Ultimate Guide To Migrating & Optimizing Your: Windows Workloads With Agilisium On AWS
Ultimate Guide To Migrating & Optimizing Your: Windows Workloads With Agilisium On AWS
Optimizing your
Windows Workloads with
Agilisium on AWS
Many customers with large volumes of Microsoft workloads, including NextGen Healthcare and Jobvite, are “all in” with AWS.
Some of the largest enterprises in the world, including Dole, Hess, Expedia, Suncorp, and Pitney Bowes run their Microsoft
workloads on AWS as part of a hybrid architecture. AWS has an active Premier Support agreement with Microsoft, meaning that
customers who host their Microsoft workloads on AWS receive support from both AWS and Microsoft. AWS is a member of the
Microsoft Partner Network, licensed to resell Microsoft software via the Service Provider License Agreement (SPLA), an
authorized License Mobility partner, and a Microsoft Gold Certified Hosting Partner.
3
While the pandemic disrupted much of how people do business, it spiked the use of digital technologies and exposed the need
for businesses to keep up with digital transformations.
Business executives are already overseeing more functions run more digitally than physically. It's a call for businesses to
prioritize workload optimization to get the highest level possible of app performance out of the computing platforms they invest
in.
Additionally, businesses must step up on how they address new client needs by shifting from on-premise windows workload
optimization to cloud technologies that do much more.
If your business depends on an on-premises windows workload optimization, it is time to move on to windows workloads on
Amazon Web Services. There are many benefits to it like we'll discuss here.
Save on IT Spending
Cutting costs is an undeniable benefit of using cloud services. A study conducted by IDC on 12 organizations across different
industries showed that each organization saved up to $46 million per year on IT spending by using cloud computing.
On-premise data storage hardware has many disadvantages including space and energy consumption. They also add to your
operating costs because they demand that you have IT technicians on board. Cloud computing reduces power usage and space
taken up by on-premise hardware. With cloud computing, space and energy costs are transferred to your provider. It's also
easier to determine payment too. You only pay for what you use.
On-premise data centers demand expensive purchases. You may also need to cordon off these servers and incur extra costs.
Some business owners have had to buy spare pieces of hardware in case the systems fail at a critical time. AWS cloud has data
centers in more than one location and backs up your data and apps.
4
Companies pay a hefty price for going offline. Some lose up to $300,000 during downtime. Cloud computing is not only faster
but more reliable and rarely causes downtime.
Increased Efficiency
On-premise computing needs regular maintenance from IT staff. While cloud computing cannot replace your entire IT depart-
ment, it gets the maintenance off their hands so they can focus on aspects that grow your business.
Cloud computing shifts the focus of your business from worrying about data, data storage, and security to growth. Besides
cutting costs, it promotes data accessibility to users while making it hard for hackers to intrude or companies to lose important
data.
Traditional infrastructure prevents businesses from keeping up with tech trends. AWS on the other hand allows seamless func-
tionality and prevents data overloads. Some of the businesses that have greatly benefitted from the scalability of cloud comput-
ing are on-demand video platforms and taxi companies.
5
Strong Internal Firewall
Perimeter firewalls secure data from intrusion from the outside. But internal breaches are 100% possible. Internal
firewalls were made to prevent internal data threats.
Typically, internal threats come from staff user accounts. They can also come from an abuse of data access privileges
from those who have them. As a rule of thumb, internal firewalls should separate personal applications from the
company database to prevent internal breaches.
Data Encryption
Cloud encryption is more than just passwords. Cloud IT experts transform the data before they transfer it to their off-site
stores. Your cloud provider then gives encryption keys to the people you authorize. The keys transform the data into
understandable information.
This process is a step above passwords and helps you keep information safe. Even if found, a layperson would not be able
to read the coded language. If they can't read it, they can't use it for themselves or against you.
A Tier 4 data center, also called a level 4 data center, is a combination of all the data layers before it. It has more sophisticated
features that duplicate the whole data storage, making it harder for security breaches to occur.
A Tier IV data center protects cloud environment by limiting contact with cloud hardware that manages cloud centers. Some of
the security measures include security officers, checkpoints, and video surveillance.
