8. Conclusion

Thank you for reading the Azure Strategy and Implementation Guide, Fourth Edition. Throughout the different chapters, we have reviewed how you can start your journey in the Azure cloud, use the Microsoft Azure Well-Architected Framework, and adopt best practices to improve the quality of your workloads in the cloud. There are many different scenarios possible for running your workloads on Azure to meet your organization's solution needs. We learned how important it is to use design principles and realized how crucial planning is when moving resources to Azure.

We hope this end-to-end guide has given you a better understanding of the latest Azure technologies and innovations, how they can help your business, and the framework for your strategy for adopting Azure.

Resources

Here are some helpful resources to help you take the next steps in your Azure migration journey:

• Take a free tutorial on Azure Fundamentals with hands-on exercises: https://docs.microsoft.com/learn/paths/az-900-describe-cloud-concepts/
• Sign-up for an Azure free account to explore infrastructure services from Azure: https://azure.microsoft.com/free/virtual-machines/
• Explore the Cloud Adoption Framework for more insights on how to move to the cloud: https://docs.microsoft.com/azure/cloud-adoption-framework/

Glossary

• Annualized failure rate (AFR): The estimated probability that a device or component will fail during a full year of use.
• App modernization: The modernization of an existing IT asset involving either its refactoring or re-architecture, or both. The goals of app modernization are often to produce cost and operational efficiencies in the cloud.
• Availability Zone: A fault-isolated area within an Azure region with redundant power, cooling, and networking components.
• Azure AD Multi-Factor Authentication (MFA): A type of authentication in which users are asked to verify their identity through an additional form of identification, such as a fingerprint or a code on their mobile phone.
• Azure Arc: Enables you to view and manage compute resources, whether they are on-premises, across multiple vendor clouds, or distributed on the network edge, through the Azure management interface and operating model.
• Azure Connected Machine agent: A software package that enables you to manage Linux and Windows machines regardless of whether they are hosted outside of Azure, across multicloud environments, or on-premises.
• Azure Disk Storage: High-performance, highly durable block storage designed to be used with Azure Virtual Machines.
• Azure DevOps: Azure is all about automation and scaling. You can leverage Azure DevOps to deploy your code and infrastructure in Azure to maintain a stable and consistent deployment process.
• Azure governance: Azure governance is a set of guardrails that help organizations with Azure compliance and security policies. Azure governance helps ensure that all parties have their goals aligned and understand their responsibilities in their journey to Azure.
• Azure Infrastructure as a Service (IaaS): A set of computing, storage, and application capabilities provided as a service by Microsoft to support your workloads in the cloud. Azure IaaS offers security and the ability to instantly scale your infrastructure to manage and operate your workloads from anywhere while reducing costs.
• Azure pricing calculator: The tool you use to estimate your infrastructure costs before you build.
• Azure Private Link: An Azure service that provides private connectivity from a virtual network to Azure Platform as a Service (PaaS), customer-owned or Microsoft partner services.
• Azure Resource Manager (ARM): Resources are configured in Azure through a portal but can also be done programmatically. ARM templates, when integrated with Azure Pipelines, can help you achieve continuous integration and continuous deployment (CI/CD).
• Azure Security Center: A tool to improve your security posture. It can protect your workloads whether they live on Azure, on-premises, or in other clouds.
• Azure Sentinel: A cloud-native SIEM service with built-in AI for analytics that removes the cost and complexity of achieving a centralized and near real-time view of active threats in your environment.
• Azure Stack HCI: An Azure service that ensures a consistent environment for your Linux and Windows workloads through software-defined infrastructure. This hyperconverged infrastructure is ideal for hybrid, on-premises environments.
• Cost analysis: Cost analysis is a helpful tool to keep your infrastructure spend under control. You can leverage monitoring and alerting to help you be more proactive and cost efficient.
• Cybersecurity: A term commonly used to refer to the measures taken in anticipation to oppose an attack on datacenter infrastructure.
• Edge computing: It is not always about remaining connected to the internet. Edge computing allows you to build solutions without the requirement for full-time connectivity.
• Encryption: A method of encoding information. The major encryption concerns are handled by Azure, including encryption both at rest and in transit, as well as key management.
• ExpressRoute: A service available in Azure to create a private connection between Azure datacenters and infrastructure, usually in a co-location environment.
• Fixed minimum performance: In Azure, to right-size your infrastructure, you want to ensure that you have a set minimum performance in mind. This leads to an understanding of the minimum number of resources required to run your application, which will help define your scaling.
• High availability: The characteristic of a system or network to ensure operational continuity over a particular period of time while avoiding downtime.
• Hybrid cloud: Not everything is a good candidate for the cloud. Hybrid solutions are a way to build applications without fully moving your workloads to the cloud.
• Hybrid license: Hybrid licensing is when you leverage an on-premises or pre-purchased license in Azure to help manage costs. This is useful for organizations that have special pricing for on-premises resources.
• Infrastructure as Code (IaC): IaC is what an ARM template generates for infrastructure deployment consistency.
• Multicloud: One size doesn't fit all with cloud providers. A multicloud approach enables organizations to deploy their cloud assets, applications, and resources across different cloud providers. Multicloud models are used in order to maintain high levels of uptime for mission-critical applications.
• Multicloud strategy: Whether for government or corporate board compliance, multicloud strategies allow an organization to address a number of issues. These can range from avoiding price-lock from a cloud vendor to designing a resilient disaster recovery plan and adeptly managing government regulations of data storage. Whatever the need or want, these strategies enable organizations to use multiple cloud providers.
• PaaS (Platform as a Service): Encompasses the benefits of Infrastructure as a Service (IaaS) and can also include middleware, database management, container orchestrators, and business intelligence (BI) services. PaaS solutions often include pre-coded application components such as security features, directory services, and workflow features.
• Passwordless: Any method used to verify a user's identity without requiring the user to provide a password, such as the use of biometric gestures like fingerprints or device-specific PINs.
• Private cloud: Cloud computing resources that are utilized by a single organization and not publicly available. The organization hosting the private cloud is responsible for managing and maintaining the infrastructure the cloud resource model is running on.
• Resiliency: A network or system's ability to recover from failures while maintaining adequate levels of operability in the face of faults, threats, and challenges.
• Serverless: A cloud computing execution model in which compute resources are allocated on demand by their customers' cloud provider. Serverless application environments, serverless functions, and serverless Kubernetes are examples of serverless computing resources available in Azure.
• Service level agreement (SLA): Defines the level of service you expect from a vendor. In this case, the SLAs describe Microsoft's commitments for uptime and connectivity.
• Shared responsibility: When moving to the cloud, you have to learn a new shared responsibility for your infrastructure in code. It is good to understand and know where your responsibilities stop and the cloud provider's responsibilities begin.
• Site Recovery Mobility service: The Mobility service agent captures data writes on the machine and then forwards them to the Site Recovery process server.
• Azure Spot Virtual Machines (Spot VMs): Spot VMs is an Azure service that lets you buy unused Azure compute capacity (VMs) for your interruptible workloads at large discounts compared to pay-as-you-go prices. It is important to note that Azure can evict Spot VMs when the underlying capacity is needed.
• Tenant: A term usually used to represent an organization in Azure AD.
• Transparent data encryption (TDE): TDE is how data repositories are encrypted at rest by default in Azure.
• Windows Virtual Desktop: A system for desktop and app virtualization that runs on Azure.
• Zero trust principles: Comprises the security model that enables users to work more securely. This includes authentication and authorization, controls to limit access to resources, and breach prediction. Simply put, never trust, always verify.