We have come across customers who are looking for a starting point or a guideline on assessing their on-premises storage for migration or optimizations. This document has been created as a beginners guide to start the process.
Objective
Task List for Storage Assessment
Capacity Planning in Existing Infrastructure
Network Considerations
Target Storage Types in Azure
Target Data Classification and Categorization
Testing and Validation
Timeline and Milestones
Cost Estimation
Pre Migration Risks
Post Migration Risks
Conclusion
The primary objective is to conduct a comprehensive assessment of the current on-premises storage solutions which are hosting data. This strategic initiative may be driven by upcoming hardware refresh or end of life, a need for optimization by getting rid of unwanted data, increase availability of storage services, improvement in disaster recovery capabilities, and reduce the overall Total Cost of Ownership (TCO)
Task list to complete the storage assessment.
Tools for Assessment
Companies providing storage solutions in the market have their own storage assessment tools
such as HP, Dell EMC, IBM. Check with the customer on the currently available subscriptions. When solution assessment tools were not available manual assessment strategy can be used.
Understanding Current Usage
Using the applications, databases and data centers in scope understand current usage trends across the estate. Sample data provided below.
Workload |
No of Virtual |
Allocated (TB) B |
Data to be deleted (TB) |
Onprem (TB) D |
Data move (TB) |
Total Required storage |
Storage reduction from current allocated space (%) G= (C/F*100) |
Data Migration To cloud |
Application 1 |
|
|
|
|
|
|
|
|
Application 2 |
|
|
|
|
|
|
|
|
Application 3 |
|
|
|
|
|
|
|
|
Application 4 |
|
|
|
|
|
|
|
|
Storage information collected at Data Centre Level
DC Location |
Storage Count in Locations A |
Total Size (TB) |
Allocated Capacity (TB) |
Used Capacity (TB) |
Shared Disk assigned to multiple VMs (TB) |
Data marked for deletion from Used Capacity (TB) |
Data to be migrated to Cloud (TB) |
Data to be kept OnPrem (TB) |
DC 1 |
|
|
|
|
|
|
|
|
DC 2 |
|
|
|
|
|
|
|
|
DC 3 |
|
|
|
|
|
|
|
|
Forecast Future Demand:
Analyze historical data to forecast future demand accurately. Consider factors such as business growth, seasonal variations, and upcoming projects that may impact resource requirements.
Come up with future growth estimate considering some percentage for year-on-year growth in data. This will help estimate growth in storage on cloud.
Data Migration Strategy:
There are two main methods to migrate data from OnPremise to Azure Cloud.
Data is transferred across the network using a VPN or an ExpressRoute.
Detailed information on VPN and Express Route can be found on the provided links.
Data is migrated by shipping data using services like Azure databox, data disk and data box heavy.
Azure data box features and specifications
Data Disk Features and Specifications
Data Box heavy Features and Specifications
Since Data box was the preferred choice. This migration describes databox in further detail.
Azure Data Box Service:
Azure Data Box will serve as the chosen solution due to its hybrid capabilities of seamless import of on-premises data into Azure in offline mode. The overall approach involves transferring data to a Microsoft-provided storage device of 80 TB usable capacity, followed by secure shipment to Azure Data Centers for final upload to the linked storage accounts. The decision to opt for Azure Data Box was taken due to the following considerations:
Once the initial migration is over, incremental data can be migrated to Azure over the network pipe in off peak hours using command line tools such as AZ Copy
*Source of image is internet
The following diagram indicates the flow of data through the Azure Data Box solution from on-premises to Azure and the various security features in place as the data flows through the solution. This flow is for an import order for your Data Box.
Azure Data Box specifications
Diagram source Microsoft Azure Data Box security overview | Microsoft Learn
Connect on-premises infrastructure and Azure Cloud using ExpressRoute on VPN gateway.
There are several important network factors to consider ensuring a secure, reliable, and optimized connection. ExpressRoute provides a dedicated private connection between your on-premises data center and Azure, bypassing the public internet. VPN will create encrypted tunnels, but data will traverse through the internet.
Bandwidth Planning:
For online transfers calculate the bandwidth capacity based on data generated and frequency of transfer. The data generated can be in the form of files. Frequency of transfer can be daily, weekly or monthly based on t business decisions.
You may use the bandwidth calculator free online tool to estimate the targeting bandwidth.
