Azure offers a lot of value-added services included with the price of what you pay . One of the things really, I like is Azure Advisor. this service provides information about your entire Azure landscape. It gives you a complete overview of your system needs including possible ways to save money.
High Availability shows you ways to improve the continuity of your business-critical applications.
Security detects threats and vulnerabilities that might lead to security breaches.
Performance shows you ways to speed up your applications.
Cost give you ways to reduce your overall Azure spreading.
As you can see from the above screenshot, we have several recommendations on how we can make improvements, let’s investigate each.
Cost is a big one we all care about when it comes to cloud computing, so let’s dive into that one first.
It’s tells us that we should look into buying reserved instances rather that pay as you go. Reserve instances (RIs) are instances you can pre-purchase with base cost for your virtual machines. If you know your overall workload is predictable pre-paying these significantly reduce costs— according to Microsoft up to 72 percent cheaper compared to pay-as-you-go prices— especially with one-year or three-year terms. Even more they state discounts are automatically applied to new and existing VMs that have the same size and region of your reserved instances.
Now let’s look at High Availability.
It gives us three recommendations.
First to Enable soft Delete to protect your blob storage. By enabling this we can preserve soft deleted data for a predetermined amount of time to make sure you don’t need it before it is overwritten. You can configure retention period to suit your requirements.
Next, Advisor tells us we should add another endpoint to the Traffic Manager profile in another region. This is a great suggestion as it allows us to better control network traffic for failovers in different data centers.
Finally, we can see it’s telling us to create an Azure service health alert. It is vital that we stay one step ahead of a catastrophe when managing a company’s data. These alerts will let us know if there’s a problem in the underlying Azure infrastructure and are free to add.
Moving on to Performance. Managing performance is always key to saving money in Azure. If you can manage to use fewer resources in a more optimal fashion, you can reduce the cost of your cloud solution. Thus, this is key for me when looking at recommendations. Here you can see we have just two for this subscription. Advisor is recommending that we enable Azure SQL Database recommendations, which isn’t the clearest suggestion and to migrate a Storage Account to Azure Resource Manager.
When I dive farther into Follow SQL DB Azure Recommendations, I can see it’s referring to Automatic Tuning suggestions. It’s alerting us to some duplicate indexes we may need to remove. Removing unneeded indexes can reduce overall resource consumption and save us money. For more information on Automatic tuning you can refer to my blog on what it is here.
The last performance recommendation is suggesting we move to an ARM deployment model. ARM deployments allow us to take advantage of templates that optimize security and upgrade paths. They group things in resource groups like virtual machine, storage account, and virtual network, web apps, database, and database servers for a consistent management layer to your environment. Here is a great link for more information on Resource Manager.
Lastly let’s look at the Security Center recommendations. This one gives us 18 different things to look at and is one of the most critical things we should evaluate. Security should always be a priority whether it is in the cloud or on premises. Because there are so many recommendations listed, I will only point out a few.
As you can see it looks over our entire subscription recommending things for our SQL DBs, Storage account, Endpoints, Web apps, Key vaults and Virtual machines, going down all the way to our subnet configuration. It recommends we apply things like disk encryption, firewalls, making web application accessible over HTTPS only, enable auditing on SQL Server and enabling diagnostic logs. It even gives you a column showing Secure Score Impact where it rates your impact change on your environment.
This dashboard gives you a wealth of informative recommendations I would highly consider implementing. Azure has taken leaps forward in what it offers on its subscriptions. Be sure to take a look at the improvement recommendations it offers you in your cloud environment.