This document is intended for system architects and IT professionals who are interested in understanding the basics of the seamless sign-in features of Azure AD/Office 365 along with planning and deploying such a deployment in their environment.
Technical Guidance on using Organizational Security & Compliance features in Office 365 – Exchange Online
This document provides information about the Rights Management sharing applications to share protected content on all important devices and the Rights Management for individuals to enable anyone to share protected content.
This document provides information about the Microsoft Rights Management connector and how it can be used to provide information protection within existing on-premises deployments that use Exchange Server, Office SharePoint Server or operating systems such as Windows Server 2008 R2 or Windows Server 2012. By following the steps outlined in this document you should be able to successfully prepare your environment to deploy the Azure Rights Management service (Azure RMS), install and configure the Rights Management connector, and start using it within your organization to create and consume protected content.
This document provides information about the Mobile Device Extension for AD RMS, and how it can be deployed on top of existing Windows Server 2012 and Windows Server 2012 R2-based AD RMS clusters to support the important devices with mobile RMS-enlightened applications.
This document is intended to help you previewing and evaluating the Azure Rights Management service technology. For that purpose it contains, as an introduction, a brief information on IPC and the Azure Rights Management service that helps you understand what it is, and how it differs from on-premises Active Directory Rights Management Services (AD RMS). It provides step-by-step information on how to configure and use the Azure Rights Management service to perform rights protection on your corporate content, as well as other details and requirements you would need to successfully evaluate the Azure Rights Management service technology in your environment.
This document describes how Microsoft handles security incidents in Dynamics 365. The Dynamics 365 Security team and various service teams work jointly and take the same approach to security incidents: Preparation; Detection and Analysis; Containment, Eradication, and Remediation; and Post-Incident Activity.
By following the steps outlined in this document you should be able to successfully prepare your environment to leverage this capability, enable it, and monitor the usage of your Azure Rights Management service’s tenant over the time, and thus start using the service within your organization to create and consume protected content in compliance with your own security and IT policies in place
This document is intended to help you evaluating this newly introduced capability. For that purpose, it provides step-by-step information on how to configure and use Azure RMS to perform content protection on your corporate Office document in conjunction with federation on-premises, as well as other details and requirements you would need to successfully evaluate Azure RMS in a federated environment like this.
In this context, this document discusses information classification as the foundation of the cross-organization effort, the suggested approach to sustain such an effort and thus to handle and manage information assets on that basis, as well as the Microsoft services, products, and technologies to consider in this context to implement a relevant information classification and enforcement infrastructure, which constitutes the starting point for an effective Information Protection (IP) system.
This document provides an overview of the various encryption technologies that are currently available or recently announced for Office 365, including features deployed and managed by Microsoft and by customers.
This white paper addresses five key questions to consider.
Technical Guidance for deploying Active Directory Federation Services for Cloud Solution Provider (CSP) partners hosting tenant domains in a single forest infrastructure.
In this white paper, we will explore how one kind of public cloud system, Office 365, works.
This whitepaper explores the benefits of incorporating network topology and traffic-matrix information in VM placement decisions, as well as the challenges preventing organizations from doing so today.
This white paper explores the challenges of controlling the data center's virtualized storage infrastructure.
Survey Methodologies & Results
In this white paper, we will discuss the business and technical reasons to choose a specific data center, or at least narrow down the list to a few that are all equally suitable.
What pitfalls exist, and how can you avoid them? How can you best save time and money?
This paper describes how you can set up Amazon RDS and use it as a drop-in replacement for traditional DBMS, with all the cost, scaling, and agility advantages of deploying software in the cloud.
Many companies have entered the cloud without first checking the weather forecast or performing a risk analysis.
The National Institute of Standards and Technology (NIST) has created a robust, comprehensive cloud definition that has been well-accepted across the IT industry. In this paper we explore the center core of NIST's cloud definition, which has been well accepted throughout the IT industry across vendors, service suppliers, IT organizations, and customers.
