Understanding the Nature of COTS Migrations
Migrating Commercial Off-The-Shelf (COTS) applications to Microsoft Azure requires more care than a standard application migration. These workloads usually depend on strict vendor requirements, fixed upgrade cycles, licensing limitations, and specific operating systems or databases. Because of this, the first step in any COTS migration is a detailed discussion with the software vendor to confirm what Azure services, operating systems, and database platforms they officially support. Many vendors already provide Azure-ready architecture or publish marketplace templates that simplify deployment. Following vendor-supported patterns helps prevent support issues later and ensures the application remains fully certified in the cloud.
Microsoft’s general migration planning guidance is available in the Cloud Adoption Framework: https://learn.microsoft.com/azure/cloud-adoption-framework.
Determining the Level of Change Required
An important part of planning is understanding how much the application needs to change during the migration. Some COTS products can be deployed directly to Azure Virtual Machines without modification, while others benefit from a modernised database platform, such as Azure SQL Managed Instance, or a broader architecture update.
Microsoft explains the different migration approaches, such as rehosting, refactoring, and re-platforming, in its migration strategy guidance:
https://learn.microsoft.com/azure/cloud-adoption-framework/strategies/migrate .
Creating a Stable Azure Landing Zone
A reliable landing zone is essential before hosting any COTS workload. This includes identity integration with Microsoft Entra ID, a secure and segmented virtual network, governance rules, monitoring, and disaster-recovery readiness. A well-built landing zone provides a consistent and compliant foundation that does not need rework once the application goes live.
Microsoft’s recommended design principles for landing zones can be found here:
https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone.
Checking Infrastructure Requirements with the Vendor
COTS vendors typically define specific infrastructure rules, including CPU types, memory profiles, operating system versions, storage performance levels, and expected throughput. For applications that cannot be redesigned, Azure Virtual Machines or Azure VMware Solution are often the most suitable choices. Azure VMware Solution, in particular, is helpful for older or sensitive COTS systems because it preserves an environment similar to the existing on-premises setup.
Details about Azure VMware Solution are available at: https://learn.microsoft.com/azure/azure-vmware/introduction.
Reviewing Licensing and Cost Implications
Licensing for COTS applications can be complex, especially for products that calculate pricing based on physical cores, vCPUs, named users or concurrent users. Moving to Azure may change how these licenses apply, so it is important to verify this with the vendor and understand Microsoft’s guidance on licensing in the cloud.
The general licensing overview for Azure workloads is described at:
Core-Based Licensing Models Guidance.
Modernising Supporting Services Around the Application
Even if the COTS application itself cannot be changed, the surrounding ecosystem usually can. Azure provides several services that can modernise integration, automation and monitoring without altering the main application. For example, Azure API Management can help secure and standardise interfaces (https://learn.microsoft.com/azure/api-management), Logic Apps can automate backend workflows (https://learn.microsoft.com/azure/logic-apps), and Azure Monitor and Microsoft Sentinel can strengthen observability and security (Azure Monitor: https://learn.microsoft.com/azure/azure-monitor, Sentinel: https://learn.microsoft.com/azure/sentinel). These improvements help create a more efficient and reliable environment around the COTS workload.
Designing a Reliable High-Availability and DR Strategy
Both the software vendor and Microsoft should guide the high-availability and disaster-recovery design. Azure supports several resilience models, including Availability Zones, paired regions, disk replication and Azure Site Recovery. Choosing the correct approach depends on vendor support and the criticality of the application.
Azure’s disaster-recovery guidance is available here:
https://learn.microsoft.com/azure/site-recovery/site-recovery-overview.
Running a Pilot Before Full Migration
Before shifting the entire workload, running a pilot migration helps validate performance, integration behaviour, authentication flows and operational processes. A pilot makes it easier to identify gaps early and reduces the risk of problems during cutover. Azure Migrate provides tools to assess and validate workloads before moving them:
https://learn.microsoft.com/azure/migrate.
Aligning Operations After Migration
Once the application is running in Azure, day-to-day operations should be adjusted to match cloud practices. This includes defining monitoring thresholds, incident-response steps, backup routines and runbooks.
Microsoft’s Well-Architected Framework offers guidance for building stable, secure and efficient cloud operations: https://learn.microsoft.com/azure/well-architected.
Continuous Optimization After Stabilization
After the environment settles, organisations can gradually optimise performance, improve security, tune resources and reduce cost. Azure Advisor provides recommendations for cost savings, reliability and performance improvements based on real usage data.
More details can be found at: https://learn.microsoft.com/azure/advisor/advisor-overview.
Summary:
Migrating COTS applications to Azure is not a simple lift-and-shift task. It requires careful alignment with the vendor, proper landing zone preparation, validation of infrastructure requirements, modernisation of supporting services and strong operational processes. With the right planning and use of Microsoft’s guidance, organisations can reduce risks, improve reliability and build a long-term foundation for analytics, automation and future AI-driven capabilities.
Microsoft