6
Why You Should Use AWS EC2 for Windows
AWS EC2 (Amazon EC2) provides a next-level cloud computing experience for individuals and businesses seeking to make
workload easy and seamless. You can develop servers as you wish, do security configurations, and control storage manage-
ment. It also helps you to upscale or downscale as you need.
Amazon EC2 provides users with readily configured Amazon Machine Images that enable you to run instances fast. AWS EC2 is
part of AWS free usage tier and comes with AMI templates which store server bits, varied configurations called instance types,
key pairs to keep your login credentials secure, instance store volumes, Amazon Elastic Block Store to create more storage
volume, many Regions and Availability Zones used to store your data, a firewall with an ability to specify protocol and ports, and
Elastic IP for dynamic computing experience.
Advancements in tech are always a worthwhile disruption to how things work. While they're often expensive and may demand
training for employees, embracing them makes work easier, more accurate, and enables businesses to better anticipate
customer needs.
However, transiting into new tech is not easy even for company heads. For example, automation is big right now, bringing along
other technologies like ML, BIM, Internet of Things, cloud, etc.
Migrating to cloud computing is especially cumbersome for companies without an expert in-house IT team. The migration
eliminates a host of data use and storage problems, saving companies money that can be channeled to other duties.
Here, we'll help you learn the best practices for migrating Windows workloads to the AWS cloud in each stage involved.
7
Recognize How the Migration Relates with Current Business Strategies
First, you need to identify how the migration will affect your firm's strategy and find ways to communicate it clearly to
your team. You also need to explain how the migration adds to or helps the strategies you've put in place to realize your
business goals.
Develop a Model
Moving to cloud offers tighter security. It's important to have a clear understanding of what access to cloud data means
for different employees and how that ties to their roles, and ultimately business goals
For example, ask yourself who has access to what level of data, which parameters determine the level of access an
employee has, do you need many accounts and if so, exactly how many do you need?
Conduct Training
You'll have a hard time transiting if your team doesn't know how to use the AWS cloud. They need to know what to do,
when, and understand the risk of security breaches. Some processes may change too. You'll need to integrate
operational tools to help with the new processes and train employees on how to use them.
8
Before you Migrate: Pre-Migration Stage
This stage is more about understanding cloud and preparing for the migration. Do the following to ensure you prepare
adequately for the move.
Automation
Automation is part of cloud's proven benefits. The more processes you can automate, the easier it gets to get things
done. Although you may not automate every task, identify the ones you can and train your employees to handle it.
For example, ask yourself who has access to what level of data, which parameters determine the level of access an
employee has, do you need many accounts and if so, exactly how many do you need?
9
Post Migration
At this stage, everyone in the organization has a good idea about cloud migration and which applications have been successful-
ly deployed. Do the following things to promote cloud use.
Ideally, a CoE team should consist of a system administrator, IT tech, database administrator, developer, etc. These
professionals can use cloud to do a smarter job and revolutionize how your company operates. They can also act as
consultants on the migration process.
If your organization is large, consider having another team outside your CoE to evaluate and approve tools used to
migrate. The team members will assess the efficiency of these tools and find patterns that work with your environment.
Consider multiple factors before moving a particular application to cloud. For example, analyze current and future
organization goals, consider the strategies, possible risks, cost, and so on.
10
These factors will help you to decide whether you'll migrate an application in its current form or make modifications to it.
However, the decision you make must be cost-effective or at least economically viable. Don't compromise on resiliency
either. You can auto-scale as a practice to build resiliency.
A pattern will form as you settle on strategies. You can create a blueprint from the pattern which will accelerate the
process of deploying applications on cloud. This blueprint too should be shared with factory team members.
Cloud computing is perhaps the best IT invention with proven benefits for hundreds of industries. Cloud leverages its
foundational features of storage and collaboration making traditional backups unnecessary. Cloud also allows businesses to
save hours of work and makes it possible for people to work on one project simultaneously.
Typically, licenses are tied to specific servers. This makes licensing challenging for businesses because they cannot be reused
without breaking licensing laws. License concerns such as expiry periods, access by staff when needed, and so on can be a real
headache.
Many software companies offer licenses based on subscriptions. But most companies have enough of them to cater to their
needs and don't need to buy new licenses.
11
Cloud computing provides a solution to these hassles using Bring Your Own License (BYOL). With BYOL, you can reassign your
license across devices as need be.