The cloud is a great marketing term, with lots of hype behind it. This white paper will define cloud computing using a commonly accepted definition to get past the hype.
IT infrastructure-capacity-management tools can generate infrastructure capacity-related reports, are able to perform historical data analysis and capacity-related analytics, and have IT and business scenario-planning abilities.
This white paper examines the relationship between cloud computing and virtualization. Many people believe that cloud computing requires server (or desktop) virtualization. But does it? We will look at using virtualization without cloud computing, cloud computing without virtualization, and then look at using both together. In each case, we’ll look at where each deployment might be most useful, some use cases for it, and some limitations.
Docker allows software systems to be packaged and maintained in images. Images are templates that describe the software in the package, and, if needed, the software infrastructure (for example, libraries, configuration files, etc.) needed for the software to run.
By far the easiest way to get an initial experience with Azure, "the Microsoft cloud," is by using it to back up one or more Windows servers. The procedure, while more involved than you might think, goes fairly quickly when you have a handy guide nearby.
In this white paper will first examine your options as a SaaS provider, which include Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).
PaaS cloud computing is the middle ground between Infrastructure as a Service (IaaS) and Software as a Service (SaaS).
IaaS clouds provide the infrastructure (physical or virtual servers, networking, and storage) in a manner very similar to what was and is done in a typical data center deployment with traditional applications.
SmartCloud Control Desk is used regularly to retrieve the details of the software installed on the managed PCs. This helps us to keep track of the licenses of the commercial software and to be compliant.
In this white paper, we’ll review Software-Defined Networking (SDN) and briefly touch on its close cousin Network Functions Virtualization (NFV).
Come explore 12 ways in which the Agile methods are valuable. I'll bet that you will find more than a few that could be valuable for you!
This ebook discusses the particular challenges that administrators face when managing Exchange in a virtualized environment, the traditional approaches that exacerbate these challenges, and the key requirements for achieving and maintaining a Desired State in virtual and cloud environments.
PaaS provides a higher-level foundation that hides irrelevant details. Building on PaaS lets development teams focus on what they really care about—their application—rather than on managing infrastructure.
This guide is an introduction to the Azure application platform. It will provide the guidance and direction you need to start building new applications or moving your existing applications to the cloud.
This paper describes what Amazon Auto Scaling is, when to use it, and provides an example of setting up Auto Scaling.
Keeping the business running doesn't just mean recovering data. It means recovering the application that runs that data.
In this white paper, we discuss the five common myths of virtualization management. We highlight, why these are myths and replace them with five truths of virtualization management.
In this white paper we will examine three key new features that show how SQL Server 2016 provides automatic end-to-end security, seamless generation of business analytics, and elastic integration of data in the cloud.
This white paper will discuss the basics of cloud computing, including a brief discussion on the location of the resources, followed by a review of the characteristics of cloud computing and the types (models) available.
The opportunities and challenges BYOD represents are real. Enterprises must make their network infrastructure BYOD-ready to meet the onslaught.
Let's look at 10 ways the cloud will (and to a large degree already has) changed the world.
Cloud computing gets its name from the drawings typically used to describe the Internet. Cloud computing is a new consumption and delivery model for IT services. The concept of cloud computing represents a shift in thought, in that end users need not know the details of a specific technology. The service is fully managed by the provider. Users can consume services at a rate that is set by their particular needs. This ondemand service can be provided at any time.
This 4-step DR planning framework – Business Impact Assessment, Risk Assessment, Risk Management, and Recovery Testing.
This paper showcases examples for deploying robust cloud solutions to maintain highly available and secure client connections. In addition, it uses real-world examples to discuss scalability issues. The goal of this paper is to demonstrate techniques that mitigate the impact of failures, provide highly available services, and create an optimal overall user experience.
Designed specifically for high performance computing, the open source Lustre parallel file system is one of the most popular, powerful, and scalable data storage systems currently available.
