Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2021
549
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 49.03 KB | None | 0 0
  1.  
  2. AZ-900
  3.  
  4. Introduction
  5. Azure, like Google and Amazon Cloud Platforms, is Microsoft's Cloud Platform. It is typically a platform that allows us to use Microsoft tools. It offers us virtual machines, fast data processing, analytical tools, and monitoring instruments to simplify our work. Azure pricing is also simpler and cheaper. It is commonly referred to as "Pay as You Go", meaning you only pay for the services when you are using them.
  6.  
  7. What is Cloud Computing?
  8. Cloud Computing is basically storing data and accessing the computers over the internet. It is the delivery of different computing services like servers, software, analytics, databases, and storage via the internet.
  9.  
  10. Benefits of Cloud Computing
  11. We all know that Cloud Computing has brought a major change in the traditional business thinking for IT resources. There are many benefits of using Cloud Computing. Some of which are:
  12.  
  13. Cost
  14. Scalability
  15. Increase Speed and Agility
  16. Reliability
  17. Security
  18. The Economy of Cloud Computing
  19. In the traditional environment of organizations, as there is a need for large investments on CapEx, Cloud is the best wayto switch to the pay-as-you-go model. Mostly in Azure, the pricing is based on an hourly basis like VMs, App Services, etc. There is also consumption based pricing which is on the basis of per execution of function, per second use of resource, or both. An example of consumption based pricing is Azure Function.
  20.  
  21. Technical Terms
  22. In order to understand Cloud Computing, you need to understand some technical terms.
  23.  
  24. High Availability (HA) - you get high availability for your servers by replacing instantly the failed server with the new one. HA depends on the number of VMs that you set up to eventually cover in case one goes down
  25. Fault Tolerance - Fault tolerance means that if there is any fault from the Azure side, then it is immediately mitigated by Azure itself with zero down time
  26. Disaster Recovery (DR) - In case of any catastrophic disaster like cyber-attack, there is a plan in DR to recover your business from these critical systems or in normal operation if such an event occurs
  27. Scalability - In cloud computing, scalability means addition or removal of the resources in an easy and quick way as per demand
  28. Elasticity - Elasticity is the capacity to dynamically extend or minimize network resources to respond to autonomous working load adjustments and optimize the use of resources
  29. Agility - Agility is the capability to adapt quickly and efficiently to changes in the business environment. Agility also refers to the ability to quickly develop, test and deploy business-led software applications
  30. Types of Cloud Computing
  31. IaaS (Infrastructure as a Service)
  32. PaaS (Platform as a Service)
  33. Serverless
  34. SaaS (Software as a Service)
  35. Cloud Computing Deployments Models
  36. There are three different types of Cloud Computing: Public, Private and Hybrid.
  37.  
  38. Public cloud is owned and operated by third parties that are providing computing services like storage, software etc.
  39. A private cloud is a model that uses the same legacy IT infrastructure running cloud resources within its own data center
  40. Hybrid Clouds integrate public and private clouds together with the technology to share data and applications. The hybrid cloud provides greater versatility and allows further deployment
  41. What is Azure?
  42. Microsoft Azure is known as Windows Azure and it is a Public Cloud. It is free to build, manage and deploy applications with your favorite tools and frames in a huge, global network. Azure is considered for offering both IaaS and PaaS. Azure offers over 100 services, from the execution of existing applications on virtual machines to exploration of new tech paradigms like smart bots and mixed reality.
  43.  
  44. In order to use Azure, you first need to setup an Azure account directly by going to “Azure.com” or with the help of a representative. You can sign-up to Azure as a Free account with free USD 200 credit and 25+ free services.
  45.  
  46. Azure Market Place
  47. The Azure market place offers technical solutions and services from Microsoft and partners to build and extend Azure products and services. It has all kinds of services and applications like VMs, templates, apps, and Azure managed services etc.
  48.  
  49. Global Footprint
  50. Azure has more global regions than any other cloud provider — which offers the scale required to bring users around the world closer to applications. There are 58 regions of Azure that are available around the world with 140 available in 140 countries.
  51.  
  52. Regions
  53. region
  54.  
  55. Regions are geographical areas where Azure is present to deploy the Azure resources. It is a set of data centers with latency-defined perimeter connected via a dedicated regional low-latency network. How to Choose a Region? When you are choosing a region, you need to think about three things mainly:
  56.  
  57. Location
  58. Features
  59. Price
  60. Geographies/Paired Regions
  61. Geography is a distinct market that usually conserves data residence and compliance boundaries with two or more regions within the same geographic area.
  62.  
  63. Availability Set
  64. An Availability Set is a logical grouping function that can be used to separate VM resources from each other.
  65.  
  66. Availability Zone
  67. Availability Zones (AZ) are locations within an Azure region that are physically separate. An availability zone is composed of one or more independently operating power, and network data centers. Each region has a minimum of three zones.
  68.  
  69. Azure Resource Manager (ARM)
  70. It is an underlying service where the Azure resource deployment and management is done. It provides a management layer, which lets you create, upgrade, and uninstall your Azure subscription tools.
  71.  
  72. ARM Benefits
  73. You have group resource handlings
  74. You get consistency
  75. You can define the dependencies between resources in the right order
  76. Access Control, which is built-in to assign access to the users
  77. Tagging
  78. For billing, you can use tagging to stay on top
  79. Azure Services
  80. There is a number of available services and features in Azure. The most commonly used categories are:
  81.  
  82. Compute
  83. Networking
  84. Storage
  85. Mobile
  86. Databases
  87. Web
  88. Internet of Things
  89. Big Data
  90. Artificial Intelligence
  91. Security and Identity
  92. Monitoring and Management
  93. Compute
  94. In Azure, there is a number of options that are available for application and service hosting. Azure Compute provides you an infrastructure where you can run your applications.