However, not all software manufacturers optimize licensing for cloud use. Some licensing is based on user count, software
usage, processors, etc. This presents a problem when users want to bring their own licenses to the cloud.
Different cloud delivery models offer different infrastructure. For example, with SaaS, customers have no control over cloud
infrastructure but have control over OS and deployed apps. With PaaS, customers have no control over the OS but control
deployed apps. AWS offers tools to make your software use on AWS easy.
12
The Advantages of BYOL
Licensing has evolved in step with other technology. From perpetual licensing to site licensing and volume discounting, BYOL
offers users the same convenience as giving up the use of cash for plastic.
BYOL enables you to move from one service to another using one license instead of holding a different license for every plat-
form. This also eliminates spending every time you get another license. You don't need to amend the agreement to renew the
license or pay for upgrades.
Companies with 250 users get discounted prices from The Microsoft Enterprise Agreement. With BYOL, the hourly costs for
running EC2 instances and running Amazon Linux instances are the same.
With one license, it's easier to track the terms of service and validity periods. What's more, you pay as you go, renewing licenses
when you need to. BYOL works across different software. You only need to know which ones.
Software Assurance from Microsoft's licensing enables volume licensing which allows users to use their licenses on AWS cloud
and on-premise. License Mobility through Software Assurance is available for Microsoft SQL Server, Microsoft Exchange Server,
and Microsoft SharePoint Server. Windows Server is not eligible.
If you don't have Software Assurance and licensing you bought before October 1, 2019, you can get dedicated hardware on
Amazon EC2 hosts. This also allows you to BYOL your Microsoft licenses without Software Assurance. However, you can't
upgrade to license versions introduced after October 1, 2019.
13
When you have Software Assurance, you can BYOL Microsoft licenses to AWS cloud.
Buying licenses through AWS is the best option for cutting costs because it runs on affordable monthly fees. AWS manages the
compliance details and can support multiple Microsoft software.
Pay-as-you-go
Customers can buy instances with licenses as part of the package. These licenses include Windows Server and the SQL
server. You only pay according to usage and do not concern yourself with managing the license.
AWS's pay-as-you-go is available for more than 160 different cloud computing uses. This option is a favorite for many
because it works like regular bills in America. You only pay for what you use for as long as you use it. Additionally, it enables
you to shift as business shifts due to different factors.
The model eliminates the fixed-rate budgets that tie you down to a specific amount even when the business goes down.
AWS also offers reserved instances where you get discounts depending on how much you pay upfront. The more you pay,
the bigger the discount.
14
Bring Your Own License (BYOL)
Customers can enjoy two tenancy options with the AWS BYOL licensing option. The shared tenancy option is available for
license mobility eligible products with software assurance. The second type of tenancy is the dedicated type which works
with licenses not eligible for EC2.
AWS License Manager simplifies the BYOL experience by allowing users to efficiently manage their software license, for
example, Windows and SQL Server, which demand dedicated servers. AWS BYOL allows you to BYOL on Amazon EC2
Dedicated hosts yet offers the simple nature of Amazon EC2.
Amazon Web Service (AWS) is the world's most comprehensive and broadly adopted cloud platform. It has over 200 fully
featured services globally. The cloud computing capacities of AWS from data storage, server availability, databases,
networking, and software management are diverse and can be integrated by many businesses. The EC2 instance is a part of
the product packaging that companies can consider using different systems and applications.
The EC2 tree begins from the amazon machine image (AMI). AMI is a template that helps define the operating environment
you have, and the operating system used. A business can use one AMI in the launching of several EC2 instances.
What is an instance, you ask? Well, instances are the fundamental building blocks of EC2, basically the bricks of the system.
They provide compute power to run applications and other services. These instances are created when you launch the AMI on
a particular instance type. With auto-scaling, it is possible to scale the production numbers up or down automatically. It can
also be done manually.
15
Another definition in EC2 is instance types. These tend to be made up of different combinations of CPU and memory. They also
have various storage sizes and networking capacities. This instance type diversity gives you the flexibility to choose an
appropriate mix of resources to best suit your application needs. Their size options vary to accommodate different workload
sizes.
Just like walking comfortably requires you to wear the correct shoe size, so does the best cloud computing experience depend on
launching an instance type to fit your application best. A collection of instance types begets an instance family. The instance
types in a family are designed to meet the same goal but in various capacities. There are several instance types grouped in at
least five instance families.
