Microsoft Azure Cloud Foundation Implementation

Onrego’s Microsoft Azure Cloud Foundation Implementation is a concept designed to implement key cloud scenarios that align with customer’s business needs and strategies.

The concept relies on the Azure Reference Architecture, guidance developed over thousands of engagements that take into account a range of considerations including subscriptions, storage, network, identity, application architecture, high availability and disaster recovery, automation, management, load balancing, websites, database, analytics and media. The concept helps our customers to make Microsoft Azure an integrated part of their IT strategy and portfolio.


Overview of Microsoft Azure Cloud Foundation Implementation

High-level design and implementation of a base networking, storage, identity and compute infrastructure in your Azure subscription model. The concept leverage the Microsoft Services Azure Reference Architecture (AZRA) recommended practices and design patterns including topics such as identity, subscription, compute, storage, network, security planning, and operations among others.

The benefits using Azure Reference Architecture (AZRA) are

+ tested deployment model, deployed right the first time

+ reduced time to deployment

+ predictable and achievable service-level agreements

+ world-class user experience

+ more workload capabilities realized



Contents of Microsoft Azure Cloud Foundation Implementation

Contents of Microsoft Azure Cloud Foundation Implementation

  • Azure Subcription Model
    • Establish Required Subscriptions and Administrators
    • Azure Subscrption Model Build Phase Complete
  • Azure Networking
    • Establish Required Virtual Networks (address space and subnets)
    • Establish Required/Interim S2S or P2S VPN Connection
    • Establish Name Resolution (DNS)
    • Establish any required Vnet-to-Vnet Connectivity
    • Identify and establish required network security settings (NSGs, Force Tunneling, Egress planning)
    • Develop ARM Template for Network Design
    • ExpressRoute (transitioning from S2S VPNs to Carrier & ExpressRoute)
      • Dependency: Carrier ExpressRoute Circuit In-Place
      • ExpressRoute Service (Azure) Configuration (Carrier, Gateway and VLAN/IP Configuration)
  • Azure Storage
    • Configure Base Storage Account Stamp
    • Enable Storage Account Management and Monitoring Capabilities
    • Upload Required OS Images into Azure Subscription
    • Implement Data Protection Mechanisms in Storage
    • Develop ARM Template for Storage Design
    • Azure Storage Build Phase Complete
  • Azure Identity
    • Extend AD DS Domain Controllers to Azure
    • Configure Azure Active Directory Tenant
    • Establish Azure Active Directory (AAD) synchronization
    • Enable Required Federation (ADFS)
    • Azure Identity Management Build Phase Complete
  • Azure Management, Monitoring and Maintenance
    • Management
      • Implement Virtual Machines for required IaaS management tools (up to 5 management servers within Azure as defined below)
      • Extend IaaS VM AntiVirus infrastructure (with deployment 10 agents maximum)
      • Extend IaaS Virtual Machine Backup/HA (with deployment 10 agents maximum)
    • Monitoring
      • Configure Azure Portal Monitoring (Alerts, Thresholds, Operational Monitoring)
      • Extend Operations Management Infrastructure (Server Monitoring – with deployment of 10 agents maximum)
    • Maintenance
      • Extend Patch Management Infrastructure
    • Azure Management, Monitoring and Maintenance Activitites Complete
  • Azure Compute
    • Establish Gallery Items
    • Develop sample ARM template to deploy a sample virtual machine workload into Azure
  • Stabilize
    • Validate ARM Templates and Azure Infrastructure Design
    • Perform operational transition of the Azure Subscription
  • Deploy
    • Close-out Meeting



Outcome of the service

The customer gets a fully functional Azure environment which is an essential base for secure, well-managed and reachable cloud.




Public Cloud Governance Model should be designed prior to Microsoft Azure Cloud Foundation Implementation. We suggest using Onrego’s Public Cloud Governance Model service.