  95.  
  96. Networking
  97. The key function of Azure networking is the relation of compute resources and access to applications. There are various networking services in Azure that can be used individually or together. Azure networking provides you the most secure environment for your data as compared to any other Cloud Platform.
  98.  
  99. Storage
  100. Azure Storage is a cloud storage system from Microsoft that helps to store up-to-date files. Azure Storage offers an extremely scalable data object store, a cloud file system service, a reliable message store, and a NoSQL store. Azure Storage is secure, highly available and durable, scalable, managed and accessible.
  101.  
  102. Data and Analytics
  103. Data is available in all sizes and formats. When they speak about Big Data, it means they refer to large volumes of information. It often is so large that it is no longer appropriate for traditional methods of processing and analysis. To cope with these large data sets, Open Source cluster technologies have been developed. Microsoft Azure offers a wide range of Big Data and analytics tools and services.
  104.  
  105. Databases
  106. Azure Database is a fully managed service. It has business-grade efficiency with integrated high availability that ensures you can easily scale and hit global distribution without needing to pay attention to costly downtime.
  107.  
  108. Web and Mobile
  109. Great web experience in today's business is important. Azure provides premium support for the creation and management of web applications and HTTP-based web services. Azure builds engaging cross platforms for Android, iOS and Windows applications without any compromises that suit your business needs and reach to your customers everywhere.
  110.  
  111. Security and Identity
  112. We know that safety is one thing in the cloud and it is very important to have accurate and timely Azure Security information. Azure has a wide range of security tools and features that make it the best reason to use for your applications and services. You can protect Azure identity and access management solutions for your applications and data on the front door.
  113.  
  114. Monitoring and Management
  115. Azure management and governance tools help system managers and developers to secure and compliant the resources, both in-house and on the cloud. It monitors the infrastructure, software, system provision and set-up, app-updating, vulnerability detection, backup resources, disaster recovery, policy implementation, process automation, and even the management of costs— during the IT cycle.
  116.  
  117. How to Interact with Azure
  118. Azure Portal
  119. Azure CLI
  120. Azure PowerShell
  121. Azure CloudShell
  122. Compute
  123. Virtual Machines (VMs)
  124. Virtual machine is a server or computer created within a computer that actually behaves like a computer. It works on windows machine much like any other program, providing the same end user experience as they would be hosting the operating system itself. Each virtual machine has its own virtual hardware, including CPUs, memory, hard drives, network interfaces, and other devices.
  125.  
  126. Features
  127. Following are the features provided by Azure to deploy the virtual machines on their own:
  128.  
  129. Infrastructure as a Service
  130. Tools
  131. Compliance
  132. Recommendations
  133. Choice
  134. Pricing
  135. Azure charges for virtual machines on hourly basis and the resources you used. In simpler word, the more CPUs and RAMs on your VMs you use, the larger the amount you have to pay per hour
  136.  
  137. Use Cases
  138. Before you create a VM, you have all the necessary information regarding the VM that includes both its pros and cons.
  139.  
  140. Pros
  141. Control
  142. Application
  143. Existing Infrastructure
  144. Cons
  145. Not for Everything
  146. Maintenance
  147. Scale Sets
  148. Azure virtual machine scale sets allow you to create and manage a group of load balanced VMs that are identical. Scale sets make your applications highly accessible and allow you to centrally manage, configure and upgrade a large number of VMs.
  149.  
  150. Benefits
  151. The following key benefits are offered by the scale sets:Easy to create and manage multiple VMs
  152.  
  153. Allows your application to automatically scale as resource demand changes
  154. Works at large-scale
  155. App Services
  156. Azure App Service is a fully managed Platform as a Service (PaaS), which means servers, networks, storage and other fundamental infrastructures are all managed and controlled by Azure; you just have to focus on business values and logics. Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back-ends.
  157.  
  158. Features
  159. Some key features of App Service are outlined here:
  160.  
  161. Multiple Languages and Frameworks
  162. DevOps Optimization
  163. Global Scale with High Availability
  164. Connections to SaaS Platforms and On-premises Data
  165. Security and Compliance
  166. Application Templates
  167. Visual Studio Integration
  168. API and Mobile Features
  169. Serverless Code
  170. App Services Categories
  171. Azure App services divided into three main categories:
  172.  
  173. Web Apps
  174. Web Apps for Containers
  175. API Apps
  176. Azure Container Instances (ACI)
  177. Containers become the preferred way for cloud applications to be packaged, deployed and managed. Azure Container Instances is the simplest and fastest way to run a container in Azure without having to manage any virtual machines and without having to follow a higher-level service.
  178.  
  179. ACI Features
  180. Manage Application Dependencies
  181. Less Overhead
  182. Increased Portability
  183. Efficiency
  184. Consistency
  185. Container in Azure Workflow
  186. The workflow to using a Container in Azure is following:
  187.  
  188. Software Development Cycle
  189. Application Placed in Container
  190. Azure Container Instances
  191. Benefits of ACI
  192. Azure Container Instances (ACI) have following benefits:
  193.  
  194. Run containers without managing servers
  195. Increase agility with containers on demand
  196. Secure applications with hypervisor isolation
  197. Works with your favorite tools
  198. Azure Kubernetes Service
  199. Kubernetes is an open-source container orchestration system for automating application deployment, management, and scaling. Azure Kubernetes Service (AKS) enables the simplest deployment of a managed Kubernetes cluster in Azure. AKS eliminates the complexity and operating overheads of Kubernetes management by offloading many responsibilities to Azure. The masters of the Kubernetes are managed by Azure. Only the agent nodes are managed and maintained by you. As a managed Kubernetes service, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
  200.  
  201. Azure Container Registry (ACR)
  202. ACR is a service that keeps track of current valid container images. It manages files and artifacts for containers. When your Azure container instances and Kubernetes service need to create a new container, the images come from ACR.
  203.  
  204. AKS Cluster Architecture
  205. Azure Kubernetes Service cluster architecture is based on the following main components:
  206.  
  207. Node
  208. Node Pools
  209. Pods
  210. Azure Functions
  211. Azure Function is smallest compute on Azure. It is a single function and an easy way to run small pieces of code or "functions" in the cloud. Functions can make development even more productive, and you can use your development language of choice, such as C#, Java, JavaScript, PowerShell, and Python. Azure Functions is the serverless computing service that is hosted on the public cloud of Microsoft Azure.
  212.  
  213. Features
  214. Here are some key features of Functions:
  215.  
  216. Choice of your language
  217. Pricing Model for Pay-per-use
  218. Integrated Security
  219. Simplified Integration
  220. Open-source
  221. Networking
  222. Azure networking is considered as the key component in building a successful public cloud into Microsoft Azure and its fundamental part. The networking service of Microsoft Azure not only provides the connectivity toward users, it also serves as connectivity between the service elements.
  223.  
  224. Virtual Network (VNet)
  225. A Virtual Network (or VNet) is used as a networking service to host the infrastructure resources within Microsoft Azure. It is the most essential part of the Azure network. It is a logical isolation of the Azure cloud dedicated to your subscription. You can use VNets to provision and manage virtual private networks (VPNs) in Azure.
  226.  
  227. IP Address
  228. Each traffic has its own IP address, which ensures that traffic delivers to the right destination (server). An IP address serves two main functions: network interface and address.
  229.  
  230. Address Space
  231. An address space is the range of IP addresses.
  232.  
  233. Subnets
  234. A subnet is a feature that enables segmentation.
  235.  
  236. Subnet Regions
  237. Each virtual network within Azure belongs to a single region
  238.  
  239. Subscription
  240. Each virtual network has only one subscription and every subscription has multiple virtual networks.
  241.  
  242. Cloud Advantages
  243. Scaling
  244. Isolation
  245. Security
  246. High Availability
  247. Load Balancer
  248. A load balancer is used in front of two VMs to access the data before reaching the destination. Therefore, multiple users can access the service at the same time more efficiently. Load balancer, in general, is used to distribute the traffic arrived on the front end to the backend pool as per rules and health status. The two types of load balancers are public and internal. Public load balancer converts the private IP address of VM to public IP address for outbound access and internet-facing. Whereas, internal load balancer is capable of managing the traffic inside the VNet.
  249.  
  250. Benefits of Load Balancer
  251. Internet Traffic
  252. Internal Network
  253. Port Forwarding
  254. Outbound Traffic
  255. VPN Gateway
  256. VPN
  257.  
  258. VPN Stands for Virtual Private Network, a VPN gateway is useful for establishing the private connection between Azure resource and an onpremises environment, offices, the cloud or other premises within the cloud in order to establish a private secure connection. In Microsoft Azure, VPN gateway provides the managed services within the cloud.
  259.  
  260. Virtual Network Gateway
  261. VPN gateway is a specific type of virtual network gateway. A virtual network gateway is composed of a number of Virtual Machines (VMs) within the specific subnet called Gateway Subnet.
  262.  
  263. Components of VPN Gateway
  264. The main components of the VPN gateway consist of Azure VNet, VPN gateway, VPN tunnel, and on-premises services. Within Azure VNet, there is a VPN gateway present.
  265.  
  266. Application Gateway
  267. One type of VPN gateway is the application gateway. It is considered as the most advanced load balancer that enables the balancing of web traffic to manage the web applications using an HTTP request. Because of its services, the gateway is called layer 7 load balancer within Microsoft Azure.
  268.  
  269. Benefits of Application Gateway
  270. Scaling
  271. High Availability
  272. Encryption
  273. Zone Redundancy
  274. SSL Offload
  275. Multi-Site hosting
  276. Cost effective
  277. Session affinity
  278. Web Socket Support
  279. Web Application Firewall
  280. Content Delivery Network
  281. It is a distributed network of servers that can deliver web content close to users. Within Azure, CDN places the duplicates of data at the datacenter present closer to the user side and users can easily log into the application, which they want. The main reason behind the use of Content Delivery Network (CDN) is to deliver data to the user with the lowest latency by providing data that is present at edge nodes.
  282.  
  283. Benefits of CDN
  284. Global Coverage
  285. Better Performance
  286. Scaling
  287. Distribution
  288. Storage
  289. Storage Account
  290. A Storage Account is like an access point for Azure Storage. All of your Azure Storage Data Objects like blobs, files, queues, tables, and disks are on an Azure storage account. The storage account provides a unique namespace for your Azure Storage data, which is available via HTTP or HTTPS from anywhere in the world.
  291.  
  292. It is written in the format: https://Storage-Account-Name.Storagetype.core.windows.net
  293.  
  294. Two types of storage accounts are available. Users have access to Blob Storage, Table Storage, Queue Storage, and File Storage through the "Standard" storage account. The alternative is a "Premium" account, which is a new option that allows users to save data on SSD drives to boost I/O capacity.
  295.  
  296. There are 5 different types of storage account available that depends on different features and pricing. These are:
  297.  
