Blog Archive

Azure Cost Estimator v2.0

Azure cost toolThe most common question we get when running Microsoft Azure events is “why are you wearing those ridiculous trousers?”

The second most common question is “How much does Azure cost?”

My favourite analogy is to compare Azure to a box of Lego. Lego isn’t in the business of selling boxes of Lego; go into a toy store and you’ll see a racing car or spaceship or a cityscape or the Sydney Opera House. Think of Azure services like hundreds of Lego blocks and rather than trying to describe this to people (“I have a box of Lego, what would you like it to be?”), create your own scenarios and solutions (“I have a site-to-cloud VPN with 5TB bandwidth”, “I have a high availability SharePoint web farm”, “I have cloud protection for 20 Hyper-V virtual machines”).

The benefit of describing Azure in terms of solutions is that you can price them, market them to whomever is paying for them and very importantly, you can automate them with PowerShell and XML which makes them easy to set-up, move, scale, etc..

A big part of creating these solutions is determining how much they will cost. There are several Azure pricing tools available; Azure.com, a more detailed cost estimator, and the new Azure scenario tool which we’re describing in this blog post.

The tool has two sides to it.  The first is an agent which profiles real-world machine hardware usage and uses that information to recommend the most appropriate Azure set-up and generate a 31-day cost estimate.  The second side is to choose from a selection of Azure scenarios (some of which are pictured below) or putting together your own package.  This menu of scenarios will grow over time as more are added to Azure documentation or come to light from customer and partner suggestions.

Estimator scenarios

The tool can download current Azure pricing with a click of button and it works in multiple currencies (24 at the time of writing).  You can also generate a report on the detailed infrastructure cost broken down by compute, bandwidth, data, support, etc.  Scenarios can be exported to XML but unfortunately there’s no way yet to use this generated file with PowerShell to automate the set-up of a particular package.

The scan agent supports Microsoft technologies (Hyper-V, SCVMM), VMware technologies (vCenter, ESXi) and physical environments (Windows and Linux).  Future updates may include XEN Server support and the option to import workloads from from MAP and vSphere.

Download the tool today from and if you have any useful feedback or suggestions please email feedbackAzureCalc@microsoft.com.


Microsoft Azure RemoteApp Overview

Microsoft Azure Logo

We’ll cover a technical look at RemoteApp in an upcoming blog post but in this post we examine what Azure RemoteApp provides and how to licence it.

Why is RemoteApp Useful?

According to Microsoft, around 75% of employees bring technology of their own to work and nearly 30% of employees use three or more devices at work. These employees clearly want to access corporate resources from their devices. One way for IT to provide this is through desktop and application virtualization where the device is merely used as a ‘window’ to the user’s full Windows Desktop running remotely on a server somewhere. So a user could be sitting in their favourite coffee shop, using their iPad, viewing and interacting with their company pc desktop and applications.

There may be times when the employee doesn’t need access to an entire desktop session but just wants to run a business application virtually. Azure RemoteApp allows IT to deliver virtual application sessions from the cloud. If the distinction isn’t quite clear, imagine sitting in front of your pc or laptop and seeing your Windows start button, background picture and the huge amounts of icons and shortcuts on your messy desktop (unless you’re one of those tidy-desktop people). Now imagine doing exactly the same but from a different device, such as your home pc, iPad or Windows Tablet. You’re seeing your entire desktop and then you would run applications, etc.

Now imagine using your iPad, home PC or Windows tablet and you have a shortcut to a business application that you need for work. Your run that application and you see the application’s window on your device as if it was a native application installed locally. That’s RemoteApp.

You should now understand the first advantage; IT don’t need to virtualize and expose entire desktops, but just collections of applications.

Secondly, at the time of writing, Azure Virtual Machines (VMs) are primarily for hosting middle-tier applications. You wouldn’t spin up an Azure VM and pop client software on it and allow lots of users to remote desktop into it. Technically it can work but an Azure VM only includes 2 Remote Desktop Session (RDS) licences so any more than two people connecting at a time requires additional RDS licences. Azure VMs are good for hosting the middle-tier applications that client (front-end) applications will connect to. The front-end applications might be a Windows application or a web-based application.

Azure RemoteApp is designed to vitualise a client-application to multiple users from the cloud and all the necessary infrastructure licences are included, including all the RDS licences.

