Current my company delivers our software to our customers through a Citrix Xenapp Server. As administrators we are able to launch instances of the servers and our customers are only able to launch their specific application
My Question is does Windows Azure also offer this type of environment. I am looking to deploy a new version of our application and I am leaning towards Azure, but if that is the direction we go in I would like to migrate all of our existing system to Azure and not maintain both Azure and Citrix.
Greg,
In principle yes you can do this, but you can't just plug in Azure as a direct replacement for XenApp (with zero/minimal effort). Azure effectively has it's own runtime. While it is Windows based and there is certainly potential to reuse code in an existing app in an Azure equivalent, you would need to re-write your app to make it run in Azure.
Given your app is running on XenApp it is likely it is a fat client app, i.e. most of its logic lives in the main executable that you run on XenApp, with potentially some other back end services being utilised. In comparison you should think of Azure as a platform for providing web apps. So you would re-architect the app as an Azure hosted web app, then you could deploy it via Azure in a multi-tenanted manner to your customers who would then access it through a browser rather than a Citrix Receiver.
Regards,
Donovan
Related
Having read
"The Microsoft Antimalware Client and Service is installed by default in a disabled state in all supported Azure guest operating system families in the Cloud Services platform.
...
When using Azure Websites, the underlying service that hosts the web app has Microsoft Antimalware enabled on it. This is used to protect Azure Websites infrastructure and does not run on customer content."
here: https://learn.microsoft.com/en-us/azure/security/azure-security-antimalware
it appears that although the underlying execution environment is scanned and protected, nothing prevents the deployment of infected files (contrary to the response given here: https://stackoverflow.com/a/44805995/8354791).
And therefore the service needs to enabled.
It also appears this can only be done so via powershell, using the Set-AzureServiceAntimalwareExtension command, as per https://stackoverflow.com/a/25847270/8354791 and Powershell: Add Diagnostics/Antimalware to Azure PaaS Cloud Service using ExtensionConfiguration Parameter
Q: the link is a bit old (2015). Is powershell still the only way to turn on debugging for an App Service?
Q: is the analysis of the above text correct that MS is scanning its own environment, but exclude the scanning of files deployed to their services?
Q: is there a cost to enabling this service?
Q: What is the relationship to Malware Assessment (https://learn.microsoft.com/en-us/azure/log-analytics/log-analytics-malware)? Is that a more current way of scanning Web Apps?
Q: this is a manual approach, using Powershell. Is there a link to understanding how to enable this service using an CI/CD deployed ARM template?
Q: I see this service is mentioned as a solution for scanning deployed code files -- but can this service be used to scan Blobs where uploaded media would be stored?
I know I've asked a lot of questions...but hopefully you agree they are all tightly related...
Thanks immensely!
Azure App Service is a managed platform. Microsoft Antimalware Client and Service is enabled by default on app service instances, there is no user action that allows enabling/disabling this feature for apps hosted in App Service.
All of the documentation you are referencing is about "Azure Cloud Services" and "Azure VM's" and not Azure App Service. Here is the security documentation for Azure App Service: https://learn.microsoft.com/en-us/azure/app-service/app-service-security-readme
Malware Assessment is part of OMS suite and its an additional tool for managing large deployments and detecting instances that might be affected by malicious code.
I need to connect to a middle tier (think Azure) between both my Windows store app and WP8 app. Windows Azure Mobile Services has been proffered as a/the solution.
But am I reading too much into the name "...MOBILES Services" (as one of the pieces is not a mobile app, but runs on desktops, laptops AND tablets)?
In my case, am I better off with Azure Cloud Services as opposed to Windows Azure Mobile Services?
Windows Azure Mobile Services is a fast, easy way to get a back-end in the cloud for your mobile apps and Windows 8 apps (it's fine if your Windows 8 apps aren't necessarily targeting mobile devices). It includes the things most commonly needed in a back-end, such as authentication, database storage, and push notifications. There's no server-side development needed here, you just request the back-end and moments later it's ready to use; however, if you do want server-side logic you can add it in the form of JavaScript scripts.
Alternatively, you could build your own back end in the cloud using a combination of Windows Azure Cloud Services such as the Compute, Storage, and SQL Database services. You have access to more features at this level, but you also are doing your own development. You can write server-side logic in C#, VB.NET, PHP, Java, Python, etc. as you prefer.
Which should you use?
If Windows Azure Mobile Services meets your needs, and you'd rather focus on your mobile app than learning anything cloud-specific, that's likely the best path for you.
If you're conversant with the Windows Azure platform, and need features different from what WAMS provides, that suggests creating your own back end with Cloud Services.
If you're not sure which way to go, I suggest experimenting first with WAMS since it is quick and painless to get started.
Azure mobile services is designed to get you up and going with storing data, push notifications and authentication whichever of those components you might need.
It abstracts the need of creating a data access layer and a web/wcf service to access it from your applications; it's simply there to boilerplate as much functionality off the bat.
