Microsoft Partner Enablement – Cloud OS

Over the past few years we have seen a massive shift within business infrastructure with regards to I.T dictating the services, whereas now users are demanding more and more, from anywhere, on any device. This transition has caused many a headache, compatability, compliance, training, time, the list goes on. Microsoft have researched these trends have devised solutions around the 3 core infrastructure components –

Compute – Processing/Memory

Storage – SAN/NAS

Network – Switching/Routing

Surrounding these 3 key infrastructure areas, these components can be utilised in many different ways and because of this, providing services that allow self-service and on-demand generation is a key area for the design of the Cloud OS.

Cloud Computing – The ability to host, store and migrate services to and from the cloud.

New social and app patterns – Applications for business and social designed for all devices from anywhere.

Consumerisation of I.T – The demands of users for services from the I.T department (of which needs to ensure compliance with the Business)

Data Explosion – Ensuring data is properly stored for DR and backup, businesses are generating more and more and expanding beyond current onsite infrastructure requirements.

Microsoft’s Cloud OS takes all of these ingredients on board and provides solutions from the one platform;

Customers

Azure

Service Providers

The one platform approach is such a massive selling point from anyones point of view, simply having one login for all these services makes it an extremely valuable option. Having to ‘manage’ accounts isn’t the best job in IT and doesn’t innovate the I.T team (speaking from a managed services prospective) so the better Microsoft can make this all encompassing package, the better for most managed service providers. As an example, several accounts do not need to be maintained, you simply federate your domain with Microsoft and the cloud services will simply refer back to your onsite Active Directory infrastructure to complete the authentication.

The one platform approach goes down further into the hierarchy and as such covers the following;

Development – Developing from one platform for many differing devicesĀ is a huge incentive for any business.

Management – Ability to control aspects of devices and services provided to users (regardless of the device they access it from).

Data – Ensuring recoverable data stores and high availability to access at any point in time regardless of ‘outages’.

Identity – Having one login for all services enables a simple solution for users – “I need this…..” – “Then, please login here”

Virtualisation – Enabling a robust and highly available infrastructure to manage and maintain without downtime is key in today’s society.

ADFS Analogy

I’ve recently come across an analogy which perfectly sums up the use of ADFS and the requirement of certificates.

This kind of puts the whole process into context.

A woman, let’s call her Louise Smith, is offered the once-in-a-lifetime chance to buy a diamond for a great price. The seller, let’s call him Jonathan Jones, contacts Louise and, gives her his name, address, details of the gem registry entry for the diamond, and agrees on a price. She is a careful person by nature, so she makes enquiries. She confirms that the diamond is real, that it is worth the money, and that it really belongs to Jonathan Jones. Then she writes a cheque for the money and Jonathan Jones gives her the diamond.

A week later, the police call to collect the stolen diamond, because the seller wasn’t actually Jonathan Jones. It was all a question of identity. Adding amusement to injury, the police find that the actual buyer hasn’t lost anything either, because she wasn’t actually Louise Smith and was using a stolen chequebook.

The point being, is that all the permissions can exist to allow the participants to participate in a transaction, but if the identities are not verified, the security doesn’t have a firm base.

In this case we look at CA (Certificate Authorities) to issue certificates to organisations or individuals to ensure that ‘requests’ are who they say they are. This works much like a passport and the above analogy could have been prevented if each user had declared their passport to one another, however, this assumes a perfect world.

The CA’s basically ‘vouch’ for the subject for the usages agreed.

This is the basis for ADFS, creating trust and ensuring identity. A very complex subject that is difficult to visualise, so I’m hoping this short story helps!

%d bloggers like this: