AzureBootcamp2023: Azure PaaS, but as private as possible by Stephan Graber

Transcript

1. 1 1 But as private as possible…. 11. Mai 2023

   Azure PaaS

2. 2 2 About me Stephan Graber Partner | Azure Architect

   [email protected]

3. 3 3 Azure PaaS – but secure please Cloud a

   bit topic Security baselines strict as on prem Migration with a refactoring

4. 4 4 Azure PaaS – easy deployment Public access often

   default option Firewall on service can help manage access

5. 5 5 One option – service endpoints

6. 6 6 Service Endpoints Routing

7. 7 7 Private Endpoints to the rescue

8. 8 8 DNS Considerations

9. 9 9 DNS Private Resolver

10. 10 10 Custom DNS Server

11. 11 11 Demo

12. 12 12 Portal Access

13. 13 13 Internal Communication from PaaS

14. 14 14 vNET Integrations Access to other services in private

    network Secure Communication

15. 15 15 Cross Tenant Private Endpoint

16. 16 16 How to make sure that no services have

    public access Govern your environment Secure Communication

17. 17 17 Azure Private Link Scope

18. 18 18 What are the “issues”?

19. 19 19

20. 20 20 Internal APIM Forced Tunneling

21. 21 21 Logic App - Connectors vNet Integrated

22. 22 22 App Service Environment Azure App Service is a

    multi-tenant PaaS environment for building, deploying, and scaling web apps and APIs Azure App Service Environment is the premium, single-tenant variation of Azure App Service, on which to deploy enterprise applications for compliance oriented organizations

23. 23 23 Key takeaways PaaS Service can be private with

    Private Endpoint even cross Tenant. Not every scenario is supported, but it is getting better very day

24. 24

25. 29 29 2021 Unsere Geschichte Eine Übersicht heute 1. Mitarbeiter

    Aufbau Software Entwicklung-sparte – 2. Mitarbeiter 3 neue Mitarbeiter 4. Partner Gründung: 3 Partner xxx 2019 Juli 2020 September September Juli Strategische Partnerschaft mit isolutions AG April Januar

26. 30 30 Zahlen und Fakten Über uns… SO based 8

    Mitarbeiter 30 Jahre Ø Alter 100+ Erfolgreiche Projekte 1Mio.+ Umsatz im 2021 20+ Kunden Cloud only

27. 31 31 Unser Spirit 6 Kernwerte… Vertrauen Transparenz Agil Leidenschaftlich

    Befähigen Sicher

28. 32 32 Unser Spirit 6 Kernwerte und 3 Prinzipien CLOUD

    ONLY ARBEIT MIT SCHLÜSSELPERSONEN KLARER AUFTRAG

29. 33 33 Kundenlandschaft – Fokus KMUs Ausgewählte Kunden

30. 34 34 Unser Angebot

31. 35 35 Unser Hauptangebot Übersicht HAUPTANGEBOTE AZURE/COMPUTE USER ADOPTION SECURITY

    SOFTWARE DEVELOPMENT/REFACTORING MODERN WORKPLACE

32. 36 36 Security Angebot: Security Details M365 / Azure Governance

    Security Assessment Microsoft Defender for Endpoint Cloud App Security Information Protection

33. 37 37 Modern WP Angebot: Modern Workplace Details Windows 10

    Management Mobile Device Management M365 Setup

34. 38 38 Software Entwicklung Angebot: Software Entwicklung Details Refactoring Customise

    Software Websites

35. 39 39 User Adoption Angebot: User Adoption Details Workshops &

    Schulungen Champions Community Support

36. 40 40 What’s next? DevOps DEV OPS Operate Deploy Release

    Monitor Plan Code Build Test Unser Fokus bis vor kurzem…

37. 41 41 Status Quo im Wiederspruch mit unserer Vision DEV

    Unser Fokus bis vor kurzem… THE PREFERRED E2E CLOUD SERVICE PROVIDER OF SMEs vs. Plan Code Build Test

38. 42 42 Unsere Services Existierend EXISTING AVD Service / M365

    Desktops Support Service Azure Firewall Service