So could a customer deploy Microsoft Office 365 ProPlus onto Azure and deliver it virtually to users via RemoteApp. Yes, in fact here’s a nice little webcast from the Office team stating just that. Office on-premises is still licensed per-device and doesn’t allow licence mobility so Office licences acquired on-premises can’t be used for Azure RemoteApp service; it’s just Office 365 ProPlus.

We must be clear here about the applications that are supported; RemoteApp delivers applications running on Windows Server in Microsoft Azure. Applications must therefore be compatible with Windows Server 2012 R2.

Azure RemoteApp has a selection of pre-built application collections to choose from or IT can upload template images to the Azure management portal. Users obtain the appropriate Azure RemoteApp client for their device via http://remoteapp.azure.com. When they launch the client they are then prompted to login, where they can choose to authenticate with either their corporate credentials, Microsoft account (e.g. Outlook.com) or their Azure Active Directory account. After authenticating, the user will see the applications their IT Admin has given them access to and can then launch whichever application they require.

Each user has 50GB for persistent user data and because Microsoft is using RemoteFX technology here, users will get a great experience: applications will support keyboard, mouse, local storage, touch and some plug-and-play peripherals on Windows client devices. Other platforms will only support keyboard, mouse and touch. Local USB storage devices, smartcard readers, local and network printers are supported and the RemoteApp application will be able to utilize multiple monitors of the client the same way a local application can.

How is Azure RemoteApp Priced?

In order to get started with Azure RemoteApp, you will need an Azure account. Azure RemoteApp is priced per user and is billed on a monthly basis.

The service is offered at two tiers: Basic and Standard. Basic is designed for lighter weight applications (e.g. for task workers). Standard is designed for information workers to run productivity applications (e.g. Office).

The service price includes the required licensing cost for Windows Server and Remote Desktop Services but it doesn’t include the application licence, for example you still need an Office licence if you wish to use that. The bandwidth used to connect to the remote applications (both in and out) as well as bandwidth used by the applications themselves is also included with the service.

Each service has a starting price that includes 40 hours of connectivity per user. Thereafter, a per-hour charge is applied for each hour up to a capped price per user. You won’t pay for any additional usage after the capped price in a given month.  Azure RemoteApp billing is pro-rated per day in case you remove a user’s access part-way through a month.

Microsoft Azure RemoteApp

As we mentioned, you create app collections which contain the applications you wish to run and you can assign these collections to a set of users. Currently you can create up to 3 app collections per customer and each app collection will be billed at a minimum of 20 users. If you have less users, you’ll still be billed for 20. Hopefully this will change as it’s a bit of an Achilles’ heel for small businesses. RemoteApp basic scales to 400 users per collection and RemoteApp standard scales to 250. If you want to extend any of these limits, or if you want users to access more than one app collection, you’ll need to contact Azure support.

We must reiterate that the customer is responsible for complying with use rights of the applications they bring onto the RemoteApp service. This includes Office and as you can see at the bottom of this table, Office ProPlus can be utilized as one of the installs for licenced users and this is treated as Shared Computer Activation.

Most existing 32-bit or 64-bit Windows-based applications run “as is” in RemoteApp but there is a difference between running and running well.  There’s guidance on the RemoteApp documentation pages at azure.com.

So in summary:
• Azure RemoteApp is priced per user per month
• The service is offered at two tiers: Basic and Standard
• Basic is designed for light-weight applications
• Standard is designed to run productivity applications
• Each service has a starting price that includes 40 hours of service per user
• Thereafter, an hourly charge is applied for each user hour, up to a capped price per user
• No charge for any additional usage above the capped price in a given month


Microsoft Azure Resources

Stack of books and resourcesIf you’re looking to use or build a practice around Microsoft Azure, good on you.  Here’s a bunch of links that might come in handy.  Feel free to bookmark the page, we like being bookmarked.  We like it even more when you train with us.

Manage the directory for your Office 365 subscription in Azure

Get started backing up to the cloud with SQL Server Backup to Microsoft Azure Tool

Building a highly available on-premises VPN gateway

Microsoft Azure in Open Licensing

Active Geo-Replication for Azure SQL Database

Backup and Restore Windows Azure IaaS Virtual Machines using BLOB Snapshots

New Azure Active Directory Sync tool with Password Sync is now available

Install or upgrade the Directory Sync tool

Azure Virtual Machines – Common Questions and Issues

Azure Service Level Agreements

Understanding Azure SQL Database and SQL Server in Azure VMs

Guidelines for Deploying Windows Server Active Directory on Azure Virtual Machines

Installing IIS Dynamic IP Restrictions in an Azure Web Role (PAAS)