  298. General-purpose v2 accounts
  299. General-purpose v1 accounts
  300. BlockBlobStorage accounts
  301. FileStorage accounts
  302. BlobStorage accounts
  303. Azure Storage
  304. Azure Storage is a Microsoft Cloud storage for storing data. It is a highly scalable object store and a message store for messaging. It also offers file system service. It is a NoSQL store that provides a number of benefits like:
  305.  
  306. Durability
  307. High Availability
  308. Security
  309. Accessibility
  310. Scalability
  311. Blob Storage
  312. Blob means Binary Large Object, which is used for storage of Binary or text data. It is used for storage of huge amounts of data. In Azure, three types of Blobs are supported:
  313.  
  314. Block blobs store text and binary data up to 4.7TB
  315. Append blobs are used for log data and can be up to 195GB in size
  316. Page blobs are used for frequent read and write operations on data.
  317. It sizes up to 8TB
  318. During the time of creation, you need to select the type of a storage account, which is based on different pricing options. These are:
  319.  
  320. Hot Tier
  321. Cold Tier
  322. Archive Tier
  323. Disk Storage
  324. It is a disk to which you can store your data. A managed disk is the disk that is attached to your VM. Here, managed means that Azure will look after this disk for you and managed the uptime and backup. There are four different types of disk:
  325.  
  326. HDD
  327. Standard SSD
  328. Premium SSD
  329. Ultra Disk
  330. File Storage
  331. With File Storage, you get the following benefits:
  332.  
  333. Share files across multiple Azure machines and be able to connect with the on-premises infrastructure;
  334. It is fully managed and you do not need to worry about OS or hardware;
  335. Highly available with super resistance against outages
  336. Built-in redundancy
  337. Archive
  338. Azure Archive Storage is used generally for archiving data and paying less for it. Most of the company’s policies, legislations and recovery scenarios storing a large amount of archive data is required, so Azure Archive service can prove to be really handy for them. It is one of the lowest priced storage in Azure, which means you can store terabytes of data in just few dollars per month.
  339.  
  340. Databases
  341. There are multiple Azure Database Services provided by Azure, which are:
  342.  
  343. Cosmos DB
  344. Azure SQL
  345. Azure Database for MySQL
  346. Azure Database for PostgreSQL
  347. Cosmos DB
  348. Cosmos DB is a global service provided from the beginning. With Cosmos DB, you can put the data closest to the user. This is one of the key features with great user experience as well. To put the databases at multiple locations can be such a difficult thing with synchronization but with Cosmos DB, Azure takes care of this synchronization for you. All the data stored in Cosmos DB are encrypted at rest or in motion.
  349.  
  350. Latency
  351. Latency is the time taken by the data to travel.
  352.  
  353. Scalability
  354. With Cosmos DB, you can scale your database automatically to infinity when the requirement goes up in order to meet the resources.
  355.  
  356. Connectivity
  357. With Cosmos DB, you can work in various ways like you can choose from multiple built-in ways in order to connect to Cosmos DB such as SDKs or APIs. You can also use different languages such as C#, Java or Node.js.
  358.  
  359. Azure SQL
  360. It is a managed Database as a Service, as another service in Azure takes care of hardware and IaaS levels. A cloud-based Database Management System (DBMS) is provided in the Microsoft Azure SQL Database. With Azure SQL, you can easily migrate your on-premises SQL database to Azure SQL and get benefits of that. With Azure SQL, you can store 100TB of data within a minute.
  361.  
  362. Integrated with ML
  363. With Azure SQL, you can also take advantage of integrated Machine Learning tools.
  364.  
  365. Scalability
  366. As it is a cloud based service, it also offers excellent scalability through which you get high availability. And, it gives 99.995% availability.
  367.  
  368. Security
  369. With Azure Cloud Platform, security is a built-in feature that gives you benefit in terms of security of your data.
  370.  
  371. Azure Database for MySQL
  372. Azure Database for MySQL is the database built-in by the community while Azure SQL is Microsoft’s product. Azure MySQL platform provides a fully managed, business-ready MySQL cloud database. Azure Server for MySQL was designed to provide high availability with 99.99% SLA and does not require additional setup, replica features or costs to guarantee that your apps run as necessary. It has automated batching and backup with monitoring. All of these are included without any cost. Azure database for MySQL is PaaS, which is managed by Microsoft.
  373.  
  374. Azure Database for PostgreSQL
  375. It is an open source relational database similar to MySQL. It is a defaultdatabase from MacOS. It is good for mission-critical workloads with predictable performance, security, high availability, and dynamic scalability.
  376.  
  377. Features
  378. You can integrate this database with lots of extensions like JSONB (Binary version of JSON), and integration with code like Ruby, Python, etc.
  379. Horizontal scaling
  380. It has a feature that detects the disruptive events that effect performance on which you can perform actions
  381. Similar to Azure Database for MySQL, it also offers fully managed database services like automatic patching, automatic backups, and built-in monitoring
  382. Database Migration Service
  383. In Azure, you have a dedicated tool for migrating databases from onpremises to Azure. With a single tool, you can move your existing SQL server; there is no need to use multiple tools. The Azure Server Migration Service is a fully managed program that permits smooth migration to Azure Data systems with minimal downtime from various server providers. The service is currently available in general, with ongoing efforts for growth focused on:
  384.  
  385. Reliability and performance
  386. Addition on source/target pairs
  387. For friction, free migration used for continuous investment
  388. Authentication & Authorization
  389. Authentication and Authorization in Azure includes:
  390.  
  391. Identity Services: Identity services identify the platform for the user and ensures user validations for the application;
  392. Azure Active Directory: This directory service is able to provide access and control of access to users with different directory services;
  393. Multi-Factor Authentication: Provides security features by getting multiple information about the user for authentication.