This paper introduces problem management and the benefits organizations may derive from implementing a robust problem management framework.
Effective data center infrastructure management strategy can propel the efficiency, utilization, and availability of data center assets and services.
This book approaches DevOps from a software/application engineering and deployment perspective, but there are a number of other key disciplines that need to be part of any major DevOps initiative.
Why Today’s Virtual & Cloud Environments Demand a New Understanding of the Data Center.
In this e-book, you will learn about ransomware, how to defend yourself and your users against it, and how to respond should you fall victim to it. At the end of this guide you will also find additional resources and material to learn more.
While backup appliances are positioned as an easy-to-implement alternative to traditional backup, appliances come with their own set of deployment and management complexities. Organizations need to be fully aware that the category doesn't always stack up as promised. Here are seven myths and facts about backup appliances to keep in mind.
In this white paper, we will discuss the variety of storage solutions available from Amazon Web Services (AWS).
In this white paper, we aim to close that gap quicker and more reliably by explaining the most important aspects of AWS security and what that means to the enterprise.
Like any "big data" initiative, deploying and operating a data warehouse of any size used to be limited to only large enterprises with deep budgets for proprietary hardware and multi-year software licenses. Pay-as-you-go cloud products like Google's BigQuery and AWS's Amazon Redshift change all of that, putting a fully blown, fully managed data warehouse within reach of even the smallest business.
Getting a clear understanding of what Amazon Web Services (AWS) is and how it can help your business can be a daunting task.
The following document provides an overview of one of the latest offerings from cloud leader Amazon Web Services (AWS). It's a product that will enable powerful, massively scalable relational databases in Amazon's cloud environment.
This paper is written for software architects, technical decision makers and companies that want to increase the quality and maturity of their ALM processes.
Support Business Growth with a Better Approach to Scaling Your Data Center
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap. It discusses the challenges that must be recognized and questions that must be considered in order to succeed in this new cloud era.
A simple, fast security solution that helps you focus on what’s important.
Eliminate Expensive Legacy Systems To Achieve Unprecedented Cost Savings
Microsoft remains committed to protecting the privacy of its customers. We understand that strong privacy protections are essential for building trust in the cloud and helping cloud computing reach its full potential. That's why we built Office 365 with strong data protection in mind with a dedicated team of privacy professionals.
This document describes data resiliency in Microsoft Office 365 from two perspectives: How Microsoft prevents customer data from becoming lost or corrupt in Exchange Online, SharePoint Online, and Skype for Business; and How Exchange Online, SharePoint Online, and Skype for Business protect customer data from malware and ransomware.
This document describes the Conditional Access (CA) features in Microsoft Office 365 and Microsoft Enterprise Mobility + Security (EMS), and how they are designed with built-in data security and protection to keep company data safe, while empowering users to be productive on the devices they love. It also provides guidance on how to address common concerns around data access and data protection using Office 365 features.
This document talks generally about different types of attacks and how Microsoft defends Office 365 and its network against those attacks.
In this document, Microsoft provides a detailed overview of how Office 365 maps to the security, privacy, compliance, and risk management controls defined in version 3.0.1-11-24-2015 of the Cloud Security Alliance (CSA) Cloud Control Matrix (CCM).
This document describes the various auditing and reporting features available in Office 365 and Microsoft Azure Active Directory (Azure AD). This document also provides an overview of internal logging that is available to authorized Microsoft engineers for detection, analysis, troubleshooting, and providing Office 365 services.
This document describes how Microsoft handles security incidents in Office 365. The Office 365 Security team and the various service teams work jointly and take the same approach to security incidents: Preparation; Detection and Analysis; Containment, Eradication, and Remediation; and Post-Incident Activity.
This document describes how Microsoft implements logical isolation of customer data in a tenant within the Office 365 multi-tenant environment.
This book explains the importance of DCIM, describes the key components of a modern DCIM system, guides you in the selection of the right DCIM solution for your particular needs, and gives you a step-by-step formula for a successful DCIM implementation.
