1

Azure Case Study for high demand workloads and IoT

Customer: Multinational Oil & Gas Company

Biggest Pain Point: End-to-End data security and UDR management

Business Challenges

  • Data is the most important thing for us and sending data securely to cloud is a big concern
  • Terabytes of data analysis in cloud is expensive, time consuming and not efficient
  • Visibility and troubleshooting

Technical Challenges

  • Management of cloud resources, IoT devices and SDWAN via separate consoles
  • Scalability of IoT Edge devices
  • UDR Management
  • Sending data from IoT devices to Azure IoT Hub with encryption and get it inspected by NGFWs in the cloud
  • Remote IoT devices don't have enough throughput to transfer terabytes of data
  • Native constructs are black-boxes, must proof innocence to CSP support which increase network downtime
  • Automation, operational visibility and troubleshooting

Cloud 1.0 Architecture

  • Single Region with multiple hubs
  • On-Prem DC is connected via ExpressRoute
  • IoT devices with SDWAN edges used for cloud connectivity
  • Traffic analysis and computation via Azure IoT Hub
  • Prod, Dev, Test and On-Prem traffic inspected by Azure FWs using UDRs

 

Requirements

  • Common, repeatable architecture across multiple Azure regions (future)
  • Architecture must support large number of IoT devices and provide traffic engineering capabilities
  • Network segmentation at the VNet level
  • Automated UDR management
  • Highly available and scalable architecture
  • End-to-End encryption from On-Prem and remote IoT devices to cloud
  • Intra/Inter-Region (East-West & North-South) traffic inspection via scale-out NGFW in the cloud using policy-based controls
  • Single pane of glass to manage cloud and IoT connectivity, orchestrate, automate and troubleshoot

Good to have

  • Multi-Cloud Optionality
  • Private SaaS

Multi-Cloud 2.0 Architecture

 Benefits

  • Common repeatable architecture can be extended to any Azure region or CSP
  • NS & EW Traffic is inspected via automated policy based NGFW inspection in the cloud
  • SDWAN edges eliminated from the IoT edge devices and replaced by virtual CloudN packaged inside IoT edge devices to provide simple, secure and automated connectivity to the cloud (Satellite, LTE, T1/T3)
  • Aviatrix CloudN devices will provide line rate ExpressRoute encryption for plant’s IoT devices and other On-Prem resources
  • Most of data analysis is done by smart IoT devices, no need to send terabytes of data to cloud
  • Aviatrix providing complete UDR management, traffic engineering, network correctness and traffic redirection of traffic to NGFWs
  • Aviatrix single pane of glass providing visibility and troubleshooting tools
  • Aviatrix platform is providing end-end encryption from On-Prem/IoT edge devices to cloud resources
  • Scalability
  • Reduced Cost
  • Dynamic Topology Map
  • Latency Monitoring
  • Heat Maps
  • Top Talkers
  • Notifications
  • Packet Captures
  • Routing Tables and Security Groups Visibility
Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like1 Follow
  • 1 Likes
  • 2 mths agoLast active
  • 48Views
  • 2 Following