  394. Identity Services
  395. When any user uses an online service that has any privacy criteria, then the user requires at least a username (that is the User ID) and password. Identity services include authentication, authorization and access management policies.
  396.  
  397. Authentication
  398. Authentication is a way of identifying the user with the help of a user ID and password from the database.
  399.  
  400. Authorization
  401. Authorization is the process that is conducted after authentication. It finds which kind of data access is available for the authenticated user.
  402.  
  403. Access Management
  404. Access management is a critical part of any cloud infrastructure as it ensures the restriction of access to service toward other users. It provides confidentiality, integrity, and availability. Access management policies should also be responsible for the following: Authentication and Authorization Faraway from Unauthorized Users
  405.  
  406. Azure Active Directory
  407. Azure Active Directory (AAD) is the main tool to manage and monitor the dedicated users’ information present in Microsoft Azure.
  408.  
  409. Active Directory
  410. Active Directory (AD) is a directory service formed by Microsoft for the storage of information about the user, resources and other things present in the network. AD is commonly used in offices, educational institutes, and management departments.
  411.  
  412. Azure Active Directory
  413. Azure Active Directory (AAD) is different from the Active Directory (AD). AD provides its directory service to those companies who designed this service. Whereas, Azure Active Directory services are available for everything present on Azure. It is the first service given when a user creates an account in Azure.
  414.  
  415. AAD Services
  416. Mandatory Service: Users on Microsoft Azure are unable to create an account without AAD services
  417. First User: Every Azure account has the first user and owner. To become an Azure user, AAD service is needed
  418. Tenant
  419. A tenant is the representation of an organization in Azure. A tenant is a dedicated instance of AAD service. It is the first ADD service when a user creates an account in Azure.
  420.  
  421. Subscription
  422. All Azure services require subscription in order to get access to using Azure resources and services.
  423.  
  424. Hybrid Cloud Architecture
  425. Within a hybrid cloud architecture, there are some services present onpremises and some services hosted on the cloud. When a user wants to set the hybrid cloud infrastructure, AAD instance can be used in hybrid cloud architecture.
  426.  
  427. There are several services that AAD uses on Azure for management purposes.
  428.  
  429. Multi-Factor Authentication
  430. Multi-Factor Authentication (MFA) provides a layer-based authentication using more than one form of authentication. MFA is recommended as a default. It is a part of AAD that enables other ways to authenticate users.
  431.  
  432. How MFA Works
  433. Multi-Factor Authentication (MFA) conducts the authentication of the user in multiple steps. The first step is to verify the user with a user ID and password. The second step is to send a code on the user’s phone for further verification. The third step is the biometric verification. This step is optional.
  434.  
  435. Azure Solutions
  436. Internet of Things
  437. The Internet of Things (IoT) is a collection of interconnected computing devices, mechanical and digital machines, objects, or individuals. Azure Internet of Things (IoT) is a collection of cloud services managed by Microsoft, which connects, monitors, and controls billions of IoT assets.
  438.  
  439. There are many IoT related services that the Azure offers to help you out. Two of the main IoT services are described here.
  440.  
  441. IoT Hub
  442. IoT Hub is a cloud-hosted, managed service that serves as a central hub, which collects the data feeds from all devices. It is for bi-directional communication between your IoT application and the devices it manages. Features:
  443.  
  444. Scaling
  445. Securing
  446. PaaS
  447. Integrating
  448. Ease of Deployment
  449. IoT Central
  450. Azure IoT Central is a fully managed, highly scalable IoT SaaS solution that reduces the complexity and costs of developing, managing and maintaining IoT solutions of an enterprise-grade nature. Its user-friendly interface allows easy monitoring of device requirements, developing guidelines, and managing millions of devices and their data over their life cycle.
  451.  
  452. Big Data
  453. Big Data is a term used to describe the collection of millions of data that is large in size and keeps growing exponentially over time. Big data in terms of business value is used for better service, better products and more profits. In Azure, there are many services and tools that deals with Big Data, some of them are defined below:
  454.  
  455. Azure Data Lake Analytics:Azure Data Lake Analytics is an on-demand job analytics service that simplifies big data. In Data Lake analytics, there is parallel processing which means that same data is processed by two or more processors at the same time.
  456. HDInsight: Azure HDInsight is Microsoft's cloud-based big data analytics service, which helps organizations process large amounts of streaming or historical data. Azure HDInsight allows storing massive amounts of data easily, efficiently and cost-effectively.
  457. Azure Databricks: Azure Databricks is an analytics platform based on Apache Spark, which is an open source cluster computing framework to enhance the Microsoft Azure platform. Databricks run and process a dataset on many computers simultaneously. When using Databricks, you do not need a lot of computers nor its maintenance.
  458. Big Data Outcomes
  459. Collectively, the services of big data can bring the following outcomes for you. These are:
  460.  
  461. Speed
  462. Cost Reduction
  463. Better Decision Making
  464. New Products and Services
  465. Artificial Intelligence
  466. Artificial Intelligence (AI) is the capability of a machine to imitate intelligent human behavior. In the Microsoft, AI is often called Machine Learning or AI is the sub-category of Machine learning, although AI and Machine learning are often placed in the same bucket.
  467.  
  468. Microsoft focuses on three main parts to how machine learning can be used on the cloud platform.
  469.  
  470. Models
  471. Knowledge Mining
  472. Built-in Apps
  473. Azure Cognitive Services
  474. Cognitive services bring AI within every developer's reach — without requiring expertise in machine learning. All it takes is an API call to embed the feature to see, hear, speak, search, understand, and accelerate decision making into your apps.
  475.  