This guide provides end-to-end guidance on the Docker application development lifecycle with Microsoft tools and services while providing an introduction to Docker development concepts for readers who might be new to the Docker ecosystem.
Discovering the key trends that affect the way IT does business. Learning why flash storage and hyperconverged infrastructure have revolutionized the datacenter. Finding out how the public cloud can enable IT but creates new challenges to overcome.
Understanding why the public cloud is the absolute right choice for all your workloads. Understanding why the private cloud is the absolute right choice for all your workloads. Recognizing why neither one of these is the right answer and why you need an architecture based on characteristics rather than labels.
Discovering the components that define the enterprise cloud. Understanding how public cloud characteristics are associated with your enterprise cloud environment. Finding out how traditional infrastructure can fail to meet modern application needs.
Learning why you should embrace shadow IT. Discovering why the 80/20 rule should no longer apply. Learning how to prepare your people for the new paradigm. Finding out how enterprise cloud affects economics and the replacement cycle.
Enterprise cloud has a bright future in IT, and for good reasons. Here’s a look at ten reasons why enterprise cloud is the future of IT.
To support Intel business groups’ increasing demand for software-as-aservice (SaaS) applications, Intel IT has developed several best practices that can help enhance SaaS security and protect Intel’s intellectual property.
Companies running mission-critical SAP applications are moving to the Microsoft Azure cloud in record numbers to leverage many of the advantages gained by hosting these applications in the cloud.
Following the introduction of server virtualization, servers continued to grow in processing capability, fueled by ever-faster CPU clock speeds.
This eBook has been written in an effort to help Hyper-V administrators to diagnose various problems with the hypervisor and Hyper-V virtual machines.
This paper looks at the impact of I/O latency on the performance of databases and their dependent applications and suggests an affordable option for surmounting the problems at a reasonable cost.
Microsoft SQL Server is an enterprise class relational database management platform and is an integral and indispensable component in most computing environment today with a significant application ecosystem. With the advent of hosted cloud computing and storage, the opportunity to offer a Microsoft SQL Server as an outsourced service is gaining momentum.
This document describes the following: Contained Database Migration Scenarios, Users, Security, High Availability, Backup and Restore.
The following sections explain these capabilities and also enumerate considerations that the Hosting Service Provider (HSP) database administrator has to keep in mind while implementing the Deeper Insights offer.
The demo uses the standard tools that accompany Windows Server 2012 R2, SQL Server 2016 and Microsoft Azure.
Dynamic data masking limits sensitive data exposure by masking it to non-privileged users. It's a data protection feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database is not changed. Dynamic data masking is easy to use with existing applications, since masking rules are applied in the query results.
Deployment Guide for Dynamic Data Masking and Row-level Security
SQL Server 2016 supports a number of capabilities that enable real-time reporting and dashboarding on a high performance, low latency, HADR OLTP database. With these capabilities hosting service providers can offer a high performance database to their customers.
In this document, detailed technical guidance is provided in the context of a customer scenario on how to implement a hyper-scale database offering. For the implementation, the following SQL Server 2016 capabilities are leveraged: Stretched database and Azure Stretch database service, AlwaysOn Availability Groups with asynchronous replica in Azure, In-Memory ColumnStore, Temporal Database.
This document describes the following: Managing in-memory columnstore index and their reference architecture implementation guidance, Getting better performance with in-memory columnstore index.
This document describes the following: Managing in-memory tables and indexes in memory and in storage and their reference architecture implementation guidance, Getting better performance with natively compiled stored procedures and concurrency, when accessing memory-optimized table.
This document talks about implementation of SQL Server 2016's In-memory OLTP technology as of SQL Server 2016 CTP3. Using In-memory OLTP, tables can be declared as 'memory optimized' to enable In-Memory OLTP's capabilities. We're using SQL Server 2016 CTP3 installed on Database server.
