Azure

Purpose

The purpose of this page is pretty broad. It serves as a structural element in the site layout (for the sub pages) while providing some limited background information and goals for the sub-pages.

History With Azure

Azure is an interesting beast. My first exposure to it was around October of 2019 when our company was acquired. Our hosting assets would need to migrate from a managed VMware vCloud environment to Azure and I was the sole individual on the project. Our existing hosting provider wouldn’t provision temporary resources that would allow for the installation of Azure’s Migrate appliance so I had to take a manual approach. Every asset would need to be recreated in Azure and then all data, services and customer connections moved over. In some ways the net-new “migration” was a great idea, in others, not so much.

  1. A couple of Server 2008 SP2 systems were reaching the end of extended support - this allowed for creating net-new 2016 systems.
  2. We needed to achieve PCI compliance - having time to setup and test net-new systems from a compliancy first standpoint was invaluable.
  3. At the time, our firewall appliance didn’t have a native Azure NVA but you could side-load the VM from Hyper-V -> disk -> provision VM
    • The budget didn’t allow fore Azure Firewall or other supported NVAs.
    • The appliance was also the VPN concentrator for ~700 endpoints.
  4. The firewall would be forced onto a new release to meet PCI requirements - which would break every VPN connection. ¯\(ツ)
  5. Covid hit right in the middle which introduced some interesting issues.

Long story short - the initial six month introduction to Azure was a make-it-or-break-it for my career with a “make-this-work” approach that left significant gaps in A) the understanding of what Azure can actually do and B) the best way to go about things. In the end it all came together though and I learned an incredible amount.

Goal

Azure will be the primary cloud environment for everything not hosted on-prem. Intune, Entra ID, AzureAD, MFA, O365, EXO, etc. are all provisioned and ready for setup in the tenant.

Regardless of some shortcomings I’m a really big fan of Azure as a lot of it clicks with how I think. Add in how incredibly fast they can iterate on some things and I’m comfortable placing my eggs in that basket.