Security and Compliance
Online mode data transfer security
In Online mode data will be transferred either through express route or through VPN.
Express Route provides private dedicated pipe between the source and destination. Traffic can be further filtered using firewalls and NSGs.
VPN provides an encrypted tunnel over the internet for data movement.
If moving data over the internet is not approved by security teams, then express route is the preferred option for dedicated private connectivity.
Security Baseline for ExpressRoute
Offline mode data transfer security
Data box device protection has several features such as passkey, rugged casing, tampering detection, databox specific software, locked boot state, trusted platform module. This ensures only authorized entities can view and access the data.
Data box-related events can be logged for inspection on connections, import, export operations.
Azure offers many storage solution types as referenced in the link below:
Typical migration from OnPrem scenarios involve below storage types.
Azure Blob Storage
Allows unstructured data to be stored and accessed at a massive scale in block blobs.
Available in hot, cool and archive tier.
Azure File Storage
Fully managed cloud file shares that you can access from anywhere using NFS or SMB.
Azure Elastic SAN
Fully integrated solution that simplifies deploying, scaling, managing, and configuring a SAN.
Azure managed Disks
Block-level storage volumes for Azure VMs
Based on the assessment done with different stakeholders of identified data below data classification has been done for the data assets:
Classification of Data for Cloud Movement |
|||
DC Location |
Application |
Data Type on Cloud |
Data size to be moved to Cloud (TB) |
<DC Location Name> |
< Name of Application> |
<BLOB, FILE, SAN, HOT, COOL, ARCHIVE> |
Size of data |
The plan covers various aspects such as data integrity checks, performance testing, user acceptance testing and contingency plans.
Data Validation:
Access and Retrieval Testing:
Search Validation:
Testing with Users:
Security and Access Control Validation:
Regulatory Compliance Checks:
Error Handling and Logging:
Documentation Review:
Stakeholder Communication:
Final Approval and Transition to Production:
Insert your detailed project plan for the storage assessment here indicating all the key milestones
The link from Microsoft provides an estimation of pricing for critical products like Storage Account, Express Route, VPN Gateway, Azure data box and their SKU types.
Total Projected Savings (TCO)
Savings Projection as per Assessment (Date)
|
|
Calculation of Savings |
|
|
|
Description |
Total Assessed Storage A |
Storage retained OnPrem |
Target Storage Type on Cloud |
Target Cloud Storage Cost |
Total storage Released D |
Storage Capacity (TB) |
|
|
|
|
|
Price per Unit( INR) |
|
|
|
|
|
Annual Cost (INR) |
|
|
|
|
|
Savings |
A-(B+C) |
|
|
|
|
Migration Readiness : Evaluate the complexity of the migration process and its impact to business.
Cost : Evaluate the costs of migration, including unexpected expenses due to delays or issues.
Business Continuity Planning: Develop and test business continuity plans to ensure quick recovery in case of unexpected events.
Communication to Stakeholders: Communicate changes to end-users to minimize disruptions during and after migration.
Identity and Access Management: Identify risks related to data security during migration due to unauthorized access or data breaches.
Dependency Mapping: Recognize the risks associated with integrating on-premises systems with Azure services.
Downtime and Service Disruptions: Assess the risk of downtime during migration and loss of service.
Data Sensitivity: Assess the sensitivity of data and classify it accordingly to determine appropriate security measures
Backup and Recovery: Develop a backup and recovery strategy to overcome challenges during migration.
Phased Migration: Consider a phased approach to migrating data. Once the first phase is success migrate the next phase.
Data Encryption: Plan for data encryption at rest or in transit.
Performance Testing: Conduct performance testing to ensure that Azure resources meet the required performance benchmarks.
Training: Provide training to IT staff and end-users on Azure services, security best practices, and compliance requirements.
Monitoring: Use Azure Monitor to continuously track performance, detect issues, and optimize resources.
Governance: Use Azure Policy to enforce organizational standards and compliance requirements.
Identity and Access Management (IAM): Implement strong IAM policies to control access to Azure resources.
Data Encryption: Implement encryption mechanisms for data both in transit and at rest to enhance security.
Threat Monitoring: Leverage Microsoft Defender for Cloud for continuous monitoring, threat detection, and security recommendations.
Communicate assessment results and TCO to higher management.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.