Hyperscale on Microsoft Azure

See NNIT's cloud migration cases here

An Azure region is a set of datacenters, deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network.

With more global regions than any other cloud provider, Azure gives customers the flexibility to deploy applications where they need. An Azure region has discrete pricing and service availability.

Azure global infrastructure is made up of two key components—physical infrastructure and connective network components. The physical component is comprised of 160+ physical datacenters, arranged into regions, and linked by one of the largest interconnected networks on the planet.

With the connectivity of the global Azure network, each of the Azure datacenters provides high availability, low latency, scalability, and the latest advancements in cloud infrastructure—all running on the Azure platform.

Together, these components keep data entirely within the trusted Microsoft network and IP traffic never enters the public internet.

An Azure geography is a discrete market, typically containing at least one or more regions, that preserves data residency and compliance boundaries. Geographies allow customers with specific data-residency and compliance needs to keep their data and applications close. Geographies are fault-tolerant to withstand complete region failure through their connection to the dedicated high-capacity networking infrastructure of Azure.

Regional network gateways are massively parallel, hyperscale datacenter interconnects between datacenters within a region—without the need to network each individual datacenter to the others in a region.

This ensures that connection issues in one datacenter don’t cause issues for the wider region. This also allows the addition of new datacenters without the need to route direct network connections to each existing datacenter.

Read more about Azure Stack HCI in Micorsoft's whitepaper via this link

Content: 

1. What is it
2. What can I use Azure Stack HCI for?
3. How to buy Azure Stack HCI 
4. Conclusion

Clik here to view Microsoft's Architecture and Design Guide

Read more in Microsoft's whitepaper Azure SQL Edge: A data engine optimized for IoT workloads on edge devices.

Click here  to learn more about:

- Azure Region Infrastructure
- Data residency for customer data
- Access to telemetry data
- How Microsoft protects data from unauthorized access
- Data retention and deletion
- Compliance

Click here to access Microsoft's whitepaper

Below you find a list of some of the compliance offerings Azure includes:

• Criminal Justice Information Services (CJIS): Any US state or local agency that wants to access the FBI's CJIS database is required to adhere to the CJIS Security Policy. Azure is the only major cloud provider that contractually commits to conformance with the CJIS Security Policy. The policy commits Microsoft to adhere to the same requirements that law enforcement and public safety entities must meet.
• Cloud Security Alliance (CSA) STAR Certification: Azure, Intune, and Microsoft Power BI have obtained STAR Certification, which involves a rigorous independent third-party assessment of a cloud provider's security posture. This STAR certification is based on achieving ISO/IEC 27001 certification and meeting criteria specified in the Cloud Controls Matrix (CCM). This certification demonstrates that a cloud service provider:
  • Conforms to the applicable requirements of ISO/IEC 27001.
  • Has addressed issues critical to cloud security as outlined in the CCM.
  • Has been assessed against the STAR Capability Maturity Model for the management of activities in CCM control areas.
• General Data Protection Regulation (GDPR): The European Union's General Data Protection Regulation (GDPR) sets a new global standard for privacy rights, security, and compliance for the citizens and residents of the European Union (EU). The GDPR governs the handling and use of personal data of EU citizens and residents. Enforcement of the GDPR began May 25, 2018, and there are significant consequences for non-compliance. Read the GDPR section for a more detailed discussion of the GDPR.
• EU Model Clauses: Microsoft offers customers EU Standard Contractual Clauses that provide contractual guarantees around transfers of personal data outside of the EU. Microsoft is the first company to receive approval from the EU's Article 29 Working Party that the contractual privacy protections Azure delivers to its enterprise cloud customers meet current EU standards for international transfers of data. This approval ensures that Azure customers can use Microsoft services to move data freely through Microsoft's cloud from Europe to the rest of the world.
• Health Insurance Portability and Accountability Act (HIPAA): HIPAA is a US federal law that regulates patient Protected Health Information (PHI). Azure offers customers a HIPAA Business Associate Agreement (BAA), stipulating adherence to certain security and privacy provisions in HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act. To assist customers in their individual compliance efforts, Microsoft offers a BAA to Azure customers as a contract addendum.
• International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27018: Microsoft is the first cloud provider to have adopted the ISO/IEC 27018 code of practice, covering the processing of personal information by cloud service providers.
• Multi-Tier Cloud Security (MTCS) Singapore: After rigorous assessments conducted by the MTCS Certification Body, Microsoft cloud services received MTCS 584:2013 certification across all three service classifications:
  • Infrastructure as a service (IaaS)
  • Platform as a service (PaaS)
  • Software as a service (SaaS)

Microsoft was the first global cloud solution provider (CSP) to receive this certification across all three classifications. 

• Service Organization Controls (SOC) 1, 2, and 3: Independent third-party auditors audit Microsoft-covered cloud services at least annually against the SOC report framework. The Microsoft cloud services audit covers controls for data security, availability, processing integrity, and confidentiality as applicable to in-scope trust principles for each service.
• National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF): NIST CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity-related risks. Microsoft cloud services have undergone independent, third-party Federal Risk and Authorization Management Program (FedRAMP) Moderate and High Baseline audits and are certified according to the FedRAMP standards. Additionally, after a validated assessment by the Health Information Trust Alliance (HITRUST), a leading security and privacy standards development and accreditation organization, they certified Microsoft 365 to the objectives specified in the NIST CSF.

Click here to access Microsoft Azure's Pricing calculator to configure and estimate the expected costs