SQL Server 2016 introduces Real-time operational analytics, the ability to run both analytics and OLTP workloads on the same database tables at the same time. Besides running analytics in real-time, you can also eliminate the need for ETL and a data warehouse. Real-Time Operational Analytics enables running analytics queries directly on your operational workload using Columnstore indexes thereby eliminating any data latency.
Reference Architecture for SQL Server 2016 Real-Time Operational Analytics.
SQL Server 2016 introduces a number of major capabilities which enable native database level support for centralized implementation and audit of data security policies. With these capabilities hosters can offer Secure database implementations to their customers.
This technical guidance is for CSP (Cloud Solution Provider) partners who have a need to use the Microsoft Azure Blob storage for backing up on-premises SQL Server databases. This document covers how to leverage CSP APIs to create an integrated backup and restore offerings for their customers using Azure Blob storage. The approach used in this document is an example to enable such an offering. This document is not intended to provide a final solution as-is, and also not intended to be the only way to implement a solution to enable backup and restore offering using CSP and Azure Blob storage.
This document details the tasks necessary to implement Microsoft Power BI as a Cloud Services Provider (CSP) partner offering. It describes, in detail, technical requirements and best practices for designing and implementing business intelligence (BI) solutions using a combination of Microsoft Power BI, Cloud Services, hosted, and on-premises data sources.
Develop and Test are key areas where CSP Partners have an opportunity to not only reduce costs, but also significantly improve time to market, as a SQL Server instance in a Microsoft Azure Virtual Machine can be provisioned in minutes, versus days/weeks on-premises depending on resource availability and hardware procurement policy. The primary purpose of this lab is to help Partners quickly understand the key scenarios that will help them deliver Dev\Test solutions tailored to their customers.
This technical guidance is for Cloud Solution Provider (CSP) partners, who would like to leverage this documented installation and configuration of the site-to-site connectivity needed to connect to Tenant subscriptions from an on-premises environment. This document covers both the manual installation and configuration of a site-to-site link using a provided script that creates the Gateway needed and configures the on-premises RRAS server.
The Microsoft Hybrid Cloud High Availability and Disaster Recovery strategy includes the Add Azure Replica option within SQL Server Management Studio. This extension offers Cloud Solution Provider (CSP) customers the opportunity to increase the resilience of their data center operations. Their SQL Server AlwaysOn Availability Group can be extended to the Microsoft Azure Public cloud by provisioning one or more secondary replicas within Microsoft Azure using a subscription.
This document provides guidance on how to gather necessary information from clients to facilitate the initial setup of Microsoft Intune and Azure AD Join services for mobile device and application management. It also provides step by step instructions on how to configure its various features.
This document provides guidance to support the setup and implementation of the Cloud App Discovery service, and enabling single sign-on with Microsoft Online Services. There are two goals with this document. The first is to help CSP Partners to configure and deploy the Cloud App Discovery service for their end customers. This enables the end customers to discover cloud (SaaS) applications that are used by the employees within the organization. The second goal is to help CSP Partners to quickly implement federated identity with Azure Active Directory, enabling the single sign-on solution for their customers.
This document provides guidance to support the setup and implementation Azure Multi-Factor Authentication (MFA) with Microsoft Online Services. The goal of this document is to help CSP organizations to quickly implement Azure Multi-Factor Authentication, part of the Enterprise Mobility Suite (EMS), as a solution for their clients.
This document provides guidance on how to gather necessary information from clients to facilitate the initial setup of Azure Active Directory Premium. It also provides step by step instructions on how to configure its various features.
The goal of this document is to help CSP partners to quickly implement Enterprise Mobility Suite (EMS) solutions for clients who have Office 365 E3/E5 or Office 365 Business Premium. This document provides guidance to support the extension for CSPs looking to enable clients with subscriptions.
This document shows how Managed Services Providers (MSPs) can use Windows Intune™ in conjunction with a professional services automation (PSA) tool such as ConnectWise to create a seamless and efficient workflow.
