Microsoft Azure Cloud Series – Azure External Connectivity Options – Part 4

Hello Everyone….Today I will go over the Azure External Connectivity Options.  There is a lot flexibility depending your needs of your workload/application with Azure. So let’s dive in and go into each option start at the bottom as shown in the handy graph below:

Azure External Connectivity Options

azureexternal Azure External Connectivity Options

Private Site-to-Site Connectivity – ExpressRoute

ExpressRoute provides organizations a private, dedicated, high-throughput network connection between Windows Azure datacenters and their on-premises environment. See my blog post on ExpressRoute from last year for more details.  Below is a comparison from traditional site-to-site tunnel versys Express

ER-compare Azure External Connectivity Options

Site-to-Site Connectivity

A Site-to-Site VPN allows you to create a secure connection between your on-premises site and your virtual network. To create a Site-to-Site connection, a VPN device that is located on your on-premises network is configured to create a secure connection with the Azure VPN Gateway. Once the connection is created, resources on your local network and resources located in your virtual network can communicate directly and securely. Site-to-Site connections do not require you to establish a separate connection for each client computer on your local network to access resources in the virtual network.

AzureS2S Azure External Connectivity Options


A Point-to-Site configuration allows you to create a secure connection to your virtual network from a client computer, individually. A VPN connection is established by starting the connection from the client computer. This is an excellent solution when you want to connect to your VNET from a remote location, such as from home or a conference, or when you only have a few clients that need to connect to a virtual network. Point-to-Site connections do not require a VPN device or a public-facing IP address in order to work.

AzureP2S Azure External Connectivity Options

Service Bus

Service Bus is a generic, cloud-based messaging system for connecting just about anything – applications, services, and devices – wherever they are. Here are of the basic fundamentals.

Different situations call for different styles of communication and this one is for more complex scenarios.  Sometimes, letting applications send and receive messages through a simple queue is the best solution. In other situations, an ordinary queue isn’t enough; a queue with a publish-and-subscribe mechanism is better. In some cases, all that’s really needed is a connection between applications; queues aren’t required. Service Bus provides all three options, enabling your applications to interact in several different ways.

Service Bus is a multi-tenant cloud service, which means that the service is shared by multiple users. Each user, such as an application developer, creates a namespace, then defines the communication mechanisms she needs within that namespace. See below pic on how this looks.

Service Bus provides a multi-tenant service for connecting applications through the cloud.
svcbus_01_architecture Azure External Connectivity Options

Within a namespace, you can use one or more instances of four different communication mechanisms, each of which connects applications in a different way. The choices are:

  • Queues, which allow one-directional communication. Each queue acts as an intermediary (sometimes called a broker) that stores sent messages until they are received. Each message is received by a single recipient.
  • Topics, which provide one-directional communication using subscriptions-a single topic can have multiple subscriptions. Like a queue, a topic acts as a broker, but each subscription can optionally use a filter to receive only messages that match specific criteria.
  • Relays, which provide bi-directional communication. Unlike queues and topics, a relay doesn’t store in-flight messages-it’s not a broker. Instead, it just passes them on to the destination application.
  • Event Hubs, which provide event and telemetry ingress to the cloud at massive scale, with low latency and high reliability.

When you create a queue, topic, relay, or Event Hub, you give it a name. Combined with whatever you called your namespace, this name creates a unique identifier for the object. Applications can provide this name to Service Bus, then use that queue, topic, relay, or Event Hub to communicate with one another.

To use any of these objects, Windows applications can use Windows Communication Foundation (WCF). For queues, topics, and Event Hubs Windows applications can also use Service Bus-defined messaging APIs. To make these objects easier to use from non-Windows applications, Microsoft provides SDKs for Java, Node.js, and other languages. You can also access queues, topics, and Event Hubs using REST APIs over HTTP.

It’s important to understand that even though Service Bus itself runs in the cloud (that is, in Microsoft’s Azure datacenters), applications that use it can run anywhere. You can use Service Bus to connect applications running on Azure, for example, or applications running inside your own datacenter. You can also use it to connect an application running on Azure or another cloud platform with an on-premises application or with tablets and phones. It’s even possible to connect household appliances, sensors, and other devices to a central application or to one other. Again, Service Bus is a generic communication mechanism in the cloud that’s accessible from pretty much anywhere. How you use it depends on what your applications need to do.

Azure Data Factory

Data Factory is a cloud-based data integration service that orchestrates and automates the movement and transformation of data. Just like a manufacturing factory that runs equipment to take raw materials and transform them into finished goods, Data Factory orchestrates existing services that collect raw data and transform it into ready-to-use information.

Data Factory works across on-premises and cloud data sources and SaaS to ingest, prepare, transform, analyze, and publish your data. Use Data Factory to compose services into managed data flow pipelines to transform your data using services like Azure HDInsight (Hadoop) and Azure Batch for your big data computing needs, and with Azure Machine Learning to operationalize your analytics solutions. Go beyond just a tabular monitoring view, and use the rich visualizations of Data Factory to quickly display the lineage and dependencies between your data pipelines. Monitor all of your data flow pipelines from a single unified view to easily pinpoint issues and setup monitoring alerts.

data-factory-overview Azure External Connectivity OptionsCollect data from many different on-premises data sources, ingest and prepare it, organize and analyze it with a range of transformations, then publish ready-to-use data for consumption.

You can use Data Factory anytime you need to collect data of different shapes and sizes, transform it, and publish it to extract deep insights – all on a reliable schedule. Data Factory is used to create highly available data flow pipelines for many scenarios across different industries for their analytics pipeline needs. Online retailers use it to generate personalized product recommendations based on customer browsing behavior. Game studios use it to understand the effectiveness of their marketing campaigns and the use cases go on…..