Windows Azure Availability Sets

Manage the availability of virtual machines

About Regional VNets and Affinity Groups for Virtual Network

New D-Series Virtual Machine Sizes

Virtual Network Overview

Configure a Point-to-Site VPN in the Management Portal

Configure a Static Internal IP Address for a VM

IP Addressing

Name Resolution (DNS)

How To Change the Drive Letter of the Windows Temporary Disk

High Availability and Disaster Recovery for SQL Server in Azure Virtual Machines

SharePoint Server Farm

Active Directory Pricing

Azure Backup FAQ

Deploy Office 365 Directory Synchronization (DirSync) in Microsoft Azure

Microsoft Azure: Connecting multiple VNET’s to a VNET

Add a co-administrator to an Azure subscription

Azure SQL Database Security Guidelines and Limitations

About VPN Devices for Virtual Network

Free Azure eBook – Fundamentals of Microsoft Azure


Free Azure eBook

Man holding the word freeStaff at Microsoft aren’t usually allowed to say the word free.  Someone will sue on the basis of abusing market dominance.  However sometimes, it’s justified.

Eric Ligman, a senior sales excellence manager at Microsoft, has posted a few news items in the past about freely downloadable eBooks.  Microsoft Press can be pretty generous and the latest free eBook released is titled Microsoft Azure Essentials: Fundamentals of Azure.  I heard about this smack bang in the middle of teaching an Azure course.  How serendipitous.

The eBook, written by two Microsoft Most Valued Professionals (MVP) Michael S. Collier and Robin E. Shahan is a great point to start about the capabilities of Azure, which I describe as an enormous box of Lego.  Azure can be anything and you need to play and practice to get the best out of it.  I’ll explain some concepts and ideas in a future blog post.

The book also has a publication date of February 2015 so is up to date.  The change cadence of Azure is bewilderingly fast so it’s nice to read something which matches the current offerings.

You can download Microsoft Azure Essentials: Fundamentals of Azure along with a host of other titles directly from Microsoft Press.  And of course, we run Azure training courses so if you are looking to gain an MCP in Azure or kick-start your Azure technical knowledge, have a look at our cloud courses or drop us a line.


Save the Photographs!

My wife takes digital photos and downloads them onto her laptop.  Then she deletes them from the camera.  If you have ever taken a hard-drive apart, on those rainy days to avoid doing dull IT tasks, you’ll know how fragile they are.  Lots of memories on those small platters of film.  No matter how many external hard drives I buy, or funny-shaped USB sticks to persuade her to back up her files, she never does.  So it’s with great anticipation that Microsoft Azure Backup Vaults now support Windows client OS (Windows 7 and Windows 8) as well as Windows Server.

Windows Client backup to Azure

 

If you’re a techie, you might be thinking why didn’t I set up a home active directory domain on an HP Microserver, back-up the client devices that log-on, including my wife’s laptop, and then back the server and thus the client files up to Azure?  Well, I did but the big blue light on the front on the Microserver started to annoy me at night because it was really bright so I keep turning it off and that’s not really a good infrastructure decision.

Let’s walk through how to set your home pc to back-up to the Azure cloudy goodness.  A couple of basics first; you will need an Azure subscription and this back-up solution will cost you money.  However, backups are compressed, encrypted, triple-replicated inside Microsoft’s datacenters and once you’ve set up your back-up schedule, it’s automatic.  And think of your photographic memories safe and sound (although of course you should periodically test your recovery processes as well).

Log onto www.azure.com and go to the Azure portal.  Select Recovery Services and create a new Backup Vault.  Once you have your vault, the dashboard will show you the next steps to take.

Azure backup vault dashboard

 

The client machine needs to register with the Azure Backup Vault.  A few months ago this required creating a certificate but now Azure simply provides a credentials file to download and save onto your local machine.  Next, download the Microsoft Azure Recovery Services (MARS) agent onto the local pc and run it.  The Azure portal provides two options for the backup agent; pick the first option (Windows Server or System Center Data Protection Manager or Windows Client).  The setup wizard is going to ask about proxy settings and will also download the pre-requisites but typically on a home network, you’ll be able to breeze through accepting the defaults.