This document shows how Managed Services Providers (MSP) can use Windows Intune™ in conjunction with a professional services automation (PSA) tool such as the Autotask platform to create a seamless and efficient workflow.
This demo guide contains 3 key scenarios – each demonstrating different value propositions of the Enterprise Mobility Suite. Each scenario can be performed independently. Prior to running through these demo scenarios, please ensure the one-time demo environment and device requirements are met.
This document is a step by step guide to configuring Azure Site Recovery Services (ASR) for Cloud Solution Provider (CSP) partners. The purpose is to help service provider administrators become familiar with the process required to setup and configure the Microsoft Azure, System Center Virtual Machine Manager (VMM), and Hyper-V (HV) environment to utilize the capabilities found within the ASR service.
The Cloud Platform Integration Framework (CPIF) provides workload integration guidance for onboarding applications into a Microsoft Cloud Solution. CPIF describes how organizations, Microsoft Partners and Solution Integrators should design and deploy Cloud-targeted workloads utilizing the hybrid cloud platform and management capabilities of Azure, System Center and Windows Server.
This document outlines the recommended guidance that partners can leverage to successfully set up High Availability and Disaster Recovery scenarios using either SQL Server 2014 Enterprise or SQL Server 2014 Standard editions in an Azure subscription being managed via the CSP Program.
This document is a step by step guide to creating an Azure SQL DB within the context of an Azure Cloud Solution Provider (CSP) subscription for a customer by the CSP reseller. The purpose is to help service provider administrators become familiar with the process (and the variety of mechanisms available) to create an Azure SQL DB.
This solution helps customers take advantage of Microsoft Azure’s scale, elasticity, and per-minute billing to provide more agile and cost effective dev and test labs. In it, Microsoft helps you design a lab solution that lets you balance developer self-service and productivity with standardization and operational control.
Microsoft IT uses Microsoft Azure Security Center to assess and help protect our Azure resources. It gives us prioritized, analytics-based alerts about malicious and suspicious activity, and tips to help us prevent and respond to incidents in real time. This intelligence gives us visibility into our security state, and it gives our DevOps teams that manage cloud deployments deep security know-how.
This paper provides an overview of how Cloud Solution Provider (CSP) program partners can utilize various capabilities of Azure IoT Services to provide high value managed services like monitoring and analyzing the usage, performance, and uptime of customer devices in the field.
This document provides business guidance on how Cloud Solution Provider (CSP) program partners can integrate various capabilities of Microsoft Data Platform to build end-to-end solutions to enable various industry vertical scenarios.
This paper provides an overview of how Cloud Solution Provider (CSP) program partners can utilize various capabilities of Azure SQL database to provide high value managed services like deploying and managing high scale Azure Web Applications with SQL Database as the data tier.
This document provides technical guidance on how Cloud Solution Provider (CSP) program partners can integrate various capabilities of Microsoft Data Platform to build end-to-end solutions to enable various industry vertical scenarios. This document is an addendum to the “Business Guidance” document that highlights business opportunities and enlists scenarios around various industry sectors for creating effective sales offers.
The purpose of this document is to provide guidance for assisting Microsoft Cloud Solution Providers to get started for integrating their business processes and backend systems with Microsoft Cloud Solution Provider program related services and processes.
The goal of the Azure Reference Architecture is to help organizations quickly develop and implement Microsoft Azure-based solutions while reducing complexity and risk. The Azure Reference Architecture combines Microsoft software and recommended compute, network, and storage guidance to support the extension of their datacenter environment through the use of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) constructs.
This document covers the steps for creating a basic Virtual machine in Azure for a customer by a CSP reseller.
Microsoft IT used Microsoft Azure Resource Manager to build modular templates, scripts, and interfaces that automate cloud infrastructure. It helped us ensure consistent deployment and configuration operations and reduced error-prone manual processes.
System Center SCOM/SCSM Management Pack Catalog