Tweet
Tweet

Slide 1

Slide 1 text

1 1 But as private as possible…. 11. Mai 2023 Azure PaaS

Slide 2

Slide 2 text

2 2 About me Stephan Graber Partner | Azure Architect stephan@grabx.ch

Slide 3

Slide 3 text

3 3 Azure PaaS – but secure please Cloud a bit topic Security baselines strict as on prem Migration with a refactoring

Slide 4

Slide 4 text

4 4 Azure PaaS – easy deployment Public access often default option Firewall on service can help manage access

Slide 5

Slide 5 text

5 5 One option – service endpoints

Slide 6

Slide 6 text

6 6 Service Endpoints Routing

Slide 7

Slide 7 text

7 7 Private Endpoints to the rescue

Slide 8

Slide 8 text

8 8 DNS Considerations

Slide 9

Slide 9 text

9 9 DNS Private Resolver

Slide 10

Slide 10 text

10 10 Custom DNS Server

Slide 11

Slide 11 text

11 11 Demo

Slide 12

Slide 12 text

12 12 Portal Access

Slide 13

Slide 13 text

13 13 Internal Communication from PaaS

Slide 14

Slide 14 text

14 14 vNET Integrations Access to other services in private network Secure Communication

Slide 15

Slide 15 text

15 15 Cross Tenant Private Endpoint

Slide 16

Slide 16 text

16 16 How to make sure that no services have public access Govern your environment Secure Communication

Slide 17

Slide 17 text

17 17 Azure Private Link Scope

Slide 18

Slide 18 text

18 18 What are the “issues”?

Slide 19

Slide 19 text

19 19

Slide 20

Slide 20 text

20 20 Internal APIM Forced Tunneling

Slide 21

Slide 21 text

21 21 Logic App - Connectors vNet Integrated

Slide 22

Slide 22 text

22 22 App Service Environment Azure App Service is a multi-tenant PaaS environment for building, deploying, and scaling web apps and APIs Azure App Service Environment is the premium, single-tenant variation of Azure App Service, on which to deploy enterprise applications for compliance oriented organizations

Slide 23

Slide 23 text

23 23 Key takeaways PaaS Service can be private with Private Endpoint even cross Tenant. Not every scenario is supported, but it is getting better very day

Slide 24

Slide 24 text

24

Slide 25

Slide 25 text

29 29 2021 Unsere Geschichte Eine Übersicht heute 1. Mitarbeiter Aufbau Software Entwicklung-sparte – 2. Mitarbeiter 3 neue Mitarbeiter 4. Partner Gründung: 3 Partner xxx 2019 Juli 2020 September September Juli Strategische Partnerschaft mit isolutions AG April Januar

Slide 26

Slide 26 text

30 30 Zahlen und Fakten Über uns… SO based 8 Mitarbeiter 30 Jahre Ø Alter 100+ Erfolgreiche Projekte 1Mio.+ Umsatz im 2021 20+ Kunden Cloud only

Slide 27

Slide 27 text

31 31 Unser Spirit 6 Kernwerte… Vertrauen Transparenz Agil Leidenschaftlich Befähigen Sicher

Slide 28

Slide 28 text

32 32 Unser Spirit 6 Kernwerte und 3 Prinzipien CLOUD ONLY ARBEIT MIT SCHLÜSSELPERSONEN KLARER AUFTRAG

Slide 29

Slide 29 text

33 33 Kundenlandschaft – Fokus KMUs Ausgewählte Kunden

Slide 30

Slide 30 text

34 34 Unser Angebot

Slide 31

Slide 31 text

35 35 Unser Hauptangebot Übersicht HAUPTANGEBOTE AZURE/COMPUTE USER ADOPTION SECURITY SOFTWARE DEVELOPMENT/REFACTORING MODERN WORKPLACE

Slide 32

Slide 32 text

36 36 Security Angebot: Security Details M365 / Azure Governance Security Assessment Microsoft Defender for Endpoint Cloud App Security Information Protection

Slide 33

Slide 33 text

37 37 Modern WP Angebot: Modern Workplace Details Windows 10 Management Mobile Device Management M365 Setup

Slide 34

Slide 34 text

38 38 Software Entwicklung Angebot: Software Entwicklung Details Refactoring Customise Software Websites

Slide 35

Slide 35 text

39 39 User Adoption Angebot: User Adoption Details Workshops & Schulungen Champions Community Support

Slide 36

Slide 36 text

40 40 What’s next? DevOps DEV OPS Operate Deploy Release Monitor Plan Code Build Test Unser Fokus bis vor kurzem…

Slide 37

Slide 37 text

41 41 Status Quo im Wiederspruch mit unserer Vision DEV Unser Fokus bis vor kurzem… THE PREFERRED E2E CLOUD SERVICE PROVIDER OF SMEs vs. Plan Code Build Test

Slide 38

Slide 38 text

42 42 Unsere Services Existierend EXISTING AVD Service / M365 Desktops Support Service Azure Firewall Service