  476. Azure Machine Learning Studio
  477. The Azure Machine Learning Studio is the top-level tool for the machine learning service. It is visual tool through which you can manage all of your needs for ML. It provides a centralized location for data scientists and developers to work with all the artifacts for developing, training, and deploying machine learning models.
  478.  
  479. Machine Learning Services
  480. End-to End Service
  481. Tooling
  482. Automation
  483. Serverless
  484. Serverless is such an important part of modern cloud computing. Serverless model allows developers to build applications faster by eliminating the need for them to manage the infrastructure. It is an extreme PaaS. The cloud service provider automatically offers, scales, and manages the infrastructure required for running the code with serverless applications. Benefits of Serverless Model:
  485.  
  486. No Infrastructure Management
  487. Dynamic Scalability
  488. Faster Time to Market
  489. More Efficient Use of Resources
  490. Azure Functions
  491. Azure Functions is the compute component of serverless services offered by Azure. It is called function as it has a single task to perform every time. Meaning that you can use Functions to write code without having to worry about deploying that code or creating VMs to run your code.
  492.  
  493. Azure Logic Apps
  494. Azure Logic Apps is a cloud service that connects the systems both inside and outside the Azure Platform; you can integrate apps, data, and services or even an entire system across organizations. With this, you can automate, and orchestrate business processes, tasks, activities, and workflows.
  495.  
  496. Azure Event Grid
  497. An event, in a computing concept, it is an action or occurrence that can be identified by a program and has significance for system application. Azure Event Grid lets you easily build applications with event-based architectures. Event Grid has built-in support for events such as storage blobs and resource groups, coming from Azure services.
  498.  
  499. Event Grid connects data sources and event handlers. You can use Event Grid to trigger a serverless function that analyzes images when added to a blob storage container.
  500.  
  501. DevOps
  502. DevOps is a combination of the terms development and operations, meant to reflect a collective or cooperative approach to the activities performed by the application development departments of an organization and IT operations.
  503.  
  504. Azure DevOps
  505. Azure DevOps offers developer tools to support teams in preparing projects, working on application creation, and designing and deploying new products. Depending on your business needs, you may use one or more of the following services:
  506.  
  507. Azure Boards
  508. Azure Pipelines
  509. Azure Repos
  510. Azure Test Plans
  511. Azure Artifacts
  512. Azure DevTest Labs
  513. Azure DevTest Labs helps team developers handle Virtual Machines (VMs) and PaaS tools effectively, without waiting for approvals. It focuses in the environment management. With this, developers and engineers are allowed to create an environment for test and development.
  514.  
  515. Security
  516. Security is a set of policies or rules, which allow the traffic to be directed to the network in the right way. Security of the network is very important, especially when there is a communication of infrastructure with the internet.
  517.  
  518. Securing Network Connectivity
  519. The networks on Azure give access to everything for users. All the resources and services of Microsoft Azure are connected to a network to provide communication between users, processes and other services.
  520.  
  521. In order to achieve optimum network performance, secure network connectivity is very important.
  522.  
  523. Azure Firewall
  524. An Azure firewall is a crucial service that protects and safes the network from unwanted traffic load.
  525.  
  526. Rules
  527. Variation
  528. Compulsory Bit
  529. Distributed Denial of Service Attacks (DDoS)
  530. Distributed Denial of Service (DDoS) is the most common attack on services attached to the internet. It occurs when a huge number of request from multiple sources come constantly in order to interrupt the server normal working.
  531.  
  532. DDoS Protection Service
  533. Target a Website: A lot of servers target the same website or computer in order to stop its working. For example, GitHub was a target with 127 Mb requests every second
  534. Azure Protection Service: Microsoft Azure has protection service against DDoS attacks. This service has a different level of protection services depending upon the user needs of the application. Azure protection service detects DDoS attacks and work against it
  535. No Halt: Azure Protection service would not interrupt the routine process of other services on the website due to Azure global presents
  536. Network Security Groups
  537. The security group provides a secure management environment for the network. Network Security Group (NSG) is required in the configuration of a Virtual Network (VNet) where different Virtual Machines (VMs) within the subnet are connected with each other.
  538.  
  539. Application Security Group
  540. Application Security Group (ASG) protects the application running on that particular VM or subnet in the network. ASG provides the security of application and NSG provides the security of traffic flow.
  541.  
  542. Azure Security Center
  543. Azure Security Center allows users to monitor the security features for Azure resources and on-premises as well. Azure Security has itself a portal within the Azure portal known as Azure Security Center. Azure Security Center indicates a threat alert that Azure detects and finds a way to protect its users from. Azure Security center works in a hybrid cloud infrastructure as well.
  544.  
  545. Sections in Azure Security Center
  546. Each section in the Azure Security Center portal shows an individual performance behavior of security features in graphical representation.
  547.  
  548. Policy, Compliance, and Subscription Coverage
  549. Integrate with Other Cloud Providers
  550. Alerts for Resources Security
  551. Networking
  552. How to use the Security Center?
  553. To take advantage of Azure Security Center for the security of cloud infrastructure, Azure users need to follow these three-step process:
  554.  
  555. Define Policies
  556. Resource Protection
  557. Response
  558. Key Vault
  559. To hide the key password and other information, Microsoft gives you a service known as Azure Key Vault. It is the best option for key storage. With Azure Key Vault, you can share your secrets with others without revealing the actual secrets. Azure Key Vault is present in the storage account of VMs. Azure Key Vault has a number of key features, some of which are:
  560.  
  561. Secure Hardware
  562. Application Isolation
  563. Global Scaling
  564. Azure Information Protection
  565. Azure Information Protection (AIP) provides a way of protected sharing of resources. Azure Information Protection enables the sharing of files, documents and sensitive information inside and outside Azure while maintaining full control over that data. Microsoft 365 takes full advantage of Azure Information Protection service.
  566.  
  567. Advanced Threat Protection (ATP)
  568. Advanced Threat Protection (ATP) is the advance and secure option for providing the security of the links as compared to the standard one. It gives an extra layer of security and management of the users in order to make a more secure and protected system. Azure Advanced Threat Protection (ATP) has a number of features that provide the safety of links and analyze the security threats.
  569.  
  570. Monitor Users
  571. Supervised User’s Behavior
  572. Propose Changes
  573. Cyber-Attack Kill-Chain
  574. The cyber-attack kill-chain is a chain of phases that define how an attack is prepared and execute. This deployed model allows detecting and reacting upon the attack. The model reveals seven stages according to which reaction and detection on cyber-attack are available.
  575.  
  576. Privacy, Compliance, and Trust
  577. We all know that most of the companies use the Azure platform for its agility to make it easier for the developers to create, manage, update and delete the resources as per requirement. However, sometimes unwanted access to the resource may cause unintended cost consequences. In order to overcome this, Azure provides a solution of resource access governance, which is the process of managing, monitoring and auditing the resource usage in order to meet the goals and requirements.
  578.  
  579. Azure Policy
  580. Azure Policy is used to create policies in Azure. With Azure Policy, you can manage and assign policies to the resources with multiple rules, so that specific resources are complaint with your business standard and SLAs. Azure Policy is a default allow and explicit deny system.
  581.  
  582. Role-Based Access Control (RBAC)
  583. Role-based Access Control is one of the critical components in the governance of uses and access to Azure resources. With RBAC, you can outline fine grained access management to the resources. You can also define specific user access to an individual resource like what they can do with that specific resource and in what specific area of resource they have access.
  584.  
  585. RBAC works by assigning roles to users and this role assignment is based on three elements, which are:
  586.  
  587. Security Principal
  588. Role Definition
  589. Scope
  590. Role Assignment
  591. Role Assignment is the process of combining all these together to grant proper action to Azure resources. Access is granted by the creation of a role assignment and deleted by the deletion of that role assignment.
  592.  
  593. Locks
  594. It is a simple tool to manage the changes and remove resources. It is used for the resource which you do not want to change or delete.
  595.  
  596. Azure Blueprint
  597. It is a template for creating Azure resources. Everything you need to deploy in the standard cloud environment of Azure is defined in the blueprint.
  598.  
  599. Azure Advisor for Security Assistance
  600. Azure Advisor is a separate portal within Azure that has Security Assistance as a part of the Azure Security Center.
  601.  
  602. Azure Monitor
  603. In order to improve your Azure experience, Azure Monitor uses the telemetry data. Azure Monitor maximizes flexibility and application efficiency by offering a comprehensive solution to capture, monitor, and use the cloud and on-site telemetry. It helps you understand how your applications operate and detect problems and the resources on which they depend proactively.
  604.  
  605. Outcomes
  606. The outcome of using Azure Monitor:
  607.  
  608. Maximize Performance
  609. Maximize Availability
  610. Identify Issue
  611. Azure Service Health
  612. Whenever there is a plan of maintenance or service incident, you get notified about it with the use of Azure Service Health. With Azure Service Health, you get notified about the planned or unplanned maintenance of the platform. It has the following features:
  613.  
  614. Dashboard
  615. Custom Alerts
  616. Real-time Tracking
  617. Free Service
  618. Compliance
  619. The general principle that cloud services deliver must adhere to the requirements faced by cloud customers is strongly compliant. This is a very important issue with new cloud computing services, and many IT professionals are looking at it very thoroughly. There are different standards and regulations that cloud customers need to comply. Compliance is not negotiable.
  620.  
  621. Industry Compliance
  622. This refers to the legislation and rules the industry, in general, has to complywith. The most common three legislations and rules are:
  623.  
  624. General Data Protection Regulation (GDPR)
  625. ISO Standards
  626. NIST
  627. Azure Compliance Manager
  628. For compliance in Azure, Azure Compliance Manager is available, because Azure knows about compliance and about your resources, so it combines the tools and gives you a recommendation as per that.
  629.  
  630. Azure Government Cloud
  631. Azure Government Cloud, if you are US government body or are contracted for one, then you can get access to Azure resources in Azure Government Cloud regions. They are separate dedicated datacenters.
  632.  
  633. China Region
  634. It is the second specific region when it comes to compliance. As a country, China has very specific and strict requirements when there is data, internet, or online entities, so when you need to provide cloud services here, you have to use the China region in Azure. This means that Azure has physically separated datacenters located in China without any connection to the other regions of Azure.
  635.  
  636. Privacy
  637. Privacy is an extension of compliances. In Azure, privacy is the core power of the platform so there is no single service or place for it.
  638.  
  639. Trust
  640. In Azure, there are two services in terms of Trust. One is Trust Center and theother is Service Trust Portal. Trust Center is a shortcut of knowing all the things that Microsoft does to make sure that you do not lose trust in Azure and other services.
  641.  
  642. Service Trust Portal is a location to review all the independent reports about Azure. It is a portal of proof that they are compliant with many millions of different standards and certifications.
  643.  
  644. Pricing
  645. Azure pricing depends upon the following criteria:
  646.  
  647. Pay for the resources you access
  648. Pay for the number of hours you use
  649. Pay depending upon the size of the resource
  650. Service payment is tiered
  651. Pricing as per the location of service
  652. Subscriptions
  653. The pricing structure of Microsoft Azure works on a subscription price that is tied to what you are using within the Azure infrastructure. All resources in Azure resides within the subscription, you cannot access any resources until you are subscribed. Once you sign up for Azure, you immediately get an Azure subscription, and all the services you create are created within that subscription.