Optimum use: This type of EC2 is applicable in a wide range of applications. These range from databases to servers. Some
uses of the instance types include M5 and m5a instances provide ideal cloud infrastructure and offer a balance of compute,
memory, and networking resources for a wide range of apps deployed in the cloud. M5zn is ideal for apps benefiting from the
extremely high output and low latency networking. M6 and m6gd are suited for application servers and midsized storage.
Mac1 instances are powered by apple mac minicomputers and are best for building and testing applications on apple devices.
T2, T3, T3a and T4g provide a baseline level of CPU performance with the ability to burst to higher levels when the workload
requires it. They are therefore good for website and web applications, microservers, and code repositories.
16
Compute-intensive EC2 Family
EC2 Instance type examples: C5n, C6gd, C5 and C5a, C6g and C6gn Instances
Optimum use: this family is great for an application that benefits from high compute power. This may include data analytics,
machine learning, gaming, batch processing, high-performance computing, web servers, HPC, and data analytics. C6g, c6gd,
and c6gn are powered by AWS graviton processors and are ideal for running high compute-intensive workloads such as
high-performance computing (HPC), distributed analytics, and Ad serving.C5 and C5n are suited for machine learning, scientific
modeling, batch processing, and media transcoding.
Optimum use: the instance types in this family can best be used to provide GPUS or FPGAs. GPU refers to a graphic processing
unit, while FPGAS refers to field-programmable gate arrays. It is best used in machine learning and numerically intensive
workloads or high-performance computing. There are also the AWS inferential which helps in providing high processing
capability.
GPU instances provide access to NVIDIA GPUs with a lot of compute cores. It is used for accelerating scientific, engineering,
and rendering applications by leveraging CUDA or open computing language (OpenCL). It is good for 3D application streaming,
gaming, and other graphic workloads.
AWS Inferentia helps to accelerate machine learning using AWS Inferentia. This custom AI/ML chip from amazon provides high
performance and low latency machine learning inference. FPGA provides access to large FPGAs with millions of parallel system
logic cells. They are used to accelerate workloads such as genomics, financial analysis, and real-time video processing.
17
Compute-intensive EC2 Family
EC2 Instance type examples: C5n, C6gd, C5 and C5a, C6g and C6gn Instances
Optimum use: this family is great for an application that benefits from high compute power. This may include data analytics,
machine learning, gaming, batch processing, high-performance computing, web servers, HPC, and data analytics. C6g, c6gd,
and c6gn are powered by AWS graviton processors and are ideal for running high compute-intensive workloads such as
high-performance computing (HPC), distributed analytics, and Ad serving.C5 and C5n are suited for machine learning,
scientific modeling, batch processing, and media transcoding.
Optimum use: the instance types in this family can best be used to provide GPUS or FPGAs. GPU refers to a graphic
processing unit, while FPGAS refers to field-programmable gate arrays. It is best used in machine learning and numerically
intensive workloads or high-performance computing. There are also the AWS inferential which helps in providing high
processing capability.
GPU instances provide access to NVIDIA GPUs with a lot of compute cores. It is used for accelerating scientific, engineering,
and rendering applications by leveraging CUDA or open computing language (OpenCL). It is good for 3D application
streaming, gaming, and other graphic workloads.
AWS Inferentia helps to accelerate machine learning using AWS Inferentia. This custom AI/ML chip from amazon provides
high performance and low latency machine learning inference. FPGA provides access to large FPGAs with millions of parallel
system logic cells. They are used to accelerate workloads such as genomics, financial analysis, and real-time video
processing.
18
Storage Optimized EC2 family
EC2 Instance type examples: D3en D2, D3, and H1.
Optimum use: yes, you guessed it right; this is the go-to family of instances for memory-intensive applications. The instance
types are designed to handle workloads requiring high sequential read and write access to very large datasets on local
storage. The D2 instance type is best suited for log or data processing applications, massive parallel processing data
warehouses, and MapReduce and Hadoop distribution computing.
D3 and D3en are good for file storage workloads such as GPFC and BEEFS and also for large data lakes for HPC workloads.
The H1 instance is best suited for applications requiring sequential access to large amounts of data or direct-attached
instance storage.
