Saturday, March 21, 2015

ExpressRoute for Office 365

There was a big announcement for Office 365. Azure ExpressRoute will be a soon supported solution for customers to connect to Office 365. This will become available in Q3 of CY 2015.

Why is this such a big big deal? There are tons.

Secure Connection. The first reason that comes to mind is a new option for a secure connection. All Office 365 data in transit is encrypted yet that traffic still had to traverse over the public Internet. Up till this point customers had a few options to try to control that traffic. First customer could use ADFS Client Access Policies to control where authenticated traffic would originate from. They could use IP address ranges to say that all traffic must originate from the organization network or a VPN connection. However at the end of the day, that traffic would have to go over the public Internet. Second, customers had the option to connect to Office 365 at a network peering point where Microsoft is located (http://www.peeringdb.com/view.php?asn=8075). This required the customer to some work to get this set-up with a provider.

This all changes with ExpressRoute.

Connecting to Office 365 through ExpressRoute enables a customer to use a private network circuit; no more going over the public Internet. All data in transit will continue to be encrypted, and I would still recommend customers to consider using ADFS Client Access Policies. There will still be scenarios where an organization will want to support public Internet access to Office 365. This all depends on the end user connection scenarios the organization wants to support. The most common would be a remote employee from a mobile device.

clip_image002

Better Availability and Reliability. Using ExpressRoute to connect to Office 365 provides customers with a more consistent reliable connection. Up till now, customers will reliant on the public Internet to make a connection. Azure ExpressRoute provides a guaranteed availability of 99.9% uptime SLA to Microsoft networks. By default a customer will have two active circuits for high-availability. Additionally, an organization has the ability to provision multiple circuits for higher availability and redundancy. Large organizations will probably opt to provision regional connections via ExpressRoute and you can mix in different providers based on your needs.

Predictable Performance. Using ExpressRoute to connect to Office 365 provides organizations with more predictable performance. Before ExpressRoute, customers would be initially concerned about how the new network traffic patterns to the Internet would impact their enterprise architecture. Microsoft provides tools to estimate network bandwidth utilization for Exchange Online, SharePoint Online and Lync Online (https://technet.microsoft.com/en-us/library/hh852542.aspx). With Azure ExpressRoute your bandwidth is more predictable because you are connecting to the cloud over dedicated circuits and managed infrastructure. Plus ExpressRoute supports options up to 10 Gbps with multiple circuits. Customers are still going to want to use the previously mentioned tools to estimate traffic to Office 365 when using Azure ExpressRoute however customers will have the confidence they connecting to Office 365 in a controlled manner over dedicated circuits.

Connection to Azure and Office 365. If your organization is using Office 365 for SaaS services and Azure for IaaS/PaaS services, the same Azure ExpressRoute connections can be used to connect. If you already have Azure ExpressRoute for other Azure services, you will be able to expand it to Office 365 when it becomes Generally Available for Office 365.

Where you learn more about Azure ExpressRoute? Start here - http://azure.microsoft.com/en-us/services/expressroute/. There is a ton of documentation and FAQs available to you to start planning on this service.

How much does Azure ExpressRoute cost? If you want to find out more, go here - http://azure.microsoft.com/en-us/pricing/details/expressroute/. Note there is no additional cost to Office 365 itself. You need to only purchase Azure ExpressRoute.

Here is the public Office 365 Announcement for ExpressRoute - http://blogs.office.com/2015/03/17/announcing-azure-expressroute-connectivity-to-office-365/