  654.  
  655. Subscription in Azure can be defined as:
  656.  
  657. Multiple Subscriptions
  658. Billing Admin
  659. Billing Cycle
  660. Offer Types
  661. At any given time, Azure has a lot of active offer types. You can get the offer depending upon your subscription type.
  662.  
  663. Management Groups
  664. Management Groups is a very useful feature on Azure when it comes to subscription. Management groups may indicate the following:
  665.  
  666. Group Subscriptions
  667. Organize
  668. Billing Logic
  669. Cost Management
  670. We know that when resources and services are running, its cost management can be quite an expensive task. When you use resources or services in Azure, you need to buy them because without that, you cannot use it. You need a service that automates the cost management because tracking of every single cost is such a difficult thing to do. The management of cost in Azure can be done in many different ways; some of these are given below:
  671.  
  672. Azure Free Account
  673. If you have never had a free Azure trial and have never been a paying Azure user, then you are eligible for a free Azure account.
  674.  
  675. Azure Cost Management
  676. Azure Cost Management is a handy tool in Azure that allows the study of your costs on a granular level. Cost management allows you to create a budget for your Azure expenses, set up configurable notifications as so you will know if you are hitting a budgeted limit and evaluate your costs in detail.
  677.  
  678. Pricing Factors
  679. Pricing in cloud computing is very tricky to predict and calculate. Any Azure account has a lot of resources such as networks, connections, virtual machines, firewalls, storage accounts, functions, etc.
  680.  
  681. The primary factors influencing costs are the size of resources, type of resource, the Azure regions you are using, and the bandwidth.
  682.  
  683. Pricing Calculator
  684. The Azure pricing calculator helps you get an estimate of costs depending on the products that you plan to use, as well as where those products will be deployed, and so on.
  685.  
  686. Total Cost of Ownership (TCO) Calculator
  687. The pricing calculator is helpful for estimating your expenses for new applications in Azure, but if you have on-premises applications that you want to migrate to Azure and you want an estimate of how much you can save, the TCO calculator is a better choice.
  688.  
  689. Best Practices for Minimizing Azure Costs
  690. In order to implement cost control effectively and reduce costs, you need to:
  691.  
  692. Be equipped with the right tools for performance
  693. Be responsible for costs
  694. Take appropriate action to reduce expenses
  695. Spending Limits
  696. Azure spending limits are the recommended in order to prevent you fromspending over your credit and manage your Azure subscription's total spending. Default Limit: Some Azure accounts with monthly credits, will have default spending limits. This could be 0$ for a free account and 150$ for Microsoft subscription account. No Increase: When the credits are gone, either remove the spending limit entirely or leave it in effect. No Spending Limit: Pay-as-you-go subscription has no spending limit functionality.
  697.  
  698. Quotas
  699. A quota is the limit on certain properties of an Azure service.
  700.  
  701. Tags
  702. Tags are non-functional labels attached to resources or resource groups in order to manage the cost of resources. You can attach as many to each resource as you want.
  703.  
  704. Some common best practices for using tags are:
  705.  
  706. Identify Roles
  707. Related Resources
  708. Filter
  709. Unambiguous
  710. Reserved Instances
  711. With Reserved Instance, you are allowed to prepay for the virtual machine or SQL Database computing capacity for one or three years.
  712.  
  713. Azure Advisor
  714. Azure Advisor is a tool that detects the low-usage virtual machines from a CPU or network cost standpoint. From there, you can choose to either shut down or resize the system to continue running the machines, based on estimated costs.
  715.  
  716. Support
  717. Plans
  718. Microsoft offers numerous support plans for Azure customers in order to find right level of support for your organization. There are five different support plans available in Azure: Basic, Developer, Standard, Professional Direct, and Premier. Choosing the right plan is a balance between how much access you need for help and support and how much you are willing to spend. The things, which are included in all support plans are:
  719.  
  720. 24/7 Access
  721. Online Self-Help
  722. Forums
  723. Azure Advisor
  724. Service Health
  725. Tickets
  726. To contact a support there is medium called “Tickets”. Tickets are what the enquiry issue makes support. A ticket is usually a number that uniquely identify your enquiry.
  727.  
  728. Channels
  729. Azure supports various channels that are free to everyone through which you get more help from Azure. The support channels are:
  730.  
  731. Azure Documentation
  732. Forums
  733. Social Media
  734. Knowledge Center
  735. Knowledge center is the place of a common Azure knowledge. In knowledge center, you can find basic questions that are common for all those who are new to Azure, these questions are called Common questions.
  736.  
  737. Service Level Agreement (SLA)
  738. When you are using Azure Services, you need some form of guarantee that the service will be running stably. This is called Service Level Agreement, which helps to ensure the services you are subscribed for is available to you as mentioned in the agreement.
  739.  
  740. Some properties of SLAs are:
  741.  
  742. Confidence
  743. Contract
  744. Multiple SLAs
  745. Complex
  746. Mandatory
  747. Service Life Cycle
  748. Every product and the service in Azure has its lifecycle known as Service Lifecycle. Azure is an always-changing environment, and new services are always being introduced.
  749.  
  750. It is important to understand the service lifecycle in Azure, how you can keep up with changes, and how a service’s lifecycle might impact your support and your SLA.
  751.  
  752. Gathering Customers Data
  753. When the services are developed by the Microsoft for the Azure platform, it is necessary to ask questions to customers regarding the new features before adding. This act can save large investments if the services fail.
  754.  
  755. There are two main stages in Service Life Cycle:
  756.  
  757. Preview
  758. Private Preview
  759. Public Preview
  760. General Availability
  761.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement