Windows Azure and the Hybrid Cloud – Part 2

In the last part of this article, we have seen how to extend the business logic and the database to the Cloud. Part 2 will explore how to extend the corporate directory service to enable single sign-on for Cloud applications. We will also see how leveraging Windows Azure Virtual Networking can extend the datacenter to the Windows Azure VMs.

Extending the corporate directory services to the Cloud – Many organizations run Active Directory as the corporate directory service. This LDAP based database is used by applications to authenticate the credentials of users. Since the same database is used by the corporate network to maintain the user profiles, the users logging in once to the Active Directory will automatically get authenticated by all line of business applications. This provides the advantage of single sign-on across multiple applications. Businesses hosting line of business applications will face the challenge of extending the single sign-on beyond the organizational boundaries. Employees of the organization expect their credentials to work even when they login from the applications deployed on the Cloud. This is where the combination of Active Directory Federation Services (AD FS) and Access Control Services (ACS) of Windows Azure will help. When ACS is paired with AD FS, Windows Azure applications can get authenticated against the Active Directory running within the organization behind the firewall. This capability will bring single sign-on across on-premise and Cloud applications.

Securely extend the datacenter to the Cloud - There are scenarios where the infrastructure needs to be extended to the Cloud without compromising on the security, policies and compliance. IT will be able to enumerate the virtual infrastructure running on the Cloud along with on-premise infrastructure and manage them seamlessly. The VMs running on the Cloud will be compliant with the IT policies and the patches and service packs can be pushed to them. For all practical purposes, IT can treat the virtual infrastructure as an extension of the datacenter. Industry standard VPN infrastructure connects the datacenter with the Cloud securely. This will make it extremely convenient to move workloads that still need to communicate with the on-premise servers. This is the most commonly used hybrid strategy by customers.

We looked at some of the hybrid scenarios on Windows Azure to enable business extend their on-premise assets to the Cloud.

- Janakiram MSV, Chief Editor,


Updates from around the world