1. Chipset considerations: the chipset considerations usually vary between three significant sources: Intel Xeon, AMD EPXC,
and AWS gravity
2. Sizing considerations: the consideration here is what instance type size or auto-scaling group sizing is required in the
minimum service requirement
3. The location of your business: this will affect the choice of deployment used. There are also different availability zones
for other regions.
4. Software considerations: will you use the custom Amazon Machine Instances or the Prebaked AMIs?
19
These partners help you to understand the system specifications and how to tailor them for your company best. Agilisium is a
digital migrations expert with AWS experts that has delivered successful implementations and cloud transformations for its
clients for 7+ years. Our Analytics Services enable you to uncover 'digital' opportunities to create better products & services for
your customers.
It’s easy to jumpstart the process with Agilisium. All you need to do is just request an assessment for your Windows workloads
(Windows Optimization and Licensing Assessment). This way, we can help you optimize and reduce more than 50% of your
costs.
MODERNIZE ON AWS
Free yourself from obsolete or inefficient technologies. When you migrate to AWS, you’ll improve your security posture, increase
your application’s reliability, dramatically expand your functionality, and deliver a technology environment that is a strategic asset
for the business. Facilitate continuous improvement with an AWS Premier Consulting Partner such as Agilisium by leveraging
modern technologies such as automation, microservices, and containers.
20
OPTIMIZE POST-MIGRATION
When you work with Agilisium, you get a combination of certified experts, tooling, and proven methods to give you greater
visibility and control over your AWS environment. Additionally, AWS itself helps customers lower their overall costs of running
Windows in the cloud with the most comprehensive family of EC2 instances and unique pricing models like Spot which can help
customers save up to 90% on their Windows compute costs
Challenges
Almost always, Redshift Cluster should be set up in a private subnet. Even when configured consciously in public subnet,
cluster exposure should be limited through security groups and ingress rules.
Default endpoint port 5439 needs to be leveraged for additional layer defense.
S3 VPC endpoint should be enabled to ensure controlled access to S3 buckets, objects and API functions that are in the
same region as the VPC.
Solution
Data Migration
Windows Server was setup on Amazon EC2.
S3 Sync was used to move the file from on-prem to the Windows Server
Amazon S3 was setup to transfer data from Windows Server to S3
21
Monitoring & Logging Security
AWS Systems Manager is setup as the Configuration IAM best practices and principles are followed
Management Server Least privileged access is provided
Patching of servers is taken care of by AWS Systems Unique non-root credentials are provided
Manager
Programmatic access for API calls
Amazon CloudWatch metrics are enabled to track the
Security groups are defined to restrict traffic
health of solution components
All Data stores are in private subnet
Logs are enabled via AWS Lambda to measure latency
Amazon KMS is used for encryption of data at rest
Deployment Automation
AWS CloudFormation is used to deploy in all environments (Dev, QA, Integration, Production)
Results
With all the data now available on AWS, our client is now enabled to move further with their long-term goal of building
Data & Analytics and Data Science services
With the Pay-as-you-go model, the Total Cost of Ownership of the solution is now reduced significantly
22
Run your resources more efficiently with AWS Optimization and Licensing Assessment to save on third party licensing costs.
Diagnose
Identify the existing third-party licenses of Windows Workloads
Identify the workloads such as Microsoft SQL, Windows Server, etc.
Identify the right AWS platform such as Amazon EC2 for Windows Server, Amazon Redshift, etc.
Prepare
Understanding of the directional business case and drivers for moving to the cloud
Understanding the directional TCO to move to AWS
Understanding the potential benefits of AWS over traditional on-premise computing or other cloud solutions
Lay the foundation for the next phases, a Migration Readiness Assessment (MRA) and Migration Readiness Planning (MRP)
23
Learn more about Windows on AWS
AWS Migration
Windows on AWS Case Studies
Agilisium’s Insights
Run your Windows Workloads on AWS
Agilisium is a Big Data and Analytics company with clear focus on helping
organizations take the “Data-to-Insights-Leap”. As a AWS Advanced Consulting
Partner with Redshift, EMR, DevOps & Quicksight competencies, Agilisium has
invested in all stages of data journey: Data Architecture Consulting, Data Integration,
Data Storage, Data Governance and Data Analytics. With advanced Design Thinking Premier Consulting Partner
23