Activity Azure Infrastructure Design, Deploy, Optimize
Activity Azure Infrastructure Design, Deploy, Optimize
The company’s online store experiences heavy traffic during seasonal sales, which
requires robust load balancing and network segmentation for the frontend web
traffic to ensure high availability and performance. Furthermore, customer
transactions and sensitive data must be processed securely in the backend without
exposure to the public Internet.
The activity also includes creating cost-effective storage solutions for transaction
logs and media files using Azure Blob Storage, configuring access tiers for data
management, and automating lifecycle policies to reduce operational costs.
Additionally, you will have to implement measures to monitor network traffic, virtual
machines, and storage usage to ensure optimal performance and identify potential
issues early.
The activity has fourteen steps in total, so it’s a lot to keep track of. To make it
easier for you to keep your answers organized, use this template to record your
answer to each step’s question so you can document your entire solution in full in
one place.
Note: The activity includes descriptions of the steps you must take to design the
necessary infrastructure and questions to guide you through the process. The
answers will be provided in a separate exemplar you’ll unlock after completing the
graded self-review right after the activity. At the end of the exemplar, there will be
a downloadable completed template that you can compare your solution to.
As Fabrikam Inc. scales its e-commerce platform, creating a robust and secure
virtual network is essential for managing traffic and protecting customer data. A
well-designed VNet will provide isolated communication channels for different
services while ensuring the infrastructure can handle increasing traffic demands.
Step 1 question: How will you configure a virtual network to ensure secure
communication between VMs, and organize and segment resources?
The e-commerce platform requires both security and efficient traffic flow to
maintain its high-volume sales operations. Once the virtual network (VNet) is
established, it’s essential to configure NSGs to regulate the flow of traffic between
the frontend and backend subnets and to control external access to the network.
Step 2 question: How will you configure NSG rules to control traffic between
different subnets and ensure secure access to virtual machines?
VMs will host the core application workloads, ensuring both high performance and
scalability during peak sales periods. After configuring the virtual network and
applying security controls through NSGs, VMs need to be deployed across both the
frontend and backend subnets.
The frontend VMs, which handle customer-facing services such as product browsing
and payment processing, require high-speed storage to maintain responsive
performance even under heavy traffic.
Step 3 question: What disk types will you use to balance performance and cost for
your virtual machines?
Step 4 question: Which load balancer with advanced traffic routing and security
features will you configure for the frontend web traffic, and how will you implement
URL-based routing?
In Fabrikam's setup, sensitive customer transactions and data processing occur in
the backend, away from the public Internet. You now have to configure an internal
load balancer to distribute traffic between backend servers, ensuring secure,
efficient data processing without exposing internal services to external threats.
Step 5 question: Which load balancer will you configure for backend services, and
how will it ensure secure data processing and load distribution?
The e-commerce platform generates vast amounts of transactional data, logs, and
customer records. To store this data efficiently while ensuring scalability, it's
essential to create storage accounts that support multiple data types and can be
adapted as the company grows.
Step 6 question: What type of storage account should you choose for Fabrikam’s
various data types, and how does this choice support their growing storage needs?
Fabrikam Inc.'s data access patterns fluctuate, with some data frequently accessed
and other data rarely used. To manage storage costs efficiently, it’s crucial to
configure access tiers based on how often different types of data are accessed.
Step 7 question: How will you manage data that varies in access frequency to
control costs effectively?
In the course of business operations, the e-commerce platform generates a variety
of data, including customer transactions, product logs, and archival records. To
ensure efficient and cost-effective storage management, it’s essential to automate
the movement of data between storage tiers based on how frequently the data is
accessed
Step 8 question: How will you configure lifecycle policies to move data between
storage tiers automatically, ensuring cost efficiency and compliance for Fabrikam’s
data management?
The company handles sensitive customer data, including payment information and
order history, which must be securely stored and protected from unauthorized
access during both storage and transfer. Given the e-commerce platform’s reliance
on cloud infrastructure, it is crucial to implement robust encryption protocols to
safeguard this data, ensuring compliance with privacy regulations and maintaining
customer trust.
Step 9 question: What encryption methods will you use to protect Fabrikam’s data
at rest and in transit to ensure security during storage and transfer?
The e-commerce platform handles high traffic during peak sales periods, so it is
essential to continuously monitor the performance of the VMs and network traffic to
ensure optimal operation. To maintain system performance and prevent
bottlenecks, monitoring tools should be employed to detect performance issues
early, allowing for prompt adjustments and scaling where necessary.
Step 10 question: How will you monitor network traffic and VM performance to
identify bottlenecks and ensure optimal system operation for Fabrikam’s e-
commerce platform?
As Fabrikam Inc. expands its e-commerce platform, it’s critical to monitor storage
usage and access patterns closely. This helps ensure that storage resources are
being utilized efficiently and that any performance bottlenecks or unusual activity
can be detected early, preventing disruptions.
Question 11 question: How will you monitor storage usage and identify performance
bottlenecks or unusual activity in Fabrikam’s storage accounts?
Step 12 question: Based on its traffic patterns, how will you optimize the load
balancing rules for Fabrikam’s e-commerce platform?
Step 13 question: How will you fine-tune NSG rules for Fabrikam’s network to
reduce the attack surface and secure backend services?
Ensuring the protection of sensitive customer transaction data and logs is critical to
maintaining customer trust and regulatory compliance. Given the volume of
transactional data processed daily, accidental deletion of important files could result
in significant data loss, operational delays, and potential legal or financial
repercussions. To safeguard against such risks, Fabrikam must implement robust
recovery options in Azure Blob Storage.
Step 14 question: What Azure Blob Storage feature will you configure to recover
files in case of accidental deletion?
1.
Question 1
Reflecting on your experience, was there a particular step or decision point that
challenged your understanding or approach to designing a cloud infrastructure?
1 point
In this activity, you designed a scalable and secure infrastructure for Fabrikam Inc.'s
e-commerce platform using Azure services. You reviewed the importance of
configuring virtual networks, applying security measures, and implementing load
balancing to handle traffic efficiently during peak sales periods. Additionally, you
considered strategies for optimizing storage, managing data access, and
automating lifecycle policies to ensure cost-effectiveness.
By working through this scenario, you gained insight into how to build a robust
cloud infrastructure that balances performance, security, and scalability to meet the
evolving needs of an online business.