Azure Discovery Day

Alvin Lau
Account Technology Strategist
What is Azure?
Why use the Cloud?
Cloud Computing Stack
What is Azure?

The only
Productive for The cloud for The cloud you
consistent
developers intelligent apps can trust
hybrid cloud
 Security & Platform Services Hybrid
Management Operations

Cloud Service API API

Portal Services Fabric Web Apps Azure SDK Azure AD
Apps Management Visual Studio
Connect Health

Azure Active Mobile Logic Notification Azure AD Privileged

Directory Batch Remote App Team Project Application Identity
Apps Apps Hubs Insights Management

What is Azure?
Multi-Factor
Authentication Backup

Automation Storage Biztalk Operations

Queues Services Management Suite
HDInsight Machine SQL SQL Data
Learning Database Warehouse

Key Vault Hybrid Service Import/Export

Connections Bus
Data Event Redis
Cache Search
Factory Hubs
Store /
Marketplace Site
Recovery

Stream Mobile DocumentDB Tables

VM Image Gallery Analytics Engagement StorSimple
& VM Depot Media Content Delivery
Services Network (CDN)

Infrastructure Services
Azure compute regions https://azure.microsoft.com/en-us/global-infrastructure/regions/
Hybrid Datacentre with
Azure
The consistent hybrid cloud
Storage Backup/DR Database App Integration

Azure Site
SQL Database Azure Service
Azure Storage Recovery &
as a Service Bus
Azure Backup

Azure

System Centre
Data SQL Server
StorSimple BizTalk Services
Protection 2016
Manager

On-premises
The consistent hybrid cloud
Identity Management Connectivity Consistency

Virtual
Operations
Azure Active Networks with
Management Azure
Directory ExpressRoute
Suite (OMS)
& VPN

Azure

Active On-premises
System Center Azure Stack
Directory network

On-premises
 Power of Azure in your
datacenter
Microsoft Azure Stack is a
new hybrid cloud platform
product that enables
organizations to deliver
Microsoft Azure Stack Azure services from their
own datacenter.
Azure Stack; Not just the stack

Support

Vendor will provide

support for hardware
issues, Microsoft
provides software
support
Azure – The Open Cloud
Customers are moving their Linux workloads to Azure

More than

40% “We’ve brought Java, Tomcat, Docker containers, Red Hat

Enterprise Linux, SUSE Linux, and many other open-
of VM cores source tools into DevTest Labs, and they all work great.”
are Linux - Peter Rothlaender, Manager of Cloud Solutions, Daimler AG

“Azure and OpenShift automate a significant amount of

work, which allows development teams to achieve
consistent results every time.”
- Yuji Hirose, Head of Service Supervisory Unit, Service Solutions Control Unit, and ICT Business
Supervisory Control Unit
© Microsoft Corporation
Strong Azure ecosystem to support Linux needs

More than

60%
Of Azure
marketplace
images are
Linux-based

© Microsoft Corporation
Linux
SECURING THE PLATFORM EMPOWERING YOU
Securing the Platform

Infrastructure Operational Compliance

security controls security controls

✓ Security Embedded ✓ Datacenter Security ✓ Prevent & Assume ✓ Strategy

in Planning, Design, ✓ Secure Multi-tenancy Breach Strategy ✓ Certifications
Development, & ✓ Network Protection ✓ Incident Response
Deployment ✓ Access Policy & Controls
✓ DDoS Defense
✓ Data Segregation ✓ Threat Detection
✓ Data Protection ✓ Forensics
 Barriers Fencing

Perimeter

Seismic Security 24X7 Days of

bracing operations center security staff backup power

Building

Two-factor access control:

Cameras Alarms
Biometric readers & card readers

Computer room

Infrastructure security controls Operational security controls Compliance

 Customer
Microsoft Azure
Admin
✓ Isolates customer
Portal
Customer 1 Customer 2
environments using the Fabric
Smart API
Controller
Guest VM Guest VM Guest VM

Fabric Hypervisor ✓ Runs a configuration-hardened

Controller Host OS version of Windows Server as
the Host OS
Azure
End Storage
Users

SQL
✓ Uses Hyper-V – a battle tested
Database and enterprise proven
hypervisor

Infrastructure security controls Operational security controls Compliance

 INTERNET Client ✓ Provides logical isolation
while enabling customer
control
Microsoft Azure
Cloud Access
Layer
RDP Endpoint
(password access) ✓ Restricts access from the
Internet, permits traffic
Customer 1 Customer 2 only to endpoints, and
Subnet 1 Subnet 2 Subnet 3 Deployment X Deployment Y
provides load balancing
Corp 1 VPN
and NAT at the Cloud
VLAN-to-VLAN
Access Layer

✓ Private IP addresses are

isolated from other
DNS Server
Isolated Virtual customers
Networks

Infrastructure security controls Operational security controls Compliance

 Internet

✓ Azure’s DDoS defense

Routing Updates Profile DB
MSFT Routing Layer system is designed not
Flow Data only to withstand attacks
from the outside, but also
Detection Pipeline
from within.
Attack Traffic

Scrubbed Traffic
✓ Azure monitors and
detects internally initiated
Scrubbing Array DDoS attacks and
removes offending VMs
SLB from the network

Application

Infrastructure security controls Operational security controls Compliance

Data Segregation

Customer
Microsoft Azure ✓ Stored data accessible only
Admin
through claims-based IDM &
Customer 1 Customer 2
Portal
Smart API
access control with private key

Guest VM Guest VM Guest VM

✓ Storage blocks are hashed by the
Hypervisor
Fabric
Controller
hypervisor to separate accounts
Host OS

✓ SQL Azure isolates separate

End Azure
Users Storage account databases

Access
Control
SQL
Database
✓ VM switch at the host level blocks
inter-tenant communication

Infrastructure security controls Operational security controls Compliance

 ✓ Prevent Breach is a defensive strategy
• Secure Development aimed at predicting and preventing a
Lifecycle security breach
• Physical security controls
Prevent • Operational security
breach controls ✓ The Assume Breach strategy, unique to
Microsoft, is a key operational practice
that hardens cloud services
✓ Leverages Microsoft’s vast threat
intelligence
✓ Includes state of the art security
• Bug Bounty Program
• War game exercises monitoring and response
• Live site penetration testing
Assume
breach

Infrastructure security controls Operational security controls Compliance

Incident Response
DevOps
Engaged

Security Team
Engaged
Event
Detected

Incident
Event Assessment Security Customer
Start Event Customer Process
Confirmed Step 1
Notification

Determine
Affected
Determine Azure
Customers
Customer Impact Customer
✓ In-depth 9-step incident response process Notification
✓ Focus on containment & recovery
✓ Makes contractual commitments regarding
customer notification + provides forensics

Infrastructure security controls Operational security controls Compliance

Threat Detection

INTERNET End Users

THREAT DETECTION: DOS/IDS Layer

Microsoft Azure
✓ Provides big data analysis of logs for
Cloud Access & Firewall Layer intrusion detection & prevention for the
platform
Customer Environment
Virtual Network
DOS/IDS Layer ✓ Employs denial of service attack
Application Tier prevention measures for the platform
Corp 1 DOS/IDS Layer
VPN

Logic Tier
✓ Regularly performs penetration testing
DOS/IDS Layer

Database Tier

Infrastructure security controls Operational security controls Compliance

Infrastructure security controls Operational security controls Compliance
Resiliency in Azure
Azure provides resiliency as a platform and solutions through globe’s largest datacenter footprint

Resiliency solutions customers can use

IaaS PaaS SaaS Resiliency services in Azure

Database / data Azure Backup, Azure SQL/MySQL Database

Workload / application Azure Backup, Azure Site Recovery

Virtual Machine / OS Availability Set. Azure Site Recovery, Azure Backup

Storage Local/Zone/Geo redundant storage, Managed Disk

Networking Region Pairs, Availability Zones, IP/Load Balancers

Power / facility Region Pairs, Availability Zones, Availability Set

Azure resiliency as a platform

© Microsoft Corporation
Azure resiliency as a platform
Resilient from hardware, datacenter, and regional outages

Power / facility Region Pairs, Availability Zones, Availability Set

Datacenter Region Data Residency boundary

Availability
Region 1 Region 2

Datacenter
Zone 1

Availability Availability

Zone 2 Zone 3

Availability Sets Availability Zones Region Pairs

High Availability protection from
hardware failures in a datacenter.
© Microsoft Corporation
High Availability protection against loss of Protection for your data and applications from the loss
datacenters. Multiple datacenters per of an entire region with Geo-redundant storage (GRS)
physically separated zone. Each zone features and Azure Site Recovery.
independent network, cooling, and power.
Azure resiliency as a platform

Power / facility Availability Zones

Data Residency boundary

Region Region
Region 1 Region 2

Zone 1 Zone 2 Zone 3 Zone 1 Zone 2 Zone 3

Resiliency with Data Residency Protection against 99.99% SLA for

Availability Zones and a paired region within the same entire datacenter loss
data residency boundary provides high availability, Each zone is physically separated
disaster recovery, and backup. and consists of one or more
datacenters with independent
power, network, and cooling.
© Microsoft Corporation
mission critical apps
High Availability supported with
industry best SLA when two or more
VMs are running in separate
Availability Zones within a region.
Azure resiliency as a platform

Power / facility Region Pairs, Availability Zones, Availability Set

Industry-leading broadest
Industry-only Industry-leading high availability SLA choice of data residency

VM SLA VM SLA VM SLA Regions

99.9% 99.95% 99.99% 52

Single VM Availability sets Availability zones Region pairs

Protection with Protection against failures Protection from entire Protection from disaster with
Premium Storage within datacenters datacenter failures Data Residency compliance

© Microsoft Corporation
Azure networking resiliency solutions
Azure networking resiliency solutions

Networking IP/Load Balancers

TCP Port 80

Simplify load balancing for applications

Create highly-available and scalable applications Public load balancer
in minutes supporting TCP/UDP-based protocols
80 80 80
High availability and robust
performance for your applications
Load Balancer automatically scales with
increasing application traffic VM VM VM

Internal load balancer

Use the internal load balancer for traffic between Internal load balancer
virtual machines inside your private virtual networks
1443 1443 1442
Build highly reliable applications
Automatically takes unhealthy instances out of
rotation, and reinstates them when they become SQL SQL SQL
healthy again
© Microsoft Corporation
The Azure Portal
Azure Portal
Azure Resources Management
• New Portal with dramatically
new capabilities
• ARM Templates and Deployment
• Resource Groups, Resources,
Tags and Role Based Access
Control
• ARM Policy
Subscriptions, Resource Groups and Resources

Resource Group Resource Group Resource Group

Subscription
Infrastructure as a Service
Infrastructure as a Service scenarios
Using virtual machines, containers, virtual networks and storage to recreate
the experience of virtualized environments using an on-premises hypervisor
Running virtual
machines

Using networking services to run multiple sites and create

applications and services that are available across multiple locations
Manage network
across sites

Extending available SAN storage from your on-premises network in to

the cloud, especially when related to archive and mass storage scenarios
Extending storage
capacity
Azure Core IaaS Components

Network Storage Compute

Azure IaaS – Core Scenarios

Virtual Machines VM Scale Sets Containers DevTest Labs

Virtual Networks
What are Virtual Networks

Azure Virtual Network enables you to create

private networks in the cloud with full control
over IP addresses, DNS servers, security rules
and traffic flows.
What are Network Security Groups?

Azure Network Security Groups contain a list of

security rules that allow or deny network traffic
to virtual resources connected to Azure at the
Subnet or Virtual Machine level.
Hybrid Networking Scenarios

Cloud Customer Segment & Workloads

Secure point-to-site • Developers

connectivity • Small scale deployments
Virtual network (Point-to-Site) • Connect from anywhere

Secure site-to-site • SMB, Enterprises

VPN connectivity • Connect to Azure compute
Virtual network (Site-to-Site) • IaaS and PaaS workloads

• SMB & Enterprises

Private site-to-site • Mission critical workloads
connectivity • Backup/DR, media, HPC
ExpressRoute
• Connect to all hardware
What is ExpressRoute?

Use Azure ExpressRoute to create private

connections between Azure data centers and
infrastructure on your environment.
ExpressRoute connections don’t go over the
public Internet, and they offer more reliability,
faster speeds and lower latencies than typical
Internet connections.
Storage
What is a Storage Account?

Azure Storage offloads the heavy lifting of

data centre management. Azure Storage
offers a range of solutions to suit your needs,
with scalability you won’t outgrow.
Storage account features
Storage type

File Disk Blob Queue Table

Typical use IaaS PaaS

Overview
Massively
Simple, Premium Durable
scalable object
distributed storage for queues for Flexible NoSQL
storage for
cross-platform I/O-intensive large-volume database
unstructured
file system applications cloud services
data
Blob storage tiers

Hot Cool

Use cases Data that is active in Data that is archived

use, or expected to be and not expected to
accessed frequently be accessed
frequently
Availability 99.9% 99%

Usage charges Higher storage costs, Lower storage costs,

lower access and higher access and
transaction costs transaction costs
Latency milliseconds milliseconds
Disk Storage Tiers

Standard Premium

Disk type Hard Disk Drive (HDD) Solid State Drive (SSD)

IOPS per disk 500 120-7500

(based on disk size)

Throughput per disk 60 MB/sec 25-250 MB/sec

(based on disk size)

Maximum disk size 4TB 4TB

Max IOPS per VM 32,000 IOPS 80,000 IOPS

(when using a GS5 VM) (when using a GS5 VM)

Max throughput per 2,000 MB/s 2,000 MB/s

VM (when using a GS5 VM) (when using a GS5 VM)
What are Managed Disks?

Azure Managed Disks simplifies disk

management for Azure IaaS VMs by managing
the storage accounts associated with the VM
disks. You only have to specify the type and the
size of disk you need, and Azure creates and
manages the disk for you
Locally Redundant Storage (LRS)

Australia South East Australia East

Disk Failures

Australia South East Australia East

Geographically Redundant Storage (GRS)

Australia South East Australia East

Read Access Geographically Redundant Storage
(RA-GRS)

Read only

Australia South East Australia East

Virtual Machines
What are Azure Virtual Machines

Azure Virtual Machines gives you the flexibility

of virtualisation for a wide range of computing
solutions with support for Linux, Windows
Server, SQL Server, Oracle, IBM, SAP and more.
All current generation Virtual Machines include
load balancing and auto-scaling
Ensuring Availability with Availability Sets
• Availability sets ensure that
groups of servers will be
provisioned to unique fault
domains
• VMs in an availability set have
an uptime SLA of 99.95%
• Single instance VMs that use
premium storage will receive
an uptime SLA of 99.9%
Virtual Machine Series
A B D E G M
General Memory
Purpose Optimized

F NV NC
Compute
Optimized GPU

L High H
Storage Performance
Optimized Compute
Marketplace images

Microsoft

Windows Server SQL Server SharePoint Dynamics R Server

Open Source

RedHat Ubuntu Oracle Suse CentOS

AHUB
 Azure Hybrid Benefits

Save up to 55% in Azure for Windows Server and SQL Server workloads1

Azure Hybrid Benefit for Windows Server Azure Hybrid Benefit for SQL Server

Convert, or re-use Windows licensing with Convert SQL licensing with active software
active software assurance in Azure for IaaS assurance to save up in Azure for IaaS and PaaS

Significantly reduce costs, paying the ‘base rate’ Use licenses on premise and under the Hybrid
in Azure Benefit simultaneously for 180 days

1Savings may be higher when that Azure Hybrid Benefit for Windows Server and SQL Server are used together or ‘stacked’ in IaaS
 Introducing – Azure Hybrid Benefit (AHB)
Save up to 49% in Azure for Windows Server Save up to 55% in Azure for SQL Server with
with AHB AHB
Cost Pay-as-you-go WS + AHB Pay-as-you-go SQL + AHB

$$
49%
Up to 55%

$ Total monthly
savings

$$
cost of 8 vCore
Managed
Instance
Business Customer
Critical option total cost

$ License
included
With Azure
Hybrid Benefit
Disclaimers

• Sample annual cost comparison of two D2V3 Windows Server VMs. Savings based two D2V3 VMs in US West 2 Region running 744 hours/month for 12 months; Reduced compute rate at SUSE Linux Enterprise rate for US West 2. Azure pricing as of 04/24/2018. Price
subject to change.
• Actual savings may vary based on location, instance type, or usage..
Azure Reserved Virtual
→ Reserve virtual machines in advance

→ Select 1- or 3-year terms with

Significant cost savings Budget predictability Flexibility to modify

up to 80% over pay-as- reservations and
and prioritized
you-go models simplicity
compute capacity
of purchase
AHB + RI Savings – Windows Server
Azure RI + Azure
Cost Pay-as-you-go Azure Hybrid Benefit Azure RI
Benefit

$$$

49%
72%
savings over
$$
80%
on-premises

3-year
discount vs. 3-year discount
pay-as-you-go vs. pay as you go
+ Azure Hybrid
Benefit
$
 Free Extended Security Updates
3 years

75% of the L pricing

Virtual Machine Scale Sets
What are VM Scale Sets

Apply auto-scaling to virtual machines for high

availability. Create thousands of identical virtual
machines in minutes, rely on integrated load
balancing and auto-scaling and quickly scale
your big compute and big data applications
Platform as a Service
Cloud Computing Stack
Platform as a Service scenarios
Create and deploy mission-critical web
applications that scale with your business
Azure Web Apps

Managed database services that takes care of

scalability, backup, and high availability of the
SQL Azure
Databases
database

Azure Functions is a solution for easily running

small pieces of code, or "functions," in the cloud.
Azure Functions
What are Azure Web Apps?

Azure App Service Web Apps (or just Web

Apps) is a service for hosting web applications,
REST APIs, and mobile back ends. You can
develop in your favourite language, be it .NET,
.NET Core, Java, Ruby, Node.js, PHP, or Python.
Azure Web Apps Pricing & Features
Free Shared Basic Standard Premium Isolated

Web, mobile 10 100 Unlimited Unlimited Unlimited Unlimited

or API Apps
Disk Space 1 GB 1 GB 10 GB 50 GB 250 GB 1 TB

Max 3 10 20 100
Instances
Custom Supported Supported Supported Supported Supported
Domain
Autoscaling Supported Supported Supported

Network Supported
Isolation
Price Free $0.013 $0.075 $0.10 $0.20 $0.30
What is an Azure SQL Database?

Azure SQL Database is a relational database-

as-a service using the Microsoft SQL Server
Engine. SQL Database is a high-performance,
reliable, and secure database you can use to
build data-driven applications and websites in
the programming language of your choice,
without needing to manage infrastructure.
SQL Azure Feature Comparison
Basic Standard Premium
Target workload Development and Development and Development and
production production production
Uptime SLA 99.99% 99.99% 99.99%

Backup retention 7 days 35 days 35 days

CPU Low Low, Medium, High Medium, High

IO throughput Low Medium Order of magnitude higher

than Standard
IO latency Higher than Premium Higher than Premium Lower than Basic and
Standard
SQL Azure Pricing & Features

Basic Standard Premium

Database Transaction Units 5 10-3000 125-4000

Storage 2 GB 250 GB – 1 TB 500 GB – 4 TB

Price $0.0086 / Hour $0.0257-$3.8522 / Hour $0.7961-$27.40 / Hour

What are Azure Functions?

Azure Functions is a serverless compute service

that enables you to run code on-demand
without having to explicitly provision or manage
infrastructure. Use Azure Functions to run a
script or piece of code in response to a variety
of events.
Containers
What are Containers

A container image is a lightweight, stand-alone,

executable package of a piece of software that
includes everything needed to run it, including
code, runtime, system tools, system libraries,
settings.
 Containers vs Virtual Machines

Application Application Application

Runtime Runtime Runtime

Application Application Application
Operating Operating Operating
System System System Runtime Runtime Runtime

Hypervisor Container Manager

Operating System Operating System

Bare Metal Bare Metal

Virtual Machines Containers

Azure Container Technologies
What are Azure Container Services?

Azure Container Service manages your hosted

Kubernetes, Docker or Mesos Container
environment, making it quick and easy to
deploy and manage containerized applications
without container orchestration expertise.
What is Azure Kubernetes Services (AKS)?

Azure Kubernetes Service (AKS) is the next

generator Container Orchestration layer that
manages your hosted Kubernetes Cluster,
making it quick and easy to deploy and
manage containerized applications without
container orchestration expertise.
DevTest Labs
What are DevTest Labs?

Fast, easy and lean dev-test environments.

Quickly provision development and test
environments using Windows or Linux.
Minimize waste with quotas and policies and
set automated shutdowns to minimize costs.
Identity
 Users

Devices Data

Apps
On-premises /
Private cloud
 Microsoft Azure
Active Directory

On-premises /
Private cloud
— Identity and access management for employees, partners, and customers —

B2B Provisioning- Addition of Identity

Access Dynamic Groups
collaboration Deprovisioning custom cloud Protection
Panel/MyApps
apps

Remote Access Privileged

Self-Service Azure AD Group-Based
Connect Health to on-premises Identity
capabilities B2C Licensing
apps Management

Microsoft MDM-auto
Azure AD Conditional Authenticator - enrollment / Security
Azure AD Join Enterprise State Reporting
Connect Access Password-less
Access Roaming

Multi-Factor Office 365 App HR App

SSO to SaaS Azure AD DS Access Reviews
Authentication Launcher Integration
 Single
sign-on MFA
Self
Azure AD Service
Windows Server Connect
Active Directory

Microsoft Azure
Active Directory
On-premises
/ Private cloud
 Sync Seamless
engine authentication

Single
sign-on MFA
Self
Azure AD Service
Windows Server Connect
Active Directory

Microsoft Azure
Active Directory
On-premises
/ Private cloud
Pass-through authentication

Office 365, SaaS, and LoB apps

Microsoft Azure
Active Directory

Pass-through
authentication

Pass-through
authentication agent Windows Server
Active Directory

On-premises / Private cloud

Password Hash synchronization

Office 365, SaaS, and LoB apps

Microsoft Azure
Active Directory

Password Hash
synchronization

Windows Server
Active Directory

On-premises / Private cloud

Federation via ADFS

Office 365, SaaS, and LoB apps

Microsoft Azure
Active Directory

Federation

Windows Server
Active Directory

On-premises / Private cloud

 Office 365, SaaS, and LoB apps
Microsoft Azure
Active Directory

Password Hash
synchronization

Pass-through Federation
authentication

Pass-through
authentication agent Windows Server
Active Directory

On-premises / Private cloud

334,000
3rd party active applications
1 Google Apps

2 Workday

3 ServiceNow

4 Schoology

5 SuccessFactors
 Azure
Active Directory
I want my customers
and partners to access
the apps they need
B2C B2B

Secure collaboration

Simple sign-in and sign-up

Branded experience
 Other Assign B2B users access to any app
organizations or service your organization owns

SharePoint Online
& Office 365 apps
Add B2B users with accounts in
other Azure AD organizations

Microsoft Azure
Active Directory

Other Identity Microsoft

Providers* Account

Add B2B users with MSA or other

On-
Identity Provider accounts premises
Securely authenticate your Analytics
customers using their preferred
identity provider Microsoft Azure
Active Directory
Capture login, preference, and
conversion data for customers