Azure backup agent installation

 

Azure backup agent installation

 

Azure backup agent installation

 

The final step allows you to Proceed to Registration (or you can Close the setup but if you’re ready to schedule the backup, you may as well proceed to register your pc with the backup vault).  The backup agent will ask for the vault credentials file that you downloaded and then you’ll need to specify a passphrase.  This will be used for encrypting the data before transfer to Azure.  Note the data is encrypted on the client device and stored in Azure encrypted.  Microsoft do not hold the passphrase so it’s vital this is kept safe and secure otherwise you’ll only be able to restore encrypted data.  In fact, the agent will not let you proceed to the next step until the passphrase is saved to another location.

Azure backup agent

Once you’ve registered the server (the agent still refers to your client pc as a server; can’t change everything overnight), the Azure Backup app will be started and you can set your backup schedule.

Azure backup app

The wizard is pretty straight-forward to navigate; you select the items from you local pc to backup (note that Azure will only backup the data that changes after the initial backup).

Azure backup app

The next step is to set up the frequency of the backup, i.e. when it will run, and how long Azure will retain the backups for.  A recent change was the increase of the maximum retention period to 3,360 days; essentially about 9 years so this is an archiving solution as well as a disaster recovery.  However, remember your costs.  Even though Azure backup will compress the data before storage, the more backups you keep, the more storage you’ll use and the higher the monthly cost.  There’s also a limit of 120 recovery points so you may need to balance the frequency with the retention range or you’ll get an error message when you hit the Next button.  For example, the screenshot below is trying to backup once a week and keep these recovery points for 9 years which would easily exceed 120 points.  However, if I set the frequency to monthly (4 weekly to be exact), I’d be fine.

Azure backup app

There’s also a size limit of 1700GB per volume to each backup operation (so if you’re backing up files from multiple drives, you have around 1.7TB from each).  You can stop the backup or change the items to backup and then schedule by clicking Schedule Backup in the main Azure Backup application window.

Recovering items is also straightforward; you can specify the recovery point (date) to restore from and which items you want to restore.  You can also restore these items to the original location or a new location.

Back in the Azure portal, you can see the registered server (or in this case client pc) and also view the protected items and the recovery points.  You can register up to 50 machines against each backup vault and as of December 2014, you can have up to 25 backup vaults per Azure subscription.

Azure backup protected items

And just as a final part to this blog, we have to thanks one of our trainers, Thomas Lee who scored this coup by asking nicely for it!


6 and 12 Month Pricing for Azure

Microsoft Azure Logo

Buying Microsoft Azure directly from Microsoft is as easy as online grocery shopping and for some people might even be cheaper (Waitrose does have a tempting cheese selection). Until recently, the pricing calculator on www.azure.com offered pay-as-you-go rates or discounted monetary commitment rates if you paid £300 or more per month for 6 or 12 months. You can read our previous blog post about this.

From July 26th, those commitment options are no longer shown, despite the website mentioning them.  No notice, no announcement; one could even use the phrase ‘swept under the carpet’.  Why is this?

As of 1st August, any Microsoft reseller can sell Azure monetary commitment to any customer in the same way they sell other Microsoft software such as Windows or Office (previously, Azure could only be purchased directly from Microsoft or through an Enterprise Volume Licensing Agreement).  Customers can now turn to their IT provider and buy Azure credit in $100 chunks (approx. £65 of Azure services).  This credit will then last for 12 months from the time the customer redeems the code online.  So if you want £1,800 of Azure credit, you would buy 27 or 28 of the Azure monetary commitment chunks.  We’ll run a blog post in the next week or so showing the experience in more detail.

As an example of how this credit might be used, a customer buying £1,800 worth of Azure monetary commitment from a reseller would go on to pay £34.75 per month for a 200GB Azure Backup Vault.  Around 52 months’ worth of Azure Backup (the azure credit only lasts 12 months so they’d spend the rest on other services but work with us here, this is a simple example).

A customer buying direct through Azure.com and pre-paying £300 for 6 months (a total of £1,800) would gain a discount of 22.5% off the pay as you go price and bring the Azure Backup Vault cost down to around £26.93 per month.  Around 67 months’ worth of Azure backup.  Both methods cost the customer the same £1,800 up front so which would you go for?  This is obviously detrimental to Microsoft resellers who wish to transact Azure as they wouldn’t be able to compete against those discounts.

So that is my understanding why the 6 month, 12 month and pre-payment pricing options on Azure.com  were hidden in the little attic room.  I believe it’s only for the time being and Microsoft is working towards rationalising the pricing waterfall and discounts across buying direct and via a reseller.

 


Is Office 365 Subject to the Patriot Act?

Great Seal of the United States

 

David from Newcastle upon Tyne asks “is Office 365 subject to the Patriot Act?”