This however does not mean that it is only for mobile applications, behind it all is a normal SQL Azure database and an API that you can use from any .NET based application.
I would reason that if you need more than basic CRUD operations and won't be using authentication and push notifications, I would roll my own set of APIs and DAL and use cloud services instead.
If you need a flexible schema, boilerplate data access and want to use some of the other mobile services, it would suit you quite well.
Here is a link to getting going with mobile services from a non Windows8 or WP - ASP application : link
Exist three ways for deploy Node.js app on Windows Azure, web-role, web-site and git-azure (link). I don't know whitch is most efficient for my needs. My app is readability algorithm with RESTful API, whitch parse news sites, simple computing, but highload. Of course, I need transparent horizontal scaling. I hope for your help.
My $0.02.
If your product is only based on Node.js, without many layers and components such as background workers, business logic layer and API layer, Windows Azure Web Site should be the best choice. It's very simple to deploy Node.js application through Git, GitHub, TFS, FTP, etc. It also provides scaling-up (in reserve mode) and scaling-out options. But keep in mind that all applications under Windows Azure Web Site will be running in 32bit WOW mode.
Windows Azure Web Role is similar as Windows Azure Web Site, but you need configure the Node.js environment by yourself. (If you are using the azure powershell tool, it can help you establish the node stuff by using some startup commands.) If you need something working in worker roles, or the caching (not the shared caching), Web Role may be better.
I've never heard about the git-azure but it looks like a tooling that you can host more than one node application on worker role.
I'm curious to know if this is possible, and if so, is it a good or bad idea?
We are developing an Azure application that is largely centered around worker roles that receive their work on a CloudQueue, and put the results in a CloudBlob, that the client then downloads. The web interface itself is a dead-simple ASP.NET MVC site that throws jobs in the CloudQueue, and builds URLs to download CloudBlobs.
Currently we accomplish this by having a Azure Cloud Project in our solution, which has a Web Role with the UI, and Worker Roles with the actual work.
Could we use Azure Websites to publish and host the UI, which calls back to our Worker Roles? The Azure DLLs are just regular old .NET libraries, I'm assuming Azure Websites won't have a problem with them. So, when we want to update the UI, we just publish with Visual Studio. And when we want to update the Worker Role - which is 300MB+ and has a bunch of nasty dependencies like Crystal Reports - we can build the cloud bundle and update the Cloud Service through the Azure management portal.
This seems to me like doing this would make it easier to update the UI. I think it would also be cheaper to host it, as we won't have to buy a bunch of instances for the Web Role.
If your question is "Could we use Windows Azure Websites*", based on your application architecture, you sure can use Azure Website to deploy your front end and configure all the networking connection properly so you can continue access other Azure Storage services. As you are using mostly Blob and Queue, you can continue use HTTP/HTTPS settings in the Azure websites. You can keep worker role by as it is however if it is very complex to deploy, using Windows Azure VM may be another direction to go.
I could say website deployment could be easier if your web app does not have something complex to configure in web server as websites may not be able to match web server level configuration compare to webrole and Azure VM. Answering "Easier and cheap" could be very subjective as this is all depend on load and distribution so you would have to try and evaluate it.
What type of projects/software applications are suitable for Azure and why?
Thanks
Rather than thinking of what can be supported in Azure, it might be more helpful to think about its challenges as you decide to port your app over:
Web applications. Since a Web Role hosts IIS, you'll generally have little issue porting a general-purpose asp.net or asp.net mvc website to Azure. There are some glitches you'll run into - see my related answer for more details.
UI. If your app has specific output similar to a WinForms app, you won't be able to run it since you have no video output.
GPU dependencies. If you're doing some background processing dependenton a specific GPU, you won't be able to run in an Azure VM.
Registry and other system-level access. If your app needs to update the registry or run an MSI, you won't be able to install your app.
Instance affinity. If your app requires session stickiness (e.g. a logged-in user MUST visit the same server instance with each access), you won't be able to accomplish this.
COM interop. COM interop is very limited, since you can't install anything via the registry. If you rely on Excel Services, you won't have that capability.
SQL limitations. SQL Azure is limited to 50GB today, and offers no ability to custom-tune the server instance. Also, while it does support a big subset of SQL Server, it doesn't support 100% of SQL Server, so it's possible some of your sprocs may no longer work. There's no SQL Agent today, so you'd need to recreate that functionality in a worker process.
That's just a quick braindump of some challenges you might run into - I'm sure there are others.
Just keep in mind that Azure is providing Windows 2008 Server images for your app to run on, so if your app can run in that environment today, and doesn't require things I listed, you should be in pretty good shape.
You can make most of the .NET projects working in Azure. Azure has support of following project types: web site (both ASP.NET and ASP.NET MVC), worker (background application) and wcf service.
Don't forget security too - there's various ways of authenticating onto Azure but none are as simple as just setting IIS/ASP to windows auth.