Microsoft Azure: The German Cloud

I have attended the Microsoft Azure Tour in Frankfurt on Friday and want to share some information about the German Cloud. You can read the article also in German.

During this event Microsoft gave a preview of their German Cloud and shared some background information. So the datacenters are already providing some functionality, but that changes from day to day and Microsoft will publish all services which will be available during GA – Q2/2016.

The German Cloud is planned to be different than the General Public Azure Cloud, because of the special regulation requirements in Germany.

Here are some details:

  • Two datacenters:
    • Germany central – Frankfurt
    • Germany NorthEast – Magdeburg
  • Separated Azure Active Directory:
    • Only a (non-personal) minimum of information is shared
      • to avoid duplicate tenants
      • to find tenants and their regions
    • Only replicated inside Germany

Why that?

German companies need to be sure, that their data stays in the country – to avoid Patriot act problems. That is the reason for this separation. So if you want to use the German Cloud, then you will get a separated tenant to access resources from the German Cloud. There is no direct access to or from the Public Azure Cloud. The two datacenters are replicated over landlines which are hosted from a German company also. The following pictures are only in German, sorry.

20160226_155717256_iOS.jpg

For data privacy reasons the datacenters are also not hosted by Microsoft, T-Systems is taking this part. This is a German Company – part of Telekom – and they take the role of a data trustee who will monitor all activities of Microsoft employees related to customer data in the German Cloud. Microsoft employees will also not be able to work in the datacenter in person without T-Systems supervision. T-Systems will take care that German law is followed. Customers of the German Cloud will have an appendix in their Microsoft contract which establishes a direct contract with T-Systems. The support for the German Cloud will also come directly out of Germany. All companies with an EU EFTA billing address can access the German Cloud.

The following picture shows how this data trustee control will be handled.

20160226_155925088_iOS

More Details:

  • Only the new Azure Portal is available, the old Azure Portal is not deployed
  • No fallback to old portal
  • Missing Services have to be compensated otherwise
    • Like AAD User with PowerShell or Azure AD Connect
  • DataCenters are not part of the MS Backbone
    • Slower storage transport between AzureCloud and AzureGermany
  • New Service endpoints

What does that mean?

  • All services which are currently redirecting to the old Azure Portal will not be available.
  • It would be important to contact Microsoft before you want to use the German Cloud and check which services you need and when they will be available to improve your onboarding experience. The timing is crucial here.
  • You can now design your Environment in the Public Cloud and copy the vms over to the German Cloud, that is possible
    • Transport to German Cloud is slower than in the Public Cloud.
    • PowerShell scripts can be used (see blog below)
    • Configuration (Networks, etc.) needs to be done manual, Microsoft does not provide a point and click solution.
  • If you want to access the service endpoints of the German Cloud then you need to use the new ones with the .de ending.

If you want to participate in the preview then contact Microsoft through azuregermany@microsoft.com.

You can also follow this blog about tips for the German Cloud: http://blogs.technet.com/b/ralfwi/  (only in German!)

 

 

Advertisements
Post a comment or leave a trackback: Trackback URL.

Trackbacks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: