Azure

Moving all or some of your services to the public cloud is not trivial. Fordway has significant experience and expertise in migrating organisations’ IT Services to cloud. Engaging us to assist your migration will ensure your transition will happen as planned, to an agreed timetable and cost, with minimum disruption to services. Fordway helps organisations leverage Azure, Office 365 and their associated services such as Intune, Enterprise Mobility + Security, Skype for Business and Microsoft Teams.

Migrate to Azure using the Fordway Proven Process

Fordway are specialists providing high quality solutions to complex IT problems. We work to our ‘Proven Process’ to ensure our customers realise their business goals.

Step 1 – Engage

Before any cloud migration is undertaken it is important to understand and map out the existing environment and clearly define your business objectives. Not all workloads are candidates for a public cloud migration. Fordway’s ‘Engage’ step identifies the issues and requirements for the proposed change to begin to shape your cloud strategy.

Step 2 – Analyse

Our discovery workshops will enable Fordway to perform a high-level review of the current environment, and identify suitable workloads and services that will be appropriate for Azure. Our qualified architects will analyse the current baseline and produce high-level target architectures optimised to make best use of Azure, minimising prospective costs and maximising utility, to meet your technical and business objectives. Our findings will be presented and options analysis undertaken working through our opinions and recommendations. From this we will create the High Level Design HLD required by your organisation.

Step 3 – Plan

With the HLD agreed we will get into the detailed planning. There is a general misconception that public cloud is insecure, however by leveraging Azure features like Network Security Groups (NSGs), User Defined Routes (UDRs), Web Application Firewall (WAF), and more, Fordway will build deliver a highly secure environment hosted in Azure. These can be purely cloud hosted or integrated with your on-premises environment using traditional VPNs or using ExpressRoute creating a hybrid solution.

Creating a virtual environment in Azure requires informed planning to minimise costs. Azure Reserved Instances and Azure Hybrid Benefit can provide big savings to customers if planned correctly, but need careful consideration to ensure they meet service availability and flexibility requirements. Storage type (SSD or HDD), storage performance (IOPS) and storage availability (LRS, ZRS, and GRS) are all factors that need to be considered in the design phase. Magnetic storage will be more suitable for high volume, low response data applications; whether to apply data encryption at rest are all that factors that need to be considered during the design phase. Service resilience needs to be designed to meet service availability targets, resilience options are within or between availability zones (AZ) within a region or between regions. If replicating between AZs this will incur data transfer charges, how much replication traffic will there be, and do you really need that level of resilience? These and myriad other decisions will affect the solution design, connectivity, security and ongoing cost.

Incorporating services like Azure Job Scheduler and Azure Automation, Fordway can have VMs automatically resize based on day or month or year to provide extra capacity for busy periods. Azure Automation can also be sued to shut instances, service groups or environments down overnight and at weekends, or at quiet periods, to reduce spending.

When designing your Azure Active Directory (AD), Fordway will consider features like Hybrid Identity, Password Sync, Pass-through Authentication and federation with on-premises AD (ADFS), and where required third-party federation using Azure AD as an identity management solution. This can encompass paid-for SKUs such as Azure AD Premium and Azure Multi-Factor Authentication (MFA) which Fordway can manage through our Microsoft CSP (Cloud Solution Provider) accreditation, Fordway are an accredited Tier 1 (i.e. have a direct relationship with Microsoft) CSP.

Developing the correct backup strategy requires an understanding of how the appropriate technologies work. Azure Backup has a few more options than Azure Site Recovery (ASR) such as whether to use direct backup, Data Protection Manager (DPM) or Azure Backup Server (ABS) in the middle. Data type and source will influence the technology selection.

Using pre-configured service offerings within Operations Management Suite, Fordway can track, monitor, and report on change and environment health. Other features in OMS such as Network Watcher allow Fordway to monitor network health and report when network segments go down and track the source of the problem (e.g. VPN down, router offline, firewall block). We can use the Service Map feature of OMS to record application and service dependencies and map connectivity between service components to better understand application and solution architectures and secure them.

Azure Security Centre provides security best practice and recommendations such as insecure network configurations or services enabled and open on VMs that are exploitable. Add-ons to Azure Security Centre provides warning about missing patches at a VM-level as well as providing in-depth insights into potential attacks such as Remote Desktop, password attacks, and more.

Step 4 – Transform

A dedicated project manager will manage all aspects of the planning, migration and service initiation on Azure. We use industry standard PRINCE2 project controls for the project governance and documentation, with work packages delivering using Agile sprints within the defined project controls. The project manager will provide reports and other project updates through an agreed shared communications plan.

Step 5 – Realise

With the migration successfully completed we move into the Realise phase, the final phase of the ‘Proven Process’. This is the most important phase, that ensures that the desired outcome is achieved, and the business benefits are realised.

Under this phase, we either help your internal staff to achieve the benefits, or take responsibility for service delivery, assurance and management on our customers’ behalf. To assist an in house team we provide comprehensive documentation and perform detailed knowledge transfer workshops to ensure your teams are equipped to support all aspects going forward.

If Fordway are responsible for managing the service our service delivery and management teams will be primed to ensure the transition to steady run state is as frictionless as possible. All our service delivery processes are run to ITIL, certified to ISO20001 and ISO9001, and secured to ISO27001 and Cyber Essentials PLUS.

If responsible for managing the service Fordway will also manage your Azure billing and cost control. Whilst Azure provides Azure Advisor to help provide advice on how to optimise costs and services, we know from experience that the advice given is not always applicable for certain workloads. We will review your configuration to ensure that your service is fit for purpose and that custom alerting is implemented allowing reporting and management on key performance criteria and thresholds.

Azure Resource Manager Tags and Azure Resource Manager Resource Groups enable Fordway to manage billing. We can provide cost-breakdown per service, per environment, and more reflecting how Resource Groups and Tags are deployed. Depending on organisational structure and to manage cost there may be a case for more than one subscription, however, typically, Fordway can manage most situations with a single subscription by leveraging the proper use of the Resource Manager model for RBAC on Resource Groups and resources.

Fordway will provide ongoing subscription management such as financial spend and access control. In addition Fordway can provide end user support through our 24×7 Service Desk. Other service add-ons available from Fordway are:

  • A nominated Fordway Service Delivery Manager to provide internal escalation, service management and scheduled Service Reviews.
  • Ongoing Azure features, license and upgrade advice.
  • Customised service reporting to individual customer requirements.
  • Integration of Fordway’s service management toolsets with a customer’s service management applications.
  • Additional service desk services including end user support and incident management for 3rd party suppliers.
  • Problem management, rectification co-ordination and implementation planning.
  • Change management planning, co-ordination and delivery.
  • Service monitoring and reporting of third party services.
  • Asset management of customer devices and infrastructure.
Print Friendly, PDF & Email