As organizations see the economic value of cloud-based computing, they will likely choose to move servers and systems organically from their on-premise data centers into cloud environments. This creates a need to enable a hybrid environment supporting bidirectionally between communication between cloud and on premise resources.
A Hybrid Example Using IoT
For example, Mariner has a customer whose business model is rooted in IoT (Internet of Things). They monitor the sensors of critical devices to provide predictive maintenance services. The sensors, located on the shop floors of our customer’s customers, stream data to local servers where it is subsequently streamed to collector servers in Microsoft’s Azure cloud. Another requirement is to support changes in firmware on their customers’ devices. In this situation, new firmware is streamed from Azure to the on-premise data collection devices to optimize their behavior based upon environmental or equipment conditions or to implement improvements in the devices. We needed to be able to connect the on-premise remote servers securely to our Azure Cloud virtual machines to permit safe, secure and scalable flow of information in both directions.
There are three methods of providing connections between on-premise and cloud networks:
- Secure Site-to-Site VPN
- Secure Point-to-Site VPN
- Private Site-to-Site
(See the illustration below and also Ganesh Srinivasan’s excellent blog post “ExpressRoute or Virtual Network VPN – What’s right for me?”). We chose to use Microsoft Azure’s Point-to-Site VPN since it is the appropriate way to connect a subset of on-premise servers to Azure for our business problem.
Check out our own Angelia Thompkins’s blog post “Azure Point to Site VPN with SQL Server and FileTables” where Angelia will walk you step by step through the process of creating this secure method of on-premise to Azure connectivity.