This is a very common question when dealing with cloud services, not just office 365.  In short, the USA Patriot Act makes lawful access to stored data easier in certain instances.  If the request is lawful and obligatory, Microsoft cannot simply refuse.  Nor can any other company.  And don’t forget, the UK has similar powers and made almost as many law enforcement disclosure requests as the US between July 2013 and December 2013 (4,213 requests from the UK against 5,652 from the US).

Customers can be assured that Microsoft follows clear principles in responding to any government legal demands for customer data (whether from the US government, UK or other bodies):

There must be a valid subpoena or legal equivalent before Microsoft will consider releasing a customer’s non-content data to law enforcement;
There must be a court order or warrant before Microsoft will consider releasing a customer’s content data;
In each instance, Microsoft carefully examines the requests received for a customer’s information to make sure they are in accord with the laws, rules and procedures that apply.

Because Microsoft is committed to transparency in regards to who has access to customers’ data, when and under what circumstances, they publish the details of the number of demands they receive each year in a Law Enforcement Requests Report which is updated twice a year.  They have just released a report on US government requests (as opposed to law enforcement requests) and between January 2013 and June 2013 there were less than 1,000 orders seeking disclosure of customer content.  Brad Smith, Microsoft’s General Counsel & Executive Vice President of Legal & Corporate Affairs highlights that “while our customers number hundreds of millions… only a fraction of a percent of our users are affected by these orders.”

It’s also possible for customers on Microsoft’s cloud services to find out whether someone has accessed their data.

Due to the frequency of this question, the Office 365 Trust Centre is a useful source of information around privacy and transparency.


Microsoft Windows Server 2012 R2 Bootcamp Content

We recently had the pleasure of co-presenting a series of bootcamp events for Microsoft resellers alongside HP and Zynstra.  The content covered Windows Server 2012 R2, Office 365, Microsoft Azure, Service Provider Licence Agreements (SPLA), HP Hardware and Zynstra cloud appliances.

If you would find the content useful, we’ve made the available for you to download: the Microsoft and Zynstra slides and the HP slides.  Nothing like attending an event in person of course so if this kind of event is of interest to you please do contact us as there may be some upcoming events we can let you know about.


Another Name Change

Microsoft Azure LogoMicrosoft has a real habit of changing the names of products and technologies.  One could believe there’s an entire department devoted to the practice.  There isn’t of course because if there were, we wouldn’t have the same codenames for different technologies and the names would be more consistent.

Sometimes, names are changed because of legal action (SkyDrive became OneDrive due to Sky taking Microsoft to court).

Sometimes it makes sense.  Windows Azure became Microsoft Azure in late March and this is a good thing because Azure has grown and is no longer just about Windows services or infrastructure in the cloud.

Whatever the reason for the name changes, I can’t help thinking about the huge amount of collateral we now need to change to keep it up to date.


Microsoft Azure- This Will Be Big

Microsoft Azure LogoTrust us, Microsoft Azure is worth understanding.  We’ve been in this business for a long time and certain technologies are essential to understand whether you sell them or services around them, use them or even if you use a competitive technology it’s good to know the field.

We’ll be creating many more blog posts about Microsoft Azure (formerly Windows Azure) over the coming months and we’re creating some training courses specifically for it.  For now though, read our blog post on how to buy Microsoft Azure and trust us.  Let’s examine some clues here:

  1. It’s no coincidence that Satya Nadella was the choice for replacing Steve Ballmer as Microsoft’s CEO; the fact he headed up the cloud and services division played a large part in that.
  2. Microsoft Azure keeps company with several other Microsoft divisions, including Windows, Xbox and Office, that bring in more than $1 billion of revenue per year
  3. Microsoft Azure revenue more than doubled (150% growth) between FY13 Q3 (Jan-Mar 2013) and FY14 Q3 (Jan-Mar 2014) according to Microsoft’s earning release
  4. Over 50% of Fortune 500 companies were on Azure as of July 2013
  5. Analysts such as Morgan Stanley are predicting enormous growth; exceeding that of Amazon Web Services (Morgan Stanley CIO Survey, 2013. “Percentage of Enterprise CIOs Greater than $1B/$10B expecting to use IaaS by YE2014”)
  6. Microsoft’s investment in its data centres provides the foundation for Azure; the new Azure Brazil South region, located in Sao Paulo state, is available for public preview and this is a huge step in cloud trust as it offers customers the ability to keep their data in-country.  Data sovereignty in Europe is sure to follow.