Provide branded (white-label)

registration and login contoso

experiences Social IDs Business &

Government IDs

Customers

Apps
What next?
https://azure.com/essentials
www.microsoft.com/learn
Step-by-Step Learning
▪ Guided microlearning by product/service,
difficulty, job role, etc
▪ Videos, tutorials, and hands-on learning
▪ Role-based learning paths to prepare for
certification
Live learning sessions taught by experts
Forums dedicated to learning
Gamification & Achievements
▪ Unlock achievements
▪ Task-based achievements to reward your
hands-on skills
▪ Customizable user profile
Leaderboards to track your progress
Friction-Free Learning
▪ All learning content is free
▪ Free trial accounts to easily test-drive
products and services
▪ Content available in the spoken language
and programming language of my choice
▪ No-install, browser-based Interactive
coding/scripting environments
▪ All scripts and code samples available for
download
Microsoft Learn playground for setting up,
sharing, and learning
 Templates
https://github.com/Azure/
azure-quickstart-templates
 Register here:
Azure Workshops | Free in-person learning
Singapore

Find out more on aka.ms/AzureSG

Access here:
Microsoft Learn - Free online learning
Build your skills fast with free, interactive tutorials at
Microsoft Learn, a new training experience for technical users.

Start today at Microsoft.com/Learn

References (1/6)

New Releases
https://azure.microsoft.com/en-us/updates/
Azure Roadmap
https://azure.microsoft.com/en-us/roadmap/
More certifications than any other cloud provider
https://azure.microsoft.com/en-us/overview/trusted-cloud/
Security is embedded into Azure
https://www.microsoft.com/en-
us/TrustCenter/Security/default.aspx
References (2/6)

IDENTITY
Azure AD Connect user sign-in options
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-user-signin#choosing-
the-user-sign-in-method-for-your-organization
Azure Active Directory Pass-through Authentication: Technical deep dive
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-
authentication-how-it-works
Azure Active Directory Pass-through Authentication: Frequently asked questions
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-
authentication-faq
Azure Active Directory Pass-through Authentication: Current limitations
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-
authentication-current-limitations
Azure Active Directory pricing
https://azure.microsoft.com/en-us/pricing/details/active-directory/
References (3/6)

Infrastructure as a Service (IaaS)

Understand the structure and syntax of Azure Resource Manager templates
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates
Quickstart templates are currently in the gallery
https://azure.microsoft.com/en-us/resources/templates/
Virtual machine extensions and features for Windows
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/extensions-features
References (4/6)

Infrastructure as a Service (IaaS)

Understand the structure and syntax of Azure Resource Manager templates
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates
Quickstart templates are currently in the gallery
https://azure.microsoft.com/en-us/resources/templates/
Virtual machine extensions and features for Windows
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/extensions-features

COMPUTE
What are virtual machine scale sets in Azure?
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-overview
References (5/6)

STORAGE
Azure Managed Disks Overview
https://docs.microsoft.com/en-us/azure/storage/storage-managed-disks-overview
High-performance Premium Storage and managed disks for VMs
https://docs.microsoft.com/en-us/azure/storage/common/storage-premium-storage

NETWORKING
Virtual Network Service Endpoints
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
ExpressRoute overview
http://azure.microsoft.com/en-us/documentation/articles/expressroute-introduction/
https://azure.microsoft.com/en-us/blog/networking-enterprise/
References (6/6)

Platform as a Service (PaaS)

PaaS Overview – What is PaaS?
https://azure.microsoft.com/en-us/overview/what-is-paas/
Cognitive Services on Azure
https://azure.microsoft.com/en-us/services/cognitive-services
Video Indexer Proof of Concept
https://vi.microsoft.com/
Continuous Deployment for Azure Functions
https://docs.microsoft.com/en-us/azure/azure-functions/functions-continuous-deployment
Working with Collations in SQL Azure
https://azure.microsoft.com/en-us/blog/working-with-collations-in-sql-azure/
Azure Machine Learning Overview
https://azure.microsoft.com/en-us/services/machine-learning-studio/
Thanks!