So, as you can see, there are lots of options for connecting your on-premise environment with Azure and that dovetails me into the next topic in the series, Azure VNET’s….Until next time, Rob……

Microsoft Azure Cloud Series – Understanding the Stack, Who Manages What? – Part 2

In today’s IT, there are lot of discussions in the about different terms like PaaS, IaaS, and SaaS.  So what do all of these cloud acronyms mean?

I’m going to give you the simplest explanation I can, to help you understand the difference between SaaS, IaaS, and PaaS. First, let’s expand those acronyms! Software as a Service, Infrastructure as a Service, and Platform as a Service are all just different types of clouds.

Understanding the Stack

New Choices for Delivering IT

The cloud provides options for approach, sourcing, and control.  It delivers a well-defined set of services, which are perceived by the customers to have infinite capacity, continuous availability, increased agility, and improved cost efficiency. To achieve these attributes in their customers’ minds, IT must shift its traditional server-centric approach to a service-centric approach.  This implies that IT must go from deploying applications in silos with minimal leverage across environments to delivering applications on pre-determined standardized platforms with mutually agreed upon service levels.  A hybrid strategy that uses several cloud options at the same time will become the norm as organizations choose a mix of various cloud models to meet their specific needs.

Typical Service Models

Software as a Service

Software as a Service (SaaS) delivers business processes and applications, such as CRM, collaboration, and email, as standardized capabilities for a usage-based cost at an agreed, business-relevant service level. SaaS provides significant efficiencies in cost and delivery in exchange for minimal customization and represents a shift of operational risks from the consumer to the provider. All infrastructure and IT operational functions are abstracted away from the consumer.

Platform as a Service

Platform as a Service (PaaS) delivers application execution services, such as application runtime, storage, and integration for applications written for a pre-specified development framework. PaaS provides an efficient and agile approach to operate scale-out applications in a predictable and cost-effective manner. Service levels and operational risks are shared because the consumer must take responsibility for the stability, architectural compliance, and overall operations of the application while the provider delivers the platform capability (including the infrastructure and operational functions) at a predictable service level and cost.

Infrastructure as a Service

Infrastructure as a Service (IaaS) abstracts hardware (server, storage, and network infrastructure) into a pool of computing, storage, and connectivity capabilities that are delivered as services for a usage-based (metered) cost. Its goal is to provide a flexible, standard, and virtualized operating environment that can become a foundation for PaaS and SaaS.

IaaS is usually seen to provide a standardized virtual server. The consumer takes responsibility for configuration and operations of the guest Operating System (OS), software, and Database (DB). Compute capabilities (such as performance, bandwidth, and storage access) are also standardized.
Service levels cover the performance and availability of the virtualized infrastructure. The consumer takes on the operational risk that exists above the infrastructure.

Understanding the Stack

Infrastructure as a Service with Azure Virtual Machines

In short, IaaS gives you a server in the cloud (virtual machine) that you have complete control over. With an Azure VM, you are responsible for managing everything from the Operating System on up to the application you are running.

On-demand data centers, also known as IaaS, provide compute power, memory, and storage, typically priced per hour, based on resource consumption. You pay only for what you use, and the service provides all the capacity you need, but you are responsible for monitoring, managing, and patching your on-demand infrastructure.

The biggest advantage of IaaS is that it offers a cloud-based data center without requiring you to install new equipment or to wait for the hardware procurement process. This means you can get IT resources that otherwise might not be available.

This mode of operation will feel most like a typical on premises virtual machine where you remote desktop into the server to manage it instead of sitting down in front of a physical keyboard and mouse.

Platform as a Service – Azure Cloud Services

An Azure Cloud Service consists of two components: your application files (source code, DLLs, etc.) and a configuration file. Together, these two elements will spin up a combination of Web Roles and Worker Roles to execute your application. With Cloud Services, Azure handles all of the tedious Operating System details for you, so you can focus on what matters – building a quality application for your users.

A Web Role is an Azure VM that is pre-configured as a web server (running IIS) and will automatically have your application loaded on it by the time the server fully spins up. This will create the public endpoint for your application – usually a website, but it could also be an API or something similar.

Worker Roles run alongside your Web Roles and are responsible for performing computing functions to support your application. Typically, the Web Role will accept some sort of user input and queue up an action for the Worker Role to process at a later time. This allows the Web Roles to be more responsive and to fire-and-forget tasks to be processed later.

Understanding the Stack

Software as a Service – Basecamp, Salesforce, Office 365, Azure Websites

Finally, Software as a Service applications are built and hosted through 3rd party vendors who typically charge for a certain level of service – $30/month for X projects and Y users.

Azure Websites can serve as a SaaS offering as well. You can configure a WordPress, Drupal, OpenX, or even phpBB site with a single click. No code, no deployment hassles, and minimal configuration. Azure Websites lets you stand up the service you need in minutes, not hours or days.

Most SaaS applications today are built on a cloud platform due to the low cost of entry – with prices continually falling – and the ability to scale up as your customer base grows. If Dropcam, SmugMug, or Netflix got one million new customers tomorrow, their infrastructure (Amazon Web Services) would be able to accommodate them.


  • Software-as-a-Service (SaaS) means you’re renting the app or software
  • Platform-as-a-Service (PaaS) means that you’re renting everything but the app or software
  • Infrastructure-as-a-Service (IaaS) means you’re renting only the hardware as well as the tools used to manage the hardware

While each Azure Compute (IaaS) offering has their pros and cons, I personally prefer to build my projects around PaaS. With PaaS, you get the maximum possible amount of flexibility before you have to start worrying about the tedious world of OS maintenance, versions, security, patches, etc. Until next time, Rob.