work with the customer and their vendors to re-architect the solution to be Public Cloud ready)
- We then scope up the chosen environment using the TAS Azure Baseline standards, including an estimated Azure bill of materials to deliver your migrated solution. The scope includes the ongoing TAS Managed Services offering and required Hybrid network connectivity at this stage.
- The migration project is scoped, including milestones, project timelines and migration pricing.
- We discuss the migration plan with consideration for strategic initiatives, objectives, timelines, budget, etc.
- Once in agreement, the migration is executed according to the agreed plan. TAS has a team of capable resources across all key technical disciplines that leverage our experienced DevSecOps capability to deliver seamless cloud migrations while coordinating all involved parties, including the customer and third parties.
- Critical to the ongoing success of your business solution delivered on the TAS hybrid Azure platform, TAS provides ongoing comprehensive managed services.
- As part of the migration project delivery, TAS transitions the ongoing support and management to our 24×7 support teams who, with the support of a dedicated customer success team, maintain responsibility to ensure the environment continues to operate up to expectations for the duration of its lifespan.
If you would like further information on how your organisation could leverage the benefits of TAS Managed Hybrid Azure Cloud, please reach out to the TAS team at email@example.com
For more blogs see here