How we migrated on-premise infrastructure of an enterprise customer to Azure
Client needs all his on-premise infrastructure migrated to Azure. He also needs his remote staff laptops / Android / iOS devices to be managed vi Azure for Corporate Data security. The below was the current infrastructure of the of the client.
- Two Hyper-V Hosts running 4 Virtual machines in total.
- One Physical server used to take backups of VMs via Veeam.
- Two office locations where about 300 devices in total connect to on-premise via VPN and join to on-prem Active Directory to access corporate data.
- Users used on-premise Exchange server for email activity.
We needed to deploy a Infrastructure that not only manages the remote devices, but also needed to complete “lift and shift” all on-premises servers and dependencies to cloud as well as to provide corporate data security. The customer was looking for cloud-only model to manage his entire business.
For Corporate Data security of remote devices connecting to Azure, we proposed Microsoft Intune. To migrate the on-premises Hyper-V Infrastructure we used Azure Migrate Tool where at the backend the ASR technology is used. And lastly, Azure backup was proposed as data backup solution.
We deployed another VM at on premise and installed AD-Connect first to sync all user identities to Azure Active Directory. Then Azure AD domain services was deployed to domain join migrated on-premises VMs. The VMs were migrated using Azure Site Recovery or ASR. Azure Backup services were deployed to protect the VMs in Azure. The emails are migrated to Office 365 Plan using Bittitian Tool. We also deployed Azure Intune service with Office 365 E5 Plan for the remote management of Windows 10 Laptop/ Desktop / Android and iOS Devices with defined device and application management policies. Azure VPN was deployed for the admin to remotely and securely manage the Azure Infrastructure. With Azure AD, the remote staff were present with Single Sign on (SSO) experience with their usual corporate applications such as Salesforce, Ring central for meetings, Office365 and others.
We were able to move all on premises servers to Azure thus by eliminating all on-premise dependencies for the business to run. Then all Corporate owned devices (COD) or BYOD devices are able login using Microsoft Intune with Office365 Platform for a unified SSO experience, and thus ensuring data security for Corporate data.
- Azure Active Directory (AAD)
- Azure Active Directory Domain service (AAD DS)
- Single Sign-on (SSO)
- Site to Site VPN
- Point to Site VPN
- Microsoft Intune
- Office 365
- Azure Backup
- Azure Site Recovery (ASR)