Part 2 of 2.
Microsoft recently cut the ribbon on its two new Azure data centres in the Canberra suburbs of Fyshwick and Hume, bringing its global region count to 54.
The operation, opened in April, has the strongest physical security anywhere in Australia – so hardened, in fact, that it can house government ‘secret’ level information within the walls.
That is the physical walls and biometrics side of it; on the services side, the Australian Signals Directorate put Microsoft through the wringer and assessed 35 Azure services across the Australian region as fit to be qualified to meet the coveted “PROTECTED” classification.
This means that public sector workloads which handle classified and highly sensitive data can be run on Azure.
That’s a rare endorsement from the agency charged with protecting Australia’s digital security. At the time of writing, Azure is the only global-scale, public cloud provider to have achieved it.
Microsoft admits the process to get these qualifications was “an extraordinarily long and arduous process, but rightly so – because we have government organisations that are deploying sensitive workloads with us.”
Locked down – in a good way
While the Canberra data centres are “unique compared with anything Microsoft has ever done before,” according to Senior Product Manager, Azure in Australia, Neil Carter, the benefit to all customers – government or not – that choose to host there is they “inherit that natural security and high availability of those two centres.
In other words, you don’t have to be ASIO to get ASIO-grade security on your cloud infrastructure, if you host with Azure in Australia.
“Governments worldwide and commercial organisations that provide critical national infrastructure keep telling us they need something that is going to respect local privacy and data sovereignty laws, and offer extreme availability and disaster tolerance, if they are going to move their critical workloads to the cloud. Our answer is deploying these two new data centres to Australia.
“For Australia and New Zealand organisations, it is about supporting and providing a platform on which such organisations can confidently deploy their critical workloads and know they will have high availability and disaster tolerance, and meet local regulations.”
The open source connection
According to Microsoft’s Carter, the ultra-secure Azure platform in Australia is particularly good news for the open source community, as it is fully supported under the Microsoft/Red Hat partnership.
Due to the tight joint arrangements between the two software giants, the platform has specific engineering optimisations to run both a wide array of Microsoft and Red Hat Linux workloads.
Red Hat Director, Cloud Partnerships for Red Hat Asia-Pacific, Andrew Habgood, agrees: “Under our partnership, we have a full set of integrated management tools, with both Microsoft and Red Hatfully supporting each other’s environments. Microsoft System Centre can support Red Hat technologies, and Red Hat CloudForms for Hybrid Cloud has fully baked support for Azure, this allows the customer to have single pane of glass view for running workloads in Azure.
“Red Hat OpenShift Enterprise Kubernetes has been closely optimised with Microsoft engineers to ensure that it not only works smoothly on Azure, but is able to specifically hook into the underlying Azure services like Azure’s Cosmos database and Azure machine learning.
“If a customer chooses OpenShift as their Azure container platform, they can still take full advantage of Azure services. They can call out the specific functions and benefits that Azure natively offers. Having that integration allows a customer to get more benefits from Azure when they are using the open source platform.”
Extreme resilience, even within Australia
Microsoft and Red Hat are proud of the two Canberra data centres’ extreme resilience characteristic. They are designed to meet the Australian Government’s needs and work alongside the Sydney and Melbourne data centres.
“However, what’s really unique about Azure, which our competitors can’t match,” Carter says, “is that we’re not dependent on Sydney.
“For customers that have extraordinarily sensitive workloads that they want to move to the cloud and have the ability to deploy it in a high availability, disaster tolerant way, they can deploy it into Canberra DC1 and 2 ([Australia Central Region 1 and 2] and then replicate it to Sydney and Melbourne. They then have four geographically dispersed regions that their application can be run from. There are 35 Azure services they can consume within the overall Australian region which are certified for Protected Status.
“With our competitors, if you had a natural or man-made disaster in Sydney, it would be difficult for them to replicate their clients’ data out. With Azure, we have the ability to serve customers from geographically dispersed regions within the same country.”
To learn more visit: microsoft.com.au/redhatonazure
Part 2 of 2. Read the first part here.